chore(deps): bump globals, @types/node, @supabase/supabase-js (SMI-5266)#1424
Merged
Conversation
Consolidated manual bump of the low-risk direct-manifest routine deps from the June Dependabot batch. Done manually because Dependabot can't regenerate a valid lockfile for this repo (transitive jose@5.10.0 drift via ruflo → @claude-flow/cli fails `npm ci`), so its recreate of each routine PR produces a broken lockfile. - globals 17.4.0 → 17.6.0 (root + website devDeps) — supersedes #1160 - @types/node ^25.9.0 → ^25.9.3 (root, cli, vscode-extension, website) — supersedes the @types/node half of #1253 - @supabase/supabase-js 2.105.0 → 2.108.1 (root + website; transitive @supabase/* sub-packages follow) — supersedes #1157 Verified: `npm audit --omit=dev --audit-level=high` stays 0; build 7/7; typecheck clean. Lockfile diff is minimal (no new transitive highs). The higher-risk routine groups (@InQuirer 7→8 major, otel/smithy/aws-sdk transitive-only, typescript-eslint peer conflict, @types/vscode engine-coupled) are tracked separately for a deliberate maintenance pass. Co-Authored-By: claude-flow <ruv@ruv.net> Co-Authored-By: Claude <noreply@anthropic.com>
This was referenced Jun 13, 2026
Website Preview
|
E2E Test ResultsE2E Test Results - June 13, 2026Summary
Test Results
Generated by skillsmith E2E test suite |
This was referenced Jun 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Consolidated manual bump of the low-risk, direct-manifest routine deps from the June Dependabot batch. Done manually because Dependabot can't regenerate a valid lockfile for this repo — the transitive
jose@5.10.0drift (viaruflo → @claude-flow/cli) makesnpm cifail, so every routine Dependabot recreate produces a broken lockfile.globals@types/node@supabase/supabase-js@supabase/*follow)Verification
npm audit --omit=dev --audit-level=high→ 0 (gate stays green)npm run build7/7;typecheckcleanDeferred (tracked for a deliberate maintenance pass)
The higher-risk routine groups are not included:
@inquirer/prompts7→8 (major),otel/smithy/aws-sdk(transitive-only groups),typescript-eslint(known 8.59.1↔8.61.0 peer conflict), and@types/vscode1.110→1.120 (coupled toengines.vscode). See the maintenance tracking issue.[skip-impl-check] — deps-only PR (package.json + lockfile); no source/test changes by design.
🤖 Generated with Ruflo