Update NPM Updates (major)

[protocols-renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@mendable/firecrawl-js	^1.24.0 → ^4.0.0
dotenv	^16.4.7 → ^17.0.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

firecrawl/firecrawl (@​mendable/firecrawl-js)

v4.11.1

Compare Source

v4.11.0

Compare Source

v4.10.0

Compare Source

v4.9.3

Compare Source

v4.9.2

Compare Source

v4.9.1

Compare Source

v4.9.0

Compare Source

v4.8.3

Compare Source

v4.8.2

Compare Source

v4.8.1

Compare Source

v4.8.0

Compare Source

v4.7.0

Compare Source

v4.6.2

Compare Source

v4.6.1

Compare Source

v4.5.1

Compare Source

v4.5.0

Compare Source

v4.4.1

Compare Source

v4.4.0

Compare Source

v4.3.8

Compare Source

v4.3.7

Compare Source

v4.3.6

Compare Source

v4.3.5

Compare Source

v4.3.4

Compare Source

v4.3.3

Compare Source

v4.3.2

Compare Source

v4.3.1

Compare Source

v4.3.0

Compare Source

v4.2.0

Compare Source

v4.1.0

Compare Source

v4.0.0

Compare Source

v3.3.0

Compare Source

v3.2.1

Compare Source

v3.2.0

Compare Source

v3.1.0

Compare Source

v3.0.3

Compare Source

v3.0.2

Compare Source

v3.0.1

Compare Source

motdotla/dotenv (dotenv)

v17.4.2

Compare Source

Changed

• Improved skill files - tightened up details (#​1009)

v17.4.1

Compare Source

Changed

• Change text injecting to injected (#​1005)

v17.4.0

Compare Source

Added

• Add skills/ folder with focused agent skills: skills/dotenv/SKILL.md (core usage) and skills/dotenvx/SKILL.md (encryption, multiple environments, variable expansion) for AI coding agent discovery via the skills.sh ecosystem (npx skills add motdotla/dotenv)

Changed

• Tighten up logs: ◇ injecting env (14) from .env (#​1003)

v17.3.1

Compare Source

Changed

• Fix as2 example command in README and update spanish README

v17.3.0

Compare Source

Added

• Add a new README section on dotenv’s approach to the agentic future.

Changed

• Rewrite README to get humans started more quickly with less noise while simultaneously making more accessible for llms and agents to go deeper into details.

v17.2.4

Compare Source

Changed

• Make DotenvPopulateInput accept NodeJS.ProcessEnv type (#​915)

• Give back to dotenv by checking out my newest project vestauth. It is auth for agents. Thank you for using my software.

v17.2.3

Compare Source

Changed

• Fixed typescript error definition (#​912)

v17.2.2

Compare Source

Added

• 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

v17.2.1

Compare Source

Changed

• Fix clickable tip links by removing parentheses (#​897)

v17.2.0

Compare Source

Added

• Optionally specify DOTENV_CONFIG_QUIET=true in your environment or .env file to quiet the runtime log (#​889)
• Just like dotenv any DOTENV_CONFIG_ environment variables take precedence over any code set options like ({quiet: false})

# .env
DOTENV_CONFIG_QUIET=true
HELLO="World"

// index.js
require('dotenv').config()
console.log(`Hello ${process.env.HELLO}`)

$ node index.js
Hello World

or

$ DOTENV_CONFIG_QUIET=true node index.js

v17.1.0

Compare Source

Added

• Add additional security and configuration tips to the runtime log (#​884)
• Dim the tips text from the main injection information text

const TIPS = [
  '🔐 encrypt with dotenvx: https://dotenvx.com',
  '🔐 prevent committing .env to code: https://dotenvx.com/precommit',
  '🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
  '🛠️  run anywhere with `dotenvx run -- yourcommand`',
  '⚙️  specify custom .env file path with { path: \'/custom/path/.env\' }',
  '⚙️  enable debug logging with { debug: true }',
  '⚙️  override existing env vars with { override: true }',
  '⚙️  suppress all logs with { quiet: true }',
  '⚙️  write to custom object with { processEnv: myObject }',
  '⚙️  load multiple .env files with { path: [\'.env.local\', \'.env\'] }'
]

v17.0.1

Compare Source

Changed

• Patched injected log to count only populated/set keys to process.env (#​879)

v17.0.0

Compare Source

Changed

• Default quiet to false - informational (file and keys count) runtime log message shows by default (#​875)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[joshuafernandes]

LGTM

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit b736f1d. Configure here.}

[cursor]

Firecrawl v4 removes LLMs.txt methods used by code

High Severity

Upgrading @mendable/firecrawl-js from ^1.24.0 to ^4.0.0 is a breaking change. The Firecrawl v1→v2 migration guide explicitly states that generateLLMsText(...), asyncGenerateLLMsText(...), and checkGenerateLLMsTextStatus(id) were removed from the v2 SDK. The code in index.js calls both firecrawl.asyncGenerateLLMsText() and firecrawl.checkGenerateLLMsTextStatus(), which will throw TypeError: ... is not a function at runtime with the v4 SDK.

Additional Locations (1)

• docs-firecrawl-llm/package-lock.json#L10-L11

 

^{Reviewed by Cursor Bugbot for commit b736f1d. Configure here.}