Skip to content

Bump the npm group with 5 updates #1082

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 2, 2025
Merged

Bump the npm group with 5 updates #1082

merged 1 commit into from
Jul 2, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 1, 2025
edited
Loading

Bumps the npm group with 5 updates:

Package From To
@types/node 22.15.29 24.0.10
@vscode/vsce 3.4.2 3.6.0
glob 11.0.2 11.0.3
mocha 11.5.0 11.7.1
sinon 20.0.0 21.0.0

Updates @types/node from 22.15.29 to 24.0.10

Commits

Updates @vscode/vsce from 3.4.2 to 3.6.0

Release notes

Sourced from @​vscode/vsce's releases.

v3.6.0

Changes:

  • #1175: Allow dots in tags and update extension tag handling
  • #1173: Exclude image files from scanning for secrets
  • #1174: Update secretlint dependency
  • #1170: Improve error message for missing entrypoints
  • #1169: Sanitize tags to remove special characters
  • #1166: Add language-models tag for extensions with languageModels contribution
  • #1167: chore: npm audit fix

This list of changes was auto generated.

v3.5.1-6

Changes:

  • #1175: Allow dots in tags and update extension tag handling

This list of changes was auto generated.

v3.5.1-5

Changes:

  • #1173: Exclude image files from scanning for secrets
  • #1174: Update secretlint dependency

This list of changes was auto generated.

v3.5.1-3

Changes:

  • #1170: Improve error message for missing entrypoints

This list of changes was auto generated.

v3.5.1-2

Changes:

  • #1169: Sanitize tags to remove special characters

... (truncated)

Commits
  • b373bc4 Merge pull request #1175 from microsoft/benibenj/assistant-toad
  • 8d5e643 .
  • 06ff8b7 add test
  • 7029680 allow . in tags but keep extension tags the same as before
  • dfcca88 Merge pull request #1173 from microsoft/benibenj/voluminous-caribou
  • f1cf004 fix tests
  • 34c6ad4 Merge pull request #1174 from microsoft/benibenj/gleaming-alligator
  • ec26cc3 Merge remote-tracking branch 'origin/main' into benibenj/voluminous-caribou
  • ff508ef update secretlint dependency
  • 0cda2de dont scann image files
  • Additional commits viewable in compare view

Updates glob from 11.0.2 to 11.0.3

Commits

Updates mocha from 11.5.0 to 11.7.1

Release notes

Sourced from mocha's releases.

v11.7.1

11.7.1 (2025-06-24)

🩹 Fixes

  • always fallback to import() if require() fails (#5384) (295c168)

🧹 Chores

v11.7.0

11.7.0 (2025-06-18)

🌟 Features

v11.6.0

11.6.0 (2025-06-09)

🌟 Features

Changelog

Sourced from mocha's changelog.

11.7.1 (2025-06-24)

🩹 Fixes

  • always fallback to import() if require() fails (#5384) (295c168)

🧹 Chores

11.7.0 (2025-06-18)

🌟 Features

11.6.0 (2025-06-09)

🌟 Features

Commits

Updates sinon from 20.0.0 to 21.0.0

Changelog

Sourced from sinon's changelog.

21.0.0

  • fd10f13f chore!: remove assert.failException property (#2659) (Morgan Roderick)

    This was used for allowing customisation of the thrown error between sandboxes and for customisation for integrations (most likely from the days of BusterJS).

    To my knowledge and what I've been able to find on GitHub, this has never had any production use by end users.

    BREAKING CHANGE: this removes assert.failException from the API

  • c7202351 Revert "chore: npm audit" (Morgan Roderick)

    This reverts commit 824da531173204e4106bf15ab2677b6193802893.

  • 824da531 chore: npm audit (Morgan Roderick)
  • 14edd78e chore: upgrade esbuild (Morgan Roderick)
  • 1ac5af9c npm audit (Morgan Roderick)

Released by Morgan Roderick on 2025-06-13.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 1, 2025
@chadlwilson
Copy link
Contributor

@dependabot ignore @types/node major version

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 2, 2025

OK, I won't notify you about version 24.x.x of @types/node again, unless you unignore it.

@dependabot
Bump the npm group with 5 updates
a188577 
Bumps the npm group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.15.29` | `24.0.10` |
| [@vscode/vsce](https://github.com/Microsoft/vsce) | `3.4.2` | `3.6.0` |
| [glob](https://github.com/isaacs/node-glob) | `11.0.2` | `11.0.3` |
| [mocha](https://github.com/mochajs/mocha) | `11.5.0` | `11.7.1` |
| [sinon](https://github.com/sinonjs/sinon) | `20.0.0` | `21.0.0` |


Updates `@types/node` from 22.15.29 to 24.0.10
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vscode/vsce` from 3.4.2 to 3.6.0
- [Release notes](https://github.com/Microsoft/vsce/releases)
- [Commits](microsoft/vscode-vsce@v3.4.2...v3.6.0)

Updates `glob` from 11.0.2 to 11.0.3
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](isaacs/node-glob@v11.0.2...v11.0.3)

Updates `mocha` from 11.5.0 to 11.7.1
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](mochajs/mocha@v11.5.0...v11.7.1)

Updates `sinon` from 20.0.0 to 21.0.0
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/commits)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.0.10
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@vscode/vsce"
  dependency-version: 3.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: glob
  dependency-version: 11.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: mocha
  dependency-version: 11.7.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: sinon
  dependency-version: 21.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm-2fefe6b858 branch from c63d4d1 to a188577 Compare July 2, 2025 00:20
@chadlwilson chadlwilson merged commit ac0faa1 into master Jul 2, 2025
4 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm-2fefe6b858 branch July 2, 2025 00:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chadlwilson chadlwilson chadlwilson approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@chadlwilson