chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates #898

dependabot · 2025-06-12T00:38:05Z

Bumps the npm_and_yarn group with 5 updates in the / directory:

Package	From	To
fastify	`4.29.0`	`4.29.1`
undici	`6.20.1`	`6.21.2`
vitest	`2.1.8`	`2.1.9`
@babel/runtime	`7.26.0`	`7.27.6`
vite	`5.4.11`	`5.4.19`

Bumps the npm_and_yarn group with 3 updates in the /sdk directory: @babel/runtime, brace-expansion and @babel/helpers.

Updates fastify from 4.29.0 to 4.29.1

Release notes

Sourced from fastify's releases.

v4.29.1

⚠️ Security Release ⚠️

Fix for "Invalid content-type parsing could lead to validation bypass" and CVE-2025-32442.

Full Changelog: fastify/fastify@v4.29.0...v4.29.1

Commits

2d85fee Bumped v4.29.1
5faed29 fix(test): nodejs 16 needs no keep-alive
92075f8 ci: fix branch pattern (#6090)
c470417 fix: treat space as a delimiter in content-type parsing (#6064)
1f4cf36 fix: test and sync version
bebd4e6 Merge commit from fork
See full diff in compare view

Updates undici from 6.20.1 to 6.21.2

Release notes

Sourced from undici's releases.

v6.21.2

What's Changed

fix(types): add missing DNS interceptor by @slagiewka in nodejs/undici#4024

[v6.x] fix wpts on windows by @mcollina in nodejs/undici#4093

Removed clients with unrecoverable errors from the Pool nodejs/undici#4088

New Contributors

@slagiewka made their first contribution in nodejs/undici#4024

Full Changelog: nodejs/undici@v6.21.1...v6.21.2

v6.21.1

⚠️ Security Release ⚠️

Fixes CVE CVE-2025-22150 GHSA-c76h-2ccp-4975 (embargoed until 22-01-2025).

What's Changed

fix(#3736): back-port 183f8e9 to v6.x by @ggoodman in nodejs/undici#3855

fix(#3817): send servername for SNI on TLS (#3821) [backport] by @metcoder95 in nodejs/undici#3864

fix: sending formdata bodies with http2 (#3863) [backport] by @metcoder95 in nodejs/undici#3866

[Backport v6.x] fix: Fixed the issue that there is no running request when http2 goaway by @github-actions in nodejs/undici#3877

types: [backport] Update return type of RetryCallback (#3851) by @metcoder95 in nodejs/undici#3876

Full Changelog: nodejs/undici@v6.21.0...v6.21.1

v6.21.0

What's Changed

[Backport v6.x] web: mark as uncloneable when possible (#3709) by @jazelly in nodejs/undici#3744

[Backport v6.x] fetch: fix content-encoding order by @github-actions in nodejs/undici#3764

[Backport v6.x] fix: handle undefined deref() of WeakRef(socket) by @github-actions in nodejs/undici#3822

[Backport v6.x] fix: range end is zero-indexed by @github-actions in nodejs/undici#3827

Full Changelog: nodejs/undici@v6.20.1...v6.21.0

Commits

b63d939 Bumped v6.21.2
de1e4b8 [v6.x] fix wpts on windows (#4093)
4e07dda test: fix windows wpt (#4050)
1333871 Removed clients with unrecoverable errors from the Pool (#4088)
a0e76c7 fix(types): add missing DNS interceptor (#4024)
e260e7b Bumped v6.21.1
c3acc60 Merge commit from fork
2414bc9 Update return type of RetryCallback (#3851) (#3876)
be8cd0a [Backport v6.x] fix: Fixed the issue that there is no running request when ht...
ee6176c fix: sending formdata bodies with http2 (#3863) [backport] (#3866)
Additional commits viewable in compare view

Updates vitest from 2.1.8 to 2.1.9

Release notes

Sourced from vitest's releases.

v2.1.9

This release includes security patches for:

Browser mode serves arbitrary files | CVE-2025-24963

Remote Code Execution when accessing a malicious website while Vitest API server is listening | CVE-2025-24964

🐞 Bug Fixes

backport vitest-dev/vitest#7317 to v2 - by @hi-ogawa in vitest-dev/vitest#7318

(backport #7340 to v2) restrict served files from /__screenshot-error - by @hi-ogawa in vitest-dev/vitest#7343

View changes on GitHub

Commits

c9e59a0 chore: release v2.1.9
e0fe1d8 fix: backport #7317 to v2 (#7318)
See full diff in compare view

Updates @babel/runtime from 7.26.0 to 7.27.6

Release notes

Sourced from @babel/runtime's releases.

v7.27.6 (2025-06-05)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17366 fix: finally causes unexpected return value (@liuxingbaoyu)

babel-generator, babel-parser, babel-types

#17357 Ensure syntactic ordering when visiting array-type AST nodes (@JLHwung)

Committers: 3

Huáng Jùnliàng (@JLHwung)

Ingvar Stepanyan (@RReverser)

@liuxingbaoyu

v7.27.5 (2025-06-03)

Thanks @NullVoxPopuli for your first PR!

🐛 Bug Fix

babel-plugin-transform-regenerator

#17359 fix: Unexpected infinite loop with regenerator for try (@liuxingbaoyu)

Other

#17349 Map ESLint's sourceType: commonjs to script (@JLHwung)

💅 Polish

babel-parser

#17333 Improve using declaration errors (@JLHwung)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

@NullVoxPopuli

@liuxingbaoyu

v7.27.4 (2025-05-30)

👓 Spec Compliance

babel-parser, babel-plugin-proposal-explicit-resource-management

#17323 Disallow using in bare case statement (@JLHwung)

💅 Polish

babel-parser

#17311 Improve parseExpression error messages (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17287 Reduce regenerator size more (@liuxingbaoyu)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

#17334 Use shorter method names for regenerator context (@nicolo-ribaudo)

#17268 Reduce regenerator helper size (@liuxingbaoyu)

babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.27.6 (2025-06-05)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17366 fix: finally causes unexpected return value (@liuxingbaoyu)

babel-generator, babel-parser, babel-types

#17357 Ensure syntactic ordering when visiting array-type AST nodes (@JLHwung)

v7.27.5 (2025-06-03)

🐛 Bug Fix

babel-plugin-transform-regenerator

#17359 fix: Unexpected infinite loop with regenerator for try (@liuxingbaoyu)

Other

#17349 Map ESLint's sourceType: commonjs to script (@JLHwung)

💅 Polish

babel-parser

#17333 Improve using declaration errors (@JLHwung)

v7.27.4 (2025-05-30)

👓 Spec Compliance

babel-parser, babel-plugin-proposal-explicit-resource-management

#17323 Disallow using in bare case statement (@JLHwung)

💅 Polish

babel-parser

#17311 Improve parseExpression error messages (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17287 Reduce regenerator size more (@liuxingbaoyu)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

#17334 Use shorter method names for regenerator context (@nicolo-ribaudo)

#17268 Reduce regenerator helper size (@liuxingbaoyu)

babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

#17238 Split regeneratorRuntime into multiple helpers (@nicolo-ribaudo)

v7.27.3 (2025-05-27)

🐛 Bug Fix

babel-generator

#17324 Improve multiline comments handling in yield/await expression (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17328 Correctly set .displayName on GeneratorFunction (@nicolo-ribaudo)

babel-plugin-proposal-explicit-resource-management

#17319 fix: handle shadowed binding in for using of body (@JLHwung)

#17317 fix: support named evaluation for using declaration (@JLHwung)

babel-plugin-proposal-decorators, babel-types

#17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@magic-akari)

babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd

#17257 Preserve class id when transforming using declarations with exported class (@JLHwung)

... (truncated)

Commits

baa4cb8 v7.27.6
7d06930 v7.27.4
5b9468d Reduce regenerator size more (#17287)
cb78b5b [babel 8] Do not replace global regeneratorRuntime references in regenerato...
a0690e3 Split regeneratorRuntime into multiple helpers (#17238)
da5e371 v7.27.3
eebd3a0 v7.27.1
296cdc5 Remove unused regenerator-runtime dep in @babel/runtime (#17263)
fdc0fb5 [Babel 8] Bump nodejs requirements to ^20.19.0 || >= 22.12.0 (#17204)
5c350ea v7.27.0
Additional commits viewable in compare view

Updates vite from 5.4.11 to 5.4.19

Release notes

Sourced from vite's releases.

v5.4.19

Please refer to CHANGELOG.md for details.

v5.4.18

Please refer to CHANGELOG.md for details.

v5.4.17

Please refer to CHANGELOG.md for details.

v5.4.16

Please refer to CHANGELOG.md for details.

v5.4.15

Please refer to CHANGELOG.md for details.

v5.4.14

Please refer to CHANGELOG.md for details.

v5.4.13

Please refer to CHANGELOG.md for details.

v5.4.12

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.19 (2025-04-30)

fix: backport #19965, check static serve file inside sirv (#19966) (766947e), closes #19965 #19966

5.4.18 (2025-04-10)

fix: backport #19830, reject requests with # in request-target (#19831) (823675b), closes #19830 #19831

5.4.17 (2025-04-03)

fix: backport #19782, fs check with svg and relative paths (#19784) (84b2b46), closes #19782 #19784

5.4.16 (2025-03-31)

fix: backport #19761, fs check in transform middleware (#19762) (b627c50), closes #19761 #19762

5.4.15 (2025-03-24)

fix: backport #19702, fs raw query with query separators (#19703) (807d7f0), closes #19702 #19703

5.4.14 (2025-01-21)

fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246

fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

5.4.13 (2025-01-20)

fix: try parse server.origin URL (#19241) (5946215), closes #19241

5.4.12 (2025-01-20)

fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)

fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)

fix: verify token for HMR WebSocket connection (b71a5c8)

chore: add deps update changelog (ecd2375)

Commits

80a333a release: v5.4.19
766947e fix: backport #19965, check static serve file inside sirv (#19966)
731b77d release: v5.4.18
823675b fix: backport #19830, reject requests with # in request-target (#19831)
0a2518a release: v5.4.17
84b2b46 fix: backport #19782, fs check with svg and relative paths (#19784)
712cb71 release: v5.4.16
b627c50 fix: backport #19761, fs check in transform middleware (#19762)
9b0f4c8 release: v5.4.15
807d7f0 fix: backport #19702, fs raw query with query separators (#19703)
Additional commits viewable in compare view

Updates @babel/runtime from 7.23.2 to 7.27.6

Release notes

Sourced from @babel/runtime's releases.

v7.27.6 (2025-06-05)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17366 fix: finally causes unexpected return value (@liuxingbaoyu)

babel-generator, babel-parser, babel-types

#17357 Ensure syntactic ordering when visiting array-type AST nodes (@JLHwung)

Committers: 3

Huáng Jùnliàng (@JLHwung)

Ingvar Stepanyan (@RReverser)

@liuxingbaoyu

v7.27.5 (2025-06-03)

Thanks @NullVoxPopuli for your first PR!

🐛 Bug Fix

babel-plugin-transform-regenerator

#17359 fix: Unexpected infinite loop with regenerator for try (@liuxingbaoyu)

Other

#17349 Map ESLint's sourceType: commonjs to script (@JLHwung)

💅 Polish

babel-parser

#17333 Improve using declaration errors (@JLHwung)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

@NullVoxPopuli

@liuxingbaoyu

v7.27.4 (2025-05-30)

👓 Spec Compliance

babel-parser, babel-plugin-proposal-explicit-resource-management

#17323 Disallow using in bare case statement (@JLHwung)

💅 Polish

babel-parser

#17311 Improve parseExpression error messages (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17287 Reduce regenerator size more (@liuxingbaoyu)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

#17334 Use shorter method names for regenerator context (@nicolo-ribaudo)

#17268 Reduce regenerator helper size (@liuxingbaoyu)

babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.27.6 (2025-06-05)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17366 fix: finally causes unexpected return value (@liuxingbaoyu)

babel-generator, babel-parser, babel-types

#17357 Ensure syntactic ordering when visiting array-type AST nodes (@JLHwung)

v7.27.5 (2025-06-03)

🐛 Bug Fix

babel-plugin-transform-regenerator

#17359 fix: Unexpected infinite loop with regenerator for try (@liuxingbaoyu)

Other

#17349 Map ESLint's sourceType: commonjs to script (@JLHwung)

💅 Polish

babel-parser

#17333 Improve using declaration errors (@JLHwung)

v7.27.4 (2025-05-30)

👓 Spec Compliance

babel-parser, babel-plugin-proposal-explicit-resource-management

#17323 Disallow using in bare case statement (@JLHwung)

💅 Polish

babel-parser

#17311 Improve parseExpression error messages (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17287 Reduce regenerator size more (@liuxingbaoyu)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

#17334 Use shorter method names for regenerator context (@nicolo-ribaudo)

#17268 Reduce regenerator helper size (@liuxingbaoyu)

babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

#17238 Split regeneratorRuntime into multiple helpers (@nicolo-ribaudo)

v7.27.3 (2025-05-27)

🐛 Bug Fix

babel-generator

#17324 Improve multiline comments handling in yield/await expression (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17328 Correctly set .displayName on GeneratorFunction (@nicolo-ribaudo)

babel-plugin-proposal-explicit-resource-management

#17319 fix: handle shadowed binding in for using of body (@JLHwung)

#17317 fix: support named evaluation for using declaration (@JLHwung)

babel-plugin-proposal-decorators, babel-types

#17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@magic-akari)

babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd

#17257 Preserve class id when transforming using declarations with exported class (@JLHwung)

... (truncated)

Commits

baa4cb8 v7.27.6
7d06930 v7.27.4
5b9468d Reduce regenerator size more (#17287)
cb78b5b [babel 8] Do not replace global regeneratorRuntime references in regenerato...
a0690e3 Split regeneratorRuntime into multiple helpers (#17238)
da5e371 v7.27.3
eebd3a0 v7.27.1
296cdc5 Remove unused regenerator-runtime dep in @babel/runtime (#17263)
fdc0fb5 [Babel 8] Bump nodejs requirements to ^20.19.0 || >= 22.12.0 (#17204)
5c350ea v7.27.0
Additional commits viewable in compare view

Updates brace-expansion from 1.1.11 to 1.1.12

Release notes

Sourced from brace-expansion's releases.

v1.1.12

pkg: publish on tag 1.x c460dbd

fmt ccb8ac6

Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

c85b8ad 4.0.1
5a5cc17 fmt
0b6a978 Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65)
6a39bdd 4.0.0
dd72a59 fmt
278132b feat: use string replaces instead of splits (#64)
70e4c1b add tea.yaml
b01a637 3.0.0
9e781e9 node 16 is EOL
6dad209 docs
Additional commits viewable in compare view

Updates @babel/helpers from 7.23.2 to 7.27.6

Release notes

Sourced from @babel/helpers's releases.

v7.27.6 (2025-06-05)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17366 fix: finally causes unexpected return value (@liuxingbaoyu)

babel-generator, babel-parser, babel-types

#17357 Ensure syntactic ordering when visiting array-type AST nodes (@JLHwung)

Committers: 3

Huáng Jùnliàng (@JLHwung)

Ingvar Stepanyan (@RReverser)

@liuxingbaoyu

v7.27.5 (2025-06-03)

Thanks @NullVoxPopuli for your first PR!

🐛 Bug Fix

babel-plugin-transform-regenerator

#17359 fix: Unexpected infinite loop with regenerator for try (@liuxingbaoyu)

Other

#17349 Map ESLint's sourceType: commonjs to script (@JLHwung)

💅 Polish

babel-parser

#17333 Improve using declaration errors (@JLHwung)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

@NullVoxPopuli

@liuxingbaoyu

v7.27.4 (2025-05-30)

👓 Spec Compliance

babel-parser, babel-plugin-proposal-explicit-resource-management

#17323 Disallow using in bare case statement (@JLHwung)

💅 Polish

babel-parser

#17311 Improve parseExpression error messages (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17287 Reduce regenerator size more (@liuxingbaoyu)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

#17334 Use shorter method names for regenerator context (@nicolo-ribaudo)

#17268 Reduce regenerator helper size (@liuxingbaoyu)

babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

... (truncated)

Changelog

Sourced from @babel/helpers's changelog.

v7.27.6 (2025-06-05)

🐛 Bug Fix

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

#17366 fix: finally causes unexpected return value (@liuxingbaoyu)

babel-generator, babel-parser, babel-types

#17357 Ensure syntactic ordering when visiting array-type AST nodes (@JLHwung)

v7.27.5 (2025-06-03)

🐛 Bug Fix

babel-plugin-transform-regenerator

#17359 fix: Unexpected infinite loop with regenerator for try (@liuxingbaoyu)

Other

#17349 Map ESLint's sourceType: commonjs to script (@JLHwung)

💅 Polish

babel-parser

#17333 Improve using declaration errors (@JLHwung)

v7.27.4 (2025-05-30)

👓 Spec Compliance

babel-parser, babel-plugin-proposal-explicit-resource-management

#17323 Disallow using in bare case statement (@JLHwung)

💅 Polish

babel-parser

#17311 Improve parseExpression error messages (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17287 Reduce regenerator size more (@liuxingbaoyu)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

#17334 Use shorter method names for regenerator context (@nicolo-ribaudo)

#17268 Reduce regenerator helper size (@liuxingbaoyu)

babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

#17238 Split regeneratorRuntime into multiple helpers (@nicolo-ribaudo)

v7.27.3 (2025-05-27)

🐛 Bug Fix

babel-generator

#17324 Improve multiline comments handling in yield/await expression (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

…updates Bumps the npm_and_yarn group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [fastify](https://github.com/fastify/fastify) | `4.29.0` | `4.29.1` | | [undici](https://github.com/nodejs/undici) | `6.20.1` | `6.21.2` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `2.1.8` | `2.1.9` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.26.0` | `7.27.6` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.11` | `5.4.19` | Bumps the npm_and_yarn group with 3 updates in the /sdk directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime), [brace-expansion](https://github.com/juliangruber/brace-expansion) and [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers). Updates `fastify` from 4.29.0 to 4.29.1 - [Release notes](https://github.com/fastify/fastify/releases) - [Commits](fastify/fastify@v4.29.0...v4.29.1) Updates `undici` from 6.20.1 to 6.21.2 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.20.1...v6.21.2) Updates `vitest` from 2.1.8 to 2.1.9 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v2.1.9/packages/vitest) Updates `@babel/runtime` from 7.26.0 to 7.27.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.6/packages/babel-runtime) Updates `vite` from 5.4.11 to 5.4.19 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.19/packages/vite) Updates `@babel/runtime` from 7.23.2 to 7.27.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.6/packages/babel-runtime) Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `@babel/helpers` from 7.23.2 to 7.27.6 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.6/packages/babel-helpers) --- updated-dependencies: - dependency-name: fastify dependency-version: 4.29.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: undici dependency-version: 6.21.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vitest dependency-version: 2.1.9 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-version: 7.27.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.19 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-version: 7.27.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-version: 7.27.6 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

coderabbitai · 2025-06-12T00:38:14Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Explain this complex logic.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai explain this code block.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and explain its main purpose.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

socket-security · 2025-06-12T00:39:03Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Vulnerability	Quality	Maintenance
@vitest/spy@2.1.8 ⏵ 2.1.9				⁺¹
@vitest/pretty-format@2.1.8 ⏵ 2.1.9				⁺¹
@vitest/utils@2.1.8 ⏵ 2.1.9				⁺¹
@vitest/runner@2.1.8 ⏵ 2.1.9				⁺¹
@vitest/mocker@2.1.8 ⏵ 2.1.9				⁺¹
vitest@2.1.8 ⏵ 2.1.9	⁺¹	⁺⁷⁵	⁺¹	⁺¹
@vitest/expect@2.1.8 ⏵ 2.1.9				⁺¹
@babel/runtime@7.23.2 ⏵ 7.27.6	⁺¹	⁺⁵
@babel/helpers@7.23.2 ⏵ 7.27.6		⁺⁵	⁺¹
vite@5.4.11 ⏵ 5.4.19	⁺¹	⁺¹⁶	⁺¹	⁺²
brace-expansion@1.1.12
fastify@4.29.0 ⏵ 4.29.1	⁺¹	⁺¹⁶
undici@6.20.1 ⏵ 6.21.2	⁺¹	⁺⁹	⁺¹
@vitest/snapshot@2.1.8 ⏵ 2.1.9				⁺¹
vite-node@2.1.8 ⏵ 2.1.9				⁺¹

View full report

github-actions · 2025-06-19T00:57:53Z

This PR is stale because it has been open for 7 days with no activity. Remove stale label or comment or this PR will be closed in 3 days.

dependabot · 2025-06-22T00:58:08Z

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 12, 2025

github-actions bot added the no-pr-activity label Jun 19, 2025

github-actions bot closed this Jun 22, 2025

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-b2daf54c6d branch June 22, 2025 00:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates #898

chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates #898

Uh oh!

dependabot bot commented on behalf of github Jun 12, 2025 •

edited by pr-codex bot

Loading

Uh oh!

coderabbitai bot commented Jun 12, 2025

Review skipped

Chat

Support

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (`.coderabbit.yaml`)

Documentation and Community

Uh oh!

socket-security bot commented Jun 12, 2025

Uh oh!

github-actions bot commented Jun 19, 2025

Uh oh!

dependabot bot commented on behalf of github Jun 22, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates #898

chore(deps): bump the npm_and_yarn group across 2 directories with 7 updates #898

Uh oh!

Conversation

dependabot bot commented on behalf of github Jun 12, 2025 • edited by pr-codex bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v4.29.1

⚠️ Security Release ⚠️

v6.21.2

What's Changed

New Contributors

v6.21.1

⚠️ Security Release ⚠️

What's Changed

v6.21.0

What's Changed

v2.1.9

🐞 Bug Fixes

View changes on GitHub

v7.27.6 (2025-06-05)

🐛 Bug Fix

Committers: 3

v7.27.5 (2025-06-03)

🐛 Bug Fix

💅 Polish

Committers: 4

v7.27.4 (2025-05-30)

👓 Spec Compliance

💅 Polish

🔬 Output optimization

v7.27.6 (2025-06-05)

🐛 Bug Fix

v7.27.5 (2025-06-03)

🐛 Bug Fix

💅 Polish

v7.27.4 (2025-05-30)

👓 Spec Compliance

💅 Polish

🔬 Output optimization

v7.27.3 (2025-05-27)

🐛 Bug Fix

v5.4.19

v5.4.18

v5.4.17

v5.4.16

v5.4.15

v5.4.14

v5.4.13

v5.4.12

5.4.19 (2025-04-30)

5.4.18 (2025-04-10)

5.4.17 (2025-04-03)

5.4.16 (2025-03-31)

5.4.15 (2025-03-24)

5.4.14 (2025-01-21)

5.4.13 (2025-01-20)

5.4.12 (2025-01-20)

v7.27.6 (2025-06-05)

🐛 Bug Fix

Committers: 3

v7.27.5 (2025-06-03)

🐛 Bug Fix

💅 Polish

Committers: 4

v7.27.4 (2025-05-30)

👓 Spec Compliance

💅 Polish

🔬 Output optimization

v7.27.6 (2025-06-05)

🐛 Bug Fix

v7.27.5 (2025-06-03)

🐛 Bug Fix

💅 Polish

v7.27.4 (2025-05-30)

👓 Spec Compliance

💅 Polish

🔬 Output optimization

v7.27.3 (2025-05-27)

🐛 Bug Fix

v1.1.12

dependabot bot commented on behalf of github Jun 12, 2025 •

edited by pr-codex bot

Loading

CodeRabbit Configuration File (`.coderabbit.yaml`)