Skip to content

Bump the major group across 1 directory with 9 updates#11751

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/major-5df6cf4a91
Open

Bump the major group across 1 directory with 9 updates#11751
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/major-5df6cf4a91

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026

Bumps the major group with 9 updates in the / directory:

Package From To
i18next 25.8.14 26.0.8
i18next-http-backend 3.0.5 4.0.0
@eslint-react/eslint-plugin 3.0.0 5.7.2
@rspack/cli 1.7.7 2.0.1
@rspack/core 1.7.7 2.0.1
@rspack/plugin-react-refresh 1.6.1 2.0.0
jest-junit 16.0.0 17.0.0
marked 17.0.4 18.0.3
svgo-loader 4.0.0 5.0.0

Updates i18next from 25.8.14 to 26.0.8

Release notes

Sourced from i18next's releases.

v26.0.8

  • fix(types): restore the pre-v25.10.4 ExistsFunction shape so plain arrow functions can again be assigned to ExistsFunction-typed variables (TypeScript cannot infer type predicates through multi-overload assignment). Direct i18next.exists(key) calls still narrow key to SelectorKey — the predicate is now declared inline on i18n.exists. Custom wrappers that want the narrowing can type themselves as typeof i18next.exists 2425

v26.0.7

  • fix: when a plural lookup misses, the missingKey debug log now shows the actual plural-resolved key (e.g. foo.bar_many for Polish count: 14) instead of the base key — making it obvious which plural category was expected and missing 2423
  • chore: drop @babel/runtime runtime dependency. The build no longer generates any @babel/runtime imports, so the package is unused by consumers. Rollup now uses babelHelpers: 'bundled' so any helpers that are ever needed in the future will be inlined rather than imported externally 2424
  • chore: stop emitting dist/esm/i18next.bundled.js. It was byte-identical to dist/esm/i18next.js because no helpers were being imported 2424

v26.0.6

Security release — all issues found via an internal audit. GHSA advisory filed after release.

  • security: warn when a translation string combines escapeValue: false with interpolated variables inside a $t(key, { ... "{{var}}" ... }) nesting-options block. In that narrow combination, attacker-controlled string values containing " can break out of the JSON options literal and inject additional nesting options (e.g. redirect lng/ns). The default escapeValue: true configuration is unaffected because HTML-escaping neutralises the quote before JSON.parse. See the security docs for mitigation guidance (GHSA-TBD)
  • security: apply regexEscape to unescapePrefix / unescapeSuffix on par with the other interpolation delimiters. Prevents ReDoS (catastrophic-backtracking) when a misconfigured delimiter contains regex metacharacters, and fixes silent breakage of the {{- var}} syntax when the delimiter contains characters like (, [, .
  • security: strip CR/LF/NUL and other C0/C1 control characters from string log arguments to prevent log forging via user-controlled translation keys, language codes, namespaces, or interpolation variable names (CWE-117)
  • chore: ignore .env* and *.pem/*.key files in .gitignore

v26.0.5

  • fix: cloneInstance().changeLanguage() no longer fails to update language state when the target language is not yet loaded — a race between init()'s deferred load() and the user's changeLanguage() could overwrite isLanguageChangingTo, causing setLngProps to be skipped 2422

v26.0.4

  • fix(types): inline formatting options like {{price, currency(EUR)}} are now correctly resolved to their base format type (e.g. number for currency) instead of falling back to string 2378

v26.0.3

  • fix(types): addResourceBundle now accepts an optional 6th options parameter ({ silent?: boolean; skipCopy?: boolean }) matching the runtime API 2419

v26.0.2

  • fix(types): t("key", {} as TOptions) no longer produces a type error — the context constraint now bypasses strict checking when context is unknown (e.g. from TOptions) 2418

v26.0.1

  • fix: Formatter no longer crashes when alwaysFormat is true and no format specifier is present (format is undefined)
  • fix: Formatter now returns undefined/null values as-is instead of producing NaN when the value is missing

v26.0.0

This is a major breaking release:

Breaking Changes

  • Remove deprecated initImmediate option — the backward-compatibility mapping from initImmediate to initAsync (introduced in v24) has been removed. Use initAsync instead.
  • Remove legacy interpolation.format function — the old monolithic format function (interpolation: { format: (value, format, lng) => ... }) is no longer supported. The built-in Formatter (or a custom Formatter module via .use()) is now always used. Migrate to the new formatting approach using i18next.services.formatter.add() or .addCached() for custom formatters.
  • Remove console support notice — the console support notice introduced in v25.8.0 has been removed, along with the showSupportNotice option and all related internal suppression logic (globalThis.__i18next_supportNoticeShown, I18NEXT_NO_SUPPORT_NOTICE env var). See our blog post for the full story.
  • Remove simplifyPluralSuffix option — this option was unused by the core PluralResolver (which relies entirely on Intl.PluralRules). It only had an effect in the old v1/v2/v3 compatibility layer. The v4 test compatibility layer now defaults to true internally.
  • Remove deprecated @babel/polyfill from devDependencies.

Improvements

  • Code modernization across all source files:
    • Replace indexOf() > -1 / indexOf() < 0 with .includes() (~40+ occurrences)
    • Replace indexOf() === 0 with .startsWith() where appropriate
    • Replace var with const, '' + object with String(object), .substring() with .slice()
    • Replace .apply(observer, [event, ...args]) with direct call observer(event, ...args)

... (truncated)

Changelog

Sourced from i18next's changelog.

26.0.8

  • fix(types): restore the pre-v25.10.4 ExistsFunction shape so plain arrow functions can again be assigned to ExistsFunction-typed variables (TypeScript cannot infer type predicates through multi-overload assignment). Direct i18next.exists(key) calls still narrow key to SelectorKey — the predicate is now declared inline on i18n.exists. Custom wrappers that want the narrowing can type themselves as typeof i18next.exists 2425

26.0.7

  • fix: when a plural lookup misses, the missingKey debug log now shows the actual plural-resolved key (e.g. foo.bar_many for Polish count: 14) instead of the base key — making it obvious which plural category was expected and missing 2423
  • chore: drop @babel/runtime runtime dependency. The build no longer generates any @babel/runtime imports, so the package is unused by consumers. Rollup now uses babelHelpers: 'bundled' so any helpers that are ever needed in the future will be inlined rather than imported externally 2424
  • chore: stop emitting dist/esm/i18next.bundled.js. It was byte-identical to dist/esm/i18next.js because no helpers were being imported 2424

26.0.6

Security release — all issues found via an internal audit.

  • security: warn when a translation string combines escapeValue: false with interpolated variables inside a $t(key, { ... "{{var}}" ... }) nesting-options block. In that narrow combination, attacker-controlled string values containing " can break out of the JSON options literal and inject additional nesting options (e.g. redirect lng/ns). The default escapeValue: true configuration is unaffected because HTML-escaping neutralises the quote before JSON.parse. See the security note in the Nesting docs for the full pattern and mitigations
  • security: apply regexEscape to unescapePrefix / unescapeSuffix on par with the other interpolation delimiters. Prevents ReDoS (catastrophic-backtracking) when a misconfigured delimiter contains regex metacharacters, and fixes silent breakage of the {{- var}} syntax when the delimiter contains characters like (, [, .
  • security: strip CR/LF/NUL and other C0/C1 control characters from string log arguments to prevent log forging via user-controlled translation keys, language codes, namespaces, or interpolation variable names (CWE-117)
  • chore: ignore .env* and *.pem/*.key files in .gitignore

26.0.5

  • fix: cloneInstance().changeLanguage() no longer fails to update language state when the target language is not yet loaded — a race between init()'s deferred load() and the user's changeLanguage() could overwrite isLanguageChangingTo, causing setLngProps to be skipped 2422

26.0.4

  • fix(types): inline formatting options like {{price, currency(EUR)}} are now correctly resolved to their base format type (e.g. number for currency) instead of falling back to string 2378

26.0.3

  • fix(types): addResourceBundle now accepts an optional 6th options parameter ({ silent?: boolean; skipCopy?: boolean }) matching the runtime API 2419

26.0.2

  • fix(types): t("key", {} as TOptions) no longer produces a type error — the context constraint now bypasses strict checking when context is unknown (e.g. from TOptions) 2418

26.0.1

  • fix: Formatter no longer crashes when alwaysFormat is true and no format specifier is present (format is undefined)
  • fix: Formatter now returns undefined/null values as-is instead of producing NaN when the value is missing

26.0.0

This is a major breaking release:

Breaking Changes

  • Remove deprecated initImmediate option — the backward-compatibility mapping from initImmediate to initAsync (introduced in v24) has been removed. Use initAsync instead.
  • Remove legacy interpolation.format function — the old monolithic format function (interpolation: { format: (value, format, lng) => ... }) is no longer supported. The built-in Formatter (or a custom Formatter module via .use()) is now always used. Migrate to the new formatting approach using i18next.services.formatter.add() or .addCached() for custom formatters.
  • Remove console support notice — the console support notice introduced in v25.8.0 has been removed, along with the showSupportNotice option and all related internal suppression logic (globalThis.__i18next_supportNoticeShown, I18NEXT_NO_SUPPORT_NOTICE env var). See our blog post for the full story.
  • Remove simplifyPluralSuffix option — this option was unused by the core PluralResolver (which relies entirely on Intl.PluralRules). It only had an effect in the old v1/v2/v3 compatibility layer. The v4 test compatibility layer now defaults to true internally.

... (truncated)

Commits

Updates i18next-http-backend from 3.0.5 to 4.0.0

Changelog

Sourced from i18next-http-backend's changelog.

4.0.0

  • BREAKING: drop cross-fetch dependency. i18next-http-backend now requires a host-provided fetch. This is available in Node ≥ 18 (stable since Node 21), all modern browsers, Deno, and Bun. For runtimes without native fetch, install a ponyfill yourself and inject it via options.alternateFetch, or stay on v3.x.
  • BREAKING: minimum Node version is now 18 (engines.node = ">=18").
  • chore: simplified environment detection in lib/request.js — uses globalThis (with global / window fallbacks for legacy embedded runtimes) instead of separate global.* / window.* branches per API. XHR / ActiveXObject are still picked up if the host provides them, but no longer polyfilled.
  • chore: declared "sideEffects": false for better tree-shaking by downstream bundlers.
  • build: replaced babel + browserify + uglify-js with tsdown (rolldown + oxc). One config produces ESM, CJS, and the IIFE browser bundles. Drops @babel/cli, @babel/core, @babel/preset-env, babel-plugin-add-module-exports, browserify, uglify-js, the fixcjs rewrite hack, and the --ignore cross-fetch browserify flag. Side benefit: minified browser bundle shrinks from ~13 KB to ~6.8 KB (oxc minifier + no babel runtime helpers).
  • build: ESM and CJS outputs are now bundled into a single index.js per format (previously one file per lib/*.js module). The package's exports map is unchanged, so this is invisible to consumers using documented entry points.
  • lint: replaced eslint-config-standard (+ five plugins) with neostandard and migrated to ESLint 9 flat config (eslint.config.mjs). Removed deprecated tslint and dtslinttest:typescript now runs tsc --noEmit plus tsd.
  • chore: tightened .npmignore — published tarball no longer includes the source lib/, the build configs (tsdown.config.ts, eslint.config.mjs, tsconfig.json), or the root index.js re-export shim. Drops from 21.3 KB → ~17 KB packed.
  • docs: alternateFetch is now documented in the README options block as the supported escape hatch for fetch ponyfills, test mocking, and request interception. v4 migration note added to "Getting started".

3.0.6

  • fix: allow forward slashes in ns values so nested namespace names (mapping to URL layouts such as /locales/en/a/b.json) fetch correctly again. 3.0.5's security fix applied the same strict URL-segment check to both lng and ns, which was correct for lng (no BCP-47 shape contains /) but over-strict for ns — nested namespaces containing / were never officially supported, but the behaviour fell out of the implicit string-substitution semantics of loadPath and is common enough in the wild to be worth accommodating. isSafeUrlSegment is now split into isSafeLangUrlSegment (strict — still rejects /) and isSafeNsUrlSegment (loose — allows / but still rejects .., \, URL-structure characters, control chars, prototype keys, and oversized inputs). isSafeUrlSegment is kept as a backwards-compatible alias for the strict check. The 3.0.5 security fix remains in force for every concrete attack pattern from the original advisory.
Commits
  • a4d4a83 4.0.0
  • fdf4f98 feat!: v4 — drop cross-fetch, switch build to tsdown, lint to neostandard
  • d8dafd8 docs: clarify that nested-ns with slashes was never officially supported
  • e534a62 build
  • ddf1048 3.0.6
  • d73cfdc fix: allow forward slashes in ns values
  • 9abbdee Bump i18next-http-backend from 1.4.0 to 3.0.5 in /example/i18next-vue (#184)
  • b4ca8bb Bump i18next-http-backend from 3.0.1 to 3.0.5 in /example/fallback (#183)
  • dffddd4 Bump i18next-http-backend from 3.0.2 to 3.0.5 in /example/next (#182)
  • fd29b40 Bump i18next-http-backend from 1.3.2 to 3.0.5 in /example/vue (#181)
  • Additional commits viewable in compare view

Updates @eslint-react/eslint-plugin from 3.0.0 to 5.7.2

Release notes

Sourced from @​eslint-react/eslint-plugin's releases.

v5.7.2 (2026-05-04)

What's Changed

🐞 Fixes

  • react-x/no-unused-state: Removed the rule from the recommended preset for now (#1747, #1748).

📝 Documentation

  • Added individual CHANGELOG.md files for all rules (#1746).
  • Added rule changelog links to all rule documentation pages.
  • Updated AST Explorer links in docs.
  • Various documentation cleanups.

🏗️ Internal

  • Updated baseline metrics.
  • Updated roadmap milestone labels.
  • Upgraded dprint biome plugin from 0.12.9 to 0.12.10.
  • Cleaned up snapshot generation script and snapshot file.

Full Changelog: Rel1cx/eslint-react@v5.7.1...v5.7.2

v5.7.1 (2026-05-02)

What's Changed

🐞 Fixes

  • all preset: Fixed an issue where the all preset accidentally included rules requiring type information (#1744).

📝 Documentation

  • Fixed a typo in the shared settings description.
  • Fixed missing trailing commas in ESLint settings examples.
  • Updated no-unused-state rule wording and examples.
  • Added a Resources section with AST Explorer, ESLint Developer Guide, and TypeScript Compiler API links to kit-related documentation pages.

🏗️ Internal

  • Pinned dependency versions for next and @rbxts/react.
  • Added react-compiler-fixtures-all-preset.jsonl snapshot generation.

Full Changelog: Rel1cx/eslint-react@v5.7.0...v5.7.1

v5.7.0 (2026-05-02)

What's Changed

✨ New

  • react-x/no-unused-state: The rule re-added as a no-op in v5.6.6 is now fully implemented. It detects state variables declared via useState (or similar state hooks) that are assigned but never read, or only read inside an effect or effect dependency array (#1741).

... (truncated)

Changelog

Sourced from @​eslint-react/eslint-plugin's changelog.

v5.7.2 (2026-05-04)

🐞 Fixes

  • react-x/no-unused-state: Removed the rule from the recommended preset for now (#1747, #1748).

📝 Documentation

  • Added individual CHANGELOG.md files for all rules (#1746).
  • Added rule changelog links to all rule documentation pages.
  • Updated AST Explorer links in docs.
  • Various documentation cleanups.

🏗️ Internal

  • Updated baseline metrics.
  • Updated roadmap milestone labels.
  • Upgraded dprint biome plugin from 0.12.9 to 0.12.10.
  • Cleaned up snapshot generation script and snapshot file.

Full Changelog: Rel1cx/eslint-react@v5.7.1...v5.7.2

v5.7.1 (2026-05-02)

🐞 Fixes

  • all preset: Fixed an issue where the all preset accidentally included rules requiring type information (#1744).

📝 Documentation

  • Fixed a typo in the shared settings description.
  • Fixed missing trailing commas in ESLint settings examples.
  • Updated no-unused-state rule wording and examples.
  • Added a Resources section with AST Explorer, ESLint Developer Guide, and TypeScript Compiler API links to kit-related documentation pages.

🏗️ Internal

  • Pinned dependency versions for next and @rbxts/react.
  • Added react-compiler-fixtures-all-preset.jsonl snapshot generation.

Full Changelog: Rel1cx/eslint-react@v5.7.0...v5.7.1

v5.7.0 (2026-05-02)

✨ New

  • react-x/no-unused-state: The rule re-added as a no-op in v5.6.6 is now fully implemented. It detects state variables declared via useState (or similar state hooks) that are defined but never read, or only read inside an effect or effect dependency array (#1741).

📝 Documentation

... (truncated)

Commits

Updates @rspack/cli from 1.7.7 to 2.0.1

Release notes

Sourced from @​rspack/cli's releases.

v2.0.1

What's Changed

Performance Improvements ⚡

New Features 🎉

Bug Fixes 🐞

Refactor 🔨

Document Updates 📖

Other Changes

... (truncated)

Commits

Updates @rspack/core from 1.7.7 to 2.0.1

Release notes

Sourced from @​rspack/core's releases.

v2.0.1

What's Changed

Performance Improvements ⚡

New Features 🎉

Bug Fixes 🐞

Refactor 🔨

Document Updates 📖

Other Changes

... (truncated)

Commits

Updates @rspack/plugin-react-refresh from 1.6.1 to 2.0.0

Release notes

Sourced from @​rspack/plugin-react-refresh's releases.

v2.0.0

Upgrade Guide

Pure ESM package

@rspack/plugin-react-refresh is now pure ESM (the same as Rspack 2.0).

Default export removed

The plugin now provides a named export only.

- import ReactRefreshRspackPlugin from '@rspack/plugin-react-refresh';
+ import { ReactRefreshRspackPlugin } from '@rspack/plugin-react-refresh';

overlay option removed

The overlay option has been removed. Rspack dev server and Rsbuild dev server already provide built-in error overlays, so this package no longer ships its own overlay integration.

Default option changes

The default extension filter has moved from include to test.

Before:

  • test: undefined
  • include: /\.([cm]js|[jt]sx?|flow)$/i

Now:

  • test: /\.(?:js|jsx|mjs|cjs|ts|tsx|mts|cts)$/
  • include: undefined

This makes custom include safer: when include points to a directory, the plugin still only applies to supported JS/TS module extensions by default.

What's Changed

Breaking Changes

Others

... (truncated)

Commits
  • dd69f3d release: v2.0.0 (#104)
  • 9a4036e Revert "fix: restore @​rspack/core ^1.0.0 peer range (#102)" (#103)
  • 3289eec fix: restore @​rspack/core ^1.0.0 peer range (#102)
  • 53020b5 release: 2.0.0-beta.0 (#101)
  • 3802d58 fix!: preserve default extension filter when include is customized (#100)
  • 1f5a44a feat!: update default include regex (#99)
  • f088f5c refactor: modernize react refresh runtime helpers (#98)
  • 6815c62 chore: update references from webpack to Rspack (#97)
  • c22c6f3 feat: add optional peer dependency for @​rspack/core (#96)
  • 35286d0 fix: remove deprecated static method for runtime paths (#95)
  • Additional commits viewable in compare view
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates jest-junit from 16.0.0 to 17.0.0

Release notes

Sourced from jest-junit's releases.

v17.0.0

Upgrade uuid package to latest - jest-community/jest-junit#284

Commits
  • 20d8f14 v17.0.0
  • c91dd20 Merge pull request #284 from palmerj3/upgrade-uuid-14
  • 8ff39ee Upgrade uuid to 14.0.0
  • Description has been truncated

@dependabot
Bump the major group across 1 directory with 9 updates
31d2446 
Bumps the major group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [i18next](https://github.com/i18next/i18next) | `25.8.14` | `26.0.8` |
| [i18next-http-backend](https://github.com/i18next/i18next-http-backend) | `3.0.5` | `4.0.0` |
| [@eslint-react/eslint-plugin](https://github.com/Rel1cx/eslint-react/tree/HEAD/plugins/eslint-plugin) | `3.0.0` | `5.7.2` |
| [@rspack/cli](https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack-cli) | `1.7.7` | `2.0.1` |
| [@rspack/core](https://github.com/web-infra-dev/rspack/tree/HEAD/packages/rspack) | `1.7.7` | `2.0.1` |
| [@rspack/plugin-react-refresh](https://github.com/rstackjs/rspack-plugin-react-refresh) | `1.6.1` | `2.0.0` |
| [jest-junit](https://github.com/jest-community/jest-junit) | `16.0.0` | `17.0.0` |
| [marked](https://github.com/markedjs/marked) | `17.0.4` | `18.0.3` |
| [svgo-loader](https://github.com/svg/svgo-loader) | `4.0.0` | `5.0.0` |



Updates `i18next` from 25.8.14 to 26.0.8
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/i18next@v25.8.14...v26.0.8)

Updates `i18next-http-backend` from 3.0.5 to 4.0.0
- [Changelog](https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md)
- [Commits](i18next/i18next-http-backend@v3.0.5...v4.0.0)

Updates `@eslint-react/eslint-plugin` from 3.0.0 to 5.7.2
- [Release notes](https://github.com/Rel1cx/eslint-react/releases)
- [Changelog](https://github.com/Rel1cx/eslint-react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Rel1cx/eslint-react/commits/v5.7.2/plugins/eslint-plugin)

Updates `@rspack/cli` from 1.7.7 to 2.0.1
- [Release notes](https://github.com/web-infra-dev/rspack/releases)
- [Commits](https://github.com/web-infra-dev/rspack/commits/v2.0.1/packages/rspack-cli)

Updates `@rspack/core` from 1.7.7 to 2.0.1
- [Release notes](https://github.com/web-infra-dev/rspack/releases)
- [Commits](https://github.com/web-infra-dev/rspack/commits/v2.0.1/packages/rspack)

Updates `@rspack/plugin-react-refresh` from 1.6.1 to 2.0.0
- [Release notes](https://github.com/rstackjs/rspack-plugin-react-refresh/releases)
- [Commits](rstackjs/rspack-plugin-react-refresh@v1.6.1...v2.0.0)

Updates `jest-junit` from 16.0.0 to 17.0.0
- [Release notes](https://github.com/jest-community/jest-junit/releases)
- [Commits](jest-community/jest-junit@v16.0.0...v17.0.0)

Updates `marked` from 17.0.4 to 18.0.3
- [Release notes](https://github.com/markedjs/marked/releases)
- [Commits](markedjs/marked@v17.0.4...v18.0.3)

Updates `svgo-loader` from 4.0.0 to 5.0.0
- [Release notes](https://github.com/svg/svgo-loader/releases)
- [Commits](svg/svgo-loader@v4.0.0...v5.0.0)

---
updated-dependencies:
- dependency-name: i18next
  dependency-version: 26.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: i18next-http-backend
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@eslint-react/eslint-plugin"
  dependency-version: 5.7.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@rspack/cli"
  dependency-version: 2.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@rspack/core"
  dependency-version: 2.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: "@rspack/plugin-react-refresh"
  dependency-version: 2.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: jest-junit
  dependency-version: 17.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: marked
  dependency-version: 18.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
- dependency-name: svgo-loader
  dependency-version: 5.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants