deps-dev(deps-dev): bump prettier from 3.9.4 to 3.9.5 in the dev-minor-patch group#703
Conversation
Bumps the dev-minor-patch group with 1 update: [prettier](https://github.com/prettier/prettier). Updates `prettier` from 3.9.4 to 3.9.5 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.9.4...3.9.5) --- updated-dependencies: - dependency-name: prettier dependency-version: 3.9.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
❌ Changes requested
🤖 Claude Sonnet 4.6 (OpenRouter) (anthropic/claude-sonnet-4.6) via OpenRouter
Gate wrong or a false positive? Do not edit this workflow to pass — open an issue on lagowski/pr-review-gate.
There was a problem hiding this comment.
❌ Changes requested
🤖 Claude Sonnet 4.6 (OpenRouter) (anthropic/claude-sonnet-4.6) via OpenRouter
This PR bumps the dev-only prettier dependency from 3.9.4 to 3.9.5 (patch release) and removes the @upstash/context7-mcp production dependency. The prettier change is a safe patch update with only Markdown formatting bug fixes. The removal of @upstash/context7-mcp from package-lock.json without a corresponding change to package.json warrants attention.
1 finding:
- 🟠 HIGH MEDIUM package-lock.json:16 — @upstash/context7-mcp is removed from the lock file's dependency list but the diff does not show a corresponding removal from package.json's dependencies section. If package.json still declares this dependency, the lock file is now inconsistent and
npm ciin CI/CD will fail or reinstall it unexpectedly. If the removal is intentional, package.json must also be updated.- Fix: Verify and include the matching package.json change removing @upstash/context7-mcp, or confirm it was already absent from package.json before this PR.
- Evidence:
"- \"@upstash/context7-mcp\": \"3.2.2\"," removed from lock file with no corresponding package.json hunk in the diff
Gate wrong or a false positive? Do not edit this workflow to pass — open an issue on lagowski/pr-review-gate.
Bumps the dev-minor-patch group with 1 update: prettier.
Updates
prettierfrom 3.9.4 to 3.9.5Release notes
Sourced from prettier's releases.
Changelog
Sourced from prettier's changelog.
... (truncated)
Commits
b6c7d18Release 3.9.5cd54cccAvoid corrupting empty Markdown link with title (#19487)2bb67cePreserving comments'placementproperty (#19567)91bcac8Add more tests for comment-only object type (#19587)cbee737Remove space in empty object type (#19583)6394c73Align empty module declaration with TS (#19568)a4e6f7aPrevent the addition of space intype()with+(#19516)3d063b5Ignore dangling comments when checking type parameter comments (#19572)908503eHandle dangling comments inSwitchStatement(#19581)943a475Angular: Support expression for exhaustive typechecking (#19571)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions