Skip to content

chore(deps)(deps): Bump the npm-minor-and-patch group across 1 directory with 4 updates#34

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm-minor-and-patch-8c9cb06b7e
Open

chore(deps)(deps): Bump the npm-minor-and-patch group across 1 directory with 4 updates#34
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm-minor-and-patch-8c9cb06b7e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown

Bumps the npm-minor-and-patch group with 4 updates in the / directory: @fastify/cookie, fastify, sharp and tsx.

Updates @fastify/cookie from 11.0.2 to 11.1.1

Release notes

Sourced from @​fastify/cookie's releases.

v11.1.1

What's Changed

New Contributors

Full Changelog: fastify/fastify-cookie@v11.1.0...v11.1.1

v11.1.0

What's Changed

New Contributors

Full Changelog: fastify/fastify-cookie@v11.0.2...v11.1.0

Commits
  • cd71338 Bumped v11.1.1
  • c6b88ae fix: register onSend writer even when hook is false (#360)
  • df7fe0d fix: support cookie v2.x (#361)
  • 172ffc6 Bumped v11.1.0
  • 4c97386 chore: bump @​types/node in the dev-dependencies-typescript group (#357)
  • 700ccb4 docs: fix broken links
  • 73f4aac chore: replace http with https in urls
  • 2247dab chore(package.json): use https for repo url
  • 0ccda56 chore: bump fastify-plugin from 5.1.0 to 6.0.0 in the dependencies group (#351)
  • 8a7c6b1 chore: update depedabot setting (#348)
  • Additional commits viewable in compare view

Updates fastify from 5.8.5 to 5.10.0

Release notes

Sourced from fastify's releases.

v5.10.0

What's Changed

New Contributors

Full Changelog: fastify/fastify@v5.9.0...v5.10.0

v5.9.0

What's Changed

... (truncated)

Commits
  • 94bcbcc Bumped v5.10.0
  • c47975e docs: Update import for page consistency (#6771)
  • 82952b8 docs: Logging.md with per-route log level info (#6627)
  • 6ac2e95 fix: derive request.port from request.host (#6680)
  • 5f4871f perf: reduce per-request overhead in the request lifecycle (#6831)
  • ec4bc66 chore: Bump fast-json-stringify to v7 (#6800)
  • d0b649d docs: fix incorrect hook count in Hooks.md (eight -> ten) (#6825)
  • 826c807 docs: fix incorrect defaults and code examples in Server.md (#6805)
  • 6f63ce9 fix: use ContentType to detect json and charset in reply.send (#6830)
  • 75d74e1 feat: introduce log controller layer (#6580)
  • Additional commits viewable in compare view

Updates sharp from 0.34.5 to 0.35.3

Release notes

Sourced from sharp's releases.

v0.35.3

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

  • Improve code bundler support by resolving path to libvips binary.

  • Increase default concurrency when use of MALLOC_ARENA_MAX is detected.

  • Emit warning about binaries provided by Electron for use on Linux.

  • Add hasAlpha property to output info. #4500

  • TypeScript: Return more precise Buffer<ArrayBuffer> from toBuffer. #4520 @​Andarist

  • Bound clahe width and height to avoid signed overflow. #4551 @​metsw24-max

  • Bound trim margin to avoid signed overflow. #4552 @​metsw24-max

  • Reject infinite values when validating numbers. #4553 @​metsw24-max

  • Bound extract region to libvips coordinate limit. #4555 @​metsw24-max

  • Verify background colour values are numbers. #4556 @​metsw24-max

  • Bound create and raw input dimensions to coordinate limit. #4558 @​metsw24-max

  • Tighten recomb and affine matrix verification. #4560 @​chatman-media

  • Verify cache memory limit to avoid overflow. #4561 @​metsw24-max

v0.35.3-rc.2

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

... (truncated)

Commits
  • 1018449 Release v0.35.3
  • ba303a7 Prerelease v0.35.3-rc.2
  • 4f94fc5 Upgrade to sharp-libvips v1.3.2
  • c5e7a3f Bump devDeps, fix Deno/Windows smoke tests
  • 9a8d002 Docs: Add changelog entry and note about transferable #4520
  • 8694db0 TypeScript: Return more precise Buffer\<ArrayBuffer> from toBuffer (#4520)
  • e000d0b Prerelease v0.35.3-rc.1
  • 9554ca9 Prerelease v0.35.3-rc.0
  • 6a29fd5 Emit warning about native binaries on Linux Electron
  • 540d2ea Increase default concurrency when use of MALLOC_ARENA_MAX detected
  • Additional commits viewable in compare view

Updates tsx from 4.21.0 to 4.23.0

Release notes

Sourced from tsx's releases.

v4.23.0

4.23.0 (2026-07-03)

Bug Fixes

Features


This release is also available on:

v4.22.5

4.22.5 (2026-07-02)

Bug Fixes

  • isolate hook state per async module.register() registration (a305f36)

This release is also available on:

v4.22.4

4.22.4 (2026-05-31)

Bug Fixes

  • resolve CommonJS directory requires inside dependencies (#803) (1ce8463)

This release is also available on:

v4.22.3

4.22.3 (2026-05-19)

Bug Fixes

  • decode typed loader source (dce02fc)
  • preserve entrypoint with TypeScript preload hooks (68f72f3)

... (truncated)

Commits
  • 1dfad37 docs: cite esbuild's extension-resolution model in node notes
  • 257bbbb fix: avoid redundant filesystem probes during module resolution
  • c178197 feat: add multi-scenario startup benchmark suite
  • 51800ac docs: add Node internals knowledge base (notes/node)
  • a305f36 fix: isolate hook state per async module.register() registration
  • ca501a9 chore: upgrade skills-npm to v1.2.0
  • 596cd1f test: cover __dirname, __filename, & require.cache in CJS TS file
  • 75d9bf0 test: lock in lenient ESM for ambiguous and CJS-typed packages
  • 1472f3e test: cover ESM-syntax dependency with omitted "type" field
  • 1ce8463 fix: resolve CommonJS directory requires inside dependencies (#803)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for tsx since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…ory with 4 updates

Bumps the npm-minor-and-patch group with 4 updates in the / directory: [@fastify/cookie](https://github.com/fastify/fastify-cookie), [fastify](https://github.com/fastify/fastify), [sharp](https://github.com/lovell/sharp) and [tsx](https://github.com/privatenumber/tsx).


Updates `@fastify/cookie` from 11.0.2 to 11.1.1
- [Release notes](https://github.com/fastify/fastify-cookie/releases)
- [Commits](fastify/fastify-cookie@v11.0.2...v11.1.1)

Updates `fastify` from 5.8.5 to 5.10.0
- [Release notes](https://github.com/fastify/fastify/releases)
- [Commits](fastify/fastify@v5.8.5...v5.10.0)

Updates `sharp` from 0.34.5 to 0.35.3
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.34.5...v0.35.3)

Updates `tsx` from 4.21.0 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.21.0...v4.23.0)

---
updated-dependencies:
- dependency-name: "@fastify/cookie"
  dependency-version: 11.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: fastify
  dependency-version: 5.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: sharp
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
- dependency-name: tsx
  dependency-version: 4.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot requested a review from divyamohan1993 as a code owner July 11, 2026 16:12
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 11, 2026
@github-actions github-actions Bot added the deps label Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file deps

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant