chore(deps)(deps): bump dotenv from 16.6.1 to 17.4.2#6
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
4 tasks
Owner
|
@dependabot rebase |
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/dotenv-17.4.2
branch
from
c5bfcd9 to
bb0ce15
Compare
Owner
|
@dependabot rebase |
Bumps [dotenv](https://github.com/motdotla/dotenv) from 16.6.1 to 17.4.2. - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v16.6.1...v17.4.2) --- updated-dependencies: - dependency-name: dotenv dependency-version: 17.4.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/dotenv-17.4.2
branch
from
bb0ce15 to
f38d2ee
Compare
xcodethink
pushed a commit
that referenced
this pull request
May 2, 2026
…s to ^16
@browserbasehq/stagehand@2.5.8 peer-depends on `dotenv@^16.4.5` and
imports it at runtime (`require("dotenv")` in dist/index.js:482). Letting
dependabot keep proposing dotenv 17 PRs (most recent: PR #6) creates
review churn for an upgrade with no user value — dotenv 17's only
behavioural change vs 16 is the new `quiet` default, which would just
get silenced. Revisit when T-NEW-1 (Stagehand v3 migration) lands.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Contributor
Author
|
Looks like dotenv is no longer being updated by Dependabot, so this is no longer needed. |
xcodethink
pushed a commit
that referenced
this pull request
May 3, 2026
…s to ^16
@browserbasehq/stagehand@2.5.8 peer-depends on `dotenv@^16.4.5` and
imports it at runtime (`require("dotenv")` in dist/index.js:482). Letting
dependabot keep proposing dotenv 17 PRs (most recent: PR #6) creates
review churn for an upgrade with no user value — dotenv 17's only
behavioural change vs 16 is the new `quiet` default, which would just
get silenced. Revisit when T-NEW-1 (Stagehand v3 migration) lands.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
xcodethink
pushed a commit
that referenced
this pull request
May 3, 2026
Bug fixes: - #1 CRITICAL: require.resolve() → createRequire() for ESM compat - #2 CRITICAL: axe-core eval() → page.addScriptTag() for CSP safety - #3 MAJOR: fallback default reverted to optional (backward compat) - #4 null guard on SQLite pragma user_version - #5 safe string concat in pragma (no interpolation) - #6 axe-core try-catch + result shape validation - #7 a11y score formula: weighted penalty (critical*2+serious*1+moderate*0.5+minor*0.25) - #8 page-stability: differentiate closed page vs other errors - #9 deduplicate rephrase mutations - #10 CriticResult shape consistency for axe-core results - #11 pragma SQL pattern fix (covered by #5) Improvements: - Layer 2 LLM rewrite: Haiku-powered instruction mutation (~$0.001/call) - Layer 3c auto-selector: observe() discovers CSS selectors automatically - Unit tests: 16 tests (instruction-mutator + history) via vitest Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
xcodethink
pushed a commit
that referenced
this pull request
May 3, 2026
…s to ^16
@browserbasehq/stagehand@2.5.8 peer-depends on `dotenv@^16.4.5` and
imports it at runtime (`require("dotenv")` in dist/index.js:482). Letting
dependabot keep proposing dotenv 17 PRs (most recent: PR #6) creates
review churn for an upgrade with no user value — dotenv 17's only
behavioural change vs 16 is the new `quiet` default, which would just
get silenced. Revisit when T-NEW-1 (Stagehand v3 migration) lands.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps dotenv from 16.6.1 to 17.4.2.
Changelog
Sourced from dotenv's changelog.
... (truncated)
Commits
f116f7017.4.23a81612fix visual order of faq13f55a8Merge branch 'skill'4bbbf73reorganize faqc3da64bMerge pull request #1009 from motdotla/skill6f743b1update sourcefc2c624update skill972315bTighten up skill2795fcereorganize faqd5495d4adjust skill