Skip to content

chore: dependency bumps #8776

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
RomneyDa merged 3 commits into from
Nov 19, 2025
Merged

chore: dependency bumps #8776

RomneyDa merged 3 commits into from
Nov 19, 2025

Conversation

@RomneyDa
Copy link
Collaborator

@RomneyDa RomneyDa commented Nov 18, 2025
edited by cubic-dev-ai bot
Loading

Description

Conglomeration of snyk recent updates since many failed to update package lock and will have tons of conflicts, plus need to pull main for all

Summary by cubic

Updated dependencies across the repo to resolve Snyk alerts and keep SDKs current. Key bumps: google-auth-library 10.x, Puppeteer 24.x, OpenAI 5.23.x, Zod 3.25.x, and YAML 2.8.x.

  • Dependencies
    • Applied across core, extensions/cli, packages/openai-adapters, packages/config-yaml, and docs.
    • Added js-yaml (hub, CLI) and axios + tar-fs (docs).

Written for commit 440b228. Summary will update automatically on new commits.

@RomneyDa RomneyDa requested a review from a team as a code owner November 18, 2025 18:03
@RomneyDa RomneyDa requested review from tingwai and removed request for a team November 18, 2025 18:03
@dosubot dosubot bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Nov 18, 2025
@RomneyDa RomneyDa marked this pull request as draft November 18, 2025 18:03
@github-actions
Copy link

github-actions bot commented Nov 18, 2025
edited
Loading

✅ Review Complete

Code Review Summary

⚠️ Continue configuration error. Please verify that the assistant exists in Continue Hub.

This was referenced Nov 18, 2025
Closed
Closed
Closed
Closed
Closed
Closed
Closed
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Nov 18, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1 issue found across 1 file

Prompt for AI agents (all 1 issues) 

Understand the root cause of the following 1 issues and fix them.


<file name="packages/config-yaml/package.json">

<violation number="1" location="packages/config-yaml/package.json:27">
The dependency was bumped to ^2.8.1 here without updating packages/config-yaml/package-lock.json, so installs remain pinned to ^2.6.1 and the intended upgrade won’t ship. Refresh the lock file after changing dependency versions.</violation>
</file>

Reply to cubic to teach it or ask questions. Re-run a review with @cubic-dev-ai review this PR

This was referenced Nov 18, 2025
Closed
Closed
@RomneyDa RomneyDa changed the title fix: config yaml bump chore: dependency bumps Nov 18, 2025
@RomneyDa RomneyDa marked this pull request as ready for review November 18, 2025 18:24
@dosubot dosubot bot added size:S This PR changes 10-29 lines, ignoring generated files. and removed size:XS This PR changes 0-9 lines, ignoring generated files. labels Nov 18, 2025
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Nov 18, 2025
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 12 files

tingwai
tingwai previously approved these changes Nov 18, 2025
View reviewed changes
@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Nov 18, 2025
@github-project-automation github-project-automation bot moved this from Todo to In Progress in Issues and PRs Nov 18, 2025
@RomneyDa RomneyDa merged commit b11c958 into main Nov 19, 2025
56 of 60 checks passed
@RomneyDa RomneyDa deleted the dallin/super-snyk branch November 19, 2025 01:09
@github-project-automation github-project-automation bot moved this from In Progress to Done in Issues and PRs Nov 19, 2025
@github-actions github-actions bot locked and limited conversation to collaborators Nov 19, 2025
@sestinj
Copy link
Contributor

sestinj commented Nov 19, 2025

🎉 This PR is included in version 1.34.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

@sestinj
Copy link
Contributor

sestinj commented Nov 19, 2025

🎉 This PR is included in version 1.30.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@sestinj
Copy link
Contributor

sestinj commented Nov 19, 2025

🎉 This PR is included in version 1.5.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

@sestinj
Copy link
Contributor

sestinj commented Nov 20, 2025

🎉 This PR is included in version 1.6.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

+1 more reviewer

@tingwai tingwai tingwai approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

lgtm This PR has been approved by a maintainer released size:S This PR changes 10-29 lines, ignoring generated files.

Projects

Issues and PRs
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@RomneyDa @sestinj @tingwai