Skip to content

Bump the npm_and_yarn group across 1 directory with 7 updates#2

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-0a41577a18
Open

Bump the npm_and_yarn group across 1 directory with 7 updates#2
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-0a41577a18

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Jun 24, 2025

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
libxmljs2 0.27.0 0.37.0
@babel/traverse 7.14.7 7.27.4
braces 3.0.2 3.0.3
webpack 4.43.0 5.99.9
webpack-cli 3.3.12 6.0.1
json5 1.0.1 1.0.2
ws 7.5.2 7.5.10

Updates libxmljs2 from 0.27.0 to 0.37.0

Release notes

Sourced from libxmljs2's releases.

v0.37.0

No release notes provided.

v0.35.0

No release notes provided.

v0.33.0

support node 21

BREAKING Drop node 16 & 19

v0.32.0

feat: support node 20,

BREAKING: only 20, 19, 18 and 16 are supported now.

v0.31.0

No release notes provided.

v0.30.1

Feature:

  • added node 18 support

v0.30.0

PLEASE IGNORE THIS AND DIRECTLY USE 0.30.1

BREAKING:

  • dropped node 12 support (EOL in 5 days, 2022-04-30)
  • dropped node 17 support (EOL in ~5 Weeks, 2022-06-01)

Feature:

  • added node 18 support

v0.29.0

  • feat: node 17 (#148) fad87c8
  • chore(deps-dev): bump prettier from 2.3.2 to 2.4.0 (#135) d8ea3c4
  • chore(deps-dev): bump typescript from 4.4.2 to 4.4.3 (#133) 260f1bd

marudor/libxmljs2@v0.28.0...v0.29.0

v0.28.0

BREAKING:

  • Drop node 10 support
  • Drop node 15 support

Changes:

  • chore: only publish files needed to build & use 560bf31
  • chore: update deps (#131) 62c2c44
  • chore: drop node 10 and 15 support (#130) deb01d3

... (truncated)

Commits
  • 0259421 chore: support node 24
  • 478d57d chore: support node 22
  • 28c7258 fix: correct prebuild stuff
  • 7ef018c NO LONGER MAINTAINED
  • 9b42607 fix: correct artifact path to upload
  • 0dbbcf2 chore: test prebuild as node-pre-gyp is no longer working
  • e0eb378 chore: bump to 0.33.0
  • c028a85 chore: support node21 (#201)
  • 793352d fix: use older ubuntu to build, lowers needed gcc to 2.31
  • bef4c83 feat: node 20 support, drop eol nodes (#193)
  • Additional commits viewable in compare view

Updates @babel/traverse from 7.14.7 to 7.27.4

Release notes

Sourced from @​babel/traverse's releases.

v7.27.4 (2025-05-30)

👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-explicit-resource-management

💅 Polish

🔬 Output optimization

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

Committers: 4

v7.27.3 (2025-05-27)

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-types
    • #17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@​magic-akari)
  • babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd
    • #17257 Preserve class id when transforming using declarations with exported class (@​JLHwung)
  • babel-parser
  • babel-generator, babel-parser

Committers: 7

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.27.4 (2025-05-30)

👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-explicit-resource-management

💅 Polish

🔬 Output optimization

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

v7.27.3 (2025-05-27)

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-types
    • #17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@​magic-akari)
  • babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd
    • #17257 Preserve class id when transforming using declarations with exported class (@​JLHwung)
  • babel-parser
  • babel-generator, babel-parser

v7.27.2 (2025-05-06)

🐛 Bug Fix

  • babel-parser
  • babel-plugin-transform-object-rest-spread
  • babel-plugin-transform-modules-commonjs, babel-template

🏃‍♀️ Performance

  • babel-cli

... (truncated)

Commits

Updates braces from 3.0.2 to 3.0.3

Commits

Updates webpack from 4.43.0 to 5.99.9

Release notes

Sourced from webpack's releases.

v5.99.9

Fixes

  • HMR might fail if there are new initial chunks
  • Destructuring namespace import with default
  • Destructuring namespace import with computed-property
  • Generate valid code for es export generation for multiple module entries
  • Fixed public path issue for ES modules
  • Asset modules work when lazy compilation used
  • Eliminate unused statements in certain scenarios
  • Fixed regression with location and order of dependencies
  • Fixed typescript types

v5.99.8

Fixes

  • Fixed type error with latest @types/node
  • Fixed typescript types

v5.99.7

Fixes

  • Don't skip export generation for default reexport (#19463)
  • Fixed module library export generation for reexport (#19459)
  • Avoid module concatenation in child compilation for module library (#19457)
  • Ensure HMR recover gracefully when CSS module with error
  • Respect cause of any errors and errors of AggregateError in stats output
  • Added missing @types/json-schema in types

v5.99.6

Fixes

  • Respect public path for ES modules
  • Fixed generation of module for module library when mixing commonjs and esm modules
  • Always apply FlagDependencyExportsPlugin for libraries where it required
  • Faster logic for dead control flow
  • Typescript types

v5.99.5

Fixes

  • Control dead flow for labeled and blockless statements

v5.99.4

Fixes

  • Fixed terminated state for if/else

v5.99.3

Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.


Updates webpack-cli from 3.3.12 to 6.0.1

Release notes

Sourced from webpack-cli's releases.

v6.0.1

6.0.1 (2024-12-20)

Bug Fixes

v6.0.0

6.0.0 (2024-12-19)

BREAKING CHANGES

  • the minimum required Node.js version is 18.12.0
  • removed init, loader and plugin commands in favor create-webpack-app
  • dropped support for webpack-dev-server@v4
  • minimum supported webpack version is 5.82.0
  • The --define-process-env-node-env option was renamed to --config-node-env

Bug Fixes

Features

  • output pnpm version with info/version command (#3906) (38f3c6f)

v5.1.4

5.1.4 (2023-06-07)

Bug Fixes

  • multi compiler progress output (f659624)

v5.1.3

5.1.3 (2023-06-04)

Bug Fixes

v5.1.2

5.1.2 (2023-06-04)

Bug Fixes

  • improve check for custom webpack and webpack-dev-server package existance (0931ab6)

... (truncated)

Changelog

Sourced from webpack-cli's changelog.

6.0.1 (2024-12-20)

Bug Fixes

6.0.0 (2024-12-19)

BREAKING CHANGES

  • the minimum required Node.js version is 18.12.0
  • removed init, loader and plugin commands in favor create-webpack-app
  • dropped support for webpack-dev-server@v4
  • minimum supported webpack version is 5.82.0
  • The --define-process-env-node-env option was renamed to --config-node-env

Bug Fixes

Features

  • output pnpm version with info/version command (#3906) (38f3c6f)

5.1.4 (2023-06-07)

Bug Fixes

  • multi compiler progress output (f659624)

5.1.3 (2023-06-04)

Bug Fixes

5.1.2 (2023-06-04)

Bug Fixes

  • improve check for custom webpack and webpack-dev-server package existance (0931ab6)
  • improve help for some flags (f468614)
  • improved support for .cts and .mts extensions (a77daf2)

5.1.1 (2023-05-09)

... (truncated)

Commits

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

v2.2.0 [code, diff]

  • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

  • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

Updates ws from 7.5.2 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

  • Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

  • Backported 0fdcc0af to the 7.x release line (2758ed35).
  • Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

  • Backported 6946f5fe to the 7.x release line (1f72e2e1).

7.5.6

Bug fixes

  • Backported b8186dd1 to the 7.x release line (73dec34b).
  • Backported ed2b8039 to the 7.x release line (22a26afb).

7.5.5

Bug fixes

  • Backported ec9377ca to the 7.x release line (0e274acd).

7.5.4

Bug fixes

  • Backported 6a72da3e to the 7.x release line (76087fbf).
  • Backported 869c9892 to the 7.x release line (27997933).

7.5.3

Bug fixes

  • The WebSocketServer constructor now throws an error if more than one of the noServer, server, and port options are specefied (66e58d27).
  • Fixed a bug where a 'close' event was emitted by a WebSocketServer before the internal HTTP/S server was actually closed (5a587304).
  • Fixed a bug that allowed WebSocket connections to be established after WebSocketServer.prototype.close() was called (772236a1).
Commits
  • d962d70 [dist] 7.5.10
  • 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
  • 8a78f87 [dist] 7.5.9
  • 0435e6e [security] Fix same host check for ws+unix: redirects
  • 4271f07 [dist] 7.5.8
  • dc1781b [security] Drop sensitive headers when following insecure redirects
  • 2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
  • a370613 [dist] 7.5.7
  • 1f72e2e [security] Drop sensitive headers when following redirects (#2013)
  • 8ecd890 [dist] 7.5.6
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 7 updates
e3e8545 
Bumps the npm_and_yarn group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [libxmljs2](https://github.com/marudor/libxmljs2) | `0.27.0` | `0.37.0` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.7` | `7.27.4` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [webpack](https://github.com/webpack/webpack) | `4.43.0` | `5.99.9` |
| [webpack-cli](https://github.com/webpack/webpack-cli) | `3.3.12` | `6.0.1` |
| [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` |
| [ws](https://github.com/websockets/ws) | `7.5.2` | `7.5.10` |



Updates `libxmljs2` from 0.27.0 to 0.37.0
- [Release notes](https://github.com/marudor/libxmljs2/releases)
- [Commits](marudor/libxmljs2@v0.27.0...v0.37.0)

Updates `@babel/traverse` from 7.14.7 to 7.27.4
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.27.4/packages/babel-traverse)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `webpack` from 4.43.0 to 5.99.9
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v4.43.0...v5.99.9)

Updates `webpack-cli` from 3.3.12 to 6.0.1
- [Release notes](https://github.com/webpack/webpack-cli/releases)
- [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-cli/compare/v3.3.12...webpack-cli@6.0.1)

Updates `json5` from 1.0.1 to 1.0.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v1.0.1...v1.0.2)

Updates `ws` from 7.5.2 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.2...7.5.10)

---
updated-dependencies:
- dependency-name: libxmljs2
  dependency-version: 0.37.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-version: 7.27.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-version: 5.99.9
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: webpack-cli
  dependency-version: 6.0.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-version: 1.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 7.5.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 24, 2025
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Jun 24, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary or crs to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai or cr anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants