Skip to content

build(deps): bump the npm-dependencies group across 1 directory with 6 updates#578

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-17d05bbd10
Closed

build(deps): bump the npm-dependencies group across 1 directory with 6 updates#578
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-17d05bbd10

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-dependencies group with 6 updates in the / directory:

Package From To
@babel/core 7.29.7 8.0.1
js-yaml 4.3.0 5.2.1
tree-sitter-containerfile 0.8.1 0.9.2
@trustify-da/trustify-da-api-model 2.0.10 2.0.11
@types/node 25.9.4 26.1.0
msw 2.14.6 2.15.0

Updates @babel/core from 7.29.7 to 8.0.1

Release notes

Sourced from @​babel/core's releases.

v8.0.1 (2026-06-17)

This release includes a breaking change that was in the Babel 8 migration guide's Getting ready section and in the release post, but the actual removal of the feature from the codebase was accidentally not complete.

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

Committers: 2

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

Committers: 6

... (truncated)

Changelog

Sourced from @​babel/core's changelog.

v8.0.1 (2026-06-17)

💥 Breaking Change

  • babel-core, babel-plugin-transform-object-rest-spread, babel-plugin-transform-runtime, babel-preset-env, babel-standalone

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

  • babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register
  • babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime
  • babel-parser

🐛 Bug Fix

  • babel-generator
  • babel-plugin-transform-modules-systemjs

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

🏠 Internal

  • babel-core
  • babel-compat-data, babel-register
  • babel-helper-transform-fixture-test-runner, babel-node

... (truncated)

Commits

Updates js-yaml from 4.3.0 to 5.2.1

Changelog

Sourced from js-yaml's changelog.

[5.2.1] - 2026-07-02

Fixed

  • Add Map support to !!omap (should work when realMapTag used)

Security

  • Remove quadratic complexity from !!omap addItem. Regression from v5 (usually not critical, because YAML11_SCHEMA is not default anymore).
Commits
  • ac16b42 5.2.1 released
  • 4a864e5 Deps bump
  • 39f3211 !!omap: add Map support and remove quadratic complexity
  • ff17f1e Changelog update
  • 8ed15f1 deps bump
  • 1a562dc Fix changelog link
  • c28ed5e 5.2.0 released
  • 125cd5a Add maxAliases option
  • 3105455 Replace maxMergeSeqLengthoption with maxTotalMergeKeys (more robust)
  • 39d00d6 numbers: Drop boxed numbers support, simplify .identify() checks, clarify rou...
  • Additional commits viewable in compare view

Updates tree-sitter-containerfile from 0.8.1 to 0.9.2

Release notes

Sourced from tree-sitter-containerfile's releases.

v0.9.2

What's Changed

Full Changelog: wharflab/tree-sitter-containerfile@v0.9.1...v0.9.2

v0.9.1

Full Changelog: wharflab/tree-sitter-containerfile@v0.9.0...v0.9.1

v0.9.0

What's Changed

Full Changelog: wharflab/tree-sitter-containerfile@v0.8.1...v0.9.0

Commits
  • 1df9124 chore: v0.9.2
  • d06c52d fix(grammar): reject glued instruction keywords (FROMalpine) via scanner word...
  • cfd2634 chore: v0.9.1
  • 39ebc34 fix(grammar): close 13 syntax gaps (CRLF, quoting, expansions, heredocs, imag...
  • 4ff2892 Update dependency node-addon-api to v8.9.0
  • c7fa574 Update dependency eslint to v10.6.0
  • 8fb1f75 Update dependency tree-sitter-cli to v0.26.10
  • 97bd84f Update Rust crate tree-sitter to v0.26.10
  • 3043b21 Update dependency globals to v17.7.0
  • See full diff in compare view

Updates @trustify-da/trustify-da-api-model from 2.0.10 to 2.0.11

Release notes

Sourced from @​trustify-da/trustify-da-api-model's releases.

Release 2.0.11

What's Changed

Full Changelog: guacsec/trustify-da-api-spec@v2.0.10...v2.0.11

Commits
  • d8abad2 build(release): release version 2.0.11
  • ffca6de Merge pull request #115 from ruromero/TC-5018
  • 51f6b6d fix: add format uri to url properties in RemediationInfo and AdvisoryInfo
  • 84cf82d feat: add AdvisoryInfo schema to RemediationInfo
  • c3fd37c Merge pull request #114 from guacsec/release/v2.0.10
  • 8ea47b5 build(release): bump to next development version
  • See full diff in compare view

Updates @types/node from 25.9.4 to 26.1.0

Commits

Updates msw from 2.14.6 to 2.15.0

Release notes

Sourced from msw's releases.

v2.15.0 (2026-07-08)

Features

  • sse: invoke finalize on response stream end (#2741) (7fae0cc0954b20c739ae8e95a24eefc8a78710e8) @​kettanaito

v2.14.7 (2026-07-07)

Bug Fixes

  • sse: proper logging for concurrent requests (#2762) (5c0ae1c334a0cbe52638bd2949540372be3d46ba) @​kettanaito
Commits
  • 49d9d47 chore(release): v2.15.0
  • ed88583 test(finalize): use expect.poll vs waitFor
  • 7fae0cc feat(sse): invoke finalize on response stream end (#2741)
  • db818ee chore(release): v2.14.7
  • 418854a chore: upgrade @ossjs/release
  • 5c0ae1c fix(sse): proper logging for concurrent requests (#2762)
  • 3016bda test: fix flaky ws.clients.browser.test.ts
  • 0df6d6a test: fix flaky in-flight-request.test.ts
  • ff6836b chore: pin github actions to commit sha, update pnpm (#2761)
  • 8a19d54 chore: improve github actions security (#2747)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…6 updates

Bumps the npm-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.29.7` | `8.0.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.3.0` | `5.2.1` |
| [tree-sitter-containerfile](https://github.com/wharflab/tree-sitter-containerfile) | `0.8.1` | `0.9.2` |
| [@trustify-da/trustify-da-api-model](https://github.com/guacsec/trustify-da-api-spec) | `2.0.10` | `2.0.11` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.4` | `26.1.0` |
| [msw](https://github.com/mswjs/msw) | `2.14.6` | `2.15.0` |



Updates `@babel/core` from 7.29.7 to 8.0.1
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v8.0.1/packages/babel-core)

Updates `js-yaml` from 4.3.0 to 5.2.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.3.0...5.2.1)

Updates `tree-sitter-containerfile` from 0.8.1 to 0.9.2
- [Release notes](https://github.com/wharflab/tree-sitter-containerfile/releases)
- [Commits](wharflab/tree-sitter-containerfile@v0.8.1...v0.9.2)

Updates `@trustify-da/trustify-da-api-model` from 2.0.10 to 2.0.11
- [Release notes](https://github.com/guacsec/trustify-da-api-spec/releases)
- [Commits](guacsec/trustify-da-api-spec@v2.0.10...v2.0.11)

Updates `@types/node` from 25.9.4 to 26.1.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `msw` from 2.14.6 to 2.15.0
- [Release notes](https://github.com/mswjs/msw/releases)
- [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md)
- [Commits](mswjs/msw@v2.14.6...v2.15.0)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: js-yaml
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: tree-sitter-containerfile
  dependency-version: 0.9.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@trustify-da/trustify-da-api-model"
  dependency-version: 2.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@types/node"
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: msw
  dependency-version: 2.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 8, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 9, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-dependencies-17d05bbd10 branch July 9, 2026 06:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants