chore(deps-dev): bump the npm-development group across 1 directory with 3 updates by dependabot[bot] · Pull Request #514 · wevm/mppx

dependabot · 2026-06-08T03:15:56Z

Bumps the npm-development group with 3 updates in the / directory: file-type, rolldown and testcontainers.

Updates file-type from 21.3.2 to 22.0.1

Release notes

v22.0.1

Fix: Work around esbuild resolving Node-only imports ce4262f

sindresorhus/file-type@v22.0.0...v22.0.1

v22.0.0

Breaking
Requires Node.js 22
Dropped Node.js stream.Readable support from fileTypeFromStream() and fileTypeStream()

These now only accept a web ReadableStream. Migrate with Readable.toWeb():
// Before
import fs from 'node:fs';
fileTypeFromStream(fs.createReadStream('file.mp4'));
// After
import fs from 'node:fs';
import {Readable} from 'node:stream';
fileTypeFromStream(Readable.toWeb(fs.createReadStream('file.mp4')));
Sub-exports (e.g. file-type/core) have been removed. Import everything from file-type directly.

The ReadableStreamWithFileType type has been removed. Use AnyWebReadableByteStreamWithFileType instead.

Several MIME types have been corrected or normalized:

Type Old MIME New MIME

lz application/x-lzip application/lzip

lnk application/x.ms.shortcut application/x-ms-shortcut

Apple Alias application/x.apple.alias application/x-ft-apple.alias

fbx application/x.autodesk.fbx application/x-ft-fbx

Draco application/vnd.google.draco application/x-ft-draco

MIME subtypes prefixed with x-ft- are custom types defined by this package (not IANA-registered).
Improvements

Added detection for Apple iWork files: .key (Keynote), .pages (Pages), .numbers (Numbers)

Fixes

Fixed LibreOffice OOXML files being incorrectly detected as ZIP when reading from streams

sindresorhus/file-type@v21.3.4...v22.0.0

... (truncated)

Commits

3c4b7e0 22.0.1
ce4262f Fix: Work around esbuild resolving Node-only imports
2c54d06 22.0.0
0ba6e0b Tweaks
0e679c7 Remove sub-exports
7079af7 Tweaks
ec77458 Add support for iWork files (.key, .pages, .numbers)
d4a975c Fix LibreOffice OOXML files detected as ZIP in streams
5de64e2 Normalize MIME types we invented with x-ft- prefix
7a60fa9 Require Node.js 22
Additional commits viewable in compare view

Updates rolldown from 1.0.2 to 1.0.3

Release notes

Sourced from rolldown's releases.

v1.0.3

[1.0.3] - 2026-05-27

🚀 Features

transform: respect decorator strictNullChecks option (#9580) by @kylecannon

drop defer keyword (#9503) by @TheAlexLichter

🐛 Bug Fixes

ci: create target dir before cargo release-oxc update (#9584) by @shulaoda

ci: reorder prepare-release steps to avoid dirty git check failure (#9583) by @shulaoda

testing: canonicalize temp dir early and use platform-specific separator in test262 (#9582) by @shulaoda

testing: resolve symlinked temp dir in test262 snapshot normalization (#9581) by @shulaoda

testing: canonicalize temp dir path in test262 snapshot normalization (#9579) by @shulaoda

dev: onOutput called twice when initial build fails (#9552) by @hyf0

dev: make ensureCurrentBuildFinish not returning error when engine closes (#9564) by @h-a-n-a

oxc-runtime: route require() to CJS helper variant (#9263) (#9526) by @IWANABETHATGUY

generator: use exporter chunk's export mode for CJS default re-exports (#9299) (#9529) by @IWANABETHATGUY

rolldown: always run reduced-atom static cycle check (#9441) (#9514) by @IWANABETHATGUY

apply transform.dropLabels before scanning (#9521) (#9522) by @IWANABETHATGUY

rolldown_watcher: take rolldown dep through the workspace (#9510) by @Boshen

cache: keep the scan-stage cache consistent when a build fails (#9495) by @h-a-n-a

skip JSON default-import namespace optimization for write targets (#9484) (#9489) by @IWANABETHATGUY

deps: skip pnpm frozen-lockfile on Netlify to dodge catalog mismatch bug (#9471) by @Boshen

🚜 Refactor

oxc-runtime: use Cow for helper path construction (#9538) by @IWANABETHATGUY

fold import defer phase drop into PreProcessor (#9524) by @IWANABETHATGUY

distinguish map: null vs map: undefined in transform hook output (#9497) by @sapphi-red

📚 Documentation

explain the policy for Rust crates (#9547) by @sapphi-red

cache: add design doc for cache (#9544) by @h-a-n-a

guide/troubleshooting: add TDZ error section (#9537) by @sapphi-red

dev-engine: add design doc for dev-engine (#9479) by @h-a-n-a

lazy-barrel: tweak some words (#9483) by @shulaoda

lazy-barrel: expand reasoning behind LARGE_BARREL_MODULES advice (#9477) by @shulaoda

⚡ Performance

generate: thread ast_table by value into codegen consumer (#9555) by @Boshen

finalizers: replace _reExport construction with a direct call to avoid calling clone_in (#9501) by @Dunqing

reorder hot-path boolean checks to short-circuit on cheap predicates first (#9523) by @Boshen

🧪 Testing

rolldown: regression fixture for #9401 (#9418) by @IWANABETHATGUY

... (truncated)

Changelog

Sourced from rolldown's changelog.

[1.0.3] - 2026-05-27

🚀 Features

transform: respect decorator strictNullChecks option (#9580) by @kylecannon

drop defer keyword (#9503) by @TheAlexLichter

🐛 Bug Fixes

ci: create target dir before cargo release-oxc update (#9584) by @shulaoda

ci: reorder prepare-release steps to avoid dirty git check failure (#9583) by @shulaoda

testing: canonicalize temp dir early and use platform-specific separator in test262 (#9582) by @shulaoda

testing: resolve symlinked temp dir in test262 snapshot normalization (#9581) by @shulaoda

testing: canonicalize temp dir path in test262 snapshot normalization (#9579) by @shulaoda

dev: onOutput called twice when initial build fails (#9552) by @hyf0

dev: make ensureCurrentBuildFinish not returning error when engine closes (#9564) by @h-a-n-a

oxc-runtime: route require() to CJS helper variant (#9263) (#9526) by @IWANABETHATGUY

generator: use exporter chunk's export mode for CJS default re-exports (#9299) (#9529) by @IWANABETHATGUY

rolldown: always run reduced-atom static cycle check (#9441) (#9514) by @IWANABETHATGUY

apply transform.dropLabels before scanning (#9521) (#9522) by @IWANABETHATGUY

rolldown_watcher: take rolldown dep through the workspace (#9510) by @Boshen

cache: keep the scan-stage cache consistent when a build fails (#9495) by @h-a-n-a

skip JSON default-import namespace optimization for write targets (#9484) (#9489) by @IWANABETHATGUY

deps: skip pnpm frozen-lockfile on Netlify to dodge catalog mismatch bug (#9471) by @Boshen

🚜 Refactor

oxc-runtime: use Cow for helper path construction (#9538) by @IWANABETHATGUY

fold import defer phase drop into PreProcessor (#9524) by @IWANABETHATGUY

distinguish map: null vs map: undefined in transform hook output (#9497) by @sapphi-red

📚 Documentation

explain the policy for Rust crates (#9547) by @sapphi-red

cache: add design doc for cache (#9544) by @h-a-n-a

guide/troubleshooting: add TDZ error section (#9537) by @sapphi-red

dev-engine: add design doc for dev-engine (#9479) by @h-a-n-a

lazy-barrel: tweak some words (#9483) by @shulaoda

lazy-barrel: expand reasoning behind LARGE_BARREL_MODULES advice (#9477) by @shulaoda

⚡ Performance

generate: thread ast_table by value into codegen consumer (#9555) by @Boshen

finalizers: replace _reExport construction with a direct call to avoid calling clone_in (#9501) by @Dunqing

reorder hot-path boolean checks to short-circuit on cheap predicates first (#9523) by @Boshen

🧪 Testing

rolldown: regression fixture for #9401 (#9418) by @IWANABETHATGUY

failing test for #9441 (#9504) by @TheAlexLichter

... (truncated)

Commits

a287faa release: v1.0.3 (#9586)
e3b7756 feat(transform): respect decorator strictNullChecks option (#9580)
8326121 chore(deps): upgrade oxc to 0.133.0 (#9563)
c7bbe2d fix(dev): onOutput called twice when initial build fails (#9552)
95ed7ca fix(dev): make ensureCurrentBuildFinish not returning error when engine clo...
f06c2a0 fix(oxc-runtime): route require() to CJS helper variant (#9263) (#9526)
1de499a feat: drop defer keyword (#9503)
e412df1 refactor: distinguish map: null vs map: undefined in transform hook outpu...
47a0e3b docs(lazy-barrel): expand reasoning behind LARGE_BARREL_MODULES advice (#9477)
See full diff in compare view

Updates testcontainers from 12.0.0 to 12.0.1

Release notes

Sourced from testcontainers's releases.

v12.0.1

Changes

🐛 Bug Fixes

Fix Podman image healthcheck detection @cristianrgreco (#1341)

🧹 Maintenance

Add npm dependency release age cooldown @cristianrgreco (#1339)

Use Docker Hub Redpanda image @cristianrgreco (#1342)

Use preinstalled Podman in checks @cristianrgreco (#1334)

Simplify affected package checks @cristianrgreco (#1326)

Add npm publish dry run workflow @cristianrgreco (#1333)

Upgrade build agents from Ubuntu 22.04 to 24.04 @cristianrgreco (#986)

Improve module compile checks @cristianrgreco (#1327)

📦 Dependency Updates

Bump tmp from 0.2.5 to 0.2.6 @dependabot[bot] (#1343)

Bump the dependencies group across 14 directories with 16 updates @dependabot[bot] (#1344)

Bump the dependencies group with 13 updates @dependabot[bot] (#1338)

Bump the dependencies group across 13 directories with 12 updates @dependabot[bot] (#1328)

Bump the dependencies group across 1 directory with 22 updates @dependabot[bot] (#1331)

Commits

4d8de0c Revert "v12.0.1"
d2e4da4 v12.0.1
1077fd6 Revert default wait strategy hook (#1346)
665feb4 Bump tmp from 0.2.5 to 0.2.6 (#1343)
cdb8366 Bump the dependencies group across 14 directories with 16 updates (#1344)
3148791 Add default wait strategy hook (#1340)
34c5811 Add npm dependency release age cooldown (#1339)
c584af1 Fix Podman image healthcheck detection (#1341)
cae5c26 Bump the dependencies group with 13 updates (#1338)
33e1dc1 Use Docker Hub Redpanda image (#1342)
Additional commits viewable in compare view

socket-security · 2026-06-08T03:16:58Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	testcontainers@12.0.0 ⏵ 12.0.1	⁺¹		⁺¹

View full report

pkg-pr-new · 2026-06-08T03:17:04Z

Open in StackBlitz

npm i https://pkg.pr.new/mppx@514

commit: 55a74b1

brendanjryan · 2026-06-08T16:53:39Z

@dependabot rebase

…th 3 updates Bumps the npm-development group with 3 updates in the / directory: [file-type](https://github.com/sindresorhus/file-type), [rolldown](https://github.com/rolldown/rolldown/tree/HEAD/packages/rolldown) and [testcontainers](https://github.com/testcontainers/testcontainers-node). Updates `file-type` from 21.3.2 to 22.0.1 - [Release notes](https://github.com/sindresorhus/file-type/releases) - [Commits](sindresorhus/file-type@v21.3.2...v22.0.1) Updates `rolldown` from 1.0.2 to 1.0.3 - [Release notes](https://github.com/rolldown/rolldown/releases) - [Changelog](https://github.com/rolldown/rolldown/blob/main/CHANGELOG.md) - [Commits](https://github.com/rolldown/rolldown/commits/v1.0.3/packages/rolldown) Updates `testcontainers` from 12.0.0 to 12.0.1 - [Release notes](https://github.com/testcontainers/testcontainers-node/releases) - [Commits](testcontainers/testcontainers-node@v12.0.0...v12.0.1) --- updated-dependencies: - dependency-name: file-type dependency-version: 22.0.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-development - dependency-name: rolldown dependency-version: 1.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: testcontainers dependency-version: 12.0.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 8, 2026

dependabot Bot changed the title ~~chore(deps-dev): bump the npm-development group with 3 updates~~ chore(deps-dev): bump the npm-development group across 1 directory with 3 updates Jun 8, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-development-70b0a533e5 branch from 2ad80f2 to 55a74b1 Compare June 8, 2026 16:56

brendanjryan merged commit f0aa2b0 into main Jun 8, 2026
14 of 15 checks passed

brendanjryan deleted the dependabot/npm_and_yarn/npm-development-70b0a533e5 branch June 8, 2026 21:51

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps-dev): bump the npm-development group across 1 directory with 3 updates#514

chore(deps-dev): bump the npm-development group across 1 directory with 3 updates#514
brendanjryan merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-development-70b0a533e5

dependabot Bot commented on behalf of github Jun 8, 2026 •

edited

Loading

Uh oh!

socket-security Bot commented Jun 8, 2026 •

edited

Loading

Uh oh!

pkg-pr-new Bot commented Jun 8, 2026 •

edited

Loading

Uh oh!

brendanjryan commented Jun 8, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Type	Old MIME	New MIME
`lz`	`application/x-lzip`	`application/lzip`
`lnk`	`application/x.ms.shortcut`	`application/x-ms-shortcut`
Apple Alias	`application/x.apple.alias`	`application/x-ft-apple.alias`
`fbx`	`application/x.autodesk.fbx`	`application/x-ft-fbx`
Draco	`application/vnd.google.draco`	`application/x-ft-draco`

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 8, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v22.0.1

v22.0.0

Breaking

Improvements

Fixes

v1.0.3

[1.0.3] - 2026-05-27

🚀 Features

🐛 Bug Fixes

🚜 Refactor

📚 Documentation

⚡ Performance

🧪 Testing

[1.0.3] - 2026-05-27

🚀 Features

🐛 Bug Fixes

🚜 Refactor

📚 Documentation

⚡ Performance

🧪 Testing

v12.0.1

Changes

🐛 Bug Fixes

🧹 Maintenance

📦 Dependency Updates

Uh oh!

socket-security Bot commented Jun 8, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

pkg-pr-new Bot commented Jun 8, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

brendanjryan commented Jun 8, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jun 8, 2026 •

edited

Loading

socket-security Bot commented Jun 8, 2026 •

edited

Loading

pkg-pr-new Bot commented Jun 8, 2026 •

edited

Loading