This is an automated email from the ASF dual-hosted git repository.
github-merge-queue[bot] pushed a commit to branch
gh-readonly-queue/main/pr-4962-72071fffc4222d4d7e55b0dbdf7903f3a3b18649
in repository https://gitbox.apache.org/repos/asf/texera.git
commit 00b4ea0f2e81498e0e65d4d05762981aecaa6bf1
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Fri Jun 19 16:40:00 2026 -0700
chore(deps): bump ajv from 8.10.0 to 8.18.0 in /agent-service (#4962)
Bumps [ajv](https://github.com/ajv-validator/ajv) from 8.10.0 to 8.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ajv-validator/ajv/releases";>ajv's
releases</a>.</em></p>
<blockquote>
<h2>v8.18.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: allow tree-shaking by adding <code>"sideEffects":
false</code> to <code>package.json</code> by <a
href="https://github.com/josdejong";><code>@josdejong</code></a> in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2480";>ajv-validator/ajv#2480</a></li>
<li>fix: <a
href="https://redirect.github.com/ajv-validator/ajv/issues/2482";>#2482</a>
Infinity and NaN serialise to null by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2487";>ajv-validator/ajv#2487</a></li>
<li>fix: small grammatical error in managing-schemas.md by <a
href="https://github.com/monteiro-renato";><code>@monteiro-renato</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2508";>ajv-validator/ajv#2508</a></li>
<li>fix: typos in schema-language.md by <a
href="https://github.com/monteiro-renato";><code>@monteiro-renato</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2507";>ajv-validator/ajv#2507</a></li>
<li>fix(pattern): use configured RegExp engine with $data keyword to
mitigate ReDoS attacks (CVE-2025-69873) by <a
href="https://github.com/epoberezkin";><code>@epoberezkin</code></a> in
<a
href="https://redirect.github.com/ajv-validator/ajv/pull/2586";>ajv-validator/ajv#2586</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/josdejong";><code>@josdejong</code></a>
made their first contribution in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2480";>ajv-validator/ajv#2480</a></li>
<li><a
href="https://github.com/monteiro-renato";><code>@monteiro-renato</code></a>
made their first contribution in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2508";>ajv-validator/ajv#2508</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0";>https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0</a></p>
<h2>v8.17.1</h2>
<h2>What's Changed</h2>
<ul>
<li>bump version to 8.17.1 by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2472";>ajv-validator/ajv#2472</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1";>https://github.com/ajv-validator/ajv/compare/v8.17.0...v8.17.1</a></p>
<h2>Plus everything in 8.17.0 which failed to release</h2>
<p>The only functional change is to switch from uri-js (which is no
longer supported), to fast-uri. This is the second attempt and the team
on fast-uri have been really helpful addressing the issues we found last
time.</p>
<p>Revert "Revert fast-uri change (<a
href="https://redirect.github.com/ajv-validator/ajv/pull/2444";>ajv-validator/ajv#2444</a>)"
by <a href="https://github.com/gurgunday";><code>@gurgunday</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2448";>ajv-validator/ajv#2448</a>
fix: ignore new eslint error for
<code>@typescript-eslint/no-extraneous-class</code> by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2455";>ajv-validator/ajv#2455</a>
docs: clarify behaviour of addVocabulary by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2454";>ajv-validator/ajv#2454</a>
docs: refactor to improve legibility by <a
href="https://github.com/blottn";><code>@blottn</code></a> in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2432";>ajv-validator/ajv#2432</a>
Fix grammatical typo in managing-schemas.md by <a
href="https://github.com/wetneb";><code>@wetneb</code></a> in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2305";>ajv-validator/ajv#2305</a>
docs: Fix broken strict-mode link by <a
href="https://github.com/alexanderjsx";><code>@alexanderjsx</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2459";>ajv-validator/ajv#2459</a>
feat: add test for encoded refs and bump fast-uri by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2449";>ajv-validator/ajv#2449</a>
fix: changes for <code>@typescript-eslint/array-type</code> rule by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2467";>ajv-validator/ajv#2467</a>
fixes <a
href="https://redirect.github.com/ajv-validator/ajv/issues/2217";>ajv-validator/ajv#2217</a>
- clarify custom keyword naming by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2457";>ajv-validator/ajv#2457</a></p>
<h2>v8.17.0</h2>
<h2>What's Changed</h2>
<p>The only functional change is to switch from uri-js (which is no
longer supported), to fast-uri. This is the second attempt and the team
on fast-uri have been really helpful addressing the issues we found last
time.</p>
<ul>
<li>Revert "Revert fast-uri change (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2444";>#2444</a>)"
by <a href="https://github.com/gurgunday";><code>@gurgunday</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2448";>ajv-validator/ajv#2448</a></li>
<li>fix: ignore new eslint error for
<code>@typescript-eslint/no-extraneous-class</code> by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2455";>ajv-validator/ajv#2455</a></li>
<li>docs: clarify behaviour of addVocabulary by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2454";>ajv-validator/ajv#2454</a></li>
<li>docs: refactor to improve legibility by <a
href="https://github.com/blottn";><code>@blottn</code></a> in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2432";>ajv-validator/ajv#2432</a></li>
<li>Fix grammatical typo in managing-schemas.md by <a
href="https://github.com/wetneb";><code>@wetneb</code></a> in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2305";>ajv-validator/ajv#2305</a></li>
<li>docs: Fix broken strict-mode link by <a
href="https://github.com/alexanderjsx";><code>@alexanderjsx</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2459";>ajv-validator/ajv#2459</a></li>
<li>feat: add test for encoded refs and bump fast-uri by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2449";>ajv-validator/ajv#2449</a></li>
<li>fix: changes for <code>@typescript-eslint/array-type</code> rule by
<a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2467";>ajv-validator/ajv#2467</a></li>
<li>fixes <a
href="https://redirect.github.com/ajv-validator/ajv/issues/2217";>#2217</a>
- clarify custom keyword naming by <a
href="https://github.com/jasoniangreen";><code>@jasoniangreen</code></a>
in <a
href="https://redirect.github.com/ajv-validator/ajv/pull/2457";>ajv-validator/ajv#2457</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ajv-validator/ajv/commit/142ce84b807c4fe66e619c22480a28d0e4bd50fa";><code>142ce84</code></a>
8.18.0</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/720a23fa453ffae8340e92c9b0fe886c54cfe0d5";><code>720a23f</code></a>
fix(pattern): use configured RegExp engine with $data keyword to
mitigate ReD...</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/82735a15826a30cc51e97a1bbfb59b3d388e4b98";><code>82735a1</code></a>
fix: typos in schema-language.md (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2507";>#2507</a>)</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/b17ec32cd97542e90ae27231d8a8bce88b9e53b6";><code>b17ec32</code></a>
fix: small grammatical error in managing-schemas.md (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2508";>#2508</a>)</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/69568d08564303e2c32a2de61feb833b41075f96";><code>69568d0</code></a>
fix: <a
href="https://redirect.github.com/ajv-validator/ajv/issues/2482";>#2482</a>
Infinity and NaN serialise to null (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2487";>#2487</a>)</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/f06766f33ed7291f84c19f22a1286a34475fbdaf";><code>f06766f</code></a>
feat: allow tree-shaking by adding ``"sideEffects":
false<code>to</code>package.json` ...</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/9050ba1359fb87cd7c143f3c79513ea7624ea443";><code>9050ba1</code></a>
bump version to 8.17.1 (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2472";>#2472</a>)</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/f7831b41c3a27064c6219f51a1e7371ffb582dfe";><code>f7831b4</code></a>
fixes <a
href="https://redirect.github.com/ajv-validator/ajv/issues/2217";>#2217</a>
- clarify custom keyword naming (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2457";>#2457</a>)</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/a523784388a79ce65e42caf4d2731da36a94b386";><code>a523784</code></a>
fix: changes for <code>@typescript-eslint/array-type</code> rule (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2467";>#2467</a>)</li>
<li><a
href="https://github.com/ajv-validator/ajv/commit/595fe58e64e8d5fb8a50fd7a58f9e7f3bcca0bac";><code>595fe58</code></a>
feat: add test for encoded refs and bump fast-uri (<a
href="https://redirect.github.com/ajv-validator/ajv/issues/2449";>#2449</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ajv-validator/ajv/compare/v8.10.0...v8.18.0";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/apache/texera/network/alerts).
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
---------
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xinyuan Lin <[email protected]>
---
agent-service/LICENSE-binary | 2 +-
agent-service/bun.lock | 4 ++--
agent-service/package.json | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/agent-service/LICENSE-binary b/agent-service/LICENSE-binary
index 60c33ca64d..ba6237424a 100644
--- a/agent-service/LICENSE-binary
+++ b/agent-service/LICENSE-binary
@@ -235,7 +235,7 @@ Agent service npm packages:
- @tokenizer/[email protected]
- @types/[email protected]
- @types/[email protected]
- - [email protected]
+ - [email protected]
- [email protected]
- [email protected]
- [email protected]
diff --git a/agent-service/bun.lock b/agent-service/bun.lock
index 8a1953f46b..3650dabffa 100644
--- a/agent-service/bun.lock
+++ b/agent-service/bun.lock
@@ -8,7 +8,7 @@
"@ai-sdk/openai": "2.0.79",
"@elysiajs/cors": "1.4.0",
"ai": "5.0.108",
- "ajv": "8.10.0",
+ "ajv": "8.18.0",
"dagre": "0.8.5",
"elysia": "1.4.18",
"pino": "10.3.1",
@@ -112,7 +112,7 @@
"ai": ["[email protected]", "", { "dependencies": { "@ai-sdk/gateway": "2.0.18",
"@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.18",
"@opentelemetry/api": "1.9.0" }, "peerDependencies": { "zod": "^3.25.76 ||
^4.1.8" } },
"sha512-Jex3Lb7V41NNpuqJHKgrwoU6BCLHdI1Pg4qb4GJH4jRIDRXUBySJErHjyN4oTCwbiYCeb/8II9EnqSRPq9EifA=="],
- "ajv": ["[email protected]", "", { "dependencies": { "fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1", "json-schema-traverse": "^1.0.0", "require-from-string":
"^2.0.2" } },
"sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g=="],
+ "ajv": ["[email protected]", "", { "dependencies": { "fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1", "json-schema-traverse": "^1.0.0", "require-from-string":
"^2.0.2" } },
"sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A=="],
"atomic-sleep": ["[email protected]", "", {},
"sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ=="],
diff --git a/agent-service/package.json b/agent-service/package.json
index 608981e0a4..7ab06a1e61 100644
--- a/agent-service/package.json
+++ b/agent-service/package.json
@@ -18,7 +18,7 @@
"@ai-sdk/openai": "2.0.79",
"@elysiajs/cors": "1.4.0",
"ai": "5.0.108",
- "ajv": "8.10.0",
+ "ajv": "8.18.0",
"dagre": "0.8.5",
"elysia": "1.4.18",
"pino": "10.3.1",
