Build(deps-dev): bump the npm-development group across 1 directory with 12 updates

[dependabot]

Bumps the npm-development group with 11 updates in the / directory:

Package	From	To
@eslint/compat	2.0.5	2.1.0
@rollup/plugin-commonjs	29.0.2	29.0.3
@types/node	25.6.0	25.9.1
@typescript-eslint/eslint-plugin	8.59.0	8.60.1
eslint-import-resolver-typescript	4.4.4	4.4.5
eslint-plugin-prettier	5.5.5	5.5.6
globals	17.5.0	17.6.0
jest	30.3.0	30.4.2
js-yaml	4.1.1	4.2.0
rollup	4.60.2	4.61.0
ts-jest	29.4.9	29.4.11

Updates @eslint/compat from 2.0.5 to 2.1.0

Release notes

Sourced from @​eslint/compat's releases.

compat: v2.1.0

2.1.0 (2026-05-08)

Features

• Add new includeIgnoreFile() to config-helpers (#430) (9b51352)

migrate-config: v2.1.0

2.1.0 (2026-05-08)

Features

• Add new includeIgnoreFile() to config-helpers (#430) (9b51352)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/config-helpers bumped from ^0.5.5 to ^0.6.0

migrate-config: v2.0.7

2.0.7 (2026-05-01)

Bug Fixes

• update espree to the latest (#437) (a8ff72f)

migrate-config: v2.0.6

2.0.6 (2026-04-08)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/compat bumped from ^2.0.4 to ^2.0.5
  • devDependencies
    • @​eslint/core bumped from ^1.2.0 to ^1.2.1

Changelog

Sourced from @​eslint/compat's changelog.

2.1.0 (2026-05-08)

Features

• Add new includeIgnoreFile() to config-helpers (#430) (9b51352)

Commits

• b894953 chore: release main (#446)
• 334038d docs: Update README sponsors
• 9b51352 feat: Add new includeIgnoreFile() to config-helpers (#430)
• 70b6997 docs: Update README sponsors
• 35b6b94 chore: update TypeScript to v6 (#417)
• 7807d71 docs: Update README sponsors
• 57001ea docs: Update README sponsors
• 0b62133 docs: Update README sponsors
• See full diff in compare view

Updates @rollup/plugin-commonjs from 29.0.2 to 29.0.3

Changelog

Sourced from @​rollup/plugin-commonjs's changelog.

v29.0.3

2026-05-29

Bugfixes

• commonjs: make #1868 es5-compatible (#1981)

Commits

• 1e4025b chore(release): commonjs v29.0.3
• 08a5b17 fix(commonjs): make #1868 es5-compatible (#1981)
• 5800bf3 chore(repo): test migration to vitest. phase 4 (#1978)
• See full diff in compare view

Updates @types/node from 25.6.0 to 25.9.1

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.59.0 to 8.60.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.60.1

8.60.1 (2026-06-01)

🩹 Fixes

• eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)
• eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)

❤️ Thank You

• lumir
• Nevette Bailey @​nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.60.0

8.60.0 (2026-05-25)

🚀 Features

• rule-tester: added updates of RuleTester from upstream (#12291)

🩹 Fixes

• playground TS version selector is not working (#12326, #12325)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Vinccool96

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.59.4

8.59.4 (2026-05-18)

🩹 Fixes

• eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)
• project-service: throw error cause in getParsedConfigFileFromTSServer (#12321)
• typescript-eslint: export Compatible* types from typescript-eslint to resolve pnpm TS error (#12340)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Kirk Waiblinger @​kirkwaiblinger

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.60.1 (2026-06-01)

🩹 Fixes

• eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)
• eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)

❤️ Thank You

• lumir
• Nevette Bailey @​nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.60.0 (2026-05-25)

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.4 (2026-05-18)

🩹 Fixes

• eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)

❤️ Thank You

• Evyatar Daud @​StyleShit

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.3 (2026-05-11)

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.2 (2026-05-04)

🩹 Fixes

... (truncated)

Commits

• 4f84a69 chore(release): publish 8.60.1
• 598af56 docs(eslint-plugin): clarify no-redeclare type-value collision not covered by...
• 1849b53 chore: typecheck using tsgo (#12139)
• 5341d59 chore: fix lint issues (#12369)
• f525814 fix(eslint-plugin): [no-shadow] correct rule to match ESLint v10 handling (#1...
• 2df540c chore(eslint-plugin): defer type checks to improve rules performance (#12296)
• 1ab4284 fix(eslint-plugin): respect ECMAScript line terminators in ts-comment rules (...
• 2f49df5 docs: update references to @stylistic/eslint-plugin rules in documentation ...
• f891c29 chore(release): publish 8.60.0
• ca6ca14 chore(release): publish 8.59.4
• Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.59.0 to 8.60.1

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.60.1

8.60.1 (2026-06-01)

🩹 Fixes

• eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)
• eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)

❤️ Thank You

• lumir
• Nevette Bailey @​nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.60.0

8.60.0 (2026-05-25)

🚀 Features

• rule-tester: added updates of RuleTester from upstream (#12291)

🩹 Fixes

• playground TS version selector is not working (#12326, #12325)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Vinccool96

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.59.4

8.59.4 (2026-05-18)

🩹 Fixes

• eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)
• project-service: throw error cause in getParsedConfigFileFromTSServer (#12321)
• typescript-eslint: export Compatible* types from typescript-eslint to resolve pnpm TS error (#12340)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Kirk Waiblinger @​kirkwaiblinger

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.60.1 (2026-06-01)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.60.0 (2026-05-25)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.4 (2026-05-18)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.3 (2026-05-11)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.2 (2026-05-04)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.1 (2026-04-27)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 4f84a69 chore(release): publish 8.60.1
• 1849b53 chore: typecheck using tsgo (#12139)
• f891c29 chore(release): publish 8.60.0
• ca6ca14 chore(release): publish 8.59.4
• 48e13c0 chore(release): publish 8.59.3
• 44f9625 chore(deps): update vitest monorepo to v4.1.5 (#12307)
• 2ec35f1 chore(release): publish 8.59.2
• 5245793 chore(release): publish 8.59.1
• See full diff in compare view

Updates eslint-import-resolver-typescript from 4.4.4 to 4.4.5

Release notes

Sourced from eslint-import-resolver-typescript's releases.

v4.4.5

Patch Changes

• #473 32c61ab Thanks @​leey0818! - fix: check tsconfig matching before using resolver

Changelog

Sourced from eslint-import-resolver-typescript's changelog.

4.4.5

Patch Changes

• #473 32c61ab Thanks @​leey0818! - fix: check tsconfig matching before using resolver

Commits

• 724c47d chore: release eslint-import-resolver-typescript (#480)
• 32c61ab fix: check tsconfig matching before using resolver (#473)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for eslint-import-resolver-typescript since your current version.

Updates eslint-plugin-prettier from 5.5.5 to 5.5.6

Release notes

Sourced from eslint-plugin-prettier's releases.

v5.5.6

Patch Changes

• #791 b5c96a3 Thanks @​JounQin! - chore: bump all (dev)Dependencies

Changelog

Sourced from eslint-plugin-prettier's changelog.

5.5.6

Patch Changes

• #791 b5c96a3 Thanks @​JounQin! - chore: bump all (dev)Dependencies

Commits

• 4f33ea5 chore: release eslint-plugin-prettier (#792)
• 4745b54 ci: declare workflow-level contents: read on 2 workflows (#790)
• b5c96a3 chore: bump all (dev)Dependencies (#791)
• e867680 chore(deps): update all dependencies (#766)
• e8e2f7f chore: testing eslint v10 (#779)
• ca076d9 chore: update dev dependencies (#780)
• 42e6369 build(deps): Bump the actions group with 2 updates (#778)
• 53ff214 Remove empty NPM_TOKEN from release.yml
• See full diff in compare view

Updates globals from 17.5.0 to 17.6.0

Release notes

Sourced from globals's releases.

v17.6.0

• Update globals (2026-05-01) (#343) 00a4dd9

---

sindresorhus/globals@v17.5.0...v17.6.0

Commits

• 6b15870 17.6.0
• 00a4dd9 Update globals (2026-05-01) (#343)
• See full diff in compare view

Updates jest from 30.3.0 to 30.4.2

Release notes

Sourced from jest's releases.

v30.4.2

Fixes

• [jest-runtime] Fix named imports from CJS modules whose module.exports is a function with own-property exports (#16150)

Full Changelog: jestjs/jest@v30.4.1...v30.4.2

v30.4.1

Features

• [jest-config, jest-core, jest-runner, jest-schemas, jest-types] Allow custom runner configuration options via tuple format ['runner-path', {options}] (#16141)

Fixes

• [jest-runtime] Align CJS-from-ESM default export with Node: module.exports is always the ESM default, __esModule unwrapping is no longer applied (#16143)

Full Changelog: jestjs/jest@v30.4.0...v30.4.1

v30.4.0

Big release! 😀

Main feature is a rewrite of our custom runtime in preparation for stabilisation of native support of ESM. As part of that work require(esm) module is now supported on Node 24.9+ (still requires --experimental-vm-modules like before).

In addition we now support fake timers for the recently released Temporal API in Node v26.

React 19 is also supported properly in pretty-format, meaning snapshots of React components now work like they should.

Due to all the changes, there might be regressions that snuck in. Please report them!

Full list of changes below

Features

• [babel-jest] Support collecting coverage from .mts, .cts (and other) files (#15994)
• [jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types] Add --collect-tests flag to discover and list tests without executing them (#16006)
• [jest-config, jest-runner, jest-worker] Add workerGracefulExitTimeout config option to control how long workers are given to exit before being force-killed (#15984)
• [jest-config] Add support for jest.config.mts as a valid configuration file (#16005)
• [jest-config, jest-core, jest-reporters, jest-runner] verbose and silent can now be set per-project; the project-level value overrides the global value for that project's tests (#16133)
• [@jest/fake-timers] Accept Temporal.Duration in jest.advanceTimersByTime() and jest.advanceTimersByTimeAsync() (#16128)
• [@jest/fake-timers] Accept Temporal.Instant and Temporal.ZonedDateTime in jest.setSystemTime() and useFakeTimers({now}) (#16128)
• [@jest/fake-timers] Support faking Temporal.Now.* (#16131)
• [jest-mock] Add clearMocksOnScope(scope) on ModuleMocker for clearing every mock function exposed on a scope object (#16088)
• [jest-resolve] Add canResolveSync() on Resolver so callers can detect when a user-configured resolver only exports an async hook (#16064)
• [jest-runtime] Use synchronous evaluate() for ES modules without top-level await on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (#16062)
• [jest-runtime] Support require() of ES modules on Node v24.9+ (#16074)
• [jest-runtime] Validate TC39 import attributes (with { type: 'json' }) on ESM imports (#16127)
• [@jest/transform] Add canTransformSync(filename) on ScriptTransformer so callers can pick the sync vs async transform path (#16062)
• [jest-util] Add isError helper (#16076)

... (truncated)

Changelog

Sourced from jest's changelog.

30.4.2

Fixes

• [jest-runtime] Fix named imports from CJS modules whose module.exports is a function with own-property exports (#16150)

30.4.1

Features

• [jest-config, jest-core, jest-runner, jest-schemas, jest-types] Allow custom runner configuration options via tuple format ['runner-path', {options}] (#16141)

Fixes

• [jest-runtime] Align CJS-from-ESM default export with Node: module.exports is always the ESM default, __esModule unwrapping is no longer applied (#16143)

30.4.0

Features

• [babel-jest] Support collecting coverage from .mts, .cts (and other) files (#15994)
• [jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types] Add --collect-tests flag to discover and list tests without executing them (#16006)
• [jest-config, jest-runner, jest-worker] Add workerGracefulExitTimeout config option to control how long workers are given to exit before being force-killed (#15984)
• [jest-config] Add support for jest.config.mts as a valid configuration file (#16005)
• [jest-config, jest-core, jest-reporters, jest-runner] verbose and silent can now be set per-project; the project-level value overrides the global value for that project's tests (#16133)
• [@jest/fake-timers] Accept Temporal.Duration in jest.advanceTimersByTime() and jest.advanceTimersByTimeAsync() (#16128)
• [@jest/fake-timers] Accept Temporal.Instant and Temporal.ZonedDateTime in jest.setSystemTime() and useFakeTimers({now}) (#16128)
• [@jest/fake-timers] Support faking Temporal.Now.* (#16131)
• [jest-mock] Add clearMocksOnScope(scope) on ModuleMocker for clearing every mock function exposed on a scope object (#16088)
• [jest-resolve] Add canResolveSync() on Resolver so callers can detect when a user-configured resolver only exports an async hook (#16064)
• [jest-runtime] Use synchronous evaluate() for ES modules without top-level await on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (#16062)
• [jest-runtime] Support require() of ES modules on Node v24.9+ (#16074)
• [jest-runtime] Validate TC39 import attributes (with { type: 'json' }) on ESM imports (#16127)
• [@jest/transform] Add canTransformSync(filename) on ScriptTransformer so callers can pick the sync vs async transform path (#16062)
• [jest-util] Add isError helper (#16076)
• [pretty-format] Support React 19 (#16123)

Fixes

• [expect-utils] Fix toStrictEqual failing on structuredClone results due to cross-realm constructor mismatch (#15959)
• [@jest/expect-utils] Prevent toMatchObject/subset matching from throwing when encountering exotic iterables (#15952)
• [fake-timers] Convert Date to milliseconds before passing to @sinonjs/fake-timers (#16029)
• [jest] Export GlobalConfig and ProjectConfig TypeScript types (#16132)
• [jest-circus] Prevent crash when asyncError is undefined for non-Error throws (#16003)
• [jest-circus, jest-jasmine2] Include Error.cause in JSON failureMessages output (#15967)
• [jest-config] Fix preset path resolution on Windows when the preset uses subpath exports (#15961)
• [jest-config] Allow collectCoverage and coverageProvider in project config without a validation warning (#16132)
• [jest-config] Project config validator now emits "is not supported in an individual project configuration" instead of "probably a typing mistake" for known global-only options (#16132)
• [jest-environment-node] Fix --localstorage-file warning on Node 25+ (#16086)
• [jest-reporters] Apply global coverage threshold to unmatched pattern files in addition to glob/path thresholds (#16137)

... (truncated)

Commits

• 746f2a0 v30.4.2
• b3b4a09 v30.4.1
• 5cbb21e v30.4.0
• db7141a fix: allow collectCoverage and coverageProvider in project config (#16132)
• See full diff in compare view

Updates js-yaml from 4.1.1 to 4.2.0

Changelog

Sourced from js-yaml's changelog.

[4.2.0] - 2026-06-01

Added

• Added docs/safety.md with notes about processing untrusted YAML.
• Added maxDepth (100) loader option. Not a problem, but gives a better exception instead of RangeError on stack overflow.
• Added maxMergeSeqLength (20) loader option. Not a problem after merge fix, but an additional restriction for safety.
• Added sourcemaps to dist/ builds.

Changed

• Stop resolving numbers with underscores as numeric scalars, #627.
• Switched dev toolchains to Vite / neostandard.
• Updated demo.
• Reorganized tests.
• dist/ files are no longer kept in the repository.

Fixed

• Fix parsing of properties on the first implicit block mapping key, #62.
• Fix trailing whitespace handling when folding flow scalar lines, #307.
• Reject top-level block scalars without content indentation, #280.
• Ensure numbers survive round-trip, #737.
• Fix test coverage for issue #221.
• Fix flow scalar trailing whitespace folding, #307.
• Fix digits in YAML named tag handles.

Security

• Fix potential DoS via quadratic complexity in merge - deduplicate repeated elements (makes sense for malformed files > 10K).

[3.14.2] - 2025-11-15

Security

• Backported v4.1.1 fix to v3

Commits

• See full diff in compare view

Updates rollup from 4.60.2 to 4.61.0

Release notes

Sourced from rollup's releases.

v4.61.0

4.61.0

2026-06-01

Features

• Sort entry modules to make chunk hashes deterministic (#6391)

Pull Requests

• #6376: Eliminate AWS credential exposure on fork PRs in REPL artefact workflow (@​lukastaegert)
• #6378: fix(deps): update minor/patch updates (@​renovate[bot])
• #6379: chore(deps): update dependency lint-staged to v17 (@​renovate[bot], @​lukastaegert)
• #6380: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6381: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6382: chore(deps): update dependency @​types/node to ^20.19.41 (@​renovate[bot])
• #6386: fix(deps): update minor/patch updates (@​renovate[bot])
• #6387: chore(deps): update aws-actions/configure-aws-credentials action to v6 (@​renovate[bot])
• #6388: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #6389: chore(deps): lock file maintenance (@​renovate[bot])
• #6391: Sort entry modules to make chunk hash names deterministic (@​TrickyPi)
• #6394: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6395: chore(deps): update react monorepo to v19 (@​renovate[bot], @​lukastaegert)
• #6396: fix(deps): update rust crate swc_compiler_base to v57 (@​renovate[bot], @​lukastaegert)
• #6397: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6400: docs: fix broken links (@​jiyujie2006)

v4.60.4

4.60.4

2026-05-14

Bug Fixes

• Improve stability of chunk hashes (#6362)

Pull Requests

• #6362: fix: stabilize chunk assignment across parallel file reads (@​sonukapoor, @​Sonu Kapoor, @​TrickyPi, @​lukastaegert)
• #6370: fix(deps): update minor/patch updates (@​renovate[bot])
• #6371: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6372: chore(deps): update react monorepo to v19 (major) (@​renovate[bot])
• #6373: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6375: Resolve vulnerabilities (@​lukastaegert)

Changelog

Sourced from rollup's changelog.

4.61.0

2026-06-01

Features

• Sort entry modules to make chunk hashes deterministic (#6391)

Pull Requests

• #6376: Eliminate AWS credential exposure on fork PRs in REPL artefact workflow (@​lukastaegert)
• #6378: fix(deps): update minor/patch updates (@​renovate[bot])
• #6379: chore(deps): update dependency lint-staged to v17 (@​renovate[bot], @​lukastaegert)
• #6380: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6381: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6382: chore(deps): update dependency @​types/node to ^20.19.41 (@​renovate[bot])
• #6386: fix(deps): update minor/patch updates (@​renovate[bot])
• #6387: chore(deps): update aws-actions/configure-aws-credentials action to v6 (@​renovate[bot])
• #6388: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #6389: chore(deps): lock file maintenance (@​renovate[bot])
• #6391: Sort entry modules to make chunk hash names deterministic (@​TrickyPi)
• #6394: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6395: chore(deps): update react monorepo to v19 (@​renovate[bot], @​lukastaegert)
• #6396: fix(deps): update rust crate swc_compiler_base to v57 (@​renovate[bot], @​lukastaegert)
• #6397: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6400: docs: fix broken links (@​jiyujie2006)

4.60.4

2026-05-14

Bug Fixes

• Improve stability of chunk hashes (#6362)

Pull Requests

• #6362: fix: stabilize chunk assignment across parallel file reads (@​sonukapoor, @​Sonu Kapoor, @​TrickyPi, @​lukastaegert)
• #6370: fix(deps): update minor/patch updates (@​renovate[bot])
• #6371: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6372: chore(deps): update react monorepo to v19 (major) (@​renovate[bot])
• #6373: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6375: Resolve vulnerabilities (@​lukastaegert)

4.60.3

2026-05-04

Bug Fixes

... (truncated)

Commits

• 765167f 4.61.0
• 0f547eb Sort entry modules to make chunk hash names deterministic (#6391)
• 5838787 docs: fix broken links (#6400)
• cc0f51a chore(deps): update react monorepo to v19 (#6395)
• dd30037 fix(deps): update rust crate swc_compiler_base to v57 (#6396)
• cb86c3e chore(deps): lock file maintenance (#6397)
• db2b6e0 fix(deps): update minor/patch updates (#6394)
• c16e493 chore(deps): lock file maintenance (#6389)
• 65397f1 chore(deps): update aws-actions/configure-aws-credentials action to v6 (#6387)
• 6817778 fix(deps): update minor/patch updates (#6386)
• Additional commits viewable in compare view

Updates ts-jest from 29.4.9 to 29.4.11

Release notes

Sourced from ts-jest's releases.

v29.4.11

Please refer to CHANGELOG.md for details.

v29.4.10

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.11 (2026-05-21)

Bug Fixes

• preserve Bundler on the CJS path under TypeScript >= 6 (3941818), closes #4198

29.4.10 (2026-05-18)

Bug Fixes

• pass resolutionMode to ts.resolveModuleName for hybrid module support (b557a85)
• rebuild Program when consecutive compiles need different module kinds (a82a2b3), closes #4774
• respect tsconfig moduleResolution instead of forcing Node10 (1bffffc)
• transformer: transpile mjs files from node_modules for CJS mode (96d025d)
• transformer: use a consistent comparator in hoist-jest sortStatements (8a8fd2f)

Commits

• bff2d64 chore(release): 29.4.11
• 3941818 fix: preserve Bundler on the CJS path under TypeScript >= 6

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	5		0	0	0.05s
❌ ACTION	zizmor	5		1	0	0.24s
✅ JSON	jsonlint	5		0	0	0.53s
✅ JSON	npm-package-json-lint	yes		no	no	0.57s
✅ JSON	prettier	5		0	0	1.47s
✅ JSON	v8r	5		0	0	10.55s
✅ MARKDOWN	markdownlint	1		0	0	0.7s
✅ REPOSITORY	checkov	yes		no	no	21.42s
✅ REPOSITORY	gitleaks	yes		no	no	2.23s
✅ REPOSITORY	git_diff	yes		no	no	0.06s
✅ REPOSITORY	grype	yes		no	no	64.03s
❌ REPOSITORY	osv-scanner	yes		12	no	3.7s
✅ REPOSITORY	secretlint	yes		no	no	1.06s
✅ REPOSITORY	syft	yes		no	no	7.71s
✅ REPOSITORY	trivy-sbom	yes		no	no	3.33s
✅ REPOSITORY	trufflehog	yes		no	no	29.9s
✅ TYPESCRIPT	eslint	9		0	0	10.3s
✅ TYPESCRIPT	prettier	9		0	0	1.19s
✅ YAML	prettier	13		0	0	0.69s
✅ YAML	v8r	13		0	0	7.92s
✅ YAML	yamllint	13		0	0	0.71s

Detailed Issues

❌ REPOSITORY / osv-scanner - 12 errors

Scanning dir .
Starting filesystem walk for root: /
Scanned package-lock.json file and found 830 packages
End status: 32 dirs visited, 109 inodes visited, 1 Extract calls, 67.180251ms elapsed, 67.180381ms wall time

Total 5 packages affected by 12 known vulnerabilities (0 Critical, 7 High, 5 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
12 vulnerabilities can be fixed.

+-------------------------------------+------+-----------+------------------------+---------+---------------+-------------------+
| OSV URL                             | CVSS | ECOSYSTEM | PACKAGE                | VERSION | FIXED VERSION | SOURCE            |
+-------------------------------------+------+-----------+------------------------+---------+---------------+-------------------+
| https://osv.dev/GHSA-jxxr-4gwj-5jf2 | 6.5  | npm       | brace-expansion        | 5.0.5   | 5.0.6         | package-lock.json |
| https://osv.dev/GHSA-45c6-75p6-83cc | 6.1  | npm       | fast-xml-builder (dev) | 1.1.5   | 1.1.6         | package-lock.json |
| https://osv.dev/GHSA-5wm8-gmm8-39j9 | 8.7  | npm       | fast-xml-builder (dev) | 1.1.5   | 1.1.7         | package-lock.json |
| https://osv.dev/GHSA-23c5-xmqv-rm74 | 7.5  | npm       | minimatch (dev)        | 9.0.3   | 9.0.7         | package-lock.json |
| https://osv.dev/GHSA-3ppc-4f35-3m26 | 8.7  | npm       | minimatch (dev)        | 9.0.3   | 9.0.6         | package-lock.json |
| https://osv.dev/GHSA-7r86-cg39-jmmj | 7.5  | npm       | minimatch (dev)        | 9.0.3   | 9.0.7         | package-lock.json |
| https://osv.dev/GHSA-2mjp-6q6p-2qxm | 6.5  | npm       | undici (dev)           | 5.29.0  | 6.24.0        | package-lock.json |
| https://osv.dev/GHSA-4992-7rv2-5pvq | 4.6  | npm       | undici (dev)           | 5.29.0  | 6.24.0        | package-lock.json |
| https://osv.dev/GHSA-g9mf-h72j-4rw9 | 5.9  | npm       | undici (dev)           | 5.29.0  | 6.23.0        | package-lock.json |
| https://osv.dev/GHSA-v9p9-hfj2-hcw8 | 7.5  | npm       | undici (dev)           | 5.29.0  | 6.24.0        | package-lock.json |
| https://osv.dev/GHSA-vrm6-8vpv-qv8q | 7.5  | npm       | undici (dev)           | 5.29.0  | 6.24.0        | package-lock.json |
| https://osv.dev/GHSA-w5hq-g745-h8pq | 7.5  | npm       | uuid (dev)             | 8.3.2   | 11.1.1        | package-lock.json |
+-------------------------------------+------+-----------+------------------------+---------+---------------+-------------------+

❌ ACTION / zizmor - 1 error

INFO zizmor: 🌈 zizmor v1.25.0
fatal: no audit was performed
'ref-confusion' audit failed on file://.github/workflows/check-dist.yml

Caused by:
    0: error in 'ref-confusion' audit
    1: couldn't list branches for actions/checkout
    2: request error while accessing GitHub API
    3: HTTP status client error (401 Unauthorized) for url (https://github.com/actions/checkout.git/git-upload-pack)


[ZizmorLinter] Zizmor failed to reach the GitHub API.
To allow zizmor to use GITHUB_TOKEN, add the following to your .mega-linter.yml:
ACTION_ZIZMOR_UNSECURED_ENV_VARIABLES:
  - GITHUB_TOKEN

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.5.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,ACTION_ZIZMOR,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_OSV_SCANNER,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,TYPESCRIPT_ES,TYPESCRIPT_PRETTIER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository