chore(deps): update dependency browserify-istanbul to v3#59
chore(deps): update dependency browserify-istanbul to v3#59renovate[bot] wants to merge 1 commit intomasterfrom
Conversation
|
See the guidelines for reviewing dependency updates for info on how to review dependency update PRs. |
renovate
Bot
changed the title
renovate
Bot
changed the title
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
a03e1eb to
5e3b7b5
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
5e3b7b5 to
fb024f6
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
fb024f6 to
a17f624
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
2 times, most recently
from
48bb88d to
e8785a6
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
e8785a6 to
beec2f1
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
beec2f1 to
9a127a7
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
9a127a7 to
fab9c2b
Compare
renovate
Bot
force-pushed
the
renovate/browserify-istanbul-3.x
branch
from
fab9c2b to
9fa0c97
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 9fa0c97. Configure here.
| lodash@^4.17.4: | ||
| version "4.18.1" | ||
| resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.18.1.tgz#ff2b66c1f6326d59513de2407bf881439812771c" | ||
| integrity sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q== |
There was a problem hiding this comment.
Duplicate lodash resolution creates unnecessary second copy
Low Severity
The lockfile introduces a separate lodash@^4.17.4 entry resolving to 4.18.1, while the existing entry for other ^4.x ranges already resolves to 4.17.21. Since 4.17.21 satisfies ^4.17.4, these entries could be deduplicated. Instead, two different versions of lodash will be installed simultaneously, increasing node_modules size and causing the new babel 6.x transitive dependencies to use a different lodash version than the rest of the project.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 9fa0c97. Configure here.
1 participant
This PR contains the following updates:
^2.0.0→^3.0.0Release Notes
devongovett/browserify-istanbul (browserify-istanbul)
v3.0.1: Updated readme + .travis.ciCompare Source
istanbulfrom the readme as default install stepv3.0.0: ES2016Compare Source
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.
Note
Low Risk
Low risk dependency bump limited to the dev/test toolchain; main runtime code is untouched. Risk is mainly around potential changes in browser test coverage instrumentation behavior.
Overview
Updates the dev dependency
browserify-istanbulfrom^2.0.0to^3.0.0and refreshesyarn.lockaccordingly, pulling in the newistanbul-lib-instrument-based dependency tree.This change only affects the browserify-based coverage instrumentation used in the test/build tooling, not the library’s runtime behavior.
Reviewed by Cursor Bugbot for commit 9fa0c97. Bugbot is set up for automated code reviews on this repo. Configure here.