chore(deps): bump the dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the dependencies group with 8 updates in the /pkg/js directory:

Package	From	To
yaml	2.8.0	2.8.1
@jest/globals	29.7.0	30.2.0
@openfga/sdk	0.9.0	0.9.1
@types/node	24.1.0	24.10.0
@typescript-eslint/eslint-plugin	8.38.0	8.46.3
jest	29.7.0	30.2.0
ts-jest	29.4.0	29.4.5
typescript	5.8.3	5.9.3

Updates yaml from 2.8.0 to 2.8.1

Release notes

Sourced from yaml's releases.

v2.8.1

• Preserve empty block literals (#634)

Commits

• 1dc3c3b 2.8.1
• 5bbb1cb chore: Add explicit jest-resolve@29 dev dependency to keep Node.js 15 compati...
• b3ba632 chore: Refresh lockfile
• de8a0ab fix: Preserve empty block literals (#634)
• 81eb3bf docs: Update site intro
• ef23196 docs: Update README & docs/CONTRIBUTING
• aa29f42 docs: Note that schema can be a Schema
• cad823e docs: Update instructions on vulnerability reporting
• See full diff in compare view

Updates @jest/globals from 29.7.0 to 30.2.0

Release notes

Sourced from @​jest/globals's releases.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• `[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

Chore

• [expect] Update docblock for toContain() to display info on substring check (#15789)

30.0.2

What's Changed

... (truncated)

Changelog

Sourced from @​jest/globals's changelog.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)
• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)
• [jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#15821)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

... (truncated)

Commits

• 855864e v30.2.0
• ebfa31c v30.1.2
• d347c0f v30.1.1
• 4d5f41d v30.1.0
• 22236cf v30.0.5
• f4296d2 v30.0.4
• d4a6c94 v30.0.3
• 393acbf v30.0.2
• 5ce865b v30.0.1
• 469f665 v30.0.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by cpojer, a new releaser for @​jest/globals since your current version.

Updates @openfga/sdk from 0.9.0 to 0.9.1

Release notes

Sourced from @​openfga/sdk's releases.

v0.9.1

v0.9.1 (2025-11-05)

• feat: add support for handling Retry-After header (#267)
• feat: add support for conflict options for Write operations: (#276) The client now supports setting conflict on ClientWriteRequestOpts to control behavior when writing duplicate tuples or deleting non-existent tuples. This feature requires OpenFGA server v1.10.0 or later. See Conflict Options for Write Operations for more.

What's Changed

• chore: update SECURITY-INSIGHTS by @​aaguiarz in openfga/js-sdk#239
• chore(ci): restrict semgrep workflow permissions to only read contents by @​aaguiarz in openfga/js-sdk#240
• chore(deps): upgrade dependencies by @​rhamzeh in openfga/js-sdk#241
• chore(deps): bump codecov/codecov-action from 5.4.2 to 5.4.3 in the dependencies group by @​dependabot[bot] in openfga/js-sdk#226
• chore(ci): remove semgrep workflow by @​rhamzeh in openfga/js-sdk#244
• chore(deps-dev): bump @​types/node from 24.2.0 to 24.2.1 in the dependencies group across 1 directory by @​dependabot[bot] in openfga/js-sdk#246
• chore: create scorecard.yml by @​aaguiarz in openfga/js-sdk#245
• ci: update dependabot config by @​evansims in openfga/js-sdk#249
• chore(deps-dev): bump the dependencies group with 3 updates by @​dependabot[bot] in openfga/js-sdk#251
• chore(deps): bump the dependencies group with 3 updates by @​dependabot[bot] in openfga/js-sdk#250
• chore(deps): bump axios from 1.11.0 to 1.12.0 in the npm_and_yarn group across 1 directory by @​dependabot[bot] in openfga/js-sdk#257
• chore(deps): bump the dependencies group across 1 directory with 4 updates by @​dependabot[bot] in openfga/js-sdk#258
• chore(deps): bump the dependencies group across 1 directory with 2 updates by @​dependabot[bot] in openfga/js-sdk#255
• chore(docs): add scorecard, deepwiki and socket.dev badges by @​aaguiarz in openfga/js-sdk#260
• Update SECURITY-INSIGHTS by @​aaguiarz in openfga/js-sdk#259
• chore(deps-dev): bump the dependencies group with 4 updates by @​dependabot[bot] in openfga/js-sdk#261
• chore: Add docs and tests for sending custom headers by @​jimmyjames in openfga/js-sdk#262
• chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 in the dependencies group by @​dependabot[bot] in openfga/js-sdk#264
• chore(deps-dev): bump the dependencies group with 4 updates by @​dependabot[bot] in openfga/js-sdk#263
• feat: List Stores Name Filter by @​jimmyjames in openfga/js-sdk#265
• chore(deps-dev): bump the dependencies group with 2 updates by @​dependabot[bot] in openfga/js-sdk#269
• feat: add support for handling Retry-After header by @​SoulPancake in openfga/js-sdk#267
• chore: Added a top-level Makefile in js-sdk to simplify running tests and li… by @​Abishek-Newar in openfga/js-sdk#277
• chore: reduce generated code by @​rhamzeh in openfga/js-sdk#266
• feat: add support for write conflict settings by @​phamhieu in openfga/js-sdk#276
• release: v0.9.1 by @​rhamzeh in openfga/js-sdk#283

New Contributors

• @​aaguiarz made their first contribution in openfga/js-sdk#239
• @​SoulPancake made their first contribution in openfga/js-sdk#267
• @​Abishek-Newar made their first contribution in openfga/js-sdk#277
• @​phamhieu made their first contribution in openfga/js-sdk#276

Full Changelog: openfga/js-sdk@v0.9.0...v0.9.1

Changelog

Sourced from @​openfga/sdk's changelog.

v0.9.1

v0.9.1 (2025-11-05)

• feat: add support for handling Retry-After header (#267)
• feat: add support for conflict options for Write operations: (#276) The client now supports setting conflict on ClientWriteRequestOpts to control behavior when writing duplicate tuples or deleting non-existent tuples. This feature requires OpenFGA server v1.10.0 or later. See Conflict Options for Write Operations for more.

Commits

• 9163587 release: v0.9.1 (#283)
• b365647 feat: add support for write conflict settings (#276)
• 9b81c81 chore: reduce generated code (#266)
• ab47bd4 chore: Added a top-level Makefile in js-sdk to simplify running tests and li…...
• 351b3d0 feat: add support for handling Retry-After header (#267)
• 3fe33ac chore(deps-dev): bump the dependencies group with 2 updates (#269)
• a61ccf6 feat: List Stores Name Filter (#265)
• 557bf4e chore(deps-dev): bump the dependencies group with 4 updates (#263)
• 1fbf310 chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 in the dependenci...
• b2a565b chore: Add docs and tests for sending custom headers (#262)
• Additional commits viewable in compare view

Updates @types/node from 24.1.0 to 24.10.0

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.38.0 to 8.46.3

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.46.3

8.46.3 (2025-11-03)

🩹 Fixes

• eslint-plugin: [no-misused-promises] expand union type to retrieve target property (#11706)
• eslint-plugin: [no-duplicate-enum-values] support signed numbers (#11722, #11723)

❤️ Thank You

• Evgeny Stepanovych @​undsoft
• tao

You can read about our versioning strategy and releases on our website.

v8.46.2

8.46.2 (2025-10-20)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] skip optional chaining when it could change the result (#11702)
• typescript-estree: forbid invalid modifiers in object methods (#11689)

❤️ Thank You

• fisker Cheung @​fisker
• mdm317

You can read about our versioning strategy and releases on our website.

v8.46.1

8.46.1 (2025-10-13)

🩹 Fixes

• ast-spec: cleanup TSLiteralType (#11624)
• eslint-plugin: [prefer-optional-chain] include mixed "nullish comparison style" chains in checks (#11533)
• eslint-plugin: [no-misused-promises] special-case .finally not to report when a promise returning function is provided as an argument (#11667)

❤️ Thank You

• Abraham Guo
• mdm317
• Ronen Amiel

You can read about our versioning strategy and releases on our website.

v8.46.0

8.46.0 (2025-10-06)

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.46.3 (2025-11-03)

🩹 Fixes

• eslint-plugin: [no-duplicate-enum-values] support signed numbers (#11722, #11723)
• eslint-plugin: [no-misused-promises] expand union type to retrieve target property (#11706)

❤️ Thank You

• Evgeny Stepanovych @​undsoft
• tao

You can read about our versioning strategy and releases on our website.

8.46.2 (2025-10-20)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] skip optional chaining when it could change the result (#11702)

❤️ Thank You

• mdm317

You can read about our versioning strategy and releases on our website.

8.46.1 (2025-10-13)

🩹 Fixes

• eslint-plugin: [no-misused-promises] special-case .finally not to report when a promise returning function is provided as an argument (#11667)
• eslint-plugin: [prefer-optional-chain] include mixed "nullish comparison style" chains in checks (#11533)

❤️ Thank You

• mdm317
• Ronen Amiel

You can read about our versioning strategy and releases on our website.

8.46.0 (2025-10-06)

🚀 Features

• eslint-plugin: [no-unsafe-member-access] add allowOptionalChaining option (#11659)
• rule-schema-to-typescript-types: clean up and make public (#11633)

🩹 Fixes

• eslint-plugin: [prefer-readonly-parameter-types] ignore tagged primitives (#11660)

... (truncated)

Commits

• d9f3497 chore(release): publish 8.46.3
• 26a9f94 fix(eslint-plugin): [no-duplicate-enum-values] support signed numbers (#11722...
• b8219d1 fix(eslint-plugin): [no-misused-promises] expand union type to retrieve targe...
• 55ca033 chore(release): publish 8.46.2
• 698e7a8 fix(eslint-plugin): [prefer-optional-chain] skip optional chaining when it co...
• 3f5fbf6 chore(release): publish 8.46.1
• a64b3cc fix(eslint-plugin): [no-misused-promises] special-case .finally not to repo...
• 73003bf fix(eslint-plugin): [prefer-optional-chain] include mixed "nullish comparison...
• aec785e chore(release): publish 8.46.0
• a974191 fix(eslint-plugin): [prefer-readonly-parameter-types] ignore tagged primitive...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​typescript-eslint/eslint-plugin since your current version.

Updates @typescript-eslint/parser from 8.38.0 to 8.46.3

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.46.3

8.46.3 (2025-11-03)

🩹 Fixes

• eslint-plugin: [no-misused-promises] expand union type to retrieve target property (#11706)
• eslint-plugin: [no-duplicate-enum-values] support signed numbers (#11722, #11723)

❤️ Thank You

• Evgeny Stepanovych @​undsoft
• tao

You can read about our versioning strategy and releases on our website.

v8.46.2

8.46.2 (2025-10-20)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] skip optional chaining when it could change the result (#11702)
• typescript-estree: forbid invalid modifiers in object methods (#11689)

❤️ Thank You

• fisker Cheung @​fisker
• mdm317

You can read about our versioning strategy and releases on our website.

v8.46.1

8.46.1 (2025-10-13)

🩹 Fixes

• ast-spec: cleanup TSLiteralType (#11624)
• eslint-plugin: [prefer-optional-chain] include mixed "nullish comparison style" chains in checks (#11533)
• eslint-plugin: [no-misused-promises] special-case .finally not to report when a promise returning function is provided as an argument (#11667)

❤️ Thank You

• Abraham Guo
• mdm317
• Ronen Amiel

You can read about our versioning strategy and releases on our website.

v8.46.0

8.46.0 (2025-10-06)

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.46.3 (2025-11-03)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.2 (2025-10-20)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.1 (2025-10-13)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.0 (2025-10-06)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.45.0 (2025-09-29)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.44.1 (2025-09-22)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.44.0 (2025-09-15)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.43.0 (2025-09-08)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.42.0 (2025-09-02)

... (truncated)

Commits

• d9f3497 chore(release): publish 8.46.3
• 55ca033 chore(release): publish 8.46.2
• 3f5fbf6 chore(release): publish 8.46.1
• aec785e chore(release): publish 8.46.0
• 255e9e2 chore(release): publish 8.45.0
• c198052 chore(release): publish 8.44.1
• 77056f7 chore(release): publish 8.44.0
• ef9173c chore(release): publish 8.43.0
• d135909 chore(release): publish 8.42.0
• 31a7336 chore(release): publish 8.41.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​typescript-eslint/parser since your current version.

Updates jest from 29.7.0 to 30.2.0

Release notes

Sourced from jest's releases.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• `[jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

Chore

• [expect] Update docblock for toContain() to display info on substring check (#15789)

30.0.2

What's Changed

... (truncated)

Changelog

Sourced from jest's changelog.

30.2.0

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#15832)
• [*] Update jest-watch-typeahead to v3 (#15830)

Features

• [jest-environment-jsdom-abstract] Add support for JSDOM v27 (#15834)

Fixes

• [jest-matcher-utils] Fix infinite recursion with self-referential getters in deepCyclicCopyReplaceable (#15831)
• [babel-jest] Export the TransformerConfig interface (#15820)
• [jest-config] Fix jest.config.ts with TS loader specified in docblock pragma (#15839)

30.1.3

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

30.1.2

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#15803)

30.1.1

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#15800)
• [jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#15821)

30.1.0

Features

• [jest-leak-detector] Configurable GC aggressiveness regarding to V8 heap snapshot generation (#15793)
• [jest-runtime] Reduce redundant ReferenceError messages
• [jest-core] Include test modules that failed to load when --onlyFailures is active

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot guide link not getting replaced with fully canonical URL (#15787)
• [jest-circus] Fix it.concurrent not working with describe.skip (#15765)
• [jest-snapshot] Fix mangled inline snapshot updates when used with Prettier 3 and CRLF line endings
• [jest-runtime] Importing from @jest/globals in more than one file no longer breaks relative paths (#15772)

... (truncated)

Commits

• 855864e v30.2.0
• da9b532 v30.1.3
• ebfa31c v30.1.2
• d347c0f v30.1.1
• 4d5f41d v30.1.0
• 22236cf v30.0.5
• f4296d2 v30.0.4
• d4a6c94 v30.0.3
• 393acbf v30.0.2
• 5ce865b v30.0.1
• Additional commits viewable in compare view

Updates ts-jest from 29.4.0 to 29.4.5

Release notes

Sourced from ts-jest's releases.

v29.4.5

Please refer to CHANGELOG.md for details.

v29.4.4

Please refer to CHANGELOG.md for details.

v29.4.3

Please refer to CHANGELOG.md for details.

v29.4.2

Please refer to CHANGELOG.md for details.

v29.4.1

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.5 (2025-10-10)

Bug Fixes

• allow filtering modern module warning message with diagnostic code (c290d4d), , closes #5013

29.4.4 (2025-09-19)

Bug Fixes

• revert 29.4.3 changes (25cb706), closes #5049

29.4.3 (2025-09-17)

Bug Fixes

• introduce transpilation option to replace isolatedModules option (#5044) (5868761)

29.4.2 (2025-09-15)

Bug Fixes

• fix: node 14 compatibility (aa0d563), fixes #5038

29.4.1 (2025-08-03)

Bug Fixes

• fix: replace ejs with handlebars due to security issues (899c9b7), closes #4969

Commits

• 9d5248a chore(release): 29.4.5
• ca8b623 refactor: improve message about using Node16/18/Next
• c290d4d fix: allow filtering modern module warning message with diagnostic code
• 1ff2dda build: replace conventional-changelog-cli dep
• 1c08db3 ci: run npm ci --ignore-scripts for workflows
• 9f60d2c ci: enhance security for Renovate PRs
• 1c1077f build(deps): Update dependency @​formatjs/ts-transformer to ^3.14.2
• 9037f2f build(deps): Update dependency @​types/node to v20.19.20
• 6ed0e1c build(deps): Update dependency semver to ^7.7.3
• 4a06f8c build(deps): Update github/codeql-action digest to a8d1ac4
• Additional commits viewable in compare view

Updates typescript from 5.8.3 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)
• fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

• npm

TypeScript 5.9

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)

Downloads are available on:

• npm

TypeScript 5.9 RC

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).

Downloads are available on:

• npm

TypeScript 5.9 Beta

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.9.0 (Beta).

Downloads are available on:

• npm

Commits

• c63de15 Bump version to 5.9.3 and LKG
• 8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
• a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
• 0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
• bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
• 0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
• 2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
• 5be3346 Bump version to 5.9.2 and LKG
• ad825f2 Bump version to 5.9.1-rc and LKG
• 463a5bf Update LKG
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​jest/​globals@​29.7.0 ⏵ 30.2.0	+1		+1
	npm/​jest@​29.7.0 ⏵ 30.2.0	+1		+1
	npm/​@​typescript-eslint/​parser@​8.38.0 ⏵ 8.47.0				+1
	npm/​@​typescript-eslint/​eslint-plugin@​8.38.0 ⏵ 8.47.0	+1		+1	+1
	npm/​@​types/​node@​24.1.0 ⏵ 24.10.1	+1		+1
	npm/​yaml@​2.8.0 ⏵ 2.8.1	+1
	npm/​typescript@​5.8.3 ⏵ 5.9.3	+1		+1
	npm/​ts-jest@​29.4.0 ⏵ 29.4.5	+1		+1
	npm/​@​openfga/​sdk@​0.9.0 ⏵ 0.9.1	+1		+1	+18

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		License policy violation: npm typescript under MIT-Khronos-old License: MIT-Khronos-old - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) License: LicenseRef-W3C-Community-Final-Specification-Agreement - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) From: pkg/js/package-lock.json → npm/[email protected] ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.