Skip to content

chore(deps-dev): bump the development-dependencies group across 1 directory with 3 updates #22

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps-dev): bump the development-dependencies group across 1 directory with 3 updates #22

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 26, 2026

Bumps the development-dependencies group with 3 updates in the / directory: @openai/codex, @types/node and electron.

Updates @openai/codex from 0.80.0 to 0.91.0

Release notes

Sourced from @​openai/codex's releases.

0.91.0

Chores

  • Reduced the maximum allowed number of sub-agents to 6 to tighten resource usage and guardrails in agent fan-out behavior (#9861)

Changelog

Full Changelog: openai/codex@rust-v0.90.0...rust-v0.91.0

0.90.0

New Features

  • Added a network sandbox proxy with policy enforcement to better control outbound network access. (#8442)
  • Introduced the first phase of connectors support via the app server and MCP integration, including new config/docs updates. (#9667)
  • Shipped collaboration mode as beta in the TUI, with a clearer plan → execute handoff and simplified mode selection (Coding vs Plan). (#9690, #9712, #9802, #9834)
  • Added ephemeral threads and improved collaboration tool provenance metadata for spawned threads. (#9765, #9769)
  • WebSocket connections now support proxy configuration. (#9719)
  • More strict limitation on multi-agents

Bug Fixes

  • Fixed exec policy parsing for multiline quoted arguments. (#9565)
  • --yolo now skips the git repository check instead of failing outside a repo. (#9590)
  • Improved resume reliability by handling out-of-order events and prompting for the working directory when it differs. (#9512, #9731)
  • Backspace no longer deletes a text element when the cursor is at the element’s left edge. (#9630)
  • Config loading errors are clearer and more actionable across surfaces. (#9746)
  • Default model selection now respects filtered presets to avoid invalid defaults. (#9782)

Documentation

  • Corrected a typo in the experimental collaboration prompt template. (#9716)
  • Added documentation for the new connectors configuration surface. (#9667)

Chores

  • Refreshed the bundled model catalog/presets. (#9726)
  • Updated GitHub Actions for Node 24 compatibility. (#9722)

Changelog

Full Changelog: openai/codex@rust-v0.89.0...rust-v0.90.0

... (truncated)

Commits
  • ca23b0d fix(cli): add execute permission to bin/codex.js (#9532)
  • 7daaabc fix: add tui.alternate_screen config and --no-alt-screen CLI flag for Zellij ...
  • See full diff in compare view

Updates @types/node from 25.0.6 to 25.0.10

Commits

Updates electron from 39.2.7 to 40.0.0

Release notes

Sourced from electron's releases.

electron v40.0.0

Release Notes for v40.0.0

Stack Upgrades

Breaking Changes

  • Deprecated clipboard API access from renderer processes #48923
  • Fixed an error on debug symbol upload by moving dsym.zip to use tar.xz compression. #48952

Features

Additions

  • Added "memory-eviction" as a possible reason for a child process to exit. #48362
  • Added RGBAF16 output format with scRGB HDR color space support to Offscreen Rendering. #48265 (Also in 39)
  • Added app.isHardwareAccelerationEnabled(). #47614 (Also in 37, 38, 39)
  • Added bypassCustomProtocolHandlers option to net.request. #48883 (Also in 38, 39)
  • Added methods to enable more granular accessibility support management. #48042 (Also in 37, 38, 39)
  • Added support for WebSocket authentication through the login event on webContents. #49064 (Also in 39)
  • Added support to import external shared texture as VideoFrame. #48831
  • Added the ability to retrieve the system accent color on Linux using systemPreferences.getAccentColor. #48027 (Also in 39)
  • Allowed for persisting File System API grant status within a given session. #48170 (Also in 37, 38, 39)
  • Automatically focus DevTools when element is inspected or breakpoint is triggered. #46386 (Also in 37, 38, 39)

Improvements

  • Enables resetting accent color to follow system accent settings if a previous color has been set via window.setAccentColor(null). #48274 (Also in 38, 39)
  • Support dynamic ESM imports in non-context isolated preloads. #48375 (Also in 37, 38, 39)
  • Updated nativeImage.createFromNamedImage to support SF Symbol names. #48772 (Also in 39)

Fixes

  • Added support for --no-stdio-init to be used when nul device is disabled on windows. #47870
  • Fixed an issue on Windows and Linux where no cookie encryption key provider was passed into the network service when cookie encryption was enabled. #49375
  • Fixed an issue where no cookie encryption provider was passed into the network service when cookie encryption was enabled. #49350
  • Fixed crash when attempting to resolve modules during process exit. #49104
  • Fixed drag regions in child windows. #49312
  • Fixed draw smoothing round corner issue. #48782
  • Fixed the cookie encryption logic to use the old os_crypt sync implementation present in M142. #49384
  • Fixed visual artifacts while resizing a window on Windows. #49191

Also in earlier versions...

  • AccentColor set distinguishes the frame. #48405 (Also in 37, 38, 39)
  • Corrected the appearance of tiled windows on GNOME (when frame: true), and removed resize handles from tiled edges. #48835 (Also in 38, 39)
  • Fix: ESM-from-CJS import when CJK characters are in path. #48862 (Also in 39)

... (truncated)

Commits
  • 35b8855 chore: empty commit to release stable 40.0.0 (#49404)
  • 7872c33 fix: revert os_crypt async cookie provider implementation (#49384)
  • 9c753c3 docs: remove stale example and standardize DevTools capitalization (#49387)
  • 8b2a991 docs: improve build-tools instructions (#49385)
  • c897602 refactor: add static ReplyChannel::SendError() helper (#49372)
  • 8cc201e chore: bump chromium to 144.0.7559.60 (40-x-y) (#49380)
  • ba26a5d chore: bump chromium to 144.0.7559.59 (40-x-y) (#49330)
  • df4d0be fix: fix cookie encryption provider loading on Windows and Linux (#49375)
  • 9c4e03f build: roll build-tools SHA to 4430e4a (#49366)
  • 05b4b57 feat: support WebSocket authentication handling (#49064)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the development-dependencies group across 1 dir…
dd0de12 
…ectory with 3 updates

Bumps the development-dependencies group with 3 updates in the / directory: [@openai/codex](https://github.com/openai/codex/tree/HEAD/codex-cli), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [electron](https://github.com/electron/electron).


Updates `@openai/codex` from 0.80.0 to 0.91.0
- [Release notes](https://github.com/openai/codex/releases)
- [Commits](https://github.com/openai/codex/commits/rust-v0.91.0/codex-cli)

Updates `@types/node` from 25.0.6 to 25.0.10
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `electron` from 39.2.7 to 40.0.0
- [Release notes](https://github.com/electron/electron/releases)
- [Commits](electron/electron@v39.2.7...v40.0.0)

---
updated-dependencies:
- dependency-name: "@openai/codex"
  dependency-version: 0.91.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.0.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: electron
  dependency-version: 40.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants