Skip to content

chore: update @taiga-ui/* deps #1467

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: update @taiga-ui/* deps #1467

wants to merge 1 commit into from

Conversation

@taiga-family-bot
Copy link
Member

@taiga-family-bot taiga-family-bot commented Oct 17, 2025
edited
Loading

This PR contains the following updates:

Package Type Change
@taiga-ui/addon-doc devDependencies 4.58.0 -> 4.60.0
@taiga-ui/addon-mobile devDependencies 4.58.0 -> 4.60.0
@taiga-ui/auto-changelog-config devDependencies 0.346.0 -> 0.352.0
@taiga-ui/cdk devDependencies 4.58.0 -> 4.60.0
@taiga-ui/commitlint-config devDependencies 0.346.0 -> 0.352.0
@taiga-ui/core devDependencies 4.58.0 -> 4.60.0
@taiga-ui/cspell-config devDependencies 0.346.0 -> 0.352.0
@​taiga-ui/eslint-plugin-experience-next devDependencies 0.346.0 -> 0.352.0
@taiga-ui/icons devDependencies 4.58.0 -> 4.60.0
@taiga-ui/kit devDependencies 4.58.0 -> 4.60.0
@taiga-ui/layout devDependencies 4.58.0 -> 4.60.0
@taiga-ui/legacy devDependencies 4.58.0 -> 4.60.0
@taiga-ui/prettier-config devDependencies 0.346.0 -> 0.352.0
@taiga-ui/release-it-config devDependencies 0.346.0 -> 0.352.0
@taiga-ui/stylelint-config devDependencies 0.346.0 -> 0.352.0
@​taiga-ui/styles devDependencies 4.58.0 -> 4.60.0
@taiga-ui/syncer devDependencies 0.346.0 -> 0.352.0
@taiga-ui/tsconfig devDependencies 0.346.0 -> 0.352.0
  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 17, 2025
edited
Loading

✅ NPM Audit Good

21 moderate severity vulnerabilities

Show details 
# npm audit report

@conventional-changelog/git-client  <lt;2.0.0
Severity: moderate
@conventional-changelog/git-client has Argument Injection vulnerability - https://github.com/advisories/GHSA-vh25-5764-9wcr
fix available via `npm audit fix --force`
Will install @taiga-ui/[email protected], which is a breaking change
node_modules/conventional-changelog-core/node_modules/@conventional-changelog/git-client
node_modules/conventional-recommended-bump/node_modules/@conventional-changelog/git-client
node_modules/git-semver-tags/node_modules/@conventional-changelog/git-client
  conventional-recommended-bump  10.0.0
  Depends on vulnerable versions of @conventional-changelog/git-client
  node_modules/conventional-recommended-bump
    @release-it/conventional-changelog  >gt;=8.0.2-next.0
    Depends on vulnerable versions of conventional-changelog
    Depends on vulnerable versions of conventional-recommended-bump
    Depends on vulnerable versions of git-semver-tags
    node_modules/@release-it/conventional-changelog
      @taiga-ui/release-it-config  >gt;=0.229.0
      Depends on vulnerable versions of @release-it/conventional-changelog
      node_modules/@taiga-ui/release-it-config
  git-raw-commits  >gt;=5.0.0
  Depends on vulnerable versions of @conventional-changelog/git-client
  node_modules/conventional-changelog-core/node_modules/git-raw-commits
    conventional-changelog-core  >gt;=8.0.0
    Depends on vulnerable versions of git-raw-commits
    Depends on vulnerable versions of git-semver-tags
    node_modules/conventional-changelog-core
      conventional-changelog  6.0.0
      Depends on vulnerable versions of conventional-changelog-core
      node_modules/conventional-changelog
  git-semver-tags  >gt;=8.0.0
  Depends on vulnerable versions of @conventional-changelog/git-client
  node_modules/git-semver-tags

koa  3.0.1 - 3.0.2
Severity: moderate
Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic - https://github.com/advisories/GHSA-g8mr-fgfg-5qpc
fix available via `npm audit fix --force`
Will install @nx/[email protected], which is a breaking change
node_modules/koa
  @module-federation/dts-plugin  <lt;=0.0.0-research-issue-4085-20251016232757 || >gt;=0.18.0
  Depends on vulnerable versions of koa
  node_modules/@module-federation/dts-plugin
  node_modules/@module-federation/node/node_modules/@module-federation/dts-plugin
    @module-federation/cli  <lt;=0.0.0-research-issue-4085-20251016232757 || >gt;=0.18.0
    Depends on vulnerable versions of @module-federation/dts-plugin
    node_modules/@module-federation/cli
    node_modules/@module-federation/node/node_modules/@module-federation/cli
    @module-federation/enhanced  <lt;=0.0.0-fix-register-share-20251020114421 || >gt;=0.18.0
    Depends on vulnerable versions of @module-federation/cli
    Depends on vulnerable versions of @module-federation/dts-plugin
    Depends on vulnerable versions of @module-federation/manifest
    Depends on vulnerable versions of @module-federation/rspack
    node_modules/@module-federation/enhanced
    node_modules/@module-federation/node/node_modules/@module-federation/enhanced
      @module-federation/node  >gt;=2.7.11
      Depends on vulnerable versions of @module-federation/enhanced
      node_modules/@module-federation/node
      @nx/module-federation  <lt;=0.0.0-pr-33229-fff13a7 || >gt;=21.4.0-beta.0
      Depends on vulnerable versions of @module-federation/enhanced
      Depends on vulnerable versions of @module-federation/node
      node_modules/@nx/module-federation
        @nx/angular  <lt;=0.0.0-pr-33229-fff13a7 || >gt;=21.4.0-beta.0
        Depends on vulnerable versions of @nx/module-federation
        Depends on vulnerable versions of @nx/rspack
        node_modules/@nx/angular
      @nx/rspack  <lt;=0.0.0-pr-33229-fff13a7 || >gt;=21.4.0-beta.0
      Depends on vulnerable versions of @module-federation/enhanced
      Depends on vulnerable versions of @module-federation/node
      Depends on vulnerable versions of @nx/module-federation
      node_modules/@nx/rspack
    @module-federation/manifest  <lt;=0.0.0-fix-register-share-20251020114421 || >gt;=0.18.0
    Depends on vulnerable versions of @module-federation/dts-plugin
    node_modules/@module-federation/manifest
    node_modules/@module-federation/node/node_modules/@module-federation/manifest
    @module-federation/rspack  <lt;=0.0.0-research-issue-4085-20251016232757 || >gt;=0.18.0
    Depends on vulnerable versions of @module-federation/dts-plugin
    Depends on vulnerable versions of @module-federation/manifest
    node_modules/@module-federation/node/node_modules/@module-federation/rspack
    node_modules/@module-federation/rspack

vite  6.0.0 - 6.4.0
Severity: moderate
vite allows server.fs.deny bypass via backslash on Windows - https://github.com/advisories/GHSA-93m4-6634-74q7
fix available via `npm audit fix --force`
Will install @angular-devkit/[email protected], which is a breaking change
node_modules/@angular/build/node_modules/vite
node_modules/vite
  @angular/build  19.1.0-next.0 - 20.1.0-rc.0
  Depends on vulnerable versions of vite
  node_modules/@angular/build
    @angular-devkit/build-angular  19.1.0-next.0 - 20.1.0-rc.0
    Depends on vulnerable versions of @angular/build
    node_modules/@angular-devkit/build-angular

21 moderate severity vulnerabilities

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

@github-actions
Copy link
Contributor

github-actions bot commented Oct 17, 2025
edited
Loading

Visit the preview URL for this PR (updated for commit ed2c473):

https://ng-web-apis-common--pr1467-renovate-taiga-ui-d-9vm437kx.web.app

(expires Tue, 28 Oct 2025 11:34:20 GMT)

🔥 via Firebase Hosting GitHub Action 🌎

Sign: a9d81cd8541a1a45fa12e730c551222bb3d5ceb9

@taiga-family-bot taiga-family-bot changed the title chore: update @taiga-ui/* deps to v0.347.0 chore: update @taiga-ui/* deps to v0.348.0 Oct 20, 2025
@taiga-family-bot taiga-family-bot changed the title chore: update @taiga-ui/* deps to v0.348.0 chore: update @taiga-ui/* deps Oct 20, 2025
@taiga-family-bot taiga-family-bot force-pushed the renovate/@taiga-ui-deps branch 6 times, most recently from 0605fc4 to 274fcd4 Compare October 27, 2025 10:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@waterplea waterplea Awaiting requested review from waterplea waterplea is a code owner

@MarsiBarsi MarsiBarsi Awaiting requested review from MarsiBarsi MarsiBarsi is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@taiga-family-bot taiga-family-bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@taiga-family-bot