ashatora/editor
1
0
Fork 0
mirror of https://github.com/maputnik/editor.git synced 2025-12-06 06:10:00 +00:00
Code Issues Projects Releases Wiki Activity
2,336 Commits 5 Branches 32 Tags
0d74cedf4df56f5a99894919737644bee2870a9f
Commit Graph

2336 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
0d74cedf4d chore(deps): Bump react-i18next from 16.2.3 to 16.2.4 (#1499) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
16.2.3 to 16.2.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h3>16.2.4</h3>
<ul>
<li>try to fix &quot;Trans component do not render anymore children as
default value in test environment&quot; <a
href="https://redirect.github.com/i18next/react-i18next/issues/1883">1883</a>
by also respecting <a
href="https://redirect.github.com/i18next/react-i18next/issues/1876">1876</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ef82835198"><code>ef82835</code></a>
16.2.4</li>
<li><a
href="72e1a0011b"><code>72e1a00</code></a>
try to fix &quot;Trans component do not render anymore children as
default value i...</li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v16.2.3...v16.2.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=16.2.3&new-version=16.2.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-07 13:18:53 +00:00
dependabot[bot]
97e5bfcee8 chore(deps): Bump ol-mapbox-style from 13.1.0 to 13.1.1 (#1496) 
Bumps [ol-mapbox-style](https://github.com/openlayers/ol-mapbox-style)
from 13.1.0 to 13.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/ol-mapbox-style/releases">ol-mapbox-style's
releases</a>.</em></p>
<blockquote>
<h2>v13.1.1</h2>
<h2>Summary</h2>
<ul>
<li>Add support for running ol-mapbox-style in web workers</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Changes for v13.1.0 by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1354">openlayers/ol-mapbox-style#1354</a></li>
<li>Bump html-webpack-plugin from 5.6.3 to 5.6.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1355">openlayers/ol-mapbox-style#1355</a></li>
<li>Bump mini-css-extract-plugin from 2.9.2 to 2.9.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1356">openlayers/ol-mapbox-style#1356</a></li>
<li>Bump copy-webpack-plugin from 13.0.0 to 13.0.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1358">openlayers/ol-mapbox-style#1358</a></li>
<li>Bump tar-fs from 3.1.0 to 3.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1360">openlayers/ol-mapbox-style#1360</a></li>
<li>Bump typedoc-plugin-missing-exports from 4.0.0 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1362">openlayers/ol-mapbox-style#1362</a></li>
<li>Bump webpack from 5.100.2 to 5.102.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1363">openlayers/ol-mapbox-style#1363</a></li>
<li>Update Mapbox Style documentation link by <a
href="https://github.com/simon04"><code>@​simon04</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1366">openlayers/ol-mapbox-style#1366</a></li>
<li>implement basic support for usage in worker by <a
href="https://github.com/RobertOrthofer"><code>@​RobertOrthofer</code></a>
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1365">openlayers/ol-mapbox-style#1365</a></li>
<li>avoid createMockDiv import by <a
href="https://github.com/RobertOrthofer"><code>@​RobertOrthofer</code></a>
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1372">openlayers/ol-mapbox-style#1372</a></li>
<li>Bump <code>@​rollup/plugin-commonjs</code> from 28.0.6 to 28.0.9 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1367">openlayers/ol-mapbox-style#1367</a></li>
<li>Bump cross-env from 7.0.3 to 10.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1368">openlayers/ol-mapbox-style#1368</a></li>
<li>Bump globals from 16.3.0 to 16.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1369">openlayers/ol-mapbox-style#1369</a></li>
<li>Bump typedoc from 0.28.7 to 0.28.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1370">openlayers/ol-mapbox-style#1370</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/simon04"><code>@​simon04</code></a> made
their first contribution in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1366">openlayers/ol-mapbox-style#1366</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/openlayers/ol-mapbox-style/compare/v13.1.0...v13.1.1">https://github.com/openlayers/ol-mapbox-style/compare/v13.1.0...v13.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/ol-mapbox-style/blob/main/CHANGELOG.md">ol-mapbox-style's
changelog</a>.</em></p>
<blockquote>
<h2>13.1.1</h2>
<ul>
<li>Add support for running ol-mapbox-style in web workers</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="819fa3615e"><code>819fa36</code></a>
Add dist for v13.1.1</li>
<li><a
href="a3889d7126"><code>a3889d7</code></a>
Changes for 13.1.1</li>
<li><a
href="73d04aa852"><code>73d04aa</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1370">#1370</a>
from openlayers/dependabot/npm_and_yarn/typedoc-0.28.14</li>
<li><a
href="9b18d7e17f"><code>9b18d7e</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1369">#1369</a>
from openlayers/dependabot/npm_and_yarn/globals-16.4.0</li>
<li><a
href="02e6db9c4b"><code>02e6db9</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1368">#1368</a>
from openlayers/dependabot/npm_and_yarn/cross-env-10...</li>
<li><a
href="9af4dfbf96"><code>9af4dfb</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1367">#1367</a>
from openlayers/dependabot/npm_and_yarn/rollup/plugi...</li>
<li><a
href="2281347bc0"><code>2281347</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1372">#1372</a>
from RobertOrthofer/avoid-createMockDIV-import</li>
<li><a
href="ebae33a9ac"><code>ebae33a</code></a>
avoid createMockDiv import</li>
<li><a
href="e56565312c"><code>e565653</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1365">#1365</a>
from RobertOrthofer/master</li>
<li><a
href="2ef903f491"><code>2ef903f</code></a>
update package-lock</li>
<li>Additional commits viewable in <a
href="https://github.com/openlayers/ol-mapbox-style/compare/v13.1.0...v13.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ol-mapbox-style&package-manager=npm_and_yarn&previous-version=13.1.0&new-version=13.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-07 13:18:35 +00:00
Harel M
0fbba4b362 Fix missing font auto complete menu (#1491) 
## Launch Checklist

This fixes the position of the autocomplete list - CSS fix mostly.
It also changes the loading of the metadata to be using promises instead
of callbacks.

I couldn't reproduce the following issue, so I'll be closing it for now.
- Fixes #945

Before:
<img width="563" height="577" alt="image"
src="https://github.com/user-attachments/assets/6ea264e1-cb85-4a8a-8df5-ab50e7815333"
/>

After:
<img width="563" height="577" alt="image"
src="https://github.com/user-attachments/assets/27fa2901-dd96-44fd-9774-363fd4c5ed98"
/>


 - [x] Briefly describe the changes in this PR.
 - [x] Link to related issues.
- [x] Include before/after visuals or gifs if this PR includes visual
changes.

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
 2025-11-06 16:31:14 +02:00
dependabot[bot]
ce3953ea9c chore(deps): Bump @maplibre/maplibre-gl-inspect from 1.7.1 to 1.8.0 (#1489) 
Bumps
[@maplibre/maplibre-gl-inspect](https://github.com/maplibre/maplibre-gl-inspect)
from 1.7.1 to 1.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-inspect/releases"><code>@​maplibre/maplibre-gl-inspect</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v1.8.0</h2>
<h2><a
href="https://github.com/maplibre/maplibre-gl-inspect/compare/v1.7.1...v1.8.0">1.8.0</a>
(2025-11-06)</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b6d135bbfd"><code>b6d135b</code></a>
Bump version to 1.8.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/322">#322</a>)</li>
<li><a
href="03ea2e78a6"><code>03ea2e7</code></a>
Remove internal maplibre-gl api usage, fallback to style's layers (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/321">#321</a>)</li>
<li><a
href="51524e8453"><code>51524e8</code></a>
Bump eslint from 9.38.0 to 9.39.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/320">#320</a>)</li>
<li><a
href="a9f6f19e4f"><code>a9f6f19</code></a>
Bump <code>@​rollup/plugin-commonjs</code> from 28.0.9 to 29.0.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/319">#319</a>)</li>
<li><a
href="dbc6825c8b"><code>dbc6825</code></a>
Bump maplibre-gl from 5.9.0 to 5.10.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/317">#317</a>)</li>
<li><a
href="471bcb054c"><code>471bcb0</code></a>
Bump <code>@​rollup/plugin-commonjs</code> from 28.0.8 to 28.0.9 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/316">#316</a>)</li>
<li><a
href="6d890c0849"><code>6d890c0</code></a>
Bump <code>@​rollup/plugin-typescript</code> from 12.1.4 to 12.3.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/315">#315</a>)</li>
<li><a
href="61de3a88cb"><code>61de3a8</code></a>
Bump typescript-eslint from 8.46.1 to 8.46.2 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/314">#314</a>)</li>
<li><a
href="d9f9255a39"><code>d9f9255</code></a>
Bump typescript-eslint from 8.46.0 to 8.46.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/312">#312</a>)</li>
<li><a
href="dbf1b5eae3"><code>dbf1b5e</code></a>
Bump rollup from 4.52.4 to 4.52.5 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-inspect/issues/313">#313</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-inspect/compare/v1.7.1...v1.8.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-inspect&package-manager=npm_and_yarn&previous-version=1.7.1&new-version=1.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-06 13:17:40 +00:00
Harel M
4ba09144e9 Add support for sprite object (#1488) 
## Launch Checklist

- Fixes #1302

When a sprite object is used, the current settings modal does not
present it well and does not allow editing.
This changes the input from a string to json.
It does make the editing a bit more cumbersome as you need to type `"`
now instead of just placing the address, but if you click the info
button you should be able to understand that this is a special field.
The fact that it looks like a code editor should also help guide users
to place different input there.

Before:
<img width="710" height="297" alt="image"
src="https://github.com/user-attachments/assets/a615dddd-6c06-45fb-b5a9-1820e6a5c077"
/>


After:
<img width="710" height="297" alt="image"
src="https://github.com/user-attachments/assets/fdb89ada-91ca-4bf4-8380-ce3c25373b41"
/>


 - [x] Briefly describe the changes in this PR.
 - [x] Link to related issues.
- [x] Include before/after visuals or gifs if this PR includes visual
changes.
 - [x] Write tests for all new functionality.
 - [ ] Add an entry to `CHANGELOG.md` under the `## main` section.

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
 2025-11-06 14:18:30 +02:00
dependabot[bot]
85bf0e02a4 chore(deps): Bump github/codeql-action from 4.31.0 to 4.31.2 (#1487) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.31.0 to 4.31.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.31.2</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.2 - 30 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.2/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v4.31.1</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.1 - 30 Oct 2025</h2>
<ul>
<li>The <code>add-snippets</code> input has been removed from the
<code>analyze</code> action. This input has been deprecated since CodeQL
Action 3.26.4 in August 2024 when this removal was announced.</li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.1/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.31.2 - 30 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.1 - 30 Oct 2025</h2>
<ul>
<li>The <code>add-snippets</code> input has been removed from the
<code>analyze</code> action. This input has been deprecated since CodeQL
Action 3.26.4 in August 2024 when this removal was announced.</li>
</ul>
<h2>4.31.0 - 24 Oct 2025</h2>
<ul>
<li>Bump minimum CodeQL bundle version to 2.17.6. <a
href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li>
<li>When SARIF files are uploaded by the <code>analyze</code> or
<code>upload-sarif</code> actions, the CodeQL Action automatically
performs post-processing steps to prepare the data for the upload.
Previously, these post-processing steps were only performed before an
upload took place. We are now changing this so that the post-processing
steps will always be performed, even when the SARIF files are not
uploaded. This does not change anything for the
<code>upload-sarif</code> action. For <code>analyze</code>, this may
affect Advanced Setup for CodeQL users who specify a value other than
<code>always</code> for the <code>upload</code> input. <a
href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li>
</ul>
<h2>4.30.9 - 17 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.3. <a
href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li>
<li>Experimental: A new <code>setup-codeql</code> action has been added
which is similar to <code>init</code>, except it only installs the
CodeQL CLI and does not initialize a database. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li>
</ul>
<h2>4.30.8 - 10 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.30.7 - 06 Oct 2025</h2>
<ul>
<li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a
href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li>
</ul>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<h2>3.30.3 - 10 Sep 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0499de31b9"><code>0499de3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3261">#3261</a>
from github/henrymercer/setup-python</li>
<li><a
href="3b96745d2b"><code>3b96745</code></a>
Set up Python in mergeback workflow</li>
<li><a
href="8a06050a8c"><code>8a06050</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3259">#3259</a>
from github/update-v4.31.2-9576b5cbe</li>
<li><a
href="752a642cb2"><code>752a642</code></a>
Update changelog for v4.31.2</li>
<li><a
href="9576b5cbe8"><code>9576b5c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3258">#3258</a>
from github/mbg/enablement-errors/case-insensitive</li>
<li><a
href="cc8843728c"><code>cc88437</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3257">#3257</a>
from github/henrymercer/ubuntu-slim</li>
<li><a
href="f0e9bf07f4"><code>f0e9bf0</code></a>
Make <code>isEnablementError</code> case-insensitive</li>
<li><a
href="2a3599c520"><code>2a3599c</code></a>
Run lightweight workflows on <code>ubuntu-slim</code></li>
<li><a
href="514ff4d116"><code>514ff4d</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3256">#3256</a>
from github/henrymercer/resolve-bad-merge</li>
<li><a
href="aab1c2f931"><code>aab1c2f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3253">#3253</a>
from github/mergeback/v4.31.1-to-main-5fe9434c</li>
<li>Additional commits viewable in <a
href="4e94bd11f7...0499de31b9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.31.0&new-version=4.31.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-04 07:32:15 +00:00
Jere Suikkila
5b34a3791f fix: keep headers visible when scrolling left panes (#1485) 
Keeps headers visible when scrolling left panes as described in the
[issue 951
](https://github.com/maplibre/maputnik/issues/951)

The fix was manually confirmed to be working, see video below.

## Before (taken from the issue)
<img width="713" height="231" alt="image"
src="https://github.com/user-attachments/assets/c1eadb0d-6dbf-4199-8732-68b07d626003"
/>


## After

https://github.com/user-attachments/assets/ab5e4a6f-c5f9-44fd-850d-8eac58c35c68

---------

Co-authored-by: Harel M <harel.mazor@gmail.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
 2025-11-04 09:11:13 +02:00
dependabot[bot]
46f0d7620d chore(deps): Bump actions/upload-artifact from 4.6.2 to 5.0.0 (#1476) 
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.2 to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<p><strong>BREAKING CHANGE:</strong> this update supports Node
<code>v24.x</code>. This is not a breaking change per-se but we're
treating it as such.</p>
<ul>
<li>Update README.md by <a
href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li>
<li>Readme: spell out the first use of GHES by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li>
<li>Update GHES guidance to include reference to Node 20 version by <a
href="https://github.com/patrikpolyak"><code>@​patrikpolyak</code></a>
in <a
href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li>
<li>Bump <code>@actions/artifact</code> to <code>v4.0.0</code></li>
<li>Prepare <code>v5.0.0</code> by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/734">actions/upload-artifact#734</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR"><code>@​GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/681">actions/upload-artifact#681</a></li>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/712">actions/upload-artifact#712</a></li>
<li><a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/727">actions/upload-artifact#727</a></li>
<li><a
href="https://github.com/patrikpolyak"><code>@​patrikpolyak</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/725">actions/upload-artifact#725</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v5.0.0">https://github.com/actions/upload-artifact/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="330a01c490"><code>330a01c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/734">#734</a>
from actions/danwkennedy/prepare-5.0.0</li>
<li><a
href="03f2824452"><code>03f2824</code></a>
Update <code>github.dep.yml</code></li>
<li><a
href="905a1ecb59"><code>905a1ec</code></a>
Prepare <code>v5.0.0</code></li>
<li><a
href="2d9f9cdfa9"><code>2d9f9cd</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/725">#725</a>
from patrikpolyak/patch-1</li>
<li><a
href="9687587dec"><code>9687587</code></a>
Merge branch 'main' into patch-1</li>
<li><a
href="2848b2cda0"><code>2848b2c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/727">#727</a>
from danwkennedy/patch-1</li>
<li><a
href="9b511775fd"><code>9b51177</code></a>
Spell out the first use of GHES</li>
<li><a
href="cd231ca1ed"><code>cd231ca</code></a>
Update GHES guidance to include reference to Node 20 version</li>
<li><a
href="de65e23aa2"><code>de65e23</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/712">#712</a>
from actions/nebuk89-patch-1</li>
<li><a
href="8747d8cd76"><code>8747d8c</code></a>
Update README.md</li>
<li>Additional commits viewable in <a
href="ea165f8d65...330a01c490">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.2&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 15:55:08 +02:00
Harel M
696e43b474 chore(deps): update vitest and group them (#1486) 
## Launch Checklist

Update vitest packages and group them in dependabot.
 2025-11-02 13:37:48 +00:00
dependabot[bot]
50e9559631 chore(deps-dev): Bump vitest from 4.0.2 to 4.0.4 (#1482) 
Bumps
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest)
from 4.0.2 to 4.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.4</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li><strong>browser</strong>:
<ul>
<li>Correct typo  -  by <a
href="https://github.com/benmccann"><code>@​benmccann</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8796">vitest-dev/vitest#8796</a>
<a href="https://github.com/vitest-dev/vitest/commit/ede1f39d6"><!-- raw
HTML omitted -->(ede1f)<!-- raw HTML omitted --></a></li>
<li>Publish a missing context file for webdriverio  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8824">vitest-dev/vitest#8824</a>
<a href="https://github.com/vitest-dev/vitest/commit/7c7b6f0b1"><!-- raw
HTML omitted -->(7c7b6)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>mocker</strong>:
<ul>
<li>Support mocking builtins without <code>node:</code> prefix  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8829">vitest-dev/vitest#8829</a>
<a href="https://github.com/vitest-dev/vitest/commit/06208d30b"><!-- raw
HTML omitted -->(06208)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>pool</strong>:
<ul>
<li>Runner's error listener causing
<code>MaxListenersExceededWarning</code>  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8820">vitest-dev/vitest#8820</a>
<a href="https://github.com/vitest-dev/vitest/commit/d1bff3bb3"><!-- raw
HTML omitted -->(d1bff)<!-- raw HTML omitted --></a></li>
<li>Capture workers <code>stdio</code> to logger  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8809">vitest-dev/vitest#8809</a>
<a href="https://github.com/vitest-dev/vitest/commit/fb95fc736"><!-- raw
HTML omitted -->(fb95f)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>spy</strong>:
<ul>
<li>Allow classes in <code>vi.mocked</code> utility  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8839">vitest-dev/vitest#8839</a>
<a href="https://github.com/vitest-dev/vitest/commit/f87568d64"><!-- raw
HTML omitted -->(f8756)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>worker</strong>:
<ul>
<li>Rpc listener leak when <code>isolate: false</code>  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8821">vitest-dev/vitest#8821</a>
<a href="https://github.com/vitest-dev/vitest/commit/573dc06fe"><!-- raw
HTML omitted -->(573dc)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h3>   🏎 Performance</h3>
<ul>
<li><strong>utils</strong>: Optimized reducer to avoid creating new
objects  -  by <a
href="https://github.com/Connormiha"><code>@​Connormiha</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8818">vitest-dev/vitest#8818</a>
<a href="https://github.com/vitest-dev/vitest/commit/d19cece3a"><!-- raw
HTML omitted -->(d19ce)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.3...v4.0.4">View
changes on GitHub</a></h5>
<h2>v4.0.3</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Preserve reporter options from config when CLI reporters override
them  -  by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> and
<strong>sheremet-va</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8794">vitest-dev/vitest#8794</a>
<a href="https://github.com/vitest-dev/vitest/commit/155521a85"><!-- raw
HTML omitted -->(15552)<!-- raw HTML omitted --></a></li>
<li><strong>browser</strong>: More stable in-source testing validation
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8793">vitest-dev/vitest#8793</a>
<a href="https://github.com/vitest-dev/vitest/commit/622977e61"><!-- raw
HTML omitted -->(62297)<!-- raw HTML omitted --></a></li>
<li><strong>happy-dom</strong>: Support fetch globals  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8791">vitest-dev/vitest#8791</a>
<a href="https://github.com/vitest-dev/vitest/commit/0fb74bd3b"><!-- raw
HTML omitted -->(0fb74)<!-- raw HTML omitted --></a></li>
<li><strong>init</strong>: Use correct jsx/tsx extension  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8792">vitest-dev/vitest#8792</a>
<a href="https://github.com/vitest-dev/vitest/commit/abc046f95"><!-- raw
HTML omitted -->(abc04)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.2...v4.0.3">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9b75ec5f2f"><code>9b75ec5</code></a>
chore: release v4.0.4</li>
<li><a
href="fb95fc7360"><code>fb95fc7</code></a>
fix(pool): capture workers <code>stdio</code> to logger (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8809">#8809</a>)</li>
<li><a
href="06208d30bb"><code>06208d3</code></a>
fix(mocker): support mocking builtins without <code>node:</code> prefix
(<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8829">#8829</a>)</li>
<li><a
href="573dc06fec"><code>573dc06</code></a>
fix(worker): rpc listener leak when <code>isolate: false</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8821">#8821</a>)</li>
<li><a
href="d1bff3bb3e"><code>d1bff3b</code></a>
fix(pool): runner's error listener causing
<code>MaxListenersExceededWarning</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8820">#8820</a>)</li>
<li><a
href="d19cece3a5"><code>d19cece</code></a>
perf(utils): optimized reducer to avoid creating new objects (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8818">#8818</a>)</li>
<li><a
href="ede1f39d60"><code>ede1f39</code></a>
fix(browser): correct typo (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8796">#8796</a>)</li>
<li><a
href="ca1766f45c"><code>ca1766f</code></a>
chore: release v4.0.3</li>
<li><a
href="155521a857"><code>155521a</code></a>
fix: preserve reporter options from config when CLI reporters override
them (...</li>
<li><a
href="abc046f952"><code>abc046f</code></a>
fix(init): use correct jsx/tsx extension (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8792">#8792</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitest-dev/vitest/commits/v4.0.4/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vitest&package-manager=npm_and_yarn&previous-version=4.0.2&new-version=4.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:57:02 +00:00
dependabot[bot]
72a81b30d3 chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.3.0 to 24.3.1 (#1484) 
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-gl-style-spec)
from 24.3.0 to 24.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-style-spec/releases"><code>@​maplibre/maplibre-gl-style-spec</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v24.3.1</h2>
<p><a
href="https://github.com/maplibre/maplibre-gl-style-spec">https://github.com/maplibre/maplibre-gl-style-spec</a>
<a
href="https://github.com/maplibre/maplibre-gl-style-spec/compare/v24.3.0...v24.3.1">Changes</a>
since <a
href="https://github.com/maplibre/maplibre-gl-style-spec/releases/tag/v24.3.0">MapLibre
Style Spec v24.3.0</a>:</p>
<h3>🐞 Bug fixes</h3>
<ul>
<li>The validator no longer fails if the style lacks a
<code>glyphs</code> property (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1347">#1347</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md"><code>@​maplibre/maplibre-gl-style-spec</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>24.3.1</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>The validator no longer fails if the style lacks a
<code>glyphs</code> property (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1347">#1347</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="45ac05d100"><code>45ac05d</code></a>
Bump version to 24.3.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1349">#1349</a>)</li>
<li><a
href="abd1a97622"><code>abd1a97</code></a>
Validator: Relaxed requirement for <code>glyphs</code> when using
<code>text-field</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1347">#1347</a>)</li>
<li><a
href="d1044155d9"><code>d104415</code></a>
build(deps-dev): bump <code>@​types/node</code> from 24.8.1 to 24.9.1
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1342">#1342</a>)</li>
<li><a
href="9fb24e6614"><code>9fb24e6</code></a>
build(deps-dev): bump <code>@​rollup/plugin-commonjs</code> from 28.0.8
to 28.0.9 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1344">#1344</a>)</li>
<li><a
href="6e1eebf714"><code>6e1eebf</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1341">#1341</a>)</li>
<li><a
href="ac6bc2b1fd"><code>ac6bc2b</code></a>
build(deps-dev): bump vite from 7.1.5 to 7.1.11 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1337">#1337</a>)</li>
<li><a
href="8342bc0905"><code>8342bc0</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1330">#1330</a>)</li>
<li><a
href="3f77eef9ac"><code>3f77eef</code></a>
build(deps-dev): bump <code>@​types/node</code> from 24.7.2 to 24.8.1
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1334">#1334</a>)</li>
<li><a
href="eaee058840"><code>eaee058</code></a>
build(deps-dev): bump eslint from 9.37.0 to 9.38.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1332">#1332</a>)</li>
<li><a
href="354c0c84c9"><code>354c0c8</code></a>
build(deps-dev): bump <code>@​rollup/plugin-commonjs</code> from 28.0.6
to 28.0.8 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1333">#1333</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-style-spec/compare/v24.3.0...v24.3.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.3.0&new-version=24.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:54:32 +00:00
dependabot[bot]
8b9d481233 chore(deps): Bump cypress-io/github-action from 6.10.2 to 6.10.3 (#1472) 
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 6.10.2 to 6.10.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.10.3</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v6.10.2...v6.10.3">6.10.3</a>
(2025-10-23)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>add type commonjs to package.json (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1544">#1544</a>)
(<a
href="e65cba2e73">e65cba2</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e65cba2e73"><code>e65cba2</code></a>
fix: add type commonjs to package.json (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1544">#1544</a>)</li>
<li><a
href="8e36dc9c39"><code>8e36dc9</code></a>
chore(deps): update cypress to 15.5.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1550">#1550</a>)</li>
<li><a
href="aa00c21e56"><code>aa00c21</code></a>
chore: migrate to ESLint extends config structure (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1545">#1545</a>)</li>
<li><a
href="eb6ecdba5f"><code>eb6ecdb</code></a>
chore(deps): update markdown-link-check to 3.14.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1548">#1548</a>)</li>
<li><a
href="16752e2248"><code>16752e2</code></a>
test(deps): add Node.js 25 (current) support (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1549">#1549</a>)</li>
<li><a
href="e17a084cf5"><code>e17a084</code></a>
chore(deps): update cypress to 15.4.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1547">#1547</a>)</li>
<li><a
href="38f9a02ac2"><code>38f9a02</code></a>
chore(deps): update cypress to 15.3.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1543">#1543</a>)</li>
<li><a
href="6684394211"><code>6684394</code></a>
test(deps): update setup-chrome to v2 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1541">#1541</a>)</li>
<li><a
href="14fc5fa363"><code>14fc5fa</code></a>
docs: remove additional 'use: ./' syntax duplicated explanations (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1540">#1540</a>)</li>
<li><a
href="b986d12248"><code>b986d12</code></a>
chore(deps): update cypress to 15.2.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1539">#1539</a>)</li>
<li>Additional commits viewable in <a
href="b8ba51a856...e65cba2e73">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=6.10.2&new-version=6.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:49:12 +00:00
dependabot[bot]
e45cc33463 chore(deps-dev): Bump @vitejs/plugin-react from 5.0.4 to 5.1.0 (#1470) 
Bumps
[@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react)
from 5.0.4 to 5.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite-plugin-react/releases"><code>@​vitejs/plugin-react</code>'s
releases</a>.</em></p>
<blockquote>
<h2>plugin-react@5.1.0</h2>
<h3>Add <code>@vitejs/plugin-react/preamble</code> virtual module for
SSR HMR (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/890">#890</a>)</h3>
<p>SSR applications can now initialize HMR runtime by importing
<code>@vitejs/plugin-react/preamble</code> at the top of their client
entry instead of manually calling <code>transformIndexHtml</code>. This
simplifies SSR setup for applications that don't use the
<code>transformIndexHtml</code> API.</p>
<h3>Fix raw Rolldown support for Rolldown 1.0.0-beta.44+ (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/930">#930</a>)</h3>
<p>Rolldown 1.0.0-beta.44+ removed the top-level <code>jsx</code> option
in favor of <code>transform.jsx</code>. This plugin now uses the
<code>transform.jsx</code> option to support Rolldown
1.0.0-beta.44+.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md"><code>@​vitejs/plugin-react</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>5.1.0 (2025-10-24)</h2>
<h3>Add <code>@vitejs/plugin-react/preamble</code> virtual module for
SSR HMR (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/890">#890</a>)</h3>
<p>SSR applications can now initialize HMR runtime by importing
<code>@vitejs/plugin-react/preamble</code> at the top of their client
entry instead of manually calling <code>transformIndexHtml</code>. This
simplifies SSR setup for applications that don't use the
<code>transformIndexHtml</code> API.</p>
<h3>Fix raw Rolldown support for Rolldown 1.0.0-beta.44+ (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/930">#930</a>)</h3>
<p>Rolldown 1.0.0-beta.44+ removed the top-level <code>jsx</code> option
in favor of <code>transform.jsx</code>. This plugin now uses the
<code>transform.jsx</code> option to support Rolldown
1.0.0-beta.44+.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3e5a3742e9"><code>3e5a374</code></a>
release: plugin-react@5.1.0</li>
<li><a
href="44cbed4d00"><code>44cbed4</code></a>
fix(react): compat with newer rolldown (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/930">#930</a>)</li>
<li><a
href="c54d3c6998"><code>c54d3c6</code></a>
chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/926">#926</a>)</li>
<li><a
href="a2d76d9476"><code>a2d76d9</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/918">#918</a>)</li>
<li><a
href="fffb7eb7a4"><code>fffb7eb</code></a>
feat(react): expose virtual module to simplify hmr preamble setup on ssr
(<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/890">#890</a>)</li>
<li><a
href="b79592a72a"><code>b79592a</code></a>
fix(deps): update react-related dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/901">#901</a>)</li>
<li><a
href="2d239fc8de"><code>2d239fc</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/896">#896</a>)</li>
<li><a
href="73be2f0bbf"><code>73be2f0</code></a>
chore(deps): fix vitest &gt; rolldown-vite dependency (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/889">#889</a>)</li>
<li><a
href="407795dbd0"><code>407795d</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/887">#887</a>)</li>
<li><a
href="47db4734d5"><code>47db473</code></a>
chore(react): fix ecosystem-ci failure (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/888">#888</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.1.0/packages/plugin-react">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@vitejs/plugin-react&package-manager=npm_and_yarn&previous-version=5.0.4&new-version=5.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:47:43 +00:00
dependabot[bot]
8b3e6c753e chore(deps-dev): Bump @types/codemirror from 5.60.16 to 5.60.17 (#1469) 
Bumps
[@types/codemirror](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/codemirror)
from 5.60.16 to 5.60.17.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/codemirror">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/codemirror&package-manager=npm_and_yarn&previous-version=5.60.16&new-version=5.60.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:47:02 +00:00
dependabot[bot]
098881c5c9 chore(deps-dev): Bump @shellygo/cypress-test-utils from 6.0.1 to 6.0.4 (#1466) 
Bumps
[@shellygo/cypress-test-utils](https://github.com/shellyDCMS/cypress-test-utils)
from 6.0.1 to 6.0.4.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/shellyDCMS/cypress-test-utils/commits">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@shellygo/cypress-test-utils&package-manager=npm_and_yarn&previous-version=6.0.1&new-version=6.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:46:48 +00:00
dependabot[bot]
0008008266 chore(deps-dev): Bump @cypress/code-coverage from 3.14.6 to 3.14.7 (#1439) 
Bumps
[@cypress/code-coverage](https://github.com/cypress-io/code-coverage)
from 3.14.6 to 3.14.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/code-coverage/releases"><code>@​cypress/code-coverage</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v3.14.7</h2>
<h2><a
href="https://github.com/cypress-io/code-coverage/compare/v3.14.6...v3.14.7">3.14.7</a>
(2025-10-08)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> switch to tinyglobby (<a
href="https://redirect.github.com/cypress-io/code-coverage/issues/960">#960</a>)
(<a
href="41d9b3db0e">41d9b3d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="41d9b3db0e"><code>41d9b3d</code></a>
fix(deps): switch to tinyglobby (<a
href="https://redirect.github.com/cypress-io/code-coverage/issues/960">#960</a>)</li>
<li>See full diff in <a
href="https://github.com/cypress-io/code-coverage/compare/v3.14.6...v3.14.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@cypress/code-coverage&package-manager=npm_and_yarn&previous-version=3.14.6&new-version=3.14.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:46:33 +00:00
dependabot[bot]
0c04dbb24c chore(deps): Bump maplibre-gl from 5.9.0 to 5.10.0 (#1480) 
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from
5.9.0 to 5.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/releases">maplibre-gl's
releases</a>.</em></p>
<blockquote>
<h2>v5.10.0</h2>
<p><a
href="https://github.com/maplibre/maplibre-gl-js">https://github.com/maplibre/maplibre-gl-js</a>
<a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.9.0...v5.10.0">Changes</a>
since <a
href="https://github.com/maplibre/maplibre-gl-js/releases/tag/v5.9.0">MapLibre
GL JS v5.9.0</a>:</p>
<h3> Features and improvements</h3>
<ul>
<li>Add time control API (<code>setNow</code>, <code>restoreNow</code>,
<code>isTimeFrozen</code>) for deterministic rendering, enabling
frame-by-frame video export and deterministic testing (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6544">6544</a>)</li>
<li>Use styles <code>isHidden</code> logic in the worker by adding a new
optional <code>roundMinZoom</code> parameter (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6547">#6547</a>)</li>
<li>Add <code>transformConstrain</code> callback to the <code>Map</code>
options to override the transform's <code>constrain</code> with new type
<code>TransformConstrainFunction</code>; refactor transform constructor
options to a <code>TransformOptions</code> object (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6484">#6484</a>)</li>
<li>Use timeControl.now() instead of browser.now() (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6573">6573</a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Contextmenu events not blocked by scrolling (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/5683">#5683</a></li>
<li>Mousemove events are not blocked by scrolling (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6302">#6302</a>)</li>
<li>Dashed lines have blurry rounded caps (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6554">#6554</a>)</li>
<li>Preserve flyTo padding when prefers-reduced-motion is enabled (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6576">#6576</a>)</li>
<li>Fix setClusterOptions not triggering recluster when no data changes
are pending (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6603">#6603</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's
changelog</a>.</em></p>
<blockquote>
<h2>5.10.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add time control API (<code>setNow</code>, <code>restoreNow</code>,
<code>isTimeFrozen</code>) for deterministic rendering, enabling
frame-by-frame video export and deterministic testing (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6544">6544</a>)</li>
<li>Use styles <code>isHidden</code> logic in the worker by adding a new
optional <code>roundMinZoom</code> parameter (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6547">#6547</a>)</li>
<li>Add <code>transformConstrain</code> callback to the <code>Map</code>
options to override the transform's <code>constrain</code> with new type
<code>TransformConstrainFunction</code>; refactor transform constructor
options to a <code>TransformOptions</code> object (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6484">#6484</a>)</li>
<li>Use timeControl.now() instead of browser.now() (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6573">6573</a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Contextmenu events not blocked by scrolling (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/5683">#5683</a></li>
<li>Mousemove events are not blocked by scrolling (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6302">#6302</a>)</li>
<li>Dashed lines have blurry rounded caps (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6554">#6554</a>)</li>
<li>Preserve flyTo padding when prefers-reduced-motion is enabled (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6576">#6576</a>)</li>
<li>Fix setClusterOptions not triggering recluster when no data changes
are pending (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6603">#6603</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93634b011a"><code>93634b0</code></a>
Bump version to 5.10.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6616">#6616</a>)</li>
<li><a
href="cdb26febdb"><code>cdb26fe</code></a>
On a flyTo call with prefers-reduced-motion set, apply the padding
option (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6">#6</a>...</li>
<li><a
href="32964f28a8"><code>32964f2</code></a>
Fix cluster options with no pending data changes (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6603">#6603</a>)</li>
<li><a
href="baa94d1c4d"><code>baa94d1</code></a>
chore(deps-dev): bump devtools-protocol from 0.0.1528500 to 0.0.1532728
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6613">#6613</a>)</li>
<li><a
href="5942dd1153"><code>5942dd1</code></a>
chore(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6614">#6614</a>)</li>
<li><a
href="cc1909dd25"><code>cc1909d</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.8.1 to 24.9.1
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6612">#6612</a>)</li>
<li><a
href="1d411062ea"><code>1d41106</code></a>
Fix broken example link (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6604">#6604</a>)</li>
<li><a
href="4aa5084c12"><code>4aa5084</code></a>
Fix broken image link in README for example 'Animate a series of images'
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6602">#6602</a>)</li>
<li><a
href="0983bec4a4"><code>0983bec</code></a>
chore(deps): bump ggilder/codecoverage (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6600">#6600</a>)</li>
<li><a
href="540a4c961d"><code>540a4c9</code></a>
chore(deps): bump github/codeql-action from 3.30.6 to 4.30.9 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6599">#6599</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.9.0...v5.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=maplibre-gl&package-manager=npm_and_yarn&previous-version=5.9.0&new-version=5.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-02 10:45:04 +00:00
dependabot[bot]
3b4016af92 chore(deps-dev): Bump @stylistic/eslint-plugin from 5.4.0 to 5.5.0 (#1459) 
Bumps
[@stylistic/eslint-plugin](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin)
from 5.4.0 to 5.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint-stylistic/eslint-stylistic/releases"><code>@​stylistic/eslint-plugin</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v5.5.0</h2>
<h2><a
href="https://github.com/eslint-stylistic/eslint-stylistic/compare/v5.4.0...v5.5.0">5.5.0</a>
(2025-10-18)</h2>
<h3>Features</h3>
<ul>
<li><strong>comma-dangle:</strong> support <code>TSFunctionType</code>
and <code>TSDeclareFunction</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1015">#1015</a>)
(<a
href="cd3776f8a9">cd3776f</a>)</li>
<li><strong>comma-dangle:</strong> support
<code>TSTypeParameterInstantiation</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1016">#1016</a>)
(<a
href="ba930e7269">ba930e7</a>)</li>
<li><strong>indent:</strong> deprecate
<code>offsetTernaryExpressionsOffsetCallExpressions</code> via
<code>offsetTernaryExpressions.CallExpression</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/997">#997</a>)
(<a
href="f2837b1d9a">f2837b1</a>)</li>
<li><strong>indent:</strong> introduce <code>NewExpression</code> and
<code>AwaitExpression</code> in <code>offsetTernaryExpressions</code>
(<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/996">#996</a>)
(<a
href="2b5a39fc98">2b5a39f</a>)</li>
<li>new rule list-style (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/895">#895</a>)
(<a
href="a9ec0de85d">a9ec0de</a>)</li>
<li><strong>object-curly-spacing:</strong> add <code>emptyObjects</code>
option to control spacing in empty objects (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1002">#1002</a>)
(<a
href="85ef5bcf05">85ef5bc</a>)</li>
<li><strong>padding-line-between-statements:</strong> narrow report
range to reduce noise (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1017">#1017</a>)
(<a
href="b3a3acffbf">b3a3acf</a>)</li>
<li>update deps (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1011">#1011</a>)
(<a
href="9d5085c030">9d5085c</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>indent:</strong> correctly indent <code>NewExpression</code>
in <code>ConditionalExpression</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/994">#994</a>)
(<a
href="01cec33474">01cec33</a>)</li>
<li>replace <code>context.getSourceCode()</code> with
<code>context.sourceCode</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1004">#1004</a>)
(<a
href="f3faa54295">f3faa54</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><strong>contribute:</strong> add guide to run the document site (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1001">#1001</a>)
(<a
href="37a64c5b9c">37a64c5</a>)</li>
<li><strong>object-curly-spacing:</strong> introduce
<code>overrides</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/998">#998</a>)
(<a
href="6452b523a4">6452b52</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>no-extra-parens:</strong> remove useless logic (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1013">#1013</a>)
(<a
href="8e34765bed">8e34765</a>)</li>
<li>remove <code>TestCaseError#type</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1005">#1005</a>)
(<a
href="83d00c5735">83d00c5</a>)</li>
<li>replace <code>Object.prototype.hasOwnProperty.call</code> with
<code>Object.hasOwn</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/992">#992</a>)
(<a
href="97193e14d6">97193e1</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/eslint-stylistic/eslint-stylistic/blob/main/CHANGELOG.md"><code>@​stylistic/eslint-plugin</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/eslint-stylistic/eslint-stylistic/compare/v5.4.0...v5.5.0">5.5.0</a>
(2025-10-18)</h2>
<h3>Features</h3>
<ul>
<li><strong>comma-dangle:</strong> support <code>TSFunctionType</code>
and <code>TSDeclareFunction</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1015">#1015</a>)
(<a
href="cd3776f8a9">cd3776f</a>)</li>
<li><strong>comma-dangle:</strong> support
<code>TSTypeParameterInstantiation</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1016">#1016</a>)
(<a
href="ba930e7269">ba930e7</a>)</li>
<li><strong>indent:</strong> deprecate
<code>offsetTernaryExpressionsOffsetCallExpressions</code> via
<code>offsetTernaryExpressions.CallExpression</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/997">#997</a>)
(<a
href="f2837b1d9a">f2837b1</a>)</li>
<li><strong>indent:</strong> introduce <code>NewExpression</code> and
<code>AwaitExpression</code> in <code>offsetTernaryExpressions</code>
(<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/996">#996</a>)
(<a
href="2b5a39fc98">2b5a39f</a>)</li>
<li>new rule list-style (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/895">#895</a>)
(<a
href="a9ec0de85d">a9ec0de</a>)</li>
<li><strong>object-curly-spacing:</strong> add <code>emptyObjects</code>
option to control spacing in empty objects (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1002">#1002</a>)
(<a
href="85ef5bcf05">85ef5bc</a>)</li>
<li><strong>padding-line-between-statements:</strong> narrow report
range to reduce noise (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1017">#1017</a>)
(<a
href="b3a3acffbf">b3a3acf</a>)</li>
<li>update deps (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1011">#1011</a>)
(<a
href="9d5085c030">9d5085c</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>indent:</strong> correctly indent <code>NewExpression</code>
in <code>ConditionalExpression</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/994">#994</a>)
(<a
href="01cec33474">01cec33</a>)</li>
<li>replace <code>context.getSourceCode()</code> with
<code>context.sourceCode</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1004">#1004</a>)
(<a
href="f3faa54295">f3faa54</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><strong>contribute:</strong> add guide to run the document site (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1001">#1001</a>)
(<a
href="37a64c5b9c">37a64c5</a>)</li>
<li><strong>object-curly-spacing:</strong> introduce
<code>overrides</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/998">#998</a>)
(<a
href="6452b523a4">6452b52</a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><strong>no-extra-parens:</strong> remove useless logic (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1013">#1013</a>)
(<a
href="8e34765bed">8e34765</a>)</li>
<li>remove <code>TestCaseError#type</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1005">#1005</a>)
(<a
href="83d00c5735">83d00c5</a>)</li>
<li>replace <code>Object.prototype.hasOwnProperty.call</code> with
<code>Object.hasOwn</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/992">#992</a>)
(<a
href="97193e14d6">97193e1</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ad0c6a9432"><code>ad0c6a9</code></a>
chore: release v5.5.0 (main) (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/995">#995</a>)</li>
<li><a
href="ba930e7269"><code>ba930e7</code></a>
feat(comma-dangle): support <code>TSTypeParameterInstantiation</code>
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1016">#1016</a>)</li>
<li><a
href="b3a3acffbf"><code>b3a3acf</code></a>
feat(padding-line-between-statements): narrow report range to reduce
noise (#...</li>
<li><a
href="cd3776f8a9"><code>cd3776f</code></a>
feat(comma-dangle): support <code>TSFunctionType</code> and
<code>TSDeclareFunction</code> (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1015">#1015</a>)</li>
<li><a
href="8e34765bed"><code>8e34765</code></a>
refactor(no-extra-parens): remove useless logic (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1013">#1013</a>)</li>
<li><a
href="9d5085c030"><code>9d5085c</code></a>
feat: update deps (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1011">#1011</a>)</li>
<li><a
href="f2837b1d9a"><code>f2837b1</code></a>
feat(indent): deprecate
<code>offsetTernaryExpressionsOffsetCallExpressions</code> via `...</li>
<li><a
href="85ef5bcf05"><code>85ef5bc</code></a>
feat(object-curly-spacing): add <code>emptyObjects</code> option to
control spacing in e...</li>
<li><a
href="a9ec0de85d"><code>a9ec0de</code></a>
feat: new rule list-style (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/895">#895</a>)</li>
<li><a
href="2b5a39fc98"><code>2b5a39f</code></a>
feat(indent): introduce <code>NewExpression</code> and
<code>AwaitExpression</code> in `offsetTerna...</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint-stylistic/eslint-stylistic/commits/v5.5.0/packages/eslint-plugin">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@stylistic/eslint-plugin&package-manager=npm_and_yarn&previous-version=5.4.0&new-version=5.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-29 13:28:07 +00:00
dependabot[bot]
fff7982e85 chore(deps-dev): Bump vitest from 3.2.4 to 4.0.2 (#1478) 
Bumps
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest)
from 3.2.4 to 4.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.2</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li><strong>browser</strong>:
<ul>
<li>Don't print the deprecation notice in node_modules  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8779">vitest-dev/vitest#8779</a>
<a href="https://github.com/vitest-dev/vitest/commit/588f76858"><!-- raw
HTML omitted -->(588f7)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>pool</strong>:
<ul>
<li>Assign envs before running tests to keep in sync with process.env
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8769">vitest-dev/vitest#8769</a>
<a href="https://github.com/vitest-dev/vitest/commit/26ce88db6"><!-- raw
HTML omitted -->(26ce8)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>spy</strong>:
<ul>
<li>Properly inherit implementation's <code>length</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8778">vitest-dev/vitest#8778</a>
<a href="https://github.com/vitest-dev/vitest/commit/d4c2b280b"><!-- raw
HTML omitted -->(d4c2b)<!-- raw HTML omitted --></a></li>
<li>Reset spies if both <code>restoreMocks</code> and
<code>mockReset</code> are set in the config  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8781">vitest-dev/vitest#8781</a>
<a href="https://github.com/vitest-dev/vitest/commit/2eedbce76"><!-- raw
HTML omitted -->(2eedb)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.1...v4.0.2">View
changes on GitHub</a></h5>
<h2>v4.0.1</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>Move the <code>getBuiltins</code> check  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8765">vitest-dev/vitest#8765</a>
<a href="https://github.com/vitest-dev/vitest/commit/81000631d"><!-- raw
HTML omitted -->(81000)<!-- raw HTML omitted --></a></li>
<li><strong>pool</strong>: Don't teardown the communication channel too
soon if something is running after the test  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8767">vitest-dev/vitest#8767</a>
<a href="https://github.com/vitest-dev/vitest/commit/3fae73e2e"><!-- raw
HTML omitted -->(3fae7)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.0...v4.0.1">View
changes on GitHub</a></h5>
<h2>v4.0.0</h2>
<p>Vitest 4.0 is out!</p>
<p>To stay updated, read our <a
href="https://vitest.dev/blog/vitest-4">blog post</a> and check the <a
href="https://vitest.dev/guide/migration">migration guide</a>.</p>
<h3>   🚨 Breaking Changes</h3>
<ul>
<li>Remove <code>'basic'</code> reporter  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/7884">vitest-dev/vitest#7884</a>
<a href="https://github.com/vitest-dev/vitest/commit/82fcf5d53"><!-- raw
HTML omitted -->(82fcf)<!-- raw HTML omitted --></a></li>
<li>Simplify default exclude pattern  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/6287">vitest-dev/vitest#6287</a>
<a href="https://github.com/vitest-dev/vitest/commit/14c507200"><!-- raw
HTML omitted -->(14c50)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated getSourceMap  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8194">vitest-dev/vitest#8194</a>
<a href="https://github.com/vitest-dev/vitest/commit/ff93444f8"><!-- raw
HTML omitted -->(ff934)<!-- raw HTML omitted --></a></li>
<li>Replace deprecated ErrorWithDiff with TestError  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8195">vitest-dev/vitest#8195</a>
<a href="https://github.com/vitest-dev/vitest/commit/da59eb887"><!-- raw
HTML omitted -->(da59e)<!-- raw HTML omitted --></a></li>
<li>Remove UserConfig type in favor of ViteUserConfig  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8196">vitest-dev/vitest#8196</a>
<a href="https://github.com/vitest-dev/vitest/commit/22f7f2db5"><!-- raw
HTML omitted -->(22f7f)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated coverage options in favor of
<code>vitest/node</code> exports  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8197">vitest-dev/vitest#8197</a>
<a href="https://github.com/vitest-dev/vitest/commit/dc8486d22"><!-- raw
HTML omitted -->(dc848)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated internal helpers and environment exports  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8198">vitest-dev/vitest#8198</a>
<a href="https://github.com/vitest-dev/vitest/commit/4703cf850"><!-- raw
HTML omitted -->(4703c)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated typecheck and runner types  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8199">vitest-dev/vitest#8199</a>
<a href="https://github.com/vitest-dev/vitest/commit/89a1cb626"><!-- raw
HTML omitted -->(89a1c)<!-- raw HTML omitted --></a></li>
<li>Remove Node types from the main entry point, use
<code>vitest/node</code> instead  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8200">vitest-dev/vitest#8200</a>
<a href="https://github.com/vitest-dev/vitest/commit/1e60c4f44"><!-- raw
HTML omitted -->(1e60c)<!-- raw HTML omitted --></a></li>
<li>Remove support for Vite 5  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8202">vitest-dev/vitest#8202</a>
<a href="https://github.com/vitest-dev/vitest/commit/cb8b03bac"><!-- raw
HTML omitted -->(cb8b0)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated types  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8203">vitest-dev/vitest#8203</a>
<a href="https://github.com/vitest-dev/vitest/commit/66bee836f"><!-- raw
HTML omitted -->(66bee)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated environmentMatchGlobs and poolMatchGlobs  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8205">vitest-dev/vitest#8205</a>
<a href="https://github.com/vitest-dev/vitest/commit/be11d374c"><!-- raw
HTML omitted -->(be11d)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated <code>workspace</code> option in favor of
<code>projects</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8218">vitest-dev/vitest#8218</a>
<a href="https://github.com/vitest-dev/vitest/commit/76fb75d42"><!-- raw
HTML omitted -->(76fb7)<!-- raw HTML omitted --></a></li>
<li>Ignore <code>--standalone</code> when CLI filename filter is used
 -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8262">vitest-dev/vitest#8262</a>
<a href="https://github.com/vitest-dev/vitest/commit/013bf2cb2"><!-- raw
HTML omitted -->(013bf)<!-- raw HTML omitted --></a></li>
<li>Use module-runner instead of vite-node  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> and
<a href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8208">vitest-dev/vitest#8208</a>
<a href="https://github.com/vitest-dev/vitest/commit/9be01ba59"><!-- raw
HTML omitted -->(9be01)<!-- raw HTML omitted --></a></li>
<li>Rewrite spying implementation to make module mocking more intuitive
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8363">vitest-dev/vitest#8363</a>
<a href="https://github.com/vitest-dev/vitest/commit/9e412de35"><!-- raw
HTML omitted -->(9e412)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated APIs  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8428">vitest-dev/vitest#8428</a>
<a href="https://github.com/vitest-dev/vitest/commit/a1cb9719a"><!-- raw
HTML omitted -->(a1cb9)<!-- raw HTML omitted --></a></li>
<li>Remove <code>minWorkers</code> and set it automatically to 0 in non
watch mode  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8454">vitest-dev/vitest#8454</a>
<a href="https://github.com/vitest-dev/vitest/commit/2c2d1d4ce"><!-- raw
HTML omitted -->(2c2d1)<!-- raw HTML omitted --></a></li>
<li>Verbose reporter prints tests in a list, introduce <code>tree</code>
reporter  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> and
<a href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8500">vitest-dev/vitest#8500</a>
<a href="https://github.com/vitest-dev/vitest/commit/25fd32bf0"><!-- raw
HTML omitted -->(25fd3)<!-- raw HTML omitted --></a></li>
<li>Include shadow root contents in pretty-format output  -  by <a
href="https://github.com/wkillerud"><code>@​wkillerud</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8545">vitest-dev/vitest#8545</a>
<a href="https://github.com/vitest-dev/vitest/commit/9e722834a"><!-- raw
HTML omitted -->(9e722)<!-- raw HTML omitted --></a></li>
<li>Remove deprecated order from test() API  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8594">vitest-dev/vitest#8594</a>
<a href="https://github.com/vitest-dev/vitest/commit/4d41928c6"><!-- raw
HTML omitted -->(4d419)<!-- raw HTML omitted --></a></li>
<li>Rewrite pools without <code>tinypool</code>  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> and
<a href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8705">vitest-dev/vitest#8705</a>
<a href="https://github.com/vitest-dev/vitest/commit/4822d047a"><!-- raw
HTML omitted -->(4822d)<!-- raw HTML omitted --></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="07bc56a7a8"><code>07bc56a</code></a>
chore: release v4.0.2</li>
<li><a
href="2eedbce768"><code>2eedbce</code></a>
fix(spy): reset spies if both <code>restoreMocks</code> and
<code>mockReset</code> is set in the co...</li>
<li><a
href="26ce88db68"><code>26ce88d</code></a>
fix(pool): assign envs before running tests to keep in sync with
process.env ...</li>
<li><a
href="4a28faa677"><code>4a28faa</code></a>
chore: release v4.0.1</li>
<li><a
href="3fae73e2e1"><code>3fae73e</code></a>
fix(pool): don't teardown the communication channel too soon if
something is ...</li>
<li><a
href="81000631df"><code>8100063</code></a>
fix: move the <code>getBuiltins</code> check (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8765">#8765</a>)</li>
<li><a
href="da7ce1712f"><code>da7ce17</code></a>
chore: release v4.0.0</li>
<li><a
href="8e15bc8f97"><code>8e15bc8</code></a>
perf: create only one fetcher per project (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8762">#8762</a>)</li>
<li><a
href="9f0ecccb8b"><code>9f0eccc</code></a>
fix: <code>base</code> option doesn't crash vitest (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8760">#8760</a>)</li>
<li><a
href="d3ef4f29c1"><code>d3ef4f2</code></a>
perf(pool): resolve all environments first (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8759">#8759</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitest-dev/vitest/commits/v4.0.2/packages/vitest">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for vitest since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vitest&package-manager=npm_and_yarn&previous-version=3.2.4&new-version=4.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-29 13:19:07 +00:00
dependabot[bot]
45d0f06e60 chore(deps): Bump github/codeql-action from 4.30.9 to 4.31.0 (#1477) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.30.9 to 4.31.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.31.0</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.0 - 24 Oct 2025</h2>
<ul>
<li>Bump minimum CodeQL bundle version to 2.17.6. <a
href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li>
<li>When SARIF files are uploaded by the <code>analyze</code> or
<code>upload-sarif</code> actions, the CodeQL Action automatically
performs post-processing steps to prepare the data for the upload.
Previously, these post-processing steps were only performed before an
upload took place. We are now changing this so that the post-processing
steps will always be performed, even when the SARIF files are not
uploaded. This does not change anything for the
<code>upload-sarif</code> action. For <code>analyze</code>, this may
affect Advanced Setup for CodeQL users who specify a value other than
<code>always</code> for the <code>upload</code> input. <a
href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.0/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.31.0 - 24 Oct 2025</h2>
<ul>
<li>Bump minimum CodeQL bundle version to 2.17.6. <a
href="https://redirect.github.com/github/codeql-action/pull/3223">#3223</a></li>
<li>When SARIF files are uploaded by the <code>analyze</code> or
<code>upload-sarif</code> actions, the CodeQL Action automatically
performs post-processing steps to prepare the data for the upload.
Previously, these post-processing steps were only performed before an
upload took place. We are now changing this so that the post-processing
steps will always be performed, even when the SARIF files are not
uploaded. This does not change anything for the
<code>upload-sarif</code> action. For <code>analyze</code>, this may
affect Advanced Setup for CodeQL users who specify a value other than
<code>always</code> for the <code>upload</code> input. <a
href="https://redirect.github.com/github/codeql-action/pull/3222">#3222</a></li>
</ul>
<h2>4.30.9 - 17 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.3. <a
href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li>
<li>Experimental: A new <code>setup-codeql</code> action has been added
which is similar to <code>init</code>, except it only installs the
CodeQL CLI and does not initialize a database. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li>
</ul>
<h2>4.30.8 - 10 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.30.7 - 06 Oct 2025</h2>
<ul>
<li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a
href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li>
</ul>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<h2>3.30.3 - 10 Sep 2025</h2>
<p>No user facing changes.</p>
<h2>3.30.2 - 09 Sep 2025</h2>
<ul>
<li>Fixed a bug which could cause language autodetection to fail. <a
href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li>
<li>Experimental: The <code>quality-queries</code> input that was added
in <code>3.29.2</code> as part of an internal experiment is now
deprecated and will be removed in an upcoming version of the CodeQL
Action. It has been superseded by a new <code>analysis-kinds</code>
input, which is part of the same internal experiment. Do not use this in
production as it is subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4e94bd11f7"><code>4e94bd1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3235">#3235</a>
from github/update-v4.31.0-1d36546c1</li>
<li><a
href="8f11182164"><code>8f11182</code></a>
Update changelog for v4.31.0</li>
<li><a
href="1d36546c14"><code>1d36546</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3234">#3234</a>
from github/mbg/changelog/post-processing</li>
<li><a
href="08ada26e6a"><code>08ada26</code></a>
Add changelog entry for post-processing change</li>
<li><a
href="b843cbeed0"><code>b843cbe</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3233">#3233</a>
from github/mbg/getOptionalEnvVar</li>
<li><a
href="1ecd563919"><code>1ecd563</code></a>
Use <code>getOptionalEnvVar</code> in
<code>writePostProcessedFiles</code></li>
<li><a
href="e576807920"><code>e576807</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3223">#3223</a>
from github/henrymercer/bump-minimum</li>
<li><a
href="ad35676669"><code>ad35676</code></a>
Add <code>getOptionalEnvVar</code> function</li>
<li><a
href="d75645b13f"><code>d75645b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3222">#3222</a>
from github/mbg/upload-lib/post-process</li>
<li><a
href="710606cc35"><code>710606c</code></a>
Check that <code>outputPath</code> is non-empty</li>
<li>Additional commits viewable in <a
href="16140ae1a1...4e94bd11f7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.30.9&new-version=4.31.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-28 13:27:58 +00:00
dependabot[bot]
1636fa11e5 chore(deps-dev): Bump eslint-plugin-react-hooks from 7.0.0 to 7.0.1 (#1475) 
Bumps
[eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks)
from 7.0.0 to 7.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's
changelog</a>.</em></p>
<blockquote>
<h2>7.0.1</h2>
<ul>
<li>Disallowed passing inline <code>useEffectEvent</code> values as JSX
props to guard against accidental propagation. (<a
href="https://redirect.github.com/facebook/react/pull/34820">#34820</a>
by <a
href="https://github.com/jf-eirinha"><code>@​jf-eirinha</code></a>)</li>
<li>Switch to <code>export =</code> so eslint-plugin-react-hooks emits
correct types for consumers in Node16 ESM projects. (<a
href="https://redirect.github.com/facebook/react/pull/34949">#34949</a>
by <a
href="https://github.com/karlhorky"><code>@​karlhorky</code></a>)</li>
<li>Tightened the typing of <code>configs.flat</code> so the
<code>configs</code> export is always defined. (<a
href="https://redirect.github.com/facebook/react/pull/34950">#34950</a>
by <a href="https://github.com/poteto"><code>@​poteto</code></a>)</li>
<li>Fix named import runtime errors. (<a
href="https://redirect.github.com/facebook/react/pull/34951">#34951</a>,
<a
href="https://redirect.github.com/facebook/react/pull/34953">#34953</a>
by <a
href="https://github.com/karlhorky"><code>@​karlhorky</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/HEAD/packages/eslint-plugin-react-hooks">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint-plugin-react-hooks&package-manager=npm_and_yarn&previous-version=7.0.0&new-version=7.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-28 13:20:23 +00:00
dependabot[bot]
c59bf4cc7d chore(deps): Bump @codemirror/lint from 6.9.0 to 6.9.1 (#1471) 
Bumps [@codemirror/lint](https://github.com/codemirror/lint) from 6.9.0
to 6.9.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/lint/blob/main/CHANGELOG.md"><code>@​codemirror/lint</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.9.1 (2025-10-23)</h2>
<h3>Bug fixes</h3>
<p>Properly display diagnostics that just cover multiple newlines as
widgets.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="818aedfef7"><code>818aedf</code></a>
Mark version 6.9.1</li>
<li><a
href="66732d258c"><code>66732d2</code></a>
Improve logic for when to show a decoration as a widget</li>
<li>See full diff in <a
href="https://github.com/codemirror/lint/compare/6.9.0...6.9.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/lint&package-manager=npm_and_yarn&previous-version=6.9.0&new-version=6.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-27 14:43:22 +00:00
dependabot[bot]
5de71d0bec chore(deps-dev): Bump vite from 7.1.10 to 7.1.12 (#1468) 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 7.1.10 to 7.1.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.12</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.1.12/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v7.1.11</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.1.11/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v7.1.12/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.1.11...v7.1.12">7.1.12</a>
(2025-10-23)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> downgrade commonjs plugin to 28.0.6 to avoid
rollup/plugins<a
href="https://redirect.github.com/vitejs/vite/issues/1909">#1909</a> (<a
href="https://redirect.github.com/vitejs/vite/issues/20990">#20990</a>)
(<a
href="56fd7224aa">56fd722</a>)</li>
</ul>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.1.10...v7.1.11">7.1.11</a>
(2025-10-20)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>dev:</strong> trim trailing slash before
<code>server.fs.deny</code> check (<a
href="https://redirect.github.com/vitejs/vite/issues/20968">#20968</a>)
(<a
href="f479cc57c4">f479cc5</a>)</li>
</ul>
<h3>Miscellaneous Chores</h3>
<ul>
<li><strong>deps:</strong> update all non-major dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/20966">#20966</a>)
(<a
href="6fb41a260b">6fb41a2</a>)</li>
</ul>
<h3>Code Refactoring</h3>
<ul>
<li>use subpath imports for types module reference (<a
href="https://redirect.github.com/vitejs/vite/issues/20921">#20921</a>)
(<a
href="d0094af639">d0094af</a>)</li>
</ul>
<h3>Build System</h3>
<ul>
<li>remove cjs reference in files field (<a
href="https://redirect.github.com/vitejs/vite/issues/20945">#20945</a>)
(<a
href="ef411cee26">ef411ce</a>)</li>
<li>remove hash from built filenames (<a
href="https://redirect.github.com/vitejs/vite/issues/20946">#20946</a>)
(<a
href="a81730754d">a817307</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2436afef04"><code>2436afe</code></a>
release: v7.1.12</li>
<li><a
href="56fd7224aa"><code>56fd722</code></a>
fix(deps): downgrade commonjs plugin to 28.0.6 to avoid <a
href="https://redirect.github.com/rollup/plugins/issues/1909">rollup/plugins#1909</a>
(...</li>
<li><a
href="8b69c9e32c"><code>8b69c9e</code></a>
release: v7.1.11</li>
<li><a
href="f479cc57c4"><code>f479cc5</code></a>
fix(dev): trim trailing slash before <code>server.fs.deny</code> check
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20968">#20968</a>)</li>
<li><a
href="6fb41a260b"><code>6fb41a2</code></a>
chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20966">#20966</a>)</li>
<li><a
href="a81730754d"><code>a817307</code></a>
build: remove hash from built filenames (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20946">#20946</a>)</li>
<li><a
href="ef411cee26"><code>ef411ce</code></a>
build: remove cjs reference in files field (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20945">#20945</a>)</li>
<li><a
href="d0094af639"><code>d0094af</code></a>
refactor: use subpath imports for types module reference (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20921">#20921</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v7.1.12/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=7.1.10&new-version=7.1.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-27 14:15:38 +00:00
dependabot[bot]
0804773551 chore(deps): Bump react-i18next from 16.0.0 to 16.2.0 (#1467) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
16.0.0 to 16.2.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h3>16.2.0</h3>
<ul>
<li>try to address: useTranslation hook violates React's rules of hooks
by conditionally calling inner hooks <a
href="https://redirect.github.com/i18next/react-i18next/issues/1863">1863</a></li>
</ul>
<h3>16.1.6</h3>
<ul>
<li>fix: fix: handle spread props for inner components in Trans (icu) <a
href="https://redirect.github.com/i18next/react-i18next/pull/1877">1877</a></li>
</ul>
<h3>16.1.5</h3>
<ul>
<li>fix: Incosistent behaviour of Trans and t. Trans set defaultValue
when t call doesn't set the field. <a
href="https://redirect.github.com/i18next/react-i18next/issues/1876">1876</a></li>
<li>Trans: use also defaultValue via tOptions as fallback</li>
</ul>
<h3>16.1.4</h3>
<ul>
<li>fix: detect pre-transformation use of interpolation like
number/date/etc. <a
href="https://redirect.github.com/i18next/react-i18next/pull/1875">1875</a></li>
</ul>
<h3>16.1.3</h3>
<ul>
<li>fix: ensure invalid identifiers are quoted in the props object <a
href="https://redirect.github.com/i18next/react-i18next/pull/1874">1874</a></li>
</ul>
<h3>16.1.2</h3>
<ul>
<li>missing.js extensions for Icu imports</li>
</ul>
<h3>16.1.1</h3>
<ul>
<li>exports for <code>IcuTrans</code> component <a
href="https://redirect.github.com/i18next/react-i18next/pull/1873">1873</a></li>
</ul>
<h3>16.1.0</h3>
<ul>
<li>Introduce <code>IcuTrans</code> component <a
href="https://redirect.github.com/i18next/react-i18next/issues/1869">1869</a></li>
</ul>
<h3>16.0.1</h3>
<ul>
<li>fix: Using <!-- raw HTML omitted --> component with named tags
throws error when Selector API is enabled <a
href="https://redirect.github.com/i18next/react-i18next/issues/1867">1867</a>
with <a
href="https://redirect.github.com/i18next/react-i18next/pull/1868">1868</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aa66a897a3"><code>aa66a89</code></a>
16.2.0</li>
<li><a
href="a080c76bb5"><code>a080c76</code></a>
address <a
href="https://redirect.github.com/i18next/react-i18next/issues/1863">#1863</a>
with Option 2</li>
<li><a
href="0c33e69f98"><code>0c33e69</code></a>
Merge branch 'try-fix-react-violation-2'</li>
<li><a
href="3bf5c853a4"><code>3bf5c85</code></a>
use use-sync-external-store shim for useSyncExternalStore</li>
<li><a
href="4dab58cfb8"><code>4dab58c</code></a>
16.1.6</li>
<li><a
href="d692624d2b"><code>d692624</code></a>
release</li>
<li><a
href="94278a712b"><code>94278a7</code></a>
fix: handle spread props for inner components in Trans (<a
href="https://redirect.github.com/i18next/react-i18next/issues/1869">#1869</a>)
(<a
href="https://redirect.github.com/i18next/react-i18next/issues/1877">#1877</a>)</li>
<li><a
href="a5287b5be6"><code>a5287b5</code></a>
16.1.5</li>
<li><a
href="f22d478718"><code>f22d478</code></a>
try to address <a
href="https://redirect.github.com/i18next/react-i18next/issues/1876">#1876</a>
and use also defaultValue via tOptions as fallback</li>
<li><a
href="619fa599d6"><code>619fa59</code></a>
16.1.4</li>
<li>Additional commits viewable in <a
href="https://github.com/i18next/react-i18next/compare/v16.0.0...v16.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=16.0.0&new-version=16.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-27 14:10:57 +00:00
dependabot[bot]
2766235948 chore(deps-dev): Bump cypress from 15.3.0 to 15.5.0 (#1461) 
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.3.0 to
15.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/cypress/releases">cypress's
releases</a>.</em></p>
<blockquote>
<h2>v15.5.0</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-5-0">https://docs.cypress.io/app/references/changelog#15-5-0</a></p>
<h2>v15.4.0</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-4-0">https://docs.cypress.io/app/references/changelog#15-4-0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6cb686e9b0"><code>6cb686e</code></a>
chore: revert try blobless checkout method (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32738">#32738</a>)
(<a
href="https://redirect.github.com/cypress-io/cypress/issues/32765">#32765</a>)</li>
<li><a
href="fdb3701426"><code>fdb3701</code></a>
chore: bump cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32759">#32759</a>)</li>
<li><a
href="5f756c4c1c"><code>5f756c4</code></a>
chore: release 15.5.0 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32756">#32756</a>)</li>
<li><a
href="c9e8d59d8a"><code>c9e8d59</code></a>
misc: update code button style for prompt (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32745">#32745</a>)</li>
<li><a
href="3f4516793d"><code>3f45167</code></a>
chore(deps): update dependency <code>@​antfu/utils</code> to ^0.7.10 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32744">#32744</a>)</li>
<li><a
href="f7b8a0e1b5"><code>f7b8a0e</code></a>
chore: Update Chrome (stable) to 141.0.7390.107 and Chrome (beta) to
142.0.74...</li>
<li><a
href="20296023b2"><code>2029602</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32751">#32751</a>)</li>
<li><a
href="95209576e5"><code>9520957</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32750">#32750</a>)</li>
<li><a
href="b4eff93f01"><code>b4eff93</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32749">#32749</a>)</li>
<li><a
href="dc607c5cb9"><code>dc607c5</code></a>
chore: test against Node.js 25 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/32737">#32737</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.3.0...v15.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.3.0&new-version=15.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-24 13:36:25 +00:00
dependabot[bot]
0a2eb99fd1 chore(deps-dev): Bump eslint from 9.37.0 to 9.38.0 (#1460) 
Bumps [eslint](https://github.com/eslint/eslint) from 9.37.0 to 9.38.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v9.38.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="ce40f74efd"><code>ce40f74</code></a>
feat: update <code>complexity</code> rule to only highlight function
header (<a
href="https://redirect.github.com/eslint/eslint/issues/20048">#20048</a>)
(Atul Nair)</li>
<li><a
href="e37e590aae"><code>e37e590</code></a>
feat: correct <code>no-loss-of-precision</code> false positives with
<code>e</code> notation (<a
href="https://redirect.github.com/eslint/eslint/issues/20187">#20187</a>)
(Francesco Trotta)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="50c3dfd980"><code>50c3dfd</code></a>
fix: improve type support for isolated dependencies in pnpm (<a
href="https://redirect.github.com/eslint/eslint/issues/20201">#20201</a>)
(Francesco Trotta)</li>
<li><a
href="a1f06a350c"><code>a1f06a3</code></a>
fix: correct SourceCode typings (<a
href="https://redirect.github.com/eslint/eslint/issues/20114">#20114</a>)
(Pixel998)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="462675af8a"><code>462675a</code></a>
docs: improve web accessibility by hiding non-semantic character (<a
href="https://redirect.github.com/eslint/eslint/issues/20205">#20205</a>)
(루밀LuMir)</li>
<li><a
href="c070e65f6b"><code>c070e65</code></a>
docs: correct formatting in <code>no-irregular-whitespace</code> rule
documentation (<a
href="https://redirect.github.com/eslint/eslint/issues/20203">#20203</a>)
(루밀LuMir)</li>
<li><a
href="b39e71a213"><code>b39e71a</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="cd39983148"><code>cd39983</code></a>
docs: move <code>custom-formatters</code> type descriptions to
<code>nodejs-api</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20190">#20190</a>)
(Percy Ma)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="d17c795bf1"><code>d17c795</code></a>
chore: upgrade <code>@​eslint/js</code><a
href="https://github.com/9"><code>@​9</code></a>.38.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20221">#20221</a>)
(Milos Djermanovic)</li>
<li><a
href="25d0e33270"><code>25d0e33</code></a>
chore: package.json update for <code>@​eslint/js</code> release
(Jenkins)</li>
<li><a
href="c82b5efa1f"><code>c82b5ef</code></a>
refactor: Use types from <code>@​eslint/core</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20168">#20168</a>)
(Nicholas C. Zakas)</li>
<li><a
href="ff31609f19"><code>ff31609</code></a>
ci: add Node.js 25 to <code>ci.yml</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20220">#20220</a>)
(루밀LuMir)</li>
<li><a
href="004577eda2"><code>004577e</code></a>
ci: bump github/codeql-action from 3 to 4 (<a
href="https://redirect.github.com/eslint/eslint/issues/20211">#20211</a>)
(dependabot[bot])</li>
<li><a
href="eac71fb771"><code>eac71fb</code></a>
test: remove use of <code>nodejsScope</code> option of eslint-scope from
tests (<a
href="https://redirect.github.com/eslint/eslint/issues/20206">#20206</a>)
(Milos Djermanovic)</li>
<li><a
href="4168a18b7e"><code>4168a18</code></a>
chore: fix typo in legacy-eslint.js (<a
href="https://redirect.github.com/eslint/eslint/issues/20202">#20202</a>)
(Sweta Tanwar)</li>
<li><a
href="205dbd2d92"><code>205dbd2</code></a>
chore: fix typos (<a
href="https://redirect.github.com/eslint/eslint/issues/20200">#20200</a>)
(ntnyq)</li>
<li><a
href="dbb200e360"><code>dbb200e</code></a>
chore: use team member's username when name is not available in data (<a
href="https://redirect.github.com/eslint/eslint/issues/20194">#20194</a>)
(Milos Djermanovic)</li>
<li><a
href="8962089edb"><code>8962089</code></a>
chore: mark deprecated rules as available until v11.0.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20184">#20184</a>)
(Pixel998)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8fe511b4c0"><code>8fe511b</code></a>
9.38.0</li>
<li><a
href="f961736693"><code>f961736</code></a>
Build: changelog update for 9.38.0</li>
<li><a
href="d17c795bf1"><code>d17c795</code></a>
chore: upgrade <code>@​eslint/js</code><a
href="https://github.com/9"><code>@​9</code></a>.38.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20221">#20221</a>)</li>
<li><a
href="25d0e33270"><code>25d0e33</code></a>
chore: package.json update for <code>@​eslint/js</code> release</li>
<li><a
href="50c3dfd980"><code>50c3dfd</code></a>
fix: improve type support for isolated dependencies in pnpm (<a
href="https://redirect.github.com/eslint/eslint/issues/20201">#20201</a>)</li>
<li><a
href="c82b5efa1f"><code>c82b5ef</code></a>
refactor: Use types from <code>@​eslint/core</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20168">#20168</a>)</li>
<li><a
href="ff31609f19"><code>ff31609</code></a>
ci: add Node.js 25 to <code>ci.yml</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20220">#20220</a>)</li>
<li><a
href="ce40f74efd"><code>ce40f74</code></a>
feat: update <code>complexity</code> rule to only highlight function
header (<a
href="https://redirect.github.com/eslint/eslint/issues/20048">#20048</a>)</li>
<li><a
href="e37e590aae"><code>e37e590</code></a>
feat: correct <code>no-loss-of-precision</code> false positives with
<code>e</code> notation (<a
href="https://redirect.github.com/eslint/eslint/issues/20187">#20187</a>)</li>
<li><a
href="004577eda2"><code>004577e</code></a>
ci: bump github/codeql-action from 3 to 4 (<a
href="https://redirect.github.com/eslint/eslint/issues/20211">#20211</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v9.37.0...v9.38.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=9.37.0&new-version=9.38.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-24 13:27:42 +00:00
dependabot[bot]
1f015629e6 chore(deps-dev): Bump typescript-eslint from 8.46.1 to 8.46.2 (#1465) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.46.1 to 8.46.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.46.2</h2>
<h2>8.46.2 (2025-10-20)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [prefer-optional-chain] skip
optional chaining when it could change the result (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11702">#11702</a>)</li>
<li><strong>typescript-estree:</strong> forbid invalid modifiers in
object methods (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11689">#11689</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>fisker Cheung <a
href="https://github.com/fisker"><code>@​fisker</code></a></li>
<li>mdm317</li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.46.2 (2025-10-20)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="55ca033ee8"><code>55ca033</code></a>
chore(release): publish 8.46.2</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.2/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.46.1&new-version=8.46.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-24 13:18:29 +00:00
dependabot[bot]
ee03f71318 chore(deps): Bump github/codeql-action from 4.30.8 to 4.30.9 (#1462) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.30.8 to 4.30.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.30.9</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.30.9 - 17 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.3. <a
href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li>
<li>Experimental: A new <code>setup-codeql</code> action has been added
which is similar to <code>init</code>, except it only installs the
CodeQL CLI and does not initialize a database. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.30.9/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.30.9 - 17 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.3. <a
href="https://redirect.github.com/github/codeql-action/pull/3205">#3205</a></li>
<li>Experimental: A new <code>setup-codeql</code> action has been added
which is similar to <code>init</code>, except it only installs the
CodeQL CLI and does not initialize a database. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3204">#3204</a></li>
</ul>
<h2>4.30.8 - 10 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.30.7 - 06 Oct 2025</h2>
<ul>
<li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a
href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li>
</ul>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<h2>3.30.3 - 10 Sep 2025</h2>
<p>No user facing changes.</p>
<h2>3.30.2 - 09 Sep 2025</h2>
<ul>
<li>Fixed a bug which could cause language autodetection to fail. <a
href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li>
<li>Experimental: The <code>quality-queries</code> input that was added
in <code>3.29.2</code> as part of an internal experiment is now
deprecated and will be removed in an upcoming version of the CodeQL
Action. It has been superseded by a new <code>analysis-kinds</code>
input, which is part of the same internal experiment. Do not use this in
production as it is subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li>
</ul>
<h2>3.30.1 - 05 Sep 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3077">#3077</a></li>
</ul>
<h2>3.30.0 - 01 Sep 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="16140ae1a1"><code>16140ae</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3213">#3213</a>
from github/update-v4.30.9-70205d3d1</li>
<li><a
href="30db5fee08"><code>30db5fe</code></a>
Update changelog for v4.30.9</li>
<li><a
href="70205d3d12"><code>70205d3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3211">#3211</a>
from github/mbg/init/starting-partial-config</li>
<li><a
href="697c209bfc"><code>697c209</code></a>
Merge remote-tracking branch 'origin/main' into
mbg/init/starting-partial-config</li>
<li><a
href="1bd53ba38c"><code>1bd53ba</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3205">#3205</a>
from github/update-bundle/codeql-bundle-v2.23.3</li>
<li><a
href="cac4df0c79"><code>cac4df0</code></a>
Rebuild</li>
<li><a
href="77e5c0d0a2"><code>77e5c0d</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.23.3</li>
<li><a
href="97a4f751be"><code>97a4f75</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3204">#3204</a>
from github/mbg/setup-codeql</li>
<li><a
href="2d5512b361"><code>2d5512b</code></a>
Merge remote-tracking branch 'origin/main' into
mbg/init/starting-partial-config</li>
<li><a
href="fa7bdf0559"><code>fa7bdf0</code></a>
Call <code>getAnalysisKinds</code> a second time, and ignore exceptions
thrown during th...</li>
<li>Additional commits viewable in <a
href="f443b600d9...16140ae1a1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.30.8&new-version=4.30.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 13:26:54 +00:00
dependabot[bot]
4d2707b6d3 chore(deps-dev): Bump eslint-plugin-react-hooks from 6.1.1 to 7.0.0 (#1440) 
Bumps
[eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks)
from 6.1.1 to 7.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's
changelog</a>.</em></p>
<blockquote>
<h2>7.0.0</h2>
<p>This release slims down presets to just 2 configurations
(<code>recommended</code> and <code>recommended-latest</code>), and all
compiler rules are enabled by default.</p>
<ul>
<li><strong>Breaking:</strong> Removed
<code>recommended-latest-legacy</code> and <code>flat/recommended</code>
configs. The plugin now provides <code>recommended</code> (legacy and
flat configs with all recommended rules), and
<code>recommended-latest</code> (legacy and flat configs with all
recommended rules plus new bleeding edge experimental compiler rules).
(<a href="https://github.com/poteto"><code>@​poteto</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/34757">#34757</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/HEAD/packages/eslint-plugin-react-hooks">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint-plugin-react-hooks&package-manager=npm_and_yarn&previous-version=6.1.1&new-version=7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-17 23:47:38 +00:00
dependabot[bot]
52b87a32cc chore(deps-dev): Bump @types/react-dom from 19.2.0 to 19.2.2 (#1448) 
Bumps
[@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom)
from 19.2.0 to 19.2.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/react-dom&package-manager=npm_and_yarn&previous-version=19.2.0&new-version=19.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-17 23:47:27 +00:00
dependabot[bot]
4b9dee5994 chore(deps): Bump @codemirror/view from 6.38.4 to 6.38.6 (#1446) 
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.38.4
to 6.38.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/view/blob/main/CHANGELOG.md"><code>@​codemirror/view</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.38.6 (2025-10-13)</h2>
<h3>Bug fixes</h3>
<p>Work around a regression in Safari 26 that causes fragments of old
selections to remain visible.</p>
<h2>6.38.5 (2025-10-07)</h2>
<h3>Bug fixes</h3>
<p>Avoid firing text changes that cover unchanged text on Android.</p>
<p>Fix an issue where the editor could, in some circumstances, insert a
stray newline when typing over a document that ended in a block
widget.</p>
<p>Work around an issue in Safari 26 that causes inappropriate scrolling
on focus in some circumstances.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="05e9b6633b"><code>05e9b66</code></a>
Mark version 6.38.6</li>
<li><a
href="10020cdac9"><code>10020cd</code></a>
Also enable selection drawing glitch workaround on desktop Safari</li>
<li><a
href="3c11a40a66"><code>3c11a40</code></a>
Mark version 6.38.5</li>
<li><a
href="b4a5a0261f"><code>b4a5a02</code></a>
Work around broken focus/preventScroll support in Safari 26</li>
<li><a
href="45268f0eb6"><code>45268f0</code></a>
Fix an edge case in DOMReader when there's a widget at the end of the
content</li>
<li><a
href="90d7ec68fd"><code>90d7ec6</code></a>
Shrink EditContext changes down to the minimum text change</li>
<li><a
href="b7bf9d592b"><code>b7bf9d5</code></a>
Handle synthetic events even during composition</li>
<li><a
href="eb004313af"><code>eb00431</code></a>
Fix indentation in applyDOMChangeInner</li>
<li>See full diff in <a
href="https://github.com/codemirror/view/compare/6.38.4...6.38.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.38.4&new-version=6.38.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-17 23:47:11 +00:00
dependabot[bot]
9a1c88a6a8 chore(deps-dev): Bump vite from 7.1.9 to 7.1.10 (#1452) 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 7.1.9 to 7.1.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.10</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.1.10/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.1.9...v7.1.10">7.1.10</a>
(2025-10-14)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>css:</strong> avoid duplicate style for server rendered
stylesheet link and client inline style during dev (<a
href="https://redirect.github.com/vitejs/vite/issues/20767">#20767</a>)
(<a
href="3a92bc79b3">3a92bc7</a>)</li>
<li><strong>css:</strong> respect emitAssets when cssCodeSplit=false (<a
href="https://redirect.github.com/vitejs/vite/issues/20883">#20883</a>)
(<a
href="d3e7eeefa9">d3e7eee</a>)</li>
<li><strong>deps:</strong> update all non-major dependencies (<a
href="879de86935">879de86</a>)</li>
<li><strong>deps:</strong> update all non-major dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/20894">#20894</a>)
(<a
href="3213f90ff0">3213f90</a>)</li>
<li><strong>dev:</strong> allow aliases starting with <code>//</code>
(<a
href="https://redirect.github.com/vitejs/vite/issues/20760">#20760</a>)
(<a
href="b95fa2aa75">b95fa2a</a>)</li>
<li><strong>dev:</strong> remove timestamp query consistently (<a
href="https://redirect.github.com/vitejs/vite/issues/20887">#20887</a>)
(<a
href="6537d15591">6537d15</a>)</li>
<li><strong>esbuild:</strong> inject esbuild helpers correctly for
esbuild 0.25.9+ (<a
href="https://redirect.github.com/vitejs/vite/issues/20906">#20906</a>)
(<a
href="446eb38632">446eb38</a>)</li>
<li>normalize path before calling <code>fileToBuiltUrl</code> (<a
href="https://redirect.github.com/vitejs/vite/issues/20898">#20898</a>)
(<a
href="73b6d243e0">73b6d24</a>)</li>
<li>preserve original sourcemap file field when combining sourcemaps (<a
href="https://redirect.github.com/vitejs/vite/issues/20926">#20926</a>)
(<a
href="c714776aa1">c714776</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>correct <code>WebSocket</code> spelling (<a
href="https://redirect.github.com/vitejs/vite/issues/20890">#20890</a>)
(<a
href="29e98dc3ef">29e98dc</a>)</li>
</ul>
<h3>Miscellaneous Chores</h3>
<ul>
<li><strong>deps:</strong> update rolldown-related dependencies (<a
href="https://redirect.github.com/vitejs/vite/issues/20923">#20923</a>)
(<a
href="a5e3b064fa">a5e3b06</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ed4a0dc913"><code>ed4a0dc</code></a>
release: v7.1.10</li>
<li><a
href="c714776aa1"><code>c714776</code></a>
fix: preserve original sourcemap file field when combining sourcemaps
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20926">#20926</a>)</li>
<li><a
href="446eb38632"><code>446eb38</code></a>
fix(esbuild): inject esbuild helpers correctly for esbuild 0.25.9+ (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20906">#20906</a>)</li>
<li><a
href="879de86935"><code>879de86</code></a>
fix(deps): update all non-major dependencies</li>
<li><a
href="a5e3b064fa"><code>a5e3b06</code></a>
chore(deps): update rolldown-related dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20923">#20923</a>)</li>
<li><a
href="3a92bc79b3"><code>3a92bc7</code></a>
fix(css): avoid duplicate style for server rendered stylesheet link and
clien...</li>
<li><a
href="73b6d243e0"><code>73b6d24</code></a>
fix: normalize path before calling <code>fileToBuiltUrl</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20898">#20898</a>)</li>
<li><a
href="b95fa2aa75"><code>b95fa2a</code></a>
fix(dev): allow aliases starting with <code>//</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20760">#20760</a>)</li>
<li><a
href="3213f90ff0"><code>3213f90</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20894">#20894</a>)</li>
<li><a
href="29e98dc3ef"><code>29e98dc</code></a>
docs: correct <code>WebSocket</code> spelling (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/20890">#20890</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v7.1.10/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=7.1.9&new-version=7.1.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-17 23:46:16 +00:00
Frank Elsinga
fe2571addb fix: remove broken max width from Expression properties (#1455) 
Before vs after should be self-explanatory what motivated me to remove
the max-width.

<img width="1353" height="762" alt="image"
src="https://github.com/user-attachments/assets/eda0ce6c-5187-4496-bc92-6f91d1aaa5ee"
/>

Resolves https://github.com/maplibre/maputnik/issues/1445

---------

Co-authored-by: Harel M <harel.mazor@gmail.com>
 2025-10-17 23:42:41 +00:00
Frank Elsinga
7e784f80f6 chore(ci): apply dependency cooldowns (#1431) 
add a cooldown to dependency updates to give the securiy communtiy a
better chance of fixing supply chain attacks
 2025-10-17 20:16:39 +00:00
dependabot[bot]
adc7e9d7d2 chore(deps): Bump maplibre-gl from 5.8.0 to 5.9.0 (#1441) 
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from
5.8.0 to 5.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/releases">maplibre-gl's
releases</a>.</em></p>
<blockquote>
<h2>v5.9.0</h2>
<p><a
href="https://github.com/maplibre/maplibre-gl-js">https://github.com/maplibre/maplibre-gl-js</a>
<a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.8.0...v5.9.0">Changes</a>
since <a
href="https://github.com/maplibre/maplibre-gl-js/releases/tag/v5.8.0">MapLibre
GL JS v5.8.0</a>:</p>
<h3> Features and improvements</h3>
<ul>
<li>Improve fading - dynamic bi-directional raster cross-fading and self
fading (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6469">#6469</a>)</li>
<li>Support for usage of line-gradient together with line-dasharray (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6487">#6487</a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Added <code>button</code> role to marker div to fix accessibility
issues with the <code>aria-label</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6435">#6435</a>)</li>
<li>Fix a crash on iOS when there are too many symbols to render (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6526">#6526</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's
changelog</a>.</em></p>
<blockquote>
<h2>5.9.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Improve fading - dynamic bi-directional raster cross-fading and self
fading (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6469">#6469</a>)</li>
<li>Support for usage of line-gradient together with line-dasharray (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/6487">#6487</a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Added <code>button</code> role to marker div to fix accessibility
issues with the <code>aria-label</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6435">#6435</a>)</li>
<li>Fix a crash on iOS when there are too many symbols to render (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6526">#6526</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="14f56b00e0"><code>14f56b0</code></a>
Bump version to 5.9.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6528">#6528</a>)</li>
<li><a
href="005384141e"><code>0053841</code></a>
Fixes the crash by limiting the overscale number to 128 on safari (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6526">#6526</a>)</li>
<li><a
href="f4ccb8cfe1"><code>f4ccb8c</code></a>
Small fixes in comments and types (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6520">#6520</a>)</li>
<li><a
href="f45b2fb6d0"><code>f45b2fb</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 24.6.2 to 24.7.0
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6523">#6523</a>)</li>
<li><a
href="5840cdf3ac"><code>5840cdf</code></a>
chore(deps-dev): bump <code>@​vitest/eslint-plugin</code> in the vitest
group (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6522">#6522</a>)</li>
<li><a
href="2cc5d78d39"><code>2cc5d78</code></a>
chore(deps-dev): bump stylelint from 16.24.0 to 16.25.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6513">#6513</a>)</li>
<li><a
href="9b61f0058d"><code>9b61f00</code></a>
Support for usage of line-gradient together with line-dasharray (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6487">#6487</a>)</li>
<li><a
href="64933f19e4"><code>64933f1</code></a>
Adding role to marker to satisfy aria-label accessibility issue (fix: <a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6435">#6435</a>)
...</li>
<li><a
href="d4fd93cb9a"><code>d4fd93c</code></a>
chore(deps-dev): bump <code>@​rollup/plugin-node-resolve</code> from
16.0.1 to 16.0.2 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6516">#6516</a>)</li>
<li><a
href="d08fc5a102"><code>d08fc5a</code></a>
Refactor source data handler (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6510">#6510</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.8.0...v5.9.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=maplibre-gl&package-manager=npm_and_yarn&previous-version=5.8.0&new-version=5.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-15 13:27:14 +00:00
dependabot[bot]
05c55e3bd0 chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.2.0 to 24.3.0 (#1454) 
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-gl-style-spec)
from 24.2.0 to 24.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-style-spec/releases"><code>@​maplibre/maplibre-gl-style-spec</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v24.3.0</h2>
<p><a
href="https://github.com/maplibre/maplibre-gl-style-spec">https://github.com/maplibre/maplibre-gl-style-spec</a>
<a
href="https://github.com/maplibre/maplibre-gl-style-spec/compare/v24.2.0...v24.3.0">Changes</a>
since <a
href="https://github.com/maplibre/maplibre-gl-style-spec/releases/tag/v24.2.0">MapLibre
Style Spec v24.2.0</a>:</p>
<h3> Features and improvements</h3>
<ul>
<li>Add optional <code>encoding</code> property to vector
<code>source</code> to allow for MapLibre Tile vector sources</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md"><code>@​maplibre/maplibre-gl-style-spec</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>24.3.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add optional <code>encoding</code> property to vector
<code>source</code> to allow for MapLibre Tile vector sources</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="81c1efe29d"><code>81c1efe</code></a>
Bump version to 24.3.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1324">#1324</a>)</li>
<li><a
href="9756faa53b"><code>9756faa</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1321">#1321</a>)</li>
<li><a
href="d74e80953b"><code>d74e809</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.45.0 to 8.46.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1323">#1323</a>)</li>
<li><a
href="0b6ad255ec"><code>0b6ad25</code></a>
build(deps-dev): bump <code>@​rollup/plugin-node-resolve</code> from
16.0.2 to 16.0.3 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1322">#1322</a>)</li>
<li><a
href="fdc0121b48"><code>fdc0121</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 60.8.2 to 61.1.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1320">#1320</a>)</li>
<li><a
href="a84cbe7964"><code>a84cbe7</code></a>
build(deps-dev): bump <code>@​types/node</code> from 24.6.2 to 24.7.2
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1318">#1318</a>)</li>
<li><a
href="5f58f916f9"><code>5f58f91</code></a>
build(deps-dev): bump semver from 7.7.2 to 7.7.3 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1319">#1319</a>)</li>
<li><a
href="dbf4b4eef6"><code>dbf4b4e</code></a>
build(deps-dev): bump <code>@​vitest/eslint-plugin</code> in the vitest
group (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1317">#1317</a>)</li>
<li><a
href="a45b1b58d8"><code>a45b1b5</code></a>
pin github deps to shas (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1315">#1315</a>)</li>
<li><a
href="126e41e57f"><code>126e41e</code></a>
apply a few easy hardenings suggested by zizmore (<a
href="https://redirect.github.com/maplibre/maplibre-gl-style-spec/issues/1316">#1316</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-style-spec/compare/v24.2.0...v24.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.2.0&new-version=24.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-15 13:18:39 +00:00
dependabot[bot]
3eecd0eaec chore(deps): Bump actions/setup-node from 5.0.0 to 6.0.0 (#1451) 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from
5.0.0 to 6.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<p><strong>Breaking Changes</strong></p>
<ul>
<li>Limit automatic caching to npm, update workflows and documentation
by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1374">actions/setup-node#1374</a></li>
</ul>
<p><strong>Dependency Upgrades</strong></p>
<ul>
<li>Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes
in v5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1336">#1336</a></li>
<li>Upgrade prettier from 2.8.8 to 3.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1334">#1334</a></li>
<li>Upgrade actions/publish-action from 0.3.0 to 0.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-node/pull/1362">#1362</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v5...v6.0.0">https://github.com/actions/setup-node/compare/v5...v6.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2028fbc5c2"><code>2028fbc</code></a>
Limit automatic caching to npm, update workflows and documentation (<a
href="https://redirect.github.com/actions/setup-node/issues/1374">#1374</a>)</li>
<li><a
href="13427813f7"><code>1342781</code></a>
Bump actions/publish-action from 0.3.0 to 0.4.0 (<a
href="https://redirect.github.com/actions/setup-node/issues/1362">#1362</a>)</li>
<li><a
href="89d709d423"><code>89d709d</code></a>
Bump prettier from 2.8.8 to 3.6.2 (<a
href="https://redirect.github.com/actions/setup-node/issues/1334">#1334</a>)</li>
<li><a
href="cd2651c462"><code>cd2651c</code></a>
Bump ts-jest from 29.1.2 to 29.4.1 (<a
href="https://redirect.github.com/actions/setup-node/issues/1336">#1336</a>)</li>
<li>See full diff in <a
href="a0853c2454...2028fbc5c2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=5.0.0&new-version=6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-14 13:24:06 +00:00
dependabot[bot]
c1514ef270 chore(deps-dev): Bump typescript-eslint from 8.45.0 to 8.46.1 (#1449) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.45.0 to 8.46.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.46.1</h2>
<h2>8.46.1 (2025-10-13)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>ast-spec:</strong> cleanup <code>TSLiteralType</code> (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11624">#11624</a>)</li>
<li><strong>eslint-plugin:</strong> [prefer-optional-chain] include
mixed &quot;nullish comparison style&quot; chains in checks (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11533">#11533</a>)</li>
<li><strong>eslint-plugin:</strong> [no-misused-promises] special-case
<code>.finally</code> not to report when a promise returning function is
provided as an argument (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11667">#11667</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Abraham Guo</li>
<li>mdm317</li>
<li>Ronen Amiel</li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
<h2>v8.46.0</h2>
<h2>8.46.0 (2025-10-06)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unsafe-member-access] add
allowOptionalChaining option (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11659">#11659</a>)</li>
<li><strong>eslint-plugin-internal:</strong> [no-dynamic-tests] new
internal Lint rule to ban dynamic syntax in generating tests (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11323">#11323</a>)</li>
<li><strong>rule-schema-to-typescript-types:</strong> clean up and make
public (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11633">#11633</a>)</li>
<li><strong>typescript-eslint:</strong> export util types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10848">#10848</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10849">#10849</a>)</li>
<li><strong>typescript-estree:</strong> mention file specifics in
project service allowDefaultProject error (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11635">#11635</a>)</li>
<li><strong>typescript-estree:</strong> private identifiers can only
appear on LHS of in expressions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/9232">#9232</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-floating-promises] remove excess
parentheses in suggestions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11487">#11487</a>)</li>
<li><strong>eslint-plugin:</strong> [unbound-method] improve wording
around <code>this: void</code> and binding (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11634">#11634</a>)</li>
<li><strong>eslint-plugin:</strong> [no-deprecated] ignore deprecated
<code>export import</code>s (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11603">#11603</a>)</li>
<li><strong>eslint-plugin:</strong> removed error type previously
deprecated (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11674">#11674</a>)</li>
<li><strong>eslint-plugin:</strong> [prefer-readonly-parameter-types]
ignore tagged primitives (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11660">#11660</a>)</li>
<li><strong>rule-tester:</strong> deprecate TestCaseError#type and
LintMessage#nodeType (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11628">#11628</a>)</li>
<li><strong>typescript-estree:</strong> forbid <code>abstract</code>
modifier in object methods (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11656">#11656</a>)</li>
<li><strong>typescript-estree:</strong> forbid abstract method and
accessor to have implementation (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11657">#11657</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>fisker Cheung <a
href="https://github.com/fisker"><code>@​fisker</code></a></li>
<li>Josh Goldberg </li>
<li>Joshua Chen</li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>Mark de Dios <a
href="https://github.com/peanutenthusiast"><code>@​peanutenthusiast</code></a></li>
<li>Mister-Hope <a
href="https://github.com/Mister-Hope"><code>@​Mister-Hope</code></a></li>
<li>Richard Torres <a
href="https://github.com/richardtorres314"><code>@​richardtorres314</code></a></li>
<li>Victor Genaev <a
href="https://github.com/mainframev"><code>@​mainframev</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.46.1 (2025-10-13)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
<h2>8.46.0 (2025-10-06)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>typescript-eslint:</strong> export util types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10848">#10848</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10849">#10849</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Mister-Hope <a
href="https://github.com/Mister-Hope"><code>@​Mister-Hope</code></a></li>
</ul>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3f5fbf698e"><code>3f5fbf6</code></a>
chore(release): publish 8.46.1</li>
<li><a
href="aec785e33d"><code>aec785e</code></a>
chore(release): publish 8.46.0</li>
<li><a
href="5c1a1592cc"><code>5c1a159</code></a>
feat(typescript-eslint): export util types (close <a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/10848">#10848</a>)
(<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/10849">#10849</a>)</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.46.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.45.0&new-version=8.46.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-14 13:18:29 +00:00
dependabot[bot]
1340e0d78f chore(deps): Bump github/codeql-action from 4.30.7 to 4.30.8 (#1447) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.30.7 to 4.30.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.30.8</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.30.8 - 10 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.30.8/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.30.8 - 10 Oct 2025</h2>
<p>No user facing changes.</p>
<h2>4.30.7 - 06 Oct 2025</h2>
<ul>
<li>[v4+ only] The CodeQL Action now runs on Node.js v24. <a
href="https://redirect.github.com/github/codeql-action/pull/3169">#3169</a></li>
</ul>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<h2>3.30.3 - 10 Sep 2025</h2>
<p>No user facing changes.</p>
<h2>3.30.2 - 09 Sep 2025</h2>
<ul>
<li>Fixed a bug which could cause language autodetection to fail. <a
href="https://redirect.github.com/github/codeql-action/pull/3084">#3084</a></li>
<li>Experimental: The <code>quality-queries</code> input that was added
in <code>3.29.2</code> as part of an internal experiment is now
deprecated and will be removed in an upcoming version of the CodeQL
Action. It has been superseded by a new <code>analysis-kinds</code>
input, which is part of the same internal experiment. Do not use this in
production as it is subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3064">#3064</a></li>
</ul>
<h2>3.30.1 - 05 Sep 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3077">#3077</a></li>
</ul>
<h2>3.30.0 - 01 Sep 2025</h2>
<ul>
<li>Reduce the size of the CodeQL Action, speeding up workflows by
approximately 4 seconds. <a
href="https://redirect.github.com/github/codeql-action/pull/3054">#3054</a></li>
</ul>
<h2>3.29.11 - 21 Aug 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f443b600d9"><code>f443b60</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3198">#3198</a>
from github/update-v4.30.8-527f0f324</li>
<li><a
href="7a2cb623ed"><code>7a2cb62</code></a>
Update changelog for v4.30.8</li>
<li><a
href="527f0f324a"><code>527f0f3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3195">#3195</a>
from github/dependabot/npm_and_yarn/npm-minor-37415c...</li>
<li><a
href="f402506f0f"><code>f402506</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3196">#3196</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="f5e53f9476"><code>f5e53f9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3197">#3197</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="4e90a42a3e"><code>4e90a42</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3193">#3193</a>
from github/mbg/ff/tools-toolcache</li>
<li><a
href="413a4a4df1"><code>413a4a4</code></a>
Rebuild</li>
<li><a
href="452186448a"><code>4521864</code></a>
Bump github/codeql-action from 3 to 4 in /.github/workflows</li>
<li><a
href="eadf14bf6e"><code>eadf14b</code></a>
Bump ruby/setup-ruby</li>
<li><a
href="e1257b6fda"><code>e1257b6</code></a>
Rebuild</li>
<li>Additional commits viewable in <a
href="e296a93559...f443b600d9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.30.7&new-version=4.30.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-13 13:52:38 +00:00
Frank Elsinga
006eb89fae chore(sec): pin github deps to shas (#1444) 
## Launch Checklist

Our CI uses a few actions.
For these actions, we currently just use the mutable GitHub tag.

Since we use Dependabot to update the versions, we should use SHAs.
This makes sure that we are not affected by a certain class of supply
chain vulnerability where attackers re-publish bad tags.

Using SHAs matches GitHub recommendations and is a part of the OpenSSFs
Scorecard.


- [x] Confirm **your changes do not include backports from Mapbox
projects** (unless with compliant license) - if you are not sure about
this, please ask!
 - [ ] Add an entry to `CHANGELOG.md` under the `## main` section.
^--- not sure if you want this. Other maintenance actions don't show up
as well.
 2025-10-10 13:55:05 +00:00
Frank Elsinga
8cd5e28f3a chore(sec): remove not needed permissions (#1442) 
this PR removes a few permissions in CI where I don't think they are
needed
 2025-10-10 16:40:03 +03:00
dependabot[bot]
13ce1039ee chore(deps): Bump i18next from 25.5.3 to 25.6.0 (#1443) 
Bumps [i18next](https://github.com/i18next/i18next) from 25.5.3 to
25.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.6.0</h2>
<ul>
<li>
<p><strong>feat</strong>: <code>exists()</code> method now respects
<code>returnObjects</code> option - returns <code>false</code> when
accessing an object key with <code>returnObjects: false</code>, enabling
detection of object vs string keys <a
href="https://redirect.github.com/i18next/i18next/issues/2359">2359</a></p>
<p><strong>Note</strong>: This is a potential behavior change. If you
were previously calling <code>exists()</code> with <code>returnObjects:
false</code> on object keys, those calls will now return
<code>false</code> instead of <code>true</code>. This enables developers
to detect whether a key points to an object or string value.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.6.0</h2>
<ul>
<li>
<p><strong>feat</strong>: <code>exists()</code> method now respects
<code>returnObjects</code> option - returns <code>false</code> when
accessing an object key with <code>returnObjects: false</code>, enabling
detection of object vs string keys <a
href="https://redirect.github.com/i18next/i18next/issues/2359">2359</a></p>
<p><strong>Note</strong>: This is a potential behavior change. If you
were previously calling <code>exists()</code> with <code>returnObjects:
false</code> on object keys, those calls will now return
<code>false</code> instead of <code>true</code>. This enables developers
to detect whether a key points to an object or string value.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7484e96b0e"><code>7484e96</code></a>
25.6.0</li>
<li><a
href="bb7d062004"><code>bb7d062</code></a>
exists with returnObjects false, should address <a
href="https://redirect.github.com/i18next/i18next/issues/2359">#2359</a></li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.5.3...v25.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.5.3&new-version=25.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-10 13:16:48 +00:00
dependabot[bot]
bfbf6076b0 chore(deps): Bump github/codeql-action from 3 to 4 (#1438) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.30.7</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.7 - 06 Oct 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.7/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.6 - 02 Oct 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.2. <a
href="https://redirect.github.com/github/codeql-action/pull/3168">#3168</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.5 - 26 Sep 2025</h2>
<ul>
<li>We fixed a bug that was introduced in <code>3.30.4</code> with
<code>upload-sarif</code> which resulted in files without a
<code>.sarif</code> extension not getting uploaded. <a
href="https://redirect.github.com/github/codeql-action/pull/3160">#3160</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.30.4 - 25 Sep 2025</h2>
<ul>
<li>We have improved the CodeQL Action's ability to validate that the
workflow it is used in does not use different versions of the CodeQL
Action for different workflow steps. Mixing different versions of the
CodeQL Action in the same workflow is unsupported and can lead to
unpredictable results. A warning will now be emitted from the
<code>codeql-action/init</code> step if different versions of the CodeQL
Action are detected in the workflow file. Additionally, an error will
now be thrown by the other CodeQL Action steps if they load a
configuration file that was generated by a different version of the
<code>codeql-action/init</code> step. <a
href="https://redirect.github.com/github/codeql-action/pull/3099">#3099</a>
and <a
href="https://redirect.github.com/github/codeql-action/pull/3100">#3100</a></li>
<li>We added support for reducing the size of dependency caches for Java
analyses, which will reduce cache usage and speed up workflows. This
will be enabled automatically at a later time. <a
href="https://redirect.github.com/github/codeql-action/pull/3107">#3107</a></li>
<li>You can now run the latest CodeQL nightly bundle by passing
<code>tools: nightly</code> to the <code>init</code> action. In general,
the nightly bundle is unstable and we only recommend running it when
directed by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3130">#3130</a></li>
<li>Update default CodeQL bundle version to 2.23.1. <a
href="https://redirect.github.com/github/codeql-action/pull/3118">#3118</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.30.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.30.3</h2>
<h1>CodeQL Action Changelog</h1>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.29.4 - 23 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.3 - 21 Jul 2025</h2>
<p>No user facing changes.</p>
<h2>3.29.2 - 30 Jun 2025</h2>
<ul>
<li>Experimental: When the <code>quality-queries</code> input for the
<code>init</code> action is provided with an argument, separate
<code>.quality.sarif</code> files are produced and uploaded for each
language with the results of the specified queries. Do not use this in
production as it is part of an internal experiment and subject to change
at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li>
</ul>
<h2>3.29.1 - 27 Jun 2025</h2>
<ul>
<li>Fix bug in PR analysis where user-provided <code>include</code>
query filter fails to exclude non-included queries. <a
href="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li>
<li>Update default CodeQL bundle version to 2.22.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li>
</ul>
<h2>3.29.0 - 11 Jun 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.22.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li>
<li>Bump minimum CodeQL bundle version to 2.16.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li>
</ul>
<h2>3.28.21 - 28 July 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.20 - 21 July 2025</h2>
<ul>
<li>Remove support for combining SARIF files from a single upload for
GHES 3.18, see <a
href="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">the
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li>
</ul>
<h2>3.28.19 - 03 Jun 2025</h2>
<ul>
<li>The CodeQL Action no longer includes its own copy of the extractor
for the <code>actions</code> language, which is currently in public
preview.
The <code>actions</code> extractor has been included in the CodeQL CLI
since v2.20.6. If your workflow has enabled the <code>actions</code>
language <em>and</em> you have pinned
your <code>tools:</code> property to a specific version of the CodeQL
CLI earlier than v2.20.6, you will need to update to at least CodeQL
v2.20.6 or disable
<code>actions</code> analysis.</li>
<li>Update default CodeQL bundle version to 2.21.4. <a
href="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li>
</ul>
<h2>3.28.18 - 16 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li>
<li>Skip validating SARIF produced by CodeQL for improved performance.
<a
href="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li>
<li>The number of threads and amount of RAM used by CodeQL can now be
set via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>
runner environment variables. If set, these environment variables
override the <code>threads</code> and <code>ram</code> inputs
respectively. <a
href="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li>
</ul>
<h2>3.28.17 - 02 May 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.21.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li>
</ul>
<h2>3.28.16 - 23 Apr 2025</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="aac66ec793"><code>aac66ec</code></a>
Remove <code>update-proxy-release</code> workflow</li>
<li><a
href="91a63dc72c"><code>91a63dc</code></a>
Remove <code>undefined</code> values from results of
<code>unsafeEntriesInvariant</code></li>
<li><a
href="d25fa60a90"><code>d25fa60</code></a>
ESLint: Disable <code>no-unused-vars</code> for parameters starting with
<code>_</code></li>
<li><a
href="3adb1ff7b8"><code>3adb1ff</code></a>
Reorder supported tags in descending order</li>
<li>See full diff in <a
href="https://github.com/github/codeql-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-08 13:22:48 +00:00
dependabot[bot]
185441d6f6 chore(deps-dev): Bump @types/react from 19.2.0 to 19.2.2 (#1435) 
Bumps
[@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react)
from 19.2.0 to 19.2.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/react&package-manager=npm_and_yarn&previous-version=19.2.0&new-version=19.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-07 13:18:55 +00:00
dependabot[bot]
9de163aa91 chore(deps-dev): Bump eslint-plugin-react-hooks from 6.1.0 to 6.1.1 (#1429) 
Bumps
[eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks)
from 6.1.0 to 6.1.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's
changelog</a>.</em></p>
<blockquote>
<h2>6.1.1</h2>
<p><strong>Note:</strong> 6.1.0 accidentally allowed use of
<code>recommended</code> without flat config, causing errors when used
with ESLint v9's <code>defineConfig()</code> helper. This has been fixed
in 6.1.1.</p>
<ul>
<li>Fix <code>recommended</code> config for flat config compatibility.
The <code>recommended</code> config has been converted to flat config
format. Non-flat config users should use <code>recommended-legacy</code>
instead. (<a href="https://github.com/poteto"><code>@​poteto</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/34700">#34700</a>)</li>
<li>Add <code>recommended-latest</code> and
<code>recommended-latest-legacy</code> configs that include React
Compiler rules. (<a
href="https://github.com/poteto"><code>@​poteto</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/34675">#34675</a>)</li>
<li>Remove unused <code>NoUnusedOptOutDirectives</code> rule. (<a
href="https://github.com/poteto"><code>@​poteto</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/34703">#34703</a>)</li>
<li>Remove <code>hermes-parser</code> and dependency. (<a
href="https://github.com/poteto"><code>@​poteto</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/34719">#34719</a>)</li>
<li>Remove <code>@babel/plugin-proposal-private-methods</code>
dependency. (<a
href="https://github.com/ArnaudBarre"><code>@​ArnaudBarre</code></a> and
<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/34715">#34715</a>)</li>
<li>Update for Zod v3/v4 compatibility. (<a
href="https://github.com/kolvian"><code>@​kolian</code></a> and <a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/34717">#34717</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/HEAD/packages/eslint-plugin-react-hooks">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint-plugin-react-hooks&package-manager=npm_and_yarn&previous-version=6.1.0&new-version=6.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-07 11:57:29 +00:00
dependabot[bot]
c49e2b5bde chore(deps-dev): Bump eslint from 9.36.0 to 9.37.0 (#1428) 
Bumps [eslint](https://github.com/eslint/eslint) from 9.36.0 to 9.37.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v9.37.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="39f7fb493a"><code>39f7fb4</code></a>
feat: <code>preserve-caught-error</code> should recognize all static
&quot;cause&quot; keys (<a
href="https://redirect.github.com/eslint/eslint/issues/20163">#20163</a>)
(Pixel998)</li>
<li><a
href="f81eabc584"><code>f81eabc</code></a>
feat: support TS syntax in <code>no-restricted-imports</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/19562">#19562</a>)
(Nitin Kumar)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="a129cced7a"><code>a129cce</code></a>
fix: correct <code>no-loss-of-precision</code> false positives for
leading zeros (<a
href="https://redirect.github.com/eslint/eslint/issues/20164">#20164</a>)
(Francesco Trotta)</li>
<li><a
href="09e04fcc3f"><code>09e04fc</code></a>
fix: add missing AST token types (<a
href="https://redirect.github.com/eslint/eslint/issues/20172">#20172</a>)
(Pixel998)</li>
<li><a
href="861c6da2bd"><code>861c6da</code></a>
fix: correct <code>ESLint</code> typings (<a
href="https://redirect.github.com/eslint/eslint/issues/20122">#20122</a>)
(Pixel998)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="b950359c5f"><code>b950359</code></a>
docs: fix typos across the docs (<a
href="https://redirect.github.com/eslint/eslint/issues/20182">#20182</a>)
(루밀LuMir)</li>
<li><a
href="42498a2798"><code>42498a2</code></a>
docs: improve ToC accessibility by hiding non-semantic character (<a
href="https://redirect.github.com/eslint/eslint/issues/20181">#20181</a>)
(Percy Ma)</li>
<li><a
href="29ea092b93"><code>29ea092</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="5c97a04578"><code>5c97a04</code></a>
docs: show <code>availableUntil</code> in deprecated rule banner (<a
href="https://redirect.github.com/eslint/eslint/issues/20170">#20170</a>)
(Pixel998)</li>
<li><a
href="90a71bf502"><code>90a71bf</code></a>
docs: update <code>README</code> files to add badge and instructions (<a
href="https://redirect.github.com/eslint/eslint/issues/20115">#20115</a>)
(루밀LuMir)</li>
<li><a
href="1603ae1526"><code>1603ae1</code></a>
docs: update references from <code>master</code> to <code>main</code>
(<a
href="https://redirect.github.com/eslint/eslint/issues/20153">#20153</a>)
(루밀LuMir)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="afe8a13469"><code>afe8a13</code></a>
chore: update <code>@eslint/js</code> dependency to version 9.37.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20183">#20183</a>)
(Francesco Trotta)</li>
<li><a
href="abee4ca1fa"><code>abee4ca</code></a>
chore: package.json update for <code>@​eslint/js</code> release
(Jenkins)</li>
<li><a
href="fc9381f6ca"><code>fc9381f</code></a>
chore: fix typos in comments (<a
href="https://redirect.github.com/eslint/eslint/issues/20175">#20175</a>)
(overlookmotel)</li>
<li><a
href="e1574a22d3"><code>e1574a2</code></a>
chore: unpin jiti (<a
href="https://redirect.github.com/eslint/eslint/issues/20173">#20173</a>)
(renovate[bot])</li>
<li><a
href="e1ac05e2fa"><code>e1ac05e</code></a>
refactor: mark <code>ESLint.findConfigFile()</code> as
<code>async</code>, add missing docs (<a
href="https://redirect.github.com/eslint/eslint/issues/20157">#20157</a>)
(Pixel998)</li>
<li><a
href="347906d627"><code>347906d</code></a>
chore: update eslint (<a
href="https://redirect.github.com/eslint/eslint/issues/20149">#20149</a>)
(renovate[bot])</li>
<li><a
href="0cb5897e24"><code>0cb5897</code></a>
test: remove tmp dir created for circular fixes in multithread mode test
(<a
href="https://redirect.github.com/eslint/eslint/issues/20146">#20146</a>)
(Milos Djermanovic)</li>
<li><a
href="bb995665e3"><code>bb99566</code></a>
ci: pin <code>jiti</code> to version 2.5.1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20151">#20151</a>)
(Pixel998)</li>
<li><a
href="177f669adc"><code>177f669</code></a>
perf: improve worker count calculation for <code>&quot;auto&quot;</code>
concurrency (<a
href="https://redirect.github.com/eslint/eslint/issues/20067">#20067</a>)
(Francesco Trotta)</li>
<li><a
href="448b57bca3"><code>448b57b</code></a>
chore: Mark deprecated formatting rules as available until v11.0.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20144">#20144</a>)
(Milos Djermanovic)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d5d1bdf5fd"><code>d5d1bdf</code></a>
9.37.0</li>
<li><a
href="94865ff41c"><code>94865ff</code></a>
Build: changelog update for 9.37.0</li>
<li><a
href="afe8a13469"><code>afe8a13</code></a>
chore: update <code>@eslint/js</code> dependency to version 9.37.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20183">#20183</a>)</li>
<li><a
href="abee4ca1fa"><code>abee4ca</code></a>
chore: package.json update for <code>@​eslint/js</code> release</li>
<li><a
href="b950359c5f"><code>b950359</code></a>
docs: fix typos across the docs (<a
href="https://redirect.github.com/eslint/eslint/issues/20182">#20182</a>)</li>
<li><a
href="42498a2798"><code>42498a2</code></a>
docs: improve ToC accessibility by hiding non-semantic character (<a
href="https://redirect.github.com/eslint/eslint/issues/20181">#20181</a>)</li>
<li><a
href="fc9381f6ca"><code>fc9381f</code></a>
chore: fix typos in comments (<a
href="https://redirect.github.com/eslint/eslint/issues/20175">#20175</a>)</li>
<li><a
href="e1574a22d3"><code>e1574a2</code></a>
chore: unpin jiti (<a
href="https://redirect.github.com/eslint/eslint/issues/20173">#20173</a>)</li>
<li><a
href="29ea092b93"><code>29ea092</code></a>
docs: Update README</li>
<li><a
href="a129cced7a"><code>a129cce</code></a>
fix: correct <code>no-loss-of-precision</code> false positives for
leading zeros (<a
href="https://redirect.github.com/eslint/eslint/issues/20164">#20164</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v9.36.0...v9.37.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=9.36.0&new-version=9.37.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-07 11:49:18 +00:00
dependabot[bot]
79ff3e838a chore(deps-dev): Bump @types/wicg-file-system-access from 2023.10.6 to 2023.10.7 (#1427) 
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/wicg-file-system-access&package-manager=npm_and_yarn&previous-version=2023.10.6&new-version=2023.10.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-06 13:44:36 +00:00
Harel M
39d63ec7b1 Add code editor for maputnik (#1426) 
## Launch Checklist

This PR adds the ability to look at the entire style and edit it in a
code editor that supports syntax highlight, errors, search and more.

- Resolves #820

CC: @Kanahiro as I know you did something similar, probably has better
performance...

After:
<img width="1920" height="937" alt="image"
src="https://github.com/user-attachments/assets/f925cf92-2623-4390-8f75-14d7f6a79171"
/>


 - [x] Briefly describe the changes in this PR.
 - [x] Link to related issues.
- [x] Include before/after visuals or gifs if this PR includes visual
changes.
 - [x] Write tests for all new functionality.
 - [x] Add an entry to `CHANGELOG.md` under the `## main` section.

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Frank Elsinga <frank@elsinga.de>
 2025-10-05 16:38:03 +03:00
dependabot[bot]
454d8d8b10 chore(deps): Bump react and @types/react (#1419) 
Bumps
[react](https://github.com/facebook/react/tree/HEAD/packages/react) and
[@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react).
These dependencies needed to be updated together.
Updates `react` from 19.1.1 to 19.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">react's
releases</a>.</em></p>
<blockquote>
<h2>19.2.0 (Oct 1, 2025)</h2>
<p>Below is a list of all new features, APIs, and bug fixes.</p>
<p>Read the <a href="https://react.dev/blog/2025/10/01/react-19-2">React
19.2 release post</a> for more information.</p>
<h2>New React Features</h2>
<ul>
<li><a
href="https://react.dev/reference/react/Activity"><code>&lt;Activity&gt;</code></a>:
A new API to hide and restore the UI and internal state of its
children.</li>
<li><a
href="https://react.dev/reference/react/useEffectEvent"><code>useEffectEvent</code></a>
is a React Hook that lets you extract non-reactive logic into an <a
href="https://react.dev/learn/separating-events-from-effects#declaring-an-effect-event">Effect
Event</a>.</li>
<li><a
href="https://react.dev/reference/react/cacheSignal"><code>cacheSignal</code></a>
(for RSCs) lets your know when the <code>cache()</code> lifetime is
over.</li>
<li><a
href="https://react.dev/reference/developer-tooling/react-performance-tracks">React
Performance tracks</a> appear on the Performance panel’s timeline in
your browser developer tools</li>
</ul>
<h2>New React DOM Features</h2>
<ul>
<li>Added resume APIs for partial pre-rendering with Web Streams:
<ul>
<li><a
href="https://react.dev/reference/react-dom/server/resume"><code>resume</code></a>:
to resume a prerender to a stream.</li>
<li><a
href="https://react.dev/reference/react-dom/static/resumeAndPrerender"><code>resumeAndPrerender</code></a>:
to resume a prerender to HTML.</li>
</ul>
</li>
<li>Added resume APIs for partial pre-rendering with Node Streams:
<ul>
<li><a
href="https://react.dev/reference/react-dom/server/resumeToPipeableStream"><code>resumeToPipeableStream</code></a>:
to resume a prerender to a stream.</li>
<li><a
href="https://react.dev/reference/react-dom/static/resumeAndPrerenderToNodeStream"><code>resumeAndPrerenderToNodeStream</code></a>:
to resume a prerender to HTML.</li>
</ul>
</li>
<li>Updated <a
href="https://react.dev/reference/react-dom/static/prerender"><code>prerender</code></a>
APIs to return a <code>postponed</code> state that can be passed to the
<code>resume</code> APIs.</li>
</ul>
<h2>Notable changes</h2>
<ul>
<li>React DOM now batches suspense boundary reveals, matching the
behavior of client side rendering. This change is especially noticeable
when animating the reveal of Suspense boundaries e.g. with the upcoming
<code>&lt;ViewTransition&gt;</code> Component. React will batch as much
reveals as possible before the first paint while trying to hit popular
first-contentful paint metrics.</li>
<li>Add Node Web Streams (<code>prerender</code>,
<code>renderToReadableStream</code>) to server-side-rendering APIs for
Node.js</li>
<li>Use underscore instead of <code>:</code> IDs generated by useId</li>
</ul>
<h2>All Changes</h2>
<h3>React</h3>
<ul>
<li><code>&lt;Activity /&gt;</code> was developed over many years,
starting before <code>ClassComponent.setState</code> (<a
href="https://github.com/acdlite"><code>@​acdlite</code></a> <a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> and
many others)</li>
<li>Stringify context as &quot;SomeContext&quot; instead of
&quot;SomeContext.Provider&quot; (<a
href="https://github.com/kassens"><code>@​kassens</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33507">#33507</a>)</li>
<li>Include stack of cause of React instrumentation errors with
<code>%o</code> placeholder (<a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34198">#34198</a>)</li>
<li>Fix infinite <code>useDeferredValue</code> loop in popstate event
(<a href="https://github.com/acdlite"><code>@​acdlite</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32821">#32821</a>)</li>
<li>Fix a bug when an initial value was passed to
<code>useDeferredValue</code> (<a
href="https://github.com/acdlite"><code>@​acdlite</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34376">#34376</a>)</li>
<li>Fix a crash when submitting forms with Client Actions (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33055">#33055</a>)</li>
<li>Hide/unhide the content of dehydrated suspense boundaries if they
resuspend (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32900">#32900</a>)</li>
<li>Avoid stack overflow on wide trees during Hot Reload (<a
href="https://github.com/sophiebits"><code>@​sophiebits</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34145">#34145</a>)</li>
<li>Improve Owner and Component stacks in various places (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a>, <a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>: <a
href="https://redirect.github.com/facebook/react/pull/33629">#33629</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33724">#33724</a>,
<a
href="https://redirect.github.com/facebook/react/pull/32735">#32735</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33723">#33723</a>)</li>
<li>Add <code>cacheSignal</code> (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33557">#33557</a>)</li>
</ul>
<h3>React DOM</h3>
<ul>
<li>Block on Suspensey Fonts during reveal of server-side-rendered
content (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33342">#33342</a>)</li>
<li>Use underscore instead of <code>:</code> for IDs generated by
<code>useId</code> (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a>, <a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>: <a
href="https://redirect.github.com/facebook/react/pull/32001">#32001</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33342">facebook/react#33342</a><a
href="https://redirect.github.com/facebook/react/pull/33099">#33099</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33422">#33422</a>)</li>
<li>Stop warning when ARIA 1.3 attributes are used (<a
href="https://github.com/Abdul-Omira"><code>@​Abdul-Omira</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34264">#34264</a>)</li>
<li>Allow <code>nonce</code> to be used on hoistable styles (<a
href="https://github.com/Andarist"><code>@​Andarist</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32461">#32461</a>)</li>
<li>Warn for using a React owned node as a Container if it also has text
content (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32774">#32774</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react's
changelog</a>.</em></p>
<blockquote>
<h2>19.2.0 (October 1st, 2025)</h2>
<p>Below is a list of all new features, APIs, and bug fixes.</p>
<p>Read the <a href="https://react.dev/blog/2025/10/01/react-19-2">React
19.2 release post</a> for more information.</p>
<h3>New React Features</h3>
<ul>
<li><a
href="https://react.dev/reference/react/Activity"><code>&lt;Activity&gt;</code></a>:
A new API to hide and restore the UI and internal state of its
children.</li>
<li><a
href="https://react.dev/reference/react/useEffectEvent"><code>useEffectEvent</code></a>
is a React Hook that lets you extract non-reactive logic into an <a
href="https://react.dev/learn/separating-events-from-effects#declaring-an-effect-event">Effect
Event</a>.</li>
<li><a
href="https://react.dev/reference/react/cacheSignal"><code>cacheSignal</code></a>
(for RSCs) lets your know when the <code>cache()</code> lifetime is
over.</li>
<li><a
href="https://react.dev/reference/developer-tooling/react-performance-tracks">React
Performance tracks</a> appear on the Performance panel’s timeline in
your browser developer tools</li>
</ul>
<h3>New React DOM Features</h3>
<ul>
<li>Added resume APIs for partial pre-rendering with Web Streams:
<ul>
<li><a
href="https://react.dev/reference/react-dom/server/resume"><code>resume</code></a>:
to resume a prerender to a stream.</li>
<li><a
href="https://react.dev/reference/react-dom/static/resumeAndPrerender"><code>resumeAndPrerender</code></a>:
to resume a prerender to HTML.</li>
</ul>
</li>
<li>Added resume APIs for partial pre-rendering with Node Streams:
<ul>
<li><a
href="https://react.dev/reference/react-dom/server/resumeToPipeableStream"><code>resumeToPipeableStream</code></a>:
to resume a prerender to a stream.</li>
<li><a
href="https://react.dev/reference/react-dom/static/resumeAndPrerenderToNodeStream"><code>resumeAndPrerenderToNodeStream</code></a>:
to resume a prerender to HTML.</li>
</ul>
</li>
<li>Updated <a
href="https://react.dev/reference/react-dom/static/prerender"><code>prerender</code></a>
APIs to return a <code>postponed</code> state that can be passed to the
<code>resume</code> APIs.</li>
</ul>
<h3>Notable changes</h3>
<ul>
<li>React DOM now batches suspense boundary reveals, matching the
behavior of client side rendering. This change is especially noticeable
when animating the reveal of Suspense boundaries e.g. with the upcoming
<code>&lt;ViewTransition&gt;</code> Component. React will batch as much
reveals as possible before the first paint while trying to hit popular
first-contentful paint metrics.</li>
<li>Add Node Web Streams (<code>prerender</code>,
<code>renderToReadableStream</code>) to server-side-rendering APIs for
Node.js</li>
<li>Use underscore instead of <code>:</code> IDs generated by useId</li>
</ul>
<h3>All Changes</h3>
<h4>React</h4>
<ul>
<li><code>&lt;Activity /&gt;</code> was developed over many years,
starting before <code>ClassComponent.setState</code> (<a
href="https://github.com/acdlite"><code>@​acdlite</code></a> <a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> and
many others)</li>
<li>Stringify context as &quot;SomeContext&quot; instead of
&quot;SomeContext.Provider&quot; (<a
href="https://github.com/kassens"><code>@​kassens</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33507">#33507</a>)</li>
<li>Include stack of cause of React instrumentation errors with
<code>%o</code> placeholder (<a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34198">#34198</a>)</li>
<li>Fix infinite <code>useDeferredValue</code> loop in popstate event
(<a href="https://github.com/acdlite"><code>@​acdlite</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32821">#32821</a>)</li>
<li>Fix a bug when an initial value was passed to
<code>useDeferredValue</code> (<a
href="https://github.com/acdlite"><code>@​acdlite</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34376">#34376</a>)</li>
<li>Fix a crash when submitting forms with Client Actions (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33055">#33055</a>)</li>
<li>Hide/unhide the content of dehydrated suspense boundaries if they
resuspend (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32900">#32900</a>)</li>
<li>Avoid stack overflow on wide trees during Hot Reload (<a
href="https://github.com/sophiebits"><code>@​sophiebits</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34145">#34145</a>)</li>
<li>Improve Owner and Component stacks in various places (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a>, <a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>: <a
href="https://redirect.github.com/facebook/react/pull/33629">#33629</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33724">#33724</a>,
<a
href="https://redirect.github.com/facebook/react/pull/32735">#32735</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33723">#33723</a>)</li>
<li>Add <code>cacheSignal</code> (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33557">#33557</a>)</li>
</ul>
<h4>React DOM</h4>
<ul>
<li>Block on Suspensey Fonts during reveal of server-side-rendered
content (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a> <a
href="https://redirect.github.com/facebook/react/pull/33342">#33342</a>)</li>
<li>Use underscore instead of <code>:</code> for IDs generated by
<code>useId</code> (<a
href="https://github.com/sebmarkbage"><code>@​sebmarkbage</code></a>, <a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>: <a
href="https://redirect.github.com/facebook/react/pull/32001">#32001</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33342">facebook/react#33342</a><a
href="https://redirect.github.com/facebook/react/pull/33099">#33099</a>,
<a
href="https://redirect.github.com/facebook/react/pull/33422">#33422</a>)</li>
<li>Stop warning when ARIA 1.3 attributes are used (<a
href="https://github.com/Abdul-Omira"><code>@​Abdul-Omira</code></a> <a
href="https://redirect.github.com/facebook/react/pull/34264">#34264</a>)</li>
<li>Allow <code>nonce</code> to be used on hoistable styles (<a
href="https://github.com/Andarist"><code>@​Andarist</code></a> <a
href="https://redirect.github.com/facebook/react/pull/32461">#32461</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5667a41fe4"><code>5667a41</code></a>
Bump next prerelease version numbers (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34639">#34639</a>)</li>
<li><a
href="8bb7241f4c"><code>8bb7241</code></a>
Bump useEffectEvent to Canary (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34610">#34610</a>)</li>
<li><a
href="e3c9656d20"><code>e3c9656</code></a>
Ensure Performance Track are Clamped and Don't overlap (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34509">#34509</a>)</li>
<li><a
href="68f00c901c"><code>68f00c9</code></a>
Release Activity in Canary (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34374">#34374</a>)</li>
<li><a
href="0e10ee906e"><code>0e10ee9</code></a>
[Reconciler] Set ProfileMode for Host Root Fiber by default in dev (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34432">#34432</a>)</li>
<li><a
href="3bf8ab430e"><code>3bf8ab4</code></a>
Add missing Activity export to development mode (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34439">#34439</a>)</li>
<li><a
href="1549bda33f"><code>1549bda</code></a>
[Flight] Only assign <code>_store</code> in dev mode when creating lazy
types (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34354">#34354</a>)</li>
<li><a
href="bb6f0c8d2f"><code>bb6f0c8</code></a>
[Flight] Fix wrong missing key warning when static child is blocked (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34350">#34350</a>)</li>
<li><a
href="05addfc663"><code>05addfc</code></a>
Update Flow to 0.266 (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34271">#34271</a>)</li>
<li><a
href="ec5dd0ab3a"><code>ec5dd0a</code></a>
Update Flow to 0.257 (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/34253">#34253</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/facebook/react/commits/v19.2.0/packages/react">compare
view</a></li>
</ul>
</details>
<br />

Updates `@types/react` from 19.1.16 to 19.2.0
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarelM <harel.mazor@gmail.com>
 2025-10-05 10:11:35 +00:00
dependabot[bot]
822a2b7701 chore(deps): Bump @codemirror/lint from 6.8.5 to 6.9.0 (#1421) 
Bumps [@codemirror/lint](https://github.com/codemirror/lint) from 6.8.5
to 6.9.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/lint/blob/main/CHANGELOG.md"><code>@​codemirror/lint</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.9.0 (2025-10-02)</h2>
<h3>Bug fixes</h3>
<p>Multiple configurations to <code>linter</code> will now be merged
without raising an error.</p>
<h3>New features</h3>
<p>The new <code>markClass</code> option to actions makes it possible to
style action buttons.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="73a454b87a"><code>73a454b</code></a>
Mark version 6.9.0</li>
<li><a
href="9bc40cb6f1"><code>9bc40cb</code></a>
Add merge logic for all config options</li>
<li><a
href="4f3adcfd4e"><code>4f3adcf</code></a>
Touch up doc comment</li>
<li><a
href="50bd1188fe"><code>50bd118</code></a>
Make it possible to include a button CSS class in lint actions.</li>
<li>See full diff in <a
href="https://github.com/codemirror/lint/compare/6.8.5...6.9.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/lint&package-manager=npm_and_yarn&previous-version=6.8.5&new-version=6.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-05 09:57:56 +00:00