Skip to content

chore(deps): Bump the npm-root group with 6 updates#116

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-root-db515139ce
Closed

chore(deps): Bump the npm-root group with 6 updates#116
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-root-db515139ce

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Mar 27, 2026
edited
Loading

Bumps the npm-root group with 6 updates:

Package From To
@vitest/coverage-v8 4.0.18 4.1.2
fast-check 4.5.3 4.6.0
typescript 5.9.3 6.0.2
vitest 4.0.18 4.1.2
@modelcontextprotocol/sdk 1.27.1 1.28.0
@types/node 25.3.5 25.5.0

Updates @vitest/coverage-v8 from 4.0.18 to 4.1.2

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

   🐞 Bug Fixes

    View changes on GitHub

v4.1.1

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

Vitest 4.1 is out!

... (truncated)

Commits

Updates fast-check from 4.5.3 to 4.6.0

Release notes

Sourced from fast-check's releases.

Better stringMatching with maxLength

[Code][Diff]

Features

  • (PR#6599) Add basic maxLength support to stringMatching
  • (PR#6600) Better clamp on regexes when maxLength on stringMatching
  • (PR#6687) Deprecate Random::next(n) and Random::nextInt()

Fixes

  • (PR#6502) Bug: Bad d.ts import in BuildInversedRelationsMapping
  • (PR#6578) Bug: Don't crash when stringifying detached ArrayBuffers
  • (PR#6700) Bug: Fix object unmapper and depth computation for special keys
  • (PR#6432) CI: Move all dependencies to dev on examples/
  • (PR#6443) CI: Migrate to Docusaurus v4 configuration format
  • (PR#6456) CI: Enable persist-credentials in add-contributor workflow
  • (PR#6501) CI: Bump module in tsconfig to node18
  • (PR#6548) CI: Fix zizmor ignore config line numbers
  • (PR#6554) CI: Drop tests against Node 20
  • (PR#6563) CI: Fix check_publish status to be success on no error
  • (PR#6565) CI: Add create release workflow
  • (PR#6610) CI: Rework pnpm configuration
  • (PR#6619) CI: Add PR template enforcement workflow
  • (PR#6622) CI: Skip Netlify doc publish on PRs
  • (PR#6625) CI: Run PR template check without approval
  • (PR#6623) CI: Skip PR template check for Renovate bot
  • (PR#6638) CI: Bundle fast-check using rolldown
  • (PR#6662) CI: Rework configuration of examples
  • (PR#6683) CI: Add Claude Code GitHub Action workflow
  • (PR#6684) CI: Add configuration for pre and post tool Claude hooks
  • (PR#6690) CI: Refine GH Action triggering CLAUDE
  • (PR#6693) CI: Configure another Claude model
  • (PR#6703) CI: Add top-level permissions: {} to workflows missing it
  • (PR#6704) CI: Refactor Claude workflow custom instructions configuration
  • (PR#6705) CI: Add SessionStart hook to ensure dependencies are installed
  • (PR#6597) Clean: Drop runkit file
  • (PR#6640) Clean: Drop unused "tsd" in package.json
  • (PR#6441) Doc: Release note for 4.5.0
  • (PR#6442) Doc: Replace generic blog tags with feature-specific taxonomy
  • (PR#6458) Doc: Add adamni21 as doc contributor
  • (PR#6496) Doc: Refine npm keywords
  • (PR#6514) Doc: Skill for JavaScript testing expert
  • (PR#6516) Doc: Add note to avoid overusing filter and fc.pre
  • (PR#6517) Doc: Update testing skill to recommend mimicking existing test structure
  • (PR#6523) Doc: Add PR template requirement to Copilot instructions
  • (PR#6522) Doc: Add note on complementary testing approaches
  • (PR#6524) Doc: Add snapshot vs screenshot guidance
  • (PR#6527) Doc: Push to install missing tooling

... (truncated)

Changelog

Sourced from fast-check's changelog.

4.6.0

Better stringMatching with maxLength [Code][Diff]

Features

  • (PR#6599) Add basic maxLength support to stringMatching
  • (PR#6600) Better clamp on regexes when maxLength on stringMatching
  • (PR#6687) Deprecate Random::next(n) and Random::nextInt()

Fixes

  • (PR#6502) Bug: Bad d.ts import in BuildInversedRelationsMapping
  • (PR#6578) Bug: Don't crash when stringifying detached ArrayBuffers
  • (PR#6700) Bug: Fix object unmapper and depth computation for special keys
  • (PR#6432) CI: Move all dependencies to dev on examples/
  • (PR#6443) CI: Migrate to Docusaurus v4 configuration format
  • (PR#6456) CI: Enable persist-credentials in add-contributor workflow
  • (PR#6501) CI: Bump module in tsconfig to node18
  • (PR#6548) CI: Fix zizmor ignore config line numbers
  • (PR#6554) CI: Drop tests against Node 20
  • (PR#6563) CI: Fix check_publish status to be success on no error
  • (PR#6565) CI: Add create release workflow
  • (PR#6610) CI: Rework pnpm configuration
  • (PR#6619) CI: Add PR template enforcement workflow
  • (PR#6622) CI: Skip Netlify doc publish on PRs
  • (PR#6625) CI: Run PR template check without approval
  • (PR#6623) CI: Skip PR template check for Renovate bot
  • (PR#6638) CI: Bundle fast-check using rolldown
  • (PR#6662) CI: Rework configuration of examples
  • (PR#6683) CI: Add Claude Code GitHub Action workflow
  • (PR#6684) CI: Add configuration for pre and post tool Claude hooks
  • (PR#6690) CI: Refine GH Action triggering CLAUDE
  • (PR#6693) CI: Configure another Claude model
  • (PR#6703) CI: Add top-level permissions: {} to workflows missing it
  • (PR#6704) CI: Refactor Claude workflow custom instructions configuration
  • (PR#6705) CI: Add SessionStart hook to ensure dependencies are installed
  • (PR#6597) Clean: Drop runkit file
  • (PR#6640) Clean: Drop unused "tsd" in package.json
  • (PR#6441) Doc: Release note for 4.5.0
  • (PR#6442) Doc: Replace generic blog tags with feature-specific taxonomy
  • (PR#6458) Doc: Add adamni21 as doc contributor
  • (PR#6496) Doc: Refine npm keywords
  • (PR#6514) Doc: Skill for JavaScript testing expert
  • (PR#6516) Doc: Add note to avoid overusing filter and fc.pre
  • (PR#6517) Doc: Update testing skill to recommend mimicking existing test structure
  • (PR#6523) Doc: Add PR template requirement to Copilot instructions
  • (PR#6522) Doc: Add note on complementary testing approaches
  • (PR#6524) Doc: Add snapshot vs screenshot guidance

... (truncated)

Commits
  • f4b9e1d 🔖 Update CHANGELOG.md for fast-check@4.6.0, @​fast-check/ava@​3.0.0, @​fast-chec...
  • 8b55808 🐛 Fix object unmapper and depth computation for special keys (#6700)
  • 2c12205 👥 Add rushelex as code contributor (#6696)
  • c62a288 🗑️ Deprecate Random::next(n) and Random::nextInt() (#6687)
  • bd3f718 ⬆️ Update dependency @​types/node to ^24.12.0 (#6669)
  • 5bb3fe4 ⚡️ Bump pure-rand to v8 (#6679)
  • 8e47b45 ♻️ Drop @​rollup/plugin-replace for rolldown builtin (#6675)
  • 77c43fa ⚡️ Import less from pure-rand (#5718)
  • 3fe4d52 ⬆️ Update dependency @​types/node to ^24.10.15 (#6647)
  • 74960cd ⬆️ Update dependency @​microsoft/api-extractor to ^7.57.6 (#6643)
  • Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0

For release notes, check out the release announcement blog post.

Downloads are available on:

TypeScript 6.0 Beta

For release notes, check out the release announcement.

Downloads are available on:

Commits

Updates vitest from 4.0.18 to 4.1.2

Release notes

Sourced from vitest's releases.

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

   🐞 Bug Fixes

    View changes on GitHub

v4.1.1

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.0

Vitest 4.1 is out!

... (truncated)

Commits
  • fc6f482 chore: release v4.1.2
  • 6f97b55 feat: disable colors if agent is detected (#9851)
  • b3c992c fix(coverage): correct coverageConfigDefaults values and types (#9940)
  • 7c06598 fix: ensure sequential mock/unmock resolution (#9830)
  • f54abad chore: add typo-checker skill and fix typos (#9963)
  • 7aa9377 fix: don't resolve setupFiles from parent directory (#9960)
  • 1f2d318 chore: release v4.1.1
  • ebfde79 refactor: rename matchesTagsFilter to matchesTags (#9956)
  • 5611500 feat(experimental): introduce experimental.vcsProvider (#9928)
  • eec53d9 feat(experimental): expose matchesTagsFilter to test if the current filter ...
  • Additional commits viewable in compare view

Updates @modelcontextprotocol/sdk from 1.27.1 to 1.28.0

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

v1.28.0

What's Changed

New Contributors

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.1...v1.28.0

Commits
  • a056569 chore: bump version to 1.28.0 (#1746)
  • 897bc25 fix(server/auth): RFC 8252 loopback port relaxation (#1738)
  • 398dc70 fix: clear _timeoutInfo in _onclose() and scope .finally() abort controller c...
  • 93640d3 fix: reject plain JSON Schema objects passed as inputSchema (#1596)
  • 4cbcec0 [v1.x backport] Default to client_secret_basic when server omits token_endpoi...
  • c9b58d1 feat: use scopes_supported from resource metadata by default (fixes #580) (#757)
  • 351e124 docs: add links to hosted V1 and V2 API reference docs
  • See full diff in compare view

Updates @types/node from 25.3.5 to 25.5.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the npm-root group with 6 updates
e821006 
Bumps the npm-root group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.18` | `4.1.2` |
| [fast-check](https://github.com/dubzzz/fast-check/tree/HEAD/packages/fast-check) | `4.5.3` | `4.6.0` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.2` |
| [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.27.1` | `1.28.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.3.5` | `25.5.0` |


Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.2
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/coverage-v8)

Updates `fast-check` from 4.5.3 to 4.6.0
- [Release notes](https://github.com/dubzzz/fast-check/releases)
- [Changelog](https://github.com/dubzzz/fast-check/blob/main/packages/fast-check/CHANGELOG.md)
- [Commits](https://github.com/dubzzz/fast-check/commits/v4.6.0/packages/fast-check)

Updates `typescript` from 5.9.3 to 6.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.2)

Updates `vitest` from 4.0.18 to 4.1.2
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/vitest)

Updates `@modelcontextprotocol/sdk` from 1.27.1 to 1.28.0
- [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases)
- [Commits](modelcontextprotocol/typescript-sdk@v1.27.1...v1.28.0)

Updates `@types/node` from 25.3.5 to 25.5.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-root
- dependency-name: fast-check
  dependency-version: 4.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-root
- dependency-name: typescript
  dependency-version: 6.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-root
- dependency-name: vitest
  dependency-version: 4.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-root
- dependency-name: "@modelcontextprotocol/sdk"
  dependency-version: 1.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-root
- dependency-name: "@types/node"
  dependency-version: 25.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-root
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 27, 2026
@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Apr 10, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 10, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-root-db515139ce branch April 10, 2026 01:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants