Bump the node group across 1 directory with 2 updates

[dependabot]

Bumps the node group with 2 updates in the / directory: tsdown and kubo-rpc-client.

Updates tsdown from 0.21.10 to 0.22.0

Release notes

Sourced from tsdown's releases.

v0.22.0

   🚨 Breaking Changes

• Drop Node.js < 22.18.0 support, make unrun optional, add tsx config loader  -  by @​sxzz (a1042)
• dts: Auto-enable dts when tsconfig declaration is true  -  by @​sxzz in rolldown/tsdown#872 (085f0)
• publint: Use pkg from publint results, require publint v0.3.8+  -  by @​sxzz (413bb)

   🚀 Features

• Upgrade rolldown to 1.0.0-rc.18  -  by @​sxzz (66085)
• Upgrade rolldown to v1.0.0  -  by @​sxzz (fabba)
• exports: Auto-enable bin detection by default  -  by @​sxzz in rolldown/tsdown#873 (abda9)

   🐞 Bug Fixes

• Explicitly drop node 23 support  -  by @​sxzz (85e65)
• debug: Enhance debug logging for pack tarball  -  by @​sxzz and Copilot (5de04)
• exports: Detect types fields nested in conditional exports  -  by @​sxzz (82fa1)
• pkg: Fix duplicate configuration warning logic  -  by @​ho991217 and @​sxzz in rolldown/tsdown#935 (6a0d9)

🔄 Migration Guide

Node.js version

Upgrade to Node.js 22.18.0 or later. Bun and Deno remain supported (experimental).

unrun is no longer bundled

If your environment relies on the unrun config loader (i.e. you're on a Node version without native TypeScript support and use the default auto loader), install it manually:

npm i -D unrun
# or, alternatively, the new tsx loader:
npm i -D tsx

If you use Node.js 22.18.0+ with native TypeScript support, no change is needed — the auto loader will pick native.

dts auto-enabled from tsconfig

If your tsconfig.json has compilerOptions.declaration: true but you do not want tsdown to emit .d.ts files, opt out explicitly:

// tsdown.config.ts
export default defineConfig({
  dts: false,
})

exports.bin auto-detection

... (truncated)

Commits

• e3b454b chore: release v0.22.0
• 809fada docs: remove rolldown warning from getting started
• fabbabf feat: upgrade rolldown to v1.0.0
• 3e41fe3 ci: add node 26 to test matrix
• 6a0d98c fix(pkg): fix duplicate configuration warning logic (#935)
• 85e65d8 fix: explicitly drop node 23 support
• a0f3a08 chore: release v0.22.0-beta.3
• 1380ef4 chore: upgrade deps
• 8f07cae v0.22 (#931)
• b001818 chore: upgrade deps
• Additional commits viewable in compare view

Updates kubo-rpc-client from 6.1.0 to 7.0.0

Release notes

Sourced from kubo-rpc-client's releases.

v7.0.0

7.0.0 (2026-05-13)

⚠ BREAKING CHANGES

• CID instances are now from the multiformats@14.x.x module

Bug Fixes

• update to multiformats 14 (#364) (a7e837d)

Commits

• cee56cf chore(release): 7.0.0 [skip ci]
• a7e837d fix!: update to multiformats 14 (#364)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	tsdown@​0.22.0
	kubo-rpc-client@​7.0.0

View full report