Skip to content

chore(deps): update node dependencies (major) #794

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
loopingz wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update node dependencies (major) #794

loopingz wants to merge 1 commit into from

Conversation

@loopingz
Copy link
Contributor

@loopingz loopingz commented Jan 14, 2026
edited
Loading

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
@rollup/plugin-commonjs (source) devDependencies major ^28.0.8^29.0.0
@rollup/plugin-commonjs (source) devDependencies major ^28.0.3^29.0.0
@smithy/types (source) devDependencies major ^3.7.2^4.12.0
@types/koa (source) devDependencies major ^2.15.0^3.0.1
@types/node (source) devDependencies major ^22.19.2^25.1.0
@types/node (source) devDependencies major ^22.19.2^25.1.0
@types/node (source) devDependencies major ^22.19.1^25.1.0
@types/node (source) devDependencies major ^22.13.5^25.1.0
@types/node (source) dependencies major ^22.19.2^25.1.0
@types/node (source) devDependencies major ^22.15.0^25.1.0
ansi-escapes dependencies major ^6.2.0^7.2.0
brace-expansion@>=1.0.0 <2.0.0 pnpm.overrides major [^1.1.12^4.0.1](https://renovatebot.com/diffs/npm/brace-expansion@&gt;&#x3D;1.0.0 <2.0.0/1.1.12/4.0.1)
brace-expansion@>=2.0.0 <3.0.0 pnpm.overrides major [^2.0.2^4.0.1](https://renovatebot.com/diffs/npm/brace-expansion@&gt;&#x3D;2.0.0 <3.0.0/2.0.2/4.0.1)
cli-spinners dependencies major ^2.9.1^3.4.0
cross-spawn@<6.0.6 pnpm.overrides major ^6.0.6^7.0.6
debounce dependencies major ^2.2.0^3.0.0
dotenv dependencies major ^16.6.1^17.2.3
eventsource dependencies major ^3.0.6^4.1.0
eventsource-parser dependencies major ^1.1.1^3.0.6
firebase (source, changelog) dependencies major ^10.12.2^12.8.0
glob dependencies major ^11.1.0^13.0.0
glob@>=10.2.0 <10.5.0 pnpm.overrides major [^10.5.0^13.0.0](https://renovatebot.com/diffs/npm/glob@&gt;&#x3D;10.2.0 <10.5.0/10.5.0/13.0.0)
globals devDependencies major ^16.0.0^17.2.0
globals devDependencies major ^16.5.0^17.2.0
jws@>=3.0.0 <3.2.3 pnpm.overrides major [^3.2.3^4.0.1](https://renovatebot.com/diffs/npm/jws@&gt;&#x3D;3.0.0 <3.2.3/3.2.3/4.0.1)
log-update dependencies major ^6.1.0^7.0.2
mocha (source) devDependencies major ^10.2.0^11.7.5
open dependencies major ^10.1.0^11.0.0
ora dependencies major ^8.2.0^9.1.0
p-limit dependencies major ^6.2.0^7.2.0
rimraf devDependencies major ^5.0.5^6.1.2
ts-md5 dependencies major ^1.3.1^2.0.1
tsx (source) devDependencies major ^3.14.0^4.21.0
undici@>=6.0.0 <6.21.3 (source) pnpm.overrides major [^6.23.0^7.19.2](https://renovatebot.com/diffs/npm/undici@&gt;&#x3D;6.0.0 <6.21.3/6.23.0/7.19.2)
zod (source) dependencies major ^3.24.1^4.3.6

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

Release Notes

rollup/plugins (@​rollup/plugin-commonjs)

v29.0.0

2025-10-30

Breaking Changes
smithy-lang/smithy-typescript (@​smithy/types)

v4.12.0

Compare Source

Minor Changes
  • 745867a: encode required member count in structure schemas

v4.11.0

Compare Source

Minor Changes
  • 9ccb841: add static union schema as a new type

v4.10.0

Compare Source

Minor Changes
  • 5a56762: make protocol selection easier

v4.9.0

Compare Source

Minor Changes
  • 3926fd7: set release level for schemas

v4.8.1

Compare Source

Patch Changes

v4.8.0

Compare Source

Minor Changes
  • 8a2a912: remove usage of non-static schema classes

v4.7.1

Compare Source

Patch Changes
  • 052d261: fix ordering of static simple schema type

v4.7.0

Compare Source

Minor Changes
  • 761d89c: undeprecate socketTimeout for node:https requests
  • 7f8af58: generation of static schema

v4.6.0

Compare Source

Minor Changes
  • 45ee67f: update dist-cjs generation to use rollup

v4.5.0

Compare Source

Minor Changes
  • bb7c1c1: schema code size optimizations

v4.4.0

Compare Source

Minor Changes
  • 64cda93: set sideEffects bundler metadata
Patch Changes
  • f884df7: enforce consistent-type-imports

v4.3.2

Compare Source

Patch Changes
  • 64e033f: schema serde: http binding and cbor serializer refactoring

v4.3.1

Compare Source

Patch Changes
  • 358c1ff: fix Command interface compatibility with type transformers

v4.3.0

Compare Source

Minor Changes

v4.2.0

Compare Source

Minor Changes
  • e917e61: enforce singular config object during client instantiation

v4.1.0

Compare Source

Minor Changes
  • 2aff9df: Added middleware support to pagination
  • 000b2ae: allow paginator token fallback to be specified by operation input

v4.0.0

Compare Source

Major Changes
  • 20d99be: major version bump for dropping node16 support
sindresorhus/ansi-escapes (ansi-escapes)

v7.2.0

Compare Source

  • Enable ANSI escape sequences on modern Windows b5d50b8
  • Add tmux support for OSC sequences 6fe0daa

v7.1.1

Compare Source

v7.1.0

Compare Source

v7.0.0

Compare Source

Breaking
Improvements
juliangruber/brace-expansion (brace-expansion@>=1.0.0 <2.0.0)

v4.0.1

Compare Source

v4.0.0

Compare Source

As a precaution to not risk breaking anything with 278132b, this is a new semver major release

v3.0.1

Compare Source

v3.0.0

Compare Source

v2.0.2

Compare Source

v2.0.1

Compare Source

v2.0.0

Compare Source

sindresorhus/cli-spinners (cli-spinners)

v3.4.0

Compare Source

v3.3.0

Compare Source

v3.2.1

Compare Source

v3.2.0

Compare Source

v3.1.0

Compare Source

v3.0.0

Compare Source

Breaking
moxystudio/node-cross-spawn (cross-spawn@<6.0.6)

v7.0.6

Compare Source

v7.0.5

Compare Source

v7.0.4

Compare Source

v7.0.3

Compare Source

v7.0.2

Compare Source

v7.0.1

Compare Source

v7.0.0

Compare Source

⚠ BREAKING CHANGES

  • drop support for Node.js < 8

  • drop support for versions below Node.js 8 (#​125) (16feb53)

sindresorhus/debounce (debounce)

v3.0.0

Compare Source

Breaking
  • Require Node.js 20 32bdae9
  • This package is now pure ESM. Please read this.
  • Removed named export. Only a default export now.
motdotla/dotenv (dotenv)

v17.2.3

Compare Source

Changed
  • Fixed typescript error definition (#​912)

v17.2.2

Compare Source

Added
  • 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

v17.2.1

Compare Source

Changed
  • Fix clickable tip links by removing parentheses (#​897)

v17.2.0

Compare Source

Added
  • Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#​889)
  • Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})
# .env
DOTENV_CONFIG_QUIET=true
HELLO="World"
// index.js
require('dotenv').config()
console.log(`Hello ${process.env.HELLO}`)
$ node index.js
Hello World

or

$ DOTENV_CONFIG_QUIET=true node index.js

v17.1.0

Compare Source

Added
  • Add additional security and configuration tips to the runtime log (#​884)
  • Dim the tips text from the main injection information text
const TIPS = [
  '🔐 encrypt with dotenvx: https://dotenvx.com',
  '🔐 prevent committing .env to code: https://dotenvx.com/precommit',
  '🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
  '🛠️  run anywhere with `dotenvx run -- yourcommand`',
  '⚙️  specify custom .env file path with { path: \'/custom/path/.env\' }',
  '⚙️  enable debug logging with { debug: true }',
  '⚙️  override existing env vars with { override: true }',
  '⚙️  suppress all logs with { quiet: true }',
  '⚙️  write to custom object with { processEnv: myObject }',
  '⚙️  load multiple .env files with { path: [\'.env.local\', \'.env\'] }'
]

v17.0.1

Compare Source

Changed
  • Patched injected log to count only populated/set keys to process.env (#​879)

v17.0.0

Compare Source

Changed
  • Default quiet to false - informational (file and keys count) runtime log message shows by default (#​875)

v16.6.1

Compare Source

Changed
  • Default quiet to true – hiding the runtime log message (#​874)
  • NOTICE: 17.0.0 will be released with quiet defaulting to false. Use config({ quiet: true }) to suppress.
  • And check out the new dotenvx. As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch require('dotenv').config() for require('@&#8203;dotenvx/dotenvx').config().

v16.6.0

Compare Source

Added
  • Default log helpful message [dotenv@16.6.0] injecting env (1) from .env (#​870)
  • Use { quiet: true } to suppress
  • Aligns dotenv more closely with dotenvx.
EventSource/eventsource (eventsource)

v4.1.0

Compare Source

Features
  • declare fetch override support symbol on class (5575122)

v4.0.0

Compare Source

⚠ BREAKING CHANGES
  • FetchLikeInit is now removed. Use
    EventSourceFetchInit.
  • Drop support for Node.js v18, as it is end-of-life.
Features
  • require node.js v20 or higher (91a3a48)
Bug Fixes
  • drop FetchLikeInit type. Use EventSourceFetchInit instead. (6786e46)
rexxars/eventsource-parser (eventsource-parser)

v3.0.6

Compare Source

Bug Fixes
  • reintroduce explicit support for node 18 (d845cef)

v3.0.5

Compare Source

Bug Fixes
  • types: use exact optional property types (a763097)

v3.0.3

Compare Source

Bug Fixes
  • reintroduce legacy exports for stream module (6be2292)

v3.0.2

Compare Source

Bug Fixes
  • drop legacy module export, use shared esm (26ccc1c)

v3.0.1

Compare Source

Bug Fixes
  • optimize splitLines function (8952917)
  • throw helpful error if passing function to createParser() (4cd3a44)

v3.0.0

Compare Source

⚠ BREAKING CHANGES

  • The parser now takes an object of callbacks instead of an onParse callback. This means you do not have to check the type of the event in the onEvent callback, but instead provide separate callbacks for each event type.

  • The ParsedEvent type has been renamed to EventSourceMessage and the type attribute has been removed.

  • The EventSourceCallback type has been removed in favor of the ParserCallbacks interface.

  • The ReconnectInterval type has been removed in favor of providing the interval directly to the onRetry callback.

  • The ParseEvent type has been removed in favor of providing separate callbacks for each event type.

  • The parser has been rewritten to be more specification compliant. Certain rare edge cases may now be handled differently. Mixed CRLF and LF line endings will now be handled correctly. retry fields now have to be completely valid integers to be parsed.

Features
  • provide onError, onComment, and onRetry callbacks (#​15) (c544729)

v2.0.1

Compare Source

Bug Fixes
  • include root-level legacy export in published files (c814b4b)

v2.0.0

Compare Source

⚠ BREAKING CHANGES
  • BREAKING: minimum node.js version is now v18
Bug Fixes
  • BREAKING: minimum node.js version is now v18 (d652333)
  • enable legacy exports (b88e02c)
firebase/firebase-js-sdk (firebase)

v12.8.0

Compare Source

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed
@​firebase/ai@​2.7.0
Minor Changes
firebase@​12.8.0
Minor Changes
Patch Changes
@​firebase/firestore@​4.10.0
Minor Changes
  • 83e6864 #​9356 - Release Firestore Pipelines for Enterprise edition in public preview.
@​firebase/remote-config@​0.8.0
Minor Changes
@​firebase/app@​0.14.7
Patch Changes
  • Update SDK_VERSION.
@​firebase/app-compat@​0.5.7
Patch Changes
@​firebase/firestore-compat@​0.4.4
Patch Changes
@​firebase/remote-config-compat@​0.2.21
Patch Changes

v12.7.0

Compare Source

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed
@​firebase/auth@​1.12.0
Minor Changes
  • 1e406a2 #​9410 - Upgraded react-native-async-storage peerDependency to v2+.
firebase@​12.7.0
Minor Changes
  • Update root "firebase" package as a "minor" release due to bumps in:
    @​firebase/auth.
Patch Changes
@​firebase/ai@​2.6.1
Patch Changes
@​firebase/auth-compat@​0.6.2
Patch Changes
@​firebase/firestore@​4.9.3
Patch Changes
@​firebase/firestore-compat@​0.4.3
Patch Changes

v12.6.0

Compare Source

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed
@​firebase/ai@​2.6.0
Minor Changes
firebase@​12.6.0
Minor Changes
Patch Changes
@​firebase/app@​0.14.6
Patch Changes
  • Update SDK_VERSION.
@​firebase/app-compat@​0.5.6
Patch Changes
@​firebase/data-connect@​0.3.12
Patch Changes
  • c47bd71 #​9349 (fixes #​9348) - Fixed issue where onComplete wasn't triggering when the user calls unsubscribe on a subscription.

v12.5.0

Compare Source

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed
@​firebase/ai@​2.5.0
Minor Changes

  • 22e0a1a #​9291 - Deprecate sendMediaChunks() and sendMediaStream(). Instead, use the new methods added to the LiveSession class.
    Add sendTextRealtime(), sendAudioReatime(), and sendVideoRealtime() to the LiveSession class.

  • bc5a7c4 #​9330 - Add support for audio transcriptions in the Live API.

  • c8263c4 #​9315 - Add inferenceSource to the response from generateContent and generateContentStream. This property indicates whether on-device or in-cloud inference was used to generate the result.

Patch Changes
  • 44d9891 #​9314 - Fix logic for merging default onDeviceParams with user-provided onDeviceParams.
firebase@​12.5.0
Minor Changes

  • 22e0a1a #​9291 - Deprecate sendMediaChunks() and sendMediaStream(). Instead, use the new methods added to the LiveSession class.
    Add sendTextRealtime(), sendAudioReatime(), and sendVideoRealtime() to the LiveSession class.

  • bc5a7c4 #​9330 - Add support for audio transcriptions in the Live API.

  • c8263c4 #​9315 - Add inferenceSource to the response from generateContent and generateContentStream. This property indicates whether on-device or in-cloud inference was used to generate the result.

Patch Changes
@​firebase/app@​0.14.5
Patch Changes
  • Update SDK_VERSION.
@​firebase/app-compat@​0.5.5
Patch Changes
@​firebase/auth@​1.11.1
Patch Changes
[@​

Configuration

📅 Schedule: Branch creation - Only on Wednesday ( * * * * 3 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@loopingz loopingz requested a review from a team as a code owner January 14, 2026 00:18
@loopingz loopingz added the dependencies Pull requests that update a dependency file label Jan 14, 2026
@loopingz
Copy link
Contributor Author

loopingz commented Jan 14, 2026
edited
Loading

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: tools/environment-configuration/package-lock.json
npm warn Unknown env config "store". This will stop working in the next major version of npm.
npm error code EUNSUPPORTEDPROTOCOL
npm error Unsupported URL Type "workspace:": workspace:*
npm error A complete log of this run can be found in: /tmp/renovate-cache/others/npm/_logs/2026-01-29T00_16_30_433Z-debug-0.log

@loopingz loopingz force-pushed the renovate/major-node-dependencies branch 5 times, most recently from 0b6bd93 to c829663 Compare January 21, 2026 12:13
@loopingz loopingz force-pushed the renovate/major-node-dependencies branch 6 times, most recently from 770047c to 76ee0f8 Compare January 28, 2026 00:25
@loopingz loopingz force-pushed the renovate/major-node-dependencies branch from 76ee0f8 to 40b9404 Compare January 29, 2026 00:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@loopingz @renovate-bot