Skip to content

chore(deps-dev): Bump the npm group with 3 updates#71

Merged
wochinge merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-19fbb27ea3
Jun 30, 2026
Merged

chore(deps-dev): Bump the npm group with 3 updates#71
wochinge merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-19fbb27ea3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm group with 3 updates: @langfuse/client, @typescript-eslint/eslint-plugin and @typescript-eslint/parser.

Updates @langfuse/client from 5.5.3 to 5.6.0

Release notes

Sourced from @​langfuse/client's releases.

v5.6.0

What's Changed

Full Changelog: langfuse/langfuse-js@v5.5.3...v5.6.0

Commits

Updates @typescript-eslint/eslint-plugin from 8.61.1 to 8.62.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.62.0

8.62.0 (2026-06-22)

🚀 Features

  • remove redundant package.json "files" (#12444)

🩹 Fixes

  • add "files" to rule-schema-to-typescript-types (#12441)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.62.0 (2026-06-22)

🚀 Features

  • remove redundant package.json "files" (#12444)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

Updates @typescript-eslint/parser from 8.61.1 to 8.62.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.62.0

8.62.0 (2026-06-22)

🚀 Features

  • remove redundant package.json "files" (#12444)

🩹 Fixes

  • add "files" to rule-schema-to-typescript-types (#12441)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.62.0 (2026-06-22)

🚀 Features

  • remove redundant package.json "files" (#12444)

❤️ Thank You

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm group with 3 updates: [@langfuse/client](https://github.com/langfuse/langfuse-js/tree/HEAD/packages/client), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) and [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser).


Updates `@langfuse/client` from 5.5.3 to 5.6.0
- [Release notes](https://github.com/langfuse/langfuse-js/releases)
- [Changelog](https://github.com/langfuse/langfuse-js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/langfuse/langfuse-js/commits/v5.6.0/packages/client)

Updates `@typescript-eslint/eslint-plugin` from 8.61.1 to 8.62.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.61.1 to 8.62.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@langfuse/client"
  dependency-version: 5.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 30, 2026

@claude claude Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — Dependabot minor/patch bumps to dev-only deps with clean release notes.

Extended reasoning...

Overview

This PR is a Dependabot grouped update touching only package.json and pnpm-lock.yaml. It bumps three devDependencies: @langfuse/client 5.5.3 → 5.6.0 (minor), and @typescript-eslint/eslint-plugin and @typescript-eslint/parser 8.61.1 → 8.62.0 (minor). No source files are modified.

Security risks

Low. All bumps are minor/patch and stay within the same major. The typescript-eslint 8.62.0 release notes describe a non-functional 'remove redundant package.json files' change. @langfuse/client 5.6.0 adds multimodal dataset support and an API spec sync — and it's a devDependency here (used in tests/scripts), not bundled into the shipped action via ncc, so even if behavior changed, runtime blast radius is limited to local CI tooling.

Level of scrutiny

Low. This is a routine, grouped Dependabot bump — exactly the class of change suited for shadow-approval. No production code paths are affected, no API or behavior changes for the action's runtime, and no CODEOWNER-protected logic is touched.

Other factors

No bugs were flagged by the bug hunting system. No prior reviewer comments to address. CI checks will catch any incidental breakage from the typescript-eslint or langfuse client updates.

@github-actions

github-actions Bot commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Experiment Results: 08d9b88

Experiment Status Actions
Uppercase (py) ✅ Pass View GitHub Action Run · View in Langfuse
Uppercase (ts) ✅ Pass View GitHub Action Run · View in Langfuse
Mixed dir (node) ✅ Pass View GitHub Action Run · View in Langfuse
Mixed dir (python) ✅ Pass View GitHub Action Run · View in Langfuse
Regression fixture ❌ Regression View GitHub Action Run · View in Langfuse

Details

✅ Uppercase (py) (Source)
Score Value
avg_accuracy 1.000
Item results (3)
Item Input Expected Output exact_match
1 langfuse LANGFUSE LANGFUSE 1.000
2 world WORLD WORLD 1.000
3 hello HELLO HELLO 1.000
✅ Uppercase (ts) (Source)
Score Value
avg_accuracy 1.000
Item results (3)
Item Input Expected Output exact_match
1 langfuse LANGFUSE LANGFUSE 1.000
2 world WORLD WORLD 1.000
3 hello HELLO HELLO 1.000
✅ Mixed dir (node) (Source)
Score Value
avg_accuracy 1.000
Item results (3)
Item Input Expected Output exact_match
1 langfuse LANGFUSE LANGFUSE 1.000
2 world WORLD WORLD 1.000
3 hello HELLO HELLO 1.000
✅ Mixed dir (python) (Source)
Score Value
avg_accuracy 1.000
Item results (3)
Item Input Expected Output exact_match
1 langfuse LANGFUSE LANGFUSE 1.000
2 world WORLD WORLD 1.000
3 hello HELLO HELLO 1.000
❌ Regression fixture (Source)

RegressionError: synthetic regression triggered by e2e fixture

Item results (3)
Item Input Expected Output exact_match
1 langfuse LANGFUSE LANGFUSE 1.000
2 world WORLD WORLD 1.000
3 hello HELLO HELLO 1.000

@wochinge wochinge merged commit 7b77219 into main Jun 30, 2026
14 checks passed
@wochinge wochinge deleted the dependabot/npm_and_yarn/npm-19fbb27ea3 branch June 30, 2026 11:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant