Skip to content

chore(deps-dev): bump the npm-development group across 1 directory with 3 updates#3795

Merged
Alberto Schiabel (jkomyno) merged 1 commit into
nextfrom
dependabot/npm_and_yarn/npm-development-fda7836142
Jul 13, 2026
Merged

chore(deps-dev): bump the npm-development group across 1 directory with 3 updates#3795
Alberto Schiabel (jkomyno) merged 1 commit into
nextfrom
dependabot/npm_and_yarn/npm-development-fda7836142

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-development group with 3 updates in the / directory: turbo, typescript-eslint and typedoc.

Updates turbo from 2.10.2 to 2.10.4

Release notes

Sourced from turbo's releases.

Turborepo v2.10.4

What's Changed

Changelog

... (truncated)

Commits
  • 1506a11 publish 2.10.4 to registry
  • 11a68c7 fix: Stop flagging relative imports that resolve into node_modules in boundar...
  • 947b478 fix: Raise the open-file soft limit at startup (#13282)
  • ddc584d feat: Make turbo prune Cargo-aware (#13281)
  • ff0d508 perf: Skip dependency-closure assembly for toolchains that derive nothing (#1...
  • 39d623e feat: Make turbo watch Cargo-aware (#13280)
  • af01fdf fix: Collapse nested package-manager fallback conditional (#13279)
  • 7e02f94 release(turborepo): 2.10.4-canary.2 (#13278)
  • 8e3a59f release(library): 0.0.1-canary.23 (#13276)
  • ce18f0a test: Add end-to-end coverage for Cargo workspaces (#13274)
  • Additional commits viewable in compare view

Updates typescript-eslint from 8.62.1 to 8.63.0

Release notes

Sourced from typescript-eslint's releases.

v8.63.0

8.63.0 (2026-07-06)

🚀 Features

  • eslint-plugin: [no-misused-promises] detect async usage of a sync dispose usage (#12426)

🩹 Fixes

  • eslint-plugin: [method-signature-style] suggest converting readonly function properties instead of emitting invalid syntax (#12447, #12446)
  • eslint-plugin: [no-unnecessary-type-assertion] handle optional-chained calls to overloaded functions (#12491, #12485)
  • eslint-plugin: [no-base-to-string] don't flag a shadowed String() call (#12492)
  • scope-manager: export ClassStaticBlockScope (#12460)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.63.0 (2026-07-06)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

Updates typedoc from 0.28.19 to 0.28.20

Release notes

Sourced from typedoc's releases.

v0.28.20

Features

  • Group/category section headings (<h2>) in the default theme now include an id attribute so they can be linked to via fragment identifiers (e.g. modules.html#classes), #3029.
  • Added a @reexport modifier tag to have TypeDoc convert variable/type references as a re-export instead of a new symbol, #3096.
  • API: Introduced generateOutputsBegin and generateOutputsEnd events on Application for plugin use.

Bug Fixes

  • When --emit none is used, TypeDoc will now report warnings about missing relative paths previously reported when rendering, #3078.
  • Improved performance via asynchronously performing git and file write operations, more performant JSX rendering, and source code bundling, #3103.
  • A @hidden tag on a constructor parameter-property will now only hide the property, not both the property and the parameter, #3111.
  • Custom @group and @category titles with the same sort weight are now ordered consistently with the alphabetical reflection sort, #3120.

Thanks!

Changelog

Sourced from typedoc's changelog.

v0.28.20 (2026-07-05)

Features

  • Group/category section headings (<h2>) in the default theme now include an id attribute so they can be linked to via fragment identifiers (e.g. modules.html#classes), #3029.
  • Added a @reexport modifier tag to have TypeDoc convert variable/type references as a re-export instead of a new symbol, #3096.
  • API: Introduced generateOutputsBegin and generateOutputsEnd events on Application for plugin use.

Bug Fixes

  • When --emit none is used, TypeDoc will now report warnings about missing relative paths previously reported when rendering, #3078.
  • Improved performance via asynchronously performing git and file write operations, more performant JSX rendering, and source code bundling, #3103.
  • A @hidden tag on a constructor parameter-property will now only hide the property, not both the property and the parameter, #3111.
  • Custom @group and @category titles with the same sort weight are now ordered consistently with the alphabetical reflection sort, #3120.

Thanks!

Commits
  • 34d843b Update changelog for release
  • fbd4a25 Bump version to 0.28.20
  • 93ba157 Update dependencies in example
  • e8c5df8 Remove unnecessary files from distribution
  • 392b0dd Update dependencies
  • 8510dd4 Add missing entries in changelog before release
  • 51dc052 Update change log for 0.28.20 release
  • 72f20cd Merge branch 'fix-locale-sort-group-category-titles' into dev
  • 623f2c0 Fix failing test, accept slightly slower build for now
  • c8bdf14 Minor config tweak to improve dev build time
  • Additional commits viewable in compare view

@dependabot dependabot Bot added Dependencies javascript Pull requests that update Javascript code labels Jul 10, 2026
@dependabot dependabot Bot added Dependencies javascript Pull requests that update Javascript code labels Jul 10, 2026
@vercel

vercel Bot commented Jul 10, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
docs Ready Ready Preview, Comment Jul 10, 2026 3:18pm

Request Review

@github-actions

Copy link
Copy Markdown
Contributor

⚠️ Security Audit Warning

The pnpm audit --prod check found security vulnerabilities in production dependencies.

Please review and fix the vulnerabilities. You can try running:

pnpm audit --fix --prod
Audit output
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ low                 │ @ai-sdk/provider-utils has an Uncontrolled Resource    │
│                     │ Consumption issue                                      │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ @ai-sdk/provider-utils                                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=3.0.97                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=3.0.98                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ ts__e2e-tests__runtimes__node__mastra-tool-router-zod- │
│                     │ v3>@mastra/core>@ai-sdk/provider-utils                 │
│                     │                                                        │
│                     │ ts__e2e-tests__runtimes__node__mastra-tool-router-zod- │
│                     │ v3>@mastra/mcp>@mastra/core>@ai-sdk/provider-utils     │
│                     │                                                        │
│                     │ ts__e2e-tests__runtimes__node__mastra-tool-router-zod- │
│                     │ v4>@mastra/core>@ai-sdk/provider-utils                 │
│                     │                                                        │
│                     │ ... Found 14 paths, run `pnpm why                      │
│                     │ @ai-sdk/provider-utils` for more information           │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-866g-f22w-33x8      │
└─────────────────────┴────────────────────────────────────────────────────────┘
1 vulnerabilities found
Severity: 1 low

@socket-security

socket-security Bot commented Jul 10, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addednpm/​typescript-eslint@​8.63.01001007498100
Addednpm/​turbo@​2.10.41001008597100
Addednpm/​typedoc@​0.28.201001009789100

View full report

@dependabot dependabot Bot changed the title chore(deps-dev): bump the npm-development group with 3 updates chore(deps-dev): bump the npm-development group across 1 directory with 3 updates Jul 10, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-development-fda7836142 branch from c0755b5 to 7d1ae6e Compare July 10, 2026 07:51
…th 3 updates

Bumps the npm-development group with 3 updates in the / directory: [turbo](https://github.com/vercel/turborepo), [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) and [typedoc](https://github.com/TypeStrong/TypeDoc).


Updates `turbo` from 2.10.2 to 2.10.4
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.10.2...v2.10.4)

Updates `typescript-eslint` from 8.62.1 to 8.63.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.63.0/packages/typescript-eslint)

Updates `typedoc` from 0.28.19 to 0.28.20
- [Release notes](https://github.com/TypeStrong/TypeDoc/releases)
- [Changelog](https://github.com/TypeStrong/typedoc/blob/master/CHANGELOG.md)
- [Commits](TypeStrong/typedoc@v0.28.19...v0.28.20)

---
updated-dependencies:
- dependency-name: turbo
  dependency-version: 2.10.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: typedoc
  dependency-version: 0.28.20
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: typescript-eslint
  dependency-version: 8.63.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-development-fda7836142 branch from 7d1ae6e to 01fe08d Compare July 10, 2026 15:16
@jkomyno Alberto Schiabel (jkomyno) merged commit 09aab1d into next Jul 13, 2026
22 checks passed
@jkomyno Alberto Schiabel (jkomyno) deleted the dependabot/npm_and_yarn/npm-development-fda7836142 branch July 13, 2026 09:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Dependencies javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant