Skip to content

chore(deps): update dev dependencies #1891

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 1, 2025
Merged

chore(deps): update dev dependencies #1891

merged 1 commit into from
Oct 1, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 1, 2025

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

This PR contains the following updates:

Package Change Age Confidence
chrome-webstore-upload-cli ^3.3.2 -> ^3.4.0 age confidence
eslint (source) ^9.32.0 -> ^9.36.0 age confidence
eslint-plugin-jsdoc ^52.0.2 -> ^52.0.4 age confidence
web-ext ^8.9.0 -> ^8.10.0 age confidence

Release Notes

fregante/chrome-webstore-upload-cli (chrome-webstore-upload-cli)

v3.4.0

Compare Source

eslint/eslint (eslint)

v9.36.0

Compare Source

v9.35.0

Compare Source

v9.34.0

Compare Source

v9.33.0

Compare Source

gajus/eslint-plugin-jsdoc (eslint-plugin-jsdoc)

v52.0.4

Compare Source

Bug Fixes

v52.0.3

Compare Source

Bug Fixes
mozilla/web-ext (web-ext)

v8.10.0

Compare Source

main changes
  • Added: Enable support for data collection permissions in web-ext lint (#​3514)
  • Added: web-ext lint supports Firefox schema up to 144 (included) (#​3513)
dependencies
  • Updated: dependency @babel/runtime to 7.28.4 (#​3506)
  • Updated: dependency addons-linter to 7.20.0 (#​3513)
  • Updated: dependency decamelize to 6.0.1 (#​3495)
  • Updated: dependency pino to 9.9.5 (#​3510)
  • Updated: dependency strip-json-comments to 5.0.3 (#​3482)
  • Updated: dependency tmp to 0.2.5 (#​3483)
dev dependencies
  • Updated: dependency @babel/preset-env to 7.28.3 (#​3487)
  • Updated: dependency @babel/register to 7.28.3 (#​3489)
  • Updated: dependency @babel/cli to 7.28.3 (#​3488)
  • Updated: dependency chai to 6.0.1 (#​3498)
  • Updated: dependency @babel/eslint-parser to 7.28.4 (#​3505)
  • Updated: dependency chai-as-promised to 8.0.2 (#​3497)
  • Updated: dependency babel-plugin-istanbul to 7.0.1 (#​3508)
  • Updated: dependency @babel/core to 7.28.4 (#​3507)
  • Updated: dependency fs-extra to 11.3.2 (#​3512)
  • Updated: dependency mocha to 11.7.2 (#​3502)

See all changes: mozilla/web-ext@8.9.0...8.10.0

Configuration

📅 Schedule: Branch creation - "before 6am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested review from AprilSylph and marcustyphoon October 1, 2025 03:34
marcustyphoon
marcustyphoon previously approved these changes Oct 1, 2025
View reviewed changes
@marcustyphoon marcustyphoon self-requested a review October 1, 2025 03:43
@marcustyphoon marcustyphoon dismissed their stale review October 1, 2025 03:45

Uncommitted changes!

@marcustyphoon
Copy link
Collaborator

marcustyphoon commented Oct 1, 2025

Renovate seems to disagree with npm about what lockfile entries should have "peer": true. Presumably this would be something to report to renovate, but I have nothing to contribute re: what's going on here, because ???

@marcustyphoon
Copy link
Collaborator

marcustyphoon commented Oct 1, 2025

(Interestingly, as an aside, npm dedupe has an effect on both this PR and the master branch. Renovate uses npm install --prefer-dedupe, not npm dedupe, which are not the same.)

@renovate renovate bot force-pushed the renovate/dev-dependencies branch from bf03034 to 304e59e Compare October 1, 2025 13:14
AprilSylph
AprilSylph approved these changes Oct 1, 2025
View reviewed changes
Copy link
Owner

@AprilSylph AprilSylph left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When I run rm package-lock.json; npm install --prefer-dedupe on this branch, I get a clean working tree.

We do have Renovate configured to use --prefer-dedupe:

XKit-Rewritten/renovate.json

Line 28 in 1905c2c

"postUpdateOptions": ["npmDedupe"],

https://docs.renovatebot.com/configuration-options/#postupdateoptions

Name Description
npmDedupe Run npm install with --prefer-dedupe for npm >= 7 or npm dedupe after package-lock.json update for npm <= 6.

I believe Renovate is working as intended.

@AprilSylph AprilSylph merged commit 1d99589 into master Oct 1, 2025
5 checks passed
@AprilSylph AprilSylph deleted the renovate/dev-dependencies branch October 1, 2025 13:20
@marcustyphoon
Copy link
Collaborator

marcustyphoon commented Oct 1, 2025

Renovate seems to disagree with npm about what lockfile entries should have "peer": true.

Ah, figured it out. npm/cli#8579 changes the peer flag in npm 11.6.1, which your system and Renovate must both be using. Both nvm and n install the npm version that ships with node, which means my systems have 11.6.0: https://nodejs.org/en/about/previous-releases. Interesting!

When I run rm package-lock.json; npm install --prefer-dedupe on this branch, I get a clean working tree.

Yeah, I was getting at the fact that while this is true, running npm dedupe does not produce a clean working tree, which I would have assumed was what that renovate flag did until I checked!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AprilSylph AprilSylph AprilSylph approved these changes

@marcustyphoon marcustyphoon Awaiting requested review from marcustyphoon

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@marcustyphoon @AprilSylph