Skip to content

deps: bump the all-dependencies group across 1 directory with 7 updates#385

Merged
HardlyDifficult merged 4 commits into
mainfrom
dependabot/npm_and_yarn/all-dependencies-5d0e508624
Jul 13, 2026
Merged

deps: bump the all-dependencies group across 1 directory with 7 updates#385
HardlyDifficult merged 4 commits into
mainfrom
dependabot/npm_and_yarn/all-dependencies-5d0e508624

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Refreshes the compatible subset of the weekly dependency group on top of the current main branch.

Package From To
axios 1.18.0 1.18.1
@types/node 25.9.3 26.1.0
@typescript-eslint/eslint-plugin 8.61.0 8.62.1
@typescript-eslint/parser 8.61.0 8.62.1
markdownlint-cli 0.48.0 0.49.0
npm-package-json-lint 10.4.0 10.4.1
tsx 4.22.4 4.23.0

Three proposed major/tooling updates are intentionally deferred:

  • typescript@6 conflicts with openapi-typescript@7.13.0's typescript@^5.x peer. The SDK's production typecheck already uses the separate typescript-7 alias.
  • eslint@10 conflicts with eslint-plugin-import@2.32.0, which supports ESLint through 9.
  • prettier@3.9 changes formatting across the existing source tree and should land with that mechanical churn separately.

The newer TypeScript-ESLint rules also exposed and removed redundant casts and converted type-only imports.

Local validation:

  • clean npm install and dependency tree
  • npm run build
  • npm run lint
  • 75 unit suites / 1,001 tests
  • npm run check:package-artifacts
  • formatting and lint checks on every changed file

The provisioned CN Quickstart integration suite remains the GitHub CI end-to-end gate.

Summary by CodeRabbit

  • Bug Fixes

    • Improved request/response logging behavior for sanitized requests.
  • Maintenance

    • Updated application and development tooling packages.
    • Refined local development command organization.
  • Tests

    • Improved integration coverage for ledger traffic costs and participant IDs.
    • Strengthened compile-time validation for Scan API metadata handling.

Bumps the all-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.18.0` | `1.18.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.9.3` | `26.1.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.61.0` | `8.62.1` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.61.0` | `8.62.1` |
| [eslint](https://github.com/eslint/eslint) | `9.39.2` | `10.6.0` |
| [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) | `0.48.0` | `0.49.0` |
| [npm-package-json-lint](https://github.com/tclindner/npm-package-json-lint) | `10.4.0` | `10.4.1` |
| [prettier](https://github.com/prettier/prettier) | `3.8.4` | `3.9.4` |
| [tsx](https://github.com/privatenumber/tsx) | `4.22.4` | `4.23.0` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |



Updates `axios` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.18.0...v1.18.1)

Updates `@types/node` from 25.9.3 to 26.1.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 8.61.0 to 8.62.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.61.0 to 8.62.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/parser)

Updates `eslint` from 9.39.2 to 10.6.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.2...v10.6.0)

Updates `markdownlint-cli` from 0.48.0 to 0.49.0
- [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases)
- [Commits](igorshubovych/markdownlint-cli@v0.48.0...v0.49.0)

Updates `npm-package-json-lint` from 10.4.0 to 10.4.1
- [Release notes](https://github.com/tclindner/npm-package-json-lint/releases)
- [Changelog](https://github.com/tclindner/npm-package-json-lint/blob/master/CHANGELOG.md)
- [Commits](tclindner/npm-package-json-lint@v10.4.0...v10.4.1)

Updates `prettier` from 3.8.4 to 3.9.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.4...3.9.4)

Updates `tsx` from 4.22.4 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.22.4...v4.23.0)

Updates `typescript` from 5.9.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.3)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@types/node"
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.62.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.62.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: markdownlint-cli
  dependency-version: 0.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: npm-package-json-lint
  dependency-version: 10.4.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: prettier
  dependency-version: 3.9.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: tsx
  dependency-version: 4.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 13, 2026
@socket-security

socket-security Bot commented Jul 13, 2026

Copy link
Copy Markdown

@HardlyDifficult HardlyDifficult marked this pull request as draft July 13, 2026 21:22
@claude

claude Bot commented Jul 13, 2026

Copy link
Copy Markdown

Claude encountered an error —— View job


I'll analyze this and get back to you.

@HardlyDifficult HardlyDifficult changed the title deps: bump the all-dependencies group across 1 directory with 10 updates deps: bump the all-dependencies group across 1 directory with 7 updates Jul 13, 2026
@HardlyDifficult HardlyDifficult marked this pull request as ready for review July 13, 2026 22:18
@HardlyDifficult HardlyDifficult requested a review from Copilot July 13, 2026 22:19
@HardlyDifficult

Copy link
Copy Markdown
Collaborator

cursor review

@HardlyDifficult

Copy link
Copy Markdown
Collaborator

@coderabbitai review

@cursor

cursor Bot commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bugbot couldn't run

Bugbot is not enabled for your user on this team.

Ask your team administrator to increase your team's hard limit for Bugbot seats or add you to the allowlist in the Cursor dashboard.

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

Review Change Stack

Warning

Review limit reached

@HardlyDifficult, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 42 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 81fc59ac-3834-4895-9564-214a1d1da98d

📥 Commits

Reviewing files that changed from the base of the PR and between 8f7a9be and 74d43bd.

📒 Files selected for processing (1)
  • src/core/logging/ConsoleLogger.ts
📝 Walkthrough

Walkthrough

Updates dependency versions and script ordering, simplifies a logging type check, removes test type-cast workarounds, and converts scan registry metadata imports to type-only imports.

Changes

Maintenance Updates

Layer / File(s) Summary
Package metadata updates
package.json
Reorders localnet scripts and updates axios plus several development dependency versions.
Logging type simplification
src/core/logging/ConsoleLogger.ts
Computes request keys directly from sanitizedRequest without a type cast.
Test and typecheck cleanup
test/integration/localnet/ledger-api/*, test/typecheck/scan-registry-metadata.typecheck.ts
Uses direct typed API calls and completion values in integration tests, and changes scan registry metadata imports to type-only imports.

Estimated code review effort: 2 (Simple) | ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: a root dependency refresh with seven updates.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/npm_and_yarn/all-dependencies-5d0e508624

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates a weekly dependency group and applies small TypeScript/ESLint-driven cleanups across tests and logging, aligning type-only imports and removing redundant casts.

Changes:

  • Bump dependencies in package.json (axios, @types/node, typescript-eslint, markdownlint-cli, npm-package-json-lint, tsx).
  • Refactor test imports/casts to satisfy newer lint/type rules (type-only imports, remove redundant assertions).
  • Minor logging type cleanup in ConsoleLogger.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Show a summary per file
File Description
test/typecheck/scan-registry-metadata.typecheck.ts Converts imports to type-only (but currently breaks typeof usage for zod schema values).
test/integration/localnet/ledger-api/parties.test.ts Removes a redundant cast when calling getParticipantId().
test/integration/localnet/ledger-api/paid-traffic-cost.test.ts Import ordering/formatting cleanup and removes a redundant cast on completions response.
src/core/logging/ConsoleLogger.ts Removes an unnecessary cast in Object.keys usage (but currently needs proper narrowing).
package.json Dependency version bumps and minor script ordering change.

Comment thread test/typecheck/scan-registry-metadata.typecheck.ts
Comment thread test/typecheck/scan-registry-metadata.typecheck.ts
Comment thread src/core/logging/ConsoleLogger.ts Outdated
@HardlyDifficult HardlyDifficult marked this pull request as draft July 13, 2026 22:22
@claude

claude Bot commented Jul 13, 2026

Copy link
Copy Markdown

Claude encountered an error —— View job


I'll analyze this and get back to you.

@HardlyDifficult HardlyDifficult marked this pull request as ready for review July 13, 2026 22:36
@HardlyDifficult HardlyDifficult requested a review from Copilot July 13, 2026 22:36
@HardlyDifficult

Copy link
Copy Markdown
Collaborator

@coderabbitai review

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown
✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@HardlyDifficult HardlyDifficult merged commit fa34831 into main Jul 13, 2026
15 checks passed
@HardlyDifficult HardlyDifficult deleted the dependabot/npm_and_yarn/all-dependencies-5d0e508624 branch July 13, 2026 22:37

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated no new comments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants