Skip to content

chore(deps): bump the npm-dependencies group across 3 directories with 10 updates#2452

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-4ea2447518
Open

chore(deps): bump the npm-dependencies group across 3 directories with 10 updates#2452
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-4ea2447518

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-dependencies group with 2 updates in the / directory: @microsoft/vally-cli and markdownlint-cli2.
Bumps the npm-dependencies group with 7 updates in the /docs/docusaurus directory:

Package From To
@docusaurus/core 3.10.1 3.10.2
@docusaurus/faster 3.10.1 3.10.2
@docusaurus/preset-classic 3.10.1 3.10.2
@docusaurus/module-type-aliases 3.10.1 3.10.2
@docusaurus/types 3.10.1 3.10.2
@typescript-eslint/parser 8.62.0 8.64.0
eslint 9.39.4 10.7.0

Bumps the npm-dependencies group with 1 update in the /evals/beval directory: @github/copilot.

Updates @microsoft/vally-cli from 0.6.0 to 0.9.0

Updates markdownlint-cli2 from 0.22.1 to 0.23.0

Changelog

Sourced from markdownlint-cli2's changelog.

0.23.0

  • Add overrides configuration option
  • Improve options/configuration file handling
  • Update dependencies (including markdownlint)
  • Remove support for end-of-life Node 20
Commits
  • 5341662 Update to version 0.23.0.
  • 5a7b0fd Add test cases to ensure user-provided Options object properties that use imp...
  • 73c8de8 Bump eslint from 10.5.0 to 10.6.0
  • fb55bdb Bump js-yaml from 5.1.0 to 5.2.0
  • f4ee8c9 Bump eslint-plugin-jsdoc from 63.0.9 to 63.0.10
  • b4f4a52 Add support for configuration object "extends" to new "overrides" behavior.
  • dacefd5 Refactor "extends" implementation to modify objects in place (simpler, more f...
  • 2be557f Bump eslint-plugin-n from 18.2.0 to 18.2.1
  • 184d8d6 Bump eslint-plugin-jsdoc from 63.0.8 to 63.0.9
  • 60ac5bc Bump eslint-plugin-n from 18.1.0 to 18.2.0
  • Additional commits viewable in compare view

Updates @docusaurus/core from 3.10.1 to 3.10.2

Release notes

Sourced from @​docusaurus/core's releases.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Changelog

Sourced from @​docusaurus/core's changelog.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Commits

Updates @docusaurus/faster from 3.10.1 to 3.10.2

Release notes

Sourced from @​docusaurus/faster's releases.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Changelog

Sourced from @​docusaurus/faster's changelog.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Commits

Updates @docusaurus/preset-classic from 3.10.1 to 3.10.2

Release notes

Sourced from @​docusaurus/preset-classic's releases.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Changelog

Sourced from @​docusaurus/preset-classic's changelog.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Commits

Updates @docusaurus/module-type-aliases from 3.10.1 to 3.10.2

Release notes

Sourced from @​docusaurus/module-type-aliases's releases.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Changelog

Sourced from @​docusaurus/module-type-aliases's changelog.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Commits

Updates @docusaurus/types from 3.10.1 to 3.10.2

Release notes

Sourced from @​docusaurus/types's releases.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Changelog

Sourced from @​docusaurus/types's changelog.

3.10.2 (2026-07-10)

Backport and cherry-pick commits from main for v3.10.2 patch release:

Commits

Updates @typescript-eslint/parser from 8.62.0 to 8.64.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.64.0

8.64.0 (2026-07-13)

🚀 Features

  • support parsing import defer (#12513)
  • eslint-plugin: [no-loop-func] support using / await using declarations and deprecate the rule (#12500)
  • typescript-estree: throw for invalid definite assignment in class properties (#12543)

🩹 Fixes

  • eslint-plugin: [require-array-sort-compare] handle constrained arrays (#12512)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.63.0

8.63.0 (2026-07-06)

🚀 Features

  • eslint-plugin: [no-misused-promises] detect async usage of a sync dispose usage (#12426)

🩹 Fixes

  • eslint-plugin: [method-signature-style] suggest converting readonly function properties instead of emitting invalid syntax (#12447, #12446)
  • eslint-plugin: [no-unnecessary-type-assertion] handle optional-chained calls to overloaded functions (#12491, #12485)
  • eslint-plugin: [no-base-to-string] don't flag a shadowed String() call (#12492)
  • scope-manager: export ClassStaticBlockScope (#12460)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.62.1

8.62.1 (2026-06-29)

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.64.0 (2026-07-13)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.63.0 (2026-07-06)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.62.1 (2026-06-29)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

Updates eslint from 9.39.4 to 10.7.0

Release notes

Sourced from eslint's releases.

v10.7.0

Features

  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032) (sethamus)
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063) (fnx)
  • 557fde8 feat: support computed Number.parseInt member access in radix rule (#21041) (Pixel)
  • 0b4a73b feat: add suggestions to no-compare-neg-zero (#21034) (den$)
  • 96cdd42 feat: report invalid signed numeric radix values in radix rule (#21030) (Pixel)

Bug Fixes

  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069) (Pixel)
  • 0d7d70c fix: insert cause outside wrapping parens in preserve-caught-error (#21062) (Mahin Anowar)
  • 75ec753 fix: handle static templ...

    Description has been truncated

@dependabot dependabot Bot added dependencies Dependency updates npm NPM package configuration labels Jul 11, 2026
@dependabot
dependabot Bot requested a review from a team as a code owner July 11, 2026 00:54
@dependabot dependabot Bot added dependencies Dependency updates npm NPM package configuration labels Jul 11, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

@github-actions

Copy link
Copy Markdown
Contributor

Eval Execution

⚠️ No eval summary was produced.

@codecov-commenter

codecov-commenter commented Jul 11, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.66%. Comparing base (d293ea3) to head (c5baadc).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #2452      +/-   ##
==========================================
- Coverage   82.72%   82.66%   -0.06%     
==========================================
  Files         154      142      -12     
  Lines       20782    20693      -89     
  Branches       13        0      -13     
==========================================
- Hits        17191    17106      -85     
+ Misses       3589     3587       -2     
+ Partials        2        0       -2     
Flag Coverage Δ
docusaurus ?
pester 86.20% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 13 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Review — Safety Check Results

All changes are existing dependencies bumped by Dependabot. No new dependencies introduced.

Changes Summary

Package From To Classification Directory
@microsoft/vally-cli 0.6.0 0.8.0 Minor /
markdownlint-cli2 0.22.1 0.23.0 Minor /
@docusaurus/core 3.10.1 3.10.2 Patch docs/docusaurus
@docusaurus/faster 3.10.1 3.10.2 Patch docs/docusaurus
@docusaurus/preset-classic 3.10.1 3.10.2 Patch docs/docusaurus
@docusaurus/module-type-aliases 3.10.1 3.10.2 Patch docs/docusaurus
@docusaurus/types 3.10.1 3.10.2 Patch docs/docusaurus
@typescript-eslint/parser 8.62.0 8.63.0 Patch docs/docusaurus
eslint 9.39.4 10.7.0 ⚠️ Major docs/docusaurus
@github/copilot 1.0.63 1.0.70 Minor evals/beval

Safety Checks

Check Result
License compatibility (MIT) ✅ All licenses remain compatible
SHA pinning (GitHub Actions) ✅ Not applicable — no workflow files changed
New dependencies introduced ✅ None — all bumps to existing dependencies
Environment sync (devcontainer / setup-steps) ✅ Not applicable — no devcontainer changes
Dependabot-reported vulnerabilities ✅ No vulnerabilities reported

⚠️ Items Requiring Human Attention

eslint 9.39.4 → 10.7.0 (Major version bump) — ESLint v10 may contain breaking changes affecting plugins and rule APIs. Please verify the Docusaurus ESLint config continues to work correctly. See inline comment for details.

markdownlint-cli2 0.22.1 → 0.23.0 — The changelog notes removal of support for end-of-life Node 20. Ensure CI and local environments use Node 22+.

All patch and minor bumps passed safety checks with no concerns.

Generated by Dependabot PR Review for #2452 · 35.2 AIC · ⌖ 6.24 AIC · ⊞ 8.4K

"@testing-library/jest-dom": "6.9.1",
"@testing-library/react": "16.3.2",
"@types/jest": "30.0.0",
"@types/jest-axe": "3.5.9",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Major version bump: eslint 9.x → 10.x

This is a major version upgrade and may include breaking changes. ESLint v10 may drop plugins or rule APIs present in v9. Please verify that the ESLint config in docs/docusaurus/ (and any shared config) remains compatible before merging.

Review the [ESLint v10 migration guide]((eslint.org/redacted) for breaking changes.

@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-dependencies-4ea2447518 branch from 1f63339 to c5baadc Compare July 13, 2026 05:47

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Review — Safety Check Results

Changes Summary

Directory Package From To Classification
/ @microsoft/vally-cli 0.6.0 0.8.0 minor
/ markdownlint-cli2 0.22.1 0.23.0 minor
docs/docusaurus/ @docusaurus/core 3.10.1 3.10.2 patch
docs/docusaurus/ @docusaurus/faster 3.10.1 3.10.2 patch
docs/docusaurus/ @docusaurus/preset-classic 3.10.1 3.10.2 patch
docs/docusaurus/ @docusaurus/module-type-aliases 3.10.1 3.10.2 patch
docs/docusaurus/ @docusaurus/types 3.10.1 3.10.2 patch
docs/docusaurus/ @typescript-eslint/parser 8.62.0 8.63.0 patch
docs/docusaurus/ eslint 9.39.4 10.7.0 major
evals/beval/ @github/copilot 1.0.63 1.0.70 patch

✅ Safety Checks

  • Licenses: All packages carry MIT/Apache-2.0 licenses — compatible with the project's MIT license. ✅
  • SHA pinning: No GitHub Actions references modified in this PR. ✅
  • New dependencies: None introduced; all are existing dependencies being bumped. ✅
  • Vulnerabilities: Dependabot reports no known vulnerabilities introduced by these bumps. ✅
  • Environment sync: No .devcontainer/ or copilot-setup-steps.yml changes; no sync check required. ✅

⚠️ Flags for Human Attention

eslint 9.39.4 → 10.7.0 (major bump) in docs/docusaurus/: This is a major version upgrade. ESLint v10 may contain breaking changes to rule configurations, plugin APIs, or flat config behavior. Please verify that the Docusaurus linting setup continues to work as expected before merging.

markdownlint-cli2 0.23.0: The changelog notes removal of Node 20 support (Remove support for end-of-life Node 20). If any CI runners or tooling targets Node 20 specifically, this warrants a quick check — though Node 20 reached end-of-life in April 2025 and the project should already be on Node 22+.

Conclusion

All automated safety checks passed. The eslint major version bump is the only item requiring human eyes before merge. No action is blocked by this review.

Generated by Dependabot PR Review for #2452 · 25.8 AIC · ⌖ 6.3 AIC · ⊞ 8.5K

@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-dependencies-4ea2447518 branch from c5baadc to 0d6c018 Compare July 16, 2026 21:46

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Review — Safety Check Results

Verdict: COMMENT — Most bumps are clean, but one major version bump needs human attention before merge.

Changes Summary

Package From To Classification Directory
@docusaurus/core 3.10.1 3.10.2 Patch docs/docusaurus/
@docusaurus/faster 3.10.1 3.10.2 Patch docs/docusaurus/
@docusaurus/preset-classic 3.10.1 3.10.2 Patch docs/docusaurus/
@docusaurus/module-type-aliases 3.10.1 3.10.2 Patch docs/docusaurus/
@docusaurus/types 3.10.1 3.10.2 Patch docs/docusaurus/
@typescript-eslint/parser 8.62.0 8.64.0 Minor docs/docusaurus/
eslint 9.39.4 10.7.0 Major ⚠️ docs/docusaurus/
@github/copilot 1.0.63 1.0.71 Minor evals/beval/
@microsoft/vally-cli 0.6.0 0.9.0 Minor (pre-1.0) /
markdownlint-cli2 0.22.1 0.23.0 Minor (pre-1.0) /

Safety Checks

  • Licenses — All dependencies are MIT or Apache-2.0 compatible.
  • SHA pinning — No GitHub Actions references modified; no pinning issues.
  • No new dependencies introduced — Only version bumps of existing dependencies.
  • No environment sync violations — Neither .devcontainer/ nor copilot-setup-steps.yml were modified.
  • Vulnerabilities — Dependabot reports no known vulnerabilities remaining after these bumps.

⚠️ Human Attention Required: eslint 9 → 10 (Major)

ESLint 10 is a major version bump. Key breaking changes to verify:

  • ESLint 10 drops eslint:recommended flat config compatibility shims from v9 and makes the flat config the only configuration system (no more .eslintrc files).
  • Several rules were removed or renamed.
  • The docs/docusaurus/ ESLint configuration should be validated against the new API surface.

Action: Verify the Docusaurus ESLint config (eslint.config.*) is compatible with ESLint 10 and run linting locally before merging.

Other Notes

  • markdownlint-cli2 0.23.0: Drops support for Node 20 (EOL). Ensure CI and devcontainer use Node 22+. The changelog also adds an overrides configuration option — a non-breaking addition.
  • @microsoft/vally-cli 0.9.0: Pre-1.0 minor bump from 0.6.0. Three minor version steps may include internal breaking changes; verify eval pipeline behavior if vally-cli is exercised in CI.

Generated by Dependabot PR Review for #2452 · 33.4 AIC · ⌖ 6.32 AIC · ⊞ 8.5K

@WilliamBerryiii

Copy link
Copy Markdown
Member

@dependabot recreate

…h 10 updates

Bumps the npm-dependencies group with 2 updates in the / directory: @microsoft/vally-cli and [markdownlint-cli2](https://github.com/DavidAnson/markdownlint-cli2).
Bumps the npm-dependencies group with 7 updates in the /docs/docusaurus directory:

| Package | From | To |
| --- | --- | --- |
| [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) | `3.10.1` | `3.10.2` |
| [@docusaurus/faster](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-faster) | `3.10.1` | `3.10.2` |
| [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) | `3.10.1` | `3.10.2` |
| [@docusaurus/module-type-aliases](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-module-type-aliases) | `3.10.1` | `3.10.2` |
| [@docusaurus/types](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-types) | `3.10.1` | `3.10.2` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.62.0` | `8.64.0` |
| [eslint](https://github.com/eslint/eslint) | `9.39.4` | `10.7.0` |

Bumps the npm-dependencies group with 1 update in the /evals/beval directory: [@github/copilot](https://github.com/github/copilot-cli).


Updates `@microsoft/vally-cli` from 0.6.0 to 0.9.0

Updates `markdownlint-cli2` from 0.22.1 to 0.23.0
- [Changelog](https://github.com/DavidAnson/markdownlint-cli2/blob/main/CHANGELOG.md)
- [Commits](DavidAnson/markdownlint-cli2@v0.22.1...v0.23.0)

Updates `@docusaurus/core` from 3.10.1 to 3.10.2
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.10.2/packages/docusaurus)

Updates `@docusaurus/faster` from 3.10.1 to 3.10.2
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.10.2/packages/docusaurus-faster)

Updates `@docusaurus/preset-classic` from 3.10.1 to 3.10.2
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.10.2/packages/docusaurus-preset-classic)

Updates `@docusaurus/module-type-aliases` from 3.10.1 to 3.10.2
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.10.2/packages/docusaurus-module-type-aliases)

Updates `@docusaurus/types` from 3.10.1 to 3.10.2
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.10.2/packages/docusaurus-types)

Updates `@typescript-eslint/parser` from 8.62.0 to 8.64.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.64.0/packages/parser)

Updates `eslint` from 9.39.4 to 10.7.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.4...v10.7.0)

Updates `@github/copilot` from 1.0.63 to 1.0.71
- [Release notes](https://github.com/github/copilot-cli/releases)
- [Changelog](https://github.com/github/copilot-cli/blob/main/changelog.md)
- [Commits](github/copilot-cli@v1.0.63...v1.0.71)

---
updated-dependencies:
- dependency-name: "@docusaurus/core"
  dependency-version: 3.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@docusaurus/faster"
  dependency-version: 3.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@docusaurus/module-type-aliases"
  dependency-version: 3.10.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@docusaurus/preset-classic"
  dependency-version: 3.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@docusaurus/types"
  dependency-version: 3.10.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@github/copilot"
  dependency-version: 1.0.70
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@microsoft/vally-cli"
  dependency-version: 0.8.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.63.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: eslint
  dependency-version: 10.7.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: markdownlint-cli2
  dependency-version: 0.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-dependencies-4ea2447518 branch from f1be03b to 10100e9 Compare July 16, 2026 22:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates npm NPM package configuration

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants