chore(deps-dev): Bump jsdom from 25.0.1 to 29.1.1#85
Conversation
|
Leaving this red — it's a genuine upstream/transitive incompatibility, not something the loop can green without a product decision. Root cause (confirmed). jsdom 29 instantiates Prod is unaffected — the Worker runs on workerd (no jsdom, no undici); this is test-infra only. Why I'm not fix-forwarding it: the only levers are (a) loosen/re-pin the To unblock (human): bump/adjust the |
f8c1d69 to
e6d56a6
Compare
Bumps [jsdom](https://github.com/jsdom/jsdom) from 25.0.1 to 29.1.1. - [Release notes](https://github.com/jsdom/jsdom/releases) - [Commits](jsdom/jsdom@v25.0.1...v29.1.1) --- updated-dependencies: - dependency-name: jsdom dependency-version: 29.1.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
e6d56a6 to
222fee1
Compare
jsdom 29 instantiates undici's CacheStorage, which calls
webidl.util.markAsUncloneable. undici removed the no-op fallback for that
binding in 8.1.0 (7.28.0 and 8.0.0 guard it with
`runtimeFeatures.has(...) ? real : () => {}`; 8.1.0+ assign the bare
worker_threads export). On any Node whose worker_threads lacks
markAsUncloneable, the app-level `undici: >=7.28.0` security-floor override
(which resolves to 8.7.0) hands jsdom that regressed build and
`webidl.util.markAsUncloneable` is undefined — a11y.test.ts fails to collect
on all four CI jobs. Prod (workerd) never touches jsdom/undici.
Fix: a dev-only scoped override `jsdom>undici: >=7.28.0 <8`, resolving jsdom's
transitive undici to 7.28.0 — the undici major jsdom 29 declares (^7.25.0),
which keeps the fallback and still satisfies the >=7.28.0 security floor. The
app-level undici override is untouched (still 8.7.0), so the security posture
is unchanged; only jsdom's dev-only copy is pinned.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
Update — adopted (fix-forward pushed, superseding my earlier "leaving this red"). I found a fix that needs no product/security decision, so I took it. Sharper root cause. The break is an undici regression, not "jsdom 29 + undici need to settle." jsdom 29 instantiates undici's
The app-level Fix (this commit). A dev-only scoped override Verified locally: |
Bumps jsdom from 25.0.1 to 29.1.1.
Release notes
Sourced from jsdom's releases.
... (truncated)
Commits
9b9ea7e29.1.107efb78Optimize computed style comparison5f66329Fix background-origin/background-clip in background shorthandad8af77Fix border shorthand handling5a3e88e29.1.073db204Update dependencies and dev dependenciesa7168a5Support ratio CSS unit type15346e0Fix style cache invalidation2a1e2cd29.0.24097d66Resolve computed CSS values lazily in CSSStyleDeclarationMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for jsdom since your current version.
Install script changes
This version modifies
preparescript that runs during installation. Review the package contents before updating.