chore: bump napi from 3.9.0 to 3.9.2#107
Conversation
Bumps [napi](https://github.com/napi-rs/napi-rs) from 3.9.0 to 3.9.2. - [Release notes](https://github.com/napi-rs/napi-rs/releases) - [Commits](napi-rs/napi-rs@napi-v3.9.0...napi-v3.9.2) --- updated-dependencies: - dependency-name: napi dependency-version: 3.9.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 71f0b67a62
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| [[package]] | ||
| name = "napi" | ||
| version = "3.9.0" | ||
| version = "3.9.2" |
There was a problem hiding this comment.
Refresh provenance after bumping napi
When Cargo.lock resolves napi to 3.9.2, the checked-in provenance artifacts need to be regenerated as well; provenance/THIRD-PARTY-NOTICES.txt and provenance/sbom.cdx.json still list napi 3.9.0 and napi-sys 3.2.1. I checked the release verification path, and .github/actions/provenance-check/action.yml runs provenance check --root, so this dependency-only commit leaves the public SBOM/notices inconsistent and will fail that provenance check until the refreshed artifacts are committed.
Useful? React with 👍 / 👎.
|
A newer version of napi exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
Bumps napi from 3.9.0 to 3.9.2.
Release notes
Sourced from napi's releases.
Commits
529a78dchore(napi): release v3.9.2 (#3329)88f4b97fix(napi): ReadableStream Reader loses chunks and aborts on errored streams (...ebb3cf8chore(release): publish4ec817bchore(deps): group emnapi updates and bump to 1.11.1 (#3326)0108423chore(deps): update dependency esbuild to v0.28.1 [security] (#3323)4931225fix(cli): emit Node 12 compatible CJS binding loader (#3312)dea608echore: release (#3306)670e5d3chore(release): publisha9abc61fix(sys): restore napi_create_object_with_properties as compat alias (#3321)3e5a09fchore(deps): update release-plz/action action to v0.5.130 (#3320)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)