Skip to content

chore: Bump the npm_and_yarn group across 9 directories with 30 updates #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dependabot wants to merge 1 commit into from
Closed

chore: Bump the npm_and_yarn group across 9 directories with 30 updates #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
"eslint-plugin-prettier": "^4.0.0",
"eslint-plugin-react": "^7.27.1",
"formdata-polyfill": "^4.0.10",
"gh-pages": "^3.2.3",
"gh-pages": "^5.0.0",
"har-validator": "^5.1.3",
"husky": "^7.0.4",
"jest": "^27.3.1",
Expand All @@ -85,7 +85,7 @@
"npm-run-all": "^4.1.5",
"prettier": "^2.5.0",
"rimraf": "^3.0.2",
"rollup": "^1.14.6",
"rollup": "^2.80.0",
"rollup-plugin-alias": "^1.5.2",
"rollup-plugin-babel": "^4.4.0",
"rollup-plugin-commonjs": "^10.1.0",
Expand Down
2 changes: 1 addition & 1 deletion packages/@pollyjs/adapter-fetch/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,6 @@
"@pollyjs/core": "^6.0.5",
"@pollyjs/persister-local-storage": "^6.0.5",
"@pollyjs/persister-rest": "^6.0.5",
"rollup": "^1.14.6"
"rollup": "^2.80.0"
}
}
4 changes: 2 additions & 2 deletions packages/@pollyjs/adapter-node-http/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@
"@pollyjs/persister-fs": "^6.0.5",
"form-data": "^4.0.0",
"get-stream": "^6.0.1",
"node-fetch": "^2.6.6",
"rollup": "^1.14.6"
"node-fetch": "^3.3.2",
Copy link
Copy Markdown

@cursor cursor bot Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

node-fetch major version bump breaks ESM compatibility

High Severity

The PR description states node-fetch is bumped from 2.6.6 to 2.6.7 (a security patch), but adapter-node-http and adapter-puppeteer are instead bumped to ^3.3.2 — a major version change. node-fetch v3 is ESM-only and has breaking API changes. Both packages import { Response } from 'node-fetch' in test files processed through the rollup/babel CommonJS build pipeline, which will break.

Additional Locations (1)

Fix in Cursor Fix in Web

"rollup": "^4.59.0"
}
}
4 changes: 2 additions & 2 deletions packages/@pollyjs/adapter-puppeteer/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,8 @@
"devDependencies": {
"@pollyjs/core": "^6.0.5",
"@pollyjs/persister-fs": "^6.0.5",
"node-fetch": "^2.6.6",
"node-fetch": "^3.3.2",
"puppeteer": "1.10.0",
"rollup": "^1.14.6"
"rollup": "^4.59.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/adapter-xhr/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,6 @@
"devDependencies": {
"@pollyjs/core": "^6.0.5",
"@pollyjs/persister-rest": "^6.0.5",
"rollup": "^1.14.6"
"rollup": "^2.80.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/adapter/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,6 @@
"@pollyjs/utils": "^6.0.1"
},
"devDependencies": {
"rollup": "^1.14.6"
"rollup": "^4.59.0"
Copy link
Copy Markdown

@cursor cursor bot Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rollup v4 incompatible with legacy build plugins

High Severity

Several packages are bumped to rollup ^4.59.0 while the PR describes a bump to 2.80.0. The shared rollup configs in scripts/rollup/ use legacy plugins (rollup-plugin-json, rollup-plugin-babel, rollup-plugin-commonjs, rollup-plugin-node-resolve, rollup-plugin-terser) that are incompatible with Rollup 4.x, which requires the @rollup/plugin-* scoped replacements. Builds for all affected packages will fail.

Additional Locations (2)

Fix in Cursor Fix in Web

}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/cli/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
"devDependencies": {
"npm-run-all": "^4.1.5",
"rimraf": "^3.0.2",
"rollup": "^1.14.6"
"rollup": "^4.59.0"
},
"bin": {
"polly": "./bin/cli.js"
Expand Down
2 changes: 1 addition & 1 deletion packages/@pollyjs/core/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,6 @@
"devDependencies": {
"@pollyjs/adapter": "^6.0.4",
"@pollyjs/persister": "^6.0.5",
"rollup": "^1.14.6"
"rollup": "^4.59.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/node-server/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,6 @@
"nocache": "^3.0.1"
},
"devDependencies": {
"rollup": "^1.14.6"
"rollup": "^2.80.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/persister-fs/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,6 @@
"devDependencies": {
"fixturify": "^2.1.1",
"rimraf": "^3.0.2",
"rollup": "^1.14.6"
"rollup": "^2.80.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/persister-in-memory/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,6 @@
"@pollyjs/persister": "^6.0.5"
},
"devDependencies": {
"rollup": "^1.14.6"
"rollup": "^4.59.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/persister-local-storage/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,6 @@
"@pollyjs/persister": "^6.0.5"
},
"devDependencies": {
"rollup": "^1.14.6"
"rollup": "^2.80.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/persister-rest/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,6 @@
"@pollyjs/utils": "^6.0.1"
},
"devDependencies": {
"rollup": "^1.14.6"
"rollup": "^4.59.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/persister/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,6 @@
},
"devDependencies": {
"har-validator": "^5.1.5",
"rollup": "^1.14.6"
"rollup": "^4.59.0"
}
}
2 changes: 1 addition & 1 deletion packages/@pollyjs/utils/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,6 @@
"url-parse": "^1.5.3"
},
"devDependencies": {
"rollup": "^1.14.6"
"rollup": "^2.80.0"
}
}
Loading