Skip to content

build(deps): bump the npm_and_yarn group across 2 directories with 2 updates#887

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-2b1ea24460
Closed

build(deps): bump the npm_and_yarn group across 2 directories with 2 updates#887
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-2b1ea24460

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 14, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 1 update in the /core/generator/gapic-generator-typescript directory: ajv.
Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: @grpc/grpc-js.

Updates ajv from 6.12.6 to 6.15.0

Commits

Updates @grpc/grpc-js from 1.6.12 to 1.14.3

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.14.3

  • Send halfClose immediately after messages to prevent late halfClose issues with Envoy (#3031 contributed by @​serkanerip)

@​grpc/grpc-js 1.14.2

@​grpc/grpc-js 1.14.1

  • Fix a regression of the settings used internally for HTTP/2 sessions (#3023)

@​grpc/grpc-js-xds 1.14.0

  • Implement RBAC support (gRFC A41) (#2939, #2945)
  • Add weighted_round_robin to LB policy registry (#3001) (currently experimental, enabled by the environment variable GRPC_EXPERIMENTAL_XDS_WRR_LB)
  • Add wrr_locality to LB policy registry (#3003)

@​grpc/grpc-js 1.14.0

Changelog

  • Add getAuthContext method to client and server call classes (more details can be found in gRFC L35) (#2920)
  • Implement custom backend metrics support (gRFC A51) (#2978, #2983, #2985, #2986, #2999)
  • Add getConnectionInfo method to the ServerInterceptingCall class (#2922)
  • Implement the weighted_round_robin load balancing policy (#2998)
  • Fix jitter behavior for client retries (#2960 contributed by @​ekscentrysytet)
  • Start connecting from a random index in the round_robin LB policy (#2979)
  • Send connection-level WINDOW_UPDATE at session start (#2971 contributed by @​KoenRijpstra)

Experimental API Changes

Added:

  • CHANNEL_ARGS_CONFIG_SELECTOR_KEY
  • StatusOr<T>
  • CallStream
  • statusOrFromValue
  • statusOrFromError

Modified:

  • ResolverListener#onSuccessfulResolution now has the signature (endpointList: StatusOr<Endpoint[]>, attributes: { [key: string]: unknown }, serviceConfig: StatusOr<ServiceConfig> | null, resolutionNote: string): boolean
  • LoadBalancer#updateAddressList now has the signature `updateAddressList(endpointList: StatusOr<Endpoint[]>,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean

@​grpc/grpc-js 1.13.4

  • Fix ability to set SNI with ssl_target_name_override option (#2956)

@​grpc/grpc-js 1.13.3

  • Disable Nagle's algorithm (#2936)
  • Avoid calling http2.getDefaultSettings (#2937)

@​grpc/grpc-js 1.13.2

  • Fix a bug that caused clients to be unable to connect through local proxies (#2933)

... (truncated)

Commits
  • ccd29b2 Merge pull request #3032 from murgatroid99/grpc-js_retry_half_close_1.14
  • 9ea15ce grpc-js: Bump version to 1.14.3
  • 4d387d4 Use nextMessageToSend for early half-close
  • 88a083d remove halfCloseSent field
  • f6895cb Send halfClose immediately after messages to prevent late halfClose issues wi...
  • 37f2817 revert changes
  • 4e26a27 half close right after write
  • bf0dc8f Merge pull request #3029 from murgatroid99/grpc-js_keepalive_fix_backport
  • 235474e grpc-js: Bump to 1.14.2
  • 2f090c6 grpc-js: Fix server keep alive timeout not properly destroying connections
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 14, 2026
@snyk-io

snyk-io Bot commented Apr 14, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

…updates

Bumps the npm_and_yarn group with 1 update in the /core/generator/gapic-generator-typescript directory: [ajv](https://github.com/ajv-validator/ajv).
Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: [@grpc/grpc-js](https://github.com/grpc/grpc-node).


Updates `ajv` from 6.12.6 to 6.15.0
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](ajv-validator/ajv@v6.12.6...v6.15.0)

Updates `@grpc/grpc-js` from 1.6.12 to 1.14.3
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.12...@grpc/grpc-js@1.14.3)

---
updated-dependencies:
- dependency-name: "@grpc/grpc-js"
  dependency-version: 1.14.3
  dependency-type: direct:production
- dependency-name: ajv
  dependency-version: 6.14.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the base branch from gca-main to main May 13, 2026 04:48
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-2b1ea24460 branch from 2b8095b to 382247a Compare May 13, 2026 04:48
@dependabot @github

dependabot Bot commented on behalf of github May 13, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 13, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-2b1ea24460 branch May 13, 2026 05:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants