You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR contains safe patch-level dependency updates verified to pass tests with no breaking changes.
Updated Dependencies
Package
Previous
Updated
Type
eslint
10.6.0
10.7.0
patch
Security Assessment
npm audit returned 0 vulnerabilities across all 652 dependencies. No CVEs to report.
Verification
All tests pass (3704/3705 — 1 pre-existing unrelated failure)
No breaking changes detected
Lint and build pass
Notes
All other outdated packages (@babel/core, commander, execa, chalk, typescript, js-yaml, etc.) are major version updates excluded as potentially breaking.
Generated by Dependency Security Monitor Workflow
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
package-lock.json
package.json
The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.
Create the pull request manually
# Download the patch from the workflow run
gh run download 29178767153 -n agent -D /tmp/agent-29178767153
# Create a new branch
git checkout -b deps/safe-updates-2026-07-12-8880547b9dd87616 main
# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-29178767153/aw-deps-safe-updates-2026-07-12.patch
# Push the branch and create the pull request
git push origin deps/safe-updates-2026-07-12-8880547b9dd87616
gh pr create --title '[Deps] Safe dependency updates (2026-07-12)' --base main --head deps/safe-updates-2026-07-12-8880547b9dd87616 --repo github/gh-aw-firewall
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpg
To allow these domains, add them to the network.allowed list in your workflow frontmatter:
Automated Safe Dependency Updates
This PR contains safe patch-level dependency updates verified to pass tests with no breaking changes.
Updated Dependencies
Security Assessment
npm auditreturned 0 vulnerabilities across all 652 dependencies. No CVEs to report.Verification
Notes
All other outdated packages (
@babel/core,commander,execa,chalk,typescript,js-yaml, etc.) are major version updates excluded as potentially breaking.Generated by Dependency Security Monitor Workflow
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
package-lock.jsonpackage.jsonCreate the pull request manually
Warning
Firewall blocked 1 domain
The following domain was blocked by the firewall during workflow execution:
awmgmcpgSee Network Configuration for more information.