Skip to content

chore: update dependencies #10995

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

chore: update dependencies #10995

wants to merge 7 commits into from

Conversation

reneleonhardt
Copy link

Description:

  • Update cargo dependencies and github-actions
  • Upgrade cargo dependencies
  • Let dependabot update cargo, github-actions, gitsubmodule and npm
  • Outdated dependencies

BREAKING CHANGE:

  • Bump MSRV to 1.87 according to cargo msrv before updating dependencies

Related issue (if exists):

@reneleonhardt reneleonhardt requested review from a team as code owners August 8, 2025 15:50
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Aug 8, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: f1f2678

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@reneleonhardt
Copy link
Author

Not Updated

  • npm dependencies haven't been updated (wait for dependabot)
  • rust-toolchain 1.88.0-nightly hasn't been updated to 1.91.0-nightly (current nightly)
  • Nested Cargo.lock files (wait for dependabot)
  • nodejs-rust:lts-alpine (alpine 3.20.3, workflow uses repos from 3.21, latest is 3.22)
  • Breaking Changes:
    • allocator-api2 0.3
    • napi 3
    • nom 8

@reneleonhardt reneleonhardt requested a review from a team as a code owner August 8, 2025 16:33
@codspeed-hq CodSpeed HQ
Copy link

codspeed-hq bot commented Aug 8, 2025
edited
Loading

CodSpeed Performance Report

Merging #10995 will degrade performances by 4.18%

Comparing reneleonhardt:chore/update-dependencies (f1f2678) with main (79206f1)

Summary

⚡ 4 improvements
❌ 17 regressions
✅ 119 untouched benchmarks

⚠️ Please fix the performance issues or acknowledge them on CodSpeed.

Benchmarks breakdown

Benchmark BASE HEAD Change
css/parser/foundation_6_7_4 37 ms 37.8 ms -2.07%
es/lexer/angular 9.9 ms 10.1 ms -2.21%
es/lexer/backbone 1.4 ms 1.4 ms -2.83%
es/lexer/cal-com 28.6 ms 29.2 ms -2.32%
es/lexer/colors 35.3 µs 36.2 µs -2.64%
es/lexer/jquery 7.5 ms 7.7 ms -2.76%
es/lexer/jquery mobile 11.5 ms 11.7 ms -2.38%
es/lexer/mootools 6 ms 6.2 ms -2.84%
es/lexer/three 35.5 ms 36.4 ms -2.44%
es/lexer/underscore 1.2 ms 1.2 ms -3.17%
es/lexer/yui 6.1 ms 6.2 ms -2.37%
es/full-target/es2016 540.4 µs 561.3 µs -3.72%
github 40.7 ms 41.6 ms -2.15%
stackoverflow 35.2 ms 36.1 ms -2.37%
github 40.1 ms 41 ms -2.19%
stackoverflow 35.5 ms 36.2 ms -2.15%
html/parser/parser_document/css_2021_spec 71.6 ms 70.1 ms +2.03%
html/parser/parser_document/stackoverflow_com_17_05_2022 22.3 ms 21.7 ms +2.83%
html/parser/parser_document_fragment/css_2021_spec 71.2 ms 69.7 ms +2.1%
html/parser/parser_document_fragment/stackoverflow_com_17_05_2022 22.3 ms 21.6 ms +2.91%
... ... ... ... ...

ℹ️ Only the first 20 benchmarks are displayed. Go to the app to view all benchmarks.

@reneleonhardt reneleonhardt force-pushed the chore/update-dependencies branch 2 times, most recently from 5d745b4 to dfbe07a Compare August 8, 2025 20:02
@socket-security Socket Security
Copy link

socket-security bot commented Aug 8, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​babel/​traverse@​7.22.1100257893100
Added@​types/​terser@​3.12.0641003575100
Added@​ast-grep/​napi-darwin-arm64@​0.3.31001003695100
Added@​ast-grep/​napi-darwin-x64@​0.3.3991003695100
Added@​ast-grep/​napi-linux-x64-gnu@​0.3.31001003695100
Added@​ast-grep/​napi-win32-arm64-msvc@​0.3.3991003695100
Added@​ast-grep/​napi-win32-ia32-msvc@​0.3.3991003695100
Added@​ast-grep/​napi-win32-x64-msvc@​0.3.31001003695100
Added@​swc/​counter@​0.1.31001003978100
Addednode-releases@​2.0.131001004177100
Addedfunction-bind@​1.1.2671008252100
Addedis-core-module@​2.12.1671008053100
Added@​swc/​plugin-jest@​1.5.117801005594100
Added@​babel/​plugin-transform-react-jsx-development@​7.18.61001005889100
Updatedjest-get-type@​25.2.6 ⏵ 29.6.310010060 +183100
Added@​babel/​plugin-syntax-async-generators@​7.8.41001006081100
Added@​babel/​plugin-syntax-import-meta@​7.10.41001006081100
Added@​babel/​plugin-syntax-json-strings@​7.8.31001006081100
Added@​babel/​plugin-syntax-logical-assignment-operators@​7.10.41001006081100
Added@​babel/​plugin-syntax-nullish-coalescing-operator@​7.8.31001006081100
Added@​babel/​plugin-syntax-numeric-separator@​7.10.41001006081100
Added@​babel/​plugin-syntax-object-rest-spread@​7.8.31001006081100
Added@​babel/​plugin-syntax-optional-catch-binding@​7.8.31001006081100
Added@​babel/​plugin-syntax-optional-chaining@​7.8.31001006081100
Added@​babel/​plugin-syntax-dynamic-import@​7.8.31001006081100
Added@​babel/​plugin-syntax-export-namespace-from@​7.8.31001006081100
Added@​babel/​plugin-syntax-private-property-in-object@​7.14.51001006081100
Added@​babel/​plugin-transform-dotall-regex@​7.18.61001006189100
Added@​babel/​plugin-transform-unicode-regex@​7.18.61001006189100
Added@​babel/​plugin-syntax-class-properties@​7.12.131001006181100
Added@​babel/​plugin-syntax-class-static-block@​7.14.51001006181100
Added@​babel/​plugin-syntax-top-level-await@​7.14.51001006181100
Added@​babel/​plugin-syntax-import-assertions@​7.20.01001006189100
See 247 more rows in the dashboard

View full report

@reneleonhardt reneleonhardt force-pushed the chore/update-dependencies branch from dfbe07a to 687c50f Compare August 8, 2025 21:25
@reneleonhardt reneleonhardt force-pushed the chore/update-dependencies branch from 687c50f to f1f2678 Compare August 9, 2025 13:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@reneleonhardt @CLAassistant