Skip to content

build(deps-dev): bump the default-group group with 4 updates#60

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/default-group-18c78037ee
Closed

build(deps-dev): bump the default-group group with 4 updates#60
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/default-group-18c78037ee

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 30, 2026
edited
Loading

Bumps the default-group group with 4 updates: autoprefixer, axios, postcss and vue.

Updates autoprefixer from 10.4.23 to 10.4.27

Release notes

Sourced from autoprefixer's releases.

10.4.27

  • Removed development key from package.json.

10.4.26

  • Reduced package size.

10.4.25

  • Fixed broken gradients on CSS Custom Properties (by @​serger777).

10.4.24

  • Made Autoprefixer a little faster (by @​Cherry).
Changelog

Sourced from autoprefixer's changelog.

10.4.27

  • Removed development key from package.json.

10.4.26

  • Reduced package size.

10.4.25

  • Fixed broken gradients on CSS Custom Properties (by @​serger777).

10.4.24

  • Made Autoprefixer a little faster (by @​Cherry).
Commits

Updates axios from 1.13.3 to 1.14.0

Release notes

Sourced from axios's releases.

v1.14.0

This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.

⚠️ Important Changes

  • Breaking Changes: None identified in this release.
  • Action Required: If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably proxy-from-env v2 alignment and main entry compatibility fix).

🚀 New Features

  • Runtime Features: No new end-user features were introduced in this release.
  • Test Coverage Expansion: Added broader smoke/module test coverage for CJS and ESM package usage. (#7510)

🐛 Bug Fixes

  • Headers: Trim trailing CRLF in normalised header values. (#7456)
  • HTTP/2: Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (#7457)
  • Fetch Adapter: Cancel ReadableStream created during request-stream capability probing to prevent async resource leaks. (#7515)
  • Proxy Handling: Fixed env proxy behavior with proxy-from-env v2 usage. (#7499)
  • CommonJS Compatibility: Fixed package main entry regression affecting CJS consumers. (#7532)

🔧 Maintenance & Chores

  • Security/Dependencies: Updated formidable and refreshed package set to newer versions. (#7533, #10556)
  • Tooling: Continued migration to Vitest and modernised CI/test harnesses. (#7484, #7489, #7498)
  • Build/Lint Stack: Rollup, ESLint, TypeScript, and related dev-dependency updates. (#7508, #7509, #7522)
  • Documentation: Clarified JSON parsing and adapter-related docs/comments. (#7398, #7460, #7478)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

Full Changelog: v1.13.6...v1.14.0

v1.13.6

This release focuses on platform compatibility, error handling improvements, and code quality maintenance.

⚠️ Important Changes

  • Breaking Changes: None identified in this release.
  • Action Required: Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.

🚀 New Features

  • React Native Blob Support: Axios now includes support for React Native Blob objects. Thanks to @​moh3n9595 for the initial implementation. (#5764)
  • Code Quality: Implemented prettier across the codebase and resolved associated formatting issues. (#7385)

🐛 Bug Fixes

  • Environment Compatibility:
    • Fixed module exports for React Native and Browserify environments. (#7386)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates postcss from 8.5.6 to 8.5.8

Release notes

Sourced from postcss's releases.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Changelog

Sourced from postcss's changelog.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Commits

Updates vue from 3.5.27 to 3.5.31

Release notes

Sourced from vue's releases.

v3.5.31

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.30

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.29

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.28

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.31 (2026-03-25)

Bug Fixes

  • compiler-sfc: allow Node.js subpath imports patterns in asset urls (#13045) (95c3356), closes #9919
  • compiler-sfc: support template literal as defineModel name (#14622) (bd7eef0), closes #14621
  • reactivity: normalize toRef property keys before dep lookup + improve types (#14625) (1bb28d0), closes #12427 #12431
  • runtime-core: invalidate detached v-for memo vnodes after unmount (#14624) (560def4), closes #12708 #12710
  • runtime-core: preserve nullish event handlers in mergeProps (#14550) (5725222)
  • runtime-core: prevent merging model listener when value is null or undefined (#14629) (b39e032)
  • runtime-dom: defer teleport mount/update until suspense resolves (#8619) (88ed045), closes #8603
  • runtime-dom: handle activeElement check in Shadow DOM for v-model (#14196) (959ded2)
  • server-renderer: cleanup component effect scopes after SSR render (#14548) (862f11e)
  • suspense: avoid unmount activeBranch twice if wrapped in transition (#9392) (908c6ad), closes #7966
  • suspense: update suspense vnode's el during branch self-update (#12922) (a2c1700), closes #12920
  • transition: skip enter guard while hmr updating (#14611) (be0a2f1), closes #14608
  • types: prevent shallowReactive marker from leaking into value unions (#14493) (3b561db), closes #14490

3.5.30 (2026-03-09)

Bug Fixes

  • compat: add entities to @​vue/compat deps to fix CJS edge cases (#12514) (e725a67), closes #10609
  • custom-element: ensure child component styles are injected in correct order before parent styles (#13374) (1398bf8), closes #13029
  • custom-element: properly locate parent when slotted in shadow dom (#12480) (f06c81a), closes #12479
  • custom-element: should properly patch as props for vue custom elements (#12409) (740983e), closes #12408
  • reactivity: avoid duplicate raw/proxy entries in Set.add (#14545) (d943612)
  • reactivity: fix reduce on reactive arrays to preserve reactivity (#12737) (16ef165), closes #12735
  • reactivity: handle Set with initial reactive values edge case (#12393) (5dc27ca), closes #8647
  • runtime-core: warn about negative number in v-for (#12308) (9438cc5)
  • ssr: prevent watch from firing after async setup await (#14547) (6cda71d), closes #14546
  • types: make generics with runtime props in defineComponent work (fix #11374) (#13119) (cea3cf7), closes #13763
  • types: narrow useAttrs class/style typing for TSX (#14492) (bbb8977), closes #14489

3.5.29 (2026-02-24)

Bug Fixes

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps-dev): bump the default-group group with 4 updates
e1ca088 
Bumps the default-group group with 4 updates: [autoprefixer](https://github.com/postcss/autoprefixer), [axios](https://github.com/axios/axios), [postcss](https://github.com/postcss/postcss) and [vue](https://github.com/vuejs/core).


Updates `autoprefixer` from 10.4.23 to 10.4.27
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@10.4.23...10.4.27)

Updates `axios` from 1.13.3 to 1.14.0
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.13.3...v1.14.0)

Updates `postcss` from 8.5.6 to 8.5.8
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.8)

Updates `vue` from 3.5.27 to 3.5.31
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.27...v3.5.31)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-version: 10.4.27
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: default-group
- dependency-name: axios
  dependency-version: 1.14.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: default-group
- dependency-name: postcss
  dependency-version: 8.5.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: default-group
- dependency-name: vue
  dependency-version: 3.5.31
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: default-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 30, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 6, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 6, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/default-group-18c78037ee branch April 6, 2026 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants