Skip to content

chore(deps): bump the dependencies group with 5 updates#2344

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-f016fb096a
Open

chore(deps): bump the dependencies group with 5 updates#2344
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dependencies-f016fb096a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 5 updates:

Package From To
range-parser 1.2.1 1.3.0
@fastify/express 4.0.6 4.0.7
fastify 5.8.5 5.9.0
prettier 3.8.4 3.9.4
webpack 5.107.2 5.108.3

Updates range-parser from 1.2.1 to 1.3.0

Release notes

Sourced from range-parser's releases.

v1.3.0

Fixed

  • Improve number parsing (#58) eba9c7a
  • Handle invalid start and end byte positions in range parsing (#57) 269cb4e

jshttp/range-parser@v1.2.1...v1.3.0

Commits
  • f4bf173 Clamp a suffix whose length exceeds the representation (#66)
  • b49e00f fix: still show ranges if there are multiple ranges, even if some are invalid...
  • 4f3b091 Remove dependabot config (#60)
  • eba9c7a Improve number parsing (#58)
  • 269cb4e fix: handle invalid start and end byte positions in range parsing (#57)
  • 098e332 build(deps): bump github/codeql-action from 3.31.2 to 4.31.6 (#50)
  • 3599369 build(deps): bump actions/checkout from 3.6.0 to 6.0.0 (#51)
  • 054ea57 build(deps): bump github/codeql-action from 2.23.2 to 4.31.2 (#48)
  • d230b16 build(deps): bump actions/upload-artifact from 3.1.3 to 5.0.0 (#49)
  • 54f84f4 chore: add funding to package.json (#42)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for range-parser since your current version.


Updates @fastify/express from 4.0.6 to 4.0.7

Release notes

Sourced from @​fastify/express's releases.

v4.0.7

⚠️ Security Release

What's Changed

New Contributors

Full Changelog: fastify/fastify-express@v4.0.6...v4.0.7

Commits
  • b40dfd4 Bumped v4.0.7
  • 7be7196 Merge commit from fork
  • c6c8f20 chore: replace http with https in urls (#196)
  • 7eed1b1 chore(package.json): fix delvedor's personal url
  • 04ac488 chore: bump fastify-plugin from 5.1.0 to 6.0.0 in the dependencies group (#194)
  • 087f1b2 chore: update depedabot setting
  • See full diff in compare view

Updates fastify from 5.8.5 to 5.9.0

Release notes

Sourced from fastify's releases.

v5.9.0

What's Changed

... (truncated)

Commits
  • 2e45a44 Bumped v5.9.0
  • 630715d docs(types): mark request metadata accessors as untrusted input (#6572)
  • ff993e8 docs: update Serverless guide Dockerfile to a supported Node.js version (#6789)
  • 458f104 docs: fix incorrect code examples in Hooks and Server reference (#6622)
  • ea454d0 docs: add warning about empty string coercion with nullable types (#6452)
  • 121895b docs: migrate Zod type provider to official @​fastify package (#6686)
  • cc8d9a3 fix: make hasRequestDecorator/hasReplyDecorator recognize constructor-assigne...
  • 6e6be15 chore: Bump actions/checkout from 6 to 7 (#6812)
  • 88bf134 chore: add new sponsor (#6813)
  • fabd964 chore: replace http with https in urls (#6809)
  • Additional commits viewable in compare view

Updates prettier from 3.8.4 to 3.9.4

Release notes

Sourced from prettier's releases.

3.9.4

  • Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

🔗 Changelog

3.9.3

🔗 Changelog

3.9.1

🔗 Changelog

3.9.0

diff

🔗 Prettier 3.9: Major parser upgrades and Formatting improvements

3.8.5

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.9.4

diff

Angular: Format @content(name) -> @content (name) to align with other block syntax (#19499 by @​fisker)

<!-- Input -->
<FancyButton [label]="title">
  @content (icon) {
    <span>Icon!</span>
  }
  @content (description) {
    <span>Description text</span>
  }
  <span>Other children</span>
</FancyButton>
<!-- Prettier 3.9.3 -->
<FancyButton [label]="title">
@​content(icon) {
<span>Icon!</span>
}
@​content(description) {
<span>Description text</span>
}
<span>Other children</span>
</FancyButton>
<!-- Prettier 3.9.4 -->
<FancyButton [label]="title">
@​content (icon) {
<span>Icon!</span>
}
@​content (description) {
<span>Description text</span>
}
<span>Other children</span>
</FancyButton>

3.9.3

diff

Markdown: Fix unexpected removal of characters in liquid syntax (#19489 by @​seiyab)

</tr></table> 

... (truncated)

Commits
  • b693cb2 Release 3.9.4
  • 2e92ac0 Angular: Format @content(name) -> @content (name) to align with other blo...
  • abed2c2 Bump Prettier dependency to 3.9.3
  • 6cfbc00 Clean changelog_unreleased
  • 3732e1d Release 3.9.3
  • a74a7b0 Allow decorators to be used with declare on class fields (#19492)
  • bd9e11a Correct text identification in liquid syntax (#19489)
  • 269eee3 Bump Prettier dependency to 3.9.1
  • ec7ccd1 Clean changelog_unreleased
  • c47654c Release 3.9.1
  • Additional commits viewable in compare view

Updates webpack from 5.107.2 to 5.108.3

Release notes

Sourced from webpack's releases.

v5.108.3

Patch Changes

v5.108.2

Patch Changes

v5.108.1

Patch Changes

  • Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

  • Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

v5.108.0

Minor Changes

  • Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

  • Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

  • Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

  • Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

  • CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

  • Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

  • Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

  • Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

  • Add defineConfig helper for typed configuration files. (by @​alexander-akait in #21169)

  • Add a deno target (with versions, e.g. deno, deno2, deno1.40) that emits ESM, resolves node.js built-ins via the required node: specifier, and keeps Deno's own import protocols (npm:, jsr:, node:, http(s)://) external. (by @​alexander-akait in #21247)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.108.3

Patch Changes

5.108.2

Patch Changes

5.108.1

Patch Changes

  • Fix invalid property access for escaped namespace imports with multi-character mangled export names. (by @​xiaoxiaojx in #21280)

  • Add frames to ProfilingPlugin TracingStartedInBrowser event so the trace loads in Chrome DevTools. (by @​alexander-akait in #21269)

5.108.0

Minor Changes

  • Treat top-level await and import.meta as ES module markers, matching Node.js syntax detection so no explicit module type is needed. (by @​alexander-akait in #21218)

  • Add a bun target that emits ESM and externalizes bun:* and node.js built-in modules. (by @​alexander-akait in #21248)

  • Support CommonJS reexports via Object.defineProperty value and getter descriptors. (by @​alexander-akait in #21129)

  • Support JSON Schema const when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Support JSON Schema if/then/else when generating CLI flags from a schema. (by @​alexander-akait in #21087)

  • Skip import specifiers, require() and import() calls in dead conditional branches gated by inlined imported constants (isDEV ? A : B), evaluated via getCondition. (by @​hai-x in #21136)

  • CSS localIdentName [hash] now resolves to the local ident hash (matching css-loader); use [modulehash] for the module hash. (by @​alexander-akait in #21259)

  • Add CSS parser as option and resolve url() inside HTML style attributes. (by @​alexander-akait in #21157)

  • Add dedicated module classes for all built-in module types. (by @​alexander-akait in #21164)

  • Support .html/.css for the default ./src entry under the html/css experiments. (by @​alexander-akait in #21039)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [range-parser](https://github.com/jshttp/range-parser) | `1.2.1` | `1.3.0` |
| [@fastify/express](https://github.com/fastify/fastify-express) | `4.0.6` | `4.0.7` |
| [fastify](https://github.com/fastify/fastify) | `5.8.5` | `5.9.0` |
| [prettier](https://github.com/prettier/prettier) | `3.8.4` | `3.9.4` |
| [webpack](https://github.com/webpack/webpack) | `5.107.2` | `5.108.3` |


Updates `range-parser` from 1.2.1 to 1.3.0
- [Release notes](https://github.com/jshttp/range-parser/releases)
- [Changelog](https://github.com/jshttp/range-parser/blob/master/HISTORY.md)
- [Commits](jshttp/range-parser@v1.2.1...v1.3.0)

Updates `@fastify/express` from 4.0.6 to 4.0.7
- [Release notes](https://github.com/fastify/fastify-express/releases)
- [Commits](fastify/fastify-express@v4.0.6...v4.0.7)

Updates `fastify` from 5.8.5 to 5.9.0
- [Release notes](https://github.com/fastify/fastify/releases)
- [Commits](fastify/fastify@v5.8.5...v5.9.0)

Updates `prettier` from 3.8.4 to 3.9.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.4...3.9.4)

Updates `webpack` from 5.107.2 to 5.108.3
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.107.2...v5.108.3)

---
updated-dependencies:
- dependency-name: range-parser
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: "@fastify/express"
  dependency-version: 4.0.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: fastify
  dependency-version: 5.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: prettier
  dependency-version: 3.9.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: webpack
  dependency-version: 5.108.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 1, 2026
@changeset-bot

changeset-bot Bot commented Jul 1, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: e57238f

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@webpack webpack Bot enabled auto-merge (squash) July 1, 2026 10:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants