Skip to content

Bump config from 3.3.12 to 4.3.0#355

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/config-4.3.0
Open

Bump config from 3.3.12 to 4.3.0#355
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/config-4.3.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026
edited
Loading

Bumps config from 3.3.12 to 4.3.0.

Release notes

Sourced from config's releases.

v4.3.0

What's Changed

  • new callback mechanism for handling deferred and async configuration evaluation
  • ./async.js and ./defer.js are now deprecated

New Async and Deferred mechanism

Instead of using async.js and defer.js, your executable config files can return a synchronous or asynchronous function. Note that if you use async deferred functions through the new mechanism, you need to call Util.resolveAsyncConfig() instead of the old version.

Util.resolveAsyncConfig() also fixes an issue where using defer in an array did not function properly #876

The old implementations have been marked as deprecated and will issue warnings to console.error to indicate use of the old pathways. The old functions are incompatible with ESM loading conventions and will be removed at the beginning of the 5.0 cycle to facilitate conversion of the library to ESM.

Full Changelog: node-config/node-config@v4.2.1...v4.3.0

v4.2.1

What's Changed

Full Changelog: node-config/node-config@v4.2.0...v4.2.1

v4.2.0

What's Changed

Breaking Changes

  • All deprecated functions in config.util have been removed. Please use lib/util for similar functionality
  • Default Yaml parser has changed to a more maintained alternative. Please validate your config files for correct processing, or adjust your package.json to force js-yaml to be used

Full Changelog: node-config/node-config@v4.1.1...v4.2.0

v4.1.1

What's Changed

This release includes only test and devDependency changes

Full Changelog: node-config/node-config@v4.1.0...v4.1.1

v4.1.0

Breaking Changes

Several bugs were fixed that a user code might theoretically rely on, but most likely not:

... (truncated)

Commits
  • ce4fcf4 prepare 4.3.0
  • bd4d95d Merge pull request #863 from jdmarshall/deferredESM
  • df3866b Fix issue with arrays of promises.
  • 55d17ba Add runtime deprecation warnings, as per
  • c30a565 Support for the 'Future Compatibility' contract in the project wiki.
  • c6df6c6 Allow new async mechanism to override old, instead of vice versa.
  • 5cd516c Deprecate defer.js
  • ede4550 Move defer.js to lib
  • 5c0972e Update copyright notices to 2026
  • d5c5666 Support async functions in deferConfig as a way to replace async.js
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jdmarshall, a new releaser for config since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 16, 2026
@dependabot dependabot bot mentioned this pull request Feb 16, 2026
Closed
@dependabot
Bump config from 3.3.12 to 4.3.0
0c6474b 
Bumps [config](https://github.com/node-config/node-config) from 3.3.12 to 4.3.0.
- [Release notes](https://github.com/node-config/node-config/releases)
- [Changelog](https://github.com/node-config/node-config/blob/master/History.md)
- [Commits](node-config/node-config@v3.3.12...v4.3.0)

---
updated-dependencies:
- dependency-name: config
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/config-4.3.0 branch from 45b8457 to 0c6474b Compare February 16, 2026 21:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants