Bump sinon from 21.1.2 to 22.0.0 in the default group by dependabot[bot] · Pull Request #191 · FieldDB/AuthenticationWebService

dependabot · 2026-05-06T07:02:52Z

Bumps the default group with 1 update: sinon.

Updates sinon from 21.1.2 to 22.0.0

Changelog

22.0.0

ed911df5 Update Ruby gems (Carl-Erik Kopseng)

75a1e5b8 Update to Node 26 (Carl-Erik Kopseng)

197d6608 Update documentation on faking timers to reflect the current state of fake-timers (Carl-Erik Kopseng)

c5ddf80b Update fake-timers@15.4: includes new Temporal API (Carl-Erik Kopseng)

f4ab02f6 Update updatable packages (Carl-Erik Kopseng)

0536afc8 Quality: Global mutable call id can grow unbounded across long-lived processes (#2691) (tuanaiseo)

refactor: global mutable call id can grow unbounded across l

callId is module-scoped and incremented on every invocation. In long-running test runners or embedded usage, this can grow indefinitely and eventually lose integer precision semantics for strict ordering comparisons.

Affected files: proxy-invoke.js

Signed-off-by: tuanaiseo 221258316+tuanaiseo@users.noreply.github.com

Wrap around for all values that are too high

Signed-off-by: tuanaiseo 221258316+tuanaiseo@users.noreply.github.com Co-authored-by: Carl-Erik Kopseng carlerik@gmail.com

f4f7d93b Perform additional cleanup when calling callThrough() (#2670) (Cyrille)

6199e9e4 improve GitHubworkflows by introducing zizmor for monitoring (#2686) (Till!)

fix(workflows): fetch-depth is for actions/checkout

chore(workflows): update

pin all actions to precise commits

avoid credential leakage from actions/checkout

group action updates going forward

add zimor config to ignore "secrets outside env"

add job to keep validating workflows

f7476b59 Use path.normalize() for path normalization (Carl-Erik Kopseng)

2c975393 fix: make build and node test scripts cross-platform (laplace young)

a7692917 fix: isolate walk state from Object prototype (laplace young)

66df977a Fix sinon.restore() cascade-restoring sub-sandboxes (#2704) (Charlie Leitheiser)

The ESM port of createApi (#2683, shipped in 21.1.0) replaced createSandbox: createSandbox with a wrapper that pushes every newly-created sandbox into the root sandbox's fake collection:

... (truncated)

Commits

52555af 22.0.0
ed911df Update Ruby gems
75a1e5b Update to Node 26
197d660 Update documentation on faking timers to reflect the current state of fake-ti...
c5ddf80 Update fake-timers@15.4: includes new Temporal API
f4ab02f Update updatable packages
0536afc Quality: Global mutable call id can grow unbounded across long-lived processe...
f4f7d93 Perform additional cleanup when calling callThrough() (#2670)
6199e9e improve GitHubworkflows by introducing zizmor for monitoring (#2686)
1519009 Merge #2703: isolate walk state from Object prototype
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the default group with 1 update: [sinon](https://github.com/sinonjs/sinon). Updates `sinon` from 21.1.2 to 22.0.0 - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](sinonjs/sinon@v21.1.2...v22.0.0) --- updated-dependencies: - dependency-name: sinon dependency-version: 22.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: default ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 6, 2026

github-actions Bot enabled auto-merge May 6, 2026 07:03

github-actions Bot merged commit eaf8668 into main May 6, 2026
3 of 4 checks passed

github-actions Bot deleted the dependabot/npm_and_yarn/default-9b823c9ae7 branch May 6, 2026 07:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump sinon from 21.1.2 to 22.0.0 in the default group#191

Bump sinon from 21.1.2 to 22.0.0 in the default group#191
github-actions[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/default-9b823c9ae7

dependabot Bot commented on behalf of github May 6, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 6, 2026

22.0.0

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants