Skip to content

chore(deps-dev): bump the npm-deps group across 1 directory with 3 updates#315

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-deps-9bd4f039b3
Open

chore(deps-dev): bump the npm-deps group across 1 directory with 3 updates#315
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-deps-9bd4f039b3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-deps group with 3 updates in the / directory: @vercel/ncc, eslint and markdownlint-cli.

Updates @vercel/ncc from 0.38.4 to 0.44.0

Release notes

Sourced from @​vercel/ncc's releases.

0.44.0

0.44.0 (2026-06-09)

Features

0.43.0

0.43.0 (2026-06-09)

Changes

  • BREAKING CHANGE: add Node 24 and 26 support, remove 20 (#1318) (#1305)
  • switch npm releases to trusted publishing (OIDC) (#1325) (#1327) (#1328) (#1329) (#1330) (#1331) (#1332)
  • switch package management to pnpm (#1321)
  • fix predictable global cache directory in /tmp enables symlink/hijack risks (#1314)
  • reorder extension resolution to prioritise TypeScript over JSON (#1315)
  • support TypeScript 6 transpile builds (#1316)
Commits
  • 88be21f chore(deps): Bump actions/checkout from 5 to 6 (#1300)
  • 5ea625e feat: read permissions pr.yml (#1323)
  • a1ff315 feat: remove npm devDependency (#1332)
  • 9e077ab feat: add publishConfig to package.json (#1331)
  • 7290aa7 feat(ci): upgrade python and remove LLVM LTO flags from MSVC build to fix Nod...
  • a428a10 feat: publish using node@24 (#1329)
  • 3192116 feat: use canonical package repository metadata (#1328)
  • 4461a52 feat: lock semantic-release publish dependencies (#1327)
  • e00b2de feat: switch npm releases to trusted publishing (OIDC) (#1325)
  • 5f8f509 feat: delete .github/CODEOWNERS (#1324)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​vercel/ncc since your current version.


Updates eslint from 10.4.1 to 10.5.0

Release notes

Sourced from eslint's releases.

v10.5.0

Features

  • 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)
  • b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)
  • 2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)
  • 732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)
  • f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)
  • bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)
  • c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

  • 8ae1b5b docs: Update README (GitHub Actions Bot)
  • ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962) (Francesco Trotta)
  • f99b47a docs: Update README (GitHub Actions Bot)
  • acf03d4 docs: clarify precedence of parserOptions over languageOptions (#20926) (sethamus)

Chores

  • b18bf58 chore: update ecosystem plugins (#20959) (ESLint Bot)
  • c2d1444 refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (#20951) (Taejin Kim)
  • 243b8c5 chore: enhance config-rule to support oneOf, anyOf, and nested schemas (#20788) (kuldeep kumar)
  • 217b2a9 test: add unit tests for ParserService (#20949) (Taejin Kim)
  • 72003e7 test: add location information to error messages in max-statements (#20945) (lumir)
  • 7797c26 refactor: deduplicate isAnySegmentReachable across rules (#20890) (Taejin Kim)
  • 67c46fa chore: update ecosystem plugins (#20938) (ESLint Bot)
  • 95d8c7a chore: update dependency @​eslint/json to v2 (#20934) (renovate[bot])
  • cf9e496 chore: update @​arethetypeswrong/cli to 0.18.3 (#20933) (Pixel998)
  • fb6d396 test: run type tests with TypeScript 7 (#20868) (sethamus)
Commits

Updates markdownlint-cli from 0.48.0 to 0.49.0

Release notes

Sourced from markdownlint-cli's releases.

v0.49.0

  • Update markdownlint dependency to 0.41.0
    • Improve MD022/MD028/MD035/MD042/MD051/MD060
    • Remove handling of inline directive syntax (frequent false positives)
    • Remove support for end-of-life Node version 20
  • Update all dependencies via Dependabot
Commits
  • a4d5d37 Bump version 0.49.0
  • 503f264 Delete and recreate package-lock.json via "npm install".
  • 7a24593 Bump markdownlint from 0.40.0 to 0.41.0
  • c7c1c76 Bump commander from 14.0.3 to 15.0.0
  • 83f5f30 Bump tinyglobby from 0.2.16 to 0.2.17
  • 74b98de Bump js-yaml from 4.1.1 to 4.2.0
  • d368135 Bump markdown-it from 14.1.1 to 14.2.0
  • dd34288 Bump ava from 8.0.0 to 8.0.1
  • 1e363dc Bump brace-expansion from 5.0.5 to 5.0.6
  • 2f092d2 Bump ava from 7.0.0 to 8.0.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the npm-deps group across 1 directory with 3 up…
38a7fbb 
…dates

Bumps the npm-deps group with 3 updates in the / directory: [@vercel/ncc](https://github.com/vercel/ncc), [eslint](https://github.com/eslint/eslint) and [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli).


Updates `@vercel/ncc` from 0.38.4 to 0.44.0
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](vercel/ncc@0.38.4...0.44.0)

Updates `eslint` from 10.4.1 to 10.5.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.4.1...v10.5.0)

Updates `markdownlint-cli` from 0.48.0 to 0.49.0
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](igorshubovych/markdownlint-cli@v0.48.0...v0.49.0)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-version: 0.44.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
- dependency-name: eslint
  dependency-version: 10.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
- dependency-name: markdownlint-cli
  dependency-version: 0.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 26, 2026
@dependabot dependabot Bot requested a review from collinmcneese as a code owner June 26, 2026 07:42
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@collinmcneese collinmcneese Awaiting requested review from collinmcneese collinmcneese is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants