chore(deps-dev): bump the dependencies group with 6 updates by dependabot[bot] · Pull Request #2279 · webpack/webpack-dev-middleware

dependabot · 2026-03-10T17:42:39Z

Bumps the dependencies group with 6 updates:

Package	From	To
@hapi/hapi	`21.4.6`	`21.4.7`
babel-jest	`30.2.0`	`30.3.0`
fastify	`5.8.1`	`5.8.2`
hono	`4.12.5`	`4.12.7`
jest	`30.2.0`	`30.3.0`
lint-staged	`16.3.2`	`16.3.3`

Updates @hapi/hapi from 21.4.6 to 21.4.7

Commits

f2a24f6 21.4.7
ee8475b fix: 🐛 request.url getter fails when using IPv6 and HTTP2 #4560 (#4559)
See full diff in compare view

Updates babel-jest from 30.2.0 to 30.3.0

Release notes

Sourced from babel-jest's releases.

v30.3.0

Features

[jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)

[jest-fake-timers] Add setTimerTickMode to configure how timers advance

[*] Reduce token usage when run through LLMs (3f17932)

Fixes

[jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)

[jest-mock] Use Symbol from test environment (#15858)

[jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)

[jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)

[jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)

[jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

[*] Replace remaining micromatch uses with picomatch

[deps] Update to sinon/fake-timers v15

[docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)

Updated Twitter icon to match the latest brand guidelines (#15869)

Changelog

Sourced from babel-jest's changelog.

30.3.0

Features

[jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)

[jest-fake-timers] Add setTimerTickMode to configure how timers advance

[*] Reduce token usage when run through LLMs (3f17932)

Fixes

[jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)

[jest-mock] Use Symbol from test environment (#15858)

[jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)

[jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)

[jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)

[jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

[*] Replace remaining micromatch uses with picomatch

[deps] Update to sinon/fake-timers v15

[docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)

Updated Twitter icon to match the latest brand guidelines (#15869)

Commits

efb59c2 v30.3.0
486ae3d chore: update docusaurus (#15860)
See full diff in compare view

Updates fastify from 5.8.1 to 5.8.2

Release notes

Sourced from fastify's releases.

v5.8.2

What's Changed

docs(ecosystem): add @yeliex/fastify-problem-details by @yeliex in fastify/fastify#6546

Revert "chore: upgrade borp to v1.0.0" by @climba03003 in fastify/fastify#6564

docs: document body validation with custom content type parsers by @mcollina in fastify/fastify#6556

docs(ecosystem): add fastify-file-router by @bhouston in fastify/fastify#6441

docs: add fastify-svelte-view to Ecosystem list by @matths in fastify/fastify#6453

fix: anchor keyValuePairsReg to prevent quadratic backtracking by @mcollina in fastify/fastify#6558

docs: added note on handling of invalid URLs in setNotFoundHandler by @leftieFriele in fastify/fastify#5661

docs(guides): update codemod links by @OluchiEzeifedikwa in fastify/fastify#6479

docs: add @glidemq/fastify to community plugins by @avifenesh in fastify/fastify#6560

New Contributors

@yeliex made their first contribution in fastify/fastify#6546

@matths made their first contribution in fastify/fastify#6453

@leftieFriele made their first contribution in fastify/fastify#5661

@OluchiEzeifedikwa made their first contribution in fastify/fastify#6479

@avifenesh made their first contribution in fastify/fastify#6560

Full Changelog: fastify/fastify@v5.8.1...v5.8.2

Commits

375e136 Bumped v5.8.2
25a70ff docs: add @glidemq/fastify to community plugins list (#6560)
4a5304f docs(guides): update codemod links (#6479)
c9bcde4 docs: added note on handling of invalid URLs in setNotFoundHandler (#5661)
3b0f769 fix: anchor keyValuePairsReg to prevent quadratic backtracking (#6558)
e4474cf docs: add fastify-svelte-view to Ecosystem list (#6453)
deaeb40 docs(ecosystem): add fastify-file-router (#6441)
0d3b560 docs: document body validation with custom content type parsers (#6556)
cdcc4de Revert "chore: upgrade borp to v1.0.0 (#6510)" (#6564)
b61c362 docs(ecosystem): add @yeliex/fastify-problem-details (#6546)
See full diff in compare view

Updates hono from 4.12.5 to 4.12.7

Release notes

Sourced from hono's releases.

v4.12.7

Security hardening

Ignore __proto__ path segments in parseBody({ dot: true }) to prevent potential prototype pollution when merged with unsafe patterns.

Full Changelog: honojs/hono@v4.12.6...v4.12.7

v4.12.6

What's Changed

fix(accept): replace regex split to mitigate ReDoS by @EdamAme-x in honojs/hono#4758

fix(jsx): align link hoisting and dedupe with React 19 by @usualoma in honojs/hono#4792

chore(builld): tsconfig project references by @BarryThePenguin in honojs/hono#4797

chore: add tsconfig.spec.json by @yusukebe in honojs/hono#4798

feat(jsx-renderer): support function-based options by @3w36zj6 in honojs/hono#4780

fix(lambda-edge): avoid callback handler deprecation on NODEJS_24_X by @t0waxx in honojs/hono#4782

New Contributors

@t0waxx made their first contribution in honojs/hono#4782

Full Changelog: honojs/hono@v4.12.5...v4.12.6

Commits

b0aba5b 4.12.7
1be3a53 ci: apply automated fixes
ef90225 Merge commit from fork
3f88636 4.12.6
53b66ae fix(lambda-edge): avoid callback handler deprecation on NODEJS_24_X (#4782)
58825a7 feat(jsx-renderer): support function-based options (#4780)
0e80acb chore: add tsconfig.spec.json (#4798)
d69deb8 chore(builld): tsconfig project references (#4797)
8217d9e fix(jsx): align link hoisting and dedupe with React 19 (#4792)
5086956 fix(accept): replace regex split to mitigate ReDoS (#4758)
See full diff in compare view

Updates jest from 30.2.0 to 30.3.0

Release notes

Sourced from jest's releases.

v30.3.0

Features

[jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)

[jest-fake-timers] Add setTimerTickMode to configure how timers advance

[*] Reduce token usage when run through LLMs (3f17932)

Fixes

[jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)

[jest-mock] Use Symbol from test environment (#15858)

[jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)

[jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)

[jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)

[jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

[*] Replace remaining micromatch uses with picomatch

[deps] Update to sinon/fake-timers v15

[docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)

Updated Twitter icon to match the latest brand guidelines (#15869)

Changelog

Sourced from jest's changelog.

30.3.0

Features

[jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)

[jest-fake-timers] Add setTimerTickMode to configure how timers advance

[*] Reduce token usage when run through LLMs (3f17932)

Fixes

[jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)

[jest-mock] Use Symbol from test environment (#15858)

[jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)

[jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)

[jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)

[jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

[*] Replace remaining micromatch uses with picomatch

[deps] Update to sinon/fake-timers v15

[docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)

Updated Twitter icon to match the latest brand guidelines (#15869)

Commits

efb59c2 v30.3.0
96c53d3 feat(jest-config): add defineConfig and mergeConfig functions (#15844)
See full diff in compare view

Updates lint-staged from 16.3.2 to 16.3.3

Release notes

Sourced from lint-staged's releases.

v16.3.3

Patch Changes

#1740 0109e8d Thanks @iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.

Changelog

Sourced from lint-staged's changelog.

16.3.3

Patch Changes

#1740 0109e8d Thanks @iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.

Commits

8aea986 chore(changeset): release
0109e8d fix: strip Git CRLF warning from output
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [@hapi/hapi](https://github.com/hapijs/hapi) | `21.4.6` | `21.4.7` | | [babel-jest](https://github.com/jestjs/jest/tree/HEAD/packages/babel-jest) | `30.2.0` | `30.3.0` | | [fastify](https://github.com/fastify/fastify) | `5.8.1` | `5.8.2` | | [hono](https://github.com/honojs/hono) | `4.12.5` | `4.12.7` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.2.0` | `30.3.0` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `16.3.2` | `16.3.3` | Updates `@hapi/hapi` from 21.4.6 to 21.4.7 - [Release notes](https://github.com/hapijs/hapi/releases) - [Commits](hapijs/hapi@v21.4.6...v21.4.7) Updates `babel-jest` from 30.2.0 to 30.3.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/babel-jest) Updates `fastify` from 5.8.1 to 5.8.2 - [Release notes](https://github.com/fastify/fastify/releases) - [Commits](fastify/fastify@v5.8.1...v5.8.2) Updates `hono` from 4.12.5 to 4.12.7 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.5...v4.12.7) Updates `jest` from 30.2.0 to 30.3.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest) Updates `lint-staged` from 16.3.2 to 16.3.3 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v16.3.2...v16.3.3) --- updated-dependencies: - dependency-name: "@hapi/hapi" dependency-version: 21.4.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: babel-jest dependency-version: 30.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: fastify dependency-version: 5.8.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: hono dependency-version: 4.12.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: jest dependency-version: 30.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: lint-staged dependency-version: 16.3.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added the dependencies Pull requests that update a dependency file label Mar 10, 2026

webpack Bot approved these changes Mar 10, 2026

View reviewed changes

webpack Bot enabled auto-merge (squash) March 10, 2026 17:42

webpack Bot merged commit 1169465 into main Mar 10, 2026
16 checks passed

webpack Bot deleted the dependabot/npm_and_yarn/dependencies-9d98873fcc branch March 10, 2026 18:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps-dev): bump the dependencies group with 6 updates#2279

chore(deps-dev): bump the dependencies group with 6 updates#2279
webpack[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/dependencies-9d98873fcc

dependabot Bot commented on behalf of github Mar 10, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Mar 10, 2026

v30.3.0

Features

Fixes

Chore & Maintenance

30.3.0

Features

Fixes

Chore & Maintenance

v5.8.2

What's Changed

New Contributors

v4.12.7

Security hardening

v4.12.6

What's Changed

New Contributors

v30.3.0

Features

Fixes

Chore & Maintenance

30.3.0

Features

Fixes

Chore & Maintenance

v16.3.3

Patch Changes

16.3.3

Patch Changes

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants