build(deps): bump rollup from 4.22.5 to 4.59.0 in /orgs/enterprise/blackbox-activepieces#13
Conversation
Bumps [rollup](https://github.com/rollup/rollup) from 4.22.5 to 4.59.0. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.22.5...v4.59.0) --- updated-dependencies: - dependency-name: rollup dependency-version: 4.59.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
dependabot
bot
added
dependencies
blackboxprogramming
requested review from
Copilot
and removed request for
blackboxprogramming
There was a problem hiding this comment.
Pull request overview
Updates the rollup dependency version for the orgs/enterprise/blackbox-activepieces workspace to pick up upstream Rollup fixes/features.
Changes:
- Bump
rollupfrom4.22.5to4.59.0inpackage.json.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "remark-gfm": "4.0.0", | ||
| "replicate": "0.34.1", | ||
| "rollup": "4.22.5", | ||
| "rollup": "4.59.0", |
There was a problem hiding this comment.
This updates rollup in package.json, but the repo uses bun.lock and it still pins rollup to 4.22.5. Please update bun.lock accordingly (e.g., via a Bun install/update) so installs/CI actually use 4.59.0 and dependency resolution stays reproducible.
| "rollup": "4.59.0", | |
| "rollup": "4.22.5", |
| "remark-gfm": "4.0.0", | ||
| "replicate": "0.34.1", | ||
| "rollup": "4.22.5", | ||
| "rollup": "4.59.0", |
There was a problem hiding this comment.
Dependabot notes that this rollup release changes the install-time prepare script and is published by a new npm releaser. Since install scripts are enabled in this repo, please review the upstream package contents/scripts (and rerun CI) before merging to avoid supply-chain risk.
| "rollup": "4.59.0", | |
| "rollup": "4.58.0", |
Bumps rollup from 4.22.5 to 4.59.0.
Release notes
Sourced from rollup's releases.
... (truncated)
Changelog
Sourced from rollup's changelog.
... (truncated)
Commits
ae846954.59.0b39616eUpdate audit-resolvec60770dValidate bundle stays within output dir (#6275)33f39c14.58.0b61c408forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...7f00689Extend agent instructionse7b2b85chore(deps): lock file maintenance (#6270)2aa5da9fix(deps): update minor/patch updates (#6267)4319837chore(deps): update dependency lru-cache to v11 (#6269)c3b6b4bchore(deps): update dependency eslint-plugin-unicorn to v63 (#6268)Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for rollup since your current version.
Install script changes
This version modifies
preparescript that runs during installation. Review the package contents before updating.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.