Skip to content

chore(deps): consolidate dependabot bumps (napi, oxlint/oxfmt, vscode)#1891

Merged
BartWaardenburg merged 4 commits into
mainfrom
chore/dependabot-consolidation-1714
Jul 14, 2026
Merged

chore(deps): consolidate dependabot bumps (napi, oxlint/oxfmt, vscode)#1891
BartWaardenburg merged 4 commits into
mainfrom
chore/dependabot-consolidation-1714

Conversation

@BartWaardenburg

Copy link
Copy Markdown
Collaborator

Consolidates six Dependabot PRs that each needed a coordinated lockfile or paired bump to go green.

napi 3.10.3 + napi-derive 3.5.9 (supersedes #1878, #1880)

napi-derive 3.5.9 pulls napi-derive-backend 5.1.2, whose macro output needs napi >= 3.10. Bumping napi-derive alone (#1880) fails to compile against napi 3.9.4; the paired napi 3.10.3 bump (#1878) provides the required prelude functions. fallow-node compiles clean with both.

oxlint 1.73.0 + oxfmt 0.58.0 (supersedes #1867, #1869)

Root dev-tooling. Lockfile regenerated with a real npm install so the nested conventional-commits-parser entry survives and npm ci stays green (the individual PRs each pruned it and went red). lint:js and fmt:js:check pass on the new versions.

vscode-languageclient 10.1.0 + @types/node 26.1.0 (supersedes #1870, #1875)

editors/vscode dev deps. The two PRs conflicted with each other on pnpm-lock.yaml; bumping both in one pass resolves it. tsc --noEmit and the rolldown bundle both pass.

Local gates run: cargo build -p fallow-node, npm ci --dry-run, npm run lint:js + fmt:js:check, pnpm run lint + pnpm run build (vscode). Dependabot will auto-close the six superseded PRs once this lands.

Closes #1867
Closes #1869
Closes #1870
Closes #1875
Closes #1878
Closes #1880

Combined lock bump. napi-derive 3.5.9 pulls napi-derive-backend 5.1.2,
whose macro output needs napi >= 3.10; the paired napi 3.10.3 bump
provides it. fallow-node compiles clean. Supersedes #1878 and #1880.

Closes #1878
Closes #1880
Root dev-tooling. Lockfile regenerated via npm install (keeps the nested
conventional-commits-parser entry, so npm ci stays green). lint:js and
fmt:js:check pass on the new versions. Supersedes #1867 and #1869.

Closes #1867
Closes #1869
editors/vscode dev deps. pnpm-lock regenerated; tsc --noEmit (lint) and
the rolldown bundle both pass. Supersedes #1870 and #1875 (they conflicted
with each other on pnpm-lock.yaml). Closes #1870
Closes #1875
@BartWaardenburg BartWaardenburg enabled auto-merge (squash) July 14, 2026 15:02
@codspeed-hq

codspeed-hq Bot commented Jul 14, 2026

Copy link
Copy Markdown

Merging this PR will not alter performance

✅ 46 untouched benchmarks
⏩ 32 skipped benchmarks1


Comparing chore/dependabot-consolidation-1714 (f6fd7b8) with main (a3f68d3)2

Open in CodSpeed

Footnotes

  1. 32 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports.

  2. No successful run was found on main (b96ee78) during the generation of this report, so a3f68d3 was used instead as the comparison base. There might be some changes unrelated to this pull request in this report.

napi 3.10.3's Error no longer holds `reason` behind Drop, so cloning it
in the test helper is now redundant (clippy::redundant_clone, -D warnings).
Move the field out instead.
@BartWaardenburg BartWaardenburg merged commit 52989ec into main Jul 14, 2026
50 checks passed
@BartWaardenburg BartWaardenburg deleted the chore/dependabot-consolidation-1714 branch July 14, 2026 15:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant