npm(deps-dev): bump the development-dependencies group with 20 updates

[dependabot]

Bumps the development-dependencies group with 20 updates:

Package	From	To
@influxdata/influxdb-client	1.33.2	1.35.0
@noble/curves	1.8.1	2.0.1
@noble/hashes	1.7.1	2.0.1
@playwright/test	1.48.0	1.56.1
@types/node	18.18.9	24.10.1
esbuild	0.25.5	0.27.0
expect	29.7.0	30.2.0
fs-extra	10.1.0	11.3.2
glob	8.1.0	13.0.0
graphql	16.10.0	16.12.0
jest	28.1.3	30.2.0
@types/jest	27.5.2	30.0.0
oxlint	1.0.0	1.30.0
pkg-pr-new	0.0.9	0.0.60
replace-in-file	6.3.5	8.3.0
rimraf	3.0.2	6.1.2
ts-jest	28.0.8	29.4.5
typedoc	0.28.5	0.28.14
typedoc-plugin-markdown	4.6.4	4.9.0
typescript	5.4.5	5.9.3

Updates @influxdata/influxdb-client from 1.33.2 to 1.35.0

Release notes

Sourced from @​influxdata/influxdb-client's releases.

1.35.0

Bug Fixes

1. #1044: Allow 201 status code in a write response.

1.34.0

Breaking Changes

⚠️ Drop supports for node v14, v15 and v16 in CI.

Features:

1. #1005: Token stored as a private class property.
2. #1019: Propagates headers from HTTP response when an error is returned from the server.

CI

1. #893: Add node v20 to CI.
2. #953: Add node v21 to CI.

Changelog

Sourced from @​influxdata/influxdb-client's changelog.

1.35.0 [2024-08-15]

Bug Fixes

1. #1044: Allow 201 status code in a write response.

1.34.0 [2024-07-26]

Breaking Changes

⚠️ Drop supports for node v14, v15 and v16 in CI.

Features:

1. #1005: Token stored as a private class property.
2. #1019: Propagates headers from HTTP response when an error is returned from the server.
3. #1020: Adds example of working with HttpError response.

CI

1. #893: Add node v20 to CI.
2. #953: Add node v21 to CI.

Commits

• fe5bc8e chore(release): publish v1.35.0 [skip CI]
• 187e987 chore(release): prepare to release influxdb-client-js-1.35.0
• fff3615 fix: handle 201 response from write endpoint (#1044)
• b11ebbf chore(deps-dev): bump @​typescript-eslint/parser from 7.14.1 to 8.0.0 (#1025)
• e535fb0 chore(deps-dev): bump prettier from 3.3.2 to 3.3.3 (#1028)
• d35725e chore(deps-dev): bump esbuild from 0.22.0 to 0.23.0 (#1024)
• 7cb8e43 Merge pull request #1020 from influxdata/docs/headersExample
• 3d1ff62 docs: adds httpErrorHandled example and integration test for HttpError
• 147f6ee chore(release): publish v1.34.0 [skip CI]
• 4db6db9 chore(release): prepare to release influxdb-client-js-1.34.0
• Additional commits viewable in compare view

Updates @noble/curves from 1.8.1 to 2.0.1

Release notes

Sourced from @​noble/curves's releases.

2.0.1

• Disable extension-less imports. If you've used /ed25519, switch to /ed25519.js now. See 2.0.0 for more details.
• package.json: specify exported submodules to ensure typescript autocompletion
• package.json: bump hashes to 2.0.1 with scrypt & pkg.json changes
• ed25519: export map_to_curve_elligator2_curve25519 paulmillr/noble-curves#211
• bls: try-catch pairingBatch in bls12_381.verify() by @​MegaManSec in paulmillr/noble-curves#212
• fft: expose extra info in rootsOfUnity

New Contributors

• @​MegaManSec made their first contribution in paulmillr/noble-curves#212

GitHub Immutable Releases

This GH release does not include standalone noble-curves.js: use 2.0.0 for now, until we upgrade to newly added Immutable Releases

Full Changelog: paulmillr/noble-curves@2.0.0...2.0.1

2.0.0

High-level

v2 massively simplifies internals, improves security, reduces bundle size and lays path for the future. To simplify upgrading, upgrade first to curves 1.9.x. It would show deprecations in vscode-like text editor.

• The package is now ESM-only. ESM can finally be loaded from common.js on node v20.19+
  • Node v20.19 is now the minimum required version
  • Package imports now work correctly in bundler-less environments, such as browsers
  • Reduces npm package size (traffic consumed): 354KB => 300KB
  • Reduces unpacked npm size (on-disk space): 2.1MB => 1.2MB
• Make bundle sizes smaller, compared to v1.x: -4KB for schnorr, -5.3KB for ristretto255, -9.4KB for x448
• .js extension must be used for all modules
  • Old: @noble/curves/ed25519
  • New: @noble/curves/ed25519.js
  • This simplifies working in browsers natively without transpilers

New features

• webcrypto: create friendly noble-like wrapper over built-in WebCrypto
• oprf: implement RFC 9497 OPRFs (oblivious pseudorandom functions)
  • We support p256, p384, p521, ristretto255 and decaf448
• weierstrass, edwards: add isValidSecretKey, isValidPublicKey
• misc: add Brainpool curves: brainpoolP256r1, brainpoolP384r1, brainpoolP512r1

Changes

• Most methods now expect Uint8Array, string hex inputs are prohibited
  • The change simplifies reasoning, improves security and reduces malleability
  • Point.fromHex now expects string-only hex inputs, use Point.fromBytes for Uint8Array
• Breaking changes of ECDSA (secp256k1, p256, p384...):
  • sign, verify: Switch to prehashed messages. Instead of messageHash, the methods now expect unhashed message. To bring back old behavior, use option {prehash: false}

... (truncated)

Commits

• 99d9774 Release 2.0.1.
• e4d7b5a Bump hashes to 2.0.1: scrypt & pkg.json changes
• d588039 Export map_to_curve_elligator2_curve25519. Closes gh-211.
• 48a97b7 Merge pull request #212 from MegaManSec/throw
• 270e5d6 pkg.json: add back export maps for text editor autocompletion
• 0cdef32 try-catch pairingBatch in bls12_381.verify()
• fc60edf fft: expose extra info in rootsOfUnity
• 83bf33b Release 2.0.0 to JSR.
• 24d3110 Release 2.0.0.
• 9e35456 Bump jsbt
• Additional commits viewable in compare view

Updates @noble/hashes from 1.7.1 to 2.0.1

Release notes

Sourced from @​noble/hashes's releases.

2.0.1

• .js extension must be used for all modules
  • Old: @noble/hashes/sha3
  • New: @noble/hashes/sha3.js
  • This simplifies working in browsers natively without transpilers
  • This was planned for 2.0.0, but was accidentally left out
• package.json: specify exported submodules to ensure typescript autocompletion
• scrypt: Fix error message for maxmem check by @​ChALkeR in paulmillr/noble-hashes#121
• scrypt: 4% speed-up by @​ChALkeR in paulmillr/noble-hashes#122

Full Changelog: paulmillr/noble-hashes@2.0.0...2.0.1

2.0.0

High-level

• The package is now ESM-only. ESM can finally be loaded from common.js on node v20.19+
  • Node v20.19 is now the minimum required version
  • Package imports now work correctly in bundler-less environments, such as browsers
  • Reduces npm package size (traffic consumed): 152KB => 136KB
  • Reduces unpacked npm size (on-disk space): 1.1MB => 669KB
• Make bundle sizes smaller, compared to v1.x
• .js extension must be used for all modules
  • Old: @noble/hashes/sha3
  • New: @noble/hashes/sha3.js
  • This simplifies working in browsers natively without transpilers

Changes

• Only allow Uint8Array as hash inputs, prohibit string
  • Strict validation checks improve security
  • To replicate previous behavior, use utils.utf8ToBytes
• Rename / remove some modules for consistency. Previously, sha384 resided in sha512, which was weird
  • sha256, sha512 => sha2.js (consistent with sha3.js)
  • blake2b, blake2s => blake2.js (consistent with blake3.js, blake1.js)
  • ripemd160, sha1, md5 => legacy.js (all low-security hashes are there)
  • _assert => utils.js
  • crypto internal module got removed: use built-in WebCrypto instead
• Improve typescript types & option autocomplete
• Upgrade typescript compilation env to ts5.9 and es2022
• Massively improve error messages, make them more descriptive

Full Changelog: paulmillr/noble-hashes@1.8.0...2.0.0

1.8.0

Preparation for v2

The release contains bugfixes and a few improvements which pave the way for upcoming v2.0.

• Modules are now available with .js extension
  • Old: @noble/hashes/sha2

... (truncated)

Commits

• d30e070 Release 2.0.1.
• 4485505 anumber: fix error msg
• dd62b81 pkg.json: add back export maps for text editor autocompletion
• 59fda2c Merge pull request #122 from ChALkeR/chalker/perf/scrypt/0
• 90dfe17 adjust comment
• e6099ae add a comment
• 15ee761 perf: tiny improvement in scrypt
• 30f8780 Merge pull request #121 from ChALkeR/patch-2
• f43e04b Fix error message for scrypt maxmem check
• b048d14 Release 2.0.0 to JSR.
• Additional commits viewable in compare view

Updates @playwright/test from 1.48.0 to 1.56.1

Release notes

Sourced from @​playwright/test's releases.

v1.56.1

Highlights

#37871 chore: allow local-network-access permission in chromium #37891 fix(agents): remove workspaceFolder ref from vscode mcp #37759 chore: rename agents to test agents #37757 chore(mcp): fallback to cwd when resolving test config

Browser Versions

• Chromium 141.0.7390.37
• Mozilla Firefox 142.0.1
• WebKit 26.0

v1.56.0

Playwright Agents

Introducing Playwright Agents, three custom agent definitions designed to guide LLMs through the core process of building a Playwright test:

• 🎭 planner explores the app and produces a Markdown test plan
• 🎭 generator transforms the Markdown plan into the Playwright Test files
• 🎭 healer executes the test suite and automatically repairs failing tests

Run npx playwright init-agents with your client of choice to generate the latest agent definitions:

# Generate agent files for each agentic loop
# Visual Studio Code
npx playwright init-agents --loop=vscode
# Claude Code
npx playwright init-agents --loop=claude
# opencode
npx playwright init-agents --loop=opencode

[!NOTE] VS Code v1.105 (currently on the VS Code Insiders channel) is needed for the agentic experience in VS Code. It will become stable shortly, we are a bit ahead of times with this functionality!

Learn more about Playwright Agents

New APIs

• New methods page.consoleMessages() and page.pageErrors() for retrieving the most recent console messages from the page
• New method page.requests() for retrieving the most recent network requests from the page
• Added --test-list and --test-list-invert to allow manual specification of specific tests from a file

UI Mode and HTML Reporter

• Added option to 'html' reporter to disable the "Copy prompt" button
• Added option to 'html' reporter and UI Mode to merge files, collapsing test and describe blocks into a single unified list
• Added option to UI Mode mirroring the --update-snapshots options
• Added option to UI Mode to run only a single worker at a time

... (truncated)

Commits

• 54c7115 chore: revert "minimal vscode version notice" (#37892)
• 7d45eb3 chore: mark v1.56.1 (#37784)
• e6ef697 cherry-pick(#37871): chore: allow local-network-access permission in chromium
• 932542c cherry-pick(#37891): fix(agents): remove workspaceFolder ref from vscode mcp
• 0662dd2 cherry-pick(#37759): chore: rename agents to test agents
• 919549e cherry-pick(#37758): docs: mention VS Code insiders in the agents docs
• e593c64 cherry-pick(#37757): chore(mcp): fallback to cwd when resolving test config
• a8a6e10 cherry-pick(#37755): chore(mcp): minimal vscode version notice
• f36b2ee cherry-pick(#37731): docs: add agents video to agents page (#37733)
• b6af258 cherry-pick(#37727): devops: fix NPM release step (#37728)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​playwright/test since your current version.

Updates @types/node from 18.18.9 to 24.10.1

Commits

• See full diff in compare view

Updates esbuild from 0.25.5 to 0.27.0

Release notes

Sourced from esbuild's releases.

v0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

• Use Uint8Array.fromBase64 if available (#4286)

  With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

• Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

  This raises the operating system requirements for running esbuild:

  • Linux: now requires a kernel version of 3.2 or later
  • macOS: now requires macOS 12 (Monterey) or later

v0.26.0

• Enable trusted publishing (#4281)

  GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

  Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

v0.25.12

• Fix a minification regression with CSS media queries (#4315)

  The previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for @media <media-type> and <media-condition-without-or> { ... } was missing an equality check for the <media-condition-without-or> part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.

• Update the list of known JavaScript globals (#4310)

  This release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global Array property is considered to be side-effect free but accessing the global scrollY property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:

  From ES2017:

  • Atomics
  • SharedArrayBuffer

  From ES2020:

  • BigInt64Array
  • BigUint64Array

  From ES2021:

  • FinalizationRegistry
  • WeakRef

  From ES2025:

  • Float16Array
  • Iterator

  Note that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from Iterator:

  // This can now be tree-shaken by esbuild:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

• Use Uint8Array.fromBase64 if available (#4286)

  With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

• Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

  This raises the operating system requirements for running esbuild:

  • Linux: now requires a kernel version of 3.2 or later
  • macOS: now requires macOS 12 (Monterey) or later

0.26.0

• Enable trusted publishing (#4281)

  GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

  Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

0.25.12

• Fix a minification regression with CSS media queries (#4315)

  The previous release introduced support for parsing media queries which unintentionally introduced a regression with the removal of duplicate media rules during minification. Specifically the grammar for @media <media-type> and <media-condition-without-or> { ... } was missing an equality check for the <media-condition-without-or> part, so rules with different suffix clauses in this position would incorrectly compare equal and be deduplicated. This release fixes the regression.

• Update the list of known JavaScript globals (#4310)

  This release updates esbuild's internal list of known JavaScript globals. These are globals that are known to not have side-effects when the property is accessed. For example, accessing the global Array property is considered to be side-effect free but accessing the global scrollY property can trigger a layout, which is a side-effect. This is used by esbuild's tree-shaking to safely remove unused code that is known to be side-effect free. This update adds the following global properties:

  From ES2017:

  • Atomics
  • SharedArrayBuffer

  From ES2020:

  • BigInt64Array
  • BigUint64Array

  From ES2021:

  • FinalizationRegistry
  • WeakRef

  From ES2025:

  • Float16Array
  • Iterator

  Note that this does not indicate that constructing any of these objects is side-effect free, just that accessing the identifier is side-effect free. For example, this now allows esbuild to tree-shake classes that extend from Iterator:

... (truncated)

Commits

• 2b91699 publish 0.27.0 to npm
• 22b425c fix #4286: use Uint8Array.fromBase64 if present (#4295)
• 6d187ef update go 1.25.3 => 1.25.4
• 9d0d4e7 update go 1.23.12 => 1.25.3 (#4318)
• b6979d8 use a patched go compiler for release builds
• 893d2b9 delete temporary release.yml workflow
• cee3918 add a temporary release.yml workflow
• f5bb1d6 fix publish.yml
• 17ff82b publish 0.26.0 to npm
• f87181f enable trusted publishing (#4319)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.

Updates expect from 29.7.0 to 30.2.0

Release notes

Sourced from expect's releases.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• `[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

Chore

• [expect] Update docblock for toContain() to display info on substring check (#15789)

30.0.2

What's Changed

... (truncated)

Changelog

Sourced from expect's changelog.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)
• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)
• [jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#15821)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

... (truncated)

Commits

• 855864e v30.2.0
• ebfa31c v30.1.2
• d347c0f v30.1.1
• 4d5f41d v30.1.0
• 5884e4a chore(expect): update docblock for toContain() to display info on substring...
• 22236cf v30.0.5
• a3d1e2e fix: bigint cause error (#15702)
• f4296d2 v30.0.4
• 06f8e28 feat: support async functions in toBe (#15714)
• fceea7a feat: handle line endings in snapshot (#15708)
• Additional commits viewable in compare view

Updates fs-extra from 10.1.0 to 11.3.2

Changelog

Sourced from fs-extra's changelog.

11.3.2 / 2025-09-15

• Fix spurrious UnhandledPromiseRejectionWarning that could occur when calling .copy() in some cases (#1056, #1058)

11.3.1 / 2025-08-05

• Fix case where move/moveSync could incorrectly think files are identical on Windows (#1050)

11.3.0 / 2025-01-15

• Add promise support for newer fs methods (#1044, #1045)
• Use fs.opendir in copy()/copySync() for better perf/scalability (#972, #1028)

11.2.0 / 2023-11-27

• Copy directory contents in parallel for better performance (#1026)
• Refactor internal code to use async/await (#1020)

11.1.1 / 2023-03-20

• Preserve timestamps when moving files across devices (#992, #994)

11.1.0 / 2022-11-29

• Re-add main field to package.json for better TypeScript compatibility (#979, #981)

11.0.0 / 2022-11-28

Breaking Changes

• Don't allow requiring fs-extra/lib/SOMETHING (switched to exports) (#974)
• Require Node v14.14+ (#968, #969)

New Features

• Add fs-extra/esm for ESM named export support; see docs for details (#746, #974)
• Add promise support for fs.readv() (#970)

Bugfixes

• Don't stat filtered items in copy* (#965, #971)
• Remove buggy stats check in copy (#918, #976)

Commits

• 403e8aa 11.3.2
• 47f1095 Fix UnhandledPromiseRejectionWarning in copy (#1058)
• 5e62bb7 11.3.1
• b897b36 fix incorrect identical result for windows node v22+ (#1050)
• 22583f7 Test on more modern Node versions (#1051)
• 83ff8ca Do not mutate args in ensure symlink tests (#1052)
• 176ad6a 11.3.0
• e75b9bf Add promise support for missing fs methods (#1045)
• d96f265 Update copyright year (#1036)
• 1d931c8 Refactor copy to use opendir (#1028)
• Additional commits viewable in compare view

Updates glob from 8.1.0 to 13.0.0

Changelog

Sourced from glob's changelog.

changeglob

13

• Move the CLI program out to a separate package, glob-bin. Install that if you'd like to continue using glob from the command line.

12

• Remove the unsafe --shell option. The --shell option is now ONLY supported on known shells where the behavior can be implemented safely.

11.1

GHSA-5j98-mcp5-4vw2

• Add the --shell option for the command line, with a warning that this is unsafe. (It will be removed in v12.)
• Add the --cmd-arg/-g as a way to safely add positional arguments to the command provided to the CLI tool.
• Detect commands with space or quote characters on known shells, and pass positional arguments to them safely, avoiding shell:true execution.

11.0

• Drop support for node before v20

10.4

• Add includeChildMatches: false option
• Export the Ignore class

10.3

• Add --default -p flag to provide a default pattern
• exclude symbolic links to directories when follow and nodir are both set

10.2

• Add glob cli

10.1

• Return '.' instead of the empty string '' when the current working directory is returned as a match.
• Add posix: true option to return / delimited paths, even on

... (truncated)

Commits

• 3bfb960 13.0.0
• db31a63 Split the CLI out from the main project
• 5493458 ci: remove node 20
• 3f7526c test: fix bin tests on windows (slashes)
• 2b03cca 12.0.0
• d56203d prettier config
• bb521e5 Remove --shell option where unsafe to use
• 2551fb5 11.1.0
• 47473c0 bin: Do not expose filenames to shell expansion
• bc33fe1 skip tilde test on systems that lack tilde expansion
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for glob since your current version.

Updates graphql from 16.10.0 to 16.12.0

Release notes

Sourced from graphql's releases.

16.12.0

v16.12.0 (2025-11-01)

New Feature 🚀

• #4482 Implement changes for executable descriptions (@​JoviDeCroock)
• #4493 Backport schema coordinates (@​JoviDeCroock)

Bug Fix 🐞

• #4392 Catch unhandled exception in abstract resolution (@​JoviDeCroock)

Docs 📝

• #4374 docs: testing graphQL servers (@​sarahxsanders)
• #4376 docs: type generation for graphql servers (@​sarahxsanders)
• #4380 docs: add guides for custom scalars (@​sarahxsanders)
• #4381 docs: anatomy of a resolver (@​sarahxsanders)
• #4382 docs: understanding graphql errors (@​sarahxsanders)
• #4383 docs: N+1 problem and DataLoader (@​sarahxsanders)
• #4391 docs: cursor-based pagination guide (@​sarahxsanders)
• #4393 docs: add page on abstract types (@​sarahxsanders)
• #4394 docs: editorial on abstract types page (@​benjie)
• #4395 docs: editorial for recent documentation updates (@​benjie)
• #4396 docs: add page on authorization strategies (@​sarahxsanders)
• #4398 docs: update "going to production" guide (@​sarahxsanders)
• #4399 Update mutations-and-input-types.mdx (@​roman-lakhnov)
• #4400 Remove CJS from docs (@​JoviDeCroock)
• #4401 docs: add guide on directives (@​sarahxsanders)
• #4402 docs: add guide for operation complexity controls (@​sarahxsanders)
• #4405 docs: add guide on nullability (@​sarahxsanders)
• #4406 docs: add guide on subscriptions (@​sarahxsanders)
• #4411 docs: add guide on caching strategies (@​sarahxsanders)
• #4414 docs: guide on scaling your API (@​sarahxsanders)
• #4416 Editorial for #4405 (nullability) (@​benjie)
• #4417 Indicate that field arguments should always be preferred over directives (@​benjie)
• #4418 docs: trusted documents (@​benjie)
• #4419 docs: cleanup and fixes (@​sarahxsanders)
• #4436 Suggestions for federation links (@​Urigo)
• #4444 Fix navigation (@​JoviDeCroock)
• #4452 fix(docs/mutations-and-input-types.mdx): root being inside of SDL (@​alesculek)
• #4473 docs: remove fourth permutation of the visit API (@​janmeier)

Polish 💅

• #4453 Remove oneof validation from values of correct type (@​JoviDeCroock)

Internal 🏠

... (truncated)

Commits

• bf9ffff 16.12.0
• e2457b3 Backport schema coordinates (#4493)
• 364f17f Implement changes for executable descriptions (#4482)
• 60ae6c4 updated location of ModelSim gitignore file (#4479)
• 6808b16 docs: remove fourth permutation of the visit API (#4473)
• d07c9c5 Fix typo in readme
• 8dc2955 fix(docs/mutations-and-input-types.mdx): root being inside of SDL (#4452)
• 7134cab Remove oneof validation from values of correct type (

[dependabot]

Labels

The following labels could not be found: dependencies, javascript. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.