Skip to content

chore(deps-dev): bump stylelint from 17.13.0 to 17.14.0#262

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/stylelint-17.14.0
Open

chore(deps-dev): bump stylelint from 17.13.0 to 17.14.0#262
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/stylelint-17.14.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps stylelint from 17.13.0 to 17.14.0.

Release notes

Sourced from stylelint's releases.

17.14.0

It fixes 3 bugs, including a false negative one.

  • Fixed: performance of getting module paths (#9354) (@​jeddy3).
  • Fixed: performance by dynamically importing TIMING only on use (#9356) (@​jeddy3).
  • Fixed: function-calc-no-unspaced-operator false negatives for unspaced + and - operators following a * or / operator (#9357) (@​sarathfrancis90).
Changelog

Sourced from stylelint's changelog.

17.14.0 - 2026-06-25

It fixes 3 bugs, including a false negative one.

  • Fixed: performance of getting module paths (#9354) (@​jeddy3).
  • Fixed: performance by dynamically importing TIMING only on use (#9356) (@​jeddy3).
  • Fixed: function-calc-no-unspaced-operator false negatives for unspaced + and - operators following a * or / operator (#9357) (@​sarathfrancis90).
Commits
  • f36e170 Release 17.14.0 (#9371)
  • 9334bff Bump actions/checkout from 6.0.3 to 7.0.0 (#9367)
  • f736374 Bump npm-run-all2 from 9.0.1 to 9.0.2 (#9370)
  • 78e1b44 Bump postcss-selector-parser from 7.1.2 to 7.1.4 in the postcss group (#9369)
  • cab5acd Bump eslint from 10.4.1 to 10.5.0 in the eslint group (#9368)
  • 89b95e1 Bump prettier from 3.8.3 to 3.8.4 (#9363)
  • 7ecce94 Bump cosmiconfig from 9.0.1 to 9.0.2 (#9362)
  • fa54191 Bump postcss-selector-parser from 7.1.1 to 7.1.2 in the postcss group (#9361)
  • 8c3cf69 Bump @​csstools/css-syntax-patches-for-csstree from 1.1.4 to 1.1.5 in the csst...
  • c61d3db Fix performance of getting module paths (#9354)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.13.0 to 17.14.0.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md)
- [Commits](stylelint/stylelint@17.13.0...17.14.0)

---
updated-dependencies:
- dependency-name: stylelint
  dependency-version: 17.14.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 13, 2026
@github-actions

Copy link
Copy Markdown
Contributor

⚠️ Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set. Add it in Settings → Secrets and variables → Actions to enable AI code review.

Copy link
Copy Markdown
Owner

CLAUDE.md review — PR #262 (stylelint 17.13.0 → 17.14.0)

Verdict: Approve — 0 blocking, 0 non-blocking.

Scope: Dependabot devDependency bump (stylelint + transitive deps). Diff touches only package.json and package-lock.json, updated together with the existing caret-range convention preserved. No src/js/, src/css/, or HTML files changed, so /pr-review, /jsdoc-check, /a11y-audit, and /scss-audit have nothing applicable to flag — ran each and confirmed no findings in scope.

Note (not a blocker for this PR): The repo's automated review pipeline (chatgpt-reviewclaude-respondsclaude-final-reviewchatgpt-respondsmerge-gate) is currently non-functional — every recent PR gets ⚠️ Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set. Worth adding that secret in Settings → Secrets and variables → Actions so the dialogue and merge-gate actually run, per the CLAUDE.md PR workflow.

CI (lint, scripts-test, CodeQL, lighthouse) is green; test was still in progress at review time.


Generated by Claude Code

Copy link
Copy Markdown
Owner

Verdict: APPROVE — diff contains no reviewable source changes

Ran /pr-review, /jsdoc-check, /a11y-audit, /scss-audit against this diff (manual pass — the automated chatgpt-review/claude-responds pipeline reports it skipped on this PR because CLAUDE_CODE_OAUTH_TOKEN isn't set in repo secrets).

  • Blocking: 0 · Non-blocking: 0
  • Files changed: package.json (devDependency stylelint ^17.13.0^17.14.0), package-lock.json (auto-generated — excluded from review per the pr-review skill's rules).
  • No src/js/**, src/css/**, or work-log.html changes, so jsdoc-check, a11y-audit, and scss-audit have nothing to audit.
  • CLAUDE.md dependency-management check: stays a devDependency, version range follows the existing ^ convention already used throughout package.json, lockfile committed alongside the bump. No new dependency introduced.

No action needed beyond normal CI checks passing.


Generated by Claude Code

@lupinesse lupinesse left a comment

Copy link
Copy Markdown
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR review (manual — automated Claude review is currently disabled)

Verdict: ✅ Approve — 0 blocking, 0 non-blocking findings.

Scope: package.json + package-lock.json only — stylelint ^17.13.0^17.14.0 (devDependency, plus transitive bumps to @csstools/css-syntax-patches-for-csstree, cosmiconfig, postcss-selector-parser). No src/js, src/css, or work-log.html changes, so /jsdoc-check, /a11y-audit, and /scss-audit have no surface to check — note stylelint is exactly the tool the SCSS rules in CLAUDE.md rely on, so this bump directly supports that rule.

CLAUDE.md checklist:

  • Dependency management: version bump only, stays in devDependencies, lockfile updated and committed. ✅
  • No secrets/credentials introduced. ✅
  • CI (lint, test, scripts-test, CodeQL, lighthouse) all green on this PR. ✅

Note for the maintainer: the chatgpt-review/claude-responds pipeline jobs completed as skipped with the message "Automated review skipped — CLAUDE_CODE_OAUTH_TOKEN is not set." This affects all 5 currently-open Dependabot PRs (#260#264). Add the secret in Settings → Secrets and variables → Actions to restore the automated dialogue; until then this repo has no automated PR review.


Generated by Claude Code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant