chore(deps-dev): bump jsdom from 27.4.0 to 29.1.1#798
Conversation
Bumps [jsdom](https://github.com/jsdom/jsdom) from 27.4.0 to 29.1.1. - [Release notes](https://github.com/jsdom/jsdom/releases) - [Commits](jsdom/jsdom@v27.4.0...v29.1.1) --- updated-dependencies: - dependency-name: jsdom dependency-version: 29.1.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 182206f. Configure here.
| nitro: | ||
| specifier: npm:nitro-nightly@latest | ||
| version: nitro-nightly@3.0.1-20260508-123613-d2e64906(@netlify/blobs@8.2.0)(chokidar@4.0.3)(dotenv@16.6.1)(jiti@2.7.0)(lru-cache@11.3.6)(vite@8.0.12(@types/node@22.19.2)(esbuild@0.27.1)(jiti@2.7.0)(terser@5.47.1)(tsx@4.21.0)(yaml@2.8.4)) | ||
| version: nitro-nightly@4.0.0-20251010-091516-7cafddba(@netlify/blobs@8.2.0)(chokidar@4.0.3)(lru-cache@11.3.6)(rolldown@1.0.0)(vite@8.0.12(@types/node@22.19.2)(esbuild@0.27.1)(jiti@2.7.0)(terser@5.47.1)(tsx@4.21.0)(yaml@2.8.4)) |
There was a problem hiding this comment.
Nitro-nightly downgraded to older build with vite incompatibility
High Severity
The lockfile regeneration caused nitro-nightly to re-resolve from a May 2026 build (3.0.1-20260508) to an October 2025 build (4.0.0-20251010), which is ~7 months older despite having a higher major version number. The older build declares vite: ^7 as its peer dependency, but the project uses vite 8. This also pulled in numerous transitive dependency downgrades including srvx (0.11→0.8), h3 (rc.22→rc.2), nf3 (0.3→0.1), ofetch (2.0→1.5), unenv (rc.24→rc.21), and unstorage (alpha.7→alpha.3). This was not intended by the jsdom bump.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 182206f. Configure here.
| vitest: | ||
| specifier: ^4.1.5 | ||
| version: 4.1.5(@types/node@25.6.2)(@vitest/browser-playwright@4.1.5)(jsdom@28.1.0)(msw@2.12.4(@types/node@25.6.2)(typescript@5.9.3))(vite@8.0.12(@types/node@25.6.2)(esbuild@0.27.1)(jiti@2.7.0)(terser@5.47.1)(tsx@4.21.0)(yaml@2.8.4)) | ||
| version: 4.1.5(@types/node@25.6.2)(@vitest/browser-playwright@4.1.5)(jsdom@29.1.1)(msw@2.12.4(@types/node@25.6.2)(typescript@5.9.3))(vite@8.0.12(@types/node@25.6.2)(esbuild@0.27.1)(jiti@2.7.0)(terser@5.47.1)(tsx@4.21.0)(yaml@2.8.4)) |
There was a problem hiding this comment.
Unintended jsdom major version bump in unrelated packages
Medium Severity
The vitest instances in packages/client, packages/convai-widget-core, and packages/convai-widget-embed silently switched from jsdom@28.1.0 to jsdom@29.1.1 as a side effect of the lockfile regeneration. jsdom 29.0.0 includes a complete CSSOM overhaul replacing internal CSS dependencies. The packages/react vitest config uses environment: "jsdom", so tests relying on CSS behavior may break. The now-orphaned jsdom@28.1.0 remains in the lockfile but is no longer referenced by any importer.
Additional Locations (2)
Reviewed by Cursor Bugbot for commit 182206f. Configure here.


Bumps jsdom from 27.4.0 to 29.1.1.
Release notes
Sourced from jsdom's releases.
... (truncated)
Commits
9b9ea7e29.1.107efb78Optimize computed style comparison5f66329Fix background-origin/background-clip in background shorthandad8af77Fix border shorthand handling5a3e88e29.1.073db204Update dependencies and dev dependenciesa7168a5Support ratio CSS unit type15346e0Fix style cache invalidation2a1e2cd29.0.24097d66Resolve computed CSS values lazily in CSSStyleDeclarationMaintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for jsdom since your current version.
Install script changes
This version modifies
preparescript that runs during installation. Review the package contents before updating.You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Note
Medium Risk
Major
jsdomupgrade may change DOM/CSS behavior in tests and now requires newer Node.js (v22.13+), potentially impacting CI/dev environments.Overview
Upgrades
examples/agent-testbenchdev dependencyjsdomfrom^27to^29.1.1.Regenerates
pnpm-lock.yaml, pulling in updatedjsdomtransitive dependencies (notably CSS/URL parsing and related tooling) to match the new version.Reviewed by Cursor Bugbot for commit 182206f. Bugbot is set up for automated code reviews on this repo. Configure here.