Skip to content

🆙 npm(deps): Bump the npm group across 1 directory with 7 updates#168

Open
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/npm_and_yarn/npm-5fbd7c79bd
Open

🆙 npm(deps): Bump the npm group across 1 directory with 7 updates#168
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/npm_and_yarn/npm-5fbd7c79bd

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps the npm group with 7 updates in the / directory:

Package From To
@actions/core 2.0.1 3.0.0
@actions/github 6.0.1 9.0.0
eslint 9.36.0 10.1.0
eslint-plugin-prettier 5.5.4 5.5.5
lint-staged 16.2.7 16.4.0
proxy-agent 6.5.0 8.0.0
rimraf 6.1.2 6.1.3

Updates @actions/core from 2.0.1 to 3.0.0

Changelog

Sourced from @​actions/core's changelog.

3.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()

2.0.3

  • Bump @actions/http-client to 3.0.2
Commits

Updates @actions/github from 6.0.1 to 9.0.0

Changelog

Sourced from @​actions/github's changelog.

9.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()
    • Example: const { getOctokit, context } = await import('@actions/github')
  • Fix TypeScript compilation by migrating to ESM, enabling proper imports from @octokit/core/types

8.0.1

  • Update undici to 6.23.0
  • Update @actions/http-client to 3.0.2

8.0.0

  • Update @​octokit dependencies
    • @octokit/core ^7.0.6
    • @octokit/plugin-paginate-rest ^14.0.0
    • @octokit/plugin-rest-endpoint-methods ^17.0.0
    • @octokit/request ^10.0.7
    • @octokit/request-error ^7.1.0
  • Breaking change: Minimum Node.js version is now 20 (previously 18)

7.0.0

  • Update to v3.0.1 of @actions/http-client
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​actions/github since your current version.


Updates eslint from 9.36.0 to 10.1.0

Release notes

Sourced from eslint's releases.

v10.1.0

Features

  • ff4382b feat: apply fix for no-var in TSModuleBlock (#20638) (Tanuj Kanti)
  • 0916995 feat: Implement api support for bulk-suppressions (#20565) (Blake Sager)

Bug Fixes

  • 2b8824e fix: Prevent no-var autofix when a variable is used before declaration (#20464) (Amaresh S M)
  • e58b4bf fix: update eslint (#20597) (renovate[bot])

Documentation

  • b7b57fe docs: use correct JSDoc link in require-jsdoc.md (#20641) (mkemna-clb)
  • 58e4cfc docs: add deprecation notice partial (#20639) (Milos Djermanovic)
  • 7143dbf docs: update v9 migration guide for @eslint/js usage (#20540) (fnx)
  • 035fc4f docs: note that globalReturn applies only with sourceType: "script" (#20630) (Milos Djermanovic)
  • e972c88 docs: merge ESLint option descriptions into type definitions (#20608) (Francesco Trotta)
  • 7f10d84 docs: Update README (GitHub Actions Bot)
  • aeed007 docs: open playground link in new tab (#20602) (Tanuj Kanti)
  • a0d1a37 docs: Add AI Usage Policy (#20510) (Nicholas C. Zakas)

Chores

  • a9f9cce chore: update dependency eslint-plugin-unicorn to ^63.0.0 (#20584) (Milos Djermanovic)
  • 1f42bd7 chore: update prettier to 3.8.1 (#20651) (루밀LuMir)
  • c0a6f4a chore: update dependency @​eslint/json to ^1.2.0 (#20652) (renovate[bot])
  • cc43f79 chore: update dependency c8 to v11 (#20650) (renovate[bot])
  • 2ce4635 chore: update dependency @​eslint/json to v1 (#20649) (renovate[bot])
  • f0406ee chore: update dependency markdownlint-cli2 to ^0.21.0 (#20646) (renovate[bot])
  • dbb4c95 chore: remove trunk (#20478) (sethamus)
  • c672a2a test: fix CLI test for empty output file (#20640) (kuldeep kumar)
  • c7ada24 ci: bump pnpm/action-setup from 4.3.0 to 4.4.0 (#20636) (dependabot[bot])
  • 07c4b8b test: fix RuleTester test without test runners (#20631) (Francesco Trotta)
  • 079bba7 test: Add tests for isValidWithUnicodeFlag (#20601) (Manish chaudhary)
  • 5885ae6 ci: unpin Node.js 25.x in CI (#20615) (Copilot)
  • f65e5d3 chore: update pnpm/action-setup digest to b906aff (#20610) (renovate[bot])

v10.0.3

Bug Fixes

  • e511b58 fix: update eslint (#20595) (renovate[bot])
  • f4c9cf9 fix: include variable name in no-useless-assignment message (#20581) (sethamus)
  • ee9ff31 fix: update dependency minimatch to ^10.2.4 (#20562) (Milos Djermanovic)

Documentation

  • 9fc31b0 docs: Update README (GitHub Actions Bot)
  • 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570) (DesselBane)
  • 23b2759 docs: add v10 migration guide link to Use docs index (#20577) (Pixel998)
  • 80259a9 docs: Remove deprecated eslintrc documentation files (#20472) (Copilot)
  • 9b9b4ba docs: fix typo in no-await-in-loop documentation (#20575) (Pixel998)
  • e7d72a7 docs: document TypeScript 5.3 minimum supported version (#20547) (sethamus)

Chores

  • ef8fb92 chore: package.json update for eslint-config-eslint release (Jenkins)

... (truncated)

Commits

Updates eslint-plugin-prettier from 5.5.4 to 5.5.5

Release notes

Sourced from eslint-plugin-prettier's releases.

v5.5.5

Patch Changes

Changelog

Sourced from eslint-plugin-prettier's changelog.

5.5.5

Patch Changes

Commits
  • e2c154a chore: release eslint-plugin-prettier (#773)
  • 6795c1a build(deps): Bump the actions group across 1 directory with 2 updates (#774)
  • 77651a3 fix: bump synckit for yarn PnP ESM issue (#776)
  • 7264ed0 chore: bump prettier-linter-helpers to v1.0.1 (#772)
  • e11a5b7 build(deps): Bump the actions group across 1 directory with 3 updates (#769)
  • befda88 ci: enable trusted publishing (#757)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-prettier since your current version.


Updates lint-staged from 16.2.7 to 16.4.0

Release notes

Sourced from lint-staged's releases.

v16.4.0

Minor Changes

v16.3.4

Patch Changes

v16.3.3

Patch Changes

  • #1740 0109e8d Thanks @​iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.

v16.3.2

Patch Changes

  • #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

v16.3.1

Patch Changes

  • #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

v16.3.0

Minor Changes

  • #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

  • #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

  • #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.
Changelog

Sourced from lint-staged's changelog.

16.4.0

Minor Changes

16.3.4

Patch Changes

16.3.3

Patch Changes

  • #1740 0109e8d Thanks @​iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.

16.3.2

Patch Changes

  • #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

16.3.1

Patch Changes

  • #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

16.3.0

Minor Changes

  • #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

  • #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

  • #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.
Commits
  • 445f9dd chore(changeset): release
  • d91be60 docs: update readme to use picomatch
  • b392a9f refactor: extract matchFiles and add unit tests
  • 687fc90 refactor: replace micromatch with picomatch
  • 26dadf9 chore(changeset): release
  • 9d6e827 build(deps): update dependencies
  • 8aea986 chore(changeset): release
  • 0109e8d fix: strip Git CRLF warning from output
  • dfd6a7a chore(changeset): release
  • 2adaf6c fix(Windows): do not spawn tasks as detached since it opens a cmd window on ...
  • Additional commits viewable in compare view

Updates proxy-agent from 6.5.0 to 8.0.0

Release notes

Sourced from proxy-agent's releases.

proxy-agent@8.0.0

Major Changes

  • 7d12b51: Set minimum Node.js version to 20

Patch Changes

  • 0e639d4: chore: update proxy-from-env to fix DEP0169
  • 7ca27d0: Simplify package.json exports to remove unnecessary imports restriction
  • Updated dependencies [ca12148]
  • Updated dependencies [7d12b51]
  • Updated dependencies [7ca27d0]
    • agent-base@9.0.0
    • http-proxy-agent@9.0.0
    • https-proxy-agent@9.0.0
    • pac-proxy-agent@9.0.0
    • socks-proxy-agent@10.0.0

proxy-agent@7.0.0

Major Changes

  • 9c92c09: Convert to ESM. All packages now use "type": "module" and compile to ESM output instead of CommonJS.

Patch Changes

  • Updated dependencies [9c92c09]
  • Updated dependencies [b1509d8]
    • agent-base@8.0.0
    • http-proxy-agent@8.0.0
    • https-proxy-agent@8.0.0
    • socks-proxy-agent@9.0.0
    • pac-proxy-agent@8.0.0
Changelog

Sourced from proxy-agent's changelog.

8.0.0

Major Changes

  • 7d12b51: Set minimum Node.js version to 20

Patch Changes

  • 0e639d4: chore: update proxy-from-env to fix DEP0169
  • 7ca27d0: Simplify package.json exports to remove unnecessary imports restriction
  • Updated dependencies [ca12148]
  • Updated dependencies [7d12b51]
  • Updated dependencies [7ca27d0]
    • agent-base@9.0.0
    • http-proxy-agent@9.0.0
    • https-proxy-agent@9.0.0
    • pac-proxy-agent@9.0.0
    • socks-proxy-agent@10.0.0

7.0.0

Major Changes

  • 9c92c09: Convert to ESM. All packages now use "type": "module" and compile to ESM output instead of CommonJS.

Patch Changes

  • Updated dependencies [9c92c09]
  • Updated dependencies [b1509d8]
    • agent-base@8.0.0
    • http-proxy-agent@8.0.0
    • https-proxy-agent@8.0.0
    • socks-proxy-agent@9.0.0
    • pac-proxy-agent@8.0.0
Commits
  • af317e0 Version Packages (#397)
  • 7ca27d0 Simplify package.json exports to remove unnecessary imports restriction (#408)
  • 0e639d4 chore: update proxy-from-env (#400)
  • 7d12b51 Set minimum Node.js version to 20 and add Node 24.x to CI matrix
  • 8dcdac8 Version Packages (#395)
  • 5d3f71a Use pnpm catalog: for shared dependencies
  • 77da068 Use workspace:* for inter-repo dependencies
  • 549af5e Fix pre-existing test issues exposed by vitest migration
  • 9c92c09 Convert all packages to ESM with type: module
  • 0b77ac7 Migrate from Jest to Vitest
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for proxy-agent since your current version.


Updates rimraf from 6.1.2 to 6.1.3

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot requested review from a team and stoe as code owners April 1, 2026 13:05
@dependabot
🆙 npm(deps): Bump the npm group across 1 directory with 7 updates
0186381 
Bumps the npm group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `2.0.1` | `3.0.0` |
| [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) | `6.0.1` | `9.0.0` |
| [eslint](https://github.com/eslint/eslint) | `9.36.0` | `10.1.0` |
| [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) | `5.5.4` | `5.5.5` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.2.7` | `16.4.0` |
| [proxy-agent](https://github.com/TooTallNate/proxy-agents/tree/HEAD/packages/proxy-agent) | `6.5.0` | `8.0.0` |
| [rimraf](https://github.com/isaacs/rimraf) | `6.1.2` | `6.1.3` |



Updates `@actions/core` from 2.0.1 to 3.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@actions/github` from 6.0.1 to 9.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

Updates `eslint` from 9.36.0 to 10.1.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.36.0...v10.1.0)

Updates `eslint-plugin-prettier` from 5.5.4 to 5.5.5
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v5.5.4...v5.5.5)

Updates `lint-staged` from 16.2.7 to 16.4.0
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.2.7...v16.4.0)

Updates `proxy-agent` from 6.5.0 to 8.0.0
- [Release notes](https://github.com/TooTallNate/proxy-agents/releases)
- [Changelog](https://github.com/TooTallNate/proxy-agents/blob/main/packages/proxy-agent/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/proxy-agents/commits/proxy-agent@8.0.0/packages/proxy-agent)

Updates `rimraf` from 6.1.2 to 6.1.3
- [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md)
- [Commits](isaacs/rimraf@v6.1.2...v6.1.3)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@actions/github"
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: eslint
  dependency-version: 10.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: eslint-plugin-prettier
  dependency-version: 5.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: lint-staged
  dependency-version: 16.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: proxy-agent
  dependency-version: 8.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: rimraf
  dependency-version: 6.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm-5fbd7c79bd branch from 7105a69 to 0186381 Compare April 9, 2026 16:23
@stoe stoe enabled auto-merge (squash) April 9, 2026 16:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stoe stoe stoe approved these changes

Assignees

No one assigned

Labels

dependency 🤖

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@stoe