Skip to content

chore(deps): bump the npm group across 1 directory with 9 updates#115

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-3ee3e6916b
Open

chore(deps): bump the npm group across 1 directory with 9 updates#115
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-3ee3e6916b

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm group with 9 updates in the / directory:

Package From To
@types/node 25.9.1 26.1.1
esbuild 0.28.0 0.28.1
eslint 10.4.1 10.7.0
typescript 6.0.3 7.0.2
typescript-eslint 8.60.0 8.63.0
vitest 4.1.8 4.1.10
@aws-sdk/client-cloudfront 3.1057.0 3.1085.0
@aws-sdk/client-sts 3.1057.0 3.1085.0
uuid 14.0.0 14.0.1

Updates @types/node from 25.9.1 to 26.1.1

Commits

Updates esbuild from 0.28.0 to 0.28.1

Release notes

Sourced from esbuild's releases.

v0.28.1

  • Disallow \ in local development server HTTP requests (GHSA-g7r4-m6w7-qqqr)

    This release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \ backslash character. It happened due to the use of Go's path.Clean() function, which only handles Unix-style / characters. HTTP requests with paths containing \ are no longer allowed.

    Thanks to @​dellalibera for reporting this issue.

  • Add integrity checks to the Deno API (GHSA-gv7w-rqvm-qjhr)

    The previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.

    Note that esbuild's Deno API installs from registry.npmjs.org by default, but allows the NPM_CONFIG_REGISTRY environment variable to override this with a custom package registry. This change means that the esbuild executable served by NPM_CONFIG_REGISTRY must now match the expected content.

    Thanks to @​sondt99 for reporting this issue.

  • Avoid inlining using and await using declarations (#4482)

    Previously esbuild's minifier sometimes incorrectly inlined using and await using declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for let and const declarations by avoiding doing it for var declarations, which no longer worked when more declaration types were added. Here's an example:

    // Original code
    {
      using x = new Resource()
      x.activate()
    }
    // Old output (with --minify)
    new Resource().activate();
    // New output (with --minify)
    {using e=new Resource;e.activate()}

  • Fix module evaluation when an error is thrown (#4461, #4467)

    If an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if import() or require() is used to import a module multiple times. The thrown error is supposed to be thrown by every call to import() or require(), not just the first. With this release, esbuild will now throw the same error every time you call import() or require() on a module that throws during its evaluation.

  • Fix some edge cases around the new operator (#4477)

    Previously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a new expression (specifically an optional chain and/or a tagged template literal). The generated code for the new target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the new target in parentheses. Here is an example of some affected code:

    // Original code
    new (foo()`bar`)()
    new (foo()?.bar)()
    // Old output
    new foo()bar();
    new (foo())?.bar();

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.28.1

  • Disallow \ in local development server HTTP requests (GHSA-g7r4-m6w7-qqqr)

    This release fixes a security issue where HTTP requests to esbuild's local development server could traverse outside of the serve directory on Windows using a \ backslash character. It happened due to the use of Go's path.Clean() function, which only handles Unix-style / characters. HTTP requests with paths containing \ are no longer allowed.

    Thanks to @​dellalibera for reporting this issue.

  • Add integrity checks to the Deno API (GHSA-gv7w-rqvm-qjhr)

    The previous release of esbuild added integrity checks to esbuild's npm install script. This release also adds integrity checks to esbuild's Deno install script. Now esbuild's Deno API will also fail with an error if the downloaded esbuild binary contains something other than the expected content.

    Note that esbuild's Deno API installs from registry.npmjs.org by default, but allows the NPM_CONFIG_REGISTRY environment variable to override this with a custom package registry. This change means that the esbuild executable served by NPM_CONFIG_REGISTRY must now match the expected content.

    Thanks to @​sondt99 for reporting this issue.

  • Avoid inlining using and await using declarations (#4482)

    Previously esbuild's minifier sometimes incorrectly inlined using and await using declarations into subsequent uses of that declaration, which then fails to dispose of the resource correctly. This bug happened because inlining was done for let and const declarations by avoiding doing it for var declarations, which no longer worked when more declaration types were added. Here's an example:

    // Original code
    {
      using x = new Resource()
      x.activate()
    }
    // Old output (with --minify)
    new Resource().activate();
    // New output (with --minify)
    {using e=new Resource;e.activate()}

  • Fix module evaluation when an error is thrown (#4461, #4467)

    If an error is thrown during module evaluation, esbuild previously didn't preserve the state of the module for subsequent module references. This was observable if import() or require() is used to import a module multiple times. The thrown error is supposed to be thrown by every call to import() or require(), not just the first. With this release, esbuild will now throw the same error every time you call import() or require() on a module that throws during its evaluation.

  • Fix some edge cases around the new operator (#4477)

    Previously esbuild incorrectly printed certain edge cases involving complex expressions inside the target of a new expression (specifically an optional chain and/or a tagged template literal). The generated code for the new target was not correctly wrapped with parentheses, and either contained a syntax error or had different semantics. These edge cases have been fixed so that they now correctly wrap the new target in parentheses. Here is an example of some affected code:

    // Original code
    new (foo()`bar`)()
    new (foo()?.bar)()
    // Old output
    new foo()bar();
    new (foo())?.bar();

... (truncated)

Commits

Updates eslint from 10.4.1 to 10.7.0

Release notes

Sourced from eslint's releases.

v10.7.0

Features

  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032) (sethamus)
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063) (fnx)
  • 557fde8 feat: support computed Number.parseInt member access in radix rule (#21041) (Pixel)
  • 0b4a73b feat: add suggestions to no-compare-neg-zero (#21034) (den$)
  • 96cdd42 feat: report invalid signed numeric radix values in radix rule (#21030) (Pixel)

Bug Fixes

  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069) (Pixel)
  • 0d7d70c fix: insert cause outside wrapping parens in preserve-caught-error (#21062) (Mahin Anowar)
  • 75ec753 fix: handle static template literals in eqeqeq rule (#21058) (Pixel)
  • b717a22 fix: prevent eqeqeq null option from reporting non-equality operators (#21057) (Pixel)
  • e35b05f fix: avoid no-invalid-regexp false positive for shadowed RegExp (#21051) (Pixel)
  • a3172b6 fix: avoid no-control-regex false positive for shadowed RegExp (#21050) (Pixel)
  • d1f637e fix: parenthesize sequence expression operands in no-implicit-coercion (#21045) (spokodev)
  • 8859baf fix: avoid prefer-numeric-literals false positive for shadowed globals (#21047) (한국)
  • a9e5961 fix: use-isnan false positive on shadowed NaN/Number (#20958) (sethamus)
  • 8a240a7 fix: avoid false positives in radix rule for spread arguments (#21044) (Pixel)

Documentation

  • c30d808 docs: Update README (GitHub Actions Bot)
  • 5139800 docs: document ESLint migration codemods in v9 and v10 guides (#20980) (Alex Bit)
  • 04174cb docs: Update README (GitHub Actions Bot)
  • 026e130 docs: update semver policy for bug fixes (#21048) (Milos Djermanovic)
  • 9d42fef docs: Update README (GitHub Actions Bot)
  • b230159 docs: Update README (GitHub Actions Bot)
  • 0129972 docs: correct **/.js glob to **/*.js in config files guide (#21036) (EduardF1)

Chores

  • 9489379 chore: update dependency @​eslint/eslintrc to ^3.3.6 (#21076) (renovate[bot])
  • 81a4774 chore: updates for v9.39.5 release (Jenkins)
  • 9835414 chore: enable $ExpectType annotations in all TypeScript files (#21071) (Francesco Trotta)
  • 72adf6b chore: restrict markdownlint-cli2 updates in renovate (#21067) (lumir)
  • 833ec10 chore: update dependency prettier to v3.9.4 (#21061) (renovate[bot])
  • 7ea106d chore: update ecosystem plugins (#21059) (ESLint Bot)
  • 8fb550e chore: add prettier update commit to .git-blame-ignore-revs (#21056) (lumir)
  • e4e1166 chore: update dependency prettier to v3.9.1 (#21055) (renovate[bot])
  • 0493f53 chore: update prettier to v3.9.0 (#21054) (Pixel)
  • 1056a99 chore: update dependency prettier to v3.8.5 (#21049) (renovate[bot])
  • 4d4155d ci: run ecosystem tests on pull requests (#21027) (sethamus)
  • 993539f chore: update dependency @​eslint/json to ^2.0.1 (#21042) (renovate[bot])
  • 53f8b69 test: add error locations to no-constant-binary-expression (#21039) (lumir)
  • 5ab71d5 refactor: clean up radix rule internals (#21015) (Pixel)
  • a80a9a4 chore: update ecosystem plugins (#21035) (ESLint Bot)
  • 7c9a029 ci: add Node.js 26 to CI (#20847) (lumir)

v10.6.0

Features

  • b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981) (Taejin Kim)

... (truncated)

Commits
  • fabd99b 10.7.0
  • 37c5e75 Build: changelog update for 10.7.0
  • 9489379 chore: update dependency @​eslint/eslintrc to ^3.3.6 (#21076)
  • 81a4774 chore: updates for v9.39.5 release
  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069)
  • 9835414 chore: enable $ExpectType annotations in all TypeScript files (#21071)
  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032)
  • c30d808 docs: Update README
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063)
  • 72adf6b chore: restrict markdownlint-cli2 updates in renovate (#21067)
  • Additional commits viewable in compare view

Updates typescript from 6.0.3 to 7.0.2

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for typescript since your current version.


Updates typescript-eslint from 8.60.0 to 8.63.0

Release notes

Sourced from typescript-eslint's releases.

v8.63.0

8.63.0 (2026-07-06)

🚀 Features

  • eslint-plugin: [no-misused-promises] detect async usage of a sync dispose usage (#12426)

🩹 Fixes

  • eslint-plugin: [method-signature-style] suggest converting readonly function properties instead of emitting invalid syntax (#12447, #12446)
  • eslint-plugin: [no-unnecessary-type-assertion] handle optional-chained calls to overloaded functions (#12491, #12485)
  • eslint-plugin: [no-base-to-string] don't flag a shadowed String() call (#12492)
  • scope-manager: export ClassStaticBlockScope (#12460)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.62.1

8.62.1 (2026-06-29)

🩹 Fixes

  • eslint-plugin: [prefer-optional-chain] use suggestion instead of autofix for trailing binary operator (#12328)
  • eslint-plugin: [no-unnecessary-boolean-literal-compare] preserve boolean result in fixer for nullable true comparisons (#12365)
  • eslint-plugin: [no-unnecessary-type-assertion] parenthesize object literal at left edge of expression statement (#12443, #12418)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.62.0

8.62.0 (2026-06-22)

🚀 Features

... (truncated)

Changelog

Sourced from typescript-eslint's changelog.

8.63.0 (2026-07-06)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.62.1 (2026-06-29)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.62.0 (2026-06-22)

🚀 Features

  • remove redundant package.json "files" (#12444)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.61.1 (2026-06-15)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.61.0 (2026-06-08)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.60.1 (2026-06-01)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

... (truncated)

Commits

Updates vitest from 4.1.8 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub

v4.1.9

🐞 Bug Fixes

View changes on GitHub
Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • a7a61e7 chore: release v4.1.9 (#10598)
  • 934b0f5 fix(pool): prevent test run hang on worker crash (#10543) [backport to v4] (#...
  • 7fb2965 fix(browser): wait for orchestrator readiness before resolving browser sessio...
  • a518019 fix: fix importOriginal with optimizer and query import [backport to v4] (#...
  • See full diff in compare view

Updates @aws-sdk/client-cloudfront from 3.1057.0 to 3.1085.0

Release notes

Sourced from @​aws-sdk/client-cloudfront's releases.

v3.1085.0

3.1085.0(2026-07-10)

New Features
  • clients: update client endpoints as of 2026-07-10 (dffbeab0)
  • client-quicksight: Provides CreateKnowledgeBase and UpdateKnowledgeBase APIs (42de5523)
  • client-inspector2: Support for 3 day and 7 day ECR re-scan durations (4b0b5c86)
  • client-lambda: Added TelemetryConfig support for Managed Instances Capacity Provider, enabling customers to configure system log level and custom log group for managed instance logging. (63388139)
  • client-sagemaker: Release support for g4d, c6g, c7g, c8g instance types for SageMaker HyperPod (800976de)
  • client-ec2: New Amazon EC2 instances. M9g, M9gd, C9g, and C9gd on AWS Graviton5. C8in, M8in, and R8in add 600 Gbps network. C8ib, M8ib, and R8ib add 300 Gbps EBS. C8ine, M8ine, M8idn, R8idn, M8idb, and R8idb round out Intel Xeon 6. Mac-m3ultra with Apple M3 Ultra. G7 with NVIDIA RTX PRO 4500 Blackwell GPUs. (35aaf387)
  • client-license-manager: Added the ResetUsage field to the CreateLicenseVersion API. When set to true, the entitlement usage counts for the license are reset to 0. If it is false or not specified, entitlement usage is left unchanged. (52f1c9c0)
  • client-cloudwatch: CloudWatch now assigns a unique identifier to each anomaly detector. PutAnomalyDetector and DescribeAnomalyDetectors return this AnomalyDetectorId, which you can use to describe or delete a specific anomaly detector directly. (36fc0ee5)

For list of updated packages, view updated-packages.md in assets-3.1085.0.zip

v3.1084.0

3.1084.0(2026-07-09)

New Features
  • client-connect: Amazon Connect - Added DeleteContactData API to support PII deletion of customer endpoint, additional email recipients and email subject. (87f4ae0e)
  • client-guardduty: Adding "AI Analyst" enum value for detector (20518a4f)
  • client-synthetics: CloudWatch Synthetics adds support for customer managed KMS keys for canary environment variables. Customers can now encrypt their canary's Lambda function environment variables at rest using their own AWS KMS key, providing additional control over data protection. (c7379151)
  • client-ec2: Added support for additional override parameters in CreateFleet, including LaunchTemplateSpecificationUserData, KeyName, IamInstanceProfile, and MetadataOptions. The CreateFleet response now also includes SubnetId, AvailabilityZone, and AvailabilityZoneId for launched instances. (6fcc95d1)
  • client-ivs: adds support for AWS IVS ad configuration APIs to allow for a postRollConfiguration object on the ad configuration resource (7dd93c48)
Tests
  • client-kinesis: aggregate HTTP/2 sessions across all endpoint pools (#8181) (84b2b62c)

For list of updated packages, view updated-packages.md in assets-3.1084.0.zip

v3.1083.0

3.1083.0(2026-07-08)

Chores
  • core/client: remove TypeScript version user-agent metric (#8177) (9d72bc29)
New Features
  • client-signin: Adds support for OAuth 2.0 token operations in AWS Sign-In, CreateOAuth2TokenWithIAM (client credentials flow), IntrospectOAuth2TokenWithIAM (token inspection), and RevokeOAuth2TokenWithIAM (token revocation). (bc64f6b2)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-cloudfront's changelog.

3.1085.0 (2026-07-10)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.1084.0 (2026-07-09)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.1083.0 (2026-07-08)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.1082.0 (2026-07-08)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.1081.0 (2026-07-07)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.1080.0 (2026-07-06)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.1079.0 (2026-07-02)

... (truncated)

Commits

Updates @aws-sdk/client-sts from 3.1057.0 to 3.1085.0

Release notes

Sourced from @​aws-sdk/client-sts's releases.

v3.1085.0

3.1085.0(2026-07-10)

New Features
  • clients: update client endpoints as of 2026-07-10 (dffbeab0)
  • client-quicksight: Provides CreateKnowledgeBase and UpdateKnowledgeBase APIs (42de5523)
  • client-inspector2: Support for 3 day and 7 day ECR re-scan durations (4b0b5c86)
  • client-lambda: Added TelemetryConfig support for Managed Instances Capacity Provider, enabling customers to configure system log level and custom log group for managed instance logging. (63388139)
  • client-sagemaker: Release support for g4d, c6g, c7g, c8g instance types for SageMaker HyperPod (800976de)
  • client-ec2: New Amazon EC2 instances. M9g, M9gd, C9g, and C9gd on AWS Graviton5. C8in, M8in, and R8in add 600 Gbps network. C8ib, M8ib, and R8ib add 300 Gbps EBS. C8ine, M8ine, M8idn, R8idn, M8idb, and R8idb round out Intel Xeon 6. Mac-m3ultra with Apple M3 Ultra. G7 with NVIDIA RTX PRO 4500 Blackwell GPUs. (35aaf387)
  • client-license-manager: Added the ResetUsage field to the CreateLicenseVersion API. When set to true, the entitlement usage counts for the license are reset to 0. If it is false or not specified, entitlement usage is left unchanged. (52f1c9c0)
  • client-cloudwatch: CloudWatch now assigns a unique identifier to each anomaly detector. PutAnomalyDetector and DescribeAnomalyDetectors return this AnomalyDetectorId, which you can use to describe or delete a specific anomaly detector directly. (36fc0ee5)

For list of updated packages, view updated-packages.md in assets-3.1085.0.zip

v3.1084.0

3.1084.0(2026-07-09)

New Features
  • client-connect: Amazon Connect - Added DeleteContactData API to support PII deletion of customer endpoint, additional email recipients and email subject. (87f4ae0e)
  • client-guardduty: Adding "AI Analyst" enum value for detector (20518a4f)
  • client-synthetics: CloudWatch Synthetics adds support for customer managed KMS keys for canary environment variables. Customers can now encrypt their canary's Lambda function environment variables at rest using their own AWS KMS key, providing additional control over data protection. (c7379151)
  • client-ec2: Added support for additional override parameters in CreateFleet, including LaunchTemplateSpecificationUserData, KeyName, IamInstanceProfile, and MetadataOptions. The CreateFleet response now also includes SubnetId, AvailabilityZone, and AvailabilityZoneId for launched instances. (6fcc95d1)
  • client-ivs: adds support for AWS IVS ad configuration APIs to allow for a postRollConfiguration object on the ad configuration resource (7dd93c48)
Tests
  • client-kinesis: aggregate HTTP/2 sessions across all endpoint pools (#8181) (84b2b62c)

For list of updated packages, view updated-packages.md in assets-3.1084.0.zip

v3.1083.0

3.1083.0(2026-07-08)

Chores
  • core/client: remove TypeScript version user-agent metric (#8177) (9d72bc29)
New Features
  • client-signin: Adds support for OAuth 2.0 token operations in AWS Sign-In, CreateOAuth2TokenWithIAM (client credentials flow), IntrospectOAuth2TokenWithIAM (token inspection), and RevokeOAuth2TokenWithIAM (token revocation). (bc64f6b2)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-sts's changelog.

3.1085.0 (2026-07-10)

Note: Version bump only for package @​aws-sdk/client-sts

3.1084.0 (2026-07-09)

Note: Version bump only for package @​aws-sdk/client-sts

3.1083.0 (2026-07-08)

Note: Version bump only for package @​aws-sdk/client-sts

3.1082.0 (2026-07-08)

Note: Version bump only for package @​aws-sdk/client-sts

3.1081.0 (2026-07-07)

Note: Version bump only for package @​aws-sdk/client-sts

3.1080.0 (2026-07-06)

Note: Version bump only for package @​aws-sdk/client-sts

3.1079.0 (2026-07-02)

... (truncated)

Commits

Updates uuid from 14.0.0 to 14.0.1

Release notes

Sourced from uuid's releases.

v14.0.1

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
Changelog

Sourced from uuid's changelog.

14.0.1 (2026-06-20)

Bug Fixes

  • add types condition to node export for moduleResolution bundler (#961) (27ffae5)
Commits
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.1` | `26.1.1` |
| [esbuild](https://github.com/evanw/esbuild) | `0.28.0` | `0.28.1` |
| [eslint](https://github.com/eslint/eslint) | `10.4.1` | `10.7.0` |
| [typescript](https://github.com/microsoft/TypeScript) | `6.0.3` | `7.0.2` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.60.0` | `8.63.0` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.8` | `4.1.10` |
| [@aws-sdk/client-cloudfront](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-cloudfront) | `3.1057.0` | `3.1085.0` |
| [@aws-sdk/client-sts](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-sts) | `3.1057.0` | `3.1085.0` |
| [uuid](https://github.com/uuidjs/uuid) | `14.0.0` | `14.0.1` |



Updates `@types/node` from 25.9.1 to 26.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `esbuild` from 0.28.0 to 0.28.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.28.0...v0.28.1)

Updates `eslint` from 10.4.1 to 10.7.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.4.1...v10.7.0)

Updates `typescript` from 6.0.3 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

Updates `typescript-eslint` from 8.60.0 to 8.63.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.63.0/packages/typescript-eslint)

Updates `vitest` from 4.1.8 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

Updates `@aws-sdk/client-cloudfront` from 3.1057.0 to 3.1085.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-cloudfront/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1085.0/clients/client-cloudfront)

Updates `@aws-sdk/client-sts` from 3.1057.0 to 3.1085.0
- [Release notes](https://github.com/aws/aws-sdk-js-v3/releases)
- [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-sts/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.1085.0/clients/client-sts)

Updates `uuid` from 14.0.0 to 14.0.1
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v14.0.0...v14.0.1)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 26.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: esbuild
  dependency-version: 0.28.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint
  dependency-version: 10.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: typescript-eslint
  dependency-version: 8.63.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@aws-sdk/client-cloudfront"
  dependency-version: 3.1085.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@aws-sdk/client-sts"
  dependency-version: 3.1085.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: uuid
  dependency-version: 14.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 11, 2026
@dependabot dependabot Bot requested a review from bryantbiggs as a code owner July 11, 2026 22:53
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants