Skip to content

chore(deps): bump the all-dependencies group across 1 directory with 19 updates#59

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/all-dependencies-4fc2e9fdad
Open

chore(deps): bump the all-dependencies group across 1 directory with 19 updates#59
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/all-dependencies-4fc2e9fdad

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-dependencies group with 18 updates in the / directory:

Package From To
@anthropic-ai/claude-code 2.1.63 2.1.144
@openai/codex 0.106.0 0.131.0
better-sqlite3 12.6.2 12.10.0
ink 6.8.0 7.0.3
react 19.2.4 19.2.6
@types/react 19.2.14 19.2.15
@eslint/js 9.39.3 10.0.1
@types/node 25.3.3 25.9.1
@vitest/ui 4.0.18 4.1.6
eslint 9.39.3 10.4.0
eslint-plugin-import-x 4.16.1 4.16.2
eslint-plugin-n 17.24.0 18.0.1
eslint-plugin-react-hooks 5.2.0 7.1.1
jest 30.2.0 30.4.2
ts-jest 29.4.6 29.4.10
tsx 4.21.0 4.22.3
typescript 5.9.3 6.0.3
typescript-eslint 8.56.1 8.59.4

Updates @anthropic-ai/claude-code from 2.1.63 to 2.1.144

Release notes

Sourced from @​anthropic-ai/claude-code's releases.

v2.1.144

What's changed

  • Added /resume support for background sessions — sessions started via claude --bg or agent view now appear alongside interactive ones, marked with bg
  • Added elapsed duration to background subagent completion notifications (e.g. "Agent completed · 3h 2m 5s")
  • The /plugin browse and discover panes now show when a plugin was last updated
  • /model now changes the model for the current session only; press d in the model picker to set a default for new sessions
  • Renamed "extra usage" to "usage credits" across CLI copy; /extra-usage is now /usage-credits (old name still works)
  • Fixed startup hanging up to 75s when api.anthropic.com is unreachable (captive portal, firewall, VPN issues) — side-channel API calls now time out after 15s
  • Fixed garbled terminal output after a missed window-resize event (e.g. dragging a VS Code split-pane divider) — now self-heals on the next frame instead of requiring Ctrl+L
  • Fixed progressive terminal display corruption (stale/garbled glyphs) that could appear in very long sessions and only cleared on terminal resize or restart
  • Reduced terminal rendering glitches in VS Code by reducing spinner animation color count
  • Fixed macOS background sessions crashing with "exit 1 before init" when the project lives under a Full Disk Access-protected folder (regression in 2.1.143)
  • Fixed an unrecoverable conversation when reading a file whose image extension doesn't match its contents (e.g. HTML saved as .png) — now falls back to text
  • Fewer spurious tool errors during search: head/tail file views now satisfy the read-before-edit check, and a "no matches" result (exit code 1) from egrep, fgrep, git grep, or git diff is no longer reported as a command failure
  • Fixed /branch failing with "No conversation to branch" after entering a worktree or in some background sessions
  • Fixed pressing Escape in the AskUserQuestion notes field aborting the turn instead of returning to answer selection
  • Fixed model selection not applying when changed via the IDE model picker or applyFlagSettings after startup
  • Resumed sessions now keep the model they were using instead of picking up another session's /model choice
  • Fixed Bedrock and Vertex users unable to select "Opus (1M context)" from the /model picker (regression in v2.1.129)
  • Fixed remote-session login failing with "Can't access this organization" for users with forceLoginMethod and forceLoginOrgUUID set
  • Fixed MCP servers with paginated tools/list responses only returning the first page, silently dropping tools
  • Fixed MCP images with unsupported MIME types (e.g. SVG) breaking the conversation — now saved to disk and referenced in the tool result
  • Fixed file descriptor exhaustion when a build runs inside a skill directory — non-.md files no longer trigger skill reloads
  • Fixed session title being generated from plugin monitor output instead of the user's first prompt
  • Fixed Skill tool failing with permission error in headless mode (regression in v2.1.141)
  • Fixed plugins enabled in your own settings showing "not cached" errors after first load on a fresh machine; plugins enabled only by a project's .claude/settings.json now show an actionable claude plugin install hint
  • Fixed claude mcp list silently reporting no servers when .mcp.json can't be parsed (e.g. using VS Code's "servers" key instead of "mcpServers") — now shows configuration errors
  • Fixed background side-queries on custom ANTHROPIC_BASE_URL setups and Bedrock Mantle not using Haiku — now falls back correctly when a first-party API key is configured or no Haiku model is set
  • Fixed scrolling in attached background sessions on Windows — PgUp/PgDn, mouse wheel, and Ctrl+O transcript navigation now work
  • Fixed a crash when closing the terminal while attached to a background session
  • Fixed on Windows, pressing ← in claude agents leaving the list unresponsive to keyboard input
  • Fixed ghost characters at the left edge when switching panes in Agent View on Windows Terminal with CJK content
  • /bg and -detach now preserve directories added via /add-dir
  • Fixed Edit/Write refusing with "background session hasn't isolated its changes yet" right after detaching a session that was already editing in place
  • Fixed claude respawn <id> on a stopped background session showing "stopped" instead of running
  • Fixed /resume picker not showing sessions forked from a background session
  • Fixed opening a session from claude agents or running claude logs <id> hanging when the background service is unresponsive — now times out after 10s with a recovery hint
  • Fixed background Bash tasks spawned by subagents staying "Running" in SDK task panels after the process exits
  • Fixed completed or stopped background sessions briefly failing to wake being permanently marked as a startup crash
  • Fixed markdown links in claude agents attached sessions rendering as plain text instead of clickable hyperlinks
  • Fixed custom spinnerVerbs applying to the post-turn duration message — past-tense built-ins like "Worked for 5s" are restored there
  • claude agents / --bg rejection messages now name the specific gate (non-TTY, env var, or setting) instead of a generic message
  • claude --bg --name <label> now echoes the name in the post-spawn confirmation
  • claude agents: renaming a background session with Ctrl+R now updates the attached session's banner immediately
  • Background session worktree isolation guard now applies for non-git VCS users with WorktreeCreate hooks configured
  • Plugin marketplace add/update now respects CLAUDE_CODE_PLUGIN_PREFER_HTTPS
  • /plugin now returns to the Installed list after enabling, disabling, or uninstalling a plugin
  • /doctor now shows an exec-form example when a command hook is missing the command field
  • Skill-listing truncation is no longer shown as a startup notification — run /doctor for the full breakdown

... (truncated)

Changelog

Sourced from @​anthropic-ai/claude-code's changelog.

2.1.144

  • Added /resume support for background sessions — sessions started via claude --bg or agent view now appear alongside interactive ones, marked with bg
  • Added elapsed duration to background subagent completion notifications (e.g. "Agent completed · 3h 2m 5s")
  • The /plugin browse and discover panes now show when a plugin was last updated
  • /model now changes the model for the current session only; press d in the model picker to set a default for new sessions
  • Renamed "extra usage" to "usage credits" across CLI copy; /extra-usage is now /usage-credits (old name still works)
  • Fixed startup hanging up to 75s when api.anthropic.com is unreachable (captive portal, firewall, VPN issues) — side-channel API calls now time out after 15s
  • Fixed garbled terminal output after a missed window-resize event (e.g. dragging a VS Code split-pane divider) — now self-heals on the next frame instead of requiring Ctrl+L
  • Fixed progressive terminal display corruption (stale/garbled glyphs) that could appear in very long sessions and only cleared on terminal resize or restart
  • Reduced terminal rendering glitches in VS Code by reducing spinner animation color count
  • Fixed macOS background sessions crashing with "exit 1 before init" when the project lives under a Full Disk Access-protected folder (regression in 2.1.143)
  • Fixed an unrecoverable conversation when reading a file whose image extension doesn't match its contents (e.g. HTML saved as .png) — now falls back to text
  • Fewer spurious tool errors during search: head/tail file views now satisfy the read-before-edit check, and a "no matches" result (exit code 1) from egrep, fgrep, git grep, or git diff is no longer reported as a command failure
  • Fixed /branch failing with "No conversation to branch" after entering a worktree or in some background sessions
  • Fixed pressing Escape in the AskUserQuestion notes field aborting the turn instead of returning to answer selection
  • Fixed model selection not applying when changed via the IDE model picker or applyFlagSettings after startup
  • Resumed sessions now keep the model they were using instead of picking up another session's /model choice
  • Fixed Bedrock and Vertex users unable to select "Opus (1M context)" from the /model picker (regression in v2.1.129)
  • Fixed remote-session login failing with "Can't access this organization" for users with forceLoginMethod and forceLoginOrgUUID set
  • Fixed MCP servers with paginated tools/list responses only returning the first page, silently dropping tools
  • Fixed MCP images with unsupported MIME types (e.g. SVG) breaking the conversation — now saved to disk and referenced in the tool result
  • Fixed file descriptor exhaustion when a build runs inside a skill directory — non-.md files no longer trigger skill reloads
  • Fixed session title being generated from plugin monitor output instead of the user's first prompt
  • Fixed Skill tool failing with permission error in headless mode (regression in v2.1.141)
  • Fixed plugins enabled in your own settings showing "not cached" errors after first load on a fresh machine; plugins enabled only by a project's .claude/settings.json now show an actionable claude plugin install hint
  • Fixed claude mcp list silently reporting no servers when .mcp.json can't be parsed (e.g. using VS Code's "servers" key instead of "mcpServers") — now shows configuration errors
  • Fixed background side-queries on custom ANTHROPIC_BASE_URL setups and Bedrock Mantle not using Haiku — now falls back correctly when a first-party API key is configured or no Haiku model is set
  • Fixed scrolling in attached background sessions on Windows — PgUp/PgDn, mouse wheel, and Ctrl+O transcript navigation now work
  • Fixed a crash when closing the terminal while attached to a background session
  • Fixed on Windows, pressing ← in claude agents leaving the list unresponsive to keyboard input
  • Fixed ghost characters at the left edge when switching panes in Agent View on Windows Terminal with CJK content
  • /bg and -detach now preserve directories added via /add-dir
  • Fixed Edit/Write refusing with "background session hasn't isolated its changes yet" right after detaching a session that was already editing in place
  • Fixed claude respawn <id> on a stopped background session showing "stopped" instead of running
  • Fixed /resume picker not showing sessions forked from a background session
  • Fixed opening a session from claude agents or running claude logs <id> hanging when the background service is unresponsive — now times out after 10s with a recovery hint
  • Fixed background Bash tasks spawned by subagents staying "Running" in SDK task panels after the process exits
  • Fixed completed or stopped background sessions briefly failing to wake being permanently marked as a startup crash
  • Fixed markdown links in claude agents attached sessions rendering as plain text instead of clickable hyperlinks
  • Fixed custom spinnerVerbs applying to the post-turn duration message — past-tense built-ins like "Worked for 5s" are restored there
  • claude agents / --bg rejection messages now name the specific gate (non-TTY, env var, or setting) instead of a generic message
  • claude --bg --name <label> now echoes the name in the post-spawn confirmation
  • claude agents: renaming a background session with Ctrl+R now updates the attached session's banner immediately
  • Background session worktree isolation guard now applies for non-git VCS users with WorktreeCreate hooks configured
  • Plugin marketplace add/update now respects CLAUDE_CODE_PLUGIN_PREFER_HTTPS
  • /plugin now returns to the Installed list after enabling, disabling, or uninstalling a plugin
  • /doctor now shows an exec-form example when a command hook is missing the command field
  • Skill-listing truncation is no longer shown as a startup notification — run /doctor for the full breakdown
  • Improved recovery from rare pre-response stream stalls — now retries streaming once instead of falling back to a slower non-streaming request

... (truncated)

Commits
  • 69d7070 chore: Update CHANGELOG.md and feed.xml
  • 2962ecd chore: Update CHANGELOG.md and feed.xml
  • 8bdbb72 chore: Update CHANGELOG.md
  • d61bfb5 chore: Update CHANGELOG.md
  • c571267 chore: Update CHANGELOG.md
  • 6b070c3 chore: Update CHANGELOG.md
  • fdfbc06 chore: Update CHANGELOG.md
  • 831608a chore: Update CHANGELOG.md
  • 33a87ad chore: Update CHANGELOG.md
  • f7ef09f Merge pull request #56784 from anthropics/devsec/pin-actions
  • Additional commits viewable in compare view
Install script changes

This version adds postinstall script that runs during installation. Review the package contents before updating.


Updates @openai/codex from 0.106.0 to 0.131.0

Release notes

Sourced from @​openai/codex's releases.

0.131.0

New Features

  • The TUI now offers richer session controls and display: data-driven service-tier commands, blended token usage, permissions/approval mode, effective workspace roots, and responsive Markdown tables. (#21745, #21906, #21991, #21669, #21677, #22052, #22612)
  • @ mentions now search files, directories, plugins, and skills in one picker, backed by app-server plugin metadata. (#19068, #22375)
  • Plugin workflows gained marketplace CLI commands, version-aware sharing, share checkout, clearer shared-workspace buckets, and default-enabled plugin hooks. (#21396, #22397, #22425, #22435, #22549)
  • Remote workflows now support daemon-managed codex remote-control, runtime enable/disable APIs, status reads, and registry-backed/configured remote environments. (#20718, #22218, #22562, #22578, #22877, #20667, #21323)
  • The Python SDK moved to openai-codex / openai_codex, with pinned runtime-generated types, concurrent turn routing, approval modes, and integration coverage. (#21778, #21891, #21893, #21896, #21905, #21910, #22014)
  • Added codex doctor for support-ready diagnostics across runtime, auth, terminal, network, config, and local state. (#22336)

Bug Fixes

  • Fixed several TUI interaction and rendering issues, including URL wrapping, light-mode selection contrast, Shift+Enter in tmux, /review MCP startup status, /side Esc handling, and network approval history text. (#21760, #21950, #21943, #21624, #22710, #22229)
  • Hardened Windows sandbox behavior around deny-read rules, scoped write roots, ineffective firewall policy, and PowerShell edge cases. (#18202, #21479, #22353, #21400, #22643)
  • Preserved managed read restrictions during permission escalation and cleaned up workspace-root permission profile resolution. (#15977, #22624, #22683)
  • Made app-server and local state startup safer by preserving SQLite data, failing closed when state cannot open, adding recovery paths, and softening optional metadata sync failures. (#21831, #21847, #22580, #22734, #22899)
  • Improved Git and auth reliability by using root worktree hooks consistently, ignoring repo hook/fsmonitor config in helper commands, binding local MCP OAuth callbacks, and revoking superseded login tokens. (#21969, #22843, #22652, #20237, #21747)
  • Reduced remote and Windows cleanup friction with longer exec-server transport timeouts, quieter taskkill cleanup, and non-queued plugin reads. (#21825, #21759, #22058, #22703)

Documentation

  • Clarified that general Codex product docs should not be added to this repo, while app-server API docs remain in scope. (#21772)
  • Updated plugin-creator guidance for the simplified local plugin handoff links. (#22240)
  • Documented new app-server/API contracts for remote environments and the desktop-owned config namespace. (#21323, #22584)

Chores

Changelog

Full Changelog: openai/codex@rust-v0.130.0...rust-v0.131.0

... (truncated)

Commits

Updates better-sqlite3 from 12.6.2 to 12.10.0

Release notes

Sourced from better-sqlite3's releases.

v12.10.0

What's Changed

Full Changelog: WiseLibs/better-sqlite3@v12.9.1...v12.10.0

v12.9.1

⚠️CAUTION: NOT A VIABLE RELEASE

Electron v39+ prebuilds are not building successfully at the moment. Stick to v12.9.0 for now.

What's Changed

New Contributors

Full Changelog: WiseLibs/better-sqlite3@v12.9.0...v12.9.1

v12.9.0

What's Changed

Full Changelog: WiseLibs/better-sqlite3@v12.8.0...v12.9.0

v12.8.0

What's Changed

New Contributors

Why SQLite v3.51.3 instead of v3.52.0

From the SQLite team:

Some important issues have been found with version 3.52.0. In order to give us time to deal with those issues, we plan to withdraw the 3.52.0 release. In its place, we will put up a new 3.51.3 patch release that includes a fix for the recently discovered WAL-reset bug as well as other patches. This will happen probably within about the next twelve hours.

Hence, if you were planning to upgrade to 3.52.0 tomorrow (Friday, 2026-03-14), perhaps it would be better to wait a day or so for 3.51.3.

At some point we will do version 3.52.1 which will hopefully resolve the issues that have arisen with the 3.52.0 release.

... (truncated)

Commits

Updates ink from 6.8.0 to 7.0.3

Release notes

Sourced from ink's releases.

v7.0.3

  • Fix: Drop stale <Static> output from fullStaticOutput on identity change (#950) 669c438
  • Fix: <Static> remount via key change drops new items (#948) be9f44c
  • Fix useBoxMetrics not accepting ref objects with an initial null value (#945) 7c2267c

vadimdemedes/ink@v7.0.2...v7.0.3

v7.0.2

  • Fix: Defer raw mode disable to prevent process hang on component swap dd052ea

vadimdemedes/ink@v7.0.1...v7.0.2

v7.0.1

  • Fix: Restore useApp exit typing 42ddd40
  • Fix: Respect disableFocus() when handling Escape (#937) cb66873

vadimdemedes/ink@v7.0.0...v7.0.1

v7.0.0

Breaking

  • Require Node.js 22 19b5316
  • Require React 19.2+ cfaebbb
    • Ink now uses useEffectEvent internally to avoid re-subscribing input handlers on every render
  • Pressing Backspace now correctly sets key.backspace instead of key.delete (#634) 321a2e8
    • Most terminals send the same byte for Backspace as the Delete key, which caused Ink to misreport it. If you were checking key.delete to handle backspace, switch to key.backspace
  • key.meta is no longer set to true when Escape is pressed e195912
    • Previously a backward-compat shim made plain Escape set both key.escape and key.meta. Now only key.escape is true. key.meta is reserved for actual Alt/Meta modifier combinations

New

  • Add usePaste hook for handling clipboard paste events fbbeb23
    • Automatically enables bracketed paste mode so pasted text arrives as a single string, never misinterpreted as individual key presses by useInput
  • Add useWindowSize hook 7047795
    • Returns {columns, rows} and re-renders automatically on terminal resize
  • Add useBoxMetrics hook for measuring box dimensions at runtime (#433) 88731d1
  • Add useAnimation hook for built-in animation support (#142) ada019c
    • Provides a frame counter that increments at a configurable interval, with pause/resume support and automatic cleanup on unmount
  • Add alternateScreen option to render() (#263) 5a60eb9
    • Renders into the terminal's alternate screen buffer (like vim or less), restoring the previous terminal content on exit
  • Add interactive option to render() (#888) 02490f6
    • Override automatic interactive-mode detection for environments where the built-in heuristic doesn't fit
  • Add activeId to useFocusManager() (#661) eb2f470
    • Returns the ID of the currently focused component, or undefined if nothing is focused

... (truncated)

Commits
  • 3d30345 7.0.3
  • 34a4990 Tweaks
  • 669c438 Fix: Drop stale \<Static> output from fullStaticOutput on identity change (#...
  • be9f44c Fix: <Static> remount via key change drops new items (#948)
  • 7c2267c Fix useBoxMetrics not accepting ref objects with an initial null value (#945)
  • 76d221c Add Deep Code CLI to "Who's Using Ink" section (#944)
  • 1510851 7.0.2
  • dd052ea Fix: Defer raw mode disable to prevent process hang on component swap
  • 79888aa Fix linting errors, warnings (#941)
  • dc48987 7.0.1
  • Additional commits viewable in compare view

Updates react from 19.2.4 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates @types/react from 19.2.14 to 19.2.15

Commits

Updates @eslint/js from 9.39.3 to 10.0.1

Release notes

Sourced from @​eslint/js's releases.

v10.0.1

Bug Fixes

  • c87d5bd fix: update eslint (#20531) (renovate[bot])
  • d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
  • 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
  • 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

  • 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
  • 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
  • b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

  • e5c281f chore: updates for v9.39.3 release (Jenkins)
  • 8c3832a chore: update @​typescript-eslint/parser to ^8.56.0 (#20514) (Milos Djermanovic)
  • 8330d23 test: add tests for config-api (#20493) (Milos Djermanovic)
  • 37d6e91 chore: remove eslint v10 prereleases from eslint-config-eslint deps (#20494) (Milos Djermanovic)
  • da7cd0e refactor: cleanup error message templates (#20479) (Francesco Trotta)
  • 84fb885 chore: package.json update for @​eslint/js release (Jenkins)
  • 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467) (Milos Djermanovic)

v10.0.0

Breaking Changes

  • f9e54f4 feat!: estimate rule-tester failure location (#20420) (ST-DDT)
  • a176319 feat!: replace chalk with styleText and add color to ResultsMeta (#20227) (루밀LuMir)
  • c7046e6 feat!: enable JSX reference tracking (#20152) (Pixel998)
  • fa31a60 feat!: add name to configs (#20015) (Kirk Waiblinger)
  • 3383e7e fix!: remove deprecated SourceCode methods (#20137) (Pixel998)
  • 501abd0 feat!: update dependency minimatch to v10 (#20246) (renovate[bot])
  • ca4d3b4 fix!: stricter rule tester assertions for valid test cases (#20125) (唯然)
  • 96512a6 fix!: Remove deprecated rule context methods (#20086) (Nicholas C. Zakas)
  • c69fdac feat!: remove eslintrc support (#20037) (Francesco Trotta)
  • 208b5cc feat!: Use ScopeManager#addGlobals() (#20132) (Milos Djermanovic)
  • a2ee188 fix!: add uniqueItems: true in no-invalid-regexp option (#20155) (Tanuj Kanti)
  • a89059d feat!: Program range span entire source text (#20133) (Pixel998)
  • 39a6424 fix!: assert 'text' is a string across all RuleFixer methods (#20082) (Pixel998)
  • f28fbf8 fix!: Deprecate "always" and "as-needed" options of the radix rule (#20223) (Milos Djermanovic)
  • aa3fb2b fix!: tighten func-names schema (#20119) (Pixel998)
  • f6c0ed0 feat!: report eslint-env comments as errors (#20128) (Francesco Trotta)
  • 4bf739f fix!: remove deprecated LintMessage#nodeType and TestCaseError#type (#20096) (Pixel998)
  • 523c076 feat!: drop support for jiti < 2.2.0 (#20016) (michael faith)
  • 454a292 feat!: update eslint:recommended configuration (#20210) (Pixel998)
  • 4f880ee feat!: remove v10_* and inactive unstable_* flags (#20225) (sethamus)
  • f18115c feat!: no-shadow-restricted-names report globalThis by default (#20027) (sethamus)
  • c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160) (Milos Djermanovic)

Features

  • bff9091 feat: handle Array.fromAsync in array-callback-return (#20457) (Francesco Trotta)
  • 290c594 feat: add self to no-implied-eval rule (#20468) (sethamus)
  • 43677de feat: fix handling of function and class expression names in no-shadow (#20432) (Milos Djermanovic)

... (truncated)

Commits
  • 84fb885 chore: package.json update for @​eslint/js release
  • 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467)
  • f3fbc2f chore: set @eslint/js version to 10.0.0 to skip releasing it (#20466)
  • b4b3127 chore: package.json update for @​eslint/js release
  • 0b14059 chore: package.json update for @​eslint/js release
  • fa31a60 feat!: add name to configs (#20015)
  • 1e2cad5 chore: package.json update for @​eslint/js release

…19 updates

Bumps the all-dependencies group with 18 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) | `2.1.63` | `2.1.144` |
| [@openai/codex](https://github.com/openai/codex/tree/HEAD/codex-cli) | `0.106.0` | `0.131.0` |
| [better-sqlite3](https://github.com/WiseLibs/better-sqlite3) | `12.6.2` | `12.10.0` |
| [ink](https://github.com/vadimdemedes/ink) | `6.8.0` | `7.0.3` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.6` |
| [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.15` |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.3` | `10.0.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.3.3` | `25.9.1` |
| [@vitest/ui](https://github.com/vitest-dev/vitest/tree/HEAD/packages/ui) | `4.0.18` | `4.1.6` |
| [eslint](https://github.com/eslint/eslint) | `9.39.3` | `10.4.0` |
| [eslint-plugin-import-x](https://github.com/un-ts/eslint-plugin-import-x) | `4.16.1` | `4.16.2` |
| [eslint-plugin-n](https://github.com/eslint-community/eslint-plugin-n) | `17.24.0` | `18.0.1` |
| [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `5.2.0` | `7.1.1` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.2.0` | `30.4.2` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.6` | `29.4.10` |
| [tsx](https://github.com/privatenumber/tsx) | `4.21.0` | `4.22.3` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.3` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.56.1` | `8.59.4` |



Updates `@anthropic-ai/claude-code` from 2.1.63 to 2.1.144
- [Release notes](https://github.com/anthropics/claude-code/releases)
- [Changelog](https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md)
- [Commits](anthropics/claude-code@v2.1.63...v2.1.144)

Updates `@openai/codex` from 0.106.0 to 0.131.0
- [Release notes](https://github.com/openai/codex/releases)
- [Commits](https://github.com/openai/codex/commits/rust-v0.131.0/codex-cli)

Updates `better-sqlite3` from 12.6.2 to 12.10.0
- [Release notes](https://github.com/WiseLibs/better-sqlite3/releases)
- [Commits](WiseLibs/better-sqlite3@v12.6.2...v12.10.0)

Updates `ink` from 6.8.0 to 7.0.3
- [Release notes](https://github.com/vadimdemedes/ink/releases)
- [Commits](vadimdemedes/ink@v6.8.0...v7.0.3)

Updates `react` from 19.2.4 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react)

Updates `@types/react` from 19.2.14 to 19.2.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `@eslint/js` from 9.39.3 to 10.0.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/commits/v10.0.1/packages/js)

Updates `@types/node` from 25.3.3 to 25.9.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@types/react` from 19.2.14 to 19.2.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Updates `@vitest/ui` from 4.0.18 to 4.1.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/ui)

Updates `eslint` from 9.39.3 to 10.4.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.3...v10.4.0)

Updates `eslint-plugin-import-x` from 4.16.1 to 4.16.2
- [Release notes](https://github.com/un-ts/eslint-plugin-import-x/releases)
- [Changelog](https://github.com/un-ts/eslint-plugin-import-x/blob/master/CHANGELOG.md)
- [Commits](un-ts/eslint-plugin-import-x@v4.16.1...v4.16.2)

Updates `eslint-plugin-n` from 17.24.0 to 18.0.1
- [Release notes](https://github.com/eslint-community/eslint-plugin-n/releases)
- [Changelog](https://github.com/eslint-community/eslint-plugin-n/blob/master/CHANGELOG.md)
- [Commits](eslint-community/eslint-plugin-n@v17.24.0...v18.0.1)

Updates `eslint-plugin-react-hooks` from 5.2.0 to 7.1.1
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.1/packages/eslint-plugin-react-hooks)

Updates `jest` from 30.2.0 to 30.4.2
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.4.2/packages/jest)

Updates `ts-jest` from 29.4.6 to 29.4.10
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.4.6...v29.4.10)

Updates `tsx` from 4.21.0 to 4.22.3
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.22.3)

Updates `typescript` from 5.9.3 to 6.0.3
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](microsoft/TypeScript@v5.9.3...v6.0.3)

Updates `typescript-eslint` from 8.56.1 to 8.59.4
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.4/packages/typescript-eslint)

Updates `vitest` from 4.0.18 to 4.1.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/vitest)

---
updated-dependencies:
- dependency-name: "@anthropic-ai/claude-code"
  dependency-version: 2.1.144
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@openai/codex"
  dependency-version: 0.131.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: better-sqlite3
  dependency-version: 12.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: ink
  dependency-version: 7.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: react
  dependency-version: 19.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@types/react"
  dependency-version: 19.2.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@eslint/js"
  dependency-version: 10.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.9.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: "@types/react"
  dependency-version: 19.2.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@vitest/ui"
  dependency-version: 4.1.6
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: eslint
  dependency-version: 10.4.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: eslint-plugin-import-x
  dependency-version: 4.16.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: eslint-plugin-n
  dependency-version: 18.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: eslint-plugin-react-hooks
  dependency-version: 7.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: jest
  dependency-version: 30.4.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: ts-jest
  dependency-version: 29.4.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: tsx
  dependency-version: 4.22.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: typescript-eslint
  dependency-version: 8.59.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: vitest
  dependency-version: 4.1.6
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 19, 2026

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: f29c76e7c7

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread package.json
"commander": "^14.0.3",
"ink": "^6.8.0",
"react": "^19.2.4"
"ink": "^7.0.3",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Keep Ink version compatible with supported Node runtime

Upgrading ink to ^7.0.3 raises the runtime requirement to Node >=22 (as recorded in package-lock.json under node_modules/ink), but this repo still runs CI on Node 20.x (.github/workflows/ci.yml) and documents Node 18+ in README.md. That mismatch means supported environments can fail install/runtime after this dependency bump unless the project’s Node baseline and CI are raised in lockstep.

Useful? React with 👍 / 👎.

Comment thread package.json
"@types/node": "^25.9.1",
"@types/react": "^19.2.15",
"@vitest/ui": "^4.1.6",
"eslint": "^10.4.0",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Pin ESLint to a plugin-supported major version

Bumping eslint to ^10.4.0 while keeping eslint-plugin-react at 7.37.5 introduces a peer-range conflict (eslint-plugin-react only declares support through ^9.7 in package-lock.json), which already produces ERESOLVE overriding peer dependency warnings and can fail installs in strict peer-dependency environments. This should be kept on a compatible ESLint major (or paired with a plugin version that officially supports ESLint 10).

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants