Skip to content

Bump the non-security group in /cirq-web/cirq_web with 8 updates#7819

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/cirq-web/cirq_web/non-security-620a209b7a
Closed

Bump the non-security group in /cirq-web/cirq_web with 8 updates#7819
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/cirq-web/cirq_web/non-security-620a209b7a

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 1, 2026
edited
Loading

Bumps the non-security group in /cirq-web/cirq_web with 8 updates:

Package From To
@webgpu/types 0.1.66 0.1.68
@vitest/coverage-v8 4.0.14 4.0.16
jsdom 27.2.0 27.4.0
puppeteer 24.31.0 24.34.0
three 0.181.2 0.182.0
@types/three 0.181.0 0.182.0
vite 7.2.6 7.3.0
vitest 4.0.14 4.0.16

Updates @webgpu/types from 0.1.66 to 0.1.68

Commits

Updates @vitest/coverage-v8 from 4.0.14 to 4.0.16

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.0.16

   🐞 Bug Fixes

    View changes on GitHub

v4.0.15

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates jsdom from 27.2.0 to 27.4.0

Release notes

Sourced from jsdom's releases.

Version 27.4.0

  • Added TextEncoder and TextDecoder.
  • Improved decoding of HTML bytes by using the new @exodus/bytes package; it is now much more correct. (ChALkeR)
  • Improved decoding of XML bytes to use UTF-8 more often, instead of sniffing for <meta charset> or using the parent frame's encoding.
  • Fixed a memory leak when Ranges were used and then the elements referred to by those ranges were removed.

Version 27.3.0

  • Improved CSS parsing and CSSOM object APIs via updates to @acemir/cssom. (acemir)
Changelog

Sourced from jsdom's changelog.

27.4.0

  • Added TextEncoder and TextDecoder.
  • Improved decoding of HTML bytes by using the new @exodus/bytes package; it is now much more correct. (ChALkeR)
  • Improved decoding of XML bytes to use UTF-8 more often, instead of sniffing for <meta charset> or using the parent frame's encoding.
  • Fixed a memory leak when Ranges were used and then the elements referred to by those ranges were removed.

27.3.0

  • Improved CSS parsing and CSSOM object APIs via updates to @acemir/cssom. (acemir)
Commits
  • 098d16d Version 27.4.0
  • 1cd029e Improve asciiLowercase/asciiUppercase performance
  • 83fcb62 Implement TextEncoder and TextDecoder; improve XML decoding
  • ddad97d Switch from iconv-lite to exodus/bytes for decoding
  • 25cb2a1 Use weak references for ranges
  • ed4f5ed Add currently-failing CSS regression tests
  • 56b75c2 Version 27.3.0
  • decdb95 Update dependencies and dev dependencies
  • 542b1a6 CSSOM improvements
  • See full diff in compare view

Updates puppeteer from 24.31.0 to 24.34.0

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v24.34.0

24.34.0 (2025-12-19)

🎉 Features

🛠️ Fixes

puppeteer: v24.34.0

24.34.0 (2025-12-19)

♻️ Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.33.1 to 24.34.0

puppeteer-core: v24.33.1

24.33.1 (2025-12-18)

🛠️ Fixes

  • DevTools worker targets should not end up as DevToolsTarget (#14505) (e37f1a4)
  • roll to Chrome 143.0.7499.146 (#14519) (0fe8e2c)
  • webdriver: emit response event on network.responseStarted (#14513) (cdd358f)

puppeteer: v24.33.1

24.33.1 (2025-12-18)

♻️ Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

... (truncated)

Changelog

Sourced from puppeteer's changelog.

24.34.0 (2025-12-19)

♻️ Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.33.1 to 24.34.0

🎉 Features

🛠️ Fixes

24.33.1 (2025-12-18)

♻️ Chores

  • puppeteer: Synchronize puppeteer versions

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • puppeteer-core bumped from 24.33.0 to 24.33.1

🛠️ Fixes

  • DevTools worker targets should not end up as DevToolsTarget (#14505) (e37f1a4)
  • roll to Chrome 143.0.7499.146 (#14519) (0fe8e2c)
  • webdriver: emit response event on network.responseStarted (#14513) (cdd358f)

24.33.0 (2025-12-11)

... (truncated)

Commits

Updates three from 0.181.2 to 0.182.0

Commits

Updates @types/three from 0.181.0 to 0.182.0

Commits

Updates vite from 7.2.6 to 7.3.0

Release notes

Sourced from vite's releases.

v7.3.0

Please refer to CHANGELOG.md for details.

v7.2.7

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.3.0 (2025-12-15)

Features

  • deps: update esbuild from ^0.25.0 to ^0.27.0 (#21183) (cff26ec)

7.2.7 (2025-12-08)

Bug Fixes

Commits

Updates vitest from 4.0.14 to 4.0.16

Release notes

Sourced from vitest's releases.

v4.0.16

   🐞 Bug Fixes

    View changes on GitHub

v4.0.15

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • b46d744 chore: release v4.0.16
  • 84a3062 fix(browser): string formatting bug when including placeholders in console.lo...
  • f7f6aa8 fix: log deprecated test.poolOptions if it's set (#9226)
  • 568513c fix: allow inlining fully dynamic import (#9137)
  • 5d26b87 fix(experimental): export setupEnvironment for custom pools (#9187)
  • f17eb42 refactor: avoid using isFileServingAllowed from Vite (#9160)
  • 78cfbf9 fix: avoid crashing on process.versions stub (#9174)
  • da0ade2 fix: fix browser mode default testTimeout back to 15 seconds (#9167)
  • eb1abf0 chore: release v4.0.15
  • a68f74e feat(cache): add opt-out on a plugin level, fix internal root cache (#9154)
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
@types/three [>= 0.178.a, < 0.179]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the non-security group in /cirq-web/cirq_web with 8 updates
f0995c5 
Bumps the non-security group in /cirq-web/cirq_web with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [@webgpu/types](https://github.com/gpuweb/types) | `0.1.66` | `0.1.68` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.0.14` | `4.0.16` |
| [jsdom](https://github.com/jsdom/jsdom) | `27.2.0` | `27.4.0` |
| [puppeteer](https://github.com/puppeteer/puppeteer) | `24.31.0` | `24.34.0` |
| [three](https://github.com/mrdoob/three.js) | `0.181.2` | `0.182.0` |
| [@types/three](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/three) | `0.181.0` | `0.182.0` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.2.6` | `7.3.0` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.14` | `4.0.16` |


Updates `@webgpu/types` from 0.1.66 to 0.1.68
- [Commits](gpuweb/types@v0.1.66...v0.1.68)

Updates `@vitest/coverage-v8` from 4.0.14 to 4.0.16
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.16/packages/coverage-v8)

Updates `jsdom` from 27.2.0 to 27.4.0
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md)
- [Commits](jsdom/jsdom@27.2.0...27.4.0)

Updates `puppeteer` from 24.31.0 to 24.34.0
- [Release notes](https://github.com/puppeteer/puppeteer/releases)
- [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md)
- [Commits](puppeteer/puppeteer@puppeteer-v24.31.0...puppeteer-v24.34.0)

Updates `three` from 0.181.2 to 0.182.0
- [Release notes](https://github.com/mrdoob/three.js/releases)
- [Commits](https://github.com/mrdoob/three.js/commits)

Updates `@types/three` from 0.181.0 to 0.182.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/three)

Updates `vite` from 7.2.6 to 7.3.0
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.0/packages/vite)

Updates `vitest` from 4.0.14 to 4.0.16
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.0.16/packages/vitest)

---
updated-dependencies:
- dependency-name: "@webgpu/types"
  dependency-version: 0.1.68
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: non-security
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.0.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: non-security
- dependency-name: jsdom
  dependency-version: 27.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: puppeteer
  dependency-version: 24.34.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: three
  dependency-version: 0.182.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: "@types/three"
  dependency-version: 0.182.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: vite
  dependency-version: 7.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: non-security
- dependency-name: vitest
  dependency-version: 4.0.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: non-security
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added area/dependencies area/javascript Pull requests that update Javascript code kind/health For CI/testing/release process/refactoring/technical debt items labels Jan 1, 2026
@dependabot dependabot bot requested a review from vtomole as a code owner January 1, 2026 15:19
@dependabot dependabot bot requested a review from a team as a code owner January 1, 2026 15:19
@dependabot dependabot bot added the area/javascript Pull requests that update Javascript code label Jan 1, 2026
@dependabot dependabot bot requested a review from NoureldinYosri January 1, 2026 15:19
@github-actions github-actions bot added the Size: XS <10 lines changed label Jan 1, 2026
@pavoljuhas
Copy link
Collaborator

pavoljuhas commented Jan 6, 2026

Superseded by #7825

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 6, 2026

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot bot closed this Jan 6, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/cirq-web/cirq_web/non-security-620a209b7a branch January 6, 2026 18:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vtomole vtomole Awaiting requested review from vtomole vtomole is a code owner

@NoureldinYosri NoureldinYosri Awaiting requested review from NoureldinYosri NoureldinYosri is a code owner automatically assigned from quantumlib/cirq-maintainers

Assignees

No one assigned

Labels

area/dependencies area/javascript Pull requests that update Javascript code kind/health For CI/testing/release process/refactoring/technical debt items Size: XS <10 lines changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pavoljuhas