Bump the npm_and_yarn group across 1 directory with 11 updates#224
Merged
simongdavies merged 1 commit intoJul 3, 2026
Conversation
Bumps the npm_and_yarn group with 7 updates in the /src/js-host-api/examples/mcp-server directory: | Package | From | To | | --- | --- | --- | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.0` | | [@hono/node-server](https://github.com/honojs/node-server) | `1.19.9` | `1.19.14` | | [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.2.1` | `8.5.2` | | [fast-uri](https://github.com/fastify/fast-uri) | `3.1.0` | `3.1.3` | | [hono](https://github.com/honojs/hono) | `4.12.2` | `4.12.27` | | [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.3.0` | `8.4.2` | | [qs](https://github.com/ljharb/qs) | `6.14.2` | `6.15.3` | Updates `vitest` from 4.0.18 to 4.1.0 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest) Updates `@hono/node-server` from 1.19.9 to 1.19.14 - [Release notes](https://github.com/honojs/node-server/releases) - [Commits](honojs/node-server@v1.19.9...v1.19.14) Updates `express-rate-limit` from 8.2.1 to 8.5.2 - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](express-rate-limit/express-rate-limit@v8.2.1...v8.5.2) Updates `fast-uri` from 3.1.0 to 3.1.3 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.3) Updates `hono` from 4.12.2 to 4.12.27 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.2...v4.12.27) Updates `ip-address` from 10.0.1 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.0.1...v10.2.0) Updates `path-to-regexp` from 8.3.0 to 8.4.2 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v8.3.0...v8.4.2) Updates `picomatch` from 4.0.3 to 4.0.5 - [Release notes](https://github.com/micromatch/picomatch/releases) - [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md) - [Commits](micromatch/picomatch@4.0.3...4.0.5) Updates `postcss` from 8.5.6 to 8.5.16 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.6...8.5.16) Updates `qs` from 6.14.2 to 6.15.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.2...v6.15.3) Updates `vite` from 7.3.1 to 8.1.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite) --- updated-dependencies: - dependency-name: vitest dependency-version: 4.1.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@hono/node-server" dependency-version: 1.19.14 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express-rate-limit dependency-version: 8.5.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fast-uri dependency-version: 3.1.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: hono dependency-version: 4.12.27 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 8.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: picomatch dependency-version: 4.0.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.5.16 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.15.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 8.1.3 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
simongdavies
approved these changes
Jul 3, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 7 updates in the /src/js-host-api/examples/mcp-server directory:
4.0.184.1.01.19.91.19.148.2.18.5.23.1.03.1.34.12.24.12.278.3.08.4.26.14.26.15.3Updates
vitestfrom 4.0.18 to 4.1.0Release notes
Sourced from vitest's releases.
... (truncated)
Commits
4150b91chore: release v4.1.01de0aa2fix: correctly identify concurrent test during static analysis (#9846)c3cac1cfix: use isAgent check, not just TTY, for watch mode (#9841)eab68bachore(deps): update all non-major dependencies (#9824)031f02afix: allow catch/finally for async assertion (#9827)3e9e096feat(reporters): addagentreporter to reduce ai agent token usage (#9779)0c2c013chore: release v4.1.0-beta.68181e06fix:hideSkippedTestsshould not hidetest.todo(fix #9562) (#9781)a8216b0fix: manual and redirect mock shouldn'tloadortransformoriginal module...689a22afix(browser): types ofgetCDPSessionandcdp()(#9716)Updates
@hono/node-serverfrom 1.19.9 to 1.19.14Release notes
Sourced from @hono/node-server's releases.
Commits
b5e63a31.19.14c02d777fix: add custom inspect to lightweight Request/Response to prevent TypeError ...fd64e651.19.13025c30fMerge commit from fork6cdb5a71.19.1270250f7fix: request draining for early 413 responses (#329)cfc08b3chore: ignore claude setting (#314)ecd4d6b1.19.11c944899fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...2f8ca361.19.10Updates
express-rate-limitfrom 8.2.1 to 8.5.2Release notes
Sourced from express-rate-limit's releases.
Commits
97746938.5.20e94cc0v8.5.2 changelog9a583c5feat: simplify IPv6 key generation (#633)4f4b3fbchore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)3c1d6c5chore(deps-dev): bump the development-dependencies group with 7 updates (#631)18884b6chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)dacc980chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)486d0c6chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)50cc3f68.5.192c8e3echore: bump ip-address library to latest (#626)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for express-rate-limit since your current version.
Updates
fast-urifrom 3.1.0 to 3.1.3Release notes
Sourced from fast-uri's releases.
Commits
0549fe3Bumped v3.1.32a6d357Merge commit from fork919dd8eBumped v3.1.2c65ba57fixup: linting6c86c17Merge commit from forka95158aHandle malformed fragment decoding without throwing (#171)cea547cBumped v3.1.1876ce79Merge commit from forkdcdf690ci: add lock-threads workflow (#169)c860e65build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (#167)Updates
honofrom 4.12.2 to 4.12.27Release notes
Sourced from hono's releases.
... (truncated)
Commits
97c6fe14.12.27aa92177Merge commit from forkcd3f6f7Merge commit from forkd4853a8fix(jsx): make merged context-isolation tests pass tsc type check (#5037)6735feafix(jsx): cast awaitedFallback through unknown to fix Deno type check (#5036)fab3b13Merge commit from fork9f0dadfci: use npm Staged publishing (#5035)27b79924.12.26d29982cchore: replace arg and glob with Bun native APIs in build script16215d5chore: remove unused devcontainer and gitpod configs (#5029)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for hono since your current version.
Updates
ip-addressfrom 10.0.1 to 10.2.0Commits
80fccaa10.2.0abaeb4dType Address4.addressMinusSuffix as non-nilable (closes #143)2878c29Preserve subnet prefix through Address6.to4() (closes #123) (#203)586666eReject trailing junk in Address6.fromURL (closes #158) (#202)80bc76eValidate static factories instead of silently overflowing (#201)98927beClarify isValid() accepts CIDRs with host bits set (#81)a0eb073Fix getScope() and broaden getType() classification (closes #122) (#200)ec52105Add networkForm() for CIDR network-address strings (#199)a9443a7Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)f01d742Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...Updates
path-to-regexpfrom 8.3.0 to 8.4.2Release notes
Sourced from path-to-regexp's releases.
Commits
cbf30258.4.2937c02dMinimize array allocations (#437)57247e6Improve compile performance (#436)5844988Remove internal tokenization during parse (#435)9a78879Error on trailing backslash (#434)7f058768.4.16bc8e84Remove trie deduplication (#431)5bcd30bAllow backtrack handling to match itself (#427)9f9c6c5Add parsing to benchmarks (#418)9fd31e0Addtrailing: falsetests (#428)Updates
picomatchfrom 4.0.3 to 4.0.5Release notes
Sourced from picomatch's releases.
Commits
4f41a8e4.0.502cfc1bUpdate .verb.md and run verb to generate README documentationcc52ff6Only run the upload code coverage step for 1 matrix permutation6d426d7Allow workflow to continue if the code coverage step to failsa00b954Merge branch 'codeql-coverage'9680381Merge pull request #183 from MerlijnW70/fix/matchbase-windows-basename648b4f2Merge pull request #182 from MerlijnW70/fix/repeated-extglob-drops-branches70e6485Configure code coverage upload for CodeQLab8bc4dfix: honor the windows option when matching basenames6289307fix: preserve all branches when rewriting risky repeated extglobsUpdates
postcssfrom 8.5.6 to 8.5.16Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
92ccc93Release 8.5.16 version818bdd6Update formatting46e4510FixInput#origin()returning incorrect position (#2036)34942ceFix testsd4feed6Don't clone root-less child nodes in container constructor (#2097)da323fcRevert version update to fix old Node.js on CI8863369Update dependencies3828982Preserve node raws when rehydrating a JSON AST (#2100)d1e80b8Fix Node#rangeBy() ignoring index 0 (#2091)b91e4a6Fix Node.js 26 testsMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for postcss since your current version.
Updates
qsfrom 6.14.2 to 6.15.3Changelog
Sourced from qs's changelog.