Skip to content

[Deps] Safe dependency updates (2026-07-07) #5972

Description

@github-actions

Automated Safe Dependency Updates

This PR contains safe patch-level dependency updates verified to pass all tests.

Updated Dependencies

Package Previous Updated Type
@typescript-eslint/eslint-plugin 8.62.1 8.63.0 patch
@typescript-eslint/parser 8.62.1 8.63.0 patch
typescript-eslint 8.62.1 8.63.0 patch

Security Status

  • npm audit: 0 vulnerabilities (CRITICAL: 0, HIGH: 0, MODERATE: 0, LOW: 0)

Verification

  • npm audit — 0 vulnerabilities
  • All tests pass (3504/3505 passing; 1 pre-existing failure unrelated to these changes)
  • No breaking changes detected

Updates Skipped (major version — require manual review)

Package Current Latest Reason
chalk 4.1.2 5.6.2 ESM-only in v5
commander 12.1.0 15.0.0 Multiple breaking changes
execa 5.1.1 9.6.1 ESM-only in v9
js-yaml 4.3.0 5.2.1 API changes
typescript 5.9.3 6.0.3 Compiler changes
@babel/core 7.29.7 8.0.1 Major
@commitlint/* 20.5.3 21.x Major
eslint-plugin-security 3.0.1 4.0.1 Major

Generated by Dependency Security Monitor Workflow


Warning

Protected Files — Push Permission Denied

This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.

Protected files
  • package-lock.json
  • package.json

The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.

Create the pull request manually
# Download the patch from the workflow run
gh run download 28840174814 -n agent -D /tmp/agent-28840174814

# Create a new branch
git checkout -b deps/safe-updates-2026-07-07-f5a60768275328d1 main

# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-28840174814/aw-deps-safe-updates-2026-07-07.patch

# Push the branch and create the pull request
git push origin deps/safe-updates-2026-07-07-f5a60768275328d1
gh pr create --title '[Deps] Safe dependency updates (2026-07-07)' --base main --head deps/safe-updates-2026-07-07-f5a60768275328d1 --repo github/gh-aw-firewall

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Dependency Security Monitor · 49.3 AIC · ⊞ 7.3K ·

Metadata

Metadata

Assignees

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions