Skip to content

chore(deps): bump protobufjs from 7.5.4 to 8.0.1#840

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/protobufjs-8.0.1
Closed

chore(deps): bump protobufjs from 7.5.4 to 8.0.1#840
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/protobufjs-8.0.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 14, 2026
edited
Loading

Bumps protobufjs from 7.5.4 to 8.0.1.

Release notes

Sourced from protobufjs's releases.

protobufjs: v8.0.1

8.0.1 (2026-03-11)

Bug Fixes

  • bump protobufjs dependency version for cli package (#2128) (549b05e)
  • correct json syntax in tsconfig.json (#2120) (8065625)
  • descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
  • do not allow setting proto in Message constructor (#2126) (f05e3c3)
  • filter invalid characters from the type name (#2127) (535df44)

protobufjs: v8.0.0

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

  • add Edition 2024 Support (#2060)

Features

protobufjs: v7.5.8

7.5.8 (2026-05-12)

Bug Fixes

protobufjs: v7.5.7

7.5.7 (2026-05-09)

Bug Fixes

protobufjs: v7.5.6

7.5.6 (2026-04-27)

Bug Fixes

  • Backport input hardening and CLI fixes to 7.x (#2173) (75392ea)

v7.5.5

This release backports two reported security issues to 7.x branch.

... (truncated)

Changelog

Sourced from protobufjs's changelog.

8.0.1 (2026-03-11)

Bug Fixes

  • bump protobufjs dependency version for cli package (#2128) (549b05e)
  • correct json syntax in tsconfig.json (#2120) (8065625)
  • descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
  • do not allow setting proto in Message constructor (#2126) (f05e3c3)
  • filter invalid characters from the type name (#2127) (535df44)

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

  • add Edition 2024 Support (#2060)

Features

Commits
Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.

@dependabot dependabot Bot requested a review from EmersonBraun as a code owner May 14, 2026 18:12
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 14, 2026
@vercel
Copy link
Copy Markdown

vercel Bot commented May 14, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment
Project Deployment Actions Updated (UTC)
agentskit-doc Ignored Ignored Preview May 14, 2026 7:20pm

@dependabot
chore(deps): bump protobufjs from 7.5.4 to 8.0.1
7a692f6 
Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 7.5.4 to 8.0.1.
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v8.0.1)

---
updated-dependencies:
- dependency-name: protobufjs
  dependency-version: 8.0.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/protobufjs-8.0.1 branch from 741a8e6 to 7a692f6 Compare May 14, 2026 19:16
@EmersonBraun EmersonBraun mentioned this pull request May 14, 2026
Merged
4 tasks
@EmersonBraun
Copy link
Copy Markdown
Collaborator

EmersonBraun commented May 14, 2026

Superseded by #861 — full dependency sweep batches this in a single coherent update. Closing to keep the backlog tidy.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 14, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@EmersonBraun EmersonBraun deleted the dependabot/npm_and_yarn/protobufjs-8.0.1 branch May 14, 2026 20:45
EmersonBraun added a commit that referenced this pull request May 14, 2026
@EmersonBraun
chore(deps): full dependency sweep + GH Actions bump (#861)
f538705 
* chore(deps): sweep dependencies + bump pinned GitHub Actions

Replaces dependabot PRs #837, #838, #840, #848, #849, #850, #851, #852,
#853, #854, #855, #856, #857, #858, #859 with a single coherent bump.

- pnpm up -r --latest across all workspaces (npm deps, dev deps).
  Pinned packages/ink → marked ^15 (marked-terminal 7.3.0 peer requires
  marked >=1 <16).
- GitHub Actions (pinned to commit SHAs with version comment):
    actions/setup-node                 v4 → v6.4.0
    actions/upload-artifact            v4 → v7.0.1
    actions/cache                      v4 → v5.0.5
    actions/dependency-review-action   v4 → v5.0.0
    github/codeql-action               v3.27.0 → v4.35.4
- All 37 workspace tests pass, all packages build, tsc --noEmit clean.

* chore(changeset): record deps-sweep patch bump across packages
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@EmersonBraun EmersonBraun Awaiting requested review from EmersonBraun EmersonBraun is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@EmersonBraun