Skip to content

Update CodeMirror#2092

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/codemirror
Open

Update CodeMirror#2092
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/codemirror

Conversation

@renovate

@renovate renovate Bot commented Mar 1, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
@codemirror/language 6.12.16.12.3 age confidence
@​codemirror/view 6.39.126.43.1 age confidence

Release Notes

codemirror/language (@​codemirror/language)

v6.12.3

Compare Source

Bug fixes

Fix a crash in bracketMatching when composing at end of document.

v6.12.2

Compare Source

Bug fixes

Make sure brackets are highlighted in the initial editor state.

Pause bracket matching updates during composition, to avoid disrupting Mobile Safari's fragile composition handling.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "after 9pm on sunday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies label Mar 1, 2026
@bolt-new-by-stackblitz

bolt-new-by-stackblitz Bot commented Mar 1, 2026

Copy link
Copy Markdown

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@renovate renovate Bot force-pushed the renovate/codemirror branch 2 times, most recently from 4420abe to 4204c12 Compare March 15, 2026 21:01
@socket-security

socket-security Bot commented Mar 15, 2026
edited
Loading

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​codemirror/​language@​6.12.31001009284100
Updated@​codemirror/​view@​6.39.12 ⏵ 6.43.1100 +110085 +193100

View full report

@renovate renovate Bot force-pushed the renovate/codemirror branch from 4204c12 to a615ec8 Compare April 5, 2026 21:15
@renovate renovate Bot changed the title Update dependency @codemirror/language to v6.12.2 Update dependency @codemirror/language to v6.12.3 Apr 5, 2026
@renovate renovate Bot force-pushed the renovate/codemirror branch 2 times, most recently from 149b3be to b096980 Compare April 19, 2026 21:12
@renovate renovate Bot changed the title Update dependency @codemirror/language to v6.12.3 Update CodeMirror Apr 19, 2026
@renovate renovate Bot force-pushed the renovate/codemirror branch 6 times, most recently from 33afe84 to 68b17be Compare April 19, 2026 23:45
@renovate renovate Bot force-pushed the renovate/codemirror branch 2 times, most recently from be0e25b to 1164fa7 Compare May 3, 2026 21:16
@renovate renovate Bot force-pushed the renovate/codemirror branch 2 times, most recently from b13be8d to 25bb639 Compare May 3, 2026 22:15
@renovate renovate Bot force-pushed the renovate/codemirror branch from 25bb639 to c6d1e7a Compare May 17, 2026 21:01
@renovate renovate Bot force-pushed the renovate/codemirror branch from c6d1e7a to b9959a6 Compare May 24, 2026 21:45
@renovate renovate Bot force-pushed the renovate/codemirror branch from b9959a6 to 87b31a0 Compare June 21, 2026 21:36
@socket-security

socket-security Bot commented Jun 21, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm js-yaml is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@nullvoxpopuli/eslint-configs@5.5.0npm/js-yaml@4.2.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/js-yaml@4.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants