Bump the npm_and_yarn group across 3 directories with 10 updates by dependabot[bot] · Pull Request #10 · DevGruGold/XMRT-Project-Backup

dependabot · 2026-02-27T23:31:50Z

Bumps the npm_and_yarn group with 5 updates in the /XMRT-Ecosystem-main/app directory:

Package	From	To
vite	`7.0.3`	`7.0.8`
@eslint/plugin-kit	`0.3.3`	`0.3.5`
ajv	`6.12.6`	`6.14.0`
js-yaml	`4.1.0`	`4.1.1`
minimatch	`3.1.2`	`3.1.5`

Bumps the npm_and_yarn group with 6 updates in the /XMRT-Ecosystem-main/frontend/xmrt-dao-frontend directory:

Package	From	To
vite	`5.4.19`	`5.4.21`
ajv	`6.12.6`	`6.14.0`
js-yaml	`4.1.0`	`4.1.1`
minimatch	`3.1.2`	`3.1.5`
@modelcontextprotocol/sdk	`1.11.3`	`1.27.1`
tar	`7.4.3`	`7.5.9`

Bumps the npm_and_yarn group with 6 updates in the /XMRT-Ecosystem-main/frontend/xmrt-dao-frontend/app directory:

Package	From	To
vite	`7.0.3`	`7.3.1`
@eslint/plugin-kit	`0.3.3`	`0.3.5`
ajv	`6.12.6`	`6.14.0`
js-yaml	`4.1.0`	`4.1.1`
minimatch	`3.1.2`	`3.1.5`
minimatch	`9.0.5`	`9.0.9`
rollup	`4.44.2`	`4.59.0`

Updates vite from 7.0.3 to 7.0.8

Release notes

Sourced from vite's releases.

v7.0.8

Please refer to CHANGELOG.md for details.

v7.0.7

Please refer to CHANGELOG.md for details.

v7.0.6

Please refer to CHANGELOG.md for details.

v7.0.5

Please refer to CHANGELOG.md for details.

v7.0.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.0.8 (2025-10-20)

Bug Fixes

dev: trim trailing slash before server.fs.deny check (#20968) (6a6db37)

7.0.7 (2025-09-08)

Bug Fixes

apply fs.strict check to HTML files (#20736) (6f01ff4)

upgrade sirv to 3.0.2 (#20735) (63e2a5d)

Tests

detect ts support via process.features (#20544) (45fdb16)

7.0.6 (2025-07-24)

Bug Fixes

deps: update all non-major dependencies (#20442) (e49f505)

dev: incorrect sourcemap when optimized CJS is imported (#20458) (ead2dec)

module-runner: normalize file:// on windows (#20449) (1c9cb49)

respond with correct headers and status code for HEAD requests (#20421) (23d04fc)

Miscellaneous Chores

deps: update rolldown-related dependencies (#20441) (f689d61)

remove some files from prettier ignore (#20459) (8403f69)

Code Refactoring

use environment transform request (#20430) (24e6a0c)

7.0.5 (2025-07-17)

Bug Fixes

deps: update all non-major dependencies (#20406) (1a1cc8a)

remove special handling for Accept: text/html (#20376) (c9614b9)

watch assets referenced by new URL(, import.meta.url) (#20382) (6bc8bf6)

Miscellaneous Chores

deps: update dependency rolldown to ^1.0.0-beta.27 (#20405) (1165667)

Code Refactoring

use foo.endsWith("bar") instead of /bar$/.test(foo) (#20413) (862e192)

7.0.4 (2025-07-10)

Bug Fixes

... (truncated)

Commits

d3c2167 release: v7.0.8
6a6db37 fix(dev): trim trailing slash before server.fs.deny check (#20968)
f88a1c0 release: v7.0.7
45fdb16 test: detect ts support via process.features (#20544)
63e2a5d fix: upgrade sirv to 3.0.2 (#20735)
6f01ff4 fix: apply fs.strict check to HTML files (#20736)
bdde0f9 release: v7.0.6
23d04fc fix: respond with correct headers and status code for HEAD requests (#20421)
ead2dec fix(dev): incorrect sourcemap when optimized CJS is imported (#20458)
e49f505 fix(deps): update all non-major dependencies (#20442)
Additional commits viewable in compare view

Updates @eslint/plugin-kit from 0.3.3 to 0.3.5

Release notes

Sourced from @eslint/plugin-kit's releases.

plugin-kit: v0.3.5

0.3.5 (2025-08-05)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/core bumped from ^0.15.1 to ^0.15.2

plugin-kit: v0.3.4

0.3.4 (2025-07-21)

Bug Fixes

potential quadratic runtime in regular expression (#240) (b283f64)

Changelog

Sourced from @eslint/plugin-kit's changelog.

0.3.5 (2025-08-05)

Dependencies

The following workspace dependencies were updated

dependencies

@eslint/core bumped from ^0.15.1 to ^0.15.2

0.3.4 (2025-07-21)

Bug Fixes

potential quadratic runtime in regular expression (#240) (b283f64)

Commits

9e68ab6 chore: release main (#252)
e39a386 docs: Update README sponsors
57734b4 docs: Update README sponsors
380c224 chore: release main (#242)
17276ff docs: Update README sponsors
b283f64 fix: potential quadratic runtime in regular expression (#240)
46cd5da docs: Update README sponsors
9677965 docs: Update README sponsors
20799b5 docs: Update README sponsors
See full diff in compare view

Updates ajv from 6.12.6 to 6.14.0

Commits

e3af0a7 6.14.0
b552ed6 add regExp option to address $data exploit via a regular expression (CVE-2025...
72f2286 docs: update v7 info
231e52b Merge pull request #1320 from philsturgeon/patch-1
d3475fc Add spectral, an AJV util from a sponsor
413afe0 docs: v7.0.0-beta.3
11e997b update readme for v7
See full diff in compare view

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

Fix prototype pollution issue in yaml merge (<<) operator.

Commits

cc482e7 4.1.1 released
50968b8 dist rebuild
d092d86 lint fix
383665f fix prototype pollution in merge (<<)
0d3ca7a README.md: HTTP => HTTPS (#678)
49baadd doc: 'empty' style option for !!null
ba3460e Fix demo link (#618)
See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates rollup from 4.44.2 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

v4.58.0

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

v4.57.1

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

#6252: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6253: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6254: Fully include dynamic imports in a try-catch (@lukastaegert)

... (truncated)

Commits

ae84695 4.59.0
b39616e Update audit-resolve
c60770d Validate bundle stays within output dir (#6275)
33f39c1 4.58.0
b61c408 forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...
7f00689 Extend agent instructions
e7b2b85 chore(deps): lock file maintenance (#6270)
2aa5da9 fix(deps): update minor/patch updates (#6267)
4319837 chore(deps): update dependency lru-cache to v11 (#6269)
c3b6b4b chore(deps): update dependency eslint-plugin-unicorn to v63 (#6268)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for rollup since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates vite from 5.4.19 to 5.4.21

Release notes

Sourced from vite's releases.

v7.0.8

Please refer to CHANGELOG.md for details.

v7.0.7

Please refer to CHANGELOG.md for details.

v7.0.6

Please refer to CHANGELOG.md for details.

v7.0.5

Please refer to CHANGELOG.md for details.

v7.0.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.0.8 (2025-10-20)

Bug Fixes

dev: trim trailing slash before server.fs.deny check (#20968) (6a6db37)

7.0.7 (2025-09-08)

Bug Fixes

apply fs.strict check to HTML files (#20736) (6f01ff4)

upgrade sirv to 3.0.2 (#20735) (63e2a5d)

Tests

detect ts support via process.features (#20544) (45fdb16)

7.0.6 (2025-07-24)

Bug Fixes

deps: update all non-major dependencies (#20442) (e49f505)

dev: incorrect sourcemap when optimized CJS is imported (#20458) (ead2dec)

module-runner: normalize file:// on windows (#20449) (1c9cb49)

respond with correct headers and status code for HEAD requests (#20421) (23d04fc)

Miscellaneous Chores

deps: update rolldown-related dependencies (#20441) (f689d61)

remove some files from prettier ignore (#20459) (8403f69)

Code Refactoring

use environment transform request (#20430) (24e6a0c)

7.0.5 (2025-07-17)

Bug Fixes

deps: update all non-major dependencies (#20406) (1a1cc8a)

remove special handling for Accept: text/html (#20376) (c9614b9)

watch assets referenced by new URL(, import.meta.url) (#20382) (6bc8bf6)

Miscellaneous Chores

deps: update dependency rolldown to ^1.0.0-beta.27 (#20405) (1165667)

Code Refactoring

use foo.endsWith("bar") instead of /bar$/.test(foo) (#20413) (862e192)

7.0.4 (2025-07-10)

Bug Fixes

... (truncated)

Commits

d3c2167 release: v7.0.8
6a6db37 fix(dev): trim trailing slash before server.fs.deny check (#20968)
f88a1c0 release: v7.0.7
45fdb16 test: detect ts support via process.features (#20544)
63e2a5d fix: upgrade sirv to 3.0.2 (#20735)
6f01ff4 fix: apply fs.strict check to HTML files (#20736)
bdde0f9 release: v7.0.6
23d04fc fix: respond with correct headers and status code for HEAD requests (#20421)
ead2dec fix(dev): incorrect sourcemap when optimized CJS is imported (#20458)
e49f505 fix(deps): update all non-major dependencies (#20442)
Additional commits viewable in compare view

Updates ajv from 6.12.6 to 6.14.0

Commits

e3af0a7 6.14.0
b552ed6 add regExp option to address $data exploit via a regular expression (CVE-2025...
72f2286 docs: update v7 info
231e52b Merge pull request #1320 from philsturgeon/patch-1
d3475fc Add spectral, an AJV util from a sponsor
413afe0 docs: v7.0.0-beta.3
11e997b update readme for v7
See full diff in compare view

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

Fix prototype pollution issue in yaml merge (<<) operator.

Commits

cc482e7 4.1.1 released
50968b8 dist rebuild
d092d86 lint fix
383665f fix prototype pollution in merge (<<)
0d3ca7a README.md: HTTP => HTTPS (#678)
49baadd doc: 'empty' style option for !!null
ba3460e Fix demo link (#618)
See full diff in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates rollup from 4.40.2 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

v4.58.0

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

v4.57.1

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

#6275: Validate bundle stays within output dir (@lukastaegert)

4.58.0

2026-02-20

Features

Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

#6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@njg7194, @lukastaegert)

#6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@millerick, @lukastaegert)

#6260: fix(deps): update rust crate swc_compiler_base to v47 (@renovate[bot], @lukastaegert)

#6261: fix(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6262: Avoid unnecessary cloning of the code string (@lukastaegert)

#6263: fix(deps): update minor/patch updates (@renovate[bot], @lukastaegert)

#6265: chore(deps): lock file maintenance (@renovate[bot])

#6267: fix(deps): update minor/patch updates (@renovate[bot])

#6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@renovate[bot], @lukastaegert)

#6269: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6270: chore(deps): lock file maintenance (@renovate[bot])

#6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@lukastaegert)

4.57.1

2026-01-30

Bug Fixes

Fix heap corruption issue in Windows (#6251)

Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

#6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@alan-agius4, @lukastaegert)

#6252: chore(deps): update dependency lru-cache to v11 (@renovate[bot])

#6253: chore(deps): lock file maintenance minor/patch updates (@renovate[bot], @lukastaegert)

#6254: Fully include dynamic imports in a try-catch (@lukastaegert)

... (truncated)

Commits

ae84695 4.59.0
b39616e Update audit-resolve
c60770d Validate bundle stays within output dir (#6275)
33f39c1 4.58.0
b61c408 forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...
7f00689 Extend agent instructions
e7b2b85 chore(deps): lock file maintenance (#6270)
2aa5da9 fix(deps): update minor/patch updates (#6267)
4319837 chore(deps): update dependency lru-cache to v11 (#6269)
c3b6b4b chore(deps): update dependency eslint-plugin-unicorn to v63 (#6268)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for rollup since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates @modelcontextprotocol/sdk from 1.11.3 to 1.27.1

Release notes

Sourced from @modelcontextprotocol/sdk's releases.

v1.27.1

What's Changed

feat: implement auth/pre-registration conformance scenario by @felixweinberger in modelcontextprotocol/typescript-sdk#1545

docs: add governance documentation for SEP-1730 by @felixweinberger in modelcontextprotocol/typescript-sdk#1547

docs: comprehensive feature documentation for SEP-1730 Tier 1 by @felixweinberger in modelcontextprotocol/typescript-sdk#1548

fix: prevent command injection in example URL opening (v1.x backport) by @maxisbey in modelcontextprotocol/typescript-sdk#1579

fix: call onerror for silently swallowed transport errors by @qing-ant in modelcontextprotocol/typescript-sdk#1580

chore: bump version to 1.27.1 by @felixweinberger in modelcontextprotocol/typescript-sdk#1581

New Contributors

@qing-ant made their first contribution in modelcontextprotocol/typescript-sdk#1580

Full Changelog: modelcontextprotocol/typescript-sdk@v1.27.0...v1.27.1

v1.27.0

What's Changed

feat: add conformance test infrastructure for v1.x by @felixweinberger in modelcontextprotocol/typescript-sdk#1518

feat: backport discoverOAuthServerInfo() and discovery caching to v1.x by @felixweinberger in modelcontextprotocol/typescript-sdk#1533

feat: add url property to RequestInfo interface by @valentinbeggi in modelcontextprotocol/typescript-sdk#1353

[v1.x] feat(tasks): add streaming methods for elicitation and sampling by @LucaButBoring in modelcontextprotocol/typescript-sdk#1528

chore: bump version for v1.27.0 by @felixweinberger in modelcontextprotocol/typescript-sdk#1541

New Contributors

@valentinbeggi made their first contribution in modelcontextprotocol/typescript-sdk#1353

Full Changelog: modelcontextprotocol/typescript-sdk@v1.26.0...v1.27.0

v1.26.0

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA GHSA-345p-7cg4-v4c7

What's Changed

chore: bump v1.25.3 for backport fixes by @pcarleton in modelcontextprotocol/typescript-sdk#1412

fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by @samuv in modelcontextprotocol/typescript-sdk#1382

Fix #1430: Client Credentials providers scopes support (backported) by @NSeydoux in modelcontextprotocol/typescript-sdk#1442

chore: bump version to 1.26.0 by @pcarleton in modelcontextprotocol/typescript-sdk#1479

New Contributors

@samuv made their first contribution in modelcontextprotocol/typescript-sdk#1382

@NSeydoux made their first contribution in modelcontextprotocol/typescript-sdk#1442

Full Changelog: https://github.com/modelcontextproto...
Description has been truncated

Bumps the npm_and_yarn group with 5 updates in the /XMRT-Ecosystem-main/app directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.0.3` | `7.0.8` | | [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.3.3` | `0.3.5` | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | Bumps the npm_and_yarn group with 6 updates in the /XMRT-Ecosystem-main/frontend/xmrt-dao-frontend directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.19` | `5.4.21` | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.11.3` | `1.27.1` | | [tar](https://github.com/isaacs/node-tar) | `7.4.3` | `7.5.9` | Bumps the npm_and_yarn group with 6 updates in the /XMRT-Ecosystem-main/frontend/xmrt-dao-frontend/app directory: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `7.0.3` | `7.3.1` | | [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.3.3` | `0.3.5` | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.14.0` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [minimatch](https://github.com/isaacs/minimatch) | `9.0.5` | `9.0.9` | | [rollup](https://github.com/rollup/rollup) | `4.44.2` | `4.59.0` | Updates `vite` from 7.0.3 to 7.0.8 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.0.8/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.0.8/packages/vite) Updates `@eslint/plugin-kit` from 0.3.3 to 0.3.5 - [Release notes](https://github.com/eslint/rewrite/releases) - [Changelog](https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md) - [Commits](https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.5/packages/plugin-kit) Updates `ajv` from 6.12.6 to 6.14.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.14.0) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `rollup` from 4.44.2 to 4.59.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.44.2...v4.59.0) Updates `vite` from 5.4.19 to 5.4.21 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.0.8/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.0.8/packages/vite) Updates `ajv` from 6.12.6 to 6.14.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.14.0) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `rollup` from 4.40.2 to 4.59.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.44.2...v4.59.0) Updates `@modelcontextprotocol/sdk` from 1.11.3 to 1.27.1 - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@1.11.3...v1.27.1) Updates `body-parser` from 2.2.0 to 2.2.2 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@v2.2.0...v2.2.2) Updates `qs` from 6.14.0 to 6.15.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.0...v6.15.0) Updates `tar` from 7.4.3 to 7.5.9 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.4.3...v7.5.9) Updates `vite` from 7.0.3 to 7.3.1 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.0.8/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.0.8/packages/vite) Updates `@eslint/plugin-kit` from 0.3.3 to 0.3.5 - [Release notes](https://github.com/eslint/rewrite/releases) - [Changelog](https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md) - [Commits](https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.5/packages/plugin-kit) Updates `ajv` from 6.12.6 to 6.14.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.14.0) Updates `js-yaml` from 4.1.0 to 4.1.1 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.0...4.1.1) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `rollup` from 4.44.2 to 4.59.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.44.2...v4.59.0) --- updated-dependencies: - dependency-name: vite dependency-version: 7.0.8 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@eslint/plugin-kit" dependency-version: 0.3.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.59.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.21 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.59.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.27.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 2.2.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.15.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-version: 7.5.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 7.3.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@eslint/plugin-kit" dependency-version: 0.3.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ajv dependency-version: 6.14.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: js-yaml dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.59.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 27, 2026

dependabot bot mentioned this pull request Feb 27, 2026

Bump the npm_and_yarn group across 3 directories with 9 updates #9

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 3 directories with 10 updates#10

Bump the npm_and_yarn group across 3 directories with 10 updates#10
dependabot[bot] wants to merge 1 commit intomonero-integrationfrom
dependabot/npm_and_yarn/XMRT-Ecosystem-main/app/npm_and_yarn-1eb9fd003d

dependabot bot commented on behalf of github Feb 27, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Feb 27, 2026

v7.0.8

v7.0.7

v7.0.6

v7.0.5

v7.0.4

7.0.8 (2025-10-20)

Bug Fixes

7.0.7 (2025-09-08)

Bug Fixes

Tests

7.0.6 (2025-07-24)

Bug Fixes

Miscellaneous Chores

Code Refactoring

7.0.5 (2025-07-17)

Bug Fixes

Miscellaneous Chores

Code Refactoring

7.0.4 (2025-07-10)

Bug Fixes

plugin-kit: v0.3.5

0.3.5 (2025-08-05)

Dependencies

plugin-kit: v0.3.4

0.3.4 (2025-07-21)

Bug Fixes

0.3.5 (2025-08-05)

Dependencies

0.3.4 (2025-07-21)

Bug Fixes

[4.1.1] - 2025-11-12

Security

v4.59.0

4.59.0

Features

Pull Requests

v4.58.0

4.58.0

Features

Pull Requests

v4.57.1

4.57.1

Bug Fixes

Pull Requests

4.59.0

Features

Pull Requests

4.58.0

Features

Pull Requests

4.57.1

Bug Fixes

Pull Requests

v7.0.8

v7.0.7

v7.0.6

v7.0.5

v7.0.4

7.0.8 (2025-10-20)

Bug Fixes

7.0.7 (2025-09-08)

Bug Fixes

Tests

7.0.6 (2025-07-24)

Bug Fixes

Miscellaneous Chores

Code Refactoring

7.0.5 (2025-07-17)

Bug Fixes

Miscellaneous Chores

Code Refactoring

7.0.4 (2025-07-10)

Bug Fixes

[4.1.1] - 2025-11-12

Security

v4.59.0

4.59.0

Features