Skip to content

Bump bcryptjs from 2.4.3 to 3.0.3 in /packages/databricks-vscode#1937

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/packages/databricks-vscode/bcryptjs-3.0.3
Open

Bump bcryptjs from 2.4.3 to 3.0.3 in /packages/databricks-vscode#1937
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/packages/databricks-vscode/bcryptjs-3.0.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Bumps bcryptjs from 2.4.3 to 3.0.3.

Release notes

Sourced from bcryptjs's releases.

v3.0.3

Bug fixes

  • Always yield to event loop before nextTick for async versions (#164) (1211e9a2213e0b3ee232a204b3ce899beebce31a)

v3.0.2

Bug fixes

  • Use upstream fix to emit interop helpers (28e510389374f5736c447395443d4a6687325048)

v3.0.1

Bug fixes

  • Separate ESM and UMD type definitions (e7055caf0c723cbcf8bc3f0784b8c30ee332380f)

v3.0.0

Breaking changes

  • Modernize project structure (2f45985738604c743c4b8cc8464e3e7d3e04c73d) The project now exports an ECMAScript module by default, albeit with an UMD fallback, ships with types, the dist/ directory no longer exists in version control, and Closure Compiler externs have been removed.
  • Generate 2b hashes by default (d36bfb42fa642b6d6986a84ce106a7110e5824db) This library was not affected by the bug that led to incrementing the bcrypt version from 2a to 2b, but nowadays most implementations use 2b, including the native bcrypt binding, so this change aligns with them. Existing hashes will continue to work, but test logic that generates hashes and compares them literally might need to be updated to account for the new default.

Features

  • Add helper to check for password input length (d5656b39e2e368c87724a312e4e454456a4e5d1b)

Other

  • Update publish workflow (2a9bea9e276e6be04dbd403f9695937788b3b10a)
  • Add note on using the ESM variant in the browser (e09eb9afb14170069aaea19631b763307ee7b480)
  • Update types (58333a1533dd53838e2697628f84b98d54a5c079)
  • Merge lint and test workflows (2e3b17659e8856696acfe3015631ce2989eb3084)
  • Fix tests (ec02e8a0ada7a8f6c71a91df164db8c25bbbb7b4)
  • Update legacy fallback to handle crypto dependency (9db275fa10b1b40da4a6844480d7f8ae8df27fb8)
  • Update lint workflow title (ac70ac57c2f99ad5639eddf54578e5fdd07b9c4c)
  • Adapt crypto module usage for ESM environments (574d690d4972bcebbd5ca07880a62abab9ae3c0b)
  • Format with prettier (e7465479282d8155852ce88d6407eccb14adc106)
  • Rename default branch to 'main' (548559d032d7dd5ac3e4e16d7afd87b36ebe96ca)
  • Update description to mention TypeScript support (4977df0849eaf8cad5b0d0b543fe452432a2d761)
  • Add stale action for issues and PRs (a84d4e45487df0972d8781feafa477d5db4c1dbd)
  • Fix typo (c8c9c01799bbc13092fcbb20cfab4d9015d14c61)
  • Fix Node.js version in CI (1b54cc48d4120b50e1d9058e5a67f326102fd744)

Backlog from v2

  • Added externs to .npmignore (#124) (7e2e93af99df2952253f9cf32db29aefa8f272f7) The npm package does not need externs as it is needed only for closure compiler. Added it in .npmignore since bcryptjs overrides global module and process in WebStorm IDE.
  • Make sure the bin script uses LF (684fac6814a81d974c805a15e22fd69922c7ca6e)
  • Post-merge; Clean up a bit (b09f7f266a7015456b7b36deeb026dc636f64542)

... (truncated)

Commits
  • 1211e9a fix: Always yield to event loop before nextTick for async versions (#164)
  • 28e5103 fix: Use upstream fix to emit interop helpers
  • e7055ca fix: Separate ESM and UMD type definitions
  • 2a9bea9 Update publish workflow
  • d5656b3 Add helper to check for password input length
  • e09eb9a Add note on using the ESM variant in the browser
  • 58333a1 Update types
  • 2e3b176 Merge lint and test workflows
  • ec02e8a Fix tests
  • 9db275f Update legacy fallback to handle crypto dependency
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 30, 2026
@dependabot dependabot Bot temporarily deployed to test-trigger-is June 30, 2026 17:23 Inactive
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/packages/databricks-vscode/bcryptjs-3.0.3 branch from 5632bd5 to c37c65a Compare July 2, 2026 08:50
@dependabot dependabot Bot temporarily deployed to test-trigger-is July 2, 2026 08:50 Inactive
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/packages/databricks-vscode/bcryptjs-3.0.3 branch from c37c65a to 75ee4c3 Compare July 2, 2026 11:32
@dependabot dependabot Bot temporarily deployed to test-trigger-is July 2, 2026 11:32 Inactive
Bumps [bcryptjs](https://github.com/dcodeIO/bcrypt.js) from 2.4.3 to 3.0.3.
- [Release notes](https://github.com/dcodeIO/bcrypt.js/releases)
- [Commits](dcodeIO/bcrypt.js@2.4.3...v3.0.3)

---
updated-dependencies:
- dependency-name: bcryptjs
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/packages/databricks-vscode/bcryptjs-3.0.3 branch from 75ee4c3 to 068d02a Compare July 2, 2026 12:50
@dependabot dependabot Bot temporarily deployed to test-trigger-is July 2, 2026 12:50 Inactive
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

If integration tests don't run automatically, an authorized user can run them manually by following the instructions below:

Trigger:
go/deco-tests-run/vscode

Inputs:

  • PR number: 1937
  • Commit SHA: 068d02a358c2b5c19fffa09fdc604ae8bee10335

Checks will be approved automatically on success.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants