Skip to content

chore(deps-dev): bump the dependencies group across 1 directory with 3 updates#411

Merged
rhamzeh merged 3 commits into
mainfrom
dependabot/npm_and_yarn/dependencies-d6106c3bb7
May 8, 2026
Merged

chore(deps-dev): bump the dependencies group across 1 directory with 3 updates#411
rhamzeh merged 3 commits into
mainfrom
dependabot/npm_and_yarn/dependencies-d6106c3bb7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 7, 2026

Copy link
Copy Markdown
Contributor

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.


Bumps the dependencies group with 3 updates in the / directory: @types/node, nock and typescript.

Updates @types/node from 25.6.0 to 25.6.1

Commits

Updates nock from 14.0.14 to 14.0.15

Release notes

Sourced from nock's releases.

v14.0.15

14.0.15 (2026-05-07)

Bug Fixes

  • Revert "fix(backport): apply body delay before the response end" (#2973) (de5450c), closes #2969
Commits

Updates typescript from 5.9.3 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

Downloads are available on:

TypeScript 6.0

For release notes, check out the release announcement blog post.

Downloads are available on:

TypeScript 6.0 Beta

For release notes, check out the release announcement.

Downloads are available on:

Commits
  • 050880c Bump version to 6.0.3 and LKG
  • eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
  • ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
  • 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
  • 607a22a Bump version to 6.0.2 and LKG
  • 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
  • 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
  • e175b69 Bump version to 6.0.1-rc and LKG
  • af4caac Update LKG
  • 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 7, 2026
Copilot AI review requested due to automatic review settings May 7, 2026 21:07
@dependabot
dependabot Bot requested a review from a team as a code owner May 7, 2026 21:07
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 7, 2026
@dependabot
dependabot Bot removed the request for review from Copilot May 7, 2026 21:07
@socket-security

socket-security Bot commented May 7, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updated@​types/​node@​25.6.0 ⏵ 25.6.110010081 +194 +1100
Updatedtypescript@​5.9.3 ⏵ 6.0.3100 +110090 +19890
Updatednock@​14.0.14 ⏵ 14.0.159810010098 +1100

View full report

@socket-security

socket-security Bot commented May 7, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
License policy violation: npm typescript under CC-BY-4.0

License: CC-BY-4.0 - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

License: MIT-Khronos-old - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

License: LicenseRef-W3C-Community-Final-Specification-Agreement - The applicable license policy does not permit this license (5) (package/ThirdPartyNoticeText.txt)

From: package-lock.jsonnpm/typescript@6.0.3

ℹ Read more on: This package | This alert | What is a license policy violation?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@6.0.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@rhamzeh

rhamzeh commented May 7, 2026

Copy link
Copy Markdown
Member

@dependabot recreate

…3 updates

Bumps the dependencies group with 3 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [nock](https://github.com/nock/nock) and [typescript](https://github.com/microsoft/TypeScript).


Updates `@types/node` from 25.6.0 to 25.6.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `nock` from 14.0.14 to 14.0.15
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v14.0.14...v14.0.15)

Updates `typescript` from 5.9.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.3)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.6.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: nock
  dependency-version: 14.0.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps-dev): bump the dependencies group with 3 updates chore(deps-dev): bump the dependencies group across 1 directory with 3 updates May 7, 2026
Copilot AI review requested due to automatic review settings May 7, 2026 21:32
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/dependencies-d6106c3bb7 branch from 78ecac6 to 7150190 Compare May 7, 2026 21:32
@dependabot
dependabot Bot removed the request for review from Copilot May 7, 2026 21:32
Copilot AI review requested due to automatic review settings May 7, 2026 22:39
rhamzeh
rhamzeh previously approved these changes May 7, 2026
@codecov-commenter

codecov-commenter commented May 7, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.74%. Comparing base (6b03882) to head (fd74c5b).
⚠️ Report is 7 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main     #411      +/-   ##
==========================================
+ Coverage   85.59%   85.74%   +0.15%     
==========================================
  Files          26       25       -1     
  Lines        1270     1305      +35     
  Branches      250      241       -9     
==========================================
+ Hits         1087     1119      +32     
+ Misses        110      108       -2     
- Partials       73       78       +5     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@rhamzeh
rhamzeh enabled auto-merge May 7, 2026 22:40

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates dev tooling dependencies (TypeScript, nock, and @types/node) and adjusts the test TypeScript/Jest configuration to remain compatible with the dependency updates.

Changes:

  • Bump typescript to ^6.0.3 and refresh lockfile-resolved versions for nock and @types/node.
  • Configure Jest to use the tests-specific tsconfig and enable esModuleInterop for test compilation.
  • Update test imports to use nock default import style.

Reviewed changes

Copilot reviewed 10 out of 12 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
tsconfig.json Restricts global ambient types to Node to stabilize type resolution.
tests/tsconfig.spec.json Enables esModuleInterop for tests to support default imports like nock.
tests/setup.ts Switches nock import to default import.
tests/jest.config.js Adds explicit ts-jest transform using the tests tsconfig; updates coverage collection exclusions.
tests/index.test.ts Switches nock import to default import.
tests/helpers/nocks.ts Updates nock typing approach for the helper factory.
tests/headers.test.ts Switches nock import to default import; adds explicit this typing in one reply callback.
tests/credentials.test.ts Switches nock import to default import.
tests/client.test.ts Switches nock import to default import.
tests/apiExecutor.test.ts Switches nock import to default import.
package.json Bumps typescript to ^6.0.3.
package-lock.json Updates lockfile entries for typescript, nock, and @types/node.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread tests/jest.config.js Outdated
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@rhamzeh
rhamzeh added this pull request to the merge queue May 8, 2026
Merged via the queue into main with commit 2ef6c57 May 8, 2026
28 checks passed
@rhamzeh
rhamzeh deleted the dependabot/npm_and_yarn/dependencies-d6106c3bb7 branch May 8, 2026 03:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants