chore(deps-dev): bump the dev-deps group across 1 directory with 8 updates#177
Closed
dependabot[bot] wants to merge 1 commit into
Closed
chore(deps-dev): bump the dev-deps group across 1 directory with 8 updates#177dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
…dates Bumps the dev-deps group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@playwright/test](https://github.com/microsoft/playwright) | `1.59.1` | `1.60.0` | | [@sveltejs/vite-plugin-svelte](https://github.com/sveltejs/vite-plugin-svelte/tree/HEAD/packages/vite-plugin-svelte) | `7.0.0` | `7.1.2` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.7.0` | | [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.5` | `4.1.6` | | [jsdom](https://github.com/jsdom/jsdom) | `29.0.2` | `29.1.1` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `16.4.0` | `17.0.4` | | [svelte-check](https://github.com/sveltejs/language-tools) | `4.4.6` | `4.4.8` | Updates `@playwright/test` from 1.59.1 to 1.60.0 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.59.1...v1.60.0) Updates `@sveltejs/vite-plugin-svelte` from 7.0.0 to 7.1.2 - [Release notes](https://github.com/sveltejs/vite-plugin-svelte/releases) - [Changelog](https://github.com/sveltejs/vite-plugin-svelte/blob/main/packages/vite-plugin-svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/vite-plugin-svelte/commits/@sveltejs/vite-plugin-svelte@7.1.2/packages/vite-plugin-svelte) Updates `@types/node` from 25.6.0 to 25.7.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitest/coverage-v8` from 4.1.5 to 4.1.6 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/coverage-v8) Updates `jsdom` from 29.0.2 to 29.1.1 - [Release notes](https://github.com/jsdom/jsdom/releases) - [Commits](jsdom/jsdom@v29.0.2...v29.1.1) Updates `lint-staged` from 16.4.0 to 17.0.4 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v16.4.0...v17.0.4) Updates `svelte-check` from 4.4.6 to 4.4.8 - [Release notes](https://github.com/sveltejs/language-tools/releases) - [Commits](https://github.com/sveltejs/language-tools/compare/svelte-check@4.4.6...svelte-check@4.4.8) Updates `vitest` from 4.1.5 to 4.1.6 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.6/packages/vitest) --- updated-dependencies: - dependency-name: "@playwright/test" dependency-version: 1.60.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: "@sveltejs/vite-plugin-svelte" dependency-version: 7.1.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: "@types/node" dependency-version: 25.7.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: "@vitest/coverage-v8" dependency-version: 4.1.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: jsdom dependency-version: 29.1.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-deps - dependency-name: lint-staged dependency-version: 17.0.4 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-deps - dependency-name: svelte-check dependency-version: 4.4.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps - dependency-name: vitest dependency-version: 4.1.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-deps ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
dependabot
Bot
added
dependencies
23 tasks
Owner
|
Superseded by #189 which consolidates this bump into a single SDK 1.0.0-beta.8 upgrade + dependabot sweep. |
Contributor
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
devartifex
added a commit
that referenced
this pull request
May 28, 2026
…on support (#189) * feat(sdk): upgrade to @github/copilot-sdk 1.0.0-beta.8 + remote sessions Consolidates 9 dependabot PRs and migrates to the latest beta SDK so we can expose cloud / remote-session control (the feature behind 'copilot --remote' / '/remote' in the official CLI). Dependency bumps - @github/copilot-sdk 0.2.2 -> 1.0.0-beta.8 (pinned exact; beta API) - @sveltejs/kit ^2.57.1 -> ^2.61.1 - svelte ^5.55.4 -> ^5.55.9 - vite ^8.0.8 -> ^8.0.14, ws ^8.18 -> ^8.21 - dompurify ^3.4 -> ^3.4.7, marked ^18.0.2 -> ^18.0.4 - dev-deps group: @playwright/test, vite-plugin-svelte, @types/node, @vitest/coverage-v8, jsdom, lint-staged, svelte-check SDK breaking-change migration - CopilotClient now takes a RuntimeConnection (forStdio/forUri/forTcp) - githubToken -> gitHubToken; cwd -> workingDirectory - COPILOT_HOME env -> baseDirectory option - SystemPromptSection -> SystemMessageSection - onPermissionRequest optional; getQuota({}) takes params object - hook input shapes: timestamp is Date; cwd dropped from session/error hooks; workingDirectory required on Pre/Post tool hook inputs - session-fs.ts removed (runtime writes session-state under baseDirectory) New SDK features wired in (all unit tested) - Per-session remoteSession mode (off | export | on), threaded through CreateSessionOptions and the WS new-session handler; persisted setting field added (default off). - Cloud sessions REST wrapper (cloud-sessions.ts) talking to api.individual.githubcopilot.com/agents/sessions (the same endpoint the official CLI uses for the remote-sessions view), with timeout + graceful error handling. - New GET /api/sessions/remote returns authenticated user's cloud sessions (passes through 401/403, 502 on other upstream errors). - New GET /api/sessions/last using client.getLastSessionId() + getSessionMetadata() for one-tap resume. - Graceful + forceful shutdown: destroyPoolEntry races client.stop() against a 5s timer and falls back to client.forceStop() to prevent hung CLI subs. Config - New ENABLE_REMOTE_SESSIONS env var (default true) wired into CopilotClient.enableRemoteSessions; sessions still need per-session opt-in. Verification - svelte-check: 0 errors / 0 warnings - vitest: 430 passed (41 files); +21 new tests covering cloud-sessions, /api/sessions/remote, /api/sessions/last, remoteSession threading, and forceStop fallback - npm run build succeeds; smoke boot: /health returns 200 Supersedes dependabot PRs #170, #172, #177, #178, #181, #182, #185, #186, #188. Out of scope (left open with comments): #176 (node:26-slim too new), #167 (release-please v5 breaking inputs), #187 (@github/copilot CLI is not a direct dep). Playwright E2E should be run in CI. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: drop /api/sessions/remote — endpoint does not exist in public CLI Investigating node_modules/@github/copilot/app.js (the official CLI we ship in node_modules via @github/copilot-sdk peer) showed that the hostname I guessed earlier — api.individual.githubcopilot.com — is not present anywhere in the bundle. The CLI only uses: - api.githubcopilot.com (default) - api.enterprise.githubcopilot.com (enterprise plan) And the agents endpoint is per-session (PUT/GET /agents/sessions/{id}), not a list. There is no 'list all my remote sessions' REST endpoint in the public CLI; that view is rendered on github.com using a different, internal API path that requires a Copilot bearer (exchanged from the GH OAuth token via a CLI-internal endpoint not exposed to integrators). Rather than ship a route that returns 502/empty results, I'm removing: - src/lib/server/copilot/cloud-sessions.ts - src/lib/server/copilot/cloud-sessions.test.ts - src/routes/api/sessions/remote/+server.ts - src/routes/api/sessions/remote/server.test.ts What stays (and is fully tested): - Per-session remoteSession mode wired through CreateSessionOptions and the WS new-session handler — the SDK takes care of publishing to api.githubcopilot.com under the hood when this is set. - GET /api/sessions/last (uses real SDK getLastSessionId + getSessionMetadata) - destroyPoolEntry forceStop fallback - ENABLE_REMOTE_SESSIONS env var New Playwright spec tests/sessions-endpoints.spec.ts hits the new /api/sessions/last on a real built server and verifies the 401 path end-to-end. Full suite: 57 desktop Playwright tests + 419 unit tests all pass. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * docs(readme): SDK 1.0.0-beta.8 + remote-session publishing - Bump copilot-sdk badge & tech-stack line to v1.0.0-beta.8. - New Features bullets for remote session publishing and resume-last-session. - New 'Remote session publishing' subsection under CLI <-> Browser Sync explaining what off/export/on do AND being explicit about what's NOT in this release (no in-app remote session browser, no steering of other remote sessions) so future users don't expect that capability. - Add ENABLE_REMOTE_SESSIONS env var to the All-options table. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * fix: address rubber-duck PR review findings - MCP server config: rename cwd → workingDirectory (SDK 1.0 rename) - /api/sessions/last: pass copilotConfigDir to createCopilotClient so the SDK reads from the correct baseDirectory - new-session handler: honor ENABLE_REMOTE_SESSIONS server kill-switch; ignore client-supplied remoteSession when the feature is disabled - destroyPoolEntry: clear timeout on stop() resolve, attach .catch() to the in-flight stop promise (no unhandled rejection), guard forceStop with a settled flag so it cannot race a clean stop Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * ci: bump e2e timeout from 15 to 30 minutes The Playwright desktop suite grew to 126 tests. With 1 CI worker and 2 retries (CI defaults from playwright.config.ts), the worst- case wall clock now exceeds the prior 15-minute budget — every recent CI run on this repo (including dependabot PRs) has been hitting the job timeout during the Playwright step. This is a narrow infra fix: extend the budget so the suite can actually finish. It does not skip, disable, or weaken any tests. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the dev-deps group with 7 updates in the / directory:
1.59.11.60.07.0.07.1.225.6.025.7.04.1.54.1.629.0.229.1.116.4.017.0.44.4.64.4.8Updates
@playwright/testfrom 1.59.1 to 1.60.0Release notes
Sourced from @playwright/test's releases.
... (truncated)
Commits
87bb9ddcherry-pick(#40747): fix(yauzl): vendor yauzl with destroy-lifecycle fix9a9c51ccherry-pick(#40733): chore(electron): revert #40184 (move Electron API to a s...4b3b628cherry-pick(#40736): Revert "feat(electron): add timeout option to electronAp...f869f96chore: bump version to v1.60.0 (#40714)7eb6918cherry-pick(#40710): docs: release notes v1.60118d2aacherry-pick(#40693): chore(python): formdata path type54012f5chore(deps): bump ip-address and express-rate-limit (#40680)9fa531dfix(screencast): unblock frame ack when an async client disconnects (#40674)3649db5chore(mcp): bump default extension protocol to v2 (#40678)bb6c009chore(extension): mark 0.2.1 (#40679)Updates
@sveltejs/vite-plugin-sveltefrom 7.0.0 to 7.1.2Release notes
Sourced from @sveltejs/vite-plugin-svelte's releases.
Changelog
Sourced from @sveltejs/vite-plugin-svelte's changelog.
Commits
471f822Version Packages (#1344)1a9bc08fix: always retrieve CSS using component filename first (#1342)508d91bVersion Packages (#1339)990e58cfix: correctly resolve Svelte CSS on the server during development (#1336)d5458a9fix: restore value imports stripped by oxc in script preprocessing (#1326)1c85126Version Packages (#1331)1a4d225feat: enable optimizer for server environments during dev (#1328)d91be5ffix: use correct pnpm catalog syntax4d3afb4chore: fix audit CI (#1327)8b3687buse modern JSDoc imports (#1309)Updates
@types/nodefrom 25.6.0 to 25.7.0Commits
Updates
@vitest/coverage-v8from 4.1.5 to 4.1.6Release notes
Sourced from @vitest/coverage-v8's releases.
Commits
a8fd24cchore: release v4.1.6Updates
jsdomfrom 29.0.2 to 29.1.1Release notes
Sourced from jsdom's releases.
Commits
9b9ea7e29.1.107efb78Optimize computed style comparison5f66329Fix background-origin/background-clip in background shorthandad8af77Fix border shorthand handling5a3e88e29.1.073db204Update dependencies and dev dependenciesa7168a5Support ratio CSS unit type15346e0Fix style cache invalidationUpdates
lint-stagedfrom 16.4.0 to 17.0.4Release notes
Sourced from lint-staged's releases.
... (truncated)
Changelog
Sourced from lint-staged's changelog.
... (truncated)
Commits
2862964Merge pull request #1789 from lint-staged/changeset-release/mainc9ecd54chore(changeset): releasecc6b51aMerge pull request #1788 from lint-staged/fix-update-index-againf95c1f8fix: update both default index.lock and non-standard lock when latter existsf44ee68Merge pull request #1786 from lint-staged/update-repo-urla61cf18build(deps): update dependenciesea00037docs: disable Changesets "thanks"ab7c26cdocs: update repo URL to point inlint-staged/lint-stageda36ec1eMerge pull request #1783 from lint-staged/changeset-release/main03ce2a9chore(changeset): releaseUpdates
svelte-checkfrom 4.4.6 to 4.4.8Release notes
Sourced from svelte-check's releases.
Commits
0070c6fVersion Packages (#3015)29e2894feat: typescript 6.0 support (#2985)d99bb34Version Packages (#2999)35428aefix: flush stdout/stderr before exit in svelte-check (#3014)a553963fix: report diagnostics in tsconfig.json (#3005)4c306ebfix: prevent incorrect $types imports being injected in update import (#3010)31488f9fix: properly place svelte-ignore comment in quickfix when\<script module>...5be821dfix: prevent duplicate diagnostics (#3000)8b103bafix: hoist self-referenced props interface (#2998)Updates
vitestfrom 4.1.5 to 4.1.6Release notes
Sourced from vitest's releases.
Commits
a8fd24cchore: release v4.1.618af98cfix(browser): simplify orchestrator otel carrier (#10285)3188260feat(browser): provide project reference inToMatchScreenshotResolvePath(#...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions