Skip to content

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in /npm_and_yarn/helpers#47

Open
dependabot[bot] wants to merge 26 commits into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn/helpers/isaacs/brace-expansion-5.0.1
Open

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in /npm_and_yarn/helpers#47
dependabot[bot] wants to merge 26 commits into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn/helpers/isaacs/brace-expansion-5.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 3, 2026

Copy link
Copy Markdown

Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1.

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by cubic

Upgrade @isaacs/brace-expansion from 5.0.0 to 5.0.1 in npm_and_yarn/helpers to pick up the latest patch fixes. Updates package-lock to keep helper dependencies current.

Written for commit 11e38ea. Summary will update on new commits.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot Bot and others added 26 commits January 23, 2026 21:35
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [tar](https://github.com/isaacs/node-tar) to 7.5.6 and updates ancestor dependencies [tar](https://github.com/isaacs/node-tar), [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist) and [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Updates `tar` from 6.2.1 to 7.5.6
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v6.2.1...v7.5.6)

Updates `@npmcli/arborist` from 8.0.0 to 9.1.10
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/commits/arborist-v9.1.10/workspaces/arborist)

Updates `npm` from 6.14.18 to 11.8.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](npm/cli@v6.14.18...v11.8.0)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.6
  dependency-type: indirect
- dependency-name: "@npmcli/arborist"
  dependency-version: 9.1.10
  dependency-type: direct:production
- dependency-name: npm
  dependency-version: 11.8.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
…lpers/multi-6afa301cf6

Bump tar, @npmcli/arborist and npm in /bun/helpers
Bumps [symfony/process](https://github.com/symfony/process) from 7.3.0 to 7.4.5.
- [Release notes](https://github.com/symfony/process/releases)
- [Changelog](https://github.com/symfony/process/blob/8.1/CHANGELOG.md)
- [Commits](symfony/process@v7.3.0...v7.4.5)

---
updated-dependencies:
- dependency-name: symfony/process
  dependency-version: 7.4.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [nuget/helpers/lib/NuGet.Client](https://github.com/NuGet/NuGet.Client) from `2948e02` to `53c7a9c`.
- [Release notes](https://github.com/NuGet/NuGet.Client/releases)
- [Commits](NuGet/NuGet.Client@2948e02...53c7a9c)

---
updated-dependencies:
- dependency-name: nuget/helpers/lib/NuGet.Client
  dependency-version: 53c7a9c9b4a3c31d9adf13fc873f2432eb53768e
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps library/rust from 1.88.0-bookworm to 1.93.0-bookworm.

---
updated-dependencies:
- dependency-name: library/rust
  dependency-version: 1.93.0-bookworm
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [golang.org/x/mod](https://github.com/golang/mod) from 0.26.0 to 0.32.0.
- [Commits](golang/mod@v0.26.0...v0.32.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps [dotnet-sdk](https://github.com/dotnet/sdk) from 9.0.302 to 10.0.102.
- [Release notes](https://github.com/dotnet/sdk/releases)
- [Commits](dotnet/sdk@v9.0.302...v10.0.102)

---
updated-dependencies:
- dependency-name: dotnet-sdk
  dependency-version: 10.0.102
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps the pip-tools group in /python/helpers with 1 update: [pip-tools](https://github.com/jazzband/pip-tools).


Updates `pip-tools` from 7.4.1 to 7.5.2
- [Release notes](https://github.com/jazzband/pip-tools/releases)
- [Changelog](https://github.com/jazzband/pip-tools/blob/main/CHANGELOG.md)
- [Commits](jazzband/pip-tools@7.4.1...v7.5.2)

---
updated-dependencies:
- dependency-name: pip-tools
  dependency-version: 7.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pip-tools
...

Signed-off-by: dependabot[bot] <support@github.com>
…elpers/lib/NuGetUpdater/dotnet-sdk-10.0.102
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps  and [brace-expansion](https://github.com/juliangruber/brace-expansion). These dependencies needed to be updated together.

Updates `brace-expansion` from 1.1.11 to 1.1.12
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

Updates `brace-expansion` from 2.0.1 to 2.0.2
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 1.1.12
  dependency-type: indirect
- dependency-name: brace-expansion
  dependency-version: 2.0.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Bumps the npm-dependencies group in /npm_and_yarn/helpers with 3 updates: [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist), [nock](https://github.com/nock/nock) and [semver](https://github.com/npm/node-semver).


Updates `@npmcli/arborist` from 8.0.0 to 9.1.10
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/commits/arborist-v9.1.10/workspaces/arborist)

Updates `nock` from 13.5.6 to 14.0.10
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v13.5.6...v14.0.10)

Updates `semver` from 7.6.3 to 7.7.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.6.3...v7.7.3)

---
updated-dependencies:
- dependency-name: "@npmcli/arborist"
  dependency-version: 9.1.10
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: nock
  dependency-version: 14.0.10
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: semver
  dependency-version: 7.7.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
…nd_yarn/helpers/npm-dependencies-b295cd00ec

Bump the npm-dependencies group in /npm_and_yarn/helpers with 3 updates
Bumps the prod-dependencies group with 1 update in the /composer/helpers/v2 directory: [composer/composer](https://github.com/composer/composer).


Updates `composer/composer` from 2.8.9 to 2.9.4
- [Release notes](https://github.com/composer/composer/releases)
- [Changelog](https://github.com/composer/composer/blob/main/CHANGELOG.md)
- [Commits](composer/composer@2.8.9...2.9.4)

---
updated-dependencies:
- dependency-name: composer/composer
  dependency-version: 2.9.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
…helpers/v2/prod-dependencies-2bf85eb48c

Bump composer/composer from 2.8.9 to 2.9.4 in /composer/helpers/v2 in the prod-dependencies group across 1 directory
)

Bumps the prod-dependencies group with 25 updates in the /updater directory:

| Package | From | To |
| --- | --- | --- |
| [zeitwerk](https://github.com/fxn/zeitwerk) | `2.7.1` | `2.7.4` |
| [parallel](https://github.com/grosser/parallel) | `1.26.3` | `1.27.0` |
| [aws-sdk-codecommit](https://github.com/aws/aws-sdk-ruby) | `1.63.0` | `1.96.0` |
| [aws-sdk-ecr](https://github.com/aws/aws-sdk-ruby) | `1.68.0` | `1.119.0` |
| [commonmarker](https://github.com/gjtorikian/commonmarker) | `2.3.1` | `2.6.3` |
| [excon](https://github.com/excon/excon) | `1.2.5` | `1.3.2` |
| [faraday](https://github.com/lostisland/faraday) | `2.7.11` | `2.14.0` |
| [faraday-retry](https://github.com/lostisland/faraday-retry) | `2.2.0` | `2.4.0` |
| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.18.9` | `1.19.0` |
| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-ruby) | `1.5.0` | `1.7.0` |
| [opentelemetry-metrics-api](https://github.com/open-telemetry/opentelemetry-ruby) | `0.3.0` | `0.4.0` |
| [ostruct](https://github.com/ruby/ostruct) | `0.6.1` | `0.6.3` |
| [parser](https://github.com/whitequark/parser) | `3.3.7.1` | `3.3.10.1` |
| [psych](https://github.com/ruby/psych) | `5.1.2` | `5.3.1` |
| [sorbet-runtime](https://github.com/sorbet/sorbet) | `0.5.11952` | `0.6.12903` |
| [stackprof](https://github.com/tmm1/stackprof) | `0.2.25` | `0.2.27` |
| [toml-rb](https://github.com/emancu/toml-rb) | `4.0.0` | `4.1.0` |
| [parseconfig](https://github.com/datafolklabs/ruby-parseconfig) | `1.0.8` | `1.1.2` |
| [http](https://github.com/httprb/http) | `5.1.1` | `5.3.1` |
| [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-ruby) | `0.30.0` | `0.31.1` |
| [opentelemetry-exporter-otlp-logs](https://github.com/open-telemetry/opentelemetry-ruby) | `0.2.0` | `0.2.2` |
| [opentelemetry-exporter-otlp-metrics](https://github.com/open-telemetry/opentelemetry-ruby) | `0.4.0` | `0.6.1` |
| [opentelemetry-instrumentation-excon](https://github.com/open-telemetry/opentelemetry-ruby-contrib) | `0.23.0` | `0.27.0` |
| [opentelemetry-logs-sdk](https://github.com/open-telemetry/opentelemetry-ruby) | `0.2.0` | `0.4.0` |
| [opentelemetry-metrics-sdk](https://github.com/open-telemetry/opentelemetry-ruby) | `0.6.0` | `0.11.2` |



Updates `zeitwerk` from 2.7.1 to 2.7.4
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fxn/zeitwerk/commits)

Updates `parallel` from 1.26.3 to 1.27.0
- [Commits](grosser/parallel@v1.26.3...v1.27.0)

Updates `aws-sdk-codecommit` from 1.63.0 to 1.96.0
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-codecommit/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Updates `aws-sdk-ecr` from 1.68.0 to 1.119.0
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-ecr/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Updates `commonmarker` from 2.3.1 to 2.6.3
- [Release notes](https://github.com/gjtorikian/commonmarker/releases)
- [Changelog](https://github.com/gjtorikian/commonmarker/blob/main/CHANGELOG.md)
- [Commits](gjtorikian/commonmarker@v2.3.1...v2.6.3)

Updates `excon` from 1.2.5 to 1.3.2
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](excon/excon@v1.2.5...v1.3.2)

Updates `faraday` from 2.7.11 to 2.14.0
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md)
- [Commits](lostisland/faraday@v2.7.11...v2.14.0)

Updates `faraday-retry` from 2.2.0 to 2.4.0
- [Release notes](https://github.com/lostisland/faraday-retry/releases)
- [Changelog](https://github.com/lostisland/faraday-retry/blob/main/CHANGELOG.md)
- [Commits](lostisland/faraday-retry@v2.2.0...v2.4.0)

Updates `json` from 2.9.1 to 2.11.3
- [Release notes](https://github.com/ruby/json/releases)
- [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md)
- [Commits](ruby/json@v2.9.1...v2.11.3)

Updates `nokogiri` from 1.18.9 to 1.19.0
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.18.9...v1.19.0)

Updates `opentelemetry-api` from 1.5.0 to 1.7.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/api/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-api/v1.5.0...opentelemetry-api/v1.7.0)

Updates `opentelemetry-metrics-api` from 0.3.0 to 0.4.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/metrics_api/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-metrics-api/v0.3.0...opentelemetry-metrics-api/v0.4.0)

Updates `ostruct` from 0.6.1 to 0.6.3
- [Release notes](https://github.com/ruby/ostruct/releases)
- [Commits](ruby/ostruct@v0.6.1...v0.6.3)

Updates `parser` from 3.3.7.1 to 3.3.10.1
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](whitequark/parser@v3.3.7.1...v3.3.10.1)

Updates `psych` from 5.1.2 to 5.3.1
- [Release notes](https://github.com/ruby/psych/releases)
- [Commits](ruby/psych@v5.1.2...v5.3.1)

Updates `sorbet-runtime` from 0.5.11952 to 0.6.12903
- [Release notes](https://github.com/sorbet/sorbet/releases)
- [Commits](https://github.com/sorbet/sorbet/commits)

Updates `stackprof` from 0.2.25 to 0.2.27
- [Changelog](https://github.com/tmm1/stackprof/blob/master/CHANGELOG.md)
- [Commits](tmm1/stackprof@v0.2.25...v0.2.27)

Updates `toml-rb` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/emancu/toml-rb/releases)
- [Commits](emancu/toml-rb@v4.0.0...v4.1.0)

Updates `parseconfig` from 1.0.8 to 1.1.2
- [Changelog](https://github.com/datafolklabs/ruby-parseconfig/blob/master/Changelog)
- [Commits](https://github.com/datafolklabs/ruby-parseconfig/commits)

Updates `http` from 5.1.1 to 5.3.1
- [Changelog](https://github.com/httprb/http/blob/main/CHANGELOG.md)
- [Commits](httprb/http@v5.1.1...v5.3.1)

Updates `opentelemetry-exporter-otlp` from 0.30.0 to 0.31.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp/v0.30.0...opentelemetry-exporter-otlp/v0.31.1)

Updates `opentelemetry-exporter-otlp-logs` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp-logs/v0.2.0...opentelemetry-exporter-otlp-logs/v0.2.2)

Updates `opentelemetry-exporter-otlp-metrics` from 0.4.0 to 0.6.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp-metrics/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp-metrics/v0.4.0...opentelemetry-exporter-otlp-metrics/v0.6.1)

Updates `opentelemetry-instrumentation-excon` from 0.23.0 to 0.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/excon/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-excon/v0.23.0...opentelemetry-instrumentation-excon/v0.27.0)

Updates `opentelemetry-instrumentation-faraday` from 0.26.0 to 0.31.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/faraday/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-faraday/v0.26.0...opentelemetry-instrumentation-faraday/v0.31.0)

Updates `opentelemetry-instrumentation-http` from 0.24.0 to 0.28.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/http/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-http/v0.24.0...opentelemetry-instrumentation-http/v0.28.0)

Updates `opentelemetry-instrumentation-net_http` from 0.23.0 to 0.27.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/net_http/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-net_http/v0.23.0...opentelemetry-instrumentation-net_http/v0.27.0)

Updates `opentelemetry-logs-sdk` from 0.2.0 to 0.4.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/logs_sdk/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-logs-sdk/v0.2.0...opentelemetry-logs-sdk/v0.4.0)

Updates `opentelemetry-metrics-sdk` from 0.6.0 to 0.11.2
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/metrics_sdk/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-metrics-sdk/v0.6.0...opentelemetry-metrics-sdk/v0.11.2)

Updates `opentelemetry-sdk` from 1.8.0 to 1.10.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/sdk/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-sdk/v1.8.0...opentelemetry-sdk/v1.10.0)

---
updated-dependencies:
- dependency-name: zeitwerk
  dependency-version: 2.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: parallel
  dependency-version: 1.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: aws-sdk-codecommit
  dependency-version: 1.96.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: aws-sdk-ecr
  dependency-version: 1.119.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: commonmarker
  dependency-version: 2.6.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: excon
  dependency-version: 1.3.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: faraday
  dependency-version: 2.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: faraday-retry
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: json
  dependency-version: 2.11.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: nokogiri
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-api
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-metrics-api
  dependency-version: 0.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: ostruct
  dependency-version: 0.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: parser
  dependency-version: 3.3.10.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: psych
  dependency-version: 5.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: sorbet-runtime
  dependency-version: 0.6.12903
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: stackprof
  dependency-version: 0.2.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: toml-rb
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: parseconfig
  dependency-version: 1.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: http
  dependency-version: 5.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-exporter-otlp
  dependency-version: 0.31.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-exporter-otlp-logs
  dependency-version: 0.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-exporter-otlp-metrics
  dependency-version: 0.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-instrumentation-excon
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-instrumentation-faraday
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-instrumentation-http
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-instrumentation-net_http
  dependency-version: 0.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-logs-sdk
  dependency-version: 0.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-metrics-sdk
  dependency-version: 0.11.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: opentelemetry-sdk
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1.

---
updated-dependencies:
- dependency-name: "@isaacs/brace-expansion"
  dependency-version: 5.0.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 3, 2026
@coderabbitai

coderabbitai Bot commented Feb 3, 2026

Copy link
Copy Markdown

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code L: javascript

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant