chore(deps): bump dependencies from multiple Dependabot PRs#9956
Merged
chrisgervang merged 3 commits intomasterfrom Jan 29, 2026
Merged
chore(deps): bump dependencies from multiple Dependabot PRs#9956chrisgervang merged 3 commits intomasterfrom
chrisgervang merged 3 commits intomasterfrom
Conversation
Combines updates from 16 Dependabot PRs: - actions/checkout: v4.2.2 → v6.0.1 - actions/setup-node: v6.0.0 → v6.2.0 - actions/setup-python: v4.7.1 → v5.4.0 - actions/upload-artifact: v4.6.0 → v5.0.0 - github/codeql-action: v3.28.9 → v4.31.9 - ossf/scorecard-action: v2.4.0 → v2.4.3 - JamesIves/github-pages-deploy-action: v4.7.2 → v4.8.0 - @vis.gl/ts-plugins: 1.0.0-alpha.21 → 1.0.1 - moment-timezone: ^0.5.33 → ^0.6.0 - black: 22.3.0 → 24.3.0 - lodash: 4.17.21 → 4.17.23 (yarn.lock) - min-document: 2.19.0 → 2.19.2 (yarn.lock) - node-forge: 1.3.1 → 1.3.3 (website yarn.lock) - http-proxy-middleware: 2.0.7 → 2.0.9 (website yarn.lock) - @babel/runtime: 7.26.0 → 7.26.10 (website yarn.lock) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
felixpalmer
approved these changes
Jan 28, 2026
Co-Authored-By: Claude (global.anthropic.claude-opus-4-5-20251101-v1:0) <noreply@anthropic.com>
9f188f6 to
d1f563a
Compare
felixpalmer
pushed a commit
that referenced
this pull request
Feb 10, 2026
* chore(deps): bump dependencies from multiple Dependabot PRs Combines updates from 16 Dependabot PRs: - actions/checkout: v4.2.2 → v6.0.1 - actions/setup-node: v6.0.0 → v6.2.0 - actions/setup-python: v4.7.1 → v5.4.0 - actions/upload-artifact: v4.6.0 → v5.0.0 - github/codeql-action: v3.28.9 → v4.31.9 - ossf/scorecard-action: v2.4.0 → v2.4.3 - JamesIves/github-pages-deploy-action: v4.7.2 → v4.8.0 - @vis.gl/ts-plugins: 1.0.0-alpha.21 → 1.0.1 - moment-timezone: ^0.5.33 → ^0.6.0 - black: 22.3.0 → 24.3.0 - lodash: 4.17.21 → 4.17.23 (yarn.lock) - min-document: 2.19.0 → 2.19.2 (yarn.lock) - node-forge: 1.3.1 → 1.3.3 (website yarn.lock) - http-proxy-middleware: 2.0.7 → 2.0.9 (website yarn.lock) - @babel/runtime: 7.26.0 → 7.26.10 (website yarn.lock) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * chore(deps): upgrade @vis.gl/dev-tools to 1.0.1 Co-Authored-By: Claude (global.anthropic.claude-opus-4-5-20251101-v1:0) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
I tested the website locally and all seems to build and work. I took a look at each change log and nothing jumped out as concerning.
Changes
GitHub Actions
npm dependencies (package.json)
npm dependencies (yarn.lock only)
Python dependencies
Related PRs
This PR combines the following Dependabot PRs:
Test plan
🤖 Generated with Claude Code
Note
Low Risk
Primarily dependency and CI workflow version bumps; main risk is incidental CI/build behavior changes from updated GitHub Actions and tooling.
Overview
Consolidates dependency updates across CI and the monorepo.
GitHub Actions workflows (
release,test,website,scorecard) are updated to newer pinned versions of core actions (e.g.,actions/checkout,actions/setup-node,actions/setup-python,upload-artifact,codeqlSARIF upload, Scorecard, and GitHub Pages deploy).Updates JS/Python dependencies: bumps
@vis.gl/dev-toolsand@vis.gl/ts-pluginsto1.0.1, updates@deck.gl/cartoto usemoment-timezone^0.6.0, refreshes lockfiles (e.g.,lodash,node-forge,http-proxy-middleware,@babel/runtime,min-document), and upgrades Python dev formatterblackto24.3.0.Written by Cursor Bugbot for commit d1f563a. This will update automatically on new commits. Configure here.