chore(deps): bump the dependencies group across 1 directory with 10 updates #516

dependabot · 2025-12-01T08:43:36Z

Bumps the dependencies group with 9 updates in the /pkg/js directory:

Package	From	To
yaml	`2.8.0`	`2.8.2`
@jest/globals	`29.7.0`	`30.2.0`
@openfga/sdk	`0.9.0`	`0.9.1`
@types/node	`24.1.0`	`24.10.1`
@typescript-eslint/eslint-plugin	`8.38.0`	`8.48.0`
jest	`29.7.0`	`30.2.0`
prettier	`3.6.2`	`3.7.3`
ts-jest	`29.4.0`	`29.4.5`
typescript	`5.8.3`	`5.9.3`

Updates yaml from 2.8.0 to 2.8.2

Release notes

Sourced from yaml's releases.

v2.8.2

Serialize -0 as -0 (#638)

Do not double newlines for empty map values (#642)

v2.8.1

Preserve empty block literals (#634)

Commits

086fa6b 2.8.2
95f01e9 chore: Add funding to package.json
152e204 style: Apply updated Prettier rules & satisfy updated ESLint
3f3378c chore: Drop unused dependency cross-env
f0b9af7 chore: Update to @rollup/plugin-replace v6
e3cafc7 chore: Update to eslint-config-prettier v10
553c1b5 chore: Refresh lockfile
70a8db3 fix: Do not double newlines for empty map values (#642)
92821f2 ci: Limit action permissions to minimum required
95285f8 fix: Serialize -0 as -0 (fixes #638)
Additional commits viewable in compare view

Updates @jest/globals from 29.7.0 to 30.2.0

Release notes

Sourced from @jest/globals's releases.

30.2.0

Chore & Maintenance

[*] Update example repo for testing React Native projects (#15832)

[*] Update jest-watch-typeahead to v3 (#15830)

Features

[jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

[babel-jest] Export the TransformerConfig interface (#15820)

[jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

[jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

[jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

30.1.0

Features

[jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)

[jest-runtime] Reduce redundant ReferenceError messages

[jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

`[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)

[jest-circus] Fix it.concurrent not working with describe.skip (#15765)

[jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings

[jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

Chore

[expect] Update docblock for toContain() to display info on substring check (#15789)

30.0.2

What's Changed

... (truncated)

Changelog

Sourced from @jest/globals's changelog.

30.2.0

Chore & Maintenance

[*] Update example repo for testing React Native projects (#15832)

[*] Update jest-watch-typeahead to v3 (#15830)

Features

[jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

[jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)

[babel-jest] Export the TransformerConfig interface (#15820)

[jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

[jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

[jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

[jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#15821)

30.1.0

Features

[jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)

[jest-runtime] Reduce redundant ReferenceError messages

[jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)

[jest-circus] Fix it.concurrent not working with describe.skip (#15765)

[jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings

[jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

... (truncated)

Commits

855864e v30.2.0
ebfa31c v30.1.2
d347c0f v30.1.1
4d5f41d v30.1.0
22236cf v30.0.5
f4296d2 v30.0.4
d4a6c94 v30.0.3
393acbf v30.0.2
5ce865b v30.0.1
469f665 v30.0.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by cpojer, a new releaser for @jest/globals since your current version.

Updates @openfga/sdk from 0.9.0 to 0.9.1

Release notes

Sourced from @openfga/sdk's releases.

v0.9.1

v0.9.1 (2025-11-05)

feat: add support for handling Retry-After header (#267)

feat: add support for conflict options for Write operations: (#276) The client now supports setting conflict on ClientWriteRequestOpts to control behavior when writing duplicate tuples or deleting non-existent tuples. This feature requires OpenFGA server v1.10.0 or later. See Conflict Options for Write Operations for more.

What's Changed

chore: update SECURITY-INSIGHTS by @aaguiarz in openfga/js-sdk#239

chore(ci): restrict semgrep workflow permissions to only read contents by @aaguiarz in openfga/js-sdk#240

chore(deps): upgrade dependencies by @rhamzeh in openfga/js-sdk#241

chore(deps): bump codecov/codecov-action from 5.4.2 to 5.4.3 in the dependencies group by @dependabot[bot] in openfga/js-sdk#226

chore(ci): remove semgrep workflow by @rhamzeh in openfga/js-sdk#244

chore(deps-dev): bump @types/node from 24.2.0 to 24.2.1 in the dependencies group across 1 directory by @dependabot[bot] in openfga/js-sdk#246

chore: create scorecard.yml by @aaguiarz in openfga/js-sdk#245

ci: update dependabot config by @evansims in openfga/js-sdk#249

chore(deps-dev): bump the dependencies group with 3 updates by @dependabot[bot] in openfga/js-sdk#251

chore(deps): bump the dependencies group with 3 updates by @dependabot[bot] in openfga/js-sdk#250

chore(deps): bump axios from 1.11.0 to 1.12.0 in the npm_and_yarn group across 1 directory by @dependabot[bot] in openfga/js-sdk#257

chore(deps): bump the dependencies group across 1 directory with 4 updates by @dependabot[bot] in openfga/js-sdk#258

chore(deps): bump the dependencies group across 1 directory with 2 updates by @dependabot[bot] in openfga/js-sdk#255

chore(docs): add scorecard, deepwiki and socket.dev badges by @aaguiarz in openfga/js-sdk#260

Update SECURITY-INSIGHTS by @aaguiarz in openfga/js-sdk#259

chore(deps-dev): bump the dependencies group with 4 updates by @dependabot[bot] in openfga/js-sdk#261

chore: Add docs and tests for sending custom headers by @jimmyjames in openfga/js-sdk#262

chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 in the dependencies group by @dependabot[bot] in openfga/js-sdk#264

chore(deps-dev): bump the dependencies group with 4 updates by @dependabot[bot] in openfga/js-sdk#263

feat: List Stores Name Filter by @jimmyjames in openfga/js-sdk#265

chore(deps-dev): bump the dependencies group with 2 updates by @dependabot[bot] in openfga/js-sdk#269

feat: add support for handling Retry-After header by @SoulPancake in openfga/js-sdk#267

chore: Added a top-level Makefile in js-sdk to simplify running tests and li… by @Abishek-Newar in openfga/js-sdk#277

chore: reduce generated code by @rhamzeh in openfga/js-sdk#266

feat: add support for write conflict settings by @phamhieu in openfga/js-sdk#276

release: v0.9.1 by @rhamzeh in openfga/js-sdk#283

New Contributors

@aaguiarz made their first contribution in openfga/js-sdk#239

@SoulPancake made their first contribution in openfga/js-sdk#267

@Abishek-Newar made their first contribution in openfga/js-sdk#277

@phamhieu made their first contribution in openfga/js-sdk#276

Full Changelog: openfga/js-sdk@v0.9.0...v0.9.1

Changelog

Sourced from @openfga/sdk's changelog.

v0.9.1

v0.9.1 (2025-11-05)

feat: add support for handling Retry-After header (#267)

feat: add support for conflict options for Write operations: (#276) The client now supports setting conflict on ClientWriteRequestOpts to control behavior when writing duplicate tuples or deleting non-existent tuples. This feature requires OpenFGA server v1.10.0 or later. See Conflict Options for Write Operations for more.

Commits

9163587 release: v0.9.1 (#283)
b365647 feat: add support for write conflict settings (#276)
9b81c81 chore: reduce generated code (#266)
ab47bd4 chore: Added a top-level Makefile in js-sdk to simplify running tests and li…...
351b3d0 feat: add support for handling Retry-After header (#267)
3fe33ac chore(deps-dev): bump the dependencies group with 2 updates (#269)
a61ccf6 feat: List Stores Name Filter (#265)
557bf4e chore(deps-dev): bump the dependencies group with 4 updates (#263)
1fbf310 chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 in the dependenci...
b2a565b chore: Add docs and tests for sending custom headers (#262)
Additional commits viewable in compare view

Updates @types/node from 24.1.0 to 24.10.1

Commits

See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.38.0 to 8.48.0

Release notes

Sourced from @typescript-eslint/eslint-plugin's releases.

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)

rule-tester: remove workaround for jest circular structure error (#11772)

typescript-estree: gate all errors behind allowInvalidAST (#11693)

typescript-estree: replace fast-glob with tinyglobby (#11740)

🩹 Fixes

eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)

scope-manager: change unhelpful aaa error message and change analyze to expects Program (#11747)

typescript-estree: infers singleRun as true for project service (#11327)

typescript-estree: disallow binding patterns in parameter properties (#11760)

❤️ Thank You

Ben McCann @benmccann

Dima Barabash @dbarabashh

fisker Cheung @fisker

James Henry @JamesHenry

JamesHenry @JamesHenry

Josh Goldberg

Josh Goldberg ✨

Kirk Waiblinger @kirkwaiblinger

mdm317 @gen-ip-1

Younsang Na @nayounsang

You can read about our versioning strategy and releases on our website.

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

Brad Zacher @bradzacher

You can read about our versioning strategy and releases on our website.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

... (truncated)

Changelog

Sourced from @typescript-eslint/eslint-plugin's changelog.

8.48.0 (2025-11-24)

🚀 Features

eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)

🩹 Fixes

typescript-estree: disallow binding patterns in parameter properties (#11760)

eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)

❤️ Thank You

Dima Barabash @dbarabashh

JamesHenry @JamesHenry

Josh Goldberg

mdm317 @gen-ip-1

You can read about our versioning strategy and releases on our website.

8.47.0 (2025-11-17)

🚀 Features

eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

Brad Zacher @bradzacher

You can read about our versioning strategy and releases on our website.

8.46.4 (2025-11-10)

🩹 Fixes

parser: error when both projectService and project are set (#11333)

eslint-plugin: handle override modifier in promise-function-async fixer (#11730)

eslint-plugin: [no-deprecated] fix double-report on computed literal identifiers (#11006, #10958)

❤️ Thank You

Evgeny Stepanovych @undsoft

Kentaro Suzuki @sushichan044

Maria Solano @MariaSolOs

You can read about our versioning strategy and releases on our website.

8.46.3 (2025-11-03)

... (truncated)

Commits

6fb1551 chore(release): publish 8.48.0
d26e9de chore(eslint-plugin): correct TODO comment on the wrong line (#11773)
5f04910 fix(typescript-estree): disallow binding patterns in parameter properties (#1...
a4dc42a chore: migrate to nx 22 (#11780)
2ffb168 feat(eslint-plugin): [no-redundant-type-constituents] use assignability check...
5ea21f1 fix(eslint-plugin): [consistent-generic-constructors] ignore when constructor...
28cf803 chore(release): publish 8.47.0
6c6db24 feat(eslint-plugin): [no-unused-private-class-members] new extension rule (#1...
843f144 chore(release): publish 8.46.4
997e0c0 fix(parser): error when both projectService and project are set (#11333)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @typescript-eslint/eslint-plugin since your current version.

Updates @typescript-eslint/parser from 8.38.0 to 8.48.0

Release notes

Sourced from @typescript-eslint/parser's releases.

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)

rule-tester: remove workaround for jest circular structure error (#11772)

typescript-estree: gate all errors behind allowInvalidAST (#11693)

typescript-estree: replace fast-glob with tinyglobby (#11740)

🩹 Fixes

eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)

scope-manager: change unhelpful aaa error message and change analyze to expects Program (#11747)

typescript-estree: infers singleRun as true for project service (#11327)

typescript-estree: disallow binding patterns in parameter properties (#11760)

❤️ Thank You

Ben McCann @benmccann

Dima Barabash @dbarabashh

fisker Cheung @fisker

James Henry @JamesHenry

JamesHenry @JamesHenry

Josh Goldberg

Josh Goldberg ✨

Kirk Waiblinger @kirkwaiblinger

mdm317 @gen-ip-1

Younsang Na @nayounsang

You can read about our versioning strategy and releases on our website.

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

Brad Zacher @bradzacher

You can read about our versioning strategy and releases on our website.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

... (truncated)

Changelog

Sourced from @typescript-eslint/parser's changelog.

8.48.0 (2025-11-24)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.47.0 (2025-11-17)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.4 (2025-11-10)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.3 (2025-11-03)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.2 (2025-10-20)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.1 (2025-10-13)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.0 (2025-10-06)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.45.0 (2025-09-29)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.44.1 (2025-09-22)

... (truncated)

Commits

6fb1551 chore(release): publish 8.48.0
a4dc42a chore: migrate to nx 22 (#11780)
28cf803 chore(release): publish 8.47.0
843f144 chore(release): publish 8.46.4
d9f3497 chore(release): publish 8.46.3
55ca033 chore(release): publish 8.46.2
3f5fbf6 chore(release): publish 8.46.1
aec785e chore(release): publish 8.46.0
255e9e2 chore(release): publish 8.45.0
c198052 chore(release): publish 8.44.1
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @typescript-eslint/parser since your current version.

Updates jest from 29.7.0 to 30.2.0

Release notes

Sourced from jest's releases.

30.2.0

Chore & Maintenance

[*] Update example repo for testing React Native projects (#15832)

[*] Update jest-watch-typeahead to v3 (#15830)

Features

[jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

[babel-jest] Export the TransformerConfig interface (#15820)

[jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

[jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

[jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

30.1.0

Features

[jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)

[jest-runtime] Reduce redundant ReferenceError messages

[jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

`[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)

[jest-circus] Fix it.concurrent not working with describe.skip (#15765)

[jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings

[jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

Chore

[expect] Update docblock for toContain() to display info on substring check (#15789)

30.0.2

What's Changed

... (truncated)

Changelog

Sourced from jest's changelog.

30.2.0

Chore & Maintenance

[*] Update example repo for testing React Native projects (#15832)

[*] Update jest-watch-typeahead to v3 (#15830)

Features

[jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

[jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)

[babel-jest] Export the TransformerConfig interface (#15820)

[jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

[jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

[jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

[jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#15821)

30.1.0

Features

[jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)

[jest-runtime] Reduce redundant ReferenceError messages

[jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)

[jest-circus] Fix it.concurrent not working with describe.skip (#15765)

[jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings

[jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

... (truncated)

Commits

855864e v30.2.0
da9b532 v30.1.3
ebfa31c v30.1.2
d347c0f v30.1.1
4d5f41d v30.1.0
22236cf v30.0.5
f4296d2 v30.0.4
d4a6c94 v30.0.3
393acbf v30.0.2
5ce865b v30.0.1
Additional commits viewable in compare view

Updates prettier from 3.6.2 to 3.7.3

Release notes

Sourced from prettier's releases.

3.7.3

What's Changed

Fix prettier.getFileInfo() change that breaks VSCode extension by @fisker in prettier/prettier#18375

🔗 Changelog

3.7.2

What's Changed

Fix string print when switching quotes by @fisker in prettier/prettier#18351

Preserve quote for embedded HTML attribute values by @kovsu in prettier/prettier#18352

Fix comment in empty type literal by @fisker in prettier/prettier#18364

🔗 Changelog

3.7.1

Fix performance regression in doc printer (#18342 by @fisker)

🔗 Changelog

3.7.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.7.3

diff

API: Fix prettier.getFileInfo() change that breaks VSCode extension (#18375 by @fisker)

An internal refactor accidentally broke the VSCode extension plugin loading.

3.7.2

diff

JavaScript: Fix string print when switching quotes (#18351 by @fisker)
// Input
console.log("A descriptor\\'s .kind must be \"method\" or \"field\".")
// Prettier 3.7.1
console.log('A descriptor\'s .kind must be "method" or "field".');
// Prettier 3.7.2
console.log('A descriptor\'s .kind must be "method" or "field".');
JavaScript: Preserve quote for embedded HTML attribute values (#18352 by @kovsu)
// Input
const html = /* HTML */ ` <div class="${styles.banner}"></div> `;
// Prettier 3.7.1
const html = /* HTML */ &lt;div class=${styles.banner}&gt;&lt;/div&gt;;
// Prettier 3.7.2
const html = /* HTML */ &lt;div class=&quot;${styles.banner}&quot;&gt;&lt;/div&gt;;
TypeScript: Fix comment in empty type literal (#18364 by @fisker)
// Input
export type XXX = {
  // tbd
};
// Prettier 3.7.1
</tr></table>

... (truncated)

Commits

fdfa670 Release 3.7.3
2dce3ec Fix typo
27d6c64 Revert previous change to getFileInfo (#18375)
f4a7afa Add types for config related functions (#18376)
9266e3e Add resolved test cases (#18358)
3bfc014 Bump Prettier dependency to 3.7.2
081b846 Clean changelog_unreleased
03384c9 Release 3.7.2
514e51a Release @prettier/plugin-hermes & @prettier/plugin-oxc v0.1.2
29a11ae Fix comment in empty type literal (#18364)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prettier since your current version.

Updates ts-jest from 29.4.0 to 29.4.5

Release notes

Sourced from ts-jest's releases.

v29.4.5

Please refer to CHANGELOG.md for details.

v29.4.4

Please refer to CHANGELOG.md for details.

v29.4.3

Please refer to CHANGELOG.md for details.

v29.4.2

Please refer to CHANGELOG.md for details.

v29.4.1

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.5 (2025-10-10)

Bug Fixes

allow filtering modern module warning message with diagnostic code (c290d4d), , closes #5013

29.4.4 (2025-09-19)

Bug Fixes

revert 29.4.3 changes (25cb706), closes #5049

29.4.3 (2025-09-17)

Bug Fixes

introduce transpilation option to replace isolatedModules option (#5044) (5868761)

29.4.2 (2025-09-15)

Bug Fixes

fix: node 14 compatibility (aa0d563), fixes #5038

29.4.1 (2025-08-03)

Bug Fixes

fix: replace ejs with handlebars due to security issues (899c9b7), closes #4969

Commits

9d5248a chore(release): 29.4.5
ca8b623 refactor: improve message about using Node16/18/Next
c290d4d fix: allow filtering modern module warning message with diagnostic code
1ff2dda build: replace conventional-changelog-cli dep
1c08db3 ci: run npm ci --ignore-scripts for workflows
9f60d2c ci: enhance security for Renovate PRs
1c1077f build(deps): Update dependency @formatjs/ts-transformer to ^3.14.2
9037f2f build(deps): Update dependency @types/node to v20.19.20
6ed0e1c build(deps): Update dependency semver to ^7.7.3
4a06f8c build(deps): Update github/codeql-action digest to a8d1ac4
Additional commits viewable in compare view

Updates typescript from 5.8.3 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

fixed issues query for Typescript 5.9.0 (Beta).

fixed issues query for Typescript 5.9.1 (RC).

No specific changes for TypeScript 5.9.2 (Stable)

fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

npm

TypeScript 5.9

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

fixed issues query for Typescript 5.9.0 (Beta).

fixed issues query for Typescript 5.9.1 (RC).

No specific changes for TypeScript 5.9.2 (Stable)

Downloads are available on:

npm

TypeScript 5.9 RC

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

coderabbitai · 2025-12-01T08:43:46Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

socket-security · 2025-12-01T08:44:02Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
npm/@jest/globals@29.7.0 ⏵ 30.2.0	⁺¹	⁺¹
npm/jest@29.7.0 ⏵ 30.2.0	⁺¹	⁺¹
npm/@typescript-eslint/parser@8.38.0 ⏵ 8.50.1
npm/@typescript-eslint/eslint-plugin@8.38.0 ⏵ 8.50.1	⁺¹	⁺¹
npm/@types/node@24.1.0 ⏵ 25.0.3	⁺¹	⁺¹
npm/yaml@2.8.0 ⏵ 2.8.2
npm/typescript@5.8.3 ⏵ 5.9.3	⁺¹	⁺¹
npm/prettier@3.6.2 ⏵ 3.7.4	^-7	⁺¹
npm/ts-jest@29.4.0 ⏵ 29.4.6		⁺¹
npm/@openfga/sdk@0.9.0 ⏵ 0.9.1	⁺¹	⁺¹	⁺¹⁸

View full report

socket-security · 2025-12-01T08:44:04Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click "▶" to expand/collapse)
Warn		License policy violation: npm `typescript` under MIT-Khronos-old License: MIT-Khronos-old - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) License: LicenseRef-W3C-Community-Final-Specification-Agreement - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) From: pkg/js/package-lock.json → `npm/typescript@5.9.3` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/typescript@5.9.3`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

dosubot · 2025-12-01T08:44:08Z

Related Documentation

Checked 6 published document(s) in 1 knowledge base(s). No updates required.

^{How did I do? Any feedback?}

…pdates Bumps the dependencies group with 9 updates in the /pkg/js directory: | Package | From | To | | --- | --- | --- | | [yaml](https://github.com/eemeli/yaml) | `2.8.0` | `2.8.2` | | [@jest/globals](https://github.com/jestjs/jest/tree/HEAD/packages/jest-globals) | `29.7.0` | `30.2.0` | | [@openfga/sdk](https://github.com/openfga/js-sdk) | `0.9.0` | `0.9.1` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.1.0` | `24.10.1` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.38.0` | `8.48.0` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `29.7.0` | `30.2.0` | | [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.7.3` | | [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.0` | `29.4.5` | | [typescript](https://github.com/microsoft/TypeScript) | `5.8.3` | `5.9.3` | Updates `yaml` from 2.8.0 to 2.8.2 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.8.0...v2.8.2) Updates `@jest/globals` from 29.7.0 to 30.2.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.2.0/packages/jest-globals) Updates `@openfga/sdk` from 0.9.0 to 0.9.1 - [Release notes](https://github.com/openfga/js-sdk/releases) - [Changelog](https://github.com/openfga/js-sdk/blob/main/CHANGELOG.md) - [Commits](openfga/js-sdk@v0.9.0...v0.9.1) Updates `@types/node` from 24.1.0 to 24.10.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@typescript-eslint/eslint-plugin` from 8.38.0 to 8.48.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.38.0 to 8.48.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.0/packages/parser) Updates `jest` from 29.7.0 to 30.2.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.2.0/packages/jest) Updates `prettier` from 3.6.2 to 3.7.3 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.6.2...3.7.3) Updates `ts-jest` from 29.4.0 to 29.4.5 - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](kulshekhar/ts-jest@v29.4.0...v29.4.5) Updates `typescript` from 5.8.3 to 5.9.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.8.3...v5.9.3) --- updated-dependencies: - dependency-name: yaml dependency-version: 2.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: "@jest/globals" dependency-version: 30.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@openfga/sdk" dependency-version: 0.9.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: "@types/node" dependency-version: 24.10.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.48.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.48.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: jest dependency-version: 30.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: prettier dependency-version: 3.7.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: ts-jest dependency-version: 29.4.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: typescript dependency-version: 5.9.3 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 1, 2025

dependabot bot requested review from a team as code owners December 1, 2025 08:43

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 1, 2025

dependabot bot force-pushed the dependabot/npm_and_yarn/pkg/js/dependencies-db3f1ecad8 branch from bc03d8e to 23527c5 Compare December 8, 2025 07:06

dependabot bot force-pushed the dependabot/npm_and_yarn/pkg/js/dependencies-db3f1ecad8 branch from 23527c5 to 2d22c70 Compare December 29, 2025 07:05

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the dependencies group across 1 directory with 10 updates #516

chore(deps): bump the dependencies group across 1 directory with 10 updates #516

Uh oh!

dependabot bot commented on behalf of github Dec 1, 2025 •

edited

Loading

Uh oh!

coderabbitai bot commented Dec 1, 2025

Review skipped

Uh oh!

socket-security bot commented Dec 1, 2025 •

edited

Loading

Uh oh!

socket-security bot commented Dec 1, 2025 •

edited

Loading

Uh oh!

dosubot bot commented Dec 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the dependencies group across 1 directory with 10 updates #516

Are you sure you want to change the base?

chore(deps): bump the dependencies group across 1 directory with 10 updates #516

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v2.8.2

v2.8.1

30.2.0

Chore & Maintenance

Features

Fixes

30.1.3

Fixes

30.1.2

Fixes

30.1.1

Fixes

30.1.0

Features

Fixes

Chore

30.0.2

What's Changed

30.2.0

Chore & Maintenance

Features

Fixes

30.1.3

Fixes

30.1.2

Fixes

30.1.1

Fixes

30.1.0

Features

Fixes

v0.9.1

v0.9.1 (2025-11-05)

What's Changed

New Contributors

v0.9.1

v0.9.1 (2025-11-05)

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

🩹 Fixes

❤️ Thank You

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

❤️ Thank You

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

8.48.0 (2025-11-24)

🚀 Features

🩹 Fixes

❤️ Thank You

8.47.0 (2025-11-17)

🚀 Features

❤️ Thank You

8.46.4 (2025-11-10)

🩹 Fixes

❤️ Thank You

8.46.3 (2025-11-03)

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

🩹 Fixes

❤️ Thank You

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

❤️ Thank You

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

8.48.0 (2025-11-24)

dependabot bot commented on behalf of github Dec 1, 2025 •

edited

Loading

API: Fix `prettier.getFileInfo()` change that breaks VSCode extension (#18375 by `@fisker`)

JavaScript: Fix string print when switching quotes (#18351 by `@fisker`)

JavaScript: Preserve quote for embedded HTML attribute values (#18352 by `@kovsu`)

TypeScript: Fix comment in empty type literal (#18364 by `@fisker`)