ashatora/editor
1
0
Fork 0
mirror of https://github.com/maputnik/editor.git synced 2026-05-21 15:37:26 +00:00
Code Issues Projects Releases Wiki Activity
2,522 Commits 5 Branches 32 Tags
a681608641f5c76bb222ad49bcf54cb399d61a4f
Commit Graph

2522 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot] a681608641 chore(deps): Bump react-i18next from 16.6.1 to 16.6.2 (#1747) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
16.6.1 to 16.6.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h3>16.6.2</h3>
<ul>
<li>feat(types): <code>useTranslation</code> now accepts selector
functions as <code>keyPrefix</code> with full type-safe key narrowing
when <code>enableSelector</code> is enabled <a
href="https://redirect.github.com/i18next/i18next/issues/2367">2367</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/react-i18next/commit/5190452b9954915a5e62dde6ed8b0ee5591fe8ac"><code>5190452</code></a>
16.6.2</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/598dd8e0d7c9bf3b20d903acbb46cfa5302f9d26"><code>598dd8e</code></a>
address: <a
href="https://redirect.github.com/i18next/i18next/issues/2367">i18next/i18next#2367</a></li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v16.6.1...v16.6.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=16.6.1&new-version=16.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 14:02:18 +00:00
dependabot[bot] f5dd1e4039 chore(deps): Bump @mapbox/mapbox-gl-rtl-text from 0.3.0 to 0.4.0 (#1748) 
Bumps
[@mapbox/mapbox-gl-rtl-text](https://github.com/mapbox/mapbox-gl-rtl-text)
from 0.3.0 to 0.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mapbox/mapbox-gl-rtl-text/releases"><code>@​mapbox/mapbox-gl-rtl-text</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v0.4.0</h2>
<ul>
<li>Modernized the code <a
href="https://redirect.github.com/mapbox/mapbox-gl-rtl-text/issues/38">#38</a>:
<ul>
<li>Reduced plugin bundle size by ~15%</li>
<li>Significantly reduced memory usage (from 16 MB to 256 kB)</li>
<li>Improved performance by reducing small allocations</li>
<li>Modernized development tooling</li>
</ul>
</li>
<li>Fixed a bug with empty text handling (h/t <a
href="https://github.com/Omkarthipparthi"><code>@​Omkarthipparthi</code></a>
<a
href="https://redirect.github.com/mapbox/mapbox-gl-rtl-text/issues/36">#36</a>)</li>
</ul>
<p>⚠️ This is the last version distributed as single UMD file. The next
one will be released as a combination of a tiny ESM JS bundle and a
separate WASM file.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mapbox/mapbox-gl-rtl-text/commit/cf49b7dceb39066db3af02c46cb33e06768bfc99"><code>cf49b7d</code></a>
0.4.0</li>
<li><a
href="https://github.com/mapbox/mapbox-gl-rtl-text/commit/86ad838ba099772394aa1242205ccb9f2644fdf9"><code>86ad838</code></a>
Optimize memory usage, modernize &amp; simplify tooling (<a
href="https://redirect.github.com/mapbox/mapbox-gl-rtl-text/issues/38">#38</a>)</li>
<li><a
href="https://github.com/mapbox/mapbox-gl-rtl-text/commit/ad0f8bc14f607a01fe61425dab4d75341924c10c"><code>ad0f8bc</code></a>
Add test for empty text handling in styled bidirectional processing (<a
href="https://redirect.github.com/mapbox/mapbox-gl-rtl-text/issues/36">#36</a>)</li>
<li><a
href="https://github.com/mapbox/mapbox-gl-rtl-text/commit/1f9e4ea847cf0fe87cd37170eb3e218eba03a885"><code>1f9e4ea</code></a>
Create codeql-analysis.yml</li>
<li><a
href="https://github.com/mapbox/mapbox-gl-rtl-text/commit/800d8d7803a395c3986b2d67db8e9800e4eb2bcc"><code>800d8d7</code></a>
SECANDCOMP-1321: deleting CodeQL across the org; will be replaced with
Prisma...</li>
<li>See full diff in <a
href="https://github.com/mapbox/mapbox-gl-rtl-text/compare/v0.3.0...v0.4.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~mbx-npm-07-production">mbx-npm-07-production</a>,
a new releaser for <code>@​mapbox/mapbox-gl-rtl-text</code> since your
current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@mapbox/mapbox-gl-rtl-text&package-manager=npm_and_yarn&previous-version=0.3.0&new-version=0.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 13:53:47 +00:00
dependabot[bot] 7568f67180 chore(deps): Bump i18next from 25.10.4 to 25.10.5 (#1746) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [i18next](https://github.com/i18next/i18next) from 25.10.4 to
25.10.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.10.5</h2>
<ul>
<li>feat(types): selector functions as <code>keyPrefix</code> in
<code>getFixedT</code> now provide full type-safe key narrowing — the
returned <code>t</code> function is scoped to the prefix subtree <a
href="https://redirect.github.com/i18next/i18next/issues/2367">2367</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.10.5</h2>
<ul>
<li>feat(types): selector functions as <code>keyPrefix</code> in
<code>getFixedT</code> now provide full type-safe key narrowing — the
returned <code>t</code> function is scoped to the prefix subtree <a
href="https://redirect.github.com/i18next/i18next/issues/2367">2367</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/83230b8f485b416931cbb8a2a0b6bc9290eaff66"><code>83230b8</code></a>
25.10.5</li>
<li><a
href="https://github.com/i18next/i18next/commit/79aa4d624510004bd45f6277f967d248a53921a4"><code>79aa4d6</code></a>
address <a
href="https://redirect.github.com/i18next/i18next/issues/2367">#2367</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/06f4ef70f242be8fa207f274f7fcadc3bd4d6457"><code>06f4ef7</code></a>
address <a
href="https://redirect.github.com/i18next/i18next/issues/2367">#2367</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/7902915328a899a6dc7680cc2563631b315ec8bc"><code>7902915</code></a>
fix changelog</li>
<li><a
href="https://github.com/i18next/i18next/commit/640ae9a2b2d8d3291889ce1576b43fffbfb874ee"><code>640ae9a</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.10.4...v25.10.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.10.4&new-version=25.10.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 13:53:10 +00:00
dependabot[bot] 76144ed5e4 chore(deps): Bump EndBug/version-check from 2 to 3 (#1745) 
Bumps [EndBug/version-check](https://github.com/endbug/version-check)
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/endbug/version-check/releases">EndBug/version-check's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/EndBug/version-check/pull/317">EndBug/version-check#317</a></li>
<li>chore(deps-dev): bump lodash from 4.17.21 to 4.17.23 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/EndBug/version-check/pull/318">EndBug/version-check#318</a></li>
<li>chore(deps): bump minimatch,
<code>@​typescript-eslint/eslint-plugin</code> and
<code>@​typescript-eslint/parser</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/EndBug/version-check/pull/319">EndBug/version-check#319</a></li>
<li>chore(deps-dev): bump flatted from 3.1.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/EndBug/version-check/pull/321">EndBug/version-check#321</a></li>
<li>updated node version, actions versions and dependencies by <a
href="https://github.com/Tpleme"><code>@​Tpleme</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/320">EndBug/version-check#320</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/EndBug/version-check/compare/v2.1.7...v3.0.0">https://github.com/EndBug/version-check/compare/v2.1.7...v3.0.0</a></p>
<h2>v2.1.7</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: add guillaume-docquier-vention as a contributor for bug by <a
href="https://github.com/allcontributors"><code>@​allcontributors</code></a>[bot]
in <a
href="https://redirect.github.com/EndBug/version-check/pull/316">EndBug/version-check#316</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/EndBug/version-check/compare/v2.1.6...v2.1.7">https://github.com/EndBug/version-check/compare/v2.1.6...v2.1.7</a></p>
<h2>v2.1.6</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: add patrickschroeter as a contributor for bug by <a
href="https://github.com/allcontributors"><code>@​allcontributors</code></a>[bot]
in <a
href="https://redirect.github.com/EndBug/version-check/pull/314">EndBug/version-check#314</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/EndBug/version-check/compare/v2.1.5...v2.1.6">https://github.com/EndBug/version-check/compare/v2.1.5...v2.1.6</a></p>
<h2>v2.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump typescript from 5.4.3 to 5.4.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/286">EndBug/version-check#286</a></li>
<li>chore(deps-dev): bump braces from 3.0.2 to 3.0.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/292">EndBug/version-check#292</a></li>
<li>chore(deps-dev): bump prettier from 3.2.5 to 3.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/295">EndBug/version-check#295</a></li>
<li>chore(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/EndBug/version-check/pull/297">EndBug/version-check#297</a></li>
<li>chore(deps-dev): bump prettier from 3.3.2 to 3.3.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/300">EndBug/version-check#300</a></li>
<li>chore(deps-dev): bump husky from 9.0.11 to 9.1.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/299">EndBug/version-check#299</a></li>
<li>chore(deps-dev): bump husky from 9.1.4 to 9.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/302">EndBug/version-check#302</a></li>
<li>chore(deps-dev): bump husky from 9.1.5 to 9.1.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/307">EndBug/version-check#307</a></li>
<li>chore(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.1 to
0.38.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/305">EndBug/version-check#305</a></li>
<li>Send token in readJson if using raw github url as file-url by <a
href="https://github.com/christulin"><code>@​christulin</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/283">EndBug/version-check#283</a></li>
<li>docs: add christulin as a contributor for code by <a
href="https://github.com/allcontributors"><code>@​allcontributors</code></a>
in <a
href="https://redirect.github.com/EndBug/version-check/pull/308">EndBug/version-check#308</a></li>
<li>docs: add khurrambilalaurecon as a contributor for bug by <a
href="https://github.com/allcontributors"><code>@​allcontributors</code></a>
in <a
href="https://redirect.github.com/EndBug/version-check/pull/309">EndBug/version-check#309</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/christulin"><code>@​christulin</code></a> made
their first contribution in <a
href="https://redirect.github.com/EndBug/version-check/pull/283">EndBug/version-check#283</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/EndBug/version-check/compare/v2.1.4...v2.1.5">https://github.com/EndBug/version-check/compare/v2.1.4...v2.1.5</a></p>
<h2>v2.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump husky from 8.0.3 to 9.0.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/271">EndBug/version-check#271</a></li>
<li>chore(deps-dev): bump <code>@​typescript-eslint/parser</code> from
6.16.0 to 6.20.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/273">EndBug/version-check#273</a></li>
<li>chore(deps-dev): bump prettier from 3.1.1 to 3.2.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/EndBug/version-check/pull/272">EndBug/version-check#272</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/EndBug/version-check/commit/095362f3cd50f690c8fa0e6afeea81834bd8d320"><code>095362f</code></a>
3.0.0</li>
<li><a
href="https://github.com/EndBug/version-check/commit/d972a82eaee283aa7cd4a83bdf82418284c3d385"><code>d972a82</code></a>
docs: prepare for v3</li>
<li><a
href="https://github.com/EndBug/version-check/commit/f6af013a5b790a04a20b131b3eb531e4aeb5730d"><code>f6af013</code></a>
chore!: updated node version, actions versions and dependencies (<a
href="https://redirect.github.com/endbug/version-check/issues/320">#320</a>)</li>
<li><a
href="https://github.com/EndBug/version-check/commit/0ce27ab3bb2959b20a243b2d2efd3f2ca7befa11"><code>0ce27ab</code></a>
chore(deps-dev): bump flatted from 3.1.1 to 3.4.2 (<a
href="https://redirect.github.com/endbug/version-check/issues/321">#321</a>)</li>
<li><a
href="https://github.com/EndBug/version-check/commit/64e0bcf20c144430d86339e527034ff8399c7d53"><code>64e0bcf</code></a>
[auto] build: update compiled version</li>
<li><a
href="https://github.com/EndBug/version-check/commit/21adeec490acaf0d816aceedace4c605016352b9"><code>21adeec</code></a>
chore(deps): bump minimatch,
<code>@​typescript-eslint/eslint-plugin</code> and <a
href="https://github.com/typescript"><code>@​typescript</code></a>...</li>
<li><a
href="https://github.com/EndBug/version-check/commit/75936fdb6cc2b3d6a95c4283dd534402f74b0347"><code>75936fd</code></a>
chore(deps-dev): bump lodash from 4.17.21 to 4.17.23 (<a
href="https://redirect.github.com/endbug/version-check/issues/318">#318</a>)</li>
<li><a
href="https://github.com/EndBug/version-check/commit/a4db3dc8368cb5e052fd2976b5984ca9ef69fa25"><code>a4db3dc</code></a>
chore(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/endbug/version-check/issues/317">#317</a>)</li>
<li>See full diff in <a
href="https://github.com/endbug/version-check/compare/d17247dd94ca7b39d0b0691399be8d7c510622c9...095362f3cd50f690c8fa0e6afeea81834bd8d320">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=EndBug/version-check&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 13:52:32 +00:00
dependabot[bot] d2b0c4cabf chore(deps-dev): Bump i18next-cli from 1.50.3 to 1.50.4 (#1744) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.50.3
to 1.50.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.50.3...v1.50.4">1.50.4</a>
- 2026-03-22</h2>
<ul>
<li>Fix namespaces containing spaces (e.g.
<code>useTranslation(['Generic category'])</code> or
<code>{ ns: 'Example two' }</code>) being incorrectly rejected by the
natural-language
heuristic and merged back into the key. The check now only applies when
the
namespace was derived from splitting a key string by
<code>nsSeparator</code>, not when it
was explicitly provided. Fixes <a
href="https://redirect.github.com/i18next/i18next-cli/issues/221">#221</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/4ff748e26f85fe833deec27bdfbbc8b6d5c9fa13"><code>4ff748e</code></a>
1.50.4</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/5691e24b5cdab6122da3af3848367f902bb089e0"><code>5691e24</code></a>
Fix namespaces containing spaces <a
href="https://redirect.github.com/i18next/i18next-cli/issues/221">#221</a></li>
<li>See full diff in <a
href="https://github.com/i18next/i18next-cli/compare/v1.50.3...v1.50.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.50.3&new-version=1.50.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 13:51:40 +00:00
dependabot[bot] 9a3f90cb25 chore(deps): Bump picomatch (#1743) 
Bumps and [picomatch](https://github.com/micromatch/picomatch). These
dependencies needed to be updated together.
Updates `picomatch` from 4.0.3 to 4.0.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/releases">picomatch's
releases</a>.</em></p>
<blockquote>
<h2>4.0.4</h2>
<p>This is a security release fixing several security relevant
issues.</p>
<h2>What's Changed</h2>
<ul>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334"><code>e5474fc</code></a>
Publish 4.0.4</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903"><code>4516eb5</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d"><code>5eceecd</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238"><code>0db7dd7</code></a>
Run benchmark again against latest minimatch version (<a
href="https://redirect.github.com/micromatch/picomatch/issues/161">#161</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a"><code>9500377</code></a>
docs: clarify what brace expansion syntax is and isn't supported (<a
href="https://redirect.github.com/micromatch/picomatch/issues/134">#134</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171"><code>2661f23</code></a>
fix typo in globstars.js test name (<a
href="https://redirect.github.com/micromatch/picomatch/issues/138">#138</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7"><code>1798b07</code></a>
docs: fix <code>makeRe</code> example (<a
href="https://redirect.github.com/micromatch/picomatch/issues/143">#143</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8"><code>9d76bc5</code></a>
chore: undocument removed options (<a
href="https://redirect.github.com/micromatch/picomatch/issues/146">#146</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d"><code>e4d718b</code></a>
Remove unused time-require (<a
href="https://redirect.github.com/micromatch/picomatch/issues/160">#160</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76"><code>38dffeb</code></a>
chore(deps): pin dependencies (<a
href="https://redirect.github.com/micromatch/picomatch/issues/158">#158</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">compare
view</a></li>
</ul>
</details>
<br />

Updates `picomatch` from 2.3.1 to 2.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/picomatch/releases">picomatch's
releases</a>.</em></p>
<blockquote>
<h2>4.0.4</h2>
<p>This is a security release fixing several security relevant
issues.</p>
<h2>What's Changed</h2>
<ul>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-c2c7-rcm5-vvqj">CVE-2026-33671</a></li>
<li>Fix for <a
href="https://github.com/micromatch/picomatch/security/advisories/GHSA-3v7f-55p6-f55p">CVE-2026-33672</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/micromatch/picomatch/commit/e5474fc1a4d7991870058170407dda8a42be5334"><code>e5474fc</code></a>
Publish 4.0.4</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/4516eb521f13a46b2fe1a1d2c9ef6b20ddc0e903"><code>4516eb5</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/5eceecd27543b8e056b9307d69e105ea03618a7d"><code>5eceecd</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/0db7dd70651ca7c8265601c0442a996ed32e3238"><code>0db7dd7</code></a>
Run benchmark again against latest minimatch version (<a
href="https://redirect.github.com/micromatch/picomatch/issues/161">#161</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/95003777eb1c60dec09495a8231fa2ba4054d76a"><code>9500377</code></a>
docs: clarify what brace expansion syntax is and isn't supported (<a
href="https://redirect.github.com/micromatch/picomatch/issues/134">#134</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/2661f23eca86c8b4a2b14815b9b2b3b74bd5a171"><code>2661f23</code></a>
fix typo in globstars.js test name (<a
href="https://redirect.github.com/micromatch/picomatch/issues/138">#138</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/1798b07e9df59500b9cf567294d44d559032f4c7"><code>1798b07</code></a>
docs: fix <code>makeRe</code> example (<a
href="https://redirect.github.com/micromatch/picomatch/issues/143">#143</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/9d76bc57a03b7f57cc4ca516c8071daf632bafd8"><code>9d76bc5</code></a>
chore: undocument removed options (<a
href="https://redirect.github.com/micromatch/picomatch/issues/146">#146</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/e4d718bbfb47e4f030ab2612b5b04a9297fe272d"><code>e4d718b</code></a>
Remove unused time-require (<a
href="https://redirect.github.com/micromatch/picomatch/issues/160">#160</a>)</li>
<li><a
href="https://github.com/micromatch/picomatch/commit/38dffeb16221cc8eb8981524fb6895dd2aaaba76"><code>38dffeb</code></a>
chore(deps): pin dependencies (<a
href="https://redirect.github.com/micromatch/picomatch/issues/158">#158</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-25 22:25:18 +00:00
dependabot[bot] 9a5356b428 chore(deps): Bump react-i18next from 16.5.8 to 16.6.1 (#1742) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
16.5.8 to 16.6.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h3>16.6.1</h3>
<ul>
<li>feat(types): i18nKey of <code>&lt;Trans i18nKey={sk} /&gt;</code> to
accept a <code>SelectorKey</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
</ul>
<h3>16.6.0</h3>
<ul>
<li>warn when <code>t</code> is called before <code>ready</code> with
<code>useSuspense: false</code> <a
href="https://redirect.github.com/i18next/react-i18next/issues/1896">1896</a></li>
<li>type-safe <code>values</code> prop on <code>&lt;Trans /&gt;</code>
component — interpolation variables are now inferred from the
translation string when custom types are configured <a
href="https://redirect.github.com/i18next/react-i18next/issues/1772">1772</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/react-i18next/commit/683156b25cd7bb94be4132b96b73fe27562ba618"><code>683156b</code></a>
16.6.1</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/723d84bbcbc152f3b2e07f3aa704859978860335"><code>723d84b</code></a>
feat(types): i18nKey of <code>\&lt;Trans i18nKey={sk} /&gt;</code> to
accept a <code>SelectorKey</code></li>
<li><a
href="https://github.com/i18next/react-i18next/commit/5c9f9f04e2ac665f2575c2bc7f783a368ab83c52"><code>5c9f9f0</code></a>
update i18next dep</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/3a68a0bcc0a61fc21cec8762acdfcab9025d9ba4"><code>3a68a0b</code></a>
16.6.0</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/87eac5f84b79819fb268ee936fe9d9e282c6543f"><code>87eac5f</code></a>
type-safe <code>values</code> prop on <code>\&lt;Trans /&gt;</code>
component — interpolation variables ar...</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/522885581d57ea481a40bce22239d550aaa3f426"><code>5228855</code></a>
warn when <code>t</code> is called before <code>ready</code> with
<code>useSuspense: false</code> <a
href="https://redirect.github.com/i18next/react-i18next/issues/1896">#1896</a></li>
<li><a
href="https://github.com/i18next/react-i18next/commit/a75ef78d50ba4643575c2d0f48e73d6e2d9961dc"><code>a75ef78</code></a>
update deps and adjust tests</li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v16.5.8...v16.6.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=16.5.8&new-version=16.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-25 13:52:20 +00:00
dependabot[bot] c98ec60db8 chore(deps): Bump i18next from 25.10.0 to 25.10.4 (#1741) 
Bumps [i18next](https://github.com/i18next/i18next) from 25.10.0 to
25.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.10.4</h2>
<ul>
<li>feat(types): i18nKey of <code>&lt;Trans i18nKey={sk} /&gt;</code> to
accept a <code>SelectorKey</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
</ul>
<h2>v25.10.3</h2>
<ul>
<li>check also for I18NEXT_NO_SUPPORT_NOTICE env variable</li>
</ul>
<h2>v25.10.2</h2>
<ul>
<li>feat(types): <code>keyFromSelector</code> is now type-safe — the
selector callback is constrained against your resource definitions,
catching invalid keys at compile time. Supports optional <code>ns</code>
and <code>keyPrefix</code> options for non-default namespace/prefix
contexts <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
</ul>
<h2>v25.10.1</h2>
<ul>
<li>fix(types): <code>FilterKeys</code> now correctly excludes base keys
that have context variants when the provided context doesn't match any
of them (e.g. key <code>some</code> with variant <code>some_me</code> is
no longer accessible with <code>context=&quot;one&quot;</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.10.4</h2>
<ul>
<li>feat(types): <code>exists()</code> is now a type guard that narrows
the key to <code>SelectorKey</code>, so a validated key can be passed
directly to <code>t()</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
</ul>
<h2>25.10.3</h2>
<ul>
<li>check also for I18NEXT_NO_SUPPORT_NOTICE env variable</li>
</ul>
<h2>25.10.2</h2>
<ul>
<li>feat(types): <code>keyFromSelector</code> is now type-safe — the
selector callback is constrained against your resource definitions,
catching invalid keys at compile time. Supports optional <code>ns</code>
and <code>keyPrefix</code> options for non-default namespace/prefix
contexts <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
</ul>
<h2>25.10.1</h2>
<ul>
<li>fix(types): <code>FilterKeys</code> now correctly excludes base keys
that have context variants when the provided context doesn't match any
of them (e.g. key <code>some</code> with variant <code>some_me</code> is
no longer accessible with <code>context=&quot;one&quot;</code>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/de429ab17d9dbb230aef89996adc5a0b3ebd0436"><code>de429ab</code></a>
25.10.4</li>
<li><a
href="https://github.com/i18next/i18next/commit/3eb1b35b912bd8a656affa787b6d95ebf44c9d16"><code>3eb1b35</code></a>
feat(types): i18nKey of <code>\&lt;Trans i18nKey={sk} /&gt;</code> to
accept a <code>SelectorKey</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2364">#2364</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/53220b7fb80cbe22275c3b7cdbab6d91f12d2ceb"><code>53220b7</code></a>
jsr update</li>
<li><a
href="https://github.com/i18next/i18next/commit/908d0376bb72f731df9d65a219c7fc472db01b66"><code>908d037</code></a>
25.10.3</li>
<li><a
href="https://github.com/i18next/i18next/commit/4e0b5da2971d404f85cf45a618dc249864b5243a"><code>4e0b5da</code></a>
check also for I18NEXT_NO_SUPPORT_NOTICE env variable <a
href="https://redirect.github.com/i18next/i18next/issues/2407">#2407</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/4767835124e0b35bc3bf53223793dcc8fdffca6b"><code>4767835</code></a>
cosmetics</li>
<li><a
href="https://github.com/i18next/i18next/commit/a55aa675081ba74ab3a5c1398ee19ec259ed3d64"><code>a55aa67</code></a>
jsr update</li>
<li><a
href="https://github.com/i18next/i18next/commit/e5dbafe3c26b7ee1f5cf47dd41dd90082ff438bf"><code>e5dbafe</code></a>
25.10.2</li>
<li><a
href="https://github.com/i18next/i18next/commit/166ce5abd83b8f53d2d05fe7b04f7b970c6d7096"><code>166ce5a</code></a>
feat(types): <code>keyFromSelector</code> is now type-safe — the
selector callback is co...</li>
<li><a
href="https://github.com/i18next/i18next/commit/40f17d88ff2593e75fc44de90b0aa71bf7f37adb"><code>40f17d8</code></a>
jsr update</li>
<li>Additional commits viewable in <a
href="https://github.com/i18next/i18next/compare/v25.10.0...v25.10.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.10.0&new-version=25.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-25 13:51:52 +00:00
dependabot[bot] 44ec1c01aa chore(deps-dev): Bump cypress from 15.11.0 to 15.12.0 (#1718) 
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.11.0 to
15.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/cypress/releases">cypress's
releases</a>.</em></p>
<blockquote>
<h2>v15.12.0</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-12-0">https://docs.cypress.io/app/references/changelog#15-12-0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/cypress/commit/dbb806af7cb2e657ad659675bc9b38a65a3d4a18"><code>dbb806a</code></a>
chore: release v15.12.0 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33459">#33459</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/4931cf06ff7dadfe27d839f80ebb2ac8b8792087"><code>4931cf0</code></a>
chore: bootstrap AI agent context files (AGENTS.md + CLAUDE.md) (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33429">#33429</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/9546ee8e2633e3d1e7800cdcbf4ef2d99ad74ece"><code>9546ee8</code></a>
chore: removes changelog entries for sigint-related fixes that are still
unre...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/fec7088aacecf0603ff4a611fccc7a7b6652e49b"><code>fec7088</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33453">#33453</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/9b7ac44d3bb1c34ce053b146849e630bfbf52f18"><code>9b7ac44</code></a>
chore: Update v8 snapshot cache - darwin (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33452">#33452</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/9c8afaa9113668071357d37710ab2922cf6fce91"><code>9c8afaa</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33449">#33449</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/3d2ca8a0e0c86ce03eb109b1e91c39fd2365cfd4"><code>3d2ca8a</code></a>
chore: Update Chrome (beta) to 146.0.7680.65 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33443">#33443</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/abc6b2b8eff09dc54c188787e70ae462d44b3400"><code>abc6b2b</code></a>
fix: prevent hang when waiting on multiple intercepts and navigating (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33446">#33446</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/32e95edeb66b35ce5fd623e912d0314e5eb71f4c"><code>32e95ed</code></a>
test: update coming soon test from app (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33448">#33448</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/aa56256b62b3a986290d85968ac5ed9347560152"><code>aa56256</code></a>
dependency: update fast-xml-parser to 4.5.4 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33435">#33435</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.11.0...v15.12.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.11.0&new-version=15.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 14:01:47 +00:00
dependabot[bot] a482538eaf chore(deps): Bump github/codeql-action from 4.33.0 to 4.34.1 (#1740) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.33.0 to 4.34.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.34.1</h2>
<ul>
<li>Downgrade default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>
due to issues with a small percentage of Actions and JavaScript
analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li>
</ul>
<h2>v4.34.0</h2>
<ul>
<li>Added an experimental change which disables TRAP caching when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> is enabled, since improved incremental analysis
supersedes TRAP caching. This will improve performance and reduce
Actions cache usage. We expect to roll this change out to everyone in
March. <a
href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li>
<li>We are rolling out improved incremental analysis to C/C++ analyses
that use build mode <code>none</code>. We expect this rollout to be
complete by the end of April 2026. <a
href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<ul>
<li>Reduced the minimum Git version required for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> from 2.38.0 to 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li>
</ul>
<h2>4.34.1 - 20 Mar 2026</h2>
<ul>
<li>Downgrade default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>
due to issues with a small percentage of Actions and JavaScript
analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li>
</ul>
<h2>4.34.0 - 20 Mar 2026</h2>
<ul>
<li>Added an experimental change which disables TRAP caching when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> is enabled, since improved incremental analysis
supersedes TRAP caching. This will improve performance and reduce
Actions cache usage. We expect to roll this change out to everyone in
March. <a
href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li>
<li>We are rolling out improved incremental analysis to C/C++ analyses
that use build mode <code>none</code>. We expect this rollout to be
complete by the end of April 2026. <a
href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li>
</ul>
<h2>4.33.0 - 16 Mar 2026</h2>
<ul>
<li>
<p>Upcoming change: Starting April 2026, the CodeQL Action will skip
collecting file coverage information on pull requests to improve
analysis performance. File coverage information will still be computed
on non-PR analyses. Pull request analyses will log a warning about this
upcoming change. <a
href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p>
<p>To opt out of this change:</p>
<ul>
<li><strong>Repositories owned by an organization:</strong> Create a
custom repository property with the name
<code>github-codeql-file-coverage-on-prs</code> and the type
&quot;True/false&quot;, then set this property to <code>true</code> in
the repository's settings. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>.
Alternatively, if you are using an advanced setup workflow, you can set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using default setup:</strong> Switch
to an advanced setup workflow and set the
<code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to
<code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using advanced setup:</strong> Set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
</ul>
</li>
<li>
<p>Fixed <a
href="https://redirect.github.com/github/codeql-action/issues/3555">a
bug</a> which caused the CodeQL Action to fail loading repository
properties if a &quot;Multi select&quot; repository property was
configured for the repository. <a
href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p>
</li>
<li>
<p>The CodeQL Action now loads <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom
repository properties</a> on GitHub Enterprise Server, enabling the
customization of features such as
<code>github-codeql-disable-overlay</code> that was previously only
available on GitHub.com. <a
href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p>
</li>
<li>
<p>Once <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a> can be configured with OIDC-based authentication
for organizations, the CodeQL Action will now be able to accept such
configurations. <a
href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p>
</li>
<li>
<p>Fixed the retry mechanism for database uploads. Previously this would
fail with the error &quot;Response body object should not be disturbed
or locked&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p>
</li>
<li>
<p>A warning is now emitted if the CodeQL Action detects a repository
property whose name suggests that it relates to the CodeQL Action, but
which is not one of the properties recognised by the current version of
the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p>
</li>
</ul>
<h2>4.32.6 - 05 Mar 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li>
</ul>
<h2>4.32.5 - 02 Mar 2026</h2>
<ul>
<li>Repositories owned by an organization can now set up the
<code>github-codeql-disable-overlay</code> custom repository property to
disable <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis for CodeQL</a>. First, create a custom repository
property with the name <code>github-codeql-disable-overlay</code> and
the type &quot;True/false&quot; in the organization's settings. Then in
the repository's settings, set this property to <code>true</code> to
disable improved incremental analysis. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>. This
feature is not yet available on GitHub Enterprise Server. <a
href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li>
<li>Added an experimental change so that when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> fails on a runner — potentially due to
insufficient disk space — the failure is recorded in the Actions cache
so that subsequent runs will automatically skip improved incremental
analysis until something changes (e.g. a larger runner is provisioned or
a new CodeQL version is released). We expect to roll this change out to
everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li>
<li>The minimum memory check for improved incremental analysis is now
skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage.
<a
href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li>
<li>Reduced log levels for best-effort private package registry
connection check failures to reduce noise from workflow annotations. <a
href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li>
<li>Added an experimental change which lowers the minimum disk space
requirement for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>, enabling it to run on standard GitHub Actions
runners. We expect to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li>
<li>Added an experimental change which allows the
<code>start-proxy</code> action to resolve the CodeQL CLI version from
feature flags instead of using the linked CLI bundle version. We expect
to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li>
<li>The previously experimental changes from versions 4.32.3, 4.32.4,
3.32.3 and 3.32.4 are now enabled by default. <a
href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>,
<a
href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li>
</ul>
<h2>4.32.4 - 20 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/38697555549f1db7851b81482ff19f1fa5c4fedc"><code>3869755</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3763">#3763</a>
from github/update-v4.34.1-095e0fe50</li>
<li><a
href="https://github.com/github/codeql-action/commit/20e68ac12bc8d1eb16a56d3ef4e78263197d2e47"><code>20e68ac</code></a>
Update changelog for v4.34.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/095e0fe505bb5ab6198675d021352632c2c69a46"><code>095e0fe</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3762">#3762</a>
from github/henrymercer/downgrade-default-bundle</li>
<li><a
href="https://github.com/github/codeql-action/commit/47b94fe61cd788995769140a7a8adffec0738aa1"><code>47b94fe</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/51a1d6917f5d33f400200c675401974da443b2ea"><code>51a1d69</code></a>
Downgrade default bundle to codeql-bundle-v2.24.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/510cf736e330d7eb9bc471636d65aaa180118824"><code>510cf73</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3589">#3589</a>
from github/mergeback/v4.34.0-to-main-c6f93110</li>
<li><a
href="https://github.com/github/codeql-action/commit/89f0c86efa3acf01faeff510383f0c4a4152760a"><code>89f0c86</code></a>
Rebuild</li>
<li><a
href="https://github.com/github/codeql-action/commit/c3f90ba975e427c1913b529a89ef97a2442493f2"><code>c3f90ba</code></a>
Update changelog and version after v4.34.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/c6f931105cb2c34c8f901cc885ba1e2e259cf745"><code>c6f9311</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3588">#3588</a>
from github/update-v4.34.0-30c555a52</li>
<li><a
href="https://github.com/github/codeql-action/commit/eeb9b3f4244c2945a20b9761dfa77f19d468d35f"><code>eeb9b3f</code></a>
Update changelog for v4.34.0</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b1bff81932f5cdfc8695c7752dcee935dcd061c8...38697555549f1db7851b81482ff19f1fa5c4fedc">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.33.0&new-version=4.34.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 13:54:02 +00:00
dependabot[bot] b6fef823f3 chore(deps): Bump cypress-io/github-action from 7.1.5 to 7.1.8 (#1737) 
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 7.1.5 to 7.1.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.8</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.7...v7.1.8">7.1.8</a>
(2026-03-20)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update fast-xml-parser to 5.5.7 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1703">#1703</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/4c06c48f3ffea349b7189aa06dfcda47a9fa7b92">4c06c48</a>)</li>
</ul>
<h2>v7.1.7</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.6...v7.1.7">7.1.7</a>
(2026-03-18)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update fast-xml-parser to 5.5.6 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1688">#1688</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/ed2d88ccbbf936c5aac087dd43e10425abc3534f">ed2d88c</a>)</li>
</ul>
<h2>v7.1.6</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.5...v7.1.6">7.1.6</a>
(2026-03-16)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update transient dependencies flatted &amp;
undici (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1683">#1683</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/82482149c343a5dee155d22104111b9319f9dd45">8248214</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/github-action/commit/4c06c48f3ffea349b7189aa06dfcda47a9fa7b92"><code>4c06c48</code></a>
fix(deps): update fast-xml-parser to 5.5.7 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1703">#1703</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/5c5ae407ddd27d1131faf4f3c1b21a467cbdf026"><code>5c5ae40</code></a>
test(deps): harmonize image-size to 2.0.2 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1702">#1702</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/c0addff725573abecffebf4898ac2ea36084f2be"><code>c0addff</code></a>
chore(deps): update dependency image-size to ^1.2.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1699">#1699</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/ce3bd0318c9f7f24f9244e721bd336edc76741ba"><code>ce3bd03</code></a>
chore(deps): update tailwindcss monorepo to ^4.2.2 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1697">#1697</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/bc497bde529850c63e81f8385e75671d1654b5ab"><code>bc497bd</code></a>
chore(deps): update dependency <code>@​vitejs/plugin-react</code> to
^5.2.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1698">#1698</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/ce92cec8a3cc68ece278e50582913a23e736dc7d"><code>ce92cec</code></a>
chore: group webpack* dependencies for Renovate (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1696">#1696</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/b38e1f75b50f1bee86d34143bde6eab162537f2e"><code>b38e1f7</code></a>
chore(deps): update dependency webpack to ^5.105.4 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1694">#1694</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/b9f98de169dc8fb20077b6dce4eba144a0036451"><code>b9f98de</code></a>
chore: set Renovate rangeStrategy to bump (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1693">#1693</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/a54417f608070346438843812d4c1b2f217cc565"><code>a54417f</code></a>
chore: enable examples updates with Renovate (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1691">#1691</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/38c6a67b0b53e301d4b1db51170d250471f97551"><code>38c6a67</code></a>
test(deps): update next to 16.1.7 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1689">#1689</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/github-action/compare/bc22e01685c56e89e7813fd8e26f33dc47f87e15...4c06c48f3ffea349b7189aa06dfcda47a9fa7b92">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=7.1.5&new-version=7.1.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 13:52:35 +00:00
dependabot[bot] 120bf26d11 chore(deps): Bump i18next from 25.8.20 to 25.10.0 (#1739) 
Bumps [i18next](https://github.com/i18next/i18next) from 25.8.20 to
25.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.10.0</h2>
<ul>
<li>feat(types): <code>keyFromSelector</code> now returns a branded
<code>SelectorKey</code> type that <code>t()</code> accepts directly,
enabling pre-computed and reusable translation keys <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
<li>feat: support selector syntax for <code>keyPrefix</code> in
<code>getFixedT</code> and per-call options <a
href="https://redirect.github.com/i18next/i18next/issues/2367">2367</a></li>
<li>feat(types): interpolation values are now automatically typed based
on built-in format specifiers — <code>{{val, number}}</code> requires
<code>number</code>, <code>{{val, datetime}}</code> requires
<code>Date</code>, <code>{{name}}</code> requires <code>string</code>,
etc. Custom formatters can be typed via
<code>interpolationFormatTypeMap</code> in
<code>CustomTypeOptions</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2378">2378</a></li>
<li>fix(types): <code>FilterKeys</code> in selector mode now preserves
non-context, non-plural leaf keys when <code>context</code> is provided,
fixing incorrect type narrowing when combining <code>returnObjects:
true</code> with <code>context</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2398">2398</a></li>
</ul>
<h2>v25.9.0</h2>
<ul>
<li>feat(types): selector API now enforces <code>{ count: number
}</code> when a key resolves to plural forms <a
href="https://redirect.github.com/i18next/i18next/issues/2373">2373</a></li>
<li>fix(types): string unions with invalid members are now correctly
detected as type errors when used as context option <a
href="https://redirect.github.com/i18next/i18next/issues/2172">2172</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.10.0</h2>
<ul>
<li>feat(types): <code>keyFromSelector</code> now returns a branded
<code>SelectorKey</code> type that <code>t()</code> accepts directly,
enabling pre-computed and reusable translation keys <a
href="https://redirect.github.com/i18next/i18next/issues/2364">2364</a></li>
<li>feat: support selector syntax for <code>keyPrefix</code> in
<code>getFixedT</code> and per-call options <a
href="https://redirect.github.com/i18next/i18next/issues/2367">2367</a></li>
<li>feat(types): interpolation values are now automatically typed based
on built-in format specifiers — <code>{{val, number}}</code> requires
<code>number</code>, <code>{{val, datetime}}</code> requires
<code>Date</code>, <code>{{name}}</code> requires <code>string</code>,
etc. Custom formatters can be typed via
<code>interpolationFormatTypeMap</code> in
<code>CustomTypeOptions</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2378">2378</a></li>
<li>fix(types): <code>FilterKeys</code> in selector mode now preserves
non-context, non-plural leaf keys when <code>context</code> is provided,
fixing incorrect type narrowing when combining <code>returnObjects:
true</code> with <code>context</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2398">2398</a></li>
</ul>
<h2>25.9.0</h2>
<ul>
<li>feat(types): selector API now enforces <code>{ count: number
}</code> when a key resolves to plural forms <a
href="https://redirect.github.com/i18next/i18next/issues/2373">2373</a></li>
<li>fix(types): string unions with invalid members are now correctly
detected as type errors when used as context option <a
href="https://redirect.github.com/i18next/i18next/issues/2172">2172</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/96f89c6ddbe1629ee799a62354bb01cdd5b59a3f"><code>96f89c6</code></a>
25.10.0</li>
<li><a
href="https://github.com/i18next/i18next/commit/2f7833c6a8bc728d95aef0ae9f4a337a17d0b287"><code>2f7833c</code></a>
remove debug.test</li>
<li><a
href="https://github.com/i18next/i18next/commit/4b6a3f9965f89428942d8d1f2cd608ce8739ce96"><code>4b6a3f9</code></a>
prepare release</li>
<li><a
href="https://github.com/i18next/i18next/commit/c1958a235ba76e0503b4e11a34c20043c90c1a1e"><code>c1958a2</code></a>
feat(types): interpolation values are now automatically typed based on
built-...</li>
<li><a
href="https://github.com/i18next/i18next/commit/f2c76d96dedad6d205b007189935c61cdd98ef8a"><code>f2c76d9</code></a>
feat(types): try to address <a
href="https://redirect.github.com/i18next/i18next/issues/2378">#2378</a>
and <a
href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/9469766b4a8eec401f793305726367bddbfef2a2"><code>9469766</code></a>
feat: support selector syntax for <code>keyPrefix</code> in
<code>getFixedT</code> and per-call opt...</li>
<li><a
href="https://github.com/i18next/i18next/commit/26af5ee5c8d3611a9ee590f1315988dbd7353a7c"><code>26af5ee</code></a>
branded SelectorKey <a
href="https://redirect.github.com/i18next/i18next/issues/2364">#2364</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/1163a799c23d15fba4bc456e3d6d9ae10c793584"><code>1163a79</code></a>
jsr update</li>
<li><a
href="https://github.com/i18next/i18next/commit/da3dc6d27747834a9709b926f91387c623944e09"><code>da3dc6d</code></a>
25.9.0</li>
<li><a
href="https://github.com/i18next/i18next/commit/05c326a7260bda00354ecf17eeddd75d59970158"><code>05c326a</code></a>
format styling</li>
<li>Additional commits viewable in <a
href="https://github.com/i18next/i18next/compare/v25.8.20...v25.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.8.20&new-version=25.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 13:52:11 +00:00
dependabot[bot] d242bd0dfa chore(deps-dev): Bump eslint from 10.0.3 to 10.1.0 (#1736) 
Bumps [eslint](https://github.com/eslint/eslint) from 10.0.3 to 10.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v10.1.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/ff4382be349035acdb170627a2dc92828e134562"><code>ff4382b</code></a>
feat: apply fix for <code>no-var</code> in <code>TSModuleBlock</code>
(<a
href="https://redirect.github.com/eslint/eslint/issues/20638">#20638</a>)
(Tanuj Kanti)</li>
<li><a
href="https://github.com/eslint/eslint/commit/0916995b51528872b15ba4fedb24172cf25fcb3f"><code>0916995</code></a>
feat: Implement api support for bulk-suppressions (<a
href="https://redirect.github.com/eslint/eslint/issues/20565">#20565</a>)
(Blake Sager)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/2b8824e6be4223980e929a20025602df20d05ea2"><code>2b8824e</code></a>
fix: Prevent <code>no-var</code> autofix when a variable is used before
declaration (<a
href="https://redirect.github.com/eslint/eslint/issues/20464">#20464</a>)
(Amaresh S M)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e58b4bff167e79afd067d1b0ee9360bec2d3393e"><code>e58b4bf</code></a>
fix: update eslint (<a
href="https://redirect.github.com/eslint/eslint/issues/20597">#20597</a>)
(renovate[bot])</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/b7b57fe9942c572ff651230f1f96cefed787ca52"><code>b7b57fe</code></a>
docs: use correct JSDoc link in require-jsdoc.md (<a
href="https://redirect.github.com/eslint/eslint/issues/20641">#20641</a>)
(mkemna-clb)</li>
<li><a
href="https://github.com/eslint/eslint/commit/58e4cfc7dbf0fe40c73f09bf0ff94ad944d0ba0e"><code>58e4cfc</code></a>
docs: add deprecation notice partial (<a
href="https://redirect.github.com/eslint/eslint/issues/20639">#20639</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7143dbf99df27c61edf1552da981794e99a0b2f2"><code>7143dbf</code></a>
docs: update v9 migration guide for <code>@eslint/js</code> usage (<a
href="https://redirect.github.com/eslint/eslint/issues/20540">#20540</a>)
(fnx)</li>
<li><a
href="https://github.com/eslint/eslint/commit/035fc4fbe506e3e4524882cf50db37a4e430adf4"><code>035fc4f</code></a>
docs: note that <code>globalReturn</code> applies only with
<code>sourceType: &quot;script&quot;</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20630">#20630</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e972c88ab7474a74191ee99ac2558b00d0427a8a"><code>e972c88</code></a>
docs: merge ESLint option descriptions into type definitions (<a
href="https://redirect.github.com/eslint/eslint/issues/20608">#20608</a>)
(Francesco Trotta)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7f10d8440137f0cfd75f18f4746ba6a1c621b953"><code>7f10d84</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/aeed0078ca2f73d4744cc522102178d45b5be64e"><code>aeed007</code></a>
docs: open playground link in new tab (<a
href="https://redirect.github.com/eslint/eslint/issues/20602">#20602</a>)
(Tanuj Kanti)</li>
<li><a
href="https://github.com/eslint/eslint/commit/a0d1a3772679d3d74bb860fc65b5b58678acd452"><code>a0d1a37</code></a>
docs: Add AI Usage Policy (<a
href="https://redirect.github.com/eslint/eslint/issues/20510">#20510</a>)
(Nicholas C. Zakas)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/a9f9cce82d80b540a0e3549d0e91c16df28740d8"><code>a9f9cce</code></a>
chore: update dependency eslint-plugin-unicorn to ^63.0.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20584">#20584</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/1f42bd7876ae4192cf7f7f4faf73b4ef3d2563cb"><code>1f42bd7</code></a>
chore: update <code>prettier</code> to 3.8.1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20651">#20651</a>)
(루밀LuMir)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c0a6f4a2b4169edeca2a81bf7b47783e39ade366"><code>c0a6f4a</code></a>
chore: update dependency <code>@​eslint/json</code> to ^1.2.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20652">#20652</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/cc43f795c42e5ec2f19bb43b1f6d534ef2e469f3"><code>cc43f79</code></a>
chore: update dependency c8 to v11 (<a
href="https://redirect.github.com/eslint/eslint/issues/20650">#20650</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/2ce4635b036ff2665c7009afddf9c0fb2274dceb"><code>2ce4635</code></a>
chore: update dependency <code>@​eslint/json</code> to v1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20649">#20649</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/f0406eedcc3dc415babbbf6bbdb5db1eebfd487b"><code>f0406ee</code></a>
chore: update dependency markdownlint-cli2 to ^0.21.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20646">#20646</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/dbb4c9582a00bac604d5c6ac671bb7111468a846"><code>dbb4c95</code></a>
chore: remove trunk (<a
href="https://redirect.github.com/eslint/eslint/issues/20478">#20478</a>)
(sethamus)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c672a2a70579fddf1c6ce33dfa712d705726e1c9"><code>c672a2a</code></a>
test: fix CLI test for empty output file (<a
href="https://redirect.github.com/eslint/eslint/issues/20640">#20640</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c7ada2455680036bbfc42fcb1511ff28afe3c587"><code>c7ada24</code></a>
ci: bump pnpm/action-setup from 4.3.0 to 4.4.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20636">#20636</a>)
(dependabot[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/07c4b8b4a9f49145e60a3448dd57853213ed4de3"><code>07c4b8b</code></a>
test: fix <code>RuleTester</code> test without test runners (<a
href="https://redirect.github.com/eslint/eslint/issues/20631">#20631</a>)
(Francesco Trotta)</li>
<li><a
href="https://github.com/eslint/eslint/commit/079bba7ff17d0a99fdffe32bf991d005ba797fae"><code>079bba7</code></a>
test: Add tests for <code>isValidWithUnicodeFlag</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20601">#20601</a>)
(Manish chaudhary)</li>
<li><a
href="https://github.com/eslint/eslint/commit/5885ae66216bcee9310bbf73786b7d7d5774aeaf"><code>5885ae6</code></a>
ci: unpin Node.js 25.x in CI (<a
href="https://redirect.github.com/eslint/eslint/issues/20615">#20615</a>)
(Copilot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f65e5d3c0df65fdb317ad6d23f7ae113c5f4b6d7"><code>f65e5d3</code></a>
chore: update pnpm/action-setup digest to b906aff (<a
href="https://redirect.github.com/eslint/eslint/issues/20610">#20610</a>)
(renovate[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/8351ec7aaa0f7d4753ff39bb9d6260f2ac9e1f1a"><code>8351ec7</code></a>
10.1.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/3270bc12165d62646fd0edaab2c28809302663a1"><code>3270bc1</code></a>
Build: changelog update for 10.1.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/a9f9cce82d80b540a0e3549d0e91c16df28740d8"><code>a9f9cce</code></a>
chore: update dependency eslint-plugin-unicorn to ^63.0.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20584">#20584</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/1f42bd7876ae4192cf7f7f4faf73b4ef3d2563cb"><code>1f42bd7</code></a>
chore: update <code>prettier</code> to 3.8.1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20651">#20651</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c0a6f4a2b4169edeca2a81bf7b47783e39ade366"><code>c0a6f4a</code></a>
chore: update dependency <code>@​eslint/json</code> to ^1.2.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20652">#20652</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/cc43f795c42e5ec2f19bb43b1f6d534ef2e469f3"><code>cc43f79</code></a>
chore: update dependency c8 to v11 (<a
href="https://redirect.github.com/eslint/eslint/issues/20650">#20650</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/2ce4635b036ff2665c7009afddf9c0fb2274dceb"><code>2ce4635</code></a>
chore: update dependency <code>@​eslint/json</code> to v1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20649">#20649</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f0406eedcc3dc415babbbf6bbdb5db1eebfd487b"><code>f0406ee</code></a>
chore: update dependency markdownlint-cli2 to ^0.21.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20646">#20646</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/dbb4c9582a00bac604d5c6ac671bb7111468a846"><code>dbb4c95</code></a>
chore: remove trunk (<a
href="https://redirect.github.com/eslint/eslint/issues/20478">#20478</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/ff4382be349035acdb170627a2dc92828e134562"><code>ff4382b</code></a>
feat: apply fix for <code>no-var</code> in <code>TSModuleBlock</code>
(<a
href="https://redirect.github.com/eslint/eslint/issues/20638">#20638</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v10.0.3...v10.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=10.0.3&new-version=10.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-24 13:51:58 +00:00
dependabot[bot] 250a480626 chore(deps): Bump maplibre-gl from 5.20.2 to 5.21.0 (#1730) 
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from
5.20.2 to 5.21.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/releases">maplibre-gl's
releases</a>.</em></p>
<blockquote>
<h2>v5.21.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add compatibility for ES2020 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7283">#7283</a>)
(by <a
href="https://github.com/claudiobgit"><code>@​claudiobgit</code></a>)</li>
<li>Add <code>referrerPolicy</code> option to
<code>RequestParameters</code> to allow controlling the referrer policy
for tile requests (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7278">#7278</a>)
(by <a
href="https://github.com/Bingtagui404"><code>@​Bingtagui404</code></a>)</li>
<li>Wait for the GPU to finish its callstack for rendering benchmarks
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7285">#7285</a>)
(by <a
href="https://github.com/xavierjs"><code>@​xavierjs</code></a>)</li>
<li>Remove Edge 18 WebP detection workaround; always send <code>Accept:
image/webp</code> header for image requests (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7293">#7293</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Remove legacy browser compatibility code targeting IE11 and pre-2016
browsers (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7294">#7294</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Remove legacy <code>DOM.remove()</code> and
<code>DOM.mouseButton()</code> wrappers; use native APIs directly
(baseline 2015) (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7295">#7295</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Make <code>setTransformRequest</code> accept an async function in
addition to a sync function. (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7184">#7184</a>)
(by <a href="https://github.com/kikuomax"><code>@​kikuomax</code>
</a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix incorrect popup location in case of terrain and
<code>jumpTo</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7267">#7267</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Fix memory leak in VideoSource: remove <code>playing</code> event
listener and pause video on source removal (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7279">#7279</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix memory leak where typed array views retained StructArray buffers
after GPU upload, preventing garbage collection (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7280">#7280</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix raster DEM tiles getting stuck in
<code>&quot;reloading&quot;</code> state (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7284">#7284</a>)
(by <a
href="https://github.com/katemihalikova"><code>@​katemihalikova</code></a>)</li>
<li>Fix <code>GeolocateControl</code> leaking a <code>movestart</code>
listener on the map after removal, which could also crash if the control
was in active tracking state when removed (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7286">#7286</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Cap tile texture reuse pool to prevent unbounded VRAM growth during
rapid zoom/pan (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7289">#7289</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix Marker <code>click</code> listener not removed on
<code>remove()</code>, leaking the handler added in <a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7028">#7028</a>
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7287">#7287</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix Terrain GPU resource leak: free FBO, textures, and meshes when
terrain is disabled via <code>setTerrain(null)</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7288">#7288</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix guard against partial layout in <code>PauseablePlacement</code>
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7079">#7079</a>)
(by <a
href="https://github.com/garethbowker"><code>@​garethbowker</code></a>)</li>
<li>Fix missing tile encoding for MLT queryRenderedFeatures (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7056">#7056</a>)
(by <a href="https://github.com/dannote"><code>@​dannote</code></a> and
<a
href="https://github.com/ted-piotrowski"><code>@​ted-piotrowski</code></a>)</li>
<li>Fix 3D Tiles example (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7275">#7275</a>)
(by <a
href="https://github.com/hh-hang"><code>@​hh-hang</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's
changelog</a>.</em></p>
<blockquote>
<h2>5.21.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add compatibility for ES2020 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7283">#7283</a>)
(by <a
href="https://github.com/claudiobgit"><code>@​claudiobgit</code></a>)</li>
<li>Add <code>referrerPolicy</code> option to
<code>RequestParameters</code> to allow controlling the referrer policy
for tile requests (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7278">#7278</a>)
(by <a
href="https://github.com/Bingtagui404"><code>@​Bingtagui404</code></a>)</li>
<li>Wait for the GPU to finish its callstack for rendering benchmarks
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7285">#7285</a>)
(by <a
href="https://github.com/xavierjs"><code>@​xavierjs</code></a>)</li>
<li>Remove Edge 18 WebP detection workaround; always send <code>Accept:
image/webp</code> header for image requests (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7293">#7293</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Remove legacy browser compatibility code targeting IE11 and pre-2016
browsers (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7294">#7294</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Remove legacy <code>DOM.remove()</code> and
<code>DOM.mouseButton()</code> wrappers; use native APIs directly
(baseline 2015) (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7295">#7295</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Make <code>setTransformRequest</code> accept an async function in
addition to a sync function. (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7184">#7184</a>)
(by <a href="https://github.com/kikuomax"><code>@​kikuomax</code>
</a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix incorrect popup location in case of terrain and
<code>jumpTo</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7267">#7267</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Fix memory leak in VideoSource: remove <code>playing</code> event
listener and pause video on source removal (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7279">#7279</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix memory leak where typed array views retained StructArray buffers
after GPU upload, preventing garbage collection (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7280">#7280</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix raster DEM tiles getting stuck in
<code>&quot;reloading&quot;</code> state (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7284">#7284</a>)
(by <a
href="https://github.com/katemihalikova"><code>@​katemihalikova</code></a>)</li>
<li>Fix <code>GeolocateControl</code> leaking a <code>movestart</code>
listener on the map after removal, which could also crash if the control
was in active tracking state when removed (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7286">#7286</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Cap tile texture reuse pool to prevent unbounded VRAM growth during
rapid zoom/pan (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7289">#7289</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix Marker <code>click</code> listener not removed on
<code>remove()</code>, leaking the handler added in <a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7028">#7028</a>
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7287">#7287</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix Terrain GPU resource leak: free FBO, textures, and meshes when
terrain is disabled via <code>setTerrain(null)</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7288">#7288</a>)
(by <a
href="https://github.com/johanrd"><code>@​johanrd</code></a>)</li>
<li>Fix guard against partial layout in <code>PauseablePlacement</code>
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7079">#7079</a>)
(by <a
href="https://github.com/garethbowker"><code>@​garethbowker</code></a>)</li>
<li>Fix missing tile encoding for MLT queryRenderedFeatures (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7056">#7056</a>)
(by <a href="https://github.com/dannote"><code>@​dannote</code></a> and
<a
href="https://github.com/ted-piotrowski"><code>@​ted-piotrowski</code></a>)</li>
<li>Fix 3D Tiles example (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7275">#7275</a>)
(by <a
href="https://github.com/hh-hang"><code>@​hh-hang</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/44a48f868c973aaa486d96cf899f15cb474257c9"><code>44a48f8</code></a>
Bump js version to 5.21.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7304">#7304</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/7aae2263eae689b7b47b9db7a38dfa6823b6dd8e"><code>7aae226</code></a>
feat: async RequestTransformFunction (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7184">#7184</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/901b3af07e0bbb6f656664166d2b3cd546caa378"><code>901b3af</code></a>
fix: guard against unhydrated layout in PauseablePlacement (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7079">#7079</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/bab57d5a449e169b32006cbb6f5cb1cdb2d6b9e3"><code>bab57d5</code></a>
fix: store encoding when caching raw tile data for MLT
queryRenderedFeatures ...</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/bf4735e8f7bfb73a0be2859a2994d246eadc4c1f"><code>bf4735e</code></a>
chore(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7302">#7302</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/ff37d1f79f693b5fe8b07b9702a1b4a8ada5b770"><code>ff37d1f</code></a>
chore(deps): bump actions/download-artifact from 8.0.0 to 8.0.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7261">#7261</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/80a862845e01a84f756f61cf63bf42faff66536c"><code>80a8628</code></a>
chore(deps-dev): bump <code>@​types/murmurhash-js</code> from 1.0.6 to
1.0.7 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7300">#7300</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/4e21c3fe090c3033484966b9ea8b2ef640a7e92a"><code>4e21c3f</code></a>
chore(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.57.0 to 8.57.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7301">#7301</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/16bde408247bc57a58b676325272af2da01da202"><code>16bde40</code></a>
chore(deps-dev): bump nise from 6.1.3 to 6.1.4 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7297">#7297</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/c1c4252e5b8568d4a56c56f3b56d8ee9d6d107d1"><code>c1c4252</code></a>
chore(deps-dev): bump jsdom from 28.1.0 to 29.0.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7298">#7298</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.20.2...v5.21.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=maplibre-gl&package-manager=npm_and_yarn&previous-version=5.20.2&new-version=5.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:10:42 +00:00
dependabot[bot] c94c995f4c chore(deps-dev): Bump sass from 1.97.3 to 1.98.0 (#1716) 
Bumps [sass](https://github.com/sass/dart-sass) from 1.97.3 to 1.98.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/releases">sass's
releases</a>.</em></p>
<blockquote>
<h2>Dart Sass 1.98.0</h2>
<p>To install Sass 1.98.0, download one of the packages below and <a
href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or
see <a href="https://sass-lang.com/install">the Sass website</a> for
full installation instructions.</p>
<h1>Changes</h1>
<h3>Command-Line Interface</h3>
<ul>
<li>Gracefully handle dependency loops in <code>--watch</code>
mode.</li>
</ul>
<h3>Dart API</h3>
<ul>
<li>Add a <code>const Logger.defaultLogger</code> field. This provides a
logger that emits to standard error or the browser console, but
automatically chooses whether to use terminal colors.</li>
</ul>
<h3>JavaScript API</h3>
<ul>
<li>
<p>Fix a crash when manually constructing a <code>SassCalculation</code>
for <code>'calc'</code> with an argument that can't be simplified.</p>
</li>
<li>
<p>Properly emit deprecation warnings as text rather than
<code>StringBuffer</code> objects when running in a browser.</p>
</li>
<li>
<p>Emit colored warnings and other messages on the console when running
in a browser.</p>
</li>
</ul>
<p>See the <a
href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1980">full
changelog</a> for changes in earlier releases.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's
changelog</a>.</em></p>
<blockquote>
<h2>1.98.0</h2>
<h3>Command-Line Interface</h3>
<ul>
<li>Gracefully handle dependency loops in <code>--watch</code>
mode.</li>
</ul>
<h3>Dart API</h3>
<ul>
<li>Add a <code>const Logger.defaultLogger</code> field. This provides a
logger that emits to
standard error or the browser console, but automatically chooses whether
to
use terminal colors.</li>
</ul>
<h3>JavaScript API</h3>
<ul>
<li>
<p>Fix a crash when manually constructing a <code>SassCalculation</code>
for <code>'calc'</code> with
an argument that can't be simplified.</p>
</li>
<li>
<p>Properly emit deprecation warnings as text rather than
<code>StringBuffer</code> objects
when running in a browser.</p>
</li>
<li>
<p>Emit colored warnings and other messages on the console when running
in a
browser.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sass/dart-sass/commit/5a81ae3348caab2131ee08c8c0141337420372b5"><code>5a81ae3</code></a>
Bump version to 1.98.0 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2754">#2754</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/e25e71ddd86b29b6a91f189a1211656081d1932a"><code>e25e71d</code></a>
Update immutable to v5.1.5 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2753">#2753</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/43fac1a989ce2a9ee66d95d99f739881462ee3a8"><code>43fac1a</code></a>
Bump actions/upload-artifact from 6 to 7 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2747">#2747</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/8b85c9aae6af8cb4bd3f6717ed3aae5c1065fe6d"><code>8b85c9a</code></a>
Bump actions/download-artifact from 7 to 8 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2749">#2749</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/00f83f0c12318e48d7f0f77e2f22e2b59966093c"><code>00f83f0</code></a>
Bump postcss from 8.5.6 to 8.5.8 in /pkg/sass-parser (<a
href="https://redirect.github.com/sass/dart-sass/issues/2752">#2752</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/0a325a46a76c6a1d312aaab5a6b1f9a80d453594"><code>0a325a4</code></a>
Bump actions/attest-build-provenance from 3 to 4 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2748">#2748</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/7fb3c0f61adaa73be963408fbce29bdc596297c3"><code>7fb3c0f</code></a>
Gracefully handle dependency loops in watch mode (<a
href="https://redirect.github.com/sass/dart-sass/issues/2746">#2746</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/e86d0445ecc82687b29ff4784d8d6a86c1ca92f2"><code>e86d044</code></a>
Bump eslint from 9.39.3 to 10.0.1 in /pkg/sass-parser (<a
href="https://redirect.github.com/sass/dart-sass/issues/2743">#2743</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/4bcd256f99df392d3e54a96692a991a1f287bd05"><code>4bcd256</code></a>
Add Logger.defaultLogger to automatically choose whether to use colors
(<a
href="https://redirect.github.com/sass/dart-sass/issues/2742">#2742</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/c3f8ff0f6cc43f194c2989eaaf5b720f34943ec4"><code>c3f8ff0</code></a>
Always convert printed objects to strings in JS (<a
href="https://redirect.github.com/sass/dart-sass/issues/2741">#2741</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/sass/dart-sass/compare/1.97.3...1.98.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sass&package-manager=npm_and_yarn&previous-version=1.97.3&new-version=1.98.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:10:07 +00:00
dependabot[bot] 085b3ff0d0 chore(deps): Bump codecov/codecov-action from 5.5.2 to 5.5.3 (#1735) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
5.5.2 to 5.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.5.3</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1874">codecov/codecov-action#1874</a></li>
<li>chore(release): bump to 5.5.3 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1922">codecov/codecov-action#1922</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3">https://github.com/codecov/codecov-action/compare/v5.5.2...v5.5.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's
changelog</a>.</em></p>
<blockquote>
<h2>v5.5.2</h2>
<h3>What's Changed</h3>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2">https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2</a></p>
<h2>v5.5.1</h2>
<h3>What's Changed</h3>
<ul>
<li>fix: overwrite pr number on fork by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1871">codecov/codecov-action#1871</a></li>
<li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1868">codecov/codecov-action#1868</a></li>
<li>build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1867">codecov/codecov-action#1867</a></li>
<li>fix: update to use local app/ dir by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1872">codecov/codecov-action#1872</a></li>
<li>docs: fix typo in README by <a
href="https://github.com/datalater"><code>@​datalater</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1866">codecov/codecov-action#1866</a></li>
<li>Document a <code>codecov-cli</code> version reference example by <a
href="https://github.com/webknjaz"><code>@​webknjaz</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1774">codecov/codecov-action#1774</a></li>
<li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1861">codecov/codecov-action#1861</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1833">codecov/codecov-action#1833</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1">https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1</a></p>
<h2>v5.5.0</h2>
<h3>What's Changed</h3>
<ul>
<li>feat: upgrade wrapper to 0.2.4 by <a
href="https://github.com/jviall"><code>@​jviall</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1864">codecov/codecov-action#1864</a></li>
<li>Pin actions/github-script by Git SHA by <a
href="https://github.com/martincostello"><code>@​martincostello</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1859">codecov/codecov-action#1859</a></li>
<li>fix: check reqs exist by <a
href="https://github.com/joseph-sentry"><code>@​joseph-sentry</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1835">codecov/codecov-action#1835</a></li>
<li>fix: Typo in README by <a
href="https://github.com/spalmurray"><code>@​spalmurray</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1838">codecov/codecov-action#1838</a></li>
<li>docs: Refine OIDC docs by <a
href="https://github.com/spalmurray"><code>@​spalmurray</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1837">codecov/codecov-action#1837</a></li>
<li>build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1829">codecov/codecov-action#1829</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0">https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0</a></p>
<h2>v5.4.3</h2>
<h3>What's Changed</h3>
<ul>
<li>build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1822">codecov/codecov-action#1822</a></li>
<li>fix: OIDC on forks by <a
href="https://github.com/joseph-sentry"><code>@​joseph-sentry</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1823">codecov/codecov-action#1823</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3">https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3</a></p>
<h2>v5.4.2</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/codecov/codecov-action/commit/1af58845a975a7985b0beb0cbe6fbbb71a41dbad"><code>1af5884</code></a>
chore(release): bump to 5.5.3 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1922">#1922</a>)</li>
<li><a
href="https://github.com/codecov/codecov-action/commit/c143300dea6c9a730986ff862c5bf4d458927ef8"><code>c143300</code></a>
build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1874">#1874</a>)</li>
<li>See full diff in <a
href="https://github.com/codecov/codecov-action/compare/671740ac38dd9b0130fbe1cec585b89eea48d3de...1af58845a975a7985b0beb0cbe6fbbb71a41dbad">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=5.5.2&new-version=5.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:07:48 +00:00
dependabot[bot] 853f815767 chore(deps-dev): Bump @types/color from 4.2.0 to 4.2.1 (#1734) 
Bumps
[@types/color](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/color)
from 4.2.0 to 4.2.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/color">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/color&package-manager=npm_and_yarn&previous-version=4.2.0&new-version=4.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:01:54 +00:00
dependabot[bot] fb37f88f79 chore(deps): Bump ol-mapbox-style from 13.3.0 to 13.4.0 (#1733) 
Bumps [ol-mapbox-style](https://github.com/openlayers/ol-mapbox-style)
from 13.3.0 to 13.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/ol-mapbox-style/releases">ol-mapbox-style's
releases</a>.</em></p>
<blockquote>
<h2>v13.4.0</h2>
<h2>Summary</h2>
<ul>
<li>New hillshading options</li>
<li>Support for the <code>line-offset</code> paint property</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Changes for v13.2.0 by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1387">openlayers/ol-mapbox-style#1387</a></li>
<li>feat: prevent redundant font loading requests with font-weight
ranges by <a
href="https://github.com/spliffone"><code>@​spliffone</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1398">openlayers/ol-mapbox-style#1398</a></li>
<li>Bump lodash from 4.17.21 to 4.17.23 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1399">openlayers/ol-mapbox-style#1399</a></li>
<li>Fix background layer source reuse breaking vector layers by <a
href="https://github.com/dleone13-terp"><code>@​dleone13-terp</code></a>
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1400">openlayers/ol-mapbox-style#1400</a></li>
<li>Bump qs, body-parser and express by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1393">openlayers/ol-mapbox-style#1393</a></li>
<li>Bump typedoc from 0.28.14 to 0.28.15 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1389">openlayers/ol-mapbox-style#1389</a></li>
<li>Bump puppeteer from 24.33.1 to 24.34.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1390">openlayers/ol-mapbox-style#1390</a></li>
<li>Bump html-webpack-plugin from 5.6.4 to 5.6.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1391">openlayers/ol-mapbox-style#1391</a></li>
<li>Bump <code>@​maplibre/maplibre-gl-style-spec</code> from 23.3.0 to
24.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1388">openlayers/ol-mapbox-style#1388</a></li>
<li>Bump <code>@​rollup/plugin-node-resolve</code> from 16.0.1 to 16.0.3
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1392">openlayers/ol-mapbox-style#1392</a></li>
<li>Bump webpack from 5.102.1 to 5.105.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1406">openlayers/ol-mapbox-style#1406</a></li>
<li>Bump puppeteer from 24.34.0 to 24.36.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1401">openlayers/ol-mapbox-style#1401</a></li>
<li>Bump html-webpack-plugin from 5.6.5 to 5.6.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1403">openlayers/ol-mapbox-style#1403</a></li>
<li>Bump mini-css-extract-plugin from 2.9.4 to 2.10.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1405">openlayers/ol-mapbox-style#1405</a></li>
<li>Bump rollup from 4.46.2 to 4.56.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1402">openlayers/ol-mapbox-style#1402</a></li>
<li>Bump webpack-dev-server from 5.2.2 to 5.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1404">openlayers/ol-mapbox-style#1404</a></li>
<li>Changes for 13.2.1 by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1407">openlayers/ol-mapbox-style#1407</a></li>
<li>Better match the visual hillshade appearance of MapLibre by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1409">openlayers/ol-mapbox-style#1409</a></li>
<li>Updates for Mapbox compatibility by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1415">openlayers/ol-mapbox-style#1415</a></li>
<li>Bump qs from 6.14.1 to 6.14.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1410">openlayers/ol-mapbox-style#1410</a></li>
<li>Bump sinon from 21.0.0 to 21.0.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1411">openlayers/ol-mapbox-style#1411</a></li>
<li>Bump css-loader from 7.1.2 to 7.1.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1412">openlayers/ol-mapbox-style#1412</a></li>
<li>Bump puppeteer from 24.36.0 to 24.37.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1413">openlayers/ol-mapbox-style#1413</a></li>
<li>Bump globals from 16.5.0 to 17.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1414">openlayers/ol-mapbox-style#1414</a></li>
<li>Changes for 13.3.0 by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1416">openlayers/ol-mapbox-style#1416</a></li>
<li>Raster contrast and alpha fixes; add zoom exaggeration for DEM by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1424">openlayers/ol-mapbox-style#1424</a></li>
<li>New hillshading options by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1425">openlayers/ol-mapbox-style#1425</a></li>
<li>Isolate text color and halo by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1428">openlayers/ol-mapbox-style#1428</a></li>
<li>Bump webpack from 5.105.0 to 5.105.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1418">openlayers/ol-mapbox-style#1418</a></li>
<li>feat: added line-offset by <a
href="https://github.com/ElGreeno"><code>@​ElGreeno</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1430">openlayers/ol-mapbox-style#1430</a></li>
<li>Bump css-loader from 7.1.3 to 7.1.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1419">openlayers/ol-mapbox-style#1419</a></li>
<li>Bump proj4 from 2.19.10 to 2.20.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1420">openlayers/ol-mapbox-style#1420</a></li>
<li>Bump puppeteer from 24.37.3 to 24.37.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1421">openlayers/ol-mapbox-style#1421</a></li>
<li>Bump basic-ftp from 5.1.0 to 5.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1422">openlayers/ol-mapbox-style#1422</a></li>
<li>Bump minimatch by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1423">openlayers/ol-mapbox-style#1423</a></li>
<li>Bump rollup from 4.57.1 to 4.59.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1426">openlayers/ol-mapbox-style#1426</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/spliffone"><code>@​spliffone</code></a>
made their first contribution in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1398">openlayers/ol-mapbox-style#1398</a></li>
<li><a
href="https://github.com/dleone13-terp"><code>@​dleone13-terp</code></a>
made their first contribution in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1400">openlayers/ol-mapbox-style#1400</a></li>
<li><a href="https://github.com/ElGreeno"><code>@​ElGreeno</code></a>
made their first contribution in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1430">openlayers/ol-mapbox-style#1430</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/openlayers/ol-mapbox-style/compare/v13.2.0...v13.4.0">https://github.com/openlayers/ol-mapbox-style/compare/v13.2.0...v13.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/ol-mapbox-style/blob/main/CHANGELOG.md">ol-mapbox-style's
changelog</a>.</em></p>
<blockquote>
<h2>13.4.0</h2>
<ul>
<li>New hillshading options</li>
<li>Support for the <code>line-offset</code> paint property</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/0c53469f003afd099acabee1a74c114d09f5bfc1"><code>0c53469</code></a>
Add dist for v13.4.0</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/83733d0b913f0bdb153432adb2f6d9fbef81c018"><code>83733d0</code></a>
Changes for 13.4.0</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/662df98125db130dc1da627da2dfaa201be30228"><code>662df98</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1426">#1426</a>
from openlayers/dependabot/npm_and_yarn/rollup-4.59.0</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/9d416bbcd474947ab1ed6de1318d0be34cb4bd92"><code>9d416bb</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1423">#1423</a>
from openlayers/dependabot/npm_and_yarn/multi-bcbe54...</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/45d75ddfc8270faf6008b403d00719390e112919"><code>45d75dd</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1422">#1422</a>
from openlayers/dependabot/npm_and_yarn/basic-ftp-5.2.0</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/b46de6350fe30a102410f0b8a6d5436f6d8ba833"><code>b46de63</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1421">#1421</a>
from openlayers/dependabot/npm_and_yarn/puppeteer-24...</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/8683d0a04e804ee06262e74ff840ecd6b881809f"><code>8683d0a</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1420">#1420</a>
from openlayers/dependabot/npm_and_yarn/proj4-2.20.2</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/3681972017804e9bba7200c57a32e8edd14c4b75"><code>3681972</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1419">#1419</a>
from openlayers/dependabot/npm_and_yarn/css-loader-7...</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/831993b8a9d8aefe83c91d58c2ab02979875fde1"><code>831993b</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1430">#1430</a>
from ElGreeno/add-line-offset</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/bfb2c342b5c317812baf0a12b442fcaae04badf9"><code>bfb2c34</code></a>
feat: added line-offset</li>
<li>Additional commits viewable in <a
href="https://github.com/openlayers/ol-mapbox-style/compare/v13.3.0...v13.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ol-mapbox-style&package-manager=npm_and_yarn&previous-version=13.3.0&new-version=13.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:01:27 +00:00
dependabot[bot] 9d690ba977 chore(deps): Bump i18next from 25.8.18 to 25.8.20 (#1731) 
Bumps [i18next](https://github.com/i18next/i18next) from 25.8.18 to
25.8.20.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.8.20</h2>
<ul>
<li>
<ul>
<li>fix: <code>getFixedT()</code> selector now resolves namespaces
against the effective <code>ns</code> rather than the global init
options <a
href="https://redirect.github.com/i18next/i18next/issues/2406">#2406</a></li>
</ul>
</li>
</ul>
<h2>v25.8.19</h2>
<ul>
<li>fix: selector API namespace resolution regression for single-string
<code>ns</code> and primary namespace in array <a
href="https://redirect.github.com/i18next/i18next/issues/2405">#2405</a>.
Reverts the broad namespace-prefix rewrite from v25.8.15 and replaces it
with a targeted fix that only rewrites paths starting with a secondary
namespace in a multi-namespace array, matching the type-level contract
of <code>GetSource</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.8.20</h2>
<ul>
<li>
<ul>
<li>fix: <code>getFixedT()</code> selector now resolves namespaces
against the effective <code>ns</code> rather than the global init
options <a
href="https://redirect.github.com/i18next/i18next/issues/2406">2406</a></li>
</ul>
</li>
</ul>
<h2>25.8.19</h2>
<ul>
<li>fix: selector API namespace resolution regression for single-string
<code>ns</code> and primary namespace in array <a
href="https://redirect.github.com/i18next/i18next/issues/2405">2405</a>.
Reverts the broad namespace-prefix rewrite from v25.8.15 and replaces it
with a targeted fix that only rewrites paths starting with a secondary
namespace in a multi-namespace array, matching the type-level contract
of <code>GetSource</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/037e978f33a2bf8f232bdbbc029a296ca89c4288"><code>037e978</code></a>
25.8.20</li>
<li><a
href="https://github.com/i18next/i18next/commit/8750f7165c70834774501dab2902d5fc89a49ad6"><code>8750f71</code></a>
fix: <code>getFixedT()</code> selector now resolves namespaces against
the effective `ns...</li>
<li><a
href="https://github.com/i18next/i18next/commit/4736b20b16ee08ff38e0bd939ee95e92994a3c2d"><code>4736b20</code></a>
jsr update</li>
<li><a
href="https://github.com/i18next/i18next/commit/160cde565cc9d72997f1575ede32d94e7230a22c"><code>160cde5</code></a>
25.8.19</li>
<li><a
href="https://github.com/i18next/i18next/commit/88d5145131be3fe98b90567ed26d0d08cd01b2c8"><code>88d5145</code></a>
fix <a
href="https://redirect.github.com/i18next/i18next/issues/2405">#2405</a>
by reverting changes in v25.8.15</li>
<li><a
href="https://github.com/i18next/i18next/commit/938fd1c8492ff8078af5ee2e5c35c630da12aeb8"><code>938fd1c</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.8.18...v25.8.20">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.8.18&new-version=25.8.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:00:53 +00:00
dependabot[bot] e54bf949fc chore(deps-dev): Bump stylelint from 17.4.0 to 17.5.0 (#1732) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.4.0 to
17.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.5.0</h2>
<p>It deprecates two rule options, adds 1 rule option and fixes 7 bugs.
We've also released <a
href="https://github.com/stylelint/vscode-stylelint/releases/tag/2.1.0"><code>2.1.0</code></a>
of <a
href="https://marketplace.visualstudio.com/items?itemName=stylelint.vscode-stylelint">our
VS Code extension</a>, which adds 8 new requested features, and our <a
href="https://www.npmjs.com/package/@stylelint/language-server">first
release</a> of the Stylelint Language Server.</p>
<ul>
<li>Deprecated: <code>*syntax</code> options from
<code>declaration-property-value-no-unknown</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9102">#9102</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Added: <code>ignoreMediaFeatureNameValues: {}</code> to
<code>media-feature-name-value-no-unknown</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8976">#8976</a>)
(<a href="https://github.com/kovsu"><code>@​kovsu</code></a>).</li>
<li>Fixed: <code>node_modules</code> not ignored when using
<code>codeFilename</code> in Node.js API (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9130">#9130</a>)
(<a
href="https://github.com/adalinesimonian"><code>@​adalinesimonian</code></a>).</li>
<li>Fixed: <code>Error TS7016</code> for imported <code>css-tree</code>
types (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9133">#9133</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Fixed: <code>declaration-property-value-keyword-no-deprecated</code>
false positives for function arguments (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9116">#9116</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Fixed: <code>declaration-property-value-no-unknown</code> false
positives for <code>calc-size()</code> containing <code>size</code>
keyword (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9105">#9105</a>)
(<a href="https://github.com/hriztam"><code>@​hriztam</code></a>).</li>
<li>Fixed: <code>no-descending-specificity</code> &amp;
<code>no-duplicate-selectors</code> false negatives for equivalent
compound selectors (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8977">#8977</a>)
(<a href="https://github.com/kovsu"><code>@​kovsu</code></a>).</li>
<li>Fixed: <code>no-invalid-position-declaration</code> false positives
for <code>@mixin</code> and <code>@scope</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9120">#9120</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Fixed: <code>property-no-unknown</code> false negatives for
<code>types</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9117">#9117</a>)
(<a
href="https://github.com/Mouvedia"><code>@​Mouvedia</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.5.0 - 2026-03-19</h2>
<p>It deprecates two rule options, adds 1 rule option and fixes 7 bugs.
We've also released <a
href="https://github.com/stylelint/vscode-stylelint/releases/tag/2.1.0"><code>2.1.0</code></a>
of <a
href="https://marketplace.visualstudio.com/items?itemName=stylelint.vscode-stylelint">our
VS Code extension</a>, which adds 8 new requested features, and our <a
href="https://www.npmjs.com/package/@stylelint/language-server">first
release</a> of the Stylelint Language Server.</p>
<ul>
<li>Deprecated: <code>*syntax</code> options from
<code>declaration-property-value-no-unknown</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9102">#9102</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Added: <code>ignoreMediaFeatureNameValues: {}</code> to
<code>media-feature-name-value-no-unknown</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8976">#8976</a>)
(<a href="https://github.com/kovsu"><code>@​kovsu</code></a>).</li>
<li>Fixed: <code>node_modules</code> not ignored when using
<code>codeFilename</code> in Node.js API (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9130">#9130</a>)
(<a
href="https://github.com/adalinesimonian"><code>@​adalinesimonian</code></a>).</li>
<li>Fixed: <code>Error TS7016</code> for imported <code>css-tree</code>
types (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9133">#9133</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Fixed: <code>declaration-property-value-keyword-no-deprecated</code>
false positives for function arguments (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9116">#9116</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Fixed: <code>declaration-property-value-no-unknown</code> false
positives for <code>calc-size()</code> containing <code>size</code>
keyword (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9105">#9105</a>)
(<a href="https://github.com/hriztam"><code>@​hriztam</code></a>).</li>
<li>Fixed: <code>no-descending-specificity</code> &amp;
<code>no-duplicate-selectors</code> false negatives for equivalent
compound selectors (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8977">#8977</a>)
(<a href="https://github.com/kovsu"><code>@​kovsu</code></a>).</li>
<li>Fixed: <code>no-invalid-position-declaration</code> false positives
for <code>@mixin</code> and <code>@scope</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9120">#9120</a>)
(<a
href="https://github.com/ragini-pandey"><code>@​ragini-pandey</code></a>).</li>
<li>Fixed: <code>property-no-unknown</code> false negatives for
<code>types</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9117">#9117</a>)
(<a
href="https://github.com/Mouvedia"><code>@​Mouvedia</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/8d0198af1bfb6a144d8fce9a094754e41c148237"><code>8d0198a</code></a>
Release 17.5.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9160">#9160</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/3ba50ac3e6e915774a587ff119c0b609b506705e"><code>3ba50ac</code></a>
Add <code>ignoreMediaFeatureNameValues: {}</code> to
`media-feature-name-value-no-unknow...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/77dfd01d01d38711e35e8dead4440df179698808"><code>77dfd01</code></a>
Fix <code>no-invalid-position-declaration</code> false positives for
<code>@mixin</code> and `@scop...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/7cde2d0ccf5547a28a8f7a6be56e505441a6f437"><code>7cde2d0</code></a>
Fix <code>declaration-property-value-keyword-no-deprecated</code> false
positives for fu...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/7b10658abb77a2ab309adca2f077062d80467f3a"><code>7b10658</code></a>
Fix <code>declaration-property-value-no-unknown</code> false positives
for <code>calc-size()</code>...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/e5b9ec7ad4437eae9dd9b2a7677b785dd25c51a3"><code>e5b9ec7</code></a>
Deprecate <code>*syntax</code> options from
<code>declaration-property-value-no-unknown</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9102">#9102</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/5bd2d21e8a6b47f529314284d162e6dcb37ef681"><code>5bd2d21</code></a>
Bump css-tree from 3.1.0 to 3.2.1 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9158">#9158</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/995caf4ea7c7fd0e352cdec026a3edd9af6b665f"><code>995caf4</code></a>
Bump eslint from 10.0.2 to 10.0.3 in the eslint group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9156">#9156</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/f5f6dddc6b1b4e11dfc701dc40ee4b496252e848"><code>f5f6ddd</code></a>
Bump lint-staged from 16.2.7 to 16.3.3 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9159">#9159</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/68948180cd615f91baf2bc19d5999be814102f2b"><code>6894818</code></a>
Bump the jest group with 2 updates (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9157">#9157</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.4.0...17.5.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Install script changes</summary>
<p>This version modifies <code>prepare</code> script that runs during
installation. Review the package contents before updating.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.4.0&new-version=17.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 14:00:50 +00:00
dependabot[bot] be1723d275 chore(deps-dev): Bump flatted from 3.3.3 to 3.4.2 (#1729) 
Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to
3.4.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/WebReflection/flatted/commit/3bf09091c3562e17a0647bc06710dd6097079cf7"><code>3bf0909</code></a>
3.4.2</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"><code>885ddcc</code></a>
fix CWE-1321</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/0bdba705d130f00892b1b8fcc80cf4cdea0631e3"><code>0bdba70</code></a>
added flatted-view to the benchmark</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/2a02dce7c641dec31194c67663f9b0b12e62da20"><code>2a02dce</code></a>
3.4.1</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/fba4e8f2e113665da275b19cd0f695f3d98e9416"><code>fba4e8f</code></a>
Merge pull request <a
href="https://redirect.github.com/WebReflection/flatted/issues/89">#89</a>
from WebReflection/python-fix</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/5fe86485e6df7f7f34a07a2a85498bd3e17384e7"><code>5fe8648</code></a>
added &quot;when in Rome&quot; also a test for PHP</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/53517adbefe724fe472b2f9ebcdb01910d0ae3f0"><code>53517ad</code></a>
some minor improvement</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/b3e2a0c387bf446435fec45ad7f05299f012346f"><code>b3e2a0c</code></a>
Fixing recursion issue in Python too</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/c4b46dbcbf782326e54ea1b65d3ebb1dc7a23fad"><code>c4b46db</code></a>
Add SECURITY.md for security policy and reporting</li>
<li><a
href="https://github.com/WebReflection/flatted/commit/f86d071e0f70de5a7d8200198824a3f07fc9c988"><code>f86d071</code></a>
Create dependabot.yml for version updates</li>
<li>Additional commits viewable in <a
href="https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flatted&package-manager=npm_and_yarn&previous-version=3.3.3&new-version=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 14:01:06 +00:00
dependabot[bot] da98c58df0 chore(deps-dev): Bump typescript-eslint from 8.57.0 to 8.57.1 (#1728) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.57.0 to 8.57.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.57.1</h2>
<h2>8.57.1 (2026-03-16)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [prefer-optional-chain] no report
for property on intersection type (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12126">#12126</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Newton Yuan <a
href="https://github.com/NewtonYuan"><code>@​NewtonYuan</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.57.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.57.1 (2026-03-16)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.57.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/c7c38aa252d7bf6708a225aebedc57686ac33dcd"><code>c7c38aa</code></a>
chore(release): publish 8.57.1</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.57.0&new-version=8.57.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 13:53:03 +00:00
dependabot[bot] 1aaae625eb chore(deps): Bump maplibre-gl from 5.19.0 to 5.20.2 (#1726) 
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from
5.19.0 to 5.20.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/releases">maplibre-gl's
releases</a>.</em></p>
<blockquote>
<h2>v5.20.2</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix update GeoJSON when using diff update by updating geojson-vt
package (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7257">#7257</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
</ul>
<h2>v5.20.1</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix cannot read properties of undefined (reading 'range') by
updating geojson-vt package (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7245">#7245</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Fix a bug where <code>raster-resampling: nearest</code> was not
applied as expected (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7247">#7247</a>)
(by <a href="https://github.com/yano-h"><code>@​yano-h</code></a>)</li>
</ul>
<h2>v5.20.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add Etag unmodified support to optimize vector tile reloading (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7074">#7074</a>)
(by [<a
href="https://github.com/rivkamatan"><code>@​rivkamatan</code></a>](<a
href="https://github.com/rivkamatan">https://github.com/rivkamatan</a>
and <a
href="https://github.com/wayofthefuture"><code>@​wayofthefuture</code></a>)</li>
<li>Add <code>boxZoom.boxZoomEnd</code> option to customize the action
after Shift-drag box selection (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6397">#6397</a>)
(by <a href="https://github.com/itisyb"><code>@​itisyb</code></a>)</li>
<li>Implement <code>resampling</code> paint property for raster,
hillshade, and color-relief layers (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7194">#7074</a>)
(by <a
href="https://github.com/larsmaxfield"><code>@​larsmaxfield</code></a>)</li>
<li>Add updateable support for GeoJSON-VT (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7172">#7172</a>)
(by <a
href="https://github.com/wayofthefuture"><code>@​wayofthefuture</code></a>
and <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Add example for 3D Tiles using three.js (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7198">#7198</a>)
(by <a
href="https://github.com/hh-hang"><code>@​hh-hang</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix: Distance to tile is calculated incorrectly in globe projection
for high pitch angles (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7219">#7219</a>)
(by <a href="https://github.com/jtfedd"><code>@​jtfedd</code></a>)</li>
<li>Fix: Tiles are not cleared when using vector tile source
<code>setUrl/setTiles</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7185">#7185</a>)
(by <a href="https://github.com/madoci"><code>@​madoci</code></a>)</li>
<li>Fix: Allow opaque origins (&quot;null&quot;) in Actor message
filtering (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7047">#7047</a>)
(by <a
href="https://github.com/pcardinal"><code>@​pcardinal</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's
changelog</a>.</em></p>
<blockquote>
<h2>5.20.2</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix update GeoJSON when using diff update by updating geojson-vt
package (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7257">#7257</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
</ul>
<h2>5.20.1</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix cannot read properties of undefined (reading 'range') by
updating geojson-vt package (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7245">#7245</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Fix a bug where <code>raster-resampling: nearest</code> was not
applied as expected (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7247">#7247</a>)
(by <a href="https://github.com/yano-h"><code>@​yano-h</code></a>)</li>
</ul>
<h2>5.20.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add Etag unmodified support to optimize vector tile reloading (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7074">#7074</a>)
(by [<a
href="https://github.com/rivkamatan"><code>@​rivkamatan</code></a>](<a
href="https://github.com/rivkamatan">https://github.com/rivkamatan</a>
and <a
href="https://github.com/wayofthefuture"><code>@​wayofthefuture</code></a>)</li>
<li>Add <code>boxZoom.boxZoomEnd</code> option to customize the action
after Shift-drag box selection (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/6397">#6397</a>)
(by <a href="https://github.com/itisyb"><code>@​itisyb</code></a>)</li>
<li>Implement <code>resampling</code> paint property for raster,
hillshade, and color-relief layers (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7194">#7074</a>)
(by <a
href="https://github.com/larsmaxfield"><code>@​larsmaxfield</code></a>)</li>
<li>Add updateable support for GeoJSON-VT (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7172">#7172</a>)
(by <a
href="https://github.com/wayofthefuture"><code>@​wayofthefuture</code></a>
and <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Add example for 3D Tiles using three.js (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7198">#7198</a>)
(by <a
href="https://github.com/hh-hang"><code>@​hh-hang</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix: Distance to tile is calculated incorrectly in globe projection
for high pitch angles (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7219">#7219</a>)
(by <a href="https://github.com/jtfedd"><code>@​jtfedd</code></a>)</li>
<li>Fix: Tiles are not cleared when using vector tile source
<code>setUrl/setTiles</code> (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7185">#7185</a>)
(by <a href="https://github.com/madoci"><code>@​madoci</code></a>)</li>
<li>Fix: Allow opaque origins (&quot;null&quot;) in Actor message
filtering (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7047">#7047</a>)
(by <a
href="https://github.com/pcardinal"><code>@​pcardinal</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/109fa99ea55c16a26cf8ce294d96bf4b0b93524a"><code>109fa99</code></a>
Bump js version to 5.20.2 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7274">#7274</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/44a70ea41ebc5fb08460dd2d6f32fda45277da28"><code>44a70ea</code></a>
chore(deps-dev): bump puppeteer from 24.39.0 to 24.39.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7269">#7269</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/34afdcaed628319a015aef59682272b0b81f0d38"><code>34afdca</code></a>
chore(deps): bump <code>@​maplibre/geojson-vt</code> from 6.0.2 to 6.0.3
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7270">#7270</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/8dce8fbce0a8d7ef05c1727f821e3db5f8c3079b"><code>8dce8fb</code></a>
chore(deps-dev): bump <code>@​vitest/eslint-plugin</code> in the vitest
group (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7268">#7268</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/ed6aa7159b682fb0269f4ec108c08b8893615fb9"><code>ed6aa71</code></a>
Remove unused import 'vi' from raster_style_layer test (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7266">#7266</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/eb88b98ddb9ed88b427f4637a4507f8a548ad48e"><code>eb88b98</code></a>
chore(deps-dev): bump puppeteer from 24.38.0 to 24.39.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7264">#7264</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/4dcf61778a72ca2d2aa66faa261185cb730cb5ef"><code>4dcf617</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 25.4.0 to 25.5.0
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7263">#7263</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/52e6738ea5000bca68266e8876e4e2de7491fc80"><code>52e6738</code></a>
chore(deps-dev): bump the vitest group with 4 updates (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7262">#7262</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/38e2bc073b63c02a7826e4a5b5dc1214e255d5bc"><code>38e2bc0</code></a>
chore(deps-dev): bump undici from 7.21.0 to 7.24.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7259">#7259</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/f293c20bb7317d0c4704434d21d581c2a2a454ba"><code>f293c20</code></a>
Bump js version to 5.20.1 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7256">#7256</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.19.0...v5.20.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=maplibre-gl&package-manager=npm_and_yarn&previous-version=5.19.0&new-version=5.20.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 13:52:03 +00:00
dependabot[bot] ea415611a4 chore(deps-dev): Bump i18next-cli from 1.50.1 to 1.50.3 (#1725) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.50.1
to 1.50.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.50.2...v1.50.3">1.50.3</a>
- 2026-03-16</h2>
<ul>
<li>Improve <code>status</code> output to distinguish between
<strong>untranslated</strong> keys (present
in the file with an empty value — needs translation) and
<strong>absent</strong> keys
(missing from the file entirely — probably structural problem). Both
still cause a
non-zero exit. Addresses <a
href="https://redirect.github.com/i18next/i18next-cli/issues/220">#220</a>.</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.50.1...v1.50.2">1.50.2</a>
- 2026-03-16</h2>
<ul>
<li>try to address <a
href="https://redirect.github.com/i18next/i18next-cli/issues/218">#218</a>
by updating <code>i18next-resources-for-ts</code> dependency</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/1770d8c7616e4d328adbe8a980e1862f5414a1ec"><code>1770d8c</code></a>
1.50.3</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/77936ea38014335d60ff276e2d73756cd340a70b"><code>77936ea</code></a>
improve status output to help distinguish <a
href="https://redirect.github.com/i18next/i18next-cli/issues/220">#220</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/6ea3b097f3a4976e9da59247516f5b302d1388d7"><code>6ea3b09</code></a>
1.50.2</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/ee054be255c8bfca54129f026d99aec077c81ef9"><code>ee054be</code></a>
try to address <a
href="https://redirect.github.com/i18next/i18next-cli/issues/218">#218</a>
by updating <code>i18next-resources-for-ts</code> dependency</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next-cli/compare/v1.50.1...v1.50.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.50.1&new-version=1.50.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 13:51:37 +00:00
dependabot[bot] 9be7f9dfb2 chore(deps): Bump github/codeql-action from 4.32.6 to 4.33.0 (#1724) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.32.6 to 4.33.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.33.0</h2>
<ul>
<li>
<p>Upcoming change: Starting April 2026, the CodeQL Action will skip
collecting file coverage information on pull requests to improve
analysis performance. File coverage information will still be computed
on non-PR analyses. Pull request analyses will log a warning about this
upcoming change. <a
href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p>
<p>To opt out of this change:</p>
<ul>
<li><strong>Repositories owned by an organization:</strong> Create a
custom repository property with the name
<code>github-codeql-file-coverage-on-prs</code> and the type
&quot;True/false&quot;, then set this property to <code>true</code> in
the repository's settings. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>.
Alternatively, if you are using an advanced setup workflow, you can set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using default setup:</strong> Switch
to an advanced setup workflow and set the
<code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to
<code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using advanced setup:</strong> Set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
</ul>
</li>
<li>
<p>Fixed <a
href="https://redirect.github.com/github/codeql-action/issues/3555">a
bug</a> which caused the CodeQL Action to fail loading repository
properties if a &quot;Multi select&quot; repository property was
configured for the repository. <a
href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p>
</li>
<li>
<p>The CodeQL Action now loads <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom
repository properties</a> on GitHub Enterprise Server, enabling the
customization of features such as
<code>github-codeql-disable-overlay</code> that was previously only
available on GitHub.com. <a
href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p>
</li>
<li>
<p>Once <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a> can be configured with OIDC-based authentication
for organizations, the CodeQL Action will now be able to accept such
configurations. <a
href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p>
</li>
<li>
<p>Fixed the retry mechanism for database uploads. Previously this would
fail with the error &quot;Response body object should not be disturbed
or locked&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p>
</li>
<li>
<p>A warning is now emitted if the CodeQL Action detects a repository
property whose name suggests that it relates to the CodeQL Action, but
which is not one of the properties recognised by the current version of
the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<ul>
<li>Added an experimental change which disables TRAP caching when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> is enabled, since improved incremental analysis
supersedes TRAP caching. This will improve performance and reduce
Actions cache usage. We expect to roll this change out to everyone in
March. <a
href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li>
</ul>
<h2>4.33.0 - 16 Mar 2026</h2>
<ul>
<li>
<p>Upcoming change: Starting April 2026, the CodeQL Action will skip
collecting file coverage information on pull requests to improve
analysis performance. File coverage information will still be computed
on non-PR analyses. Pull request analyses will log a warning about this
upcoming change. <a
href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p>
<p>To opt out of this change:</p>
<ul>
<li><strong>Repositories owned by an organization:</strong> Create a
custom repository property with the name
<code>github-codeql-file-coverage-on-prs</code> and the type
&quot;True/false&quot;, then set this property to <code>true</code> in
the repository's settings. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>.
Alternatively, if you are using an advanced setup workflow, you can set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using default setup:</strong> Switch
to an advanced setup workflow and set the
<code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to
<code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using advanced setup:</strong> Set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
</ul>
</li>
<li>
<p>Fixed <a
href="https://redirect.github.com/github/codeql-action/issues/3555">a
bug</a> which caused the CodeQL Action to fail loading repository
properties if a &quot;Multi select&quot; repository property was
configured for the repository. <a
href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p>
</li>
<li>
<p>The CodeQL Action now loads <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom
repository properties</a> on GitHub Enterprise Server, enabling the
customization of features such as
<code>github-codeql-disable-overlay</code> that was previously only
available on GitHub.com. <a
href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p>
</li>
<li>
<p>Once <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a> can be configured with OIDC-based authentication
for organizations, the CodeQL Action will now be able to accept such
configurations. <a
href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p>
</li>
<li>
<p>Fixed the retry mechanism for database uploads. Previously this would
fail with the error &quot;Response body object should not be disturbed
or locked&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p>
</li>
<li>
<p>A warning is now emitted if the CodeQL Action detects a repository
property whose name suggests that it relates to the CodeQL Action, but
which is not one of the properties recognised by the current version of
the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p>
</li>
</ul>
<h2>4.32.6 - 05 Mar 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li>
</ul>
<h2>4.32.5 - 02 Mar 2026</h2>
<ul>
<li>Repositories owned by an organization can now set up the
<code>github-codeql-disable-overlay</code> custom repository property to
disable <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis for CodeQL</a>. First, create a custom repository
property with the name <code>github-codeql-disable-overlay</code> and
the type &quot;True/false&quot; in the organization's settings. Then in
the repository's settings, set this property to <code>true</code> to
disable improved incremental analysis. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>. This
feature is not yet available on GitHub Enterprise Server. <a
href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li>
<li>Added an experimental change so that when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> fails on a runner — potentially due to
insufficient disk space — the failure is recorded in the Actions cache
so that subsequent runs will automatically skip improved incremental
analysis until something changes (e.g. a larger runner is provisioned or
a new CodeQL version is released). We expect to roll this change out to
everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li>
<li>The minimum memory check for improved incremental analysis is now
skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage.
<a
href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li>
<li>Reduced log levels for best-effort private package registry
connection check failures to reduce noise from workflow annotations. <a
href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li>
<li>Added an experimental change which lowers the minimum disk space
requirement for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>, enabling it to run on standard GitHub Actions
runners. We expect to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li>
<li>Added an experimental change which allows the
<code>start-proxy</code> action to resolve the CodeQL CLI version from
feature flags instead of using the linked CLI bundle version. We expect
to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li>
<li>The previously experimental changes from versions 4.32.3, 4.32.4,
3.32.3 and 3.32.4 are now enabled by default. <a
href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>,
<a
href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li>
</ul>
<h2>4.32.4 - 20 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
<li>When the CodeQL Action is run <a
href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with
debugging enabled in Default Setup</a> and <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>, the &quot;Setup proxy for
registries&quot; step will output additional diagnostic information that
can be used for troubleshooting. <a
href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li>
<li>Added a setting which allows the CodeQL Action to enable network
debugging for Java programs. This will help GitHub staff support
customers with troubleshooting issues in GitHub-managed CodeQL
workflows, such as Default Setup. This setting can only be enabled by
GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li>
<li>Added a setting which enables GitHub-managed workflows, such as
Default Setup, to use a <a
href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly
CodeQL CLI release</a> instead of the latest, stable release that is
used by default. This will help GitHub staff support customers whose
analyses for a given repository or organization require early access to
a change in an upcoming CodeQL CLI release. This setting can only be
enabled by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li>
</ul>
<h2>4.32.3 - 13 Feb 2026</h2>
<ul>
<li>Added experimental support for testing connections to <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a>. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for Default Setup.
<a
href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li>
</ul>
<h2>4.32.2 - 05 Feb 2026</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b1bff81932f5cdfc8695c7752dcee935dcd061c8"><code>b1bff81</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3574">#3574</a>
from github/update-v4.32.7-7dd76e6bf</li>
<li><a
href="https://github.com/github/codeql-action/commit/e682234222f60d9549e37004a04a8f097bbd5798"><code>e682234</code></a>
Add changelog entry for <a
href="https://redirect.github.com/github/codeql-action/issues/3570">#3570</a></li>
<li><a
href="https://github.com/github/codeql-action/commit/95be291f41a39216811b3ce1a63a8df71d40d405"><code>95be291</code></a>
Bump minor version</li>
<li><a
href="https://github.com/github/codeql-action/commit/59bcb6025e4788109a6bb8f7ac4ad9c6a8d6beeb"><code>59bcb60</code></a>
Update changelog for v4.32.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/7dd76e6bf79d24133aa649887a6ee01d8b063816"><code>7dd76e6</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3572">#3572</a>
from github/mbg/pr-checks/eslint</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3200e331bf51e47d45a8a5645d2a125c8a8a643"><code>e3200e3</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3563">#3563</a>
from github/mbg/private-registry/oidc</li>
<li><a
href="https://github.com/github/codeql-action/commit/4c356c71a28eb968dbcf4fb717211e82f406874f"><code>4c356c7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3570">#3570</a>
from github/mbg/repo-props/warn-on-unexpected-props</li>
<li><a
href="https://github.com/github/codeql-action/commit/b4937c19e53d395cc647fe16c4e00788a4e7ded3"><code>b4937c1</code></a>
Only emit one message with accumulated property names</li>
<li><a
href="https://github.com/github/codeql-action/commit/136b8ab3777165e3ec7a19faa7ef9732ace305da"><code>136b8ab</code></a>
Remove <code>cache-dependency-path</code> options as well</li>
<li><a
href="https://github.com/github/codeql-action/commit/a5aba5952cd5add76ec9f971654d61461a3ac2bd"><code>a5aba59</code></a>
Remove <code>package-lock.json</code> that's no longer needed</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.32.6&new-version=4.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-19 13:54:37 +00:00
dependabot[bot] bb8416791a chore(deps): Bump slugify from 1.6.6 to 1.6.8 (#1719) 
Bumps [slugify](https://github.com/simov/slugify) from 1.6.6 to 1.6.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/simov/slugify/blob/master/CHANGELOG.md">slugify's
changelog</a>.</em></p>
<blockquote>
<h2>Change Log</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/simov/slugify/commit/fbbb8ff5b8f04d6c8048675dd23a09d8343cf62c"><code>fbbb8ff</code></a>
1.6.8</li>
<li><a
href="https://github.com/simov/slugify/commit/a71a725abe37521d9fc233eb4053c5a19125a531"><code>a71a725</code></a>
patch: fix package.json</li>
<li><a
href="https://github.com/simov/slugify/commit/21b2bfcee111f8b8892861414c9fb27d6b64f440"><code>21b2bfc</code></a>
1.6.7</li>
<li><a
href="https://github.com/simov/slugify/commit/f1b83a400839054bc16f4900806f7366267517a6"><code>f1b83a4</code></a>
fix: change declare module to namespace in slugify.d.ts (<a
href="https://redirect.github.com/simov/slugify/issues/206">#206</a>)</li>
<li><a
href="https://github.com/simov/slugify/commit/b94fedbf53411562aaf7f4d176a29e5669112c06"><code>b94fedb</code></a>
CI: add Node 24 (<a
href="https://redirect.github.com/simov/slugify/issues/202">#202</a>)</li>
<li><a
href="https://github.com/simov/slugify/commit/c99c574fcbd3468e380ecbda46a6d157da261d74"><code>c99c574</code></a>
Add Node.js 22 to CI &amp; update CI actions (<a
href="https://redirect.github.com/simov/slugify/issues/193">#193</a>)</li>
<li><a
href="https://github.com/simov/slugify/commit/4860d7efd6734af8c716f26cd246aa5b1e503163"><code>4860d7e</code></a>
Merge pull request <a
href="https://redirect.github.com/simov/slugify/issues/188">#188</a>
from stscoundrel/patch-1</li>
<li><a
href="https://github.com/simov/slugify/commit/6dc0bba401df6d2c4bf231ce79e46847b7f33fa6"><code>6dc0bba</code></a>
Run CI in Node.js 20</li>
<li><a
href="https://github.com/simov/slugify/commit/daab9285fa8869c4b999f4ef50f0e3ca5b7a2129"><code>daab928</code></a>
Update changelog</li>
<li>See full diff in <a
href="https://github.com/simov/slugify/compare/v1.6.6...v1.6.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=slugify&package-manager=npm_and_yarn&previous-version=1.6.6&new-version=1.6.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-17 13:53:02 +00:00
dependabot[bot] 9f52e69c86 chore(deps): Bump react-icons from 5.5.0 to 5.6.0 (#1692) 
Bumps [react-icons](https://github.com/react-icons/react-icons) from
5.5.0 to 5.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/react-icons/react-icons/releases">react-icons's
releases</a>.</em></p>
<blockquote>
<h2>v5.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump prismjs from 1.29.0 to 1.30.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1033">react-icons/react-icons#1033</a></li>
<li>Bump <code>@​babel/helpers</code> from 7.23.2 to 7.26.10 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1036">react-icons/react-icons#1036</a></li>
<li>Bump http-proxy-middleware from 2.0.7 to 2.0.9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1041">react-icons/react-icons#1041</a></li>
<li>Bump form-data from 3.0.1 to 3.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1058">react-icons/react-icons#1058</a></li>
<li>Bump vite from 5.4.14 to 5.4.20 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1071">react-icons/react-icons#1071</a></li>
<li>upgrade packages by <a
href="https://github.com/kamijin-fanta"><code>@​kamijin-fanta</code></a>
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1075">react-icons/react-icons#1075</a></li>
<li>Bump tar from 6.2.0 to 6.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1078">react-icons/react-icons#1078</a></li>
<li>Bump vite from 6.3.6 to 6.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1081">react-icons/react-icons#1081</a></li>
<li>Bump tmp from 0.2.3 to 0.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1077">react-icons/react-icons#1077</a></li>
<li>Bump glob from 11.0.3 to 11.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1089">react-icons/react-icons#1089</a></li>
<li>Bump <code>@​babel/runtime</code> from 7.23.2 to 7.28.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1073">react-icons/react-icons#1073</a></li>
<li>Bump node-forge from 1.3.1 to 1.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1092">react-icons/react-icons#1092</a></li>
<li>Bump mdast-util-to-hast from 13.0.2 to 13.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1094">react-icons/react-icons#1094</a></li>
<li>Bump undici from 7.16.0 to 7.18.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1103">react-icons/react-icons#1103</a></li>
<li>Bump devalue from 5.3.2 to 5.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1104">react-icons/react-icons#1104</a></li>
<li>Bump h3 from 1.15.4 to 1.15.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1105">react-icons/react-icons#1105</a></li>
<li>Bump diff from 5.2.0 to 5.2.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1107">react-icons/react-icons#1107</a></li>
<li>Bump webpack from 5.94.0 to 5.104.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1110">react-icons/react-icons#1110</a></li>
<li>Bump jsonpath from 1.1.1 to 1.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1113">react-icons/react-icons#1113</a></li>
<li>Bump devalue from 5.6.2 to 5.6.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1115">react-icons/react-icons#1115</a></li>
<li>Bump astro from 5.14.1 to 5.15.9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1091">react-icons/react-icons#1091</a></li>
<li>Bump ajv from 6.12.6 to 6.14.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1116">react-icons/react-icons#1116</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/react-icons/react-icons/compare/v5.5.0...v5.6.0">https://github.com/react-icons/react-icons/compare/v5.5.0...v5.6.0</a></p>
<table>
<thead>
<tr>
<th>Icon Library</th>
<th>License</th>
<th>Version</th>
<th align="right">Count</th>
</tr>
</thead>
<tbody>
<tr>
<td><a href="https://circumicons.com/">Circum Icons</a></td>
<td><a
href="https://github.com/Klarr-Agency/Circum-Icons/blob/main/LICENSE">MPL-2.0
license</a></td>
<td>1.0.0</td>
<td align="right">288</td>
</tr>
<tr>
<td><a href="https://fontawesome.com/">Font Awesome 5</a></td>
<td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0
License</a></td>
<td>5.15.4-3-gafecf2a</td>
<td align="right">1612</td>
</tr>
<tr>
<td><a href="https://fontawesome.com/">Font Awesome 6</a></td>
<td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0
License</a></td>
<td>6.7.2-1-g840c215</td>
<td align="right">2060</td>
</tr>
<tr>
<td><a href="https://ionicons.com/">Ionicons 4</a></td>
<td><a
href="https://github.com/ionic-team/ionicons/blob/master/LICENSE">MIT</a></td>
<td>4.6.3</td>
<td align="right">696</td>
</tr>
<tr>
<td><a href="https://ionicons.com/">Ionicons 5</a></td>
<td><a
href="https://github.com/ionic-team/ionicons/blob/master/LICENSE">MIT</a></td>
<td>5.5.4</td>
<td align="right">1332</td>
</tr>
<tr>
<td><a href="http://google.github.io/material-design-icons/">Material
Design icons</a></td>
<td><a
href="https://github.com/google/material-design-icons/blob/master/LICENSE">Apache
License Version 2.0</a></td>
<td>4.0.0-142-gbb04090f93</td>
<td align="right">4341</td>
</tr>
<tr>
<td><a href="http://s-ings.com/typicons/">Typicons</a></td>
<td><a href="https://creativecommons.org/licenses/by-sa/3.0/">CC BY-SA
3.0</a></td>
<td>2.1.2</td>
<td align="right">336</td>
</tr>
<tr>
<td><a href="https://octicons.github.com/">Github Octicons
icons</a></td>
<td><a
href="https://github.com/primer/octicons/blob/master/LICENSE">MIT</a></td>
<td>18.3.0</td>
<td align="right">264</td>
</tr>
<tr>
<td><a href="https://feathericons.com/">Feather</a></td>
<td><a
href="https://github.com/feathericons/feather/blob/master/LICENSE">MIT</a></td>
<td>4.29.2</td>
<td align="right">287</td>
</tr>
<tr>
<td><a href="https://lucide.dev/">Lucide</a></td>
<td><a
href="https://github.com/lucide-icons/lucide/blob/main/LICENSE">ISC</a></td>
<td>0.462.0</td>
<td align="right">1541</td>
</tr>
<tr>
<td><a href="https://game-icons.net/">Game Icons</a></td>
<td><a href="https://creativecommons.org/licenses/by/3.0/">CC BY
3.0</a></td>
<td>12920d6565588f0512542a3cb0cdfd36a497f910</td>
<td align="right">4040</td>
</tr>
<tr>
<td><a href="https://erikflowers.github.io/weather-icons/">Weather
Icons</a></td>
<td><a href="http://scripts.sil.org/OFL">SIL OFL 1.1</a></td>
<td>2.0.12</td>
<td align="right">219</td>
</tr>
<tr>
<td><a href="https://vorillaz.github.io/devicons/">Devicons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.8.0</td>
<td align="right">192</td>
</tr>
<tr>
<td><a href="https://github.com/ant-design/ant-design-icons">Ant Design
Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>4.4.2</td>
<td align="right">831</td>
</tr>
<tr>
<td><a href="https://github.com/twbs/icons">Bootstrap Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.13.1</td>
<td align="right">2754</td>
</tr>
<tr>
<td><a href="https://github.com/Remix-Design/RemixIcon">Remix
Icon</a></td>
<td><a href="http://www.apache.org/licenses/">Apache License Version
2.0</a></td>
<td>4.6.0</td>
<td align="right">3058</td>
</tr>
<tr>
<td><a href="https://github.com/icons8/flat-color-icons">Flat Color
Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.0.2</td>
<td align="right">329</td>
</tr>
<tr>
<td><a
href="https://github.com/grommet/grommet-icons">Grommet-Icons</a></td>
<td><a href="http://www.apache.org/licenses/">Apache License Version
2.0</a></td>
<td>4.14.0</td>
<td align="right">637</td>
</tr>
<tr>
<td><a
href="https://github.com/tailwindlabs/heroicons">Heroicons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.0.6</td>
<td align="right">460</td>
</tr>
<tr>
<td><a href="https://github.com/tailwindlabs/heroicons">Heroicons
2</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>2.2.0</td>
<td align="right">972</td>
</tr>
</tbody>
</table>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/react-icons/react-icons/commit/6501a4156153b396d062deffed5ed2c8eb64a458"><code>6501a41</code></a>
v5.6.0</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/387e78027eeea4ef28df13b732e5906725ee3c2f"><code>387e780</code></a>
update icons</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/fb057e730c8f3bfb9b698ecf7f3f92ee3c43afd9"><code>fb057e7</code></a>
5.5.1-snapshot.0</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/6f7475550af2cacfcfa87e4127b8803a3d5fee6c"><code>6f74755</code></a>
update eslint</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/73c281f3323d720a5cf8ff626ce4dd04e62afb88"><code>73c281f</code></a>
Bump ajv from 6.12.6 to 6.14.0 (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1116">#1116</a>)</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/3f2b26446f3943a2a11c083f2073e20c3f222c7b"><code>3f2b264</code></a>
Bump astro from 5.14.1 to 5.15.9 (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1091">#1091</a>)</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/04adc762186d4adc6428279cc6d9119f2894ae20"><code>04adc76</code></a>
Bump devalue from 5.6.2 to 5.6.3 (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1115">#1115</a>)</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/44a5e85bcc53a51950cb53f25f9f5ed8fdbdafb8"><code>44a5e85</code></a>
Bump jsonpath from 1.1.1 to 1.2.1 (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1113">#1113</a>)</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/e2c1d6ccc98ab477b7aa992bf1f9836b6eca80da"><code>e2c1d6c</code></a>
Bump webpack from 5.94.0 to 5.104.1 (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1110">#1110</a>)</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/f3dca028cec5bb6012b95dc03e3ff0efb71709b5"><code>f3dca02</code></a>
Bump diff from 5.2.0 to 5.2.2 (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1107">#1107</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/react-icons/react-icons/compare/v5.5.0...v5.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-icons&package-manager=npm_and_yarn&previous-version=5.5.0&new-version=5.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:23:04 +00:00
dependabot[bot] b319ffb41d chore(deps-dev): Bump typescript-eslint from 8.56.1 to 8.57.0 (#1707) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.56.1 to 8.57.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.57.0</h2>
<h2>8.57.0 (2026-03-09)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unnecessary-condition] allow
literal loop conditions in for/do loops (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12080">#12080</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [strict-void-return] false positives
with overloads (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12055">#12055</a>)</li>
<li><strong>eslint-plugin:</strong> handle statically analyzable
computed keys in prefer-readonly (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12079">#12079</a>)</li>
<li><strong>eslint-plugin:</strong> guard against negative paramIndex in
no-useless-default-assignment (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12077">#12077</a>)</li>
<li><strong>eslint-plugin:</strong> [prefer-promise-reject-errors] add
allow <code>TypeOrValueSpecifier</code> to prefer-promise-reject-errors
(<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12094">#12094</a>)</li>
<li><strong>eslint-plugin:</strong> [no-base-to-string] fix false
positive for toString with overloads (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12089">#12089</a>)</li>
<li><strong>typescript-estree:</strong> switch back to use
<code>ts.getModifiers()</code> (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12034">#12034</a>)</li>
<li><strong>typescript-estree:</strong> if the template literal is
tagged and the text has an invalid escape, <code>cooked</code> will be
<code>null</code> (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11355">#11355</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Brad Zacher <a
href="https://github.com/bradzacher"><code>@​bradzacher</code></a></li>
<li>Brian Schlenker <a
href="https://github.com/bschlenk"><code>@​bschlenk</code></a></li>
<li>Evyatar Daud <a
href="https://github.com/StyleShit"><code>@​StyleShit</code></a></li>
<li>fisker Cheung <a
href="https://github.com/fisker"><code>@​fisker</code></a></li>
<li>James Henry <a
href="https://github.com/JamesHenry"><code>@​JamesHenry</code></a></li>
<li>Josh Goldberg</li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>Moses Odutusin <a
href="https://github.com/thebolarin"><code>@​thebolarin</code></a></li>
<li>Newton Yuan <a
href="https://github.com/NewtonYuan"><code>@​NewtonYuan</code></a></li>
<li>SungHyun627 <a
href="https://github.com/SungHyun627"><code>@​SungHyun627</code></a></li>
<li>Younsang Na <a
href="https://github.com/nayounsang"><code>@​nayounsang</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.57.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.57.0 (2026-03-09)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.57.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/2c6aeeec238dfea860b9f3c146a55f8f49f15cf5"><code>2c6aeee</code></a>
chore(release): publish 8.57.0</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/f696dadfc37078efe4119ad2ab0609cde3e42766"><code>f696dad</code></a>
chore: use pnpm catalog (<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12047">#12047</a>)</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/a09921e2de2e8790e6a803016b825815ca9409d8"><code>a09921e</code></a>
chore: update vitest to 4.x (<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12071">#12071</a>)</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.0/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.56.1&new-version=8.57.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:22:01 +00:00
dependabot[bot] d3744615d7 chore(deps): Bump @codemirror/view from 6.39.17 to 6.40.0 (#1713) 
Bumps [@codemirror/view](https://github.com/codemirror/view) from
6.39.17 to 6.40.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/view/blob/main/CHANGELOG.md"><code>@​codemirror/view</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.40.0 (2026-03-12)</h2>
<h3>Bug fixes</h3>
<p>Fix a bug that caused Shift-Enter/Backspace/Delete on iOS to lose the
shift modifier when delivered to key event handlers.</p>
<p>Fix an issue where <code>EditorView.moveVertically</code> could move
to the wrong place in wrapped lines with a large line height.</p>
<p>Make sure the selection head associativity is properly set for mouse
selections made with shift held down.</p>
<h3>New features</h3>
<p><code>WidgetType.updateDOM</code> is now called with the previous
widget value as third argument.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/codemirror/view/commit/4773b2e57860220c684bb0a2342b3a5efcf4d31a"><code>4773b2e</code></a>
Mark version 6.40.0</li>
<li><a
href="https://github.com/codemirror/view/commit/773a0ee169a402fde2cabc3efc771c920344e667"><code>773a0ee</code></a>
Properly track associativity for shift-click selections</li>
<li><a
href="https://github.com/codemirror/view/commit/3612d3f726f0182937c0260a32eae41460c6d4a7"><code>3612d3f</code></a>
Bring back the vertical scan loop in moveVertically</li>
<li><a
href="https://github.com/codemirror/view/commit/bc583754aac90320fd8ca610d1e4cd2d01d69e18"><code>bc58375</code></a>
Don't put Shift-Enter/Backspace/Del through the iOS pending key
hack</li>
<li><a
href="https://github.com/codemirror/view/commit/fd252fada9523ced184b8db78c17211477062820"><code>fd252fa</code></a>
Change WidgetType.updateDOM from type to this</li>
<li><a
href="https://github.com/codemirror/view/commit/9373f525a2aef0e7b2b7159470b8940f5b3d474a"><code>9373f52</code></a>
Pass the old widget value to WidgetType.updateDOM</li>
<li>See full diff in <a
href="https://github.com/codemirror/view/compare/6.39.17...6.40.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.39.17&new-version=6.40.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:13:41 +00:00
dependabot[bot] 725319f243 chore(deps-dev): Bump vite-plugin-istanbul from 7.2.1 to 8.0.0 (#1714) 
Bumps
[vite-plugin-istanbul](https://github.com/iFaxity/vite-plugin-istanbul)
from 7.2.1 to 8.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/iFaxity/vite-plugin-istanbul/releases">vite-plugin-istanbul's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h1><a
href="https://github.com/iFaxity/vite-plugin-istanbul/compare/v7.2.1...v8.0.0">8.0.0</a>
(2026-03-10)</h1>
<ul>
<li>chore(deps)!: removed the upper range of vite peer (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/396">#396</a>)
(<a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/17df98dd00874cdcce2a58cb4e16c0286964570c">17df98d</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>update node v24.14.0 (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/377">#377</a>)
(<a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/c60c931c06e55de0d09aabb47bb2965ae97e6453">c60c931</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<ul>
<li>
<p>removed the upper range of the vite peer dependency.</p>
</li>
<li>
<p>chore(pnpm): updated lockfile</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/b60f782ea773233aeb9ef776f933432de51ca57e"><code>b60f782</code></a>
chore(package): corrected the repo urls (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/398">#398</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/50ae367c8820596a83c88d16f4975eb14fe65436"><code>50ae367</code></a>
chore: added agents file (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/376">#376</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/56e6eee859764e27ce997224b40114aac416bbbd"><code>56e6eee</code></a>
chore: refactored release config (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/382">#382</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/70634d34804d166609477f967cdbc07489fe0358"><code>70634d3</code></a>
build(deps-dev): bump unbuild from 3.3.1 to 3.6.1 (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/391">#391</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/8ae538765c73a0111bdc95af4c187f1b9ba0461b"><code>8ae5387</code></a>
build(deps): bump source-map from 0.7.4 to 0.7.6 (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/392">#392</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/0a4f40c5f4080dbd0a7bb5e9ec0071708730f793"><code>0a4f40c</code></a>
build(deps-dev): bump lint-staged from 15.4.3 to 16.3.2 (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/389">#389</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/c87c595ddd2b0d6072128d8a5063f23f5c160d69"><code>c87c595</code></a>
build(deps-dev): bump <code>@​ianvs/prettier-plugin-sort-imports</code>
(<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/388">#388</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/0b6036b2b610127ac250ff1a8bd1a8ab1f4b5479"><code>0b6036b</code></a>
chore: updated package config for publishing to work (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/397">#397</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/17df98dd00874cdcce2a58cb4e16c0286964570c"><code>17df98d</code></a>
chore(deps)!: removed the upper range of vite peer (<a
href="https://redirect.github.com/iFaxity/vite-plugin-istanbul/issues/396">#396</a>)</li>
<li><a
href="https://github.com/iFaxity/vite-plugin-istanbul/commit/4612e189da481f8e7572250c71bf72d987a877cc"><code>4612e18</code></a>
Potential fix for code scanning alert no. 11: Workflow does not contain
permi...</li>
<li>Additional commits viewable in <a
href="https://github.com/iFaxity/vite-plugin-istanbul/compare/v7.2.1...v8.0.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by [GitHub Actions](<a
href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a>
Actions), a new releaser for vite-plugin-istanbul since your current
version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite-plugin-istanbul&package-manager=npm_and_yarn&previous-version=7.2.1&new-version=8.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:13:04 +00:00
dependabot[bot] be73c52331 chore(deps): Bump react-i18next from 16.5.6 to 16.5.8 (#1712) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
16.5.6 to 16.5.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h3>16.5.8</h3>
<ul>
<li>A selector function cannot be resolved without an i18n instance...
returning empty string is safer than leaking the raw function reference.
<a
href="https://redirect.github.com/i18next/react-i18next/issues/1907">1907</a></li>
</ul>
<h3>16.5.7</h3>
<ul>
<li>fix: <code>&lt;Trans&gt;</code> component with <code>enableSelector:
true</code> does not support multiple selectors for fallbacks <a
href="https://redirect.github.com/i18next/react-i18next/issues/1907">1907</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/react-i18next/commit/b00adfad4296543ab637d87a6af2b2faec119fcb"><code>b00adfa</code></a>
16.5.8</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/e3675225420193f8cf455888c429e4a4eb7953f7"><code>e367522</code></a>
A selector function cannot be resolved without an i18n instance...
returning ...</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/1cbd152a234ac507a6f9982bbd7e35f02e84be94"><code>1cbd152</code></a>
16.5.7</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/c257c2e7a9ba036a867bbe55b303b165b38ee08a"><code>c257c2e</code></a>
fix: <code>\&lt;Trans&gt;</code> component with <code>enableSelector:
true</code> does not support multipl...</li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v16.5.6...v16.5.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=16.5.6&new-version=16.5.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:12:18 +00:00
dependabot[bot] a3a20b0296 chore(deps): Bump @codemirror/state from 6.5.4 to 6.6.0 (#1711) 
Bumps [@codemirror/state](https://github.com/codemirror/state) from
6.5.4 to 6.6.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/state/blob/main/CHANGELOG.md"><code>@​codemirror/state</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.6.0 (2026-03-12)</h2>
<h3>New features</h3>
<p><code>EditorSelection.range</code> now takes an optional
<code>assoc</code> argument.</p>
<p><code>SelectionRange.extend</code> can now be given a third argument
to specify associativity.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/codemirror/state/commit/821d9b772a1d2d9c989b6ae472513380bf10136b"><code>821d9b7</code></a>
Mark version 6.6.0</li>
<li><a
href="https://github.com/codemirror/state/commit/e035c74e941b9274989a103ff368d94364f9ee9f"><code>e035c74</code></a>
Support an assoc argument to EditorSelection.range and
SelectionRange.extend</li>
<li><a
href="https://github.com/codemirror/state/commit/eef74dbc484f1778e4a5712dca3ff98e63c6091c"><code>eef74db</code></a>
Add type conversions to asArray</li>
<li>See full diff in <a
href="https://github.com/codemirror/state/compare/6.5.4...6.6.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/state&package-manager=npm_and_yarn&previous-version=6.5.4&new-version=6.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:04:41 +00:00
dependabot[bot] d1dc78239b chore(deps): Bump i18next from 25.8.17 to 25.8.18 (#1710) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [i18next](https://github.com/i18next/i18next) from 25.8.17 to
25.8.18.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.8.18</h2>
<ul>
<li>improve selector api to accept array of selector functions,
analogous to array of keys <a
href="https://redirect.github.com/i18next/i18next/issues/2404">2404</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.8.18</h2>
<ul>
<li>improve selector api to accept array of selector functions,
analogous to array of keys <a
href="https://redirect.github.com/i18next/i18next/issues/2404">2404</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/9c7285b9b60913598d52b09aa1b42b7f19455ba2"><code>9c7285b</code></a>
25.8.18</li>
<li><a
href="https://github.com/i18next/i18next/commit/2fa6e38e2adc4d50bd483f425a1f4f3c0f9ed0fa"><code>2fa6e38</code></a>
improve selector api to accept array of selector functions, analogous to
arra...</li>
<li><a
href="https://github.com/i18next/i18next/commit/9ed8fd1e1a8f0b72cd1687abbed0e8a05b2ed23b"><code>9ed8fd1</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.8.17...v25.8.18">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.8.17&new-version=25.8.18)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:04:26 +00:00
dependabot[bot] d137106185 chore(deps-dev): Bump i18next-cli from 1.49.4 to 1.50.1 (#1709) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.49.4
to 1.50.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.50.0...v1.50.1">1.50.1</a>
- 2026-03-13</h2>
<ul>
<li>Improve Non-JS/TS file support via <code>onLoad</code> plugin hook
(<a
href="https://redirect.github.com/i18next/i18next-cli/issues/217">#217</a>)
<ul>
<li>A warning is emitted when a non-native extension is explicitly
listed in the input glob patterns (e.g.
<code>src/**/*.{ts,svelte}</code>) but no plugin handled it, this helps
catch forgotten or misconfigured plugins early</li>
</ul>
</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.7...v1.50.0">1.50.0</a>
- 2026-03-13</h2>
<h3>Added</h3>
<ul>
<li>Non-JS/TS file support via <code>onLoad</code> plugin hook (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/217">#217</a>)
<ul>
<li>Plugins can now return transformed JS/TS code from
<code>onLoad</code> for any file type (e.g. <code>.svelte</code>,
<code>.vue</code>), and the extractor will parse it correctly using TSX
syntax</li>
<li>Files with unsupported extensions that no plugin handles are now
silently skipped instead of throwing an <code>ExtractorError</code></li>
<li>The <code>onLoad</code> return type now explicitly allows
<code>undefined</code> (pass-through) in addition to
<code>string</code>, matching the documented behaviour</li>
</ul>
</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><code>Plugin.onLoad</code> TypeScript signature corrected to
<code>MaybePromise&lt;string | undefined&gt;</code> — returning
<code>undefined</code> to opt out of transformation was always the
intended pattern but the type incorrectly disallowed it</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.6...v1.49.7">1.49.7</a>
- 2026-03-12</h2>
<ul>
<li>fix: sync and extract --ci produce inconsistent plural key ordering
in JSON locale files <a
href="https://redirect.github.com/i18next/i18next-cli/issues/216">#216</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.5...v1.49.6">1.49.6</a>
- 2026-03-10</h2>
<ul>
<li>fix: sync clears locale-specific plural forms like _many in
secondary locales, causing status to report missing translations <a
href="https://redirect.github.com/i18next/i18next-cli/issues/215">#215</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.4...v1.49.5">1.49.5</a>
- 2026-03-10</h2>
<ul>
<li>updated dependencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/f73d5883a5a5d05cfdc97bd83b9f2ceb4a268af2"><code>f73d588</code></a>
1.50.1</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/31fea642c6ae794dff7eadb903066629bec55f2d"><code>31fea64</code></a>
A warning is emitted when a non-native extension is explicitly listed in
the ...</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/18f7fd52415db8e6d37f182da9353c8576c558bb"><code>18f7fd5</code></a>
1.50.0</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/71f66a939b53371ec9d60da91afd3da3ddc06367"><code>71f66a9</code></a>
try to address <a
href="https://redirect.github.com/i18next/i18next-cli/issues/217">#217</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/6d5688312ea41dbee00653d1ac05b47b481631ff"><code>6d56883</code></a>
1.49.7</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/6ad888c097773a3b1465e4b217325ea804a3ba7c"><code>6ad888c</code></a>
fix: sync and extract --ci produce inconsistent plural key ordering in
JSON l...</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/7ac177c3bb15b08532a31b783701cd9cfedeb73b"><code>7ac177c</code></a>
fix test for windows</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/54f8f93fd69560b71a96d47db813f540afc53bc4"><code>54f8f93</code></a>
1.49.6</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/06f4de0fb8649d38c4a4665c21f2cb8729873b1f"><code>06f4de0</code></a>
fix: sync clears locale-specific plural forms like _many in secondary
locales...</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/eb2b6679f328dd71f220b3bea3d2a694d94e9f34"><code>eb2b667</code></a>
1.49.5</li>
<li>Additional commits viewable in <a
href="https://github.com/i18next/i18next-cli/compare/v1.49.4...v1.50.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.49.4&new-version=1.50.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:03:44 +00:00
dependabot[bot] ed51a7f835 chore(deps-dev): Bump the vitest group with 2 updates (#1708) 
Bumps the vitest group with 2 updates:
[@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8)
and
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).

Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases"><code>@​vitest/coverage-v8</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<p>Vitest 4.1 is out!</p>
<p>This release page lists all changes made to the project during the
4.1 beta. To get a review of all the new features, read our <a
href="https://vitest.dev/blog/vitest-4-1">blog post</a>.</p>
<h3>   🚀 Features</h3>
<ul>
<li>Return a disposable from doMock()  -  by <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9332">vitest-dev/vitest#9332</a>
<a href="https://github.com/vitest-dev/vitest/commit/e3e659a96"><!-- raw
HTML omitted -->(e3e65)<!-- raw HTML omitted --></a></li>
<li>Added chai style assertions  -  by <a
href="https://github.com/ronnakamoto"><code>@​ronnakamoto</code></a> and
<a href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8842">vitest-dev/vitest#8842</a>
<a href="https://github.com/vitest-dev/vitest/commit/841df9ac5"><!-- raw
HTML omitted -->(841df)<!-- raw HTML omitted --></a></li>
<li>Update to sinon/fake-timers v15 and add <code>setTickMode</code> to
timer controls  -  by <a
href="https://github.com/atscott"><code>@​atscott</code></a> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8726">vitest-dev/vitest#8726</a>
<a href="https://github.com/vitest-dev/vitest/commit/4b480aaed"><!-- raw
HTML omitted -->(4b480)<!-- raw HTML omitted --></a></li>
<li>Expose matcher types  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9448">vitest-dev/vitest#9448</a>
<a href="https://github.com/vitest-dev/vitest/commit/3e4b913b1"><!-- raw
HTML omitted -->(3e4b9)<!-- raw HTML omitted --></a></li>
<li>Add <code>toTestSpecification</code> to reported tasks  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9464">vitest-dev/vitest#9464</a>
<a href="https://github.com/vitest-dev/vitest/commit/1a4705da9"><!-- raw
HTML omitted -->(1a470)<!-- raw HTML omitted --></a></li>
<li>Show a warning if <code>vi.mock</code> or <code>vi.hoisted</code>
are declared outside of top level of the module  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9387">vitest-dev/vitest#9387</a>
<a href="https://github.com/vitest-dev/vitest/commit/5db54a468"><!-- raw
HTML omitted -->(5db54)<!-- raw HTML omitted --></a></li>
<li>Track and display expectedly failed tests (.fails) in UI and CLI  - 
by <a href="https://github.com/Copilot"><code>@​Copilot</code></a>,
<strong>sheremet-va</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9476">vitest-dev/vitest#9476</a>
<a href="https://github.com/vitest-dev/vitest/commit/77d75fd34"><!-- raw
HTML omitted -->(77d75)<!-- raw HTML omitted --></a></li>
<li>Support tags  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9478">vitest-dev/vitest#9478</a>
<a href="https://github.com/vitest-dev/vitest/commit/de7c8a521"><!-- raw
HTML omitted -->(de7c8)<!-- raw HTML omitted --></a></li>
<li>Implement <code>aroundEach</code> and <code>aroundAll</code> hooks
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9450">vitest-dev/vitest#9450</a>
<a href="https://github.com/vitest-dev/vitest/commit/2a8cb9dc2"><!-- raw
HTML omitted -->(2a8cb)<!-- raw HTML omitted --></a></li>
<li>Stabilize experimental features  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9529">vitest-dev/vitest#9529</a>
<a href="https://github.com/vitest-dev/vitest/commit/b5fd2a16a"><!-- raw
HTML omitted -->(b5fd2)<!-- raw HTML omitted --></a></li>
<li>Accept <code>new</code> or <code>all</code> in <code>--update</code>
flag  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9543">vitest-dev/vitest#9543</a>
<a href="https://github.com/vitest-dev/vitest/commit/a5acf28a5"><!-- raw
HTML omitted -->(a5acf)<!-- raw HTML omitted --></a></li>
<li>Support <code>meta</code> in test options  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9535">vitest-dev/vitest#9535</a>
<a href="https://github.com/vitest-dev/vitest/commit/7d622e3d1"><!-- raw
HTML omitted -->(7d622)<!-- raw HTML omitted --></a></li>
<li>Support type inference with a new <code>test.extend</code> syntax
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9550">vitest-dev/vitest#9550</a>
<a href="https://github.com/vitest-dev/vitest/commit/e53854fcc"><!-- raw
HTML omitted -->(e5385)<!-- raw HTML omitted --></a></li>
<li>Support vite 8 beta, fix type issues in the config with different
vite versions  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9587">vitest-dev/vitest#9587</a>
<a href="https://github.com/vitest-dev/vitest/commit/990281dfd"><!-- raw
HTML omitted -->(99028)<!-- raw HTML omitted --></a></li>
<li>Add assertion helper to hide internal stack traces  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> and
<strong>Claude Opus 4.6</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9594">vitest-dev/vitest#9594</a>
<a href="https://github.com/vitest-dev/vitest/commit/eeb0ae2f8"><!-- raw
HTML omitted -->(eeb0a)<!-- raw HTML omitted --></a></li>
<li>Store failure screenshots using artifacts API  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9588">vitest-dev/vitest#9588</a>
<a href="https://github.com/vitest-dev/vitest/commit/24603e3c4"><!-- raw
HTML omitted -->(24603)<!-- raw HTML omitted --></a></li>
<li>Allow <code>vitest list</code> to statically collect tests instead
of running files to collect them  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9630">vitest-dev/vitest#9630</a>
<a href="https://github.com/vitest-dev/vitest/commit/7a8e7fc20"><!-- raw
HTML omitted -->(7a8e7)<!-- raw HTML omitted --></a></li>
<li>Add <code>--detect-async-leaks</code>  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9528">vitest-dev/vitest#9528</a>
<a href="https://github.com/vitest-dev/vitest/commit/c594d4af3"><!-- raw
HTML omitted -->(c594d)<!-- raw HTML omitted --></a></li>
<li>Implement <code>mockThrow</code> and <code>mockThrowOnce</code>  - 
by <a
href="https://github.com/thor-juhasz"><code>@​thor-juhasz</code></a> and
<a href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9512">vitest-dev/vitest#9512</a>
<a href="https://github.com/vitest-dev/vitest/commit/619179fb7"><!-- raw
HTML omitted -->(61917)<!-- raw HTML omitted --></a></li>
<li>Support <code>update: &quot;none&quot;</code> and add docs about
snapshots behavior on CI  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9700">vitest-dev/vitest#9700</a>
<a href="https://github.com/vitest-dev/vitest/commit/05f1854e2"><!-- raw
HTML omitted -->(05f18)<!-- raw HTML omitted --></a></li>
<li>Support playwright <code>launchOptions</code> with
<code>connectOptions</code>  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9702">vitest-dev/vitest#9702</a>
<a href="https://github.com/vitest-dev/vitest/commit/f0ff1b2a0"><!-- raw
HTML omitted -->(f0ff1)<!-- raw HTML omitted --></a></li>
<li>Add <code>page/locator.mark</code> API to enhance playwright trace
 -  by <a href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9652">vitest-dev/vitest#9652</a>
<a href="https://github.com/vitest-dev/vitest/commit/d0ee546fe"><!-- raw
HTML omitted -->(d0ee5)<!-- raw HTML omitted --></a></li>
<li><strong>api</strong>:
<ul>
<li>Support tests starting or ending with <code>test</code> in
<code>experimental_parseSpecification</code>  -  by <a
href="https://github.com/jgillick"><code>@​jgillick</code></a> and
<strong>Jeremy Gillick</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9235">vitest-dev/vitest#9235</a>
<a href="https://github.com/vitest-dev/vitest/commit/2f367fad3"><!-- raw
HTML omitted -->(2f367)<!-- raw HTML omitted --></a></li>
<li>Add filters to <code>createSpecification</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9336">vitest-dev/vitest#9336</a>
<a href="https://github.com/vitest-dev/vitest/commit/c8e6c7fbf"><!-- raw
HTML omitted -->(c8e6c)<!-- raw HTML omitted --></a></li>
<li>Expose <code>runTestFiles</code> as alternative to
<code>runTestSpecifications</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9443">vitest-dev/vitest#9443</a>
<a href="https://github.com/vitest-dev/vitest/commit/43d761821"><!-- raw
HTML omitted -->(43d76)<!-- raw HTML omitted --></a></li>
<li>Add <code>allowWrite</code> and <code>allowExec</code> options to
<code>api</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9350">vitest-dev/vitest#9350</a>
<a href="https://github.com/vitest-dev/vitest/commit/20e00ef78"><!-- raw
HTML omitted -->(20e00)<!-- raw HTML omitted --></a></li>
<li>Allow passing down test cases to <code>toTestSpecification</code>
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9627">vitest-dev/vitest#9627</a>
<a href="https://github.com/vitest-dev/vitest/commit/6f17d5ddf"><!-- raw
HTML omitted -->(6f17d)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>browser</strong>:
<ul>
<li>Add <code>userEvent.wheel</code> API  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9188">vitest-dev/vitest#9188</a>
<a href="https://github.com/vitest-dev/vitest/commit/660801979"><!-- raw
HTML omitted -->(66080)<!-- raw HTML omitted --></a></li>
<li>Add <code>filterNode</code> option to prettyDOM for filtering
browser assertion error output  -  by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a>,
<strong>sheremet-va</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9475">vitest-dev/vitest#9475</a>
<a href="https://github.com/vitest-dev/vitest/commit/d3220fcd8"><!-- raw
HTML omitted -->(d3220)<!-- raw HTML omitted --></a></li>
<li>Support playwright persistent context  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a>,
<strong>Claude Opus 4.6</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9229">vitest-dev/vitest#9229</a>
<a href="https://github.com/vitest-dev/vitest/commit/f865d2ba4"><!-- raw
HTML omitted -->(f865d)<!-- raw HTML omitted --></a></li>
<li>Added <code>detailsPanelPosition</code> option and button  -  by <a
href="https://github.com/shairez"><code>@​shairez</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9525">vitest-dev/vitest#9525</a>
<a href="https://github.com/vitest-dev/vitest/commit/c8a31147c"><!-- raw
HTML omitted -->(c8a31)<!-- raw HTML omitted --></a></li>
<li>Use BlazeDiff instead of pixelmatch  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9514">vitest-dev/vitest#9514</a>
<a href="https://github.com/vitest-dev/vitest/commit/309362089"><!-- raw
HTML omitted -->(30936)<!-- raw HTML omitted --></a></li>
<li>Add <code>findElement</code> and enable strict mode in webdriverio
and preview  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9677">vitest-dev/vitest#9677</a>
<a href="https://github.com/vitest-dev/vitest/commit/c3f37721c"><!-- raw
HTML omitted -->(c3f37)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>cli</strong>:
<ul>
<li>Add <a href="https://github.com/bomb"><code>@​bomb</code></a>.sh/tab
completions  -  by <a
href="https://github.com/AmirSa12"><code>@​AmirSa12</code></a> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8639">vitest-dev/vitest#8639</a>
<a href="https://github.com/vitest-dev/vitest/commit/200f31704"><!-- raw
HTML omitted -->(200f3)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>coverage</strong>:
<ul>
<li>Support <code>ignore start/stop</code> ignore hints  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9204">vitest-dev/vitest#9204</a>
<a href="https://github.com/vitest-dev/vitest/commit/e59c94ba6"><!-- raw
HTML omitted -->(e59c9)<!-- raw HTML omitted --></a></li>
<li>Add <code>coverage.changed</code> option to report only changed
files  -  by <a
href="https://github.com/kykim00"><code>@​kykim00</code></a> and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9521">vitest-dev/vitest#9521</a>
<a href="https://github.com/vitest-dev/vitest/commit/1d9392c67"><!-- raw
HTML omitted -->(1d939)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>experimental</strong>:
<ul>
<li>Add <code>onModuleRunner</code> hook to <code>worker.init</code>  - 
by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9286">vitest-dev/vitest#9286</a>
<a href="https://github.com/vitest-dev/vitest/commit/e977f3deb"><!-- raw
HTML omitted -->(e977f)<!-- raw HTML omitted --></a></li>
<li>Option to disable the module runner  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> and
<a href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9210">vitest-dev/vitest#9210</a>
<a href="https://github.com/vitest-dev/vitest/commit/9be6121ee"><!-- raw
HTML omitted -->(9be61)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/4150b913171bda3971a4a4c47c633c26d0c6ae45"><code>4150b91</code></a>
chore: release v4.1.0</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/0c2c01361a95dd26d0d7fd7bc38bcca8dbc6e5d2"><code>0c2c013</code></a>
chore: release v4.1.0-beta.6</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/689a22a1b8c79595f6f4ae82d2b43c895d7f1c50"><code>689a22a</code></a>
fix(browser): types of <code>getCDPSession</code> and <code>cdp()</code>
(<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8/issues/9716">#9716</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/94eb73b519cb5ecd06c9aa178a3f0e161c96236f"><code>94eb73b</code></a>
chore(deps): update eslint packages (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8/issues/9615">#9615</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/8c96bb0023f551c78a81461d5c9aaedee634fe99"><code>8c96bb0</code></a>
refator: update links to npmx (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8/issues/9783">#9783</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/aaf775896af2356f5c710c54ec6e624fe8e4eef9"><code>aaf7758</code></a>
chore: standardize packages README (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8/issues/9776">#9776</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/57cbe393bfb44602b0ea36110e9161aa08f4a468"><code>57cbe39</code></a>
chore(deps): update <code>ast-v8-to-istanbul</code> to v1 (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8/issues/9755">#9755</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/79672d7e1586981f04dce7619cbd8c3a31eff284"><code>79672d7</code></a>
chore: release v4.1.0-beta.5</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/1d9e3b3315024e3443a5a72fa8387508f4223528"><code>1d9e3b3</code></a>
chore: release v4.1.0-beta.4</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/4ff8c6fa15003c5464e901d71b3e9ec4c1854232"><code>4ff8c6f</code></a>
chore(build): raise build target to the minimum supported, don't bundle
utils...</li>
<li>Additional commits viewable in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/coverage-v8">compare
view</a></li>
</ul>
</details>
<br />

Updates `vitest` from 4.0.18 to 4.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<p>Vitest 4.1 is out!</p>
<p>This release page lists all changes made to the project during the
4.1 beta. To get a review of all the new features, read our <a
href="https://vitest.dev/blog/vitest-4-1">blog post</a>.</p>
<h3>   🚀 Features</h3>
<ul>
<li>Return a disposable from doMock()  -  by <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9332">vitest-dev/vitest#9332</a>
<a href="https://github.com/vitest-dev/vitest/commit/e3e659a96"><!-- raw
HTML omitted -->(e3e65)<!-- raw HTML omitted --></a></li>
<li>Added chai style assertions  -  by <a
href="https://github.com/ronnakamoto"><code>@​ronnakamoto</code></a> and
<a href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/8842">vitest-dev/vitest#8842</a>
<a href="https://github.com/vitest-dev/vitest/commit/841df9ac5"><!-- raw
HTML omitted -->(841df)<!-- raw HTML omitted --></a></li>
<li>Update to sinon/fake-timers v15 and add <code>setTickMode</code> to
timer controls  -  by <a
href="https://github.com/atscott"><code>@​atscott</code></a> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8726">vitest-dev/vitest#8726</a>
<a href="https://github.com/vitest-dev/vitest/commit/4b480aaed"><!-- raw
HTML omitted -->(4b480)<!-- raw HTML omitted --></a></li>
<li>Expose matcher types  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9448">vitest-dev/vitest#9448</a>
<a href="https://github.com/vitest-dev/vitest/commit/3e4b913b1"><!-- raw
HTML omitted -->(3e4b9)<!-- raw HTML omitted --></a></li>
<li>Add <code>toTestSpecification</code> to reported tasks  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9464">vitest-dev/vitest#9464</a>
<a href="https://github.com/vitest-dev/vitest/commit/1a4705da9"><!-- raw
HTML omitted -->(1a470)<!-- raw HTML omitted --></a></li>
<li>Show a warning if <code>vi.mock</code> or <code>vi.hoisted</code>
are declared outside of top level of the module  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9387">vitest-dev/vitest#9387</a>
<a href="https://github.com/vitest-dev/vitest/commit/5db54a468"><!-- raw
HTML omitted -->(5db54)<!-- raw HTML omitted --></a></li>
<li>Track and display expectedly failed tests (.fails) in UI and CLI  - 
by <a href="https://github.com/Copilot"><code>@​Copilot</code></a>,
<strong>sheremet-va</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9476">vitest-dev/vitest#9476</a>
<a href="https://github.com/vitest-dev/vitest/commit/77d75fd34"><!-- raw
HTML omitted -->(77d75)<!-- raw HTML omitted --></a></li>
<li>Support tags  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9478">vitest-dev/vitest#9478</a>
<a href="https://github.com/vitest-dev/vitest/commit/de7c8a521"><!-- raw
HTML omitted -->(de7c8)<!-- raw HTML omitted --></a></li>
<li>Implement <code>aroundEach</code> and <code>aroundAll</code> hooks
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9450">vitest-dev/vitest#9450</a>
<a href="https://github.com/vitest-dev/vitest/commit/2a8cb9dc2"><!-- raw
HTML omitted -->(2a8cb)<!-- raw HTML omitted --></a></li>
<li>Stabilize experimental features  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9529">vitest-dev/vitest#9529</a>
<a href="https://github.com/vitest-dev/vitest/commit/b5fd2a16a"><!-- raw
HTML omitted -->(b5fd2)<!-- raw HTML omitted --></a></li>
<li>Accept <code>new</code> or <code>all</code> in <code>--update</code>
flag  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9543">vitest-dev/vitest#9543</a>
<a href="https://github.com/vitest-dev/vitest/commit/a5acf28a5"><!-- raw
HTML omitted -->(a5acf)<!-- raw HTML omitted --></a></li>
<li>Support <code>meta</code> in test options  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9535">vitest-dev/vitest#9535</a>
<a href="https://github.com/vitest-dev/vitest/commit/7d622e3d1"><!-- raw
HTML omitted -->(7d622)<!-- raw HTML omitted --></a></li>
<li>Support type inference with a new <code>test.extend</code> syntax
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9550">vitest-dev/vitest#9550</a>
<a href="https://github.com/vitest-dev/vitest/commit/e53854fcc"><!-- raw
HTML omitted -->(e5385)<!-- raw HTML omitted --></a></li>
<li>Support vite 8 beta, fix type issues in the config with different
vite versions  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9587">vitest-dev/vitest#9587</a>
<a href="https://github.com/vitest-dev/vitest/commit/990281dfd"><!-- raw
HTML omitted -->(99028)<!-- raw HTML omitted --></a></li>
<li>Add assertion helper to hide internal stack traces  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> and
<strong>Claude Opus 4.6</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9594">vitest-dev/vitest#9594</a>
<a href="https://github.com/vitest-dev/vitest/commit/eeb0ae2f8"><!-- raw
HTML omitted -->(eeb0a)<!-- raw HTML omitted --></a></li>
<li>Store failure screenshots using artifacts API  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9588">vitest-dev/vitest#9588</a>
<a href="https://github.com/vitest-dev/vitest/commit/24603e3c4"><!-- raw
HTML omitted -->(24603)<!-- raw HTML omitted --></a></li>
<li>Allow <code>vitest list</code> to statically collect tests instead
of running files to collect them  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9630">vitest-dev/vitest#9630</a>
<a href="https://github.com/vitest-dev/vitest/commit/7a8e7fc20"><!-- raw
HTML omitted -->(7a8e7)<!-- raw HTML omitted --></a></li>
<li>Add <code>--detect-async-leaks</code>  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9528">vitest-dev/vitest#9528</a>
<a href="https://github.com/vitest-dev/vitest/commit/c594d4af3"><!-- raw
HTML omitted -->(c594d)<!-- raw HTML omitted --></a></li>
<li>Implement <code>mockThrow</code> and <code>mockThrowOnce</code>  - 
by <a
href="https://github.com/thor-juhasz"><code>@​thor-juhasz</code></a> and
<a href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9512">vitest-dev/vitest#9512</a>
<a href="https://github.com/vitest-dev/vitest/commit/619179fb7"><!-- raw
HTML omitted -->(61917)<!-- raw HTML omitted --></a></li>
<li>Support <code>update: &quot;none&quot;</code> and add docs about
snapshots behavior on CI  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9700">vitest-dev/vitest#9700</a>
<a href="https://github.com/vitest-dev/vitest/commit/05f1854e2"><!-- raw
HTML omitted -->(05f18)<!-- raw HTML omitted --></a></li>
<li>Support playwright <code>launchOptions</code> with
<code>connectOptions</code>  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9702">vitest-dev/vitest#9702</a>
<a href="https://github.com/vitest-dev/vitest/commit/f0ff1b2a0"><!-- raw
HTML omitted -->(f0ff1)<!-- raw HTML omitted --></a></li>
<li>Add <code>page/locator.mark</code> API to enhance playwright trace
 -  by <a href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a>
in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9652">vitest-dev/vitest#9652</a>
<a href="https://github.com/vitest-dev/vitest/commit/d0ee546fe"><!-- raw
HTML omitted -->(d0ee5)<!-- raw HTML omitted --></a></li>
<li><strong>api</strong>:
<ul>
<li>Support tests starting or ending with <code>test</code> in
<code>experimental_parseSpecification</code>  -  by <a
href="https://github.com/jgillick"><code>@​jgillick</code></a> and
<strong>Jeremy Gillick</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9235">vitest-dev/vitest#9235</a>
<a href="https://github.com/vitest-dev/vitest/commit/2f367fad3"><!-- raw
HTML omitted -->(2f367)<!-- raw HTML omitted --></a></li>
<li>Add filters to <code>createSpecification</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9336">vitest-dev/vitest#9336</a>
<a href="https://github.com/vitest-dev/vitest/commit/c8e6c7fbf"><!-- raw
HTML omitted -->(c8e6c)<!-- raw HTML omitted --></a></li>
<li>Expose <code>runTestFiles</code> as alternative to
<code>runTestSpecifications</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9443">vitest-dev/vitest#9443</a>
<a href="https://github.com/vitest-dev/vitest/commit/43d761821"><!-- raw
HTML omitted -->(43d76)<!-- raw HTML omitted --></a></li>
<li>Add <code>allowWrite</code> and <code>allowExec</code> options to
<code>api</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9350">vitest-dev/vitest#9350</a>
<a href="https://github.com/vitest-dev/vitest/commit/20e00ef78"><!-- raw
HTML omitted -->(20e00)<!-- raw HTML omitted --></a></li>
<li>Allow passing down test cases to <code>toTestSpecification</code>
 -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9627">vitest-dev/vitest#9627</a>
<a href="https://github.com/vitest-dev/vitest/commit/6f17d5ddf"><!-- raw
HTML omitted -->(6f17d)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>browser</strong>:
<ul>
<li>Add <code>userEvent.wheel</code> API  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9188">vitest-dev/vitest#9188</a>
<a href="https://github.com/vitest-dev/vitest/commit/660801979"><!-- raw
HTML omitted -->(66080)<!-- raw HTML omitted --></a></li>
<li>Add <code>filterNode</code> option to prettyDOM for filtering
browser assertion error output  -  by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a>,
<strong>sheremet-va</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9475">vitest-dev/vitest#9475</a>
<a href="https://github.com/vitest-dev/vitest/commit/d3220fcd8"><!-- raw
HTML omitted -->(d3220)<!-- raw HTML omitted --></a></li>
<li>Support playwright persistent context  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a>,
<strong>Claude Opus 4.6</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9229">vitest-dev/vitest#9229</a>
<a href="https://github.com/vitest-dev/vitest/commit/f865d2ba4"><!-- raw
HTML omitted -->(f865d)<!-- raw HTML omitted --></a></li>
<li>Added <code>detailsPanelPosition</code> option and button  -  by <a
href="https://github.com/shairez"><code>@​shairez</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9525">vitest-dev/vitest#9525</a>
<a href="https://github.com/vitest-dev/vitest/commit/c8a31147c"><!-- raw
HTML omitted -->(c8a31)<!-- raw HTML omitted --></a></li>
<li>Use BlazeDiff instead of pixelmatch  -  by <a
href="https://github.com/macarie"><code>@​macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9514">vitest-dev/vitest#9514</a>
<a href="https://github.com/vitest-dev/vitest/commit/309362089"><!-- raw
HTML omitted -->(30936)<!-- raw HTML omitted --></a></li>
<li>Add <code>findElement</code> and enable strict mode in webdriverio
and preview  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9677">vitest-dev/vitest#9677</a>
<a href="https://github.com/vitest-dev/vitest/commit/c3f37721c"><!-- raw
HTML omitted -->(c3f37)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>cli</strong>:
<ul>
<li>Add <a href="https://github.com/bomb"><code>@​bomb</code></a>.sh/tab
completions  -  by <a
href="https://github.com/AmirSa12"><code>@​AmirSa12</code></a> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8639">vitest-dev/vitest#8639</a>
<a href="https://github.com/vitest-dev/vitest/commit/200f31704"><!-- raw
HTML omitted -->(200f3)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>coverage</strong>:
<ul>
<li>Support <code>ignore start/stop</code> ignore hints  -  by <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9204">vitest-dev/vitest#9204</a>
<a href="https://github.com/vitest-dev/vitest/commit/e59c94ba6"><!-- raw
HTML omitted -->(e59c9)<!-- raw HTML omitted --></a></li>
<li>Add <code>coverage.changed</code> option to report only changed
files  -  by <a
href="https://github.com/kykim00"><code>@​kykim00</code></a> and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9521">vitest-dev/vitest#9521</a>
<a href="https://github.com/vitest-dev/vitest/commit/1d9392c67"><!-- raw
HTML omitted -->(1d939)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>experimental</strong>:
<ul>
<li>Add <code>onModuleRunner</code> hook to <code>worker.init</code>  - 
by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9286">vitest-dev/vitest#9286</a>
<a href="https://github.com/vitest-dev/vitest/commit/e977f3deb"><!-- raw
HTML omitted -->(e977f)<!-- raw HTML omitted --></a></li>
<li>Option to disable the module runner  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> and
<a href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9210">vitest-dev/vitest#9210</a>
<a href="https://github.com/vitest-dev/vitest/commit/9be6121ee"><!-- raw
HTML omitted -->(9be61)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/4150b913171bda3971a4a4c47c633c26d0c6ae45"><code>4150b91</code></a>
chore: release v4.1.0</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/1de0aa22dd6311a93546a75a3c58a6be519c1baf"><code>1de0aa2</code></a>
fix: correctly identify concurrent test during static analysis (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9846">#9846</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/c3cac1c1b5a91d921942e9391fbd94841717363f"><code>c3cac1c</code></a>
fix: use isAgent check, not just TTY, for watch mode (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9841">#9841</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/eab68ba2b8ea6f89717c0b885c573579659d7c3b"><code>eab68ba</code></a>
chore(deps): update all non-major dependencies (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9824">#9824</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/031f02a89be34491c441b4da9c4e2bacb7db71df"><code>031f02a</code></a>
fix: allow catch/finally for async assertion (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9827">#9827</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/3e9e096a231fa0ec6475da82e36cbd6fcc9bc8f9"><code>3e9e096</code></a>
feat(reporters): add <code>agent</code> reporter to reduce ai agent
token usage (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9779">#9779</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/0c2c01361a95dd26d0d7fd7bc38bcca8dbc6e5d2"><code>0c2c013</code></a>
chore: release v4.1.0-beta.6</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/8181e06e765f4d043818b244c76795022fa78ff6"><code>8181e06</code></a>
fix: <code>hideSkippedTests</code> should not hide
<code>test.todo</code> (fix <a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9562">#9562</a>)
(<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9781">#9781</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/a8216b0014b83612e40ef49f919d5293b68717b3"><code>a8216b0</code></a>
fix: manual and redirect mock shouldn't <code>load</code> or
<code>transform</code> original module...</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/689a22a1b8c79595f6f4ae82d2b43c895d7f1c50"><code>689a22a</code></a>
fix(browser): types of <code>getCDPSession</code> and <code>cdp()</code>
(<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9716">#9716</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 14:03:42 +00:00
dependabot[bot] 7e5538a53b chore(deps): Bump @codemirror/view from 6.39.16 to 6.39.17 (#1706) 
Bumps [@codemirror/view](https://github.com/codemirror/view) from
6.39.16 to 6.39.17.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/view/blob/main/CHANGELOG.md"><code>@​codemirror/view</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.39.17 (2026-03-10)</h2>
<h3>Bug fixes</h3>
<p>Improve touch tap-selection on line wrapping boundaries.</p>
<p>Make <code>drawSelection</code> draw our own selection handles on
iOS.</p>
<p>Fix an issue where <code>posAtCoords</code>, when querying line
wrapping points, got confused by extra empty client rectangles produced
by Safari.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/codemirror/view/commit/3d236d2e5f6ca305027e63d6039911b864358d33"><code>3d236d2</code></a>
Mark version 6.39.17</li>
<li><a
href="https://github.com/codemirror/view/commit/0a8ddb1a4ec185cdf0e34062ae354efdb07bdda2"><code>0a8ddb1</code></a>
Avoid posAtCoords getting confused by empty wrapping rectangles returned
by S...</li>
<li><a
href="https://github.com/codemirror/view/commit/f22a194de30f648e51d1667525e034231b7beaa3"><code>f22a194</code></a>
Implement iOS selection handle drawing in the selection layer</li>
<li><a
href="https://github.com/codemirror/view/commit/07d54a065cbe1d45f36bbf61bda208700237fbde"><code>07d54a0</code></a>
Use last touch position to assign a side to touch selections in wrapping
editors</li>
<li>See full diff in <a
href="https://github.com/codemirror/view/compare/6.39.16...6.39.17">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.39.16&new-version=6.39.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-13 13:52:38 +00:00
dependabot[bot] 8305991d9a chore(deps): Bump i18next from 25.8.16 to 25.8.17 (#1704) 
Bumps [i18next](https://github.com/i18next/i18next) from 25.8.16 to
25.8.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.8.17</h2>
<ul>
<li>update deps</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.8.17</h2>
<ul>
<li>update deps</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/e685b3e0308a2bbf6ddfc76afbb34e59ab9dd1fd"><code>e685b3e</code></a>
25.8.17</li>
<li><a
href="https://github.com/i18next/i18next/commit/272d1e9c428708233289a4e1ad47d94afd15a4ce"><code>272d1e9</code></a>
update deps</li>
<li><a
href="https://github.com/i18next/i18next/commit/660191cc372df78b9e800d5e46d10abaa059c525"><code>660191c</code></a>
refine notice msg</li>
<li><a
href="https://github.com/i18next/i18next/commit/cd7ab7017886fad9d414fb276ddb0e6b5afe1592"><code>cd7ab70</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.8.16...v25.8.17">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.8.16&new-version=25.8.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-13 13:51:47 +00:00
dependabot[bot] d5721f21c4 chore(deps): Bump i18next from 25.8.14 to 25.8.16 (#1703) 
Bumps [i18next](https://github.com/i18next/i18next) from 25.8.14 to
25.8.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.8.16</h2>
<ul>
<li>fix(types): <code>on()</code> method now correctly returns
<code>this</code> instead of <code>void</code>, matching the runtime
behavior and enabling proper method chaining in TypeScript</li>
</ul>
<h2>v25.8.15</h2>
<ul>
<li>fix: Selector API unable to resolve namespaces <a
href="https://redirect.github.com/i18next/i18next/issues/2402">#2402</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.8.16</h2>
<ul>
<li>fix(types): <code>on()</code> method now correctly returns
<code>this</code> instead of <code>void</code>, matching the runtime
behavior and enabling proper method chaining in TypeScript</li>
</ul>
<h2>25.8.15</h2>
<ul>
<li>fix: Selector API unable to resolve namespaces <a
href="https://redirect.github.com/i18next/i18next/issues/2402">2402</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/da0778e7a7cc3d04818af6a69ffa1fb23386fbb2"><code>da0778e</code></a>
25.8.16</li>
<li><a
href="https://github.com/i18next/i18next/commit/98e5ea71934ed8ac1a61eb89aee906f783b51ba0"><code>98e5ea7</code></a>
fix(types): <code>on()</code> method now correctly returns
<code>this</code> instead of <code>void</code>, mat...</li>
<li><a
href="https://github.com/i18next/i18next/commit/ea398adef4f1edf1077cdf5a78bfa0baa01a2f5f"><code>ea398ad</code></a>
jsr update</li>
<li><a
href="https://github.com/i18next/i18next/commit/59ab101d7a692fbbe36422f5e464eb1cfb1884b7"><code>59ab101</code></a>
25.8.15</li>
<li><a
href="https://github.com/i18next/i18next/commit/5297cfee7ec77926cd9e5716df632fd8c4c47285"><code>5297cfe</code></a>
fix: Selector API unable to resolve namespaces <a
href="https://redirect.github.com/i18next/i18next/issues/2402">#2402</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/b1e16e46af8bd9bf00fd8b3bd63890bad37b8629"><code>b1e16e4</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.8.14...v25.8.16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.8.14&new-version=25.8.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-12 13:53:03 +00:00
dependabot[bot] 441dff7296 chore(deps-dev): Bump i18next-cli from 1.49.3 to 1.49.4 (#1702) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.49.3
to 1.49.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.3...v1.49.4">1.49.4</a>
- 2026-03-08</h2>
<ul>
<li>improve extractor regarding &quot;resolve namespace from
const/identifier expressions&quot; <a
href="https://redirect.github.com/i18next/i18next-cli/issues/209">#209</a></li>
<li>improve extractor regarding &quot;support TS type-aware resolution
for finite dynamic keys (template unions, const maps, helper
returns)&quot; <a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/6ca4a42ed76a7d5c8a8d3cf0f5a833f0bda4f941"><code>6ca4a42</code></a>
1.49.4</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/11cae331831a05f642607f32a2ffb3c02542660a"><code>11cae33</code></a>
improve extractor regarding &quot;support TS type-aware resolution for
finite dyna...</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/4bec9368e16b5aa3c5e6fe003deb51a525afcf61"><code>4bec936</code></a>
improve extractor regarding &quot;resolve namespace from
const/identifier expressi...</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next-cli/compare/v1.49.3...v1.49.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.49.3&new-version=1.49.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-12 13:52:45 +00:00
dependabot[bot] 73ed303eb4 chore(deps-dev): Bump eslint from 10.0.2 to 10.0.3 (#1701) 
Bumps [eslint](https://github.com/eslint/eslint) from 10.0.2 to 10.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v10.0.3</h2>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/e511b58d5ecd63a232b87743614867f4eaadbba4"><code>e511b58</code></a>
fix: update eslint (<a
href="https://redirect.github.com/eslint/eslint/issues/20595">#20595</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/f4c9cf9b8dc5642de555a09295933464080d722a"><code>f4c9cf9</code></a>
fix: include variable name in <code>no-useless-assignment</code> message
(<a
href="https://redirect.github.com/eslint/eslint/issues/20581">#20581</a>)
(sethamus)</li>
<li><a
href="https://github.com/eslint/eslint/commit/ee9ff31cee13712d2be2a6b5c0a4a54449fe9fe1"><code>ee9ff31</code></a>
fix: update dependency minimatch to ^10.2.4 (<a
href="https://redirect.github.com/eslint/eslint/issues/20562">#20562</a>)
(Milos Djermanovic)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/9fc31b03ef05abfc4f0f449b22947029d51a72f6"><code>9fc31b0</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/4efaa367c62d5a45dd21e246e4a506e11dd51758"><code>4efaa36</code></a>
docs: add info box for <code>eslint-plugin-eslint-comments</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20570">#20570</a>)
(DesselBane)</li>
<li><a
href="https://github.com/eslint/eslint/commit/23b2759dd5cd70976ab2e8f4a1cf86ffe4b9f65d"><code>23b2759</code></a>
docs: add v10 migration guide link to Use docs index (<a
href="https://redirect.github.com/eslint/eslint/issues/20577">#20577</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/80259a9b0d9e29596a5ef0e1e5269031636cacdb"><code>80259a9</code></a>
docs: Remove deprecated eslintrc documentation files (<a
href="https://redirect.github.com/eslint/eslint/issues/20472">#20472</a>)
(Copilot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/9b9b4baf7f0515d28290464ea754d7e7dc350395"><code>9b9b4ba</code></a>
docs: fix typo in no-await-in-loop documentation (<a
href="https://redirect.github.com/eslint/eslint/issues/20575">#20575</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e7d72a77e5e1277690a505160137aebd5985909a"><code>e7d72a7</code></a>
docs: document TypeScript 5.3 minimum supported version (<a
href="https://redirect.github.com/eslint/eslint/issues/20547">#20547</a>)
(sethamus)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/ef8fb924bfabc2e239b46b2d7b3c37319b03084e"><code>ef8fb92</code></a>
chore: package.json update for eslint-config-eslint release
(Jenkins)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e8f21040f675753e92df8e04f2dbd03addb92985"><code>e8f2104</code></a>
chore: updates for v9.39.4 release (Jenkins)</li>
<li><a
href="https://github.com/eslint/eslint/commit/5cd1604cea5734bc235155a1a1add9f08ae83370"><code>5cd1604</code></a>
refactor: simplify isCombiningCharacter helper (<a
href="https://redirect.github.com/eslint/eslint/issues/20524">#20524</a>)
(Huáng Jùnliàng)</li>
<li><a
href="https://github.com/eslint/eslint/commit/70ff1d07a8e7eba9e70b67ea55fcf2e47cdc9b2d"><code>70ff1d0</code></a>
chore: eslint-config-eslint require Node <code>^20.19.0 || ^22.13.0 ||
&gt;=24</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20586">#20586</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e32df71a569d5f4aca13079dedd4ae76ea05168a"><code>e32df71</code></a>
chore: update eslint-plugin-eslint-comments, remove legacy-peer-deps (<a
href="https://redirect.github.com/eslint/eslint/issues/20576">#20576</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/53ca6eeed87262ebddd20636107f486badabcc1f"><code>53ca6ee</code></a>
chore: disable <code>eslint-comments/no-unused-disable</code> rule (<a
href="https://redirect.github.com/eslint/eslint/issues/20578">#20578</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e1218957452e223af27ace1f9d031ab421aec08f"><code>e121895</code></a>
ci: pin Node.js 25.6.1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20559">#20559</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/efc5aef2f9a05f01d5cad53dcb91e7f2c575e295"><code>efc5aef</code></a>
chore: update <code>tsconfig.json</code> in
<code>eslint-config-eslint</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20551">#20551</a>)
(Francesco Trotta)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/bfce7eaa0ec5d6591fd247b7ff57b51e45fb88a1"><code>bfce7ea</code></a>
10.0.3</li>
<li><a
href="https://github.com/eslint/eslint/commit/d44ced84bb00b1df3c616255f28d036089703ed8"><code>d44ced8</code></a>
Build: changelog update for 10.0.3</li>
<li><a
href="https://github.com/eslint/eslint/commit/e511b58d5ecd63a232b87743614867f4eaadbba4"><code>e511b58</code></a>
fix: update eslint (<a
href="https://redirect.github.com/eslint/eslint/issues/20595">#20595</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/ef8fb924bfabc2e239b46b2d7b3c37319b03084e"><code>ef8fb92</code></a>
chore: package.json update for eslint-config-eslint release</li>
<li><a
href="https://github.com/eslint/eslint/commit/e8f21040f675753e92df8e04f2dbd03addb92985"><code>e8f2104</code></a>
chore: updates for v9.39.4 release</li>
<li><a
href="https://github.com/eslint/eslint/commit/5cd1604cea5734bc235155a1a1add9f08ae83370"><code>5cd1604</code></a>
refactor: simplify isCombiningCharacter helper (<a
href="https://redirect.github.com/eslint/eslint/issues/20524">#20524</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/9fc31b03ef05abfc4f0f449b22947029d51a72f6"><code>9fc31b0</code></a>
docs: Update README</li>
<li><a
href="https://github.com/eslint/eslint/commit/70ff1d07a8e7eba9e70b67ea55fcf2e47cdc9b2d"><code>70ff1d0</code></a>
chore: eslint-config-eslint require Node <code>^20.19.0 || ^22.13.0 ||
&gt;=24</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20586">#20586</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f4c9cf9b8dc5642de555a09295933464080d722a"><code>f4c9cf9</code></a>
fix: include variable name in <code>no-useless-assignment</code> message
(<a
href="https://redirect.github.com/eslint/eslint/issues/20581">#20581</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/4efaa367c62d5a45dd21e246e4a506e11dd51758"><code>4efaa36</code></a>
docs: add info box for <code>eslint-plugin-eslint-comments</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20570">#20570</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v10.0.2...v10.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=10.0.2&new-version=10.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-10 13:53:28 +00:00
dependabot[bot] 9d5e9ea715 chore(deps): Bump github/codeql-action from 4.32.5 to 4.32.6 (#1700) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.32.5 to 4.32.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.32.6</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.32.6 - 05 Mar 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3548">#3548</a></li>
</ul>
<h2>4.32.5 - 02 Mar 2026</h2>
<ul>
<li>Repositories owned by an organization can now set up the
<code>github-codeql-disable-overlay</code> custom repository property to
disable <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis for CodeQL</a>. First, create a custom repository
property with the name <code>github-codeql-disable-overlay</code> and
the type &quot;True/false&quot; in the organization's settings. Then in
the repository's settings, set this property to <code>true</code> to
disable improved incremental analysis. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>. This
feature is not yet available on GitHub Enterprise Server. <a
href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li>
<li>Added an experimental change so that when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> fails on a runner — potentially due to
insufficient disk space — the failure is recorded in the Actions cache
so that subsequent runs will automatically skip improved incremental
analysis until something changes (e.g. a larger runner is provisioned or
a new CodeQL version is released). We expect to roll this change out to
everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li>
<li>The minimum memory check for improved incremental analysis is now
skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage.
<a
href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li>
<li>Reduced log levels for best-effort private package registry
connection check failures to reduce noise from workflow annotations. <a
href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li>
<li>Added an experimental change which lowers the minimum disk space
requirement for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>, enabling it to run on standard GitHub Actions
runners. We expect to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li>
<li>Added an experimental change which allows the
<code>start-proxy</code> action to resolve the CodeQL CLI version from
feature flags instead of using the linked CLI bundle version. We expect
to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li>
<li>The previously experimental changes from versions 4.32.3, 4.32.4,
3.32.3 and 3.32.4 are now enabled by default. <a
href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>,
<a
href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li>
</ul>
<h2>4.32.4 - 20 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
<li>When the CodeQL Action is run <a
href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with
debugging enabled in Default Setup</a> and <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>, the &quot;Setup proxy for
registries&quot; step will output additional diagnostic information that
can be used for troubleshooting. <a
href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li>
<li>Added a setting which allows the CodeQL Action to enable network
debugging for Java programs. This will help GitHub staff support
customers with troubleshooting issues in GitHub-managed CodeQL
workflows, such as Default Setup. This setting can only be enabled by
GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li>
<li>Added a setting which enables GitHub-managed workflows, such as
Default Setup, to use a <a
href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly
CodeQL CLI release</a> instead of the latest, stable release that is
used by default. This will help GitHub staff support customers whose
analyses for a given repository or organization require early access to
a change in an upcoming CodeQL CLI release. This setting can only be
enabled by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li>
</ul>
<h2>4.32.3 - 13 Feb 2026</h2>
<ul>
<li>Added experimental support for testing connections to <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a>. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for Default Setup.
<a
href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li>
</ul>
<h2>4.32.2 - 05 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1">2.24.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3460">#3460</a></li>
</ul>
<h2>4.32.1 - 02 Feb 2026</h2>
<ul>
<li>A warning is now shown in Default Setup workflow logs if a <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registry is configured</a> using a GitHub Personal Access Token
(PAT), but no username is configured. <a
href="https://redirect.github.com/github/codeql-action/pull/3422">#3422</a></li>
<li>Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved. <a
href="https://redirect.github.com/github/codeql-action/pull/3421">#3421</a></li>
</ul>
<h2>4.32.0 - 26 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>4.31.11 - 23 Jan 2026</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/0d579ffd059c29b07949a3cce3983f0780820c98"><code>0d579ff</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3551">#3551</a>
from github/update-v4.32.6-72d2d850d</li>
<li><a
href="https://github.com/github/codeql-action/commit/d4c6be7cf1c47a33a06fa9183269e133e6863574"><code>d4c6be7</code></a>
Update changelog for v4.32.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/72d2d850d1f91d4e1e024f4cf4276fd16bb68462"><code>72d2d85</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3548">#3548</a>
from github/update-bundle/codeql-bundle-v2.24.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/23f983ce00d9a853697a6aaa9eae8d5abbf14849"><code>23f983c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3544">#3544</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/github/codeql-action/commit/832e97ccad228ef72e06ffee26f6251bceeb7e5f"><code>832e97c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3545">#3545</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/github/codeql-action/commit/5ef38c0b13c2f0f5ce928cb7706f5fb19fc97ae2"><code>5ef38c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3546">#3546</a>
from github/dependabot/npm_and_yarn/tar-7.5.10</li>
<li><a
href="https://github.com/github/codeql-action/commit/80c9cda73902bba67939606c4bf3a1d9606bb150"><code>80c9cda</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/f2669dd916c673b2811839169929a8ba71bb7634"><code>f2669dd</code></a>
Update default bundle to codeql-bundle-v2.24.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/bd03c44cf40965f5476f66fad404194e4cb35710"><code>bd03c44</code></a>
Merge branch 'main' into
dependabot/github_actions/dot-github/workflows/actio...</li>
<li><a
href="https://github.com/github/codeql-action/commit/102d7627b63c066871badf0743c11b2f6dd9c9e9"><code>102d762</code></a>
Bump tar from 7.5.7 to 7.5.10</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/c793b717bc78562f491db7b0e93a3a178b099162...0d579ffd059c29b07949a3cce3983f0780820c98">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.32.5&new-version=4.32.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 14:45:50 +00:00
dependabot[bot] 2b60b7caa7 chore(deps): Bump docker/login-action from 3.7.0 to 4.0.0 (#1699) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.7.0 to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a>
<a
href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> from 3.890.0 to
3.1000.0 in <a
href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a>
<a
href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a>
<a
href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li>
<li>Bump <code>@​isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a
href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li>
<li>Bump js-yaml from 4.1.0 to 4.1.1 in <a
href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/b45d80f862d83dbcd57f89517bcf500b2ab88fb2"><code>b45d80f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/929">#929</a>
from crazy-max/node24</li>
<li><a
href="https://github.com/docker/login-action/commit/176cb9c12abea98dfe844071c0999ff6ee9688a7"><code>176cb9c</code></a>
node 24 as default runtime</li>
<li><a
href="https://github.com/docker/login-action/commit/cad89843109a11cb6f69f52fe695c42cf69d57d3"><code>cad8984</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/920">#920</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="https://github.com/docker/login-action/commit/92cbcb231ed341e7dc71693351b21f5ba65f8349"><code>92cbcb2</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/5a2d6a71bd3e0cb4abb6faae33f3dde61ece8e5b"><code>5a2d6a7</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="https://github.com/docker/login-action/commit/44512b6b2e08b878e82b107b394fcd1af5748e63"><code>44512b6</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/928">#928</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/login-action/commit/28737a5e46bc0c62910ef429b2e55f9cabbbd5df"><code>28737a5</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/dac079354afbd8db4c3b58b8cc6946573479b2a6"><code>dac0793</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.76.0 to
0.77.0</li>
<li><a
href="https://github.com/docker/login-action/commit/62029f315d6d05c8646343320e4a1552e5f1c77a"><code>62029f3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/919">#919</a>
from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li>
<li><a
href="https://github.com/docker/login-action/commit/08c8f064bf22a1c55918ee608a81d87b13cc4461"><code>08c8f06</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.7.0&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 14:45:19 +00:00
dependabot[bot] 7804e5930d chore(deps): Bump i18next from 25.8.13 to 25.8.14 (#1698) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [i18next](https://github.com/i18next/i18next) from 25.8.13 to
25.8.14.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.8.14</h2>
<ul>
<li>fix: getCleanedCode now replaces all underscores</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.8.14</h2>
<ul>
<li>fix: getCleanedCode now replaces all underscores</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/d202ac2f34e4d34c51bbf289a3fa6aa5c7f5c71d"><code>d202ac2</code></a>
25.8.14</li>
<li><a
href="https://github.com/i18next/i18next/commit/96c202eb5d5a4232a9e1ffca3784b143c92c7633"><code>96c202e</code></a>
release</li>
<li><a
href="https://github.com/i18next/i18next/commit/32db71e9b73fdfc8984f0fd8616fb2c2bb92fca6"><code>32db71e</code></a>
fix: replace only first underscore in getCleanedCode (<a
href="https://redirect.github.com/i18next/i18next/issues/2399">#2399</a>)</li>
<li><a
href="https://github.com/i18next/i18next/commit/c3eb7e233227147e7ffb72d6b9388ba7ad6736ed"><code>c3eb7e2</code></a>
readme</li>
<li><a
href="https://github.com/i18next/i18next/commit/bc282ba36bc131440edd0add56100f56194f0e1b"><code>bc282ba</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.8.13...v25.8.14">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=25.8.13&new-version=25.8.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 14:43:06 +00:00
dependabot[bot] 4273ec5e90 chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.6.0 to 24.7.0 (#1697) 
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.6.0 to 24.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases"><code>@​maplibre/maplibre-gl-style-spec</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v24.7.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Validate that <code>raster</code> layers do not specify both
<code>resampling</code> and <code>raster-resampling</code> paint
properties (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1532">#1532</a>)
(by <a href="https://github.com/larsmaxfield">larsmaxfield</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md"><code>@​maplibre/maplibre-gl-style-spec</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>24.7.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Validate that <code>raster</code> layers do not specify both
<code>resampling</code> and <code>raster-resampling</code> paint
properties (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1532">#1532</a>)
(by <a href="https://github.com/larsmaxfield">larsmaxfield</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/ea919f8573e5330da6a12b49600b2aa0f2d9c3cd"><code>ea919f8</code></a>
Bump js version to 24.7.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1534">#1534</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/ba751f4cb58a2d1bb583a238b645a4f4cd5adbf7"><code>ba751f4</code></a>
Validate that raster layers do not specify both 'resampling' and
'raster-resa...</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/8d85feb97dbe27112f4504ee6317d3e0b55bfed7"><code>8d85feb</code></a>
Revert &quot;fix(docs): restore classic theme variant for Zensical
migration (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/152">#152</a>...</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/906fcc501e1224dd515c1f462859c8f98076d06e"><code>906fcc5</code></a>
fix(docs): restore classic theme variant for Zensical migration (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1529">#1529</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/0d6c1f8f0bdc889357901da7b9f6890133a12188"><code>0d6c1f8</code></a>
build(deps-dev): bump <code>@​types/node</code> from 25.3.0 to 25.3.3
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1527">#1527</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/7788cbed1243b3c3cc494da870fe11f53f992816"><code>7788cbe</code></a>
build(deps-dev): bump oxfmt from 0.34.0 to 0.35.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1526">#1526</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/3f8245b24f10917545b5e9e7560c89749ee40025"><code>3f8245b</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 62.7.0 to 62.7.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1523">#1523</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/508aa4f9864e300d27a6f0c23467a1274100b66e"><code>508aa4f</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1525">#1525</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/9c529b20a2d48a8ed9608325731300e710ebd818"><code>9c529b2</code></a>
build(deps-dev): bump globals from 17.3.0 to 17.4.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1524">#1524</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/5778703d457a305cdac23bd11ffa1aec47a0aee1"><code>5778703</code></a>
build(deps-dev): bump eslint from 10.0.1 to 10.0.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1522">#1522</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.6.0...v24.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.6.0&new-version=24.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 14:42:31 +00:00
dependabot[bot] 9a30f164eb chore(deps-dev): Bump @stylistic/eslint-plugin from 5.9.0 to 5.10.0 (#1696) 
Bumps
[@stylistic/eslint-plugin](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin)
from 5.9.0 to 5.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint-stylistic/eslint-stylistic/releases"><code>@​stylistic/eslint-plugin</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v5.10.0</h2>
<h2><a
href="https://github.com/eslint-stylistic/eslint-stylistic/compare/v5.9.0...v5.10.0">5.10.0</a>
(2026-03-06)</h2>
<h3>Features</h3>
<ul>
<li><strong>list-style:</strong> allow 'off' in overrides (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1144">#1144</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/c43bd4b14ebb4222b3f4e151967aac5e82bd8290">c43bd4b</a>)</li>
<li><strong>padding-line-between-statements:</strong> introduce
<code>lineMode</code> for selector matcher (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1143">#1143</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/1ebd6d8e59bad0e5330e560df724f29455b92adb">1ebd6d8</a>)</li>
</ul>
<h3>Build Related</h3>
<ul>
<li><strong>deps:</strong> bump actions/download-artifact from 7 to 8
(<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1153">#1153</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/78ca032c765110952b63a86ca7177a28597371c9">78ca032</a>)</li>
<li><strong>deps:</strong> bump actions/upload-artifact from 6 to 7 (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1154">#1154</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/01f7b17856549b681589a97480f6014ab39f21f3">01f7b17</a>)</li>
</ul>
<h3>Performance</h3>
<ul>
<li>no export all for <code>@​typescript-eslint/utils</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1150">#1150</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/258f9d8f6a171fcdbdc994768fb08938fafc4470">258f9d8</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/eslint-stylistic/eslint-stylistic/blob/v5.10.0/CHANGELOG.md"><code>@​stylistic/eslint-plugin</code>'s
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/eslint-stylistic/eslint-stylistic/compare/v5.9.0...v5.10.0">5.10.0</a>
(2026-03-06)</h2>
<h3>Features</h3>
<ul>
<li><strong>list-style:</strong> allow 'off' in overrides (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1144">#1144</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/c43bd4b14ebb4222b3f4e151967aac5e82bd8290">c43bd4b</a>)</li>
<li><strong>padding-line-between-statements:</strong> introduce
<code>lineMode</code> for selector matcher (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1143">#1143</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/1ebd6d8e59bad0e5330e560df724f29455b92adb">1ebd6d8</a>)</li>
</ul>
<h3>Build Related</h3>
<ul>
<li><strong>deps:</strong> bump actions/download-artifact from 7 to 8
(<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1153">#1153</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/78ca032c765110952b63a86ca7177a28597371c9">78ca032</a>)</li>
<li><strong>deps:</strong> bump actions/upload-artifact from 6 to 7 (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1154">#1154</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/01f7b17856549b681589a97480f6014ab39f21f3">01f7b17</a>)</li>
</ul>
<h3>Performance</h3>
<ul>
<li>no export all for <code>@​typescript-eslint/utils</code> (<a
href="https://redirect.github.com/eslint-stylistic/eslint-stylistic/issues/1150">#1150</a>)
(<a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/258f9d8f6a171fcdbdc994768fb08938fafc4470">258f9d8</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/efbb1bc0e5aaedc4695c44a03f46f4fcbbe58712"><code>efbb1bc</code></a>
chore: release v5.10.0 (main) (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1151">#1151</a>)</li>
<li><a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/1ebd6d8e59bad0e5330e560df724f29455b92adb"><code>1ebd6d8</code></a>
feat(padding-line-between-statements): introduce <code>lineMode</code>
for selector matc...</li>
<li><a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/c43bd4b14ebb4222b3f4e151967aac5e82bd8290"><code>c43bd4b</code></a>
feat(list-style): allow 'off' in overrides (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1144">#1144</a>)</li>
<li><a
href="https://github.com/eslint-stylistic/eslint-stylistic/commit/95884fc06e342243ea65e0038bac07d94d5708dd"><code>95884fc</code></a>
chore: replace <code>prettier</code> with <code>oxfmt</code> (<a
href="https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin/issues/1147">#1147</a>)</li>
<li>See full diff in <a
href="https://github.com/eslint-stylistic/eslint-stylistic/commits/v5.10.0/packages/eslint-plugin">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@stylistic/eslint-plugin&package-manager=npm_and_yarn&previous-version=5.9.0&new-version=5.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 14:42:28 +00:00
dependabot[bot] 194bb0b1df chore(deps-dev): Bump i18next-cli from 1.47.9 to 1.49.3 (#1694) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.47.9
to 1.49.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.2...v1.49.3">1.49.3</a>
- 2026-03-05</h2>
<ul>
<li>fix: disablePlurals flag ignored when extracting languages <a
href="https://redirect.github.com/i18next/i18next-cli/issues/212">#212</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.1...v1.49.2">1.49.2</a>
- 2026-03-05</h2>
<ul>
<li>Fixed: add file extensions to all imports (for d.ts files) (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/137">#137</a>)
<a
href="https://redirect.github.com/i18next/i18next-cli/pull/211">#211</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.49.0...v1.49.1">1.49.1</a>
- 2026-03-05</h2>
<ul>
<li><strong>Extractor (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/209">#209</a>):</strong>
<code>t('key', { ns: IDENTIFIER })</code> now correctly resolves the
namespace when <code>ns</code> is a <code>const</code> variable,
matching the already-supported <code>useTranslation(IDENTIFIER)</code>
pattern</li>
<li><strong>Extractor (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a>):</strong>
<code>as const</code> array literals (<code>['a', 'b'] as const</code>)
are now captured and their values expanded when used in
<code>.map()</code> / <code>.forEach()</code> callbacks</li>
<li><strong>Extractor (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a>):</strong>
<code>(typeof ARRAY)[number]</code> indexed access types now resolve
correctly through <code>TsParenthesizedType</code> wrappers emitted by
SWC</li>
<li><strong>Extractor (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a>):</strong>
<code>declare const x: TypeAlias</code> and
<code>useState&lt;TypeAlias&gt;()</code> destructuring patterns now
resolve after their referenced type alias is captured, fixing
ordering-dependent failures</li>
<li><strong>Extractor (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a>):</strong>
Exported <code>as const</code> arrays and type aliases are now shared
across files, enabling cross-file resolution of imported constants and
type aliases</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.48.1...v1.49.0">1.49.0</a>
- 2026-03-05</h2>
<ul>
<li>Extractor: resolve namespace from const/identifier expressions
without custom plugins <a
href="https://redirect.github.com/i18next/i18next-cli/issues/209">#209</a></li>
<li>Extractor: support TS type-aware resolution for finite dynamic keys
(template unions, const maps, helper returns) <a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.48.0...v1.48.1">1.48.1</a>
- 2026-03-04</h2>
<ul>
<li>Extractor: Resolve and safe constants cross-files <a
href="https://redirect.github.com/i18next/i18next-cli/pull/207">#207</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.47.12...v1.48.0">1.48.0</a>
- 2026-03-04</h2>
<ul>
<li>feat(plugin): add <code>onKeySubmitted</code> hook to observe every
key extraction before deduplication <a
href="https://redirect.github.com/i18next/i18next-cli/issues/206">#206</a></li>
<li>feat(extract): add <code>warnOnConflicts</code> option to detect
conflicting default values for the same key (<code>true</code> /
<code>'warn'</code> to log, <code>'error'</code> to throw)</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.47.11...v1.47.12">1.47.12</a>
- 2026-03-04</h2>
<ul>
<li>Extractor: Handle object props as namespace <a
href="https://redirect.github.com/i18next/i18next-cli/pull/205">#205</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.47.10...v1.47.11">1.47.11</a>
- 2026-03-03</h2>
<ul>
<li>Handle typed expressions in extractor <a
href="https://redirect.github.com/i18next/i18next-cli/pull/204">#204</a></li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.47.9...v1.47.10">1.47.10</a>
- 2026-03-03</h2>
<ul>
<li>fallback locize cli calls to npx</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/a62967d7528966645f07182c4d57114e64982354"><code>a62967d</code></a>
1.49.3</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/77df1a0879d300ea3fa7d6309904869bf3f4ed0e"><code>77df1a0</code></a>
fix: disablePlurals flag ignored when extracting languages <a
href="https://redirect.github.com/i18next/i18next-cli/issues/212">#212</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/f7f742a2ed1825bddacc63fc0e261a707ef79cf2"><code>f7f742a</code></a>
cosmetics</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/86ee79299caa84a1b4d24679115320e9e2ead11e"><code>86ee792</code></a>
1.49.2</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/c9df9f63b3c2e76a4e4d5f7f23de5c037e9b536d"><code>c9df9f6</code></a>
deps update</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/651c05b37c90ec5a3bc8a087b2138135a5fafa94"><code>651c05b</code></a>
release</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/46e6e4041971da29a3e9b12993a4b7dc7aef3470"><code>46e6e40</code></a>
Fixed: add file extensions to all imports (for d.ts files) (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/137">#137</a>)
(<a
href="https://redirect.github.com/i18next/i18next-cli/issues/211">#211</a>)</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/686827c7637cce2451fc6f8a3705691b018a98a8"><code>686827c</code></a>
1.49.1</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/f914f5de8baf1a4dcdbd536d6f60cf8929887e04"><code>f914f5d</code></a>
improvements for <a
href="https://redirect.github.com/i18next/i18next-cli/issues/209">#209</a>
and <a
href="https://redirect.github.com/i18next/i18next-cli/issues/210">#210</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/f185254a8e06e78c8cd40975529f004f301d24e5"><code>f185254</code></a>
1.49.0</li>
<li>Additional commits viewable in <a
href="https://github.com/i18next/i18next-cli/compare/v1.47.9...v1.49.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.47.9&new-version=1.49.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 14:41:45 +00:00
dependabot[bot] 9604afa0a6 chore(deps): Bump actions/setup-node from 6.2.0 to 6.3.0 (#1693) 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from
6.2.0 to 6.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.0</h2>
<h2>What's Changed</h2>
<h3>Enhancements:</h3>
<ul>
<li>Support parsing <code>devEngines</code> field by <a
href="https://github.com/susnux"><code>@​susnux</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1283">actions/setup-node#1283</a></li>
</ul>
<blockquote>
<p>When using node-version-file: package.json, setup-node now
prefers devEngines.runtime over engines.node.</p>
</blockquote>
<h3>Dependency updates:</h3>
<ul>
<li>Fix npm audit issues by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-node/pull/1491">actions/setup-node#1491</a></li>
<li>Replace uuid with crypto.randomUUID() by <a
href="https://github.com/trivikr"><code>@​trivikr</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1378">actions/setup-node#1378</a></li>
<li>Upgrade minimatch from 3.1.2 to 3.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1498">actions/setup-node#1498</a></li>
</ul>
<h3>Bug fixes:</h3>
<ul>
<li>Remove hardcoded bearer for mirror-url <a
href="https://github.com/marco-ippolito"><code>@​marco-ippolito</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1467">actions/setup-node#1467</a></li>
<li>Scope test lockfiles by package manager and update cache tests by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-node/pull/1495">actions/setup-node#1495</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/susnux"><code>@​susnux</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1283">actions/setup-node#1283</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v6...v6.3.0">https://github.com/actions/setup-node/compare/v6...v6.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f"><code>53b8394</code></a>
Bump minimatch from 3.1.2 to 3.1.5 (<a
href="https://redirect.github.com/actions/setup-node/issues/1498">#1498</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc"><code>54045ab</code></a>
Scope test lockfiles by package manager and update cache tests (<a
href="https://redirect.github.com/actions/setup-node/issues/1495">#1495</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a"><code>c882bff</code></a>
Replace uuid with crypto.randomUUID() (<a
href="https://redirect.github.com/actions/setup-node/issues/1378">#1378</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d"><code>774c1d6</code></a>
feat(node-version-file): support parsing <code>devEngines</code> field
(<a
href="https://redirect.github.com/actions/setup-node/issues/1283">#1283</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e"><code>efcb663</code></a>
fix: remove hardcoded bearer (<a
href="https://redirect.github.com/actions/setup-node/issues/1467">#1467</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb"><code>d02c89d</code></a>
Fix npm audit issues (<a
href="https://redirect.github.com/actions/setup-node/issues/1491">#1491</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/6044e13b5dc448c55e2357c09f80417699197238...53b83947a5a98c8d113130e565377fae1a50d02f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-node&package-manager=github_actions&previous-version=6.2.0&new-version=6.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-06 13:52:05 +00:00
dependabot[bot] bce32185d9 chore(deps): Bump github/codeql-action from 4.31.7 to 4.32.5 (#1691) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.31.7 to 4.32.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.32.5</h2>
<ul>
<li>Repositories owned by an organization can now set up the
<code>github-codeql-disable-overlay</code> custom repository property to
disable <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis for CodeQL</a>. First, create a custom repository
property with the name <code>github-codeql-disable-overlay</code> and
the type &quot;True/false&quot; in the organization's settings. Then in
the repository's settings, set this property to <code>true</code> to
disable improved incremental analysis. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>. This
feature is not yet available on GitHub Enterprise Server. <a
href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li>
<li>Added an experimental change so that when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> fails on a runner — potentially due to
insufficient disk space — the failure is recorded in the Actions cache
so that subsequent runs will automatically skip improved incremental
analysis until something changes (e.g. a larger runner is provisioned or
a new CodeQL version is released). We expect to roll this change out to
everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li>
<li>The minimum memory check for improved incremental analysis is now
skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage.
<a
href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li>
<li>Reduced log levels for best-effort private package registry
connection check failures to reduce noise from workflow annotations. <a
href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li>
<li>Added an experimental change which lowers the minimum disk space
requirement for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>, enabling it to run on standard GitHub Actions
runners. We expect to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li>
<li>Added an experimental change which allows the
<code>start-proxy</code> action to resolve the CodeQL CLI version from
feature flags instead of using the linked CLI bundle version. We expect
to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li>
<li>The previously experimental changes from versions 4.32.3, 4.32.4,
3.32.3 and 3.32.4 are now enabled by default. <a
href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>,
<a
href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li>
</ul>
<h2>v4.32.4</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
<li>When the CodeQL Action is run <a
href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with
debugging enabled in Default Setup</a> and <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>, the &quot;Setup proxy for
registries&quot; step will output additional diagnostic information that
can be used for troubleshooting. <a
href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li>
<li>Added a setting which allows the CodeQL Action to enable network
debugging for Java programs. This will help GitHub staff support
customers with troubleshooting issues in GitHub-managed CodeQL
workflows, such as Default Setup. This setting can only be enabled by
GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li>
<li>Added a setting which enables GitHub-managed workflows, such as
Default Setup, to use a <a
href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly
CodeQL CLI release</a> instead of the latest, stable release that is
used by default. This will help GitHub staff support customers whose
analyses for a given repository or organization require early access to
a change in an upcoming CodeQL CLI release. This setting can only be
enabled by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li>
</ul>
<h2>v4.32.3</h2>
<ul>
<li>Added experimental support for testing connections to <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a>. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for Default Setup.
<a
href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li>
</ul>
<h2>v4.32.2</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1">2.24.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3460">#3460</a></li>
</ul>
<h2>v4.32.1</h2>
<ul>
<li>A warning is now shown in Default Setup workflow logs if a <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registry is configured</a> using a GitHub Personal Access Token
(PAT), but no username is configured. <a
href="https://redirect.github.com/github/codeql-action/pull/3422">#3422</a></li>
<li>Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved. <a
href="https://redirect.github.com/github/codeql-action/pull/3421">#3421</a></li>
</ul>
<h2>v4.32.0</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>v4.31.11</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<h2>v4.31.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.10 - 12 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.9. <a
href="https://redirect.github.com/github/codeql-action/pull/3393">#3393</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v4.31.9</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.32.5 - 02 Mar 2026</h2>
<ul>
<li>Repositories owned by an organization can now set up the
<code>github-codeql-disable-overlay</code> custom repository property to
disable <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis for CodeQL</a>. First, create a custom repository
property with the name <code>github-codeql-disable-overlay</code> and
the type &quot;True/false&quot; in the organization's settings. Then in
the repository's settings, set this property to <code>true</code> to
disable improved incremental analysis. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>. This
feature is not yet available on GitHub Enterprise Server. <a
href="https://redirect.github.com/github/codeql-action/pull/3507">#3507</a></li>
<li>Added an experimental change so that when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> fails on a runner — potentially due to
insufficient disk space — the failure is recorded in the Actions cache
so that subsequent runs will automatically skip improved incremental
analysis until something changes (e.g. a larger runner is provisioned or
a new CodeQL version is released). We expect to roll this change out to
everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3487">#3487</a></li>
<li>The minimum memory check for improved incremental analysis is now
skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage.
<a
href="https://redirect.github.com/github/codeql-action/pull/3515">#3515</a></li>
<li>Reduced log levels for best-effort private package registry
connection check failures to reduce noise from workflow annotations. <a
href="https://redirect.github.com/github/codeql-action/pull/3516">#3516</a></li>
<li>Added an experimental change which lowers the minimum disk space
requirement for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>, enabling it to run on standard GitHub Actions
runners. We expect to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3498">#3498</a></li>
<li>Added an experimental change which allows the
<code>start-proxy</code> action to resolve the CodeQL CLI version from
feature flags instead of using the linked CLI bundle version. We expect
to roll this change out to everyone in March. <a
href="https://redirect.github.com/github/codeql-action/pull/3512">#3512</a></li>
<li>The previously experimental changes from versions 4.32.3, 4.32.4,
3.32.3 and 3.32.4 are now enabled by default. <a
href="https://redirect.github.com/github/codeql-action/pull/3503">#3503</a>,
<a
href="https://redirect.github.com/github/codeql-action/pull/3504">#3504</a></li>
</ul>
<h2>4.32.4 - 20 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.2">2.24.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3493">#3493</a></li>
<li>Added an experimental change which improves how certificates are
generated for the authentication proxy that is used by the CodeQL Action
in Default Setup when <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>. This is expected to generate more
widely compatible certificates and should have no impact on analyses
which are working correctly already. We expect to roll this change out
to everyone in February. <a
href="https://redirect.github.com/github/codeql-action/pull/3473">#3473</a></li>
<li>When the CodeQL Action is run <a
href="https://docs.github.com/en/code-security/how-tos/scan-code-for-vulnerabilities/troubleshooting/troubleshooting-analysis-errors/logs-not-detailed-enough#creating-codeql-debugging-artifacts-for-codeql-default-setup">with
debugging enabled in Default Setup</a> and <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries are configured</a>, the &quot;Setup proxy for
registries&quot; step will output additional diagnostic information that
can be used for troubleshooting. <a
href="https://redirect.github.com/github/codeql-action/pull/3486">#3486</a></li>
<li>Added a setting which allows the CodeQL Action to enable network
debugging for Java programs. This will help GitHub staff support
customers with troubleshooting issues in GitHub-managed CodeQL
workflows, such as Default Setup. This setting can only be enabled by
GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3485">#3485</a></li>
<li>Added a setting which enables GitHub-managed workflows, such as
Default Setup, to use a <a
href="https://github.com/dsp-testing/codeql-cli-nightlies">nightly
CodeQL CLI release</a> instead of the latest, stable release that is
used by default. This will help GitHub staff support customers whose
analyses for a given repository or organization require early access to
a change in an upcoming CodeQL CLI release. This setting can only be
enabled by GitHub staff. <a
href="https://redirect.github.com/github/codeql-action/pull/3484">#3484</a></li>
</ul>
<h2>4.32.3 - 13 Feb 2026</h2>
<ul>
<li>Added experimental support for testing connections to <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a>. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for Default Setup.
<a
href="https://redirect.github.com/github/codeql-action/pull/3466">#3466</a></li>
</ul>
<h2>4.32.2 - 05 Feb 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1">2.24.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3460">#3460</a></li>
</ul>
<h2>4.32.1 - 02 Feb 2026</h2>
<ul>
<li>A warning is now shown in Default Setup workflow logs if a <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registry is configured</a> using a GitHub Personal Access Token
(PAT), but no username is configured. <a
href="https://redirect.github.com/github/codeql-action/pull/3422">#3422</a></li>
<li>Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved. <a
href="https://redirect.github.com/github/codeql-action/pull/3421">#3421</a></li>
</ul>
<h2>4.32.0 - 26 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>4.31.11 - 23 Jan 2026</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/c793b717bc78562f491db7b0e93a3a178b099162"><code>c793b71</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3523">#3523</a>
from github/update-v4.32.5-ca42bf226</li>
<li><a
href="https://github.com/github/codeql-action/commit/06cd615ad8b3edfe6778d58fb83174989a173272"><code>06cd615</code></a>
Soften language re overlay failures</li>
<li><a
href="https://github.com/github/codeql-action/commit/f5516c663089381234544cc3360963ecb4620691"><code>f5516c6</code></a>
Improve changelog</li>
<li><a
href="https://github.com/github/codeql-action/commit/97519e197e39ab1f818d1cd777ebde1f36b6fc8b"><code>97519e1</code></a>
Update release date</li>
<li><a
href="https://github.com/github/codeql-action/commit/05259a1d08a6131e0365f17225b6cdd505374c9d"><code>05259a1</code></a>
Add more changelog notes</li>
<li><a
href="https://github.com/github/codeql-action/commit/01ee2f785a9e66afe909ab712595ddf300b09a62"><code>01ee2f7</code></a>
Add changelog notes</li>
<li><a
href="https://github.com/github/codeql-action/commit/c72d9a49330eb56ae30a094ad1542127d5971876"><code>c72d9a4</code></a>
Update changelog for v4.32.5</li>
<li><a
href="https://github.com/github/codeql-action/commit/ca42bf226a3801a25101149fe11787e34845a41d"><code>ca42bf2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3522">#3522</a>
from github/henrymercer/update-supported-versions-table</li>
<li><a
href="https://github.com/github/codeql-action/commit/6704d80ac6a9b194063f79c3c9d7f67dda457e70"><code>6704d80</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3520">#3520</a>
from github/dependabot/npm_and_yarn/fast-xml-parser-...</li>
<li><a
href="https://github.com/github/codeql-action/commit/76348c0f1239a07d2ee606be6d12e01be8aa88d1"><code>76348c0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3521">#3521</a>
from github/dependabot/npm_and_yarn/minimatch-3.1.5</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/cf1bb45a277cb3c205638b2cd5c984db1c46a412...c793b717bc78562f491db7b0e93a3a178b099162">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.31.7&new-version=4.32.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-05 13:56:07 +00:00
dependabot[bot] b770f3996e chore(deps): Bump cypress-io/github-action from 6.10.4 to 7.1.5 (#1688) 
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 6.10.4 to 7.1.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.5</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.4...v7.1.5">7.1.5</a>
(2026-02-27)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update fast-xml-parser to 5.4.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1667">#1667</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/bc22e01685c56e89e7813fd8e26f33dc47f87e15">bc22e01</a>)</li>
</ul>
<h2>v7.1.4</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.3...v7.1.4">7.1.4</a>
(2026-02-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>update minimatch to 3.1.5 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1665">#1665</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/f9ffb60bba0c743f8c78dfed96873e8fdb2af34c">f9ffb60</a>)</li>
</ul>
<h2>v7.1.3</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.2...v7.1.3">7.1.3</a>
(2026-02-18)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update fast-xml-parser to 5.3.6 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1656">#1656</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/e44ee0fa67251ab7e2d854d85b3a466577f47d14">e44ee0f</a>)</li>
</ul>
<h2>v7.1.2</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.1...v7.1.2">7.1.2</a>
(2026-02-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update fast-xml-parser to 5.3.4 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1648">#1648</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/9992daa5083ade3e3e05aa554f834398ec5bc03e">9992daa</a>)</li>
</ul>
<h2>v7.1.1</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.0...v7.1.1">7.1.1</a>
(2026-01-28)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update @actions/* (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1645">#1645</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/0f330ebf0d60f87608ed72f1d6232e5644aa3171">0f330eb</a>)</li>
</ul>
<h2>v7.0.0</h2>
<h1><a
href="https://github.com/cypress-io/github-action/compare/v6.10.9...v7.0.0">7.0.0</a>
(2026-01-21)</h1>
<h3>Features</h3>
<ul>
<li><strong>deps:</strong> update action from node20 to node24 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1639">#1639</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/dca986193e4336cb32820819b07e9ecacacaaaf6">dca9861</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/github-action/commit/bc22e01685c56e89e7813fd8e26f33dc47f87e15"><code>bc22e01</code></a>
fix: update fast-xml-parser to 5.4.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1667">#1667</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/f9ffb60bba0c743f8c78dfed96873e8fdb2af34c"><code>f9ffb60</code></a>
fix: update minimatch to 3.1.5 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1665">#1665</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/369f1e44423e47d17c625cd533c011162dcd1ce7"><code>369f1e4</code></a>
chore(deps): update cypress to 15.11.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1664">#1664</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/1611df35e0ce97f8e9f3c94471e83a08e45b41b7"><code>1611df3</code></a>
chore(deps): update dependency node to v24.14.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1663">#1663</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/f7e2a496def33a4437e606f95b881183f057cb3b"><code>f7e2a49</code></a>
chore(deps): update cypress/browsers docker tag to v24.14.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1662">#1662</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/81091a350edfa408aeaf0cda3a78047593c46d12"><code>81091a3</code></a>
chore(deps): update cypress/browsers docker tag to v24.13.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1658">#1658</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/ccdb4478c0894cec25db9d6c1309d82e69a97b9a"><code>ccdb447</code></a>
chore(deps): update dependency node to v24.13.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1659">#1659</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/8ae2a51da2123574348c7bbbfd9b8a7133e77f87"><code>8ae2a51</code></a>
chore(deps): update dependency eslint to v10.0.2 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1660">#1660</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/d1ff2b553ee27cec64a99a6f96b1c1fd8a1ad94e"><code>d1ff2b5</code></a>
chore(deps): update dependency eslint-plugin-cypress to v6.1.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1661">#1661</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/ca94677121fcaf26824c139e273c11263c1170c4"><code>ca94677</code></a>
chore(deps): update eslint to 10.0.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1657">#1657</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/github-action/compare/7ef72e250a9e564efb4ed4c2433971ada4cc38b4...bc22e01685c56e89e7813fd8e26f33dc47f87e15">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=6.10.4&new-version=7.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-03 22:14:28 +00:00
dependabot[bot] bc20a204c8 chore(deps): Bump docker/login-action from 3.6.0 to 3.7.0 (#1689) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.6.0 to 3.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.7.0</h2>
<ul>
<li>Add <code>scope</code> input to set scopes for the authentication
token by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/912">docker/login-action#912</a></li>
<li>Add support for AWS European Sovereign Cloud ECR by <a
href="https://github.com/dphi"><code>@​dphi</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/914">docker/login-action#914</a></li>
<li>Ensure passwords are redacted with <code>registry-auth</code> input
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/login-action/pull/911">docker/login-action#911</a></li>
<li>build(deps): bump lodash from 4.17.21 to 4.17.23 in <a
href="https://redirect.github.com/docker/login-action/pull/915">docker/login-action#915</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.6.0...v3.7.0">https://github.com/docker/login-action/compare/v3.6.0...v3.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9"><code>c94ce9f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/915">#915</a>
from docker/dependabot/npm_and_yarn/lodash-4.17.23</li>
<li><a
href="https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef"><code>8339c95</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/912">#912</a>
from docker/scope</li>
<li><a
href="https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a"><code>c83e932</code></a>
build(deps): bump lodash from 4.17.21 to 4.17.23</li>
<li><a
href="https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705"><code>b268aa5</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1"><code>a603229</code></a>
documentation for scope input</li>
<li><a
href="https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da"><code>7567f92</code></a>
Add scope input to set scopes for the authentication token</li>
<li><a
href="https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f"><code>0567fa5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/914">#914</a>
from dphi/add-support-for-amazonaws.eu</li>
<li><a
href="https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e"><code>f6ef577</code></a>
feat: add support for AWS European Sovereign Cloud ECR registries</li>
<li><a
href="https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b"><code>916386b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/911">#911</a>
from crazy-max/ensure-redact</li>
<li><a
href="https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd"><code>5b3f94a</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.6.0&new-version=3.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-03 13:54:45 +00:00