build(deps-dev): bump the development-minor-and-patch group across 1 directory with 4 updates#114
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Codex review: needs maintainer review before merge. Reviewed May 28, 2026, 11:29 AM ET / 15:29 UTC. Summary Reproducibility: not applicable. this is a dependency maintenance PR, not a bug report. The relevant verification is package metadata review plus CI and dependency-review results. Review metrics: 2 noteworthy metrics.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Land the narrow Dependabot bump after CI, dependency review, and package-owner review pass, or let Dependabot refresh the branch if upstream versions move again. Do we have a high-confidence way to reproduce the issue? Not applicable: this is a dependency maintenance PR, not a bug report. The relevant verification is package metadata review plus CI and dependency-review results. Is this the best way to solve the issue? Yes: a Dependabot manifest and lockfile bump is the narrowest maintainable path for these dev-tool updates, and I found no duplicate supported path or line-level defect. AGENTS.md: found and applied where relevant. Codex review notes: model gpt-5.5, reasoning high; reviewed against 1d1284dba70e. Label changesLabel changes:
Label justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
|
ClawSweeper PR egg ✨ Hatched: 🥚 common Clockwork Patch Peep Hatch commandComment Hatchability rules:
Rarity: 🥚 common. What is this egg doing here?
|
…directory with 4 updates Bumps the development-minor-and-patch group with 4 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt), [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest). Updates `@types/node` from 25.8.0 to 25.9.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `oxfmt` from 0.51.0 to 0.52.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.52.0/npm/oxfmt) Updates `oxlint` from 1.65.0 to 1.67.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.67.0/npm/oxlint) Updates `vitest` from 4.1.6 to 4.1.7 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/vitest) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.9.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-minor-and-patch - dependency-name: oxfmt dependency-version: 0.51.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-minor-and-patch - dependency-name: oxlint dependency-version: 1.66.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-minor-and-patch - dependency-name: vitest dependency-version: 4.1.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>
22b80ac to
d8642af
Compare
Bumps the development-minor-and-patch group with 4 updates in the / directory: @types/node, oxfmt, oxlint and vitest.
Updates
@types/nodefrom 25.8.0 to 25.9.1Commits
Updates
oxfmtfrom 0.51.0 to 0.52.0Changelog
Sourced from oxfmt's changelog.
... (truncated)
Commits
68b455drelease(apps): oxlint v1.67.0 && oxfmt v0.52.0 (#22735)16b8058feat(oxfmt): Supportvite-plus/resolveConfigfor vite.config.ts (#22454)Updates
oxlintfrom 1.65.0 to 1.67.0Release notes
Sourced from oxlint's releases.
... (truncated)
Changelog
Sourced from oxlint's changelog.
Commits
68b455drelease(apps): oxlint v1.67.0 && oxfmt v0.52.0 (#22735)b84941efeat(linter/vue): implement no-expose-after-await rule (#22675)98b98c1feat(linter/vue): implement no-computed-properties-in-data rule (#22674)2d4c919feat(oxlint): Supportvite-plus/resolveConfigfor vite.config.ts (#22456)2a60012feat(linter/vue): implement require-render-return rule (#22613)9f227fdfeat(linter/vue): implement no-deprecated-props-default-this rule (#21892)87f065efeat(linter/vue): implement return-in-emits-validator rule (#21935)ea0380cfeat(linter/unicorn): implementimport-stylerule (#22173)dde40fefeat(linter/vue): implement no-watch-after-await rule (#22006)a735eb0feat(linter/vue): implement valid-next-tick rule (#22531)Updates
vitestfrom 4.1.6 to 4.1.7Release notes
Sourced from vitest's releases.
Commits
a09d472chore: release v4.1.7