Skip to content

Bump valibot from 1.3.1 to 1.4.1#122

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/valibot-1.4.1
Open

Bump valibot from 1.3.1 to 1.4.1#122
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/valibot-1.4.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 5, 2026

Copy link
Copy Markdown
Contributor

Bumps valibot from 1.3.1 to 1.4.1.

Release notes

Sourced from valibot's releases.

v1.4.1

  • Fix intersect schema to infer correct input and output types for non-tuple array options instead of never (pull request #1478)

v1.4.0

Many thanks to @​ksaurav24, @​heiwen, @​compulim, @​ysknsid25, @​alaycock-stripe, @​IlyaSemenov, @​wszgrcy, @​LMGO, @​yslpn, @​EltonLobo07 and @​Eronmmer for contributing to this release.

Read the release notes on our website for a quick overview of the most exciting new features in this release.

  • Add isoDateTimeSecond validation action to validate ISO date times with seconds (pull request #1418)
  • Add toCamelCase, toKebabCase, toPascalCase and toSnakeCase transformation actions to convert strings between common naming conventions (pull request #1457)
  • Change internal ReadonlyOutputKeys and OutputWithReadonly types of object schemas and WithReadonly type of record schemas to improve TypeScript type performance (pull request #1442)
  • Change hot paths to reduce object allocations and improve runtime performance (pull request #1437)
  • Change build target to ES2020 so distributed output stays compatible with environments that lack support for newer syntax (pull request #1455)
  • Change internal _LruCache to use a TypeScript private method instead of a #private class field to avoid runtime helpers in the transpiled output (pull request #1455)
  • Change internal _isValidObjectKey to use Object.prototype.hasOwnProperty.call instead of Object.hasOwn so the distributed output stays compatible with runtimes that lack the ES2022 Object.hasOwn builtin (pull request #1421)
  • Change flatten method to accept readonly issue arrays (pull request #1269)
  • Fix potential RangeError caused by spreading large issue arrays (pull request #1437)
  • Fix creditCard validation action to reject Mastercard numbers with invalid lengths (pull request #1462)
  • Fix intersect schema to no longer mutate input values, allowing frozen objects and arrays to be merged (pull request #1463)

v1.4.0 (to-json-schema)

Many thanks to @​stefanprobst, @​sruenwg and @​cruzdanilo for contributing to this release.

  • Add support for examples action
  • Add support for integer when used with minValue and maxValue actions (pull request #1367)
  • Change Valibot peer dependency to v1.2.0
  • Fix conversion of exactOptional object properties (pull request #1220)
  • Fix conversion of variant to use oneOf instead of anyOf (pull request #1193)
Commits
  • 6991ea7 Bump version to 1.4.1 and update changelog for release (#1479)
  • c3a8f07 Fix intersect schema to infer correct types (#1478)
  • 106893c Change syntax highlighting form Prism to Shiki (#1468)
  • 5949d9e Bump to-json-schema version to 1.7.0 and update changelog for release
  • 9f90a74 Bump i18n version to 1.2.0 and update changelog for release
  • d00a646 Add release notes for Valibot v1.4 to blog
  • 52280c5 Bump version to 1.4.0 and update changelog for release
  • 482ad9e Update description on rfcEmail (#1073)
  • 7b5db7b Adds example for optional (#1321)
  • d66a0fe Rewrite introduction guide from first-person to third-person perspective (#1388)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump valibot from 1.3.1 to 1.4.1
64b25fb 
Bumps [valibot](https://github.com/open-circle/valibot) from 1.3.1 to 1.4.1.
- [Release notes](https://github.com/open-circle/valibot/releases)
- [Commits](open-circle/valibot@v1.3.1...v1.4.1)

---
updated-dependencies:
- dependency-name: valibot
  dependency-version: 1.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 5, 2026
@dependabot dependabot Bot mentioned this pull request Jun 5, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants