chore(deps): bump the dependencies group with 2 updates#351
chore(deps): bump the dependencies group with 2 updates#351dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the dependencies group with 2 updates: [@earendil-works/pi-ai](https://github.com/earendil-works/pi/tree/HEAD/packages/ai) and [oxlint-tsgolint](https://github.com/oxc-project/tsgolint). Updates `@earendil-works/pi-ai` from 0.80.2 to 0.80.3 - [Release notes](https://github.com/earendil-works/pi/releases) - [Changelog](https://github.com/earendil-works/pi/blob/main/packages/ai/CHANGELOG.md) - [Commits](https://github.com/earendil-works/pi/commits/v0.80.3/packages/ai) Updates `oxlint-tsgolint` from 0.23.0 to 0.24.0 - [Release notes](https://github.com/oxc-project/tsgolint/releases) - [Commits](oxc-project/tsgolint@v0.23.0...v0.24.0) --- updated-dependencies: - dependency-name: "@earendil-works/pi-ai" dependency-version: 0.80.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: oxlint-tsgolint dependency-version: 0.24.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
|
Codex review: needs maintainer review before merge. Reviewed July 8, 2026, 1:29 AM ET / 05:29 UTC. Summary Reproducibility: not applicable. This PR is a dependency refresh, not a reported bug. Source inspection shows the runtime and lint surfaces affected by the updated packages. Review metrics: 2 noteworthy metrics.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Let CI finish and merge the narrow dependency refresh if checks stay green; otherwise recreate or rebase Dependabot after addressing any real failures. Do we have a high-confidence way to reproduce the issue? Not applicable; this PR is a dependency refresh, not a reported bug. Source inspection shows the runtime and lint surfaces affected by the updated packages. Is this the best way to solve the issue? Yes, the dependency refresh is narrow and maintainable: it updates only package.json and pnpm-lock.yaml, with merge gated by CI and normal dependency review. AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against 206a6f844764. Label changesLabel changes:
Label justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
Bumps the dependencies group with 2 updates: @earendil-works/pi-ai and oxlint-tsgolint.
Updates
@earendil-works/pi-aifrom 0.80.2 to 0.80.3Release notes
Sourced from @earendil-works/pi-ai's releases.
Changelog
Sourced from @earendil-works/pi-ai's changelog.
Commits
a23abe4Release v0.80.3f98a154docs: audit changelog entries5c1a297fix(ai): update generated model catalogue3d6acb3fix(ai): regenerate model catalog6fbeba5Merge pull request #5832 from stephanmck/fix/provider-error-body-passthrough-...b91bdd5fix(ai): preserve Z.AI thinking content5411373fix(ai): use HTTP timeout for Codex SSE headers09f1059fix(ai): clamp streamSimple max tokensf78b163fix(ai): revert minimax max token clamp62fad94fix(ai): surface provider HTTP error body instead of opaque SDK messageUpdates
oxlint-tsgolintfrom 0.23.0 to 0.24.0Release notes
Sourced from oxlint-tsgolint's releases.
... (truncated)
Commits
5a37e89fix(dot-notation): determine the relevant accessor (#1028)67a281fperf(consistent-return): defer per-function type resolution (#1031)a5e2ff0perf(no-unnecessary-qualifier): skip symbol resolution outside namespaces. (#...a8fc668perf(no-confusing-void-expression): check ancestor position before type query...03158ccperf(no-unnecessary-type-conversion): hoist constant builtin-name slices (#1040)d9e645cperf(prefer-optional-chain): lazily allocate chain-processor caches (#1041)63f578arefactor(no-unnecessary-condition): remove dead containsUnguardedElementAcces...f174876chore(deps): update gomod (#1035)47de9cfchore(deps): update github actions (#1036)e209b5bchore(deps): update actions/cache action to v6 (#1037)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions