Bump @inquirer/expand from 4.0.13 to 4.0.23

[dependabot]

Bumps @inquirer/expand from 4.0.13 to 4.0.23.

Commits

• 4731a37 Publish
• ef537e3 fix: Downgrade mute-stream to v2 for Node 18+ compatibility (#1891)
• 7e6c3a2 fix(inquirer): Allow Partial<*> types as prefilled answers (#1889)
• 3458ab6 chore: Add CLAUDE.md
• 6881993 Publish
• db2ffca feat(@​inquirer/input): Document pattern/patternError in README
• 160958a chore: Bump dependencies (#1886)
• c3bab7a feat: Improve Inquirer types to infer more valid types (#1880)
• 48d0668 chore: Remove README sponsor block (#1885)
• c562b2d chore: Refactor scaffolding script (#1884)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 Claude Code Review

Code Review Analysis

I'll analyze this pull request diff against the provided checklist.

Review Summary

This PR appears to be a package-lock.json dependency update, primarily related to dependency resolution improvements and the addition of the @inquirer package updates along with @parcel/watcher platform-specific binaries.

---

Detailed Analysis

✅ Code Quality

• ✅ Code follows style guide: N/A - This is a package-lock.json file (auto-generated)
• ✅ No commented-out code: No commented code present
• ✅ Meaningful variable names: N/A - No code changes
• ✅ DRY principle followed: N/A - No code changes
• ✅ Identify Defects: No obvious defects detected. The changes appear to be:
  • Removal of duplicate chokidar dependency entries across multiple packages
  • Removal of peer: true flags from readdirp dependencies
  • Updates to @inquirer/* packages (core, expand, figures, type)
  • Addition of @parcel/watcher-* platform-specific optional dependencies
  • Addition of peer: true flags to various Angular and other peer dependencies
• ⚠️ Project Memory: No .claude/CLAUDE.md file found to review against

⚠️ Testing

• ⚠️ Unit tests for new functions: N/A - This is a dependency update
• ⚠️ Integration tests: N/A - However, it would be prudent to run existing tests to ensure dependency updates don't break functionality
• ⚠️ Edge cases covered: N/A
• ⚠️ Test coverage > 80%: Cannot determine from this diff

Recommendation: Run the full test suite to verify no regressions from dependency updates.

⚠️ Documentation

• ⚠️ Readme updated if needed: Not applicable for package-lock.json changes
• ⚠️ API docs updated: N/A
• ⚠️ Inline comments: N/A
• ⚠️ CHANGELOG.md updated: No CHANGELOG.md update visible in this diff - should consider adding an entry documenting:
  • @inquirer/expand update from 4.0.13 to 4.0.23
  • @inquirer/core update from 10.1.11 to 10.3.2
  • Other dependency resolution improvements
• N/A Markdown formatting: No markdown files changed

✅ Security

• ✅ No hardcoded credentials: None found
• ✅ Input validation: N/A - No code changes
• ✅ Proper error handling: N/A - No code changes
• ✅ No sensitive data in logs: N/A
• ✅ No license files (.lic) or AQAAAD strings: No .lic files or suspicious license strings detected in the diff

---

Key Changes Identified

1. Inquirer Package Updates (lines 3814-4099)

• @inquirer/core: 10.1.11 → 10.3.2
• @inquirer/expand: 4.0.13 → 4.0.23
• @inquirer/figures: 1.0.11 → 1.0.15
• @inquirer/type: 3.0.6 → 3.0.10
• New package added: @inquirer/ansi@1.0.2

2. Chokidar Deduplication

Multiple duplicate chokidar@4.0.3 entries removed from:

• @angular-devkit/architect/node_modules/chokidar
• @angular-devkit/build-angular/node_modules/chokidar
• @angular-devkit/schematics/node_modules/chokidar
• @angular/cli/node_modules/chokidar
• @schematics/angular/node_modules/chokidar
• @compodoc/compodoc nested chokidar@3.6.0

This is a positive change - reduces duplication and package size.

3. Parcel Watcher Platform Binaries Added (lines 5263-5439)

New optional platform-specific dependencies:

• @parcel/watcher-android-arm64
• @parcel/watcher-darwin-arm64/x64
• @parcel/watcher-freebsd-x64
• @parcel/watcher-linux-arm-glibc/arm64-glibc/arm64-musl
• @parcel/watcher-win32-arm64/ia32/x64

These are correctly marked as optional: true for their respective platforms.

4. Peer Dependency Flags Updated

Many packages now properly marked with peer: true:

• Angular packages (@angular/animations, @angular/cdk, @angular/common, etc.)
• Development tools (jasmine-core, typescript, zone.js, rxjs, etc.)

This improves dependency resolution clarity.

5. Readdirp Peer Flag Removal

The peer: true flag was removed from several readdirp package entries, suggesting it's now being installed directly rather than as a peer dependency.

---

Overall Assessment

✅ APPROVED with minor recommendations

Strengths:

1. Properly deduplicates chokidar dependencies
2. Updates inquirer packages to newer versions
3. Correctly adds platform-specific optional dependencies
4. Improves peer dependency resolution
5. No security concerns identified

Recommendations:

1. Run full test suite to verify no breaking changes from dependency updates
2. Consider updating CHANGELOG.md to document the inquirer package updates
3. Verify build succeeds across different platforms with the new @parcel/watcher binaries

Risk Level: Low - These are standard dependency resolution improvements in package-lock.json

Automated code review analyzing defects and coding standards

[arawinters]

Superseded by #818 (combined dependency updates)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.