build(deps): bump the npm-deps group with 10 updates by dependabot[bot] · Pull Request #6224 · FlowCrypt/flowcrypt-browser

dependabot · 2026-05-17T22:04:22Z

Bumps the npm-deps group with 10 updates:

Package	From	To
dompurify	`3.4.2`	`3.4.4`
linkify-html	`4.3.2`	`4.3.3`
linkifyjs	`4.3.2`	`4.3.3`
ava	`8.0.0`	`8.0.1`
eslint	`10.3.0`	`10.4.0`
lint-staged	`17.0.4`	`17.0.5`
puppeteer	`24.43.0`	`25.0.2`
stylelint	`17.11.0`	`17.11.1`
typescript-eslint	`8.59.2`	`8.59.3`
undici-types	`8.2.0`	`8.3.0`

Updates dompurify from 3.4.2 to 3.4.4

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.4

Added the selectedcontent element to default allow-list, thanks @lukewarlow

Added the command and commandfor attributes to default allowed-list, thanks @lukewarlow

Added better template scrubbing for IN_PLACE operations, thanks @DEMON1A

Added stronger checks for cross-realm windows, thanks @DEMON1A & @fg0x0

Updated demo website and made sure it uses the latest from main

Updated existing workflows, fuzzer, dependabot, etc., added more tests

Bumped several dependencies where possible

DOMPurify 3.4.3

Fixed an issue with handling of nested Shadow DOM trees, thanks @fishjojo1

Fixed the template regexes to be more robust against ReDoS attacks, thanks @aleung27

Updated the node iteration code to catch more Shadow DOM related issues

Updated Playwright and added Node 26 to test matrix

Updated existing workflows, fuzzer, release signing, etc., added more tests

Bumped several dependencies where possible

Commits

5817ad9 release: 3.4.4 (#1374)
520edb0 release: 3.4.3 (#1352)
See full diff in compare view

Updates linkify-html from 4.3.2 to 4.3.3

Release notes

Sourced from linkify-html's releases.

v4.3.3

What's Changed

Fix parsing bugs with some special encoded URLs

Parsed emails should not include port numbers

Exact version requirement for interfaces and plugins to avoid incompatibility issues with older versions of linkify core

Support for jQuery 4

Full Changelog: nfrasser/linkifyjs@v4.3.2...v4.3.3

Changelog

Sourced from linkify-html's changelog.

v4.3.3

Fix parsing bugs with some special encoded URLs

Parsed emails should not include port numbers

Exact version requirement for interfaces and plugins to avoid incompatibility issues with older versions of linkify core

Commits

7fffcc6 v4.3.3
2cb8352 Update dependencies (#529)
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for linkify-html since your current version.

Updates linkifyjs from 4.3.2 to 4.3.3

Release notes

Sourced from linkifyjs's releases.

v4.3.3

What's Changed

Fix parsing bugs with some special encoded URLs

Parsed emails should not include port numbers

Exact version requirement for interfaces and plugins to avoid incompatibility issues with older versions of linkify core

Support for jQuery 4

Full Changelog: nfrasser/linkifyjs@v4.3.2...v4.3.3

Changelog

Sourced from linkifyjs's changelog.

v4.3.3

Fix parsing bugs with some special encoded URLs

Parsed emails should not include port numbers

Exact version requirement for interfaces and plugins to avoid incompatibility issues with older versions of linkify core

Commits

7fffcc6 v4.3.3
90b37cc Release v4.3.3 (#535)
2cb8352 Update dependencies (#529)
See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for linkifyjs since your current version.

Updates ava from 8.0.0 to 8.0.1

Release notes

Sourced from ava's releases.

v8.0.1

What's Changed

This release officially adds Node.js 26 support, with thanks to @novemberborn in avajs/ava#3450.

Per our policy, support for Node.js 25 has been removed.

Full Changelog: avajs/ava@v8.0.0...v8.0.1

Commits

bbfd946 v8.0.1
332fcd7 Pre-release updates (#3451)
fcaaf43 Add Node.js 26 support; drop 25 (#3450)
a913804 Test using AVA 8 (#3440)
See full diff in compare view

Updates eslint from 10.3.0 to 10.4.0

Release notes

Sourced from eslint's releases.

v10.4.0

Features

1a45ec5 feat: check sequence expressions in for-direction (#20701) (kuldeep kumar)

450040b feat: add includeIgnoreFile() to eslint/config (#20735) (Kirk Waiblinger)

Bug Fixes

544c0c3 fix: escape code path DOT labels in debug output (#20866) (Pixel998)

6799431 fix: update dependency @eslint/config-helpers to ^0.6.0 (#20850) (renovate[bot])

f078fef fix: handle non-array deprecated rule replacements (#20825) (xbinaryx)

Documentation

7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869) (Pavel)

db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865) (Kirk Waiblinger)

9084664 docs: Update README (GitHub Actions Bot)

9cc7387 docs: Update README (GitHub Actions Bot)

3d7b548 docs: Update README (GitHub Actions Bot)

191ec3c docs: Update README (GitHub Actions Bot)

Chores

6616856 chore: upgrade knip to v6 (#20875) (Pixel998)

d13b084 ci: ensure auto-created PRs run CI (#20860) (lumir)

e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862) (dependabot[bot])

d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863) (kuldeep kumar)

24db8cb test: add tests for SuppressionsService.save() (#20802) (kuldeep kumar)

2ef0549 chore: update ecosystem plugins (#20857) (github-actions[bot])

a429791 ci: remove eslint-webpack-plugin types integration test (#20668) (Milos Djermanovic)

9e37386 chore: replace recast with range approach in code-sample-minimizer (#20682) (Copilot)

0dd1f9f test: disable warning for vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER (#20845) (Francesco Trotta)

9da3c7b refactor: remove deprecated meta.language and migrate meta.dialects (#20716) (Pixel998)

2099ed1 refactor: add meta.defaultOptions to more rules, enable linting (#20800) (xbinaryx)

f1dfbc9 chore: update ecosystem plugins (#20836) (github-actions[bot])

c759413 ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 (#20843) (dependabot[bot])

5b817d6 test: add unit tests for lib/shared/ast-utils (#20838) (kuldeep kumar)

1c13ae3 test: add unit tests for lib/shared/severity (#20835) (kuldeep kumar)

Commits

452c401 10.4.0
b6417e8 Build: changelog update for 10.4.0
6616856 chore: upgrade knip to v6 (#20875)
d13b084 ci: ensure auto-created PRs run CI (#20860)
7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869)
e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862)
544c0c3 fix: escape code path DOT labels in debug output (#20866)
db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865)
d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863)
9084664 docs: Update README
Additional commits viewable in compare view

Updates lint-staged from 17.0.4 to 17.0.5

Release notes

Sourced from lint-staged's releases.

v17.0.5

Patch Changes

#1792 1f67271 - Correctly set the --max-arg-length default value based on the running platform. This controls how very long lists of staged files are split into multiple chunks.

Changelog

Sourced from lint-staged's changelog.

17.0.5

Patch Changes

#1792 1f67271 - Correctly set the --max-arg-length default value based on the running platform. This controls how very long lists of staged files are split into multiple chunks.

Commits

cbd822e Merge pull request #1793 from lint-staged/changeset-release/main
1911244 chore(changeset): release
7339d7d Merge pull request #1792 from lint-staged/fix-max-arg-length-default
1f67271 fix: default maxArgLength to undefined instead of NaN when parsing cli ...
See full diff in compare view

Updates puppeteer from 24.43.0 to 25.0.2

Release notes

Sourced from puppeteer's releases.

puppeteer-core: v25.0.2

25.0.2 (2026-05-15)

🛠️ Fixes

update docs text (#14992) (36527b8)

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 3.0.1 to 3.0.2

puppeteer: v25.0.2

25.0.2 (2026-05-15)

♻️ Chores

puppeteer: Synchronize puppeteer versions

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 3.0.1 to 3.0.2

puppeteer-core bumped from 25.0.1 to 25.0.2

puppeteer-core: v25.0.1

25.0.1 (2026-05-13)

🛠️ Fixes

enabled features should take precedence over disabled features (#14985) (f6fd7c2)

roll to Chrome 148.0.7778.167 (#14980) (84c46fe)

roll to Firefox 150.0.3 (#14983) (872f778)

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 3.0.0 to 3.0.1

puppeteer: v25.0.1

25.0.1 (2026-05-13)

... (truncated)

Changelog

Sourced from puppeteer's changelog.

25.0.2 (2026-05-15)

♻️ Chores

puppeteer: Synchronize puppeteer versions

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 3.0.1 to 3.0.2

🛠️ Fixes

update docs text (#14992) (36527b8)

25.0.1 (2026-05-13)

♻️ Chores

puppeteer: Synchronize puppeteer versions

Dependencies

The following workspace dependencies were updated

dependencies

@puppeteer/browsers bumped from 3.0.0 to 3.0.1

🛠️ Fixes

enabled features should take precedence over disabled features (#14985) (f6fd7c2)

roll to Chrome 148.0.7778.167 (#14980) (84c46fe)

roll to Firefox 150.0.3 (#14983) (872f778)

25.0.0 (2026-05-12)

⚠ BREAKING CHANGES

remove deprecated Puppeteer.product (#14977)

bump min NodeJS to 22 (#14973)

return a Promise for executablePath, defaultArgs (#14965)

... (truncated)

Commits

3aadc38 chore: release main (#14993)
36527b8 fix: update docs text (#14992)
3ea7bd5 fix: capitalize "Chrome" in troubleshooting.md (#14991)
ae72fdb chore: Tiny punctuation update in troubleshooting.md (#14990)
1597fde chore: release main (#14982)
f6fd7c2 fix: enabled features should take precedence over disabled features (#14985)
bf05fb9 fix: update browsers to trigger release (#14984)
872f778 fix: roll to Firefox 150.0.3 (#14983)
84c46fe fix: roll to Chrome 148.0.7778.167 (#14980)
ee655d8 chore(main): release ng-schematics 0.8.0 (#14978)
Additional commits viewable in compare view

Updates stylelint from 17.11.0 to 17.11.1

Release notes

Sourced from stylelint's releases.

17.11.1

It fixes 2 bugs.

Fixed: node_modules ignore for codeFilename paths containing a dot-prefixed directory (#9282) (@tuhtah).

Fixed: declaration-block-no-redundant-longhand-properties range for contiguous redundant longhand properties (#9273) (@pamelalozano16).

Changelog

Sourced from stylelint's changelog.

17.11.1 - 2026-05-14

It fixes 2 bugs.

Fixed: node_modules ignore for codeFilename paths containing a dot-prefixed directory (#9282) (@tuhtah).

Fixed: declaration-block-no-redundant-longhand-properties range for contiguous redundant longhand properties (#9273) (@pamelalozano16).

Commits

e7a3d19 Release 17.11.1 (#9290)
63c5992 Fix node_modules ignore for codeFilename paths containing a dot-prefixed ...
8b05dab Bump postcss from 8.5.13 to 8.5.14 in the postcss group (#9286)
2dbc0f0 Bump eslint from 10.2.1 to 10.3.0 in the eslint group (#9285)
769b772 Bump the stylelint-actions group with 5 updates (#9284)
2e68086 Refactor isPlainObject() to drop is-plain-object dependency (#9280)
3ea54e8 Add Node.js v26 to test matrix on CI (#9279)
884b7eb Bump fast-uri from 3.1.0 to 3.1.2 (#9277)
f3cd80c Refactor declaration-block-no-redundant-longhand-properties rule (#9275)
dd1e81d Fix declaration-block-no-redundant-longhand-properties range for contiguous...
See full diff in compare view

Updates typescript-eslint from 8.59.2 to 8.59.3

Release notes

Sourced from typescript-eslint's releases.

v8.59.3

8.59.3 (2026-05-11)

This was a version bump only, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.59.3 (2026-05-11)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

48e13c0 chore(release): publish 8.59.3
44f9625 chore(deps): update vitest monorepo to v4.1.5 (#12307)
See full diff in compare view

Updates undici-types from 8.2.0 to 8.3.0

Release notes

Sourced from undici-types's releases.

v8.3.0

What's Changed

fix: preserve pool capacity after removing stale client by @trivikr in nodejs/undici#5151

build(deps): bump actions/github-script from 8.0.0 to 9.0.0 by @dependabot[bot] in nodejs/undici#5157

build(deps): bump actions/upload-artifact from 5.0.0 to 7.0.1 by @dependabot[bot] in nodejs/undici#5162

build(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 by @dependabot[bot] in nodejs/undici#5156

chore(http2): collapse duplicate request stream setup by @trivikr in nodejs/undici#5140

perf(client): cache HTTP/2 authority by @trivikr in nodejs/undici#5141

build(deps-dev): bump borp from 0.20.2 to 1.0.0 by @dependabot[bot] in nodejs/undici#4819

types: add TOpaque to client connect options by @samuel871211 in nodejs/undici#4928

build(deps): bump tinybench from 5.1.0 to 6.0.1 in /benchmarks by @dependabot[bot] in nodejs/undici#4688

build(deps): bump codecov/codecov-action from 5.5.1 to 6.0.0 by @dependabot[bot] in nodejs/undici#4950

build(deps): bump actions/dependency-review-action from 4.8.1 to 4.9.0 by @dependabot[bot] in nodejs/undici#4951

test(fetch): add userinfo coverage for issue-4897 URLs by @mcollina in nodejs/undici#4901

perf: avoid duplicate pool dispatcher selection on backpressure by @trivikr in nodejs/undici#5149

build(deps): bump actions/setup-node from 6.2.0 to 6.4.0 by @dependabot[bot] in nodejs/undici#5163

build(deps): bump step-security/harden-runner from 2.14.1 to 2.19.1 by @dependabot[bot] in nodejs/undici#5160

build(deps): bump cronometro from 5.3.0 to 6.0.3 in /benchmarks by @dependabot[bot] in nodejs/undici#4687

build(deps): bump github/codeql-action from 4.35.1 to 4.35.3 by @dependabot[bot] in nodejs/undici#5161

build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by @dependabot[bot] in nodejs/undici#4853

build(deps): bump hendrikmuhs/ccache-action from 1.2.22 to 1.2.23 by @dependabot[bot] in nodejs/undici#5158

build(deps): bump fastify/github-action-merge-dependabot from 3.11.2 to 3.12.0 by @dependabot[bot] in nodejs/undici#5159

build(deps-dev): bump c8 from 10.1.3 to 11.0.0 by @dependabot[bot] in nodejs/undici#4854

build(deps): bump uWebSockets.js from v20.64.0 to v20.66.0 in /benchmarks by @dependabot[bot] in nodejs/undici#5130

docs: mention install() also installs WebSocket globals by @mcollina in nodejs/undici#5174

types: stop interfering with @types/node by @Renegade334 in nodejs/undici#5173

fix: align h2 empty body content-length methods with h1 by @trivikr in nodejs/undici#5172

build(deps-dev): bump fast-check from 4.6.0 to 4.7.0 by @dependabot[bot] in nodejs/undici#5192

build(deps-dev): bump typescript from 6.0.2 to 6.0.3 by @dependabot[bot] in nodejs/undici#5191

test: move cleanup from finally to after hooks by @trivikr in nodejs/undici#5194

test: resolve flaky timeout in issue-3356 by @trivikr in nodejs/undici#5188

SnapshotAgent: Add normalizeBody and normalizeQuery by @GeoffreyBooth in nodejs/undici#5121

fix(socks5): use configured connector in Socks5ProxyAgent by @trivikr in nodejs/undici#5168

perf(http2): avoid isArray checks for common headers by @trivikr in nodejs/undici#5170

fix(test): make deduplicate body-streaming test non-flaky by @mcollina in nodejs/undici#5196

test(retry): add regression test for RetryAgent + HTTP/2 stream timeout (#5137) by @mcollina in nodejs/undici#5176

fix(socks5): preserve dispatch backpressure return value by @trivikr in nodejs/undici#5166

perf(http2): end zero-length request bodies with headers by @trivikr in nodejs/undici#5169

fix(test): make issue-2898-comment.js assertion robust against flakiness by @mcollina in nodejs/undici#5208

test: disable timeouts in h2 high concurrency regression by @trivikr in nodejs/undici#5205

test: deflake stream compat coverage by @mcollina in nodejs/undici#5209

fix(dispatcher): remove unreachable assert in writeBlob by @SAY-5 in nodejs/undici#5231

fix: clean up benchmark resources before worker exit by @trivikr in nodejs/undici#5225

test: avoid per-chunk assertions in diagnostics get by @trivikr in nodejs/undici#5224

test: capture cache test worker stderr and preserve failures by @trivikr in nodejs/undici#5206

chore: gitignore benchmarks/package-lock.json by @trivikr in nodejs/undici#5228

perf(proxy-agent): avoid extra header allocations in auth guard by @trivikr in nodejs/undici#5164

test(wpt): retry WPT server startup on port conflicts or timeout by @trivikr in nodejs/undici#5215

test: make websocket diagnostics ping-pong ordering deterministic by @trivikr in nodejs/undici#5222

test(websocket): fix flaky send test by @mcollina in nodejs/undici#5232

... (truncated)

Commits

aa33b19 Bumped v8.3.0 (#5305)
f33a6cb test: fix flaky http2-dispatcher WebSocket upgrade tests (#5304)
ca0cb16 build(deps): bump uWebSockets.js in /benchmarks (#5299)
e1f9035 build(deps-dev): bump jest from 30.3.0 to 30.4.2 (#5297)
314ba6a perf(client-h2): reuse request upgrade stream handlers (#5293)
be9a544 Add Node 26 to the matrix (#5271)
45f7bd3 test: retry crashed cache-test workers once (#5294)
08cf765 build(deps-dev): bump fast-check from 4.7.0 to 4.8.0 (#5298)
df5ded9 cache formdata boundary (#5292)
e101dcb test: include after in parser-issues (#5284)
Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
ava	[>= 6.0.a, < 6.1]
puppeteer	[>= 21.7.a, < 21.8]
puppeteer	[>= 22.0.a, < 22.1]
puppeteer	[>= 22.1.a, < 22.2]
puppeteer	[>= 22.3.a, < 22.4]
puppeteer	[>= 22.5.a, < 22.6]
puppeteer	[>= 22.6.a, < 22.7]
puppeteer	[>= 22.4.a, < 22.5]
puppeteer	[>= 22.2.a, < 22.3]
puppeteer	[>= 22.7.a, < 22.8]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm-deps group with 10 updates: | Package | From | To | | --- | --- | --- | | [dompurify](https://github.com/cure53/DOMPurify) | `3.4.2` | `3.4.4` | | [linkify-html](https://github.com/nfrasser/linkifyjs/tree/HEAD/packages/linkify-html) | `4.3.2` | `4.3.3` | | [linkifyjs](https://github.com/nfrasser/linkifyjs/tree/HEAD/packages/linkifyjs) | `4.3.2` | `4.3.3` | | [ava](https://github.com/avajs/ava) | `8.0.0` | `8.0.1` | | [eslint](https://github.com/eslint/eslint) | `10.3.0` | `10.4.0` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `17.0.4` | `17.0.5` | | [puppeteer](https://github.com/puppeteer/puppeteer) | `24.43.0` | `25.0.2` | | [stylelint](https://github.com/stylelint/stylelint) | `17.11.0` | `17.11.1` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.2` | `8.59.3` | | [undici-types](https://github.com/nodejs/undici) | `8.2.0` | `8.3.0` | Updates `dompurify` from 3.4.2 to 3.4.4 - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](cure53/DOMPurify@3.4.2...3.4.4) Updates `linkify-html` from 4.3.2 to 4.3.3 - [Release notes](https://github.com/nfrasser/linkifyjs/releases) - [Changelog](https://github.com/nfrasser/linkifyjs/blob/main/CHANGELOG.md) - [Commits](https://github.com/nfrasser/linkifyjs/commits/v4.3.3/packages/linkify-html) Updates `linkifyjs` from 4.3.2 to 4.3.3 - [Release notes](https://github.com/nfrasser/linkifyjs/releases) - [Changelog](https://github.com/nfrasser/linkifyjs/blob/main/CHANGELOG.md) - [Commits](https://github.com/nfrasser/linkifyjs/commits/v4.3.3/packages/linkifyjs) Updates `ava` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/avajs/ava/releases) - [Commits](avajs/ava@v8.0.0...v8.0.1) Updates `eslint` from 10.3.0 to 10.4.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.3.0...v10.4.0) Updates `lint-staged` from 17.0.4 to 17.0.5 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v17.0.4...v17.0.5) Updates `puppeteer` from 24.43.0 to 25.0.2 - [Release notes](https://github.com/puppeteer/puppeteer/releases) - [Changelog](https://github.com/puppeteer/puppeteer/blob/main/CHANGELOG.md) - [Commits](puppeteer/puppeteer@puppeteer-v24.43.0...puppeteer-v25.0.2) Updates `stylelint` from 17.11.0 to 17.11.1 - [Release notes](https://github.com/stylelint/stylelint/releases) - [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md) - [Commits](stylelint/stylelint@17.11.0...17.11.1) Updates `typescript-eslint` from 8.59.2 to 8.59.3 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.3/packages/typescript-eslint) Updates `undici-types` from 8.2.0 to 8.3.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v8.2.0...v8.3.0) --- updated-dependencies: - dependency-name: dompurify dependency-version: 3.4.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: linkify-html dependency-version: 4.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: linkifyjs dependency-version: 4.3.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: ava dependency-version: 8.0.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: eslint dependency-version: 10.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-deps - dependency-name: lint-staged dependency-version: 17.0.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: puppeteer dependency-version: 25.0.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-deps - dependency-name: stylelint dependency-version: 17.11.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: typescript-eslint dependency-version: 8.59.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-deps - dependency-name: undici-types dependency-version: 8.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 17, 2026

dependabot Bot requested a review from sosnovsky as a code owner May 17, 2026 22:04

FlowCryptRobot enabled auto-merge (squash) May 17, 2026 22:04

FlowCryptRobot previously approved these changes May 17, 2026

View reviewed changes

sosnovsky added 2 commits May 18, 2026 13:07

Merge branch 'master' into dependabot/npm_and_yarn/npm-deps-786e1c1eac

f0c5e23

updates

7233a59

sosnovsky dismissed FlowCryptRobot’s stale review via 7233a59 May 18, 2026 10:14

sosnovsky approved these changes May 18, 2026

View reviewed changes

FlowCryptRobot merged commit 2d667a9 into master May 18, 2026
12 checks passed

FlowCryptRobot deleted the dependabot/npm_and_yarn/npm-deps-786e1c1eac branch May 18, 2026 12:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the npm-deps group with 10 updates#6224

build(deps): bump the npm-deps group with 10 updates#6224
FlowCryptRobot merged 3 commits into
masterfrom
dependabot/npm_and_yarn/npm-deps-786e1c1eac

dependabot Bot commented on behalf of github May 17, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot Bot commented on behalf of github May 17, 2026

DOMPurify 3.4.4

DOMPurify 3.4.3

v4.3.3

What's Changed

v4.3.3

v4.3.3

What's Changed

v4.3.3

v8.0.1

What's Changed

v10.4.0

Features

Bug Fixes

Documentation

Chores

v17.0.5

Patch Changes

17.0.5

Patch Changes

puppeteer-core: v25.0.2

25.0.2 (2026-05-15)

🛠️ Fixes

Dependencies

puppeteer: v25.0.2

25.0.2 (2026-05-15)

♻️ Chores

Dependencies

puppeteer-core: v25.0.1

25.0.1 (2026-05-13)

🛠️ Fixes

Dependencies

puppeteer: v25.0.1

25.0.1 (2026-05-13)

25.0.2 (2026-05-15)

♻️ Chores

Dependencies

🛠️ Fixes

25.0.1 (2026-05-13)

♻️ Chores

Dependencies

🛠️ Fixes

25.0.0 (2026-05-12)

⚠ BREAKING CHANGES

17.11.1

17.11.1 - 2026-05-14

v8.59.3

8.59.3 (2026-05-11)

8.59.3 (2026-05-11)

v8.3.0

What's Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants