Skip to content

chore(deps): bump the npm group with 10 updates#533

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-2dc6d3e718
Open

chore(deps): bump the npm group with 10 updates#533
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-2dc6d3e718

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm group with 10 updates:

Package From To
cron-parser 5.5.0 5.6.0
cronstrue 3.14.0 3.20.0
graphql 16.14.2 17.0.1
@sveltejs/adapter-node 5.5.4 5.5.5
@sveltejs/kit 2.65.2 2.66.0
@types/luxon 3.7.1 3.7.2
eslint-plugin-unicorn 67.0.0 68.0.0
houdini 2.0.0-next.12 2.0.0-next.41
houdini-svelte 3.0.0-next.14 3.0.0-next.35
lint-staged 17.0.7 17.0.8

Updates cron-parser from 5.5.0 to 5.6.0

Commits
  • b122a77 chore: bump version
  • 2a5707f chore: update deps and adapt tsconfig for TypeScript 6 (#412)
  • f54834c chore: include nodejs 26.x in the matrix
  • c8afb3e fix: preserve timezone in CronExpression.reset() (#407)
  • 04e300a fix: stop hour-step loop early on spring-forward DST days to prevent day skip...
  • 0fe3deb test: achieve 100% code coverage
  • 033048e test: remove unseeded hash expressions with conflicting dayOfMonth/month
  • 90e1c68 fix: ES6 iterator done flag handling
  • b98dda1 chore: include nodejs 24.x and 25.x in the matrix
  • 862c0cd fix: CronExpressionParser.#parseRepeat ranges parsing
  • Additional commits viewable in compare view

Updates cronstrue from 3.14.0 to 3.20.0

Release notes

Sourced from cronstrue's releases.

v3.20.0

Full Changelog: bradymholt/cRonstrue@v3.19.0...v3.20.0

v3.19.0

What's Changed

Full Changelog: bradymholt/cRonstrue@v3.18.0...v3.19.0

v3.18.0

What's Changed

Full Changelog: bradymholt/cRonstrue@v3.16.0...v3.18.0

Commits
  • 8f92b50 Version 3.20.0
  • c84ccdd Change permissions from issues to pull-requests
  • 22de39e Version 3.19.0
  • edeb162 Fix publish workflow: add issues: write permission for PR comments (#395)
  • 676e134 Version 3.18.0
  • d5d24e4 Fixes for publishing
  • b62f52d Bump version from 3.16.0 to 3.17.0
  • 939831a Fix npm Trusted Publishers (OIDC) auth in publish workflow (#393)
  • 7ebb60d Update permissions in publish.yml
  • 92d57e9 fix: push version commit/tag only after successful npm publish (#391)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for cronstrue since your current version.


Updates graphql from 16.14.2 to 17.0.1

Release notes

Sourced from graphql's releases.

v17.0.1 (2026-06-16)

Bug Fix 🐞

  • #4824 fix(diagnostics): emit asyncStart after promise settlement to match native tracePromise (@​logaretm)

Internal 🏠

Committers: 2

v17.0.0 (2026-06-15)

New Feature 🚀

Bug Fix 🐞

Docs 📝

Polish 💅

... (truncated)

Commits
  • 9617473 chore(release): v17.0.1
  • 851bd6a chore(release): protect latest release channels (#4825)
  • c471d36 fix(diagnostics): emit asyncStart after promise settlement to match native `t...
  • 3f3895f chore(npm): remove obsolete ESM-only package build (#4823)
  • c7e494a chore(release): v17.0.0
  • d977f66 docs: post 17.rc-0 update (#4817)
  • 39f865f docs: document @experimental_disableErrorPropagation (#4820)
  • 61db552 feat: graduate directives on directives (#4819)
  • e8e5d64 Revert "feat(validation): reject directive definition cycles (#4726)" (#4815)
  • f8ffad3 feat(validation): reject directive definition cycles (#4726)
  • Additional commits viewable in compare view

Updates @sveltejs/adapter-node from 5.5.4 to 5.5.5

Release notes

Sourced from @​sveltejs/adapter-node's releases.

@​sveltejs/adapter-node@​5.5.5

Patch Changes

Changelog

Sourced from @​sveltejs/adapter-node's changelog.

5.5.5

Patch Changes

Commits

Updates @sveltejs/kit from 2.65.2 to 2.66.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.66.0

Minor Changes

  • feat: precompress prerendered .md and .mdx files (#15893)

  • feat: warn the user when they forget to make boolean inputs optional in their form schemas (#15804)

Patch Changes

  • fix: blur active element before component update during navigation so that blur/focusout handlers fire while old component data is still valid (#15452)

  • fix: ensure base is available from $service-worker during development (#15882)

  • fix: use correct relative asset paths when rendering an error page for a missing __data.json request (#15884)

  • fix: preserve active for await consumers across query.live reconnects (#16022)

  • fix: settle query.live reconnect promise on all exit paths, preventing invalidateAll() from deadlocking when a live query is offline or interrupted (#16022)

  • fix: preserve last value when a query.live stream completes without yielding on reconnect (#16022)

  • fix: remove types: ['node'] from generated tsconfig to avoid errors when @types/node is not installed (#15709)

  • fix: prefer pages over endpoints when prerendering (#16076)

  • fix: restore snapshots after afterNavigate callbacks (#16066)

  • fix: support ws:/wss: and trusted-types-eval for CSP sources (#15938)

  • fix: omit empty file inputs from remote form data (#15898)

  • fix: fail early if a route with +page and +server is marked as prerenderable (#16075)

  • fix: wait a tick before resetting forms (#15805)

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.66.0

Minor Changes

  • feat: precompress prerendered .md and .mdx files (#15893)

  • feat: warn the user when they forget to make boolean inputs optional in their form schemas (#15804)

Patch Changes

  • fix: blur active element before component update during navigation so that blur/focusout handlers fire while old component data is still valid (#15452)

  • fix: ensure base is available from $service-worker during development (#15882)

  • fix: use correct relative asset paths when rendering an error page for a missing __data.json request (#15884)

  • fix: preserve active for await consumers across query.live reconnects (#16022)

  • fix: settle query.live reconnect promise on all exit paths, preventing invalidateAll() from deadlocking when a live query is offline or interrupted (#16022)

  • fix: preserve last value when a query.live stream completes without yielding on reconnect (#16022)

  • fix: remove types: ['node'] from generated tsconfig to avoid errors when @types/node is not installed (#15709)

  • fix: prefer pages over endpoints when prerendering (#16076)

  • fix: restore snapshots after afterNavigate callbacks (#16066)

  • fix: support ws:/wss: and trusted-types-eval for CSP sources (#15938)

  • fix: omit empty file inputs from remote form data (#15898)

  • fix: fail early if a route with +page and +server is marked as prerenderable (#16075)

  • fix: wait a tick before resetting forms (#15805)

... (truncated)

Commits
  • 4c9b8f1 Version Packages (#16062)
  • 276744d fix: preflight schemas apply correctly when chained before for (#15863)
  • e8c8d84 chore: DRY out __sveltekit_xyz123 stuff (#16085)
  • 4eabadc fix: fail early if a route with +page and +server is marked as prerendera...
  • de47227 chore: correctly type keys of the URL object (#16078)
  • f8c842c fix: prefer pages over endpoints when prerendering (#16076)
  • 63f1b0b fix: blur active element before component update during navigation (#15452)
  • 860b3c7 fix: remove types: ['node'] from generated tsconfig (#15709)
  • 8740132 fix: show error.html when root layout load() throws in SPA mode (#15798)
  • 0d8ef59 chore: await web-first assertions in basics client tests (#16068)
  • Additional commits viewable in compare view

Updates @types/luxon from 3.7.1 to 3.7.2

Commits

Updates eslint-plugin-unicorn from 67.0.0 to 68.0.0

Release notes

Sourced from eslint-plugin-unicorn's releases.

v68.0.0

Breaking

Awesome

Now 300+ rules 🎉

New rules

Improvements

... (truncated)

Commits

Updates houdini from 2.0.0-next.12 to 2.0.0-next.41

Commits

Updates houdini-svelte from 3.0.0-next.14 to 3.0.0-next.35

Commits
Install script changes

This version adds postinstall script that runs during installation. Review the package contents before updating.


Updates lint-staged from 17.0.7 to 17.0.8

Release notes

Sourced from lint-staged's releases.

v17.0.8

Patch Changes

  • #1809 179b437 - Fix lint-staged discarding the ongoing merge conflict status (.git/MERGE_HEAD) when using the --hide-unstaged or --hide-all options.

  • #1811 3d0b2c0 - Fix issues with Git commands that are successful but also emit warnings to stderr, by ignoring the stderr output completely when the process exits with code 0. This was the behavior when using nano-spawn and execa, but when switching to tinyexec in 16.3.0 both stdout and stderr were used as interleaved output.

Changelog

Sourced from lint-staged's changelog.

17.0.8

Patch Changes

  • #1809 179b437 - Fix lint-staged discarding the ongoing merge conflict status (.git/MERGE_HEAD) when using the --hide-unstaged or --hide-all options.

  • #1811 3d0b2c0 - Fix issues with Git commands that are successful but also emit warnings to stderr, by ignoring the stderr output completely when the process exits with code 0. This was the behavior when using nano-spawn and execa, but when switching to tinyexec in 16.3.0 both stdout and stderr were used as interleaved output.

Commits
  • 5f3b8f2 Merge pull request #1812 from lint-staged/changeset-release/main
  • 43a9b8d chore(changeset): release
  • 630e2f6 Merge pull request #1809 from lint-staged/restore-merge-status
  • 179b437 fix: restore Git merge status after creating backup stash
  • 6bae2e2 Merge pull request #1811 from lint-staged/exec-git-ignore-stderr
  • b82a830 ci: run npm audit omitting dev, including prod dependencies
  • 0b19b80 build(deps): update dependencies
  • 3d0b2c0 fix: ignore stderr when doing Git operations
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [cron-parser](https://github.com/harrisiirak/cron-parser) | `5.5.0` | `5.6.0` |
| [cronstrue](https://github.com/bradymholt/cRonstrue) | `3.14.0` | `3.20.0` |
| [graphql](https://github.com/graphql/graphql-js) | `16.14.2` | `17.0.1` |
| [@sveltejs/adapter-node](https://github.com/sveltejs/kit/tree/HEAD/packages/adapter-node) | `5.5.4` | `5.5.5` |
| [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.65.2` | `2.66.0` |
| [@types/luxon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/luxon) | `3.7.1` | `3.7.2` |
| [eslint-plugin-unicorn](https://github.com/sindresorhus/eslint-plugin-unicorn) | `67.0.0` | `68.0.0` |
| [houdini](https://github.com/HoudiniGraphql/houdini) | `2.0.0-next.12` | `2.0.0-next.41` |
| [houdini-svelte](https://github.com/HoudiniGraphql/houdini) | `3.0.0-next.14` | `3.0.0-next.35` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `17.0.7` | `17.0.8` |


Updates `cron-parser` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/harrisiirak/cron-parser/releases)
- [Commits](harrisiirak/cron-parser@v5.5.0...v5.6.0)

Updates `cronstrue` from 3.14.0 to 3.20.0
- [Release notes](https://github.com/bradymholt/cRonstrue/releases)
- [Changelog](https://github.com/bradymholt/cRonstrue/blob/main/CHANGELOG.md)
- [Commits](bradymholt/cRonstrue@v3.14.0...v3.20.0)

Updates `graphql` from 16.14.2 to 17.0.1
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](graphql/graphql-js@v16.14.2...v17.0.1)

Updates `@sveltejs/adapter-node` from 5.5.4 to 5.5.5
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/adapter-node/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/adapter-node@5.5.5/packages/adapter-node)

Updates `@sveltejs/kit` from 2.65.2 to 2.66.0
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.66.0/packages/kit)

Updates `@types/luxon` from 3.7.1 to 3.7.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/luxon)

Updates `eslint-plugin-unicorn` from 67.0.0 to 68.0.0
- [Release notes](https://github.com/sindresorhus/eslint-plugin-unicorn/releases)
- [Commits](sindresorhus/eslint-plugin-unicorn@v67.0.0...v68.0.0)

Updates `houdini` from 2.0.0-next.12 to 2.0.0-next.41
- [Release notes](https://github.com/HoudiniGraphql/houdini/releases)
- [Commits](https://github.com/HoudiniGraphql/houdini/commits)

Updates `houdini-svelte` from 3.0.0-next.14 to 3.0.0-next.35
- [Release notes](https://github.com/HoudiniGraphql/houdini/releases)
- [Commits](https://github.com/HoudiniGraphql/houdini/commits)

Updates `lint-staged` from 17.0.7 to 17.0.8
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v17.0.7...v17.0.8)

---
updated-dependencies:
- dependency-name: cron-parser
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: cronstrue
  dependency-version: 3.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: graphql
  dependency-version: 17.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: "@sveltejs/adapter-node"
  dependency-version: 5.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.66.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@types/luxon"
  dependency-version: 3.7.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint-plugin-unicorn
  dependency-version: 68.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: npm
- dependency-name: houdini
  dependency-version: 2.0.0-next.41
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: houdini-svelte
  dependency-version: 3.0.0-next.35
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: lint-staged
  dependency-version: 17.0.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 6, 2026
Copilot AI review requested due to automatic review settings July 6, 2026 00:18
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 6, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant