Skip to content

Bump @duckduckgo/pixel-schema from v1.0.8 to v2.0.5#3400

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/main/duckduckgo/pixel-schema-v2.0.5
Closed

Bump @duckduckgo/pixel-schema from v1.0.8 to v2.0.5#3400
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/main/duckduckgo/pixel-schema-v2.0.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 13, 2026
edited by cursor bot
Loading

Bumps @duckduckgo/pixel-schema from v1.0.8 to v2.0.5.

Release notes

Sourced from @​duckduckgo/pixel-schema's releases.

v2.0.5

What's Changed

Full Changelog: duckduckgo/pixel-schema@v2.0.4...v2.0.5

v2.0.4

What's Changed

Full Changelog: duckduckgo/pixel-schema@v2.0.3...v2.0.4

v2.0.3

What's Changed

Full Changelog: duckduckgo/pixel-schema@v2.0.2...v2.0.3

v2.0.1

What's Changed

Full Changelog: duckduckgo/pixel-schema@v2.0.0...v2.0.1

v2.0.0

What's Changed

Full Changelog: duckduckgo/pixel-schema@v1.1.0...v2.0.0

v1.1.0

What's Changed

... (truncated)

Commits
  • c548435 fix missing js-yaml dep
  • d139b7d 2.0.5
  • 0a35421 Merge pull request #52 from duckduckgo/la/wide-events3
  • 20c80a4 handle option version in product.json (via main update)
  • c54bc8c Merge branch 'main' into la/wide-events3
  • 115066a restore version test condition
  • e67d68f restore "additionalProperties": false for props
  • 0fbff29 remove propertyDefinition & objectDefinition
  • 47e39fa Ensure pixel debug script is set to executable #56
  • af50ece 2.0.4
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Low Risk
Dependency-only change (schema/validation tooling) with no production logic modifications; main risk is CI/build breakage due to updated transitive deps and validator scripts.

Overview
Bumps @duckduckgo/pixel-schema from v1.0.8 to v2.0.5 in both dependencies and devDependencies.

Updates the lockfile to the new git commit and dependency set, including new transitive deps (e.g., js-yaml, typescript, @types/node via undici-types) and new/changed bundled CLI validators (adds validate-ddg-pixel-logs, drops validate-ddg-live-pixel).

Written by Cursor Bugbot for commit a7b5dc1. This will update automatically on new commits. Configure here.

@dependabot
Bump @duckduckgo/pixel-schema from v1.0.8 to v2.0.5
a7b5dc1 
Bumps [@duckduckgo/pixel-schema](https://github.com/duckduckgo/pixel-schema) from v1.0.8 to v2.0.5.
- [Release notes](https://github.com/duckduckgo/pixel-schema/releases)
- [Commits](duckduckgo/pixel-schema@b43d94f...c548435)

---
updated-dependencies:
- dependency-name: "@duckduckgo/pixel-schema"
  dependency-version: c5484356834c49a55c4a173fe40cbfc042d47850
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 13, 2026
@dependabot dependabot bot mentioned this pull request Feb 13, 2026
Closed
cursor[bot]
cursor bot reviewed Feb 13, 2026
View reviewed changes
Copy link
Copy Markdown

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

package-lock.json
"@duckduckgo/content-scope-scripts": "github:duckduckgo/content-scope-scripts#13.0.0",
"@duckduckgo/ddg2dnr": "file:packages/ddg2dnr",
"@duckduckgo/jsbloom": "^1.0.2",
"@duckduckgo/pixel-schema": "github:duckduckgo/pixel-schema#v1.0.8",
Copy link
Copy Markdown

@cursor cursor bot Feb 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lockfile missing pixel-schema from dependencies section

Medium Severity

package.json lists @duckduckgo/pixel-schema in both dependencies (line 72) and devDependencies (line 39), but the package-lock.json root entry only has it in devDependencies — it was removed from the dependencies section. Before this commit, the lockfile had the entry in both sections. This desync means npm ci may fail because the lockfile doesn't match package.json, or the package may incorrectly resolve as dev-only.

Please tell me if this was useful or not with a 👍 or 👎.

Additional Locations (1)

Fix in Cursor Fix in Web

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 4, 2026

Superseded by #3433.

@dependabot dependabot bot closed this Mar 4, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/main/duckduckgo/pixel-schema-v2.0.5 branch March 4, 2026 21:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants