Skip to content

chore(deps): Bump @types/node from 25.9.3 to 26.0.0#546

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/types/node-26.0.0
Open

chore(deps): Bump @types/node from 25.9.3 to 26.0.0#546
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/types/node-26.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps @types/node from 25.9.3 to 26.0.0.

Commits

@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 22, 2026
@nullvariant-mimi

nullvariant-mimi Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

🐰 Mimi's Validation Report 🚨

...ears twitching... something failed validation!

🔴 VALIDATION FAILED: 2 check(s) did not pass.

Failed: build (ubuntu-latest), build (macos-latest)

Please fix the issues and push again. I believe in you!


バリデーターを通してくださいね

This report was carefully prepared by nullvariant-mimi[bot]

@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updated@​types/​node@​25.9.3 ⏵ 26.0.01001008196100

View full report

@nullvariant-blaze

nullvariant-blaze Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

🐗 Blaze's Release Review 📦

No version bump. Just dependency changes... boring. Wake me up when it's deploy time! 😤


よっしゃ!デプロイしまくるぞ!

This review was ENTHUSIASTICALLY filed by nullvariant-blaze[bot]

@github-actions

Copy link
Copy Markdown
Contributor

VEX Assessment: not_affected

This dependency update modifies devDependencies only.

  • Status: not_affected
  • Justification: vulnerable_code_not_in_execute_path
  • Impact: Zero production dependencies. No third-party code is included in the published VSIX.

Any CVEs in updated devDependencies do not affect end users. The VEX document will be automatically updated by the weekly VEX Auto-Update workflow.

🤖 Automated VEX assessment

@nullvariant-luna

nullvariant-luna Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

👧 Luna's Exploration Report 📦

No new dependencies added. Just version bumps! Nothing to explore here... 😴


Botに418返そうよ!

This report was curiously compiled by nullvariant-luna[bot]

@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@types/node ^26.0.0 UnknownUnknown
npm/@types/node 26.0.0 🟢 6.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 25/28 approved changesets -- score normalized to 8
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
npm/undici-types 8.3.0 🟢 7.9
Details
CheckScoreReason
Code-Review🟢 7Found 20/26 approved changesets -- score normalized to 7
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Binary-Artifacts🟢 8binaries present in source code
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
Signed-Releases⚠️ -1no releases found
License🟢 10license file detected
Fuzzing🟢 10project is fuzzed
SAST🟢 9SAST tool detected but not run on all commits
Vulnerabilities🟢 73 existing vulnerabilities detected
Packaging🟢 10packaging workflow detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
CI-Tests🟢 1025 out of 25 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 76 contributing companies or organizations

Scanned Files

  • extensions/git-id-switcher/package.json
  • package-lock.json

@nullvariant-ciel

nullvariant-ciel Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

🕊️ Ciel's Mediation 🌤️

*~~ floating down from the clouds ~~ The zoo seems a bit noisy today...*

3 zoo members have reviewed this PR.

Zoo Member Status
🐰 Mimi Commented
👧 Luna Commented
🐗 Blaze Commented

⚖️ The zoo has mixed opinions. Some are concerned, some are fine with it. Please review each comment carefully and make the final call.


まあまあ、ほどほどに。

This mediation was peacefully delivered by nullvariant-ciel[bot]

@nullvariant-ciel

Copy link
Copy Markdown
Contributor

🕊️ Ciel's Mediation ☀️

*~~ gliding on a gentle breeze ~~ How serene!*

3 zoo members have reviewed this PR.

Zoo Member Status
🐰 Mimi Commented
👧 Luna Commented
🐗 Blaze Commented

☀️ The zoo is in harmony. Everything looks peaceful from up here.


まあまあ、ほどほどに。

This mediation was peacefully delivered by nullvariant-ciel[bot]

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.9.3 to 26.0.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 26.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/types/node-26.0.0 branch from fbdb485 to 232a100 Compare June 22, 2026 13:22
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant