Combine cirq-web dependabot updates by pavoljuhas · Pull Request #8070 · quantumlib/Cirq

pavoljuhas · 2026-05-04T23:01:22Z

Bump the non-security group with 6 updates

Updates @types/node from 25.5.0 to 25.6.0
Updates @vitest/coverage-v8 from 4.1.2 to 4.1.5
Updates puppeteer from 24.40.0 to 24.42.0
Updates three from 0.183.2 to 0.184.0
Updates @types/three from 0.183.1 to 0.184.0
Updates vitest from 4.1.2 to 4.1.5
Bump jsdom from 28.1.0 to 29.1.1
Bump vite from 7.3.1 to 8.0.10
Bump postcss from 8.5.6 to 8.5.13
Bump lodash from 4.17.23 to 4.18.1
Bump vite from 7.3.1 to 7.3.2

Bumps the non-security group in /cirq-web/cirq_web with 6 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.0` | `25.6.0` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.2` | `4.1.5` | | [puppeteer](https://github.com/puppeteer/puppeteer) | `24.40.0` | `24.42.0` | | [three](https://github.com/mrdoob/three.js) | `0.183.2` | `0.184.0` | | [@types/three](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/three) | `0.183.1` | `0.184.0` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.2` | `4.1.5` | Updates `@types/node` from 25.5.0 to 25.6.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitest/coverage-v8` from 4.1.2 to 4.1.5 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.5/packages/coverage-v8) Updates `puppeteer` from 24.40.0 to 24.42.0 - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@puppeteer-v24.40.0...puppeteer-v24.42.0) Updates `three` from 0.183.2 to 0.184.0 - [Release notes](https://github.com/mrdoob/three.js/releases) - [Commits](https://github.com/mrdoob/three.js/commits) Updates `@types/three` from 0.183.1 to 0.184.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/three) Updates `vitest` from 4.1.2 to 4.1.5 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.5/packages/vitest) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.6.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: non-security - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-security - dependency-name: puppeteer dependency-version: 24.42.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: non-security - dependency-name: three dependency-version: 0.184.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: non-security - dependency-name: "@types/three" dependency-version: 0.184.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: non-security - dependency-name: vitest dependency-version: 4.1.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-security ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [jsdom](https://github.com/jsdom/jsdom) from 28.1.0 to 29.1.1. - [Release notes](https://github.com/jsdom/jsdom/releases) - [Commits](jsdom/jsdom@v28.1.0...v29.1.1) --- updated-dependencies: - dependency-name: jsdom dependency-version: 29.1.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.1 to 8.0.10. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.0.10/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 8.0.10 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.13. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.6...8.5.13) --- updated-dependencies: - dependency-name: postcss dependency-version: 8.5.13 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.23...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.1 to 7.3.2. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-version: 7.3.2 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

into combine-ts-dependabot-updates

Executed check/ts-build

codecov · 2026-05-04T23:15:27Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.63%. Comparing base (0696268) to head (09b3c2e).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #8070   +/-   ##
=======================================
  Coverage   99.63%   99.63%           
=======================================
  Files        1110     1110           
  Lines      100072   100072           
=======================================
  Hits        99710    99710           
  Misses        362      362

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

mhucka

LGTM

dependabot Bot and others added 12 commits May 1, 2026 19:09

Merge commit 'refs/pull/8012/head' of https://github.com/quantumlib/Cirq

93f9b1f

into combine-ts-dependabot-updates

Merge commit 'refs/pull/8017/head' of https://github.com/quantumlib/Cirq

e4e378d

into combine-ts-dependabot-updates

Merge commit 'refs/pull/8063/head' of https://github.com/quantumlib/Cirq

a10720d

into combine-ts-dependabot-updates

Merge commit 'refs/pull/8064/head' of https://github.com/quantumlib/Cirq

402a79a

into combine-ts-dependabot-updates

Merge commit 'refs/pull/8065/head' of https://github.com/quantumlib/Cirq

d1453c8

into combine-ts-dependabot-updates

Merge commit 'refs/pull/8067/head' of https://github.com/quantumlib/Cirq

5d9e444

into combine-ts-dependabot-updates

github-actions Bot added the size: XL lines changed >1000 label May 4, 2026

Rebuild Cirq-web bundle files

09b3c2e

Executed check/ts-build

pavoljuhas requested a review from mhucka May 4, 2026 23:14

pavoljuhas marked this pull request as ready for review May 4, 2026 23:14

pavoljuhas requested a review from a team as a code owner May 4, 2026 23:14

pavoljuhas mentioned this pull request May 4, 2026

Bump lodash from 4.17.23 to 4.18.1 in /cirq-web/cirq_web #8012

Closed

pavoljuhas added the ci/no-release Use this label for pull request that should not have Cirq pre-release on PyPI. label May 4, 2026

pavoljuhas enabled auto-merge May 4, 2026 23:25

pavoljuhas removed the ci/no-release Use this label for pull request that should not have Cirq pre-release on PyPI. label May 4, 2026

mhucka reviewed May 5, 2026

View reviewed changes

mhucka approved these changes May 5, 2026

View reviewed changes

pavoljuhas added this pull request to the merge queue May 5, 2026

Merged via the queue into quantumlib:main with commit c7e91ce May 5, 2026
76 of 78 checks passed

pavoljuhas deleted the combine-ts-dependabot-updates branch May 5, 2026 06:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Combine cirq-web dependabot updates#8070

Combine cirq-web dependabot updates#8070
pavoljuhas merged 13 commits into
quantumlib:mainfrom
pavoljuhas:combine-ts-dependabot-updates

pavoljuhas commented May 4, 2026

Uh oh!

codecov Bot commented May 4, 2026

Uh oh!

mhucka left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

pavoljuhas commented May 4, 2026

Uh oh!

codecov Bot commented May 4, 2026

Codecov Report

Uh oh!

mhucka left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants