Skip to content

build(deps-dev)(deps-dev): bump the development-dependencies group with 3 updates#2507

Merged
pethers merged 1 commit into
mainfrom
dependabot/npm_and_yarn/development-dependencies-f69c3e248f
Jul 8, 2026
Merged

build(deps-dev)(deps-dev): bump the development-dependencies group with 3 updates#2507
pethers merged 1 commit into
mainfrom
dependabot/npm_and_yarn/development-dependencies-f69c3e248f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the development-dependencies group with 3 updates: fast-check, jscpd and terser.

Updates fast-check from 4.8.0 to 4.9.0

Release notes

Sourced from fast-check's releases.

Shrinkable entityGraph and few performance chips

[Code][Diff]

Features

  • (PR#7008) Towards shrinkable entityGraph thanks to chainUntil

Fixes

  • (PR#7010) Bug: Fix latent state-sharing bug in entityGraph
  • (PR#7063) Bug: Equiprobable alternatives in stringMatching
  • (PR#6973) CI: Drop caches on push for build package flow
  • (PR#6971) CI: Only mark fast-check's releases as latest
  • (PR#6974) CI: Drop pull_request_target flows
  • (PR#6975) CI: Drop discussion creation on release publish
  • (PR#6976) CI: Drop caches from publication steps
  • (PR#6977) CI: Revert "Drop caches from publication steps"
  • (PR#6978) CI: Make zizmor audit a required status check
  • (PR#6991) CI: Remove Claude Code workflow
  • (PR#6994) CI: Replace pnpm dlx with pnpm exec for pkg-pr-new
  • (PR#6995) CI: Inline zizmor ignores in workflow
  • (PR#6996) CI: Move to devEngines.packageManager
  • (PR#7005) CI: Update PULL_REQUEST_TEMPLATE.md
  • (PR#7011) CI: Drop OTP prompt from npm publish
  • (PR#7013) CI: Switch release jobs to npm stage publish
  • (PR#7027) CI: Run benchmarks against main
  • (PR#7037) CI: Use comparison mode for bench
  • (PR#7069) CI: Run pnpm dedupe to deduplicate lockfile
  • (PR#6959) CI: Announce releases on Bluesky
  • (PR#7105) CI: Switch to actions/attest for attestations
  • (PR#7117) CI: Use pnpm version in changelog script
  • (PR#7120) CI: Allow unclean tree in changelog generation
  • (PR#7125) CI: Stage publish using pnpm in publish jobs
  • (PR#7065) Clean: Delete skills directory
  • (PR#6983) Doc: Tweak PR Template to hint AI agents into revealing themselves
  • (PR#7092) Doc: Add back skills directory
  • (PR#7095) Doc: Add release notes for fast-check 4.8.0
  • (PR#7104) Doc: Add makeeno as doc contributor
  • (PR#7103) Doc: Fix info box in docs
  • (PR#7108) Doc: Add jneidel as doc contributor
  • (PR#7035) Performance: Faster fc.integer on generate
  • (PR#7046) Performance: Faster fc.record on generate
  • (PR#7047) Performance: Faster fc.dictionary on generate
  • (PR#7048) Performance: Faster fc.webPath/fc.webUrl on generate
  • (PR#7050) Performance: Faster fc.stringMatching for \W \D \S .
  • (PR#7054) Performance: Faster fc.stringMatching on generate
  • (PR#7049) Performance: Drop nested tuple on generate for fc.record
  • (PR#7045) Performance: Faster fc.entityGraph on generate
  • (PR#7071) Performance: Early exit on empty tuple in fc.entityGraph

... (truncated)

Changelog

Sourced from fast-check's changelog.

4.9.0

Shrinkable entityGraph and few performance chips [Code][Diff]

Features

  • (PR#7008) Towards shrinkable entityGraph thanks to chainUntil

Fixes

  • (PR#7010) Bug: Fix latent state-sharing bug in entityGraph
  • (PR#7063) Bug: Equiprobable alternatives in stringMatching
  • (PR#6973) CI: Drop caches on push for build package flow
  • (PR#6971) CI: Only mark fast-check's releases as latest
  • (PR#6974) CI: Drop pull_request_target flows
  • (PR#6975) CI: Drop discussion creation on release publish
  • (PR#6976) CI: Drop caches from publication steps
  • (PR#6977) CI: Revert "Drop caches from publication steps"
  • (PR#6978) CI: Make zizmor audit a required status check
  • (PR#6991) CI: Remove Claude Code workflow
  • (PR#6994) CI: Replace pnpm dlx with pnpm exec for pkg-pr-new
  • (PR#6995) CI: Inline zizmor ignores in workflow
  • (PR#6996) CI: Move to devEngines.packageManager
  • (PR#7005) CI: Update PULL_REQUEST_TEMPLATE.md
  • (PR#7011) CI: Drop OTP prompt from npm publish
  • (PR#7013) CI: Switch release jobs to npm stage publish
  • (PR#7027) CI: Run benchmarks against main
  • (PR#7037) CI: Use comparison mode for bench
  • (PR#7069) CI: Run pnpm dedupe to deduplicate lockfile
  • (PR#6959) CI: Announce releases on Bluesky
  • (PR#7105) CI: Switch to actions/attest for attestations
  • (PR#7117) CI: Use pnpm version in changelog script
  • (PR#7120) CI: Allow unclean tree in changelog generation
  • (PR#7125) CI: Stage publish using pnpm in publish jobs
  • (PR#7065) Clean: Delete skills directory
  • (PR#6983) Doc: Tweak PR Template to hint AI agents into revealing themselves
  • (PR#7092) Doc: Add back skills directory
  • (PR#7095) Doc: Add release notes for fast-check 4.8.0
  • (PR#7104) Doc: Add makeeno as doc contributor
  • (PR#7103) Doc: Fix info box in docs
  • (PR#7108) Doc: Add jneidel as doc contributor
  • (PR#7035) Performance: Faster fc.integer on generate
  • (PR#7046) Performance: Faster fc.record on generate
  • (PR#7047) Performance: Faster fc.dictionary on generate
  • (PR#7048) Performance: Faster fc.webPath/fc.webUrl on generate
  • (PR#7050) Performance: Faster fc.stringMatching for \W \D \S .
  • (PR#7054) Performance: Faster fc.stringMatching on generate
  • (PR#7049) Performance: Drop nested tuple on generate for fc.record
  • (PR#7045) Performance: Faster fc.entityGraph on generate

... (truncated)

Commits
  • 0d3c254 🔖 Update CHANGELOG.md for fast-check@4.9.0, @​fast-check/packaged@​0.7.1 (#7124)
  • bd85efe ⬆️ Update dependency @​types/node to ^24.13.3 (#7118)
  • a0596ab ⬆️ Update dependency vitest to ^4.1.10 (#7119)
  • 3c085da ⬆️ Update dependency prettier to v3.9.4 (#7114)
  • 6538ff0 👥 Add jneidel as doc contributor (#7108)
  • 8096ab0 👥 Add makeeno as doc contributor (#7104)
  • 13fd4a6 ✏️ Typo in type EntityGraphContraints (#7088)
  • 36e70d2 ⬆️ Update dependency @​microsoft/api-extractor to ^7.58.9 (#7080)
  • 451ede0 ⬆️ Update dependency vitest to ^4.1.8 (#7074)
  • 949564d ⚡️ Early exit on empty tuple in fc.entityGraph (#7071)
  • Additional commits viewable in compare view

Updates jscpd from 5.0.11 to 5.0.12

Release notes

Sourced from jscpd's releases.

Release v5.0.12

Highlights

Bug Fixes

  • Rename cpd binary and npm packages to jscpd — the CLI binary was named cpd (cpd.exe on Windows), which collided with an executable name flagged by some antivirus software (McAfee, Trend Micro), causing false-positive blocking. The binary and platform npm packages are now named jscpd / jscpd-*. Closes #826 (#854)
  • Recognize ; line comments for Lisp/Clojure/Scheme/Racket — these languages fell through to C-style comment handling, so ; comments were tokenized as code and --mode weak / --skip-comments couldn't drop them. Closes #849 (#850, thanks @​laurynas-biveinis)
  • Use HTTPS for SARIF schema URI — avoids "untrusted URI" errors in SARIF-consuming tools (#844, thanks @​chrisc-onaorg)

Chores

  • Use public repository URLs for @jscpd/core, @jscpd/finder, @jscpd/tokenizer, @jscpd/html-reporter, @jscpd/badge-reporter, @jscpd/leveldb-store, and @jscpd/redis-store package metadata (#831#837, thanks @​9904099)
  • Add cargo ecosystem to Dependabot config

Dependencies

  • Bump askama to 0.16.0 in /rust
  • Bump log to 0.4.33 in /rust
  • Bump env_logger to 0.11.11 in /rust
  • Bump rustc-hash to 2.1.3 in /rust

Thanks

Big thanks to @​laurynas-biveinis, @​chrisc-onaorg, and @​9904099 for their contributions to this release! 🙌

Published Packages

  • cpd-core@0.1.6 on crates.io
  • cpd-finder@0.1.8 on crates.io
  • cpd-reporter@0.1.7 on crates.io
  • cpd-tokenizer@0.1.7 on crates.io
  • jscpd@5.0.12 on crates.io
  • cpd@5.0.12 on npm
  • jscpd@5.0.12 on npm
  • jscpd-darwin-arm64@5.0.12 on npm
  • jscpd-darwin-x64@5.0.12 on npm
  • jscpd-linux-x64-gnu@5.0.12 on npm
  • jscpd-linux-arm64-gnu@5.0.12 on npm
  • jscpd-linux-x64-musl@5.0.12 on npm
  • jscpd-windows-x64-msvc@5.0.12 on npm
Changelog

Sourced from jscpd's changelog.

Changelog

All notable changes to jscpd are documented here. Releases follow Semantic Versioning.


Commits
  • 64258a9 release: cpd-v5.0.12
  • ff1ae36 fix(rust): rename cpd binary and npm platform packages to jscpd
  • f768035 docs(readme): fix jscpd@5 bin claim and refresh npm README
  • See full diff in compare view

Updates terser from 5.48.0 to 5.49.0

Changelog

Sourced from terser's changelog.

v5.49.0

  • Add ResizeObserver box option to domprops
  • Do not evaluate exponentiation of BigInt
  • Parse identifiers from newer unicode versions, and escape them for older runtimes
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…th 3 updates

Bumps the development-dependencies group with 3 updates: [fast-check](https://github.com/dubzzz/fast-check/tree/HEAD/packages/fast-check), [jscpd](https://github.com/kucherenko/jscpd/tree/HEAD/rust/jscpd) and [terser](https://github.com/terser/terser).


Updates `fast-check` from 4.8.0 to 4.9.0
- [Release notes](https://github.com/dubzzz/fast-check/releases)
- [Changelog](https://github.com/dubzzz/fast-check/blob/main/packages/fast-check/CHANGELOG.md)
- [Commits](https://github.com/dubzzz/fast-check/commits/v4.9.0/packages/fast-check)

Updates `jscpd` from 5.0.11 to 5.0.12
- [Release notes](https://github.com/kucherenko/jscpd/releases)
- [Changelog](https://github.com/kucherenko/jscpd/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kucherenko/jscpd/commits/v5.0.12/rust/jscpd)

Updates `terser` from 5.48.0 to 5.49.0
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](terser/terser@v5.48.0...v5.49.0)

---
updated-dependencies:
- dependency-name: fast-check
  dependency-version: 4.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: jscpd
  dependency-version: 5.0.12
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: terser
  dependency-version: 5.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Dependency updates javascript JavaScript dependencies labels Jul 8, 2026
Copilot AI review requested due to automatic review settings July 8, 2026 22:13
@dependabot dependabot Bot added dependencies Dependency updates javascript JavaScript dependencies labels Jul 8, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@github-actions github-actions Bot added the infrastructure CI/CD and build infrastructure label Jul 8, 2026
@pethers
pethers merged commit 77fd0c8 into main Jul 8, 2026
15 checks passed
@pethers
pethers deleted the dependabot/npm_and_yarn/development-dependencies-f69c3e248f branch July 8, 2026 22:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates infrastructure CI/CD and build infrastructure javascript JavaScript dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants