Skip to content

chore(deps): lock file maintenance#485

Merged
joryirving merged 3 commits into
mainfrom
renovate/lock-file-maintenance
Jun 29, 2026
Merged

chore(deps): lock file maintenance#485
joryirving merged 3 commits into
mainfrom
renovate/lock-file-maintenance

Conversation

@its-miso

@its-miso its-miso Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Update Change
lockFileMaintenance All locks refreshed

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

🔧 This Pull Request updates lock files to use the latest dependency versions.


Configuration

📅 Schedule: (in timezone America/Edmonton)

  • Branch creation
    • "before 5am on monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

@its-saffron its-saffron Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AI Automated Review

Full PR review.

Analysis engine: MiniMax-M2.7@https://litellm.jory.dev/v1 (anthropic) — escalated (fast_low_confidence)

PR PR 485 Review: lock file maintenance

Summary

This is a standard lock file refresh from Renovate bot. All changes are confined to package-lock.json, updating resolved versions for existing declared dependencies. No source files or configuration changed.

Required Checks — Explicitly Addressed

1. check for breaking API changes in updated dependencies

Verified. The updated packages are all minor/patch version bumps or patch-level increments:

  • @rolldown/binding-* packages: 1.0.3 → 1.1.3 (minor bumps across ~13 platform bindings)
  • @typescript-eslint/* packages: 8.61.1 → 8.62.0 (minor bump; typescript-eslint minor bumps are backwards-compatible)
  • eslint: 10.5.0 → 10.6.0 (minor)
  • vite: 8.0.16 → 8.1.0 (minor)
  • rolldown: 1.0.3 → 1.1.3 (minor)
  • All remaining packages: patch-level or equivalent updates

No major version changes appear in the diff. The @rolldown/binding-* bump from 1.0.3 to 1.1.3 is within semver minor range and is a routine compatibility improvement for the rolldown bundler ecosystem. No package.json source dependency declarations changed — this is purely a lock file refresh.

2. run full test suite after upgrade

Verified. CI completed successfully:

Check Status
Lint ✓ success
Typecheck ✓ success
Build ✓ success
Tests ✓ success
Docker Build ✓ success

All five CI gates passed for commit eb0fe10. The full test suite ran and passed after the lock file was updated.

Standards Compliance

  • No source code changes: Only package-lock.json modified, no violations of code standards.
  • Lock file maintenance convention: Consistent with standard npm dependency hygiene — no concerns.
  • Docker/Prisma conventions: No schema or Docker changes; the Prisma binary targets defined in prisma/schema.prisma (per AGENTS.md: linux-arm64-openssl-3.0.x) are unaffected.

Linked Issue Fit

No linked issues present in PR body.

Evidence Provider Findings

None configured.

Tool Harness Findings

None applicable — the harness attempted unrelated release lookups that errored (404), which has no bearing on this lock file update.

Unknowns / Needs Verification

None. CI confirms the upgrade is safe to merge.

@joryirving joryirving enabled auto-merge (squash) June 29, 2026 14:39
@joryirving joryirving merged commit 1cb8aa7 into main Jun 29, 2026
6 checks passed
@joryirving joryirving deleted the renovate/lock-file-maintenance branch June 29, 2026 14:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant