Skip to content

chore(deps-dev): bump the development group with 3 updates#19

Merged
steipete merged 1 commit into
mainfrom
dependabot/npm_and_yarn/development-652585dd71
Jun 30, 2026
Merged

chore(deps-dev): bump the development group with 3 updates#19
steipete merged 1 commit into
mainfrom
dependabot/npm_and_yarn/development-652585dd71

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps the development group with 3 updates: @playwright/test, oxfmt and oxlint.

Updates @playwright/test from 1.61.0 to 1.61.1

Release notes

Sourced from @​playwright/test's releases.

v1.61.1

Bug Fixes

  • #41365 [Bug]: Expect.Extend matcher with same name as default matcher in same expect instance overrides default matchers implementation to custom matcher
  • #41351 [Bug]: Playwright UI mode: apiRequestContext._wrapApiCall reports unexpected number of bytes (same test passes in headed mode)
  • #41360 [Bug]: Trace viewer: message times in websockets are downscaled by 1000
  • #41311 [Bug]: [Regression]: Sync loader throws "context.conditions?.includes is not a function" on Node 22.15
  • #41371 [Regression]: Sync ESM loader (registerHooks) fails to resolve extensionless .ts subpath imports across pnpm workspace symlinks
Commits
  • 39e3553 cherry-pick(#41399): fix(test): load require-reached files as commonjs in syn...
  • 4328122 chore: mark v1.61.1 (#41404)
  • 2c29a94 fix(tracing): stop recording websocket frames outside of chunks (#41398)
  • 4324b19 cherry-pick(#41367): fix(test): keep builtin expect matchers on base extend
  • 041e7e3 cherry-pick(#41364): fix(har): WebSocket message timestamps should be in mi...
  • b8a0fc3 cherry-pick(#41309, #43149): Revert "fix(firefox): treat `navigationCommitted...
  • b5a3175 cherry-pick(#41319): fix(loader): support other node versions
  • d4724a9 cherry-pick(#41290): feat(docker): add Ubuntu 26.04 (Resolute Raccoon) image
  • See full diff in compare view

Updates oxfmt from 0.55.0 to 0.56.0

Changelog

Sourced from oxfmt's changelog.

Changelog

All notable changes to this package will be documented in this file.

The format is based on Keep a Changelog.

Commits

Updates oxlint from 1.70.0 to 1.71.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

  • 222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)
  • 2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)
  • bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)
  • 5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)
  • 7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)
  • 2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)
  • ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

  • 6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)
  • 6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)
  • 7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)
  • 732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)
  • a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)
  • ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)
  • 3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)
  • ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)
  • e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)
  • 6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)
  • 85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)
  • fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)
  • ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)
  • dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)
  • 989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)
  • cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

  • 25d577e language_server: Start tools in parallel (#15500) (Sysix)
  • 3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)
  • 3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)
  • 9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)
  • 3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)
  • 444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

  • 97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)
  • 2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)
  • a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)
  • 3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)
  • 2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)
  • 57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Changelog

Sourced from oxlint's changelog.

[1.71.0] - 2026-06-22

🚀 Features

  • 0dc2405 linter: Add schema for eslint/no-restricted-properties (#23619) (Sysix)
  • b638d0e linter: Add schema for node/callback-return (#23615) (Sysix)
  • eb8bedc linter: Add schema for import/extensions (#23557) (WaterWhisperer)
  • 46f3625 linter: Implement node/no-sync rule (#23589) (fujitani sora)
  • b01739a linter: Add schema for unicorn/numeric-separators-style (#23554) (Mikhail Baev)
  • 68afd2a linter/node: Implement no-mixed-requires rule (#23539) (fujitani sora)
  • a421215 linter: Add schema for eslint/prefer-destructuring (#23410) (WaterWhisperer)
  • 84438be linter/jsdoc: Added missing options to require-param-description (#23416) (kapobajza)
  • 51910df linter/jsdoc: Add missing options to require-param-type rule (#23418) (kapobajza)
  • e90925f linter/unicorn: Implement prefer-number-coercion rule (#23497) (Shekhu☺️)
  • dd1c866 linter/vue: Implement no-async-in-computed-properties rule (#23493) (bab)
  • b02444e linter: Add schema for react/jsx-no-script-url (#23475) (WaterWhisperer)
  • a8dce46 linter/unicorn: Implement max-nested-calls rule (#23461) (arieleli01212)

🐛 Bug Fixes

  • a303c23 linter/jsx-a11y: Align anchor-is-valid config with upstream (#23446) (camc314)

📚 Documentation

  • b50bf4d linter: Remove manually written options doc for eslint/arrow-body-style (#23490) (Mikhail Baev)
Commits
  • c4be770 release(apps): oxlint v1.71.0 && oxfmt v0.56.0 (#23707)
  • 0dc2405 feat(linter): add schema for eslint/no-restricted-properties (#23619)
  • b638d0e feat(linter): add schema for node/callback-return (#23615)
  • 6d355ab refactor(linter): remove number_as_object_schema helper (#23614)
  • eb8bedc feat(linter): add schema for import/extensions (#23557)
  • 46f3625 feat(linter): implement node/no-sync rule (#23589)
  • 953c7b3 refactor(linter): make unicorn/numeric-separators-style options u32 (#23558)
  • b01739a feat(linter): add schema for unicorn/numeric-separators-style (#23554)
  • 68afd2a feat(linter/node): implement no-mixed-requires rule (#23539)
  • b08e9f5 refactor(linter): re-enable schema for `jsx_a11y/no-noninteractive-element-in...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the development group with 3 updates: [@playwright/test](https://github.com/microsoft/playwright), [oxfmt](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxfmt) and [oxlint](https://github.com/oxc-project/oxc/tree/HEAD/npm/oxlint).


Updates `@playwright/test` from 1.61.0 to 1.61.1
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.61.0...v1.61.1)

Updates `oxfmt` from 0.55.0 to 0.56.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxfmt/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxfmt_v0.56.0/npm/oxfmt)

Updates `oxlint` from 1.70.0 to 1.71.0
- [Release notes](https://github.com/oxc-project/oxc/releases)
- [Changelog](https://github.com/oxc-project/oxc/blob/main/npm/oxlint/CHANGELOG.md)
- [Commits](https://github.com/oxc-project/oxc/commits/oxlint_v1.71.0/npm/oxlint)

---
updated-dependencies:
- dependency-name: "@playwright/test"
  dependency-version: 1.61.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development
- dependency-name: oxfmt
  dependency-version: 0.56.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development
- dependency-name: oxlint
  dependency-version: 1.71.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 29, 2026
@clawsweeper

clawsweeper Bot commented Jun 29, 2026

Copy link
Copy Markdown

Codex review: needs maintainer review before merge. Reviewed June 30, 2026, 1:20 PM ET / 17:20 UTC.

Summary
The PR bumps the development dependency group by updating @playwright/test to 1.61.1 in the lockfile, oxfmt to 0.56.0 in package.json and the lockfile, and oxlint to 1.71.0 in the lockfile.

Reproducibility: not applicable. this is a dependency maintenance PR, so the useful check is package/lockfile review plus CI status rather than reproducing a runtime bug.

Review metrics: 3 noteworthy metrics.

  • Dependency updates: 3 direct development tools. The PR affects test, format, and lint tooling rather than the published runtime dependency set.
  • Changed files: 2 files. The review surface is limited to package.json and pnpm-lock.yaml.
  • Validation surface: 6 Node matrix checks plus lint, CodeQL, and browser smoke passed. The visible checks cover the repository scripts most likely to be affected by formatter, linter, and test-tool updates.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

  • none.

Next step before merge

  • [P2] No repair lane is needed; the remaining action is ordinary maintainer dependency-update review and merge gating.

Security
Cleared: Cleared; the diff updates dev-only tooling versions and lockfile integrity data without changing workflows, scripts, runtime dependencies, package publishing settings, or permissions.

Review details

Best possible solution:

Land the minimal dev-dependency refresh if maintainers accept the upstream tool updates and the existing CI/dependency-review signal.

Do we have a high-confidence way to reproduce the issue?

Not applicable; this is a dependency maintenance PR, so the useful check is package/lockfile review plus CI status rather than reproducing a runtime bug.

Is this the best way to solve the issue?

Yes; the proposed manifest and lockfile refresh is the narrow maintainable path for this Dependabot dependency group, and current main has not already taken these exact updates.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 8ffb44049333.

Label changes

Label justifications:

  • P3: This is routine development-tooling maintenance with low direct user-facing impact.
  • rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
  • status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: Not applicable for this Dependabot bot dependency-update PR; CI and dependency review are the relevant merge proof.
Evidence reviewed

What I checked:

  • AGENTS.md policy read: Read the full repository AGENTS.md and applied its guidance to use repository scripts, keep package and lockfile changes focused, and treat generated lockfiles conservatively. (AGENTS.md:1, 8ffb44049333)
  • Current main still has older dev tooling: Current main keeps @playwright/test at ^1.61.0, oxfmt at ^0.55.0, and oxlint at ^1.69.0 in the manifest, so the dependency refresh is not already implemented on main. (package.json:90, 8ffb44049333)
  • PR manifest change is narrow: The PR head changes only the oxfmt devDependency specifier in package.json, leaving scripts and runtime dependencies unchanged. (package.json:94, 5979e9017de7)
  • Lockfile matches the stated dependency group: The PR head lockfile importer updates @playwright/test to 1.61.1, oxfmt to 0.56.0, and oxlint to 1.71.0 with oxlint-tsgolint unchanged. (pnpm-lock.yaml:15, 5979e9017de7)
  • Visible GitHub checks pass: GitHub reports the PR as mergeable/clean, with the visible lint, CodeQL, Ghostty browser smoke, and Node 22/24 checks on Ubuntu, macOS, and Windows passing for the current head. (5979e9017de7)
  • Dependency area provenance: History and blame show the package scripts, devDependency block, lockfile importer, and Dependabot grouping were introduced or recently maintained around Vincent Koc's release/setup commits, with prior dependency updates coming through Dependabot. (package.json:72, af898fe0cdd3)

Likely related people:

  • Vincent Koc: Current-main blame and history show Vincent Koc authored the package scripts, devDependency block, lockfile baseline, Dependabot grouping, and recent release-validation changes around the affected files. (role: recent area contributor; confidence: high; commits: af898fe0cdd3, 402f019f2b17, c1ca6f199108; files: package.json, pnpm-lock.yaml, .github/dependabot.yml)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

@clawsweeper clawsweeper Bot added rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. P3 Low-risk cleanup, docs, polish, ergonomics, or speculative feature. labels Jun 29, 2026
@steipete steipete merged commit 1dcef45 into main Jun 30, 2026
19 checks passed
@steipete steipete deleted the dependabot/npm_and_yarn/development-652585dd71 branch June 30, 2026 23:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code P3 Low-risk cleanup, docs, polish, ergonomics, or speculative feature. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant