It migrates to next gen translation extraction tool and updates other
libraries with their relevant changes.
---------
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.97.2 to 1.97.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/releases">sass's
releases</a>.</em></p>
<blockquote>
<h2>Dart Sass 1.97.3</h2>
<p>To install Sass 1.97.3, download one of the packages below and <a
href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or
see <a href="https://sass-lang.com/install">the Sass website</a> for
full installation instructions.</p>
<h1>Changes</h1>
<ul>
<li>Fix a bug where nesting an at-rule within multiple style rules in
plain CSS could cause outer style rules to be omitted.</li>
</ul>
<p>See the <a
href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1973">full
changelog</a> for changes in earlier releases.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's
changelog</a>.</em></p>
<blockquote>
<h2>1.97.3</h2>
<ul>
<li>Fix a bug where nesting an at-rule within multiple style rules in
plain CSS
could cause outer style rules to be omitted.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="080eaef584"><code>080eaef</code></a>
Fix at-rules combined with plain CSS nesting (<a
href="https://redirect.github.com/sass/dart-sass/issues/2725">#2725</a>)</li>
<li><a
href="f6f73f8e0f"><code>f6f73f8</code></a>
Bump gts from 6.0.2 to 7.0.0 in /pkg/sass-parser (<a
href="https://redirect.github.com/sass/dart-sass/issues/2711">#2711</a>)</li>
<li><a
href="0b87dd7451"><code>0b87dd7</code></a>
Bump protobuf and protoc_plugin (<a
href="https://redirect.github.com/sass/dart-sass/issues/2723">#2723</a>)</li>
<li>See full diff in <a
href="https://github.com/sass/dart-sass/compare/1.97.2...1.97.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [qs](https://github.com/ljharb/qs) from 6.14.1 to 6.14.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's
changelog</a>.</em></p>
<blockquote>
<h2><strong>6.14.2</strong></h2>
<ul>
<li>[Fix] <code>parse</code>: mark overflow objects for indexed notation
exceeding <code>arrayLimit</code> (<a
href="https://redirect.github.com/ljharb/qs/issues/546">#546</a>)</li>
<li>[Fix] <code>arrayLimit</code> means max count, not max index, in
<code>combine</code>/<code>merge</code>/<code>parseArrayValue</code></li>
<li>[Fix] <code>parse</code>: throw on <code>arrayLimit</code> exceeded
with indexed notation when <code>throwOnLimitExceeded</code> is true (<a
href="https://redirect.github.com/ljharb/qs/issues/529">#529</a>)</li>
<li>[Fix] <code>parse</code>: enforce <code>arrayLimit</code> on
<code>comma</code>-parsed values</li>
<li>[Fix] <code>parse</code>: fix error message to reflect arrayLimit as
max index; remove extraneous comments (<a
href="https://redirect.github.com/ljharb/qs/issues/545">#545</a>)</li>
<li>[Robustness] avoid <code>.push</code>, use <code>void</code></li>
<li>[readme] document that <code>addQueryPrefix</code> does not add
<code>?</code> to empty output (<a
href="https://redirect.github.com/ljharb/qs/issues/418">#418</a>)</li>
<li>[readme] clarify <code>parseArrays</code> and
<code>arrayLimit</code> documentation (<a
href="https://redirect.github.com/ljharb/qs/issues/543">#543</a>)</li>
<li>[readme] replace runkit CI badge with shields.io check-runs
badge</li>
<li>[meta] fix changelog typo (<code>arrayLength</code> →
<code>arrayLimit</code>)</li>
<li>[actions] fix rebase workflow permissions</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bdcf0c7f82"><code>bdcf0c7</code></a>
v6.14.2</li>
<li><a
href="294db90c81"><code>294db90</code></a>
[readme] document that <code>addQueryPrefix</code> does not add
<code>?</code> to empty output</li>
<li><a
href="5c308e5516"><code>5c308e5</code></a>
[readme] clarify <code>parseArrays</code> and <code>arrayLimit</code>
documentation</li>
<li><a
href="6addf8cf73"><code>6addf8c</code></a>
[Fix] <code>parse</code>: mark overflow objects for indexed notation
exceeding <code>arrayLimit</code></li>
<li><a
href="cfc108f662"><code>cfc108f</code></a>
[Fix] <code>arrayLimit</code> means max count, not max index, in
<code>combine</code>/<code>merge</code>/`pars...</li>
<li><a
href="febb64442a"><code>febb644</code></a>
[Fix] <code>parse</code>: throw on <code>arrayLimit</code> exceeded with
indexed notation when `thr...</li>
<li><a
href="f6a7abff1f"><code>f6a7abf</code></a>
[Fix] <code>parse</code>: enforce <code>arrayLimit</code> on
<code>comma</code>-parsed values</li>
<li><a
href="fbc5206c25"><code>fbc5206</code></a>
[Fix] <code>parse</code>: fix error message to reflect arrayLimit as max
index; remove e...</li>
<li><a
href="1b9a8b4e78"><code>1b9a8b4</code></a>
[actions] fix rebase workflow permissions</li>
<li><a
href="2a35775614"><code>2a35775</code></a>
[meta] fix changelog typo (<code>arrayLength</code> →
<code>arrayLimit</code>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ljharb/qs/compare/v6.14.1...v6.14.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to
3.14.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's
changelog</a>.</em></p>
<blockquote>
<h2>[3.14.2] - 2025-11-15</h2>
<h3>Security</h3>
<ul>
<li>Backported v4.1.1 fix to v3</li>
</ul>
<h2>[4.1.1] - 2025-11-12</h2>
<h3>Security</h3>
<ul>
<li>Fix prototype pollution issue in yaml merge (<<)
operator.</li>
</ul>
<h2>[4.1.0] - 2021-04-15</h2>
<h3>Added</h3>
<ul>
<li>Types are now exported as <code>yaml.types.XXX</code>.</li>
<li>Every type now has <code>options</code> property with original
arguments kept as they were
(see <code>yaml.types.int.options</code> as an example).</li>
</ul>
<h3>Changed</h3>
<ul>
<li><code>Schema.extend()</code> now keeps old type order in case of
conflicts
(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as
<code>abcd</code> instead of <code>cbad</code>).</li>
</ul>
<h2>[4.0.0] - 2021-01-03</h2>
<h3>Changed</h3>
<ul>
<li>Check <a
href="https://github.com/nodeca/js-yaml/blob/master/migrate_v3_to_v4.md">migration
guide</a> to see details for all breaking changes.</li>
<li>Breaking: "unsafe" tags <code>!!js/function</code>,
<code>!!js/regexp</code>, <code>!!js/undefined</code> are
moved to <a
href="https://github.com/nodeca/js-yaml-js-types">js-yaml-js-types</a>
package.</li>
<li>Breaking: removed <code>safe*</code> functions. Use
<code>load</code>, <code>loadAll</code>, <code>dump</code>
instead which are all now safe by default.</li>
<li><code>yaml.DEFAULT_SAFE_SCHEMA</code> and
<code>yaml.DEFAULT_FULL_SCHEMA</code> are removed, use
<code>yaml.DEFAULT_SCHEMA</code> instead.</li>
<li><code>yaml.Schema.create(schema, tags)</code> is removed, use
<code>schema.extend(tags)</code> instead.</li>
<li><code>!!binary</code> now always mapped to <code>Uint8Array</code>
on load.</li>
<li>Reduced nesting of <code>/lib</code> folder.</li>
<li>Parse numbers according to YAML 1.2 instead of YAML 1.1
(<code>01234</code> is now decimal,
<code>0o1234</code> is octal, <code>1:23</code> is parsed as string
instead of base60).</li>
<li><code>dump()</code> no longer quotes <code>:</code>, <code>[</code>,
<code>]</code>, <code>(</code>, <code>)</code> except when necessary, <a
href="https://redirect.github.com/nodeca/js-yaml/issues/470">#470</a>,
<a
href="https://redirect.github.com/nodeca/js-yaml/issues/557">#557</a>.</li>
<li>Line and column in exceptions are now formatted as
<code>(X:Y)</code> instead of
<code>at line X, column Y</code> (also present in compact format), <a
href="https://redirect.github.com/nodeca/js-yaml/issues/332">#332</a>.</li>
<li>Code snippet created in exceptions now contains multiple lines with
line numbers.</li>
<li><code>dump()</code> now serializes <code>undefined</code> as
<code>null</code> in collections and removes keys with
<code>undefined</code> in mappings, <a
href="https://redirect.github.com/nodeca/js-yaml/issues/571">#571</a>.</li>
<li><code>dump()</code> with <code>skipInvalid=true</code> now
serializes invalid items in collections as null.</li>
<li>Custom tags starting with <code>!</code> are now dumped as
<code>!tag</code> instead of <code>!<!tag></code>, <a
href="https://redirect.github.com/nodeca/js-yaml/issues/576">#576</a>.</li>
<li>Custom tags starting with <code>tag:yaml.org,2002:</code> are now
shorthanded using <code>!!</code>, <a
href="https://redirect.github.com/nodeca/js-yaml/issues/258">#258</a>.</li>
</ul>
<h3>Added</h3>
<ul>
<li>Added <code>.mjs</code> (es modules) support.</li>
<li>Added <code>quotingType</code> and <code>forceQuotes</code> options
for dumper to configure
string literal style, <a
href="https://redirect.github.com/nodeca/js-yaml/issues/290">#290</a>,
<a
href="https://redirect.github.com/nodeca/js-yaml/issues/529">#529</a>.</li>
<li>Added <code>styles: { '!!null': 'empty' }</code> option for dumper
(serializes <code>{ foo: null }</code> as "<code>foo:
</code>"), <a
href="https://redirect.github.com/nodeca/js-yaml/issues/570">#570</a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9963d366df"><code>9963d36</code></a>
3.14.2 released</li>
<li><a
href="10d3c8e70a"><code>10d3c8e</code></a>
dist rebuild</li>
<li><a
href="5278870a17"><code>5278870</code></a>
fix prototype pollution in merge (<<) (<a
href="https://redirect.github.com/nodeca/js-yaml/issues/731">#731</a>)</li>
<li>See full diff in <a
href="https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [i18next](https://github.com/i18next/i18next) from 25.7.4 to
25.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.8.0</h2>
<ul>
<li>fix: TFunctionReturn fallback <a
href="https://redirect.github.com/i18next/i18next/issues/2360">2360</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.8.0</h2>
<ul>
<li>fix: TFunctionReturn fallback <a
href="https://redirect.github.com/i18next/i18next/issues/2360">2360</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="89b6579abc"><code>89b6579</code></a>
25.8.0</li>
<li><a
href="f39cac20dc"><code>f39cac2</code></a>
improve fallbackNS types handling</li>
<li><a
href="6c06b0055c"><code>6c06b00</code></a>
selector example</li>
<li><a
href="8cf616830c"><code>8cf6168</code></a>
TFunctionReturn fallback (<a
href="https://redirect.github.com/i18next/i18next/issues/2361">#2361</a>)</li>
<li><a
href="485b4ec818"><code>485b4ec</code></a>
help msg</li>
<li><a
href="d496e5ad6f"><code>d496e5a</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.7.4...v25.8.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [downshift](https://github.com/downshift-js/downshift) from 9.0.13
to 9.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/downshift-js/downshift/releases">downshift's
releases</a>.</em></p>
<blockquote>
<h2>v9.2.0</h2>
<h1><a
href="https://github.com/downshift-js/downshift/compare/v9.1.0...v9.2.0">9.2.0</a>
(2026-01-30)</h1>
<h3>Features</h3>
<ul>
<li>manual release again 9.1.0 (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1671">#1671</a>)
(<a
href="1493624154">1493624</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1493624154"><code>1493624</code></a>
feat: manual release again 9.1.0 (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1671">#1671</a>)</li>
<li><a
href="7e5482d9be"><code>7e5482d</code></a>
feat: manual release 9.1.0 (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1670">#1670</a>)</li>
<li><a
href="fea4ac089b"><code>fea4ac0</code></a>
feat: create useTagGroup hook (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1665">#1665</a>)</li>
<li>See full diff in <a
href="https://github.com/downshift-js/downshift/compare/v9.0.13...v9.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@codemirror/lint](https://github.com/codemirror/lint) from 6.9.2
to 6.9.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/lint/blob/main/CHANGELOG.md"><code>@codemirror/lint</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.9.3 (2026-01-27)</h2>
<h3>Bug fixes</h3>
<p>Fix an issue where the lint panel inappropriately blocks the default
behavior of key combinations with Ctrl, Alt, or Cmd held.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ee432ca1c3"><code>ee432ca</code></a>
Mark version 6.9.3</li>
<li><a
href="85e7e0f4eb"><code>85e7e0f</code></a>
Don't handle ctrl/alt/meta key combinations in panel key handler</li>
<li><a
href="ed7f267834"><code>ed7f267</code></a>
Use git+https format for package.json repository field</li>
<li>See full diff in <a
href="https://github.com/codemirror/lint/compare/6.9.2...6.9.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@codemirror/view](https://github.com/codemirror/view) from
6.39.11 to 6.39.12.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/view/blob/main/CHANGELOG.md"><code>@codemirror/view</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.39.12 (2026-01-30)</h2>
<h3>Bug fixes</h3>
<p>Fix a bug where the visual selection drawn by
<code>drawSelection</code> could fail to update properly in some
circumstances.</p>
<p>Fix a bug where PageUp/PageDown near the edge of the viewport might
completely skip to the start/end of the document.</p>
<p>Fix a regression that caused mark decorations to be split on text
node chunk boundaries again.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f14dcd5265"><code>f14dcd5</code></a>
Mark version 6.39.12</li>
<li><a
href="16a0c29a89"><code>16a0c29</code></a>
Fix another issue around chunked large text nodes</li>
<li><a
href="4b908ab440"><code>4b908ab</code></a>
Fix poor handling of vertical motion exiting the viewport</li>
<li><a
href="e1476261c0"><code>e147626</code></a>
Fix negative computed width in RectangleMarker.forRange</li>
<li>See full diff in <a
href="https://github.com/codemirror/view/compare/6.39.11...6.39.12">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[systeminformation](https://github.com/sebhildebrandt/systeminformation)
from 5.27.17 to 5.31.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sebhildebrandt/systeminformation/releases">systeminformation's
releases</a>.</em></p>
<blockquote>
<h2>v5.31.1</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.31.0...v5.31.1">https://github.com/sebhildebrandt/systeminformation/compare/v5.31.0...v5.31.1</a></p>
<h2>v5.31.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.8...v5.31.0">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.8...v5.31.0</a></p>
<h2>v5.30.8</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.7...v5.30.8">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.7...v5.30.8</a></p>
<h2>v5.30.7</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.6...v5.30.7">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.6...v5.30.7</a></p>
<h2>v5.30.6</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.5...v5.30.6">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.5...v5.30.6</a></p>
<h2>v5.30.5</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.4...v5.30.5">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.4...v5.30.5</a></p>
<h2>v5.30.4</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.3...v5.30.4">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.3...v5.30.4</a></p>
<h2>v5.30.3</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.2...v5.30.3">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.2...v5.30.3</a></p>
<h2>v5.30.2</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.1...v5.30.2">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.1...v5.30.2</a></p>
<h2>v5.30.1</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.30.0...v5.30.1">https://github.com/sebhildebrandt/systeminformation/compare/v5.30.0...v5.30.1</a></p>
<h2>v5.30.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.29.1...v5.30.0">https://github.com/sebhildebrandt/systeminformation/compare/v5.29.1...v5.30.0</a></p>
<h2>v5.29.1</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.29.0...v5.29.1">https://github.com/sebhildebrandt/systeminformation/compare/v5.29.0...v5.29.1</a></p>
<h2>v5.29.0</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.28.10...v5.29.0">https://github.com/sebhildebrandt/systeminformation/compare/v5.28.10...v5.29.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md">systeminformation's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>Major Changes - Version 5</h2>
<h4>New Functions</h4>
<ul>
<li><code>audio()</code> detailed audio information</li>
<li><code>bluetoothDevices()</code> detailed information detected
bluetooth devices</li>
<li><code>dockerImages()</code> detailed information docker images</li>
<li><code>dockerVolumes()</code> detailed information docker
volumes</li>
<li><code>printers()</code> detailed printer information</li>
<li><code>usb()</code> detailed USB information</li>
<li><code>wifiInterfaces()</code> detected Wi-Fi interfaces</li>
<li><code>wifiConnections()</code> active Wi-Fi connections</li>
</ul>
<h4>Breaking Changes</h4>
<p><strong>Be aware</strong>, that the new version 5.x <strong>is NOT
fully backward compatible</strong> to
version 4.x ...</p>
<p>We had to make <strong>several interface changes</strong> to keep
systeminformation as
consistent as possible. We highly
<a href="https://systeminformation.io/changes.html">recommend to go
through the complete list</a>
and adapt your own code to be again compatible to the new version 5.</p>
<table>
<thead>
<tr>
<th>Function</th>
<th>Old</th>
<th>New (V5)</th>
<th>Comments</th>
</tr>
</thead>
<tbody>
<tr>
<td>unsupported values</td>
<td>-1</td>
<td>null</td>
<td>values which are unknown or<!-- raw HTML omitted -->unsupported on
platform</td>
</tr>
<tr>
<td><code>battery()</code></td>
<td>hasbattery<!-- raw HTML omitted -->cyclecount<!-- raw HTML omitted
-->ischarging<!-- raw HTML omitted -->designedcapacity<!-- raw HTML
omitted -->maxcapacity<!-- raw HTML omitted -->acconnected<!-- raw HTML
omitted -->timeremaining</td>
<td>hasBattery<!-- raw HTML omitted -->cycleCount<!-- raw HTML omitted
-->isCharging<!-- raw HTML omitted -->designedCapacity<!-- raw HTML
omitted -->maxCapacity<!-- raw HTML omitted -->acConnected<!-- raw HTML
omitted -->timeRemaining</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>blockDevices()</code></td>
<td>fstype</td>
<td>fsType</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>cpu()</code></td>
<td>speedmin<!-- raw HTML omitted -->speedmax</td>
<td>speedMin<!-- raw HTML omitted -->speedMax</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>cpu().speed</code><!-- raw HTML omitted
--><code>cpu().speedMin</code><!-- raw HTML omitted
--><code>cpu().speedMax</code></td>
<td>string values</td>
<td>now returning<!-- raw HTML omitted -->numerical values</td>
<td>better value handling</td>
</tr>
<tr>
<td><code>cpuCurrentspeed()</code></td>
<td></td>
<td>cpuCurrentSpeed()</td>
<td>function name changed<!-- raw HTML omitted -->pascalCase
conformity</td>
</tr>
<tr>
<td><code>currentLoad()</code></td>
<td>avgload<!-- raw HTML omitted -->currentload<!-- raw HTML omitted
-->currentload_user<!-- raw HTML omitted -->currentload_system<!-- raw
HTML omitted -->currentload_nice<!-- raw HTML omitted
-->currentload_idle<!-- raw HTML omitted -->currentload_irq<!-- raw HTML
omitted -->raw_currentload</td>
<td>avgLoad<!-- raw HTML omitted -->currentLoad<!-- raw HTML omitted
-->currentLoadUser<!-- raw HTML omitted -->currentLoadSystem<!-- raw
HTML omitted -->currentLoadNice<!-- raw HTML omitted
-->currentLoadIdle<!-- raw HTML omitted -->currentLoadIrq<!-- raw HTML
omitted -->rawCurrentLoad</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>dockerContainerStats()</code></td>
<td>mem_usage<!-- raw HTML omitted -->mem_limit<!-- raw HTML omitted
-->mem_percent<!-- raw HTML omitted -->cpu_percent<!-- raw HTML omitted
-->cpu_stats<!-- raw HTML omitted -->precpu_stats<!-- raw HTML omitted
-->memory_stats</td>
<td>memUsage<!-- raw HTML omitted -->memLimit<!-- raw HTML omitted
-->memPercent<!-- raw HTML omitted -->cpuPercent<!-- raw HTML omitted
-->cpuStats<!-- raw HTML omitted -->precpuStats<!-- raw HTML omitted
-->memoryStats</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>dockerContainerProcesses()</code></td>
<td>pid_host</td>
<td>pidHost</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>graphics().display</code></td>
<td>pixeldepth<!-- raw HTML omitted -->resolutionx<!-- raw HTML omitted
-->resolutiony<!-- raw HTML omitted -->sizex<!-- raw HTML omitted
-->sizey</td>
<td>pixelDepth<!-- raw HTML omitted -->resolutionX<!-- raw HTML omitted
-->resolutionY<!-- raw HTML omitted -->sizeX<!-- raw HTML omitted
-->sizeY</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>networkConnections()</code></td>
<td>localaddress<!-- raw HTML omitted -->localport<!-- raw HTML omitted
-->peeraddress<!-- raw HTML omitted -->peerport</td>
<td>localAddress<!-- raw HTML omitted -->localPort<!-- raw HTML omitted
-->peerAddress<!-- raw HTML omitted -->peerPort</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>networkInterfaces()</code></td>
<td>carrier_changes</td>
<td>carrierChanges</td>
<td>pascalCase conformity</td>
</tr>
<tr>
<td><code>processes()</code></td>
<td>mem_vsz<!-- raw HTML omitted -->mem_rss<!-- raw HTML omitted
-->pcpu<!-- raw HTML omitted -->pcpuu<!-- raw HTML omitted -->pcpus<!--
raw HTML omitted -->pmem</td>
<td>memVsz<!-- raw HTML omitted -->memRss<!-- raw HTML omitted
-->cpu<!-- raw HTML omitted -->cpuu<!-- raw HTML omitted -->cpus<!-- raw
HTML omitted -->mem</td>
<td>pascalCase conformity<!-- raw HTML omitted -->renamed
attributes</td>
</tr>
<tr>
<td><code>processLoad()</code></td>
<td>result as object</td>
<td>result as array of objects</td>
<td>function now allows to provide more than<!-- raw HTML omitted -->one
process (as a comma separated list)</td>
</tr>
<tr>
<td><code>services()</code></td>
<td>pcpu<!-- raw HTML omitted -->pmem</td>
<td>cpu<!-- raw HTML omitted -->mem</td>
<td>renamed attributes</td>
</tr>
<tr>
<td><code>vbox()</code></td>
<td>HPET<!-- raw HTML omitted -->PAE<!-- raw HTML omitted -->APIC<!--
raw HTML omitted -->X2APIC<!-- raw HTML omitted -->ACPI<!-- raw HTML
omitted -->IOAPIC<!-- raw HTML omitted -->biosAPICmode<!-- raw HTML
omitted -->TRC</td>
<td>hpet<!-- raw HTML omitted -->pae<!-- raw HTML omitted -->apic<!--
raw HTML omitted -->x2Apic<!-- raw HTML omitted -->acpi<!-- raw HTML
omitted -->ioApic<!-- raw HTML omitted -->biosApicMode<!-- raw HTML
omitted -->rtc</td>
<td>pascalCase conformity</td>
</tr>
</tbody>
</table>
<h4>Other Improvements and Changes</h4>
<ul>
<li><code>baseboard()</code>: added memMax, memSlots</li>
<li><code>bios()</code>: added language and features (linux)</li>
<li><code>blockDevices()</code> added raid group member (linux)</li>
<li><code>cpu()</code>: extended AMD processor list</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="91e1acf7d3"><code>91e1acf</code></a>
5.31.1</li>
<li><a
href="5408bb6d1c"><code>5408bb6</code></a>
docs updated (security advisory)</li>
<li><a
href="2a28d2d083"><code>2a28d2d</code></a>
versions() fix Command Injection issue (linux), added smartmontools
support (...</li>
<li><a
href="5a534cd62a"><code>5a534cd</code></a>
5.31.0</li>
<li><a
href="b67d3715ee"><code>b67d371</code></a>
versions() fix Command Injection issue (linux), added smartmontools
support (...</li>
<li><a
href="612d97e890"><code>612d97e</code></a>
5.30.8</li>
<li><a
href="22242aa561"><code>22242aa</code></a>
wifiNetworks() fixed CWE-78 command injection issue (linux)</li>
<li><a
href="41c7ea4ff8"><code>41c7ea4</code></a>
5.30.7</li>
<li><a
href="f4ff1d9faa"><code>f4ff1d9</code></a>
networkInterfaces() fixed getWindowsIEEE8021x issue (windows)</li>
<li><a
href="ea020217e1"><code>ea02021</code></a>
5.30.6</li>
<li>Additional commits viewable in <a
href="https://github.com/sebhildebrandt/systeminformation/compare/v5.27.17...v5.31.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh)
from 0.4.26 to 0.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases">eslint-plugin-react-refresh's
releases</a>.</em></p>
<blockquote>
<h2>v0.5.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>The package now ships as ESM and requires ESLint 9 + node 20.
Because legacy config doesn't support ESM, this requires to use <a
href="https://eslint.org/docs/latest/use/configure/migration-guide">flat
config</a></li>
<li>A new <code>reactRefresh</code> export is available and prefered
over the default export. It's an object with two properties:
<ul>
<li><code>plugin</code>: The plugin object with the rules</li>
<li><code>configs</code>: An object containing configuration presets,
each exposed as a function. These functions accept your custom options,
merge them with sensible defaults for that config, and return the final
config object.</li>
</ul>
</li>
<li><code>customHOCs</code> option was renamed to
<code>extraHOCs</code></li>
<li>Validation of HOCs calls is now more strict, you may need to add
some HOCs to the <code>extraHOCs</code> option</li>
</ul>
<p>Config example:</p>
<pre lang="js"><code>import { defineConfig } from
"eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
<p>export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);
</code></pre></p>
<p>Config example without config:</p>
<pre lang="js"><code>import { defineConfig } from
"eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
<p>export default defineConfig({
files: ["<strong>/*.ts", "</strong>/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});
</code></pre></p>
<h3>Why</h3>
<p>This version follows a revamp of the internal logic to better make
the difference between random call expressions like <code>export const
Enum = Object.keys(Record)</code> and actual React HOC calls like
<code>export const MemoComponent = memo(Component)</code>. (fixes <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/93">#93</a>)</p>
<p>The rule now handles ternaries and patterns like <code>export default
customHOC(props)(Component)</code> which makes it able to correctly
support files like <a
href="ddfc624ce7/ui/src/routes/__root.tsx">this
one</a> given this config:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md">eslint-plugin-react-refresh's
changelog</a>.</em></p>
<blockquote>
<h2>0.5.0</h2>
<h3>Breaking changes</h3>
<ul>
<li>The package now ships as ESM and requires ESLint 9 + node 20.
Because legacy config doesn't support ESM, this requires to use <a
href="https://eslint.org/docs/latest/use/configure/migration-guide">flat
config</a></li>
<li>A new <code>reactRefresh</code> export is available and prefered
over the default export. It's an object with two properties:
<ul>
<li><code>plugin</code>: The plugin object with the rules</li>
<li><code>configs</code>: An object containing configuration presets,
each exposed as a function. These functions accept your custom options,
merge them with sensible defaults for that config, and return the final
config object.</li>
</ul>
</li>
<li><code>customHOCs</code> option was renamed to
<code>extraHOCs</code></li>
<li>Validation of HOCs calls is now more strict, you may need to add
some HOCs to the <code>extraHOCs</code> option</li>
</ul>
<p>Config example:</p>
<pre lang="js"><code>import { defineConfig } from
"eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
<p>export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);
</code></pre></p>
<p>Config example without config:</p>
<pre lang="js"><code>import { defineConfig } from
"eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
<p>export default defineConfig({
files: ["<strong>/*.ts", "</strong>/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});
</code></pre></p>
<h3>Why</h3>
<p>This version follows a revamp of the internal logic to better make
the difference between random call expressions like <code>export const
Enum = Object.keys(Record)</code> and actual React HOC calls like
<code>export const MemoComponent = memo(Component)</code>. (fixes <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/93">#93</a>)</p>
<p>The rule now handles ternaries and patterns like <code>export default
customHOC(props)(Component)</code> which makes it able to correctly
support files like <a
href="ddfc624ce7/ui/src/routes/__root.tsx">this
one</a> given this config:</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="daa2efb2a2"><code>daa2efb</code></a>
Revamp logic to catch more cases [publish] (<a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/97">#97</a>)</li>
<li>See full diff in <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.4.26...v0.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps the vitest group with 2 updates:
[@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8)
and
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).
Updates `@vitest/coverage-v8` from 4.0.17 to 4.0.18
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases"><code>@vitest/coverage-v8</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v4.0.18</h2>
<h3> 🚀 Experimental Features</h3>
<ul>
<li><strong>experimental</strong>: Add <code>onModuleRunner</code> hook
to <code>worker.init</code> - by <a
href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9286">vitest-dev/vitest#9286</a>
<a href="https://github.com/vitest-dev/vitest/commit/ea837de7d"><!-- raw
HTML omitted -->(ea837)<!-- raw HTML omitted --></a></li>
</ul>
<h3> 🐞 Bug Fixes</h3>
<ul>
<li>Use <code>meta.url</code> in <code>createRequire</code> - by <a
href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9441">vitest-dev/vitest#9441</a>
<a href="https://github.com/vitest-dev/vitest/commit/e057281ca"><!-- raw
HTML omitted -->(e0572)<!-- raw HTML omitted --></a></li>
<li><strong>browser</strong>: Hide injected data-testid attributes -
by <a
href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9503">vitest-dev/vitest#9503</a>
<a href="https://github.com/vitest-dev/vitest/commit/f89899cd8"><!-- raw
HTML omitted -->(f8989)<!-- raw HTML omitted --></a></li>
<li><strong>ui</strong>: Process artifact attachments when generating
HTML reporter - by <a
href="https://github.com/macarie"><code>@macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9472">vitest-dev/vitest#9472</a>
<a href="https://github.com/vitest-dev/vitest/commit/225435647"><!-- raw
HTML omitted -->(22543)<!-- raw HTML omitted --></a></li>
</ul>
<h5> <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.17...v4.0.18">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d3e3c61b9"><code>4d3e3c6</code></a>
chore: release v4.0.18</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.0.18/packages/coverage-v8">compare
view</a></li>
</ul>
</details>
<br />
Updates `vitest` from 4.0.17 to 4.0.18
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.18</h2>
<h3> 🚀 Experimental Features</h3>
<ul>
<li><strong>experimental</strong>: Add <code>onModuleRunner</code> hook
to <code>worker.init</code> - by <a
href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9286">vitest-dev/vitest#9286</a>
<a href="https://github.com/vitest-dev/vitest/commit/ea837de7d"><!-- raw
HTML omitted -->(ea837)<!-- raw HTML omitted --></a></li>
</ul>
<h3> 🐞 Bug Fixes</h3>
<ul>
<li>Use <code>meta.url</code> in <code>createRequire</code> - by <a
href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9441">vitest-dev/vitest#9441</a>
<a href="https://github.com/vitest-dev/vitest/commit/e057281ca"><!-- raw
HTML omitted -->(e0572)<!-- raw HTML omitted --></a></li>
<li><strong>browser</strong>: Hide injected data-testid attributes -
by <a
href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/9503">vitest-dev/vitest#9503</a>
<a href="https://github.com/vitest-dev/vitest/commit/f89899cd8"><!-- raw
HTML omitted -->(f8989)<!-- raw HTML omitted --></a></li>
<li><strong>ui</strong>: Process artifact attachments when generating
HTML reporter - by <a
href="https://github.com/macarie"><code>@macarie</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/9472">vitest-dev/vitest#9472</a>
<a href="https://github.com/vitest-dev/vitest/commit/225435647"><!-- raw
HTML omitted -->(22543)<!-- raw HTML omitted --></a></li>
</ul>
<h5> <a
href="https://github.com/vitest-dev/vitest/compare/v4.0.17...v4.0.18">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d3e3c61b9"><code>4d3e3c6</code></a>
chore: release v4.0.18</li>
<li><a
href="ea837de7d7"><code>ea837de</code></a>
feat(experimental): add <code>onModuleRunner</code> hook to
<code>worker.init</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9286">#9286</a>)</li>
<li><a
href="e057281ca5"><code>e057281</code></a>
fix: use <code>meta.url</code> in <code>createRequire</code> (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/9441">#9441</a>)</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.0.18/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to
3.1.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7bba97888a"><code>7bba978</code></a>
3.1.5</li>
<li><a
href="bd259425b2"><code>bd25942</code></a>
docs: add warning about ReDoS</li>
<li><a
href="1a9c27c757"><code>1a9c27c</code></a>
fix partial matching of globstar patterns</li>
<li><a
href="1a2e084af5"><code>1a2e084</code></a>
3.1.4</li>
<li><a
href="ae24656237"><code>ae24656</code></a>
update lockfile</li>
<li><a
href="b100374922"><code>b100374</code></a>
limit recursion for **, improve perf considerably</li>
<li><a
href="26ffeaa091"><code>26ffeaa</code></a>
lockfile update</li>
<li><a
href="9eca892a4e"><code>9eca892</code></a>
lock node version to 14</li>
<li><a
href="00c323b188"><code>00c323b</code></a>
3.1.3</li>
<li><a
href="30486b2048"><code>30486b2</code></a>
update CI matrix and actions</li>
<li>Additional commits viewable in <a
href="https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 7.3.0 to 7.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v7.3.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.3.0...v7.3.1">7.3.1</a>
(2026-01-07)<!-- raw HTML omitted --></h2>
<h3>Features</h3>
<ul>
<li>add <code>ignoreOutdatedRequests</code> option to
<code>optimizeDeps</code> (<a
href="https://redirect.github.com/vitejs/vite/issues/21364">#21364</a>)
(<a
href="9d39d373a7">9d39d37</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="95e8923f35"><code>95e8923</code></a>
release: v7.3.1</li>
<li><a
href="9d39d373a7"><code>9d39d37</code></a>
feat: add <code>ignoreOutdatedRequests</code> option to
<code>optimizeDeps</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21364">#21364</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v7.3.1/packages/vite">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [react-i18next](https://github.com/i18next/react-i18next) from
16.5.3 to 16.5.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h3>16.5.4</h3>
<ul>
<li>fix: Overriding React component props not working <a
href="https://redirect.github.com/i18next/react-i18next/pull/1902">1902</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b97c2bbe15"><code>b97c2bb</code></a>
16.5.4</li>
<li><a
href="596840ec70"><code>596840e</code></a>
fix: Overriding React component props not working <a
href="https://redirect.github.com/i18next/react-i18next/issues/1902">#1902</a></li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v16.5.3...v16.5.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 5.0.0 to 6.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<h2>v6 - What's new</h2>
<blockquote>
<p>[!IMPORTANT]
actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using:
node24</code>) and requires a minimum Actions Runner version of 2.327.1.
If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<h3>Node.js 24</h3>
<p>This release updates the runtime to Node.js 24. v5 had preliminary
support for Node.js 24, however this action was by default still running
on Node.js 20. Now this action by default will run on Node.js 24.</p>
<h2>What's Changed</h2>
<ul>
<li>Upload Artifact Node 24 support by <a
href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li>
<li>fix: update <code>@actions/artifact</code> for Node.js 24 punycode
deprecation by <a
href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li>
<li>prepare release v6.0.0 for Node.js 24 support by <a
href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b7c566a772"><code>b7c566a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a>
from actions/upload-artifact-v6-release</li>
<li><a
href="e516bc8500"><code>e516bc8</code></a>
docs: correct description of Node.js 24 support in README</li>
<li><a
href="ddc45ed9bc"><code>ddc45ed</code></a>
docs: update README to correct action name for Node.js 24 support</li>
<li><a
href="615b319bd2"><code>615b319</code></a>
chore: release v6.0.0 for Node.js 24 support</li>
<li><a
href="017748b48f"><code>017748b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a>
from actions/fix-storage-blob</li>
<li><a
href="38d4c7997f"><code>38d4c79</code></a>
chore: rebuild dist</li>
<li><a
href="7d27270e0c"><code>7d27270</code></a>
chore: add missing license cache files for <code>@actions/core</code>,
<code>@actions/io</code>, and mi...</li>
<li><a
href="5f643d3c94"><code>5f643d3</code></a>
chore: update license files for <code>@actions/artifact</code><a
href="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li>
<li><a
href="1df1684032"><code>1df1684</code></a>
chore: update package-lock.json with <code>@actions/artifact</code><a
href="https://github.com/5"><code>@5</code></a>.0.1</li>
<li><a
href="b5b1a91840"><code>b5b1a91</code></a>
fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24
punycode fix</li>
<li>Additional commits viewable in <a
href="330a01c490...b7c566a772">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to
4.17.23.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dec55b7a3b"><code>dec55b7</code></a>
Bump main to v4.17.23 (<a
href="https://redirect.github.com/lodash/lodash/issues/6088">#6088</a>)</li>
<li><a
href="19c9251b36"><code>19c9251</code></a>
fix: setCacheHas JSDoc return type should be boolean (<a
href="https://redirect.github.com/lodash/lodash/issues/6071">#6071</a>)</li>
<li><a
href="b5e672995a"><code>b5e6729</code></a>
jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (<a
href="https://redirect.github.com/lodash/lodash/issues/6062">#6062</a>)</li>
<li><a
href="edadd45214"><code>edadd45</code></a>
Prevent prototype pollution on baseUnset function</li>
<li><a
href="4879a7a7d0"><code>4879a7a</code></a>
doc: fix autoLink function, conversion of source links (<a
href="https://redirect.github.com/lodash/lodash/issues/6056">#6056</a>)</li>
<li><a
href="9648f692b0"><code>9648f69</code></a>
chore: remove <code>yarn.lock</code> file (<a
href="https://redirect.github.com/lodash/lodash/issues/6053">#6053</a>)</li>
<li><a
href="dfa407db0b"><code>dfa407d</code></a>
ci: remove legacy configuration files (<a
href="https://redirect.github.com/lodash/lodash/issues/6052">#6052</a>)</li>
<li><a
href="156e1965ae"><code>156e196</code></a>
feat: add renovate setup (<a
href="https://redirect.github.com/lodash/lodash/issues/6039">#6039</a>)</li>
<li><a
href="933e1061b8"><code>933e106</code></a>
ci: add pipeline for Bun (<a
href="https://redirect.github.com/lodash/lodash/issues/6023">#6023</a>)</li>
<li><a
href="072a807ff7"><code>072a807</code></a>
docs: update links related to Open JS Foundation (<a
href="https://redirect.github.com/lodash/lodash/issues/5968">#5968</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.21...4.17.23">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [pmtiles](https://github.com/protomaps/pmtiles) from 4.3.0 to
4.3.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/protomaps/pmtiles/commits">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [downshift](https://github.com/downshift-js/downshift) from 9.0.12
to 9.0.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/downshift-js/downshift/releases">downshift's
releases</a>.</em></p>
<blockquote>
<h2>v9.0.13</h2>
<h2><a
href="https://github.com/downshift-js/downshift/compare/v9.0.12...v9.0.13">9.0.13</a>
(2025-12-08)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>improve the mouse tracker hook (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1666">#1666</a>)
(<a
href="512b533216">512b533</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="512b533216"><code>512b533</code></a>
fix: improve the mouse tracker hook (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1666">#1666</a>)</li>
<li>See full diff in <a
href="https://github.com/downshift-js/downshift/compare/v9.0.12...v9.0.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.21 to
4.17.23.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dec55b7a3b"><code>dec55b7</code></a>
Bump main to v4.17.23 (<a
href="https://redirect.github.com/lodash/lodash/issues/6088">#6088</a>)</li>
<li><a
href="19c9251b36"><code>19c9251</code></a>
fix: setCacheHas JSDoc return type should be boolean (<a
href="https://redirect.github.com/lodash/lodash/issues/6071">#6071</a>)</li>
<li><a
href="b5e672995a"><code>b5e6729</code></a>
jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (<a
href="https://redirect.github.com/lodash/lodash/issues/6062">#6062</a>)</li>
<li><a
href="edadd45214"><code>edadd45</code></a>
Prevent prototype pollution on baseUnset function</li>
<li><a
href="4879a7a7d0"><code>4879a7a</code></a>
doc: fix autoLink function, conversion of source links (<a
href="https://redirect.github.com/lodash/lodash/issues/6056">#6056</a>)</li>
<li><a
href="9648f692b0"><code>9648f69</code></a>
chore: remove <code>yarn.lock</code> file (<a
href="https://redirect.github.com/lodash/lodash/issues/6053">#6053</a>)</li>
<li><a
href="dfa407db0b"><code>dfa407d</code></a>
ci: remove legacy configuration files (<a
href="https://redirect.github.com/lodash/lodash/issues/6052">#6052</a>)</li>
<li><a
href="156e1965ae"><code>156e196</code></a>
feat: add renovate setup (<a
href="https://redirect.github.com/lodash/lodash/issues/6039">#6039</a>)</li>
<li><a
href="933e1061b8"><code>933e106</code></a>
ci: add pipeline for Bun (<a
href="https://redirect.github.com/lodash/lodash/issues/6023">#6023</a>)</li>
<li><a
href="072a807ff7"><code>072a807</code></a>
docs: update links related to Open JS Foundation (<a
href="https://redirect.github.com/lodash/lodash/issues/5968">#5968</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/lodash/lodash/compare/4.17.21...4.17.23">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [i18next](https://github.com/i18next/i18next) from 25.7.2 to
25.7.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v25.7.4</h2>
<ul>
<li>fix: Interpolation breaks when cloning an instance <a
href="https://redirect.github.com/i18next/react-i18next/issues/2376">2376</a></li>
</ul>
<h2>v25.7.3</h2>
<ul>
<li>type definitions for new transDefaultProps option in react-i18next
[react-i18next: <a
href="https://redirect.github.com/i18next/i18next/issues/1895">#1895</a>](<a
href="https://redirect.github.com/i18next/react-i18next/issues/1895">i18next/react-i18next#1895</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>25.7.4</h2>
<ul>
<li>fix: Interpolation breaks when cloning an instance <a
href="https://redirect.github.com/i18next/react-i18next/issues/2376">2376</a></li>
</ul>
<h2>25.7.3</h2>
<ul>
<li>type definitions for new transDefaultProps option in react-i18next
[react-i18next: <a
href="https://redirect.github.com/i18next/i18next/issues/1895">#1895</a>](<a
href="https://redirect.github.com/i18next/react-i18next/issues/1895">i18next/react-i18next#1895</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="04392be4ec"><code>04392be</code></a>
25.7.4</li>
<li><a
href="92c8f482ab"><code>92c8f48</code></a>
fix: Interpolation breaks when cloning an instance <a
href="https://redirect.github.com/i18next/i18next/issues/2376">#2376</a></li>
<li><a
href="5f44eb7018"><code>5f44eb7</code></a>
fix img url</li>
<li><a
href="1e5f568674"><code>1e5f568</code></a>
remove old addRule function</li>
<li><a
href="e328830d39"><code>e328830</code></a>
fallbackLng object with same language (omitting default fallback)</li>
<li><a
href="c77c20383f"><code>c77c203</code></a>
jsr update</li>
<li><a
href="a73189767e"><code>a731897</code></a>
25.7.3</li>
<li><a
href="c60d722711"><code>c60d722</code></a>
type definitions for new transDefaultProps option in react-i18next</li>
<li><a
href="3e160f39c2"><code>3e160f3</code></a>
jsr update</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v25.7.2...v25.7.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@codemirror/state](https://github.com/codemirror/state) from
6.5.3 to 6.5.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/state/blob/main/CHANGELOG.md"><code>@codemirror/state</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.5.4 (2026-01-14)</h2>
<h3>Bug fixes</h3>
<p>Make <code>SelectionRange.eq</code> return false when the ranges have
different goal columns.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8897323ba7"><code>8897323</code></a>
Mark version 6.5.4</li>
<li><a
href="75518c016a"><code>75518c0</code></a>
Include goal column when comparing selection ranges</li>
<li><a
href="a0889f8a0a"><code>a0889f8</code></a>
Use git+https format for package.json repository field</li>
<li>See full diff in <a
href="https://github.com/codemirror/state/compare/6.5.3...6.5.4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@codemirror/view](https://github.com/codemirror/view) from
6.39.10 to 6.39.11.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/view/blob/main/CHANGELOG.md"><code>@codemirror/view</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.39.11 (2026-01-14)</h2>
<h3>Bug fixes</h3>
<p>Avoid handling copy events for parent editors.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6fcf2e1bd9"><code>6fcf2e1</code></a>
Mark version 6.39.11</li>
<li><a
href="95fd570804"><code>95fd570</code></a>
Use a custom selection comparison when only the position should be
compared</li>
<li><a
href="4c56500aa9"><code>4c56500</code></a>
Remove a loop that never loops anymore</li>
<li><a
href="01fbc4214a"><code>01fbc42</code></a>
Avoid handling copy events for parent elements</li>
<li>See full diff in <a
href="https://github.com/codemirror/view/compare/6.39.10...6.39.11">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[stylelint-config-recommended-scss](https://github.com/stylelint-scss/stylelint-config-recommended-scss)
from 16.0.2 to 17.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint-scss/stylelint-config-recommended-scss/releases">stylelint-config-recommended-scss's
releases</a>.</em></p>
<blockquote>
<h2>17.0.0</h2>
<ul>
<li>Removed: <code>stylelint</code> less than <code>17.0.0</code> from
peer dependencies.</li>
<li>Changed: updated to <a
href="https://github.com/stylelint/stylelint-config-recommended/releases/tag/18.0.0"><code>stylelint-config-recommended@18.0.0</code></a>.</li>
<li>Changed: updated to <a
href="https://github.com/stylelint-scss/stylelint-scss/releases/tag/v7.0.0"><code>stylelint-scss@7.0.0</code></a>.</li>
<li>Changed: module type to ESM.</li>
<li>Fixed: disabled <code>no-descending-specificity</code> rule because
of false positives due to standard nesting.</li>
<li>Fixed: disabled <code>no-duplicate-selectors</code> rule because of
false positives due to standard nesting.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint-scss/stylelint-config-recommended-scss/blob/master/CHANGELOG.md">stylelint-config-recommended-scss's
changelog</a>.</em></p>
<blockquote>
<h1>17.0.0</h1>
<ul>
<li>Removed: <code>stylelint</code> less than <code>17.0.0</code> from
peer dependencies.</li>
<li>Changed: updated to <a
href="https://github.com/stylelint/stylelint-config-recommended/releases/tag/18.0.0"><code>stylelint-config-recommended@18.0.0</code></a>.</li>
<li>Changed: updated to <a
href="https://github.com/stylelint-scss/stylelint-scss/releases/tag/v7.0.0"><code>stylelint-scss@7.0.0</code></a>.</li>
<li>Changed: module type to ESM.</li>
<li>Fixed: disabled <code>no-descending-specificity</code> rule because
of false positives due to standard nesting.</li>
<li>Fixed: disabled <code>no-duplicate-selectors</code> rule because of
false positives due to standard nesting.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="15eeb90c7e"><code>15eeb90</code></a>
17.0.0</li>
<li><a
href="47b4ad379b"><code>47b4ad3</code></a>
Prepare 17.0.0 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-config-recommended-scss/issues/383">#383</a>)</li>
<li>See full diff in <a
href="https://github.com/stylelint-scss/stylelint-config-recommended-scss/compare/v16.0.2...v17.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@codemirror/state](https://github.com/codemirror/state) from
6.5.2 to 6.5.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/state/blob/main/CHANGELOG.md"><code>@codemirror/state</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.5.3 (2025-12-22)</h2>
<h3>Bug fixes</h3>
<p>Fix an issue where <code>RangeValue.eq</code> could get called with a
value of a different class.</p>
<p><code>EditorState.charCategorizer</code> now only uses the
highest-precedence set of word characters from the language data, to
allow overriding these.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b2cbf25cc3"><code>b2cbf25</code></a>
Mark version 6.5.3</li>
<li><a
href="386d55d3c2"><code>386d55d</code></a>
Make charCategorizer only use the highest-precedence set of word
chars</li>
<li><a
href="aa4ca3c99d"><code>aa4ca3c</code></a>
Document RangeCursor.goto</li>
<li><a
href="32c46fa82f"><code>32c46fa</code></a>
Don't call RangeValue.eq on values of different class</li>
<li><a
href="127f07c316"><code>127f07c</code></a>
Fix superfluous calls to boundChange</li>
<li><a
href="c24cde9d01"><code>c24cde9</code></a>
Remove some trailing whitespace</li>
<li><a
href="fc068eddf3"><code>fc068ed</code></a>
Fix mapPos documentation</li>
<li><a
href="83ce34df91"><code>83ce34d</code></a>
Switch from exclamation point to declare syntax for type-only
properties</li>
<li>See full diff in <a
href="https://github.com/codemirror/state/compare/6.5.2...6.5.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.39.6
to 6.39.10.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codemirror/view/blob/main/CHANGELOG.md"><code>@codemirror/view</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>6.39.10 (2026-01-13)</h2>
<h3>Bug fixes</h3>
<p>Fix a regression in the way widget are reused when content next to
them changes.</p>
<p>Make sure font metrics get recomputed on <code>fonts.ready</code>
even if the line height doesn't change.</p>
<p>Fix an issue where compositions next to a widget that create a new
text node could get needlessly interrupted during an editor update.</p>
<h2>6.39.9 (2026-01-06)</h2>
<h3>Bug fixes</h3>
<p>Fix a bug where <code>EditorSelection.cursor()</code> with a non-zero
<code>assoc</code> value would not be visually respected at soft-wrap
boundaries on initial view creation.</p>
<p>Fix error caused by hover tooltips running a scheduled timeout after
their editor has been destroyed.</p>
<p>Fix a bug that caused <code>EditorView.outerDecorations</code> to not
affect the content height map.</p>
<p>Fix an issue where composition near a widget could get unnecessarily
interrupted.</p>
<h2>6.39.8 (2025-12-30)</h2>
<h3>Bug fixes</h3>
<p>Fix a bug that cause <code>coordsAtPos</code> to use the dimensions
of widget buffers when there were more meaningful elements to use
nearby.</p>
<p>Fix a data structure corruption that could cause crashes during
viewport changes.</p>
<h2>6.39.7 (2025-12-24)</h2>
<h3>Bug fixes</h3>
<p>Fix a bug that could sometimes cause the document to become mangled
during composition.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74c9e9b531"><code>74c9e9b</code></a>
Mark version 6.39.10</li>
<li><a
href="96566415a2"><code>9656641</code></a>
Fix another way widgets could be reused across a composition</li>
<li><a
href="ff312713bd"><code>ff31271</code></a>
Make sure font metrics get recomputed on font load</li>
<li><a
href="e9e5fe2b10"><code>e9e5fe2</code></a>
Only reuse widget tiles when the widget is precisely the same</li>
<li><a
href="41b978b5ff"><code>41b978b</code></a>
Mark version 6.39.9</li>
<li><a
href="7ad513e5dc"><code>7ad513e</code></a>
Avoid reusing DOM nodes across composition</li>
<li><a
href="2195af4154"><code>2195af4</code></a>
Remove some unnecessary exclamation point operators</li>
<li><a
href="0a2d822367"><code>0a2d822</code></a>
Properly include outerDecorations in height map structure</li>
<li><a
href="1524fb5482"><code>1524fb5</code></a>
Remove unused DOM type declaration</li>
<li><a
href="f6cb4593f6"><code>f6cb459</code></a>
Work around odd rounding issue in a test in MacOS Chrome</li>
<li>Additional commits viewable in <a
href="https://github.com/codemirror/view/compare/6.39.6...6.39.10">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.97.1 to 1.97.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/releases">sass's
releases</a>.</em></p>
<blockquote>
<h2>Dart Sass 1.97.2</h2>
<p>To install Sass 1.97.2, download one of the packages below and <a
href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or
see <a href="https://sass-lang.com/install">the Sass website</a> for
full installation instructions.</p>
<h1>Changes</h1>
<ul>
<li>Additional fixes for implicit configuration when nested imports are
involved.</li>
</ul>
<p>See the <a
href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1972">full
changelog</a> for changes in earlier releases.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's
changelog</a>.</em></p>
<blockquote>
<h2>1.97.2</h2>
<ul>
<li>Additional fixes for implicit configuration when nested imports are
involved.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d12cc7d8fd"><code>d12cc7d</code></a>
Fix bug with implicit configuration for nested imports (<a
href="https://redirect.github.com/sass/dart-sass/issues/2658">#2658</a>)</li>
<li><a
href="340bfd20b1"><code>340bfd2</code></a>
Bump actions/download-artifact from 6 to 7 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2706">#2706</a>)</li>
<li><a
href="a795ab39e5"><code>a795ab3</code></a>
Bump actions/upload-artifact from 5 to 6 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2705">#2705</a>)</li>
<li><a
href="add7e6fa2f"><code>add7e6f</code></a>
Bump protoc_plugin from 23.0.0 to 24.0.0 (<a
href="https://redirect.github.com/sass/dart-sass/issues/2696">#2696</a>)</li>
<li>See full diff in <a
href="https://github.com/sass/dart-sass/compare/1.97.1...1.97.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Harel M
dependabot[bot]
Lukas Weber