build(deps-dev): Bump @types/node from 25.9.1 to 25.9.3#136
Conversation
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.9.1 to 25.9.3. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.9.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
Approve. This is a routine patch-level @types/node bump from 25.9.1 to 25.9.3, and the lockfile updates are internally consistent with the new type package version. I didn’t find any unrelated manifest drift or functional code changes in the actual commit diff.
Summary: clean dev-dependency refresh, no merge blockers from this PR itself.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
Approve.
This is a routine patch-level @types/node bump from 25.9.1 to 25.9.3. I checked the actual commit diff, and it only updates package.json plus the corresponding pnpm-lock.yaml references; there’s no functional code change or unrelated manifest drift in the PR commit itself.
I’m not seeing any new risk beyond the existing queue state, so this is merge-ready once the blocked merge state clears.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
Rechecked commit 9ca1b1476e in the PR worktree and confirmed this is still a narrow dev-dependency refresh only: package.json bumps @types/node from ^25.9.1 to ^25.9.3, and pnpm-lock.yaml re-resolves consistently to 25.9.3 without unrelated manifest drift or source changes. No new risk surfaced beyond the existing queue/merge-state blocker.
Compact summary: routine patch-level type bump, clean lockfile update, merge-ready once unrelated blocked state clears.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
This commit is no longer a narrow @types/node patch bump. In package.json, the PR also changes the package version and updates unrelated dependencies (yaml, zod, fast-check, tsx) plus adds a new autoscale-webhook script. The lockfile reflects the same broader refresh. That scope drift makes it hard to treat this as the safe, routine dev-dependency update the PR title suggests.
Please split the unrelated manifest updates into separate changes, or regenerate this PR so it only carries the @types/node bump and its minimal lockfile churn.
Summary: this is too broad for a patch-level type-only update.
athena-omt
added
the
state:needs-repair
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I rechecked commit 9ca1b1476e in the actual PR worktree and this is again a narrow patch-level @types/node update only. package.json changes just the type package from ^25.9.1 to ^25.9.3, and the pnpm-lock.yaml churn is the expected transitive re-resolve for that version bump. I did not find the broader manifest drift that was present in the earlier revision, so that blocker no longer applies here.
Compact summary: clean dev-dependency refresh, no PR-specific blockers.
athena-omt
removed
the
state:needs-repair
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I rechecked commit 9ca1b1476e in the PR worktree and this is still a narrow dev-dependency bump only. package.json changes just @types/node from ^25.9.1 to ^25.9.3, and the pnpm-lock.yaml churn is the expected version propagation through the existing dependency graph. I did not find any source changes, unrelated manifest edits, or additional risk introduced by this PR.
Compact summary: clean patch-level type bump, merge-ready from the PR itself.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
The PR is still not a narrow @types/node patch bump. In package.json, the commit also changes the package version, adds a new autoscale-webhook script, and bumps unrelated runtime/dev dependencies (yaml, zod, fast-check, tsx) alongside @types/node. The lockfile mirrors that broader refresh, including the updated @stryker-mutator/*, vitest, and vite resolution chains tied to the new versions in pnpm-lock.yaml. This is scope drift for a PR titled as a single dev-dependency patch, so I can’t treat it as a routine safe update.
Please split the unrelated manifest/script/version changes into separate work, or regenerate the PR so it only contains the @types/node bump and the minimal lockfile churn.
Compact summary: scope drift remains; request changes until this is reduced back to the claimed patch-level update.
athena-omt
added
the
state:needs-repair
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I rechecked commit 9ca1b1476e in the PR worktree and this is now a narrow patch-level dev dependency bump again. package.json only changes @types/node from ^25.9.1 to ^25.9.3, and the pnpm-lock.yaml churn is the expected version propagation for that same update. I did not find any source changes or unrelated manifest drift in the current commit, so the earlier scope-drift blocker no longer applies.
Compact summary: clean @types/node patch bump, merge-ready from the PR itself.
athena-omt
removed
the
state:needs-repair
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
This commit is a narrow patch-level @types/node bump from 25.9.1 to 25.9.3. The only file changes in HEAD^..HEAD are package.json and pnpm-lock.yaml, and the lockfile updates are the expected version propagation through the existing dependency graph. I did not find any source edits, unrelated manifest drift, or additional PR-specific risk in the actual commit under review.
Compact summary: clean dev-dependency refresh, merge-ready from the PR itself.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I rechecked the current PR diff and it is a narrow patch-level @types/node update only: package.json changes @types/node from ^25.9.1 to ^25.9.3, and the only other file is the generated pnpm-lock.yaml churn that comes with that resolution. I did not find any source changes, unrelated manifest drift, or other PR-specific risk in the actual commit under review.
Compact summary: clean dev-dependency refresh, merge-ready from the PR itself.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I can’t complete a reliable code review from the actual worktree right now because the Athena node is disconnected, so I wasn’t able to run the required local inspection on /openclaw-data/src/_worktrees/athena/omt-global/github-runner-fleet/pr-136. The PR metadata still shows a single dependabot commit for a patch bump of @types/node from 25.9.1 to 25.9.3, with only package.json and pnpm-lock.yaml changed, and the PR remains review-required with an approving review already present in the thread. Compact summary: infrastructure blocked; I can’t independently verify the live diff from the worker right now.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I couldn’t complete a reliable fresh review of the live PR worktree because the required worker-node smoke check from / timed out twice at the gateway before returning any shell output, so I was not able to verify the actual diff in /openclaw-data/src/_worktrees/athena/omt-global/github-runner-fleet/pr-136.
Given the repeated worker-side timeout, I’m not adding another approval or change request based only on the stale PR metadata and prior reviews.
Compact summary: infrastructure blocked; actual diff could not be independently rechecked.
athena-omt
left a comment
athena-omt
left a comment
There was a problem hiding this comment.
I couldn’t complete a reliable fresh review of the live PR worktree because every attempted worker-node shell check from / timed out at the gateway before returning output, so I was not able to independently inspect /openclaw-data/src/_worktrees/athena/omt-global/github-runner-fleet/pr-136.
I’m therefore not adding another approval or change request based only on the stale PR metadata and prior reviews.
Compact summary: infrastructure blocked; actual diff could not be rechecked on the worker node.
pheidon
left a comment
pheidon
left a comment
There was a problem hiding this comment.
Looks good: this is a patch-level @types/node bump with matching lockfile refresh, and the live checks are green.
pheidon
left a comment
pheidon
left a comment
There was a problem hiding this comment.
Approved. This is a clean dev-dependency bump with only the expected lockfile refresh; no runtime code changes.
3 participants
Bumps @types/node from 25.9.1 to 25.9.3.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)