deps(deps-dev): bump the development-dependencies group across 1 directory with 6 updates by dependabot[bot] · Pull Request #3168 · defenseunicorns/pepr

dependabot · 2026-06-18T19:58:16Z

Bumps the development-dependencies group with 5 updates in the / directory:

Package	From	To
@commitlint/cli	`21.0.1`	`21.0.2`
@commitlint/config-conventional	`21.0.1`	`21.0.2`
@types/node	`25.9.1`	`25.9.3`
@vitest/coverage-v8	`4.1.7`	`4.1.8`
tsx	`4.22.3`	`4.22.4`

Updates @commitlint/cli from 21.0.1 to 21.0.2

Release notes

Sourced from @commitlint/cli's releases.

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

fix: emit actionable error when --edit cannot find COMMIT_EDITMSG (#589) by @escapedcat in conventional-changelog/commitlint#4755

fix: apply oxfmt formatting to get-edit-commit.ts by @escapedcat in conventional-changelog/commitlint#4768

fix(read): fail when --from and --to share no merge-base #4555 by @CervEdin in conventional-changelog/commitlint#4754

fix: disallow same commit hash for --from and --to by @knocte in conventional-changelog/commitlint#4773

Chore/CI

ci: have renovate rebase stale PRs before merging by @escapedcat in conventional-changelog/commitlint#4782

chore: have renovate hold PRs for 3 days after release by @escapedcat in conventional-changelog/commitlint#4788

chore: anchor vite 8 by @escapedcat in conventional-changelog/commitlint#4790

ci: run commitlint once per same-repo PR by @escapedcat in conventional-changelog/commitlint#4795

New Contributors

@CervEdin made their first contribution in conventional-changelog/commitlint#4754

Full Changelog: conventional-changelog/commitlint@v21.0.1...v21.0.2

Changelog

Sourced from @commitlint/cli's changelog.

21.0.2 (2026-05-29)

Bug Fixes

disallow same commit hash for --from and --to (#4773) (121005e)

Commits

8069048 v21.0.2
121005e fix: disallow same commit hash for --from and --to (#4773)
See full diff in compare view

Updates @commitlint/config-conventional from 21.0.1 to 21.0.2

Release notes

Sourced from @commitlint/config-conventional's releases.

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

fix: emit actionable error when --edit cannot find COMMIT_EDITMSG (#589) by @escapedcat in conventional-changelog/commitlint#4755

fix: apply oxfmt formatting to get-edit-commit.ts by @escapedcat in conventional-changelog/commitlint#4768

fix(read): fail when --from and --to share no merge-base #4555 by @CervEdin in conventional-changelog/commitlint#4754

fix: disallow same commit hash for --from and --to by @knocte in conventional-changelog/commitlint#4773

Chore/CI

ci: have renovate rebase stale PRs before merging by @escapedcat in conventional-changelog/commitlint#4782

chore: have renovate hold PRs for 3 days after release by @escapedcat in conventional-changelog/commitlint#4788

chore: anchor vite 8 by @escapedcat in conventional-changelog/commitlint#4790

ci: run commitlint once per same-repo PR by @escapedcat in conventional-changelog/commitlint#4795

New Contributors

@CervEdin made their first contribution in conventional-changelog/commitlint#4754

Full Changelog: conventional-changelog/commitlint@v21.0.1...v21.0.2

Changelog

Sourced from @commitlint/config-conventional's changelog.

21.0.2 (2026-05-29)

Note: Version bump only for package @commitlint/config-conventional

Commits

8069048 v21.0.2
See full diff in compare view

Updates @types/node from 25.9.1 to 25.9.3

Commits

See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.7 to 4.1.8

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: false [backport to v4] - by @hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)

Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4] - by @toxik and @Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

View changes on GitHub

Commits

e61f2dd chore: release v4.1.8
e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
See full diff in compare view

Updates tsx from 4.22.3 to 4.22.4

Release notes

Sourced from tsx's releases.

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

This release is also available on:

npm package (@latest dist-tag)

Commits

1ce8463 fix: resolve CommonJS directory requires inside dependencies (#803)
See full diff in compare view

Updates vitest from 4.1.7 to 4.1.8

Release notes

Sourced from vitest's releases.

v4.1.8

🐞 Bug Fixes

browser:

Disable client cdp API when allowWrite/allowExec: false [backport to v4] - by @hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)

Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4] - by @toxik and @Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

View changes on GitHub

Commits

e61f2dd chore: release v4.1.8
e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
@types/node	[>= 20.a, < 21]

socket-security · 2026-06-18T19:58:48Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality
@commitlint/cli@21.0.1 ⏵ 21.0.2	⁺¹	⁺¹
vitest@4.1.7 ⏵ 4.1.8
@vitest/coverage-v8@4.1.7 ⏵ 4.1.8
@types/node@25.9.1 ⏵ 25.9.3		⁺¹
tsx@4.22.3 ⏵ 4.22.4	⁺¹	⁺¹
@commitlint/config-conventional@21.0.1 ⏵ 21.0.2

View full report

…ctory with 6 updates Bumps the development-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@commitlint/cli](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/cli) | `21.0.1` | `21.0.2` | | [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/config-conventional) | `21.0.1` | `21.0.2` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.1` | `25.9.3` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.7` | `4.1.8` | | [tsx](https://github.com/privatenumber/tsx) | `4.22.3` | `4.22.4` | Updates `@commitlint/cli` from 21.0.1 to 21.0.2 - [Release notes](https://github.com/conventional-changelog/commitlint/releases) - [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/cli/CHANGELOG.md) - [Commits](https://github.com/conventional-changelog/commitlint/commits/v21.0.2/@commitlint/cli) Updates `@commitlint/config-conventional` from 21.0.1 to 21.0.2 - [Release notes](https://github.com/conventional-changelog/commitlint/releases) - [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/config-conventional/CHANGELOG.md) - [Commits](https://github.com/conventional-changelog/commitlint/commits/v21.0.2/@commitlint/config-conventional) Updates `@types/node` from 25.9.1 to 25.9.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitest/coverage-v8` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8) Updates `tsx` from 4.22.3 to 4.22.4 - [Release notes](https://github.com/privatenumber/tsx/releases) - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs) - [Commits](privatenumber/tsx@v4.22.3...v4.22.4) Updates `vitest` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest) --- updated-dependencies: - dependency-name: "@commitlint/cli" dependency-version: 21.0.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: "@commitlint/config-conventional" dependency-version: 21.0.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: "@types/node" dependency-version: 25.9.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: tsx dependency-version: 4.22.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: vitest dependency-version: 4.1.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-06-26T23:02:32Z

Dependabot can't access a private package registry without explicit configuration. Because of this, Dependabot cannot update this pull request.

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 18, 2026

dependabot Bot requested a review from a team as a code owner June 18, 2026 19:58

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 18, 2026

github-project-automation Bot added this to Pepr Project Board Jun 18, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/development-dependencies-842823e1eb branch from 5336fb4 to da122fe Compare June 18, 2026 20:32

dependabot Bot force-pushed the dependabot/npm_and_yarn/development-dependencies-842823e1eb branch from da122fe to 6368d1d Compare June 18, 2026 22:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

deps(deps-dev): bump the development-dependencies group across 1 directory with 6 updates#3168

deps(deps-dev): bump the development-dependencies group across 1 directory with 6 updates#3168
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/development-dependencies-842823e1eb

dependabot Bot commented on behalf of github Jun 18, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Jun 18, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Jun 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

Chore/CI

New Contributors

21.0.2 (2026-05-29)

Bug Fixes

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

Chore/CI

New Contributors

21.0.2 (2026-05-29)

v4.1.8

🐞 Bug Fixes

View changes on GitHub

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

v4.1.8

🐞 Bug Fixes

View changes on GitHub

Uh oh!

socket-security Bot commented Jun 18, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

dependabot Bot commented on behalf of github Jun 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Jun 18, 2026 •

edited

Loading

socket-security Bot commented Jun 18, 2026 •

edited

Loading