Skip to content

chore(deps-dev): bump the app-dev-minor-patch group across 2 directories with 10 updates#347

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/bun/app/app-dev-minor-patch-ac873b453e
Open

chore(deps-dev): bump the app-dev-minor-patch group across 2 directories with 10 updates#347
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/bun/app/app-dev-minor-patch-ac873b453e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the app-dev-minor-patch group with 10 updates in the /app directory:

Package From To
@aws-sdk/client-s3 3.1075.0 3.1081.0
@clack/prompts 1.6.0 1.7.0
@types/web 0.0.350 0.0.352
knip 6.20.0 6.25.0
oxfmt 0.56.0 0.58.0
picomatch 4.0.4 4.0.5
react-email 6.6.4 6.6.8
sharp 0.35.2 0.35.3
vite 8.0.16 8.1.3
vitest 4.1.9 4.1.10

Bumps the app-dev-minor-patch group with 1 update in the /processing directory: oxfmt.

Updates @aws-sdk/client-s3 from 3.1075.0 to 3.1081.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1081.0

3.1081.0(2026-07-07)

Chores
Documentation Changes
  • client-marketplace-metering: The usage reporting window for the BatchMeterUsage API has been extended from 6 hours to 24 hours. Sellers can now submit usage records for up to 24 hours after a metered event occurs. The existing 6-hour grace period at the end of a billing cycle still applies. (4a362c9d)
New Features
  • clients: update client endpoints as of 2026-07-07 (fc9fb990)
  • client-ssm: Adding SSM Cloud Connector to support Azure Virtual Machines onboarding to AWS Systems Manager (6efef57f)
  • client-ec2: This launch surfaces the public SSM parameter associated with public AMIs in the AMI metadata. (9e8f9fa8)
  • client-route53globalresolver: Adds ListSharedDNSViews operation to list all DNS Views shared with caller using AWS Resource Access Manager. Also updates ListHostedZoneAssociations operation so that resource ARN param is optional, allowing caller to list all HostedZoneAssociations in account. (0e11517d)
  • client-partnercentral-revenue-measurement: Add support for AWS Partner Central Revenue Measurement API for creating, managing, and tracking revenue attributions and marketplace revenue share allocations. (9f3e80e6)
  • client-marketplace-catalog: This release enhances the ListEntities API to support ResellerRole filter for ResaleAuthorization entity. (d7b7cb79)
  • client-config-service: Added support for connecting AWS Config to third-party cloud service providers. New APIs include PutConnector, GetConnector, DeleteConnector, and ListConnectors for managing connectors, and PutThirdPartyServiceLinkedConfigurationRecorder for creating third-party service-linked recorders. (df52cb13)
  • client-securityhub: release SecurityHub MultiCloud integration with Azure (6f7d08e0)
  • client-inspector2: This release extends vulnerability management to Azure VM, container registries and function apps. Adds support for per-member-account scan configuration settings. (ae9b7bcf)
  • client-connect: Adds support for CreateAuthCode and DeleteSession APIs. (b84bbf6f)
  • client-lambda: AWS Lambda Durable Functions now supports customer managed KMS keys. This allows customers to configure a KMS key in Durable Config to have all their durable execution data encrypted. (796bc54a)
Bug Fixes
  • tests: use ES format for rollup bundle-size benchmark (#8163) (506e3aee)
  • credential-provider-http: fix token and URI path priority resolution (#8159) (e9e857d3)
  • scripts: publish unreleased X.0.0 baseline versions as-is (#8160) (ee9dc953)
Tests

For list of updated packages, view updated-packages.md in assets-3.1081.0.zip

v3.1080.0

3.1080.0(2026-07-06)

Chores
New Features
  • clients: update client endpoints as of 2026-07-06 (fc19f577)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1081.0 (2026-07-07)

Note: Version bump only for package @​aws-sdk/client-s3

3.1080.0 (2026-07-06)

Note: Version bump only for package @​aws-sdk/client-s3

3.1079.0 (2026-07-02)

Note: Version bump only for package @​aws-sdk/client-s3

3.1078.0 (2026-07-01)

Note: Version bump only for package @​aws-sdk/client-s3

3.1077.0 (2026-06-30)

Note: Version bump only for package @​aws-sdk/client-s3

3.1076.0 (2026-06-29)

Note: Version bump only for package @​aws-sdk/client-s3

Commits
  • 02d5abf Publish v3.1081.0
  • be034d9 Publish v3.1080.0
  • 74dc940 Publish v3.1079.0
  • 661087f Publish v3.1078.0
  • c39b676 chore(codegen): sync for thinner command classes, endpoint parameter type fix...
  • 5c490b6 Publish v3.1077.0
  • c4b42a4 chore(codegen): sync for internal checksum impls and IMDSv2 region fallback (...
  • ea8faa0 chore(checksums): add crc32c and sha1 checksums (#8126)
  • dfd62f6 Publish v3.1076.0
  • aa94fa0 chore(codegen): sync for checksum impls, hostLabel validation (#8127)
  • Additional commits viewable in compare view

Updates @clack/prompts from 1.6.0 to 1.7.0

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

Changelog

Sourced from @​clack/prompts's changelog.

1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

Commits

Updates @types/web from 0.0.350 to 0.0.352

Release notes

Sourced from @​types/web's releases.

@​types/web@​0.0.352

asynciterable.d.ts

No changes

index.d.ts

No changes

iterable.d.ts

No changes

ts5.5/asynciterable.d.ts

No changes

ts5.5/index.d.ts

No changes

ts5.5/iterable.d.ts

No changes

ts5.6/asynciterable.d.ts

No changes

ts5.6/index.d.ts

No changes

ts5.6/iterable.d.ts

No changes

ts5.9/asynciterable.d.ts

No changes

ts5.9/index.d.ts

No changes

ts5.9/iterable.d.ts

No changes

@​types/web@​0.0.351

... (truncated)

Commits

Updates knip from 6.20.0 to 6.25.0

Release notes

Sourced from knip's releases.

Release 6.25.0

  • fix: derive package name from package.json under Yarn nodeLinker: pnpm store (#1852) (3764605ed150b975fb6c88c4c4aa47f5bf9ae149) - thanks @​blowery!
  • Pick up types used in module augmentations via path aliases (resolve #1850) (9cc5a4132793990b5fcf9eae6f3db37426d979c0)
  • feat: add support for packageExtensions in yarn and pnpm (#1847) (61d3164cdac6e9252b3c52ce3bb2909949b4690e) - thanks @​trueberryless!
  • fix(ci): do not run integration on forks (#1855) (d23c10d1ae764c0b70addaafc79f01c543cc5efa) - thanks @​trueberryless!
  • chore(ci): improve security through specific permissions (#1856) (1eb42e639f9ec12d6d2ef88e1aaf07397b5bf226) - thanks @​trueberryless!
  • chore(ci): add concurrency blocks (#1857) (3bf3d115cf677fadcfe8fa72ce0e68cfd435d399) - thanks @​trueberryless!
  • fix(next): resolve src/ entry patterns like Next.js does (#1859) (6e6a5094e924a5cd104867f3907dbbb378f871b3) - thanks @​dayongkr!
  • Fix Bun test defaults (#1860) (2ac4c0427d2ac03939661f6dc236d15d11414fd5) - thanks @​jakeleventhal!
  • Extend agentic guidelines re. plugins (da606eb522f01187def8747d7ddb917c6735157d)
  • Support rspack and path aliases in require.context (d231d67a5e8713c2f48f9d695ae12a9dbfa0260e)
  • Support path aliases in import.meta.glob (resolve #1821) (fc7bb1ecc194e69f9f493bff5b33a4cc807fd788)
  • Register MDX compiler in Storybook plugin (6f1813809608cd36e44af22583805e686c51c5bd)
  • Resolve TypeDoc customCss and customJs files (105687daf682884257a2d40f26967d80ea4abef8)
  • Resolve inline Babel presets/plugins in Jest transform (38e4a4a4a06d902cf55457155f666c3b91e05f28)
  • Mark graphql-codegen generated outputs as entries (125536921f1845eeec1347091b238bb615f329e0)
  • Add Fumadocs plugin (77c2142fcc6ad6fdee651c5dc60a74c158cd8de3)
  • Support next.config.mts in Next.js plugin (0f27e772935bba5eaeca73ee75ce028412c4a1cc)
  • Add script command parser built on unbash (195510c6c912ade9cd7846302d2f9256ede9852c)
  • Gate Bun test entries on an actual bun test invocation (92903ec29bb8b86586e3d7e846236d8c38787ea9)
  • Detect Node.js test runner via script command parser (a0bfe7ba2958a1270604764a9ebf09425ce857d4)
  • Extract shared command walker for bash-parser and plugins (13014753d5031cf1de8081b3d148212a5894dde0)
  • Normalize aliased glob patterns to posix for Win (23b4a744330d0dddd2b1517f2f2d72c9d373a0b9)
  • Resolve inherited tsconfig paths from the extended config's directory (resolve #1866) (e3f0e5c69641bb7dfab06585251c98e3b3def049)
  • Handle var interpolations in shell cmd scripts (resolve #1867) (9422d06adb07fd29a3388ee6b037cda47fe28d1a)
  • Update query snapshot (5e192e996fd680c41674c9503437ee148b0f1870)
  • Add support for Prettier overrides (#1869) (5dc7f1235ff201c461a71f8a757c611441f1607a) - thanks @​remcohaszing!
  • Handle Serverless esbuild inject entries (#1865) (46111ef2f42c2ea89a43d8944b5efdcde7db2884) - thanks @​jakeleventhal!
  • docs: add links to Discord and Contributing in issue templates (#1868) (5ab3483e30733edc234e9913b3bf4bf05de45470) - thanks @​trueberryless!
  • Add eve (Vercel framework) plugin (#1864) (20cd970d2039835dd9bad79ee2e7f3a82cef1b6e) - thanks @​jakeleventhal!
  • Add circular dependencies as opt-in cycles issue type (resolve #1734) (#1812) (1b0ed6b3906d726b37a89b495fb22331ec2a0fbb)
  • chore(ci): remove redundant tag triggers (#1863) (c61d0086e4e669a8aeee230dc5ac3606832ea893) - thanks @​trueberryless!
  • Fix up docs a bit (89a2d8d6ac27ee866a15a8bcf5a49da3cba91b08)

Release 6.24.0

  • chore: update year in license (#1833) (32bc844dfd3895884b11fea5ef94bf3fa1974946) - thanks @​trueberryless!
  • ci: pin github actions (#1835) (82a8d0913105a637e9eeccfe3b785be90c873e2a) - thanks @​trueberryless!
  • Assume Node 24+/Bun and remove compilation step (d9ef038429bec06c37fdb520e5c7353c8cae6ce7)
  • Don't report working-directory scripts as unlisted binaries (resolve #1834) (aea7923438f0a8f459458578526f358b02497f77)
  • Add pnpm run lint to CI workflow (ec9aa1cabb58c97b8ecc4815e6cdd6421fe2a89e)
  • feat: add settings for Zed editor to use oxlint and oxfmt (#1836) (111f2e0a17999e3ffdf4c097cd42ba08acd48508) - thanks @​trueberryless!
  • fix: remove format_on_save: true settings from Zed settings to respect user settings (#1838) (dc2a64043035d426eb99a9d1e0eb873d02a09e7d) - thanks @​trueberryless!
  • feat: add Renovate for GitHub actions only (#1839) (ffce88c86f95822ee2a7cf8407e987a3ec79b097) - thanks @​trueberryless!
  • Ignore import() in JSDoc examples (#1844) (6f090f90f04e8202700ed68977faa1dc626ff235) - thanks @​cyphercodes!
  • Don't report types used only in module augmentations as unused (resolve #1843) (7901abd3c4b496f212445bff9768efc9548ded61)
  • Restore CI intent (0d739beab2e224385f449d62d6cc7d904107946e)
  • feat: add less, stylus compilers and astro, svelte, vue import resolution (#1845) (5525759f33a5664e4882aebe239e9c17eeb29f92) - thanks @​trueberryless!
  • Don't report built-in compiler dependencies as unused (3c9d4adf369f0064399d9da7b4f11f0467180bf5)
  • feat: add scss handling to stencil plugin (#1846) (acba6b85ab05f70385228872fafea2b08290d0f6) - thanks @​johnjenkins!
  • fix(reporters): always print the issue-type title for a single group (#1848) (cf997b2408cc0814c2d310d1e8c8680340153fa1) - thanks @​morgan-coded!

... (truncated)

Commits
  • f29ca18 Release knip@6.25.0
  • 89a2d8d Fix up docs a bit
  • 1b0ed6b Add circular dependencies as opt-in cycles issue type (resolve #1734) (#1812)
  • 20cd970 Add eve (Vercel framework) plugin (#1864)
  • 46111ef Handle Serverless esbuild inject entries (#1865)
  • 5dc7f12 Add support for Prettier overrides (#1869)
  • 9422d06 Handle var interpolations in shell cmd scripts (resolve #1867)
  • e3f0e5c Resolve inherited tsconfig paths from the extended config's directory (resolv...
  • 23b4a74 Normalize aliased glob patterns to posix for Win
  • 1301475 Extract shared command walker for bash-parser and plugins
  • Additional commits viewable in compare view

Updates oxfmt from 0.56.0 to 0.58.0

Commits

Updates picomatch from 4.0.4 to 4.0.5

Release notes

Sourced from picomatch's releases.

4.0.5

What's Changed

New Contributors

Full Changelog: micromatch/picomatch@4.0.4...4.0.5

Commits
  • 4f41a8e 4.0.5
  • 02cfc1b Update .verb.md and run verb to generate README documentation
  • cc52ff6 Only run the upload code coverage step for 1 matrix permutation
  • 6d426d7 Allow workflow to continue if the code coverage step to fails
  • a00b954 Merge branch 'codeql-coverage'
  • 9680381 Merge pull request #183 from MerlijnW70/fix/matchbase-windows-basename
  • 648b4f2 Merge pull request #182 from MerlijnW70/fix/repeated-extglob-drops-branches
  • 70e6485 Configure code coverage upload for CodeQL
  • ab8bc4d fix: honor the windows option when matching basenames
  • 6289307 fix: preserve all branches when rewriting risky repeated extglobs
  • Additional commits viewable in compare view

Updates react-email from 6.6.4 to 6.6.8

Release notes

Sourced from react-email's releases.

react-email@6.6.8

Patch Changes

  • dca3c01: Fix email build computing the wrong output file tracing root in nested-workspace monorepos (e.g. a package one or more directories below the true repo root), which caused Vercel deploys to fail with an ENOENT error on the routes manifest.

react-email@6.6.7

Patch Changes

  • 6a5ff2a: Escape double quotes in Markdown link href/title and image title attributes, matching the escaping already applied to image src/alt. A markdown title like 'The "Complete" Guide' no longer breaks out of the attribute in the rendered HTML.
  • 4cf4c72: Fix two-value logical shorthands whose values aren't all numeric (e.g. margin-inline: 1rem auto, padding-inline: 10px calc(1rem + 2px)) producing invalid duplicated longhands. They are now split into the correct per-side declarations.
  • fa77d55: Merge declarations when the same class is defined by multiple Tailwind rules (e.g. a preset and a child config override).
  • fa52a04: Convert Tailwind's rgba(r g b / a) syntax to rgb(r,g,b,a) syntax for better email client support.
  • fc8318c: Fix Tailwind classes not being inlined into styles for <Section>, <Column> and <Row>.

react-email@6.6.6

Patch Changes

  • b4ac0d5: Fix Button emitting mso-text-raise without a unit on its Outlook padding spacer (e.g. mso-text-raise:18), which Outlook treats as invalid. The value now carries px, matching the unit React already adds on the button label.
  • cb3c468: Fix email build so the generated preview app deploys on Vercel by tracing files from the user's project root instead of the .react-email subfolder.
  • Updated dependencies [c300cfb]
    • @​react-email/render@​2.0.10

react-email@6.6.5

No release notes provided.

Changelog

Sourced from react-email's changelog.

6.6.8

Patch Changes

  • dca3c01: Fix email build computing the wrong output file tracing root in nested-workspace monorepos (e.g. a package one or more directories below the true repo root), which caused Vercel deploys to fail with an ENOENT error on the routes manifest.

6.6.7

Patch Changes

  • 6a5ff2a: Escape double quotes in Markdown link href/title and image title attributes, matching the escaping already applied to image src/alt. A markdown title like 'The "Complete" Guide' no longer breaks out of the attribute in the rendered HTML.
  • 4cf4c72: Fix two-value logical shorthands whose values aren't all numeric (e.g. margin-inline: 1rem auto, padding-inline: 10px calc(1rem + 2px)) producing invalid duplicated longhands. They are now split into the correct per-side declarations.
  • fa77d55: Merge declarations when the same class is defined by multiple Tailwind rules (e.g. a preset and a child config override).
  • fa52a04: Convert Tailwind's rgba(r g b / a) syntax to rgb(r,g,b,a) syntax for better email client support.
  • fc8318c: Fix Tailwind classes not being inlined into styles for <Section>, <Column> and <Row>.

6.6.6

Patch Changes

  • b4ac0d5: Fix Button emitting mso-text-raise without a unit on its Outlook padding spacer (e.g. mso-text-raise:18), which Outlook treats as invalid. The value now carries px, matching the unit React already adds on the button label.
  • cb3c468: Fix email build so the generated preview app deploys on Vercel by tracing files from the user's project root instead of the .react-email subfolder.
  • Updated dependencies [c300cfb]
    • @​react-email/render@​2.0.10

6.6.5

Commits
  • 9a1c62f chore(root): version packages (#3631)
  • dca3c01 fix(react-email): resolve output file tracing root for nested-workspace monor...
  • f04df4d chore(root): version packages (#3625)
  • fa77d55 fix(tailwind): merge duplicate class rules across presets/plugins (#3629)
  • fa52a04 fix(tailwind): convert rgba() space syntax to comma syntax (#3589)
  • fc8318c fix(tailwind): not all React Email components having styles inlined into thei...
  • 4cf4c72 fix(tailwind): split two-value logical shorthands with auto/var/calc (#3595)
  • 6a5ff2a fix(markdown): escape double quotes in link href/title and image title (#3590)
  • 7792c3d chore(root): version packages (#3615)
  • b4ac0d5 fix(button): add px unit to mso-text-raise on Outlook spacer (#3591)
  • Additional commits viewable in compare view

Updates sharp from 0.35.2 to 0.35.3

Release notes

Sourced from sharp's releases.

v0.35.3

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

  • Improve code bundler support by resolving path to libvips binary.

  • Increase default concurrency when use of MALLOC_ARENA_MAX is detected.

  • Emit warning about binaries provided by Electron for use on Linux.

  • Add hasAlpha property to output info. #4500

  • TypeScript: Return more precise Buffer<ArrayBuffer> from toBuffer. #4520 @​Andarist

  • Bound clahe width and height to avoid signed overflow. #4551 @​metsw24-max

  • Bound trim margin to avoid signed overflow. #4552 @​metsw24-max

  • Reject infinite values when validating numbers. #4553 @​metsw24-max

  • Bound extract region to libvips coordinate limit. #4555 @​metsw24-max

  • Verify background colour values are numbers. #4556 @​metsw24-max

  • Bound create and raw input dimensions to coordinate limit. #4558 @​metsw24-max

  • Tighten recomb and affine matrix verification. #4560 @​chatman-media

  • Verify cache memory limit to avoid overflow. #4561 @​metsw24-max

v0.35.3-rc.2

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

... (truncated)

Commits
  • 1018449 Release v0.35.3
  • ba303a7 Prerelease v0.35.3-rc.2
  • 4f94fc5 Upgrade to sharp-libvips v1.3.2
  • c5e7a3f Bump devDeps, fix Deno/Windows smoke tests
  • 9a8d002 Docs: Add changelog entry and note about transferable #4520
  • 8694db0 TypeScript: Return more precise Buffer\<ArrayBuffer> from toBuffer (#4520)
  • e000d0b Prerelease v0.35.3-rc.1
  • 9554ca9 Prerelease v0.35.3-rc.0
  • 6a29fd5 Emit warning about native binaries on Linux Electron
  • 540d2ea Increase default concurrency when use of MALLOC_ARENA_MAX detected
  • Additional commits viewable in compare view

Updates vite from 8.0.16 to 8.1.3

Release notes

Sourced from vite's releases.

v8.1.3

Please refer to CHANGELOG.md for details.

v8.1.2

Please refer to CHANGELOG.md for details.

v8.1.1

Please refer to CHANGELOG.md for details.

create-vite@8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0

Please refer to CHANGELOG.md for details.

v8.1.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.1.0-beta.0

Please refer to CHANGELOG.md for details.

v8.1.0-beta.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.1.3 (2026-07-02)

Bug Fixes

8.1.2 (2026-06-30)

Bug Fixes

  • deps: revert es-module-lexer to 2.1.0 (#22827) (0d3bd7c)
  • restore, "fix: resolve pnpm .modules.yaml from workspace root instead of cwd (#22757)" (#22825) (efb98cc)
  • revert, "fix: escape ids with multiple null bytes (#22687)" (cccef55)
  • revert, "fix: resolve pnpm .modules.yaml from workspace root instead of cwd (#22757)" (cf97711)

8.1.1 (2026-06-30)

Features

  • update dynamic import warning to link to Vite docs (#22823) (62bd7af)

Bug Fixes

  • bundled-dev: avoid stack overflow on import.meta.hot.invalidate() (#22797) (709eb8e)
  • bundled-dev: serve assets emitted during HMR/lazy compile (#22745) (5876b2c)
  • bundledDev: skip plugin transform hooks for rolldown-lazy stub modules (#22778) (8f925e2)
  • css: preserve dollar signs in external @import urls with lightningcss (#22718) (9fa7ab4)
  • css: resolve tsconfig paths in CSS and Sass @​import (#22775) (ef0b891)
  • deps: update all non-major dependencies (#22734) (e635f49)
  • deps: update all non-major dependencies (#22804) (8837400)
  • deps: update rolldown-related dependencies (#22591) (2ce6677)
  • escape ids with multiple null bytes (#22687) (833fc30)
  • hide console window when running 'net use' on Windows (#22698) (92b63f2)
  • ignore bundled config temp dir (#22800) (043a810)
  • invert esbuild.jsxSideEffects when converting to oxc.jsx.pure (#22809) (33895ba)
  • optimize-deps: ignore ERR_CLOSED_SERVER in scanner (#22784) (085a0ab)
  • optimizer: scanner should resolve input from root (#22769) (9722b07)
  • resolve pnpm .modules.yaml from workspace root instead of cwd (#22757) (2531ac7)
  • return sourcemap field from some plugins that were lacking (#22782) (7e18bf8)
  • server: handle malformed URI in indexHtmlMiddleware (#22781) (84f5ccc)

Miscellaneous Chores

Code Refactoring

  • css: remove lightningcss null byte bug workaround (#22822) (2dafd3b)
  • use pre-defined environments variable to avoid duplicate Object.values calls (#22790) (1113acf)

... (truncated)

Commits
  • 578ffb8 release: v8.1.3
  • 7103c3a fix(deps): bump es-module-lexer to 2.3.0 (#22838)
  • 1534d36 fix(css): inject inlined CSS after the shebang line (#22717)
  • c4acd69 fix(ssr): correct stacktrace column position for first line (#22828)
  • 2c53054 fix: preload css for nested dynamic imports (#22759)
  • ba31193 release: v8.1.2
  • 0d3bd7c fix(deps): revert es-module-lexer to 2.1.0 (#22827)
  • efb98cc fix: restore, "fix: resolve pnpm .modules.yaml from workspace root instead of...
  • cf97711 fix: revert, "fix: resolve pnpm .modules.yaml from workspace root instead of ...
  • cccef55 fix: revert, "fix: escape ids with multiple null bytes (#22687)"
  • Additional commits viewable in compare view

Updates vitest from 4.1.9 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • See full diff in compare view

Updates oxfmt from 0.56.0 to 0.58.0

Commits

Updates oxfmt from 0.56.0 to 0.58.0

Commits

Updates oxfmt from 0.56.0 to 0.58.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Details Description has been truncated

…ies with 10 updates

Bumps the app-dev-minor-patch group with 10 updates in the /app directory:

| Package | From | To |
| --- | --- | --- |
| [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) | `3.1075.0` | `3.1081.0` |
| [@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts) | `1.6.0` | `1.7.0` |
| [@types/web](https://github.com/microsoft/TypeScript-DOM-Lib-Generator) | `0.0.350` | `0.0.352` |
| [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) | `6.20.0` | `6.25.0` |
| [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) | `0.56.0` | `0.58.0` |
| [picomatch](https://github.com/micromatch/picomatch) | `4.0.4` | `4.0.5` |
| [react-email](https://github.com/resend/react-email/tree/HEAD/packages/react-email) | `6.6.4` | `6.6.8` |
| [sharp](https://github.com/lovell/sharp) | `0.35.2` | `0.35.3` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.16` | `8.1.3` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.9` | `4.1.10` |

Bumps the app-dev-minor-patch group with 1 update in the /processing directory: [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt).


Updates `@aws-sdk/client-s3` from 3.1075.0 to 3.1081.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1081.0/clients/client-s3)

Updates `@clack/prompts` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/bombshell-dev/clack/releases)
- [Changelog](https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md)
- [Commits](https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.7.0/packages/prompts)

Updates `@types/web` from 0.0.350 to 0.0.352
- [Release notes](https://github.com/microsoft/TypeScript-DOM-Lib-Generator/releases)
- [Commits](https://github.com/microsoft/TypeScript-DOM-Lib-Generator/compare/@types/web@0.0.350...@types/web@0.0.352)

Updates `knip` from 6.20.0 to 6.25.0
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Commits](https://github.com/webpro-nl/knip/commits/knip@6.25.0/packages/knip)

Updates `oxfmt` from 0.56.0 to 0.58.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.58.0/npm/oxfmt)

Updates `picomatch` from 4.0.4 to 4.0.5
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@4.0.4...4.0.5)

Updates `react-email` from 6.6.4 to 6.6.8
- [Release notes](https://github.com/resend/react-email/releases)
- [Changelog](https://github.com/resend/react-email/blob/canary/packages/react-email/CHANGELOG.md)
- [Commits](https://github.com/resend/react-email/commits/react-email@6.6.8/packages/react-email)

Updates `sharp` from 0.35.2 to 0.35.3
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.35.2...v0.35.3)

Updates `vite` from 8.0.16 to 8.1.3
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)

Updates `vitest` from 4.1.9 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

Updates `oxfmt` from 0.56.0 to 0.58.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.58.0/npm/oxfmt)

Updates `oxfmt` from 0.56.0 to 0.58.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.58.0/npm/oxfmt)

Updates `oxfmt` from 0.56.0 to 0.58.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.58.0/npm/oxfmt)

---
updated-dependencies:
- dependency-name: "@aws-sdk/client-s3"
  dependency-version: 3.1081.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: "@clack/prompts"
  dependency-version: 1.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: "@types/web"
  dependency-version: 0.0.352
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: app-dev-minor-patch
- dependency-name: knip
  dependency-version: 6.25.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: oxfmt
  dependency-version: 0.58.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: picomatch
  dependency-version: 4.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: app-dev-minor-patch
- dependency-name: react-email
  dependency-version: 6.6.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: app-dev-minor-patch
- dependency-name: sharp
  dependency-version: 0.35.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: app-dev-minor-patch
- dependency-name: vite
  dependency-version: 8.1.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: app-dev-minor-patch
- dependency-name: oxfmt
  dependency-version: 0.58.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: oxfmt
  dependency-version: 0.58.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
- dependency-name: oxfmt
  dependency-version: 0.58.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: app-dev-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 13, 2026
@github-actions

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@aws-sdk/client-s3 3.1081.0 🟢 6.9
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 1Found 4/30 approved changesets -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 5detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Security-Policy🟢 10security policy file detected
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 9binaries present in source code
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing🟢 10project is fuzzed
npm/@clack/prompts 1.7.0 UnknownUnknown
npm/@types/web 0.0.352 🟢 7
Details
CheckScoreReason
Maintained🟢 1014 commit(s) out of 30 and 1 issue activity out of 30 found in the last 90 days -- score normalized to 10
Code-Review🟢 9GitHub code reviews found for 29 commits out of the last 30 -- score normalized to 9
CII-Best-Practices⚠️ 0no badge detected
Vulnerabilities🟢 10no vulnerabilities detected
Dependency-Update-Tool🟢 10update tool detected
Token-Permissions⚠️ 0non read-only tokens detected in GitHub workflows
License🟢 10license file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 7dependency not pinned by hash detected -- score normalized to 7
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
npm/knip 6.25.0 UnknownUnknown
npm/oxfmt 0.58.0 UnknownUnknown
npm/oxlint 1.73.0 UnknownUnknown
npm/oxlint-tsgolint ^0.24.0 UnknownUnknown
npm/picomatch ^4.0.5 UnknownUnknown
npm/react-email 6.6.8 UnknownUnknown
npm/sharp 0.35.3 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 3Found 10/28 approved changesets -- score normalized to 3
Maintained🟢 1030 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Fuzzing🟢 10project is fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/vite ^8.1.3 UnknownUnknown
npm/vitest 4.1.10 UnknownUnknown
npm/oxfmt ^0.58.0 UnknownUnknown
npm/oxlint 1.73.0 UnknownUnknown

Scanned Files

  • app/package.json
  • processing/package.json

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants