Skip to content

Bump the actions-deps group across 1 directory with 11 updates#3900

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/actions-deps-fcd2a5c150
Open

Bump the actions-deps group across 1 directory with 11 updates#3900
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/actions-deps-fcd2a5c150

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the actions-deps group with 11 updates in the / directory:

Package From To
@types/node 25.9.1 25.9.2
eslint-plugin-n 18.0.1 18.1.0
js-yaml 4.1.1 4.2.0
prettier 3.8.3 3.8.4
react 19.2.6 19.2.7
@types/react 19.2.15 19.2.17
react-dom 19.2.6 19.2.7
dompurify 3.4.7 3.4.8
@types/aws-lambda 8.10.161 8.10.162
wrangler 4.95.0 4.99.0
start-server-and-test 3.0.5 3.0.9

Updates @types/node from 25.9.1 to 25.9.2

Commits

Updates eslint-plugin-n from 18.0.1 to 18.1.0

Release notes

Sourced from eslint-plugin-n's releases.

v18.1.0

18.1.0 (2026-06-08)

🌟 Features

  • Allow workspace root dependencies for no-extraneous-import (#536) (fd4f84e)
  • support devEngines.runtime from package.json (#530) (9ef3c32)

🩹 Fixes

  • Allow leading forwardslash in package.json "files" field (#534) (#535) (5fde036)
  • no-extraneous-import for type-only @​types dependencies (#533) (63a90ef)
  • prefer-promises/fs: add missing fs.promises APIs (cp, glob, lutimes, opendir, rm, statfs) (#532) (75fbe34)

📚 Documentation

  • fix usage in README.md (c1b1b84)
  • Update online playground link in README (058916a)
Changelog

Sourced from eslint-plugin-n's changelog.

18.1.0 (2026-06-08)

🌟 Features

  • Allow workspace root dependencies for no-extraneous-import (#536) (fd4f84e)
  • support devEngines.runtime from package.json (#530) (9ef3c32)

🩹 Fixes

  • Allow leading forwardslash in package.json "files" field (#534) (#535) (5fde036)
  • no-extraneous-import for type-only @​types dependencies (#533) (63a90ef)
  • prefer-promises/fs: add missing fs.promises APIs (cp, glob, lutimes, opendir, rm, statfs) (#532) (75fbe34)

📚 Documentation

  • fix usage in README.md (c1b1b84)
  • Update online playground link in README (058916a)
Commits
  • fc70bdf chore(master): release 18.1.0 (#528)
  • fd4f84e feat: Allow workspace root dependencies for no-extraneous-import (#536)
  • 5fde036 fix: Allow leading forwardslash in package.json "files" field (#534) (#535)
  • 63a90ef fix: no-extraneous-import for type-only @​types dependencies (#533)
  • 75fbe34 fix(prefer-promises/fs): add missing fs.promises APIs (cp, glob, lutimes, ope...
  • 058916a docs: Update online playground link in README
  • 9ef3c32 feat: support devEngines.runtime from package.json (#530)
  • c1b1b84 docs: fix usage in README.md
  • See full diff in compare view

Updates js-yaml from 4.1.1 to 4.2.0

Changelog

Sourced from js-yaml's changelog.

[4.2.0] - 2026-06-01

Added

  • Added docs/safety.md with notes about processing untrusted YAML.
  • Added maxDepth (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.
  • Added maxMergeSeqLength (20) loader option. Not a problem after merge fix, but an additional restriction for safety.
  • Added sourcemaps to dist/ builds.

Changed

  • Stop resolving numbers with underscores as numeric scalars, #627.
  • Switched dev toolchains to Vite / neostandard.
  • Updated demo.
  • Reorganized tests.
  • dist/ files are no longer kept in the repository.

Fixed

  • Fix parsing of properties on the first implicit block mapping key, #62.
  • Fix trailing whitespace handling when folding flow scalar lines, #307.
  • Reject top-level block scalars without content indentation, #280.
  • Ensure numbers survive round-trip, #737.
  • Fix test coverage for issue #221.
  • Fix flow scalar trailing whitespace folding, #307.
  • Fix digits in YAML named tag handles.

Security

  • Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).

[3.14.2] - 2025-11-15

Security

  • Backported v4.1.1 fix to v3
Commits

Updates prettier from 3.8.3 to 3.8.4

Release notes

Sourced from prettier's releases.

3.8.4

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

<!-- Input -->
- a


b


c

d



<!-- Prettier 3.8.3 -->

a

b


c

d



<!-- Prettier 3.8.4 -->


a

b



c

d
Commits
  • 1c6ba55 Release 3.8.4
  • 4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
  • 074aaed Replace main branch in changelog link with tags (#19054)
  • c22a003 Bump Prettier dependency to 3.8.3
  • 07bad1f Clean changelog_unreleased
  • See full diff in compare view

Updates react from 19.2.6 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.


Updates @types/react from 19.2.15 to 19.2.17

Commits

Updates react-dom from 19.2.6 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.


Updates @types/react from 19.2.15 to 19.2.17

Commits

Updates dompurify from 3.4.7 to 3.4.8

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.8

  • Cleaned up the repository root, renamed some and removed unneeded files
  • Fixed an issue with handling of Trusted Types policies, thanks @​fulstadev
  • Fixed the node iterator for better template scrubbing, thanks @​IamLeandrooooo
  • Included formerly missing LICENSE-MPL in published npm package, thanks @​asamuzaK
  • Bumped several dependencies where possible
Commits

Updates @types/aws-lambda from 8.10.161 to 8.10.162

Commits

Updates wrangler from 4.95.0 to 4.99.0

Release notes

Sourced from wrangler's releases.

wrangler@4.99.0

Minor Changes

  • #14169 0706fbf Thanks @​edmundhung! - Introduce createTestHarness() for integration testing Workers

    It runs Workers in a local preview environment using production build output and works with both Wrangler projects and Workers built by the Cloudflare Vite plugin.

    Use it from any Node.js test runner to send requests to individual Workers, trigger scheduled events, reset the server between tests, and mock outbound requests with libraries that intercept globalThis.fetch(), such as MSW.

    You can also capture structured logs from your Workers with getLogs(), or dump out a diagnostic timeline with debug() when tests fail:

    import { createTestHarness } from "wrangler";
const server = createTestHarness({
workers: [
{ configPath: "./dist/web_worker/wrangler.json" },
{ configPath: "./dist/api_worker/wrangler.json" },
],
});
await server.listen();
await server.fetch("http://example.com");
const apiWorker = server.getWorker("api-worker");
await apiWorker.fetch("http://example.com/users/123");
await apiWorker.scheduled({ cron: "0 0 * * *" });
server.getLogs();
if (testFailed) {
server.debug();
}
await server.reset();
await server.close();

  • #14174 8cf8c61 Thanks @​oliy! - Surface pipeline status and failure reasons in wrangler pipelines list and wrangler pipelines get

    wrangler pipelines list now includes a Status column, and when any pipelines are in a failed state it prints a summary of each failing pipeline along with the reason reported by the API.

    wrangler pipelines get now shows the pipeline Status in the general details and, for failed pipelines, highlights the failure with the reason returned by the server so it is clear why a pipeline is not running.

  • #14211 a61ac29 Thanks @​james-elicx! - Add --version-tag support to wrangler versions deploy to deploy a version by its tag

    You can now roll out or roll back a version by the tag it was uploaded with (e.g. a commit SHA passed to --tag at upload time) instead of first looking up its Version ID:

    wrangler versions deploy --version-tag <sha>@100%

... (truncated)

Commits
  • 8a4bfe5 Version Packages (#14179)
  • f8d7700 feat(wrangler): capture runtime logs and print debug timelines with `createTe...
  • 4bb572f Bump the workerd-and-workers-types group with 2 updates (#14231)
  • dcd116a feat(wrangler): improve createTestHarness() configuration setup (#14227)
  • 75e652a Revert "Make Ctrl+C triggered during the skills-install prompt dismiss it per...
  • e13b8c0 [C3] Bump @​angular/create from 21.2.13 to 22.0.0 in /packages/create-cloudfla...
  • a61ac29 [wrangler] Add --version-tag support to versions deploy (#14211)
  • 24497d0 Bump the workerd-and-workers-types group with 2 updates (#14217)
  • 0706fbf feat(wrangler): createTestHarness API (#14169)
  • 8923f97 Preserve all deployment-affecting CLI flags in the interactive deploy config ...
  • Additional commits viewable in compare view

Updates start-server-and-test from 3.0.5 to 3.0.9

Release notes

Sourced from start-server-and-test's releases.

v3.0.9

3.0.9 (2026-06-09)

Bug Fixes

v3.0.8

3.0.8 (2026-06-05)

Bug Fixes

v3.0.7

3.0.7 (2026-06-04)

Bug Fixes

v3.0.6

3.0.6 (2026-06-02)

Bug Fixes

  • deps: remove bluebird and use native Promise (#467) (c748117)
Commits
  • 5df0c8f fix: normalize package.json with npm 11 (#481)
  • a54ba5b fix: make npm scripts cross-platform (#477)
  • fd6d077 docs: README cleanup and tweaks (#478)
  • d958d5a chore(deps): upgrade major devDependencies (#476)
  • c138a9d fix(deps): update lazy-ass to v2 (#474)
  • 301399e test: fix typos, wrong assertion, and placeholder test (#473)
  • 93f02cf chore(ci): drop Node.js 25 from tests (#471)
  • c748117 fix(deps): remove bluebird and use native Promise (#467)
  • a5e1cfb chore: add .gitattributes to enforce LF line endings (#468)
  • 719581b chore(deps): add minimum release age for installation / updating (#470)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the actions-deps group across 1 directory with 11 updates
2b1d223 
Bumps the actions-deps group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.1` | `25.9.2` |
| [eslint-plugin-n](https://github.com/eslint-community/eslint-plugin-n) | `18.0.1` | `18.1.0` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.2.0` |
| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.6` | `19.2.7` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.15` | `19.2.17` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.6` | `19.2.7` |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.7` | `3.4.8` |
| [@types/aws-lambda](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/aws-lambda) | `8.10.161` | `8.10.162` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.95.0` | `4.99.0` |
| [start-server-and-test](https://github.com/bahmutov/start-server-and-test) | `3.0.5` | `3.0.9` |



Updates `@types/node` from 25.9.1 to 25.9.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `eslint-plugin-n` from 18.0.1 to 18.1.0
- [Release notes](https://github.com/eslint-community/eslint-plugin-n/releases)
- [Changelog](https://github.com/eslint-community/eslint-plugin-n/blob/master/CHANGELOG.md)
- [Commits](eslint-community/eslint-plugin-n@v18.0.1...v18.1.0)

Updates `js-yaml` from 4.1.1 to 4.2.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/commits)

Updates `prettier` from 3.8.3 to 3.8.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.3...3.8.4)

Updates `react` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react)

Updates `@types/react` from 19.2.15 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `react-dom` from 19.2.6 to 19.2.7
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.7/packages/react-dom)

Updates `@types/react` from 19.2.15 to 19.2.17
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `dompurify` from 3.4.7 to 3.4.8
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.4.7...3.4.8)

Updates `@types/aws-lambda` from 8.10.161 to 8.10.162
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/aws-lambda)

Updates `wrangler` from 4.95.0 to 4.99.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.99.0/packages/wrangler)

Updates `start-server-and-test` from 3.0.5 to 3.0.9
- [Release notes](https://github.com/bahmutov/start-server-and-test/releases)
- [Commits](bahmutov/start-server-and-test@v3.0.5...v3.0.9)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.9.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: eslint-plugin-n
  dependency-version: 18.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: js-yaml
  dependency-version: 4.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: prettier
  dependency-version: 3.8.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: react
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: react-dom
  dependency-version: 19.2.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: "@types/react"
  dependency-version: 19.2.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: dompurify
  dependency-version: 3.4.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: "@types/aws-lambda"
  dependency-version: 8.10.162
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: wrangler
  dependency-version: 4.99.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: start-server-and-test
  dependency-version: 3.0.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies javascript Pull requests that update Javascript code labels Jun 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants