chore(deps): update dependency import-in-the-middle to v2.0.6

[WomB0ComB0]

This PR contains the following updates:

Package	Change	Age	Confidence
import-in-the-middle	2.0.2 → 2.0.6

---

Release Notes

nodejs/import-in-the-middle (import-in-the-middle)

v2.0.6

Compare Source

Bug Fixes

• ensure the callback 'name' arg is the module name when matching the module main file, even when 'internals: true' option is used (#​241) (ad9d02c)
• fix a couple issues with duplicate entries and specifier (submodule) matching (#​237) (fdc0b3d)
• properly hook builtin modules that require the 'node:' prefix (#​240) (de84589)
• properly hook builtin modules that require the 'node:' prefix (#​240) (9d916a5)

v2.0.5

Compare Source

Bug Fixes

• handle lazy initialization and circular dependencies (#​229) (d1421dc)
• entrypoint can be treated as CommonJS when loader chains add query params to file URLs (#​223) (60ab14a)

v2.0.4

Compare Source

Bug Fixes

• do not instrument the top level module (#​225) (b563b35)

v2.0.3

Compare Source

Bug Fixes

• add missing JSDoc type information (40c1009)
• add missing name for fast builtin lookup (40c1009)
• do not crash on missing setters (#​223) (fe44778)
• handle undefined exports properly (40c1009)
• multiple minor issues (#​221) (40c1009)
• remove small memory leak (40c1009)

Performance Improvements

• improve perf by calculating less stack frames and fast paths (#​224) (09ae8bf)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
portfolio	Error		Jan 28, 2026 7:41am

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request updates the package.json overrides entry for import-in-the-middle, changing its pinned version from 2.0.2 to 2.0.6. No other files or configuration structures were modified.

Changes

Cohort / File(s)	Summary
Dependency version bump package.json	Updated overrides entry "import-in-the-middle" from 2.0.2 → 2.0.6 (single-line version change)

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• chore(deps): update dependency import-in-the-middle to v2.0.2 #363: Bumped import-in-the-middle in package.json overrides (sequential version change).
• chore(deps): update dependency import-in-the-middle to v2.0.1 #356: Bumps import-in-the-middle version in package.json overrides (related change).
• chore(deps): update dependency import-in-the-middle to v2.0.1 #345: Earlier bump of import-in-the-middle in the same overrides sequence.

Suggested labels

released

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: updating the import-in-the-middle dependency from v2.0.2 to v2.0.6, which aligns directly with the package.json modification shown in the summary.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @WomB0ComB0, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the import-in-the-middle dependency to its latest patch version, 2.0.3. This update is primarily focused on improving the stability and efficiency of the library by addressing several identified bugs and introducing performance optimizations. Integrating this version ensures the project benefits from these critical fixes and enhancements.

Highlights

• Dependency Update: The import-in-the-middle dependency has been updated from version 2.0.2 to 2.0.3.
• Bug Fixes: This update includes several bug fixes, such as adding missing JSDoc type information, ensuring proper handling of undefined exports, preventing crashes on missing setters, and resolving multiple minor issues and a small memory leak.
• Performance Improvements: The new version also brings performance enhancements by optimizing stack frame calculations and fast paths.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates the import-in-the-middle dependency from version 2.0.2 to 2.0.3. This is a patch update that, according to the release notes, includes several bug fixes (such as removing a memory leak) and performance improvements. The update appears safe and beneficial, and I have no specific comments on the code change.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@package.json`:
- Around line 69-72: The override pins "import-in-the-middle" to 2.0.4 which
conflicts with `@opentelemetry/instrumentation`@0.210.0's dependency range
(^1.8.1); verify compatibility and either update the OpenTelemetry packages to
ones known to work with import-in-the-middle v2, or change the override to a
v1.x release (e.g., a 1.8.x/1.x that satisfies ^1.8.1) so the package resolution
matches `@opentelemetry/instrumentation`'s declared semver; update package.json
"overrides" accordingly after confirming which version pair is compatible.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

import-in-the-middle v2.0.4 release notes changelog breaking changes

💡 Result:

I can’t find official release notes or a changelog entry for import-in-the-middle v2.0.4 in the repository/releases — but registries show v2.0.4 published (metadata). Sources:

• Registry metadata showing v2.0.4 published (socket.dev). [1]
• npm / Yarn package pages for import-in-the-middle (showing package and versions; latest published metadata varies by source). [2][3]
• GitHub repo/releases and the project’s changelog/history do not show a clear v2.0.4 release note entry. [4]

Would you like me to:

• fetch and inspect the v2.0.4 package tarball from the npm registry to extract its CHANGELOG/README, or
• open the GitHub repo and search tags/commits for a 2.0.4 tag/release?

References:
[1] Socket.dev package page (import-in-the-middle) — version metadata.
[2] npm package page (import-in-the-middle).
[3] Yarn/classic package page (import-in-the-middle).
[4] GitHub (nodejs/import-in-the-middle) releases / repo (no visible v2.0.4 release notes).

---

🏁 Script executed:

cat package.json | head -80

Repository: WomB0ComB0/portfolio

Length of output: 3204

---

🏁 Script executed:

#!/bin/bash
# Search for npm package metadata on v2.0.4
curl -s "https://registry.npmjs.org/import-in-the-middle/2.0.4" | jq '.version, .dependencies, .devDependencies' 2>/dev/null || echo "Failed to fetch from npm registry"

Repository: WomB0ComB0/portfolio

Length of output: 810

---

🌐 Web query:

import-in-the-middle v2.0.4 site:github.com nodejs/import-in-the-middle

💡 Result:

I searched GitHub and package registries for "import-in-the-middle v2.0.4" (nodejs/import-in-the-middle). Findings:

• The nodejs/import-in-the-middle GitHub repo/releases feed shows releases up through v1.14.x and v2.0.0 but I did not find a GitHub release tag for v2.0.4 on the repo pages. [1][2]
• Package registries and aggregators report a published package version 2.0.4 (npm/registry summaries: Socket.dev, CodeSandbox listing). This indicates v2.0.4 is published to the npm registry even though a matching GitHub release tag is not clearly listed. [3][4]

Sources:

• GitHub/nodejs import-in-the-middle releases/news feed. [1]
• Node.js GitHub issue referencing import-in-the-middle (repo context). [2]
• Socket.dev / package index showing import-in-the-middle v2.0.4. [3]
• CodeSandbox / npm listings referencing latest v2.0.4. [4]

If you want, I can open the package page on the npm registry or the repo's tags/releases page and show exact timestamps and publisher info.

---

🌐 Web query:

import-in-the-middle 2.0.4 breaking changes migration guide

💡 Result:

Do you mean the npm package "import-in-the-middle" version 2.0.4? Or a different project (e.g., a loader-utils or node-loader-utils 2.0.4)?

---

🏁 Script executed:

#!/bin/bash
# Check git history for package.json changes to the import-in-the-middle override
git log --oneline -p -- package.json | grep -A 5 -B 5 "import-in-the-middle" | head -50

Repository: WomB0ComB0/portfolio

Length of output: 545

---

🌐 Web query:

nodejs import-in-the-middle releases changelog github tags

💡 Result:

Here are links and quick pointers for the nodejs/import-in-the-middle releases, changelog and tags:

• Repository (GitHub): nodejs/import-in-the-middle — linked from npm. [1]
• npm package page (releases/versions overview): import-in-the-middle on npm. [1]
• Node.js project release feed (shows recent release tags like v1.14.0, v1.14.1, v1.14.2 etc.). [2]
• CDN / package versions listing (jsDelivr showing published versions, e.g. v2.0.1). [3]
• Related Node.js issue referencing import-in-the-middle (useful for compat/bug notes). [4]

Sources:
[1] npm import-in-the-middle package page.
[2] nodejs News Feeder — import-in-the-middle release entries.
[3] jsDelivr import-in-the-middle package page.
[4] nodejs/node issue #52987 discussing import-in-the-middle.

---

🌐 Web query:

import-in-the-middle 2.0.4 OpenTelemetry instrumentation compatibility

💡 Result:

Short answer: probably not guaranteed — opentelemetry-js instrumentation packages currently depend on import-in-the-middle ^1.x, so import-in-the-middle 2.0.4 (a breaking-major bump) may be incompatible unless the OpenTelemetry package explicitly updates to accept v2.

Evidence:

• @opentelemetry/instrumentation package.json lists "import-in-the-middle": "^1.8.1". [1]
• import-in-the-middle has a 2.0.4 release (major version 2). [2]
• OpenTelemetry JS docs/issues note special handling for ESM hooks and that instrumentation should use the re-exported @opentelemetry/instrumentation/hook.mjs rather than relying on import-in-the-middle implementation details. This implies changes in import/hook behavior can break instrumentations. [3]

Recommendation: keep import-in-the-middle at a v1.x version that satisfies the instrumentation's declared semver (or wait for/opentelemetry-js to update its dependency to ^2.x). If you must use 2.0.4, test thoroughly (or patch/override dependency) and monitor opentelemetry-js release notes for an explicit v2-compatible update.

Sources:

1. @opentelemetry/instrumentation package.json (dependencies includes "import-in-the-middle": "^1.8.1"). [1]
2. import-in-the-middle package (shows v2.0.4). [2]
3. OpenTelemetry JS instrumentation notes/issues about ESM hook usage and import-in-the-middle. [3]

---

🌐 Web query:

import-in-the-middle v2.0.0 v2.0.4 changelog what's new

💡 Result:

Do you mean the npm package "import-in-the-middle" (Node) or a different project/repo? I can fetch the v2.0.0→v2.0.4 changelog once you confirm which package/source.

---

Confirm compatibility between import-in-the-middle v2.0.4 and @opentelemetry/instrumentation v0.210.0.

The override pins import-in-the-middle to v2.0.4 (major version 2), but @opentelemetry/instrumentation v0.210.0 declares a dependency on ^1.8.1 (major version 1). This major version mismatch is a breaking change that may cause instrumentation failures. Verify that v2.0.4 is compatible with the pinned OpenTelemetry version, or downgrade to a v1.x release that satisfies the declared semver constraint.

🤖 Prompt for AI Agents

In `@package.json` around lines 69 - 72, The override pins "import-in-the-middle"
to 2.0.4 which conflicts with `@opentelemetry/instrumentation`@0.210.0's
dependency range (^1.8.1); verify compatibility and either update the
OpenTelemetry packages to ones known to work with import-in-the-middle v2, or
change the override to a v1.x release (e.g., a 1.8.x/1.x that satisfies ^1.8.1)
so the package resolution matches `@opentelemetry/instrumentation`'s declared
semver; update package.json "overrides" accordingly after confirming which
version pair is compatible.