Skip to content

Bump knip from 6.11.0 to 6.12.2#237

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/knip-6.12.2
Open

Bump knip from 6.11.0 to 6.12.2#237
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/knip-6.12.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 10, 2026
edited by macroscopeapp Bot
Loading

Bumps knip from 6.11.0 to 6.12.2.

Release notes

Sourced from knip's releases.

Release 6.12.2

  • Fix symbol reporter file paths with --directory (#1733) (d54074d4f5b9299aecb264897c7369fb81a499fc) - thanks @​cyphercodes!
  • fix(webpack): reference TS loaders for .ts/.cts config (close #1732) (f37c5daa5403fdf78e2746fea83ce79e1577eb48)
  • fix(serverless-framework): skip functions without handler (close #1735) (616739de3ee9c5c216c0efe098d837bb286c102f)
  • ci(integration): disable minimumReleaseAge for test installs (081dfc83039324292ceb1018f73ab2c98fd51ccd)
  • ci(snapshots): query — add CreateQueriesOptions to unused types (5dd0b8a15e1c8298b8bad7388a17951a70285f56)

Release 6.12.1

  • fix: type-only imports in monorepos (#1715) (de33a2cb020f321f242bfb3884cdd597fb5f868c) - thanks @​lishaduck!
  • Bump jiti to ^2.7.0 (#1729) (0fe8dc33dc60b05a814828046aa5207051fc4b6d) - thanks @​re-taro!
  • Fix Vercel config detection (#1726) (370236d2e67058fb30c77a5f54d88b9774276eef) - thanks @​jakeleventhal!
  • Fix inferred declaration export references (#1728) (4dcd756f0903c1045a7600201243decbc7184715) - thanks @​jakeleventhal!
  • Remove stale root watch script (#1731) (2d555a18befc2576539491b5d66799e630689b38) - thanks @​jeffrey-takuma!
  • Update sponsorships script/numbers (c3dcc8f4fd923f87baad444c5f8e23fd7be15497)
  • Add orgs using knip (78fd581857c0b01fc2ab987bc86d888954e97a71)
  • Yolo (7e689bf60b39c6a4af46e8d68e9a6986df0e6f04)

Release 6.12.0

  • Use venz light/dark responsive svg img (2354194043354b67ed9463b6998d40a8e8cbab81)
  • Fix types/path references (4afc873801bcca933dbc71c47b5557cbab646c6b)
  • Move on to pnpm 11 (b1060652e85b8bf9a306135ca12ae22032099889)
  • Fix up ecosystem tests (c226a72b8936397dab2fc6d30e27517c257c36ca)
  • Add shell binaries to global ignore list (#1716) (ddcf7debd820b9deac9f29d1ed904f340c0ee91e) - thanks @​jakeleventhal!
  • Fix declaration export regression and document (resolve #1722) (3a2c22b52cda834b4d8a9956d9089b3dea9422bd)
  • Update snapshot after 3a2c22b (8300078b75913d94ef19dbd1990e2073db8541d8)
  • Detect babel.plugins/presets in @​vitejs/plugin-react via function-form defineConfig (resolve #1723) (d56ee51c2162c29baf3564ded39639a1a258caa1)
  • Lift defineConfig-arg unwrapper to ast-helpers, route findCallArg through it (7195b0a5f0986833a059c5d2cda9697d7d0abbf7)
  • Fix PostCSS detection for @​tailwindcss/postcss (#1719) (60f84824eebeece47ec5d2683fe4db9aaa6e7d00) - thanks @​jakeleventhal!
  • Allow > inside SFC <script> attribute values (resolve #1714) (9e5501f60150d0521bf7f2aa5a9af8db1285813b)
  • Resolve Cypress reporter set per testing type (resolve #1724) (7cc4fc19ea12f4aefb55ef01a0ad5237b2dac8c4)
  • Add Vercel config plugin (#1720) (10f97c10cd3203761c6ba2f4ee335c9719d81840) - thanks @​jakeleventhal!
  • Direct config hint title to stderr (53236b5f7dc12c2e7e561448c276a0168a6367fc)
  • Some light housekeeping (727f842709f2adf9fe7658b6ed1b66b11043d821)
  • Fix up ecosystem tests (0db3300e4109cb184520863e98eff6c2c956a717)
  • Fix --no-exit-code condition for isTreatConfigHintsAsErrors (f27c3f4a556fdd18bfafb9b270fddc9b12c8033a)
  • A friendlier message (aab1e83baaa088b8f8730f03f0d8e6520fa48d64)
  • Mark plugin-name fallback binaries as optional in knownBinsOnly mode (c709a5aaa473184d1a73f7cbcb8eaf0d73e072d4)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Bump knip from 6.11.0 to 6.12.2

Updates the knip dependency to 6.12.2 in the lockfile.

Macroscope summarized d8438b3.

@dependabot
Bump knip from 6.11.0 to 6.12.2
d8438b3 
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 6.11.0 to 6.12.2.
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Commits](https://github.com/webpro-nl/knip/commits/knip@6.12.2/packages/knip)

---
updated-dependencies:
- dependency-name: knip
  dependency-version: 6.12.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 10, 2026
@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 10, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedknip@​6.11.0 ⏵ 6.12.299 +110095 +196100

View full report

cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed May 10, 2026
View reviewed changes
Copy link
Copy Markdown

@cubic-dev-ai cubic-dev-ai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

@entelligence-ai-pr-reviews
Copy link
Copy Markdown

entelligence-ai-pr-reviews Bot commented May 10, 2026

Confidence Score: 5/5 - Safe to Merge

Safe to merge — this PR bumps the knip dependency from version 6.11.0 to 6.12.2, a minor version update to a development tooling package used for dead code detection. No review comments were generated and the heuristic analysis found zero issues of any severity. As a dev-only dependency bump with no runtime code changes, the risk surface is minimal and the update follows a standard patch/minor version increment.

Key Findings:

  • The change is a minor version bump of knip (6.11.0 → 6.12.2), a development-only dependency used for static analysis/dead code detection, meaning there is no runtime or production impact.
  • No review comments, no critical issues, no significant issues, and no pre-existing unresolved concerns were identified by the heuristic analysis.
  • Minor version updates in semver-compliant packages like knip are not expected to introduce breaking changes, and the jump from 6.11.0 to 6.12.2 spans only two minor releases.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants