You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR contains safe patch-level dependency updates that have been verified to:
✅ Pass all tests (232/233 suites pass; 1 pre-existing failure unrelated to these changes)
✅ Have no breaking changes
✅ No security vulnerabilities found (npm audit reports 0 vulnerabilities)
Updated Dependencies
Package
Previous
Updated
Type
eslint
10.6.0
10.7.0
patch
@types/node
25.9.4
25.9.5
patch
Security Assessment
npm audit reports 0 vulnerabilities across all 652 dependencies
No Dependabot alerts requiring immediate action
Other Outdated Packages (Major Bumps — Not Included)
The following packages have newer major versions but were excluded as they require manual review for breaking changes:
@babel/core: 7.x → 8.x
chalk: 4.x → 5.x (ESM only)
commander: 12.x → 15.x
execa: 5.x → 9.x (ESM only)
js-yaml: 4.x → 5.x
typescript: 5.x → 7.x
@commitlint/*: 20.x → 21.x
Verification
All tests pass (pre-existing test failure in agent-volumes-dns-preresolution.test.ts is unrelated to these changes)
No breaking changes detected
npm audit clean
Generated by Dependency Security Monitor Workflow
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
package-lock.json
package.json
The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.
Create the pull request manually
# Download the patch from the workflow run
gh run download 29138463226 -n agent -D /tmp/agent-29138463226
# Create a new branch
git checkout -b deps/safe-updates-2026-07-11-dc746c2a7e94be23 main
# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-29138463226/aw-deps-safe-updates-2026-07-11.patch
# Push the branch and create the pull request
git push origin deps/safe-updates-2026-07-11-dc746c2a7e94be23
gh pr create --title '[Deps] Safe dependency updates (2026-07-11)' --base main --head deps/safe-updates-2026-07-11-dc746c2a7e94be23 --repo github/gh-aw-firewall
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the network.allowed list in your workflow frontmatter:
Automated Safe Dependency Updates
This PR contains safe patch-level dependency updates that have been verified to:
npm auditreports 0 vulnerabilities)Updated Dependencies
eslint@types/nodeSecurity Assessment
npm auditreports 0 vulnerabilities across all 652 dependenciesOther Outdated Packages (Major Bumps — Not Included)
The following packages have newer major versions but were excluded as they require manual review for breaking changes:
@babel/core: 7.x → 8.xchalk: 4.x → 5.x (ESM only)commander: 12.x → 15.xexeca: 5.x → 9.x (ESM only)js-yaml: 4.x → 5.xtypescript: 5.x → 7.x@commitlint/*: 20.x → 21.xVerification
agent-volumes-dns-preresolution.test.tsis unrelated to these changes)npm auditcleanGenerated by Dependency Security Monitor Workflow
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
package-lock.jsonpackage.jsonCreate the pull request manually
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpgSee Network Configuration for more information.