Skip to content

chore(deps): bump the minor-and-patch group with 7 updates #1168

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kulla merged 1 commit into from
Nov 11, 2025
Merged

chore(deps): bump the minor-and-patch group with 7 updates #1168

kulla merged 1 commit into from
Nov 11, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 10, 2025

Bumps the minor-and-patch group with 7 updates:

Package From To
jose 6.1.0 6.1.1
@cloudflare/workers-types 4.20251014.0 4.20251109.0
@sentry/core 10.22.0 10.24.0
@typescript-eslint/eslint-plugin 8.46.3 8.46.4
@typescript-eslint/parser 8.46.3 8.46.4
msw 2.11.6 2.12.1
wrangler 4.45.3 4.46.0

Updates jose from 6.1.0 to 6.1.1

Release notes

Sourced from jose's releases.

v6.1.1

Documentation

  • add link to RFC9864 (767edde)
  • link to ML-DSA for JOSE (ed4252c)
  • remove mention of Edge Runtime from the readme (94fdde7)
  • update README.md (25098ef)

Refactor

  • eliminate named exports in the source code (f6ae30d)
  • expose setKeyManagementParameters also on a GeneralEncrypt Recipient (16e6b23)
  • faster path for symmetric key checks (a44c2ec)
  • improve en/decoding overheads (daee426)
Changelog

Sourced from jose's changelog.

6.1.1 (2025-11-09)

Documentation

  • add link to RFC9864 (767edde)
  • link to ML-DSA for JOSE (ed4252c)
  • remove mention of Edge Runtime from the readme (94fdde7)
  • update README.md (25098ef)

Refactor

  • eliminate named exports in the source code (f6ae30d)
  • expose setKeyManagementParameters also on a GeneralEncrypt Recipient (16e6b23)
  • faster path for symmetric key checks (a44c2ec)
  • improve en/decoding overheads (daee426)
Commits
  • 37f40af chore(release): 6.1.1
  • 16e6b23 refactor: expose setKeyManagementParameters also on a GeneralEncrypt Recipient
  • daee426 refactor: improve en/decoding overheads
  • 767edde docs: add link to RFC9864
  • d7fe1d9 chore: bump packages
  • ed4252c docs: link to ML-DSA for JOSE
  • 25098ef docs: update README.md
  • c55958d chore: bump packages
  • 9b653ef chore: bump packages
  • 337d34d chore(deps-dev): bump tar from 7.5.1 to 7.5.2 (#823)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for jose since your current version.


Updates @cloudflare/workers-types from 4.20251014.0 to 4.20251109.0

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​cloudflare/workers-types since your current version.


Updates @sentry/core from 10.22.0 to 10.24.0

Release notes

Sourced from @​sentry/core's releases.

10.24.0

Important Changes

  • feat(metrics): Add top level option enableMetrics and beforeSendMetric (#18088)

    This PR moves enableMetrics and beforeSendMetric out of the _experiments options. The metrics feature will now be enabled by default (none of our integrations will auto-emit metrics as of now), but you can disable sending metrics via enableMetrics: false. Metric options within _experiments got deprecated but will still work as of now, they will be removed with the next major version of our SDKs.

Other Changes

  • feat(aws): Add SENTRY_LAYER_EXTENSION to configure using the lambda layer extension via env variables (#18101)
  • feat(core): Include all exception object keys instead of truncating (#18044)
  • feat(metrics)!: Update types (#17907)
  • feat(replay): ignore background-image when blockAllMedia is enabled (#18019)
  • fix(nextjs): Delete css map files (#18131)
  • fix(nextjs): Stop accessing sync props in template (#18113)
  • chore: X handle update (#18117)
  • chore(eslint): Add eslint-plugin-regexp rule (dev-packages) (#18063)
  • test(next): fix flakey tests (#18100)
  • test(node-core): Proof that withMonitor doesn't create a new trace (#18057)

Bundle size 📦

Path Size
@​sentry/browser 24.02 KB
@​sentry/browser - with treeshaking flags 22.54 KB
@​sentry/browser (incl. Tracing) 40.26 KB
@​sentry/browser (incl. Tracing, Profiling) 44.43 KB
@​sentry/browser (incl. Tracing, Replay) 77.83 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags 67.75 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) 82.42 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) 94.3 KB
@​sentry/browser (incl. Feedback) 40.3 KB
@​sentry/browser (incl. sendFeedback) 28.58 KB
@​sentry/browser (incl. FeedbackAsync) 33.39 KB
@​sentry/react 25.68 KB
@​sentry/react (incl. Tracing) 42.2 KB
@​sentry/vue 28.39 KB
@​sentry/vue (incl. Tracing) 41.99 KB
@​sentry/svelte 24.03 KB
CDN Bundle 26.26 KB
CDN Bundle (incl. Tracing) 40.79 KB
CDN Bundle (incl. Tracing, Replay) 76.46 KB

... (truncated)

Changelog

Sourced from @​sentry/core's changelog.

10.24.0

Important Changes

  • feat(metrics): Add top level option enableMetrics and beforeSendMetric (#18088)

    This PR moves enableMetrics and beforeSendMetric out of the _experiments options. The metrics feature will now be enabled by default (none of our integrations will auto-emit metrics as of now), but you can disable sending metrics via enableMetrics: false. Metric options within _experiments got deprecated but will still work as of now, they will be removed with the next major version of our SDKs.

Other Changes

  • feat(aws): Add SENTRY_LAYER_EXTENSION to configure using the lambda layer extension via env variables (#18101)
  • feat(core): Include all exception object keys instead of truncating (#18044)
  • feat(metrics)!: Update types (#17907)
  • feat(replay): ignore background-image when blockAllMedia is enabled (#18019)
  • fix(nextjs): Delete css map files (#18131)
  • fix(nextjs): Stop accessing sync props in template (#18113)
  • chore: X handle update (#18117)
  • chore(eslint): Add eslint-plugin-regexp rule (dev-packages) (#18063)
  • test(next): fix flakey tests (#18100)
  • test(node-core): Proof that withMonitor doesn't create a new trace (#18057)

10.23.0

  • feat(core): Send user-agent header with envelope requests in server SDKs (#17929)
  • feat(browser): Limit transport buffer size (#18046)
  • feat(core): Remove default value of maxValueLength: 250 (#18043)
  • feat(react-router): Align options with shared build time options type (#18014)
  • fix(browser-utils): cache element names for INP (#18052)
  • fix(browser): Capture unhandled rejection errors for web worker integration (#18054)
  • fix(cloudflare): Ensure types for cloudflare handlers (#18064)
  • fix(nextjs): Update proxy template wrapping (#18086)
  • fix(nuxt): Added top-level fallback exports (#18083)
  • fix(nuxt): check for H3 error cause before re-capturing (#18035)
  • fix(replay): Linked errors not resetting session id (#17854)
  • fix(tracemetrics): Bump metrics buffer to 1k (#18039)
  • fix(vue): Make options parameter optional on attachErrorHandler (#18072)
  • ref(core): Set span status internal_error instead of unknown_error (#17909)
  • fix(tests): un-override nitro dep version for nuxt-3 test (#18056)
  • fix(e2e): Add p-map override to fix React Router 7 test builds (#18068)

... (truncated)

Commits
  • 907546f release: 10.24.0
  • e861b4f Merge pull request #18133 from getsentry/prepare-release/10.24.0
  • 0054094 meta(changelog): Update changelog for 10.24.0
  • 10211f4 fix(nextjs): Delete css map files (#18131)
  • d26e1a9 feat(aws): Add SENTRY_LAYER_EXTENSION to configure using the lambda layer e...
  • d4a2b2b test(next): fix flakey tests (#18100)
  • 27af12e fix(nextjs): Stop accessing sync props in template (#18113)
  • 296e860 chore: X handle update (#18117)
  • c2530dd feat(metrics): Add top level option enableMetrics and beforeSendMetric (#...
  • ad870cf feat(metrics)!: Update types (#17907)
  • Additional commits viewable in compare view

Updates @typescript-eslint/eslint-plugin from 8.46.3 to 8.46.4

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

  • eslint-plugin: [no-deprecated] fix double-report on computed literal identifiers (#11006, #10958)
  • eslint-plugin: handle override modifier in promise-function-async fixer (#11730)
  • parser: error when both projectService and project are set (#11333)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.46.4 (2025-11-10)

🩹 Fixes

  • parser: error when both projectService and project are set (#11333)
  • eslint-plugin: handle override modifier in promise-function-async fixer (#11730)
  • eslint-plugin: [no-deprecated] fix double-report on computed literal identifiers (#11006, #10958)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Commits
  • 843f144 chore(release): publish 8.46.4
  • 997e0c0 fix(parser): error when both projectService and project are set (#11333)
  • 7c6944e chore: fix typos (#11744)
  • 189a7f7 fix(eslint-plugin): handle override modifier in promise-function-async fixer ...
  • c779f3c fix(eslint-plugin): [no-deprecated] fix double-report on computed literal ide...
  • ea2ee6b chore(eslint-plugin): use correct type for return type of createValidator (...
  • See full diff in compare view

Updates @typescript-eslint/parser from 8.46.3 to 8.46.4

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

  • eslint-plugin: [no-deprecated] fix double-report on computed literal identifiers (#11006, #10958)
  • eslint-plugin: handle override modifier in promise-function-async fixer (#11730)
  • parser: error when both projectService and project are set (#11333)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.46.4 (2025-11-10)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates msw from 2.11.6 to 2.12.1

Release notes

Sourced from msw's releases.

v2.12.1 (2025-11-09)

Bug Fixes

  • setupWorker: fix response init in response:* events (#2621) (7f48f21189f1c04349890bb8523f772f6ae9eb08) @​jbms

v2.12.0 (2025-11-05)

Features

Commits

Updates wrangler from 4.45.3 to 4.46.0

Release notes

Sourced from wrangler's releases.

wrangler@4.46.0

Minor Changes

  • #11183 240ebeb Thanks @​dario-piotrowicz! - expose experimental_getDetailsForAutoConfig and experimental_runAutoConfig APIs that provide respectively the autoconfig detection and execution functionalities

  • #11180 53b0fce Thanks @​penalosa! - Detect non-framework static sites

  • #11162 c3ed531 Thanks @​dario-piotrowicz! - add a remoteBindings option to getPlatformProxy to allow the disabling of remote bindings

  • #11164 305d7bf Thanks @​penalosa! - Implement experimental autoconfig flow for static sites

  • #10605 b55a3c7 Thanks @​emily-shen! - Add command to configure credentials for non-Cloudflare container registries

    Note this is a closed/experimental command that will not work without the appropriate account-level capabilities.

  • #11078 5d7c4c2 Thanks @​simonha9! - Add jurisdiction support to d1 db creation via command-line argument

Patch Changes

  • #11160 05440a1 Thanks @​dario-piotrowicz! - Allows auto-update of the local Wrangler configuration file to match remote configuration when running wrangler deploy --env <TARGET_ENV>

    When running wrangler deploy, with --x-remote-diff-check and after cancelling the deployment due to destructive changes present in the local config file, Wrangler offers to update the Wrangler configuration file to match the remote configuration. This wasn't however enabled when a target environment was specified (via the --env|-e flag). Now this will also apply when an environment is targeted.

  • #11162 c3ed531 Thanks @​dario-piotrowicz! - Update the description of the --local flag for the wrangler dev command to clarify that it disables remote bindings, also un-deprecate and un-hide it

  • #11162 c3ed531 Thanks @​dario-piotrowicz! - Fix bindings with remote: true being logged as remote when run via wrangler dev --local

  • Updated dependencies [1ae020d]:

    • miniflare@4.20251105.0

wrangler@4.45.4

Patch Changes

  • #11133 8ffbd17 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

    Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

  • #11033 77ed7e2 Thanks @​dario-piotrowicz! - Offer to update the local Wrangler configuration file to match remote configuration when running wrangler deploy

    When running wrangler deploy, with --x-remote-diff-check, Wrangler will display the difference between local and remote configuration. If there would be a destructive change to the remote configuration, the user is given the option to cancel the deployment. In the case where the user does cancel deployment, Wrangler will now also offer to update the local Wrangler configuration file to match the remote configuration.

  • #11139 bb00f9d Thanks @​devin-ai-integration! - Updated cron trigger documentation links and improved error message to include instructions for testing cron triggers locally

  • #11135 ed666a1 Thanks @​penalosa! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

  • #11149 22f25fd Thanks @​penalosa! - Add no-op autoconfig logic behind an experimental flag

... (truncated)

Changelog

Sourced from wrangler's changelog.

4.46.0

Minor Changes

  • #11183 240ebeb Thanks @​dario-piotrowicz! - expose experimental_getDetailsForAutoConfig and experimental_runAutoConfig APIs that provide respectively the autoconfig detection and execution functionalities

  • #11180 53b0fce Thanks @​penalosa! - Detect non-framework static sites

  • #11162 c3ed531 Thanks @​dario-piotrowicz! - add a remoteBindings option to getPlatformProxy to allow the disabling of remote bindings

  • #11164 305d7bf Thanks @​penalosa! - Implement experimental autoconfig flow for static sites

  • #10605 b55a3c7 Thanks @​emily-shen! - Add command to configure credentials for non-Cloudflare container registries

    Note this is a closed/experimental command that will not work without the appropriate account-level capabilities.

  • #11078 5d7c4c2 Thanks @​simonha9! - Add jurisdiction support to d1 db creation via command-line argument

Patch Changes

  • #11160 05440a1 Thanks @​dario-piotrowicz! - Allows auto-update of the local Wrangler configuration file to match remote configuration when running wrangler deploy --env <TARGET_ENV>

    When running wrangler deploy, with --x-remote-diff-check and after cancelling the deployment due to destructive changes present in the local config file, Wrangler offers to update the Wrangler configuration file to match the remote configuration. This wasn't however enabled when a target environment was specified (via the --env|-e flag). Now this will also apply when an environment is targeted.

  • #11162 c3ed531 Thanks @​dario-piotrowicz! - Update the description of the --local flag for the wrangler dev command to clarify that it disables remote bindings, also un-deprecate and un-hide it

  • #11162 c3ed531 Thanks @​dario-piotrowicz! - Fix bindings with remote: true being logged as remote when run via wrangler dev --local

  • Updated dependencies [1ae020d]:

    • miniflare@4.20251105.0

4.45.4

Patch Changes

  • #11133 8ffbd17 Thanks @​petebacondarwin! - Reduce the amount of arguments being passed in metrics capture.

    Now the argument values that are captured come from an allow list, and can be marked as ALLOW (capture the real value) or REDACT (capture as "").

  • #11033 77ed7e2 Thanks @​dario-piotrowicz! - Offer to update the local Wrangler configuration file to match remote configuration when running wrangler deploy

    When running wrangler deploy, with --x-remote-diff-check, Wrangler will display the difference between local and remote configuration. If there would be a destructive change to the remote configuration, the user is given the option to cancel the deployment. In the case where the user does cancel deployment, Wrangler will now also offer to update the local Wrangler configuration file to match the remote configuration.

  • #11139 bb00f9d Thanks @​devin-ai-integration! - Updated cron trigger documentation links and improved error message to include instructions for testing cron triggers locally

  • #11135 ed666a1 Thanks @​penalosa! - Implement tail-based logging for wrangler dev remote mode, behind the --x-tail-tags flag. This will become the default in the future.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the minor-and-patch group with 7 updates
133b799 
Bumps the minor-and-patch group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [jose](https://github.com/panva/jose) | `6.1.0` | `6.1.1` |
| [@cloudflare/workers-types](https://github.com/cloudflare/workerd) | `4.20251014.0` | `4.20251109.0` |
| [@sentry/core](https://github.com/getsentry/sentry-javascript) | `10.22.0` | `10.24.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.46.3` | `8.46.4` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.46.3` | `8.46.4` |
| [msw](https://github.com/mswjs/msw) | `2.11.6` | `2.12.1` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.45.3` | `4.46.0` |


Updates `jose` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v6.1.0...v6.1.1)

Updates `@cloudflare/workers-types` from 4.20251014.0 to 4.20251109.0
- [Release notes](https://github.com/cloudflare/workerd/releases)
- [Changelog](https://github.com/cloudflare/workerd/blob/main/Dockerfile.release)
- [Commits](https://github.com/cloudflare/workerd/commits)

Updates `@sentry/core` from 10.22.0 to 10.24.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@10.22.0...10.24.0)

Updates `@typescript-eslint/eslint-plugin` from 8.46.3 to 8.46.4
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.4/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.46.3 to 8.46.4
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.4/packages/parser)

Updates `msw` from 2.11.6 to 2.12.1
- [Release notes](https://github.com/mswjs/msw/releases)
- [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md)
- [Commits](mswjs/msw@v2.11.6...v2.12.1)

Updates `wrangler` from 4.45.3 to 4.46.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.46.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: jose
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@cloudflare/workers-types"
  dependency-version: 4.20251109.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@sentry/core"
  dependency-version: 10.24.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.46.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.46.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: msw
  dependency-version: 2.12.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: wrangler
  dependency-version: 4.46.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 10, 2025
@kulla kulla merged commit 2311ad3 into staging Nov 11, 2025
5 checks passed
@kulla kulla deleted the dependabot/npm_and_yarn/minor-and-patch-ac919d1c53 branch November 11, 2025 10:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kulla kulla kulla approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kulla