Skip to content

chore(deps): bump the production-dependencies group with 13 updates#97

Merged
jeandet merged 1 commit into
v4from
dependabot/npm_and_yarn/production-dependencies-35ae4a8cf9
Jul 6, 2026
Merged

chore(deps): bump the production-dependencies group with 13 updates#97
jeandet merged 1 commit into
v4from
dependabot/npm_and_yarn/production-dependencies-35ae4a8cf9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-dependencies group with 13 updates:

Package From To
@clack/prompts 1.6.0 1.7.0
@napi-rs/simple-git 0.1.22 1.0.0
globby 16.2.0 16.2.1
js-yaml 5.2.0 5.2.1
preact 10.29.3 10.29.4
rehype-pretty-code 0.14.3 0.14.4
sharp 0.35.2 0.35.3
shiki 4.3.0 4.3.1
toml 4.1.1 4.1.2
workerpool 10.0.2 10.0.3
@types/node 26.0.1 26.1.0
prettier 3.9.1 3.9.4
tsx 4.22.4 4.23.0

Updates @clack/prompts from 1.6.0 to 1.7.0

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

Changelog

Sourced from @​clack/prompts's changelog.

1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

Commits

Updates @napi-rs/simple-git from 0.1.22 to 1.0.0

Release notes

Sourced from @​napi-rs/simple-git's releases.

v1.0.0

What's Changed

Full Changelog: Brooooooklyn/simple-git@v0.1.22...v1.0.0

Commits
  • 1936655 1.0.0
  • 2020413 feat!: API 1.0 breaking sweep (number bitflags, Date times, async I/O, fixes)...
  • 4059105 chore(deps): lock file maintenance (#144)
  • 4cdc016 feat: git feature suite (status, config, push, index/commit, blame, branch/ch...
  • d700aa3 feat: file modification metadata (author + bulk) (#141)
  • b7fd088 chore(deps): update actions/checkout action to v7 (#137)
  • 61fe0ad chore(deps): update actions/cache action to v6 (#139)
  • efa01bc fix: adapt to git2 0.21 string accessor API changes (#140)
  • 4a37dac chore(deps): update cross-platform-actions/action action to v1.3.0 (#138)
  • b660584 chore(deps): update yarn monorepo to v4.17.0 (#136)
  • Additional commits viewable in compare view

Updates globby from 16.2.0 to 16.2.1

Release notes

Sourced from globby's releases.

v16.2.1

  • Fix gitignore ignoring an entire checkout under an anchored ancestor path (#277) e7bd988

sindresorhus/globby@v16.2.0...v16.2.1

Commits
  • 47e7f65 16.2.1
  • e7bd988 Fix gitignore ignoring an entire checkout under an anchored ancestor path (...
  • See full diff in compare view

Updates js-yaml from 5.2.0 to 5.2.1

Changelog

Sourced from js-yaml's changelog.

[5.2.1] - 2026-07-02

Fixed

  • Add Map support to !!omap (should work when realMapTag used)

Security

  • Remove quadratic complexity from !!omap addItem. Regression from v5 (usually not critical, because YAML11_SCHEMA is not default anymore).

4.3.0, 3.15.0 - 2026-06-27

Security

  • Backported maxTotalMergeKeys option.
Commits

Updates preact from 10.29.3 to 10.29.4

Release notes

Sourced from preact's releases.

10.29.4

Fixes

Commits
  • 707884c Merge pull request #5136 from preactjs/10.29.4
  • 0e6a253 10.29.4
  • 174d345 Merge pull request #5135 from preactjs/fix-preact-suspense
  • 8d20635 Revert "Fix useId stability across async Suspense (#5108)"
  • 893845a Merge pull request #5134 from preactjs/patch-crashing-at-suspense-bail
  • c3b4f0f Fix hydration-suspense crash due to sCU bailout
  • See full diff in compare view

Updates rehype-pretty-code from 0.14.3 to 0.14.4

Release notes

Sourced from rehype-pretty-code's releases.

rehype-pretty-code@0.14.4

Patch Changes

  • fix: prevent an infinite loop in inline character highlighting when a pattern matches text that spans multiple syntax tokens and occurs more than once on the same line (#185)
Changelog

Sourced from rehype-pretty-code's changelog.

0.14.4

Patch Changes

  • fix: prevent an infinite loop in inline character highlighting when a pattern matches text that spans multiple syntax tokens and occurs more than once on the same line (#185)
Commits

Updates sharp from 0.35.2 to 0.35.3

Release notes

Sourced from sharp's releases.

v0.35.3

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

  • Improve code bundler support by resolving path to libvips binary.

  • Increase default concurrency when use of MALLOC_ARENA_MAX is detected.

  • Emit warning about binaries provided by Electron for use on Linux.

  • Add hasAlpha property to output info. #4500

  • TypeScript: Return more precise Buffer<ArrayBuffer> from toBuffer. #4520 @​Andarist

  • Bound clahe width and height to avoid signed overflow. #4551 @​metsw24-max

  • Bound trim margin to avoid signed overflow. #4552 @​metsw24-max

  • Reject infinite values when validating numbers. #4553 @​metsw24-max

  • Bound extract region to libvips coordinate limit. #4555 @​metsw24-max

  • Verify background colour values are numbers. #4556 @​metsw24-max

  • Bound create and raw input dimensions to coordinate limit. #4558 @​metsw24-max

  • Tighten recomb and affine matrix verification. #4560 @​chatman-media

  • Verify cache memory limit to avoid overflow. #4561 @​metsw24-max

v0.35.3-rc.2

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

... (truncated)

Commits
  • 1018449 Release v0.35.3
  • ba303a7 Prerelease v0.35.3-rc.2
  • 4f94fc5 Upgrade to sharp-libvips v1.3.2
  • c5e7a3f Bump devDeps, fix Deno/Windows smoke tests
  • 9a8d002 Docs: Add changelog entry and note about transferable #4520
  • 8694db0 TypeScript: Return more precise Buffer\<ArrayBuffer> from toBuffer (#4520)
  • e000d0b Prerelease v0.35.3-rc.1
  • 9554ca9 Prerelease v0.35.3-rc.0
  • 6a29fd5 Emit warning about native binaries on Linux Electron
  • 540d2ea Increase default concurrency when use of MALLOC_ARENA_MAX detected
  • Additional commits viewable in compare view

Updates shiki from 4.3.0 to 4.3.1

Release notes

Sourced from shiki's releases.

v4.3.1

   🚀 Features

    View changes on GitHub
Commits

Updates toml from 4.1.1 to 4.1.2

Changelog

Sourced from toml's changelog.

4.1.2 - June 30 2026

Commits

Updates workerpool from 10.0.2 to 10.0.3

Changelog

Sourced from workerpool's changelog.

2026-07-01, version 10.0.3

Commits
  • 601124c chore: publish v10.0.3
  • c783508 chore: update babel devDependencies
  • 628a468 chore: run CI testing on Node.js 26, drop testing on v20
  • c8d5253 chore: upgrade devDependencies (most notably TypeScript 6)
  • e7db6f8 chore: fix merge conflicts
  • d2ba424 Merge remote-tracking branch 'origin/master'
  • e65007b chore(deps-dev): bump webpack-dev-server in /examples/webpack5 (#565)
  • b95c37c chore: update HISTORY.md
  • 32747db fix: #548 treat worker as busy while cleaning up canceled task (#549)
  • 44ab043 fix: cleanup spellings, and comment errors.
  • Additional commits viewable in compare view

Updates @types/node from 26.0.1 to 26.1.0

Commits

Updates prettier from 3.9.1 to 3.9.4

Release notes

Sourced from prettier's releases.

3.9.4

  • Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

🔗 Changelog

3.9.3

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.9.4

diff

Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

<!-- Input -->
<FancyButton [label]="title">
  @content (icon) {
    <span>Icon!</span>
  }
  @content (description) {
    <span>Description text</span>
  }
  <span>Other children</span>
</FancyButton>
<!-- Prettier 3.9.3 -->
<FancyButton [label]="title">
@​content(icon) {
<span>Icon!</span>
}
@​content(description) {
<span>Description text</span>
}
<span>Other children</span>
</FancyButton>
<!-- Prettier 3.9.4 -->
<FancyButton [label]="title">
@​content (icon) {
<span>Icon!</span>
}
@​content (description) {
<span>Description text</span>
}
<span>Other children</span>
</FancyButton>

3.9.3

diff

Markdown: Fix unexpected removal of characters in liquid syntax (#19489 by @​seiyab)

</tr></table> 

... (truncated)

Commits
  • b693cb2 Release 3.9.4
  • 2e92ac0 Angular: Format @content(name) -> @content (name) to align with other blo...
  • abed2c2 Bump Prettier dependency to 3.9.3
  • 6cfbc00 Clean changelog_unreleased
  • 3732e1d Release 3.9.3
  • a74a7b0 Allow decorators to be used with declare on class fields (#19492)
  • bd9e11a Correct text identification in liquid syntax (#19489)
  • 269eee3 Bump Prettier dependency to 3.9.1
  • ec7ccd1 Clean changelog_unreleased
  • See full diff in compare view

Updates tsx from 4.22.4 to 4.23.0

Release notes

Sourced from tsx's releases.

v4.23.0

4.23.0 (2026-07-03)

Bug Fixes

Features


This release is also available on:

v4.22.5

4.22.5 (2026-07-02)

Bug Fixes

  • isolate hook state per async module.register() registration (a305f36)

This release is also available on:

Commits
  • 1dfad37 docs: cite esbuild's extension-resolution model in node notes
  • 257bbbb fix: avoid redundant filesystem probes during module resolution
  • c178197 feat: add multi-scenario startup benchmark suite
  • 51800ac docs: add Node internals knowledge base (notes/node)
  • a305f36 fix: isolate hook state per async module.register() registration
  • ca501a9 chore: upgrade skills-npm to v1.2.0
  • 596cd1f test: cover __dirname, __filename, & require.cache in CJS TS file
  • 75d9bf0 test: lock in lenient ESM for ambiguous and CJS-typed packages
  • 1472f3e test: cover ESM-syntax dependency with omitted "type" field
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group with 13 updates:

| Package | From | To |
| --- | --- | --- |
| [@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts) | `1.6.0` | `1.7.0` |
| [@napi-rs/simple-git](https://github.com/Brooooooklyn/simple-git) | `0.1.22` | `1.0.0` |
| [globby](https://github.com/sindresorhus/globby) | `16.2.0` | `16.2.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `5.2.0` | `5.2.1` |
| [preact](https://github.com/preactjs/preact) | `10.29.3` | `10.29.4` |
| [rehype-pretty-code](https://github.com/rehype-pretty/rehype-pretty-code/tree/HEAD/packages/core) | `0.14.3` | `0.14.4` |
| [sharp](https://github.com/lovell/sharp) | `0.35.2` | `0.35.3` |
| [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) | `4.3.0` | `4.3.1` |
| [toml](https://github.com/BinaryMuse/toml-node) | `4.1.1` | `4.1.2` |
| [workerpool](https://github.com/josdejong/workerpool) | `10.0.2` | `10.0.3` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `26.0.1` | `26.1.0` |
| [prettier](https://github.com/prettier/prettier) | `3.9.1` | `3.9.4` |
| [tsx](https://github.com/privatenumber/tsx) | `4.22.4` | `4.23.0` |


Updates `@clack/prompts` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/bombshell-dev/clack/releases)
- [Changelog](https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md)
- [Commits](https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.7.0/packages/prompts)

Updates `@napi-rs/simple-git` from 0.1.22 to 1.0.0
- [Release notes](https://github.com/Brooooooklyn/simple-git/releases)
- [Commits](Brooooooklyn/simple-git@v0.1.22...v1.0.0)

Updates `globby` from 16.2.0 to 16.2.1
- [Release notes](https://github.com/sindresorhus/globby/releases)
- [Commits](sindresorhus/globby@v16.2.0...v16.2.1)

Updates `js-yaml` from 5.2.0 to 5.2.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@5.2.0...5.2.1)

Updates `preact` from 10.29.3 to 10.29.4
- [Release notes](https://github.com/preactjs/preact/releases)
- [Commits](preactjs/preact@10.29.3...10.29.4)

Updates `rehype-pretty-code` from 0.14.3 to 0.14.4
- [Release notes](https://github.com/rehype-pretty/rehype-pretty-code/releases)
- [Changelog](https://github.com/rehype-pretty/rehype-pretty-code/blob/master/packages/core/CHANGELOG.md)
- [Commits](https://github.com/rehype-pretty/rehype-pretty-code/commits/rehype-pretty-code@0.14.4/packages/core)

Updates `sharp` from 0.35.2 to 0.35.3
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.35.2...v0.35.3)

Updates `shiki` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/shikijs/shiki/releases)
- [Commits](https://github.com/shikijs/shiki/commits/v4.3.1/packages/shiki)

Updates `toml` from 4.1.1 to 4.1.2
- [Changelog](https://github.com/BinaryMuse/toml-node/blob/master/CHANGELOG.md)
- [Commits](BinaryMuse/toml-node@v4.1.1...v4.1.2)

Updates `workerpool` from 10.0.2 to 10.0.3
- [Changelog](https://github.com/josdejong/workerpool/blob/master/HISTORY.md)
- [Commits](josdejong/workerpool@v10.0.2...v10.0.3)

Updates `@types/node` from 26.0.1 to 26.1.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `prettier` from 3.9.1 to 3.9.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.9.1...3.9.4)

Updates `tsx` from 4.22.4 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.22.4...v4.23.0)

---
updated-dependencies:
- dependency-name: "@clack/prompts"
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@napi-rs/simple-git"
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: globby
  dependency-version: 16.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: js-yaml
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: preact
  dependency-version: 10.29.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: rehype-pretty-code
  dependency-version: 0.14.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: sharp
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: shiki
  dependency-version: 4.3.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: toml
  dependency-version: 4.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: workerpool
  dependency-version: 10.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: "@types/node"
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: prettier
  dependency-version: 3.9.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: tsx
  dependency-version: 4.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 6, 2026
@jeandet jeandet merged commit c1217a9 into v4 Jul 6, 2026
3 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/production-dependencies-35ae4a8cf9 branch July 6, 2026 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant