Skip to content

Bump jasmine-core from 5.1.1 to 6.3.0#62

Merged
DeepDiver1975 merged 1 commit into
masterfrom
dependabot/npm_and_yarn/jasmine-core-6.3.0
Jul 14, 2026
Merged

Bump jasmine-core from 5.1.1 to 6.3.0#62
DeepDiver1975 merged 1 commit into
masterfrom
dependabot/npm_and_yarn/jasmine-core-6.3.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 12, 2026

Copy link
Copy Markdown
Contributor

Bumps jasmine-core from 5.1.1 to 6.3.0.

Release notes

Sourced from jasmine-core's releases.

6.3.0

Please see the release notes.

v6.2.0

Please see the release notes.

v6.1.0

Please see the release notes.

v6.0.1

Please see the release notes.

v6.0.0

Please see the release notes.

v6.0.0-beta.1

Please see the release notes.

v6.0.0-beta.0

Please see the release notes.

v6.0.0-alpha.2

Please see the release notes.

v6.0.0-alpha.1

Please see the release notes.

v6.0.0-alpha.0

Please see the release notes.

v5.13.0

Please see the release notes.

v5.12.1

Please see the release notes.

v5.12.0

Please see the release notes.

v5.11.0

Please see the release notes.

v5.10.0

Please see the release notes.

v5.9.0

Please see the release notes.

v5.8.0

Please see the release notes.

... (truncated)

Commits
  • c2ead64 Bump version to 6.3.0
  • 05fd5cb Bump version to 6.2.1
  • f1a4ccf Improve spec name
  • f41dc6a Merge branch 'fix/xdescribe-pending-reason' of github.com:Aryannaik-max/jasmine
  • 91a9e97 test: ensure pendingReason survives reset in xdescribe test
  • ddde63a fix: add pendingReason message for xdescribe
  • fc88950 Run eslint and prettier after tests even if ignore-scripts=true
  • 6166a03 Check in package-lock.json
  • 031ffc8 Copy 7.0.0-pre.1 release notes from branch
  • b05ea4b Bump version to 6.2.0
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 12, 2026
@DeepDiver1975

Copy link
Copy Markdown
Member

Holding: CI is failing (not a rebase conflict). Failing: lint. A rebase won't fix this — needs a human/upstream fix.

@DeepDiver1975

Copy link
Copy Markdown
Member

@dependabot rebase

Bumps [jasmine-core](https://github.com/jasmine/jasmine) from 5.1.1 to 6.3.0.
- [Release notes](https://github.com/jasmine/jasmine/releases)
- [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md)
- [Commits](jasmine/jasmine@v5.1.1...v6.3.0)

---
updated-dependencies:
- dependency-name: jasmine-core
  dependency-version: 6.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/jasmine-core-6.3.0 branch from 7bc89b6 to d484ac5 Compare July 13, 2026 13:40
@dependabot dependabot Bot requested a review from a team as a code owner July 13, 2026 13:40

@DeepDiver1975 DeepDiver1975 left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependabot bump; test suite green. Only the non-required conventional-commit-title lint fails. Approving.

@DeepDiver1975 DeepDiver1975 merged commit 690c628 into master Jul 14, 2026
1 of 2 checks passed
@DeepDiver1975 DeepDiver1975 deleted the dependabot/npm_and_yarn/jasmine-core-6.3.0 branch July 14, 2026 19:10
phil-davis pushed a commit that referenced this pull request Jul 15, 2026
All alerts are transitive devDependencies; resolved via `npm audit fix`
(no --force, no direct-dependency major bumps). package.json unchanged.

- body-parser -> 1.20.6 (GHSA, needs >= 1.20.3) #44
- braces -> 3.0.3 (needs >= 3.0.3) #40
- cookie -> 0.7.2 (needs >= 0.7.0) #45
- flatted -> 3.4.2 (prototype pollution, needs >= 3.4.2) #62
- follow-redirects -> 1.16.0 (needs >= 1.16.0/1.15.6/1.15.4) #69 #39 #38
- lodash -> 4.18.1 (code injection + prototype pollution, needs >= 4.18.0/4.17.23) #68 #67 #52
- minimatch -> 3.1.5 (ReDoS, needs >= 3.1.3) #59
- picomatch -> 2.3.2 (needs >= 2.3.2) #64
- qs -> 6.15.3 (DoS, needs >= 6.14.2/6.14.1) #55 #49
- tmp -> 0.2.7 (path traversal, needs >= 0.2.6/0.2.4) #71 #47
- ws -> 8.21.1 (DoS, needs >= 8.21.0/8.17.1) #72 #41

npm audit reports 0 vulnerabilities. Test suite (Karma, 21 tests)
passes. Note: lockfileVersion bumped 1 -> 3 as npm 10 regenerated the
lockfile; CI runs `npm ci` on Node 20 which supports v3.

Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant