ashatora/editor
1
0
Fork 0
mirror of https://github.com/maputnik/editor.git synced 2026-05-22 16:07:27 +00:00
Code Issues Projects Releases Wiki Activity
2,620 Commits 5 Branches 32 Tags
b2eca214c94045e1b648d1f35424fba011365a8f
Commit Graph

2620 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot] b2eca214c9 chore(deps): Bump cypress-io/github-action from 7.1.10 to 7.3.0 (#1868) 
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 7.1.10 to 7.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.3.0</h2>
<h1><a
href="https://github.com/cypress-io/github-action/compare/v7.2.0...v7.3.0">7.3.0</a>
(2026-05-05)</h1>
<h3>Features</h3>
<ul>
<li>add <code>expose</code> input for Cypress.expose() API (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1749">#1749</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/dace029018fcdf86e0df89a31bc3cfa5b32570d8">dace029</a>)</li>
</ul>
<h2>v7.2.0</h2>
<h1><a
href="https://github.com/cypress-io/github-action/compare/v7.1.10...v7.2.0">7.2.0</a>
(2026-05-04)</h1>
<h3>Features</h3>
<ul>
<li><strong>deps:</strong> remove Node.js 20 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1747">#1747</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/b7a7441d775af8f8b9d19945c10dd689a51dba68">b7a7441</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md">cypress-io/github-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>This document gives an overview of changes to the Cypress GitHub
JavaScript Action <a
href="https://github.com/cypress-io/github-action">cypress-io/github-action</a>.</p>
<p>See <a
href="https://github.com/cypress-io/github-action/releases">Releases</a>
for full details of changes.</p>
<table>
<thead>
<tr>
<th>Version</th>
<th>Changes</th>
</tr>
</thead>
<tbody>
<tr>
<td>v7.3.0</td>
<td>Add parameter <code>expose</code> for <a
href="https://docs.cypress.io/api/cypress-api/expose"><code>Cypress.expose()</code></a>
support</td>
</tr>
<tr>
<td>v7.2.0</td>
<td>Examples remove Node.js 20. End of support for Node.js 20.</td>
</tr>
<tr>
<td>v7.1.0</td>
<td>Add parameter <code>package-manager-cache</code></td>
</tr>
<tr>
<td>v7.0.0</td>
<td>Action runs under Node.js 24 instead of Node.js 20</td>
</tr>
<tr>
<td>v6.10.0</td>
<td>Examples remove Node.js 23. End of support for Node.js 23.</td>
</tr>
<tr>
<td>v6.9.0</td>
<td>Add parameter validation for <code>command</code></td>
</tr>
<tr>
<td>v6.8.0</td>
<td>Examples remove Node.js 18. End of support for Node.js 18.</td>
</tr>
<tr>
<td>v6.7.10</td>
<td>Examples updated to Cypress 14</td>
</tr>
<tr>
<td>v6.7.9</td>
<td>Migrate to <code>@actions/cache@4.0.0</code> for continued access to
GitHub Actions caching services</td>
</tr>
<tr>
<td>v6.7.0</td>
<td>Examples remove Node.js 21. End of support for Node.js 21.</td>
</tr>
<tr>
<td>v6.6.0</td>
<td>Add parameter <code>summary-title</code></td>
</tr>
<tr>
<td>v6.5.0</td>
<td>Examples remove Node.js 16. End of support for Node.js 16.</td>
</tr>
<tr>
<td>v6.4.0</td>
<td>Action adds PR number and URL if available when recording</td>
</tr>
<tr>
<td>v6.3.0</td>
<td>v6 is recommended action version</td>
</tr>
<tr>
<td>v6.2.0</td>
<td>Examples updated to Cypress 13</td>
</tr>
<tr>
<td>v6.1.0</td>
<td>Examples for Cypress 9 archived in action's <a
href="https://github.com/cypress-io/github-action/tree/v5">v5</a>
branch</td>
</tr>
<tr>
<td>v6.0.0</td>
<td>Action runs under Node.js 20 instead of Node.js 16</td>
</tr>
<tr>
<td>v5.8.1</td>
<td>Examples remove Node.js 19. End of support for Node.js 19</td>
</tr>
<tr>
<td>v5.8.0</td>
<td>Add GitHub step output <code>resultsUrl</code>. Deprecate
<code>dashboardUrl</code>.</td>
</tr>
<tr>
<td>v5.7.0</td>
<td>Add basic Yarn Modern Plug'n'Play support</td>
</tr>
<tr>
<td>v5.6.2</td>
<td>Examples add Node.js 20. End of support and removal of Node.js 14
examples.</td>
</tr>
<tr>
<td>v5.6.0</td>
<td>Add check for lockfile presence</td>
</tr>
<tr>
<td>v5.5.0</td>
<td>Examples add Yarn Modern</td>
</tr>
<tr>
<td>v5.4.0</td>
<td>Examples add Yarn Classic</td>
</tr>
<tr>
<td>v5.3.0</td>
<td>Add parameter <code>publish-summary</code> (default
<code>true</code>)</td>
</tr>
<tr>
<td>v5.2.0</td>
<td>Examples add Node.js 19</td>
</tr>
<tr>
<td>v5.1.0</td>
<td>Add parameter <code>auto-cancel-after-failures</code></td>
</tr>
<tr>
<td>v5.0.0</td>
<td>Examples add Node.js 18 and remove Node.js 12</td>
</tr>
<tr>
<td>v4.2.2</td>
<td>Dependency on GitHub <code>set-output</code> workflow command
removed</td>
</tr>
<tr>
<td>v4.2.0</td>
<td>Support for <code>pnpm</code> added</td>
</tr>
<tr>
<td>v4.0.0</td>
<td>Support for Cypress 10 and later versions added</td>
</tr>
<tr>
<td>v3</td>
<td>Action runs under Node.js 16 instead of Node.js 12</td>
</tr>
<tr>
<td>v2</td>
<td>Cypress runs using the <a
href="https://on.cypress.io/module-api">Module API</a></td>
</tr>
<tr>
<td>v1</td>
<td><em>This version is no longer runnable in GitHub due to security
changes.</em></td>
</tr>
</tbody>
</table>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/github-action/commit/dace029018fcdf86e0df89a31bc3cfa5b32570d8"><code>dace029</code></a>
feat: add <code>expose</code> input for Cypress.expose() API (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1749">#1749</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/b7a7441d775af8f8b9d19945c10dd689a51dba68"><code>b7a7441</code></a>
feat(deps): remove Node.js 20 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1747">#1747</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/66d3cedb6331a074e047750e78c70b82b853b2ec"><code>66d3ced</code></a>
chore(deps): lock file maintenance (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1748">#1748</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/b9f9a99294b3312f3437592eaecd347901843b48"><code>b9f9a99</code></a>
chore(deps): update eslint (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1746">#1746</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/81583aec5063eac9d65a1ab88a108b2ec152843c"><code>81583ae</code></a>
chore(deps): update dependency cypress to v15.14.2 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1745">#1745</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/911b44aa974f55133b3d12538187afe75f31e00d"><code>911b44a</code></a>
chore(deps): update dependency webpack-cli to v7 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1742">#1742</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/da54419dc0ca820bdfdde7a21fd5c6a922d44c93"><code>da54419</code></a>
chore(renovate): disable pnpm version updates in actions (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1743">#1743</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/10b3f5091bcaadff13ba7118946b969474e2826d"><code>10b3f50</code></a>
chore(renovate): disable pnpm/action-setup updates (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1739">#1739</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/8cbd2f496dd0857efb146b45002782d987290a14"><code>8cbd2f4</code></a>
chore(renovate): restrict cypress/browsers to &lt;25 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1740">#1740</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/3aebf9a8215ebd24e2b14be2581165d81b920954"><code>3aebf9a</code></a>
test(deps): update vite in examples to 8.0.10 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1741">#1741</a>)</li>
<li>See full diff in <a
href="https://github.com/cypress-io/github-action/compare/c495c3ddffba403ba11be95fffb67e25203b3799...dace029018fcdf86e0df89a31bc3cfa5b32570d8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=7.1.10&new-version=7.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-08 13:54:25 +00:00
dependabot[bot] c785afbf64 chore(deps-dev): Bump postcss from 8.5.13 to 8.5.14 (#1867) 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.13 to
8.5.14.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.14</h2>
<ul>
<li>Fixed custom syntax regression (by <a
href="https://github.com/43081j"><code>@​43081j</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.14</h2>
<ul>
<li>Fixed custom syntax regression (by <a
href="https://github.com/43081j"><code>@​43081j</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/postcss/postcss/commit/3ec13948ae0006e1bde2dfb545346341ac8b2dcf"><code>3ec1394</code></a>
Release 8.5.14 version</li>
<li><a
href="https://github.com/postcss/postcss/commit/f2bb827b20b591080977412555aa3e5baf588620"><code>f2bb827</code></a>
Update dependencies</li>
<li><a
href="https://github.com/postcss/postcss/commit/d75953d60854ad835fd21dde0b11081522341020"><code>d75953d</code></a>
Merge pull request <a
href="https://redirect.github.com/postcss/postcss/issues/2084">#2084</a>
from 43081j/raw-raws-rawing</li>
<li><a
href="https://github.com/postcss/postcss/commit/68bd2139b5dcaf5a682bc2e8826d8557be2d1480"><code>68bd213</code></a>
fix: always call <code>raw</code> to retrieve raw values</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.5.13...8.5.14">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.13&new-version=8.5.14)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-08 13:52:49 +00:00
dependabot[bot] 9b9e440554 chore(deps-dev): Bump stylelint from 17.10.0 to 17.11.0 (#1866) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.10.0
to 17.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.11.0</h2>
<p>It adds 2 features, including a <code>loader</code> property to
<code>referenceFiles: {}</code> for when the order of appearance in the
reference styles matters.</p>
<ul>
<li>Added: <code>loader</code> to experimental <code>referenceFiles:
{}</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9251">#9251</a>)
(<a
href="https://github.com/romainmenke"><code>@​romainmenke</code></a>).</li>
<li>Added: <code>autofixed</code> to the result object (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8771">#8771</a>)
(<a href="https://github.com/Rob"><code>@​Rob</code></a>--W).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.11.0 - 2026-05-05</h2>
<p>It adds 2 features, including a <code>loader</code> property to
<code>referenceFiles: {}</code> for when the order of appearance in the
reference styles matters.</p>
<ul>
<li>Added: <code>loader</code> to experimental <code>referenceFiles:
{}</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9251">#9251</a>)
(<a
href="https://github.com/romainmenke"><code>@​romainmenke</code></a>).</li>
<li>Added: <code>autofixed</code> to the result object (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8771">#8771</a>)
(<a href="https://github.com/Rob--W"><code>@​Rob--W</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/e176acfb995aa7d8b6841cc514976187333c55e8"><code>e176acf</code></a>
Release 17.11.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9271">#9271</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/769e791a0389c34983862609da94006c12ccd4a3"><code>769e791</code></a>
Require owner review for <code>.npmrc</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9270">#9270</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/c0c362c375a9ef6b105fbb25ed01e86a214c733e"><code>c0c362c</code></a>
Harden <code>npm install</code> security (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9269">#9269</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/823fdfca02c14a2fa3a0eb03afbd2f48cb25ac34"><code>823fdfc</code></a>
Add <code>autofixed</code> to the result object (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8771">#8771</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/c19e627e47b9527d47d18c2c8c9b57d460ae2a54"><code>c19e627</code></a>
Bump vulnerable dependencies via <code>npm audit fix</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9267">#9267</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/2ce046f96dd1ae70b7d7936cfc0b3dafd29dd784"><code>2ce046f</code></a>
Bump string-width from 8.2.0 to 8.2.1 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9266">#9266</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/a895cddf1ec7d2dd281b6365d739f5492967af56"><code>a895cdd</code></a>
Bump the stylelint-actions group with 4 updates (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9265">#9265</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/1757a823b3acd9090f77a75866e66c8e9700c77a"><code>1757a82</code></a>
Configure Dependabot to group Stylelint actions (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9264">#9264</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/34918a424b6dd9be75b335b9e3e1fb19591d26da"><code>34918a4</code></a>
Add Dependency Review to CI (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9263">#9263</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/70c1f2db5a73c4b00fecdaa1c5de2113f1d25667"><code>70c1f2d</code></a>
Add <code>loader</code> to experimental <code>referenceFiles: {}</code>
(<a
href="https://redirect.github.com/stylelint/stylelint/issues/9251">#9251</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.10.0...17.11.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Install script changes</summary>
<p>This version modifies <code>prepare</code> script that runs during
installation. Review the package contents before updating.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.10.0&new-version=17.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-08 13:52:41 +00:00
dependabot[bot] 7657411e57 chore(deps-dev): Bump typescript-eslint from 8.59.1 to 8.59.2 (#1865) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.59.1 to 8.59.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.59.2</h2>
<h2>8.59.2 (2026-05-04)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unsafe-type-assertion] handle
crash on recursive template literal types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12150">#12150</a>)</li>
<li><strong>eslint-plugin:</strong> [no-deprecated] object destructuring
values should be treated as declarations (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12292">#12292</a>)</li>
<li><strong>rule-tester:</strong> add TypeScript as a peer dependency
(<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12288">#12288</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Dariusz Czajkowski</li>
<li>Dima Barabash</li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.59.2 (2026-05-04)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/2ec35f1760aade4df4c631d76d78c7ed5e136333"><code>2ec35f1</code></a>
chore(release): publish 8.59.2</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.2/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.59.1&new-version=8.59.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-08 13:52:25 +00:00
dependabot[bot] 5862d81a81 chore(deps): Bump actions/setup-go from 6.3.0 to 6.4.0 (#1767) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.3.0
to 6.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v6.4.0</h2>
<h2>What's Changed</h2>
<h3>Enhancement</h3>
<ul>
<li>Add go-download-base-url input for custom Go distributions by <a
href="https://github.com/gdams"><code>@​gdams</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/721">actions/setup-go#721</a></li>
</ul>
<h3>Dependency update</h3>
<ul>
<li>Upgrade minimatch from 3.1.2 to 3.1.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/727">actions/setup-go#727</a></li>
</ul>
<h3>Documentation update</h3>
<ul>
<li>Rearrange README.md, add advanced-usage.md by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/724">actions/setup-go#724</a></li>
<li>Fix Microsoft build of Go link by <a
href="https://github.com/gdams"><code>@​gdams</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/734">actions/setup-go#734</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gdams"><code>@​gdams</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/721">actions/setup-go#721</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v6...v6.4.0">https://github.com/actions/setup-go/compare/v6...v6.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-go/commit/4a3601121dd01d1626a1e23e37211e3254c1c06c"><code>4a36011</code></a>
docs: fix Microsoft build of Go link (<a
href="https://redirect.github.com/actions/setup-go/issues/734">#734</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/8f19afcc704763637be6b1718da0af52ca05785d"><code>8f19afc</code></a>
feat: add go-download-base-url input for custom Go distributions (<a
href="https://redirect.github.com/actions/setup-go/issues/721">#721</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/27fdb267c15a8835f1ead03dfa07f89be2bb741a"><code>27fdb26</code></a>
Bump minimatch from 3.1.2 to 3.1.5 (<a
href="https://redirect.github.com/actions/setup-go/issues/727">#727</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/def8c394e3ad351a79bc93815e4a585520fe993b"><code>def8c39</code></a>
Rearrange README.md, add advanced-usage.md (<a
href="https://redirect.github.com/actions/setup-go/issues/724">#724</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-go/compare/4b73464bb391d4059bd26b0524d20df3927bd417...4a3601121dd01d1626a1e23e37211e3254c1c06c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=6.3.0&new-version=6.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-06 17:12:36 +03:00
dependabot[bot] 58c84f510b chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.4 to 24.8.5 (#1862) 
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.8.4 to 24.8.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v24.8.5</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Added missing exported types (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1638">#1638</a>)
(by <a
href="https://github.com/scottg521"><code>@​scottg521</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>24.8.5</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Added missing exported types (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1638">#1638</a>)
(by <a
href="https://github.com/scottg521"><code>@​scottg521</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/52a69cae4355d17352640d33e2d0c1328e6acfbe"><code>52a69ca</code></a>
Bump js version to 24.8.5 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1639">#1639</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/c9501632a8f436d8d3aab8e382dbe6bdf450b566"><code>c950163</code></a>
add missing imports and exports to index.ts (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1638">#1638</a>)</li>
<li>See full diff in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.8.4...v24.8.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.8.4&new-version=24.8.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-06 17:12:09 +03:00
Kanish Jeba Mathew M 93596b3540 feat: add drag and drop support to Upload Style area (#1852) 
## Feat: Add drag and drop support to Upload Style area

Closes #911

---

### Problem
The Upload Style area only supported click-to-upload. Users could not
drag and drop a JSON file directly onto it.

### Fix
Added `onDragOver` and `onDrop` event handlers to the Upload Style area.
The dropped file is passed to the existing file reading logic already
used by the Upload button. A visual highlight is shown when dragging
over the area.
 2026-05-06 17:11:17 +03:00
dependabot[bot] a588f3e08c chore(deps-dev): Bump stylelint from 17.9.1 to 17.10.0 (#1863) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.9.1 to
17.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.10.0</h2>
<p>It adds 3 rules and fixes 4 bugs. You can use the
<code>*-layout-mappings</code> rules to enforce logical or physical
properties, units and keywords.</p>
<ul>
<li>Added: <code>selector-no-invalid</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9232">#9232</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Added: <code>unit-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9229">#9229</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Added: <code>value-keyword-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9233">#9233</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: inconsistent error messages when module is not found (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9260">#9260</a>)
(<a
href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a>).</li>
<li>Fixed: <code>property-layout-mappings</code> false negatives for
property names in declaration values (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9222">#9222</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>property-layout-mappings</code> false positives for
<code>@page</code> properties (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9223">#9223</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>selector-pseudo-class-no-unknown</code> false positives
for nested <code>webkit-scrollbar</code> part (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9259">#9259</a>)
(<a href="https://github.com/rkdfx"><code>@​rkdfx</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.10.0 - 2026-05-03</h2>
<p>It adds 3 rules and fixes 4 bugs. You can use the
<code>*-layout-mappings</code> rules to enforce logical or physical
properties, units and keywords.</p>
<ul>
<li>Added: <code>selector-no-invalid</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9232">#9232</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Added: <code>unit-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9229">#9229</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Added: <code>value-keyword-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9233">#9233</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: inconsistent error messages when module is not found (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9260">#9260</a>)
(<a
href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a>).</li>
<li>Fixed: <code>property-layout-mappings</code> false negatives for
property names in declaration values (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9222">#9222</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>property-layout-mappings</code> false positives for
<code>@page</code> properties (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9223">#9223</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>selector-pseudo-class-no-unknown</code> false positives
for nested <code>webkit-scrollbar</code> part (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9259">#9259</a>)
(<a href="https://github.com/rkdfx"><code>@​rkdfx</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/b04c024a2c6c74b3aea6c1c77b1389d0668c400a"><code>b04c024</code></a>
Release 17.10.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9261">#9261</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/7a38078c699510957db19820ab18c20fcf2e1159"><code>7a38078</code></a>
Fix <code>selector-pseudo-class-no-unknown</code> false positives for
nested `webkit-scr...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/b25cd12aa87a307bcb2aa7b9e77808f1649fad57"><code>b25cd12</code></a>
Add <code>value-keyword-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9233">#9233</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/da89ffec66bf8c703ce0ba6317032c59a0e2123c"><code>da89ffe</code></a>
Fix inconsistent error messages when module is not found (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9260">#9260</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/04a958d8852646bea569704bbd755793dbebd160"><code>04a958d</code></a>
Add <code>unit-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9229">#9229</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/53da23e4dffd9898344dda9bf1de60f7dc691fa0"><code>53da23e</code></a>
Bump postcss from 8.5.9 to 8.5.13 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9249">#9249</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/3993951052b7d631bc5fce0a34dd6c6b31980ef6"><code>3993951</code></a>
Fix <code>property-layout-mappings</code> false negatives for property
names in declarat...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/89b3f0d1c0f6756722a81be16aab74e0605691f2"><code>89b3f0d</code></a>
Bump typescript from 6.0.2 to 6.0.3 in the typescript group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9257">#9257</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/6e5e4da1e2a369be6bd141736c287d1b8d7f31a6"><code>6e5e4da</code></a>
Bump eslint from 10.2.0 to 10.2.1 in the eslint group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9255">#9255</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/1540320c65a1481c21e40d67a4693b00eb9d9086"><code>1540320</code></a>
Bump <code>@​changesets/cli</code> from 2.30.0 to 2.31.0 in the
changesets group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9254">#9254</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.9.1...17.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.9.1&new-version=17.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-06 13:54:42 +00:00
dependabot[bot] bea46c8ff9 chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.3 to 24.8.4 (#1861) 
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.8.3 to 24.8.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v24.8.4</h2>
<h3> Features and improvements</h3>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Replace rw with node:fs. Resolves <a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1625">#1625</a>
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1635">#1635</a>)
(by <a
href="https://github.com/birkskyum"><code>@​birkskyum</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>24.8.4</h2>
<h3> Features and improvements</h3>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Replace rw with node:fs. Resolves <a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1625">#1625</a>
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1635">#1635</a>)
(by <a
href="https://github.com/birkskyum"><code>@​birkskyum</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/d8de455c073d3063d3138e3b0882ee362af23916"><code>d8de455</code></a>
Bump js version to 24.8.4 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1636">#1636</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/f3b9cca44f65e2205adf1b9c58a7c46585307b10"><code>f3b9cca</code></a>
fix: replace rw with node:fs (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1635">#1635</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/c3d8059309ca92074f00999a836f1f1d5867c1fe"><code>c3d8059</code></a>
build(deps-dev): bump globals from 17.5.0 to 17.6.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1634">#1634</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/8e7724efb4a826ad8431b5a6260558be15c225a8"><code>8e7724e</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1632">#1632</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/15d6c4cbfa7873bcaef0cbb992e1fbed579ece73"><code>15d6c4c</code></a>
build(deps-dev): bump rolldown-plugin-dts from 0.24.0 to 0.24.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1629">#1629</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/530bf91d4e336eaf935c45e86103e084013bcedd"><code>530bf91</code></a>
build(deps-dev): bump eslint from 10.2.1 to 10.3.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1631">#1631</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/fcca06cee0f2d5ed0f8597b1194b69e8e14d817a"><code>fcca06c</code></a>
build(deps-dev): bump oxfmt from 0.46.0 to 0.47.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1630">#1630</a>)</li>
<li>See full diff in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.8.3...v24.8.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.8.3&new-version=24.8.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-05 13:54:05 +00:00
dependabot[bot] bf99253391 chore(deps-dev): Bump eslint from 10.2.1 to 10.3.0 (#1855) 
Bumps [eslint](https://github.com/eslint/eslint) from 10.2.1 to 10.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v10.3.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/379571a975f2b24d88037b9de2e72ec61d004130"><code>379571a</code></a>
feat: add suggestions for no-unused-private-class-members (<a
href="https://redirect.github.com/eslint/eslint/issues/20773">#20773</a>)
(sethamus)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/b6ae5cf07b9b51802367539cb24b245b61eaa37c"><code>b6ae5cf</code></a>
fix: handle unavailable require cache (<a
href="https://redirect.github.com/eslint/eslint/issues/20812">#20812</a>)
(Simon Podlipsky)</li>
<li><a
href="https://github.com/eslint/eslint/commit/6fb3685bcbe9a6f72fd7dfb9129686b6fb96b0bd"><code>6fb3685</code></a>
fix: rule suggestions cause continuation in class body (<a
href="https://redirect.github.com/eslint/eslint/issues/20787">#20787</a>)
(Milos Djermanovic)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/32cc7ab4ec653ce89da92deb5c40a9f4fc707fe5"><code>32cc7ab</code></a>
docs: fix typos in docs and comments (<a
href="https://redirect.github.com/eslint/eslint/issues/20809">#20809</a>)
(Tanuj Kanti)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7f479376a2fa463d823ab762db6bb37ce8d2ee8f"><code>7f47937</code></a>
docs: Update README (GitHub Actions Bot)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/d32235ec19ceea211fa86452afa383ca05f5c2f9"><code>d32235e</code></a>
ci: use pnpm in <code>eslint-flat-config-utils</code> type integration
test (<a
href="https://redirect.github.com/eslint/eslint/issues/20826">#20826</a>)
(Francesco Trotta)</li>
<li><a
href="https://github.com/eslint/eslint/commit/3ffb14ea517de750ed1181579ef844af342e4096"><code>3ffb14e</code></a>
chore: clean up typos in comments and JSDoc (<a
href="https://redirect.github.com/eslint/eslint/issues/20821">#20821</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/22eb58a21cbde2fbd53a1fae99453d408672de50"><code>22eb58a</code></a>
chore: add missing continue-on-error to ecosystem-tests.yml (<a
href="https://redirect.github.com/eslint/eslint/issues/20818">#20818</a>)
(Josh Goldberg )</li>
<li><a
href="https://github.com/eslint/eslint/commit/88bf0024cb36caebf2880516d9a1f81aa75dafe2"><code>88bf002</code></a>
ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (<a
href="https://redirect.github.com/eslint/eslint/issues/20815">#20815</a>)
(dependabot[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/97c8c330beae9557ad24e19f94eebc8d08d1a722"><code>97c8c33</code></a>
chore: update ilshidur/action-discord action to v0.4.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20811">#20811</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/2f58136dd47364a4cae7054a64f7bf1e79693813"><code>2f58136</code></a>
chore: pin peter-evans/create-pull-request action to 5f6978f (<a
href="https://redirect.github.com/eslint/eslint/issues/20810">#20810</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/77add7f1bc91ed17bba3be3289928a9146c5f5a1"><code>77add7f</code></a>
chore: add initial ecosystem plugin tests workflow (<a
href="https://redirect.github.com/eslint/eslint/issues/19643">#19643</a>)
(Josh Goldberg )</li>
<li><a
href="https://github.com/eslint/eslint/commit/4023b55490fae55e464fe35530ef038cdf5d79a5"><code>4023b55</code></a>
test: Add unit tests for SuppressionsService.prune() (<a
href="https://redirect.github.com/eslint/eslint/issues/20797">#20797</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/54080dad4f77bb39a1a843933d4ff3a2b7c175e2"><code>54080da</code></a>
test: add unit tests for ForkContext (<a
href="https://redirect.github.com/eslint/eslint/issues/20778">#20778</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f0e2bcc4bf19253aaebfbd7df87824b0ca4a151f"><code>f0e2bcc</code></a>
test: add unit tests for SuppressionsService.suppress() method (<a
href="https://redirect.github.com/eslint/eslint/issues/20765">#20765</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/a7f0b94743a99bcdf8d07cff15ffbfa6a6c5f927"><code>a7f0b94</code></a>
chore: update dependency prettier to v3.8.3 (<a
href="https://redirect.github.com/eslint/eslint/issues/20782">#20782</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/7bf93d9e79f6dbf77242cbb9a9b8be834730fccd"><code>7bf93d9</code></a>
chore: update TypeScript to v6 (<a
href="https://redirect.github.com/eslint/eslint/issues/20677">#20677</a>)
(sethamus)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b42dd72e76e7f90e7f0be9458288d93353052adc"><code>b42dd72</code></a>
ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (<a
href="https://redirect.github.com/eslint/eslint/issues/20781">#20781</a>)
(dependabot[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/2b252be80f362cca7be3326a6dbe958680fdfe9a"><code>2b252be</code></a>
test: add unit tests for IdGenerator (<a
href="https://redirect.github.com/eslint/eslint/issues/20775">#20775</a>)
(kuldeep kumar)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/78892043a36da4aa7640b59c99344b00c181048a"><code>7889204</code></a>
10.3.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/5b69b4fce4dc407c8e960eba638b5a3409c4f1fd"><code>5b69b4f</code></a>
Build: changelog update for 10.3.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/d32235ec19ceea211fa86452afa383ca05f5c2f9"><code>d32235e</code></a>
ci: use pnpm in <code>eslint-flat-config-utils</code> type integration
test (<a
href="https://redirect.github.com/eslint/eslint/issues/20826">#20826</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b6ae5cf07b9b51802367539cb24b245b61eaa37c"><code>b6ae5cf</code></a>
fix: handle unavailable require cache (<a
href="https://redirect.github.com/eslint/eslint/issues/20812">#20812</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/3ffb14ea517de750ed1181579ef844af342e4096"><code>3ffb14e</code></a>
chore: clean up typos in comments and JSDoc (<a
href="https://redirect.github.com/eslint/eslint/issues/20821">#20821</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/6fb3685bcbe9a6f72fd7dfb9129686b6fb96b0bd"><code>6fb3685</code></a>
fix: rule suggestions cause continuation in class body (<a
href="https://redirect.github.com/eslint/eslint/issues/20787">#20787</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/22eb58a21cbde2fbd53a1fae99453d408672de50"><code>22eb58a</code></a>
chore: add missing continue-on-error to ecosystem-tests.yml (<a
href="https://redirect.github.com/eslint/eslint/issues/20818">#20818</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/88bf0024cb36caebf2880516d9a1f81aa75dafe2"><code>88bf002</code></a>
ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (<a
href="https://redirect.github.com/eslint/eslint/issues/20815">#20815</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/379571a975f2b24d88037b9de2e72ec61d004130"><code>379571a</code></a>
feat: add suggestions for no-unused-private-class-members (<a
href="https://redirect.github.com/eslint/eslint/issues/20773">#20773</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/97c8c330beae9557ad24e19f94eebc8d08d1a722"><code>97c8c33</code></a>
chore: update ilshidur/action-discord action to v0.4.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20811">#20811</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v10.2.1...v10.3.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 17:56:58 +00:00
dependabot[bot] 077a2073eb chore(deps): Bump github/codeql-action from 4.35.2 to 4.35.3 (#1860) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.35.2 to 4.35.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.35.3</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
<li>The Git version 2.36.0 requirement for improved incremental analysis
now only applies to repositories that contain submodules. <a
href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li>
<li>Python analysis on GHES no longer extracts the standard library,
relying instead on models of the standard library. This should result in
significantly faster extraction and analysis times, while the effect on
alerts should be minimal. <a
href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li>
<li>Fixed a bug in the validation of OIDC configurations for private
registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li>
</ul>
<h2>4.35.1 - 27 Mar 2026</h2>
<ul>
<li>Fix incorrect minimum required Git version for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li>
</ul>
<h2>4.35.0 - 27 Mar 2026</h2>
<ul>
<li>Reduced the minimum Git version required for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> from 2.38.0 to 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li>
</ul>
<h2>4.34.1 - 20 Mar 2026</h2>
<ul>
<li>Downgrade default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>
due to issues with a small percentage of Actions and JavaScript
analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li>
</ul>
<h2>4.34.0 - 20 Mar 2026</h2>
<ul>
<li>Added an experimental change which disables TRAP caching when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> is enabled, since improved incremental analysis
supersedes TRAP caching. This will improve performance and reduce
Actions cache usage. We expect to roll this change out to everyone in
March. <a
href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li>
<li>We are rolling out improved incremental analysis to C/C++ analyses
that use build mode <code>none</code>. We expect this rollout to be
complete by the end of April 2026. <a
href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li>
</ul>
<h2>4.33.0 - 16 Mar 2026</h2>
<ul>
<li>
<p>Upcoming change: Starting April 2026, the CodeQL Action will skip
collecting file coverage information on pull requests to improve
analysis performance. File coverage information will still be computed
on non-PR analyses. Pull request analyses will log a warning about this
upcoming change. <a
href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p>
<p>To opt out of this change:</p>
<ul>
<li><strong>Repositories owned by an organization:</strong> Create a
custom repository property with the name
<code>github-codeql-file-coverage-on-prs</code> and the type
&quot;True/false&quot;, then set this property to <code>true</code> in
the repository's settings. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>.
Alternatively, if you are using an advanced setup workflow, you can set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using default setup:</strong> Switch
to an advanced setup workflow and set the
<code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to
<code>true</code> in your workflow.</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/e46ed2cbd01164d986452f91f178727624ae40d7"><code>e46ed2c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3867">#3867</a>
from github/update-v4.35.3-8c6e48dbe</li>
<li><a
href="https://github.com/github/codeql-action/commit/b73d1d163446ca5e62b96698027210ab41df6a4a"><code>b73d1d1</code></a>
Add changelog entry for <a
href="https://redirect.github.com/github/codeql-action/issues/3853">#3853</a></li>
<li><a
href="https://github.com/github/codeql-action/commit/24e0bb00a931e2a5edb703ce3b22a70f3a3e800b"><code>24e0bb0</code></a>
Reorder changelog entries</li>
<li><a
href="https://github.com/github/codeql-action/commit/ec298daba71cf7592feacbd1c0887cddc0659f62"><code>ec298da</code></a>
Update changelog for v4.35.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/8c6e48dbe051ceb3015c19554831af1b43275f46"><code>8c6e48d</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3865">#3865</a>
from github/update-bundle/codeql-bundle-v2.25.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/719098349ea5beae8aa364bf9b71ff1c8d937df2"><code>7190983</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/2bb209555a024d051f6271c8a846b402497f9445"><code>2bb2095</code></a>
Update default bundle to codeql-bundle-v2.25.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/7851e55dc3be31ec4bcc3ef98453de2cb306e698"><code>7851e55</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3850">#3850</a>
from github/mbg/private-registry/cloudsmith-gcp</li>
<li><a
href="https://github.com/github/codeql-action/commit/262a15f6cf4c7a43d6a38ad76392e5e2d4977751"><code>262a15f</code></a>
Add generic non-printable chars test for OIDC configs</li>
<li><a
href="https://github.com/github/codeql-action/commit/a6109b1c07173a53ece3d179a925ff9644d1fabd"><code>a6109b1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3853">#3853</a>
from github/mbg/start-proxy/improved-checks</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...e46ed2cbd01164d986452f91f178727624ae40d7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.35.2&new-version=4.35.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 17:50:09 +00:00
dependabot[bot] 6f9367cb44 chore(deps-dev): Bump cypress from 15.14.1 to 15.14.2 (#1858) 
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.14.1 to
15.14.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/cypress/releases">cypress's
releases</a>.</em></p>
<blockquote>
<h2>v15.14.2</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-14-2">https://docs.cypress.io/app/references/changelog#15-14-2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/cypress/commit/545556ee30d468d005a4efea07742e237d44ecd9"><code>545556e</code></a>
dependency(listr): upgrade listr 3.x to 9.x (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33640">#33640</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/ea989066335d9d677bb9aea3daf523a8c2fa67d3"><code>ea98906</code></a>
test: fix flake in readFile retries assertions until they pass (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33692">#33692</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/f1592001cf2fac40acf73a6e5f8246cef1592d38"><code>f159200</code></a>
chore: upgrades ts-loader to 9.5.7 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33691">#33691</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/d4b0324c934e69ab6d6a6b568ff97ba551fbb4cc"><code>d4b0324</code></a>
test: stabilize flaky 'Your tests are loading...' waits (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33689">#33689</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/3442523620d3800f8642d1cdc047f414a4bf5e6e"><code>3442523</code></a>
fix: guard cy.wait against undefined retry responses (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33651">#33651</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/3592361a7978136113d80d948587a91c2266e424"><code>3592361</code></a>
fix: set primary remote state before HTTP server accepts requests (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33686">#33686</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/47bb659259692a5465720c135c0638eac9b46a57"><code>47bb659</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33690">#33690</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/9363b86dee732ed0d176f72a53f7279357bdffaa"><code>9363b86</code></a>
update axios (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33687">#33687</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/56472e3159d5c913e76e2dedbb15845f12c3e1c8"><code>56472e3</code></a>
chore: skip adding the install comment on the commit (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33685">#33685</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/d86bc450868b6e6f00ac7a0f918700f864b17fb2"><code>d86bc45</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33683">#33683</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.14.1...v15.14.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.14.1&new-version=15.14.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 17:47:53 +00:00
dependabot[bot] 37029a20bd chore(deps-dev): Bump postcss from 8.5.12 to 8.5.13 (#1859) 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.12 to
8.5.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.13</h2>
<ul>
<li>Fixed <code>postcss-scss</code> commend regression.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.13</h2>
<ul>
<li>Fixed <code>postcss-scss</code> commend regression.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/postcss/postcss/commit/af58cf1b7af02e9b9fcb138a4a2d7ef3450158b1"><code>af58cf1</code></a>
Release 8.5.13 version</li>
<li><a
href="https://github.com/postcss/postcss/commit/f227dbd0e9443e5f33e18e633b8b4d2b55aac5ee"><code>f227dbd</code></a>
Temporary ignore pnpm 11 config</li>
<li><a
href="https://github.com/postcss/postcss/commit/d3abd40d723cf3559e5ddb5fc738b7cb64e92bb0"><code>d3abd40</code></a>
Update dependencies</li>
<li><a
href="https://github.com/postcss/postcss/commit/dd06c3e11362087bc18f9c20cee30fd82bda3de9"><code>dd06c3e</code></a>
Revert stringifier changes because of the conflict with
postcss-scss</li>
<li><a
href="https://github.com/postcss/postcss/commit/ae889c815fb88d785401a88f1a7dfc8cb11915fb"><code>ae889c8</code></a>
Try to fix CI</li>
<li><a
href="https://github.com/postcss/postcss/commit/e0093e49bcf00347383a13e40bb1f67bc823ca15"><code>e0093e4</code></a>
Move to pnpm 11</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.5.12...8.5.13">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.12&new-version=8.5.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 17:47:36 +00:00
dependabot[bot] aa2f4768bf chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.1 to 24.8.3 (#1857) 
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.8.1 to 24.8.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v24.8.3</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Restore Specification type exports dropped in v24.8.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1627">#1627</a>)
(by <a
href="https://github.com/birkskyum"><code>@​birkskyum</code></a>)</li>
</ul>
<h2>v24.8.2</h2>
<h3> Features and improvements</h3>
<ul>
<li>Move from rollup-&gt;rolldown and ts6-&gt;ts7 for builds/typecheck.
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1132">#1132</a>)
(by <a href="https://github.com/birkskyum">birkskyum</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>24.8.3</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Restore Specification type exports dropped in v24.8.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1627">#1627</a>)
(by <a
href="https://github.com/birkskyum"><code>@​birkskyum</code></a>)</li>
</ul>
<h2>24.8.2</h2>
<h3> Features and improvements</h3>
<ul>
<li>Move from rollup-&gt;rolldown and ts6-&gt;ts7 for builds/typecheck.
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1132">#1132</a>)
(by <a href="https://github.com/birkskyum">birkskyum</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/df0b1f32246f6e14aa4d4210258c4f112120d60e"><code>df0b1f3</code></a>
Bump js version to 24.8.3 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1628">#1628</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/b7b2d522d4c92daed3ae1def7f0ba3034a2291f1"><code>b7b2d52</code></a>
Restore Specification type exports dropped in v24.8.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1627">#1627</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/9fa18c355ab54be13e780a548e7f08ba6e5d6e65"><code>9fa18c3</code></a>
Bump js version to 24.8.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1624">#1624</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/191266e8155b9fd67b5669f2ab2602c8f1db22c0"><code>191266e</code></a>
use rolldown and tsgo (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1132">#1132</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/a1363010385ab6792fc3530300d2483968b98183"><code>a136301</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1621">#1621</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/e97a6749442ef5473e7a0712558c226b9681c02d"><code>e97a674</code></a>
build(deps-dev): bump oxfmt from 0.45.0 to 0.46.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1620">#1620</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/5c4572f4a3648594ea289de239475145f99b514b"><code>5c4572f</code></a>
build(deps-dev): bump the vitest group with 3 updates (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1619">#1619</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/b4f1f41e2b1d0d9566d2d62016499febf5f9bda7"><code>b4f1f41</code></a>
build(deps): bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1618">#1618</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/572f303bd82ee5865b9418b86bc841365d0f70f9"><code>572f303</code></a>
build(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1617">#1617</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/f4222c11a95048b75419b60edc4202fbefe50dce"><code>f4222c1</code></a>
build(deps-dev): bump postcss from 8.5.9 to 8.5.10 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1616">#1616</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.8.1...v24.8.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.8.1&new-version=24.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-04 17:46:52 +00:00
dependabot[bot] c51474ffc1 chore(deps): Bump react-i18next from 17.0.4 to 17.0.6 (#1849) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
17.0.4 to 17.0.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h2>17.0.6</h2>
<ul>
<li>fix: restore the v17 <code>nodesToString</code> output format
consumed by <code>i18next-cli</code>'s extractor while still rendering
<a
href="https://redirect.github.com/i18next/react-i18next/issues/1919">1919</a>
correctly
<ul>
<li>17.0.5 fixed <a
href="https://redirect.github.com/i18next/react-i18next/issues/1919">1919</a>
by changing what <code>nodesToString</code> produced, which
inadvertently changed the extracted translation strings for keep-tags
wrapping non-keep React elements</li>
<li>The fix now lives in the renderer: indexed <code>&lt;N&gt;</code>
placeholders nested inside a keep-tag are scoped to that tag's own
original React children (matching kept tags by name and positional
occurrence at each level), so the translation string format produced by
<code>nodesToString</code> is unchanged</li>
</ul>
</li>
</ul>
<h2>17.0.5</h2>
<ul>
<li>fix: <code>&lt;Trans /&gt;</code> no longer breaks child rendering
when a kept HTML node (<code>transKeepBasicHtmlNodesFor</code>) wraps a
non-keep React element <a
href="https://redirect.github.com/i18next/react-i18next/issues/1919">1919</a>
— superseded by 17.0.6, which keeps the same runtime fix without
changing the <code>nodesToString</code> output</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/react-i18next/commit/cb20d1886bbb113f8005c4324e962e161a449ab9"><code>cb20d18</code></a>
17.0.6</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/b8ad5e4afd24d26bb23b514fdbacd77a91e32aae"><code>b8ad5e4</code></a>
fix: scope indexed placeholders inside keep-tags at render time <a
href="https://redirect.github.com/i18next/react-i18next/issues/1919">#1919</a></li>
<li><a
href="https://github.com/i18next/react-i18next/commit/75ce9850168fc37f29c1a8e104b2fada34c2d236"><code>75ce985</code></a>
17.0.5</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/9803bb800570995b1ad5e199dd57375f3885fc75"><code>9803bb8</code></a>
fix: &lt;Trans /&gt; no longer breaks child rendering when a kept HTML
node (transK...</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/ec37a48d76c9a541aa6bfa40abceec35cf5711c0"><code>ec37a48</code></a>
chore: ignore .env*, *.pem, *.key in .gitignore</li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v17.0.4...v17.0.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=17.0.4&new-version=17.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:24:42 +00:00
dependabot[bot] e29d468d23 chore(deps-dev): Bump typescript-eslint from 8.59.0 to 8.59.1 (#1848) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.59.0 to 8.59.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.59.1</h2>
<h2>8.59.1 (2026-04-27)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion] fix
crash &quot;TypeError: checker.getTypeArguments is not a function&quot;
(<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12246">#12246</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
preserve index signatures in undefined unions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12257">#12257</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
preserve phantom type arguments in generic inference (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12269">#12269</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
avoid false positive in logical assignment assertions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12278">#12278</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-arguments]
handle instantiation expressions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12220">#12220</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-condition] treat
void as nullish in no-unnecessary-condition (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12241">#12241</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>anasm266 <a
href="https://github.com/anasm266"><code>@​anasm266</code></a></li>
<li>Anshika Jain <a
href="https://github.com/Anshikakalpana"><code>@​Anshikakalpana</code></a></li>
<li>Ulrich Stark</li>
<li>yugo innami <a
href="https://github.com/nami8824"><code>@​nami8824</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.59.1 (2026-04-27)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/52457932e5507b5ca01e720a541f3f8d01e09b9d"><code>5245793</code></a>
chore(release): publish 8.59.1</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.59.0&new-version=8.59.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-01 16:24:24 +00:00
dependabot[bot] cbcc07e7b7 chore(deps): Bump cypress-io/github-action from 7.1.9 to 7.1.10 (#1847) 
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 7.1.9 to 7.1.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.1.10</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.1.9...v7.1.10">7.1.10</a>
(2026-04-27)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update fast-xml-parser to 5.7.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1737">#1737</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/c495c3ddffba403ba11be95fffb67e25203b3799">c495c3d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/github-action/commit/c495c3ddffba403ba11be95fffb67e25203b3799"><code>c495c3d</code></a>
fix(deps): update fast-xml-parser to 5.7.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1737">#1737</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/eaec29b1877e57d05cfbe4f5596fae3713002cab"><code>eaec29b</code></a>
chore(deps): update basic-ftp to 5.3.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1734">#1734</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/aed135c7a24f328a5a35192db9b5b8b563935cd6"><code>aed135c</code></a>
chore(renovate): enable lockfileMaintenance for examples/** (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1735">#1735</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/3893be35ee1231f23716d431154d84bcb426f721"><code>3893be3</code></a>
chore(deps): update tailwindcss monorepo to ^4.2.4 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1733">#1733</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/05265b4fe009f5e90e75daeafc1a89eae3a0fb0c"><code>05265b4</code></a>
chore(deps): update dependency cypress to v15.14.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1732">#1732</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/59192731e829a7679381295f82b562a3cc02dee2"><code>5919273</code></a>
chore(deps): update tailwindcss monorepo to ^4.2.3 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1731">#1731</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/04e35b7616f628a10150bb2469f513ddb7e70eae"><code>04e35b7</code></a>
chore(deps): update dependency webpack to ^5.106.2 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1730">#1730</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/c8e8dca4b4a8b50aeca8d27f1a59e4210d0fc4e4"><code>c8e8dca</code></a>
chore(deps): update dependency lodash to ^4.18.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1721">#1721</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/da9ff6e24704dc0416a688a32bbd735f4a5aeb97"><code>da9ff6e</code></a>
chore(deps): update dependency cypress to v15.14.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1724">#1724</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/9230a04390215774bb33a9eb508ecadd2e91edea"><code>9230a04</code></a>
chore(deps): update cypress/browsers docker tag to v24.15.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1723">#1723</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/github-action/compare/783cb3f07983868532cabaedaa1e6c00ff4786a8...c495c3ddffba403ba11be95fffb67e25203b3799">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=7.1.9&new-version=7.1.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 13:53:08 +00:00
dependabot[bot] de9eb2db66 chore(deps-dev): Bump postcss from 8.5.11 to 8.5.12 (#1846) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [postcss](https://github.com/postcss/postcss) from 8.5.11 to
8.5.12.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.12</h2>
<ul>
<li>Fixed reading any file via user-generated CSS.</li>
<li>Added <code>opts.unsafeMap</code> to disable checks.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.12</h2>
<ul>
<li>Fixed reading any file via user-generated CSS.</li>
<li>Added <code>opts.unsafeMap</code> to disable checks.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/postcss/postcss/commit/9bc81c48f054a630c9a2e3868263b7ad4fc15013"><code>9bc81c4</code></a>
Release 8.5.12 version</li>
<li><a
href="https://github.com/postcss/postcss/commit/85c4d7dab830be366f8a96047f9e5b7944e101d8"><code>85c4d7d</code></a>
Another try to fix coverage</li>
<li><a
href="https://github.com/postcss/postcss/commit/94484cae6d4308167939f2ac888d166bd80dff01"><code>94484ca</code></a>
Try to fix coverage</li>
<li><a
href="https://github.com/postcss/postcss/commit/c64b7488d2731dfa16213739b42c34faf5a9eba3"><code>c64b748</code></a>
Load only .map source maps</li>
<li><a
href="https://github.com/postcss/postcss/commit/aaec7b78b3ce2792585b4b300ef1bd5dd5b3e8ad"><code>aaec7b7</code></a>
Avoid throwing JSON parsing errors for non-JSON source maps</li>
<li><a
href="https://github.com/postcss/postcss/commit/233fb264ea4c37f9e2d7b64b2726e6d23fd02327"><code>233fb26</code></a>
Mention original author of the solution</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.5.11...8.5.12">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.11&new-version=8.5.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 13:52:32 +00:00
dependabot[bot] 91ce8c3cce chore(deps-dev): Bump stylelint from 17.9.0 to 17.9.1 (#1845) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.9.0 to
17.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.9.1</h2>
<p>It fixes 4 bugs. We also documented the <code>messageArgs</code> each
rule provides to the <code>message</code> configuration property.</p>
<ul>
<li>Fixed: <code>ConfigurationError</code> regression for custom
syntaxes (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9245">#9245</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: MD5 hash algorithm to SHA256 for caching (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9241">#9241</a>)
(<a href="https://github.com/rkdfx"><code>@​rkdfx</code></a>).</li>
<li>Fixed: <code>property-no-deprecated</code> autofix for
<code>page-break-*: always</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9214">#9214</a>)
(<a href="https://github.com/rkdfx"><code>@​rkdfx</code></a>).</li>
<li>Fixed: <code>selector-no-deprecated</code> false positives for
<code>::part()</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9227">#9227</a>)
(<a
href="https://github.com/SaekiTominaga"><code>@​SaekiTominaga</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.9.1 - 2026-04-27</h2>
<p>It fixes 4 bugs. We also documented the <code>messageArgs</code> each
rule provides to the <code>message</code> configuration property.</p>
<ul>
<li>Fixed: <code>ConfigurationError</code> regression for custom
syntaxes (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9245">#9245</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: MD5 hash algorithm to SHA256 for caching (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9241">#9241</a>)
(<a href="https://github.com/rkdfx"><code>@​rkdfx</code></a>).</li>
<li>Fixed: <code>property-no-deprecated</code> autofix for
<code>page-break-*: always</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9214">#9214</a>)
(<a href="https://github.com/rkdfx"><code>@​rkdfx</code></a>).</li>
<li>Fixed: <code>selector-no-deprecated</code> false positives for
<code>::part()</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9227">#9227</a>)
(<a
href="https://github.com/SaekiTominaga"><code>@​SaekiTominaga</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/53c881784669bc068d492f49bb96761f4015e9d1"><code>53c8817</code></a>
Release 17.9.1 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9248">#9248</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/fa750547b3154ff233387bf47050215979e7ac45"><code>fa75054</code></a>
Fix <code>property-no-deprecated</code> autofix for <code>page-break-*:
always</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9214">#9214</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/02b039e9a1150f8abb4749a14a25b869ba34f7cd"><code>02b039e</code></a>
Fix <code>selector-no-deprecated</code> false positives for
<code>::part()</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9227">#9227</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/af22bece4dfa23b58244d8dce02c772a52179789"><code>af22bec</code></a>
Document message arguments of rules (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9226">#9226</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/20f6e9de1035cf830ca07e3fa6f60c62012bf11b"><code>20f6e9d</code></a>
Fix <code>ConfigurationError</code> regression for custom syntaxes (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9245">#9245</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/21a57e89a4a52f8a7ecb8b099940f88c738ce18d"><code>21a57e8</code></a>
Fix MD5 hash algorithm to SHA256 for caching (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9241">#9241</a>)</li>
<li>See full diff in <a
href="https://github.com/stylelint/stylelint/compare/17.9.0...17.9.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.9.0&new-version=17.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-30 13:52:15 +00:00
dependabot[bot] 2ab9b341df chore(deps-dev): Bump postcss from 8.5.10 to 8.5.11 (#1844) 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.10 to
8.5.11.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.11</h2>
<ul>
<li>Fixed nested brackets parsing performance (by <a
href="https://github.com/offset"><code>@​offset</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.11</h2>
<ul>
<li>Fixed nested brackets parsing performance (by <a
href="https://github.com/offset"><code>@​offset</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/postcss/postcss/commit/2502f750307acde733a39f9dfd4ef3cf6c6b734d"><code>2502f75</code></a>
Release 8.5.11 version</li>
<li><a
href="https://github.com/postcss/postcss/commit/5ca19019495b3fa08205f5fd2eeed57892f9fa3d"><code>5ca1901</code></a>
Speed up parsing many nested brackets</li>
<li><a
href="https://github.com/postcss/postcss/commit/42b5337dd7e2fa9a03566495cfad2737eb19e712"><code>42b5337</code></a>
Update dependencies</li>
<li><a
href="https://github.com/postcss/postcss/commit/7e36e153d075ef56ebc352f298b65f646c700a06"><code>7e36e15</code></a>
Cache node.raws locally in Stringifier hot methods</li>
<li><a
href="https://github.com/postcss/postcss/commit/8ec62b157b6520498f22dae0c9b0b079f81052ba"><code>8ec62b1</code></a>
Bypass MapGenerator for no-source-map stringify in LazyResult</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.5.10...8.5.11">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.10&new-version=8.5.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-29 13:52:39 +00:00
dependabot[bot] 5c4b3f205a chore(deps): Bump i18next from 26.0.7 to 26.0.8 (#1842) 
Bumps [i18next](https://github.com/i18next/i18next) from 26.0.7 to
26.0.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v26.0.8</h2>
<ul>
<li>fix(types): restore the pre-v25.10.4 <code>ExistsFunction</code>
shape so plain arrow functions can again be assigned to
<code>ExistsFunction</code>-typed variables (TypeScript cannot infer
type predicates through multi-overload assignment). Direct
<code>i18next.exists(key)</code> calls still narrow <code>key</code> to
<code>SelectorKey</code> — the predicate is now declared inline on
<code>i18n.exists</code>. Custom wrappers that want the narrowing can
type themselves as <code>typeof i18next.exists</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2425">2425</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.0.8</h2>
<ul>
<li>fix(types): restore the pre-v25.10.4 <code>ExistsFunction</code>
shape so plain arrow functions can again be assigned to
<code>ExistsFunction</code>-typed variables (TypeScript cannot infer
type predicates through multi-overload assignment). Direct
<code>i18next.exists(key)</code> calls still narrow <code>key</code> to
<code>SelectorKey</code> — the predicate is now declared inline on
<code>i18n.exists</code>. Custom wrappers that want the narrowing can
type themselves as <code>typeof i18next.exists</code> <a
href="https://redirect.github.com/i18next/i18next/issues/2425">2425</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/3ea438f8411575432021deab98c8fd85f723bd48"><code>3ea438f</code></a>
26.0.8</li>
<li><a
href="https://github.com/i18next/i18next/commit/5176bbd7a118f929c1e8817116194c3a0cca8522"><code>5176bbd</code></a>
retry version bump</li>
<li><a
href="https://github.com/i18next/i18next/commit/10b48c6193033f17194d5d0f7934a01b77035211"><code>10b48c6</code></a>
26.0.8</li>
<li><a
href="https://github.com/i18next/i18next/commit/9fdd99a9191a35315a766b5fa3e421b1d218fac7"><code>9fdd99a</code></a>
retry version bump</li>
<li><a
href="https://github.com/i18next/i18next/commit/9ee7da174dce5de9d11cd310ea58bc897147aed4"><code>9ee7da1</code></a>
changelog</li>
<li><a
href="https://github.com/i18next/i18next/commit/8ce5e268de1b9b1fa2afec5358c8a07a29644b0f"><code>8ce5e26</code></a>
26.0.8</li>
<li><a
href="https://github.com/i18next/i18next/commit/e802567c9c00d3ca32890897a12616c7de51f490"><code>e802567</code></a>
fix(types): restore <code>ExistsFunction</code> shape to keep
arrow-function wrappers as...</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.0.7...v26.0.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.0.7&new-version=26.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-28 13:51:41 +00:00
dependabot[bot] c19dcccac4 chore(deps-dev): Bump cypress from 15.14.0 to 15.14.1 (#1839) 
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.14.0 to
15.14.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/cypress/commit/6e050ec5376528fe92b7cccbd78d51a164ec32dd"><code>6e050ec</code></a>
chore: prepare for 15.14.1 release (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33636">#33636</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/3bd5575388c03e525b811b59fad44b9eceb58221"><code>3bd5575</code></a>
chore: convert glob -&gt; find_process -&gt; profile_cleaner to
TypeScript (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33627">#33627</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/23a4875c4db42dec2af5f221d5aced9407cad0d5"><code>23a4875</code></a>
chore: refactor server request to TypeScript (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33610">#33610</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/c0b39293685a8093728edae51222d4d27ec6bf88"><code>c0b3929</code></a>
chore: release <code>@​cypress/vite-dev-server-v7</code>.3.1</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/af3cdf568ab27fa9d7dceedab1da983669b647a6"><code>af3cdf5</code></a>
chore: convert cache_buster to TypeScript (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33624">#33624</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/7a7477397a25b518ca98376fb13482b35ec8bd16"><code>7a74773</code></a>
chore: convert chrome_policy_check to TypeScript (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33625">#33625</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/f652605d31877666ac5f9bbc7258c4f88f987795"><code>f652605</code></a>
fix: (vite-dev-server) wait for support file (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33487">#33487</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/593c22eab05106cd2b0392e3b56aabbf81e93ae6"><code>593c22e</code></a>
perf: dispose mocha runner on run completion to prevent memory leak on
rerun ...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/ddc05e5562f025efd81e07dd91f71b8a9f174a18"><code>ddc05e5</code></a>
chore: Attach fatal run errors to the active test for Cloud results (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33617">#33617</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/e5f0b32dee09e5b4ae0de74b03b326cd9c0ab967"><code>e5f0b32</code></a>
chore: remove release dates from cli/CHANGELOG.md (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33603">#33603</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.14.0...v15.14.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.14.0&new-version=15.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 17:14:17 +00:00
dependabot[bot] 56555f1d03 chore(deps): Bump i18next from 26.0.6 to 26.0.7 (#1841) 
Bumps [i18next](https://github.com/i18next/i18next) from 26.0.6 to
26.0.7.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.0.7</h2>
<ul>
<li>fix: when a plural lookup misses, the <code>missingKey</code> debug
log now shows the actual plural-resolved key (e.g.
<code>foo.bar_many</code> for Polish <code>count: 14</code>) instead of
the base key — making it obvious which plural category was expected and
missing <a
href="https://redirect.github.com/i18next/i18next/issues/2423">2423</a></li>
<li>chore: drop <code>@babel/runtime</code> runtime dependency. The
build no longer generates any <code>@babel/runtime</code> imports, so
the package is unused by consumers. Rollup now uses <code>babelHelpers:
'bundled'</code> so any helpers that are ever needed in the future will
be inlined rather than imported externally <a
href="https://redirect.github.com/i18next/i18next/issues/2424">2424</a></li>
<li>chore: stop emitting <code>dist/esm/i18next.bundled.js</code>. It
was byte-identical to <code>dist/esm/i18next.js</code> because no
helpers were being imported <a
href="https://redirect.github.com/i18next/i18next/issues/2424">2424</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/ce06fba2a5e51b12b06ecd8b9617e932096111a9"><code>ce06fba</code></a>
26.0.7</li>
<li><a
href="https://github.com/i18next/i18next/commit/ca33377537bcc1e26731861f201d749a6a8819fc"><code>ca33377</code></a>
chore: drop unused <code>@​babel/runtime</code> dep and redundant
bundled ESM output</li>
<li><a
href="https://github.com/i18next/i18next/commit/8abe4e66ceabf9a0dc0630b14d7f801eeb7dbbf7"><code>8abe4e6</code></a>
fix: show resolved plural key in missingKey debug log</li>
<li><a
href="https://github.com/i18next/i18next/commit/073eb1068a2cc06b5fc673c4060de585ca35d20e"><code>073eb10</code></a>
ts tests fix</li>
<li><a
href="https://github.com/i18next/i18next/commit/a3dfb180d87fb8e38aeb6409b433c3bdfac6f1ac"><code>a3dfb18</code></a>
security tests</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.0.6...v26.0.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.0.6&new-version=26.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 17:13:56 +00:00
dependabot[bot] 8922298b5e chore(deps): Bump maplibre-gl from 5.23.0 to 5.24.0 (#1840) 
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from
5.23.0 to 5.24.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's
changelog</a>.</em></p>
<blockquote>
<h2>5.24.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>GPU performance optimization: Render halo and glyph in a single pass
(-40% Time Reduction) (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7436">#7436</a>)
(by <a
href="https://github.com/xavierjs"><code>@​xavierjs</code></a>)</li>
<li>Optimize matrix inversions and reduce GPU stalls (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7367">#7367</a>)
(by <a
href="https://github.com/xavierjs"><code>@​xavierjs</code></a>)</li>
<li>Add example showing how to measure map performance using built-in
events (<code>load</code>, <code>idle</code>, <code>render</code>) (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7077">#7077</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix <code>Popup</code> not updating its position when switching
between terrain/globe projections (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7468">#7468</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
<li>Skip fog computation when fog opacity is zero (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7476">#7476</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/fd31bd85967c19446d836236e93021fb10ffe30d"><code>fd31bd8</code></a>
Bump js version to 5.24.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7509">#7509</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/859e6fa2c6905146205d418dfbe6dba4274c4182"><code>859e6fa</code></a>
chore(deps-dev): bump rollup from 4.60.1 to 4.60.2 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7508">#7508</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/1401f2db49354715376a65b633b24c1b2ebc1c45"><code>1401f2d</code></a>
chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7507">#7507</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/57f77d34be01c2029adf3c462d59ec763f13d4ca"><code>57f77d3</code></a>
chore(deps): bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7506">#7506</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/1d3c3f45649ed4fc0e48a6a08c5d4b97a7f05822"><code>1d3c3f4</code></a>
Update PR template to include AI policy confirmation (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7505">#7505</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/b30f01171cb01966eeb0b46cb918e9aadbbef160"><code>b30f011</code></a>
docs: Improve documentation for MapOptions hash parameter (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7503">#7503</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/d1614ef5da6ed43ecd3a2a51fb275912269df640"><code>d1614ef</code></a>
chore(deps-dev): bump devtools-protocol from 0.0.1616338 to 0.0.1617013
(<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7504">#7504</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/d44f14b4c382ecb827967281a4d6342dfc30bb35"><code>d44f14b</code></a>
Fix author attribution for touchZoomRotate features (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7502">#7502</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/018c3a089e8e4dad35eaab10ddd9b3137ed6c364"><code>018c3a0</code></a>
Symbol SDF Performance Optimization: Render Halo and Glyph in a Single
Pass (...</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/38f6798244fa7d05f9eea8daf758addc3f38dd89"><code>38f6798</code></a>
chore(deps-dev): bump diff from 8.0.4 to 9.0.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7497">#7497</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.23.0...v5.24.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=maplibre-gl&package-manager=npm_and_yarn&previous-version=5.23.0&new-version=5.24.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 17:13:35 +00:00
dependabot[bot] 2033c8170b chore(deps-dev): Bump stylelint from 17.8.0 to 17.9.0 (#1836) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.8.0 to
17.9.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.9.0 - 2026-04-23</h2>
<p>It adds 3 new features. Adding the <code>referenceFiles</code>
property to your configuration object makes the
<code>no-unknown-animations</code>, <code>no-unknown-custom-media</code>
and <code>no-unknown-custom-properties</code> rules more useful.</p>
<ul>
<li>Added: experimental <code>referenceFiles</code> to configuration
object (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9179">#9179</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Added: experimental <code>abortSignal</code> option to Node.js API
for cancellation support (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9213">#9213</a>)
(<a
href="https://github.com/adalinesimonian"><code>@​adalinesimonian</code></a>).</li>
<li>Added: <code>maxWarnings</code> to configuration object (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9181">#9181</a>)
(<a
href="https://github.com/mrginglymus"><code>@​mrginglymus</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/cee404b4519dfe5e82151323733adf86a08ddd87"><code>cee404b</code></a>
Release 17.9.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9242">#9242</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/b0af5aed125a88c9442e1821d763b97c2431ec80"><code>b0af5ae</code></a>
Bump prettier from 3.8.1 to 3.8.3 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9240">#9240</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/e2c2c43d87ee2515b9e5830f25d547fcfe526d45"><code>e2c2c43</code></a>
Bump eslint-plugin-jest from 29.15.1 to 29.15.2 in the eslint group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9239">#9239</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/68d008ec824b3597b2b4c28b85cdbaf30150b38e"><code>68d008e</code></a>
Bump <code>@​csstools/css-syntax-patches-for-csstree</code> from 1.1.2
to 1.1.3 in the csst...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/5ad7ffb8dc7bf0d777c85602554ce2290e712c5f"><code>5ad7ffb</code></a>
Bump <code>@​csstools/css-calc</code> from 3.1.1 to 3.2.0 in the
csstools-parser group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9237">#9237</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/f16ef5e19e2f354dca89ad4cbbb6a14f7b0b2f30"><code>f16ef5e</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9235">#9235</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/a0b3c5ac0a0df5df4581f7c9d84d389685739b44"><code>a0b3c5a</code></a>
Bump actions/github-script from 8.0.0 to 9.0.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9236">#9236</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/fb2efecb587195c704996a41861f426f2971ac68"><code>fb2efec</code></a>
Add <code>abortSignal</code> option to Node.js API for cancellation
support (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9213">#9213</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/84f2c6b75186dc4370b5a7419e26c661fad3acbe"><code>84f2c6b</code></a>
Document Netlify hosting badge (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9218">#9218</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/5b45245bf11798902fac596d55dcaead81a34771"><code>5b45245</code></a>
Add <code>maxWarnings</code> to configuration object (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9181">#9181</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.8.0...17.9.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.8.0&new-version=17.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-27 17:12:23 +00:00
dependabot[bot] b5081325e6 chore(deps-dev): Bump the vitest group with 2 updates (#1833) 
Bumps the vitest group with 2 updates:
[@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8)
and
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).

Updates `@vitest/coverage-v8` from 4.1.4 to 4.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases"><code>@​vitest/coverage-v8</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v4.1.5</h2>
<h3>   🚀 Experimental Features</h3>
<ul>
<li><strong>coverage</strong>: Istanbul to support
<code>instrumenter</code> option  -  by <a
href="https://github.com/BartWaardenburg"><code>@​BartWaardenburg</code></a>
and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10119">vitest-dev/vitest#10119</a>
<a href="https://github.com/vitest-dev/vitest/commit/0e0ff41c7"><!-- raw
HTML omitted -->(0e0ff)<!-- raw HTML omitted --></a></li>
</ul>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>--project negation excludes browser instances  -  by <a
href="https://github.com/felamaslen"><code>@​felamaslen</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10131">vitest-dev/vitest#10131</a>
<a href="https://github.com/vitest-dev/vitest/commit/9423dc084"><!-- raw
HTML omitted -->(9423d)<!-- raw HTML omitted --></a></li>
<li>Project color label on html reporter  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10142">vitest-dev/vitest#10142</a>
<a href="https://github.com/vitest-dev/vitest/commit/596f73986"><!-- raw
HTML omitted -->(596f7)<!-- raw HTML omitted --></a></li>
<li>Fix <code>vi.defineHelper</code> called as object method  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10163">vitest-dev/vitest#10163</a>
<a href="https://github.com/vitest-dev/vitest/commit/122c25b5b"><!-- raw
HTML omitted -->(122c2)<!-- raw HTML omitted --></a></li>
<li>Alias <code>agent</code> reporter to <code>minimal</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/10157">vitest-dev/vitest#10157</a>
<a href="https://github.com/vitest-dev/vitest/commit/663b99fe3"><!-- raw
HTML omitted -->(663b9)<!-- raw HTML omitted --></a></li>
<li>Respect diff config options in soft assertions  -  by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a>,
<strong>sheremet-va</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8696">vitest-dev/vitest#8696</a>
<a href="https://github.com/vitest-dev/vitest/commit/9787dedad"><!-- raw
HTML omitted -->(9787d)<!-- raw HTML omitted --></a></li>
<li>Respect diff config options in soft assertions &quot;  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8696">vitest-dev/vitest#8696</a>
<a href="https://github.com/vitest-dev/vitest/commit/7dc6d54fd"><!-- raw
HTML omitted -->(7dc6d)<!-- raw HTML omitted --></a></li>
<li><strong>ast-collect</strong>: Recognize _<em>vi_import</em> prefix
in static test discovery  -  by <a
href="https://github.com/Yejneshwar"><code>@​Yejneshwar</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10129">vitest-dev/vitest#10129</a>
<a href="https://github.com/vitest-dev/vitest/commit/325463ab2"><!-- raw
HTML omitted -->(32546)<!-- raw HTML omitted --></a></li>
<li><strong>coverage</strong>: Descriptive error message when reports
directory is removed during test run  -  by <a
href="https://github.com/DaveT1991"><code>@​DaveT1991</code></a> and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10117">vitest-dev/vitest#10117</a>
<a href="https://github.com/vitest-dev/vitest/commit/1413382e1"><!-- raw
HTML omitted -->(14133)<!-- raw HTML omitted --></a></li>
<li><strong>snapshot</strong>: Increase default snapshot max output
length  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> and
<strong>Codex</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10150">vitest-dev/vitest#10150</a>
<a href="https://github.com/vitest-dev/vitest/commit/21e66ff63"><!-- raw
HTML omitted -->(21e66)<!-- raw HTML omitted --></a></li>
<li><strong>ui</strong>: Fix jsx/tsx syntax highlight  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10152">vitest-dev/vitest#10152</a>
<a href="https://github.com/vitest-dev/vitest/commit/f1b1f6c7b"><!-- raw
HTML omitted -->(f1b1f)<!-- raw HTML omitted --></a></li>
<li><strong>web-worker</strong>: Support MessagePort objects referenced
inside postMessage data  -  by <a
href="https://github.com/whitphx"><code>@​whitphx</code></a> and
<strong>Claude Opus 4.6 (1M context)</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9927">vitest-dev/vitest#9927</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10124">vitest-dev/vitest#10124</a>
<a href="https://github.com/vitest-dev/vitest/commit/7ad7d39af"><!-- raw
HTML omitted -->(7ad7d)<!-- raw HTML omitted --></a></li>
<li><strong>api</strong>: Make test-specification options writable  - 
by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/10154">vitest-dev/vitest#10154</a>
<a href="https://github.com/vitest-dev/vitest/commit/6abd557b7"><!-- raw
HTML omitted -->(6abd5)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9"><code>e399846</code></a>
chore: release v4.1.5</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.5/packages/coverage-v8">compare
view</a></li>
</ul>
</details>
<br />

Updates `vitest` from 4.1.4 to 4.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.5</h2>
<h3>   🚀 Experimental Features</h3>
<ul>
<li><strong>coverage</strong>: Istanbul to support
<code>instrumenter</code> option  -  by <a
href="https://github.com/BartWaardenburg"><code>@​BartWaardenburg</code></a>
and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10119">vitest-dev/vitest#10119</a>
<a href="https://github.com/vitest-dev/vitest/commit/0e0ff41c7"><!-- raw
HTML omitted -->(0e0ff)<!-- raw HTML omitted --></a></li>
</ul>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li>--project negation excludes browser instances  -  by <a
href="https://github.com/felamaslen"><code>@​felamaslen</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10131">vitest-dev/vitest#10131</a>
<a href="https://github.com/vitest-dev/vitest/commit/9423dc084"><!-- raw
HTML omitted -->(9423d)<!-- raw HTML omitted --></a></li>
<li>Project color label on html reporter  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10142">vitest-dev/vitest#10142</a>
<a href="https://github.com/vitest-dev/vitest/commit/596f73986"><!-- raw
HTML omitted -->(596f7)<!-- raw HTML omitted --></a></li>
<li>Fix <code>vi.defineHelper</code> called as object method  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10163">vitest-dev/vitest#10163</a>
<a href="https://github.com/vitest-dev/vitest/commit/122c25b5b"><!-- raw
HTML omitted -->(122c2)<!-- raw HTML omitted --></a></li>
<li>Alias <code>agent</code> reporter to <code>minimal</code>  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/10157">vitest-dev/vitest#10157</a>
<a href="https://github.com/vitest-dev/vitest/commit/663b99fe3"><!-- raw
HTML omitted -->(663b9)<!-- raw HTML omitted --></a></li>
<li>Respect diff config options in soft assertions  -  by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a>,
<strong>sheremet-va</strong> and <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8696">vitest-dev/vitest#8696</a>
<a href="https://github.com/vitest-dev/vitest/commit/9787dedad"><!-- raw
HTML omitted -->(9787d)<!-- raw HTML omitted --></a></li>
<li>Respect diff config options in soft assertions &quot;  -  by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/8696">vitest-dev/vitest#8696</a>
<a href="https://github.com/vitest-dev/vitest/commit/7dc6d54fd"><!-- raw
HTML omitted -->(7dc6d)<!-- raw HTML omitted --></a></li>
<li><strong>ast-collect</strong>: Recognize _<em>vi_import</em> prefix
in static test discovery  -  by <a
href="https://github.com/Yejneshwar"><code>@​Yejneshwar</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10129">vitest-dev/vitest#10129</a>
<a href="https://github.com/vitest-dev/vitest/commit/325463ab2"><!-- raw
HTML omitted -->(32546)<!-- raw HTML omitted --></a></li>
<li><strong>coverage</strong>: Descriptive error message when reports
directory is removed during test run  -  by <a
href="https://github.com/DaveT1991"><code>@​DaveT1991</code></a> and <a
href="https://github.com/AriPerkkio"><code>@​AriPerkkio</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10117">vitest-dev/vitest#10117</a>
<a href="https://github.com/vitest-dev/vitest/commit/1413382e1"><!-- raw
HTML omitted -->(14133)<!-- raw HTML omitted --></a></li>
<li><strong>snapshot</strong>: Increase default snapshot max output
length  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> and
<strong>Codex</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10150">vitest-dev/vitest#10150</a>
<a href="https://github.com/vitest-dev/vitest/commit/21e66ff63"><!-- raw
HTML omitted -->(21e66)<!-- raw HTML omitted --></a></li>
<li><strong>ui</strong>: Fix jsx/tsx syntax highlight  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10152">vitest-dev/vitest#10152</a>
<a href="https://github.com/vitest-dev/vitest/commit/f1b1f6c7b"><!-- raw
HTML omitted -->(f1b1f)<!-- raw HTML omitted --></a></li>
<li><strong>web-worker</strong>: Support MessagePort objects referenced
inside postMessage data  -  by <a
href="https://github.com/whitphx"><code>@​whitphx</code></a> and
<strong>Claude Opus 4.6 (1M context)</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9927">vitest-dev/vitest#9927</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10124">vitest-dev/vitest#10124</a>
<a href="https://github.com/vitest-dev/vitest/commit/7ad7d39af"><!-- raw
HTML omitted -->(7ad7d)<!-- raw HTML omitted --></a></li>
<li><strong>api</strong>: Make test-specification options writable  - 
by <a
href="https://github.com/sheremet-va"><code>@​sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/10154">vitest-dev/vitest#10154</a>
<a href="https://github.com/vitest-dev/vitest/commit/6abd557b7"><!-- raw
HTML omitted -->(6abd5)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e399846850fedf10b8228cbe46a419628998acd9"><code>e399846</code></a>
chore: release v4.1.5</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/7dc6d54fd9dda0fe6fee2fb6451d0611a9ecb6e7"><code>7dc6d54</code></a>
Revert &quot;fix: respect diff config options in soft assertions (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696">#8696</a>)&quot;</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/9787dedade9896a6d3eeed7739177d6c583a68a7"><code>9787ded</code></a>
fix: respect diff config options in soft assertions (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/8696">#8696</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/325463ab292c45c3ef27aa21ec7da380c307052c"><code>325463a</code></a>
fix(ast-collect): recognize _<em>vi_import</em> prefix in static test
discovery (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10">#10</a>...</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/0e0ff41c7e86d6e2bf581f074dc216805d10d371"><code>0e0ff41</code></a>
feat(coverage): istanbul to support <code>instrumenter</code> option (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10119">#10119</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/663b99fe3e6a60fc8a7ccd2d9941d1cbe929b606"><code>663b99f</code></a>
fix: alias <code>agent</code> reporter to <code>minimal</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10157">#10157</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/122c25b5b157ffd31b376561b16ab983aa23e7bc"><code>122c25b</code></a>
fix: fix <code>vi.defineHelper</code> called as object method (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10163">#10163</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/6abd557b7219156893dd13a1dbe86501d5542d2e"><code>6abd557</code></a>
feat(api): make test-specification options writable (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10154">#10154</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/596f73986abe2161a9a06f0ca03df68e82690b21"><code>596f739</code></a>
fix: project color label on html reporter (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10142">#10142</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/9423dc0841e97b6dcac8a73cdb8e656b3d6ba909"><code>9423dc0</code></a>
fix: --project negation excludes browser instances (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10131">#10131</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.5/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-24 13:52:30 +00:00
dependabot[bot] 36d39d675e chore(deps-dev): Bump typescript-eslint from 8.58.2 to 8.59.0 (#1835) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.58.2 to 8.59.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.59.0</h2>
<h2>8.59.0 (2026-04-20)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
report more cases based on assignability (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11789">#11789</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Ulrich Stark</li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.59.0 (2026-04-20)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/ea9ae4f8817873480e3501145059f63e39e8d8a1"><code>ea9ae4f</code></a>
chore(release): publish 8.59.0</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.59.0/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.58.2&new-version=8.59.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-24 13:52:17 +00:00
dependabot[bot] fe8681bbac chore(deps-dev): Bump uuid from 13.0.0 to 14.0.0 (#1832) 
Bumps [uuid](https://github.com/uuidjs/uuid) from 13.0.0 to 14.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/uuidjs/uuid/releases">uuid's
releases</a>.</em></p>
<blockquote>
<h2>v14.0.0</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a>
(2026-04-19)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>expect <code>crypto</code> to be global everywhere (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li>
<li>drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>) (<a
href="https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3">dc4ddb8</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>expect <code>crypto</code> to be global everywhere (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>) (<a
href="https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4">f2c235f</a>)</li>
<li>Use GITHUB_TOKEN for release-please and enable npm provenance (<a
href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>) (<a
href="https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c">ffa3138</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md">uuid's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a>
(2026-04-19)</h2>
<h3>Security</h3>
<ul>
<li>Fixes <a
href="https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq">GHSA-w5hq-g745-h8pq</a>:
<code>v3()</code>, <code>v5()</code>, and <code>v6()</code> did not
validate that writes would remain within the bounds of a caller-supplied
buffer, allowing out-of-bounds writes when an invalid
<code>offset</code> was provided. A <code>RangeError</code> is now
thrown if <code>offset &lt; 0</code> or <code>offset + 16 &gt;
buf.length</code>.</li>
</ul>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li><code>crypto</code> is now expected to be globally defined (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li>
<li>drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li>
<li>upgrade minimum supported TypeScript version to 5.4.3, in keeping
with the project's policy of supporting TypeScript versions released
within the last two years</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b"><code>7c1ea08</code></a>
chore(main): release 14.0.0 (<a
href="https://redirect.github.com/uuidjs/uuid/issues/926">#926</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34"><code>3d2c5b0</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4"><code>f2c235f</code></a>
fix!: expect <code>crypto</code> to be global everywhere (requires
node@20+) (<a
href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212"><code>529ef08</code></a>
chore: upgrade TypeScript and fixup types (<a
href="https://redirect.github.com/uuidjs/uuid/issues/927">#927</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087"><code>086fd79</code></a>
chore: update dependencies (<a
href="https://redirect.github.com/uuidjs/uuid/issues/933">#933</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3"><code>dc4ddb8</code></a>
feat!: drop node@18 support (<a
href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404"><code>0f1f9c9</code></a>
chore: switch to Biome for parsing and linting (<a
href="https://redirect.github.com/uuidjs/uuid/issues/932">#932</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013"><code>e2879e6</code></a>
chore: use maintained version of npm-run-all (<a
href="https://redirect.github.com/uuidjs/uuid/issues/930">#930</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c"><code>ffa3138</code></a>
fix: Use GITHUB_TOKEN for release-please and enable npm provenance (<a
href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4"><code>0423d49</code></a>
docs: remove obsolete v1 option notes (<a
href="https://redirect.github.com/uuidjs/uuid/issues/915">#915</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for uuid since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uuid&package-manager=npm_and_yarn&previous-version=13.0.0&new-version=14.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-23 02:02:19 +00:00
dependabot[bot] 105a970eb1 chore(deps): Bump i18next from 26.0.5 to 26.0.6 (#1831) 
Bumps [i18next](https://github.com/i18next/i18next) from 26.0.5 to
26.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v26.0.6</h2>
<p>Security release — all issues found via an internal audit. GHSA
advisory filed after release.</p>
<ul>
<li>security: warn when a translation string combines <code>escapeValue:
false</code> with interpolated variables inside a <code>$t(key, { ...
&quot;{{var}}&quot; ... })</code> nesting-options block. In that narrow
combination, attacker-controlled string values containing
<code>&quot;</code> can break out of the JSON options literal and inject
additional nesting options (e.g. redirect
<code>lng</code>/<code>ns</code>). The default <code>escapeValue:
true</code> configuration is unaffected because HTML-escaping
neutralises the quote before <code>JSON.parse</code>. See the security
docs for mitigation guidance (GHSA-TBD)</li>
<li>security: apply <code>regexEscape</code> to
<code>unescapePrefix</code> / <code>unescapeSuffix</code> on par with
the other interpolation delimiters. Prevents ReDoS
(catastrophic-backtracking) when a misconfigured delimiter contains
regex metacharacters, and fixes silent breakage of the <code>{{-
var}}</code> syntax when the delimiter contains characters like
<code>(</code>, <code>[</code>, <code>.</code></li>
<li>security: strip CR/LF/NUL and other C0/C1 control characters from
string log arguments to prevent log forging via user-controlled
translation keys, language codes, namespaces, or interpolation variable
names (CWE-117)</li>
<li>chore: ignore <code>.env*</code> and
<code>*.pem</code>/<code>*.key</code> files in
<code>.gitignore</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.0.6</h2>
<p>Security release — all issues found via an internal audit.</p>
<ul>
<li>security: warn when a translation string combines <code>escapeValue:
false</code> with interpolated variables inside a <code>$t(key, { ...
&quot;{{var}}&quot; ... })</code> nesting-options block. In that narrow
combination, attacker-controlled string values containing
<code>&quot;</code> can break out of the JSON options literal and inject
additional nesting options (e.g. redirect
<code>lng</code>/<code>ns</code>). The default <code>escapeValue:
true</code> configuration is unaffected because HTML-escaping
neutralises the quote before <code>JSON.parse</code>. See the <a
href="https://www.i18next.com/translation-function/nesting#security-note-interpolated-values-inside-a-nesting-options-block">security
note in the Nesting docs</a> for the full pattern and mitigations</li>
<li>security: apply <code>regexEscape</code> to
<code>unescapePrefix</code> / <code>unescapeSuffix</code> on par with
the other interpolation delimiters. Prevents ReDoS
(catastrophic-backtracking) when a misconfigured delimiter contains
regex metacharacters, and fixes silent breakage of the <code>{{-
var}}</code> syntax when the delimiter contains characters like
<code>(</code>, <code>[</code>, <code>.</code></li>
<li>security: strip CR/LF/NUL and other C0/C1 control characters from
string log arguments to prevent log forging via user-controlled
translation keys, language codes, namespaces, or interpolation variable
names (CWE-117)</li>
<li>chore: ignore <code>.env*</code> and
<code>*.pem</code>/<code>*.key</code> files in
<code>.gitignore</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/9d0ed9f98ee0386f923175f3638e2df103143dde"><code>9d0ed9f</code></a>
26.0.6</li>
<li><a
href="https://github.com/i18next/i18next/commit/8c825644373b4faaeedd2587b9080283d2fcf5ce"><code>8c82564</code></a>
security: hardening for 26.0.6 — nesting-options warning, regexEscape
unescap...</li>
<li><a
href="https://github.com/i18next/i18next/commit/0cb018c363d9b64790248d2712ac57258a9708bb"><code>0cb018c</code></a>
chore: bump devDependencies</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.0.5...v26.0.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.0.5&new-version=26.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-22 14:00:51 +00:00
dependabot[bot] 8cbff8cc38 chore(deps): Bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (#1830) 
Bumps
[dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata)
from 3.0.0 to 3.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add permissions to all workflows by <a
href="https://github.com/truggeri"><code>@​truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/687">dependabot/fetch-metadata#687</a></li>
<li>build(deps-dev): bump globals from 16.0.0 to 17.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/690">dependabot/fetch-metadata#690</a></li>
<li>build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/693">dependabot/fetch-metadata#693</a></li>
<li>build(deps-dev): bump <code>@​hono/node-server</code> from 1.19.10
to 1.19.13 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/694">dependabot/fetch-metadata#694</a></li>
<li>build(deps-dev): bump hono from 4.12.7 to 4.12.12 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/695">dependabot/fetch-metadata#695</a></li>
<li>Dynamically update the tracking tag in action by <a
href="https://github.com/truggeri"><code>@​truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/696">dependabot/fetch-metadata#696</a></li>
<li>fix: handle duplicate dependency names in parseMetadataLinks by <a
href="https://github.com/devantler"><code>@​devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li>
<li>fix: remove $ anchor from updateFragment regex to handle pip
directory suffixes by <a
href="https://github.com/devantler"><code>@​devantler</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/698">dependabot/fetch-metadata#698</a></li>
<li>Updates to README for permissions clarification by <a
href="https://github.com/truggeri"><code>@​truggeri</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/697">dependabot/fetch-metadata#697</a></li>
<li>fix: resolve update-type null for Python, Composer, and Terraform
PRs by <a
href="https://github.com/vitorsdcs"><code>@​vitorsdcs</code></a> in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li>
<li>build(deps-dev): bump globals from 17.4.0 to 17.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/703">dependabot/fetch-metadata#703</a></li>
<li>build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/701">dependabot/fetch-metadata#701</a></li>
<li>build(deps): bump <code>@​actions/github</code> from 9.0.0 to 9.1.0
in the dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/702">dependabot/fetch-metadata#702</a></li>
<li>build(deps-dev): bump hono from 4.12.12 to 4.12.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/705">dependabot/fetch-metadata#705</a></li>
<li>v3.1.0 by <a
href="https://github.com/fetch-metadata-action-automation"><code>@​fetch-metadata-action-automation</code></a>[bot]
in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/692">dependabot/fetch-metadata#692</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/devantler"><code>@​devantler</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li>
<li><a href="https://github.com/vitorsdcs"><code>@​vitorsdcs</code></a>
made their first contribution in <a
href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0">https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98"><code>25dd0e3</code></a>
v3.1.0 (<a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/692">#692</a>)</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9"><code>e073f50</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/705">#705</a>
from dependabot/dependabot/npm_and_yarn/hono-4.12.14</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674"><code>0670e16</code></a>
build(deps-dev): bump hono from 4.12.12 to 4.12.14</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1"><code>7a7fe10</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/702">#702</a>
from dependabot/dependabot/npm_and_yarn/dependencies-...</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d"><code>5168191</code></a>
Updating dist build</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504"><code>23882e1</code></a>
build(deps): bump <code>@​actions/github</code> in the dependencies
group</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7"><code>1072469</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/701">#701</a>
from dependabot/dependabot/github_actions/actions/cre...</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752"><code>43f8a00</code></a>
build(deps): bump actions/create-github-app-token from 3.0.0 to
3.1.1</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1"><code>b4d904a</code></a>
Merge pull request <a
href="https://redirect.github.com/dependabot/fetch-metadata/issues/703">#703</a>
from dependabot/dependabot/npm_and_yarn/globals-17.5.0</li>
<li><a
href="https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82"><code>c8046bb</code></a>
build(deps-dev): bump globals from 17.4.0 to 17.5.0</li>
<li>Additional commits viewable in <a
href="https://github.com/dependabot/fetch-metadata/compare/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36...25dd0e34f4fe68f24cc83900b1fe3fe149efef98">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dependabot/fetch-metadata&package-manager=github_actions&previous-version=3.0.0&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-22 13:59:34 +00:00
dependabot[bot] 6f0213cb98 chore(deps): Bump @codemirror/view from 6.41.0 to 6.41.1 (#1828) 
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.41.0
to 6.41.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/view/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.41.0&new-version=6.41.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-22 13:59:07 +00:00
dependabot[bot] 58c99f2470 chore(deps-dev): Bump eslint-plugin-react-hooks from 7.1.0 to 7.1.1 (#1827) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks)
from 7.1.0 to 7.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">eslint-plugin-react-hooks's
releases</a>.</em></p>
<blockquote>
<h2>eslint-plugin-react-hooks@7.1.1 (April 17, 2026)</h2>
<p><strong>Note:</strong> 7.1.0 accidentally removed the
<code>component-hook-factories</code> rule, causing errors for users who
referenced it in their ESLint config. This is now fixed.</p>
<ul>
<li>Add deprecated no-op <code>component-hook-factories</code> rule for
backwards compatibility. (<a
href="https://github.com/mofeiZ"><code>@​mofeiZ</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/36307">#36307</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's
changelog</a>.</em></p>
<blockquote>
<h2>7.1.1</h2>
<p><strong>Note:</strong> 7.1.0 accidentally removed the
<code>component-hook-factories</code> rule, causing errors for users who
referenced it in their ESLint config. This is now fixed.</p>
<ul>
<li>Add deprecated no-op <code>component-hook-factories</code> rule for
backwards compatibility. (<a
href="https://github.com/mofeiZ"><code>@​mofeiZ</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/36307">#36307</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/facebook/react/commit/d1727fbf987392749b374f3afe62227d2c70fc41"><code>d1727fb</code></a>
[eprh] Update changelog for 7.1.1 (<a
href="https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks/issues/36308">#36308</a>)</li>
<li><a
href="https://github.com/facebook/react/commit/bc249804d3c2ea6ee95bc5543c3735a65d1239b5"><code>bc24980</code></a>
[eprh] Add back a no-op for removed component-hook-factories rule (<a
href="https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks/issues/36307">#36307</a>)</li>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.1/packages/eslint-plugin-react-hooks">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint-plugin-react-hooks&package-manager=npm_and_yarn&previous-version=7.1.0&new-version=7.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-21 13:53:43 +00:00
dependabot[bot] 838045d221 chore(deps-dev): Bump typescript from 6.0.2 to 6.0.3 (#1826) 
Bumps [typescript](https://github.com/microsoft/TypeScript) from 6.0.2
to 6.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/microsoft/TypeScript/releases">typescript's
releases</a>.</em></p>
<blockquote>
<h2>TypeScript 6.0.3</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/">release
announcement blog post</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.0%22">fixed
issues query for TypeScript 6.0.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.1%22">fixed
issues query for TypeScript 6.0.1 (RC)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.2%22">fixed
issues query for TypeScript 6.0.2 (Stable)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.3%22">fixed
issues query for TypeScript 6.0.3 (Stable)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/microsoft/TypeScript/commit/050880ce59e30b356b686bd3144efe24f875ebc8"><code>050880c</code></a>
Bump version to 6.0.3 and LKG</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/eeae9dd0f17aa494658e4ec079dc002e02dd625e"><code>eeae9dd</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/microsoft/TypeScript/issues/63401">#63401</a>
(Also check package name validity in...) into release-6.0 (#...</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/ad1c695fada682764bb510dd680e8f175ae54094"><code>ad1c695</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/microsoft/TypeScript/issues/63368">#63368</a>
(Harden ATA package name filtering) into release-6.0 (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/63372">#63372</a>)</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/0725fb4664a1d5ec94040b6d94db77dc1cc354e4"><code>0725fb4</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/microsoft/TypeScript/issues/63310">#63310</a>
(Mark class property initializers as...) into release-6.0 (#...</li>
<li>See full diff in <a
href="https://github.com/microsoft/TypeScript/compare/v6.0.2...v6.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=6.0.2&new-version=6.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-21 13:53:20 +00:00
dependabot[bot] 1a4dd49d50 chore(deps-dev): Bump eslint from 10.2.0 to 10.2.1 (#1825) 
Bumps [eslint](https://github.com/eslint/eslint) from 10.2.0 to 10.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v10.2.1</h2>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/14be92b6d1fa0923b8923830f2208e5e2705b002"><code>14be92b</code></a>
fix: model generator yield resumption paths in code path analysis (<a
href="https://redirect.github.com/eslint/eslint/issues/20665">#20665</a>)
(sethamus)</li>
<li><a
href="https://github.com/eslint/eslint/commit/84a19d2c32255db6b9cfc08644a607aae6d5cb62"><code>84a19d2</code></a>
fix: no-async-promise-executor false positives for shadowed Promise (<a
href="https://redirect.github.com/eslint/eslint/issues/20740">#20740</a>)
(xbinaryx)</li>
<li><a
href="https://github.com/eslint/eslint/commit/af764af0ec38225755fbf8a6f207f0c77b595a8d"><code>af764af</code></a>
fix: clarify language and processor validation errors (<a
href="https://redirect.github.com/eslint/eslint/issues/20729">#20729</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e251b89a38280973e468a4a9386c138f4f55d10d"><code>e251b89</code></a>
fix: update eslint (<a
href="https://redirect.github.com/eslint/eslint/issues/20715">#20715</a>)
(renovate[bot])</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/ca92ca0fb4599e8de1e2fb914e695fe7397cbe63"><code>ca92ca0</code></a>
docs: reuse markdown-it instance for markdown filter (<a
href="https://redirect.github.com/eslint/eslint/issues/20768">#20768</a>)
(Amaresh S M)</li>
<li><a
href="https://github.com/eslint/eslint/commit/57d2ee213305cee0cb55ef08e0480b57396269a9"><code>57d2ee2</code></a>
docs: Enable Eleventy incremental mode for watch (<a
href="https://redirect.github.com/eslint/eslint/issues/20767">#20767</a>)
(Amaresh S M)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c1621b915742276e5f4b25efe790ca62296330dc"><code>c1621b9</code></a>
docs: fix typos in code-path-analyzer.js (<a
href="https://redirect.github.com/eslint/eslint/issues/20700">#20700</a>)
(Ayush Shukla)</li>
<li><a
href="https://github.com/eslint/eslint/commit/1418d522d10bde1960f4942afb548bc7160ec49e"><code>1418d52</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/39771e6e600f0b0617fdeafff6dd07e4211ffde6"><code>39771e6</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/71e04693def2df57268f08f3072a2749df6bf438"><code>71e0469</code></a>
docs: fix incomplete JSDoc param description in no-shadow rule (<a
href="https://redirect.github.com/eslint/eslint/issues/20728">#20728</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/22119ceb93e28f62262fc1d98ff1b1442d6e2dbf"><code>22119ce</code></a>
docs: clarify scope of for-direction rule with dead code examples (<a
href="https://redirect.github.com/eslint/eslint/issues/20723">#20723</a>)
(Amaresh S M)</li>
<li><a
href="https://github.com/eslint/eslint/commit/8f3fb77f122a5641d1833cad5d93f3f54fa3be0b"><code>8f3fb77</code></a>
docs: document <code>meta.docs.dialects</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20718">#20718</a>)
(Pixel998)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/7ddfea9c4f62add1588c5c0b0da568c299246383"><code>7ddfea9</code></a>
chore: update dependency prettier to v3.8.2 (<a
href="https://redirect.github.com/eslint/eslint/issues/20770">#20770</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/fac40e1de2ba7646cc7cd2d3f93fbdd1f8819001"><code>fac40e1</code></a>
ci: bump pnpm/action-setup from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20763">#20763</a>)
(dependabot[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/7246f923332522d8b3d46b6ee646fce88535f3fb"><code>7246f92</code></a>
test: add tests for SuppressionsService.load() error handling (<a
href="https://redirect.github.com/eslint/eslint/issues/20734">#20734</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/4f34b1e592b0f63d766d9903998e8e36eb49d3aa"><code>4f34b1e</code></a>
chore: update pnpm/action-setup action to v5 (<a
href="https://redirect.github.com/eslint/eslint/issues/20762">#20762</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/51080eb5c98d619434e4835dbe9f1c6654aca3b8"><code>51080eb</code></a>
test: processor service (<a
href="https://redirect.github.com/eslint/eslint/issues/20731">#20731</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e7e1889fca9b6044e08f41b38df20a1ce45808c8"><code>e7e1889</code></a>
chore: remove stale babel-eslint10 fixture and test (<a
href="https://redirect.github.com/eslint/eslint/issues/20727">#20727</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/4e1a87cb8fb90e309524bc36bc5f31b9f9cfaa76"><code>4e1a87c</code></a>
test: remove redundant async/await in flat config array tests (<a
href="https://redirect.github.com/eslint/eslint/issues/20722">#20722</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/066eabb3643b12931f991594969bcc0028f71a5f"><code>066eabb</code></a>
test: add rule metadata coverage for <code>languages</code> and
<code>docs.dialects</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20717">#20717</a>)
(Pixel998)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/4d1d8f9737236603f64bbe83d5bb8001627b5611"><code>4d1d8f9</code></a>
10.2.1</li>
<li><a
href="https://github.com/eslint/eslint/commit/3e33105b05d09b5a4eb894ed75a9811fb40d65e6"><code>3e33105</code></a>
Build: changelog update for 10.2.1</li>
<li><a
href="https://github.com/eslint/eslint/commit/ca92ca0fb4599e8de1e2fb914e695fe7397cbe63"><code>ca92ca0</code></a>
docs: reuse markdown-it instance for markdown filter (<a
href="https://redirect.github.com/eslint/eslint/issues/20768">#20768</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7ddfea9c4f62add1588c5c0b0da568c299246383"><code>7ddfea9</code></a>
chore: update dependency prettier to v3.8.2 (<a
href="https://redirect.github.com/eslint/eslint/issues/20770">#20770</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/57d2ee213305cee0cb55ef08e0480b57396269a9"><code>57d2ee2</code></a>
docs: Enable Eleventy incremental mode for watch (<a
href="https://redirect.github.com/eslint/eslint/issues/20767">#20767</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c1621b915742276e5f4b25efe790ca62296330dc"><code>c1621b9</code></a>
docs: fix typos in code-path-analyzer.js (<a
href="https://redirect.github.com/eslint/eslint/issues/20700">#20700</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/fac40e1de2ba7646cc7cd2d3f93fbdd1f8819001"><code>fac40e1</code></a>
ci: bump pnpm/action-setup from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/eslint/eslint/issues/20763">#20763</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7246f923332522d8b3d46b6ee646fce88535f3fb"><code>7246f92</code></a>
test: add tests for SuppressionsService.load() error handling (<a
href="https://redirect.github.com/eslint/eslint/issues/20734">#20734</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/4f34b1e592b0f63d766d9903998e8e36eb49d3aa"><code>4f34b1e</code></a>
chore: update pnpm/action-setup action to v5 (<a
href="https://redirect.github.com/eslint/eslint/issues/20762">#20762</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/1418d522d10bde1960f4942afb548bc7160ec49e"><code>1418d52</code></a>
docs: Update README</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v10.2.0...v10.2.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=10.2.0&new-version=10.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-21 13:52:44 +00:00
dependabot[bot] f277b20ab1 chore(deps-dev): Bump typescript from 5.9.3 to 6.0.2 (#1762) 
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.9.3
to 6.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/microsoft/TypeScript/releases">typescript's
releases</a>.</em></p>
<blockquote>
<h2>TypeScript 6.0</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/">release
announcement blog post</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.0%22">fixed
issues query for TypeScript 6.0.0 (Beta)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.1%22">fixed
issues query for TypeScript 6.0.1 (RC)</a>.</li>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.2%22">fixed
issues query for TypeScript 6.0.2 (Stable)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
<h2>TypeScript 6.0 Beta</h2>
<p>For release notes, check out the <a
href="https://devblogs.microsoft.com/typescript/announcing-typescript-6-0-beta/">release
announcement</a>.</p>
<ul>
<li><a
href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&amp;q=milestone%3A%22TypeScript+6.0.0%22+is%3Aclosed+">fixed
issues query for Typescript 6.0.0 (Beta)</a>.</li>
</ul>
<p>Downloads are available on:</p>
<ul>
<li><a href="https://www.npmjs.com/package/typescript">npm</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/microsoft/TypeScript/commit/607a22a90d1a5a1b507ce01bb8cd7ec020f954e7"><code>607a22a</code></a>
Bump version to 6.0.2 and LKG</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/9e72ab71b575e26795d0d9eac3d2d9957beed17c"><code>9e72ab7</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/microsoft/TypeScript/issues/63239">#63239</a>
(Fix missing lib files in reused pro...) into release-6.0 (#...</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/35ff23d4b0cc715691323ebe54f523c16fe6e3a5"><code>35ff23d</code></a>
🤖 Pick PR <a
href="https://redirect.github.com/microsoft/TypeScript/issues/63163">#63163</a>
(Port anyFunctionType subtype fix an...) into release-6.0 (#...</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/e175b69138038953d4e85bf6529afe88d56d8fbe"><code>e175b69</code></a>
Bump version to 6.0.1-rc and LKG</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/af4caac0e91e838c46b3fdc1c9afacad68800f89"><code>af4caac</code></a>
Update LKG</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/8efd7e8544d8b35c9b33bca44a3124aa2613bf09"><code>8efd7e8</code></a>
Merge remote-tracking branch 'origin/main' into release-6.0</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/206ed1a00ffde637d821bbb3172d1488e3d949e8"><code>206ed1a</code></a>
Deprecate assert in import() (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/63172">#63172</a>)</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/e688ac8bc3cbb698c4341ee06401bd6beeb1c4ba"><code>e688ac8</code></a>
Update dependencies (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/63156">#63156</a>)</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/29b300deb56c775f19c2f0528012896e4d1db3e0"><code>29b300d</code></a>
Bump the github-actions group across 1 directory with 2 updates (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/63205">#63205</a>)</li>
<li><a
href="https://github.com/microsoft/TypeScript/commit/0c2c7a358297d66df690230deaed8c98e7d77c04"><code>0c2c7a3</code></a>
DOM update (<a
href="https://redirect.github.com/microsoft/TypeScript/issues/63183">#63183</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/microsoft/TypeScript/compare/v5.9.3...v6.0.2">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:30:36 +00:00
dependabot[bot] d2e26655bb chore(deps-dev): Bump stylelint from 17.7.0 to 17.8.0 (#1821) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.7.0 to
17.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.8.0</h2>
<p>It adds 3 new rules and 1 configuration property.</p>
<ul>
<li>Added: <code>languageOptions.directionality</code> configuration
property (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8687">#8687</a>)
(<a
href="https://github.com/sw1tch3roo"><code>@​sw1tch3roo</code></a>).</li>
<li>Added: <code>property-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8687">#8687</a>)
(<a
href="https://github.com/sw1tch3roo"><code>@​sw1tch3roo</code></a>).</li>
<li>Added: <code>relative-selector-nesting-notation</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8730">#8730</a>)
(<a
href="https://github.com/sw1tch3roo"><code>@​sw1tch3roo</code></a>).</li>
<li>Added: <code>selector-no-deprecated</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8694">#8694</a>)
(<a href="https://github.com/immitsu"><code>@​immitsu</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.8.0 - 2026-04-15</h2>
<p>It adds 3 new rules and 1 configuration property.</p>
<ul>
<li>Added: <code>languageOptions.directionality</code> configuration
property (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8687">#8687</a>)
(<a
href="https://github.com/sw1tch3roo"><code>@​sw1tch3roo</code></a>).</li>
<li>Added: <code>property-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8687">#8687</a>)
(<a
href="https://github.com/sw1tch3roo"><code>@​sw1tch3roo</code></a>).</li>
<li>Added: <code>relative-selector-nesting-notation</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8730">#8730</a>)
(<a
href="https://github.com/sw1tch3roo"><code>@​sw1tch3roo</code></a>).</li>
<li>Added: <code>selector-no-deprecated</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8694">#8694</a>)
(<a href="https://github.com/immitsu"><code>@​immitsu</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/b329c6fb0ee1c8fd530358ab6b7a11a96aa2c616"><code>b329c6f</code></a>
Release 17.8.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9217">#9217</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/e9a4877f6af134af12f3f79d36c66dddd5a54ea4"><code>e9a4877</code></a>
Bump postcss from 8.5.8 to 8.5.9 in the postcss group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9216">#9216</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/0dc0d02659448ec2eff65b5b8e0464baa1350c2d"><code>0dc0d02</code></a>
Bump eslint from 10.1.0 to 10.2.0 in the eslint group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9215">#9215</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/4978eaf6f9b38905f845b5fc66fbe1f48cc3f29b"><code>4978eaf</code></a>
Document <code>selector-no-deprecated</code> not yet in config (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9211">#9211</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/9ca941ed5e14d1b918587531ef0172533c829771"><code>9ca941e</code></a>
Add <code>relative-selector-nesting-notation</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8730">#8730</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/06807ce45638f6a1107e20f01f02ec0392783063"><code>06807ce</code></a>
Add <code>selector-no-deprecated</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8694">#8694</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/16a6090344b085e816f47a30265f732d4f7d5178"><code>16a6090</code></a>
Add <code>property-layout-mappings</code> rule (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8687">#8687</a>)</li>
<li>See full diff in <a
href="https://github.com/stylelint/stylelint/compare/17.7.0...17.8.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:21:00 +00:00
dependabot[bot] 1e94c1f6d9 chore(deps): Bump ol-mapbox-style from 13.4.0 to 13.4.1 (#1819) 
Bumps [ol-mapbox-style](https://github.com/openlayers/ol-mapbox-style)
from 13.4.0 to 13.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/ol-mapbox-style/releases">ol-mapbox-style's
releases</a>.</em></p>
<blockquote>
<h2>v13.4.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Changes for 13.4.0 by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1432">openlayers/ol-mapbox-style#1432</a></li>
<li>Do not fail on ol versions that don't have Stroke#setOffset() by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1440">openlayers/ol-mapbox-style#1440</a></li>
<li>Bump puppeteer from 24.37.5 to 24.40.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1433">openlayers/ol-mapbox-style#1433</a></li>
<li>Bump pmtiles-protocol from 1.0.5 to 1.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1434">openlayers/ol-mapbox-style#1434</a></li>
<li>Bump copy-webpack-plugin from 13.0.1 to 14.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1435">openlayers/ol-mapbox-style#1435</a></li>
<li>Bump <code>@​rollup/plugin-commonjs</code> from 29.0.0 to 29.0.2 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1436">openlayers/ol-mapbox-style#1436</a></li>
<li>Bump eslint from 9.39.4 to 10.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1437">openlayers/ol-mapbox-style#1437</a></li>
<li>Bump lodash from 4.17.23 to 4.18.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1441">openlayers/ol-mapbox-style#1441</a></li>
<li>Bump picomatch by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1438">openlayers/ol-mapbox-style#1438</a></li>
<li>Bump webpack from 5.105.2 to 5.105.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1443">openlayers/ol-mapbox-style#1443</a></li>
<li>Bump typedoc-plugin-missing-exports from 4.1.2 to 4.1.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1444">openlayers/ol-mapbox-style#1444</a></li>
<li>Bump basic-ftp from 5.2.0 to 5.2.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1448">openlayers/ol-mapbox-style#1448</a></li>
<li>Bump follow-redirects from 1.15.6 to 1.16.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1449">openlayers/ol-mapbox-style#1449</a></li>
<li>Bump typedoc from 0.28.15 to 0.28.18 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1446">openlayers/ol-mapbox-style#1446</a></li>
<li>Bump mocha from 12.0.0-beta-9.2 to 12.0.0-beta-10 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1442">openlayers/ol-mapbox-style#1442</a></li>
<li>Bump typescript from 5.9.3 to 6.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1445">openlayers/ol-mapbox-style#1445</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/openlayers/ol-mapbox-style/compare/v13.4.0...v13.4.1">https://github.com/openlayers/ol-mapbox-style/compare/v13.4.0...v13.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/ol-mapbox-style/blob/main/CHANGELOG.md">ol-mapbox-style's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/6bd88d89b455e0acc96496cd8973f4109706201e"><code>6bd88d8</code></a>
Changes for 13.4.1</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/db527b61c1e3f301e473487f062a07a22a681d1e"><code>db527b6</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1445">#1445</a>
from openlayers/dependabot/npm_and_yarn/typescript-6...</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/03ea572928b3ccc5da1a448c4e7f2b37f6d81d96"><code>03ea572</code></a>
Updates for typescript@6</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/6f112970f441959a72a5a63176154e210fafe844"><code>6f11297</code></a>
Bump typescript from 5.9.3 to 6.0.2</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/02e75fd5abbd1cf756d50fd14d642290623a31aa"><code>02e75fd</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1442">#1442</a>
from openlayers/dependabot/npm_and_yarn/mocha-12.0.0...</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/d2bbef74b922a76a2d9c0c4325483e53f93f45c3"><code>d2bbef7</code></a>
Update lockfile</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/a4d11ed7a41c255c012e154a28c0eb55ed386d1b"><code>a4d11ed</code></a>
Bump mocha from 12.0.0-beta-9.2 to 12.0.0-beta-10</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/cf7cff43b0ac33bc124e8a58ce501e404e96f0bd"><code>cf7cff4</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1446">#1446</a>
from openlayers/dependabot/npm_and_yarn/typedoc-0.28.18</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/ce13733161bb2f02809eb1ebe8419f5a3c71ce8b"><code>ce13733</code></a>
Bump typedoc from 0.28.15 to 0.28.18</li>
<li><a
href="https://github.com/openlayers/ol-mapbox-style/commit/46b2b4a5b27692a1ae5e7ee04740d5c3247ba4a7"><code>46b2b4a</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/ol-mapbox-style/issues/1449">#1449</a>
from openlayers/dependabot/npm_and_yarn/follow-redir...</li>
<li>Additional commits viewable in <a
href="https://github.com/openlayers/ol-mapbox-style/compare/v13.4.0...v13.4.1">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:20:16 +00:00
dependabot[bot] 869cbec10a chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.2 (#1823) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.35.1 to 4.35.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.35.2</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
<li>The Git version 2.36.0 requirement for improved incremental analysis
now only applies to repositories that contain submodules. <a
href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li>
<li>Python analysis on GHES no longer extracts the standard library,
relying instead on models of the standard library. This should result in
significantly faster extraction and analysis times, while the effect on
alerts should be minimal. <a
href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li>
<li>Fixed a bug in the validation of OIDC configurations for private
registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
<li>The Git version 2.36.0 requirement for improved incremental analysis
now only applies to repositories that contain submodules. <a
href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li>
<li>Python analysis on GHES no longer extracts the standard library,
relying instead on models of the standard library. This should result in
significantly faster extraction and analysis times, while the effect on
alerts should be minimal. <a
href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li>
<li>Fixed a bug in the validation of OIDC configurations for private
registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li>
</ul>
<h2>4.35.1 - 27 Mar 2026</h2>
<ul>
<li>Fix incorrect minimum required Git version for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li>
</ul>
<h2>4.35.0 - 27 Mar 2026</h2>
<ul>
<li>Reduced the minimum Git version required for <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> from 2.38.0 to 2.11.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li>
</ul>
<h2>4.34.1 - 20 Mar 2026</h2>
<ul>
<li>Downgrade default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a>
due to issues with a small percentage of Actions and JavaScript
analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li>
</ul>
<h2>4.34.0 - 20 Mar 2026</h2>
<ul>
<li>Added an experimental change which disables TRAP caching when <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> is enabled, since improved incremental analysis
supersedes TRAP caching. This will improve performance and reduce
Actions cache usage. We expect to roll this change out to everyone in
March. <a
href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li>
<li>We are rolling out improved incremental analysis to C/C++ analyses
that use build mode <code>none</code>. We expect this rollout to be
complete by the end of April 2026. <a
href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li>
</ul>
<h2>4.33.0 - 16 Mar 2026</h2>
<ul>
<li>
<p>Upcoming change: Starting April 2026, the CodeQL Action will skip
collecting file coverage information on pull requests to improve
analysis performance. File coverage information will still be computed
on non-PR analyses. Pull request analyses will log a warning about this
upcoming change. <a
href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p>
<p>To opt out of this change:</p>
<ul>
<li><strong>Repositories owned by an organization:</strong> Create a
custom repository property with the name
<code>github-codeql-file-coverage-on-prs</code> and the type
&quot;True/false&quot;, then set this property to <code>true</code> in
the repository's settings. For more information, see <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing
custom properties for repositories in your organization</a>.
Alternatively, if you are using an advanced setup workflow, you can set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using default setup:</strong> Switch
to an advanced setup workflow and set the
<code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to
<code>true</code> in your workflow.</li>
<li><strong>User-owned repositories using advanced setup:</strong> Set
the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable
to <code>true</code> in your workflow.</li>
</ul>
</li>
<li>
<p>Fixed <a
href="https://redirect.github.com/github/codeql-action/issues/3555">a
bug</a> which caused the CodeQL Action to fail loading repository
properties if a &quot;Multi select&quot; repository property was
configured for the repository. <a
href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p>
</li>
<li>
<p>The CodeQL Action now loads <a
href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom
repository properties</a> on GitHub Enterprise Server, enabling the
customization of features such as
<code>github-codeql-disable-overlay</code> that was previously only
available on GitHub.com. <a
href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p>
</li>
<li>
<p>Once <a
href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private
package registries</a> can be configured with OIDC-based authentication
for organizations, the CodeQL Action will now be able to accept such
configurations. <a
href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p>
</li>
<li>
<p>Fixed the retry mechanism for database uploads. Previously this would
fail with the error &quot;Response body object should not be disturbed
or locked&quot;. <a
href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p>
</li>
<li>
<p>A warning is now emitted if the CodeQL Action detects a repository
property whose name suggests that it relates to the CodeQL Action, but
which is not one of the properties recognised by the current version of
the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p>
</li>
</ul>
<h2>4.32.6 - 05 Mar 2026</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/95e58e9a2cdfd71adc6e0353d5c52f41a045d225"><code>95e58e9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3824">#3824</a>
from github/update-v4.35.2-d2e135a73</li>
<li><a
href="https://github.com/github/codeql-action/commit/6f31bfe060e817d81e938dbec767969d20031e25"><code>6f31bfe</code></a>
Update changelog for v4.35.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/d2e135a73a39154e3a231aeb49163c4661c5b8b1"><code>d2e135a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3823">#3823</a>
from github/update-bundle/codeql-bundle-v2.25.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/60abb65df09fcf213c398e064c8a80db1f15cdaf"><code>60abb65</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/5a0a562209255e956ad8aafcee303294e64eefa2"><code>5a0a562</code></a>
Update default bundle to codeql-bundle-v2.25.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/65216971a11ded447a6b76263d5a144519e5eee1"><code>6521697</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3820">#3820</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/github/codeql-action/commit/3c45af2dd258e1623af1898da5c86545b514e028"><code>3c45af2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3821">#3821</a>
from github/dependabot/npm_and_yarn/npm-minor-345b93...</li>
<li><a
href="https://github.com/github/codeql-action/commit/f1c339364c12f922998186ed897e45e3b4ae8874"><code>f1c3393</code></a>
Rebuild</li>
<li><a
href="https://github.com/github/codeql-action/commit/1024fc496c87e944a93e98d8cf2c09e2c7602a30"><code>1024fc4</code></a>
Rebuild</li>
<li><a
href="https://github.com/github/codeql-action/commit/9dd4cfed96030ccdfe1af4daf7a7964322704fed"><code>9dd4cfe</code></a>
Bump the npm-minor group across 1 directory with 6 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...95e58e9a2cdfd71adc6e0353d5c52f41a045d225">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.35.1&new-version=4.35.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:14:47 +00:00
dependabot[bot] 2b0ed59203 chore(deps-dev): Bump cypress from 15.13.1 to 15.14.0 (#1822) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [cypress](https://github.com/cypress-io/cypress) from 15.13.1 to
15.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/cypress/releases">cypress's
releases</a>.</em></p>
<blockquote>
<h2>v15.14.0</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-14-0">https://docs.cypress.io/app/references/changelog#15-14-0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/cypress/commit/b8a9db27d43eec3c0ac23013eb0466f1d6d5b263"><code>b8a9db2</code></a>
chore: prep Cypress for 15.14.0 release (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33616">#33616</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/1c6935f8d5f8deaded757f5378b71cb163da2ee7"><code>1c6935f</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33613">#33613</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/7532a059542a9bdeb454f04bf2784eb770022f74"><code>7532a05</code></a>
chore: release <code>@​cypress/vite-dev-server-v7</code>.3.0</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/eaacd99e4c9c47073fbad43445a4dc532d440a28"><code>eaacd99</code></a>
chore: Update Chrome (stable) to 147.0.7727.55 and Chrome (beta) to
148.0.777...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/acf1eef15c654af212152720d748c80d85ce8b0d"><code>acf1eef</code></a>
feat: support vite 8 for component testing (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33580">#33580</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/9f1f15e8beaf9a0544caba25ea54ce9ba22087ae"><code>9f1f15e</code></a>
revert: &quot;fix: truncate long strings in chai inspect (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33512">#33512</a>)&quot;
(<a
href="https://redirect.github.com/cypress-io/cypress/issues/33611">#33611</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/bf2f052371edc4fdbd2950248f09181b754f4413"><code>bf2f052</code></a>
revert: &quot;fix: stream privileged file reads over HTTP (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33538">#33538</a>)&quot;
(<a
href="https://redirect.github.com/cypress-io/cypress/issues/33612">#33612</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/f7f0c57cfc13a2c3a254aae92cd6bd31b243ab1c"><code>f7f0c57</code></a>
chore: updating v8 snapshot cache (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33609">#33609</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/585b0df893c7d489281ef0b532069e7193e45a9a"><code>585b0df</code></a>
fix: stream privileged file reads over HTTP (<a
href="https://redirect.github.com/cypress-io/cypress/issues/33538">#33538</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/cebbc85a8740da8be0967fe74c1391bca5e595b1"><code>cebbc85</code></a>
perf(driver): allowlist keys kept after log memory cleanup when tests
drop ou...</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.13.1...v15.14.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.13.1&new-version=15.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:12:58 +00:00
dependabot[bot] e3a32fb72f chore(deps-dev): Bump eslint-plugin-react-hooks from 7.0.1 to 7.1.0 (#1820) 
Bumps
[eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks)
from 7.0.1 to 7.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">eslint-plugin-react-hooks's
releases</a>.</em></p>
<blockquote>
<h2>eslint-plugin-react-hooks@7.1.0 (April 16, 2026)</h2>
<p>This release adds ESLint v10 support, improves performance by
skipping compilation for non-React files, and includes compiler lint
improvements including better <code>set-state-in-effect</code>
detection, improved ref validation, and more helpful error
reporting.</p>
<ul>
<li>Add ESLint v10 support. (<a
href="https://github.com/azat-io"><code>@​azat-io</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35720">#35720</a>)</li>
<li>Skip compilation for non-React files to improve performance. (<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35589">#35589</a>)</li>
<li>Fix exhaustive deps bug with Flow type casting. (<a
href="https://github.com/jorge-cab"><code>@​jorge-cab</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35691">#35691</a>)</li>
<li>Fix <code>useEffectEvent</code> checks in component syntax. (<a
href="https://github.com/jbrown215"><code>@​jbrown215</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35041">#35041</a>)</li>
<li>Improved <code>set-state-in-effect</code> validation with fewer
false negatives. (<a
href="https://github.com/jorge-cab"><code>@​jorge-cab</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35134">#35134</a>,
<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35147">#35147</a>,
<a href="https://github.com/jackpope"><code>@​jackpope</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35214">#35214</a>,
<a
href="https://github.com/chesnokov-tony"><code>@​chesnokov-tony</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35419">#35419</a>,
<a href="https://github.com/jsleitor"><code>@​jsleitor</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/36107">#36107</a>)</li>
<li>Improved ref validation for non-mutating functions and event handler
props. (<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35893">#35893</a>,
<a href="https://github.com/kolvian"><code>@​kolvian</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35062">#35062</a>)</li>
<li>Compiler now reports all errors instead of stopping at the first.
(<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35873">#35873</a>–<a
href="https://redirect.github.com/facebook/react/pull/35884">#35884</a>)</li>
<li>Improved source locations and error display in compiler diagnostics.
(<a href="https://github.com/nathanmarks"><code>@​nathanmarks</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35348">#35348</a>,
<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/34963">#34963</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's
changelog</a>.</em></p>
<blockquote>
<h2>7.1.0</h2>
<p>This release adds ESLint v10 support, improves performance by
skipping compilation for non-React files, and includes compiler lint
improvements including better <code>set-state-in-effect</code>
detection, improved ref validation, and more helpful error
reporting.</p>
<ul>
<li>Add ESLint v10 support. (<a
href="https://github.com/azat-io"><code>@​azat-io</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35720">#35720</a>)</li>
<li>Skip compilation for non-React files to improve performance. (<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35589">#35589</a>)</li>
<li>Fix exhaustive deps bug with Flow type casting. (<a
href="https://github.com/jorge-cab"><code>@​jorge-cab</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35691">#35691</a>)</li>
<li>Fix <code>useEffectEvent</code> checks in component syntax. (<a
href="https://github.com/jbrown215"><code>@​jbrown215</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35041">#35041</a>)</li>
<li>Improved <code>set-state-in-effect</code> validation with fewer
false negatives. (<a
href="https://github.com/jorge-cab"><code>@​jorge-cab</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35134">#35134</a>,
<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35147">#35147</a>,
<a href="https://github.com/jackpope"><code>@​jackpope</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35214">#35214</a>,
<a
href="https://github.com/chesnokov-tony"><code>@​chesnokov-tony</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35419">#35419</a>,
<a href="https://github.com/jsleitor"><code>@​jsleitor</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/36107">#36107</a>)</li>
<li>Improved ref validation for non-mutating functions and event handler
props. (<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35893">#35893</a>,
<a href="https://github.com/kolvian"><code>@​kolvian</code></a> in <a
href="https://redirect.github.com/facebook/react/pull/35062">#35062</a>)</li>
<li>Compiler now reports all errors instead of stopping at the first.
(<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35873">#35873</a>–<a
href="https://redirect.github.com/facebook/react/pull/35884">#35884</a>)</li>
<li>Improved source locations and error display in compiler diagnostics.
(<a href="https://github.com/nathanmarks"><code>@​nathanmarks</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/35348">#35348</a>,
<a
href="https://github.com/josephsavona"><code>@​josephsavona</code></a>
in <a
href="https://redirect.github.com/facebook/react/pull/34963">#34963</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.0/packages/eslint-plugin-react-hooks">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint-plugin-react-hooks&package-manager=npm_and_yarn&previous-version=7.0.1&new-version=7.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:12:38 +00:00
dependabot[bot] da4b84cdfd chore(deps): Bump i18next from 26.0.4 to 26.0.5 (#1818) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [i18next](https://github.com/i18next/i18next) from 26.0.4 to
26.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v26.0.5</h2>
<ul>
<li>fix: <code>cloneInstance().changeLanguage()</code> no longer fails
to update language state when the target language is not yet loaded — a
race between <code>init()</code>'s deferred <code>load()</code> and the
user's <code>changeLanguage()</code> could overwrite
<code>isLanguageChangingTo</code>, causing <code>setLngProps</code> to
be skipped <a
href="https://redirect.github.com/i18next/i18next/issues/2422">2422</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.0.5</h2>
<ul>
<li>fix: <code>cloneInstance().changeLanguage()</code> no longer fails
to update language state when the target language is not yet loaded — a
race between <code>init()</code>'s deferred <code>load()</code> and the
user's <code>changeLanguage()</code> could overwrite
<code>isLanguageChangingTo</code>, causing <code>setLngProps</code> to
be skipped <a
href="https://redirect.github.com/i18next/i18next/issues/2422">2422</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/ab4633fee059432fc2a0a11a00741eac51313a7e"><code>ab4633f</code></a>
26.0.5</li>
<li><a
href="https://github.com/i18next/i18next/commit/bae3b8bca9e060311fa039f31415b9eccd66a1e4"><code>bae3b8b</code></a>
fix: <code>cloneInstance().changeLanguage()</code> no longer fails to
update language st...</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.0.4...v26.0.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.0.4&new-version=26.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:12:02 +00:00
dependabot[bot] 58166e3a9e chore(deps): Bump ol from 10.8.0 to 10.9.0 (#1816) 
Bumps [ol](https://github.com/openlayers/openlayers) from 10.8.0 to
10.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/openlayers/openlayers/releases">ol's
releases</a>.</em></p>
<blockquote>
<h2>v10.9.0</h2>
<h2>Summary</h2>
<p>In the 10.9 release, GeoZarr and GeoTIFF support saw major
improvements — including multi-group band support, per-band metadata,
and more efficient tile loading. WebGL rendering precision and
performance were enhanced, and several vector rendering, hit detection,
and trackpad zoom interaction issues were resolved.</p>
<h2>What's Changed</h2>
<ul>
<li>Updates for the 10.8.0 release by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17325">openlayers/openlayers#17325</a></li>
<li>Update package version to 10.8.1-dev by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17327">openlayers/openlayers#17327</a></li>
<li>Example: export map as GeoTIFF or PNG with world file by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17313">openlayers/openlayers#17313</a></li>
<li>Flat style / allow literal number arrays as well for the
<code>in</code> (haystack) operator by <a
href="https://github.com/jahow"><code>@​jahow</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17334">openlayers/openlayers#17334</a></li>
<li>Fix typos in GeoZARR source by <a
href="https://github.com/m-mohr"><code>@​m-mohr</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17348">openlayers/openlayers#17348</a></li>
<li>chore(deps-dev): bump jspdf from 4.1.0 to 4.2.0 in the
development-security group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17337">openlayers/openlayers#17337</a></li>
<li>chore(deps): bump geotiff from 3.0.2 to 3.0.3 in the
production-minor-patch group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17339">openlayers/openlayers#17339</a></li>
<li>chore(deps-dev): bump the development-security group across 1
directory with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17358">openlayers/openlayers#17358</a></li>
<li>chore(deps-dev): bump the development-minor-patch group across 1
directory with 13 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17360">openlayers/openlayers#17360</a></li>
<li>Add support for custom fetch client in GeoTIFF source and examples
by <a href="https://github.com/BeGj"><code>@​BeGj</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17346">openlayers/openlayers#17346</a></li>
<li>Add shared vertices equal by <a
href="https://github.com/andreasbaa"><code>@​andreasbaa</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17349">openlayers/openlayers#17349</a></li>
<li>Fix updateGeometry_ to preserve per-geometry Z/M values by <a
href="https://github.com/andreasbaa"><code>@​andreasbaa</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17347">openlayers/openlayers#17347</a></li>
<li>Update raster source docs by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17342">openlayers/openlayers#17342</a></li>
<li>Update geotiff to v3.0.4 by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17363">openlayers/openlayers#17363</a></li>
<li>Fix stroked polygon after non-stroked polygon with overlaps:false by
<a href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17364">openlayers/openlayers#17364</a></li>
<li>Improve GeoZarr nodata handling by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17355">openlayers/openlayers#17355</a></li>
<li>Store gdal metadata instead of a promise thereof by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17344">openlayers/openlayers#17344</a></li>
<li>fix(test): handle image load errors in ImageLayer CORS test by <a
href="https://github.com/wietzesuijker"><code>@​wietzesuijker</code></a>
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17372">openlayers/openlayers#17372</a></li>
<li>Use provided stride for render feature geometry operations by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17367">openlayers/openlayers#17367</a></li>
<li>Cache opened zarrita arrays across GeoZarr tile loads by <a
href="https://github.com/wietzesuijker"><code>@​wietzesuijker</code></a>
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17369">openlayers/openlayers#17369</a></li>
<li>Parallelize band array opens in GeoZarr loadTile_ by <a
href="https://github.com/wietzesuijker"><code>@​wietzesuijker</code></a>
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17370">openlayers/openlayers#17370</a></li>
<li>Optimize GeoZarr tile sizes by aligning with inner shards by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17362">openlayers/openlayers#17362</a></li>
<li>Load unknown projections for GeoTIFF source <a
href="https://redirect.github.com/openlayers/openlayers/issues/17153">#17153</a>
by <a href="https://github.com/m-mohr"><code>@​m-mohr</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17208">openlayers/openlayers#17208</a></li>
<li>Fix node deprecation warning by <a
href="https://github.com/M393"><code>@​M393</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17387">openlayers/openlayers#17387</a></li>
<li>Default stroke for hitdetection by <a
href="https://github.com/qulol"><code>@​qulol</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17365">openlayers/openlayers#17365</a></li>
<li>Fix issue 17380 - Call reprioritize conditionally in
handlePostRender by <a
href="https://github.com/andrfra"><code>@​andrfra</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17381">openlayers/openlayers#17381</a></li>
<li>Use correct tileUrlFunction when loading source tiles by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17392">openlayers/openlayers#17392</a></li>
<li>Do not set a fill for patterns that are not loaded yet by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17384">openlayers/openlayers#17384</a></li>
<li>Webgl / Better performance when filtering out features by <a
href="https://github.com/jahow"><code>@​jahow</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17393">openlayers/openlayers#17393</a></li>
<li>More efficient loading of striped GeoTIFFs and reprojected WebGL
tiles by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17394">openlayers/openlayers#17394</a></li>
<li>GeoTIFF: Provide min/max/nodata per band by <a
href="https://github.com/m-mohr"><code>@​m-mohr</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17396">openlayers/openlayers#17396</a></li>
<li>Fix openflights link in flight animation example by <a
href="https://github.com/ChandlerSwift"><code>@​ChandlerSwift</code></a>
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17398">openlayers/openlayers#17398</a></li>
<li>Remove separate group option for the GeoZarr source by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17378">openlayers/openlayers#17378</a></li>
<li>Fix type imports with stricter hints from tsconfig by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17376">openlayers/openlayers#17376</a></li>
<li><a
href="https://redirect.github.com/openlayers/openlayers/issues/17397">#17397</a>
Fix text on circle features not working with declutter by <a
href="https://github.com/Adanteh"><code>@​Adanteh</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17400">openlayers/openlayers#17400</a></li>
<li>Fix Feature clone with custom geometry name by <a
href="https://github.com/MoonE"><code>@​MoonE</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17404">openlayers/openlayers#17404</a></li>
<li>Inflate trackpad pinch-to-zoom deltas by <a
href="https://github.com/src73"><code>@​src73</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17405">openlayers/openlayers#17405</a></li>
<li>chore(deps): bump actions/upload-artifact from 6 to 7 in the actions
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17390">openlayers/openlayers#17390</a></li>
<li>chore(deps-dev): bump dompurify from 3.3.1 to 3.3.2 in the
development-security group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17373">openlayers/openlayers#17373</a></li>
<li>Compute resolution from spatial:bbox and spatial:shape by <a
href="https://github.com/ahocevar"><code>@​ahocevar</code></a> in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17410">openlayers/openlayers#17410</a></li>
<li>Heatmap: Inline blurSlope computation to fix expression-based
blur/radius (<a
href="https://redirect.github.com/openlayers/openlayers/issues/17412">#17412</a>)
by <a href="https://github.com/JoJoeGoing"><code>@​JoJoeGoing</code></a>
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17413">openlayers/openlayers#17413</a></li>
<li>Add rendering test for line offset with detailed river geometries by
<a
href="https://github.com/viktorijasolovjova"><code>@​viktorijasolovjova</code></a>
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17414">openlayers/openlayers#17414</a></li>
<li>chore(deps-dev): bump the development-security group across 1
directory with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17415">openlayers/openlayers#17415</a></li>
<li>chore(deps): bump dawidd6/action-download-artifact from 14 to 19 in
the actions group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/openlayers/openlayers/pull/17420">openlayers/openlayers#17420</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/openlayers/openlayers/commit/ba63bf383db8d42f633e04f28914cc4a7479e547"><code>ba63bf3</code></a>
Updates for the 10.9.0 release</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/08455cebc0d755916234c8f95102edd572137d44"><code>08455ce</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/openlayers/issues/17371">#17371</a>
from wietzesuijker/feat/batched-fetch-store</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/3dd6caebb99532479534afca7f34e946fa636e6f"><code>3dd6cae</code></a>
feat(GeoZarr): coalesce concurrent byte-range requests via zarrita</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/3d730fea32face16d9271b1f486154c4e6d66ed3"><code>3d730fe</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/openlayers/issues/17409">#17409</a>
from ahocevar/geozarr-multigroup</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/ee474e8ab30e048d6876bb916dd0257dced29491"><code>ee474e8</code></a>
Merge pull request <a
href="https://redirect.github.com/openlayers/openlayers/issues/17429">#17429</a>
from viktorijasolovjova/immediate-renderer-squared-...</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/d0670a83404cdc7681edb458fa93a97ce4e6ad20"><code>d0670a8</code></a>
Do not fake a multi scale structure for single scale</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/fd8bd0e8fa5b5ee3286247bbca5f55510f2be023"><code>fd8bd0e</code></a>
Make tests more readable and less verbose</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/52d26ab5067d227e8298820d920a4eae5e60378c"><code>52d26ab</code></a>
Load group metadata in parallel</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/6e8cb4088d0c304d555fe9bdceaa8ec53d1ec211"><code>6e8cb40</code></a>
Also support standalone single-scale groups</li>
<li><a
href="https://github.com/openlayers/openlayers/commit/99553c292e3e52998d9c556c098866fa04a23dd4"><code>99553c2</code></a>
Support bands from multiple zarr groups</li>
<li>Additional commits viewable in <a
href="https://github.com/openlayers/openlayers/compare/v10.8.0...v10.9.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ol&package-manager=npm_and_yarn&previous-version=10.8.0&new-version=10.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:11:40 +00:00
dependabot[bot] 7c8a1f92cc chore(deps): Bump react-i18next from 17.0.2 to 17.0.4 (#1814) 
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
17.0.2 to 17.0.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h2>17.0.4</h2>
<ul>
<li>fix: avoid <code>React does not recognize the 'i18nIsDynamicList'
prop on a DOM element</code> warning <a
href="https://redirect.github.com/i18next/react-i18next/issues/1915">1915</a></li>
</ul>
<h2>17.0.3</h2>
<ul>
<li>fix: avoid invalid prop on <code>React.Fragment</code> inside
<code>&lt;Trans /&gt;</code> <a
href="https://redirect.github.com/i18next/react-i18next/issues/1914">1914</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/react-i18next/commit/a398b7692bab6737dfaf9f8e75f874388b332ba4"><code>a398b76</code></a>
17.0.4</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/c96f7bc219994731c5606edb1c1f4dd6c04ea98b"><code>c96f7bc</code></a>
fix: avoid `React does not recognize the i18nIsDynamicList prop on a DOM
elem...</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/fe111f751842c1ab2566d9ecfa5d41f796f77ae7"><code>fe111f7</code></a>
17.0.3</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/e7419b86966c1b0580f60022edfca99fe1998c16"><code>e7419b8</code></a>
fix: avoid invalid prop on <code>React.Fragment</code> inside
<code>\&lt;Trans /&gt;</code> <a
href="https://redirect.github.com/i18next/react-i18next/issues/1914">#1914</a></li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v17.0.2...v17.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=react-i18next&package-manager=npm_and_yarn&previous-version=17.0.2&new-version=17.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:11:32 +00:00
dependabot[bot] cad919c417 chore(deps-dev): Bump postcss from 8.5.9 to 8.5.10 (#1815) 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.9 to
8.5.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.10</h2>
<ul>
<li>Fixed XSS via unescaped <code>&lt;/style&gt;</code> in non-bundler
cases (by <a
href="https://github.com/TharVid"><code>@​TharVid</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.10</h2>
<ul>
<li>Fixed XSS via unescaped <code>&lt;/style&gt;</code> in non-bundler
cases (by <a
href="https://github.com/TharVid"><code>@​TharVid</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/postcss/postcss/commit/33b9790263dc1562a46ce45d9532bd63e95b7986"><code>33b9790</code></a>
Release 8.5.10 version</li>
<li><a
href="https://github.com/postcss/postcss/commit/536c79e4b01e58a3a56b09c3c0cf2323f4b9a28b"><code>536c79e</code></a>
Escape &lt;/style&gt; in CSS output (<a
href="https://redirect.github.com/postcss/postcss/issues/2074">#2074</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/afa96b2a139ce625c4d27973313479c7c85f39d4"><code>afa96b2</code></a>
Update dependencies (<a
href="https://redirect.github.com/postcss/postcss/issues/2073">#2073</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/effe88bb87cabdc1876e02adbdd30f392f19f40d"><code>effe88b</code></a>
Typo (<a
href="https://redirect.github.com/postcss/postcss/issues/2072">#2072</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/3ee79a2c4a11e41d52db50b444eebe38299495ad"><code>3ee79a2</code></a>
Thread model (<a
href="https://redirect.github.com/postcss/postcss/issues/2071">#2071</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/2e0683daca4dc2919211b03774f6b2d137136c01"><code>2e0683d</code></a>
Create incident response docs (<a
href="https://redirect.github.com/postcss/postcss/issues/2070">#2070</a>)</li>
<li>See full diff in <a
href="https://github.com/postcss/postcss/compare/8.5.9...8.5.10">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.9&new-version=8.5.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-20 16:11:10 +00:00
dependabot[bot] f37484a657 chore(deps-dev): Bump typescript-eslint from 8.58.1 to 8.58.2 (#1813) 
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.58.1 to 8.58.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.58.2</h2>
<h2>8.58.2 (2026-04-13)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li>remove tsbuildinfo cache file from published packages (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12187">#12187</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-condition] use
assignability checks in checkTypePredicates (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12147">#12147</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Abhijeet Singh <a
href="https://github.com/cseas"><code>@​cseas</code></a></li>
<li>송재욱</li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.58.2">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.58.2 (2026-04-13)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li>remove tsbuildinfo cache file from published packages (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12187">#12187</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Abhijeet Singh <a
href="https://github.com/cseas"><code>@​cseas</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.58.2">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/90c2803a4c250e0343598d41e973f95e743bf4ce"><code>90c2803</code></a>
chore(release): publish 8.58.2</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/b3315fd7ba53b7da218e5675cd960939b80a76ab"><code>b3315fd</code></a>
chore: convert import eslint to import js - followup (<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12100">#12100</a>)</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/be6b49a02d68db9bdc8985e7e9e1598700fda2fa"><code>be6b49a</code></a>
fix: remove tsbuildinfo cache file from published packages (<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12187">#12187</a>)</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.2/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.58.1&new-version=8.58.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-17 13:52:21 +00:00
dependabot[bot] 34e1995790 chore(deps-dev): Bump i18next-cli from 1.51.8 to 1.53.2 (#1812) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.51.8
to 1.53.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.53.1...v1.53.2">1.53.2</a>
- 2026-04-14</h2>
<ul>
<li>Add <code>locale</code> and <code>namespace</code> fields to the
<code>TranslationResult</code> object passed
to the <code>afterSync</code> plugin hook, so plugins no longer need to
reverse-engineer
these values from the file path.
Relates to <a
href="https://redirect.github.com/i18next/i18next-cli/issues/237">#237</a>.</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.53.0...v1.53.1">1.53.1</a>
- 2026-04-14</h2>
<ul>
<li>Fix selector API with dynamic bracket notation (e.g.
<code>t(($) =&gt; $.table.columns[field])</code>) incorrectly treating
keys as unused
and removing them during extraction. Dynamic bracket expressions are now
resolved via the expression resolver, and function parameter type
annotations (e.g. <code>field: &quot;name&quot; |
&quot;age&quot;</code>) are captured so the resolver
can enumerate all possible key values.
Fixes <a
href="https://redirect.github.com/i18next/i18next-cli/issues/234">#234</a>.</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.52.1...v1.53.0">1.53.0</a>
- 2026-04-14</h2>
<ul>
<li>Add optional <code>types.basePath</code> configuration to support
nested namespaces in
TypeScript type generation. When set, namespaces are derived from the
file's
path relative to <code>basePath</code> instead of just the filename, so
<code>locales/en/dashboard/user.json</code> produces namespace
<code>&quot;dashboard/user&quot;</code> instead
of <code>&quot;user&quot;</code>. When <code>basePath</code> is omitted,
existing behavior is preserved.
Contributed by <a
href="https://github.com/camerondubas"><code>@​camerondubas</code></a>
in
<a
href="https://redirect.github.com/i18next/i18next-cli/pull/236">#236</a>.</li>
<li>Add a warning when <code>types.basePath</code> is misconfigured and
translation files
fall outside the specified base directory.</li>
<li>Use the internal logger instead of <code>console.warn</code> for
warnings in the type
generator.</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.52.0...v1.52.1">1.52.1</a>
- 2026-04-13</h2>
<ul>
<li>Fix <code>extract --sync-all --trust-derived</code> resetting
secondary locale values
to empty strings even when the trusted derived default was already in
sync in
the primary locale. Secondary translations are now only cleared when the
primary locale would actually be updated by the sync.
Follow-up to <a
href="https://redirect.github.com/i18next/i18next-cli/issues/235">#235</a>.</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.51.9...v1.52.0">1.52.0</a>
- 2026-04-13</h2>
<ul>
<li>Add <code>extract --trust-derived</code> as an opt-in companion to
<code>--sync-primary</code>
and <code>--sync-all</code>. When enabled, the extractor also trusts
default values
inferred from keys, including plain key-as-text usage such as
<code>t('Hello world')</code> and <code>keyPrefix</code>-derived values,
while preserving the
existing strict sync behavior by default.
Follows up on <a
href="https://redirect.github.com/i18next/i18next-cli/issues/235">#235</a>.</li>
</ul>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.51.8...v1.51.9">1.51.9</a>
- 2026-04-13</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/8c44aaa42c31cea7ac124bb343a13c24d421d5c4"><code>8c44aaa</code></a>
1.53.2</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/9b74f0b433fa4cff4df6bc2991f89cbe8893d32d"><code>9b74f0b</code></a>
Add <code>locale</code> and <code>namespace</code> fields to the
<code>TranslationResult</code> object <a
href="https://redirect.github.com/i18next/i18next-cli/issues/237">#237</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/f6de82e032209fbd04dc527bceca126e190f5080"><code>f6de82e</code></a>
1.53.1</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/d7c9895c875787e8184b500362a0e28144504872"><code>d7c9895</code></a>
improve fix for <a
href="https://redirect.github.com/i18next/i18next-cli/issues/234">#234</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/e6480b060e67512ab28e7f0004081d3e82bae129"><code>e6480b0</code></a>
1.53.0</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/145a3a84bd468ccf9b8539475c9c87fdc6a37497"><code>145a3a8</code></a>
release: feat(types): support nested namespaces in type generation <a
href="https://redirect.github.com/i18next/i18next-cli/issues/236">#236</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/54f474f00a38043467fbca7aaf56591d537c195e"><code>54f474f</code></a>
feat(types): support nested namespaces in type generation (<a
href="https://redirect.github.com/i18next/i18next-cli/issues/236">#236</a>)</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/6e3f9d7dfaca4f8a89bdcddd276101204ea02af3"><code>6e3f9d7</code></a>
1.52.1</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/810a724c4d73a186e573fbcab14266a91fe6a869"><code>810a724</code></a>
fix --trust-derived <a
href="https://redirect.github.com/i18next/i18next-cli/issues/235">#235</a></li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/b898c554adae0f474dd2fea129de594cb219fa96"><code>b898c55</code></a>
1.52.0</li>
<li>Additional commits viewable in <a
href="https://github.com/i18next/i18next-cli/compare/v1.51.8...v1.53.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.51.8&new-version=1.53.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-17 13:52:01 +00:00
dependabot[bot] c2cb9cd7ff chore(deps): Bump protocol-buffers-schema from 3.6.0 to 3.6.1 (#1811) 
Bumps
[protocol-buffers-schema](https://github.com/mafintosh/protocol-buffers-schema)
from 3.6.0 to 3.6.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mafintosh/protocol-buffers-schema/commit/46c34bd3199aa1e32374a1af59d02413b9ea197a"><code>46c34bd</code></a>
3.6.1</li>
<li><a
href="https://github.com/mafintosh/protocol-buffers-schema/commit/2351031dd6f1d58930b8e46548e91b1e96f7c20c"><code>2351031</code></a>
Fixed parse.js to prevent Prototype Pollution (<a
href="https://redirect.github.com/mafintosh/protocol-buffers-schema/issues/70">#70</a>)</li>
<li>See full diff in <a
href="https://github.com/mafintosh/protocol-buffers-schema/compare/v3.6.0...v3.6.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=protocol-buffers-schema&package-manager=npm_and_yarn&previous-version=3.6.0&new-version=3.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-16 21:51:34 +00:00
dependabot[bot] 0dd47a4cb0 chore(deps): Bump maplibre-gl from 5.22.0 to 5.23.0 (#1810) 
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from
5.22.0 to 5.23.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/releases">maplibre-gl's
releases</a>.</em></p>
<blockquote>
<h2>v5.23.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add <code>touchZoomRotate.setZoomRate()</code> and
<code>touchZoomRotate.setZoomThreshold()</code> to customize touch zoom
speed and pinch sensitivity (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7271">#7271</a>)</li>
<li>Improve ability to communicate with imported scripts in workers and
use <code>makeRequest</code> in workres as well (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7451">#7451</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Allow <code>opacity</code> and <code>opacityWhenCovered</code> in
<code>Marker</code> and <code>MarkerOptions</code> to accept
<code>number</code> in addition to <code>string</code>, and add
<code>maplibregl-marker-covered</code> CSS class to <code>Marker</code>
element when covered by 3D terrain or a globe (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7433">#7433</a>)
(by <a
href="https://github.com/YuChunTsao"><code>@​YuChunTsao</code></a>)</li>
<li>perf: add a bench for terrain rendering and fix
<code>_demMatrixCache</code> lookup being wasted cycles by actually
using the cache (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7400">#7400</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix polygon text label placement drifting far from center for convex
polygons at high zoom due to coordinate rounding in geojson-vt (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7380">#7380</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
<li>Ensure that a successful ArrayBuffer response from a custom protocol
that is null/undefined is set to an empty ArrayBuffer (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7427">#7427</a>)
(by <a
href="https://github.com/neodescis"><code>@​neodescis</code></a>)</li>
<li>Fix error in <code>_contextRestored</code> when map was initialized
without a style (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7432">#7432</a>)
(by <a
href="https://github.com/mvanhorn"><code>@​mvanhorn</code></a>)</li>
<li>Fix issue with the cache used for zoomLevelsToOverscale feature (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7450">#7450</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Update stylelint and fix old issues with the CSS (mainly change rgb
to use spaces) (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7365">#7365</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's
changelog</a>.</em></p>
<blockquote>
<h2>5.23.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Add <code>touchZoomRotate.setZoomRate()</code> and
<code>touchZoomRotate.setZoomThreshold()</code> to customize touch zoom
speed and pinch sensitivity (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7271">#7271</a>)</li>
<li>Improve ability to communicate with imported scripts in workers and
use <code>makeRequest</code> in workres as well (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7451">#7451</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Allow <code>opacity</code> and <code>opacityWhenCovered</code> in
<code>Marker</code> and <code>MarkerOptions</code> to accept
<code>number</code> in addition to <code>string</code>, and add
<code>maplibregl-marker-covered</code> CSS class to <code>Marker</code>
element when covered by 3D terrain or a globe (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7433">#7433</a>)
(by <a
href="https://github.com/YuChunTsao"><code>@​YuChunTsao</code></a>)</li>
<li>perf: add a bench for terrain rendering and fix
<code>_demMatrixCache</code> lookup being wasted cycles by actually
using the cache (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7400">#7400</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Fix polygon text label placement drifting far from center for convex
polygons at high zoom due to coordinate rounding in geojson-vt (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7380">#7380</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
<li>Ensure that a successful ArrayBuffer response from a custom protocol
that is null/undefined is set to an empty ArrayBuffer (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7427">#7427</a>)
(by <a
href="https://github.com/neodescis"><code>@​neodescis</code></a>)</li>
<li>Fix error in <code>_contextRestored</code> when map was initialized
without a style (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7432">#7432</a>)
(by <a
href="https://github.com/mvanhorn"><code>@​mvanhorn</code></a>)</li>
<li>Fix issue with the cache used for zoomLevelsToOverscale feature (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7450">#7450</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
<li>Update stylelint and fix old issues with the CSS (mainly change rgb
to use spaces) (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7365">#7365</a>)
(by <a href="https://github.com/HarelM"><code>@​HarelM</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/7f61f6f252c8612bc21a634fec648b0eb0007835"><code>7f61f6f</code></a>
Bump js version to 5.23.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7455">#7455</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/6ace1419172c4e224448573fe813c888c906b956"><code>6ace141</code></a>
Update geojson-vt to version 6.1.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7454">#7454</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/1cbb01c8c64ddb6dbf27ad5f0fb9a703c0c92230"><code>1cbb01c</code></a>
chore(deps): bump codecov/codecov-action from 5.5.3 to 6.0.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7358">#7358</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/62c11c0d946f5ef7b78a8db1bb13599f32e69643"><code>62c11c0</code></a>
chore(deps-dev): bump stylelint from 16.26.1 to 17.6.0 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7365">#7365</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/f40a6833030a369c6145bada510a94996c960551"><code>f40a683</code></a>
test (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7452">#7452</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/d5c86fe504ce051ad714a46427aad3e0304707ad"><code>d5c86fe</code></a>
Improve ability to import scripts in workers (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7451">#7451</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/f2072c313752926cf3dd6d142a42e78ec8a1edb9"><code>f2072c3</code></a>
fix: guard against null style in _contextRestored (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7446">#7446</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/8072fe630c1725ed97032e9c5bee252678a977bc"><code>8072fe6</code></a>
feat(marker): support number for opacity options (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7442">#7442</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/3f6b54cdc173906622da774ff94c47459ed3031a"><code>3f6b54c</code></a>
Fix cache key for <code>_zoomLevelsToOverscale</code> experimental
feature (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7450">#7450</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-gl-js/commit/8584c2e766b8a3d54023450dbef8aeee91b99762"><code>8584c2e</code></a>
chore(deps-dev): bump basic-ftp from 5.2.1 to 5.2.2 (<a
href="https://redirect.github.com/maplibre/maplibre-gl-js/issues/7447">#7447</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-gl-js/compare/v5.22.0...v5.23.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=maplibre-gl&package-manager=npm_and_yarn&previous-version=5.22.0&new-version=5.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-16 13:52:37 +00:00
dependabot[bot] 232db47713 chore(deps-dev): Bump i18next-cli from 1.51.7 to 1.51.8 (#1809) 
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.51.7
to 1.51.8.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/i18next/i18next-cli/compare/v1.51.7...v1.51.8">1.51.8</a>
- 2026-04-13</h2>
<ul>
<li>Fix selector API with dynamic bracket notation (e.g.
<code>t(($) =&gt; $.table.columns[field])</code>) incorrectly treating
keys as unused
and removing them during extraction. Dynamic bracket expressions are now
resolved via the expression resolver, so typed variables
(<code>const field: &quot;name&quot; | &quot;age&quot;</code>) and
const-initialised variables
(<code>const field = &quot;name&quot;</code>) are correctly expanded
into all possible keys.
Fixes <a
href="https://redirect.github.com/i18next/i18next-cli/issues/234">#234</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next-cli/commit/6e479a9d44cfcdd418ec98b4db9c052665a347b3"><code>6e479a9</code></a>
1.51.8</li>
<li><a
href="https://github.com/i18next/i18next-cli/commit/3a1ced40fb1b6548366dce80a9ff0abac9beedfe"><code>3a1ced4</code></a>
ix selector API with dynamic bracket notation <a
href="https://redirect.github.com/i18next/i18next-cli/issues/234">#234</a></li>
<li>See full diff in <a
href="https://github.com/i18next/i18next-cli/compare/v1.51.7...v1.51.8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next-cli&package-manager=npm_and_yarn&previous-version=1.51.7&new-version=1.51.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-16 13:52:34 +00:00
dependabot[bot] 1cf99f5175 chore(deps-dev): Bump stylelint from 17.6.0 to 17.7.0 (#1808) 
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.6.0 to
17.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.7.0</h2>
<p>It fixes 4 bugs, including clearer problem messages by removing
filler words and leading with the problem. We've also released
<code>1.0.0</code> of <a
href="https://github.com/stylelint/create-stylelint">create-stylelint</a>
to help with first-time Stylelint setup.</p>
<ul>
<li>Fixed: clarity of problem messages (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9199">#9199</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>--print-config</code> CLI flag to hide internal
properties (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9194">#9194</a>)
(<a
href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a>).</li>
<li>Fixed: <code>function-url-quotes</code> false positives when URLs
have modifiers (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8702">#8702</a>)
(<a href="https://github.com/immitsu"><code>@​immitsu</code></a>).</li>
<li>Fixed: <code>selector-no-qualifying-type</code> false positives for
<code>:has()</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9182">#9182</a>)
(<a
href="https://github.com/romainmenke"><code>@​romainmenke</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.7.0 - 2026-04-12</h2>
<p>It fixes 4 bugs, including clearer problem messages by removing
filler words and leading with the problem. We've also released
<code>1.0.0</code> of <a
href="https://github.com/stylelint/create-stylelint">create-stylelint</a>
to help with first-time Stylelint setup.</p>
<ul>
<li>Fixed: clarity of problem messages (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9199">#9199</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>--print-config</code> CLI flag to hide internal
properties (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9194">#9194</a>)
(<a
href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a>).</li>
<li>Fixed: <code>function-url-quotes</code> false positives when URLs
have modifiers (<a
href="https://redirect.github.com/stylelint/stylelint/pull/8702">#8702</a>)
(<a href="https://github.com/immitsu"><code>@​immitsu</code></a>).</li>
<li>Fixed: <code>selector-no-qualifying-type</code> false positives for
<code>:has()</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9182">#9182</a>)
(<a
href="https://github.com/romainmenke"><code>@​romainmenke</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/0b9b48b96481e7b5f1e2348da4cb0727121459c0"><code>0b9b48b</code></a>
Release 17.7.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9210">#9210</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/d0c992e78b9eabe6c44d52fd978ffe205df79711"><code>d0c992e</code></a>
Fix <code>function-url-quotes</code> false positives when URLs have
modifiers (<a
href="https://redirect.github.com/stylelint/stylelint/issues/8702">#8702</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/64d07a84ba219935df131d77368bd86a2e64e46f"><code>64d07a8</code></a>
Fix clarity of problem messages (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9199">#9199</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/38b2df26f280e7b4d7c77d8ca3a8ff0268a4f6b7"><code>38b2df2</code></a>
Bump lodash from 4.17.23 to 4.18.1 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9208">#9208</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/2d9a53d27e31f38e568e6d09c76ff0b9c346142e"><code>2d9a53d</code></a>
Bump globby from 16.1.1 to 16.2.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9207">#9207</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/37b1766dddea77eaf7fca7b88a722665ea479f99"><code>37b1766</code></a>
Bump <code>@​csstools/css-syntax-patches-for-csstree</code> from 1.1.1
to 1.1.2 in the csst...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/db0499267dc820faf21931a44af1fec6c5646508"><code>db04992</code></a>
Bump codecov/codecov-action from 5.5.2 to 6.0.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9205">#9205</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/5dd17dbcb3f6b7c5ba125f8d4d1b412276ebab07"><code>5dd17db</code></a>
Fix <code>--print-config</code> CLI flag to hide internal properties (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9194">#9194</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/f5010d410066aafeebf7572516ab32b746c59288"><code>f5010d4</code></a>
Refactor to document properties in <code>Config</code> type (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9195">#9195</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/73f4834022fb21ffa093fcd60c66e47d80e6c4c1"><code>73f4834</code></a>
Refactor to remove unused <code>Config.ignorePatterns</code> property
type (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9193">#9193</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.6.0...17.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.6.0&new-version=17.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-15 13:52:28 +00:00