build(deps): bump the minor-and-patch group with 7 updates by dependabot[bot] · Pull Request #98 · uhyo/funstack-static

dependabot · 2026-03-29T07:55:01Z

Bumps the minor-and-patch group with 7 updates:

Package	From	To
oxlint	`1.56.0`	`1.57.0`
turbo	`2.8.20`	`2.8.21`
wrangler	`4.76.0`	`4.78.0`
srvx	`0.11.12`	`0.11.13`
tsdown	`0.21.4`	`0.21.7`
vitest	`4.1.0`	`4.1.2`
vite	`8.0.1`	`8.0.3`

Updates oxlint from 1.56.0 to 1.57.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)

2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)

bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)

5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)

7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)

2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)

ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)

6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)

7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)

732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)

a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)

ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)

3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)

ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)

e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)

6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)

85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)

fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)

ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)

dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)

989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)

cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

25d577e language_server: Start tools in parallel (#15500) (Sysix)

3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)

3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)

9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)

3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)

444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)

2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)

a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)

3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)

2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)

57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Commits

8b0f61d release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)
b33fbde Revert "release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)"
027ce4a release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)
180dd0f Revert "release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20649)"
a8f45a8 release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20649)
See full diff in compare view

Updates turbo from 2.8.20 to 2.8.21

Release notes

Sourced from turbo's releases.

Turborepo v2.8.21

What's Changed

Docs

fix: Strip JSX components from heading anchors and TOC entries by @anthonyshew in vercel/turborepo#12404

eslint

fix(eslint-plugin-turbo): Guard against missing tasks/pipeline in forEachTaskDef by @sleitor in vercel/turborepo#12411

@turbo/repository

feat: Add packagesFromLockfile() NAPI binding to @turbo/repository by @anthonyshew in vercel/turborepo#12454

release(library): 0.0.1-canary.21 by @github-actions[bot] in vercel/turborepo#12455

Examples

fix(examples): Update of with-svelte example by @floriansalihovic in vercel/turborepo#11952

fix: Use script-shell=bash for cross-platform with-shell-commands example by @Goldyvaiiii in vercel/turborepo#12436

Changelog

docs: Add link to Docker guide in prune --docker flag section by @styfle in vercel/turborepo#12401

feat: Add global configuration key behind futureFlags.globalConfiguration by @anthonyshew in vercel/turborepo#12399

chore: Update CODEOWNERS to remove /docs owner by @anthonyshew in vercel/turborepo#12402

fix: Move docs app icons into app/ directory by @anthonyshew in vercel/turborepo#12403

feat: Add experimental structured logging with --json and --log-file flags by @anthonyshew in vercel/turborepo#12405

docs: Downgrade Next.js by @anthonyshew in vercel/turborepo#12408

chore: Deprecate the turbo scan command by @anthonyshew in vercel/turborepo#12406

chore: Upgrade Next.js by @anthonyshew in vercel/turborepo#12415

Revert "fix: Flush stale mouse tracking events from stdin during TUI cleanup" by @anthonyshew in vercel/turborepo#12416

fix: Add NixOS environment variables to default passthroughs by @anthonyshew in vercel/turborepo#12417

fix: Resolve security vulnerabilities in tar and rustls-webpki by @anthonyshew in vercel/turborepo#12418

docs: Promote turbo query from experimental to stable by @anthonyshew in vercel/turborepo#12421

docs: Clarify turbo-ignore's future by @anthonyshew in vercel/turborepo#12422

feat: Rework turbo ls to use query internals and add turbo query ls shorthand by @anthonyshew in vercel/turborepo#12424

docs: Clarify environment variables across packages dependency behavior by @ramanverse in vercel/turborepo#12390

docs: Expand subpath imports example by @lilianakatrina684-a11y in vercel/turborepo#12412

fix: Preserve source dependencies when adding workspace deps in turbo-gen by @sleitor in vercel/turborepo#11935

docs: Add Git history requirements to turbo query affected docs by @anthonyshew in vercel/turborepo#12426

fix: Prevent horizontal overflow from long inline code on narrow viewports by @anthonyshew in vercel/turborepo#12428

feat: Send git SHA and dirty hash to remote cache by @mehulkar in vercel/turborepo#12427

fix: Upgrade tokio to 1.47.1+ to fix pidfd_reaper panic by @anthonyshew in vercel/turborepo#12431

docs: Add AI guide to sidebar navigation by @anthonyshew in vercel/turborepo#12438

docs: Move experimentalObservability into futureFlags section by @anthonyshew in vercel/turborepo#12439

fix: Skip Unix domain sockets and other special files during file hashing by @anthonyshew in vercel/turborepo#12445

fix: Preserve dedupePeers and unknown pnpm lockfile settings by @attehuhtakangas in vercel/turborepo#12443

fix: Align dry run cache status with normal run by checking caching guards by @anthonyshew in vercel/turborepo#12448

fix: Resolve turbo watch hang with mixed interruptible persistent tasks by @anthonyshew in vercel/turborepo#12449

fix: Avoid setsid() in PTY spawn to prevent macOS Gatekeeper CPU spikes by @anthonyshew in vercel/turborepo#12452

refactor: Move cache hit SHA context to verbose logging by @mehulkar in vercel/turborepo#12435

docs: Add missing --force flag documentation by @Goldyvaiiii in vercel/turborepo#12440

fix: Prevent panic in turbo watch with persistent tasks by @anthonyshew in vercel/turborepo#12459

fix: Support turbo watch in single-package workspaces by @anthonyshew in vercel/turborepo#12460

fix: Missing deps after npm lockfile parsing by @anthonyshew in vercel/turborepo#12464

docs: Add AI agent detection and automatic markdown rewrites by @molebox in vercel/turborepo#12462

fix: Resolve generator name conflicts across workspaces by @anthonyshew in vercel/turborepo#12467

... (truncated)

Commits

84a861a publish 2.8.21 to registry
ffa47d1 fix: Show run summary after TUI exits (#12471)
c5a4690 release(turborepo): 2.8.21-canary.20 (#12470)
91ebb97 fix: Remove root package.json from --affected global triggers (#12469)
7552e93 release(turborepo): 2.8.21-canary.19 (#12468)
d5d37a8 fix: Resolve generator name conflicts across workspaces (#12467)
50bd872 docs: Add AI agent detection and automatic markdown rewrites (#12462)
c014134 release(turborepo): 2.8.21-canary.18 (#12465)
fe5a86e fix: Missing deps after npm lockfile parsing (#12464)
0bafae2 release(turborepo): 2.8.21-canary.17 (#12463)
Additional commits viewable in compare view

Updates wrangler from 4.76.0 to 4.78.0

Release notes

Sourced from wrangler's releases.

wrangler@4.78.0

Minor Changes
#13031 eeaa473 Thanks @WalshyDev! - Add support for Cloudflare Access Service Token authentication via environment variables

When running wrangler dev with remote bindings behind a Cloudflare Access-protected domain, Wrangler previously required cloudflared access login which opens a browser for interactive authentication. This does not work in CI/CD environments.

You can now set the CLOUDFLARE_ACCESS_CLIENT_ID and CLOUDFLARE_ACCESS_CLIENT_SECRET environment variables to authenticate using an Access Service Token instead:
export CLOUDFLARE_ACCESS_CLIENT_ID="<your-client-id>.access"
export CLOUDFLARE_ACCESS_CLIENT_SECRET="<your-client-secret>"
wrangler dev
Additionally, when running in a non-interactive environment (CI) without these credentials, Wrangler now throws a clear, actionable error instead of hanging on cloudflared access login.
#13027 9fcdfca Thanks @G4brym! - feat: Add ai_search_namespaces and ai_search binding types

Two new binding types for AI Search:

ai_search_namespaces: Namespace binding — namespace is required and auto-provisioned at deploy time if it doesn't exist (like R2 buckets)

ai_search: Single instance binding bound directly to a pre-existing instance in the default namespace

Both are remote-only in local dev.
#12874 53ed15a Thanks @xortive! - Add Workers VPC service support for Hyperdrive origins

Hyperdrive configs can now connect to databases through Workers VPC services using the --service-id option:
wrangler hyperdrive create my-config --service-id <vpc-service-uuid> --database mydb --user myuser --password mypassword
This enables Hyperdrive to connect to databases hosted in private networks that are accessible through Workers VPC TCP services.
#12852 6b50bfa Thanks @Carolx715! - Add interactive data catalog validation to R2 object and lifecycle commands.

When performing R2 operations that could affect data catalog state (object put, object delete, lifecycle add, lifecycle set), Wrangler now validates with the API and prompts users for confirmation if a conflict is detected. For bulk put operations, Wrangler prompts upfront before starting the batch. Users can bypass prompts with --force (-y). In non-interactive/CI environments, the operation proceeds automatically.

#13030 0386553 Thanks @natewong1313! - Add local mode support for Stream bindings

Miniflare and wrangler dev now support using Cloudflare Stream bindings locally.

Supported operations:

upload() — upload video via URL

video(id).details(), .update(), .delete(), .generateToken()

videos.list()

captions.generate(), .list(), .delete()

... (truncated)

Commits

81b2b9b Version Packages (#13038)
9fcdfca feat: add ai_search_namespaces and ai_search binding types (#13027)
53ed15a Add support for WVPC TCP services, and using them as Hyperdrive origins (#12874)
9c5ebf5 [wrangler] Only allow "worker" queue consumer type in wrangler config (#13018)
535582d [wrangler] fix: resolve secondary worker types when environment overrides wor...
8c08b3f [wrangler] Fix R2 e2e snapshot for data catalog confirmation prompt (#13059)
25cb184 [wrangler] fix e2e flakiness: use waitForLong to verify response body after d...
6b50bfa [wrangler] add validation to actions that could affect r2 data catalog state ...
0386553 [Stream] Add Stream binding local mode (#13030)
f6cdab2 [wrangler] Support source phase imports (#12996)
Additional commits viewable in compare view

Updates srvx from 0.11.12 to 0.11.13

Release notes

Sourced from srvx's releases.

v0.11.13

compare changes

🩹 Fixes

url: Deopt absolute URIs in FastURL (de0d699)

Changelog

Sourced from srvx's changelog.

v0.11.13

compare changes

🩹 Fixes

url: Deopt absolute URIs in FastURL (de0d699)

🏡 Chore

Update deps (4e6ace6)

Update deps (6a72a00)

Fix type issue (ed8cc2b)

Apply automated updates (7375fed)

Update deps (8f4bc4f)

❤️ Contributors

Pooya Parsa (@pi0)

Commits

e19649a chore(release): v0.11.13
8f4bc4f chore: update deps
7375fed chore: apply automated updates
ed8cc2b chore: fix type issue
6a72a00 chore: update deps
de0d699 fix(url): deopt absolute URIs in FastURL
4e6ace6 chore: update deps
See full diff in compare view

Updates tsdown from 0.21.4 to 0.21.7

Release notes

Sourced from tsdown's releases.

v0.21.7

   🚀 Features

Add module option for attw and publint to allow passing imported modules directly - by @sxzz (31e90)

   🐞 Bug Fixes

deps: Add skipNodeModulesBundle dep subpath e2e tests and fix docs - by @sxzz (deff7)

    View changes on GitHub

v0.21.6

   🚀 Features

Upgrade rolldown to v1.0.0-rc.12 - by @sxzz (51292)

config:

Pass root config to workspace config functions - by @sxzz (76169)

Use mergeConfig for workspace config merging and support variadic overrides - by @sxzz (148aa)

dts:

Add cjsReexport option to eliminate dual module type hazard - by @mandarini and @sxzz in rolldown/tsdown#856 (875c1)

exports:

