Skip to content

chore(deps): bump the testing group with 2 updates#298

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/testing-dd5d044042
Open

chore(deps): bump the testing group with 2 updates#298
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/testing-dd5d044042

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps the testing group with 2 updates: @vitest/coverage-v8 and vitest.

Updates @vitest/coverage-v8 from 4.0.18 to 4.1.0

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits
  • 4150b91 chore: release v4.1.0
  • 0c2c013 chore: release v4.1.0-beta.6
  • 689a22a fix(browser): types of getCDPSession and cdp() (#9716)
  • 94eb73b chore(deps): update eslint packages (#9615)
  • 8c96bb0 refator: update links to npmx (#9783)
  • aaf7758 chore: standardize packages README (#9776)
  • 57cbe39 chore(deps): update ast-v8-to-istanbul to v1 (#9755)
  • 79672d7 chore: release v4.1.0-beta.5
  • 1d9e3b3 chore: release v4.1.0-beta.4
  • 4ff8c6f chore(build): raise build target to the minimum supported, don't bundle utils...
  • Additional commits viewable in compare view

Updates vitest from 4.0.18 to 4.1.0

Release notes

Sourced from vitest's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits
  • 4150b91 chore: release v4.1.0
  • 1de0aa2 fix: correctly identify concurrent test during static analysis (#9846)
  • c3cac1c fix: use isAgent check, not just TTY, for watch mode (#9841)
  • eab68ba chore(deps): update all non-major dependencies (#9824)
  • 031f02a fix: allow catch/finally for async assertion (#9827)
  • 3e9e096 feat(reporters): add agent reporter to reduce ai agent token usage (#9779)
  • 0c2c013 chore: release v4.1.0-beta.6
  • 8181e06 fix: hideSkippedTests should not hide test.todo (fix #9562) (#9781)
  • a8216b0 fix: manual and redirect mock shouldn't load or transform original module...
  • 689a22a fix(browser): types of getCDPSession and cdp() (#9716)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the testing group with 2 updates
f2391e4 
Bumps the testing group with 2 updates: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/coverage-v8)

Updates `vitest` from 4.0.18 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: testing
- dependency-name: vitest
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: testing
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 16, 2026

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from rubenmarcus as a code owner March 16, 2026 10:39
@chatgpt-codex-connector
Copy link

chatgpt-codex-connector bot commented Mar 16, 2026

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@github-actions github-actions bot added the chore label Mar 16, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Mar 16, 2026

✔️ Bundle Size Analysis

Metric Value
Base 2638.70 KB
PR 2638.70 KB
Diff 0 KB (0%)
Bundle breakdown 
156K	dist/auth
80K	dist/automation
4.0K	dist/cli.d.ts
4.0K	dist/cli.d.ts.map
20K	dist/cli.js
12K	dist/cli.js.map
584K	dist/commands
28K	dist/config
4.0K	dist/index.d.ts
4.0K	dist/index.d.ts.map
4.0K	dist/index.js
4.0K	dist/index.js.map
896K	dist/integrations
100K	dist/llm
1.2M	dist/loop
188K	dist/mcp
60K	dist/presets
92K	dist/setup
40K	dist/skills
392K	dist/sources
76K	dist/ui
144K	dist/utils
336K	dist/wizard

claude[bot]
claude bot reviewed Mar 16, 2026
View reviewed changes
Copy link

@claude claude bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — straightforward Dependabot lockfile update for vitest 4.0.18 → 4.1.0.

Extended reasoning...

Overview

This PR is an automated Dependabot bump updating vitest and @vitest/coverage-v8 from 4.0.18 to 4.1.0. The only file changed is pnpm-lock.yaml, reflecting the new resolved versions and their transitive dependencies (esbuild 0.27.4, rollup 4.59.0, postcss 8.5.8, etc.).

Security risks

No security risks identified. This is a minor version bump of well-known testing dependencies. No application source code, configuration, or build pipeline files are modified — only the lockfile.

Level of scrutiny

Minimal scrutiny is appropriate. This is a lockfile-only change generated by Dependabot for dev dependencies (testing tools). It does not affect production code, runtime behavior, or CI/CD configuration.

Other factors

No bugs were found by the automated bug hunting system. No outstanding reviewer comments exist. The specifiers in package.json use ^4.0.18 ranges, so 4.1.0 is within the expected semver range. The PR is labeled dependencies and follows the established pattern of prior Dependabot PRs in this repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@rubenmarcus rubenmarcus Awaiting requested review from rubenmarcus rubenmarcus is a code owner

Assignees

No one assigned

Labels

chore dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants