Skip to content

Bump the production-dependencies group with 4 updates#21

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-917ddf1f98
Closed

Bump the production-dependencies group with 4 updates#21
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/production-dependencies-917ddf1f98

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Apr 6, 2026
edited
Loading

Bumps the production-dependencies group with 4 updates: @clack/prompts, citty, defu and undici.

Updates @clack/prompts from 1.1.0 to 1.2.0

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.2.0

Minor Changes

  • 9786226: Externalize fast-string-width and fast-wrap-ansi to avoid double dependencies
  • 090902c: Adds date prompt with format support (YMD, MDY, DMY)

Patch Changes

  • 134a1a1: Fix the path prompt so directory: true correctly enforces directory-only selection while still allowing directory navigation, and add regression tests for both directory and default file selection behavior.
  • bdf89a5: Adds placeholder option to autocomplete. When the placeholder is set and the input is empty, pressing tab will set the value to placeholder.
  • 336495a: Apply guide to wrapped multi-line messages in confirm prompt.
  • 9fe8de6: Respect withGuide: false in autocomplete and multiselect prompts.
  • 29a50cb: Fix path directory mode so pressing Enter with an existing directory initialValue submits that current directory instead of the first child option, and add regression coverage for immediate submit and child-directory navigation.
  • Updated dependencies [9786226]
  • Updated dependencies [bdf89a5]
  • Updated dependencies [417b451]
  • Updated dependencies [090902c]
    • @​clack/core@​1.2.0
Changelog

Sourced from @​clack/prompts's changelog.

1.2.0

Minor Changes

  • 9786226: Externalize fast-string-width and fast-wrap-ansi to avoid double dependencies
  • 090902c: Adds date prompt with format support (YMD, MDY, DMY)

Patch Changes

  • 134a1a1: Fix the path prompt so directory: true correctly enforces directory-only selection while still allowing directory navigation, and add regression tests for both directory and default file selection behavior.
  • bdf89a5: Adds placeholder option to autocomplete. When the placeholder is set and the input is empty, pressing tab will set the value to placeholder.
  • 336495a: Apply guide to wrapped multi-line messages in confirm prompt.
  • 9fe8de6: Respect withGuide: false in autocomplete and multiselect prompts.
  • 29a50cb: Fix path directory mode so pressing Enter with an existing directory initialValue submits that current directory instead of the first child option, and add regression coverage for immediate submit and child-directory navigation.
  • Updated dependencies [9786226]
  • Updated dependencies [bdf89a5]
  • Updated dependencies [417b451]
  • Updated dependencies [090902c]
    • @​clack/core@​1.2.0
Commits
  • aa488fc [ci] release (#482)
  • 9fe8de6 feat: respect withGuide: false in autocomplete and multiselect prompts (#500)
  • 001351e test: specify locale in tests (#497)
  • 336495a fix: correctly wrap multi-line messages in confirm prompt (#495)
  • ffbdcb0 [ci] format
  • fe32e13 ref(dates): adjust date interface (#487)
  • bdf89a5 feat(prompts,core): make autocomplete placeholder tabbable (#485)
  • 52fce8a fix(date): resolve timezone issues in DatePrompt (#486)
  • 090902c feat(core, prompts): add DatePrompt for date input with customizable formats ...
  • 29a50cb fix(prompts): submit initial directory value in path prompt (#484)
  • Additional commits viewable in compare view

Updates citty from 0.2.1 to 0.2.2

Release notes

Sourced from citty's releases.

v0.2.2

compare changes

🚀 Enhancements

  • Support subcommand aliases (#236)
  • Add plugin system (#238)
  • Support default sub command (#156)

🩹 Fixes

  • main: Allow user-defined -h, --help, -v, --version args (#234)
  • Resolve alias value over default (#228)
  • Subcommand resolution incorrectly consumes flag values (#231)
  • Coerce parsed arg values to match declared types (#239)

💅 Refactors

  • Improve usage tips (#198)

📖 Documentation

  • Add usage section (#70)
  • Add example setup and cleanup option (#188)

✅ Tests

  • Reproduce issue with short option (alias) and = (#230)
  • parser: Add regression tests for hyphen-prefixed string values (#171)

❤️ Contributors

Changelog

Sourced from citty's changelog.

v0.2.2

compare changes

🚀 Enhancements

  • Support subcommand aliases (#236)
  • Add plugin system (#238)
  • default: Support default sub command (#156)

🩹 Fixes

  • main: Allow user-defined -h, --help, -v, --version args (#234)
  • Resolve alias value over default (#228)
  • Subcommand resolution incorrectly consumes flag values (#231)
  • Coerce parsed arg values to match declared types (#239)

💅 Refactors

  • Improve usage tips (#198)

📖 Documentation

  • Add usage section (#70)
  • Add example setup and cleanup option (#188)

🏡 Chore

✅ Tests

  • Reproduce issue with short option (alias) and = (#230)
  • parser: Add regression tests for hyphen-prefixed string values (#171)

❤️ Contributors

... (truncated)

Commits

Updates defu from 6.1.4 to 6.1.6

Release notes

Sourced from defu's releases.

v6.1.6

compare changes

📦 Build

v6.1.5

compare changes

🩹 Fixes

  • Prevent prototype pollution via __proto__ in defaults (#156)
  • Ignore inherited enumerable properties (11ba022)

✅ Tests

  • Add more tests for plain objects (b65f603)

❤️ Contributors

Changelog

Sourced from defu's changelog.

v6.1.6

compare changes

📦 Build

❤️ Contributors

v6.1.5

compare changes

🩹 Fixes

  • Prevent prototype pollution via __proto__ in defaults (#156)
  • Ignore inherited enumerable properties (11ba022)

🏡 Chore

✅ Tests

  • Add more tests for plain objects (b65f603)

🤖 CI

❤️ Contributors

Commits
  • 001c290 chore(release): v6.1.6
  • 407b516 build: fix mixed types
  • 23e59e6 chore(release): v6.1.5
  • 11ba022 fix: ignore inherited enumerable properties
  • 3942bfb fix: prevent prototype pollution via __proto__ in defaults (#156)
  • d3ef16d chore(deps): update actions/checkout action to v6 (#151)
  • 869a053 chore(deps): update actions/setup-node action to v6 (#149)
  • a97310c chore(deps): update codecov/codecov-action action to v6 (#154)
  • 89df6bb chore: fix typecheck
  • 9237d9c ci: bump node
  • Additional commits viewable in compare view

Updates undici from 7.24.6 to 8.0.2

Release notes

Sourced from undici's releases.

v8.0.2

What's Changed

Full Changelog: nodejs/undici@v8.0.1...v8.0.2

v8.0.1

What's Changed

New Contributors

Full Changelog: nodejs/undici@v7.24.7...v8.0.1

v8.0.0

What's Changed

Full Changelog: nodejs/undici@v7.24.7...v8.0.0

v7.24.7

What's Changed

... (truncated)

Commits
  • 9c24204 Bumped v8.0.2
  • 45bd838 Revert "Reapply "fix: assume http/https scheme for scheme-less proxy env vars...
  • d7b4feb ci: reenable shared builtin CI tests
  • 48c7cf3 fix: release ref (#4965)
  • 58ef10d fix(websocket): fallback to HTTP/1.1 when H2 CONNECT is unavailable (#4966)
  • 490cbc6 Bumped v8.0.1 (#4964)
  • 49ded6d fix(websocket/stream): only enqueue parsed messages in WebSocketStream (#4959)
  • ced6b01 fix: mirror the legacy global dispatcher for built-in fetch (#4962)
  • dc4351a doc: remove duplicate listItem of RetryHandler.md & RetryHandler.md (#4948)
  • 1548c18 build(deps): bump hendrikmuhs/ccache-action from 1.2.19 to 1.2.22 (#4954)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the production-dependencies group with 4 updates
5f14765 
Bumps the production-dependencies group with 4 updates: [@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts), [citty](https://github.com/unjs/citty), [defu](https://github.com/unjs/defu) and [undici](https://github.com/nodejs/undici).


Updates `@clack/prompts` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/bombshell-dev/clack/releases)
- [Changelog](https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md)
- [Commits](https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.2.0/packages/prompts)

Updates `citty` from 0.2.1 to 0.2.2
- [Release notes](https://github.com/unjs/citty/releases)
- [Changelog](https://github.com/unjs/citty/blob/main/CHANGELOG.md)
- [Commits](unjs/citty@v0.2.1...v0.2.2)

Updates `defu` from 6.1.4 to 6.1.6
- [Release notes](https://github.com/unjs/defu/releases)
- [Changelog](https://github.com/unjs/defu/blob/main/CHANGELOG.md)
- [Commits](unjs/defu@v6.1.4...v6.1.6)

Updates `undici` from 7.24.6 to 8.0.2
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v7.24.6...v8.0.2)

---
updated-dependencies:
- dependency-name: "@clack/prompts"
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: citty
  dependency-version: 0.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: defu
  dependency-version: 6.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: undici
  dependency-version: 8.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 6, 2026
@dependabot dependabot bot requested a review from vcode-sh as a code owner April 6, 2026 18:20
@dependabot @github
Copy link
Copy Markdown
Author

dependabot bot commented on behalf of github Apr 13, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 13, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/production-dependencies-917ddf1f98 branch April 13, 2026 19:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vcode-sh vcode-sh Awaiting requested review from vcode-sh vcode-sh is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants