Automated Safe Dependency Updates
This PR contains safe patch-level dependency updates that have been verified to:
- ✅ Pass all tests (1708 tests pass)
- ✅ Have no breaking changes
- ✅ No security vulnerabilities introduced (
npm audit shows 0 vulnerabilities)
Updated Dependencies
| Package |
Previous |
Updated |
Type |
@babel/preset-env |
7.29.2 |
7.29.3 |
patch |
@commitlint/cli |
20.5.0 |
20.5.3 |
patch |
@commitlint/config-conventional |
20.5.0 |
20.5.3 |
patch |
@typescript-eslint/eslint-plugin |
8.58.2 |
8.59.1 |
patch |
@typescript-eslint/parser |
8.58.2 |
8.59.1 |
patch |
typescript-eslint |
8.58.2 |
8.59.1 |
patch |
ajv |
8.18.0 |
8.20.0 |
minor |
eslint |
10.2.1 |
10.3.0 |
minor |
globals |
17.5.0 |
17.6.0 |
minor |
Security Fixes Included
No specific CVEs addressed — npm audit reports 0 vulnerabilities before and after.
Skipped Updates (major version bumps or breaking changes)
| Package |
Current |
Latest |
Reason |
chalk |
4.1.2 |
5.6.2 |
Major (ESM-only in v5) |
commander |
12.1.0 |
14.0.3 |
Major version jump |
esbuild |
0.25.12 |
0.28.0 |
Minor but potentially breaking API changes |
eslint-plugin-security |
3.0.1 |
4.0.0 |
Major version |
execa |
5.1.1 |
9.6.1 |
Major (ESM-only in v6+) |
markdownlint-cli2 |
0.21.0 |
0.22.1 |
Minor 0.x — may have breaking changes |
typescript |
5.9.3 |
6.0.3 |
Major version |
Verification
Notes
Two pre-existing test failures (unrelated to these changes):
- DNS resolution test checking specific IP for
github.com (network-dependent)
- Permission test attempting to create
/var/tmp/custom-awf-work (environment permissions)
Generated by Dependency Security Monitor Workflow
To route changes like this to a review issue instead of blocking, configure protected-files: fallback-to-issue in your workflow configuration.
Generated by Dependency Security Monitor · ● 621.1K · ◷
Automated Safe Dependency Updates
This PR contains safe patch-level dependency updates that have been verified to:
npm auditshows 0 vulnerabilities)Updated Dependencies
@babel/preset-env@commitlint/cli@commitlint/config-conventional@typescript-eslint/eslint-plugin@typescript-eslint/parsertypescript-eslintajveslintglobalsSecurity Fixes Included
No specific CVEs addressed —
npm auditreports 0 vulnerabilities before and after.Skipped Updates (major version bumps or breaking changes)
chalkcommanderesbuildeslint-plugin-securityexecamarkdownlint-cli2typescriptVerification
npm auditshows 0 vulnerabilitiesNotes
Two pre-existing test failures (unrelated to these changes):
github.com(network-dependent)/var/tmp/custom-awf-work(environment permissions)Generated by Dependency Security Monitor Workflow
Warning
Protected Files
This was originally intended as a pull request, but the patch modifies protected files. These files may affect project dependencies, CI/CD pipelines, or agent behaviour. Please review the changes carefully before creating the pull request.
Click here to create the pull request once you have reviewed the changes
Protected files
package-lock.jsonpackage.jsonTo route changes like this to a review issue instead of blocking, configure
protected-files: fallback-to-issuein your workflow configuration.