Skip to content

chore(deps): bump the production-dependencies group across 1 directory with 2 updates#24

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-cd8d7aa139
Open

chore(deps): bump the production-dependencies group across 1 directory with 2 updates#24
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-cd8d7aa139

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-dependencies group with 2 updates in the / directory: vscode-jsonrpc and vscode-languageserver-protocol.

Updates vscode-jsonrpc from 8.2.1 to 9.0.1

Release notes

Sourced from vscode-jsonrpc's releases.

release/jsonrpc/9.0.1

Changes:

  • #1814: Reuse diagnostic collections and introduce a provider
  • #1812: Prevent unnecessary diagnostic collection creation
  • #1810: Fix diagnostics issue after saving unsaved-but-named buffer
  • #1797: Diagnostics requested after saving unsaved-but-named buffer
  • #1804: fix(jsonrpc): cap Darwin pipe paths for OpenJDK
  • #1809: Update metaModel version to 3.18.0
  • #1808: Move meta model to version 3.18
  • #1807: Clarify diagnostic collection naming
  • #1806: Bump js-yaml from 4.1.1 to 4.2.0
  • #1805: Merge 3.18.1 release into main
  • #1803: Dbaeumer/verbal prawn chocolate
  • #1799: Diagnostic pull request cancellation is still handled incorrectly
  • #1800: #1799: Diagnostic pull request cancellation is still handled incorrectly

This list of changes was auto generated.

release/jsonrpc/9.0.0

No release notes provided.

release/jsonrpc/9.0.0-next.12

No release notes provided.

release/jsonrpc/9.0.0-next.11

Changes:

Feature Requests:

  • #1691: Use NoInfer for better typing
  • #1692: setImmediate Implementation in browser RAL for json-rpc is not ideal.
  • #1698: RenameParams does not reference TextDocumentPositionParams interface in the JSON metamodel

Bugs:

  • #1693: Output channel leak when stopping LanguageClient

Others:

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for vscode-jsonrpc since your current version.


Updates vscode-languageserver-protocol from 3.17.5 to 3.18.2

Release notes

Sourced from vscode-languageserver-protocol's releases.

release/protocol/3.18.2

No release notes provided.

release/protocol/3.18.1

Changes:

  • #1796: Make TextDocumentContentFeature a supported capability
  • #1795: textDocumentContent capability/feature is still behind a proposed gate even though in 3.18 it's not flagged as proposed anymore
  • #1794: Fix partial result type for textDocument/diagnostic request
  • #1792: Update @​vscode/test-electron to version 3.0.0
  • #1791: Refine notification assertions in delayOpenNotifications tests
  • #1790: Update inline value documentation and clean up dependencies
  • #1788: Update dependency versions in lock files
  • #1787: Merge 3.18 release into main
  • #1786: Shorten test dir path

This list of changes was auto generated.

release/protocol/3.18.0

No release notes provided.

release/types/3.18.0

Changes:

Feature Requests:

  • #1691: Use NoInfer for better typing
  • #1692: setImmediate Implementation in browser RAL for json-rpc is not ideal.
  • #1698: RenameParams does not reference TextDocumentPositionParams interface in the JSON metamodel

Bugs:

  • #752: Edits are applied twice
  • #1717: Client requests textDocument/diagnostics before textDocument/didOpen
  • #1693: Output channel leak when stopping LanguageClient
  • #1581: Client error 'Failed to determine file type' after undoing rename with Cmd+Z
  • #1548: Extra true in the output log when a language server disconnects

Others:

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for vscode-languageserver-protocol since your current version.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 8, 2026
@socket-security

socket-security Bot commented Jun 8, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Addedvscode-jsonrpc@​9.0.1100100889570
Addedvscode-languageserver-protocol@​3.18.21001007996100

View full report

…y with 2 updates

Bumps the production-dependencies group with 2 updates in the / directory: [vscode-jsonrpc](https://github.com/Microsoft/vscode-languageserver-node/tree/HEAD/jsonrpc) and [vscode-languageserver-protocol](https://github.com/Microsoft/vscode-languageserver-node/tree/HEAD/protocol).


Updates `vscode-jsonrpc` from 8.2.1 to 9.0.1
- [Release notes](https://github.com/Microsoft/vscode-languageserver-node/releases)
- [Commits](https://github.com/Microsoft/vscode-languageserver-node/commits/release/client/9.0.1/jsonrpc)

Updates `vscode-languageserver-protocol` from 3.17.5 to 3.18.2
- [Release notes](https://github.com/Microsoft/vscode-languageserver-node/releases)
- [Commits](https://github.com/Microsoft/vscode-languageserver-node/commits/release/protocol/3.18.2/protocol)

---
updated-dependencies:
- dependency-name: vscode-jsonrpc
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: vscode-languageserver-protocol
  dependency-version: 3.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump the production-dependencies group with 2 updates chore(deps): bump the production-dependencies group across 1 directory with 2 updates Jul 6, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/production-dependencies-cd8d7aa139 branch from a3b17f3 to a381a8d Compare July 6, 2026 09:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants