Skip to content

Fix dev security issue by updating microsoft api extractor#1146

Merged
jeffcharles merged 1 commit intomainfrom
jc.update-microsoft-api-extractor
Mar 5, 2026
Merged

Fix dev security issue by updating microsoft api extractor#1146
jeffcharles merged 1 commit intomainfrom
jc.update-microsoft-api-extractor

Conversation

@jeffcharles
Copy link
Collaborator

@jeffcharles jeffcharles commented Mar 2, 2026

Description of the change

Updates the @microsoft/api-extractor NPM package to the latest version supported by vite-plugin-dts.

Why am I making this change?

We have a couple open security warnings from minimatch and the current version of @microsoft/api-extractor is what's pulling in that version of minimatch. I don't know why Dependabot couldn't open a PR to resolve this automatically.

Checklist

  • I've updated the default plugin import namespace and incremented the major version of javy-plugin-api if the QuickJS bytecode has changed.
  • I've updated the relevant CHANGELOG files if necessary. Changes to javy-cli, javy-plugin, and javy-plugin-processing do not require updating CHANGELOG files.
  • I've updated the relevant crate versions if necessary. Versioning policy for library crates
  • I've updated documentation including crate documentation if necessary.

@jeffcharles jeffcharles requested a review from saulecabrera March 2, 2026 20:19
@jeffcharles jeffcharles merged commit f878461 into main Mar 5, 2026
5 checks passed
@jeffcharles jeffcharles deleted the jc.update-microsoft-api-extractor branch March 5, 2026 15:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@saulecabrera saulecabrera saulecabrera approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jeffcharles @saulecabrera