chore(deps): update external fixes #365

renovate · 2025-08-09T13:44:46Z

This PR contains the following updates:

Package	Change	Type	Update
@redocly/cli	`1.25.15` -> `1.34.5`	devDependencies	minor
@semantic-release/npm	`12.0.1` -> `12.0.2`	devDependencies	patch
c8	`10.1.2` -> `10.1.3`	devDependencies	patch
chai (source)	`5.1.2` -> `5.3.3`	devDependencies	minor
chai-as-promised	`8.0.1` -> `8.0.2`	devDependencies	patch
codecov	`5.0.3` -> `5.4.3`	orb	minor
dotenv	`16.4.7` -> `16.6.1`	devDependencies	minor
esmock	`2.6.9` -> `2.7.3`	devDependencies	minor
jsdoc-to-markdown	`9.1.1` -> `9.1.3`	devDependencies	patch
lint-staged	`15.2.10` -> `15.5.2`	devDependencies	minor
mocha-suppress-logs	`0.5.1` -> `0.6.0`	devDependencies	minor
nodemon (source)	`3.1.7` -> `3.1.11`	devDependencies	patch
semantic-release	`24.2.0` -> `24.2.9`	devDependencies	patch
sinon (source)	`19.0.2` -> `19.0.5`	devDependencies	patch
sinon-chai	`4.0.0` -> `4.0.1`	devDependencies	patch
yaml (source)	`2.6.1` -> `2.8.1`	devDependencies	minor

Release Notes

Redocly/redocly-cli (@redocly/cli)

`v1.34.5`

Compare Source

Patch Changes

Updated form-data to 4.0.4 for Redocly CLI v1.
Updated @redocly/respect-core to v1.34.5.

`v1.34.4`

Compare Source

Patch Changes

Resolved an issue where [email protected] injected an unintended message into the output.
Updated @redocly/respect-core to v1.34.4.

`v1.34.3`

Compare Source

Patch Changes

Updated Redoc to v2.5.0.
Updated @redocly/openapi-core to v1.34.3.

Patch Changes

Improved OpenTelemetry data serialization.
Updated @redocly/respect-core to v1.34.1.

`v1.34.0`

Compare Source

Minor Changes

Added global execution timeout timer to respect command execution to prevent infinite test runs. You can configure this timer using the RESPECT_TIMEOUT environment variable (defaults to 1 hour).

Patch Changes

Updated @redocly/respect-core to v1.34.0.

`v1.33.1`

Compare Source

Patch Changes

Fixed generate-arazzo command to properly handle output file paths. The output-file parameter must have a value when provided.
Updated @redocly/respect-core to v1.33.1.

`v1.33.0`

Compare Source

Minor Changes

Added support for generating workflows from OpenAPI operations without operationIds. The generate-arazzo command now automatically generates operationPaths using the URL pattern: {$sourceDescriptions.<name>.url}#/paths/<path>/<method>.

Patch Changes

Updated @redocly/respect-core to v1.33.0.

`v1.32.2`

Compare Source

Patch Changes

Fixed step execution to respect severity levels when handling step failures. Previously, steps would always break workflow execution on failure when onFailure is omitted, but now they properly consider the configured severity level (e.g., warn | off severity allows subsequent steps to execute).
Updated @redocly/openapi-core to v1.32.2.

`v1.32.1`

Compare Source

Patch Changes

Added support for basic, bearer, and apiKey security schemes in workflow generation with generate-arazzo command.
Updated @redocly/openapi-core to v1.32.1.

`v1.32.0`

Compare Source

Minor Changes

Added support for linting, preprocessors, decorators, and type extensions for Overlay v1 documents.

Patch Changes

Updated OAS3 Schema type definition to correct type keyword enum, removed null.
Fixed an issue where JSON logs did not properly capture data from nested external workflows.
Updated @redocly/openapi-core to v1.32.0.

`v1.31.3`

Compare Source

Patch Changes

Updated @redocly/openapi-core to v1.31.3.

`v1.31.2`

Compare Source

Patch Changes

Fixed sourceDescription name generation in generate-arazzo command when using OpenAPI files that contain multiple periods "." in their filenames.
Updated @redocly/respect-core to v1.31.2.

`v1.31.1`

Compare Source

Patch Changes

Added the missing respect-core import in Redocly CLI package.
Updated @redocly/openapi-core to v1.31.1.

`v1.31.0`

Compare Source

Minor Changes

Added the generate-arazzo command to scaffold Arazzo description templates out of OpenAPI descriptions.
Added the respect command to test APIs against Arazzo description files.

Patch Changes

Updated @redocly/openapi-core to v1.31.0.

`v1.30.0`

Compare Source

Minor Changes

Added OAuth 2.0 Device authorization flow that enables users to authenticate through Reunite API.

Patch Changes

Updated operation-tag-defined built-in rule to verify tags are defined on the operation prior to matching them to a global tag.
Updated @redocly/openapi-core to v1.30.0.

`v1.29.0`

Compare Source

Minor Changes

Added typings and interfaces for Overlay Specification v1.0.0.

Patch Changes

Fixed a problem where the split command produced backslashes instead of forward slashes in $refs on Windows.
Fixed an issue where the no-invalid-media-type-examples rule crashed instead of reporting an error when it failed to resolve an example from a $ref.
Updated @redocly/openapi-core to v1.29.0.

`v1.28.5`

Compare Source

Patch Changes

Fixed an issue where the build-docs command produced incorrect output.
Updated @redocly/openapi-core to v1.28.5.

`v1.28.4`

Compare Source

Patch Changes

Fixed an issue where the build-docs command failed when React 19 was installed in the project folder.
Updated @redocly/openapi-core to v1.28.4.

`v1.28.3`

Compare Source

Patch Changes

Updated @redocly/openapi-core to v1.28.3.

`v1.28.2`

Compare Source

Patch Changes

Updated @redocly/openapi-core to v1.28.2.

`v1.28.1`

Compare Source

Patch Changes

Updated @redocly/openapi-core to v1.28.1.

`v1.28.0`

Compare Source

Minor Changes

Switched to using native fetch API instead of node-fetch dependency, improving performance and reducing bundle size.

Patch Changes

Updated @redocly/openapi-core to v1.28.0.

`v1.27.2`

Compare Source

Patch Changes

Updated the sideNavStyle configuration schema to include the path-only option.
Updated @redocly/openapi-core to v1.27.2.

`v1.27.1`

Compare Source

Patch Changes

Fixed an issue where running the preview command failed because one of its dependencies could not be resolved.
The issue occurred when Realm was not installed in the node_modules of the project.
Updated @redocly/openapi-core to v1.27.1.

`v1.27.0`

Compare Source

Minor Changes

Added the ability to override default problem messages for built-in rules.

Patch Changes

Fixed an issue where apis' root in redocly.yaml was not resolved properly when the value of root was a URL.
Updated the Redocly CLI command redocly build-docs to use stdout instead of stderr for simple logs.
Updated @redocly/openapi-core to v1.27.0.

`v1.26.1`

Compare Source

Patch Changes

Fixed an issue where an API alias's root path might be resolved incorrectly for configuration files located outside the root folder.
Updated @redocly/openapi-core to v1.26.1.

`v1.26.0`

Compare Source

Minor Changes

Introduced the struct rule and deprecated the spec rule.
Added the spec ruleset, which enforces compliance with the specifications.

Patch Changes

Fixed an issue where the CLI would fail to run on Windows due to a breaking change in the Node.js API.
Fixed an issue where join would throw an error when a glob pattern was provided.
Updated sourceDescriptions to enforce a valid type field, ensuring compliance with the Arazzo specification.
Updated @redocly/openapi-core to v1.26.0.

semantic-release/npm (@semantic-release/npm)

`v12.0.2`

Compare Source

Bug Fixes

deps: update npm to ^10.9.3 (#972) (93e0937)

bcoe/c8 (c8)

`v10.1.3`

Compare Source

Bug Fixes

deps: update bcoe/v8-coverage addressing v8 issue (#552) (b32a563)

chaijs/chai (chai)

`v5.3.3`

Compare Source

What's Changed

fix: keep names in bundle by @43081j in #1702
chore: support publishing v5 by @43081j in #1703
chore: update npm tag name by @43081j in #1704

Full Changelog: chaijs/chai@v5.3.2...v5.3.3

`v5.3.2`

Compare Source

Reverts the removal of the bundled version of chai in 5.3.1

What's Changed

Update core contributors by @keithamus in #1697
feat: reintroduce bundle by @43081j in #1699

Full Changelog: chaijs/chai@v5.3.1...v5.3.2

`v5.3.1`

Compare Source

What's Changed

chore: remove bundled chai by @43081j in #1694

Full Changelog: chaijs/chai@v5.3.0...v5.3.1

`v5.3.0`

Compare Source

What's Changed

chore: change main to point at chai directly by @43081j in #1696

Full Changelog: chaijs/chai@v5.2.2...v5.3.0

`v5.2.2`

Compare Source

What's Changed

chore: use files for publishing by @43081j in #1695

Full Changelog: chaijs/chai@v5.2.1...v5.2.2

`v5.2.1`

Compare Source

What's Changed

Mostly internal changes but @SuperchupuDev realised the package.json engines field was out of date, so it has been updated to reflect that v5.0.0 onwards only supports Node >=18.

build(deps): bump serialize-javascript and mocha by @dependabot in #1673
build(deps-dev): bump esbuild from 0.19.10 to 0.25.0 by @dependabot in #1671
Enable no-var rule and fix violations by @koddsson in #1675
Convert Assertion function to a class by @koddsson in #1677
More typing by @koddsson in #1679
build(deps-dev): bump tar-fs from 3.0.6 to 3.0.8 by @dependabot in #1682
build(deps-dev): bump tar-fs from 3.0.8 to 3.0.9 by @dependabot in #1688
chore: fix lint errors and add lint to CI by @43081j in #1689
docs: update minimum node version in readme by @SuperchupuDev in #1691
chore: update minimum node version by @SuperchupuDev in #1692

New Contributors

@SuperchupuDev made their first contribution in #1691

Full Changelog: chaijs/chai@v5.2.0...v5.2.1

`v5.2.0`

Compare Source

What's Changed

fix: ability to register more plugins inside a plugin by @tpluscode in #1639
chore: bump playwright to fix CI by @43081j in #1663
chore: introduce prettier and run it by @43081j in #1660
chore: drop old CJS entrypoints by @43081j in #1662
chore: enable eslint recommended config by @43081j in #1659
Integrated chai-subset and added assert-based negation to containSubset by @BreadInvasion in #1664
Add coverage check to tests by @koddsson in #1669
fix floating point precision in closeTo assertion by @koddsson in #1667

New Contributors

@tpluscode made their first contribution in #1639
@BreadInvasion made their first contribution in #1664

Full Changelog: chaijs/chai@v5.1.2...v5.2.0

chaijs/chai-as-promised (chai-as-promised)

`v8.0.2`

Compare Source

What's Changed

chore: add renovate by @43081j in #304
chore(deps): update dependency c8 to v10 by @renovate[bot] in #305
chore: move to eslint flat config by @43081j in #308
chore(deps): update dependency eslint to v9 by @renovate[bot] in #306
chore(deps): update dependency mocha to v11 by @renovate[bot] in #309
fix(deps): update dependencies by @renovate[bot] in #310
chore(deps): update dependencies by @renovate[bot] in #311
chore(deps): update dependency globals to v16 by @renovate[bot] in #312
chore(deps): update dependencies by @renovate[bot] in #313
chore(deps): update dependency prettier to v3.5.3 by @renovate[bot] in #314
chore(deps): update dependencies to v9.22.0 by @renovate[bot] in #315
chore(deps): update dependencies by @renovate[bot] in #316
chore(deps): update dependency eslint to v9.24.0 by @renovate[bot] in #317
chore(deps): update dependencies to v9.25.0 by @renovate[bot] in #318
chore(deps): update dependencies to v9.25.1 by @renovate[bot] in #319
chore(deps): update dependencies by @renovate[bot] in #320
chore(deps): update dependency globals to v16.1.0 by @renovate[bot] in #321
chore(deps): update dependencies by @renovate[bot] in #322
chore(deps): update dependencies by @renovate[bot] in #323
chore(deps): update dependencies to v9.28.0 by @renovate[bot] in #324
chore(deps): update dependencies by @renovate[bot] in #325
chore(deps): update dependencies by @renovate[bot] in #326
chore(deps): update dependencies by @renovate[bot] in #327
chore(deps): update dependencies by @renovate[bot] in #328
chore(deps): update dependencies by @renovate[bot] in #329
chore(deps): update dependencies to v9.32.0 by @renovate[bot] in #330
chore(deps): update dependencies to v9.33.0 by @renovate[bot] in #331
chore(deps): update actions/checkout action to v5 by @renovate[bot] in #332
chore: support chai 6 by @43081j in #335

New Contributors

@renovate[bot] made their first contribution in #305

Full Changelog: chaijs/chai-as-promised@v8.0.1...v8.0.2

motdotla/dotenv (dotenv)

`v16.6.1`

Compare Source

Changed

Default quiet to true – hiding the runtime log message (#874)
NOTICE: 17.0.0 will be released with quiet defaulting to false. Use config({ quiet: true }) to suppress.
And check out the new dotenvx. As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch require('dotenv').config() for require('@dotenvx/dotenvx').config().

`v16.6.0`

Compare Source

Added

Default log helpful message [[email protected]] injecting env (1) from .env (#870)
Use { quiet: true } to suppress
Aligns dotenv more closely with dotenvx.

`v16.5.0`

Compare Source

Added

🎉 Added new sponsor Graphite - the AI developer productivity platform helping teams on GitHub ship higher quality software, faster.

[!TIP]
Become a sponsor

The dotenvx README is viewed thousands of times DAILY on GitHub and NPM.
Sponsoring dotenv is a great way to get in front of developers and give back to the developer community at the same time.

Changed

Remove _log method. Use _debug #862

iambumblehead/esmock (esmock)

`v2.7.3`: restore support for ava and other test runners

Compare Source

restore support for ava and other test runners,

drop node version 18 and 20 from tests.
increment some dependencies and reduce audit warnings.
restore ava and all other disabled test-runner tests

`v2.7.2`: match exact export paths

Compare Source

increment resolvewithplus, match exact export paths, thanks @matz3

`v2.7.1`: add node v24 to test matrix

Compare Source

a "version bump" release with no new features adding node v24 to the test matrix

`v2.7.0`: resolve openai mocking

Compare Source

resolve issue that prevented openai package mock

update resolver to correctly resolve openai package
update typescript-eslint

jsdoc2md/jsdoc-to-markdown (jsdoc-to-markdown)

`v9.1.3`

Compare Source

Non-breaking change since v9.1.2

Removed deprecated lodash.omit package. jsdoc2md/jsdoc-parse#43

`v9.1.2`

Compare Source

Regression fix since v9.1.1

Previously, you could manually render files in a specific order. For example, in the output this code would render docs for two.js before one.js.

const output = await jsdoc2md.render({ files: ['src/two.js', 'src/one.js'] })

This behaviour was broken by the jsdoc-api v9.0.0 release - instead, that version first sorted the files into alphabetical order, thus rendering one.js before two.js.

Jsdoc-api v9.3.5 (used internally by jsdoc2md) fixes that regression - previous behaviour restored.

lint-staged/lint-staged (lint-staged)

`v15.5.2`

Compare Source

Patch Changes

#1544 5561321 Thanks @YimingIsCOLD! - Correctly handle colon (:) characters in staged filenames.

`v15.5.1`

Compare Source

Patch Changes

#1533 5d53534 Thanks @iiroj! - Improve listing of staged files so that lint-staged doesn't crash when encountering an uninitialized submodule. This should result in less errors like:
```
✖ Failed to get staged files!
```

`v15.5.0`

Compare Source

Minor Changes

#1526 630af5f Thanks @iiroj! - Lint-staged no longer resets to the original state when preventing an empty git commit. This happens when your configured tasks reset all the staged changes, typically when trying to commit formatting changes which conflict with your linter setup like ESLint or Prettier.

Example with Prettier

By default Prettier prefers double quotes.

Previously

Stage file.js with only double quotes " changed to '
Run git commit -am "I don't like double quotes"
Lint-staged runs prettier --write file.js, converting all the ' back to "
Because there are now no changes, lint-staged fails, cancels the commit, and resets back to the original state
Commit was not done, original state is restored and single quotes ' are staged

Now

Stage file.js with only double-quotes " changed to '
Run git commit -am "I don't like double quotes"
Lint-staged runs prettier --write file.js, converting all the ' back to "
Because there are now no changes, lint-staged fails and cancels the commit
Commit was not done, and there are no staged changes

`v15.4.3`

Compare Source

Patch Changes

#1512 cbfed1d Thanks @tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

`v15.4.2`

Compare Source

Patch Changes

#1509 8827ebf Thanks @iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

`v15.4.1`

Compare Source

Patch Changes

#1504 1c7a45e Thanks @iiroj! - Default TypeScript config filenames match JS equivalents.
#1504 9cc18c9 Thanks @iiroj! - Add missing conditional exports syntax for TypeScript types.

`v15.4.0`

Compare Source

Minor Changes

#1500 a8ec1dd Thanks @iiroj! - Lint-staged now provides TypeScript types for the configuration and main Node.js API. You can use the JSDoc syntax in your JS configuration files:
```
/**
 * @&#8203;filename: lint-staged.config.js
 * @&#8203;type {import('lint-staged').Configuration}
 */
export default {
  '*': 'prettier --write',
}
```
It's also possible to use the .ts file extension for the configuration if your Node.js version supports it. The --experimental-strip-types flag was introduced in Node.js v22.6.0 and unflagged in v23.6.0, enabling Node.js to execute TypeScript files without additional configuration.
```
export NODE_OPTIONS="--experimental-strip-types"

npx lint-staged --config lint-staged.config.ts
```

Patch Changes

#1501 9b79364 Thanks @iiroj! - Handle possible failures when logging user shell for debug info.

`v15.3.0`

Compare Source

Minor Changes

#1495 e69da9e Thanks @iiroj! - Added more info to the debug logs so that "environment" info doesn't need to be added separately to GitHub issues.
#1493 fa0fe98 Thanks @iiroj! - Added more help messages around the automatic git stash that lint-staged creates as a backup (by default). The console output also displays the short git hash of the stash so that it's easier to recover lost files in case some fatal errors are encountered, or the process is killed before completing.

For example:
```
% npx lint-staged
✔ Backed up original state in git stash (20addf8)
✔ Running tasks for staged files...
✔ Applying modifications from tasks...
✔ Cleaning up temporary files...
```
where the backup can be seen with git show 20addf8, or git stash list:
```
% git stash list
stash@{0}: lint-staged automatic backup (20addf8)
```

`v15.2.11`

Compare Source

Patch Changes

#1484 bcfe309 Thanks @wormsik! - Escape paths containing spaces when using the "shell" option.
#1487 7dd8caa Thanks @iiroj! - Do not treat submodule root paths as "staged files". This caused lint-staged to fail to a Git error when only updating the revision of a submodule.