Skip to content

chore(deps-dev): bump the development-dependencies group across 1 directory with 9 updates#28

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/development-dependencies-c5b8450432
Open

chore(deps-dev): bump the development-dependencies group across 1 directory with 9 updates#28
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/development-dependencies-c5b8450432

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 18, 2026
edited
Loading

Bumps the development-dependencies group with 9 updates in the / directory:

Package From To
@changesets/cli 2.29.8 2.30.0
@types/node 22.19.7 25.5.0
dotenv 16.6.1 17.3.1
lint-staged 15.5.2 16.4.0
vitest 2.1.9 4.1.0
node-gyp 10.3.1 12.2.0
rimraf 5.0.10 6.1.3
drizzle-kit 0.28.1 0.31.10
prisma 6.19.2 7.5.0

Updates @changesets/cli from 2.29.8 to 2.30.0

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.30.0

Minor Changes

  • #1840 057cca2 Thanks @​wotan-allfather! - Add --since flag to add command

    The add command now supports a --since flag that allows you to specify which branch, tag, or git ref to use when detecting changed packages. This is useful for gitflow workflows where you have multiple target branches and the baseBranch config option doesn't cover all use cases.

    Example: changeset add --since=develop

    If not provided, the command falls back to the baseBranch value in your .changeset/config.json.

  • #1845 2b4a66a Thanks @​Andarist! - Delegate OTP prompting to the package manager instead of handling it in-process. This allows Changesets to use the package manager's native web auth support.

  • #1774 667fe5a Thanks @​bluwy! - Support importing custom commit option ES module. Previously, it used require() which only worked for CJS modules, however now it uses import() which supports both CJS and ES modules.

  • #1839 73b1809 Thanks @​leochiu-a! - Add a --message (-m) flag to changeset add (and default changeset) so the changeset summary can be provided from the command line. When --message is present, the summary prompt is skipped while the final confirmation step is kept.

  • #1806 0e8e01e Thanks @​luisadame! - Changeset CLI can now be run from the nested directories in the project, where the .changeset directory has to be found in one of the parent directories

Patch Changes

  • #1849 9dc3230 Thanks @​Andarist! - Compute the terminal's size lazily to avoid spurious stderr output in non-interactive mode

  • #1857 2a73025 Thanks @​mixelburg! - Fix confusing prompt labels when entering changeset summary after external editor fallback

  • #1842 6df3a5e Thanks @​RodrigoHamuy! - Allow private packages to depend on skipped packages without requiring them to also be skipped. Private packages are not published to npm, so it is safe for them to have dependencies on ignored or unversioned packages.

  • #1776 503fcaa Thanks @​bluwy! - Support absolute paths in changeset status --output <path>

  • Updated dependencies [667fe5a, 1772598, b6f4c74, 6df3a5e, 6df3a5e, 27fd8f4]:

    • @​changesets/apply-release-plan@​7.1.0
    • @​changesets/config@​3.1.3
    • @​changesets/get-release-plan@​4.0.15
    • @​changesets/read@​0.6.7
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​changesets/cli since your current version.


Updates @types/node from 22.19.7 to 25.5.0

Commits

Updates dotenv from 16.6.1 to 17.3.1

Changelog

Sourced from dotenv's changelog.

17.3.1 (2026-02-12)

Changed

  • Fix as2 example command in README and update spanish README

17.3.0 (2026-02-12)

Added

  • Add a new README section on dotenv’s approach to the agentic future.

Changed

  • Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

17.2.4 (2026-02-05)

Changed

  • Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#915)
  • Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

17.2.3 (2025-09-29)

Changed

  • Fixed typescript error definition (#912)

17.2.2 (2025-09-02)

Added

  • 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

17.2.1 (2025-07-24)

Changed

  • Fix clickable tip links by removing parentheses (#897)

17.2.0 (2025-07-09)

Added

  • Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#889)
  • Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})
# .env
</tr></table>

... (truncated)

Commits

Updates lint-staged from 15.5.2 to 16.4.0

Release notes

Sourced from lint-staged's releases.

v16.4.0

Minor Changes

v16.3.4

Patch Changes

v16.3.3

Patch Changes

  • #1740 0109e8d Thanks @​iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.

v16.3.2

Patch Changes

  • #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

v16.3.1

Patch Changes

  • #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

v16.3.0

Minor Changes

  • #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

  • #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

  • #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.

v16.2.7

Patch Changes

  • #1711 ef74c8d Thanks @​iiroj! - Do not display a "failed to spawn" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed.

v16.2.6

Patch Changes

  • #1693 33d4502 Thanks @​Adrian-Baran-GY! - Fix problems with --continue-on-error option, where tasks might have still been killed (SIGINT) when one of them failed.

v16.2.5

Patch Changes

  • #1687 9e02d9d Thanks @​iiroj! - Fix unhandled promise rejection when spawning tasks (instead of the tasks themselves failing). Previously when a task failed to spawn, lint-staged also failed and the backup stash might not have been automatically restored.

... (truncated)

Changelog

Sourced from lint-staged's changelog.

16.4.0

Minor Changes

16.3.4

Patch Changes

16.3.3

Patch Changes

  • #1740 0109e8d Thanks @​iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.

16.3.2

Patch Changes

  • #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

16.3.1

Patch Changes

  • #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

16.3.0

Minor Changes

  • #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

  • #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

  • #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.

16.2.7

Patch Changes

  • #1711 ef74c8d Thanks @​iiroj! - Do not display a "failed to spawn" error message when a task fails normally. This message is reserved for when the task didn't run because spawning it failed.

16.2.6

... (truncated)

Commits
  • 445f9dd chore(changeset): release
  • d91be60 docs: update readme to use picomatch
  • b392a9f refactor: extract matchFiles and add unit tests
  • 687fc90 refactor: replace micromatch with picomatch
  • 26dadf9 chore(changeset): release
  • 9d6e827 build(deps): update dependencies
  • 8aea986 chore(changeset): release
  • 0109e8d fix: strip Git CRLF warning from output
  • dfd6a7a chore(changeset): release
  • 2adaf6c fix(Windows): do not spawn tasks as detached since it opens a cmd window on ...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lint-staged since your current version.


Updates vitest from 2.1.9 to 4.1.0

Release notes

Sourced from vitest's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits
  • 4150b91 chore: release v4.1.0
  • 1de0aa2 fix: correctly identify concurrent test during static analysis (#9846)
  • c3cac1c fix: use isAgent check, not just TTY, for watch mode (#9841)
  • eab68ba chore(deps): update all non-major dependencies (#9824)
  • 031f02a fix: allow catch/finally for async assertion (#9827)
  • 3e9e096 feat(reporters): add agent reporter to reduce ai agent token usage (#9779)
  • 0c2c013 chore: release v4.1.0-beta.6
  • 8181e06 fix: hideSkippedTests should not hide test.todo (fix #9562) (#9781)
  • a8216b0 fix: manual and redirect mock shouldn't load or transform original module...
  • 689a22a fix(browser): types of getCDPSession and cdp() (#9716)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vitest since your current version.


Updates node-gyp from 10.3.1 to 12.2.0

Release notes

Sourced from node-gyp's releases.

v12.2.0

12.2.0 (2026-01-26)

Features

Bug Fixes

Core

Doc

Miscellaneous

v12.1.0

12.1.0 (2025-11-12)

Features

  • Add support for Visual Studio 2026 (18.x) (69e5fd2)
  • Support for Visual Studio 2026 (18.x) (69e5fd2)

v12.0.0

12.0.0 (2025-11-10)

⚠ BREAKING CHANGES

... (truncated)

Changelog

Sourced from node-gyp's changelog.

12.2.0 (2026-01-26)

Features

Bug Fixes

Core

Doc

Miscellaneous

12.1.0 (2025-11-12)

Features

  • Add support for Visual Studio 2026 (18.x) (69e5fd2)
  • Support for Visual Studio 2026 (18.x) (69e5fd2)

12.0.0 (2025-11-10)

⚠ BREAKING CHANGES

  • align to npm 11 node engine range

Features

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for node-gyp since your current version.


Updates rimraf from 5.0.10 to 6.1.3

Changelog

Sourced from rimraf's changelog.

6.1

  • Move to native fs/promises usage instead of promisifying manually.

6.0

  • Drop support for nodes before v20
  • Add --version to CLI

5.0

  • No default export, only named exports

4.4

  • Provide Dirent or Stats object as second argument to filter

4.3

  • Return boolean indicating whether the path was fully removed
  • Add filter option
  • bin: add --verbose, -v to print files as they are deleted
  • bin: add --no-verbose, -V to not print files as they are deleted
  • bin: add -i --interactive to be prompted on each deletion
  • bin: add -I --no-interactive to not be prompted on each deletion
  • 4.3.1 Fixed inappropriately following symbolic links to directories

v4.2

  • Brought back glob support, using the new and improved glob v9

v4.1

  • Improved hybrid module with no need to look at the .default dangly bit. .default preserved as a reference to rimraf for compatibility with anyone who came to rely on it in v4.0.
  • Accept and ignore -rf and -fr arguments to the bin.

v4.0

  • Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
  • Accept array of paths or single path.
  • Windows performance and reliability improved.
  • All strategies separated into explicitly exported methods.
  • Drop support for Node.js below version 14
  • rewrite in TypeScript

... (truncated)

Commits

Updates drizzle-kit from 0.28.1 to 0.31.10

Release notes

Sourced from drizzle-kit's releases.

drizzle-kit@0.31.10

  • Updated to hanji@0.0.8 - native bun stringWidth, stripANSI support, errors for non-TTY environments
  • We've migrated away from esbuild-register to tsx loader, it will now allow to use drizzle-kit seamlessly with both ESM and CJS modules
  • We've also added native Bun and Deno launch support, which will not trigger tsx loader and utilise native bun and deno imports capabilities and faster startup times

drizzle-kit@0.31.9

  • drizzle-kit api improvements for D1 connections

drizzle-kit@0.31.8

Bug fixes

  • Fixed algorythm => algorithm typo.
  • Fixed external dependencies in build configuration.

drizzle-kit@0.31.6

Bug fixes

drizzle-kit@0.31.5

  • Add casing support to studio configuration and related functions

drizzle-kit@0.31.4

  • Fixed halfvec, bit and sparsevec type generation bug in drizzle-kit

drizzle-kit@0.31.3

  • Internal changes to Studio context. Added databaseName and packageName properties for Studio

drizzle-kit@0.31.2

Bug fixes

  • Fixed relations extraction to not interfere with Drizzle Studio.

drizzle-kit@0.31.1

Fixed drizzle-kit pull bugs when using Gel extensions.

Because Gel extensions create schema names containing :: (for example, ext::auth), Drizzle previously handled these names incorrectly. Starting with this release, you can use Gel extensions without any problems. Here’s what you should do:

  1. Enable extensions schemas in drizzle.config.ts
import  { defineConfig } from "drizzle-kit";
export default defineConfig({
dialect: 'gel',
schemaFilter: ['ext::auth', 'public']
});

  1. Run drizzle-kit pull

... (truncated)

Commits
  • 4aa6ecf Kit updates (#5490)
  • e8e6edf feat(drizzle-kit): support d1 via binding (#5302)
  • a086f59 Fixed pg-native Pool detection in node-postgres transactions breaking in envi...
  • c445637 Merge pull request #5095 from drizzle-team/main-workflows
  • e7b3aaa Merge branch 'main' into main-workflows
  • 0d885a5 refactor: Update condition for run-feature job to improve clarity and functio...
  • 45a1ffb Merge pull request #5087 from drizzle-team/main-workflows
  • 6357645 chore: Comment out NEON_HTTP_CONNECTION_STRING requirement in release workflows
  • 53dec98 refactor: Simplify release router workflow by removing unnecessary switch job...
  • ce88a18 Merge remote-tracking branch 'origin/ext-deps-kit' into main-workflows
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for drizzle-kit since your current version.


Updates prisma from 6.19.2 to 7.5.0

Release notes

Sourced from prisma's releases.

7.5.0

Today, we are excited to share the 7.5.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

  • Added support for nested transaction rollbacks via savepoints (#21678...

    Description has been truncated

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 18, 2026

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/development-dependencies-c5b8450432 branch from 58a1c57 to cd7da23 Compare March 18, 2026 18:11
@dependabot
chore(deps-dev): bump the development-dependencies group across 1 dir…
e671641 
…ectory with 9 updates

Bumps the development-dependencies group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@changesets/cli](https://github.com/changesets/changesets) | `2.29.8` | `2.30.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.7` | `25.5.0` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.3.1` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `15.5.2` | `16.4.0` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `2.1.9` | `4.1.0` |
| [node-gyp](https://github.com/nodejs/node-gyp) | `10.3.1` | `12.2.0` |
| [rimraf](https://github.com/isaacs/rimraf) | `5.0.10` | `6.1.3` |
| [drizzle-kit](https://github.com/drizzle-team/drizzle-orm) | `0.28.1` | `0.31.10` |
| [prisma](https://github.com/prisma/prisma/tree/HEAD/packages/cli) | `6.19.2` | `7.5.0` |



Updates `@changesets/cli` from 2.29.8 to 2.30.0
- [Release notes](https://github.com/changesets/changesets/releases)
- [Commits](https://github.com/changesets/changesets/commits/@changesets/cli@2.30.0)

Updates `@types/node` from 22.19.7 to 25.5.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `dotenv` from 16.6.1 to 17.3.1
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.6.1...v17.3.1)

Updates `lint-staged` from 15.5.2 to 16.4.0
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v15.5.2...v16.4.0)

Updates `vitest` from 2.1.9 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest)

Updates `node-gyp` from 10.3.1 to 12.2.0
- [Release notes](https://github.com/nodejs/node-gyp/releases)
- [Changelog](https://github.com/nodejs/node-gyp/blob/main/CHANGELOG.md)
- [Commits](nodejs/node-gyp@v10.3.1...v12.2.0)

Updates `rimraf` from 5.0.10 to 6.1.3
- [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md)
- [Commits](isaacs/rimraf@v5.0.10...v6.1.3)

Updates `drizzle-kit` from 0.28.1 to 0.31.10
- [Release notes](https://github.com/drizzle-team/drizzle-orm/releases)
- [Commits](https://github.com/drizzle-team/drizzle-orm/compare/drizzle-kit@0.28.1...drizzle-kit@0.31.10)

Updates `prisma` from 6.19.2 to 7.5.0
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/7.5.0/packages/cli)

---
updated-dependencies:
- dependency-name: "@changesets/cli"
  dependency-version: 2.30.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.5.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: dotenv
  dependency-version: 17.3.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: lint-staged
  dependency-version: 16.4.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: vitest
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: node-gyp
  dependency-version: 12.2.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: rimraf
  dependency-version: 6.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: drizzle-kit
  dependency-version: 0.31.10
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: prisma
  dependency-version: 7.5.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/development-dependencies-c5b8450432 branch from cd7da23 to e671641 Compare March 19, 2026 02:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants