chore(deps): update all devdependencies (major)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
@actions/github-script	devDependencies	major	v8.0.0 → v9.0.0
@graphql-codegen/cli (source)	devDependencies	major	^5.0.6 → ^7.0.0
@graphql-codegen/plugin-helpers (source)	devDependencies	major	^6.0.0 → ^7.0.0
@graphql-codegen/typescript (source)	devDependencies	major	^5.0.0 → ^6.0.0
@graphql-codegen/visitor-plugin-common (source)	devDependencies	major	^6.0.0 → ^7.0.0
@size-limit/esbuild-why	devDependencies	major	11.1.4 → 12.1.0
@size-limit/preset-small-lib	devDependencies	major	11.1.4 → 12.1.0
@​types/fetch-mock	devDependencies	major	7.3.8 → 9.2.2
@types/jscodeshift (source)	devDependencies	major	0.12.0 → 17.3.0
@types/node (source)	devDependencies	major	20.9.0 → 25.9.1
@types/node (source)	devDependencies	major	^22.10.7 → ^25.0.0
@types/relay-runtime (source)	devDependencies	major	14.1.24 → 20.1.1
@types/use-sync-external-store (source)	devDependencies	major	0.0.6 → 1.5.0
diff	devDependencies	major	^8.0.2 → ^9.0.0
eslint (source)	devDependencies	major	9.31.0 → 10.4.0
eslint-import-resolver-typescript	devDependencies	major	3.7.0 → 4.4.4
expect (source)	devDependencies	major	29.7.0 → 30.4.1
fetch-mock (source)	devDependencies	major	9.11.0 → 12.6.0
globals	devDependencies	major	15.14.0 → 17.6.0
jest-junit	devDependencies	major	16.0.0 → 17.0.0
jscodeshift	devDependencies	major	0.16.1 → 17.3.0
jsdom	devDependencies	major	26.1.0 → 29.1.1
knip (source)	devDependencies	major	^5.42.2 → ^6.0.0
react-error-boundary (source)	devDependencies	major	4.0.13 → 6.1.2
rimraf	devDependencies	major	5.0.9 → 6.1.3
size-limit	devDependencies	major	11.1.4 → 12.1.0
typescript (source)	devDependencies	major	^5.2.2 → ^6.0.0
typescript (source)	devDependencies	major	5.7.3 → 6.0.3
typescript (source)	devDependencies	major	^5.8.3 → ^6.0.0
vitest (source)	devDependencies	major	^1.0.1 → ^4.0.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

🔡 If you wish to disable git hash updates, add ":disableDigestUpdates" to the extends array in your config.

---

Release Notes

actions/github-script (@​actions/github-script)

v9.0.0

Compare Source

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@​actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@​actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@​actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in #​695
• ci: use deployment: false for integration test environments by @​salmanmkc in #​712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in #​700

New Contributors

• @​Copilot made their first contribution in #​695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

v8.0.0

Compare Source

v7.1.0

Compare Source

What's Changed

• Upgrade husky to v9 by @​benelan in #​482
• Add workflow file for publishing releases to immutable action package by @​Jcambass in #​485
• Upgrade IA Publish by @​Jcambass in #​486
• Fix workflow status badges by @​joshmgross in #​497
• Update usage of actions/upload-artifact by @​joshmgross in #​512
• Clear up package name confusion by @​joshmgross in #​514
• Update dependencies with npm audit fix by @​joshmgross in #​515
• Specify that the used script is JavaScript by @​timotk in #​478
• chore: Add Dependabot for NPM and Actions by @​nschonni in #​472
• Define permissions in workflows and update actions by @​joshmgross in #​531
• chore: Add Dependabot for .github/actions/install-dependencies by @​nschonni in #​532
• chore: Remove .vscode settings by @​nschonni in #​533
• ci: Use github/setup-licensed by @​nschonni in #​473
• make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by @​iamstarkov in #​508
• Remove octokit README updates for v7 by @​joshmgross in #​557
• docs: add "exec" usage examples by @​neilime in #​546
• Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by @​dependabot[bot] in #​563
• Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by @​dependabot[bot] in #​575
• Clearly document passing inputs to the script by @​joshmgross in #​603
• Update README.md by @​nebuk89 in #​610

New Contributors

• @​benelan made their first contribution in #​482
• @​Jcambass made their first contribution in #​485
• @​timotk made their first contribution in #​478
• @​iamstarkov made their first contribution in #​508
• @​neilime made their first contribution in #​546
• @​nebuk89 made their first contribution in #​610

Full Changelog: actions/github-script@v7...v7.1.0

dotansimha/graphql-code-generator (@​graphql-codegen/cli)

v7.0.0

Compare Source

Major Changes

• #​10496
  afaace6
  Thanks @​eddeee888! - BREAKING CHANGE: Update deps to latest, some
  only support ESM

  Node 20 support is dropped in this release. Node 22 comes with require() support for ESM, which
  means it's easier to integrate ES modules into applications. Therefore, it is safe to start using
  ESM-only packages.

  If you are a user, please upgrade to Node 22. If you are a lib maintainer and see ESM vs CJS
  issues when running Jest tests, try using Vitest.

• #​10496
  afaace6
  Thanks @​eddeee888! - BREAKING CHANGE: Drop Node 20 support

• #​10496
  afaace6
  Thanks @​eddeee888! - BREAKING CHANGE: Set noSilentErrors: true
  by default

  When multiple files match documents pattern, and there are syntax errors in some but not others,
  then the operations with errors are not included in the loaded documents list by default
  (noSilentErrors: false). This is annoying for users as there is no feedback loop during
  development.

  noSilentErrors: true is used as the default for Codegen users to make the feedback loop faster.
  It can still overriden in Codegen Config if desired.

Patch Changes

• #​10496
  afaace6
  Thanks @​eddeee888! - dependencies updates:

  • Updated dependency
    @inquirer/prompts@^8.3.2 ↗︎ (from
    ^7.8.2, in dependencies)
  • Updated dependency chalk@^5.6.0 ↗︎ (from
    ^4.1.0, in dependencies)
  • Updated dependency debounce@^3.0.0 ↗︎ (from
    ^2.0.0, in dependencies)
  • Updated dependency
    detect-indent@^7.0.0 ↗︎ (from ^6.0.0,
    in dependencies)
  • Updated dependency listr2@​^10.2.1 ↗︎ (from
    ^9.0.0, in dependencies)
  • Updated dependency log-symbols@^7.0.0 ↗︎
    (from ^4.0.0, in dependencies)
  • Updated dependency ts-log@^3.0.0 ↗︎ (from
    ^2.2.3, in dependencies)
  • Updated dependency yargs@^18.0.0 ↗︎ (from
    ^17.0.0, in dependencies)

• #​10496
  afaace6
  Thanks @​eddeee888! - dependencies updates:

  • Updated dependency chalk@^5.6.0 ↗︎ (from
    ^4.1.0, in dependencies)
  • Updated dependency debounce@^3.0.0 ↗︎ (from
    ^2.0.0, in dependencies)
  • Updated dependency
    detect-indent@^7.0.0 ↗︎ (from ^6.0.0,
    in dependencies)
  • Updated dependency listr2@​^10.2.1 ↗︎ (from
    ^9.0.0, in dependencies)
  • Updated dependency log-symbols@^7.0.0 ↗︎
    (from ^4.0.0, in dependencies)
  • Updated dependency ts-log@^3.0.0 ↗︎ (from
    ^2.2.3, in dependencies)
  • Updated dependency yargs@^18.0.0 ↗︎ (from
    ^17.0.0, in dependencies)

• #​10496
  afaace6
  Thanks @​eddeee888! - dependencies updates:

  • Updated dependency
    @inquirer/prompts@^8.3.2 ↗︎ (from
    ^7.8.2, in dependencies)

• #​10496
  afaace6
  Thanks @​eddeee888! - Use ESM for CLI instead of CJS;

  For backwards compatibility; graphql-codegen-esm is reserved, and also graphql-codegen-cjs is
  added for users who want to use CJS.

  So the commands are;

  • graphql-codegen - ESM version, default
  • graphql-codegen-esm - ESM version, same as above, but reserved for backwards compatibility
  • graphql-codegen-cjs - CJS version, for users who want to use CJS, but not recommended for new
    users. Will be removed in the future.
  • gql-gen - ESM version, same as graphql-codegen
  • graphql-code-generator - ESM version, same as graphql-codegen and gql-gen

• Updated dependencies
  [afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6,
  afaace6]:

  • @​graphql-codegen/client-preset@​6.0.0
  • @​graphql-codegen/plugin-helpers@​7.0.0
  • @​graphql-codegen/core@​6.0.0

v6.3.1

Compare Source

Patch Changes

• #​10737
  be85118
  Thanks @​eddeee888! - Fix issue where same SDL in different
  documents are ignored when handling documents vs externalDocuments

v6.3.0

Compare Source

Minor Changes

• #​10659
  e65d303
  Thanks @​ikusakov2! - Add support for externalDocuments

  externalDocuments declares GraphQL documents that will be read but will not have type files
  generated for them. These documents are available to plugins for type resolution (e.g. fragment
  types), but no output files will be generated based on them. Accepts the same formats as
  documents.

  This config option is useful for monorepos where each project may want to generate types for its
  own documents, but some may need to read shared fragments from across projects.

Patch Changes

• Updated dependencies
  [9a66574,
  9a66574,
  9a66574,
  e65d303]:
  • @​graphql-codegen/client-preset@​5.3.0
  • @​graphql-codegen/core@​5.0.2
  • @​graphql-codegen/plugin-helpers@​6.3.0

v6.2.1

Compare Source

Patch Changes

• #​10618 e804925 Thanks @​PalmerTurley34! - Honor per-output preset importExtension and emitLegacyCommonJSImports config instead of always using the root config values.

v6.2.0

Compare Source

Minor Changes

• #​10617 8c4db2a Thanks @​ikusakov2! - Allow GraphQLSchema to be passed directly to generate({schema: ...}) function

Patch Changes

• Updated dependencies [8c4db2a]:
  • @​graphql-codegen/plugin-helpers@​6.2.0

v6.1.3

Compare Source

Patch Changes

• #​10619 cdf5dc5 Thanks @​ardatan! - dependencies updates:
  • Updated dependency @graphql-tools/apollo-engine-loader@^8.0.28 ↗︎ (from ^8.0.0, in dependencies)
  • Updated dependency @graphql-tools/code-file-loader@^8.1.28 ↗︎ (from ^8.0.0, in dependencies)
  • Updated dependency @graphql-tools/git-loader@^8.0.32 ↗︎ (from ^8.0.0, in dependencies)
  • Updated dependency @graphql-tools/github-loader@^9.0.6 ↗︎ (from ^9.0.0, in dependencies)
  • Updated dependency @graphql-tools/graphql-file-loader@^8.1.11 ↗︎ (from ^8.0.0, in dependencies)
  • Updated dependency @graphql-tools/json-file-loader@^8.0.26 ↗︎ (from ^8.0.0, in dependencies)
  • Updated dependency @graphql-tools/load@^8.1.8 ↗︎ (from ^8.1.0, in dependencies)
  • Updated dependency @graphql-tools/url-loader@^9.0.6 ↗︎ (from ^9.0.0, in dependencies)
  • Updated dependency @graphql-tools/utils@^11.0.0 ↗︎ (from ^10.0.0, in dependencies)
  • Updated dependency graphql-config@^5.1.6 ↗︎ (from ^5.1.1, in dependencies)
• Updated dependencies [cdf5dc5, cdf5dc5, cdf5dc5]:
  • @​graphql-codegen/client-preset@​5.2.4
  • @​graphql-codegen/core@​5.0.1
  • @​graphql-codegen/plugin-helpers@​6.1.1

v6.1.2

Compare Source

Patch Changes

• #​10590 e173e11 Thanks @​ya2s! - Fix GraphQL Config loading to forward nested extensions.codegen.config options
  when loading schemas/documents, matching codegen.ts behavior.

v6.1.1

Compare Source

Patch Changes

• #​10569 8cb7d43 Thanks @​etr2460! - fix(graphql-codegen-cli): Don't hang when 0 CPUs are found

  Fixes generation when 0 CPUs are returned by os.cpus(), which occurs in sandbox environments.

v6.1.0

Compare Source

Minor Changes

• #​10510 9e70bcb Thanks @​nickmessing! - add importExtension configuration option

Patch Changes

• Updated dependencies [9e70bcb]:
  • @​graphql-codegen/plugin-helpers@​6.1.0
  • @​graphql-codegen/client-preset@​5.2.0

v6.0.2

Compare Source

Patch Changes

• #​10430 aad7f03 Thanks @​renovate! - dependencies updates:
  • Updated dependency @graphql-tools/github-loader@^9.0.0 ↗︎ (from ^8.0.0, in dependencies)
  • Updated dependency @graphql-tools/url-loader@^9.0.0 ↗︎ (from ^8.0.0, in dependencies)
• Updated dependencies []:
  • @​graphql-codegen/client-preset@​5.1.2

v6.0.1

Compare Source

Patch Changes

• #​10468 cb1b9d9 Thanks @​eddeee888! - In watch mode, do not write output on failure

  Previously, on partial or full failure, watch mode still write to output. However, since the output'd be an empty array, it will then call removeStaleFiles internally to remove all previously generated files.

  This patch puts a temporary fix to avoid writing output on any failure to fix the described behaviour.

  This also means the config.allowPartialOutputs does not work in watch mode for now.

v6.0.0

Compare Source

Major Changes

• #​10218 140298a Thanks @​eddeee888! - Drop @​graphql-tools/prisma-loader

• #​10218 140298a Thanks @​eddeee888! - Add allowPartialOutputs flag to partially write successful generation to files

• #​10218 140298a Thanks @​eddeee888! - Migrate inquirer to @​inquirer/prompts

• #​10218 140298a Thanks @​eddeee888! - Bump dependencies major versions:

  • cosmiconfig v9
  • debounce v2
  • jiti v2.3

• #​10218 140298a Thanks @​eddeee888! - Bump listr2 to v9

• #​10218 140298a Thanks @​eddeee888! - Drop Node 18 support

Patch Changes

• Updated dependencies [140298a, 140298a, 140298a, 140298a, 140298a, 140298a, 140298a, 140298a, 140298a, 140298a, 140298a]:
  • @​graphql-codegen/plugin-helpers@​6.0.0
  • @​graphql-codegen/client-preset@​5.0.0
  • @​graphql-codegen/core@​5.0.0

v5.0.7

Compare Source

Patch Changes

• #​10150 e324382 Thanks @​ArminWiebigke! - Allow functions to be passed as valid values for UrlSchemaOptions.customFetch. This was already possible, but the type definitions did not reflect that correctly.

• #​10358 157c823 Thanks @​eddeee888! - Remove extraneous error stacktrace if fails to load @parcel/watcher

• Updated dependencies [e324382, 98392fc]:

  • @​graphql-codegen/plugin-helpers@​5.1.1
  • @​graphql-codegen/client-preset@​4.8.2

dotansimha/graphql-code-generator (@​graphql-codegen/plugin-helpers)

v7.0.1

Compare Source

Patch Changes

• #​10797
  6ed420a
  Thanks @​eddeee888! - Fix FederationTypes not having typesPrefix
  and typesSuffix applied

v7.0.0

Compare Source

Major Changes

• #​10496
  afaace6
  Thanks @​eddeee888! - BREAKING CHANGE: Update deps to latest, some
  only support ESM

  Node 20 support is dropped in this release. Node 22 comes with require() support for ESM, which
  means it's easier to integrate ES modules into applications. Therefore, it is safe to start using
  ESM-only packages.

  If you are a user, please upgrade to Node 22. If you are a lib maintainer and see ESM vs CJS
  issues when running Jest tests, try using Vitest.

• [#​10496](https://redirect.github.com/dotansimha/graphql-code-generator/

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (in timezone America/Los_Angeles)

• Branch creation
  • "every weekend"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm. See `npm help npmrc` for supported config options.
npm error code EOVERRIDE
npm error Override for jsdom@29.1.1 conflicts with direct dependency
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-05-25T06_00_44_593Z-debug-0.log

[changeset-bot]

⚠️ No Changeset found

Latest commit: e012859

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[apollo-librarian]

✅ AI Style Review — No Changes Detected

No MDX files were changed in this pull request.

Review Log: View detailed log

This review is AI-generated. Please use common sense when accepting these suggestions, as they may not always be accurate or appropriate for your specific context.