Skip to content

chore(deps): bump bcryptjs and @types/bcryptjs#11

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-6d7db9f379
Open

chore(deps): bump bcryptjs and @types/bcryptjs#11
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-6d7db9f379

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 1, 2026
edited
Loading

📦 Dependency Update: bcryptjs and @types/bcryptjs

Version Change

  • Previous: 2.4.3
  • New: 3.0.3
  • Change Type: Major version bump

⚠️ Compatibility Analysis

⚠️ Breaking changes possible - Please review changelog and migration guide

Note: Major version update with ESM support and 2b hash format by default. Existing hashes continue to work.

🔧 Changes Required

  • Dependency updated in package.json or workflow file
  • Lock file updated (if applicable)
  • Build verified: npm run build (for npm packages)
  • Tests verified: npm run test:run (for npm packages)
  • Linting verified: npm run lint (for npm packages)
  • Workflow verified (for GitHub Actions)
  • Affected functionality tested manually

✅ Verification Checklist

  • Build succeeds: npm run build (for npm packages)
  • All tests pass: npm run test:run (for npm packages)
  • Linting passes: npm run lint (for npm packages)
  • No TypeScript errors (for npm packages)
  • Workflow runs successfully (for GitHub Actions)
  • Affected functionality tested manually
  • Breaking changes reviewed and addressed (if applicable)
  • Migration guide reviewed (if applicable)

📝 Migration Notes

Please review the migration guide for this major version update and address any breaking changes.

🔗 Related

  • Milestone: v1.3 - Quality & Polish
  • Type: Maintenance / Dependency Update
  • Priority: High
  • Breaking: Yes

🚀 Status

⏳ Awaiting verification and testing

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 1, 2026

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-6d7db9f379 branch from c6747b4 to 53f4533 Compare January 3, 2026 22:37
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-6d7db9f379 branch 2 times, most recently from 7727984 to 14572bf Compare January 5, 2026 23:46
@benmed00 benmed00 added this to the v1.3 - Quality & Polish milestone Jan 9, 2026
@benmed00 benmed00 added bug Something isn't working module:hr Human resources priority:high High priority type:bug Bug fix type:feature New feature type:security Security type:testing Testing labels Jan 9, 2026
@benmed00 benmed00 self-assigned this Jan 9, 2026
@benmed00 benmed00 added dependencies Pull requests that update a dependency file type:maintenance enhancement New feature or request priority:medium Medium priority module:security and removed bug Something isn't working enhancement New feature or request dependencies Pull requests that update a dependency file priority:high High priority priority:medium Medium priority type:feature New feature type:bug Bug fix type:security Security type:testing Testing module:hr Human resources labels Jan 9, 2026
@benmed00 benmed00 added dependencies Pull requests that update a dependency file enhancement New feature or request module:security priority:medium Medium priority type:maintenance and removed type:maintenance module:security labels Jan 10, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-6d7db9f379 branch from 14572bf to 19f9666 Compare January 10, 2026 01:17
@github-actions github-actions bot removed enhancement New feature or request dependencies Pull requests that update a dependency file labels Jan 10, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-6d7db9f379 branch from 19f9666 to 18821be Compare January 10, 2026 01:59
cursor bot pushed a commit that referenced this pull request Jan 10, 2026
@cursoragent
docs: Review and update all open dependency PRs
4bee13a 
- Enhanced PR descriptions with compatibility analysis
- Added testing checklists to all dependency update PRs
- Documented major version bumps and breaking change warnings
- Updated 8 open PRs (#14, #13, #12, #11, #10, #6, #4, #1)
- Created automated review script for future use

Related PRs:
- PR #14: tailwind-merge 2.6.0 → 3.4.0
- PR #13: lucide-react 0.427.0 → 0.562.0
- PR #12: @types/node 20.19.27 → 25.0.3
- PR #11: bcryptjs updates
- PR #10: date-fns 3.6.0 → 4.1.0
- PR #6: @hookform/resolvers 3.10.0 → 5.2.2
- PR #4: softprops/action-gh-release 1 → 2
- PR #1: github/codeql-action 3 → 4
@benmed00 benmed00 mentioned this pull request Jan 10, 2026
Merged
6 tasks
benmed00 added a commit that referenced this pull request Jan 10, 2026
@benmed00
docs: Review and update all open dependency PRs
365de96 
Comprehensive review and enhancement of all open dependency update PRs with compatibility analysis, enhanced descriptions, and proper metadata.

- Enhanced PR descriptions with compatibility analysis
- Added testing checklists to all dependency update PRs
- Documented major version bumps and breaking change warnings
- Updated 8 open PRs (#14, #13, #12, #11, #10, #6, #4, #1)
- Created automated review script for future use

Related PRs:
- PR #14: tailwind-merge 2.6.0 → 3.4.0
- PR #13: lucide-react 0.427.0 → 0.562.0
- PR #12: @types/node 20.19.27 → 25.0.3
- PR #11: bcryptjs updates
- PR #10: date-fns 3.6.0 → 4.1.0
- PR #6: @hookform/resolvers 3.10.0 → 5.2.2
- PR #4: softprops/action-gh-release 1 → 2
- PR #1: github/codeql-action 3 → 4
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-6d7db9f379 branch 2 times, most recently from ebc55e0 to cb636c5 Compare January 10, 2026 21:55
@dependabot
chore(deps): bump bcryptjs and @types/bcryptjs
8437ef0 
Bumps [bcryptjs](https://github.com/dcodeIO/bcrypt.js) and [@types/bcryptjs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/bcryptjs). These dependencies needed to be updated together.

Updates `bcryptjs` from 2.4.3 to 3.0.3
- [Release notes](https://github.com/dcodeIO/bcrypt.js/releases)
- [Commits](dcodeIO/bcrypt.js@2.4.3...v3.0.3)

Updates `@types/bcryptjs` from 2.4.6 to 3.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/bcryptjs)

---
updated-dependencies:
- dependency-name: bcryptjs
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: "@types/bcryptjs"
  dependency-version: 3.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-6d7db9f379 branch from cb636c5 to 8437ef0 Compare January 22, 2026 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@benmed00 benmed00

Labels

module:security priority:medium Medium priority type:maintenance

Projects

Research Platform Development
Status: Todo

Milestone

v1.3 - Quality & Polish

Development

Successfully merging this pull request may close these issues.

1 participant

@benmed00

Comments