Add bin option to auto-generate package.json bin field - by @sxzz in rolldown/tsdown#869 (7ebd6)

   🐞 Bug Fixes

css:

Compile preprocessor langs in virtual CSS modules - by @sxzz in rolldown/tsdown#865 (7b2e0)

Strip .module from CSS output filenames - by @sxzz in rolldown/tsdown#866 (03ade)

Default splitting to true in unbundle mode for CSS inject - by @sxzz in rolldown/tsdown#867 (a4da6)

Split CSS plugin into pre/post phases for scoped CSS support - by @sxzz in rolldown/tsdown#870 (ff0c4)

entry:

Correctly output relative paths in logger output - by @sxzz (00050)

    View changes on GitHub

v0.21.5

   🚀 Features

Update rolldown to 1.0.0-rc.10 - by @wChenonly in rolldown/tsdown#845 (41411)

Support typescript v6 - by @ocavue in rolldown/tsdown#858 (bffc4)

   🐞 Bug Fixes

css:

Run final minification on merged CSS output - by @sxzz in rolldown/tsdown#853 (475df)

Don't override internal importer - by @Laupetin in rolldown/tsdown#860 (af40e)

Use aliased exports for CSS module keys - by @wChenonly and @sxzz in rolldown/tsdown#840 (bb6de)

deps:

External optionalDependencies by default - by @sxzz (cd24d)

Resolve subpath extensions for packages without exports field - by @sxzz in rolldown/tsdown#863 (c5150)

... (truncated)

Commits

42467bd chore: release v0.21.7
88d73a7 chore: upgrade deps
5b1535e chore: remove jsr
5d32818 docs: fix dead external links in docs and skills
c7483a0 docs: update link to Rolldown plugin development guide (#874)
deff72c fix(deps): add skipNodeModulesBundle dep subpath e2e tests and fix docs
31e90c1 feat: add module option for attw and publint to allow passing imported modu...
375a51c chore: release v0.21.6
e1403c0 chore: upgrade deps
0005096 fix(entry): correctly output relative paths in logger output
Additional commits viewable in compare view

Updates vitest from 4.1.0 to 4.1.2

Release notes

Sourced from vitest's releases.

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

   🐞 Bug Fixes

Don't resolve setupFiles from parent directory - by @hi-ogawa in vitest-dev/vitest#9960 (7aa93)

Ensure sequential mock/unmock resolution - by @hi-ogawa and Claude Opus 4.6 in vitest-dev/vitest#9830 (7c065)

browser: Take failure screenshot if toMatchScreenshot can't capture a stable screenshot - by @macarie in vitest-dev/vitest#9847 (faace)

coverage: Correct coverageConfigDefaults values and types - by @Arthie in vitest-dev/vitest#9940 (b3c99)

pretty-format: Fix output limit over counting - by @hi-ogawa in vitest-dev/vitest#9965 (d3b7a)

Disable colors if agent is detected - by @sheremet-va and @AriPerkkio in vitest-dev/vitest#9851 (6f97b)

    View changes on GitHub

v4.1.1

   🚀 Features

experimental:

Expose matchesTags to test if the current filter matches tags - by @sheremet-va in vitest-dev/vitest#9913 (eec53)

Introduce experimental.vcsProvider - by @sheremet-va in vitest-dev/vitest#9928 (56115)

   🐞 Bug Fixes

Mark TestProject.testFilesList internal properly - by @sapphi-red in vitest-dev/vitest#9867 (54f26)

Detect fixture that returns without calling use - by @oilater in vitest-dev/vitest#9831 and vitest-dev/vitest#9861 (633ae)

Drop vite 8.beta support - by @AriPerkkio in vitest-dev/vitest#9862 (b78f5)

Type regression in vi.mocked() static class methods - by @purepear and @hi-ogawa in vitest-dev/vitest#9857 (90926)

Properly re-evaluate actual modules of mocked external - by @hi-ogawa in vitest-dev/vitest#9898 (ae5ec)

Preserve coverage report when html reporter overlaps - by @hi-ogawa in vitest-dev/vitest#9889 (2d81a)

Provide vi.advanceTimers to the preview provider - by @sheremet-va in vitest-dev/vitest#9891 (1bc3e)

Don't leak event listener in playwright provider - by @sheremet-va in vitest-dev/vitest#9910 (d9355)

Open browser in --standalone mode without running tests - by @sheremet-va in vitest-dev/vitest#9911 (e78ad)

Guard disposable and optional body - by @sheremet-va in vitest-dev/vitest#9912 (6fdb2)

Resolve retry.condition RegExp serialization issue - by @nstepien and @hi-ogawa in vitest-dev/vitest#9942 (7b605)

collect:

Don't treat extra props on test return as tests - by @sheremet-va in vitest-dev/vitest#9871 (141e7)

coverage:

Simplify provider types - by @AriPerkkio in vitest-dev/vitest#9931 (aaf9f)

Load built-in provider without module runner - by @AriPerkkio in vitest-dev/vitest#9939 (bf892)

expect:

Soft assertions continue after .resolves/.rejects promise errors - by @mixelburg, Maks Pikov, Claude Opus 4.6 (1M context) and @hi-ogawa in vitest-dev/vitest#9843 (6d74b)

Fix sinon-chai style API - by @hi-ogawa in vitest-dev/vitest#9943 (0f08d)

pretty-format:

Limit output for large object - by @hi-ogawa and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9949 (0d5f9)

    View changes on GitHub

Commits

fc6f482 chore: release v4.1.2
6f97b55 feat: disable colors if agent is detected (#9851)
b3c992c fix(coverage): correct coverageConfigDefaults values and types (#9940)
7c06598 fix: ensure sequential mock/unmock resolution (#9830)
f54abad chore: add typo-checker skill and fix typos (#9963)
7aa9377 fix: don't resolve setupFiles from parent directory (#9960)
1f2d318 chore: release v4.1.1
ebfde79 refactor: rename matchesTagsFilter to matchesTags (#9956)
5611500 feat(experimental): introduce experimental.vcsProvider (#9928)
eec53d9 feat(experimental): expose matchesTagsFilter to test if the current filter ...
Additional commits viewable in compare view

Updates vite from 8.0.1 to 8.0.3

Release notes

Sourced from vite's releases.

create-vite@8.0.3

Please refer to CHANGELOG.md for details.

v8.0.3

Please refer to CHANGELOG.md for details.

create-vite@8.0.2

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.3 (2026-03-26)

Features

update rolldown to 1.0.0-rc.12 (#22024) (84164ef)

Bug Fixes

html: cache unfiltered CSS list to prevent missing styles across entries (#22017) (5464190)

module-runner: handle non-ascii characters in base64 sourcemaps (#21985) (77c95bf)

module-runner: skip re-import if the runner is closed (#22020) (ee2c2cd)

optimizer: scan is not resolving sub path import if used in a glob import (#22018) (ddfe20d)

ssr: ssrTransform incorrectly rewrites meta identifier inside import.meta when a binding named meta exists (#22019) (cff5f0c)

Miscellaneous Chores

deps: bump picomatch from 4.0.3 to 4.0.4 (#22027) (7e56003)

Tests

html: add tests for getCssFilesForChunk (#22016) (43fbbf9)

8.0.2 (2026-03-23)

Features

update rolldown to 1.0.0-rc.11 (#21998) (ff91c31)

Bug Fixes

deps: update all non-major dependencies (#21988) (9b7d150)

Miscellaneous Chores

deps: update dependency @vitejs/devtools to ^0.1.5 (#21992) (b2dd65b)

Commits

6a34ac3 fix(deps): update all non-major dependencies (#21096)
02ceaec chore(deps): update dependency @rollup/plugin-commonjs to v29 (#21099)
572aaca release: v7.2.2
728c8ee fix: revert "refactor: use fs.cpSync (#21019)" (#21081)
a532e68 release: v7.2.1
82d2d6c fix(worker): some worker asset was missing (#21074)
f83264f refactor(build): rename indexOfMatchInSlice to findPreloadMarker (#21054)
8293de0 release: v7.2.0
2833c55 fix(types): add undefined to optional properties for exactOptionalProperties ...
e3a6a83 chore(deps): update rolldown-related dependencies (#21047)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 7 updates: | Package | From | To | | --- | --- | --- | | [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint) | `1.56.0` | `1.57.0` | | [turbo](https://github.com/vercel/turborepo) | `2.8.20` | `2.8.21` | | [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.76.0` | `4.78.0` | | [srvx](https://github.com/h3js/srvx) | `0.11.12` | `0.11.13` | | [tsdown](https://github.com/rolldown/tsdown) | `0.21.4` | `0.21.7` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.0` | `4.1.2` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.1` | `8.0.3` | Updates `oxlint` from 1.56.0 to 1.57.0 - [Release notes](https://github.com/oxc-project/oxc/releases) - [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md) - [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.57.0/npm/oxlint) Updates `turbo` from 2.8.20 to 2.8.21 - [Release notes](https://github.com/vercel/turborepo/releases) - [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md) - [Commits](vercel/turborepo@v2.8.20...v2.8.21) Updates `wrangler` from 4.76.0 to 4.78.0 - [Release notes](https://github.com/cloudflare/workers-sdk/releases) - [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.78.0/packages/wrangler) Updates `srvx` from 0.11.12 to 0.11.13 - [Release notes](https://github.com/h3js/srvx/releases) - [Changelog](https://github.com/h3js/srvx/blob/main/CHANGELOG.md) - [Commits](h3js/srvx@v0.11.12...v0.11.13) Updates `tsdown` from 0.21.4 to 0.21.7 - [Release notes](https://github.com/rolldown/tsdown/releases) - [Commits](rolldown/tsdown@v0.21.4...v0.21.7) Updates `vitest` from 4.1.0 to 4.1.2 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/vitest) Updates `vite` from 8.0.1 to 8.0.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.3/packages/vite) --- updated-dependencies: - dependency-name: oxlint dependency-version: 1.57.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: turbo dependency-version: 2.8.21 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: wrangler dependency-version: 4.78.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: srvx dependency-version: 0.11.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: tsdown dependency-version: 0.21.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: vitest dependency-version: 4.1.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: vite dependency-version: 8.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 29, 2026

uhyo merged commit fba3c30 into master Mar 29, 2026
2 checks passed

uhyo deleted the dependabot/npm_and_yarn/minor-and-patch-98dba1f829 branch March 29, 2026 09:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the minor-and-patch group with 7 updates#98

build(deps): bump the minor-and-patch group with 7 updates#98
uhyo merged 1 commit intomasterfrom
dependabot/npm_and_yarn/minor-and-patch-98dba1f829

dependabot bot commented on behalf of github Mar 29, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 29, 2026

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

🐛 Bug Fixes

⚡ Performance

📚 Documentation

Oxfmt v0.12.0

Turborepo v2.8.21

What's Changed

Docs

eslint

@​turbo/repository

Examples

Changelog

wrangler@4.78.0

Minor Changes

v0.11.13

🩹 Fixes

v0.11.13

🩹 Fixes

🏡 Chore

❤️ Contributors

v0.21.7

🚀 Features

🐞 Bug Fixes

View changes on GitHub

v0.21.6

🚀 Features

🐞 Bug Fixes

View changes on GitHub

v0.21.5

🚀 Features

🐞 Bug Fixes

v4.1.2

🐞 Bug Fixes

View changes on GitHub

v4.1.1

🚀 Features

🐞 Bug Fixes

View changes on GitHub

create-vite@8.0.3

v8.0.3

create-vite@8.0.2

v8.0.2

8.0.3 (2026-03-26)

Features

Bug Fixes

Miscellaneous Chores

Tests

8.0.2 (2026-03-23)

Features

Bug Fixes

Miscellaneous Chores

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

`@turbo/repository`