Skip to content

deps(frontend): bump @types/node from 25.9.3 to 26.0.1 in /frontend#262

Merged
devops-thiago merged 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/types/node-26.0.1
Jun 30, 2026
Merged

deps(frontend): bump @types/node from 25.9.3 to 26.0.1 in /frontend#262
devops-thiago merged 1 commit into
mainfrom
dependabot/npm_and_yarn/frontend/types/node-26.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps @types/node from 25.9.3 to 26.0.1.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.9.3 to 26.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 26.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 26, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@types/node 26.0.1 🟢 6.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 26/29 approved changesets -- score normalized to 8
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
npm/undici-types 8.3.0 🟢 7.9
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 18/26 approved changesets -- score normalized to 6
Dependency-Update-Tool🟢 10update tool detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 8binaries present in source code
License🟢 10license file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 6dependency not pinned by hash detected -- score normalized to 6
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Vulnerabilities🟢 73 existing vulnerabilities detected
Packaging🟢 10packaging workflow detected
Fuzzing🟢 10project is fuzzed
SAST🟢 9SAST tool detected but not run on all commits
CI-Tests🟢 1024 out of 24 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 76 contributing companies or organizations

Scanned Files

  • frontend/package-lock.json

@codecov

codecov Bot commented Jun 26, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@sonarqubecloud

Copy link
Copy Markdown

@devops-thiago devops-thiago merged commit b4b539a into main Jun 30, 2026
16 checks passed
@devops-thiago devops-thiago deleted the dependabot/npm_and_yarn/frontend/types/node-26.0.1 branch June 30, 2026 23:41
devops-thiago added a commit that referenced this pull request Jul 1, 2026
## What type of PR is this?

- [x] 📝 Documentation
- [x] 📦 Dependency update

## Description

Release prep for **v0.3.0**, in three parts:

- **Docs — stale command lists fixed.** The v0.3.0 commands `/describe`,
`/changelog`, and `/add-docs` were missing from the `webhook/` package
row in `docs/ARCHITECTURE.md` and from the `CommentCommandService` class
javadoc (both still listed only the five older commands). Both now match
the `CommentCommand` enum and the live `/help` output. The `README.md`
summary bullet now mentions the changed-files walkthrough added in
v0.3.0 (#179).
- **Changelog — dated and synced.** The `[0.3.0]` heading moves from
`unreleased` to `2026-06-30`, and a new `### Dependencies` section
records the bumps landed during the cycle.
- **Version bump for tagging.** The Maven project version goes
`0.3.0-SNAPSHOT` → `0.3.0` so the release can be tagged. (The frontend
`package.json` keeps its own independent `1.0.0`.)

No runtime behavior changes — docs, changelog, and version metadata
only.

## Related Issues

N/A (no code fix). This documents already-merged v0.3.0 features
(`/describe` #35, `/changelog` #62, `/add-docs` #56, changed-files
walkthrough #179) and records the dependency bumps #262, #263, #265,
#266, #267 in the changelog.

## How Has This Been Tested?

- [x] Manual testing

The documented v0.3.0 command surface was dogfooded on
`#256` and `devops-thiago/MongOCOM#46`; the
corrected command list matches both the `CommentCommand` enum and the
bot's own `/help` output. Changes are documentation/metadata only, so no
automated tests apply.

## Checklist

- [x] My code follows the project's coding standards
- [x] I have performed a self-review of my own code
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [x] New and existing unit tests pass locally with my changes
- [x] I have updated the documentation accordingly
- [x] My changes generate no new warnings or errors

## Additional Notes

- A copy-editing pass over the v0.3.0 changelog prose (against the
Wikipedia "Signs of AI writing" checklist) found **no changes needed** —
the entries match the established terse-technical voice, so there is no
follow-up commit.
- Three tracking issues surfaced during v0.3.0 dogfooding were filed
**separately** (not part of this PR): #296 (`/describe` `/changelog`
`/add-docs` truncation disclosure), #297 (`/summary` "already exists"
wording), #298 (summary "Changes Overview" count accuracy).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant