Skip to content

chore(deps-dev): bump the npm-development group across 1 directory with 7 updates#377

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-development-a5e2e14c93
Open

chore(deps-dev): bump the npm-development group across 1 directory with 7 updates#377
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-development-a5e2e14c93

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 10, 2026
edited
Loading

Bumps the npm-development group with 7 updates in the / directory:

Package From To
eslint 10.1.0 10.3.0
eslint-config-next 16.2.3 16.2.6
lint-staged 16.4.0 17.0.4
postcss 8.5.8 8.5.14
prettier 3.8.1 3.8.3
prettier-plugin-sh 0.18.0 0.18.1
stylelint 17.5.0 17.11.0

Updates eslint from 10.1.0 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

  • 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

  • b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

  • 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
  • 7f47937 docs: Update README (GitHub Actions Bot)

Chores

  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
  • 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
  • 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
  • 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
  • 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
  • f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
  • a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
  • 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
  • b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
  • 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

v10.2.1

Bug Fixes

  • 14be92b fix: model generator yield resumption paths in code path analysis (#20665) (sethamus)
  • 84a19d2 fix: no-async-promise-executor false positives for shadowed Promise (#20740) (xbinaryx)
  • af764af fix: clarify language and processor validation errors (#20729) (Pixel998)
  • e251b89 fix: update eslint (#20715) (renovate[bot])

Documentation

  • ca92ca0 docs: reuse markdown-it instance for markdown filter (#20768) (Amaresh S M)
  • 57d2ee2 docs: Enable Eleventy incremental mode for watch (#20767) (Amaresh S M)
  • c1621b9 docs: fix typos in code-path-analyzer.js (#20700) (Ayush Shukla)
  • 1418d52 docs: Update README (GitHub Actions Bot)
  • 39771e6 docs: Update README (GitHub Actions Bot)
  • 71e0469 docs: fix incomplete JSDoc param description in no-shadow rule (#20728) (kuldeep kumar)
  • 22119ce docs: clarify scope of for-direction rule with dead code examples (#20723) (Amaresh S M)
  • 8f3fb77 docs: document meta.docs.dialects (#20718) (Pixel998)

Chores

  • 7ddfea9 chore: update dependency prettier to v3.8.2 (#20770) (renovate[bot])
  • fac40e1 ci: bump pnpm/action-setup from 5.0.0 to 6.0.0 (#20763) (dependabot[bot])
  • 7246f92 test: add tests for SuppressionsService.load() error handling (#20734) (kuldeep kumar)
  • 4f34b1e chore: update pnpm/action-setup action to v5 (#20762) (renovate[bot])

... (truncated)

Commits
  • 7889204 10.3.0
  • 5b69b4f Build: changelog update for 10.3.0
  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
  • b6ae5cf fix: handle unavailable require cache (#20812)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
  • 379571a feat: add suggestions for no-unused-private-class-members (#20773)
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
  • Additional commits viewable in compare view

Updates eslint-config-next from 16.2.3 to 16.2.6

Release notes

Sourced from eslint-config-next's releases.

v16.2.6

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v16.2.5

This release contains security fixes for the following advisories:

High:

Moderate:

Low:

v16.2.4

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • chore: Bump reqwest to 0.13.2 (Fixes Google Fonts with Turbopack for Windows on ARM64) (#92713)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for eslint-config-next since your current version.


Updates lint-staged from 16.4.0 to 17.0.4

Release notes

Sourced from lint-staged's releases.

v17.0.4

Patch Changes

  • #1788 f95c1f8 - Another fix for making sure lint-staged adds task modifications correctly to the commit in the following cases:

    • after editing <file> it is staged with git add <file>, and then committed with git commit
    • after editing <file> it is committed with git commit --all without explicit git add
    • after editing <file> it is committed with git commit <pathspec> without explicit git add

    There's new test cases which actually setup the Git pre_commit hook to run lint-staged and verify them. These issues started in v17.0.0 when trying to improve support for committig without having explicitly staged files.

v17.0.3

Patch Changes

  • #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
    • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
    • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

v17.0.2

Patch Changes

v17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

v17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

  • #1759 f13045a Thanks @​iiroj! - Update dependencies, including tinyexec@1.1.1 to fix the following issues:

    • When using a Node.js version manager with multiple versions installed (nvm, n, for example), scripts with the #!/usr/bin/env node shebang (Prettier, ESLint, for example) were previously spawned using the default Node.js version configured by the version manager (the one which node points to) on POSIX systems. Now, they will be spawned with the same version that lint-staged itself was started with.
      • For example, if your default Node.js version is 24.14.1 but lint-staged is run with the latest version 25.9.0, the tasks spawned by lint-staged will now also use version 25.9.0. Previously they were spawned using 24.14.1.

... (truncated)

Changelog

Sourced from lint-staged's changelog.

17.0.4

Patch Changes

  • #1788 f95c1f8 - Another fix for making sure lint-staged adds task modifications correctly to the commit in the following cases:

    • after editing <file> it is staged with git add <file>, and then committed with git commit
    • after editing <file> it is committed with git commit --all without explicit git add
    • after editing <file> it is committed with git commit <pathspec> without explicit git add

    There's new test cases which actually setup the Git pre_commit hook to run lint-staged and verify them. These issues started in v17.0.0 when trying to improve support for committig without having explicitly staged files.

17.0.3

Patch Changes

  • #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
    • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
    • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

17.0.2

Patch Changes

17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

... (truncated)

Commits
  • 2862964 Merge pull request #1789 from lint-staged/changeset-release/main
  • c9ecd54 chore(changeset): release
  • cc6b51a Merge pull request #1788 from lint-staged/fix-update-index-again
  • f95c1f8 fix: update both default index.lock and non-standard lock when latter exists
  • f44ee68 Merge pull request #1786 from lint-staged/update-repo-url
  • a61cf18 build(deps): update dependencies
  • ea00037 docs: disable Changesets "thanks"
  • ab7c26c docs: update repo URL to point in lint-staged/lint-staged
  • a36ec1e Merge pull request #1783 from lint-staged/changeset-release/main
  • 03ce2a9 chore(changeset): release
  • Additional commits viewable in compare view

Updates postcss from 8.5.8 to 8.5.14

Release notes

Sourced from postcss's releases.

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.
Changelog

Sourced from postcss's changelog.

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.
Commits
  • 3ec1394 Release 8.5.14 version
  • f2bb827 Update dependencies
  • d75953d Merge pull request #2084 from 43081j/raw-raws-rawing
  • 68bd213 fix: always call raw to retrieve raw values
  • af58cf1 Release 8.5.13 version
  • f227dbd Temporary ignore pnpm 11 config
  • d3abd40 Update dependencies
  • dd06c3e Revert stringifier changes because of the conflict with postcss-scss
  • ae889c8 Try to fix CI
  • e0093e4 Move to pnpm 11
  • Additional commits viewable in compare view

Updates prettier from 3.8.1 to 3.8.3

Release notes

Sourced from prettier's releases.

3.8.3

🔗 Changelog

3.8.2

  • Support Angular v21.2

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.3

diff

SCSS: Prevent trailing comma in if() function (#18471 by @​kovsu)

// Input
$value: if(sass(false): 1; else: -1);
// Prettier 3.8.2
$value: if(
sass(false): 1; else: -1,
);
// Prettier 3.8.3
$value: if(sass(false): 1; else: -1);

3.8.2

diff

Angular: Support Angular v21.2 (#18722, #19034 by @​fisker)

Exhaustive typechecking with @default never;

<!-- Input -->
@switch (foo) {
  @case (1) {}
  @default never;
}
<!-- Prettier 3.8.1 -->
SyntaxError: Incomplete block "default never". If you meant to write the @ character, you should use the "&#64;" HTML entity instead. (3:3)
<!-- Prettier 3.8.2 -->
@​switch (foo) {
@​case (1) {}
@​default never;
}

arrow function and instanceof expressions.

</tr></table>

... (truncated)

Commits

Updates prettier-plugin-sh from 0.18.0 to 0.18.1

Release notes

Sourced from prettier-plugin-sh's releases.

prettier-plugin-sh@0.18.1

Patch Changes

Commits
  • 8c819f4 chore: release package(s)
  • 52a4625 chore: bump @reteps/dockerfmt to v0.5.1
  • f5e0bb6 chore: release package(s)
  • 081806b chore(deps): update dependency serialize-javascript to v7.0.5 [security] (#504)
  • 9e065b9 fix(prettier-plugin-pkg): group default lifecycle script hooks together (#503)
  • d759b19 ci: enable OIDC trusted publishing
  • 6d198f4 chore: release package(s) (#501)
  • 6fd2656 chore(deps): update dependency serialize-javascript to v7 [security] (#499)
  • 2059ba0 feat(prettier-plugin-sql): add support for clickhouse sql formatting (#496)
  • 041b9e5 feat(prettier-plugin-pkg): Sort pre/post scripts around the base script (...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for prettier-plugin-sh since your current version.


Updates stylelint from 17.5.0 to 17.11.0

Release notes

Sourced from stylelint's releases.

17.11.0

It adds 2 features, including a loader property to referenceFiles: {} for when the order of appearance in the reference styles matters.

17.10.0

It adds 3 rules and fixes 4 bugs. You can use the *-layout-mappings rules to enforce logical or physical properties, units and keywords.

  • Added: selector-no-invalid rule (#9232) (@​jeddy3).
  • Added: unit-layout-mappings rule (#9229) (@​jeddy3).
  • Added: value-keyword-layout-mappings rule (#9233) (@​jeddy3).
  • Fixed: inconsistent error messages when module is not found (#9260) (@​ybiquitous).
  • Fixed: property-layout-mappings false negatives for property names in declaration values (#9222) (@​jeddy3).
  • Fixed: property-layout-mappings false positives for @page properties (#9223) (@​jeddy3).
  • Fixed: selector-pseudo-class-no-unknown false positives for nested webkit-scrollbar part (#9259) (@​rkdfx).

17.9.1

It fixes 4 bugs. We also documented the messageArgs each rule provides to the message configuration property.

17.9.0

It adds 3 new features. Adding the referenceFiles property to your configuration object makes the no-unknown-animations, no-unknown-custom-media and no-unknown-custom-properties rules more useful.

17.8.0

It adds 3 new rules and 1 configuration property.

17.7.0

It fixes 4 bugs, including clearer problem messages by removing filler words and leading with the problem. We've also released 1.0.0 of create-stylelint to help with first-time Stylelint setup.

17.6.0

It adds support for extending units in languageOptions, which then apply to rules like declaration-property-value-no-unknown, and fixes 2 bugs.

... (truncated)

Changelog

Sourced from stylelint's changelog.

17.11.0 - 2026-05-05

It adds 2 features, including a loader property to referenceFiles: {} for when the order of appearance in the reference styles matters.

17.10.0 - 2026-05-03

It adds 3 rules and fixes 4 bugs. You can use the *-layout-mappings rules to enforce logical or physical properties, units and keywords.

  • Added: selector-no-invalid rule (#9232) (@​jeddy3).
  • Added: unit-layout-mappings rule (#9229) (@​jeddy3).
  • Added: value-keyword-layout-mappings rule (#9233) (@​jeddy3).
  • Fixed: inconsistent error messages when module is not found (#9260) (@​ybiquitous).
  • Fixed: property-layout-mappings false negatives for property names in declaration values (#9222) (@​jeddy3).
  • Fixed: property-layout-mappings false positives for @page properties (#9223) (@​jeddy3).
  • Fixed: selector-pseudo-class-no-unknown false positives for nested webkit-scrollbar part (#9259) (@​rkdfx).

17.9.1 - 2026-04-27

It fixes 4 bugs. We also documented the messageArgs each rule provides to the message configuration property.

17.9.0 - 2026-04-23

It adds 3 new features. Adding the referenceFiles property to your configuration object makes the no-unknown-animations, no-unknown-custom-media and no-unknown-custom-properties rules more useful.

17.8.0 - 2026-04-15

It adds 3 new rules and 1 configuration property.

17.7.0 - 2026-04-12

It fixes 4 bugs, including clearer problem messages by removing filler words and leading with the problem. We've also released 1.0.0 of create-stylelint to help with first-time Stylelint setup.

... (truncated)

Commits
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the npm-development group across 1 directory wi…
a8bdf6e 
…th 7 updates

Bumps the npm-development group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [eslint](https://github.com/eslint/eslint) | `10.1.0` | `10.3.0` |
| [eslint-config-next](https://github.com/vercel/next.js/tree/HEAD/packages/eslint-config-next) | `16.2.3` | `16.2.6` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.4.0` | `17.0.4` |
| [postcss](https://github.com/postcss/postcss) | `8.5.8` | `8.5.14` |
| [prettier](https://github.com/prettier/prettier) | `3.8.1` | `3.8.3` |
| [prettier-plugin-sh](https://github.com/un-ts/prettier) | `0.18.0` | `0.18.1` |
| [stylelint](https://github.com/stylelint/stylelint) | `17.5.0` | `17.11.0` |



Updates `eslint` from 10.1.0 to 10.3.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.1.0...v10.3.0)

Updates `eslint-config-next` from 16.2.3 to 16.2.6
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](https://github.com/vercel/next.js/commits/v16.2.6/packages/eslint-config-next)

Updates `lint-staged` from 16.4.0 to 17.0.4
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.4.0...v17.0.4)

Updates `postcss` from 8.5.8 to 8.5.14
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.8...8.5.14)

Updates `prettier` from 3.8.1 to 3.8.3
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.1...3.8.3)

Updates `prettier-plugin-sh` from 0.18.0 to 0.18.1
- [Release notes](https://github.com/un-ts/prettier/releases)
- [Changelog](https://github.com/un-ts/prettier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/un-ts/prettier/compare/prettier-plugin-sh@0.18.0...prettier-plugin-sh@0.18.1)

Updates `stylelint` from 17.5.0 to 17.11.0
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](stylelint/stylelint@17.5.0...17.11.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: eslint-config-next
  dependency-version: 16.2.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: lint-staged
  dependency-version: 17.0.4
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-development
- dependency-name: postcss
  dependency-version: 8.5.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: prettier
  dependency-version: 3.8.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: prettier-plugin-sh
  dependency-version: 0.18.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: stylelint
  dependency-version: 17.11.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 10, 2026
@dependabot dependabot Bot requested a review from nabondance as a code owner May 10, 2026 08:14
@vercel
Copy link
Copy Markdown

vercel Bot commented May 10, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
trailhead-banner Ready Ready Preview, Comment May 10, 2026 8:14am

Request Review

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 10, 2026

✅ Banner Preview

Commit a8bdf6e · Workflow run · 6/6 generated

Username Status 1st call 2nd call (cached) Cache hits Warnings
nabondance ✅ OK 2787ms 436ms 6/6 ✅ 0
anna ✅ OK 1997ms 462ms 6/6 ✅ 0
stevemo ✅ OK 6171ms 457ms 5/5 ✅ 0
gauravkheterpal ✅ OK 2957ms 440ms 6/6 ✅ 0
babup ✅ OK 1739ms 465ms 5/5 ✅ 0
mrousseaux ✅ OK 2483ms 512ms 7/7 ✅ 0

nabondance

Banner for nabondance

anna

Banner for anna

stevemo

Banner for stevemo

gauravkheterpal

Banner for gauravkheterpal

babup

Banner for babup

mrousseaux

Banner for mrousseaux

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 10, 2026

MegaLinter analysis: Error

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 7 0 0 0.42s
✅ CSS stylelint 1 0 0 1.66s
✅ JAVASCRIPT prettier 83 0 0 4.07s
✅ JSON npm-package-json-lint yes no no 0.44s
✅ JSON prettier 13 0 0 0.69s
✅ JSON v8r 13 0 0 13.75s
✅ MARKDOWN markdownlint 14 0 0 0.94s
✅ REPOSITORY gitleaks yes no no 0.55s
❌ REPOSITORY grype yes 15 no 51.47s
✅ REPOSITORY syft yes no no 4.81s
✅ YAML prettier 16 0 0 0.65s
✅ YAML v8r 16 0 0 11.57s
✅ YAML yamllint 16 0 0 0.65s

Detailed Issues

❌ REPOSITORY / grype - 15 errors 
[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
NAME              INSTALLED  FIXED IN  TYPE  VULNERABILITY        SEVERITY  EPSS           RISK   
axios             1.15.0     1.15.1    npm   GHSA-pf86-5x62-jrwf  High      0.1% (27th)    < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-6chq-wfr3-2hj9  High      < 0.1% (24th)  < 0.1  
axios             1.15.0     1.15.2    npm   GHSA-3w6x-2g7m-8v23  Medium    < 0.1% (26th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-w9j2-pvgh-6h63  Medium    < 0.1% (24th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-pmwg-cvhr-8vh7  High      < 0.1% (13th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-62hf-57xw-28j9  Medium    < 0.1% (16th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-445q-vr5w-6q77  Medium    < 0.1% (18th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-5c9x-8gcm-mpgx  Medium    < 0.1% (15th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-vf2m-468p-8v99  Medium    < 0.1% (15th)  < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-m7pr-hjqh-92cm  Medium    < 0.1% (13th)  < 0.1  
axios             1.15.0     1.15.2    npm   GHSA-q8qp-cvcw-x6jj  High      < 0.1% (9th)   < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-xx6v-rp6x-q39c  Medium    < 0.1% (10th)  < 0.1  
postcss           8.4.31     8.5.10    npm   GHSA-qx2v-qp2m-jg93  Medium    < 0.1% (9th)   < 0.1  
axios             1.15.0     1.15.1    npm   GHSA-xhjh-pmcv-23jw  Low       < 0.1% (13th)  < 0.1  
follow-redirects  1.15.11    1.16.0    npm   GHSA-r4q5-vmmm-2653  Medium    N/A            N/A
[0051] ERROR discovered vulnerabilities at or above the severity threshold

See detailed reports in MegaLinter artifacts

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nabondance nabondance Awaiting requested review from nabondance nabondance is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants