Skip to content

Bump the production-dependencies group with 5 updates #497

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bgentry merged 2 commits into from
Feb 2, 2026
Merged

Bump the production-dependencies group with 5 updates #497

bgentry merged 2 commits into from
Feb 2, 2026
+42 −31

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026
edited
Loading

Bumps the production-dependencies group with 5 updates:

Package From To
@dagrejs/dagre 1.1.8 2.0.3
@nanostores/persistent 1.2.0 1.3.0
react 19.2.3 19.2.4
react-dom 19.2.3 19.2.4
zod 4.3.5 4.3.6

Updates @dagrejs/dagre from 1.1.8 to 2.0.3

Release notes

Sourced from @​dagrejs/dagre's releases.

v2.0.0

What's Changed

Updated the dependencies to remove or replace Bower, Karma, JSHint and dependent libraries.

The old IIFE style library, for loading as a script tag and including dagre in the global namespace is available in the dagre[.min].js files.

A new import style library is available at dagre.esm.js

Full Changelog: dagrejs/dagre@v1.1.8...v2.0.0

Commits
  • 0860d3f Bumping for release
  • ba98666 Building and bumping version for release
  • fff4e53 Merge pull request #502 from dagrejs/sug
  • 43e6ef9 Using the suggested graphlib export
  • 7b05105 Merge pull request #500 from dagrejs/exim
  • c3fc65d Using export import for the Graphlib graph in the .d.ts file
  • 6d6b936 Bump version and set as pre-release
  • 3df8bb2 Bumping version for release
  • 2cd654d Using a class again so the constructor is available
  • 3a70d14 Lint
  • Additional commits viewable in compare view

Updates @nanostores/persistent from 1.2.0 to 1.3.0

Release notes

Sourced from @​nanostores/persistent's releases.

1.3.0

1.2.1

  • Fixed keeping user’s value after changes default value by not removing key (by @​d8corp).
  • Initialize store as soon as possible (by @​d8corp).
Changelog

Sourced from @​nanostores/persistent's changelog.

1.3.0

1.2.1

  • Fixed keeping user’s value after changes default (by @​d8corp).
  • Initialize store as soon as possible (by @​d8corp).
Commits
  • 1f03654 Release 1.3.0 version
  • 61e2d4e Add missed author of the changes
  • 51ba2da Update dependencies
  • a6d3bd3 Group all tests
  • e9e6d63 Clean up docs
  • 82a7ed2 Merge pull request #62 from d8corp/add_persistent_json
  • e0c7288 Fix size limit
  • efde1a0 Move persistentJSON tests, add persistentJSON to readme, fix linting.
  • 8c37b4c Fix persistentJSON tests
  • d8d464e Merge branch 'main' into add_persistent_json
  • Additional commits viewable in compare view

Updates react from 19.2.3 to 19.2.4

Release notes

Sourced from react's releases.

19.2.4 (January 26th, 2026)

React Server Components

Commits

Updates react-dom from 19.2.3 to 19.2.4

Release notes

Sourced from react-dom's releases.

19.2.4 (January 26th, 2026)

React Server Components

Commits

Updates zod from 4.3.5 to 4.3.6

Release notes

Sourced from zod's releases.

v4.3.6

Commits:

  • 9977fb0868432461de265a773319e80a90ba3e37 Add brand.dev to sponsors
  • f4b7bae3468f6188b8f004e007d722148fc91d77 Update pullfrog.yml (#5634)
  • 251d7163a0ac7740fee741428d913e3c55702ace Clean up workflow_call
  • edd4132466da0f5065a8e051b599d01fdd1081d8 fix: add missing User-agent to robots.txt and allow all (#5646)
  • 85db85e9091d0706910d60c7eb2e9c181edd87bd fix: typo in codec.test.ts file (#5628)
  • cbf77bb12bdfda2e054818e79001f5cb3798ce76 Avoid non null assertion (#5638)
  • dfbbf1c1ae0c224b8131d80ddf0a264262144086 Avoid re-exported star modules (#5656)
  • 762e911e5773f949452fd6dd4e360f2362110e8e Generalize numeric key handling
  • ca3c8629c0c2715571f70b44c2433cad3db7fe4e v4.3.6
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 1, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/production-dependencies-bf6baaeddf branch from bfc2c9c to 25583fe Compare February 1, 2026 21:04
@dependabot
Bump the production-dependencies group with 5 updates
980155c 
Bumps the production-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@dagrejs/dagre](https://github.com/dagrejs/dagre) | `1.1.8` | `2.0.3` |
| [@nanostores/persistent](https://github.com/nanostores/persistent) | `1.2.0` | `1.3.0` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.3` | `19.2.4` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.3` | `19.2.4` |
| [zod](https://github.com/colinhacks/zod) | `4.3.5` | `4.3.6` |


Updates `@dagrejs/dagre` from 1.1.8 to 2.0.3
- [Release notes](https://github.com/dagrejs/dagre/releases)
- [Commits](dagrejs/dagre@v1.1.8...v2.0.3)

Updates `@nanostores/persistent` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/nanostores/persistent/releases)
- [Changelog](https://github.com/nanostores/persistent/blob/main/CHANGELOG.md)
- [Commits](nanostores/persistent@1.2.0...1.3.0)

Updates `react` from 19.2.3 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react)

Updates `react-dom` from 19.2.3 to 19.2.4
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.4/packages/react-dom)

Updates `zod` from 4.3.5 to 4.3.6
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v4.3.5...v4.3.6)

---
updated-dependencies:
- dependency-name: "@dagrejs/dagre"
  dependency-version: 2.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: "@nanostores/persistent"
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: react
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: react-dom
  dependency-version: 19.2.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: zod
  dependency-version: 4.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/production-dependencies-bf6baaeddf branch from 25583fe to 980155c Compare February 2, 2026 01:31
@bgentry
Fix dagre alias for Vite bundling
1a709c9 
Use an absolute alias to the CJS build to avoid dynamic require errors
when Vite resolves dagre. This is required as of the dagre v2 release.
@bgentry bgentry enabled auto-merge (squash) February 2, 2026 01:47
@bgentry bgentry merged commit 4a1af83 into master Feb 2, 2026
21 checks passed
@bgentry bgentry deleted the dependabot/npm_and_yarn/production-dependencies-bf6baaeddf branch February 2, 2026 01:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bgentry bgentry bgentry approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bgentry