Skip to content

Bump lodash, babel-eslint, cheerio and storybook#17

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-83d09eb5b1
Open

Bump lodash, babel-eslint, cheerio and storybook#17
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-83d09eb5b1

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Jan 24, 2026

Bumps lodash to 4.17.23 and updates ancestor dependencies lodash, babel-eslint, cheerio and storybook. These dependencies need to be updated together.

Updates lodash from 4.17.10 to 4.17.23

Commits

Updates babel-eslint from 8.2.3 to 10.1.0

Release notes

Sourced from babel-eslint's releases.

v10.1.0

v10.0.3

Fixes babel/babel-eslint#791, also eslint/eslint#12117

Some context: babel/babel-eslint#793

We ended up going with @​JLHwung's PR babel/babel-eslint#794 which uses ESLint's deps instead of going with peerDeps since it really depends on the version being used and we don't want users to have to install it directly on their own.

babel-eslint is patching patches of the dependencies of ESLint itself so these kinds of issues have happened in the past. We'll need to look into figuring out how to have a more solid way of modifying behavior instead of this monkeypatching type of thing for future releases.

v10.0.2

Fixes babel/babel-eslint#772

v10.0.1

The TypeAlias "conversion" to a function has issues. Sounds like we need to rethink the change, most likely we can just actually change the scoping rather than hardcode an AST change.

v10.0.0

Small breaking change: add a peerDependency starting from the ESLint version that added a parser feature that we were monkeypatching before (and drop that code). If already using ESLint 5 shouldn't be any different.

/* @flow */
type Node<T> = { head: T; tail: Node<T> }
// or
type File = {chunks: Array<Chunk>}
type Chunk = {file: File}

v9.0.0

We've released v7: https://twitter.com/left_pad/status/1034204330352500736, so this just updates babel-eslint to use those versions internally. That in itself doesn't break anything but:

  • Babel now supports the new decorators proposal by default, so we need to switch between the new and the old proposal. This is a breaking change.

To enable the legacy decorators proposal users should add a specific parser option:

{
</tr></table>

... (truncated)

Commits

Updates cheerio from 1.0.0-rc.2 to 1.2.0

Release notes

Sourced from cheerio's releases.

v1.2.0

What's Changed

New Contributors

Full Changelog: cheeriojs/cheerio@v1.1.2...v1.2.0

v1.1.2

What's Changed

Full Changelog: cheeriojs/cheerio@v1.1.1...v1.1.2

v1.1.1

  • Fix Undici issues (#4689) 91a2b3d7

cheeriojs/cheerio@v1.1.0...v1.1.1

v1.1.0

What's Changed

Doc Improvements

New Contributors

... (truncated)

Commits
  • e3c7aaf 1.2.0
  • 96bfd3e chore(package): Exclude tests from published bundle
  • 08d396c docs(readme): Update Sponsors (#5014)
  • bd9d3dd build(deps-dev): bump eslint-plugin-jsdoc from 62.3.0 to 62.3.1 (#5022)
  • f4c8a58 build(deps): bump unist-util-visit from 5.0.0 to 5.1.0 in /website (#5027)
  • 8fa46d5 build(deps): bump astro from 5.16.12 to 5.16.14 in /website (#5026)
  • 8e132a6 build(deps-dev): bump @​vitest/coverage-v8 from 4.0.17 to 4.0.18 (#5023)
  • 6d31bfc build(deps-dev): bump globals from 17.0.0 to 17.1.0 (#5025)
  • 65aa6c8 build(deps): bump @​docsearch/css from 4.5.0 to 4.5.3 in /website (#5020)
  • 5567e65 build(deps): bump astro from 5.16.11 to 5.16.12 in /website (#5021)
  • Additional commits viewable in compare view

Updates storybook from 1.0.0 to 10.2.0

Release notes

Sourced from storybook's releases.

v10.2.0

10.2.0

Improved UI and story authoring ergonomics

Storybook 10.2 contains hundreds of fixes and improvement including:

  • 💅 New Viewports and Zoom UI
  • 🏭 Typesafe CSF factories for Vue, Angular, Web Components (preview)
  • 📄 MDX support for Storybook MCP (experimental)

... (truncated)

Changelog

Sourced from storybook's changelog.

10.2.0

Improved UI and story authoring ergonomics

Storybook 10.2 contains hundreds of fixes and improvement including:

  • 💅 New Viewports and Zoom UI
  • 🏭 Typesafe CSF factories for Vue, Angular, Web Components (preview)
  • 📄 MDX support for Storybook MCP (experimental)

... (truncated)

Commits
  • a674af8 Bump version from "10.2.0-beta.5" to "10.2.0" [skip ci]
  • 6818f34 Bump version from "10.2.0-beta.4" to "10.2.0-beta.5" [skip ci]
  • a295727 fix linting
  • 8840beb Bump version from "10.2.0-beta.3" to "10.2.0-beta.4" [skip ci]
  • 2336b2e fix test by ignoring typescript incorrect sbType value, the array IS correct,...
  • c91e37c Core: Refactor SBArrayType to hold a single SBType and enhance dummy argument...
  • 6b2b003 Core: Update SBArrayType to support an array of SBType and improve dummy valu...
  • f53c206 Merge branch 'next' into yann/story-creation-docgen-ts-part-2
  • 6ad26fe make improvements and adjust tests
  • f22879a Fix indentation in normalizeArgType function to ensure proper code formatting
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for storybook since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump lodash, babel-eslint, cheerio and storybook
4a1c946 
Bumps [lodash](https://github.com/lodash/lodash) to 4.17.23 and updates ancestor dependencies [lodash](https://github.com/lodash/lodash), [babel-eslint](https://github.com/babel/babel-eslint), [cheerio](https://github.com/cheeriojs/cheerio) and [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core). These dependencies need to be updated together.


Updates `lodash` from 4.17.10 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.10...4.17.23)

Updates `babel-eslint` from 8.2.3 to 10.1.0
- [Release notes](https://github.com/babel/babel-eslint/releases)
- [Commits](babel/babel-eslint@v8.2.3...v10.1.0)

Updates `cheerio` from 1.0.0-rc.2 to 1.2.0
- [Release notes](https://github.com/cheeriojs/cheerio/releases)
- [Commits](cheeriojs/cheerio@1.0.0-rc.2...v1.2.0)

Updates `storybook` from 1.0.0 to 10.2.0
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.2.0/code/core)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
- dependency-name: babel-eslint
  dependency-version: 10.1.0
  dependency-type: direct:development
- dependency-name: cheerio
  dependency-version: 1.2.0
  dependency-type: indirect
- dependency-name: storybook
  dependency-version: 10.2.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants