Skip to content

chore(deps-dev): bump the dev group with 4 updates#1162

Merged
dependabot[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/dev-46e225b3b5
Dec 15, 2025
Merged

chore(deps-dev): bump the dev group with 4 updates#1162
dependabot[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/dev-46e225b3b5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 15, 2025
edited
Loading

Bumps the dev group with 4 updates: @codemirror/view, @eslint/js, eslint and lefthook.

Updates @codemirror/view from 6.39.3 to 6.39.4

Changelog

Sourced from @​codemirror/view's changelog.

6.39.4 (2025-12-12)

Bug fixes

Fix a bug where paste events handlers on Chrome could fail to run when pasting on a blank line.

Fix a regression causing the native cursor to get stuck before block widgets with side>0.

Fix a crash in content DOM building after a block widget.

Fix a bug in posAtCoords that would in some circumstances make it return positions on the wrong side of a block widget.

Commits
  • db7c7c4 Mark version 6.39.4
  • 130b4a5 Fix posAtCoords right after a block widget at start of line
  • 67e2013 Ensure there's an active line before emitting inline content
  • 4be27f1 Fix broken native cursor positioning after side=1 block widgets
  • 578625e Prevent hidden widgets from eating events
  • 75a63c0 Return DOM positions at the right side of point widgets
  • See full diff in compare view

Updates @eslint/js from 9.39.1 to 9.39.2

Release notes

Sourced from @​eslint/js's releases.

v9.39.2

Bug Fixes

  • 5705833 fix: warn when eslint-env configuration comments are found (#20381) (sethamus)

Build Related

  • 506f154 build: add .scss files entry to knip (#20391) (Milos Djermanovic)

Chores

  • 7ca0af7 chore: upgrade to @eslint/js@9.39.2 (#20394) (Francesco Trotta)
  • c43ce24 chore: package.json update for @​eslint/js release (Jenkins)
  • 4c9858e ci: add v9.x-dev branch (#20382) (Milos Djermanovic)
Commits

Updates eslint from 9.39.1 to 9.39.2

Release notes

Sourced from eslint's releases.

v9.39.2

Bug Fixes

  • 5705833 fix: warn when eslint-env configuration comments are found (#20381) (sethamus)

Build Related

  • 506f154 build: add .scss files entry to knip (#20391) (Milos Djermanovic)

Chores

  • 7ca0af7 chore: upgrade to @eslint/js@9.39.2 (#20394) (Francesco Trotta)
  • c43ce24 chore: package.json update for @​eslint/js release (Jenkins)
  • 4c9858e ci: add v9.x-dev branch (#20382) (Milos Djermanovic)
Commits

Updates lefthook from 2.0.9 to 2.0.11

Release notes

Sourced from lefthook's releases.

v2.0.11

Changelog

  • dcb45c027230c883f3b9a360896708aa9d6b50a3 ci: npm trusted publishing (#1234)
  • fd62bbb6586477b7d090e356c27f8a9e987c82a3 feat: more rudimentary shell completions (#1230)
  • f7bfafdd87868ea85de46c87802ab53278b77f67 feat: refetch and cleanup on ref change (#1210)

v2.0.10

Changelog

  • b3791f6b3abdbea78b7c43ef85e0d3ededb69a15 feat: add no_auto_install to lefthook.yml (#1231)
  • 1f7303df83e2af58015292986ebe2b8177c77667 fix: skip if empty files template (#1233)
Changelog

Sourced from lefthook's changelog.

2.0.11 (2025-12-12)

2.0.10 (2025-12-12)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lefthook since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @mdn-bot.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 15, 2025
@dependabot dependabot bot requested a review from mdn-bot as a code owner December 15, 2025 01:18
@dependabot dependabot bot added the javascript Pull requests that update javascript code label Dec 15, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 15, 2025 01:18
@dependabot dependabot bot requested a review from LeoMcA December 15, 2025 01:18
@mdn-bot
Copy link
Collaborator

mdn-bot commented Dec 15, 2025

@dependabot squash and merge

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Beginning January 27, 2026, Dependabot will no longer support the @dependabot squash and merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

@dependabot
chore(deps-dev): bump the dev group with 4 updates
053ecc1 
Bumps the dev group with 4 updates: [@codemirror/view](https://github.com/codemirror/view), [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js), [eslint](https://github.com/eslint/eslint) and [lefthook](https://github.com/evilmartians/lefthook).


Updates `@codemirror/view` from 6.39.3 to 6.39.4
- [Changelog](https://github.com/codemirror/view/blob/main/CHANGELOG.md)
- [Commits](codemirror/view@6.39.3...6.39.4)

Updates `@eslint/js` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js)

Updates `eslint` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.1...v9.39.2)

Updates `lefthook` from 2.0.9 to 2.0.11
- [Release notes](https://github.com/evilmartians/lefthook/releases)
- [Changelog](https://github.com/evilmartians/lefthook/blob/master/CHANGELOG.md)
- [Commits](evilmartians/lefthook@v2.0.9...v2.0.11)

---
updated-dependencies:
- dependency-name: "@codemirror/view"
  dependency-version: 6.39.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: "@eslint/js"
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: eslint
  dependency-version: 9.39.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
- dependency-name: lefthook
  dependency-version: 2.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/dev-46e225b3b5 branch from 1c5e504 to 053ecc1 Compare December 15, 2025 01:29
@mdn-bot
Copy link
Collaborator

mdn-bot commented Dec 15, 2025

@dependabot squash and merge

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 15, 2025

Beginning January 27, 2026, Dependabot will no longer support the @dependabot squash and merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.

@dependabot dependabot bot merged commit dcb6eb2 into main Dec 15, 2025
13 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/dev-46e225b3b5 branch December 15, 2025 01:36
@mdn-bot mdn-bot mentioned this pull request Dec 12, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mdn-bot mdn-bot mdn-bot approved these changes

@LeoMcA LeoMcA Awaiting requested review from LeoMcA LeoMcA is a code owner automatically assigned from mdn/engineering

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mdn-bot