Skip to content

chore(deps-dev): bump the dev-dependencies group across 1 directory with 7 updates#114

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dev-dependencies-008d8a766f
Open

chore(deps-dev): bump the dev-dependencies group across 1 directory with 7 updates#114
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dev-dependencies-008d8a766f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 13, 2026
edited by coderabbitai Bot
Loading

Bumps the dev-dependencies group with 7 updates in the / directory:

Package From To
@types/node 22.19.19 25.7.0
lint-staged 16.4.0 17.0.4
typescript 5.9.3 6.0.3
@vitejs/plugin-react 4.7.0 6.0.1
jsdom 26.1.0 29.1.1
vite 6.4.2 8.0.12
dotenv 16.6.1 17.4.2

Updates @types/node from 22.19.19 to 25.7.0

Commits

Updates lint-staged from 16.4.0 to 17.0.4

Release notes

Sourced from lint-staged's releases.

v17.0.4

Patch Changes

  • #1788 f95c1f8 - Another fix for making sure lint-staged adds task modifications correctly to the commit in the following cases:

    • after editing <file> it is staged with git add <file>, and then committed with git commit
    • after editing <file> it is committed with git commit --all without explicit git add
    • after editing <file> it is committed with git commit <pathspec> without explicit git add

    There's new test cases which actually setup the Git pre_commit hook to run lint-staged and verify them. These issues started in v17.0.0 when trying to improve support for committig without having explicitly staged files.

v17.0.3

Patch Changes

  • #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
    • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
    • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

v17.0.2

Patch Changes

v17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

v17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

  • #1759 f13045a Thanks @​iiroj! - Update dependencies, including [email protected] to fix the following issues:

    • When using a Node.js version manager with multiple versions installed (nvm, n, for example), scripts with the #!/usr/bin/env node shebang (Prettier, ESLint, for example) were previously spawned using the default Node.js version configured by the version manager (the one which node points to) on POSIX systems. Now, they will be spawned with the same version that lint-staged itself was started with.
      • For example, if your default Node.js version is 24.14.1 but lint-staged is run with the latest version 25.9.0, the tasks spawned by lint-staged will now also use version 25.9.0. Previously they were spawned using 24.14.1.

... (truncated)

Changelog

Sourced from lint-staged's changelog.

17.0.4

Patch Changes

  • #1788 f95c1f8 - Another fix for making sure lint-staged adds task modifications correctly to the commit in the following cases:

    • after editing <file> it is staged with git add <file>, and then committed with git commit
    • after editing <file> it is committed with git commit --all without explicit git add
    • after editing <file> it is committed with git commit <pathspec> without explicit git add

    There's new test cases which actually setup the Git pre_commit hook to run lint-staged and verify them. These issues started in v17.0.0 when trying to improve support for committig without having explicitly staged files.

17.0.3

Patch Changes

  • #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
    • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
    • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

17.0.2

Patch Changes

17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

... (truncated)

Commits
  • 2862964 Merge pull request #1789 from lint-staged/changeset-release/main
  • c9ecd54 chore(changeset): release
  • cc6b51a Merge pull request #1788 from lint-staged/fix-update-index-again
  • f95c1f8 fix: update both default index.lock and non-standard lock when latter exists
  • f44ee68 Merge pull request #1786 from lint-staged/update-repo-url
  • a61cf18 build(deps): update dependencies
  • ea00037 docs: disable Changesets "thanks"
  • ab7c26c docs: update repo URL to point in lint-staged/lint-staged
  • a36ec1e Merge pull request #1783 from lint-staged/changeset-release/main
  • 03ce2a9 chore(changeset): release
  • Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

Downloads are available on:

TypeScript 6.0

For release notes, check out the release announcement blog post.

Downloads are available on:

TypeScript 6.0 Beta

For release notes, check out the release announcement.

Downloads are available on:

Commits
  • 050880c Bump version to 6.0.3 and LKG
  • eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
  • ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
  • 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
  • 607a22a Bump version to 6.0.2 and LKG
  • 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
  • 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
  • e175b69 Bump version to 6.0.1-rc and LKG
  • af4caac Update LKG
  • 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
  • Additional commits viewable in compare view

Updates @vitejs/plugin-react from 4.7.0 to 6.0.1

Release notes

Sourced from @​vitejs/plugin-react's releases.

[email protected]

Expand @rolldown/plugin-babel peer dep range (#1146)

Expanded @rolldown/plugin-babel peer dep range to include ^0.2.0.

[email protected]

Remove Babel Related Features (#1123)

Vite 8+ can handle React Refresh Transform by Oxc and doesn't need Babel for it. With that, there are no transform applied that requires Babel. To reduce the installation size of this plugin, babel is no longer a dependency of this plugin and the related features are removed.

If you are using Babel, you can use @rolldown/plugin-babel together with this plugin:

 import { defineConfig } from 'vite'
 import react from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
export default defineConfig({
plugins: [


react({



  babel: {



    plugins: ['@babel/plugin-proposal-throw-expressions'],



  },



}),





react(),



babel({



  plugins: ['@babel/plugin-proposal-throw-expressions'],



}),

]
})

For React compiler users, you can use reactCompilerPreset for easier setup with preconfigured filter to improve build performance:

 import { defineConfig } from 'vite'
-import react from '@vitejs/plugin-react'
+import react, { reactCompilerPreset } from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
export default defineConfig({
plugins: [

react({

 babel: {



   plugins: ['babel-plugin-react-compiler'],



 },


}),


react(),
babel({

 presets: [reactCompilerPreset()]



</tr></table>

... (truncated)

Changelog

Sourced from @​vitejs/plugin-react's changelog.

6.0.1 (2026-03-13)

Expand @rolldown/plugin-babel peer dep range (#1146)

Expanded @rolldown/plugin-babel peer dep range to include ^0.2.0.

6.0.0 (2026-03-12)

6.0.0-beta.0 (2026-03-03)

Remove Babel Related Features (#1123)

Vite 8+ can handle React Refresh Transform by Oxc and doesn't need Babel for it. With that, there are no transform applied that requires Babel. To reduce the installation size of this plugin, babel is no longer a dependency of this plugin and the related features are removed.

If you are using Babel, you can use @rolldown/plugin-babel together with this plugin:

 import { defineConfig } from 'vite'
 import react from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
export default defineConfig({
plugins: [


react({



  babel: {



    plugins: ['@babel/plugin-proposal-throw-expressions'],



  },



}),





react(),



babel({



  plugins: ['@babel/plugin-proposal-throw-expressions'],



}),

]
})

For React compiler users, you can use reactCompilerPreset for easier setup with preconfigured filter to improve build performance:

 import { defineConfig } from 'vite'
-import react from '@vitejs/plugin-react'
+import react, { reactCompilerPreset } from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
export default defineConfig({
plugins: [

react({

 babel: {



   plugins: ['babel-plugin-react-compiler'],



 },



</tr></table>

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​vitejs/plugin-react since your current version.


Updates jsdom from 26.1.0 to 29.1.1

Release notes

Sourced from jsdom's releases.

v29.1.1

  • Fixed 'border-radius' computed style serialization. (@​asamuzaK)
  • Fixed computed style computation when using 'background-origin' and 'background-clip' CSS properties. (@​asamuzaK)
  • Significantly optimized initial calls to getComputedStyle(), before the cache warms up. (@​asamuzaK)

v29.1.0

  • Added basic support for the ratio CSS type. (@​asamuzaK)
  • Fixed getComputedStyle() sometimes returning outdated results after CSS was modified. (@​asamuzaK)

v29.0.2

  • Significantly improved and sped up getComputedStyle(). Computed value rules are now applied across a broader set of properties, and include fixes related to inheritance, defaulting keywords, custom properties, and color-related values such as currentcolor and system colors. (@​asamuzaK)
  • Fixed CSS 'background' and 'border' shorthand parsing. (@​asamuzaK)

v29.0.1

  • Fixed CSS parsing of 'border', 'background', and their sub-shorthands containing keywords or var(). (@​asamuzaK)
  • Fixed getComputedStyle() to return a more functional CSSStyleDeclaration object, including indexed access support, which regressed in v29.0.0.

v29.0.0

Breaking changes:

  • Node.js v22.13.0+ is now the minimum supported v22 version (was v22.12.0+).

