Skip to content

build(deps): bump the dependencies group with 6 updates#200

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-88bbcf9b99
Open

build(deps): bump the dependencies group with 6 updates#200
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-88bbcf9b99

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 6 updates:

Package From To
oxc-parser 0.138.0 0.139.0
string-width 8.2.1 8.2.2
@types/node 26.1.0 26.1.1
@vitest/coverage-v8 4.1.9 4.1.10
typescript 6.0.3 7.0.2
vitest 4.1.9 4.1.10

Updates oxc-parser from 0.138.0 to 0.139.0

Release notes

Sourced from oxc-parser's releases.

oxc crates_v0.139.0

🚀 Features

  • 260425f semantic/examples: Include unresolved references (#24214) (camc314)
  • 2d9b0b3 minifier: Fold boolean-literal ternary branches in value contexts (#24110) (Dunqing)
  • 61fbf10 ast: Implement ReplaceWith on all AST types (#24013) (overlookmotel)
  • 7db7a29 allocator: Add ReplaceWith trait (#24012) (overlookmotel)
  • 4eb074e mangler: Add reserved option for names that must not be mangled (#24041) (Dunqing)
  • 2e62012 data_structures: Add StringExt trait (#24006) (overlookmotel)
  • 60e7160 minifier: Drop side-effect-free IIFEs whose result is unused (#23967) (Dunqing)
  • 26dd9e2 ast: Add method to widen inherited enum ref to parent ref (#23961) (overlookmotel)

🐛 Bug Fixes

  • df62046 transformer: Preserve decorated class read bindings (#24231) (camc314)
  • ce5f40f transformer: Declare temp for renamed anonymous class (#24230) (camc314)
  • 09bd638 transformer: Scope anonymous decorated class bindings correctly (#24229) (camc314)
  • 4b7fa9c transformer: Preserve namespace strict mode flags (#24227) (camc314)
  • d8ead84 transformer: Correct scoping flags for lowered enums (#24225) (camc314)
  • e8b50ee transformer: Clean up semantics for stripped TypeScript syntax (#24180) (camc314)
  • d966d0b react_compiler: Remove clippy allows (#24168) (Boshen)
  • 854ef8d react_compiler: Compile generic functions instead of over-bailing on type-param hoisting (#24158) (Boshen)
  • 093586c react_compiler: Align memoization cache-slot allocation with Babel (#24157) (Boshen)
  • 09c8f59 react_compiler: Normalize snapshot fixture paths (#24142) (camc314)
  • f13df97 react_compiler: Drop stray empty statement from catch bindings (#24133) (Boshen)
  • cb2a505 react_compiler: Codegen destructuring reassignment targets (#24131) (Boshen)
  • b82c394 react_compiler: Propagate codegen invariants instead of emitting empty bodies (#24128) (Boshen)
  • 5771982 react_compiler: Render unchanged programs as source in fixture snapshots (#24129) (Boshen)
  • 4b16e1a transformer/async-to-generator: Preserve direct eval scope flags (#24136) (camc314)
  • 4e9194f react_compiler: Lower delete obj.prop to Property/ComputedDelete (#24123) (Boshen)
  • 0b25582 ast: Type binding node typeAnnotation as TSTypeAnnotation | null (#23113) (Boshen)
  • 018c0e5 transformer: Hoist lowered async declarations (#22770) (camc314)
  • 652fbaf mangler: Keep names of destructured exported bindings (#24036) (Dunqing)
  • e274415 minifier: Don't drop global calls that throw despite pure arguments (#23917) (Dunqing)
  • 59abb30 minifier: Only merge string literals in try_fold_add when the inner operator is + (#23622) (Jerry Zhao)

⚡ Performance

  • c5ca77b transformer: Avoid cloning refresh options (#24191) (camc314)
  • bf1a151 react_compiler: Compile out debug printers (#24184) (Boshen)
  • abb44a0 transformer: Build fixed object-rest arguments (#24190) (camc314)
  • a4db731 isolated_declarations: Use ReplaceWith instead of TakeIn (#24016) (overlookmotel)
  • ff10855 transformer: Use ReplaceWith instead of TakeIn (#24015) (overlookmotel)
  • bd49aff ecmascript: Avoid heap-allocating Math.min/max/imul operands (#23941) (Lawrence Lin)
  • e4b708b react_compiler: Skip compiled files before prefilters (#24171) (Boshen)
  • c59f2fe rust: Return impl ExactSizeIterator from slice-backed accessors (#24144) (Boshen)
  • 5d6d04a codegen: SWAR-skip boring byte runs in sourcemap line/column scan (#24023) (Boshen)
  • a55e0be traverse: Reduce string operations in get_var_name_from_node (#24007) (overlookmotel)
  • e6d48e1 transformer/nullish_coalescing: Move cold path into separate function (#23989) (overlookmotel)
  • c4e35b5 transformer/object_rest_spread: Pre-allocate capacity in Vec (#23988) (overlookmotel)

... (truncated)

Changelog

Sourced from oxc-parser's changelog.

Changelog

All notable changes to this package will be documented in this file.

The format is based on Keep a Changelog.

Commits

Updates string-width from 8.2.1 to 8.2.2

Release notes

Sourced from string-width's releases.

v8.2.2

  • Fix spacing mark width handling (#80) b62c9ea

sindresorhus/string-width@v8.2.1...v8.2.2

Commits

Updates @types/node from 26.1.0 to 26.1.1

Commits

Updates @vitest/coverage-v8 from 4.1.9 to 4.1.10

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates typescript from 6.0.3 to 7.0.2

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for typescript since your current version.


Updates vitest from 4.1.9 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [oxc-parser](https://github.com/oxc-project/oxc/tree/HEAD/napi/parser) | `0.138.0` | `0.139.0` |
| [string-width](https://github.com/sindresorhus/string-width) | `8.2.1` | `8.2.2` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `26.1.0` | `26.1.1` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.9` | `4.1.10` |
| [typescript](https://github.com/microsoft/TypeScript) | `6.0.3` | `7.0.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.9` | `4.1.10` |


Updates `oxc-parser` from 0.138.0 to 0.139.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/napi/parser/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/crates_v0.139.0/napi/parser)

Updates `string-width` from 8.2.1 to 8.2.2
- [Release notes](https://github.com/sindresorhus/string-width/releases)
- [Commits](sindresorhus/string-width@v8.2.1...v8.2.2)

Updates `@types/node` from 26.1.0 to 26.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vitest/coverage-v8` from 4.1.9 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/coverage-v8)

Updates `typescript` from 6.0.3 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

Updates `vitest` from 4.1.9 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

---
updated-dependencies:
- dependency-name: oxc-parser
  dependency-version: 0.139.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: string-width
  dependency-version: 8.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@types/node"
  dependency-version: 26.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 12, 2026
@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedvitest@​4.1.9 ⏵ 4.1.1098 +110079 +199100
Updated@​vitest/​coverage-v8@​4.1.9 ⏵ 4.1.10991007999100
Updated@​types/​node@​26.1.0 ⏵ 26.1.110010081 +196100
Updatedstring-width@​8.2.1 ⏵ 8.2.2100 +110089 +189100
Updatedtypescript@​6.0.3 ⏵ 7.0.294 -610089 -1100100 +10
Updatedoxc-parser@​0.138.0 ⏵ 0.139.09010010096 +2100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants