chore(deps): bump the minor-and-patch group with 6 updates#1027
Merged
DeepDiver1975 merged 1 commit intoJun 28, 2026
Merged
Conversation
Bumps the minor-and-patch group with 6 updates: | Package | From | To | | --- | --- | --- | | [npm-check-updates](https://github.com/raineorshine/npm-check-updates) | `22.2.7` | `22.2.9` | | [autoprefixer](https://github.com/postcss/autoprefixer) | `10.5.0` | `10.5.2` | | [baseline-browser-mapping](https://github.com/web-platform-dx/baseline-browser-mapping) | `2.10.38` | `2.10.40` | | [js-yaml](https://github.com/nodeca/js-yaml) | `5.0.0` | `5.2.0` | | [postcss](https://github.com/postcss/postcss) | `8.5.15` | `8.5.16` | | [through2](https://github.com/rvagg/through2) | `5.0.1` | `5.0.3` | Updates `npm-check-updates` from 22.2.7 to 22.2.9 - [Release notes](https://github.com/raineorshine/npm-check-updates/releases) - [Changelog](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md) - [Commits](raineorshine/npm-check-updates@v22.2.7...v22.2.9) Updates `autoprefixer` from 10.5.0 to 10.5.2 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@10.5.0...10.5.2) Updates `baseline-browser-mapping` from 2.10.38 to 2.10.40 - [Release notes](https://github.com/web-platform-dx/baseline-browser-mapping/releases) - [Commits](web-platform-dx/baseline-browser-mapping@v2.10.38...v2.10.40) Updates `js-yaml` from 5.0.0 to 5.2.0 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@5.0.0...5.2.0) Updates `postcss` from 8.5.15 to 8.5.16 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.15...8.5.16) Updates `through2` from 5.0.1 to 5.0.3 - [Release notes](https://github.com/rvagg/through2/releases) - [Changelog](https://github.com/rvagg/through2/blob/master/CHANGELOG.md) - [Commits](rvagg/through2@v5.0.1...v5.0.3) --- updated-dependencies: - dependency-name: npm-check-updates dependency-version: 22.2.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: autoprefixer dependency-version: 10.5.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: baseline-browser-mapping dependency-version: 2.10.40 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: js-yaml dependency-version: 5.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: postcss dependency-version: 8.5.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: through2 dependency-version: 5.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
DeepDiver1975
left a comment
DeepDiver1975
left a comment
Member
There was a problem hiding this comment.
Reviewed as maintainer — grouped dependabot minor-and-patch update (6 updates).
- `npm-check-updates` 22.2.7 → 22.2.9 (patch)
- `autoprefixer` ^10.5.0 → ^10.5.2 (patch)
- `baseline-browser-mapping` ^2.10.38 → ^2.10.40 (patch)
- `js-yaml` ^5.0.0 → ^5.2.0 (minor)
- `postcss` ^8.5.15 → ^8.5.16 (patch)
- `through2` ^5.0.1 → ^5.0.3 (patch)
package.json + package-lock.json only, no source/code changes. All six are genuinely minor/patch — no major version hidden in this group. CI green (Build documentation + lint), MERGEABLE.
Note: the separate PR #1028 (`@asciidoctor/core` 3.0.4 → 4.0.0, a major bump) also touches package.json/package-lock.json. Whichever of #1027 / #1028 merges second will need a dependabot rebase to resolve the lockfile overlap. That major lives in its own PR and is correctly NOT part of this minor-and-patch group.
Changelog: docs repo has no changelog convention → n/a.
LGTM — approving and merging.
🤖 Generated with Claude Code
DeepDiver1975
approved these changes
Jun 28, 2026
DeepDiver1975
left a comment
DeepDiver1975
left a comment
Member
There was a problem hiding this comment.
Grouped minor/patch dep bump (6 updates, all minor/patch); package.json + lockfile only, CI green. Approving.
DeepDiver1975
deleted the
dependabot/npm_and_yarn/minor-and-patch-9c3e1b6a22
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the minor-and-patch group with 6 updates:
22.2.722.2.910.5.010.5.22.10.382.10.405.0.05.2.08.5.158.5.165.0.15.0.3Updates
npm-check-updatesfrom 22.2.7 to 22.2.9Release notes
Sourced from npm-check-updates's releases.
... (truncated)
Commits
5ad831b22.2.92653ab6Replace markdownlint-cli with markdownlint-cli2 (#1893)75a6a92Switch mocha tests to parallel (#1886)bf7285bMinor type tweaks (#1892)3231f23Use async glob instead of glob.sync in getAllPackages (#1891)8a37479CI: add prettier in lint workflow (#1889)0409e77replace zod with valibot to reduce bundle size (#1885)02b4218eslint.config.js: drop moot jest globals (#1887)c4435d0Rename variable and test file (#1884)e849b1dDockerfile: use lts-alpine image (#1862)Install script changes
This version modifies
preparescript that runs during installation. Review the package contents before updating.Updates
autoprefixerfrom 10.5.0 to 10.5.2Release notes
Sourced from autoprefixer's releases.
Changelog
Sourced from autoprefixer's changelog.
Commits
e99e381Release 10.5.2 version98de3f5Move -webkit-fill-available before -moz-available to get a closer to spec res...8fe2513Release 10.5.1 version60ea651Update release processcbd4a70Update dependenciesffae49ffix: reset grid area spans when overriding areas (#1549)d90ad86Fix CIa0f701bUpdate dependenciesbb935ebFix CIe63efe4Move to pnpm 11Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for autoprefixer since your current version.
Updates
baseline-browser-mappingfrom 2.10.38 to 2.10.40Release notes
Sourced from baseline-browser-mapping's releases.
Commits
54ceac6Patch to 2.10.40 because browser or feature data changed8e2ffadBrowser or feature data changedfcd4fedUpdating static site5938eddPatch to 2.10.39 because browser or feature data changed8a4923dBrowser or feature data changed5b63e35Updating static site2881d24Updating static siteUpdates
js-yamlfrom 5.0.0 to 5.2.0Changelog
Sourced from js-yaml's changelog.
Commits
c28ed5e5.2.0 released125cd5aAddmaxAliasesoption3105455ReplacemaxMergeSeqLengthoption withmaxTotalMergeKeys(more robust)39d00d6numbers: Drop boxed numbers support, simplify .identify() checks, clarify rou...eb5cb5bfix: round-trip integers that stringify in exponential notation (#771)89024c4Update migration info, close #770f1e45cd5.1.0 released53b22beFix constructor coveragea1eaa2bFix quote style options and restore forceQuotes0532e7dAdd finalizers for immutable collection tagsUpdates
postcssfrom 8.5.15 to 8.5.16Release notes
Sourced from postcss's releases.
Changelog
Sourced from postcss's changelog.
Commits
92ccc93Release 8.5.16 version818bdd6Update formatting46e4510FixInput#origin()returning incorrect position (#2036)34942ceFix testsd4feed6Don't clone root-less child nodes in container constructor (#2097)da323fcRevert version update to fix old Node.js on CI8863369Update dependencies3828982Preserve node raws when rehydrating a JSON AST (#2100)d1e80b8Fix Node#rangeBy() ignoring index 0 (#2091)b91e4a6Fix Node.js 26 testsMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for postcss since your current version.
Updates
through2from 5.0.1 to 5.0.3Release notes
Sourced from through2's releases.
Changelog
Sourced from through2's changelog.
Commits
bacbffbchore(release): 5.0.3 [skip ci]429d9dfchore(deps): bump actions/checkout from 6.0.3 to 7.0.0 (#122)1b87c33chore(release): 5.0.2 [skip ci]180016bchore(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#121)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions