Skip to content

build(deps): Bump the all group across 1 directory with 6 updates#19

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/all-0d77f14bf3
Open

build(deps): Bump the all group across 1 directory with 6 updates#19
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/all-0d77f14bf3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps the all group with 6 updates in the / directory:

Package From To
multer 2.0.2 2.1.1
ws 8.18.3 8.19.0
electron 39.2.7 41.0.2
nodemon 3.1.11 3.1.14
webpack 5.104.1 5.105.4
jest 30.2.0 30.3.0

Updates multer from 2.0.2 to 2.1.1

Release notes

Sourced from multer's releases.

v2.1.1

Important

What's Changed

New Contributors

Full Changelog: expressjs/multer@v2.1.0...v2.1.1

v2.1.0

Important

What's Changed

New Contributors

Full Changelog: expressjs/multer@v2.0.2...v2.1.0

Changelog

Sourced from multer's changelog.

2.1.1

2.1.0

Commits
  • 368c8a1 2.1.1 (#1380)
  • 7e66481 🐛 fix recursion issue
  • 643571e ✅ add explicit test for client able to send body without abrupt disconnect
  • e86fa52 fix error/abort handling
  • ca37779 chore(deps): bump actions/checkout from 4.1.1 to 6.0.2 (#1374)
  • 13088f4 chore(deps): bump actions/upload-artifact from 4.5.0 to 7.0.0 (#1375)
  • bc6a1d1 chore(deps): bump github/codeql-action from 3.24.7 to 4.32.4 (#1376)
  • c496e93 chore(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#1377)
  • fa173d3 chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (#1378)
  • 17d7f51 chore: add node version to 25.x in CI
  • Additional commits viewable in compare view

Updates ws from 8.18.3 to 8.19.0

Release notes

Sourced from ws's releases.

8.19.0

Features

  • Added the closeTimeout option (#2308).

Bug fixes

  • Handled a forthcoming breaking change in Node.js core (19984854).
Commits
  • 61349ec [dist] 8.19.0
  • 3f9ffc6 [feature] Introduce the closeTimeout option (#2308)
  • 1998485 [fix] Ensure all remaining data is read as a single chunk
  • 726c373 [doc] Sort options alphabetically
  • b151f1e [ci] Update actions/checkout action to v6
  • dabdd5b [ci] Update actions/setup-node action to v6
  • 86eac5b [ci] Test on node 25
  • 1891e14 [ci] Update actions/setup-node action to v5
  • aa28c77 [ci] Update actions/checkout action to v5
  • See full diff in compare view

Updates electron from 39.2.7 to 41.0.2

Release notes

Sourced from electron's releases.

electron v41.0.2

Release Notes for v41.0.2

Other Changes

  • Backported fix for b/491421267. #50234

electron v41.0.1

Release Notes for v41.0.1

Fixes

  • Fixed an issue on macOS where calling autoUpdater.quitAndInstall() could fail if checkForUpdates() was called again after an update was already downloaded. #50217 (Also in 39, 40)
  • Fixed an issue where traffic light buttons would flash at position (0,0) when restoring a window with a custom trafficLightPosition from minimization on macOS. #50209 (Also in 39, 40)
  • Fixed bug where opening a message box immediately upon closing a child window may cause the parent window to freeze on Windows. #50191 (Also in 39, 40)

Other Changes

  • Updated Chromium to 146.0.7680.72. #50196

electron v41.0.0

Release Notes for v41.0.0

Stack Upgrades

Breaking Changes

  • Fixed an issue where cookie changed events weren't properly emitted in all cases. #49631

For breaking changes inherited via Chromium, see blog post

Features

Additions

  • Added --disable-geolocation command-line flag for macOS apps to disable location services. #45934
  • Added NV12 support for import shared texture. #48922 (Also in 40)
  • Added webContents.getOrCreateDevToolsTargetId(). #50176
  • Added a disclaim option to the UtilityProcess API to allow for TCC disclaiming on macOS. #49693 (Also in 39, 40)
  • Added a reason property to the Notification 'closed' event on Windows to allow developers to know the reason the Notification was dismissed. #50029 (Also in 40)
  • Added additional defence against privileged user modifications to ASAR Integrity protected applications on macOS. #48587
  • Added an usePrinterDefaultPageSize option to webContents.print() to allow using the printer's default page size. #49812
  • Added bypassCustomProtocolHandlers option to net.request. #47331 (Also in 38, 39, 40)
  • Added support for MSIX auto-updating. #49586 (Also in 39, 40)
  • Added support for WebSocket authentication through the login event on webContents. #48512 (Also in 39, 40)
  • Added support for --experimental-transform-types. #49882 (Also in 39, 40)
  • Added support for long-animation-frame script attribution (via --enable-features=AlwaysLogLOAFURL). #49773 (Also in 39, 40)

... (truncated)

Commits
  • 42d7f27 chore: cherry-pick d5b0cb2acffe from v8 (#50233)
  • 61b4c6b chore: cherry-pick 248acd90d9a3 from skia (#50234)
  • b9ca211 ci: add timeout to test step (#50206)
  • 2396024 fix: preserve staged update dir when pruning orphaned updates on macOS (#50217)
  • 6d29863 fix: prevent traffic light buttons flashing on deminiaturize (#50209)
  • 01b99cd docs: document Wayland frameless window shadow behaviour (#50195)
  • a8f64f6 chore: bump chromium to 146.0.7680.72 (41-x-y) (#50196)
  • ca1b77d fix: don't call TaskDialogIndirect with disabled parent windows (#50191)
  • 3678edf feat: WebContents.getOrCreateDevToolsTargetId() (#50176)
  • cb4d31a fix: bind offscreen paint callback to child WebContents (#50152)
  • Additional commits viewable in compare view

Updates nodemon from 3.1.11 to 3.1.14

Release notes

Sourced from nodemon's releases.

v3.1.14

3.1.14 (2026-02-20)

Bug Fixes

v3.1.13

3.1.13 (2026-02-19)

Bug Fixes

  • TypeScript definition for 'restart' args (5c03715), closes #2265

v3.1.12

3.1.12 (2026-02-19)

Bug Fixes

Commits
  • cfebe2f fix: get watch working on windows
  • f34bfa9 chore: fix release to run after tests
  • 5c03715 fix: TypeScript definition for 'restart' args
  • 28de4b7 chore: semver-release wanted 22-24 🤦
  • 6217164 chore: move release workflow to node 20
  • 2c458de chore: bump semver-release + update workflow
  • 9376af3 fix: bump minimatch
  • e045423 chore: website
  • f7a4edd chore: website
  • f26223f chore: website
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nodemon since your current version.


Updates webpack from 5.104.1 to 5.105.4

Release notes

Sourced from webpack's releases.

v5.105.4

Patch Changes

  • Add Module.getSourceBasicTypes to distinguish basic source types and clarify how modules with non-basic source types like remote still produce JavaScript output. (by @​xiaoxiaojx in #20546)

  • Handle createRequire in expressions. (by @​alexander-akait in #20549)

  • Fixed types for multi stats. (by @​alexander-akait in #20556)

  • Remove empty needless js output for normal css module. (by @​JSerFeng in #20162)

  • Update enhanced-resolve to support new features for tsconfig.json. (by @​alexander-akait in #20555)

  • Narrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like "x" in ns. (by @​hai-x in #20561)

v5.105.3

Patch Changes

  • Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

  • Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

  • Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

  • Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

  • Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

  • Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

  • Fix some types. (by @​alexander-akait in #20412)

  • Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

  • Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

  • Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

  • Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

  • Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

v5.105.2

Patch Changes

v5.105.1

Patch Changes

... (truncated)

Changelog

Sourced from webpack's changelog.

5.105.4

Patch Changes

  • Add Module.getSourceBasicTypes to distinguish basic source types and clarify how modules with non-basic source types like remote still produce JavaScript output. (by @​xiaoxiaojx in #20546)

  • Handle createRequire in expressions. (by @​alexander-akait in #20549)

  • Fixed types for multi stats. (by @​alexander-akait in #20556)

  • Remove empty needless js output for normal css module. (by @​JSerFeng in #20162)

  • Update enhanced-resolve to support new features for tsconfig.json. (by @​alexander-akait in #20555)

  • Narrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like "x" in ns. (by @​hai-x in #20561)

5.105.3

Patch Changes

  • Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

  • Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

  • Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

  • Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

  • Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

  • Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

  • Fix some types. (by @​alexander-akait in #20412)

  • Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

  • Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

  • Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

  • Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

  • Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

5.105.2

Patch Changes

... (truncated)

Commits
  • 27c13b4 chore(release): new release (#20550)
  • 9b2f41e chore: bump terser plugin (#20569)
  • eafe060 fix: narrow the export presence guard detection (#20561)
  • 75d605c refactor: add AppendOnlyStackedSet iteration support and tests (#20560)
  • afa607d refactor: remove unused code (#20562)
  • 4098902 test: add source files for web-webworker and web-webworker-auto-public-path (...
  • f97be67 refactor: fix duplicated word in Compilation JSDoc (#20547)
  • 9d76fff refactor: add Module.getSourceBasicTypes for basic JS type detection (#20546)
  • a3d7839 fix: types for multi stats (#20556)
  • b8e9b05 fix: update enhanced-resolve to support new features for tsconfig.json (#...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.


Updates jest from 30.2.0 to 30.3.0

Release notes

Sourced from jest's releases.

v30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)
Changelog

Sourced from jest's changelog.

30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): Bump the all group across 1 directory with 6 updates
5645cde 
Bumps the all group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [multer](https://github.com/expressjs/multer) | `2.0.2` | `2.1.1` |
| [ws](https://github.com/websockets/ws) | `8.18.3` | `8.19.0` |
| [electron](https://github.com/electron/electron) | `39.2.7` | `41.0.2` |
| [nodemon](https://github.com/remy/nodemon) | `3.1.11` | `3.1.14` |
| [webpack](https://github.com/webpack/webpack) | `5.104.1` | `5.105.4` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.2.0` | `30.3.0` |



Updates `multer` from 2.0.2 to 2.1.1
- [Release notes](https://github.com/expressjs/multer/releases)
- [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md)
- [Commits](expressjs/multer@v2.0.2...v2.1.1)

Updates `ws` from 8.18.3 to 8.19.0
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@8.18.3...8.19.0)

Updates `electron` from 39.2.7 to 41.0.2
- [Release notes](https://github.com/electron/electron/releases)
- [Commits](electron/electron@v39.2.7...v41.0.2)

Updates `nodemon` from 3.1.11 to 3.1.14
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](remy/nodemon@v3.1.11...v3.1.14)

Updates `webpack` from 5.104.1 to 5.105.4
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.104.1...v5.105.4)

Updates `jest` from 30.2.0 to 30.3.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest)

---
updated-dependencies:
- dependency-name: multer
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: ws
  dependency-version: 8.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: electron
  dependency-version: 41.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all
- dependency-name: nodemon
  dependency-version: 3.1.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: webpack
  dependency-version: 5.105.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: jest
  dependency-version: 30.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants