Skip to content

deps(npm): bump the npm-minor-patch group with 3 updates#133

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-patch-6281967d75
Jun 8, 2026
Merged

deps(npm): bump the npm-minor-patch group with 3 updates#133
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-minor-patch-6281967d75

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-minor-patch group with 3 updates: @vitest/coverage-v8, openclaw and vitest.

Updates @vitest/coverage-v8 from 4.1.7 to 4.1.8

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.8

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • e61f2dd chore: release v4.1.8
  • e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
  • See full diff in compare view

Updates openclaw from 2026.5.28 to 2026.6.1

Release notes

Sourced from openclaw's releases.

openclaw 2026.6.1

Highlights

  • Agents and CLI-backed runtimes recover more cleanly from interrupted tool calls, stale session bindings, compaction handoffs, and media delivery retries. (#88129, #88136, #88141, #88162, #88182)
  • Channels and mobile delivery are steadier across Telegram, WhatsApp, iMessage, Slack, Discord, Microsoft Teams, Google Chat, Google Meet, and iOS realtime Talk. (#88096, #88105, #88183, #88231)
  • Provider and plugin requests now bound more timers, retries, OAuth/device-code lifetimes, media downloads, local service probes, and generated-content polling paths before they can hang a run.
  • Skills, session metadata, gateway runtime state, plugin metadata, memory watchers, and store writes do less repeated work on hot paths while keeping config, dispatch, and Linux file-watch behavior stable. (#89185, #89188, #85351) Thanks @​RomneyDa and @​NianJiuZst.
  • Skills and plugin loading now handle stale disabled snapshots and loader failures more clearly, so channel turns avoid disabled SecretRefs and operators get better recovery guidance. (#79072, #79173) Thanks @​zeus1959.
  • Workboard, SecretRef plugin manifests, hosted iOS push relay, and external Copilot/Tokenjuice packaging add broader orchestration, integration, and plugin delivery surfaces. (#82326, #87469, #87796, #88107, #88117)
  • Skill Workshop now has a fuller Control UI flow with proposal lists, today actions, revision handoff, searchable file previews, review states, locale coverage, and reusable session routing.
  • Chat and Control UI startup paths keep sends alive through history loading, stream deltas incrementally, skip markdown work while streaming, keep drafts local while typing, clear the composer after sends, trace first-output latency, prioritize first connect, and expose calmer composer controls. (#88772, #88825, #88998, #89030, #89106) Thanks @​vincentkoc and @​sallyom.
  • Provider coverage and model metadata now include MiniMax M3, account OAuth endpoints, Google/Vertex catalog fixes, OpenRouter SQLite model caching, Copilot Claude 1M capabilities, Foundry reasoning alignment, and OpenAI response replay guards. (#88480, #88512, #88851, #88860)
  • iMessage monitor state, inbound queues, and plugin install ledgers moved toward SQLite-backed state so restarts and local monitors recover with less duplicate filesystem scanning. (#88794, #88797)
  • Release, CI, Docker, E2E, plugin install, and diagnostics lanes now cap more logs, response bodies, readiness probes, artifact checks, status polling, child workflow waits, docker package cleanup, quiet test stalls, and rollback snapshots so failures report bounded proof instead of stalling. (#88966) Thanks @​RomneyDa.

Changes

  • Docs: add a dedicated Skill Workshop guide covering governed skill creation, reviewable proposals, CLI, Gateway, agent tool behavior, approval policy, support files, and recovery, and refresh the ClawHub showcase cards. (#88734) Thanks @​shakkernerd and @​vyctorbrzezowski.
  • Skills: let the skill_workshop agent tool apply, reject, and quarantine explicit proposals through the guarded review flow. Thanks @​shakkernerd.
  • Skills: let proposals carry approved support files under standard skill folders, with scanner, hash, and rollback safeguards. Thanks @​shakkernerd.
  • Skills: let pending proposals be revised in place with versioned, dated proposal frontmatter before approval. Thanks @​shakkernerd.
  • Skills: add Skill Workshop with pending proposals, CLI/Gateway review actions, rollback metadata, and the skill_workshop agent tool. Thanks @​shakkernerd.
  • Skill Workshop: add the Control UI navigation, styled dashboard, proposal today view, revision dialog, file preview modal, searchable preview files, reusable session handoff, and localized strings.
  • Plugins: externalize Tokenjuice as the official @openclaw/tokenjuice plugin with npm and ClawHub publish metadata.
  • Plugins: externalize the GitHub Copilot agent runtime as the official @openclaw/copilot plugin with npm and ClawHub publish metadata.
  • iOS: add hosted push relay defaults, realtime Talk playback, and a guarded WebSocket ping path for more reliable mobile sessions. (#88096, #88105, #88231)
  • iOS: support native iPad display layouts.
  • Workboard: add orchestration primitives and agent coordination tools for multi-agent planning and run tracking. (#87469)
  • Workboard: wire task-backed board runs and show task comments in the edit modal.
  • Code mode: add internal namespaces for scoped agent/global sessions and exact namespace tool dispatch. (#88043)
  • Code mode: add MCP API files and docs for code-mode integrations.
  • Control UI: add a Dreaming-tab agent selector and propagate the selected agent through Dreaming status, diary, and diary actions. (#78748) Thanks @​stevenepalmer.
  • Control UI: add calmer chat composer controls, local draft typing state, and first-output latency instrumentation for active chat entry. (#88772, #88998) Thanks @​vincentkoc.
  • Plugins: add a SecretRef provider integration manifest contract and extract shared LLM core packages for provider/plugin reuse. (#82326, #88117)
  • Plugins: persist the plugin install index in SQLite so installed package lookup survives reloads with less filesystem scanning. (#88794)
  • Providers: add MiniMax M3 model support. (#88860)
  • Doctor: add disk space health checks and stabilize post-upgrade JSON probes.
  • Channels: store inbound queues in SQLite and migrate iMessage monitor state to SQLite-backed tracking. (#88797)
  • Skills: add the core skills index and centralize skills runtime loading, status, filtering, and prompt formatting.

Fixes

  • Release/CI/E2E: fail early when Crabbox sparse-sync full checkouts do not have enough local disk, with guidance for moving the sync root.
  • Build: render independent CLI startup metadata help snapshots concurrently to cut cold build-all metadata time.
  • Plugins: stop timed-out package-boundary prep steps by process group so descendant TypeScript/helper processes do not survive local check cleanup.
  • Control UI: serve static assets asynchronously after safe-open checks so large UI files do not block Gateway request handling.
  • Scripts/UI: forward direct wrapper SIGHUP shutdown to child processes so terminal hangups do not leave wrapped dev commands running.
  • Gateway: return the post-expiration pending-work revision from node drains so reconnecting nodes do not observe stale queue revisions after expired items are pruned.
  • Release/CI/E2E: keep temporary full-sync checkouts alive while slow Crabbox leases boot, so sparse worktree runs do not lose their sync source before file-list generation.

... (truncated)

Commits
  • 2e08f0f chore(release): refresh plugin sdk baseline
  • 709b98f chore(release): prepare 2026.6.1 stable
  • 3b53e2c fix(ci): align health gateway mock typing
  • 30d7f3b fix(ci): stabilize shrinkwrap package ordering
  • 9853607 chore(release): prepare 2026.6.1 beta 3
  • 28b76fc fix(ci): preserve shrinkwrap dependency fork resolutions
  • c6d88b4 fix: handle gateway health credential errors (#89731)
  • ba0a7f7 fix(ui): localize skill workshop view switcher
  • caa1810 fix(kimi): strip anthropic cache markers
  • 5f9b45b fix(google): forward Gemini stop sequences
  • Additional commits viewable in compare view

Updates vitest from 4.1.7 to 4.1.8

Release notes

Sourced from vitest's releases.

v4.1.8

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • e61f2dd chore: release v4.1.8
  • e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(npm): bump the npm-minor-patch group with 3 updates
a953988 
Bumps the npm-minor-patch group with 3 updates: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8), [openclaw](https://github.com/openclaw/openclaw) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-v8` from 4.1.7 to 4.1.8
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8)

Updates `openclaw` from 2026.5.28 to 2026.6.1
- [Release notes](https://github.com/openclaw/openclaw/releases)
- [Commits](openclaw/openclaw@v2026.5.28...v2026.6.1)

Updates `vitest` from 4.1.7 to 4.1.8
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: openclaw
  dependency-version: 2026.6.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
- dependency-name: vitest
  dependency-version: 4.1.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 8, 2026
Copilot AI review requested due to automatic review settings June 8, 2026 11:06
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 8, 2026
Copilot AI reviewed Jun 8, 2026

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@github-actions github-actions Bot added the deps label Jun 8, 2026
@github-actions github-actions Bot merged commit 2a233e4 into main Jun 8, 2026
11 of 13 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-minor-patch-6281967d75 branch June 8, 2026 11:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file deps javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant