Skip to content

GH-460: bump dependencies and pin github action versions#461

Open
Marcel-TO wants to merge 1 commit intoHytaleModding:mainfrom
Marcel-TO:chore/bump-dependencies-and-action
Open

GH-460: bump dependencies and pin github action versions#461
Marcel-TO wants to merge 1 commit intoHytaleModding:mainfrom
Marcel-TO:chore/bump-dependencies-and-action

Conversation

@Marcel-TO
Copy link
Contributor

@Marcel-TO Marcel-TO commented Feb 23, 2026
edited by hytalemodding bot
Loading

Description

Bump dependencies and Pin GH Action versions to specific Commit Hashes (commit-hash provides immutability, unlike tags which do not).

Additionally in dev dependencies, the package minimatch gets referenced with newest version. This prevents a CVE that is found inside older versions of minimatch, that eslint depends on. For more information, click here

Type of Change

  • Documentation fix (typo, grammar, clarification)
  • New documentation (guide, tutorial, page)
  • Bug fix
  • New feature
  • Other

Checklist

  • Tested locally with bun run dev
  • Formatted code to adhere Styleguide with bun format
  • Ran bun audit (no critical vulnerabilities)
  • Checked spelling and grammar
  • Verified all links work
  • Followed Contributing Guidelines

Closes #460
Thank you for contributing!
gh-460

@Marcel-TO Marcel-TO requested a review from ItsNeil17 as a code owner February 23, 2026 10:01
@hytalemodding-deploy
Copy link

hytalemodding-deploy bot commented Feb 23, 2026
edited
Loading

Dokploy Preview Deployment

Name Status Preview Updated (UTC)
Website ❌ Failed Preview URL 2026-02-23T10:02:10.320Z

@hytalemodding hytalemodding bot mentioned this pull request Feb 23, 2026
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ItsNeil17 ItsNeil17 Awaiting requested review from ItsNeil17 ItsNeil17 is a code owner

Assignees

No one assigned

Labels

awaiting review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[CHORE] Bump Dependencies to latest releases

1 participant

@Marcel-TO