Skip to content

chore(deps): bump the prod group with 3 updates#2542

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/prod-0686397b6f
Closed

chore(deps): bump the prod group with 3 updates#2542
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/prod-0686397b6f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 2, 2026
edited
Loading

Bumps the prod group with 3 updates: @nextcloud/axios, vue and vue-router.

Updates @nextcloud/axios from 2.5.2 to 2.6.0

Release notes

Sourced from @​nextcloud/axios's releases.

v2.6.0

2.6.0 - 2026-04-21

Notes

Deprecations

Axios.CancelToken is now deprecated, this was deprecated by upstream Axios since 0.22.0. Please migrate to the native AbortController API using the signal attribute within the Axios request configuration.

Behavior changes

This package now only contains Javascript module (ESM) files, meaning the CommonJS files have been dropped. All app bundling tools we provide and support (Vite or Webpack 5+) will keep working without any changes needed. For unit tests vitest will keep working as well, for Jest you might need to adjust the transformIgnorePatterns.

Fixed

  • fix: fetch token using @nextcloud/auth which updates the token on context (#913)
  • fix: axios does not preserve symbols in its config (#916)

Changed

  • Updated development dependencies
  • build(deps): Removed dependency on @nextcloud/router
  • build(deps): Added dependency on @nextcloud/auth 2.6.0+
  • build(deps): Bump axios to 1.15.0
  • ci: update all workflow templates from organization template repository (#905)
  • chore: deprecate Axios.CancelToken (#918)
  • chore: drop cjs and migrate building to vanilla Typescript (#919)
Changelog

Sourced from @​nextcloud/axios's changelog.

2.6.0 - 2026-04-16

Notes

Deprecations

Axios.CancelToken is now deprecated, this was deprecated by upstream Axios since 0.22.0. Please migrate to the native AbortController API using the signal attribute within the Axios request configuration.

Behavior changes

This package now only contains Javascript module (ESM) files, meaning the CommonJS files have been dropped. All app bundling tools we provide and support (Vite or Webpack 5+) will keep working without any changes needed. For unit tests vitest will keep working as well, for Jest you might need to adjust the transformIgnorePatterns.

Fixed

  • fix: fetch token using @nextcloud/auth which updates the token on context (#913)
  • fix: axios does not preserve symbols in its config (#916)

Changed

  • Updated development dependencies
  • build(deps): Removed dependency on @nextcloud/router
  • build(deps): Added dependency on @nextcloud/auth 2.6.0+
  • build(deps): Bump axios to 1.15.0
  • ci: update all workflow templates from organization template repository (#905)
  • chore: deprecate Axios.CancelToken (#918)
  • chore: drop cjs and migrate building to vanilla Typescript (#919)
Commits
  • 06dfd2b Merge pull request #920 from nextcloud-libraries/chore/prepare-v2-6-0
  • 7f9f1df chore: prepare v2.6.0
  • f0c1df1 Merge pull request #919 from nextcloud-libraries/chore/typescript
  • 21833ab chore: drop cjs and migrate building to vanilla Typescript
  • e1ddc89 Merge pull request #913 from nextcloud-libraries/fix/fetch-and-set-token
  • 96588b9 fix: fetch token using @nextcloud/auth which updates the token on context
  • c35a05c Merge pull request #916 from nextcloud-libraries/fix/axios
  • 6a4c5c5 fix: axios does not preserve symbols in config
  • 987e803 test: rename folder to comply with internal standards
  • 07b285d test: migrate tests for real browser tests using vitest browsermode +MSW
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​nextcloud/axios since your current version.


Updates vue from 3.5.32 to 3.5.33

Release notes

Sourced from vue's releases.

v3.5.33

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.33 (2026-04-22)

Bug Fixes

Commits
  • 3310eea release: v3.5.33
  • bb9d265 fix(compiler-sfc): handle nested :deep in selector pseudos (#14725)
  • 60402cd Revert "chore(deps): update pnpm/action-setup action to v6" (#14749)
  • 11fb2fd fix(runtime-dom): preserve textarea resize dimensions (#14747)
  • 974e2d2 chore(deps): update test (#14713)
  • 45990ce fix(transition): preserve placeholder for conditional explicit default slots ...
  • 6a61f44 fix(teleport): don't move teleport children if not mounted (#14702)
  • e7659be fix(reactivity): unlink effect scopes on out-of-order off (#14734)
  • 268115d chore: update pnpm config (#14694)
  • 24f26f4 chore(deps): update pnpm/action-setup action to v6 (#14716)
  • Additional commits viewable in compare view

Updates vue-router from 5.0.4 to 5.0.6

Release notes

Sourced from vue-router's releases.

v5.0.6

   🐞 Bug Fixes

    View changes on GitHub

v5.0.5

   🚀 Features

   🐞 Bug Fixes

  • Track definePage imports per-file to fix named view race condition  -  by @​posva (11191)
  • Avoid double decoding hash on string location  -  by @​posva (1578c)
    View changes on GitHub
Commits
  • 03e2337 release: vue-router@5.0.6
  • 32f78c7 fix: missing closing quote in generated import (#2688)
  • 7a41931 release: vue-router@5.0.5
  • 1578c9e fix: avoid double decoding hash on string location
  • 1e7d2cd chore(release): show last tag and relative date in package prompt
  • dacc763 chore: update sponsors
  • c24b418 build: support git worktrees in verifyCommit script
  • 11191bc fix: track definePage imports per-file to fix named view race condition
  • 8e5f147 style: avoid worktrees
  • 0a043f2 chore: disable no-this-alias rule and remove inline suppression comments
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot Bot added 3. to review dependencies Pull requests that update a dependency file labels May 2, 2026
@github-actions github-actions Bot enabled auto-merge May 2, 2026 03:55
@cypress
Copy link
Copy Markdown

cypress Bot commented May 2, 2026
edited
Loading

Activity    Run #3662

Run Properties:  status check failed Failed #3662  •  git commit f64a42988e: chore(deps): bump the prod group with 3 updates
Project Activity
Branch Review dependabot/npm_and_yarn/prod-0686397b6f
Run status status check failed Failed #3662
Run duration 02m 17s
Commit git commit f64a42988e: chore(deps): bump the prod group with 3 updates
Committer dependabot[bot]
View all properties for this run ↗︎
Test results
Tests that failed  Failures 1
Tests that were flaky  Flaky 0
Tests that did not run due to a developer annotating a test with .skip  Pending 1
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 8
View all changes introduced in this branch ↗︎

Tests for review

Failed  cypress/e2e/sidebar.cy.ts • 1 failed test • Run E2E

View Output

Test Artifacts
Check activity listing in the sidebar > Has tag activity Test Replay Screenshots

@codecov
Copy link
Copy Markdown

codecov Bot commented May 2, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@miaulalala miaulalala force-pushed the dependabot/npm_and_yarn/prod-0686397b6f branch from cfdf697 to a5e4d29 Compare May 4, 2026 16:58
@miaulalala
Copy link
Copy Markdown
Collaborator

miaulalala commented May 4, 2026

/compile amend

@nextcloud-command nextcloud-command force-pushed the dependabot/npm_and_yarn/prod-0686397b6f branch from a5e4d29 to 3a3bc51 Compare May 4, 2026 17:06
@miaulalala miaulalala force-pushed the dependabot/npm_and_yarn/prod-0686397b6f branch from 3a3bc51 to f1eb9ef Compare May 5, 2026 07:46
@miaulalala
Copy link
Copy Markdown
Collaborator

miaulalala commented May 5, 2026

@dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 5, 2026

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@miaulalala
Copy link
Copy Markdown
Collaborator

miaulalala commented May 5, 2026

@dependabot recreate

@dependabot @miaulalala
chore(deps): bump the prod group with 3 updates
b168634 
Bumps the prod group with 3 updates: [@nextcloud/axios](https://github.com/nextcloud-libraries/nextcloud-axios), [vue](https://github.com/vuejs/core) and [vue-router](https://github.com/vuejs/router).

Updates `@nextcloud/axios` from 2.5.2 to 2.6.0
- [Release notes](https://github.com/nextcloud-libraries/nextcloud-axios/releases)
- [Changelog](https://github.com/nextcloud-libraries/nextcloud-axios/blob/main/CHANGELOG.md)
- [Commits](nextcloud-libraries/nextcloud-axios@v2.5.2...v2.6.0)

Updates `vue` from 3.5.32 to 3.5.33
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.32...v3.5.33)

Updates `vue-router` from 5.0.4 to 5.0.6
- [Release notes](https://github.com/vuejs/router/releases)
- [Commits](vuejs/router@v5.0.4...v5.0.6)

---
updated-dependencies:
- dependency-name: "@nextcloud/axios"
  dependency-version: 2.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod
- dependency-name: vue
  dependency-version: 3.5.33
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod
- dependency-name: vue-router
  dependency-version: 5.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
@miaulalala miaulalala force-pushed the dependabot/npm_and_yarn/prod-0686397b6f branch from f1eb9ef to b168634 Compare May 5, 2026 15:14
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 5, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 5, 2026
auto-merge was automatically disabled May 5, 2026 15:40

Pull request was closed

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/prod-0686397b6f branch May 5, 2026 15:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

3. to review dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@miaulalala