Other changes:

  • Overhauled the CSSOM implementation, replacing the @acemir/cssom and cssstyle dependencies with fresh internal implementations built on webidl2js wrappers and the css-tree parser. Serialization, parsing, and API behavior is improved in various ways, especially around edge cases.
  • Added CSSCounterStyleRule and CSSNamespaceRule to jsdom Windows.
  • Added cssMediaRule.matches and cssSupportsRule.matches getters.
  • Added proper media query parsing in MediaList, using css-tree instead of naive comma-splitting. Invalid queries become "not all" per spec.
  • Added cssKeyframeRule.keyText getter/setter validation.
  • Added cssStyleRule.selectorText setter validation: invalid selectors are now rejected.
  • Added styleSheet.ownerNode, styleSheet.href, and styleSheet.title.
  • Added bad port blocking per the fetch specification, preventing fetches to commonly-abused ports.
  • Improved Document initialization performance by lazily initializing the CSS selector engine, avoiding ~0.5 ms of overhead per Document. (@​thypon)
  • Fixed a memory leak when stylesheets were removed from the document.
  • Fixed CSSStyleDeclaration modifications to properly trigger custom element reactions.
  • Fixed nested @media rule parsing.
  • Fixed CSSStyleSheet's "disallow modification" flag not being checked in all mutation methods.
  • Fixed XMLHttpRequest's response getter returning parsed JSON during the LOADING state instead of null.
  • Fixed getComputedStyle() crashing in XHTML documents when stylesheets contained at-rules such as @page or @font-face.
  • Fixed a potential hang in synchronous XMLHttpRequest caused by a race condition with the worker thread's idle timeout.

v28.1.0

  • Added blob.text(), blob.arrayBuffer(), and blob.bytes() methods.
  • Improved getComputedStyle() to account for CSS specificity when multiple rules apply. (@​asamuzaK)
  • Improved synchronous XMLHttpRequest performance by using a persistent worker thread, avoiding ~400ms of setup overhead on every synchronous request after the first one.
  • Improved performance of node.getRootNode(), node.isConnected, and event.dispatchEvent() by caching the root node of document-connected trees.
  • Fixed getComputedStyle() to correctly handle !important priority. (@​asamuzaK)
  • Fixed document.getElementById() to return the first element in tree order when multiple elements share the same ID.
  • Fixed <svg> elements to no longer incorrectly proxy event handlers to the Window.
  • Fixed FileReader event timing and fileReader.result state to more closely follow the spec.

... (truncated)

Commits
  • 9b9ea7e 29.1.1
  • 07efb78 Optimize computed style comparison
  • 5f66329 Fix background-origin/background-clip in background shorthand
  • ad8af77 Fix border shorthand handling
  • 5a3e88e 29.1.0
  • 73db204 Update dependencies and dev dependencies
  • a7168a5 Support ratio CSS unit type
  • 15346e0 Fix style cache invalidation
  • 2a1e2cd 29.0.2
  • 4097d66 Resolve computed CSS values lazily in CSSStyleDeclaration
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for jsdom since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates vite from 6.4.2 to 8.0.12

Release notes

Sourced from vite's releases.

v8.0.12

Please refer to CHANGELOG.md for details.

v8.0.11

Please refer to CHANGELOG.md for details.

v8.0.10

Please refer to CHANGELOG.md for details.

v8.0.9

Please refer to CHANGELOG.md for details.

v8.0.8

Please refer to CHANGELOG.md for details.

v8.0.7

Please refer to CHANGELOG.md for details.

v8.0.6

Please refer to CHANGELOG.md for details.

v8.0.5

Please refer to CHANGELOG.md for details.

v8.0.4

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v8.0.3

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.12 (2026-05-11)

Features

Bug Fixes

  • deps: update all non-major dependencies (#22420) (2be6000)
  • module-runner: prevent partial-exports race on concurrent imports of in-flight invalidated re-export chains (#22369) (f5a22e6)
  • refer to rolldownOptions instead of deprecated rollupOptions in messages (#22400) (b675c7b)
  • worker: apply build.target to worker bundle (#22404) (3c93fde)
  • worker: forward define to worker bundle transform (#22408) (d4838a0)

Miscellaneous Chores

8.0.11 (2026-05-07)

Features

Bug Fixes

  • deps: update all non-major dependencies (#22334) (672c962)
  • deps: update all non-major dependencies (#22382) (5c0cfcb)
  • glob: align hmr matcher options with glob enumeration (#22306) (30028f9)
  • make separate object instance for each environment (#22276) (7c2aa3b)

Documentation

Miscellaneous Chores

  • deps: update dependency tsdown to ^0.21.10 (#22333) (3b51e05)
  • deps: update rolldown-related dependencies (#22383) (555ff36)
  • deps: update transitive packages to fix npm audit alerts (#22316) (86aee62)

Code Refactoring

Tests

... (truncated)

Commits
  • 4dce8b4 release: v8.0.12
  • b675c7b fix: refer to rolldownOptions instead of deprecated rollupOptions in mess...
  • 66b9eb3 chore(deps): update rolldown-related dependencies (#22421)
  • 2fe7bd2 chore(deps): update dependency eslint-plugin-n to v18 (#22423)
  • 2be6000 fix(deps): update all non-major dependencies (#22420)
  • d4838a0 fix(worker): forward define to worker bundle transform (#22408)
  • cf0ff41 feat: update rolldown to 1.0.0 (#22401)
  • 3c93fde fix(worker): apply build.target to worker bundle (#22404)
  • f5a22e6 fix(module-runner): prevent partial-exports race on concurrent imports of in-...
  • 66f3194 release: v8.0.11
  • Additional commits viewable in compare view

Updates dotenv from 16.6.1 to 17.4.2

Changelog

Sourced from dotenv's changelog.

17.4.2 (2026-04-12)

Changed

  • Improved skill files - tightened up details (#1009)

17.4.1 (2026-04-05)

Changed

  • Change text injecting to injected (#1005)

17.4.0 (2026-04-01)

Added

  • Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

  • Tighten up logs: ◇ injecting env (14) from .env (#1003)

17.3.1 (2026-02-12)

Changed

  • Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

  • Add a new README section on dotenv’s approach to the agentic future.

Changed

  • Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

  • Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)
  • Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

17.2.3 (2025-09-29)

Changed

  • Fixed typescript error definition (#912)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

Chores

  • Updated TypeScript from version 5.9.3 to 6.0.3 across all packages, applications, and workspace-level configuration
  • Upgraded desktop application development dependencies: Vite (6 → 8), Vite React plugin (4 → 6), jsdom (26 → 29), and TypeScript (5.9 → 6.0)
  • Updated workspace dependencies: @types/node (→ 25.7.0), lint-staged (→ 17.0.4), and dotenv (→ 17.4.2)

Review Change Stack

@dependabot
chore(deps-dev): bump the dev-dependencies group across 1 directory w…
ab8d751 
…ith 7 updates

Bumps the dev-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.19` | `25.7.0` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.4.0` | `17.0.4` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |
| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `4.7.0` | `6.0.1` |
| [jsdom](https://github.com/jsdom/jsdom) | `26.1.0` | `29.1.1` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.2` | `8.0.12` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.2` |



Updates `@types/node` from 22.19.19 to 25.7.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `lint-staged` from 16.4.0 to 17.0.4
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.4.0...v17.0.4)

Updates `typescript` from 5.9.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.3)

Updates `@vitejs/plugin-react` from 4.7.0 to 6.0.1
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/[email protected]/packages/plugin-react)

Updates `jsdom` from 26.1.0 to 29.1.1
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Commits](jsdom/jsdom@v26.1.0...v29.1.1)

Updates `vite` from 6.4.2 to 8.0.12
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.12/packages/vite)

Updates `dotenv` from 16.6.1 to 17.4.2
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.6.1...v17.4.2)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 25.7.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: lint-staged
  dependency-version: 17.0.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 6.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: jsdom
  dependency-version: 29.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: vite
  dependency-version: 8.0.12
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: dotenv
  dependency-version: 17.4.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 13, 2026
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 13, 2026
edited
Loading

📝 Walkthrough

Walkthrough

TypeScript is upgraded to 6.0.3 across all packages in the monorepo. The root package.json adds upgrades for @types/node to 25.7.0 and lint-staged to 17.0.4. The desktop application updates Vite, React plugin, and jsdom to newer major versions. The database package updates dotenv separately.

Changes

Monorepo Dependency Upgrades

Layer / File(s) Summary
Root monorepo infrastructure
package.json		 Root package.json updates TypeScript to ^6.0.3, @types/node to ^25.7.0, and lint-staged to ^17.0.4.
Application packages TypeScript
apps/dashboard/package.json, apps/website/package.json		 Dashboard and website applications update TypeScript to ^6.0.3 to match the root version constraint.
Desktop application environment
apps/desktop/package.json		 Desktop package upgrades multiple dev dependencies: Vite to ^8, @vitejs/plugin-react to ^6, jsdom to ^29, and TypeScript to ^6.0.
Workspace packages TypeScript
packages/agent-definitions/package.json, packages/cli/package.json, packages/github-action/package.json, packages/installer/package.json, packages/mcp-server/package.json, packages/shared/package.json, packages/storage/package.json, packages/ui-utils/package.json, packages/ui/package.json		 Nine core workspace packages update TypeScript to ^6.0.3 consistently with the root configuration.
Database package dependencies
packages/database/package.json		 Database package updates dotenv to ^17.4.2 and TypeScript to ^6.0.3.

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the main change: a dependency version bump across multiple package.json files in the repository, specifically for dev-dependencies with multiple package updates.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot requested changes May 13, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/desktop/package.json`:
- Around line 42-46: package.json lists upgraded majors for vite,
`@vitejs/plugin-react`, jsdom and typescript that conflict with the current
bun.lock pins ([email protected], `@vitejs/plugin-react`@^4, [email protected]); regenerate
the lockfile so bun.lock matches package.json by removing or regenerating
bun.lock and running a fresh lockfile install (e.g., bun install) to produce a
new bun.lock that resolves vite ^8, `@vitejs/plugin-react` ^6, jsdom ^29 and
typescript ^6.0, then verify vite.config.ts and vitest.config.ts still work and
commit the updated bun.lock together with package.json.

In `@apps/website/package.json`:
- Line 24: package.json currently pins "typescript": "^6.0.3" but the project’s
Next.js version is incompatible; update package.json to either bump Next.js to
^16.2.0 or later (modify the "next" dependency) to ensure TypeScript 6 support,
run a fresh install and test, or alternatively change the "typescript" entry to
"^5.1.0" to match the existing Next.js version; ensure you update the same
package.json that contains the "typescript" field and run the lockfile update
(npm/yarn/pnpm install) and CI to validate the toolchain.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 82b01d20-3760-42cd-a34f-a8afb9df3651

📥 Commits

Reviewing files that changed from the base of the PR and between ad37bc6 and ab8d751.

📒 Files selected for processing (14)
  • apps/dashboard/package.json
  • apps/desktop/package.json
  • apps/website/package.json
  • package.json
  • packages/agent-definitions/package.json
  • packages/cli/package.json
  • packages/database/package.json
  • packages/github-action/package.json
  • packages/installer/package.json
  • packages/mcp-server/package.json
  • packages/shared/package.json
  • packages/storage/package.json
  • packages/ui-utils/package.json
  • packages/ui/package.json

Comment thread apps/desktop/package.json
Comment on lines +42 to +46
"@vitejs/plugin-react": "^6",
"jsdom": "^29",
"tailwindcss": "^4",
"typescript": "^5.9",
"vite": "^6",
"typescript": "^6.0",
"vite": "^8",
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "==> apps/desktop/package.json versions"
jq -r '.devDependencies | {vite, "@vitejs/plugin-react", jsdom, typescript, vitest}' apps/desktop/package.json

echo "==> local Vite/Vitest config files"
fd -i 'vite.config.*'
fd -i 'vitest.config.*'

echo "==> references to jsdom environment setup"
rg -n -C2 'jsdom|environment'

Repository: agentver/agentver

Length of output: 26970

🏁 Script executed:

# Check vite config for potential compatibility issues
cat -n apps/desktop/vite.config.ts

# Check if apps/desktop/vitest.config.ts references vite config
cat -n apps/desktop/vitest.config.ts

# Check the full current package.json to understand context
cat -n apps/desktop/package.json

Repository: agentver/agentver

Length of output: 2803

🌐 Web query:

TypeScript 6.0 Vite compatibility requirements

💡 Result:

Vite is fully compatible with TypeScript 6.0. Recent Vite development (as of April 2026) has upgraded its own dev dependencies to TypeScript ~6.0.2 across templates and internal tooling [1][2][3]. Vite 8.0.0 (released March 2026) supports TypeScript config files like vite.config.ts and provides full TypeScript typings for its APIs [4][5]. Vite has no peer dependency on TypeScript and does not perform type-checking itself (relying on tsc or IDE), only transpilation via esbuild or similar [5][6]. Users must ensure tsconfig.json settings like "isolatedModules": true for compatibility with Vite's transpilation model [5]. TypeScript 6.0 changes (e.g., removal of --outFile) align well with Vite as a modern bundler [7][8]. No specific restrictions or additional requirements for TypeScript 6.0 were found in official docs or recent releases [9][10][11].

Citations:

🌐 Web query:

@vitejs/plugin-react v6 vite v8 compatibility

💡 Result:

@vitejs/plugin-react v6 is fully compatible with Vite v8. It was specifically released alongside Vite 8 to support its new architecture using Rolldown and Oxc for React Refresh transforms, dropping Babel dependency and Vite 7 support [1][2][3][4]. The official Vite 8 announcement confirms "@vitejs/plugin-react v6" integration [3]. Note that plugin-react v6 requires Vite 8+ and is not compatible with Vite 7 [2][4]. For Babel needs (e.g., React Compiler), pair with @rolldown/plugin-babel [5][3][4]. Older plugin-react v5 works with Vite 8 but lacks v6 optimizations [3].

Citations:

Resolve version mismatch between package.json and bun.lock before merge.

The declared major version upgrades (vite ^8, @vitejs/plugin-react ^6, jsdom ^29, typescript ^6.0) are mutually compatible with vitest 4.1.0, and your vite.config.ts and vitest.config.ts configurations are correctly structured. However, bun.lock is severely out of sync: it pins [email protected], @vitejs/plugin-react@^4, and [email protected] whilst package.json declares vite ^8, @vitejs/plugin-react ^6, and jsdom ^29. This will cause install behaviour to differ between lockfile-based and package.json-based installs. Regenerate the lock file to ensure consistency.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@apps/desktop/package.json` around lines 42 - 46, package.json lists upgraded
majors for vite, `@vitejs/plugin-react`, jsdom and typescript that conflict with
the current bun.lock pins ([email protected], `@vitejs/plugin-react`@^4, [email protected]);
regenerate the lockfile so bun.lock matches package.json by removing or
regenerating bun.lock and running a fresh lockfile install (e.g., bun install)
to produce a new bun.lock that resolves vite ^8, `@vitejs/plugin-react` ^6, jsdom
^29 and typescript ^6.0, then verify vite.config.ts and vitest.config.ts still
work and commit the updated bun.lock together with package.json.

Comment thread apps/website/package.json
"@types/react": "^19.0.0",
"@types/react-dom": "^19.0.0",
"typescript": "^5.9.3"
"typescript": "^6.0.3"
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Show website package versions relevant to TS compatibility
jq -r '.name, .dependencies.next, .dependencies.react, .dependencies["react-dom"], .devDependencies.typescript' apps/website/package.json

# Surface TypeScript config inheritance for this app
fd -i 'tsconfig*.json' -x sh -c 'echo "==> $1"; jq -r ".extends, .compilerOptions" "$1" 2>/dev/null || cat "$1"'

Repository: agentver/agentver

Length of output: 648

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Find all tsconfig files in the repo
echo "=== Finding tsconfig files ==="
find . -name 'tsconfig*.json' -type f 2>/dev/null | head -20

# Read the website's tsconfig specifically
echo ""
echo "=== Website tsconfig content ==="
if [ -f apps/website/tsconfig.json ]; then
  cat apps/website/tsconfig.json
fi

# Check root tsconfig
echo ""
echo "=== Root tsconfig content ==="
if [ -f tsconfig.json ]; then
  cat tsconfig.json
fi

Repository: agentver/agentver

Length of output: 850

🌐 Web query:

Next.js 16 TypeScript 6.0 compatibility support

💡 Result:

Next.js 16 supports TypeScript 6.0 (as of mid/late 2026). What we can say with evidence: 1) Next.js 16’s published minimum TypeScript requirement is TypeScript 5.1.0+ (not TypeScript 6 specifically). The official Next.js 16 upgrade guide lists “TypeScript 5+” with a minimum of “5.1.0” [1]. 2) The Next.js repo had an explicit change to “Bump TypeScript to 6.0”, merged into the project’s canary flow (a concrete sign that Next.js’ CI/build tooling was updated for TS 6.0) [2]. 3) The Next.js team also backported specific TypeScript v6 deprecations/behavior changes (baseUrl/moduleResolution) into the Next.js 16.2 line, again indicating TS6 compatibility work targeted at the Next.js 16 branch [3]. Practical recommendation (because the official docs only guarantee 5.1.0+ as the minimum): - If you want TS 6.0 specifically, use a recent Next.js 16 release line (or canary) where TS6 support work has landed, and expect any TS 6.0 deprecation-related config changes to be relevant (e.g., baseUrl/moduleResolution deprecations were explicitly handled) [3]. References (most relevant): Next.js 16 minimum TS requirement [1]; merged “Bump TypeScript to 6.0” PR [2]; TS6 deprecations backport for Next.js 16.2 [3].

Citations:

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Locate the shared TypeScript config package
echo "=== Finding `@agentver/typescript-config` ==="
find . -path '*/typescript-config*' -name 'nextjs.json' -o -path '*/typescript-config*' -type d | head -10

# List the typescript-config package structure
echo ""
echo "=== TypeScript config package content ==="
if [ -d packages/typescript-config ]; then
  ls -la packages/typescript-config/
  echo ""
  if [ -f packages/typescript-config/nextjs.json ]; then
    cat packages/typescript-config/nextjs.json
  fi
fi

# Check if there are any recent build/type-check issues mentioned in any logs or commits
echo ""
echo "=== Recent git commits touching TypeScript or tsconfig ==="
git log --oneline --all -20 -- '*tsconfig*.json' '*typescript*' 2>/dev/null | head -20 || echo "No recent TypeScript-related commits found"

Repository: agentver/agentver

Length of output: 1209

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Read the base TypeScript config
echo "=== TypeScript config base.json ==="
if [ -f packages/typescript-config/base.json ]; then
  cat packages/typescript-config/base.json
fi

Repository: agentver/agentver

Length of output: 852

Upgrade Next.js to version 16.2 or later to ensure proper TypeScript 6 support.

Next.js 16.1.6 does not include TypeScript 6 compatibility changes. The TypeScript 6 deprecation handling (including fixes for moduleResolution: "NodeNext" used in base.json) was added in Next.js 16.2 and backported to the 16.2+ branch. Current versions create an unsupported toolchain combination. Either upgrade Next.js to ^16.2.0 or downgrade TypeScript to ^5.1.0.

🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@apps/website/package.json` at line 24, package.json currently pins
"typescript": "^6.0.3" but the project’s Next.js version is incompatible; update
package.json to either bump Next.js to ^16.2.0 or later (modify the "next"
dependency) to ensure TypeScript 6 support, run a fresh install and test, or
alternatively change the "typescript" entry to "^5.1.0" to match the existing
Next.js version; ensure you update the same package.json that contains the
"typescript" field and run the lockfile update (npm/yarn/pnpm install) and CI to
validate the toolchain.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants