Skip to content

fix: dependabot 20260529#482

Merged
hanneshapke merged 10 commits into
mainfrom
fix/dependabot-20260529
May 29, 2026
Merged

fix: dependabot 20260529#482
hanneshapke merged 10 commits into
mainfrom
fix/dependabot-20260529

Conversation

@hanneshapke
Copy link
Copy Markdown
Collaborator

@hanneshapke hanneshapke commented May 29, 2026

Summary

Merged 5 dependabot PRs into the current branch (fix/dependabot-20260529), oldest-to-newest:

PR Bump Conflicts
#466 golangci-lint-action 9.2.0 → 9.2.1 (workflow) none
#450 electron 41.2.1 → 42.1.0 none
#451 @babel/preset-env 7.29.2 → 7.29.5 auto-resolved
#452 electron-builder 26.7.0 → 26.8.1 manifest + lock conflicts
#454 @sentry/electron 7.11.0 → 7.13.0 lock conflicts

Because all four npm PRs branched off main independently and each touched src/frontend/package.json + the root package-lock.json, the later ones conflicted. I resolved the manifest conflicts by hand (keeping each PR's own bump) and, rather than hand-editing the transitive-dependency blocks in the lock (risky), regenerated package-lock.json with npm install --package-lock-only so npm computed the correct combined tree.

dependabot Bot and others added 10 commits May 18, 2026 16:52
@dependabot
deps(deps-dev): bump electron from 41.2.1 to 42.1.0
2ce1dd8 
---
updated-dependencies:
- dependency-name: electron
  dependency-version: 42.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
deps(deps-dev): bump @babel/preset-env from 7.29.2 to 7.29.5
1ef45cd 
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.29.2 to 7.29.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.5/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@babel/preset-env"
  dependency-version: 7.29.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
deps(deps-dev): bump electron-builder from 26.7.0 to 26.8.1
09a0462 
Bumps [electron-builder](https://github.com/electron-userland/electron-builder/tree/HEAD/packages/electron-builder) from 26.7.0 to 26.8.1.
- [Release notes](https://github.com/electron-userland/electron-builder/releases)
- [Changelog](https://github.com/electron-userland/electron-builder/blob/master/packages/electron-builder/CHANGELOG.md)
- [Commits](https://github.com/electron-userland/electron-builder/commits/electron-builder@26.8.1/packages/electron-builder)

---
updated-dependencies:
- dependency-name: electron-builder
  dependency-version: 26.8.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
deps(deps): bump @sentry/electron from 7.11.0 to 7.13.0
36ad432 
Bumps [@sentry/electron](https://github.com/getsentry/sentry-electron) from 7.11.0 to 7.13.0.
- [Release notes](https://github.com/getsentry/sentry-electron/releases)
- [Changelog](https://github.com/getsentry/sentry-electron/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-electron@7.11.0...7.13.0)

---
updated-dependencies:
- dependency-name: "@sentry/electron"
  dependency-version: 7.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
ci(deps): bump golangci/golangci-lint-action in the github-actions group
bd87335 
Bumps the github-actions group with 1 update: [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action).


Updates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@1e7e51e...82606bf)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@hanneshapke
Merge remote-tracking branch 'origin/dependabot/github_actions/github…
11f7299 
…-actions-262b37236a' into fix/dependabot-20260529
@hanneshapke
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/electron…
5fc626d 
…-42.1.0' into fix/dependabot-20260529
@hanneshapke
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/babel/pr…
758e097 
…eset-env-7.29.5' into fix/dependabot-20260529
@hanneshapke
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/electron…
17e419b 
…-builder-26.8.1' into fix/dependabot-20260529

# Conflicts:
#	package-lock.json
#	src/frontend/package.json
@hanneshapke
Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/sentry/e…
01727ec 
…lectron-7.13.0' into fix/dependabot-20260529

# Conflicts:
#	package-lock.json
@hanneshapke hanneshapke merged commit 4750b89 into main May 29, 2026
8 checks passed
@github-actions github-actions Bot locked and limited conversation to collaborators May 29, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hanneshapke