Skip to content

Bump the dev-deps group across 1 directory with 9 updates#524

Open
dependabot[bot] wants to merge 1 commit into
preview-srcfrom
dependabot/bun/preview-src/dev-deps-e79eed2e0e
Open

Bump the dev-deps group across 1 directory with 9 updates#524
dependabot[bot] wants to merge 1 commit into
preview-srcfrom
dependabot/bun/preview-src/dev-deps-e79eed2e0e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Bumps the dev-deps group with 9 updates in the / directory:

Package From To
@cloudflare/vite-plugin 1.33.0 1.36.3
eslint 10.2.1 10.3.0
globals 17.5.0 17.6.0
typescript-eslint 8.59.0 8.59.2
vite 8.0.9 8.0.11
vite-plugin-pwa 1.2.0 1.3.0
workbox-build 7.4.0 7.4.1
workbox-window 7.4.0 7.4.1
wrangler 4.84.0 4.90.0

Updates @cloudflare/vite-plugin from 1.33.0 to 1.36.3

Release notes

Sourced from @​cloudflare/vite-plugin's releases.

@​cloudflare/vite-plugin@​1.36.3

Patch Changes

@​cloudflare/vite-plugin@​1.36.2

Patch Changes

  • Updated dependencies [dd3baf3, 5cf6f81]:
    • wrangler@4.89.1
    • miniflare@4.20260507.1

@​cloudflare/vite-plugin@​1.36.1

Patch Changes

  • #13802 a7fd465 Thanks @​deodad! - Fix .dev.vars written for vite preview to round-trip values containing quotes

    When the plugin emits dist/<env>/.dev.vars for vite preview, it previously wrote each value as a double-quoted dotenv string with " escaped to \". dotenv (the parser wrangler uses) does not unescape \" inside double-quoted values, so values containing " arrived at the worker with literal backslashes still in them.

    The plugin now quotes strings using the first quote character that does not appear in the value (with the priority order: single → backtick → double), all of which dotenv strips correctly. If a value contains every supported quote character it throws instead of silently corrupting the value.

  • Updated dependencies [2284f20, 332f527, 039bada, 18e833d, b6cea17, 1a54ac5, 53e846a, f3fed88, beff19c, af42fed, 1a54ac5]:

    • miniflare@4.20260507.0
    • wrangler@4.89.0

@​cloudflare/vite-plugin@​1.36.0

Minor Changes

  • #13810 2b8c0cc Thanks @​jamesopstad! - Stabilize the secrets configuration property

    The secrets property in the Wrangler config file is no longer experimental and will no longer emit an experimental warning when used. Required secrets are validated during local development and deploy, and used as the source of truth for type generation.

    {
  "secrets": {
    "required": ["API_KEY", "DB_PASSWORD"]
  }
}

Patch Changes

... (truncated)

Changelog

Sourced from @​cloudflare/vite-plugin's changelog.

1.36.3

Patch Changes

1.36.2

Patch Changes

  • Updated dependencies [dd3baf3, 5cf6f81]:
    • wrangler@4.89.1
    • miniflare@4.20260507.1

1.36.1

Patch Changes

  • #13802 a7fd465 Thanks @​deodad! - Fix .dev.vars written for vite preview to round-trip values containing quotes

    When the plugin emits dist/<env>/.dev.vars for vite preview, it previously wrote each value as a double-quoted dotenv string with " escaped to \". dotenv (the parser wrangler uses) does not unescape \" inside double-quoted values, so values containing " arrived at the worker with literal backslashes still in them.

    The plugin now quotes strings using the first quote character that does not appear in the value (with the priority order: single → backtick → double), all of which dotenv strips correctly. If a value contains every supported quote character it throws instead of silently corrupting the value.

  • Updated dependencies [2284f20, 332f527, 039bada, 18e833d, b6cea17, 1a54ac5, 53e846a, f3fed88, beff19c, af42fed, 1a54ac5]:

    • miniflare@4.20260507.0
    • wrangler@4.89.0

1.36.0

Minor Changes

  • #13810 2b8c0cc Thanks @​jamesopstad! - Stabilize the secrets configuration property

    The secrets property in the Wrangler config file is no longer experimental and will no longer emit an experimental warning when used. Required secrets are validated during local development and deploy, and used as the source of truth for type generation.

    {
  "secrets": {
    "required": ["API_KEY", "DB_PASSWORD"]
  }
}

Patch Changes

... (truncated)

Commits
  • 14d4768 Version Packages (#13856)
  • 1527003 Migrate Workers AI references off deprecated models (#13850)
  • e0c97ad Version Packages (#13851)
  • 553aaa2 Version Packages (#13826)
  • a7fd465 fix(vite-plugin): round-trip .dev.vars values containing quotes (#13802)
  • 0605474 Version Packages (#13766)
  • a2f9c26 fix(vite-plugin-cloudflare): deny more credential files in vite dev server (#...
  • b8458f7 Revert "Add support for applications that use the entry Worker during develop...
  • 31a71c6 Add support for applications that use the entry Worker during development but...
  • 8590828 Enable require-description-when-disabling lint rule on the vite plugin (#13741)
  • Additional commits viewable in compare view

Updates eslint from 10.2.1 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

  • 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

  • b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

  • 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
  • 7f47937 docs: Update README (GitHub Actions Bot)

Chores

  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
  • 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
  • 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
  • 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
  • 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
  • f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
  • a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
  • 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
  • b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
  • 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)
Commits
  • 7889204 10.3.0
  • 5b69b4f Build: changelog update for 10.3.0
  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
  • b6ae5cf fix: handle unavailable require cache (#20812)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
  • 379571a feat: add suggestions for no-unused-private-class-members (#20773)
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
  • Additional commits viewable in compare view

Updates globals from 17.5.0 to 17.6.0

Release notes

Sourced from globals's releases.

v17.6.0

  • Update globals (2026-05-01) (#343) 00a4dd9

sindresorhus/globals@v17.5.0...v17.6.0

Commits

Updates typescript-eslint from 8.59.0 to 8.59.2

Release notes

Sourced from typescript-eslint's releases.

v8.59.2

8.59.2 (2026-05-04)

🩹 Fixes

  • eslint-plugin: [no-unsafe-type-assertion] handle crash on recursive template literal types (#12150)
  • eslint-plugin: [no-deprecated] object destructuring values should be treated as declarations (#12292)
  • rule-tester: add TypeScript as a peer dependency (#12288)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.59.1

8.59.1 (2026-04-27)

🩹 Fixes

  • eslint-plugin: [no-unnecessary-type-assertion] fix crash "TypeError: checker.getTypeArguments is not a function" (#12246)
  • eslint-plugin: [no-unnecessary-type-assertion] preserve index signatures in undefined unions (#12257)
  • eslint-plugin: [no-unnecessary-type-assertion] preserve phantom type arguments in generic inference (#12269)
  • eslint-plugin: [no-unnecessary-type-assertion] avoid false positive in logical assignment assertions (#12278)
  • eslint-plugin: [no-unnecessary-type-arguments] handle instantiation expressions (#12220)
  • eslint-plugin: [no-unnecessary-condition] treat void as nullish in no-unnecessary-condition (#12241)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.59.2 (2026-05-04)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.1 (2026-04-27)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

Updates vite from 8.0.9 to 8.0.11

Release notes

Sourced from vite's releases.

v8.0.11

Please refer to CHANGELOG.md for details.

v8.0.10

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

8.0.11 (2026-05-07)

Features

Bug Fixes

  • deps: update all non-major dependencies (#22334) (672c962)
  • deps: update all non-major dependencies (#22382) (5c0cfcb)
  • glob: align hmr matcher options with glob enumeration (#22306) (30028f9)
  • make separate object instance for each environment (#22276) (7c2aa3b)

Documentation

Miscellaneous Chores

  • deps: update dependency tsdown to ^0.21.10 (#22333) (3b51e05)
  • deps: update rolldown-related dependencies (#22383) (555ff36)
  • deps: update transitive packages to fix npm audit alerts (#22316) (86aee62)

Code Refactoring

Tests

8.0.10 (2026-04-23)

Features

Bug Fixes

  • hmrClient.logger.debug and hmrClient.logger.error looked different from other HMR logs (#22147) (a4d828f)
  • css: show filename in CSS minification warnings for .css?inline (#22292) (83f0a78)
  • optimizer: allow user transform.target to override default in optimizeDeps (#22273) (5c7cec6)
  • remove format sniffing module resolution from JS resolver (#22297) (b8a21cc)

Code Refactoring

Commits

Updates vite-plugin-pwa from 1.2.0 to 1.3.0

Release notes

Sourced from vite-plugin-pwa's releases.

v1.3.0

   🚀 Features

    View changes on GitHub
Commits
  • 05670fc chore: release v1.3.0
  • 207f86e Merge pull request #899 from rj-au/patch-1
  • 67f5000 Merge pull request #929 from vite-pwa/userquin/chore-bump-workbox-to-7.4.1
  • a964691 chore: update workbox to 7.4.1
  • 2432f65 Merge pull request #924 from Hermione-Granger-1176/feat/add-vite-8-peer-dep
  • 3476818 Merge pull request #914 from tomrehnstrom/feat/on-need-reload
  • 276af62 feat: add vite 8 peer dependency support
  • 4e16215 chore: use "moduleResolution": "bundler" (#913)
  • fb30890 feat(client): add onNeedReload callback
  • 3fc4b27 JSDOC: registerType: fix grammar and description
  • See full diff in compare view

Updates workbox-build from 7.4.0 to 7.4.1

Release notes

Sourced from workbox-build's releases.

Workbox v7.4.1

What's Changed

New Contributors

Full Changelog: GoogleChrome/workbox@v7.4.0...v7.4.1

Commits
  • 62b9d8b v7.4.1
  • b6b696c Merge pull request #3510 from GoogleChrome/chore/update-lock-file
  • 6524a7d Update test
  • 9a57e39 Run npm audit fix
  • 86035d8 Update lock file
  • c75363a Merge pull request #3508 from GoogleChrome/dependabot/github_actions/github/c...
  • 85383d6 Merge pull request #3507 from GoogleChrome/dependabot/npm_and_yarn/apideck/be...
  • a1cdb47 Bump github/codeql-action from 4 to 4.35.2
  • 05b276d Bump @​apideck/better-ajv-errors from 0.3.1 to 0.3.7
  • 8e6df29 Merge pull request #3489 from rtritto/replace-lodash
  • Additional commits viewable in compare view

Updates workbox-window from 7.4.0 to 7.4.1

Release notes

Sourced from workbox-window's releases.

Workbox v7.4.1

What's Changed

New Contributors

Full Changelog: GoogleChrome/workbox@v7.4.0...v7.4.1

Commits
  • 62b9d8b v7.4.1
  • b6b696c Merge pull request #3510 from GoogleChrome/chore/update-lock-file
  • 6524a7d Update test
  • 9a57e39 Run npm audit fix
  • 86035d8 Update lock file
  • c75363a Merge pull request #3508 from GoogleChrome/dependabot/github_actions/github/c...
  • 85383d6 Merge pull request #3507 from GoogleChrome/dependabot/npm_and_yarn/apideck/be...
  • a1cdb47 Bump github/codeql-action from 4 to 4.35.2
  • 05b276d Bump @​apideck/better-ajv-errors from 0.3.1 to 0.3.7
  • 8e6df29 Merge pull request #3489 from rtritto/replace-lodash
  • Additional commits viewable in compare view

Updates wrangler from 4.84.0 to 4.90.0

Release notes

Sourced from wrangler's releases.

wrangler@4.90.0

Minor Changes

  • #12279 248bc08 Thanks @​penalosa! - Add deprecation warning for delivery_delay in queue producer bindings

    The delivery_delay setting in [[queues.producers]] was silently having no effect since 2024. This change adds a deprecation warning when the setting is used, informing users that queue-level settings should be configured using wrangler queues update instead. The setting will be removed in a future version.

Patch Changes

@dependabot
Bump the dev-deps group across 1 directory with 9 updates
0ade019 
Bumps the dev-deps group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@cloudflare/vite-plugin](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/vite-plugin-cloudflare) | `1.33.0` | `1.36.3` |
| [eslint](https://github.com/eslint/eslint) | `10.2.1` | `10.3.0` |
| [globals](https://github.com/sindresorhus/globals) | `17.5.0` | `17.6.0` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.59.0` | `8.59.2` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.9` | `8.0.11` |
| [vite-plugin-pwa](https://github.com/vite-pwa/vite-plugin-pwa) | `1.2.0` | `1.3.0` |
| [workbox-build](https://github.com/googlechrome/workbox) | `7.4.0` | `7.4.1` |
| [workbox-window](https://github.com/googlechrome/workbox) | `7.4.0` | `7.4.1` |
| [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `4.84.0` | `4.90.0` |



Updates `@cloudflare/vite-plugin` from 1.33.0 to 1.36.3
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/vite-plugin-cloudflare/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/@cloudflare/vite-plugin@1.36.3/packages/vite-plugin-cloudflare)

Updates `eslint` from 10.2.1 to 10.3.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.2.1...v10.3.0)

Updates `globals` from 17.5.0 to 17.6.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.5.0...v17.6.0)

Updates `typescript-eslint` from 8.59.0 to 8.59.2
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.2/packages/typescript-eslint)

Updates `vite` from 8.0.9 to 8.0.11
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.0.11/packages/vite)

Updates `vite-plugin-pwa` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/vite-pwa/vite-plugin-pwa/releases)
- [Commits](vite-pwa/vite-plugin-pwa@v1.2.0...v1.3.0)

Updates `workbox-build` from 7.4.0 to 7.4.1
- [Release notes](https://github.com/googlechrome/workbox/releases)
- [Commits](GoogleChrome/workbox@v7.4.0...v7.4.1)

Updates `workbox-window` from 7.4.0 to 7.4.1
- [Release notes](https://github.com/googlechrome/workbox/releases)
- [Commits](GoogleChrome/workbox@v7.4.0...v7.4.1)

Updates `wrangler` from 4.84.0 to 4.90.0
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@4.90.0/packages/wrangler)

---
updated-dependencies:
- dependency-name: "@cloudflare/vite-plugin"
  dependency-version: 1.36.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: eslint
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: globals
  dependency-version: 17.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: typescript-eslint
  dependency-version: 8.59.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: vite
  dependency-version: 8.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: vite-plugin-pwa
  dependency-version: 1.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: workbox-build
  dependency-version: 7.4.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: workbox-window
  dependency-version: 7.4.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: wrangler
  dependency-version: 4.90.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants