Skip to content

build(deps): bump the all group across 1 directory with 11 updates #364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the all group across 1 directory with 11 updates #364

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 24, 2025
edited
Loading

Bumps the all group with 11 updates in the /tickethub/server/node directory:

Package From To
@prisma/client 6.8.1 7.0.0
@open-policy-agent/opa 1.7.11 2.0.0
dotenv 17.1.0 17.2.3
express 4.21.2 5.1.0
express-validator 7.2.1 7.3.1
jsonfile 6.1.0 6.2.0
eslint 9.35.0 9.39.1
fs-extra 11.3.0 11.3.2
nodemon 3.1.10 3.1.11
prisma 6.8.1 7.0.0
supertest 7.1.3 7.1.4

Updates @prisma/client from 6.8.1 to 7.0.0

Release notes

Sourced from @​prisma/client's releases.

7.0.0

Today, we are excited to share the 7.0.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — and follow us on X!

Highlights

Over the past year we focused on making it simpler and faster to build applications with Prisma, no matter what tools you use or where you deploy, with exceptional developer experience at it’s core. This release makes many features introduced over the past year as the new defaults moving forward.

Prisma ORM

Rust-free Prisma Client as the default

The Rust-free Prisma Client has been in the works for some time now, all the way back to v6.16.0, with early iterations being available for developers to adopt. Now with version 7.0, we’re making this the default for all new projects. With this, developers are able to get:

  • ~90% smaller bundle sizes
  • Up to 3x faster queries
  • ESM-first Prisma Client
  • Significantly simpler deployments

Adopting the new Rust-free client is as simple as swapping the prisma-client-js provider for prisma-client in your main schema.prisma :

// schema.prisma
generator client {
-	provider = "prisma-client-js"
+ provider = "prisma-client"
}

Generated Client and types move out of node_modules

When running prisma generate, the generated Client runtime and project types will now require a output path to be set in your project’s main schema.prisma. We recommend that they be generated inside of your project’s src directory to ensure that your existing tools are able to consume them like any other piece of code you might have.

// schema.prisma
generator client {
  provider = "prisma-client"
  // Generate my Client and Project types 
  output   = "../src/generated/prisma"
}

Update your code to import PrismaClient from this generated output:

// Import from the generated prisma client
import { PrismaClient } from './generated/prisma/client';

... (truncated)

Commits
  • bc09f97 feat(client): made accelerateUrl and adapter mutually exclusive at type level...
  • 3bf3163 chore: update engines to 6.20.0-16.next-0c19ccc313cf9911a90d99d2ac2eb0280c76c513
  • bdb03a5 fix(client): remove and fix remains of QE runtime bundles (#28533)
  • 3576780 feat(cli,migrate)!: resolve datasource paths relative to the config (#28514)
  • 41837be fix: fix usage of prisma init with corepack (#28504)
  • 1fb6761 feat(config): remove support for engine: 'js' | 'classic'; remove experimen...
  • d1cb099 refactor: remove legacy cruft from GetPrismaClientOptions (#28496)
  • fc75dbc fix: fix 21136 extension test (#28497)
  • df11516 feat(client): [breaking] remove postinstall hook, remove "auto-install" on ...
  • ff9d7cb chore: bump engines to 6.20.0-11.next-80ee0a44bf5668992b0c909c946a755b86b56c95
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​prisma/client since your current version.


Updates @open-policy-agent/opa from 1.7.11 to 2.0.0

Release notes

Sourced from @​open-policy-agent/opa's releases.

@​open-policy-agent/opa@​2.0.0

Major Changes

Changelog

Sourced from @​open-policy-agent/opa's changelog.

2.0.0

Major Changes

Commits
  • 118610d Version Packages
  • 3e06fa0 opa: update Compile API headers for OPA v1.9.0 (#745)
  • 590b72d build(deps-dev): Bump typedoc from 0.28.12 to 0.28.13
  • 6881877 build(deps-dev): Bump typescript-eslint from 8.42.0 to 8.44.1
  • cf4573d opa: tweak repo links, cleanup package-lock.json
  • d8e2929 build(deps): Bump zod from 4.1.5 to 4.1.8
  • de55587 build(deps-dev): Bump eslint from 9.34.0 to 9.35.0 in the eslint group
  • 5b86356 build(deps-dev): Bump @​eslint/js from 9.34.0 to 9.35.0
  • 118dd58 build(deps-dev): Bump typedoc from 0.28.11 to 0.28.12
  • 3585246 build(deps-dev): Bump typescript-eslint from 8.26.1 to 8.42.0
  • Additional commits viewable in compare view

Updates dotenv from 17.1.0 to 17.2.3

Changelog

Sourced from dotenv's changelog.

17.2.3 (2025-09-29)

Changed

  • Fixed typescript error definition (#912)

17.2.2 (2025-09-02)

Added

  • 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

17.2.1 (2025-07-24)

Changed

  • Fix clickable tip links by removing parentheses (#897)

17.2.0 (2025-07-09)

Added

  • Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#889)
  • Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})
# .env
DOTENV_CONFIG_QUIET=true
HELLO="World"
// index.js
require('dotenv').config()
console.log(`Hello ${process.env.HELLO}`)
$ node index.js
Hello World
or
$ DOTENV_CONFIG_QUIET=true node index.js

Commits

Updates express from 4.21.2 to 5.1.0

Release notes

Sourced from express's releases.

v5.1.0

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.1.0 / 2025-03-31

  • Add support for Uint8Array in res.send()
  • Add support for ETag option in res.sendFile()
  • Add support for multiple links with the same rel in res.links()
  • Add funding field to package.json
  • perf: use loop for acceptParams
  • refactor: prefix built-in node module imports
  • deps: remove setprototypeof
  • deps: remove safe-buffer
  • deps: remove utils-merge
  • deps: remove methods
  • deps: remove depd
  • deps: debug@^4.4.0
  • deps: body-parser@^2.2.0
  • deps: router@^2.2.0
  • deps: content-type@^1.0.5
  • deps: finalhandler@^2.1.0
  • deps: qs@^6.14.0
  • deps: server-static@2.2.0
  • deps: type-is@2.0.1

5.0.1 / 2024-10-08

5.0.0 / 2024-09-10

  • remove:
    • path-is-absolute dependency - use path.isAbsolute instead
  • breaking:
    • res.status() accepts only integers, and input must be greater than 99 and less than 1000
      • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
      • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
    • deps: send@1.0.0
    • res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
  • change:
    • res.clearCookie will ignore user provided maxAge and expires options
  • deps: cookie-signature@^1.2.1
  • deps: debug@4.3.6
  • deps: merge-descriptors@^2.0.0
  • deps: serve-static@^2.1.0
  • deps: qs@6.13.0
  • deps: accepts@^2.0.0
  • deps: mime-types@^3.0.0
    • application/javascript => text/javascript
  • deps: type-is@^2.0.0
  • deps: content-disposition@^1.0.0

... (truncated)

Commits

Updates express-validator from 7.2.1 to 7.3.1

Release notes

Sourced from express-validator's releases.

v7.3.1

v7.3.0

Commits

Updates jsonfile from 6.1.0 to 6.2.0

Changelog

Sourced from jsonfile's changelog.

6.2.0 / 2025-08-12

  • Add support for importing as ESM named imports (e.g. import { readFileSync } from 'jsonfile') (#162)
Commits

Updates eslint from 9.35.0 to 9.39.1

Release notes

Sourced from eslint's releases.

v9.39.1

Bug Fixes

  • 650753e fix: Only pass node to JS lang visitor methods (#20283) (Nicholas C. Zakas)

Documentation

  • 51b51f4 docs: add a section on when to use extends vs cascading (#20268) (Tanuj Kanti)
  • b44d426 docs: Update README (GitHub Actions Bot)

Chores

  • 92db329 chore: update @eslint/js version to 9.39.1 (#20284) (Francesco Trotta)
  • c7ebefc chore: package.json update for @​eslint/js release (Jenkins)
  • 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275) (renovate[bot])
  • d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266) (唯然)
  • 009e507 test: fix version tests for ESLint v10 (#20274) (Milos Djermanovic)

v9.39.0

Features

  • cc57d87 feat: update error loc to key in no-dupe-class-members (#20259) (Tanuj Kanti)
  • 126552f feat: update error location in for-direction and no-dupe-args (#20258) (Tanuj Kanti)
  • 167d097 feat: update complexity rule to highlight only static block header (#20245) (jaymarvelz)

Bug Fixes

  • 15f5c7c fix: forward traversal step.args to visitors (#20253) (jaymarvelz)
  • 5a1a534 fix: allow JSDoc comments in object-shorthand rule (#20167) (Nitin Kumar)
  • e86b813 fix: Use more types from @​eslint/core (#20257) (Nicholas C. Zakas)
  • 927272d fix: correct Scope typings (#20198) (jaymarvelz)
  • 37f76d9 fix: use AST.Program type for Program node (#20244) (Francesco Trotta)
  • ae07f0b fix: unify timing report for concurrent linting (#20188) (jaymarvelz)
  • b165d47 fix: correct Rule typings (#20199) (jaymarvelz)
  • fb97cda fix: improve error message for missing fix function in suggestions (#20218) (jaymarvelz)

Documentation

  • d3e81e3 docs: Always recommend to include a files property (#20158) (Percy Ma)
  • 0f0385f docs: use consistent naming recommendation (#20250) (Alex M. Spieslechner)
  • a3b1456 docs: Update README (GitHub Actions Bot)
  • cf5f2dd docs: fix correct tag of no-useless-constructor (#20255) (Tanuj Kanti)
  • 10b995c docs: add TS options and examples for nofunc in no-use-before-define (#20249) (Tanuj Kanti)
  • 2584187 docs: remove repetitive word in comment (#20242) (reddaisyy)
  • 637216b docs: update CLI flags migration instructions (#20238) (jaymarvelz)
  • e7cda3b docs: Update README (GitHub Actions Bot)
  • 7b9446f docs: handle empty flags sections on the feature flags page (#20222) (sethamus)

Chores

  • dfe3c1b chore: update @eslint/js version to 9.39.0 (#20270) (Francesco Trotta)
  • 2375a6d chore: package.json update for @​eslint/js release (Jenkins)
  • a1f4e52 chore: update @eslint dependencies (#20265) (Francesco Trotta)
  • c7d3229 chore: update dependency @​eslint/core to ^0.17.0 (#20256) (renovate[bot])
  • 27549bc chore: update fuzz testing to not error if code sample minimizer fails (#20252) (Milos Djermanovic)
  • a1370ee ci: bump actions/setup-node from 5 to 6 (#20230) (dependabot[bot])
  • 9e7fad4 chore: add script to auto-generate eslint:recommended configuration (#20208) (唯然)

... (truncated)

Commits
  • e277281 9.39.1
  • 4cdf397 Build: changelog update for 9.39.1
  • 92db329 chore: update @eslint/js version to 9.39.1 (#20284)
  • c7ebefc chore: package.json update for @​eslint/js release
  • 650753e fix: Only pass node to JS lang visitor methods (#20283)
  • 51b51f4 docs: add a section on when to use extends vs cascading (#20268)
  • 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275)
  • d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266)
  • 009e507 test: fix version tests for ESLint v10 (#20274)
  • b44d426 docs: Update README
  • Additional commits viewable in compare view

Updates fs-extra from 11.3.0 to 11.3.2

Changelog

Sourced from fs-extra's changelog.

11.3.2 / 2025-09-15

  • Fix spurrious UnhandledPromiseRejectionWarning that could occur when calling .copy() in some cases (#1056, #1058)

11.3.1 / 2025-08-05

  • Fix case where move/moveSync could incorrectly think files are identical on Windows (#1050)
Commits

Updates nodemon from 3.1.10 to 3.1.11

Release notes

Sourced from nodemon's releases.

v3.1.11

3.1.11 (2025-11-11)

Bug Fixes

Commits

Updates prisma from 6.8.1 to 7.0.0

Release notes

Sourced from prisma's releases.

7.0.0

Today, we are excited to share the 7.0.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — and follow us on X!

Highlights

Over the past year we focused on making it simpler and faster to build applications with Prisma, no matter what tools you use or where you deploy, with exceptional developer experience at it’s core. This release makes many features introduced over the past year as the new defaults moving forward.

Prisma ORM

Rust-free Prisma Client as the default

The Rust-free Prisma Client has been in the works for some time now, all the way back to v6.16.0, with early iterations being available for developers to adopt. Now with version 7.0, we’re making this the default for all new projects. With this, developers are able to get:

  • ~90% smaller bundle sizes
  • Up to 3x faster queries
  • ESM-first Prisma Client
  • Significantly simpler deployments

Adopting the new Rust-free client is as simple as swapping the prisma-client-js provider for prisma-client in your main schema.prisma :

// schema.prisma
generator client {
-	provider = "prisma-client-js"
+ provider = "prisma-client"
}

Generated Client and types move out of node_modules

When running prisma generate, the generated Client runtime and project types will now require a output path to be set in your project’s main schema.prisma. We recommend that they be generated inside of your project’s src directory to ensure that your existing tools are able to consume them like any other piece of code you might have.

// schema.prisma
generator client {
  provider = "prisma-client"
  // Generate my Client and Project types 
  output   = "../src/generated/prisma"
}

Update your code to import PrismaClient from this generated output:

// Import from the generated prisma client
import { PrismaClient } from './generated/prisma/client';

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prisma since your current version.


Updates supertest from 7.1.3 to 7.1.4

Release notes

Sourced from supertest's releases.

v7.1.4

  • chore: bump deps 6021ec8
  • Merge pull request #865 from forwardemail/dependabot/npm_and_yarn/form-data-4.0.4 ceca508
  • chore(deps): bump form-data from 4.0.3 to 4.0.4 b1fb983

forwardemail/supertest@v7.1.3...v7.1.4

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the all group across 1 directory with 11 updates
89a40f4 
Bumps the all group with 11 updates in the /tickethub/server/node directory:

| Package | From | To |
| --- | --- | --- |
| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `6.8.1` | `7.0.0` |
| [@open-policy-agent/opa](https://github.com/open-policy-agent/opa-typescript/tree/HEAD/packages/opa) | `1.7.11` | `2.0.0` |
| [dotenv](https://github.com/motdotla/dotenv) | `17.1.0` | `17.2.3` |
| [express](https://github.com/expressjs/express) | `4.21.2` | `5.1.0` |
| [express-validator](https://github.com/express-validator/express-validator) | `7.2.1` | `7.3.1` |
| [jsonfile](https://github.com/jprichardson/node-jsonfile) | `6.1.0` | `6.2.0` |
| [eslint](https://github.com/eslint/eslint) | `9.35.0` | `9.39.1` |
| [fs-extra](https://github.com/jprichardson/node-fs-extra) | `11.3.0` | `11.3.2` |
| [nodemon](https://github.com/remy/nodemon) | `3.1.10` | `3.1.11` |
| [prisma](https://github.com/prisma/prisma/tree/HEAD/packages/cli) | `6.8.1` | `7.0.0` |
| [supertest](https://github.com/ladjs/supertest) | `7.1.3` | `7.1.4` |



Updates `@prisma/client` from 6.8.1 to 7.0.0
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/7.0.0/packages/client)

Updates `@open-policy-agent/opa` from 1.7.11 to 2.0.0
- [Release notes](https://github.com/open-policy-agent/opa-typescript/releases)
- [Changelog](https://github.com/open-policy-agent/opa-typescript/blob/main/packages/opa/CHANGELOG.md)
- [Commits](https://github.com/open-policy-agent/opa-typescript/commits/@open-policy-agent/opa@2.0.0/packages/opa)

Updates `dotenv` from 17.1.0 to 17.2.3
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v17.1.0...v17.2.3)

Updates `express` from 4.21.2 to 5.1.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.21.2...v5.1.0)

Updates `express-validator` from 7.2.1 to 7.3.1
- [Release notes](https://github.com/express-validator/express-validator/releases)
- [Commits](express-validator/express-validator@v7.2.1...v7.3.1)

Updates `jsonfile` from 6.1.0 to 6.2.0
- [Changelog](https://github.com/jprichardson/node-jsonfile/blob/master/CHANGELOG.md)
- [Commits](jprichardson/node-jsonfile@6.1.0...6.2.0)

Updates `eslint` from 9.35.0 to 9.39.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.35.0...v9.39.1)

Updates `fs-extra` from 11.3.0 to 11.3.2
- [Changelog](https://github.com/jprichardson/node-fs-extra/blob/master/CHANGELOG.md)
- [Commits](jprichardson/node-fs-extra@11.3.0...11.3.2)

Updates `nodemon` from 3.1.10 to 3.1.11
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](remy/nodemon@v3.1.10...v3.1.11)

Updates `prisma` from 6.8.1 to 7.0.0
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/7.0.0/packages/cli)

Updates `supertest` from 7.1.3 to 7.1.4
- [Release notes](https://github.com/ladjs/supertest/releases)
- [Commits](forwardemail/supertest@v7.1.3...v7.1.4)

---
updated-dependencies:
- dependency-name: "@prisma/client"
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: "@open-policy-agent/opa"
  dependency-version: 2.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: dotenv
  dependency-version: 17.2.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: express
  dependency-version: 5.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: express-validator
  dependency-version: 7.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: jsonfile
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: eslint
  dependency-version: 9.39.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: fs-extra
  dependency-version: 11.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: nodemon
  dependency-version: 3.1.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: prisma
  dependency-version: 7.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: supertest
  dependency-version: 7.1.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant