chore(deps): update dependency cypress-vite to v1.10.2 - autoclosed#1323
Closed
renovate[bot] wants to merge 1 commit into
Closed
chore(deps): update dependency cypress-vite to v1.10.2 - autoclosed#1323renovate[bot] wants to merge 1 commit into
renovate[bot] wants to merge 1 commit into
Conversation
🧪 Test Summary
📎 ArtifactsVideos and screenshots from failed E2E tests: |
a6bcdc4 to
271dcac
Compare
🧪 Test Summary
📎 ArtifactsVideos and screenshots from failed E2E tests: |
yahyafakhroji
added a commit
that referenced
this pull request
Jul 10, 2026
Consolidates the open Renovate PRs into a single branch. graphql v17 (#1316) is intentionally excluded — @0no-co/graphql.web (urql) and graphql-ws only peer-support graphql ^16, so v17 is held until they add ^17. Runtime / tooling: - node.js 24.16.0 -> 24.18.0 (.nvmrc, .tool-versions) (#1325) - cypress-vite 1.10.0 -> 1.10.2 (dev) (#1323) CI actions (SHA-pinned): - actions/checkout v6 -> v7.0.0 (#1326, supersedes digest PR #1295) - actions/setup-node v4 -> v6.4.0 (#1327) - actions/download-artifact v4 -> v8.0.1 (#1328) - datum-cloud/actions v1.14.0 -> v1.20.0 (#1324) Local observability (docker-compose): - prom/prometheus v3.11.3 -> v3.13.0 (#1277) - grafana/grafana 13.0.1 -> 13.1.0 (#1285)
yahyafakhroji
added a commit
that referenced
this pull request
Jul 10, 2026
Consolidates the open Renovate dependency PRs into a single branch, each verified against the actual latest version and checked for compatibility, plus a Snyk-flagged security fix. Also includes the E2E selector fix merged via #1339 (required for the suite to pass against the unified-org model). ## Included updates | Update | Change | Renovate PR | |---|---|---| | node.js | 24.16.0 → **24.18.0** | #1325 | | cypress-vite (dev) | 1.10.0 → **1.10.2** | #1323 | | actions/checkout | v6 → **v7.0.0** | #1326 (supersedes #1295) | | actions/setup-node | v4 → **v6.4.0** | #1327 | | actions/download-artifact | v4 → **v8.0.1** | #1328 | | datum-cloud/actions | v1.14.0 → **v1.20.0** | #1324 | | prom/prometheus (docker-compose) | v3.11.3 → **v3.13.0** | #1277 | | grafana/grafana (docker-compose) | 13.0.1 → **13.1.0** | #1285 | All GitHub Action bumps remain SHA-pinned with a `# vX` comment. ## Security fix (Snyk) Resolves the High-severity **"Uncaught Exception"** advisory in the transitive `@opentelemetry/propagator-jaeger@2.8.0`. It's pulled in by `@opentelemetry/sdk-node` (pinned to `2.8.0`), so the fix is a **lockstep OpenTelemetry SDK bump** rather than a lone override (which would split `@opentelemetry/core` across 2.8/2.9): | Package | Change | |---|---| | @opentelemetry/auto-instrumentations-node | ^0.77.0 → **^0.78.0** | | @opentelemetry/exporter-metrics-otlp-http | ^0.219.0 → **^0.220.0** | | @opentelemetry/exporter-trace-otlp-http | ^0.219.0 → **^0.220.0** | | @opentelemetry/sdk-node | ^0.219.0 → **^0.220.0** | | @opentelemetry/sdk-trace-base | ^2.8.0 → **^2.9.0** | `propagator-jaeger` now resolves to **2.9.0** (0 instances of 2.8.0 remain). The residual `@opentelemetry/core@2.8.0` in the lockfile belongs to `@sentry/node`'s own nested OTel copy (`sdk-trace-base` only, no propagator-jaeger) — a separate isolated tree Sentry pins internally, unrelated to this advisory. ## Intentionally held back - **`graphql` v16 → v17 (#1316)** — the runtime GraphQL client stack does not support v17 yet: `@0no-co/graphql.web` (backs `urql`/`@urql/core`) peer-supports `^14 || ^15 || ^16`, and `graphql-ws@6.0.8` supports `^15.10.1 || ^16`. Neither declares `^17`. Holding until the urql/graphql-ws ecosystem adds v17. - **#1295** (actions/checkout v6 digest bump) is obsolete — superseded by the v7 bump in #1326. ## Verification - `bun install` → lockfile updated (`cypress-vite` + the OpenTelemetry subtree; `graphql` untouched at 16.14.1) - `bun run typecheck` → PASS - `bun run build` → PASS - `prettier --check` on changed files → clean ## Once merged These Renovate PRs can be closed: #1277, #1285, #1295, #1323, #1324, #1325, #1326, #1327, #1328.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
1.10.0→1.10.2Release Notes
mammadataei/cypress-vite (cypress-vite)
v1.10.2Compare Source
Bug Fixes
v1.10.1Compare Source
Bug Fixes
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.