Skip to content

Bump the npm-dependencies group with 3 updates#144

Merged
lunarcloud merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-5ea8b78d07
Jun 4, 2026
Merged

Bump the npm-dependencies group with 3 updates#144
lunarcloud merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-5ea8b78d07

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-dependencies group with 3 updates: @google/model-viewer, cspell and npm-check-updates.

Updates @google/model-viewer from 4.2.0 to 4.3.0

Release notes

Sourced from @​google/model-viewer's releases.

v4.3.0

🚀 v4.3.0 This release introduces multi-model scene support, texture updates, and critical compatibility patches for iOS WKWebViews and WebXR overlays.

🌟 Highlights Multi-Model Support: Easily render multiple models in a single scene using < extra-model >. Modern Formats: Added KTX2 texture API support, enabled KTX2 compressed scene exports, and migrated to HDRLoader. iOS & WebXR Fixes: Resolved a critical WebGL memory leak on iOS, patched AR Quick Look transitions inside WKWebView-based browsers (Chrome, Google Search App), and fixed input target misalignment inside WebXR DOM Overlays. three.js Compatibility: Renamed internal elements to ensure full compatibility with the upcoming three.js r183 release.

❤️ Contributors A huge thank you to Douglas Holm, Vincent Fretin, Frank, and Salman Chishti for submitting features and bug fixes for this release!

Commits
  • 7fa5398 v4.3.0 (#5164)
  • 3b51013 chore: upgrade three to ^0.183.0 (#5163)
  • 5f97ef5 fix: secure iOS third-party and GSA browser AR Quick Look selections (#5162)
  • abf1e45 initialize visibility on re-slotted/re-attached hotspot elements (#5161)
  • 24c03ac resolve path redirect flash and enable iOS Chrome AR support (#5159)
  • d1f55c9 resolve exit button touch responsiveness bug inside WebXR DOM Overlays on Chr...
  • 92abad1 Resolve a coordinate target misalignment and event-swallowing bug on standard...
  • ea981bc fix(scenegraph): suppress Gboard autofill prompts on model transform inputs (...
  • 87c6793 Fix AR button layout overlap on Transforms and Dynamic Scaling examples
  • 6260fd0 fix(docs): resolve mobile layout overlap between hamburger menu and screen-sp...
  • Additional commits viewable in compare view

Updates cspell from 10.0.0 to 10.0.1

Release notes

Sourced from cspell's releases.

v10.0.1

Fixes

fix(cli): ignore closed readline after stdin (#8862)

What changed

Wrap the stdin readline async iterator so CSpell ignores the terminal readline was closed error that can occur after stdin has already yielded its file list.

Other readline errors are still rethrown.

Why

Fixes #8778. On Node 24, cspell lint --file-list stdin can finish processing a large stdin file list and then report Linter Error: readline was closed instead of completing cleanly.

Tests

Added unit coverage for:

  • preserving all yielded stdin lines when readline throws readline was closed after reading
  • continuing to throw unrelated readline errors

I could not run the package test command locally in this sandbox because the checkout has no node_modules, and Corepack is blocked from creating its user cache directory (EPERM under ~/.cache/node/corepack).

fix(docs): replace .json with package.json in configuration docs (#8861)

Fix

In the package.json configuration section, the sentence referred to "the .json file" instead of "the package.json file".

Before: "CSpell looks for the configuration in the cspell field of the .json file." After: "CSpell looks for the configuration in the cspell field of the package.json file."

fix: substitution display and ranges for output checking (#8838)

... (truncated)

Changelog

Sourced from cspell's changelog.

v10.0.1 (2026-05-31)

Fixes

fix(cli): ignore closed readline after stdin (#8862)

What changed

Wrap the stdin readline async iterator so CSpell ignores the terminal readline was closed error that can occur after stdin has already yielded its file list.

Other readline errors are still rethrown.

Why

Fixes #8778. On Node 24, cspell lint --file-list stdin can finish processing a large stdin file list and then report Linter Error: readline was closed instead of completing cleanly.

Tests

Added unit coverage for:

  • preserving all yielded stdin lines when readline throws readline was closed after reading
  • continuing to throw unrelated readline errors

I could not run the package test command locally in this sandbox because the checkout has no node_modules, and Corepack is blocked from creating its user cache directory (EPERM under ~/.cache/node/corepack).

fix(docs): replace .json with package.json in configuration docs (#8861)

Fix

In the package.json configuration section, the sentence referred to "the .json file" instead of "the package.json file".

Before: "CSpell looks for the configuration in the cspell field of the .json file." After: "CSpell looks for the configuration in the cspell field of the package.json file."

... (truncated)

Commits

Updates npm-check-updates from 22.2.1 to 22.2.2

Release notes

Sourced from npm-check-updates's releases.

v22.2.2

What's Changed

Full Changelog: raineorshine/npm-check-updates@v22.2.1...v22.2.2

Commits
  • 290d62b 22.2.2
  • fd9d0a2 build(deps-dev): bump verdaccio from 6.6.0 to 6.7.2 (#1759)
  • f922c17 build(deps-dev): bump mocha from 11.7.5 to 11.7.6 (#1753)
  • a4b4bec build(deps-dev): bump @​typescript-eslint/parser from 8.59.4 to 8.60.1 (#1773)
  • bae83cb build(deps-dev): bump @​types/bun from 1.3.13 to 1.3.14 (#1754)
  • e77b535 fix: parse Yarn duration string format for npmMinimalAgeGate (#1768)
  • ee48506 build(deps-dev): bump sinon from 21.1.2 to 22.0.0 (#1751)
  • 40dca73 test: cover Windows spawn command fallback (#1771)
  • 595a6af test: remove unused temp directory creation (#1770)
  • 711a8a7 Switch from vite-plugin-dts to unplugin-dts (#1749)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the npm-dependencies group with 3 updates
801e95c 
Bumps the npm-dependencies group with 3 updates: [@google/model-viewer](https://github.com/google/model-viewer), [cspell](https://github.com/streetsidesoftware/cspell/tree/HEAD/packages/cspell) and [npm-check-updates](https://github.com/raineorshine/npm-check-updates).


Updates `@google/model-viewer` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/google/model-viewer/releases)
- [Commits](google/model-viewer@v4.2.0...v4.3.0)

Updates `cspell` from 10.0.0 to 10.0.1
- [Release notes](https://github.com/streetsidesoftware/cspell/releases)
- [Changelog](https://github.com/streetsidesoftware/cspell/blob/main/packages/cspell/CHANGELOG.md)
- [Commits](https://github.com/streetsidesoftware/cspell/commits/v10.0.1/packages/cspell)

Updates `npm-check-updates` from 22.2.1 to 22.2.2
- [Release notes](https://github.com/raineorshine/npm-check-updates/releases)
- [Changelog](https://github.com/raineorshine/npm-check-updates/blob/main/CHANGELOG.md)
- [Commits](raineorshine/npm-check-updates@v22.2.1...v22.2.2)

---
updated-dependencies:
- dependency-name: "@google/model-viewer"
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: cspell
  dependency-version: 10.0.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: npm-check-updates
  dependency-version: 22.2.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 4, 2026
@lunarcloud lunarcloud merged commit 6e459b3 into main Jun 4, 2026
1 check passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-dependencies-5ea8b78d07 branch June 4, 2026 10:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@lunarcloud