Skip to content

chore: Update yarn.lock after Dependabot dependency bumps #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Dec 1, 2025
Merged

chore: Update yarn.lock after Dependabot dependency bumps #63

merged 2 commits into from
Dec 1, 2025

Conversation

Copy link
Contributor

Copilot AI commented Nov 30, 2025
edited
Loading

Dependabot updated package.json files for 7 security-related dependencies but left yarn.lock out of sync. The lockfile needed regeneration to reflect the changes.

Changes

  • Regenerated yarn.lock using Yarn 4.3.1 via yarn install --mode update-lockfile
  • Synchronized lock entries for updated packages:
    • @backstage/plugin-scaffolder-backend: 2.2.1 → 3.0.1
    • @backstage/backend-defaults: 0.12.1 → 0.13.1
    • @backstage/plugin-scaffolder-backend-module-gitlab: 0.9.6 → 0.10.0
    • Plus transitive security updates (cipher-base, js-yaml, node-forge, pbkdf2, sha.js, webpack-dev-server)

The lockfile diff shows 85 additions and 113 deletions, reflecting resolution changes from the dependency updates.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI mentioned this pull request Nov 30, 2025
Merged
@johnnyhuy
chore: Update yarn.lock after dependency bumps
2a84cf8 
Co-authored-by: johnnyhuy <27847622+johnnyhuy@users.noreply.github.com>
Copilot AI changed the title [WIP] Bump npm and yarn dependencies with 7 updates chore: Update yarn.lock after Dependabot dependency bumps Nov 30, 2025
Copilot AI requested a review from johnnyhuy November 30, 2025 22:52
Copilot finished work on behalf of johnnyhuy November 30, 2025 22:52
@johnnyhuy johnnyhuy marked this pull request as ready for review December 1, 2025 01:25
@johnnyhuy johnnyhuy requested review from Copilot and removed request for johnnyhuy December 1, 2025 01:25
Copilot AI reviewed Dec 1, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@johnnyhuy johnnyhuy merged commit 8ba482b into dependabot/npm_and_yarn/npm_and_yarn-802f81064d Dec 1, 2025
1 check passed
@johnnyhuy johnnyhuy deleted the copilot/sub-pr-62 branch December 1, 2025 01:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@johnnyhuy johnnyhuy johnnyhuy approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@johnnyhuy johnnyhuy

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@johnnyhuy