Skip to content

fix(deps): bump the npm group across 1 directory with 6 updates#1591

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-3424be7906
Closed

fix(deps): bump the npm group across 1 directory with 6 updates#1591
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-3424be7906

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026
edited
Loading

Bumps the npm group with 6 updates in the / directory:

Package From To
archiver 7.0.1 8.0.0
plist 4.0.0 5.0.0
tar 7.5.13 7.5.15
eslint 10.2.1 10.3.0
globals 17.5.0 17.6.0
nw 0.111.0 0.111.1

Updates archiver from 7.0.1 to 8.0.0

Release notes

Sourced from archiver's releases.

8.0.0

What’s changed

Breaking changes

Maintenance

Documentation

Dependency updates

... (truncated)

Changelog

Sourced from archiver's changelog.

Changelog

8.0.0 - May 8, 2026Diff

7.0.1 - March 9, 2024Diff

7.0.0 - February 28, 2024Diff

6.0.2 - February 27, 2024Diff

6.0.1 - September 3, 2023Diff

6.0.0 - August 17, 2023Diff

Release Archive

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for archiver since your current version.


Updates plist from 4.0.0 to 5.0.0

Release notes

Sourced from plist's releases.

plist@5.0.0

Major Changes

  • 982349e: BREAKING: null values are now skipped during build(), matching undefined behavior and aligning with Apple's plist DTD which does not include a <null/> element. Parsing <null/> on read is still supported for backwards compatibility.

Minor Changes

  • 592f243: Added binary plist (bplist00) support: parseBinary() and buildBinary() for reading and writing binary plists. parse() now auto-detects binary format.
  • 8f0e2cc: Add browser-native implementations using DOMParser and XMLSerializer for parsing, and native DOM APIs for building XML. Bundlers that support the "browser" export condition (Vite, webpack, esbuild) will automatically use these lighter implementations, dramatically reducing bundle size by eliminating the @xmldom/xmldom and xmlbuilder dependencies.
  • 754240c: Added OpenStep/ASCII plist parsing support via parseOpenStep(). parse() now auto-detects all three plist formats: XML, binary, and OpenStep.
  • 3463937: Rewritten in TypeScript with full type declarations. Switched to vitest for testing and pnpm for package management.

Patch Changes

  • 8ce0162: Fixed exponential parse blowup when parsing deeply nested plist files. The dict parser was eagerly evaluating error message arguments, causing every value to be parsed twice.
  • f8102c0: Replaced legacy patterns with modern JS equivalents: native toISOString(), Object.hasOwn(), and direct type checks.
Changelog

Sourced from plist's changelog.

5.0.0

Major Changes

  • 982349e: BREAKING: null values are now skipped during build(), matching undefined behavior and aligning with Apple's plist DTD which does not include a <null/> element. Parsing <null/> on read is still supported for backwards compatibility.

Minor Changes

  • 592f243: Added binary plist (bplist00) support: parseBinary() and buildBinary() for reading and writing binary plists. parse() now auto-detects binary format.
  • 8f0e2cc: Add browser-native implementations using DOMParser and XMLSerializer for parsing, and native DOM APIs for building XML. Bundlers that support the "browser" export condition (Vite, webpack, esbuild) will automatically use these lighter implementations, dramatically reducing bundle size by eliminating the @xmldom/xmldom and xmlbuilder dependencies.
  • 754240c: Added OpenStep/ASCII plist parsing support via parseOpenStep(). parse() now auto-detects all three plist formats: XML, binary, and OpenStep.
  • 3463937: Rewritten in TypeScript with full type declarations. Switched to vitest for testing and pnpm for package management.

Patch Changes

  • 8ce0162: Fixed exponential parse blowup when parsing deeply nested plist files. The dict parser was eagerly evaluating error message arguments, causing every value to be parsed twice.
  • f8102c0: Replaced legacy patterns with modern JS equivalents: native toISOString(), Object.hasOwn(), and direct type checks.
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for plist since your current version.


Updates tar from 7.5.13 to 7.5.15

Commits

Updates eslint from 10.2.1 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

  • 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

  • b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

  • 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
  • 7f47937 docs: Update README (GitHub Actions Bot)

Chores

  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
  • 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
  • 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
  • 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
  • 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
  • f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
  • a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
  • 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
  • b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
  • 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)
Commits
  • 7889204 10.3.0
  • 5b69b4f Build: changelog update for 10.3.0
  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
  • b6ae5cf fix: handle unavailable require cache (#20812)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
  • 379571a feat: add suggestions for no-unused-private-class-members (#20773)
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
  • Additional commits viewable in compare view

Updates globals from 17.5.0 to 17.6.0

Release notes

Sourced from globals's releases.

v17.6.0

  • Update globals (2026-05-01) (#343) 00a4dd9

sindresorhus/globals@v17.5.0...v17.6.0

Commits

Updates nw from 0.111.0 to 0.111.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
fix(deps): bump the npm group across 1 directory with 6 updates
b8f0228 
Bumps the npm group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [archiver](https://github.com/archiverjs/node-archiver) | `7.0.1` | `8.0.0` |
| [plist](https://github.com/TooTallNate/plist.js) | `4.0.0` | `5.0.0` |
| [tar](https://github.com/isaacs/node-tar) | `7.5.13` | `7.5.15` |
| [eslint](https://github.com/eslint/eslint) | `10.2.1` | `10.3.0` |
| [globals](https://github.com/sindresorhus/globals) | `17.5.0` | `17.6.0` |
| [nw](https://github.com/nwjs/npm-installer) | `0.111.0` | `0.111.1` |



Updates `archiver` from 7.0.1 to 8.0.0
- [Release notes](https://github.com/archiverjs/node-archiver/releases)
- [Changelog](https://github.com/archiverjs/node-archiver/blob/master/CHANGELOG.md)
- [Commits](archiverjs/node-archiver@7.0.1...8.0.0)

Updates `plist` from 4.0.0 to 5.0.0
- [Release notes](https://github.com/TooTallNate/plist.js/releases)
- [Changelog](https://github.com/TooTallNate/plist.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/TooTallNate/plist.js/commits/plist@5.0.0)

Updates `tar` from 7.5.13 to 7.5.15
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.13...v7.5.15)

Updates `eslint` from 10.2.1 to 10.3.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.2.1...v10.3.0)

Updates `globals` from 17.5.0 to 17.6.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.5.0...v17.6.0)

Updates `nw` from 0.111.0 to 0.111.1
- [Changelog](https://github.com/nwjs/npm-installer/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nwjs/npm-installer/commits)

---
updated-dependencies:
- dependency-name: archiver
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: plist
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: tar
  dependency-version: 7.5.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: globals
  dependency-version: 17.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: nw
  dependency-version: 0.111.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 8, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 8, 2026

Coverage Report for Vitest Coverage (ubuntu-24.04)

Status Category Percentage Covered / Total
🔵 Lines 21.23% 110 / 518
🔵 Statements 21.19% 110 / 519
🔵 Functions 32.35% 11 / 34
🔵 Branches 24.54% 134 / 546
File CoverageNo changed files found.
Generated in workflow #1026 for commit b8f0228 by the Vitest Coverage Report Action

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 8, 2026

Coverage Report for Vitest Coverage (macos-26)

Status Category Percentage Covered / Total
🔵 Lines 29.53% 153 / 518
🔵 Statements 29.47% 153 / 519
🔵 Functions 47.05% 16 / 34
🔵 Branches 21.61% 118 / 546
File CoverageNo changed files found.
Generated in workflow #1026 for commit b8f0228 by the Vitest Coverage Report Action

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 8, 2026

Coverage Report for Vitest Coverage (windows-2025)

Status Category Percentage Covered / Total
🔵 Lines 20.07% 104 / 518
🔵 Statements 20.03% 104 / 519
🔵 Functions 32.35% 11 / 34
🔵 Branches 22.34% 122 / 546
File CoverageNo changed files found.
Generated in workflow #1026 for commit b8f0228 by the Vitest Coverage Report Action

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 12, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 12, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-3424be7906 branch May 12, 2026 02:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants