Conversation
…directory with 10 updates Bumps the dataviewer-frontend-patch-minor group with 10 updates in the /data-management/viewer/frontend directory: | Package | From | To | | --- | --- | --- | | [@azure/msal-browser](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `5.8.0` | `5.9.0` | | [@azure/msal-react](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `5.3.1` | `5.3.2` | | [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.100.5` | `5.100.9` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.11.0` | `1.14.0` | | [zustand](https://github.com/pmndrs/zustand) | `5.0.12` | `5.0.13` | | [@tanstack/eslint-plugin-query](https://github.com/TanStack/query/tree/HEAD/packages/eslint-plugin-query) | `5.100.5` | `5.100.9` | | [eslint](https://github.com/eslint/eslint) | `10.2.1` | `10.3.0` | | [globals](https://github.com/sindresorhus/globals) | `17.5.0` | `17.6.0` | | [prettier-plugin-tailwindcss](https://github.com/tailwindlabs/prettier-plugin-tailwindcss) | `0.7.3` | `0.8.0` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.0` | `8.59.2` | Updates `@azure/msal-browser` from 5.8.0 to 5.9.0 - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases) - [Commits](AzureAD/microsoft-authentication-library-for-js@msal-browser-v5.8.0...msal-browser-v5.9.0) Updates `@azure/msal-react` from 5.3.1 to 5.3.2 - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases) - [Commits](AzureAD/microsoft-authentication-library-for-js@msal-react-v5.3.1...msal-react-v5.3.2) Updates `@tanstack/react-query` from 5.100.5 to 5.100.9 - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/react-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/@tanstack/react-query@5.100.9/packages/react-query) Updates `lucide-react` from 1.11.0 to 1.14.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.14.0/packages/lucide-react) Updates `zustand` from 5.0.12 to 5.0.13 - [Release notes](https://github.com/pmndrs/zustand/releases) - [Commits](pmndrs/zustand@v5.0.12...v5.0.13) Updates `@tanstack/eslint-plugin-query` from 5.100.5 to 5.100.9 - [Release notes](https://github.com/TanStack/query/releases) - [Changelog](https://github.com/TanStack/query/blob/main/packages/eslint-plugin-query/CHANGELOG.md) - [Commits](https://github.com/TanStack/query/commits/@tanstack/eslint-plugin-query@5.100.9/packages/eslint-plugin-query) Updates `eslint` from 10.2.1 to 10.3.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.2.1...v10.3.0) Updates `globals` from 17.5.0 to 17.6.0 - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v17.5.0...v17.6.0) Updates `prettier-plugin-tailwindcss` from 0.7.3 to 0.8.0 - [Release notes](https://github.com/tailwindlabs/prettier-plugin-tailwindcss/releases) - [Changelog](https://github.com/tailwindlabs/prettier-plugin-tailwindcss/blob/main/CHANGELOG.md) - [Commits](tailwindlabs/prettier-plugin-tailwindcss@v0.7.3...v0.8.0) Updates `typescript-eslint` from 8.59.0 to 8.59.2 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.2/packages/typescript-eslint) --- updated-dependencies: - dependency-name: "@azure/msal-browser" dependency-version: 5.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: "@azure/msal-react" dependency-version: 5.3.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: "@tanstack/react-query" dependency-version: 5.100.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: lucide-react dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: zustand dependency-version: 5.0.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: "@tanstack/eslint-plugin-query" dependency-version: 5.100.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor - dependency-name: eslint dependency-version: 10.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: globals dependency-version: 17.6.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: prettier-plugin-tailwindcss dependency-version: 0.8.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dataviewer-frontend-patch-minor - dependency-name: typescript-eslint dependency-version: 8.59.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dataviewer-frontend-patch-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
github-actions
Bot
changed the title
Contributor
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Snapshot WarningsEnsure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice. OpenSSF ScorecardScorecard details
Scanned Files
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #613 +/- ##
=======================================
Coverage 77.27% 77.27%
=======================================
Files 272 272
Lines 18140 18140
Branches 2452 2452
=======================================
Hits 14018 14018
Misses 3698 3698
Partials 424 424
*This pull request uses carry forward flags. Click here to find out more. 🚀 New features to boost your workflow:
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Advisory Review Summary
Affected ecosystems and surfaces:
npm— dataviewer-frontend (data-management/viewer/frontend/package.json,package-lock.json)
| Package | From | To | Severity | Surface |
|---|---|---|---|---|
@azure/msal-browser |
5.8.0 | 5.9.0 | None | dataviewer-frontend |
@azure/msal-react |
5.3.1 | 5.3.2 | None | dataviewer-frontend |
@tanstack/react-query |
5.100.5 | 5.100.9 | None | dataviewer-frontend |
| lucide-react | 1.11.0 | 1.14.0 | None | dataviewer-frontend |
| zustand | 5.0.12 | 5.0.13 | None | dataviewer-frontend |
@tanstack/eslint-plugin-query |
5.100.5 | 5.100.9 | None | dataviewer-frontend |
| eslint | 10.2.1 | 10.3.0 | None | dataviewer-frontend |
| globals | 17.5.0 | 17.6.0 | None | dataviewer-frontend |
| prettier-plugin-tailwindcss | 0.7.3 | 0.8.0 | None | dataviewer-frontend |
| typescript-eslint | 8.59.0 | 8.59.2 | None | dataviewer-frontend |
@azure/msal-browser
No security advisory applies to this package in this bump. The commit history for this MSAL JS monorepo release references a fix for msal-node (GHSA-w5hq-...) but that advisory is for a separate package not included in this PR.
Release notes highlights — 5.9.0 (source):
- Fix
CookieStorage.getItem/getKeysthrowingURIErroron malformed percent-encoded cookies (#7531)- Use
client_info=1string value in native auth token requests (#8562)- Bump
@azure/msal-commonto v16.5.2
@azure/msal-react
Patch bump that pulls in the msal-browser 5.9.0 update. No independent advisory. (release notes)
@tanstack/react-query
Patch bumps 5.100.5 → 5.100.9, all "Updated dependencies" only — no direct behavior changes. (changelog) No advisory.
lucide-react
Minor bump 1.11.0 → 1.14.0 — icon additions across three releases, no breaking API changes. (release notes) No advisory.
zustand
Patch bump 5.0.12 → 5.0.13. No advisory.
@tanstack/eslint-plugin-query
DevDep patch bump tracking the @tanstack/react-query version. No advisory.
eslint
DevDep minor bump 10.2.1 → 10.3.0. Lint-only tooling; no runtime impact, no advisory.
globals
DevDep minor bump 17.5.0 → 17.6.0. No advisory.
prettier-plugin-tailwindcss
DevDep minor bump 0.7.3 → 0.8.0. No security advisory found. The project pins tailwindcss@4.2.4 and prettier@3.8.3 — the npm registry was not reachable from this sandbox to verify peer dependency ranges. Recommend confirming locally with npm install that no peer-dep warnings are emitted.
typescript-eslint
DevDep patch bump 8.59.0 → 8.59.2. No advisory.
Validation Signal
-
Deterministic CI:
PR Validation: in_progress:in_progress⚠️ Deterministic CI conclusion not yet available; verdict is advisory only.Dataviewer Frontend Tests— pending (PR Validation run)
-
Static impact reasoning: All 10 packages are scoped to
data-management/viewer/frontend/. No Python, Terraform, Go, or Isaac Sim surfaces are touched. No major version boundaries crossed for React, Vite, Tailwind, or TypeScript. Theprettier-plugin-tailwindcss0.7→0.8 minor bump warrants a local peer-dep check againsttailwindcss@4.2.4(external registry unreachable from this sandbox). No GHSA or CVE identifiers apply to the bumped packages.
Advisory verdict: COMMENT — CI is still in progress; verdict will remain COMMENT until the Dataviewer Frontend Tests check concludes. No security advisories identified across all 10 packages; all bumps are minor/patch within the same major version.
Note
🔒 Integrity filter blocked 1 item
The following item were blocked because they don't meet the GitHub integrity level.
- #613
pull_request_read: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
To allow these resources, lower min-integrity in your GitHub frontmatter:
tools:
github:
min-integrity: approved # merged | approved | unapproved | noneGenerated by AW Dependabot PR Review for issue #613 · ● 1.1M
katriendg
approved these changes
May 5, 2026
katriendg
deleted the
dependabot/npm_and_yarn/data-management/viewer/frontend/dataviewer-frontend-patch-minor-287eb7e09a
branch
WilliamBerryiii
pushed a commit
that referenced
this pull request
May 8, 2026
🤖 I have created a release *beep* *boop* --- ## [0.8.0](v0.7.4...v0.8.0) (2026-05-08) ### ⚠ BREAKING CHANGES * **dataviewer:** bump frontend stack to React 19, Vite 8, Tailwind v4, MSAL 5, ESLint 10 ([#524](#524)) ### ✨ Features * **agents:** add automated validation for high-risk Dependabot bumps ([#574](#574)) ([8c3686a](8c3686a)), closes [#573](#573) * **data:** add camera selector to annotation workspace and fix AV1 frame extraction ([#591](#591)) ([c809d2f](c809d2f)) * **data:** seed dataviewer frontend test foundation and per-section codecov flags ([#594](#594)) ([c06c4e3](c06c4e3)) * **dataviewer:** add OWASP security middleware stack ([#439](#439)) ([239edb9](239edb9)) * **infrastructure:** add conversion pipeline Terraform module ([#542](#542)) ([244531e](244531e)) * **infrastructure:** upgrade OSMO to chart 1.2.1 / image 6.2 with secure auth and skrl 2.0.0 compatibility ([#492](#492)) ([edfd7a5](edfd7a5)) * **pipeline:** add ACSA setup for ROS2 bag sync to Blob ([#451](#451)) ([c271a54](c271a54)) * **workflows:** add advisory Dependabot PR reviewer agentic workflow ([#498](#498)) ([d4bb140](d4bb140)) * **workflows:** trigger AW Dependabot PR reviewer after PR Validation ([#580](#580)) ([7ab3d16](7ab3d16)) ### 🐛 Bug Fixes * **ci:** correct stale version comment for actions/create-github-app-token ([#506](#506)) ([b2e9a54](b2e9a54)) * **ci:** restore data-pipeline and training broken tests by domain folder restructure ([#547](#547)) ([06d8472](06d8472)) * **docs:** update remaining stale 'Coming soon' labels in docs/README.md ([#507](#507)) ([02439d6](02439d6)) * **docs:** update stale coming soon label for Training section ([#472](#472)) ([46db49b](46db49b)) * **evaluation:** scope SIL AzureML validation code path and script reference ([#387](#387)) ([9f138a9](9f138a9)) * **infrastructure:** OSMO workflow execution, PostgreSQL public access, and quickstart corrections ([#477](#477)) ([9ed2da6](9ed2da6)) * **scripts:** exclude CHANGELOG.md from changed-files msdate check ([#644](#644)) ([8133bdc](8133bdc)) * **workflows:** allow dependabot[bot] to activate AW Dependabot PR Review ([#586](#586)) ([39dc022](39dc022)) * **workflows:** correct branches filter on AW Dependabot PR Review workflow_run trigger ([#584](#584)) ([fe06b52](fe06b52)) * **workflows:** normalize validate.yaml placeholder env/compute values ([#510](#510)) ([340ff44](340ff44)) * **workflows:** recompile aw-dependabot-pr-review lock file ([#576](#576)) ([d77c167](d77c167)) * **workflows:** switch AW Dependabot PR Review to pull_request_target ([#589](#589)) ([3f1edd1](3f1edd1)) ### 📚 Documentation * **docs:** Fix deployment guide links ([#614](#614)) ([0070b04](0070b04)) * document dependency-pinning-artifacts directory purpose ([#508](#508)) ([50e0010](50e0010)) ### 📦 Build System * **training:** standardize on Python 3.12 across manifests, containers, and runtime scripts ([#541](#541)) ([7ad014a](7ad014a)) ### 🔧 Operations * **build:** add Copilot cloud agent setup-steps workflow ([#593](#593)) ([c912668](c912668)) ### 🔧 Miscellaneous * **build:** exclude auto-generated CHANGELOG.md from cspell and seed dictionary ([#582](#582)) ([de1dd57](de1dd57)) * **build:** redesign codecov flags and split pytest CI per component ([#520](#520)) ([357e745](357e745)) * **dataviewer:** bump frontend stack to React 19, Vite 8, Tailwind v4, MSAL 5, ESLint 10 ([#524](#524)) ([50f8ad4](50f8ad4)) * **dataviewer:** repoint stale src/dataviewer references to data-management/viewer ([#504](#504)) ([88fa1b4](88fa1b4)), closes [#503](#503) * **deps-dev:** bump basic-ftp from 5.3.0 to 5.3.1 ([#618](#618)) ([ca10f2a](ca10f2a)) * **deps-dev:** bump globals from 15.15.0 to 17.5.0 in /data-management/viewer/frontend ([#527](#527)) ([0e0b2ae](0e0b2ae)) * **deps-dev:** bump ip-address from 10.1.0 to 10.2.0 ([#616](#616)) ([816c9cf](816c9cf)) * **deps-dev:** bump lint-staged from 16.4.0 to 17.0.2 in the root-npm-dependencies group across 1 directory ([#626](#626)) ([0e2f293](0e2f293)) * **deps-dev:** bump pydantic from 2.13.3 to 2.13.4 in the python-dependencies group across 1 directory ([#629](#629)) ([c24f1c1](c24f1c1)) * **deps-dev:** bump the python-dependencies group across 1 directory with 2 updates ([#514](#514)) ([8410f4b](8410f4b)) * **deps:** bump azure-core from 1.39.0 to 1.40.0 in /evaluation in the inference-dependencies group across 1 directory ([#597](#597)) ([6141db4](6141db4)) * **deps:** bump cryptography from 46.0.6 to 46.0.7 in /data-management/viewer ([#424](#424)) ([5fb6d58](5fb6d58)) * **deps:** bump cryptography from 46.0.6 to 46.0.7 in /data-management/viewer/backend ([#423](#423)) ([b516ad5](b516ad5)) * **deps:** bump lucide-react from 0.469.0 to 1.8.0 in /data-management/viewer/frontend ([#528](#528)) ([1bdfc1e](1bdfc1e)) * **deps:** bump nginx from `8aa63af` to `5616878` in /data-management/viewer/frontend ([#511](#511)) ([9e7e20e](9e7e20e)) * **deps:** bump nginx from 1.27-alpine to 1.29-alpine in /data-management/viewer/frontend ([#484](#484)) ([0e5c3dd](0e5c3dd)) * **deps:** bump node from `435f353` to `e49fd70` in /data-management/viewer/frontend ([#560](#560)) ([2884649](2884649)) * **deps:** bump react-is from 18.3.1 to 19.2.5 in /data-management/viewer/frontend ([#530](#530)) ([d51318c](d51318c)) * **deps:** bump tensordict from 0.11.0 to 0.12.1 in /evaluation in the inference-dependencies group across 1 directory ([#456](#456)) ([b24e733](b24e733)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 2 updates ([#531](#531)) ([171a1da](171a1da)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 5 updates ([#516](#516)) ([4f9a577](4f9a577)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 5 updates ([#602](#602)) ([6c27ab5](6c27ab5)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 2 updates ([#529](#529)) ([8646971](8646971)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 3 updates ([#601](#601)) ([d28fb50](d28fb50)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 3 updates ([#632](#632)) ([4ca5f3e](4ca5f3e)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 5 updates ([#515](#515)) ([109ee81](109ee81)) * **deps:** bump the dataviewer-frontend-patch-minor group across 1 directory with 6 updates ([#630](#630)) ([04d5dfd](04d5dfd)) * **deps:** bump the dataviewer-frontend-patch-minor group across 1 directory with 9 updates ([#563](#563)) ([c08f450](c08f450)) * **deps:** bump the docusaurus-dependencies group across 1 directory with 4 updates ([#627](#627)) ([f5825fc](f5825fc)) * **deps:** bump the docusaurus-dependencies group across 1 directory with 6 updates ([#599](#599)) ([b859344](b859344)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#459](#459)) ([2609c52](2609c52)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#517](#517)) ([f54bf5d](f54bf5d)) * **deps:** bump the inference-dependencies group across 1 directory with 11 updates ([#562](#562)) ([087f53a](087f53a)) * **deps:** bump the inference-dependencies group across 1 directory with 2 updates ([#628](#628)) ([4a3be47](4a3be47)) * **deps:** bump the pip group across 2 directories with 1 update ([#494](#494)) ([a14b6b0](a14b6b0)) * **docs:** update stale Python 3.11 references to 3.12 ([#575](#575)) ([6f85c95](6f85c95)) * **scripts:** remove redundant SC1091 disables in OSMO deploy scripts ([#509](#509)) ([ae1cb82](ae1cb82)) ### 🔒 Security * **build:** pin dependencies and hash-verify downloads ([#465](#465)) ([0289f49](0289f49)) * **build:** remediate dependency security advisories ([#479](#479)) ([7196d6d](7196d6d)) * **deps-dev:** bump basic-ftp from 5.2.1 to 5.2.2 ([#454](#454)) ([cb158f1](cb158f1)) * **deps-dev:** bump basic-ftp from 5.2.2 to 5.3.0 ([#495](#495)) ([e983b8b](e983b8b)) * **deps-dev:** bump hypothesis from 6.152.3 to 6.152.4 in the python-dependencies group ([#598](#598)) ([83384d2](83384d2)) * **deps-dev:** bump markdownlint-cli2 from 0.22.0 to 0.22.1 in the root-npm-dependencies group ([#559](#559)) ([32bde35](32bde35)) * **deps-dev:** bump picomatch from 2.3.1 to 2.3.2 in /docs/docusaurus ([#455](#455)) ([66f86ca](66f86ca)) * **deps-dev:** bump postcss from 8.5.10 to 8.5.12 in /data-management/viewer/frontend ([#569](#569)) ([a652dba](a652dba)) * **deps-dev:** bump the python-dependencies group with 2 updates ([#457](#457)) ([749d231](749d231)) * **deps-dev:** bump the python-dependencies group with 2 updates ([#485](#485)) ([71b44fd](71b44fd)) * **deps-dev:** bump the python-dependencies group with 3 updates ([#564](#564)) ([9fc52fd](9fc52fd)) * **deps-dev:** bump typescript from 6.0.2 to 6.0.3 in /docs/docusaurus in the docusaurus-dependencies group ([#513](#513)) ([5694dbc](5694dbc)) * **deps:** bump azureml/openmpi4.1.0-ubuntu22.04 from 20260303.v5 to 20260409.v4 in /evaluation/sil/docker ([#480](#480)) ([25d4df8](25d4df8)) * **deps:** bump cryptography from 46.0.6 to 46.0.7 in /evaluation in the uv group across 1 directory ([#538](#538)) ([92c5b2e](92c5b2e)) * **deps:** bump diffusers from 0.35.2 to 0.38.0 in /training/il/lerobot ([#638](#638)) ([6261d19](6261d19)) * **deps:** bump follow-redirects from 1.15.11 to 1.16.0 in /docs/docusaurus ([#469](#469)) ([0458908](0458908)) * **deps:** bump gitpython and mako for lerobot IL training ([#623](#623)) ([9f8022b](9f8022b)) * **deps:** bump node from 24.14.1-slim to 25.9.0-slim in /data-management/viewer/frontend ([#482](#482)) ([1532d09](1532d09)) * **deps:** bump packaging from 26.0 to 26.1 in /evaluation in the inference-dependencies group ([#483](#483)) ([f4afb6c](f4afb6c)) * **deps:** bump pillow from 12.1.1 to 12.2.0 ([#467](#467)) ([39fb663](39fb663)) * **deps:** bump python from 3.11-slim to 3.14-slim in /data-management/viewer/backend ([#481](#481)) ([7af9dfc](7af9dfc)) * **deps:** bump the dataviewer-backend-dependencies group across 1 directory with 15 updates ([#428](#428)) ([e4446a2](e4446a2)) * **deps:** bump the dataviewer-backend-dependencies group in /data-management/viewer/backend with 4 updates ([#487](#487)) ([0f57c5b](0f57c5b)) * **deps:** bump the dataviewer-backend-dependencies group in /data-management/viewer/backend with 8 updates ([#566](#566)) ([d6e7869](d6e7869)) * **deps:** bump the dataviewer-dependencies group across 1 directory with 5 updates ([#464](#464)) ([24c208d](24c208d)) * **deps:** bump the dataviewer-dependencies group in /data-management/viewer with 2 updates ([#486](#486)) ([90149f3](90149f3)) * **deps:** bump the dataviewer-dependencies group in /data-management/viewer with 6 updates ([#565](#565)) ([f0bb36b](f0bb36b)) * **deps:** bump the dataviewer-frontend-patch-minor group across 1 directory with 10 updates ([#613](#613)) ([e481f83](e481f83)) * **deps:** bump the github-actions group across 1 directory with 4 updates ([#534](#534)) ([5478ab6](5478ab6)) * **deps:** bump the github-actions group with 2 updates ([#488](#488)) ([4e6ce98](4e6ce98)) * **deps:** bump the github-actions group with 3 updates ([#567](#567)) ([48c38dc](48c38dc)) * **deps:** bump the github-actions group with 3 updates ([#634](#634)) ([00cfb49](00cfb49)) * **deps:** bump the github-actions group with 6 updates ([#603](#603)) ([73eb79a](73eb79a)) * **deps:** bump the training-dependencies group across 1 directory with 23 updates ([#463](#463)) ([d5a8656](d5a8656)) * **deps:** bump yaml from 2.8.2 to 2.8.3 in /data-management/viewer/frontend ([#453](#453)) ([10449df](10449df)) * pytest harness, dependabot advisories, and OSSF Scorecard remediations ([#501](#501)) ([e8756e8](e8756e8)) * **scripts:** pin and hash-verify all shell script downloads ([#468](#468)) ([0c2bb9c](0c2bb9c)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). --------- Co-authored-by: physical-ai-toolchain-release[bot] <267194360+physical-ai-toolchain-release[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the dataviewer-frontend-patch-minor group with 10 updates in the /data-management/viewer/frontend directory:
5.8.05.9.05.3.15.3.25.100.55.100.91.11.01.14.05.0.125.0.135.100.55.100.910.2.110.3.017.5.017.6.00.7.30.8.08.59.08.59.2Updates
@azure/msal-browserfrom 5.8.0 to 5.9.0Release notes
Sourced from @azure/msal-browser's releases.
Commits
7ca7202fix(sample): acquire token after B2C edit profile policy (#8568)29a826bAddress dependabot Github Actions alerts (#8550)34a4e06fix(msal-browser): CookieStorage tolerates malformed percent-encoded cookies ...a800fd2fix(msal-common): use proper 2-arg comparator in getAccountInfoFilter… (#8559)1737897fix(msal-browser): freeze Date.now() in beforeEach to eliminate timestamp fla...b9c8b81fix(msal-node): replace uuid with node:crypto.randomUUID() (GHSA-w5hq… (#8566)8033a18Remove beachball change file for msal-browser native broker revert (#8567)e6f44e9Revert "Bugfix - include extra query parameters in ExtraParameters in Platfor...109a351Bugfix - include extra query parameters in ExtraParameters in PlatformAuthReq...2747951Native Auth:fix: use client_info="1" string value in native auth token reques...Updates
@azure/msal-reactfrom 5.3.1 to 5.3.2Release notes
Sourced from @azure/msal-react's releases.
Commits
7ca7202fix(sample): acquire token after B2C edit profile policy (#8568)29a826bAddress dependabot Github Actions alerts (#8550)34a4e06fix(msal-browser): CookieStorage tolerates malformed percent-encoded cookies ...a800fd2fix(msal-common): use proper 2-arg comparator in getAccountInfoFilter… (#8559)1737897fix(msal-browser): freeze Date.now() in beforeEach to eliminate timestamp fla...b9c8b81fix(msal-node): replace uuid with node:crypto.randomUUID() (GHSA-w5hq… (#8566)8033a18Remove beachball change file for msal-browser native broker revert (#8567)e6f44e9Revert "Bugfix - include extra query parameters in ExtraParameters in Platfor...109a351Bugfix - include extra query parameters in ExtraParameters in PlatformAuthReq...2747951Native Auth:fix: use client_info="1" string value in native auth token reques...Updates
@tanstack/react-queryfrom 5.100.5 to 5.100.9Release notes
Sourced from @tanstack/react-query's releases.
... (truncated)
Changelog
Sourced from @tanstack/react-query's changelog.
Commits
8c3d523ci: Version Packages (#10630)9800c8fci: Version Packages (#10623)3ae4261ci: Version Packages (#10620)87f7ccfci: Version Packages (#10604)Updates
lucide-reactfrom 1.11.0 to 1.14.0Release notes
Sourced from lucide-react's releases.
Commits
50d8af5docs(readme): Update readme files (#4320)Updates
zustandfrom 5.0.12 to 5.0.13Release notes
Sourced from zustand's releases.
Commits
6bc451e5.0.138ec2169chore(deps): update dev dependencies (#3486)4e9bcf0fix(devtools): support Firefox/Safari stack format in findCallerName (#3469)4b96f4efix(docs): correct react-dom test utils import path (#3474)c7516c1fix(tests): change parameters for 'expect' in test (#3483)1b04af1docs(persist): fix signature to require persistOptions (#3477)95d3f33test(middleware/immer): add runtime tests for immer middleware (#3471)3201328Update TypeScript guide links in README.md (#3466)00f96a3chore(deps): bump actions/deploy-pages from 4.0.5 to 5.0.0 (#3447)6330044test: expand React subscribe test coverage (#3442)Updates
@tanstack/eslint-plugin-queryfrom 5.100.5 to 5.100.9Release notes
Sourced from @tanstack/eslint-plugin-query's releases.
Changelog
Sourced from @tanstack/eslint-plugin-query's changelog.
Commits
8c3d523ci: Version Packages (#10630)9800c8fci: Version Packages (#10623)3ae4261ci: Version Packages (#10620)87f7ccfci: Version Packages (#10604)Updates
eslintfrom 10.2.1 to 10.3.0Release notes
Sourced from eslint's releases.
Commits
788920410.3.05b69b4fBuild: changelog update for 10.3.0d32235eci: use pnpm ineslint-flat-config-utilstype integration test (#20826)b6ae5cffix: handle unavailable require cache (#20812)3ffb14echore: clean up typos in comments and JSDoc (#20821)6fb3685fix: rule suggestions cause continuation in class body (#20787)22eb58achore: add missing continue-on-error to ecosystem-tests.yml (#20818)88bf002ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)379571afeat: add suggestions for no-unused-private-class-members (#20773)97c8c33chore: update ilshidur/action-discord action to v0.4.0 (#20811)Updates
globalsfrom 17.5.0 to 17.6.0Release notes
Sourced from globals's releases.
Commits
6b1587017.6.000a4dd9Update globals (2026-05-01) (#343)Updates
prettier-plugin-tailwindcssfrom 0.7.3 to 0.8.0Release notes
Sourced from prettier-plugin-tailwindcss's releases.
Changelog
Sourced from prettier-plugin-tailwindcss's changelog.
... (truncated)
Commits
f77532e0.8.04815377Update the changelog for recent PRs (#449)0a7ddcbFix insiders tags sometimes published to latest channel (#453)8066e85release onpublishedevent3b0ed57move--silentflag before the scriptUpdates
typescript-eslintfrom 8.59.0 to 8.59.2Release notes
Sourced from typescript-eslint's releases.
Changelog
Sourced from typescript-eslint's changelog.
Commits
2ec35f1chore(release): publish 8.59.25245793chore(release): publish 8.59.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions