chore(deps): Bump the dependencies group with 15 updates by dependabot[bot] · Pull Request #6 · LinnJS/formkit-gov

dependabot · 2025-11-28T20:37:16Z

Bumps the dependencies group with 15 updates:

Package	From	To
@commitlint/cli	`19.8.1`	`20.1.0`
@commitlint/config-conventional	`19.8.1`	`20.0.0`
lint-staged	`15.5.2`	`16.2.7`
markdownlint-cli2	`0.14.0`	`0.19.1`
zod	`3.25.76`	`4.1.13`
@vitest/coverage-v8	`2.1.9`	`4.0.14`
vitest	`2.1.9`	`4.0.14`
globals	`15.15.0`	`16.5.0`
@apidevtools/swagger-parser	`10.1.1`	`12.1.0`
commander	`12.1.0`	`14.0.2`
ts-morph	`24.0.0`	`27.0.2`
@hookform/resolvers	`3.10.0`	`5.2.2`
happy-dom	`15.11.7`	`20.0.11`
react	`18.3.1`	`19.2.0`
react-dom	`18.3.1`	`19.2.0`

Updates @commitlint/cli from 19.8.1 to 20.1.0

Release notes

Sourced from @commitlint/cli's releases.

v20.1.0

20.1.0 (2025-09-30)

Features

feat(config-pnpm-scopes): allow global scope by @ya2s in conventional-changelog/commitlint#4553

Bug Fixes

fix(resolve-extends): add import attribute for JSON config files by @macieklamberski in conventional-changelog/commitlint#4551

New Contributors

@ya2s made their first contribution in conventional-changelog/commitlint#4553

@macieklamberski made their first contribution in conventional-changelog/commitlint#4551

Full Changelog: conventional-changelog/commitlint@v20.0.0...v20.1.0

v20.0.0

20.0.0 (2025-09-25)

Features

feat(rules)!: make body-max-line-length ignore lines with URLs (#4486) (2f37a88), closes #4486 by @aspiers

BREAKING CHANGES

when lines contain URLs exceeding the maximum line length body-max-line-length will be ignored

Full Changelog: conventional-changelog/commitlint@v19.9.1...v20.0.0

v19.9.1

19.9.1 (2025-08-29)

... (truncated)

Changelog

Sourced from @commitlint/cli's changelog.

20.1.0 (2025-09-30)

Note: Version bump only for package @commitlint/cli

20.0.0 (2025-09-25)

Note: Version bump only for package @commitlint/cli

Commits

a8e86d2 v20.1.0
407be6c v20.0.0
See full diff in compare view

Updates @commitlint/config-conventional from 19.8.1 to 20.0.0

Release notes

Sourced from @commitlint/config-conventional's releases.

v20.0.0

20.0.0 (2025-09-25)

Features

feat(rules)!: make body-max-line-length ignore lines with URLs (#4486) (2f37a88), closes #4486 by @aspiers

BREAKING CHANGES

when lines contain URLs exceeding the maximum line length body-max-line-length will be ignored

Full Changelog: conventional-changelog/commitlint@v19.9.1...v20.0.0

v19.9.1

19.9.1 (2025-08-29)

Bug Fixes

fix: add TypeScript support and configuration for pnpm scopes by @alsmadi99 in conventional-changelog/commitlint#4544

Full Changelog: conventional-changelog/commitlint@v19.9.0...v19.9.1

v19.9.0

19.9.0 (2025-08-26)

Features

bug(config-pnpm-scopes): migrate package to TypeScript by @alsmadi99 in conventional-changelog/commitlint#4541 (type got messed up)

Chore, docs, etc.

docs: add a note about configuration under node24 by @sodle in conventional-changelog/commitlint#4406

chore: add Ubuntu 24.04 and Windows 2025 to CI by @Marukome0743 in conventional-changelog/commitlint#4435

docs: refactor CI setup example of GitHub Actions by @Marukome0743 in conventional-changelog/commitlint#4439

ci: use tags for immutable github actions by @Fdawgs in conventional-changelog/commitlint#4458

chore: migrate eslint-plugin-import to eslint-plugin-import-x by @JounQin in conventional-changelog/commitlint#4473

ci: add commitlint GitHub Actions by @Marukome0743 in conventional-changelog/commitlint#4440

... (truncated)

Changelog

Sourced from @commitlint/config-conventional's changelog.

20.0.0 (2025-09-25)

Note: Version bump only for package @commitlint/config-conventional

Commits

407be6c v20.0.0
See full diff in compare view

Updates lint-staged from 15.5.2 to 16.2.7

Release notes

Sourced from lint-staged's releases.

v16.2.7

Patch Changes

#1711 ef74c8d Thanks @iiroj! - Do not display a "failed to spawn" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed.

v16.2.6

Patch Changes

#1693 33d4502 Thanks @Adrian-Baran-GY! - Fix problems with --continue-on-error option, where tasks might have still been killed (SIGINT) when one of them failed.

v16.2.5

Patch Changes

#1687 9e02d9d Thanks @iiroj! - Fix unhandled promise rejection when spawning tasks (instead of the tasks themselves failing). Previously when a task failed to spawn, lint-staged also failed and the backup stash might not have been automatically restored.

v16.2.4

Patch Changes

#1682 0176038 Thanks @iiroj! - Update dependencies, including nano-spawn@2.0.0 with bug fixes.

#1671 581a54e Thanks @iiroj! - Speed up execution by only importing the yaml depedency if using YAML configuration files.

v16.2.3

Patch Changes

#1669 27cd541 Thanks @iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

v16.2.2

Patch Changes
#1667 699f95d Thanks @iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:
% npx lint-staged --fail-on-changes
✔ Backed up original state in git stash (c18d55a3)
✔ Running tasks for staged files...
✖ Tasks modified files and --fail-on-changes was used!
↓ Cleaning up temporary files...
✖ lint-staged failed because --fail-on-changes was used.
Any lost modifications can be restored from a git stash:
> git stash list --format="%h %s"
c18d55a3 On main: lint-staged automatic backup
> git apply --index c18d55a3

... (truncated)

Changelog

Sourced from lint-staged's changelog.

16.2.7

Patch Changes

#1711 ef74c8d Thanks @iiroj! - Do not display a "failed to spawn" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed.

16.2.6

Patch Changes

#1693 33d4502 Thanks @Adrian-Baran-GY! - Fix problems with --continue-on-error option, where tasks might have still been killed (SIGINT) when one of them failed.

16.2.5

Patch Changes

#1687 9e02d9d Thanks @iiroj! - Fix unhandled promise rejection when spawning tasks (instead of the tasks themselves failing). Previously when a task failed to spawn, lint-staged also failed and the backup stash might not have been automatically restored.

16.2.4

Patch Changes

#1682 0176038 Thanks @iiroj! - Update dependencies, including nano-spawn@2.0.0 with bug fixes.

#1671 581a54e Thanks @iiroj! - Speed up execution by only importing the yaml depedency if using YAML configuration files.

16.2.3

Patch Changes

#1669 27cd541 Thanks @iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

16.2.2

Patch Changes
#1667 699f95d Thanks @iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:
% npx lint-staged --fail-on-changes
✔ Backed up original state in git stash (c18d55a3)
✔ Running tasks for staged files...
✖ Tasks modified files and --fail-on-changes was used!
↓ Cleaning up temporary files...
✖ lint-staged failed because --fail-on-changes was used.
Any lost modifications can be restored from a git stash:

... (truncated)

Commits

0c1b000 chore(changeset): release
595b202 build(deps): update dependencies
ef74c8d fix: do display "failed to spawn" message when task fails normally
5cf2a1e style: do not autofix when running lint-staged
ba40012 chore: drop npx from commit-msg hook
d67de9a chore: fix pre-push hook usage with changeset
8017d1d build(deps): update dependencies
922d7f4 ci: remove dependabot integration, it's not useful
6aeeef1 docs: add PR template
a5728b5 docs: add AGENTS.md
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lint-staged since your current version.

Updates markdownlint-cli2 from 0.14.0 to 0.19.1

Changelog

Sourced from markdownlint-cli2's changelog.

0.19.1

Update --format to avoid trailing newline

Update dependencies

0.19.0

Add --format parameter for editor integration

Update output formatters for severity warning

Explicitly version Docker containers for pre-commit

Update dependencies (including markdownlint)

0.18.1

Update dependencies (including markdownlint)

0.18.0

Use user ID in Docker containers for security

Update dependencies (including markdownlint)

Remove support for end-of-life Node 18

0.17.2

Update dependencies (including markdownlint)

0.17.1

Update dependencies (including markdownlint)

0.17.0

Convert to ECMAScript modules

Use import() when loading modules

Update dependencies (including markdownlint)

0.16.0

Try not to use require for modules (due to Node 22.12)

Update dependencies (EXcluding markdownlint)

0.15.0

Add support for stdin input via - glob

Add output formatter based on string templates

Update dependencies (including markdownlint)

Commits

a95dde8 Update to version 0.19.1.
dca4514 Bump eslint-plugin-jsdoc from 61.3.0 to 61.4.0
bb56770 Bump actions/checkout from 5 to 6
e1457cc Exclude invalid JavaScript test files from CodeQL analysis to avoid "Could no...
111062a Update implementation of --format to stream/pipeline directly to stdout and a...
a45987c Bump eslint-plugin-jsdoc from 61.2.1 to 61.3.0
ee2f13f Bump @stylistic/eslint-plugin from 5.6.0 to 5.6.1
b5639e7 Bump @stylistic/eslint-plugin from 5.5.0 to 5.6.0
64b747e Bump eslint-plugin-jsdoc from 61.2.0 to 61.2.1
f327279 Update to version 0.19.0.
Additional commits viewable in compare view

Updates zod from 3.25.76 to 4.1.13

Release notes

Sourced from zod's releases.

v4.1.13

Commits:

5c2602ceb8be8941c64bbe5ac7d92cc174ae6f7e Update AI widget (#5318)

d3da530deb713c853e79405adddf770e156d50ac reflect the specified regex correctly in error (#5338)

39f8c45b8a29de2330b485862b83cb35849f4238 faster initialization (#5352)

e9e27905cc0f37cb079ea473af8359d5e17a57a1 Clean up comment

8e4739fadbd7de710eb67d34ba7e06a1029a68ab Update inferred z.promise() type

2849df8907b011ab056d67ae8e3d27577ac4ed3e fix(locales): improve Dutch (nl) localization (#5367)

b0d3c9f628b60d358b66acf8f0ef7937fc9e8950 Run tests on windows

6fd61b71b85e4fef4c168a46c3ebcc574f26255f feat unitest (#5358)

a4e4bc80e204577c698cf1369dd63c2b986d35f3 Lock to node 24

8de8bad0fa84194b81efd32474462d7a236a1ee4 Fix windows build

b2c186bbae3a74a12acd385c1ced3ed978235cf8 Use Node LTS

b73b1f61c798efdf497852872b4c19cd4111c1f3 Consolidate isTransforming logic

d85f3ea4da53a1b232017dd4e4a2874eca4d8d76 Fix #5353

1bac0f37b529eb9a0d833a01200f5a898e8e6220 Fix test.yml

86d4dad5bc27b4b35df533c9170a552ad8c6c3bc Fix partial record

5e6c0fd7471636feffe5763c9b7637879da459fe Fix attw on windows

27fc616b8edb93cc27a4d25b37479d6e418bbccf Extend test timeout

8d336c4d15e1917d78b67b890f7182f26633b56f Remove windows runner

5be72e0ef4dceb1387febb7981079ecdeb5e2817 chore(doc): update metadata.tsx (#5331)

cb0272a0ad9962df95832a78587f54afec685351 docs: add 'cd zod' step to development setup instructions (#5394)

24e3325dc63010e4f74e23caf91199652e8b12a9 docs: replace 'Refinement' with 'Transform' in transforms section (#5397)

644a08203ebb00e23484b3f9a986ae783ce26a9a chore: add resource for validating environment variables with Zod (#5403)

5e1cfcf578a47527044e85455e79c907fd913adc Change doc for email validation method in Zod schema (#5392)

88cf9441448608d9de24b47b8a4a4ba879fc2433 Fix: Iterate over keys in catchall object using "in" operator. (#5376)

aa437325c5957c0cf57667cd7b8568603ee7ecd3 Emphasise that enum validates against values, for object literal & enums (#5386)

3a4bd00aaa16276ffeb2708cc083a633bd4dd756 Improve Hebrew localization for Zod error messages (#5409)

c10f9d109874aeca6855383616c086b077d39f89 Fix typos (#5420)

86f0ef918bb24f4ab9f1ce2afc5cf2d1a4a99473 Documentation Improvements (#5417)

e120a4877f4d8d076abf2db5c5cceab91a046be9 Fix opt tuple

f9bbb50c48f9c07ca869d28d6a7086d7290b97a3 Improve tuple

0ba0f348f677688b69ed78473e022f5d225b41fc Optimize docs caching/ISR (#5433)

c3ec66c74b3fbc2616e880a90751c2cad7270bb3 Improve docs caching

c8cce4b607a7c0ca99cfb454571a3948ee9e85fb docs: fix typos and links (#5428)

84ec04708525d6e83e3408d5d3a21edde742bdc5 docs(ecosystem): Add react-f3 (#5429)

3396515cc6f04f5f346a1e00256ad09998dbaeb3 Docs: Fix typo in safeExtend description (#5445)

3d93a7d593c19dc1822bc96a7c9d47312c29995e feat: MAC address validation in v4 and mini (#5440)

f2f0d178e1c526bc00ad0385706efad318bd44b0 Fix dual package hazard for globalRegistry (#5452)

9fc493f86f17a5fc550df78e7e261137885f51ea fix: use oneOf for discriminated unions in JSON Schema (#5453)

603dbe8dba6253c702ca8cf10b5299910dba3c88 Clean up regex, drop backreferences

ab69b9ee813713a111b56a60c2df929eaf5ba426 Update mac addr tests

f7910528901c05293bad275fffcb54a82e28fcc9 chore: upgrade vitest to v4 (#5028)

f97e80da9197064937a58167619967bee4ebb638 fix(core): prevent infinite recursion for recursive tuples (#5089) (#5094)

002e01ad0fcc17b17683adafc80f2a86e8d355a9 fix(record): handle non-function constructor field in isPlainObject (#5098)

67165174eb8c7d5c6e76e760830f3109b4fdbd0e docs(contributing): add instructions on building @zod/docs (#5114)

8b0603dde684f1665bb2329111ed187f73ccf0ac Fix typo in ISO time documentation (#5277)

be85ecc48a83e7f65ac0458d25f832fb4e28c9e7 docs(codecs): correct stringToDate safeDecode methods (#5302)

50bba5462546401939920a6566a81c0d9c8ef7e1 Add zodgres to ecosystem documentation (#5308)

... (truncated)

Commits

4063e80 Update check-semver script
2cdd82b 4.1.13
a774750 v4.1.13
0e803a2 Revert "Do not allow unsound pick/omit"
5bfc8f2 Fix docs
3de39ee Implement slugify
162fe29 Add z.meta and z.describe
0f4ce73 Do not allow unsound pick/omit
f52344e Fix vitest 4
d44253d Add support for number literal and TypeScript's enum keys in z.record (#5334)
Additional commits viewable in compare view

Updates @vitest/coverage-v8 from 2.1.9 to 4.0.14

Release notes

Sourced from @vitest/coverage-v8's releases.

v4.0.14

   🚀 Experimental Features

browser: Expose utils.configurePrettyDOM - by @sheremet-va in vitest-dev/vitest#9103 (2cc34)

runner: Add full names to tasks - by @macarie in vitest-dev/vitest#9087 (821aa)

ui: Add tabbed failure view for toMatchScreenshot with comparison slider - by @macarie in vitest-dev/vitest#8813 (c37c2)

   🐞 Bug Fixes

Externalize before caching - by @sheremet-va in vitest-dev/vitest#9077 (e1b2e)

Collect the duration of external imports - by @sheremet-va in vitest-dev/vitest#9097 (3326c)

Rename collect to import, remove prepare - by @sheremet-va in vitest-dev/vitest#9091 (1256b)

browser:

Unsubscribe onCancel on rpc destroy - by @AriPerkkio in vitest-dev/vitest#9088 (f5b72)

Revert the viewport scaling in non-ui mode #9018 - by @sheremet-va in vitest-dev/vitest#9072 and vitest-dev/vitest#9018 (64502)

coverage:

Invalidate circular modules correctly on rerun with coverage - by @aicest in vitest-dev/vitest#9096 (6f22c)

expect:

Allow function as standard schema - by @hi-ogawa in vitest-dev/vitest#9099 (ed8a2)

jsdom:

Reuse abort signals if possible - by @sheremet-va in vitest-dev/vitest#9090 (2c468)

pool:

Init VITEST_POOL_ID + VITEST_WORKER_ID before environment setup - by @AriPerkkio in vitest-dev/vitest#9085 (37918)

web-worker:

postMessage to send ports to workers - by @whitphx and @AriPerkkio in vitest-dev/vitest#9078 (9d176)

   🏎 Performance

Replace debug with obug - by @sxzz and @AriPerkkio in vitest-dev/vitest#9057 (acc51)

    View changes on GitHub

v4.0.13

   🐞 Bug Fixes

types:

Don't use type from Vite 7.1 - by @sheremet-va in vitest-dev/vitest#9071 (6356b)

Don't import node.js dependent types in vitest/browser - by @sheremet-va in vitest-dev/vitest#9068 (332af)

   🏎 Performance

Avoid fetchModule roundtrip if the module is cached - by @sheremet-va in vitest-dev/vitest#9075 (b27e0)

experimental: If fsCacheModule is enabled, read from the memory when possible - by @sheremet-va in vitest-dev/vitest#9076 (6b9a1)

    View changes on GitHub

v4.0.12

   🐞 Bug Fixes

Inherit fsModuleCachePath by default - by @sheremet-va in vitest-dev/vitest#9063 (9a8bc)

... (truncated)

Commits

9ca74cf chore: release v4.0.14
acc5152 perf: replace debug with obug (#9057)
73b54ce chore: release v4.0.13
5aa84d5 chore: release v4.0.12
c3befb0 chore: release v4.0.11
259a3d1 chore: release v4.0.10
62fab24 chore: release v4.0.9
46bfd09 chore: release v4.0.8
da8b93a fix(deps): update all non-major dependencies (#8636)
1f5d9d2 chore: release v4.0.7
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @vitest/coverage-v8 since your current version.

Updates vitest from 2.1.9 to 4.0.14

Release notes

Sourced from vitest's releases.

v4.0.14

   🚀 Experimental Features

browser: Expose utils.configurePrettyDOM - by @sheremet-va in vitest-dev/vitest#9103 (2cc34)

runner: Add full names to tasks - by @macarie in vitest-dev/vitest#9087 (821aa)

ui: Add tabbed failure view for toMatchScreenshot with comparison slider - by @macarie in vitest-dev/vitest#8813 (c37c2)

   🐞 Bug Fixes

Externalize before caching - by @sheremet-va in vitest-dev/vitest#9077 (e1b2e)

Collect the duration of external imports - by @sheremet-va in vitest-dev/vitest#9097 (3326c)

Rename collect to import, remove prepare - by @sheremet-va in vitest-dev/vitest#9091 (1256b)

browser:

Unsubscribe onCancel on rpc destroy - by @AriPerkkio in vitest-dev/vitest#9088 (f5b72)

Revert the viewport scaling in non-ui mode #9018 - by @sheremet-va in vitest-dev/vitest#9072 and vitest-dev/vitest#9018 (64502)

coverage:

Invalidate circular modules correctly on rerun with coverage - by @aicest in vitest-dev/vitest#9096 (6f22c)

expect:

Allow function as standard schema - by @hi-ogawa in vitest-dev/vitest#9099 (ed8a2)

jsdom:

Reuse abort signals if possible - by @sheremet-va in vitest-dev/vitest#9090 (2c468)

pool:

Init VITEST_POOL_ID + VITEST_WORKER_ID before environment setup - by @AriPerkkio in vitest-dev/vitest#9085 (37918)

web-worker:

postMessage to send ports to workers - by @whitphx and @AriPerkkio in vitest-dev/vitest#9078 (9d176)

   🏎 Performance

Replace debug with obug - by @sxzz and @AriPerkkio in vitest-dev/vitest#9057 (acc51)

    View changes on GitHub

v4.0.13

   🐞 Bug Fixes

types:

Don't use type from Vite 7.1 - by @sheremet-va in vitest-dev/vitest#9071 (6356b)

Don't import node.js dependent types in vitest/browser - by @sheremet-va in vitest-dev/vitest#9068 (332af)

   🏎 Performance

Avoid fetchModule roundtrip if the module is cached - by @sheremet-va in vitest-dev/vitest#9075 (b27e0)

experimental: If fsCacheModule is enabled, read from the memory when possible - by @sheremet-va in vitest-dev/vitest#9076 (6b9a1)

    View changes on GitHub

v4.0.12

   🐞 Bug Fixes

Inherit fsModuleCachePath by default - by @sheremet-va in vitest-dev/vitest#9063 (9a8bc)

... (truncated)

Commits

9ca74cf chore: release v4.0.14
821aa20 feat(runner): Add full names to tasks (#9087)
1256b5c fix: rename collect to import, remove prepare (#9091)
3326cc9 fix: collect the duration of external imports (#9097)
379185b fix(pool): init VITEST_POOL_ID + VITEST_WORKER_ID before environment setu...
2c468ee fix(jsdom): reuse abort signals if possible (#9090)
e1b2e08 fix: externalize before caching (#9077)
acc5152 perf: replace debug with obug (#9057)
73b54ce chore: release v4.0.13
b27e002 perf: avoid fetchModule roundtrip if the module is cached (#9075)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vitest since your current version.

Updates globals from 15.15.0 to 16.5.0

Release notes

Sourced from globals's releases.

v16.5.0

Update globals (2025-11-01) (#316) 6d441ca

Add Vue, Svelte, and Astro globals (#314) ea31521

sindresorhus/globals@v16.4.0...v16.5.0

v16.4.0

Update globals (#309) 8b8a2d6

sindresorhus/globals@v16.3.0...v16.4.0

v16.3.0

Update globals (#304) 8c029d9

sindresorhus/globals@v16.2.0...v16.3.0

v16.2.0

Add new greasemonkey globals (#299) e4f6e8c

sindresorhus/globals@v16.1.0...v16.2.0

v16.1.0

Update globals (#293) 5c58875

sindresorhus/globals@v16.0.0...v16.1.0

v16.0.0

Breaking

The serviceworker globals are now generated from browsers (#281) 039ed51

It's a breaking change as a few globals have been removed.

sindresorhus/globals@v15.15.0...v16.0.0

Commits

46fdf18 16.5.0
6d441ca Update globals (2025-11-01) (#316)
d323da6 Add test for keys and values (#315)
ea31521 Add Vue, Svelte, and Astro globals (#314)
fa8aaae Add date to automated PR title (#311)
b777f09 Update Puppeteer (#310)
52ba38b 16.4.0
8b8a2d6 Update globals (#309)
2b85fdb 16.3.0
8c029d9 Update globals (#304)
Additional commits viewable in compare view

Updates @apidevtools/swagger-parser from 10.1.1 to 12.1.0

Release notes

Sourced from @apidevtools/swagger-parser's releases.

v12.1.0

12.1.0 (2025-10-14)

Features

Add support for version 3.1.2 (#279) (8dcd391)

v12.0.0

12.0.0 (2025-06-16)

Bump json schema ref parser version to fix security vulnerability allowing internal URL resolution in the http parser. (80ebe6f)

BREAKING CHANGES

Remove ability to request internal urls in the default http resolver - this is now behind a flag in the http resolver, safeUrlResolver

v11.0.1

11.0.1 (2025-06-06)

Bug Fixes

location: bump json schema parser version (a4559a2)

v11.0.0

11.0.0 (2025-06-03)

Modernize dependencies, fix CI, upgrade dependencies, introduce new linter and formatter (ed4ea05)

Upgrade dependencies, modernize some code (66d2818)

Bug Fixes

move ajv-draft-04 into usage location (#268) (ff79822)

types: add types fix for options (0c9a034)

types: types fix (9994339)

BREAKING CHANGES

Pretty large refactor of dev experience. Removes ono dependency to fix certain CJS builds

move to latest version of parser

Commits

8dcd391 feat: Add support for version 3.1.2 (#279)
80ebe6f Bump json schema ref parser version to fix security vulnerability allowing in...
a4559a2 fix(location): bump json schema parser version
e2251e3 version and contributors
9994339 fix(types): types fix
4b59f47 eslint rule for line endings
9f1b74b chore(lints): double quotes issues
8443f69 eslint ignore

Bumps the dependencies group with 15 updates: | Package | From | To | | --- | --- | --- | | [@commitlint/cli](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/cli) | `19.8.1` | `20.1.0` | | [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/config-conventional) | `19.8.1` | `20.0.0` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `15.5.2` | `16.2.7` | | [markdownlint-cli2](https://github.com/DavidAnson/markdownlint-cli2) | `0.14.0` | `0.19.1` | | [zod](https://github.com/colinhacks/zod) | `3.25.76` | `4.1.13` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `2.1.9` | `4.0.14` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `2.1.9` | `4.0.14` | | [globals](https://github.com/sindresorhus/globals) | `15.15.0` | `16.5.0` | | [@apidevtools/swagger-parser](https://github.com/APIDevTools/swagger-parser) | `10.1.1` | `12.1.0` | | [commander](https://github.com/tj/commander.js) | `12.1.0` | `14.0.2` | | [ts-morph](https://github.com/dsherret/ts-morph) | `24.0.0` | `27.0.2` | | [@hookform/resolvers](https://github.com/react-hook-form/resolvers) | `3.10.0` | `5.2.2` | | [happy-dom](https://github.com/capricorn86/happy-dom) | `15.11.7` | `20.0.11` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `18.3.1` | `19.2.0` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `18.3.1` | `19.2.0` | Updates `@commitlint/cli` from 19.8.1 to 20.1.0 - [Release notes](https://github.com/conventional-changelog/commitlint/releases) - [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/cli/CHANGELOG.md) - [Commits](https://github.com/conventional-changelog/commitlint/commits/v20.1.0/@commitlint/cli) Updates `@commitlint/config-conventional` from 19.8.1 to 20.0.0 - [Release notes](https://github.com/conventional-changelog/commitlint/releases) - [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/config-conventional/CHANGELOG.md) - [Commits](https://github.com/conventional-changelog/commitlint/commits/v20.0.0/@commitlint/config-conventional) Updates `lint-staged` from 15.5.2 to 16.2.7 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v15.5.2...v16.2.7) Updates `markdownlint-cli2` from 0.14.0 to 0.19.1 - [Changelog](https://github.com/DavidAnson/markdownlint-cli2/blob/main/CHANGELOG.md) - [Commits](DavidAnson/markdownlint-cli2@v0.14.0...v0.19.1) Updates `zod` from 3.25.76 to 4.1.13 - [Release notes](https://github.com/colinhacks/zod/releases) - [Commits](colinhacks/zod@v3.25.76...v4.1.13) Updates `@vitest/coverage-v8` from 2.1.9 to 4.0.14 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.14/packages/coverage-v8) Updates `vitest` from 2.1.9 to 4.0.14 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.14/packages/vitest) Updates `globals` from 15.15.0 to 16.5.0 - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v15.15.0...v16.5.0) Updates `@apidevtools/swagger-parser` from 10.1.1 to 12.1.0 - [Release notes](https://github.com/APIDevTools/swagger-parser/releases) - [Changelog](https://github.com/APIDevTools/swagger-parser/blob/main/CHANGELOG.md) - [Commits](APIDevTools/swagger-parser@v10.1.1...v12.1.0) Updates `commander` from 12.1.0 to 14.0.2 - [Release notes](https://github.com/tj/commander.js/releases) - [Changelog](https://github.com/tj/commander.js/blob/master/CHANGELOG.md) - [Commits](tj/commander.js@v12.1.0...v14.0.2) Updates `ts-morph` from 24.0.0 to 27.0.2 - [Release notes](https://github.com/dsherret/ts-morph/releases) - [Commits](dsherret/ts-morph@24.0.0...27.0.2) Updates `@hookform/resolvers` from 3.10.0 to 5.2.2 - [Release notes](https://github.com/react-hook-form/resolvers/releases) - [Commits](react-hook-form/resolvers@v3.10.0...v5.2.2) Updates `happy-dom` from 15.11.7 to 20.0.11 - [Release notes](https://github.com/capricorn86/happy-dom/releases) - [Commits](capricorn86/happy-dom@v15.11.7...v20.0.11) Updates `react` from 18.3.1 to 19.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.0/packages/react) Updates `react-dom` from 18.3.1 to 19.2.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.0/packages/react-dom) --- updated-dependencies: - dependency-name: "@commitlint/cli" dependency-version: 20.1.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@commitlint/config-conventional" dependency-version: 20.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: lint-staged dependency-version: 16.2.7 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: markdownlint-cli2 dependency-version: 0.19.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: zod dependency-version: 4.1.13 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@vitest/coverage-v8" dependency-version: 4.0.14 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: vitest dependency-version: 4.0.14 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: globals dependency-version: 16.5.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@apidevtools/swagger-parser" dependency-version: 12.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: commander dependency-version: 14.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: ts-morph dependency-version: 27.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: "@hookform/resolvers" dependency-version: 5.2.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: happy-dom dependency-version: 20.0.11 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: react dependency-version: 19.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: react-dom dependency-version: 19.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-11-28T20:37:17Z

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

- Merge all Dependabot PRs (#1-8) - Update GitHub Actions: checkout v6, upload-artifact v5, codecov-action v5, codeql-action v4 - Update npm dependencies: happy-dom 20.x, vitest 4.x, React 19, eslint-plugin-react-hooks 7.x - Fix React 19 JSX types for custom web components - Update tests for React 19 boolean attribute behavior - Fix vitest 4.x jest-dom matchers import - Disable react-hooks/refs rule for web component wrappers Closes #1, closes #2, closes #3, closes #4, closes #5, closes #6, closes #7, closes #8

dependabot · 2025-11-28T21:01:37Z

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

dependabot bot requested a review from LinnJS as a code owner November 28, 2025 20:37

LinnJS mentioned this pull request Nov 28, 2025

chore(deps): Fix dependabot errors #10

Merged

28 tasks

LinnJS closed this in #10 Nov 28, 2025

dependabot bot deleted the dependabot/npm_and_yarn/dependencies-1a3df851ad branch November 28, 2025 21:01

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): Bump the dependencies group with 15 updates#6

chore(deps): Bump the dependencies group with 15 updates#6
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-1a3df851ad

dependabot bot commented on behalf of github Nov 28, 2025

Uh oh!

dependabot bot commented on behalf of github Nov 28, 2025

Uh oh!

dependabot bot commented on behalf of github Nov 28, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 28, 2025

v20.1.0

20.1.0 (2025-09-30)

Features

Bug Fixes

New Contributors

v20.0.0

20.0.0 (2025-09-25)

Features

BREAKING CHANGES

v19.9.1

19.9.1 (2025-08-29)

20.1.0 (2025-09-30)

20.0.0 (2025-09-25)

v20.0.0

20.0.0 (2025-09-25)

Features

BREAKING CHANGES

v19.9.1

19.9.1 (2025-08-29)

Bug Fixes

v19.9.0

19.9.0 (2025-08-26)

Features

Chore, docs, etc.

20.0.0 (2025-09-25)

v16.2.7

Patch Changes

v16.2.6

Patch Changes

v16.2.5

Patch Changes

v16.2.4

Patch Changes

v16.2.3

Patch Changes

v16.2.2

Patch Changes

16.2.7

Patch Changes

16.2.6

Patch Changes

16.2.5

Patch Changes

16.2.4

Patch Changes

16.2.3

Patch Changes

16.2.2

Patch Changes

0.19.1

0.19.0

0.18.1

0.18.0

0.17.2

0.17.1

0.17.0

0.16.0

0.15.0

v4.1.13

Commits:

v4.0.14

🚀 Experimental Features

🐞 Bug Fixes

🏎 Performance

View changes on GitHub

v4.0.13

🐞 Bug Fixes

🏎 Performance

View changes on GitHub

v4.0.12

🐞 Bug Fixes

v4.0.14

🚀 Experimental Features

🐞 Bug Fixes

🏎 Performance

View changes on GitHub

v4.0.13