Skip to content

Bump syncpack from 14.3.1 to 15.3.1#1276

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/syncpack-15.3.1
Closed

Bump syncpack from 14.3.1 to 15.3.1#1276
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/syncpack-15.3.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 26, 2026

Copy link
Copy Markdown
Contributor

Bumps syncpack from 14.3.1 to 15.3.1.

Release notes

Sourced from syncpack's releases.

15.3.1

15.3.1 (2026-05-19)

Bug Fixes

  • types: update typescript types for 5.3.0 (82a435b)

15.3.0

15.3.0 (2026-05-18)

Adds a new Range Only Version Group to close the gap left behind by lint-semver-ranges and set-semver-ranges prior to the Rust rewrite in syncpack v14.

This version group loosens syncpack to only enforce that every dependency uses the semver range prefix required by its semver group, ^, ~, exact, etc. and ignores the version number. This is useful when you want to standardise how packages pin their dependencies, but are otherwise not ready or don't want to enforce a specific version they all should use.

Features

  • groups: add range only version group (a9d511a)
  • update: only list selected updates in summary (63d17e5)

15.2.0

15.2.0 (2026-05-17)

The main changes are 2 new config properties:

  • An optional severity property on Version Groups, to override the default behaviour of each status code to fix, error, or warn (requested by #325 and #216).
  • An optional sourceMode config lets you extend the package.json files discovered via your package manager, instead of the default of replace.

Features

  • config: allow autofix to be optionally disabled (d589d3e), closes #325 #216
  • config: allow other .json files when explicitly set (5c83a60), closes #333
  • config: allow sources to append rather than replace (99cc046), closes #205

Bug Fixes

  • cargo: update dependencies (8aea6d1)
  • glob: match globs and gitignore correctly (df700d8), closes #334

15.1.2

15.1.2 (2026-05-10)

This release adds a new syncpack update --interactive option, a 30 minute TTL cache which can be skipped with a new syncpack update --no-cache option, and Update Groups to set policies for if and how various dependencies should be updated.

Features

  • config: add updateGroups to set registry update policies (bd7573e), closes #244
  • update: add --interactive prompt (8b1334a)
  • update: cache registry responses for 30mins (08bd28c)

Bug Fixes

... (truncated)

Changelog

Sourced from syncpack's changelog.

15.3.1 (2026-05-19)

Bug Fixes

  • types: update typescript types for 5.3.0 (82a435b)

15.3.0 (2026-05-18)

Features

  • groups: add range only version group (a9d511a)
  • update: only list selected updates in summary (63d17e5)

15.2.0 (2026-05-17)

Features

  • config: allow autofix to be optionally disabled (d589d3e), closes #325 #216
  • config: allow other .json files when explicitly set (5c83a60), closes #333
  • config: allow sources to append rather than replace (99cc046), closes #205

Bug Fixes

  • cargo: update dependencies (8aea6d1)
  • glob: match globs and gitignore correctly (df700d8), closes #334

15.1.2 (2026-05-10)

Bug Fixes

  • npm: forward stdio correctly to binary (87be440)

15.1.1 (2026-05-10)

Features

  • config: add updateGroups to set registry update policies (bd7573e), closes #244
  • update: add --interactive prompt (8b1334a)
  • update: cache registry responses for 30mins (08bd28c)

Bug Fixes

  • cargo: update dependencies (f99d54f)
  • github: fix release pipeline (9a38e9e)

15.0.0 (2026-05-04)

⚠ BREAKING CHANGES

... (truncated)

Commits
  • 078dc6c chore(release): 15.3.1
  • 82a435b fix(types): update typescript types for 5.3.0
  • fc47d81 docs(site): add a what's new guide
  • 553582a chore(release): 15.3.0
  • 63d17e5 feat(update): only list selected updates in summary
  • 8d63fbe style(site): format config
  • 1bde497 chore(site): add missing link aliases
  • f3a0957 chore(site): ensure links have trailing slash
  • a9d511a feat(groups): add range only version group
  • d0d083f chore(core): remove unused dependencies
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump syncpack from 14.3.1 to 15.3.1
daea5b4 
Bumps [syncpack](https://github.com/JamieMason/syncpack) from 14.3.1 to 15.3.1.
- [Release notes](https://github.com/JamieMason/syncpack/releases)
- [Changelog](https://github.com/JamieMason/syncpack/blob/main/CHANGELOG.md)
- [Commits](JamieMason/syncpack@14.3.1...15.3.1)

---
updated-dependencies:
- dependency-name: syncpack
  dependency-version: 15.3.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies javascript Pull requests that update javascript code labels May 26, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #1286.

@dependabot dependabot Bot closed this Jun 16, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/syncpack-15.3.1 branch June 16, 2026 04:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants