Skip to content

build(deps-dev): Bump the dev-dependencies group with 4 updates#17

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dev-dependencies-1ace3c4b1f
Open

build(deps-dev): Bump the dev-dependencies group with 4 updates#17
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dev-dependencies-1ace3c4b1f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 7, 2026

Bumps the dev-dependencies group with 4 updates: electron, eslint, globals and lint-staged.

Updates electron from 41.3.0 to 42.0.0

Release notes

Sourced from electron's releases.

electron v42.0.0

Release Notes for v42.0.0

Stack Upgrades

Breaking Changes

Behavior Changed: macOS notifications now use UNNotification API

Electron has migrated from the deprecated NSUserNotification API to the UNNotification API on macOS. The new API requires that an application be code-signed in order for notifications to be displayed. If an application is not code-signed, notifications will emit a failed event on the Notification object. #47817

Behavior Changed: electron no longer downloads itself via postinstall script

Previously, the electron npm package would download the Electron binary from the repository's GitHub Releases in the package's postinstall script. With recent supply chain security attacks against the npm ecosystem with postinstall scripts as a common attack vector, Electron will now download itself dynamically the first time that its main bin script is run (e.g. via npx electron). See [RFC #22](electron/rfcs#22) for more context. #49328

Behavior Changed: Offscreen rendering default device scale factor

Previously, OSR used the primary display's device scale factor for rendering. Starting from Electron 42, the default changes to a constant value of 1.0 for more consistent output sizes. Use webPreferences.offscreen.deviceScaleFactor to specify a custom value. #49683

Removed: quotas object from Session.clearStorageData(options)

When calling Session.clearStorageData(options), the options.quotas object is no longer supported because it has been removed from upstream Chromium.

Removed: ELECTRON_SKIP_BINARY_DOWNLOAD environment variable

This environment variable is no longer supported due to the new lazy download behavior. #50459

Features

Additions

  • Added app.configureWebAuthn({ touchID: { keychainAccessGroup } }) to enable the WebAuthn Touch ID platform authenticator on macOS. Also introduces a select-webauthn-account session event for discoverable-credential selection. #51411 (Also in 41)
  • Added Notification.getHistory() for macOS. #51123
  • Added Notification.handleActivation(callback) API on Windows to handle notification clicks, replies, and action buttons - including when the app is launched from a notification (cold start). #49919
  • Added ELECTRON_INSTALL_PLATFORM and ELECTRON_INSTALL_ARCH variables to install binaries from other platforms and architectures. #49981
  • Added allowExtensions privilege to protocol.registerSchemesAsPrivileged() to enable Chrome extensions on custom protocols. #50530 (Also in 40, 41)
  • Added app.isActive() to check if the app is the active/foreground application (macOS only). #49622
  • Added globalShortcut.setSuspended() and globalShortcut.isSuspended() methods to temporarily suspend and resume global shortcut handling. #50777
  • Added id and groupId options to the Notification constructor on macOS. id allows custom identifiers for notifications, and groupId visually groups notifications together in Notification Center. #50304
  • Added webContents.getOrCreateDevToolsTargetId(). #49733 (Also in 41)
  • Added a disclaim option to the UtilityProcess API to allow for TCC disclaiming on macOS. #49128 (Also in 39, 40, 41)
  • Added a reason property to the Notification 'closed' event on Windows to allow developers to know the reason the Notification was dismissed. #49913 (Also in 40, 41)
  • Added an usePrinterDefaultPageSize option to webContents.print() to allow using the printer's default page size. #49523 (Also in 41)
  • Added animation functionality to view.setBounds and added view.setBackgroundBlur. #48812

... (truncated)

Commits
  • 51db52e fix: set XDG app ID and WM_CLASS based on normalized app name (#51479)
  • 3998b93 fix: handle createWindow() rejection in import-meta test fixture (#51468)
  • 5ce31c3 fix: don't let tests hang for an hour (#51466)
  • 49f7d16 chore: bump chromium to 148.0.7778.96 (42-x-y) (#51402)
  • 673351b chore: use oxfmt and oxlint in 42-x-y (#51435)
  • 7369f7d fix: constrain AllowUniversalAccessFromFileURLs to file: origins in agent clu...
  • dc58761 fix: prevent borders and smearing in transparent frameless/client fra… (#51430)
  • 84ea8a1 build(deps): bump dorny/paths-filter from 3.0.2 to 4.0.1 (#51408)
  • 6e01ddb refactor: gin_helper::Promise managed by cppgc (#51405)
  • 2d943ef feat: support WebAuthn Touch ID platform authenticator on macOS (#51411)
  • Additional commits viewable in compare view

Updates eslint from 10.2.1 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

  • 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

  • b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

  • 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
  • 7f47937 docs: Update README (GitHub Actions Bot)

Chores

  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
  • 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
  • 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
  • 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
  • 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
  • f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
  • a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
  • 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
  • b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
  • 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)
Commits
  • 7889204 10.3.0
  • 5b69b4f Build: changelog update for 10.3.0
  • d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
  • b6ae5cf fix: handle unavailable require cache (#20812)
  • 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
  • 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
  • 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
  • 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
  • 379571a feat: add suggestions for no-unused-private-class-members (#20773)
  • 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
  • Additional commits viewable in compare view

Updates globals from 17.5.0 to 17.6.0

Release notes

Sourced from globals's releases.

v17.6.0

  • Update globals (2026-05-01) (#343) 00a4dd9

sindresorhus/globals@v17.5.0...v17.6.0

Commits

Updates lint-staged from 16.4.0 to 17.0.2

Release notes

Sourced from lint-staged's releases.

v17.0.2

Patch Changes

v17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

v17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

  • #1759 f13045a Thanks @​iiroj! - Update dependencies, including tinyexec@1.1.1 to fix the following issues:

    • When using a Node.js version manager with multiple versions installed (nvm, n, for example), scripts with the #!/usr/bin/env node shebang (Prettier, ESLint, for example) were previously spawned using the default Node.js version configured by the version manager (the one which node points to) on POSIX systems. Now, they will be spawned with the same version that lint-staged itself was started with.
      • For example, if your default Node.js version is 24.14.1 but lint-staged is run with the latest version 25.9.0, the tasks spawned by lint-staged will now also use version 25.9.0. Previously they were spawned using 24.14.1.
    • When installing Node.js from the Ubuntu App Center (Snap store), the node executable available in PATH is a symlink pointing to Snap itself. The sandboxing features of Snap prevented lint-staged from spawning scripts with the #!/usr/bin/env node shebang, because it meant lint-staged tried to spawn Snap via the symlink. This resulted in an ENOENT error when trying to run prettier, for example. Now, since the real node executable's directory is available in the PATH, lint-staged will instead spawn the script with the real node binary succesfully.

  • #1761 d3251b1 Thanks @​iiroj! - Lint-staged now runs git update-index --again after running tasks, instead of git add <originally staged files>. This should improve compatibility when using non-default indexes, for example when committing with a pathspec git commit -m "message" . instead of adding files to the index.

  • #1745 a9585ac Thanks @​iiroj! - Remove commander as a dependency and use the built-in parseArgs from node:util to parse CLI flags.

Patch Changes

  • #1755 c82d30b Thanks @​iiroj! - All tests now pass on the Bun runtime (latest).

  • #1750 a401818 Thanks @​iiroj! - Remove manual handling for git stash --keep-index resurrecting deleted files, because the issue was fixed in Git 2.23.0 and lint-staged requires at least Git 2.32.0.

  • #1771 c4b8936 Thanks @​iiroj! - Fix documentation about multiple config files and the --cwd option. When using it, all tasks will be run in the specified directory. For example, to run everything in the actual process.cwd(), use lint-staged --cwd=".".

Changelog

Sourced from lint-staged's changelog.

17.0.2

Patch Changes

17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

  • #1759 f13045a Thanks @​iiroj! - Update dependencies, including tinyexec@1.1.1 to fix the following issues:

    • When using a Node.js version manager with multiple versions installed (nvm, n, for example), scripts with the #!/usr/bin/env node shebang (Prettier, ESLint, for example) were previously spawned using the default Node.js version configured by the version manager (the one which node points to) on POSIX systems. Now, they will be spawned with the same version that lint-staged itself was started with.
      • For example, if your default Node.js version is 24.14.1 but lint-staged is run with the latest version 25.9.0, the tasks spawned by lint-staged will now also use version 25.9.0. Previously they were spawned using 24.14.1.
    • When installing Node.js from the Ubuntu App Center (Snap store), the node executable available in PATH is a symlink pointing to Snap itself. The sandboxing features of Snap prevented lint-staged from spawning scripts with the #!/usr/bin/env node shebang, because it meant lint-staged tried to spawn Snap via the symlink. This resulted in an ENOENT error when trying to run prettier, for example. Now, since the real node executable's directory is available in the PATH, lint-staged will instead spawn the script with the real node binary succesfully.

  • #1761 d3251b1 Thanks @​iiroj! - Lint-staged now runs git update-index --again after running tasks, instead of git add <originally staged files>. This should improve compatibility when using non-default indexes, for example when committing with a pathspec git commit -m "message" . instead of adding files to the index.

  • #1745 a9585ac Thanks @​iiroj! - Remove commander as a dependency and use the built-in parseArgs from node:util to parse CLI flags.

Patch Changes

  • #1755 c82d30b Thanks @​iiroj! - All tests now pass on the Bun runtime (latest).

  • #1750 a401818 Thanks @​iiroj! - Remove manual handling for git stash --keep-index resurrecting deleted files, because the issue was fixed in Git 2.23.0 and lint-staged requires at least Git 2.32.0.

  • #1771 c4b8936 Thanks @​iiroj! - Fix documentation about multiple config files and the --cwd option. When using it, all tasks will be run in the specified directory. For example, to run everything in the actual process.cwd(), use lint-staged --cwd=".".

Commits
  • 0a3b253 Merge pull request #1780 from lint-staged/changeset-release/main
  • 36cae27 chore(changeset): release
  • ff03baa Merge pull request #1779 from lint-staged/immutable-release
  • 88670ca ci: force Changesets action to sign Git tag
  • 7f4596b Merge pull request #1777 from lint-staged/changeset-release/main
  • 697c9ae chore(changeset): release
  • 7ed4125 Merge pull request #1778 from lint-staged/fix-changesets
  • bf400fe ci: publish to npm in same Changesets workflow so that a personal token isn't...
  • 0c2e6e5 Merge pull request #1776 from lint-staged/fix-changesets
  • 4a5664b ci: use personal access token with semantic-release so that it can trigger pu...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps-dev): Bump the dev-dependencies group with 4 updates
3e1d17d 
Bumps the dev-dependencies group with 4 updates: [electron](https://github.com/electron/electron), [eslint](https://github.com/eslint/eslint), [globals](https://github.com/sindresorhus/globals) and [lint-staged](https://github.com/lint-staged/lint-staged).


Updates `electron` from 41.3.0 to 42.0.0
- [Release notes](https://github.com/electron/electron/releases)
- [Commits](electron/electron@v41.3.0...v42.0.0)

Updates `eslint` from 10.2.1 to 10.3.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.2.1...v10.3.0)

Updates `globals` from 17.5.0 to 17.6.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.5.0...v17.6.0)

Updates `lint-staged` from 16.4.0 to 17.0.2
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.4.0...v17.0.2)

---
updated-dependencies:
- dependency-name: electron
  dependency-version: 42.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: eslint
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: globals
  dependency-version: 17.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: lint-staged
  dependency-version: 17.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants