Update dependencies by vio · Pull Request #501 · relative-ci/rollup-plugin-stats

vio · 2026-03-13T20:56:09Z

Summary by CodeRabbit

Chores
- Updated CI/CD workflow to use the latest version of the artifact download action
- Bumped development dependencies to their latest releases

Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 16.3.1 to 16.3.2. - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v16.3.1...v16.3.2) --- updated-dependencies: - dependency-name: lint-staged dependency-version: 16.3.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/lint-staged-16.3.2 build(deps-dev): bump lint-staged from 16.3.1 to 16.3.2

Bumps [memfs](https://github.com/streamich/memfs) from 4.56.10 to 4.56.11. - [Release notes](https://github.com/streamich/memfs/releases) - [Changelog](https://github.com/streamich/memfs/blob/master/CHANGELOG.md) - [Commits](streamich/memfs@v4.56.10...v4.56.11) --- updated-dependencies: - dependency-name: memfs dependency-version: 4.56.11 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/memfs-4.56.11 build(deps-dev): bump memfs from 4.56.10 to 4.56.11

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.3.3 to 25.3.5. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.3.5 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/types/node-25.3.5 build(deps-dev): bump @types/node from 25.3.3 to 25.3.5

Bumps the eslint group with 1 update: [eslint](https://github.com/eslint/eslint). Updates `eslint` from 10.0.2 to 10.0.3 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.0.2...v10.0.3) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: eslint ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/eslint-798041d518 build(deps-dev): bump eslint from 10.0.2 to 10.0.3 in the eslint group

Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.56.1 to 8.57.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.0/packages/typescript-eslint) --- updated-dependencies: - dependency-name: typescript-eslint dependency-version: 8.57.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [lint-staged](https://github.com/lint-staged/lint-staged) from 16.3.2 to 16.3.3. - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v16.3.2...v16.3.3) --- updated-dependencies: - dependency-name: lint-staged dependency-version: 16.3.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/lint-staged-16.3.3 build(deps-dev): bump lint-staged from 16.3.2 to 16.3.3

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 8.0.0 to 8.0.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v8.0.0...v8.0.1) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…date-dependencies/actions/download-artifact-8.0.1 build(deps): bump actions/download-artifact from 8.0.0 to 8.0.1

Bumps [tsdown](https://github.com/rolldown/tsdown) from 0.20.3 to 0.21.2. - [Release notes](https://github.com/rolldown/tsdown/releases) - [Commits](rolldown/tsdown@v0.20.3...v0.21.2) --- updated-dependencies: - dependency-name: tsdown dependency-version: 0.21.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 4.0.18 to 4.1.0. - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest) --- updated-dependencies: - dependency-name: vitest dependency-version: 4.1.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.3.5 to 25.5.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/typescript-eslint-8.57.0 build(deps-dev): bump typescript-eslint from 8.56.1 to 8.57.0

…te-dependencies/tsdown-0.21.2 build(deps-dev): bump tsdown from 0.20.3 to 0.21.2

…te-dependencies/vitest-4.1.0 build(deps-dev): bump vitest from 4.0.18 to 4.1.0

…te-dependencies/types/node-25.5.0 build(deps-dev): bump @types/node from 25.3.5 to 25.5.0

CLAassistant · 2026-03-13T20:56:16Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

coderabbitai · 2026-03-13T20:56:44Z

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2cd157e3-3ec5-4b88-b00b-9af200cf549f

📥 Commits

Reviewing files that changed from the base of the PR and between 7d04584 and 518b6c8.

⛔ Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

.github/workflows/ci.yml
package.json

Walkthrough

This pull request updates project dependencies in two files. The .github/workflows/ci.yml file updates the actions/download-artifact GitHub Action from v8.0.0 to v8.0.1. The package.json file updates seven devDependencies: @types/node, eslint, lint-staged, memfs, tsdown, typescript-eslint, and vitest to their latest available versions. No logic or behavioral changes are present in the codebase.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

Update dependencies #419: Updates both CI workflow actions (including actions/download-artifact) and devDependencies with overlapping package changes.
Update dependencies #321: Updates devDependencies in package.json with overlapping packages such as @types/node, eslint, and typescript-eslint.
Update dependencies #403: Performs dependency bumps in package.json and updates GitHub Action version pins in CI workflows simultaneously.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change in the pull request, which consists of version bumps to devDependencies and GitHub Actions versions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch update-dependencies

📝 Coding Plan

Generate coding plan for human review comments

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can generate a title for your PR based on the changes with custom instructions.

Set the reviews.auto_title_instructions setting to generate a title for your PR based on the changes in the PR with custom instructions.

socket-security · 2026-03-13T20:56:48Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
typescript-eslint@8.56.1 ⏵ 8.57.0
rolldown@1.0.0-rc.3 ⏵ 1.0.0-rc.9		⁺¹
vitest@4.0.18 ⏵ 4.1.0		⁺¹
@types/node@25.3.3 ⏵ 25.5.0	⁺¹	⁺¹
tsdown@0.20.3 ⏵ 0.21.2		⁺¹	⁺¹
eslint@10.0.2 ⏵ 10.0.3	⁺¹
@release-it/conventional-changelog@10.0.5 ⏵ 10.0.6			⁺³
memfs@4.56.10 ⏵ 4.56.11			⁺²
lint-staged@16.3.1 ⏵ 16.3.3	⁺¹		⁺²

View full report

Bumps [@release-it/conventional-changelog](https://github.com/release-it/conventional-changelog) from 10.0.5 to 10.0.6. - [Release notes](https://github.com/release-it/conventional-changelog/releases) - [Commits](release-it/conventional-changelog@10.0.5...10.0.6) --- updated-dependencies: - dependency-name: "@release-it/conventional-changelog" dependency-version: 10.0.6 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…te-dependencies/release-it/conventional-changelog-10.0.6 build(deps-dev): bump @release-it/conventional-changelog from 10.0.5 to 10.0.6

dependabot Bot and others added 20 commits March 4, 2026 02:04

Merge pull request #487 from relative-ci/dependabot/npm_and_yarn/upda…

3379618

…te-dependencies/lint-staged-16.3.2 build(deps-dev): bump lint-staged from 16.3.1 to 16.3.2

Merge pull request #488 from relative-ci/dependabot/npm_and_yarn/upda…

e50038b

…te-dependencies/memfs-4.56.11 build(deps-dev): bump memfs from 4.56.10 to 4.56.11

Merge pull request #490 from relative-ci/dependabot/npm_and_yarn/upda…

892bf01

…te-dependencies/types/node-25.3.5 build(deps-dev): bump @types/node from 25.3.3 to 25.3.5

Merge pull request #491 from relative-ci/dependabot/npm_and_yarn/upda…

ac85e29

…te-dependencies/eslint-798041d518 build(deps-dev): bump eslint from 10.0.2 to 10.0.3 in the eslint group

Merge pull request #495 from relative-ci/dependabot/npm_and_yarn/upda…

b150200

…te-dependencies/lint-staged-16.3.3 build(deps-dev): bump lint-staged from 16.3.2 to 16.3.3

Merge pull request #496 from relative-ci/dependabot/github_actions/up…

808b690

…date-dependencies/actions/download-artifact-8.0.1 build(deps): bump actions/download-artifact from 8.0.0 to 8.0.1

Merge pull request #494 from relative-ci/dependabot/npm_and_yarn/upda…

e327029

…te-dependencies/typescript-eslint-8.57.0 build(deps-dev): bump typescript-eslint from 8.56.1 to 8.57.0

Merge pull request #497 from relative-ci/dependabot/npm_and_yarn/upda…

fac4f8e

…te-dependencies/tsdown-0.21.2 build(deps-dev): bump tsdown from 0.20.3 to 0.21.2

Merge pull request #498 from relative-ci/dependabot/npm_and_yarn/upda…

121c1eb

…te-dependencies/vitest-4.1.0 build(deps-dev): bump vitest from 4.0.18 to 4.1.0

Merge pull request #499 from relative-ci/dependabot/npm_and_yarn/upda…

518b6c8

…te-dependencies/types/node-25.5.0 build(deps-dev): bump @types/node from 25.3.5 to 25.5.0

dependabot Bot and others added 2 commits March 13, 2026 21:00

Merge pull request #502 from relative-ci/dependabot/npm_and_yarn/upda…

01d9b18

…te-dependencies/release-it/conventional-changelog-10.0.6 build(deps-dev): bump @release-it/conventional-changelog from 10.0.5 to 10.0.6

vio merged commit 590c272 into master Mar 13, 2026
4 of 5 checks passed

vio deleted the update-dependencies branch March 13, 2026 22:27

coderabbitai Bot mentioned this pull request Mar 25, 2026

Update dependencies #517

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependencies#501

Update dependencies#501
vio merged 22 commits into
masterfrom
update-dependencies

vio commented Mar 13, 2026 •

edited by coderabbitai Bot

Loading

Uh oh!

CLAassistant commented Mar 13, 2026

Uh oh!

coderabbitai Bot commented Mar 13, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Mar 13, 2026 •

edited

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

vio commented Mar 13, 2026 • edited by coderabbitai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary by CodeRabbit

Uh oh!

CLAassistant commented Mar 13, 2026

Uh oh!

coderabbitai Bot commented Mar 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Estimated code review effort

Possibly related PRs

Uh oh!

socket-security Bot commented Mar 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

vio commented Mar 13, 2026 •

edited by coderabbitai Bot

Loading

coderabbitai Bot commented Mar 13, 2026 •

edited

Loading

socket-security Bot commented Mar 13, 2026 •

edited

Loading