Skip to content

chore(deps): bump the minor-and-patch group across 1 directory with 8 updates#495

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-1fd2443017
Open

chore(deps): bump the minor-and-patch group across 1 directory with 8 updates#495
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-1fd2443017

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 5, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 8 updates in the / directory:

Package From To
@ownclouders/eslint-config 12.4.2 12.5.0
prettier 3.9.3 3.9.4
vue-tsc 3.3.5 3.3.6
@ownclouders/web-client 12.4.2 12.5.0
@ownclouders/web-pkg 12.4.2 12.5.0
@ownclouders/extension-sdk 12.4.2 12.5.0
@ownclouders/web-test-helpers 12.4.2 12.5.0
p-queue 9.3.0 9.3.1

Updates @ownclouders/eslint-config from 12.4.2 to 12.5.0

Release notes

Sourced from @​ownclouders/eslint-config's releases.

12.5.0

Changelog for ownCloud Web 12.5.0 (2026-07-01)

Summary

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797
  • Bugfix - Fix danger filled button text color on focus: #13887
  • Bugfix - Open external apps based on the file mime type: #13888
  • Bugfix - Validate URL before opening password-protected folder: #13924
  • Enhancement - OwnCloud branded login background: #13875
  • Enhancement - Add a documentation screenshot capture tool: #13894
  • Enhancement - Add an HTML editor app: #13895
  • Enhancement - Save a copy of office documents to another format (Collabora): #13906

Details

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797

    On iOS/iPadOS, we now display a button to open the PDF file in the browser instead of the native PDF viewer. This is a workaround to avoid issues with the native PDF viewer on iOS/iPadOS.

    owncloud/web#13797 owncloud/web#13816

  • Bugfix - Fix danger filled button text color on focus: #13887

    We've fixed the OcButton danger filled variant not applying the correct text color when focused via keyboard.

    owncloud/web#13887

  • Bugfix - Open external apps based on the file mime type: #13888

    We've fixed the external app redirect (/external) picking an arbitrary app when no app query parameter was present. It fell back to the first registered app provider, which might not support the file's mime type, so the following request to open the file failed with an "app not found" error that surfaced as a generic error to the user.

    The redirect now resolves the app from the file's mime type, preferring the configured default application, and shows an explicit error when no suitable app is available instead of silently redirecting to the wrong one.

    owncloud/web#13888

  • Bugfix - Validate URL before opening password-protected folder: #13924

... (truncated)

Commits

Updates prettier from 3.9.3 to 3.9.4

Release notes

Sourced from prettier's releases.

3.9.4

  • Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.9.4

diff

Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

<!-- Input -->
<FancyButton [label]="title">
  @content (icon) {
    <span>Icon!</span>
  }
  @content (description) {
    <span>Description text</span>
  }
  <span>Other children</span>
</FancyButton>
<!-- Prettier 3.9.3 -->
<FancyButton [label]="title">
@​content(icon) {
<span>Icon!</span>
}
@​content(description) {
<span>Description text</span>
}
<span>Other children</span>
</FancyButton>
<!-- Prettier 3.9.4 -->
<FancyButton [label]="title">
@​content (icon) {
<span>Icon!</span>
}
@​content (description) {
<span>Description text</span>
}
<span>Other children</span>
</FancyButton>

Commits
  • b693cb2 Release 3.9.4
  • 2e92ac0 Angular: Format @content(name) -> @content (name) to align with other blo...
  • abed2c2 Bump Prettier dependency to 3.9.3
  • 6cfbc00 Clean changelog_unreleased
  • See full diff in compare view

Updates vue-tsc from 3.3.5 to 3.3.6

Release notes

Sourced from vue-tsc's releases.

v3.3.6

language-core

  • fix: make generic component internal context inference type-safe across .d.ts boundary (#6104) - Thanks to @​Holiden!
  • fix: do not treat non-trivial property accesses as compound - Thanks to @​KazariEX!
  • fix: treat semicolon-terminated expressions as compound - Thanks to @​KazariEX!
  • fix: preserve return types for compound event handlers - Thanks to @​KazariEX!
  • fix: use WeakMap to cache inline TS ASTs - Thanks to @​KazariEX!
  • fix: match upstream CSS v-bind parsing behavior - Thanks to @​KazariEX!
  • fix: include setup bindings as potential component names (#6111) - Thanks to @​KazariEX!
  • perf: reduce boundary code feature allocations - Thanks to @​KazariEX!
  • refactor: centralize code features and deprecate allCodeFeatures - Thanks to @​KazariEX!

Our Sponsors ❤️

... (truncated)

Changelog

Sourced from vue-tsc's changelog.

3.3.6 (2026-06-30)

language-core

  • fix: make generic component internal context inference type-safe across .d.ts boundary (#6104) - Thanks to @​Holiden!
  • fix: do not treat non-trivial property accesses as compound - Thanks to @​KazariEX!
  • fix: treat semicolon-terminated expressions as compound - Thanks to @​KazariEX!
  • fix: preserve return types for compound event handlers - Thanks to @​KazariEX!
  • fix: use WeakMap to cache inline TS ASTs - Thanks to @​KazariEX!
  • fix: match upstream CSS v-bind parsing behavior - Thanks to @​KazariEX!
  • fix: include setup bindings as potential component names (#6111) - Thanks to @​KazariEX!
  • perf: reduce boundary code feature allocations - Thanks to @​KazariEX!
  • refactor: centralize code features and deprecate allCodeFeatures - Thanks to @​KazariEX!
Commits
  • 4893ec6 v3.3.6 (#6112)
  • 3abce61 refactor: normalize regexp variable names to xxxRE format
  • bff182a fix(language-core): make generic component internal context inference type-sa...
  • See full diff in compare view

Updates @ownclouders/web-client from 12.4.2 to 12.5.0

Release notes

Sourced from @​ownclouders/web-client's releases.

12.5.0

Changelog for ownCloud Web 12.5.0 (2026-07-01)

Summary

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797
  • Bugfix - Fix danger filled button text color on focus: #13887
  • Bugfix - Open external apps based on the file mime type: #13888
  • Bugfix - Validate URL before opening password-protected folder: #13924
  • Enhancement - OwnCloud branded login background: #13875
  • Enhancement - Add a documentation screenshot capture tool: #13894
  • Enhancement - Add an HTML editor app: #13895
  • Enhancement - Save a copy of office documents to another format (Collabora): #13906

Details

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797

    On iOS/iPadOS, we now display a button to open the PDF file in the browser instead of the native PDF viewer. This is a workaround to avoid issues with the native PDF viewer on iOS/iPadOS.

    owncloud/web#13797 owncloud/web#13816

  • Bugfix - Fix danger filled button text color on focus: #13887

    We've fixed the OcButton danger filled variant not applying the correct text color when focused via keyboard.

    owncloud/web#13887

  • Bugfix - Open external apps based on the file mime type: #13888

    We've fixed the external app redirect (/external) picking an arbitrary app when no app query parameter was present. It fell back to the first registered app provider, which might not support the file's mime type, so the following request to open the file failed with an "app not found" error that surfaced as a generic error to the user.

    The redirect now resolves the app from the file's mime type, preferring the configured default application, and shows an explicit error when no suitable app is available instead of silently redirecting to the wrong one.

    owncloud/web#13888

  • Bugfix - Validate URL before opening password-protected folder: #13924

... (truncated)

Commits
  • b16a34f [full-ci] chore: prepare final release from web repo (#13930)
  • d84fdcc chore: update translations from transifex (#13914)
  • 35035be chore: update translations from transifex (#13909)
  • c858df7 [Snyk] Security upgrade axios from 1.15.0 to 1.15.2 (#13764)
  • b31dbce chore: update translations from transifex (#13891)
  • 05ddc9a chore: update translations from transifex
  • dc650a0 chore: update translations from transifex
  • 25a18ec chore: update translations from transifex
  • 503f06b chore: update translations from transifex
  • b567358 fix(notifications): [OCISDEV-967] filter notifications by vault mode (#13877)
  • Additional commits viewable in compare view

Updates @ownclouders/web-pkg from 12.4.2 to 12.5.0

Release notes

Sourced from @​ownclouders/web-pkg's releases.

12.5.0

Changelog for ownCloud Web 12.5.0 (2026-07-01)

Summary

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797
  • Bugfix - Fix danger filled button text color on focus: #13887
  • Bugfix - Open external apps based on the file mime type: #13888
  • Bugfix - Validate URL before opening password-protected folder: #13924
  • Enhancement - OwnCloud branded login background: #13875
  • Enhancement - Add a documentation screenshot capture tool: #13894
  • Enhancement - Add an HTML editor app: #13895
  • Enhancement - Save a copy of office documents to another format (Collabora): #13906

Details

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797

    On iOS/iPadOS, we now display a button to open the PDF file in the browser instead of the native PDF viewer. This is a workaround to avoid issues with the native PDF viewer on iOS/iPadOS.

    owncloud/web#13797 owncloud/web#13816

  • Bugfix - Fix danger filled button text color on focus: #13887

    We've fixed the OcButton danger filled variant not applying the correct text color when focused via keyboard.

    owncloud/web#13887

  • Bugfix - Open external apps based on the file mime type: #13888

    We've fixed the external app redirect (/external) picking an arbitrary app when no app query parameter was present. It fell back to the first registered app provider, which might not support the file's mime type, so the following request to open the file failed with an "app not found" error that surfaced as a generic error to the user.

    The redirect now resolves the app from the file's mime type, preferring the configured default application, and shows an explicit error when no suitable app is available instead of silently redirecting to the wrong one.

    owncloud/web#13888

  • Bugfix - Validate URL before opening password-protected folder: #13924

... (truncated)

Commits

Updates @ownclouders/extension-sdk from 12.4.2 to 12.5.0

Release notes

Sourced from @​ownclouders/extension-sdk's releases.

12.5.0

Changelog for ownCloud Web 12.5.0 (2026-07-01)

Summary

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797
  • Bugfix - Fix danger filled button text color on focus: #13887
  • Bugfix - Open external apps based on the file mime type: #13888
  • Bugfix - Validate URL before opening password-protected folder: #13924
  • Enhancement - OwnCloud branded login background: #13875
  • Enhancement - Add a documentation screenshot capture tool: #13894
  • Enhancement - Add an HTML editor app: #13895
  • Enhancement - Save a copy of office documents to another format (Collabora): #13906

Details

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797

    On iOS/iPadOS, we now display a button to open the PDF file in the browser instead of the native PDF viewer. This is a workaround to avoid issues with the native PDF viewer on iOS/iPadOS.

    owncloud/web#13797 owncloud/web#13816

  • Bugfix - Fix danger filled button text color on focus: #13887

    We've fixed the OcButton danger filled variant not applying the correct text color when focused via keyboard.

    owncloud/web#13887

  • Bugfix - Open external apps based on the file mime type: #13888

    We've fixed the external app redirect (/external) picking an arbitrary app when no app query parameter was present. It fell back to the first registered app provider, which might not support the file's mime type, so the following request to open the file failed with an "app not found" error that surfaced as a generic error to the user.

    The redirect now resolves the app from the file's mime type, preferring the configured default application, and shows an explicit error when no suitable app is available instead of silently redirecting to the wrong one.

    owncloud/web#13888

  • Bugfix - Validate URL before opening password-protected folder: #13924

... (truncated)

Commits

Updates @ownclouders/web-test-helpers from 12.4.2 to 12.5.0

Release notes

Sourced from @​ownclouders/web-test-helpers's releases.

12.5.0

Changelog for ownCloud Web 12.5.0 (2026-07-01)

Summary

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797
  • Bugfix - Fix danger filled button text color on focus: #13887
  • Bugfix - Open external apps based on the file mime type: #13888
  • Bugfix - Validate URL before opening password-protected folder: #13924
  • Enhancement - OwnCloud branded login background: #13875
  • Enhancement - Add a documentation screenshot capture tool: #13894
  • Enhancement - Add an HTML editor app: #13895
  • Enhancement - Save a copy of office documents to another format (Collabora): #13906

Details

  • Bugfix - Add open button to PDF viewer on iOS/iPadOS: #13797

    On iOS/iPadOS, we now display a button to open the PDF file in the browser instead of the native PDF viewer. This is a workaround to avoid issues with the native PDF viewer on iOS/iPadOS.

    owncloud/web#13797 owncloud/web#13816

  • Bugfix - Fix danger filled button text color on focus: #13887

    We've fixed the OcButton danger filled variant not applying the correct text color when focused via keyboard.

    owncloud/web#13887

  • Bugfix - Open external apps based on the file mime type: #13888

    We've fixed the external app redirect (/external) picking an arbitrary app when no app query parameter was present. It fell back to the first registered app provider, which might not support the file's mime type, so the following request to open the file failed with an "app not found" error that surfaced as a generic error to the user.

    The redirect now resolves the app from the file's mime type, preferring the configured default application, and shows an explicit error when no suitable app is available instead of silently redirecting to the wrong one.

    owncloud/web#13888

  • Bugfix - Validate URL before opening password-protected folder: #13924

... (truncated)

Commits

Updates p-queue from 9.3.0 to 9.3.1

Release notes

Sourced from p-queue's releases.

v9.3.1

  • Fix onSizeLessThan() resolving late when the queue drains without a completion d9cf2be

sindresorhus/p-queue@v9.3.0...v9.3.1

Commits
  • a06fbc9 9.3.1
  • d9cf2be Fix onSizeLessThan() resolving late when the queue drains without a completion
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 5, 2026
@kw-security

kw-security commented Jul 5, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

… updates

Bumps the minor-and-patch group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@ownclouders/eslint-config](https://github.com/owncloud/web/tree/HEAD/packages/eslint-config) | `12.4.2` | `12.5.0` |
| [prettier](https://github.com/prettier/prettier) | `3.9.3` | `3.9.4` |
| [vue-tsc](https://github.com/vuejs/language-tools/tree/HEAD/packages/tsc) | `3.3.5` | `3.3.6` |
| [@ownclouders/web-client](https://github.com/owncloud/web/tree/HEAD/packages/web-client) | `12.4.2` | `12.5.0` |
| [@ownclouders/web-pkg](https://github.com/owncloud/web/tree/HEAD/packages/web-pkg) | `12.4.2` | `12.5.0` |
| [@ownclouders/extension-sdk](https://github.com/owncloud/web/tree/HEAD/packages/extension-sdk) | `12.4.2` | `12.5.0` |
| [@ownclouders/web-test-helpers](https://github.com/owncloud/web/tree/HEAD/packages/web-test-helpers) | `12.4.2` | `12.5.0` |
| [p-queue](https://github.com/sindresorhus/p-queue) | `9.3.0` | `9.3.1` |



Updates `@ownclouders/eslint-config` from 12.4.2 to 12.5.0
- [Release notes](https://github.com/owncloud/web/releases)
- [Changelog](https://github.com/owncloud/web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/owncloud/web/commits/v12.5.0/packages/eslint-config)

Updates `prettier` from 3.9.3 to 3.9.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.9.3...3.9.4)

Updates `vue-tsc` from 3.3.5 to 3.3.6
- [Release notes](https://github.com/vuejs/language-tools/releases)
- [Changelog](https://github.com/vuejs/language-tools/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vuejs/language-tools/commits/v3.3.6/packages/tsc)

Updates `@ownclouders/web-client` from 12.4.2 to 12.5.0
- [Release notes](https://github.com/owncloud/web/releases)
- [Changelog](https://github.com/owncloud/web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/owncloud/web/commits/v12.5.0/packages/web-client)

Updates `@ownclouders/web-pkg` from 12.4.2 to 12.5.0
- [Release notes](https://github.com/owncloud/web/releases)
- [Changelog](https://github.com/owncloud/web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/owncloud/web/commits/v12.5.0/packages/web-pkg)

Updates `@ownclouders/extension-sdk` from 12.4.2 to 12.5.0
- [Release notes](https://github.com/owncloud/web/releases)
- [Changelog](https://github.com/owncloud/web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/owncloud/web/commits/v12.5.0/packages/extension-sdk)

Updates `@ownclouders/web-test-helpers` from 12.4.2 to 12.5.0
- [Release notes](https://github.com/owncloud/web/releases)
- [Changelog](https://github.com/owncloud/web/blob/master/CHANGELOG.md)
- [Commits](https://github.com/owncloud/web/commits/v12.5.0/packages/web-test-helpers)

Updates `p-queue` from 9.3.0 to 9.3.1
- [Release notes](https://github.com/sindresorhus/p-queue/releases)
- [Commits](sindresorhus/p-queue@v9.3.0...v9.3.1)

---
updated-dependencies:
- dependency-name: "@ownclouders/eslint-config"
  dependency-version: 12.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@ownclouders/extension-sdk"
  dependency-version: 12.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@ownclouders/web-client"
  dependency-version: 12.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@ownclouders/web-pkg"
  dependency-version: 12.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@ownclouders/web-test-helpers"
  dependency-version: 12.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: p-queue
  dependency-version: 9.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: prettier
  dependency-version: 3.9.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vue-tsc
  dependency-version: 3.3.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump the minor-and-patch group with 8 updates chore(deps): bump the minor-and-patch group across 1 directory with 8 updates Jul 7, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/minor-and-patch-1fd2443017 branch from 13290d6 to 496fce5 Compare July 7, 2026 13:42
@dependabot dependabot Bot requested a review from a team as a code owner July 7, 2026 13:42

@dj4oC dj4oC left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bumps the internal @ownclouders/* packages (eslint-config, web-client, web-pkg, extension-sdk, web-test-helpers) 12.4.212.5.0 across every workspace package, plus prettier 3.9.33.9.4, vue-tsc 3.3.53.3.6, and p-queue ^9.3.0^9.3.1. pnpm-lock.yaml is updated consistently with all package.json changes.

Findings

Stability (verified by actually running the full suite). Checked out this branch, ran pnpm install --frozen-lockfile (clean), then pnpm check:types across all 20 workspace packages — all pass. Then pnpm test:unit for the full workspace — all packages pass, with one exception: web-app-importer's useExtensions.spec.ts threw an unhandled-rejection assertion mismatch (addPlugin called 1 time instead of 4) when run as part of the full concurrent multi-package suite. I reproduced this on main too under the same full-suite run, and it passed cleanly on both main and this PR branch when run in isolation (3/3 each) — this is a pre-existing test-isolation flake under concurrent load, not a regression introduced by this dependency bump.

Security / Performance. No issues — internal SDK minor bump and a couple of dev-tooling patch bumps; nothing suggests a breaking or unsafe change, and it type-checks and tests clean.

Test coverage. N/A (dependency bump); existing suite already exercises the affected packages.

Deployment topology check

N/A — client-side web extension bundle only.

Verdict

Approved. Separately worth a follow-up issue: web-app-importer's useExtensions.spec.ts is flaky under full-workspace concurrent test runs (unrelated to this PR).

🤖 Automated review by Claude Code (security · stability · performance · coverage)


Generated by Claude Code

@dj4oC dj4oC left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Investigated the red check-tests-passed job (failing since 2026-07-07, not yet reviewed by this bot).

Findings

  • Stability (blocking): this PR is Dependabot's "minor-and-patch" grouped bump (8 updates), but test (web-app-advanced-search) and test (web-app-ai-data-insights-sidebar) fail with the same "Failed to inject gettext" symptom diagnosed on PR #488 (vue3-gettext major bump). That strongly suggests this "minor-and-patch" group is pulling in a dependency whose actual semver jump is major (or a transitive resolution bump), which contradicts the group's own name/intent.
  • Process/config finding: recommend auditing .github/dependabot.yml's grouping rules for this ecosystem — a "minor-and-patch" group should never be able to include a major-version jump. If vue3-gettext (or whatever pulled the breaking transitive change) is intentionally excluded from strict grouping, it should be pinned or excluded explicitly.

Test coverage

n/a — dependency bump.

Verdict

Changes requested (blocked on CI) — do not merge until the failing packages pass; also flagging the grouping-rule concern for maintainer attention (separate from this PR's mergeability).

🤖 Automated review by Claude Code (security · stability · performance · coverage)


Generated by Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants