Bump jest-environment-jsdom/~30.3.0#5739
Open
cmalonzo wants to merge 6 commits intomicrosoft:mainfrom
Open
Conversation
cmalonzo
requested review from
apostolisms,
bmiddha,
dmichon-msft,
iclanton,
jxanthony and
octogonz
as code owners
cmalonzo
changed the title
cmalonzo
changed the title
cmalonzo
force-pushed
the
jest-environment-jsdom/30.3.0
branch
from
901f12c to
3add7f1
Compare
cmalonzo
commented
Apr 2, 2026
| @@ -1,4 +1,4 @@ | |||
| // Jest Snapshot v1, https://goo.gl/fbAQLP | |||
cmalonzo
commented
Apr 2, 2026
| @@ -1,4 +1,4 @@ | |||
| // Jest Snapshot v1, https://goo.gl/fbAQLP | |||
cmalonzo
commented
Apr 2, 2026
| "toolPackages": [ | ||
| { | ||
| "packageName": "@microsoft/api-extractor", | ||
| "packageVersion": "7.57.7" |
Contributor
Author
There was a problem hiding this comment.
probably also undo?
cmalonzo
commented
Apr 2, 2026
| @@ -1,4 +1,4 @@ | |||
| // Jest Snapshot v1, https://goo.gl/fbAQLP | |||
Contributor
Author
There was a problem hiding this comment.
Undo change, same url
| @@ -1,4 +1,4 @@ | |||
| // Jest Snapshot v1, https://goo.gl/fbAQLP | |||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bump jest-environment-jsdom to 30.3.0
Addresses: CVE GHSA-vpq2-c234-7xj6
Summary
Upgrades all Jest-related dependencies from ~29.5.0 to ~30.3.0 across heft-jest-plugin and the associated rig packages. This brings in jest-environment-jsdom 30.3.0, which ships with jsdom 26 instead of jsdom 21.
Package version bumps
@jest/core,@jest/reporters,@jest/transform~29.5.0~30.3.0jest-config,jest-resolve,jest-snapshot~29.5.0~30.3.0jest-environment-jsdom~29.5.0~30.3.0jest-environment-node~29.5.0~30.3.0Affected packages: @rushstack/heft-jest-plugin, @rushstack/heft-web-rig, @rushstack/heft-node-rig, @rushstack/heft-vscode-extension-rig, heft-jest-preset-test, heft-jest-reporters-test.
Removed: punycode injection workaround
The previous release added patched-jest-environment-jsdom.ts, which injected the punycode npm package into Node's module cache on Node ≥ 22 to suppress DEP0040 deprecation warnings. This was needed because jsdom 21 → whatwg-url → tr46 called require('punycode') (the deprecated built-in).
jsdom 26 no longer triggers DEP0040. The tr46 dependency was updated in an earlier jsdom release to use require('punycode/') (trailing slash), which resolves the npm userland package instead of the deprecated Node.js built-in. Verified by running jsdom instantiation with --trace-deprecation on Node 24 — no DEP0040 warning fires.
As a result:
Breaking changes for consumers
Jest 30 introduces several breaking changes that consumers upgrading to this version of heft-jest-plugin should be aware of: