Skip to content

chore(deps): bump the dependencies group across 1 directory with 7 updates #71

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): bump the dependencies group across 1 directory with 7 updates #71

wants to merge 1 commit into from
+128 −134

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 6, 2025
edited
Loading

Bumps the dependencies group with 7 updates in the / directory:

Package From To
@reduxjs/toolkit 2.8.2 2.9.0
query-string 9.2.2 9.3.1
@testing-library/jest-dom 6.7.0 6.9.1
cypress-real-events 1.14.0 1.15.0
lint-staged 16.1.5 16.2.3
start-server-and-test 2.0.13 2.1.2
typescript 5.9.2 5.9.3

Updates @reduxjs/toolkit from 2.8.2 to 2.9.0

Release notes

Sourced from @​reduxjs/toolkit's releases.

v2.9.0

This feature release rewrites RTK Query's internal subscription and polling systems and the useStableQueryArgs hook for better perf, adds automatic AbortSignal handling to requests still in progress when a cache entry is removed, fixes a bug with the transformResponse option for queries, adds a new builder.addAsyncThunk method, and fixes assorted other issues.

Changelog

RTK Query Performance Improvements

We had reports that RTK Query could get very slow when there were thousands of subscriptions to the same cache entry. After investigation, we found that the internal polling logic was attempting to recalculate the minimum polling time after every new subscription was added. This was highly inefficient, as most subscriptions don't change polling settings, and it required repeated O(n) iteration over the growing list of subscriptions. We've rewritten that logic to debounce the update check and ensure a max of one polling value update per tick for the entire API instance.

Related, while working on the request abort changes, testing showed that use of plain Records to hold subscription data was inefficient because we have to iterate keys to check size. We've rewritten the subscription handling internals to use Maps instead, as well as restructuring some additional checks around in-flight requests.

These two improvements drastically improved runtime perf for the thousands-of-subscriptions-one-cache-entry repro, eliminating RTK methods as visible hotspots in the perf profiles. It likely also improves perf for general usage as well.

We've also changed the implementation of our internal useStableQueryArgs hook to avoid calling serializeQueryArgs on its value, which can avoid potential perf issues when a query takes a very large object as its cache key.

[!NOTE] The internal logic switched from serializing the query arg to doing reference checks on nested values. This means that if you are passing a non-POJO value in a query arg, such as useSomeQuery({a: new Set()}), and you have refetchOnMountOrArgChange enabled, this will now trigger refeteches each time as the Set references are now considered different based on equality instead of serialization.

Abort Signal Handling on Cleanup

We've had numerous requests over time for various forms of "abort in-progress requests when the data is no longer needed / params change / component unmounts / some expensive request is taking too long". This is a complex topic with multiple potential use cases, and our standard answer has been that we don't want to abort those requests - after all, cache entries default to staying in memory for 1 minute after the last subscription is removed, so RTKQ's cache can still be updated when the request completes. That also means that it doesn't make sense to abort a request "on unmount".

However, it does then make sense to abort an in-progress request if the cache entry itself is removed. Given that, we've updated our cache handling to automatically call the existing resPromise.abort() method in that case, triggering the AbortSignal attached to the baseQuery. The handling at that point depends on your app - fetchBaseQuery should handle that, a custom baseQuery or queryFn would need to listen to the AbortSignal.

We do have an open issue asking for further discussions of potential abort / cancelation use cases and would appreciate further feedback.

New Options

The builder callback used in createReducer and createSlice.extraReducers now has builder.addAsyncThunk available, which allows handling specific actions from a thunk in the same way that you could define a thunk inside createSlice.reducers:

        const slice = createSlice({
          name: 'counter',
          initialState: {
            loading: false,
            errored: false,
            value: 0,
          },
          reducers: {},
          extraReducers: (builder) =>
            builder.addAsyncThunk(asyncThunk, {
              pending(state) {
                state.loading = true
              },
              fulfilled(state, action) {
                state.value = action.payload
              },
              rejected(state) {
                state.errored = true
              },
</tr></table>

... (truncated)

Commits
  • 98c54c6 Release 2.9.0
  • 0a86abd export some useful async thunk types
  • d02c27a add docs for addAsyncThunk (#5066)
  • ab346b9 fixdoc: incorrect position of keepUnusedDataFor for two scenarios (#5062)
  • d2bbb8d Rewrite subscription handling and polling calculations for better perf (#5064)
  • 3c6de47 Merge pull request #5065 from reduxjs/feature/TS5.9-matrix
  • c37b977 Add missing error value
  • 38537c3 Don't run Node10 checks for TS 6+
  • 821be20 Add TS 5.9 to the matrix
  • 407688d Abort pending requests if the cache entry is removed (#5061)
  • Additional commits viewable in compare view

Updates query-string from 9.2.2 to 9.3.1

Release notes

Sourced from query-string's releases.

v9.3.1

  • Fix custom type functions with array formats 720f2ff

sindresorhus/query-string@v9.3.0...v9.3.1

v9.3.0

  • Add replacer option to stringify() 509014d
  • Fix encoded separator incorrectly splitting single values into arrays ec67fea

sindresorhus/query-string@v9.2.2...v9.3.0

Commits
  • 6c6f660 9.3.1
  • 720f2ff Fix custom type functions with array formats
  • b46abfc 9.3.0
  • 509014d Add replacer option to stringify()
  • ab603a8 Document supported value types for stringify()
  • ec67fea Fix encoded separator incorrectly splitting single values into arrays
  • 2e1f45a Add comprehensive test coverage for queryString.exclude()
  • See full diff in compare view

Updates @testing-library/jest-dom from 6.7.0 to 6.9.1

Release notes

Sourced from @​testing-library/jest-dom's releases.

v6.9.1

6.9.1 (2025-10-01)

Bug Fixes

v6.9.0

6.9.0 (2025-09-30)

Features

  • Add .toAppearBefore/.toAppearAfter matcher (#702) (95f870a)

v6.8.0

6.8.0 (2025-08-20)

Features

Commits

Updates cypress-real-events from 1.14.0 to 1.15.0

Release notes

Sourced from cypress-real-events's releases.

v1.15.0

Changes

  • Cypress v15 support
  • Better support for cypress docker browsers
Commits
  • 91df596 fix: CI issues and docker config
  • b4f3a84 chore(ci): bump cypress circleci orb from 3.3.1 to 5.0.1
  • 42bf8a5 chore(deps): Support cypress v15
  • ccfb02d feat: Upgrade to cypress v14
  • cc7f577 chore(deps): Support cypress v14 (#714)
  • 3cebc7d chore(readme): update twitter handle
  • 9a4dd17 chore: Upgrade connection instruction for modern cypress
  • 06f1b2f chore(ci): run release on 'release' branch
  • See full diff in compare view

Updates lint-staged from 16.1.5 to 16.2.3

Release notes

Sourced from lint-staged's releases.

v16.2.3

Patch Changes

  • #1669 27cd541 Thanks @​iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

v16.2.2

Patch Changes

  • #1667 699f95d Thanks @​iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

    Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:

    % npx lint-staged --fail-on-changes
✔ Backed up original state in git stash (c18d55a3)
✔ Running tasks for staged files...
✖ Tasks modified files and --fail-on-changes was used!
↓ Cleaning up temporary files...
✖ lint-staged failed because --fail-on-changes was used.
Any lost modifications can be restored from a git stash:
> git stash list --format="%h %s"
c18d55a3 On main: lint-staged automatic backup
> git apply --index c18d55a3

v16.2.1

Patch Changes

  • #1664 8277b3b Thanks @​iiroj! - The built-in TypeScript types have been updated to more closely match the implementation. Notably, the list of staged files supplied to task functions is readonly string[] and can't be mutated. Thanks @​outslept!

    export default {
---  "*": (files: string[]) => void console.log('staged files', files)
+++  "*": (files: readonly string[]) => void console.log('staged files', files)
}

  • #1654 70b9af3 Thanks @​iiroj! - This version has been published from GitHub Actions using Trusted Publishing for npm packages.

  • #1659 4996817 Thanks @​iiroj! - Fix searching configuration files when the working directory is a subdirectory of a git repository, and there are package.json files in the working directory. This situation might happen when running lint-staged for a single package in a monorepo.

  • #1654 7021f0a Thanks @​iiroj! - Return the caret semver range (^) to direct dependencies so that future patch and minor versions are allowed. This enables projects to better maintain and deduplicate their own transitive dependencies while not requiring direct updates to lint-staged. This was changed in 16.2.0 after the vulnerability issues with chalk and debug, which were also removed in the same version.

    Given the recent vulnerabilities in the npm ecosystem, it's best to be very careful when updating dependencies.

v16.2.0

Minor Changes

... (truncated)

Changelog

Sourced from lint-staged's changelog.

16.2.3

Patch Changes

  • #1669 27cd541 Thanks @​iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

16.2.2

Patch Changes

  • #1667 699f95d Thanks @​iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

    Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:

    % npx lint-staged --fail-on-changes
✔ Backed up original state in git stash (c18d55a3)
✔ Running tasks for staged files...
✖ Tasks modified files and --fail-on-changes was used!
↓ Cleaning up temporary files...
✖ lint-staged failed because --fail-on-changes was used.
Any lost modifications can be restored from a git stash:
> git stash list --format="%h %s"
c18d55a3 On main: lint-staged automatic backup
> git apply --index c18d55a3

16.2.1

Patch Changes

  • #1664 8277b3b Thanks @​iiroj! - The built-in TypeScript types have been updated to more closely match the implementation. Notably, the list of staged files supplied to task functions is readonly string[] and can't be mutated. Thanks @​outslept!

    export default {
---  "*": (files: string[]) => void console.log('staged files', files)
+++  "*": (files: readonly string[]) => void console.log('staged files', files)
}

  • #1654 70b9af3 Thanks @​iiroj! - This version has been published from GitHub Actions using Trusted Publishing for npm packages.

  • #1659 4996817 Thanks @​iiroj! - Fix searching configuration files when the working directory is a subdirectory of a git repository, and there are package.json files in the working directory. This situation might happen when running lint-staged for a single package in a monorepo.

  • #1654 7021f0a Thanks @​iiroj! - Return the caret semver range (^) to direct dependencies so that future patch and minor versions are allowed. This enables projects to better maintain and deduplicate their own transitive dependencies while not requiring direct updates to lint-staged. This was changed in 16.2.0 after the vulnerability issues with chalk and debug, which were also removed in the same version.

    Given the recent vulnerabilities in the npm ecosystem, it's best to be very careful when updating dependencies.

... (truncated)

Commits
  • bdcd03a chore(changeset): release
  • 27cd541 fix: do not count hidden (partially) unstaged changes when using `--fail-on-c...
  • ab2f42e fix: emit correct value to debug logs
  • 3fc5832 refactor: make general error messages more clear they originate from lint-staged
  • 409d79a chore(changeset): release
  • 7edaee9 docs: fix typo in changeset
  • 699f95d fix: backup stash example uses real hash if available
  • 47d01a9 fix: print backup stash example when failing to --fail-on-changes
  • 325dc03 fix: restore unstaged changes on errors when --fail-on-errors or `--no-reve...
  • 53bb27b fix: do not drop backup stash when errors and --fail-on-changes was used
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lint-staged since your current version.


Updates start-server-and-test from 2.0.13 to 2.1.2

Release notes

Sourced from start-server-and-test's releases.

v2.1.2

2.1.2 (2025-09-19)

Bug Fixes

  • deps: update dependency wait-on to v8.0.5 (#407) (e09a718)

v2.1.1

2.1.1 (2025-09-17)

Bug Fixes

  • deps: update dependency debug to v4.4.3 (#406) (d0db7f6)

v2.1.0

2.1.0 (2025-09-04)

Features

Commits

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

Downloads are available on:

Commits
  • c63de15 Bump version to 5.9.3 and LKG
  • 8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
  • a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
  • 0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
  • bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
  • 0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
  • 2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Oct 6, 2025
@dependabot
chore(deps): bump the dependencies group across 1 directory with 7 up…
f5a542a 
…dates

Bumps the dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@reduxjs/toolkit](https://github.com/reduxjs/redux-toolkit) | `2.8.2` | `2.9.0` |
| [query-string](https://github.com/sindresorhus/query-string) | `9.2.2` | `9.3.1` |
| [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) | `6.7.0` | `6.9.1` |
| [cypress-real-events](https://github.com/dmtrKovalenko/cypress-real-events) | `1.14.0` | `1.15.0` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.1.5` | `16.2.3` |
| [start-server-and-test](https://github.com/bahmutov/start-server-and-test) | `2.0.13` | `2.1.2` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.2` | `5.9.3` |



Updates `@reduxjs/toolkit` from 2.8.2 to 2.9.0
- [Release notes](https://github.com/reduxjs/redux-toolkit/releases)
- [Commits](reduxjs/redux-toolkit@v2.8.2...v2.9.0)

Updates `query-string` from 9.2.2 to 9.3.1
- [Release notes](https://github.com/sindresorhus/query-string/releases)
- [Commits](sindresorhus/query-string@v9.2.2...v9.3.1)

Updates `@testing-library/jest-dom` from 6.7.0 to 6.9.1
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](testing-library/jest-dom@v6.7.0...v6.9.1)

Updates `cypress-real-events` from 1.14.0 to 1.15.0
- [Release notes](https://github.com/dmtrKovalenko/cypress-real-events/releases)
- [Commits](dmtrKovalenko/cypress-real-events@v1.14.0...v1.15.0)

Updates `lint-staged` from 16.1.5 to 16.2.3
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.1.5...v16.2.3)

Updates `start-server-and-test` from 2.0.13 to 2.1.2
- [Release notes](https://github.com/bahmutov/start-server-and-test/releases)
- [Commits](bahmutov/start-server-and-test@v2.0.13...v2.1.2)

Updates `typescript` from 5.9.2 to 5.9.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml)
- [Commits](microsoft/TypeScript@v5.9.2...v5.9.3)

---
updated-dependencies:
- dependency-name: "@reduxjs/toolkit"
  dependency-version: 2.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: query-string
  dependency-version: 9.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@testing-library/jest-dom"
  dependency-version: 6.9.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: cypress-real-events
  dependency-version: 1.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: lint-staged
  dependency-version: 16.2.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: start-server-and-test
  dependency-version: 2.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: typescript
  dependency-version: 5.9.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dependencies-c06bf6b3d8 branch from 19ad0df to f5a542a Compare October 13, 2025 11:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants