Skip to content

chore(deps): bump the testing group with 3 updates#59

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/testing-8b36f9113c
Open

chore(deps): bump the testing group with 3 updates#59
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/testing-8b36f9113c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps the testing group with 3 updates: @vitest/ui, jsdom and vitest.

Updates @vitest/ui from 4.0.18 to 4.1.0

Release notes

Sourced from @​vitest/ui's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits

Updates jsdom from 28.1.0 to 29.0.0

Release notes

Sourced from jsdom's releases.

v29.0.0

Breaking changes:

  • Node.js v22.13.0+ is now the minimum supported v22 version (was v22.12.0+).

Other changes:

  • Overhauled the CSSOM implementation, replacing the @acemir/cssom and cssstyle dependencies with fresh internal implementations built on webidl2js wrappers and the css-tree parser. Serialization, parsing, and API behavior is improved in various ways, especially around edge cases.
  • Added CSSCounterStyleRule and CSSNamespaceRule to jsdom Windows.
  • Added cssMediaRule.matches and cssSupportsRule.matches getters.
  • Added proper media query parsing in MediaList, using css-tree instead of naive comma-splitting. Invalid queries become "not all" per spec.
  • Added cssKeyframeRule.keyText getter/setter validation.
  • Added cssStyleRule.selectorText setter validation: invalid selectors are now rejected.
  • Added styleSheet.ownerNode, styleSheet.href, and styleSheet.title.
  • Added bad port blocking per the fetch specification, preventing fetches to commonly-abused ports.
  • Improved Document initialization performance by lazily initializing the CSS selector engine, avoiding ~0.5 ms of overhead per Document. (@​thypon)
  • Fixed a memory leak when stylesheets were removed from the document.
  • Fixed CSSStyleDeclaration modifications to properly trigger custom element reactions.
  • Fixed nested @media rule parsing.
  • Fixed CSSStyleSheet's "disallow modification" flag not being checked in all mutation methods.
  • Fixed XMLHttpRequest's response getter returning parsed JSON during the LOADING state instead of null.
  • Fixed getComputedStyle() crashing in XHTML documents when stylesheets contained at-rules such as @page or @font-face.
  • Fixed a potential hang in synchronous XMLHttpRequest caused by a race condition with the worker thread's idle timeout.
Changelog

Sourced from jsdom's changelog.

29.0.0

Breaking changes:

  • Node.js v22.13.0+ is now the minimum supported v22 version (was v22.12.0+).

Other changes:

  • Overhauled the CSSOM implementation, replacing the @acemir/cssom and cssstyle dependencies with fresh internal implementations built on webidl2js wrappers and the css-tree parser. Serialization, parsing, and API behavior is improved in various ways, especially around edge cases.
  • Added CSSCounterStyleRule and CSSNamespaceRule to jsdom Windows.
  • Added cssMediaRule.matches and cssSupportsRule.matches getters.
  • Added proper media query parsing in MediaList, using css-tree instead of naive comma-splitting. Invalid queries become "not all" per spec.
  • Added cssKeyframeRule.keyText getter/setter validation.
  • Added cssStyleRule.selectorText setter validation: invalid selectors are now rejected.
  • Added styleSheet.ownerNode, styleSheet.href, and styleSheet.title.
  • Added bad port blocking per the fetch specification, preventing fetches to commonly-abused ports.
  • Improved Document initialization performance by lazily initializing the CSS selector engine, avoiding ~0.5 ms of overhead per Document. (thypon)
  • Fixed a memory leak when stylesheets were removed from the document.
  • Fixed CSSStyleDeclaration modifications to properly trigger custom element reactions.
  • Fixed nested @media rule parsing.
  • Fixed CSSStyleSheet's "disallow modification" flag not being checked in all mutation methods.
  • Fixed XMLHttpRequest's response getter returning parsed JSON during the LOADING state instead of null.
  • Fixed getComputedStyle() crashing in XHTML documents when stylesheets contained at-rules such as @page or @font-face.
  • Fixed a potential hang in synchronous XMLHttpRequest caused by a race condition with the worker thread's idle timeout.
Commits
  • 00522ce Version 29.0.0
  • a217975 Use undici's request() API for XHR dispatching
  • f29722d Convert CSSStyleDeclaration to webidl2js
  • 4aaacc6 Merge in cssstyle and replace @acemir/cssom
  • 6c2769a Remove unused http(s)-proxy-agent dependencies
  • eba96b5 Update domSelector
  • 54f9995 Use --fgrep for npm run test:tuwpt:browser
  • 15e7664 Use stable ports for test:tuwpt:browser
  • 7410bdb Suppress informational WPT output when using the min reporter
  • c44377e Lazily initialize DOMSelector
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates vitest from 4.0.18 to 4.1.0

Release notes

Sourced from vitest's releases.

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

... (truncated)

Commits
  • 4150b91 chore: release v4.1.0
  • 1de0aa2 fix: correctly identify concurrent test during static analysis (#9846)
  • c3cac1c fix: use isAgent check, not just TTY, for watch mode (#9841)
  • eab68ba chore(deps): update all non-major dependencies (#9824)
  • 031f02a fix: allow catch/finally for async assertion (#9827)
  • 3e9e096 feat(reporters): add agent reporter to reduce ai agent token usage (#9779)
  • 0c2c013 chore: release v4.1.0-beta.6
  • 8181e06 fix: hideSkippedTests should not hide test.todo (fix #9562) (#9781)
  • a8216b0 fix: manual and redirect mock shouldn't load or transform original module...
  • 689a22a fix(browser): types of getCDPSession and cdp() (#9716)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency pnpm pnpm package updates labels Mar 16, 2026
@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages bot commented Mar 16, 2026
edited
Loading

Deploying my-website-dev with  Cloudflare Pages  Cloudflare Pages

Latest commit: 4ad3163
Status: ✅  Deploy successful!
Preview URL: https://fa5d9778.my-website-du5.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-test-2aqf.my-website-du5.pages.dev

View logs

@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages bot commented Mar 16, 2026
edited
Loading

Deploying my-website with  Cloudflare Pages  Cloudflare Pages

Latest commit: 4ad3163
Status: ✅  Deploy successful!
Preview URL: https://53f608c7.personal-website-f0d.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-test-e9fu.personal-website-f0d.pages.dev

View logs

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/testing-8b36f9113c branch 4 times, most recently from e6b5879 to 1259d20 Compare April 7, 2026 05:20
@greptile-apps
Copy link
Copy Markdown

greptile-apps bot commented Apr 7, 2026
edited
Loading

Greptile Summary

This PR is a routine Dependabot bump of three testing-group dev dependencies: @vitest/ui and vitest from 4.0.18 to 4.1.2 (minor feature releases with no breaking changes), and jsdom from 28.1.0 to 29.0.0 (major version, but the only breaking change is a Node.js v22 minimum sub-version bump from 22.12.0 to 22.13.0, which has no impact on this project). Since all three are devDependencies used exclusively for testing, there is zero production risk.

  • vitest 4.1 adds new features including aroundEach/aroundAll hooks, mockThrow/mockThrowOnce, chai-style assertions, and improved browser test support — all backwards-compatible additions
  • jsdom 29.0.0 overhauled its CSSOM implementation, fixing a memory leak when stylesheets are removed, improving CSS parsing accuracy (using css-tree), and fixing several edge-case bugs — improvements that increase test fidelity
  • The project's engines field ("node": ">=18.0.0") is unaffected by jsdom's Node v22 minimum sub-version change
  • All changes are confined to devDependencies with no production bundle impact

Confidence Score: 5/5

Safe to merge — routine devDependency bump with no production impact

All three packages are dev-only testing dependencies. The jsdom major bump has a single breaking change (Node v22 minimum sub-version from 22.12.0 to 22.13.0) that does not affect this project since it targets Node >=18. vitest 4.1 is a backwards-compatible minor release. No application code was changed.

No files require special attention

Important Files Changed

Filename Overview
package.json Updates @vitest/ui, jsdom, and vitest dev dependencies to latest versions; all are test-only devDependencies with no production impact
pnpm-lock.yaml Lockfile updated to reflect new resolved versions for vitest 4.1.2, @vitest/ui 4.1.2, and jsdom 29.x

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Dependabot PR] --> B[Testing Group Bump]
    B --> C[@vitest/ui 4.0.18 → 4.1.2]
    B --> D[vitest 4.0.18 → 4.1.2]
    B --> E[jsdom 28.1.0 → 29.0.0]
    C --> F[Minor: New features, backward-compatible]
    D --> F
    E --> G[Major: Node v22 min sub-version change]
    G --> H[No impact: project supports >=18.0.0]
    F --> I[Safe to merge]
    H --> I
Loading

Reviews (3): Last reviewed commit: "chore(deps): bump the testing group with..." | Re-trigger Greptile

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/testing-8b36f9113c branch 3 times, most recently from e5816c3 to 3d1dc82 Compare April 7, 2026 05:29
@dependabot
chore(deps): bump the testing group with 3 updates
4ad3163 
Bumps the testing group with 3 updates: [@vitest/ui](https://github.com/vitest-dev/vitest/tree/HEAD/packages/ui), [jsdom](https://github.com/jsdom/jsdom) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/ui` from 4.0.18 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/ui)

Updates `jsdom` from 28.1.0 to 29.0.0
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/v29.0.0/Changelog.md)
- [Commits](jsdom/jsdom@v28.1.0...v29.0.0)

Updates `vitest` from 4.0.18 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/ui"
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: testing
- dependency-name: jsdom
  dependency-version: 29.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: testing
- dependency-name: vitest
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: testing
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/testing-8b36f9113c branch from 3d1dc82 to 4ad3163 Compare April 7, 2026 05:34
@System-End System-End enabled auto-merge (squash) April 7, 2026 05:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency pnpm pnpm package updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants