Skip to content

chore(deps): bump turbo from 2.8.21 to 2.9.14#54

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/turbo-2.9.14
Open

chore(deps): bump turbo from 2.8.21 to 2.9.14#54
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/turbo-2.9.14

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 28, 2026

Copy link
Copy Markdown
Contributor

Bumps turbo from 2.8.21 to 2.9.14.

Release notes

Sourced from turbo's releases.

Turborepo v2.9.14

[!NOTE] This release contains important security fixes.

High:

Low:

What's Changed

Changelog

New Contributors

Full Changelog: vercel/turborepo@v2.9.12...v2.9.14

Turborepo v2.9.13-canary.1

What's Changed

Changelog

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [turbo](https://github.com/vercel/turborepo) from 2.8.21 to 2.9.14.
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.8.21...v2.9.14)

---
updated-dependencies:
- dependency-name: turbo
  dependency-version: 2.9.14
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 28, 2026
@github-actions github-actions Bot enabled auto-merge (squash) May 28, 2026 18:03
@augmentcode

augmentcode Bot commented May 28, 2026

Copy link
Copy Markdown
🤖 Augment PR Summary

Summary: Updates Turborepo ("turbo") to a newer 2.9.x release.

Changes:

  • Bumped turbo devDependency from ^2.8.21 to ^2.9.14.
  • Updated pnpm-lock.yaml so the workspace resolves Turbo 2.9.14 (including associated @turbo/* platform packages).

Why: Aligns the repo with upstream Turborepo releases that include security fixes and other maintenance changes.

Technical Notes: This repo’s top-level scripts invoke turbo for build/test/lint/typecheck; CI should validate behavior with the updated version, and the lockfile remains on lockfileVersion: '9.0' consistent with pnpm@9.0.0.

🤖 Was this summary useful? React with 👍 or 👎

@augmentcode augmentcode Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review completed. 1 suggestion posted.

Fix All in Augment

Comment augment review to trigger a new review at any time.

Comment thread package.json
"eslint": "^10.1.0",
"size-limit": "^12.0.1",
"turbo": "^2.8.21",
"turbo": "^2.9.14",

@augmentcode augmentcode Bot May 28, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

package.json:39 — Since the lockfile diff is omitted in the PR view due to size, it’s worth double-checking that the regenerated pnpm-lock.yaml reflects only the intended turbo upgrade (and wasn’t influenced by a different pnpm version or unrelated dependency changes).

Severity: medium

Fix This in Augment

🤖 Was this useful? React with 👍 or 👎, or 🚀 if it prevented an incident/outage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants