Routine dep-update-scan (2026-05-24) flagged outdated dependencies on this repo. npm audit is clean.
Outdated packages
@e4a/pg-js: 1.8.0 → 1.10.0
Single minor bump. Verify docs build still passes after the bump.
Worker instructions
Before bumping anything:
- Pull the repo and check the lockfile + recent
git log on main — many of these may have already been resolved.
- For each package in the list below, grep the source tree (excluding manifest/lockfile) to confirm the package is actually imported. If a package is unused, open a removal PR for it instead of a bump.
- Apply bumps in this order: security advisories → patch/minor → majors. Use one branch per coherent area.
- Build and run the full test suite. If there's no test suite, note "no tests to verify" in the PR body.
- Open a draft PR with title
chore: update dependencies (or chore(security): ... if security-driven). PR body should use Closes #<this-issue>.
- After CI passes:
gh pr ready <num>. If the repo has no CI workflow, open ready from the start.
- Add reviewer:
--add-reviewer rubenhensen.
Conventions:
- Conventional-commit PR title (
chore:, fix:, feat:).
- If a bump turns out to be a no-op (already on
main), close the issue with evidence (commit/PR hash) — do not ship an empty PR.
/dobby
Routine
dep-update-scan(2026-05-24) flagged outdated dependencies on this repo.npm auditis clean.Outdated packages
@e4a/pg-js: 1.8.0 → 1.10.0Single minor bump. Verify docs build still passes after the bump.
Worker instructions
Before bumping anything:
git logonmain— many of these may have already been resolved.chore: update dependencies(orchore(security): ...if security-driven). PR body should useCloses #<this-issue>.gh pr ready <num>. If the repo has no CI workflow, open ready from the start.--add-reviewer rubenhensen.Conventions:
chore:,fix:,feat:).main), close the issue with evidence (commit/PR hash) — do not ship an empty PR./dobby