deps(deps): bump pino from 8.21.0 to 10.1.1 by dependabot[bot] · Pull Request #120 · nutraz/HeliosHash-DAO

dependabot · 2026-01-09T21:31:14Z

Bumps pino from 8.21.0 to 10.1.1.

Release notes

v10.1.1

What's Changed

fix(types): Correct conditional type handling for generic log function arguments by @samchungy in pinojs/pino#2329

perf: use JSON.stringify in fast path for node v25+ by @ronag in pinojs/pino#2330

build(deps): bump actions/setup-node from 4 to 6 by @dependabot[bot] in pinojs/pino#2336

build(deps-dev): bump borp from 0.20.2 to 0.21.0 by @dependabot[bot] in pinojs/pino#2337

build(deps): bump pino-abstract-transport from 2.0.0 to 3.0.0 by @dependabot[bot] in pinojs/pino#2338

docs: update CONTRIBUTING.md to reference 'main' instead of 'master' by @NoobFullStack in pinojs/pino#2334

feat(browser): add reportCaller to surface user callsite by @dev-KingMaster in pinojs/pino#2340

docs: update transports.md by @marklai1998 in pinojs/pino#2224

docs: add Node.js 22+ native TypeScript type stripping support by @mcollina in pinojs/pino#2347

feat(types): use ThreadStream type from thread-stream by @CHC383 in pinojs/pino#2320

build(deps): bump actions/checkout from 5.0.0 to 6.0.0 by @dependabot[bot] in pinojs/pino#2354

build(deps): update thread-stream to v4 by @mcollina in pinojs/pino#2356

fix: harden transport loading against prototype pollution by @omdxp in pinojs/pino#2358

docs: add threat model to SECURITY.md by @mcollina in pinojs/pino#2360

build(deps): bump actions/checkout from 6.0.0 to 6.0.1 by @dependabot[bot] in pinojs/pino#2365

build(deps-dev): bump @types/node from 24.10.4 to 25.0.3 by @dependabot[bot] in pinojs/pino#2367

fix: allow passing string, number, null for %o placeholder by @rChaoz in pinojs/pino#2372

New Contributors

@NoobFullStack made their first contribution in pinojs/pino#2334

@dev-KingMaster made their first contribution in pinojs/pino#2340

@marklai1998 made their first contribution in pinojs/pino#2224

@CHC383 made their first contribution in pinojs/pino#2320

@omdxp made their first contribution in pinojs/pino#2358

@rChaoz made their first contribution in pinojs/pino#2372

Full Changelog: pinojs/pino@v10.1.0...v10.1.1

v10.1.0

What's Changed

test: add regression test for issue #2313 by @mcollina in pinojs/pino#2314

fix!: use safer types for censor function signature (#2307) by @slifty in pinojs/pino#2308

remove unused parsedChindingsSym symbol by @mcollina in pinojs/pino#2315

chore: add .npmignore to exclude unnecessary files by @mcollina in pinojs/pino#2312

chore(lint): migrate from standard to neostandard & upgrade eslint to v9 by @lokeshwar777 in pinojs/pino#2316

build(deps-dev): bump eslint-plugin-n from 15.7.0 to 17.23.1 by @dependabot[bot] in pinojs/pino#2305

Use @pinojs/redact by @mcollina in pinojs/pino#2321

fix: added missing isoTimeNano to nested namespace by @edge33 in pinojs/pino#2325

New Contributors

@slifty made their first contribution in pinojs/pino#2308

@lokeshwar777 made their first contribution in pinojs/pino#2316

Full Changelog: pinojs/pino@v10.0.0...v10.1.0

v10.0.0

The only breaking change is dropping support for Node 18.

... (truncated)

Commits

3390470 Bumped v10.1.1
791adbe fix: allow passing string, number, null for %o placeholder (#2372)
851a43f build(deps-dev): bump @types/node from 24.10.4 to 25.0.3 (#2367)
0c78849 build(deps): bump actions/checkout from 6.0.0 to 6.0.1 (#2365)
8a816c0 docs: add threat model to SECURITY.md (#2360)
5ec12e7 fix: harden transport loading against prototype pollution (#2358)
731afd2 build(deps): update thread-stream to v4 (#2356)
8141f9e build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#2354)
bf1ef34 feat(types): use ThreadStream type from thread-stream (#2320)
7dd79a3 docs: add Node.js 22+ native TypeScript type stripping support (#2347)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for pino since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pino](https://github.com/pinojs/pino) from 8.21.0 to 10.1.1. - [Release notes](https://github.com/pinojs/pino/releases) - [Commits](pinojs/pino@v8.21.0...v10.1.1) --- updated-dependencies: - dependency-name: pino dependency-version: 10.1.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-01-09T21:31:14Z

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

codeant-ai · 2026-01-09T21:31:19Z

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

coderabbitai · 2026-01-09T21:31:21Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

dependabot · 2026-01-14T21:19:01Z

Superseded by #122.

dependabot bot closed this Jan 14, 2026

dependabot bot deleted the dependabot/npm_and_yarn/pino-10.1.1 branch January 14, 2026 21:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps(deps): bump pino from 8.21.0 to 10.1.1#120

deps(deps): bump pino from 8.21.0 to 10.1.1#120
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/pino-10.1.1

dependabot bot commented on behalf of github Jan 9, 2026

Uh oh!

dependabot bot commented on behalf of github Jan 9, 2026

Uh oh!

codeant-ai bot commented Jan 9, 2026

Uh oh!

coderabbitai bot commented Jan 9, 2026

Review skipped

Uh oh!

dependabot bot commented on behalf of github Jan 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Jan 9, 2026

v10.1.1

What's Changed

New Contributors

v10.1.0

What's Changed

New Contributors

v10.0.0

Uh oh!

dependabot bot commented on behalf of github Jan 9, 2026

Labels

Uh oh!

codeant-ai bot commented Jan 9, 2026

Uh oh!

coderabbitai bot commented Jan 9, 2026

Review skipped

Uh oh!

dependabot bot commented on behalf of github Jan 14, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants