Skip to content

chore(deps): bump es-toolkit from 1.48.1 to 1.49.0 in /app#343

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/bun/app/es-toolkit-1.49.0
Open

chore(deps): bump es-toolkit from 1.48.1 to 1.49.0 in /app#343
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/bun/app/es-toolkit-1.49.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps es-toolkit from 1.48.1 to 1.49.0.

Release notes

Sourced from es-toolkit's releases.

v1.49.0

Released on June 26th, 2026.

  • Added the es-toolkit/fp entrypoint with data-last, pipeable utilities, documentation, benchmarks, and bundle-size checks. ([#1781])
  • Added a broad set of array utilities to es-toolkit/fp, covering slicing, grouping, set operations, ordering, zipping, and collection helpers. ([#1801])
  • Fixed trimStart to validate multi-character trim strings correctly before it stops trimming. ([#1615])
  • Fixed compat/pick to prefer a literal key over a dot-notation path when the picked value is undefined. ([#1775])
  • Fixed compat/random to better match Lodash behavior for coerced bounds and floating-point options. ([#1767])
  • Fixed compat/chunk to handle NaN and Infinity size values consistently with Lodash. ([#1797])
  • Improved documentation and JSDoc accuracy across array, function, and compat references. ([#1785], [#1786], [#1788], [#1790], [#1791], [#1792], [#1793], [#1795], [#1800])

We sincerely thank @​Antoliny0919, @​D-Sketon, @​eunwoo-levi, and @​raon0211 for their contributions. We appreciate your great efforts!

Changelog

Sourced from es-toolkit's changelog.

Version v1.49.0

Released on June 26th, 2026.

  • Added the es-toolkit/fp entrypoint with data-last, pipeable utilities, documentation, benchmarks, and bundle-size checks. (#1781)
  • Added a broad set of array utilities to es-toolkit/fp, covering slicing, grouping, set operations, ordering, zipping, and collection helpers. (#1801)
  • Fixed trimStart to validate multi-character trim strings correctly before it stops trimming. (#1615)
  • Fixed compat/pick to prefer a literal key over a dot-notation path when the picked value is undefined. (#1775)
  • Fixed compat/random to better match Lodash behavior for coerced bounds and floating-point options. (#1767)
  • Fixed compat/chunk to handle NaN and Infinity size values consistently with Lodash. (#1797)
  • Improved documentation and JSDoc accuracy across array, function, and compat references. (#1785, #1786, #1788, #1790, #1791, #1792, #1793, #1795, #1800)

We sincerely thank @​Antoliny0919, @​D-Sketon, @​eunwoo-levi, and @​raon0211 for their contributions. We appreciate your great efforts!

Commits
  • c8d3c36 v1.49.0
  • 6b75d8a feat[fp]: add array pipeline utilities (#1801)
  • ba1686d build(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#1802)
  • 18ab50d build(deps): bump softprops/action-gh-release from 3.0.0 to 3.0.1 (#1803)
  • 90d854c feat(fp): add es-toolkit/fp functional pipeline module (#1781)
  • 75c8841 docs(compat): unify "Lodash Compatibility" headings across reference docs (#1...
  • 0aaf0e6 fix(compat/chunk): handle NaN and Infinity size values for compability (#1797)
  • e008a28 fix(compat/random): compatibility issues with random function (#1767)
  • 6bbf178 fix(compat/pick): prioritize literal key over dot notation path when value is...
  • 2e9ce80 fix(compat/differenceBy): rename parameter arr to array for consistency (#1786)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [es-toolkit](https://github.com/toss/es-toolkit) from 1.48.1 to 1.49.0.
- [Release notes](https://github.com/toss/es-toolkit/releases)
- [Changelog](https://github.com/toss/es-toolkit/blob/main/CHANGELOG.md)
- [Commits](toss/es-toolkit@v1.48.1...v1.49.0)

---
updated-dependencies:
- dependency-name: es-toolkit
  dependency-version: 1.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 6, 2026
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

app/package.json

PackageVersionLicenseIssue Type
es-toolkit^1.49.0NullUnknown License
Allowed Licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0, 0BSD, Unlicense, CC0-1.0

OpenSSF Scorecard

PackageVersionScoreDetails
npm/es-toolkit ^1.49.0 UnknownUnknown

Scanned Files

  • app/package.json

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants