Skip to content

Bump the npm_and_yarn group across 1 directory with 4 updates#63

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-2c0442a5c0
Open

Bump the npm_and_yarn group across 1 directory with 4 updates#63
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-2c0442a5c0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 2, 2025

Bumps the npm_and_yarn group with 4 updates in the / directory: webpack, ws, tmp and prettier-eslint-cli.

Updates webpack from 5.91.0 to 5.101.3

Release notes

Sourced from webpack's releases.

v5.101.3

Fixes

  • Fixed resolve execution order issue from extra await in async modules
  • Avoid empty block for unused statement
  • Collect only specific expressions for destructuring assignment

v5.101.2

Fixes

  • Fixed syntax error when comment is on the last line
  • Handle var declaration for createRequire
  • Distinguish free variable and tagged variable

v5.101.1

Fixes

  • Filter deleted assets in processAdditionalAssets hook
  • HMR failure in defer module
  • Emit assets even if invalidation occurs again
  • Export types for serialization and deserialization in plugins and export the ModuleFactory class
  • Fixed the failure export of internal function for ES module chunk format
  • Fixed GetChunkFilename failure caused by dependOn entry
  • Fixed the import of missing dependency chunks
  • Fixed when entry chunk depends on the runtime chunk hash
  • Fixed module.exports bundle to ESM library
  • Adjusted the time of adding a group depending on the fragment of execution time
  • Fixed circle dependencies when require RawModule and condition of isDeferred
  • Tree-shakable module library should align preconditions of allowInlineStartup

v5.101.0

Fixes

  • Fixed concatenate optimization for ESM that caused undefined export
  • Respect the output.environment.nodePrefixForCoreModules option everywhere
  • Respect the output.importMetaName option everywhere
  • Fixed await async dependencies when accepting them during HMR
  • Better typescript types

Features

  • Added colors helpers for CLI
  • Enable tree-shaking for ESM external modules with named imports
  • Added the deferImport option to parser options

Performance Improvements

  • Fixed a regression in module concatenation after implementing deferred import support
  • Fixed a potential performance issue in CleanPlugin
  • Avoid extra require in some places

... (truncated)

Commits
  • 07b1ac0 chore(release): 5.101.3
  • 8d7efb8 chore(deps-dev): bump the dependencies group with 2 updates (#19816)
  • 935cbd8 docs: update examples (#19812)
  • dc79e95 fix: collect only specific expressions for destructuring assignment
  • 90ae8af fix: avoid empty block for unused statement
  • 8db97f8 fix: resolve execution order issue from extra await in async modules
  • c92deaf ci: pin Node.js 24.x to 24.5.0 in CI workflow (#19813)
  • c50930b refactor(test): correct the value retrieval
  • 613a5ad chore(deps-dev): bump @​babel/core in the dependencies group (#19807)
  • 1d9cc24 chore(release): 5.101.2
  • Additional commits viewable in compare view

Updates ws from 6.2.2 to 6.2.3

Release notes

Sourced from ws's releases.

6.2.3

Bug fixes

  • Backported e55e5106 to the 6.x release line (eeb76d31).
Commits

Removes tmp

Updates prettier-eslint-cli from 5.0.1 to 8.0.1

Release notes

Sourced from prettier-eslint-cli's releases.

v8.0.1

Patch Changes

Full Changelog: prettier/prettier-eslint-cli@v8.0.0...v8.0.1

v8.0.0

What's Changed

Full Changelog: prettier/prettier-eslint-cli@v7.1.0...v8.0.0

v7.1.0

Minor Changes

New Contributors

Full Changelog: prettier/prettier-eslint-cli@v7.0.2...v7.1.0

v7.0.2

Patch Changes

What's Changed

New Contributors

Full Changelog: prettier/prettier-eslint-cli@v7.0.1...v7.0.2

v7.0.1

7.0.1 (2022-08-23)

Bug Fixes

  • deps: migrate messageformat to @messageformat/core (#442) (3eef076)

New Contributors

... (truncated)

Changelog

Sourced from prettier-eslint-cli's changelog.

8.0.1

Patch Changes

8.0.0

Major Changes

7.1.0

Minor Changes

7.0.2

Patch Changes

Commits
  • 83691c5 chore: release prettier-eslint-cli v8.0.1 (#452)
  • df191a1 chore: update node version align with prettier-eslint (#451)
  • b43916b Create FUNDING.yml
  • 5c3d731 docs: update contributors
  • db154f4 docs: update build status badge
  • 6371324 chore: release prettier-eslint-cli v8.0.0 (#450)
  • 5fd8eea feat!: bump all (dev)Dependencies, drop node < 16 (#449)
  • c4b5aa1 docs: cleanup CHANGELOG.md
  • 33b39e5 chore: release prettier-eslint-cli v7.1.0 (#445)
  • 4561a79 feat: support matching dot files (#132)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 4 updates
c446c01 
Bumps the npm_and_yarn group with 4 updates in the / directory: [webpack](https://github.com/webpack/webpack), [ws](https://github.com/websockets/ws), [tmp](https://github.com/raszi/node-tmp) and [prettier-eslint-cli](https://github.com/prettier/prettier-eslint-cli).


Updates `webpack` from 5.91.0 to 5.101.3
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.91.0...v5.101.3)

Updates `ws` from 6.2.2 to 6.2.3
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@6.2.2...6.2.3)

Removes `tmp`

Updates `prettier-eslint-cli` from 5.0.1 to 8.0.1
- [Release notes](https://github.com/prettier/prettier-eslint-cli/releases)
- [Changelog](https://github.com/prettier/prettier-eslint-cli/blob/master/CHANGELOG.md)
- [Commits](prettier/prettier-eslint-cli@v5.0.1...v8.0.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.101.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 6.2.3
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: tmp
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: prettier-eslint-cli
  dependency-version: 8.0.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Sep 2, 2025
@dependabot dependabot bot mentioned this pull request Sep 2, 2025
Closed
@github-actions
Copy link

github-actions bot commented Sep 2, 2025

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails

Scanned Manifest Files

package-lock.json
  • cross-spawn@7.0.3
  • ws@6.2.2
  • micromatch@4.0.7
  • webpack@5.91.0
  • @eslint-community/eslint-utils@4.7.0
  • @eslint-community/regexpp@4.12.1
  • @eslint/eslintrc@2.1.4
  • @eslint/js@8.57.1
  • @humanwhocodes/config-array@0.13.0
  • @humanwhocodes/module-importer@1.0.1
  • @humanwhocodes/object-schema@2.0.3
  • @isaacs/cliui@8.0.2
  • @messageformat/core@3.4.0
  • @messageformat/date-skeleton@1.1.0
  • @messageformat/number-skeleton@1.2.0
  • @messageformat/parser@5.1.1
  • @messageformat/runtime@3.0.1
  • @nodelib/fs.scandir@2.1.5
  • @nodelib/fs.stat@2.0.5
  • @nodelib/fs.walk@1.2.8
  • @pkgjs/parseargs@0.11.0
  • @prettier/eslint@16.4.2
  • @types/estree@1.0.8
  • @typescript-eslint/parser@6.21.0
  • @typescript-eslint/scope-manager@6.21.0
  • @typescript-eslint/types@6.21.0
  • @typescript-eslint/typescript-estree@6.21.0
  • @typescript-eslint/visitor-keys@6.21.0
  • @ungap/structured-clone@1.3.0
  • @webassemblyjs/ast@1.14.1
  • @webassemblyjs/floating-point-hex-parser@1.13.2
  • @webassemblyjs/helper-api-error@1.13.2
  • @webassemblyjs/helper-buffer@1.14.1
  • @webassemblyjs/helper-numbers@1.13.2
  • @webassemblyjs/helper-wasm-bytecode@1.13.2
  • @webassemblyjs/helper-wasm-section@1.14.1
  • @webassemblyjs/ieee754@1.13.2
  • @webassemblyjs/leb128@1.13.2
  • @webassemblyjs/utf8@1.13.2
  • @webassemblyjs/wasm-edit@1.14.1
  • @webassemblyjs/wasm-gen@1.14.1
  • @webassemblyjs/wasm-opt@1.14.1
  • @webassemblyjs/wasm-parser@1.14.1
  • @webassemblyjs/wast-printer@1.14.1
  • acorn@8.15.0
  • acorn-import-phases@1.0.4
  • ajv@8.17.1
  • ajv-formats@2.1.1
  • ajv-keywords@5.1.0
  • ansi-regex@6.2.0
  • ansi-styles@6.2.1
  • argparse@2.0.1
  • array-union@2.1.0
  • brace-expansion@2.0.2
  • browserslist@4.25.4
  • camelcase@8.0.0
  • camelcase-keys@9.1.3
  • caniuse-lite@1.0.30001739
  • cross-spawn@7.0.6
  • dir-glob@3.0.1
  • eastasianwidth@0.2.0
  • electron-to-chromium@1.5.211
  • emoji-regex@9.2.2
  • enhanced-resolve@5.18.3
  • escalade@3.2.0
  • eslint@8.57.1
  • eslint-scope@7.2.2
  • eslint-visitor-keys@3.4.3
  • espree@9.6.1
  • fast-glob@3.3.3
  • fast-uri@3.1.0
  • fastq@1.19.1
  • find-up@5.0.0
  • foreground-child@3.3.1
  • get-stdin@8.0.0
  • glob@10.4.5
  • glob-parent@6.0.2
  • globby@11.1.0
  • graphemer@1.4.0
  • ignore@5.3.2
  • is-path-inside@3.0.3
  • jackspeak@3.4.3
  • js-yaml@4.1.0
  • locate-path@6.0.0
  • lru-cache@10.4.3
  • make-plural@7.4.0
  • map-obj@5.0.0
  • merge2@1.4.1
  • micromatch@4.0.8
  • minimatch@9.0.3
  • minimatch@9.0.5
  • minipass@7.1.2
  • moo@0.5.2
  • node-releases@2.0.19
  • p-locate@5.0.0
  • package-json-from-dist@1.0.1
  • path-scurry@1.11.1
  • path-type@4.0.0
  • picocolors@1.1.1
  • prettier@3.6.2
  • prettier-eslint-cli@8.0.1
  • queue-microtask@1.2.3
  • quick-lru@6.1.2
  • reusify@1.1.0
  • run-parallel@1.2.0
  • rxjs@7.8.2
  • safe-identifier@0.4.2
  • schema-utils@4.3.2
  • semver@7.7.2
  • signal-exit@4.1.0
  • string-width@5.1.2
  • string-width-cjs@4.2.3
  • strip-ansi@7.1.0
  • strip-ansi-cjs@6.0.1
  • tapable@2.2.3
  • terser-webpack-plugin@5.3.14
  • ts-api-utils@1.4.3
  • tslib@2.8.1
  • type-fest@4.41.0
  • typescript@5.9.2
  • update-browserslist-db@1.1.3
  • vue-eslint-parser@9.4.3
  • webpack@5.101.3
  • webpack-sources@3.3.3
  • wrap-ansi@8.1.0
  • wrap-ansi-cjs@7.0.0
  • ws@6.2.3
  • @types/estree@1.0.5
  • @webassemblyjs/ast@1.12.1
  • @webassemblyjs/floating-point-hex-parser@1.11.6
  • @webassemblyjs/helper-api-error@1.11.6
  • @webassemblyjs/helper-buffer@1.12.1
  • @webassemblyjs/helper-numbers@1.11.6
  • @webassemblyjs/helper-wasm-bytecode@1.11.6
  • @webassemblyjs/helper-wasm-section@1.12.1
  • @webassemblyjs/ieee754@1.11.6
  • @webassemblyjs/leb128@1.11.6
  • @webassemblyjs/utf8@1.11.6
  • @webassemblyjs/wasm-edit@1.12.1
  • @webassemblyjs/wasm-gen@1.12.1
  • @webassemblyjs/wasm-opt@1.12.1
  • @webassemblyjs/wasm-parser@1.12.1
  • @webassemblyjs/wast-printer@1.12.1
  • acorn-import-assertions@1.9.0
  • browserslist@4.23.1
  • camelcase-keys@6.2.2
  • caniuse-lite@1.0.30001632
  • cliui@5.0.0
  • decamelize@1.2.0
  • electron-to-chromium@1.4.798
  • enhanced-resolve@5.17.0
  • escalade@3.1.2
  • find-up@3.0.0
  • get-stdin@7.0.0
  • locate-path@3.0.0
  • make-plural@4.3.0
  • map-obj@4.3.0
  • messageformat@2.3.0
  • messageformat-formatters@2.0.1
  • messageformat-parser@4.1.3
  • node-releases@2.0.14
  • p-locate@3.0.0
  • path-exists@3.0.0
  • picocolors@1.0.1
  • prettier-eslint-cli@5.0.1
  • quick-lru@4.0.1
  • require-main-filename@2.0.0
  • schema-utils@3.3.0
  • set-blocking@2.0.0
  • tapable@2.2.1
  • terser-webpack-plugin@5.3.10
  • update-browserslist-db@1.0.16
  • webpack-sources@3.2.3
  • which-module@2.0.1
  • wrap-ansi@5.1.0
  • y18n@4.0.3
  • yargs@13.3.2
  • yargs-parser@13.1.2
package.json
  • prettier-eslint-cli@^8.0.1
  • prettier-eslint-cli@^5.0.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants