Skip to content

chore(deps): (deps): bump the production group with 7 updates #906

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
cb1kenobi merged 1 commit into from
Feb 11, 2026
Merged

chore(deps): (deps): bump the production group with 7 updates #906

cb1kenobi merged 1 commit into from
Feb 11, 2026

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 11, 2026

Bumps the production group with 7 updates:

Package From To
semver 7.7.3 7.7.4
undici 7.20.0 7.21.0
which 6.0.0 6.0.1
@babel/generator 7.29.0 7.29.1
@sinclair/typebox 0.27.8 0.27.10
caniuse-lite 1.0.30001767 1.0.30001769
magicast 0.5.1 0.5.2

Updates semver from 7.7.3 to 7.7.4

Release notes

Sourced from semver's releases.

v7.7.4

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Changelog

Sourced from semver's changelog.

7.7.4 (2026-01-16)

Bug Fixes

Documentation

Dependencies

Chores

Commits
  • 5993c2e chore: release 7.7.4 (#839)
  • 120968b deps: @​npmcli/template-oss@​4.29.0 (#840)
  • a29faa5 fix(cli): pass options to semver.valid() for loose version validation (#835)
  • 1d28d5e docs: fix typos and update -n CLI option documentation (#836)
  • 5816d4c chore: bump @​npmcli/template-oss from 4.28.0 to 4.28.1 (#829)
  • ab9e28a chore: bump @​npmcli/template-oss from 4.27.1 to 4.28.0 (#827)
  • 44d7130 chore: bump @​npmcli/eslint-config from 5.1.0 to 6.0.0 (#824)
  • 7073576 chore: reorder parameters in invalid-versions.js test (#820)
  • 16a35f5 chore: bump @​npmcli/template-oss from 4.26.0 to 4.27.1 (#823)
  • 3a3459d chore: bump @​npmcli/template-oss from 4.25.1 to 4.26.0 (#818)
  • See full diff in compare view

Updates undici from 7.20.0 to 7.21.0

Release notes

Sourced from undici's releases.

v7.21.0

What's Changed

New Contributors

Full Changelog: nodejs/undici@v7.20.0...v7.21.0

Commits

Updates which from 6.0.0 to 6.0.1

Release notes

Sourced from which's releases.

v6.0.1

6.0.1 (2026-02-10)

Dependencies

Chores

Changelog

Sourced from which's changelog.

6.0.1 (2026-02-10)

Dependencies

Chores

Commits
  • bbc63ba chore: release 6.0.1 (#169)
  • bd22353 deps: bump isexe from 3.1.5 to 4.0.0 (#168)
  • 46b25d7 chore: bump @​npmcli/template-oss from 4.28.0 to 4.28.1 (#165)
  • af2ddb4 chore: bump @​npmcli/template-oss from 4.27.1 to 4.28.0 (#164)
  • fc4c209 chore: bump @​npmcli/eslint-config from 5.1.0 to 6.0.0 (#163)
  • See full diff in compare view

Updates @babel/generator from 7.29.0 to 7.29.1

Commits

Updates @sinclair/typebox from 0.27.8 to 0.27.10

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​sinclair/typebox since your current version.


Updates caniuse-lite from 1.0.30001767 to 1.0.30001769

Commits

Updates magicast from 0.5.1 to 0.5.2

Release notes

Sourced from magicast's releases.

v0.5.2

   🚀 Features

    View changes on GitHub
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): (deps): bump the production group with 7 updates
ff8e79d 
Bumps the production group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [semver](https://github.com/npm/node-semver) | `7.7.3` | `7.7.4` |
| [undici](https://github.com/nodejs/undici) | `7.20.0` | `7.21.0` |
| [which](https://github.com/npm/node-which) | `6.0.0` | `6.0.1` |
| [@babel/generator](https://github.com/babel/babel/tree/HEAD/packages/babel-generator) | `7.29.0` | `7.29.1` |
| [@sinclair/typebox](https://github.com/sinclairzx81/typebox-legacy) | `0.27.8` | `0.27.10` |
| [caniuse-lite](https://github.com/browserslist/caniuse-lite) | `1.0.30001767` | `1.0.30001769` |
| [magicast](https://github.com/unjs/magicast) | `0.5.1` | `0.5.2` |


Updates `semver` from 7.7.3 to 7.7.4
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.7.3...v7.7.4)

Updates `undici` from 7.20.0 to 7.21.0
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v7.20.0...v7.21.0)

Updates `which` from 6.0.0 to 6.0.1
- [Release notes](https://github.com/npm/node-which/releases)
- [Changelog](https://github.com/npm/node-which/blob/main/CHANGELOG.md)
- [Commits](npm/node-which@v6.0.0...v6.0.1)

Updates `@babel/generator` from 7.29.0 to 7.29.1
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.1/packages/babel-generator)

Updates `@sinclair/typebox` from 0.27.8 to 0.27.10
- [Commits](https://github.com/sinclairzx81/typebox-legacy/commits/0.27.10)

Updates `caniuse-lite` from 1.0.30001767 to 1.0.30001769
- [Commits](browserslist/caniuse-lite@1.0.30001767...1.0.30001769)

Updates `magicast` from 0.5.1 to 0.5.2
- [Release notes](https://github.com/unjs/magicast/releases)
- [Changelog](https://github.com/unjs/magicast/blob/main/CHANGELOG.md)
- [Commits](unjs/magicast@v0.5.1...v0.5.2)

---
updated-dependencies:
- dependency-name: semver
  dependency-version: 7.7.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: undici
  dependency-version: 7.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: which
  dependency-version: 6.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@babel/generator"
  dependency-version: 7.29.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: "@sinclair/typebox"
  dependency-version: 0.27.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: caniuse-lite
  dependency-version: 1.0.30001769
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: magicast
  dependency-version: 0.5.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 11, 2026
@socket-security
Copy link

socket-security bot commented Feb 11, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedwhich@​6.0.0 ⏵ 6.0.11001008391 +6100
Updatedsemver@​7.7.3 ⏵ 7.7.410010010092100
Updatedundici@​7.20.0 ⏵ 7.21.096100100 +198100

View full report

@cb1kenobi cb1kenobi merged commit 873eb8a into main Feb 11, 2026
12 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/production-cdbb3b6a33 branch February 11, 2026 03:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cb1kenobi