mirror of
https://github.com/maputnik/editor.git
synced 2026-05-16 21:20:01 +00:00
d393e19d46ec5d57f96f8151a203f41bcd2ecffb
2627 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
d393e19d46 |
chore(deps): Bump ncipollo/release-action from 1.20.0 to 1.21.0 (#1722)
Bumps [ncipollo/release-action](https://github.com/ncipollo/release-action) from 1.20.0 to 1.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ncipollo/release-action/releases">ncipollo/release-action's releases</a>.</em></p> <blockquote> <h2>v1.21.0</h2> <h2>What's Changed</h2> <ul> <li>Bump jest-circus from 29.7.0 to 30.2.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/557">ncipollo/release-action#557</a></li> <li>Bump typescript from 5.8.3 to 5.9.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/556">ncipollo/release-action#556</a></li> <li>Bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/551">ncipollo/release-action#551</a></li> <li>Bump <code>@types/node</code> from 22.15.29 to 24.6.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/555">ncipollo/release-action#555</a></li> <li>Bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/559">ncipollo/release-action#559</a></li> <li>Bump ts-jest from 29.3.4 to 29.4.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/561">ncipollo/release-action#561</a></li> <li>Bump <code>@biomejs/biome</code> from 1.9.4 to 2.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/564">ncipollo/release-action#564</a></li> <li>Bump <code>@types/node</code> from 24.6.1 to 24.9.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/563">ncipollo/release-action#563</a></li> <li>Bump js-yaml from 3.14.1 to 3.14.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/567">ncipollo/release-action#567</a></li> <li>Bump glob from 11.0.3 to 11.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/568">ncipollo/release-action#568</a></li> <li>Bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/569">ncipollo/release-action#569</a></li> <li>Bump <code>@biomejs/biome</code> from 2.3.2 to 2.3.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/575">ncipollo/release-action#575</a></li> <li>Bump glob from 11.1.0 to 13.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/573">ncipollo/release-action#573</a></li> <li>Bump <code>@octokit/types</code> from 13.10.0 to 16.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/577">ncipollo/release-action#577</a></li> <li>Bump <code>@biomejs/biome</code> from 2.3.8 to 2.3.10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/578">ncipollo/release-action#578</a></li> <li>Bump <code>@actions/core</code> from 1.11.1 to 2.0.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/579">ncipollo/release-action#579</a></li> <li>Bump <code>@types/node</code> from 24.10.1 to 25.0.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/580">ncipollo/release-action#580</a></li> <li>Bump <code>@biomejs/biome</code> from 2.3.10 to 2.3.13 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/586">ncipollo/release-action#586</a></li> <li>Bump <code>@types/node</code> from 25.0.3 to 25.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/583">ncipollo/release-action#583</a></li> <li>Bump to core-3.0.0, move to vitest, support ESM modules by <a href="https://github.com/ncipollo"><code>@ncipollo</code></a> in <a href="https://redirect.github.com/ncipollo/release-action/pull/587">ncipollo/release-action#587</a></li> <li>Bump <code>@actions/github</code> from 6.0.1 to 9.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/585">ncipollo/release-action#585</a></li> <li>Bump glob from 13.0.0 to 13.0.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/592">ncipollo/release-action#592</a></li> <li>Bump <code>@biomejs/biome</code> from 2.3.13 to 2.4.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/ncipollo/release-action/pull/591">ncipollo/release-action#591</a></li> <li>Fixes <a href="https://redirect.github.com/ncipollo/release-action/issues/593">#593</a> Pass commitish into release notes request when present by <a href="https://github.com/ncipollo"><code>@ncipollo</code></a> in <a href="https://redirect.github.com/ncipollo/release-action/pull/594">ncipollo/release-action#594</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/ncipollo/release-action/compare/v1...v1.21.0">https://github.com/ncipollo/release-action/compare/v1...v1.21.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
775634e1be |
chore(deps): Bump github/codeql-action from 4.35.3 to 4.35.4 (#1878)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.35.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.4</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.35.4 - 07 May 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li> </ul> <h2>4.35.3 - 01 May 2026</h2> <ul> <li><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li> <li>Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. <a href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li> <li>Best-effort connection tests for private registries now use <code>GET</code> requests instead of <code>HEAD</code> for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. <a href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li> <li>Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. <a href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li> </ul> <h2>4.35.2 - 15 Apr 2026</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> <li>Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li> </ul> <h2>4.35.1 - 27 Mar 2026</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>4.35.0 - 27 Mar 2026</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>4.34.1 - 20 Mar 2026</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>4.34.0 - 20 Mar 2026</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>4.33.0 - 16 Mar 2026</h2> <ul> <li>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e0ca04f07f |
chore(deps): Bump i18next from 26.0.8 to 26.0.10 (#1876)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [i18next](https://github.com/i18next/i18next) from 26.0.8 to 26.0.10. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/releases">i18next's releases</a>.</em></p> <blockquote> <h2>v26.0.10</h2> <ul> <li>feat: <code>getFixedT</code> accepts a fourth optional <code>fixedOpts</code> argument carrying <code>scopeNs</code> — the full namespace list the bound <code>t</code> was created for. The selector API uses <code>scopeNs</code> to detect when a path's first segment is a namespace prefix, <strong>without</strong> changing resolution scope. Resolution still uses the bound <code>ns</code> (a single primary string in the typical react-i18next setup), so plain <code>t('key')</code> lookups stay isolated to the primary namespace exactly as before — only <code>t($ => $.secondaryNs.foo)</code> selectors now route correctly under <code>useTranslation([nsA, nsB])</code>. Fixes the runtime side of <a href="https://redirect.github.com/i18next/i18next/issues/2429">#2429</a> for the <code>react-i18next</code> default-<code>nsMode</code> case. The 4th argument is opt-in: existing 3-arg <code>getFixedT(lng, ns, keyPrefix)</code> callers see no behavior change.</li> </ul> <h2>v26.0.9</h2> <ul> <li>fix(types): unformatted interpolation values are now typed as <code>string | number</code> (was <code>string</code>). i18next stringifies values at runtime, so requiring callers to wrap numbers in <code>String(...)</code> for plain <code>{{var}}</code> placeholders was unnecessary friction — and could mask the real problem when a non-string value was passed alongside multiple interpolation slots (the <code>t()</code> overload resolution would fall through to the 3-arg form and report a confusing "not assignable to string" error against the options object). Typed format specifiers like <code>{{x, number}}</code>, <code>{{x, currency}}</code>, <code>{{x, datetime}}</code>, etc. keep their precise types; this only relaxes the no-format default. The <code>count</code> variable remains <code>number</code>-only</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.0.10</h2> <ul> <li>feat: <code>getFixedT</code> accepts a fourth optional <code>fixedOpts</code> argument carrying <code>scopeNs</code> — the full namespace list the bound <code>t</code> was created for. The selector API uses <code>scopeNs</code> to detect when a path's first segment is a namespace prefix, <strong>without</strong> changing resolution scope. Resolution still uses the bound <code>ns</code> (a single primary string in the typical react-i18next setup), so plain <code>t('key')</code> lookups stay isolated to the primary namespace exactly as before — only <code>t($ => $.secondaryNs.foo)</code> selectors now route correctly under <code>useTranslation([nsA, nsB])</code>. Fixes the runtime side of <a href="https://redirect.github.com/i18next/i18next/issues/2429">#2429</a> for the <code>react-i18next</code> default-<code>nsMode</code> case. The 4th argument is opt-in: existing 3-arg <code>getFixedT(lng, ns, keyPrefix)</code> callers see no behavior change.</li> </ul> <h2>26.0.9</h2> <ul> <li>fix(types): unformatted interpolation values are now typed as <code>string | number</code> (was <code>string</code>). i18next stringifies values at runtime, so requiring callers to wrap numbers in <code>String(...)</code> for plain <code>{{var}}</code> placeholders was unnecessary friction — and could mask the real problem when a non-string value was passed alongside multiple interpolation slots (the <code>t()</code> overload resolution would fall through to the 3-arg form and report a confusing "not assignable to string" error against the options object). Typed format specifiers like <code>{{x, number}}</code>, <code>{{x, currency}}</code>, <code>{{x, datetime}}</code>, etc. keep their precise types; this only relaxes the no-format default. The <code>count</code> variable remains <code>number</code>-only</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
ec12a2153e |
chore(deps): Bump react-i18next from 17.0.6 to 17.0.7 (#1873)
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 17.0.6 to 17.0.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's changelog</a>.</em></p> <blockquote> <h2>17.0.7</h2> <ul> <li>feat: <code>useTranslation([nsA, nsB, ...])</code> now passes its full namespace list to <code>getFixedT</code> via the new <code>scopeNs</code> opt (requires <code>i18next</code> ≥ v26.0.10). This makes selector calls with a secondary-namespace prefix resolve correctly under default <code>nsMode</code>: <code>t($ => $.nsB.foo)</code> previously missed silently because the bound <code>ns</code> was the primary string only and i18next's selector rewrite needed an array. Resolution semantics are unchanged — plain <code>t('key')</code> lookups still stay isolated to the primary namespace by default; use <code>nsMode: 'fallback'</code> to opt into multi-ns fallback resolution as before. Fixes <a href="https://redirect.github.com/i18next/i18next/issues/2429">i18next#2429</a> for <code>useTranslation</code>-based callers.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
50dbdd6714 |
chore(deps): Bump @codemirror/view from 6.41.1 to 6.42.1 (#1871)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.41.1 to 6.42.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/codemirror/view/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
927fdd9942 |
chore(deps): Bump @codemirror/lint from 6.9.5 to 6.9.6 (#1872)
Bumps [@codemirror/lint](https://github.com/codemirror/lint) from 6.9.5 to 6.9.6. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/codemirror/lint/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
7f9c7d29f2 |
chore(deps): Bump fast-uri from 3.1.0 to 3.1.2 (#1869)
Bumps [fast-uri](https://github.com/fastify/fast-uri) from 3.1.0 to 3.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/fastify/fast-uri/releases">fast-uri's releases</a>.</em></p> <blockquote> <h2>v3.1.2</h2> <h2>⚠️ Security Release</h2> <ul> <li>Fix for <a href="https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc">https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Handle malformed fragment decoding as a parse error by <a href="https://github.com/mcollina"><code>@mcollina</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/171">fastify/fast-uri#171</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2">https://github.com/fastify/fast-uri/compare/v3.1.1...v3.1.2</a></p> <h2>v3.1.1</h2> <h2>⚠️ Security Release</h2> <ul> <li>Fix for <a href="https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6">https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6</a></li> </ul> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/148">fastify/fast-uri#148</a></li> <li>build(deps): bump actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/149">fastify/fast-uri#149</a></li> <li>chore(.npmrc): ignore scripts by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/150">fastify/fast-uri#150</a></li> <li>build(deps-dev): remove <code>@fastify/pre-commit</code> by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/151">fastify/fast-uri#151</a></li> <li>build(deps): bump actions/setup-node from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/152">fastify/fast-uri#152</a></li> <li>ci(ci): add concurrency config by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/153">fastify/fast-uri#153</a></li> <li>build(deps): bump actions/setup-node from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/154">fastify/fast-uri#154</a></li> <li>build(deps): bump actions/checkout from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/156">fastify/fast-uri#156</a></li> <li>chore(license): standardise license notice by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/159">fastify/fast-uri#159</a></li> <li>style: remove trailing whitespace by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/161">fastify/fast-uri#161</a></li> <li>ci: remove unused github files by <a href="https://github.com/Tony133"><code>@Tony133</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/162">fastify/fast-uri#162</a></li> <li>chore: update readme by <a href="https://github.com/Tony133"><code>@Tony133</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/164">fastify/fast-uri#164</a></li> <li>build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/165">fastify/fast-uri#165</a></li> <li>build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/166">fastify/fast-uri#166</a></li> <li>build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/fastify/fast-uri/pull/167">fastify/fast-uri#167</a></li> <li>ci: add lock-threads workflow by <a href="https://github.com/Fdawgs"><code>@Fdawgs</code></a> in <a href="https://redirect.github.com/fastify/fast-uri/pull/169">fastify/fast-uri#169</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Tony133"><code>@Tony133</code></a> made their first contribution in <a href="https://redirect.github.com/fastify/fast-uri/pull/162">fastify/fast-uri#162</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1">https://github.com/fastify/fast-uri/compare/v3.1.0...v3.1.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b2eca214c9 |
chore(deps): Bump cypress-io/github-action from 7.1.10 to 7.3.0 (#1868)
Bumps [cypress-io/github-action](https://github.com/cypress-io/github-action) from 7.1.10 to 7.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's releases</a>.</em></p> <blockquote> <h2>v7.3.0</h2> <h1><a href="https://github.com/cypress-io/github-action/compare/v7.2.0...v7.3.0">7.3.0</a> (2026-05-05)</h1> <h3>Features</h3> <ul> <li>add <code>expose</code> input for Cypress.expose() API (<a href="https://redirect.github.com/cypress-io/github-action/issues/1749">#1749</a>) (<a href=" |
||
|
dependabot[bot]
|
c785afbf64 |
chore(deps-dev): Bump postcss from 8.5.13 to 8.5.14 (#1867)
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.13 to 8.5.14. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.14</h2> <ul> <li>Fixed custom syntax regression (by <a href="https://github.com/43081j"><code>@43081j</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.14</h2> <ul> <li>Fixed custom syntax regression (by <a href="https://github.com/43081j"><code>@43081j</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9b9e440554 |
chore(deps-dev): Bump stylelint from 17.10.0 to 17.11.0 (#1866)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.10.0 to 17.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/releases">stylelint's releases</a>.</em></p> <blockquote> <h2>17.11.0</h2> <p>It adds 2 features, including a <code>loader</code> property to <code>referenceFiles: {}</code> for when the order of appearance in the reference styles matters.</p> <ul> <li>Added: <code>loader</code> to experimental <code>referenceFiles: {}</code> (<a href="https://redirect.github.com/stylelint/stylelint/issues/9251">#9251</a>) (<a href="https://github.com/romainmenke"><code>@romainmenke</code></a>).</li> <li>Added: <code>autofixed</code> to the result object (<a href="https://redirect.github.com/stylelint/stylelint/issues/8771">#8771</a>) (<a href="https://github.com/Rob"><code>@Rob</code></a>--W).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's changelog</a>.</em></p> <blockquote> <h2>17.11.0 - 2026-05-05</h2> <p>It adds 2 features, including a <code>loader</code> property to <code>referenceFiles: {}</code> for when the order of appearance in the reference styles matters.</p> <ul> <li>Added: <code>loader</code> to experimental <code>referenceFiles: {}</code> (<a href="https://redirect.github.com/stylelint/stylelint/pull/9251">#9251</a>) (<a href="https://github.com/romainmenke"><code>@romainmenke</code></a>).</li> <li>Added: <code>autofixed</code> to the result object (<a href="https://redirect.github.com/stylelint/stylelint/pull/8771">#8771</a>) (<a href="https://github.com/Rob--W"><code>@Rob--W</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
7657411e57 |
chore(deps-dev): Bump typescript-eslint from 8.59.1 to 8.59.2 (#1865)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.59.1 to 8.59.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.59.2</h2>
<h2>8.59.2 (2026-05-04)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unsafe-type-assertion] handle
crash on recursive template literal types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12150">#12150</a>)</li>
<li><strong>eslint-plugin:</strong> [no-deprecated] object destructuring
values should be treated as declarations (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12292">#12292</a>)</li>
<li><strong>rule-tester:</strong> add TypeScript as a peer dependency
(<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12288">#12288</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Dariusz Czajkowski</li>
<li>Dima Barabash</li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@kirkwaiblinger</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.59.2 (2026-05-04)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.2">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
|
dependabot[bot]
|
5862d81a81 |
chore(deps): Bump actions/setup-go from 6.3.0 to 6.4.0 (#1767)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.3.0 to 6.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v6.4.0</h2> <h2>What's Changed</h2> <h3>Enhancement</h3> <ul> <li>Add go-download-base-url input for custom Go distributions by <a href="https://github.com/gdams"><code>@gdams</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/721">actions/setup-go#721</a></li> </ul> <h3>Dependency update</h3> <ul> <li>Upgrade minimatch from 3.1.2 to 3.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/727">actions/setup-go#727</a></li> </ul> <h3>Documentation update</h3> <ul> <li>Rearrange README.md, add advanced-usage.md by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/724">actions/setup-go#724</a></li> <li>Fix Microsoft build of Go link by <a href="https://github.com/gdams"><code>@gdams</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/734">actions/setup-go#734</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gdams"><code>@gdams</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/721">actions/setup-go#721</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-go/compare/v6...v6.4.0">https://github.com/actions/setup-go/compare/v6...v6.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
58c84f510b |
chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.4 to 24.8.5 (#1862)
Bumps [@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec) from 24.8.4 to 24.8.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/releases">@maplibre/maplibre-gl-style-spec's releases</a>.</em></p> <blockquote> <h2>v24.8.5</h2> <h3>🐞 Bug fixes</h3> <ul> <li>Added missing exported types (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1638">#1638</a>) (by <a href="https://github.com/scottg521"><code>@scottg521</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@maplibre/maplibre-gl-style-spec's changelog</a>.</em></p> <blockquote> <h2>24.8.5</h2> <h3>🐞 Bug fixes</h3> <ul> <li>Added missing exported types (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1638">#1638</a>) (by <a href="https://github.com/scottg521"><code>@scottg521</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Kanish Jeba Mathew M
|
93596b3540 |
feat: add drag and drop support to Upload Style area (#1852)
## Feat: Add drag and drop support to Upload Style area Closes #911 --- ### Problem The Upload Style area only supported click-to-upload. Users could not drag and drop a JSON file directly onto it. ### Fix Added `onDragOver` and `onDrop` event handlers to the Upload Style area. The dropped file is passed to the existing file reading logic already used by the Upload button. A visual highlight is shown when dragging over the area. |
||
|
dependabot[bot]
|
a588f3e08c |
chore(deps-dev): Bump stylelint from 17.9.1 to 17.10.0 (#1863)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.9.1 to 17.10.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/releases">stylelint's releases</a>.</em></p> <blockquote> <h2>17.10.0</h2> <p>It adds 3 rules and fixes 4 bugs. You can use the <code>*-layout-mappings</code> rules to enforce logical or physical properties, units and keywords.</p> <ul> <li>Added: <code>selector-no-invalid</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/issues/9232">#9232</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Added: <code>unit-layout-mappings</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/issues/9229">#9229</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Added: <code>value-keyword-layout-mappings</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/issues/9233">#9233</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: inconsistent error messages when module is not found (<a href="https://redirect.github.com/stylelint/stylelint/issues/9260">#9260</a>) (<a href="https://github.com/ybiquitous"><code>@ybiquitous</code></a>).</li> <li>Fixed: <code>property-layout-mappings</code> false negatives for property names in declaration values (<a href="https://redirect.github.com/stylelint/stylelint/issues/9222">#9222</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: <code>property-layout-mappings</code> false positives for <code>@page</code> properties (<a href="https://redirect.github.com/stylelint/stylelint/issues/9223">#9223</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: <code>selector-pseudo-class-no-unknown</code> false positives for nested <code>webkit-scrollbar</code> part (<a href="https://redirect.github.com/stylelint/stylelint/issues/9259">#9259</a>) (<a href="https://github.com/rkdfx"><code>@rkdfx</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's changelog</a>.</em></p> <blockquote> <h2>17.10.0 - 2026-05-03</h2> <p>It adds 3 rules and fixes 4 bugs. You can use the <code>*-layout-mappings</code> rules to enforce logical or physical properties, units and keywords.</p> <ul> <li>Added: <code>selector-no-invalid</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/pull/9232">#9232</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Added: <code>unit-layout-mappings</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/pull/9229">#9229</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Added: <code>value-keyword-layout-mappings</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/pull/9233">#9233</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: inconsistent error messages when module is not found (<a href="https://redirect.github.com/stylelint/stylelint/pull/9260">#9260</a>) (<a href="https://github.com/ybiquitous"><code>@ybiquitous</code></a>).</li> <li>Fixed: <code>property-layout-mappings</code> false negatives for property names in declaration values (<a href="https://redirect.github.com/stylelint/stylelint/pull/9222">#9222</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: <code>property-layout-mappings</code> false positives for <code>@page</code> properties (<a href="https://redirect.github.com/stylelint/stylelint/pull/9223">#9223</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: <code>selector-pseudo-class-no-unknown</code> false positives for nested <code>webkit-scrollbar</code> part (<a href="https://redirect.github.com/stylelint/stylelint/pull/9259">#9259</a>) (<a href="https://github.com/rkdfx"><code>@rkdfx</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
bea46c8ff9 |
chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.3 to 24.8.4 (#1861)
Bumps [@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec) from 24.8.3 to 24.8.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/releases">@maplibre/maplibre-gl-style-spec's releases</a>.</em></p> <blockquote> <h2>v24.8.4</h2> <h3>✨ Features and improvements</h3> <h3>🐞 Bug fixes</h3> <ul> <li>Replace rw with node:fs. Resolves <a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1625">#1625</a> (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1635">#1635</a>) (by <a href="https://github.com/birkskyum"><code>@birkskyum</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@maplibre/maplibre-gl-style-spec's changelog</a>.</em></p> <blockquote> <h2>24.8.4</h2> <h3>✨ Features and improvements</h3> <h3>🐞 Bug fixes</h3> <ul> <li>Replace rw with node:fs. Resolves <a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1625">#1625</a> (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1635">#1635</a>) (by <a href="https://github.com/birkskyum"><code>@birkskyum</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
bf99253391 |
chore(deps-dev): Bump eslint from 10.2.1 to 10.3.0 (#1855)
Bumps [eslint](https://github.com/eslint/eslint) from 10.2.1 to 10.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eslint/eslint/releases">eslint's releases</a>.</em></p> <blockquote> <h2>v10.3.0</h2> <h2>Features</h2> <ul> <li><a href=" |
||
|
dependabot[bot]
|
077a2073eb |
chore(deps): Bump github/codeql-action from 4.35.2 to 4.35.3 (#1860)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.2 to 4.35.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.3</h2> <ul> <li><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li> <li>Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. <a href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li> <li>Best-effort connection tests for private registries now use <code>GET</code> requests instead of <code>HEAD</code> for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. <a href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li> <li>Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. <a href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.35.3 - 01 May 2026</h2> <ul> <li><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li> <li>Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. <a href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li> <li>Best-effort connection tests for private registries now use <code>GET</code> requests instead of <code>HEAD</code> for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. <a href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li> <li>Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. <a href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li> </ul> <h2>4.35.2 - 15 Apr 2026</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> <li>Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li> </ul> <h2>4.35.1 - 27 Mar 2026</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>4.35.0 - 27 Mar 2026</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>4.34.1 - 20 Mar 2026</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>4.34.0 - 20 Mar 2026</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>4.33.0 - 16 Mar 2026</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
6f9367cb44 |
chore(deps-dev): Bump cypress from 15.14.1 to 15.14.2 (#1858)
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.14.1 to 15.14.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cypress-io/cypress/releases">cypress's releases</a>.</em></p> <blockquote> <h2>v15.14.2</h2> <p>Changelog: <a href="https://docs.cypress.io/app/references/changelog#15-14-2">https://docs.cypress.io/app/references/changelog#15-14-2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
37029a20bd |
chore(deps-dev): Bump postcss from 8.5.12 to 8.5.13 (#1859)
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.12 to 8.5.13. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.13</h2> <ul> <li>Fixed <code>postcss-scss</code> commend regression.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.13</h2> <ul> <li>Fixed <code>postcss-scss</code> commend regression.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
aa2f4768bf |
chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.1 to 24.8.3 (#1857)
Bumps [@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec) from 24.8.1 to 24.8.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/releases">@maplibre/maplibre-gl-style-spec's releases</a>.</em></p> <blockquote> <h2>v24.8.3</h2> <h3>🐞 Bug fixes</h3> <ul> <li>Restore Specification type exports dropped in v24.8.2 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1627">#1627</a>) (by <a href="https://github.com/birkskyum"><code>@birkskyum</code></a>)</li> </ul> <h2>v24.8.2</h2> <h3>✨ Features and improvements</h3> <ul> <li>Move from rollup->rolldown and ts6->ts7 for builds/typecheck. (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1132">#1132</a>) (by <a href="https://github.com/birkskyum">birkskyum</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@maplibre/maplibre-gl-style-spec's changelog</a>.</em></p> <blockquote> <h2>24.8.3</h2> <h3>🐞 Bug fixes</h3> <ul> <li>Restore Specification type exports dropped in v24.8.2 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1627">#1627</a>) (by <a href="https://github.com/birkskyum"><code>@birkskyum</code></a>)</li> </ul> <h2>24.8.2</h2> <h3>✨ Features and improvements</h3> <ul> <li>Move from rollup->rolldown and ts6->ts7 for builds/typecheck. (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1132">#1132</a>) (by <a href="https://github.com/birkskyum">birkskyum</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c51474ffc1 |
chore(deps): Bump react-i18next from 17.0.4 to 17.0.6 (#1849)
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 17.0.4 to 17.0.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's changelog</a>.</em></p> <blockquote> <h2>17.0.6</h2> <ul> <li>fix: restore the v17 <code>nodesToString</code> output format consumed by <code>i18next-cli</code>'s extractor while still rendering <a href="https://redirect.github.com/i18next/react-i18next/issues/1919">1919</a> correctly <ul> <li>17.0.5 fixed <a href="https://redirect.github.com/i18next/react-i18next/issues/1919">1919</a> by changing what <code>nodesToString</code> produced, which inadvertently changed the extracted translation strings for keep-tags wrapping non-keep React elements</li> <li>The fix now lives in the renderer: indexed <code><N></code> placeholders nested inside a keep-tag are scoped to that tag's own original React children (matching kept tags by name and positional occurrence at each level), so the translation string format produced by <code>nodesToString</code> is unchanged</li> </ul> </li> </ul> <h2>17.0.5</h2> <ul> <li>fix: <code><Trans /></code> no longer breaks child rendering when a kept HTML node (<code>transKeepBasicHtmlNodesFor</code>) wraps a non-keep React element <a href="https://redirect.github.com/i18next/react-i18next/issues/1919">1919</a> — superseded by 17.0.6, which keeps the same runtime fix without changing the <code>nodesToString</code> output</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e29d468d23 |
chore(deps-dev): Bump typescript-eslint from 8.59.0 to 8.59.1 (#1848)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.59.0 to 8.59.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.59.1</h2>
<h2>8.59.1 (2026-04-27)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion] fix
crash "TypeError: checker.getTypeArguments is not a function"
(<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12246">#12246</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
preserve index signatures in undefined unions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12257">#12257</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
preserve phantom type arguments in generic inference (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12269">#12269</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
avoid false positive in logical assignment assertions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12278">#12278</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-arguments]
handle instantiation expressions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12220">#12220</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-condition] treat
void as nullish in no-unnecessary-condition (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12241">#12241</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>anasm266 <a
href="https://github.com/anasm266"><code>@anasm266</code></a></li>
<li>Anshika Jain <a
href="https://github.com/Anshikakalpana"><code>@Anshikakalpana</code></a></li>
<li>Ulrich Stark</li>
<li>yugo innami <a
href="https://github.com/nami8824"><code>@nami8824</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.59.1 (2026-04-27)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
|
dependabot[bot]
|
cbcc07e7b7 |
chore(deps): Bump cypress-io/github-action from 7.1.9 to 7.1.10 (#1847)
Bumps [cypress-io/github-action](https://github.com/cypress-io/github-action) from 7.1.9 to 7.1.10. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's releases</a>.</em></p> <blockquote> <h2>v7.1.10</h2> <h2><a href="https://github.com/cypress-io/github-action/compare/v7.1.9...v7.1.10">7.1.10</a> (2026-04-27)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> update fast-xml-parser to 5.7.1 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1737">#1737</a>) (<a href=" |
||
|
dependabot[bot]
|
de9eb2db66 |
chore(deps-dev): Bump postcss from 8.5.11 to 8.5.12 (#1846)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [postcss](https://github.com/postcss/postcss) from 8.5.11 to 8.5.12. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.12</h2> <ul> <li>Fixed reading any file via user-generated CSS.</li> <li>Added <code>opts.unsafeMap</code> to disable checks.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.12</h2> <ul> <li>Fixed reading any file via user-generated CSS.</li> <li>Added <code>opts.unsafeMap</code> to disable checks.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
91ce8c3cce |
chore(deps-dev): Bump stylelint from 17.9.0 to 17.9.1 (#1845)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.9.0 to 17.9.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/releases">stylelint's releases</a>.</em></p> <blockquote> <h2>17.9.1</h2> <p>It fixes 4 bugs. We also documented the <code>messageArgs</code> each rule provides to the <code>message</code> configuration property.</p> <ul> <li>Fixed: <code>ConfigurationError</code> regression for custom syntaxes (<a href="https://redirect.github.com/stylelint/stylelint/issues/9245">#9245</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: MD5 hash algorithm to SHA256 for caching (<a href="https://redirect.github.com/stylelint/stylelint/issues/9241">#9241</a>) (<a href="https://github.com/rkdfx"><code>@rkdfx</code></a>).</li> <li>Fixed: <code>property-no-deprecated</code> autofix for <code>page-break-*: always</code> (<a href="https://redirect.github.com/stylelint/stylelint/issues/9214">#9214</a>) (<a href="https://github.com/rkdfx"><code>@rkdfx</code></a>).</li> <li>Fixed: <code>selector-no-deprecated</code> false positives for <code>::part()</code> (<a href="https://redirect.github.com/stylelint/stylelint/issues/9227">#9227</a>) (<a href="https://github.com/SaekiTominaga"><code>@SaekiTominaga</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's changelog</a>.</em></p> <blockquote> <h2>17.9.1 - 2026-04-27</h2> <p>It fixes 4 bugs. We also documented the <code>messageArgs</code> each rule provides to the <code>message</code> configuration property.</p> <ul> <li>Fixed: <code>ConfigurationError</code> regression for custom syntaxes (<a href="https://redirect.github.com/stylelint/stylelint/pull/9245">#9245</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Fixed: MD5 hash algorithm to SHA256 for caching (<a href="https://redirect.github.com/stylelint/stylelint/pull/9241">#9241</a>) (<a href="https://github.com/rkdfx"><code>@rkdfx</code></a>).</li> <li>Fixed: <code>property-no-deprecated</code> autofix for <code>page-break-*: always</code> (<a href="https://redirect.github.com/stylelint/stylelint/pull/9214">#9214</a>) (<a href="https://github.com/rkdfx"><code>@rkdfx</code></a>).</li> <li>Fixed: <code>selector-no-deprecated</code> false positives for <code>::part()</code> (<a href="https://redirect.github.com/stylelint/stylelint/pull/9227">#9227</a>) (<a href="https://github.com/SaekiTominaga"><code>@SaekiTominaga</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2ab9b341df |
chore(deps-dev): Bump postcss from 8.5.10 to 8.5.11 (#1844)
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.10 to 8.5.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.11</h2> <ul> <li>Fixed nested brackets parsing performance (by <a href="https://github.com/offset"><code>@offset</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.11</h2> <ul> <li>Fixed nested brackets parsing performance (by <a href="https://github.com/offset"><code>@offset</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
5c4b3f205a |
chore(deps): Bump i18next from 26.0.7 to 26.0.8 (#1842)
Bumps [i18next](https://github.com/i18next/i18next) from 26.0.7 to 26.0.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/releases">i18next's releases</a>.</em></p> <blockquote> <h2>v26.0.8</h2> <ul> <li>fix(types): restore the pre-v25.10.4 <code>ExistsFunction</code> shape so plain arrow functions can again be assigned to <code>ExistsFunction</code>-typed variables (TypeScript cannot infer type predicates through multi-overload assignment). Direct <code>i18next.exists(key)</code> calls still narrow <code>key</code> to <code>SelectorKey</code> — the predicate is now declared inline on <code>i18n.exists</code>. Custom wrappers that want the narrowing can type themselves as <code>typeof i18next.exists</code> <a href="https://redirect.github.com/i18next/i18next/issues/2425">2425</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.0.8</h2> <ul> <li>fix(types): restore the pre-v25.10.4 <code>ExistsFunction</code> shape so plain arrow functions can again be assigned to <code>ExistsFunction</code>-typed variables (TypeScript cannot infer type predicates through multi-overload assignment). Direct <code>i18next.exists(key)</code> calls still narrow <code>key</code> to <code>SelectorKey</code> — the predicate is now declared inline on <code>i18n.exists</code>. Custom wrappers that want the narrowing can type themselves as <code>typeof i18next.exists</code> <a href="https://redirect.github.com/i18next/i18next/issues/2425">2425</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c19dcccac4 |
chore(deps-dev): Bump cypress from 15.14.0 to 15.14.1 (#1839)
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.14.0 to 15.14.1. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
56555f1d03 |
chore(deps): Bump i18next from 26.0.6 to 26.0.7 (#1841)
Bumps [i18next](https://github.com/i18next/i18next) from 26.0.6 to 26.0.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.0.7</h2> <ul> <li>fix: when a plural lookup misses, the <code>missingKey</code> debug log now shows the actual plural-resolved key (e.g. <code>foo.bar_many</code> for Polish <code>count: 14</code>) instead of the base key — making it obvious which plural category was expected and missing <a href="https://redirect.github.com/i18next/i18next/issues/2423">2423</a></li> <li>chore: drop <code>@babel/runtime</code> runtime dependency. The build no longer generates any <code>@babel/runtime</code> imports, so the package is unused by consumers. Rollup now uses <code>babelHelpers: 'bundled'</code> so any helpers that are ever needed in the future will be inlined rather than imported externally <a href="https://redirect.github.com/i18next/i18next/issues/2424">2424</a></li> <li>chore: stop emitting <code>dist/esm/i18next.bundled.js</code>. It was byte-identical to <code>dist/esm/i18next.js</code> because no helpers were being imported <a href="https://redirect.github.com/i18next/i18next/issues/2424">2424</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
8922298b5e |
chore(deps): Bump maplibre-gl from 5.23.0 to 5.24.0 (#1840)
Bumps [maplibre-gl](https://github.com/maplibre/maplibre-gl-js) from 5.23.0 to 5.24.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-gl-js/blob/main/CHANGELOG.md">maplibre-gl's changelog</a>.</em></p> <blockquote> <h2>5.24.0</h2> <h3>✨ Features and improvements</h3> <ul> <li>GPU performance optimization: Render halo and glyph in a single pass (-40% Time Reduction) (<a href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7436">#7436</a>) (by <a href="https://github.com/xavierjs"><code>@xavierjs</code></a>)</li> <li>Optimize matrix inversions and reduce GPU stalls (<a href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7367">#7367</a>) (by <a href="https://github.com/xavierjs"><code>@xavierjs</code></a>)</li> <li>Add example showing how to measure map performance using built-in events (<code>load</code>, <code>idle</code>, <code>render</code>) (<a href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7077">#7077</a>) (by <a href="https://github.com/CommanderStorm"><code>@CommanderStorm</code></a>)</li> </ul> <h3>🐞 Bug fixes</h3> <ul> <li>Fix <code>Popup</code> not updating its position when switching between terrain/globe projections (<a href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7468">#7468</a>) (by <a href="https://github.com/CommanderStorm"><code>@CommanderStorm</code></a>)</li> <li>Skip fog computation when fog opacity is zero (<a href="https://redirect.github.com/maplibre/maplibre-gl-js/pull/7476">#7476</a>) (by <a href="https://github.com/CommanderStorm"><code>@CommanderStorm</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2033c8170b |
chore(deps-dev): Bump stylelint from 17.8.0 to 17.9.0 (#1836)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.8.0 to 17.9.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's changelog</a>.</em></p> <blockquote> <h2>17.9.0 - 2026-04-23</h2> <p>It adds 3 new features. Adding the <code>referenceFiles</code> property to your configuration object makes the <code>no-unknown-animations</code>, <code>no-unknown-custom-media</code> and <code>no-unknown-custom-properties</code> rules more useful.</p> <ul> <li>Added: experimental <code>referenceFiles</code> to configuration object (<a href="https://redirect.github.com/stylelint/stylelint/pull/9179">#9179</a>) (<a href="https://github.com/jeddy3"><code>@jeddy3</code></a>).</li> <li>Added: experimental <code>abortSignal</code> option to Node.js API for cancellation support (<a href="https://redirect.github.com/stylelint/stylelint/pull/9213">#9213</a>) (<a href="https://github.com/adalinesimonian"><code>@adalinesimonian</code></a>).</li> <li>Added: <code>maxWarnings</code> to configuration object (<a href="https://redirect.github.com/stylelint/stylelint/pull/9181">#9181</a>) (<a href="https://github.com/mrginglymus"><code>@mrginglymus</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b5081325e6 |
chore(deps-dev): Bump the vitest group with 2 updates (#1833)
Bumps the vitest group with 2 updates: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest). Updates `@vitest/coverage-v8` from 4.1.4 to 4.1.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitest-dev/vitest/releases"><code>@vitest/coverage-v8</code>'s releases</a>.</em></p> <blockquote> <h2>v4.1.5</h2> <h3> 🚀 Experimental Features</h3> <ul> <li><strong>coverage</strong>: Istanbul to support <code>instrumenter</code> option - by <a href="https://github.com/BartWaardenburg"><code>@BartWaardenburg</code></a> and <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10119">vitest-dev/vitest#10119</a> <a href="https://github.com/vitest-dev/vitest/commit/0e0ff41c7"><!-- raw HTML omitted -->(0e0ff)<!-- raw HTML omitted --></a></li> </ul> <h3> 🐞 Bug Fixes</h3> <ul> <li>--project negation excludes browser instances - by <a href="https://github.com/felamaslen"><code>@felamaslen</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10131">vitest-dev/vitest#10131</a> <a href="https://github.com/vitest-dev/vitest/commit/9423dc084"><!-- raw HTML omitted -->(9423d)<!-- raw HTML omitted --></a></li> <li>Project color label on html reporter - by <a href="https://github.com/hi-ogawa"><code>@hi-ogawa</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10142">vitest-dev/vitest#10142</a> <a href="https://github.com/vitest-dev/vitest/commit/596f73986"><!-- raw HTML omitted -->(596f7)<!-- raw HTML omitted --></a></li> <li>Fix <code>vi.defineHelper</code> called as object method - by <a href="https://github.com/hi-ogawa"><code>@hi-ogawa</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10163">vitest-dev/vitest#10163</a> <a href="https://github.com/vitest-dev/vitest/commit/122c25b5b"><!-- raw HTML omitted -->(122c2)<!-- raw HTML omitted --></a></li> <li>Alias <code>agent</code> reporter to <code>minimal</code> - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10157">vitest-dev/vitest#10157</a> <a href="https://github.com/vitest-dev/vitest/commit/663b99fe3"><!-- raw HTML omitted -->(663b9)<!-- raw HTML omitted --></a></li> <li>Respect diff config options in soft assertions - by <a href="https://github.com/Copilot"><code>@Copilot</code></a>, <strong>sheremet-va</strong> and <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8696">vitest-dev/vitest#8696</a> <a href="https://github.com/vitest-dev/vitest/commit/9787dedad"><!-- raw HTML omitted -->(9787d)<!-- raw HTML omitted --></a></li> <li>Respect diff config options in soft assertions " - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/8696">vitest-dev/vitest#8696</a> <a href="https://github.com/vitest-dev/vitest/commit/7dc6d54fd"><!-- raw HTML omitted -->(7dc6d)<!-- raw HTML omitted --></a></li> <li><strong>ast-collect</strong>: Recognize _<em>vi_import</em> prefix in static test discovery - by <a href="https://github.com/Yejneshwar"><code>@Yejneshwar</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10129">vitest-dev/vitest#10129</a> <a href="https://github.com/vitest-dev/vitest/commit/325463ab2"><!-- raw HTML omitted -->(32546)<!-- raw HTML omitted --></a></li> <li><strong>coverage</strong>: Descriptive error message when reports directory is removed during test run - by <a href="https://github.com/DaveT1991"><code>@DaveT1991</code></a> and <a href="https://github.com/AriPerkkio"><code>@AriPerkkio</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10117">vitest-dev/vitest#10117</a> <a href="https://github.com/vitest-dev/vitest/commit/1413382e1"><!-- raw HTML omitted -->(14133)<!-- raw HTML omitted --></a></li> <li><strong>snapshot</strong>: Increase default snapshot max output length - by <a href="https://github.com/hi-ogawa"><code>@hi-ogawa</code></a> and <strong>Codex</strong> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10150">vitest-dev/vitest#10150</a> <a href="https://github.com/vitest-dev/vitest/commit/21e66ff63"><!-- raw HTML omitted -->(21e66)<!-- raw HTML omitted --></a></li> <li><strong>ui</strong>: Fix jsx/tsx syntax highlight - by <a href="https://github.com/hi-ogawa"><code>@hi-ogawa</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10152">vitest-dev/vitest#10152</a> <a href="https://github.com/vitest-dev/vitest/commit/f1b1f6c7b"><!-- raw HTML omitted -->(f1b1f)<!-- raw HTML omitted --></a></li> <li><strong>web-worker</strong>: Support MessagePort objects referenced inside postMessage data - by <a href="https://github.com/whitphx"><code>@whitphx</code></a> and <strong>Claude Opus 4.6 (1M context)</strong> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/9927">vitest-dev/vitest#9927</a> and <a href="https://redirect.github.com/vitest-dev/vitest/issues/10124">vitest-dev/vitest#10124</a> <a href="https://github.com/vitest-dev/vitest/commit/7ad7d39af"><!-- raw HTML omitted -->(7ad7d)<!-- raw HTML omitted --></a></li> <li><strong>api</strong>: Make test-specification options writable - by <a href="https://github.com/sheremet-va"><code>@sheremet-va</code></a> in <a href="https://redirect.github.com/vitest-dev/vitest/issues/10154">vitest-dev/vitest#10154</a> <a href="https://github.com/vitest-dev/vitest/commit/6abd557b7"><!-- raw HTML omitted -->(6abd5)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/vitest-dev/vitest/compare/v4.1.4...v4.1.5">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
36d39d675e |
chore(deps-dev): Bump typescript-eslint from 8.58.2 to 8.59.0 (#1835)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.58.2 to 8.59.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.59.0</h2>
<h2>8.59.0 (2026-04-20)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
report more cases based on assignability (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/11789">#11789</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Ulrich Stark</li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.59.0 (2026-04-20)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.59.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
|
dependabot[bot]
|
fe8681bbac |
chore(deps-dev): Bump uuid from 13.0.0 to 14.0.0 (#1832)
Bumps [uuid](https://github.com/uuidjs/uuid) from 13.0.0 to 14.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuidjs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v14.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a> (2026-04-19)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> </ul> <h3>Features</h3> <ul> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>) (<a href=" |
||
|
dependabot[bot]
|
105a970eb1 |
chore(deps): Bump i18next from 26.0.5 to 26.0.6 (#1831)
Bumps [i18next](https://github.com/i18next/i18next) from 26.0.5 to 26.0.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/releases">i18next's releases</a>.</em></p> <blockquote> <h2>v26.0.6</h2> <p>Security release — all issues found via an internal audit. GHSA advisory filed after release.</p> <ul> <li>security: warn when a translation string combines <code>escapeValue: false</code> with interpolated variables inside a <code>$t(key, { ... "{{var}}" ... })</code> nesting-options block. In that narrow combination, attacker-controlled string values containing <code>"</code> can break out of the JSON options literal and inject additional nesting options (e.g. redirect <code>lng</code>/<code>ns</code>). The default <code>escapeValue: true</code> configuration is unaffected because HTML-escaping neutralises the quote before <code>JSON.parse</code>. See the security docs for mitigation guidance (GHSA-TBD)</li> <li>security: apply <code>regexEscape</code> to <code>unescapePrefix</code> / <code>unescapeSuffix</code> on par with the other interpolation delimiters. Prevents ReDoS (catastrophic-backtracking) when a misconfigured delimiter contains regex metacharacters, and fixes silent breakage of the <code>{{- var}}</code> syntax when the delimiter contains characters like <code>(</code>, <code>[</code>, <code>.</code></li> <li>security: strip CR/LF/NUL and other C0/C1 control characters from string log arguments to prevent log forging via user-controlled translation keys, language codes, namespaces, or interpolation variable names (CWE-117)</li> <li>chore: ignore <code>.env*</code> and <code>*.pem</code>/<code>*.key</code> files in <code>.gitignore</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.0.6</h2> <p>Security release — all issues found via an internal audit.</p> <ul> <li>security: warn when a translation string combines <code>escapeValue: false</code> with interpolated variables inside a <code>$t(key, { ... "{{var}}" ... })</code> nesting-options block. In that narrow combination, attacker-controlled string values containing <code>"</code> can break out of the JSON options literal and inject additional nesting options (e.g. redirect <code>lng</code>/<code>ns</code>). The default <code>escapeValue: true</code> configuration is unaffected because HTML-escaping neutralises the quote before <code>JSON.parse</code>. See the <a href="https://www.i18next.com/translation-function/nesting#security-note-interpolated-values-inside-a-nesting-options-block">security note in the Nesting docs</a> for the full pattern and mitigations</li> <li>security: apply <code>regexEscape</code> to <code>unescapePrefix</code> / <code>unescapeSuffix</code> on par with the other interpolation delimiters. Prevents ReDoS (catastrophic-backtracking) when a misconfigured delimiter contains regex metacharacters, and fixes silent breakage of the <code>{{- var}}</code> syntax when the delimiter contains characters like <code>(</code>, <code>[</code>, <code>.</code></li> <li>security: strip CR/LF/NUL and other C0/C1 control characters from string log arguments to prevent log forging via user-controlled translation keys, language codes, namespaces, or interpolation variable names (CWE-117)</li> <li>chore: ignore <code>.env*</code> and <code>*.pem</code>/<code>*.key</code> files in <code>.gitignore</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
8cbff8cc38 |
chore(deps): Bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 (#1830)
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 3.0.0 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Add permissions to all workflows by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/687">dependabot/fetch-metadata#687</a></li> <li>build(deps-dev): bump globals from 16.0.0 to 17.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/690">dependabot/fetch-metadata#690</a></li> <li>build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/693">dependabot/fetch-metadata#693</a></li> <li>build(deps-dev): bump <code>@hono/node-server</code> from 1.19.10 to 1.19.13 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/694">dependabot/fetch-metadata#694</a></li> <li>build(deps-dev): bump hono from 4.12.7 to 4.12.12 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/695">dependabot/fetch-metadata#695</a></li> <li>Dynamically update the tracking tag in action by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/696">dependabot/fetch-metadata#696</a></li> <li>fix: handle duplicate dependency names in parseMetadataLinks by <a href="https://github.com/devantler"><code>@devantler</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li> <li>fix: remove $ anchor from updateFragment regex to handle pip directory suffixes by <a href="https://github.com/devantler"><code>@devantler</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/698">dependabot/fetch-metadata#698</a></li> <li>Updates to README for permissions clarification by <a href="https://github.com/truggeri"><code>@truggeri</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/697">dependabot/fetch-metadata#697</a></li> <li>fix: resolve update-type null for Python, Composer, and Terraform PRs by <a href="https://github.com/vitorsdcs"><code>@vitorsdcs</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li> <li>build(deps-dev): bump globals from 17.4.0 to 17.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/703">dependabot/fetch-metadata#703</a></li> <li>build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/701">dependabot/fetch-metadata#701</a></li> <li>build(deps): bump <code>@actions/github</code> from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/702">dependabot/fetch-metadata#702</a></li> <li>build(deps-dev): bump hono from 4.12.12 to 4.12.14 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/705">dependabot/fetch-metadata#705</a></li> <li>v3.1.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a>[bot] in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/692">dependabot/fetch-metadata#692</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/devantler"><code>@devantler</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/700">dependabot/fetch-metadata#700</a></li> <li><a href="https://github.com/vitorsdcs"><code>@vitorsdcs</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/704">dependabot/fetch-metadata#704</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0">https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
6f0213cb98 |
chore(deps): Bump @codemirror/view from 6.41.0 to 6.41.1 (#1828)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.41.0 to 6.41.1. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/codemirror/view/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
58c99f2470 |
chore(deps-dev): Bump eslint-plugin-react-hooks from 7.1.0 to 7.1.1 (#1827)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) from 7.1.0 to 7.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">eslint-plugin-react-hooks's releases</a>.</em></p> <blockquote> <h2>eslint-plugin-react-hooks@7.1.1 (April 17, 2026)</h2> <p><strong>Note:</strong> 7.1.0 accidentally removed the <code>component-hook-factories</code> rule, causing errors for users who referenced it in their ESLint config. This is now fixed.</p> <ul> <li>Add deprecated no-op <code>component-hook-factories</code> rule for backwards compatibility. (<a href="https://github.com/mofeiZ"><code>@mofeiZ</code></a> in <a href="https://redirect.github.com/facebook/react/pull/36307">#36307</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's changelog</a>.</em></p> <blockquote> <h2>7.1.1</h2> <p><strong>Note:</strong> 7.1.0 accidentally removed the <code>component-hook-factories</code> rule, causing errors for users who referenced it in their ESLint config. This is now fixed.</p> <ul> <li>Add deprecated no-op <code>component-hook-factories</code> rule for backwards compatibility. (<a href="https://github.com/mofeiZ"><code>@mofeiZ</code></a> in <a href="https://redirect.github.com/facebook/react/pull/36307">#36307</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
838045d221 |
chore(deps-dev): Bump typescript from 6.0.2 to 6.0.3 (#1826)
Bumps [typescript](https://github.com/microsoft/TypeScript) from 6.0.2 to 6.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/microsoft/TypeScript/releases">typescript's releases</a>.</em></p> <blockquote> <h2>TypeScript 6.0.3</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/">release announcement blog post</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.0%22">fixed issues query for TypeScript 6.0.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.1%22">fixed issues query for TypeScript 6.0.1 (RC)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.2%22">fixed issues query for TypeScript 6.0.2 (Stable)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.3%22">fixed issues query for TypeScript 6.0.3 (Stable)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1a4dd49d50 |
chore(deps-dev): Bump eslint from 10.2.0 to 10.2.1 (#1825)
Bumps [eslint](https://github.com/eslint/eslint) from 10.2.0 to 10.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eslint/eslint/releases">eslint's releases</a>.</em></p> <blockquote> <h2>v10.2.1</h2> <h2>Bug Fixes</h2> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f277b20ab1 |
chore(deps-dev): Bump typescript from 5.9.3 to 6.0.2 (#1762)
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.9.3 to 6.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/microsoft/TypeScript/releases">typescript's releases</a>.</em></p> <blockquote> <h2>TypeScript 6.0</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/">release announcement blog post</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.0%22">fixed issues query for TypeScript 6.0.0 (Beta)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.1%22">fixed issues query for TypeScript 6.0.1 (RC)</a>.</li> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.2%22">fixed issues query for TypeScript 6.0.2 (Stable)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> <h2>TypeScript 6.0 Beta</h2> <p>For release notes, check out the <a href="https://devblogs.microsoft.com/typescript/announcing-typescript-6-0-beta/">release announcement</a>.</p> <ul> <li><a href="https://github.com/Microsoft/TypeScript/issues?utf8=%E2%9C%93&q=milestone%3A%22TypeScript+6.0.0%22+is%3Aclosed+">fixed issues query for Typescript 6.0.0 (Beta)</a>.</li> </ul> <p>Downloads are available on:</p> <ul> <li><a href="https://www.npmjs.com/package/typescript">npm</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
d2e26655bb |
chore(deps-dev): Bump stylelint from 17.7.0 to 17.8.0 (#1821)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.7.0 to 17.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/releases">stylelint's releases</a>.</em></p> <blockquote> <h2>17.8.0</h2> <p>It adds 3 new rules and 1 configuration property.</p> <ul> <li>Added: <code>languageOptions.directionality</code> configuration property (<a href="https://redirect.github.com/stylelint/stylelint/issues/8687">#8687</a>) (<a href="https://github.com/sw1tch3roo"><code>@sw1tch3roo</code></a>).</li> <li>Added: <code>property-layout-mappings</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/issues/8687">#8687</a>) (<a href="https://github.com/sw1tch3roo"><code>@sw1tch3roo</code></a>).</li> <li>Added: <code>relative-selector-nesting-notation</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/issues/8730">#8730</a>) (<a href="https://github.com/sw1tch3roo"><code>@sw1tch3roo</code></a>).</li> <li>Added: <code>selector-no-deprecated</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/issues/8694">#8694</a>) (<a href="https://github.com/immitsu"><code>@immitsu</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's changelog</a>.</em></p> <blockquote> <h2>17.8.0 - 2026-04-15</h2> <p>It adds 3 new rules and 1 configuration property.</p> <ul> <li>Added: <code>languageOptions.directionality</code> configuration property (<a href="https://redirect.github.com/stylelint/stylelint/pull/8687">#8687</a>) (<a href="https://github.com/sw1tch3roo"><code>@sw1tch3roo</code></a>).</li> <li>Added: <code>property-layout-mappings</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/pull/8687">#8687</a>) (<a href="https://github.com/sw1tch3roo"><code>@sw1tch3roo</code></a>).</li> <li>Added: <code>relative-selector-nesting-notation</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/pull/8730">#8730</a>) (<a href="https://github.com/sw1tch3roo"><code>@sw1tch3roo</code></a>).</li> <li>Added: <code>selector-no-deprecated</code> rule (<a href="https://redirect.github.com/stylelint/stylelint/pull/8694">#8694</a>) (<a href="https://github.com/immitsu"><code>@immitsu</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1e94c1f6d9 |
chore(deps): Bump ol-mapbox-style from 13.4.0 to 13.4.1 (#1819)
Bumps [ol-mapbox-style](https://github.com/openlayers/ol-mapbox-style) from 13.4.0 to 13.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/openlayers/ol-mapbox-style/releases">ol-mapbox-style's releases</a>.</em></p> <blockquote> <h2>v13.4.1</h2> <h2>What's Changed</h2> <ul> <li>Changes for 13.4.0 by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1432">openlayers/ol-mapbox-style#1432</a></li> <li>Do not fail on ol versions that don't have Stroke#setOffset() by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1440">openlayers/ol-mapbox-style#1440</a></li> <li>Bump puppeteer from 24.37.5 to 24.40.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1433">openlayers/ol-mapbox-style#1433</a></li> <li>Bump pmtiles-protocol from 1.0.5 to 1.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1434">openlayers/ol-mapbox-style#1434</a></li> <li>Bump copy-webpack-plugin from 13.0.1 to 14.0.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1435">openlayers/ol-mapbox-style#1435</a></li> <li>Bump <code>@rollup/plugin-commonjs</code> from 29.0.0 to 29.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1436">openlayers/ol-mapbox-style#1436</a></li> <li>Bump eslint from 9.39.4 to 10.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1437">openlayers/ol-mapbox-style#1437</a></li> <li>Bump lodash from 4.17.23 to 4.18.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1441">openlayers/ol-mapbox-style#1441</a></li> <li>Bump picomatch by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1438">openlayers/ol-mapbox-style#1438</a></li> <li>Bump webpack from 5.105.2 to 5.105.4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1443">openlayers/ol-mapbox-style#1443</a></li> <li>Bump typedoc-plugin-missing-exports from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1444">openlayers/ol-mapbox-style#1444</a></li> <li>Bump basic-ftp from 5.2.0 to 5.2.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1448">openlayers/ol-mapbox-style#1448</a></li> <li>Bump follow-redirects from 1.15.6 to 1.16.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1449">openlayers/ol-mapbox-style#1449</a></li> <li>Bump typedoc from 0.28.15 to 0.28.18 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1446">openlayers/ol-mapbox-style#1446</a></li> <li>Bump mocha from 12.0.0-beta-9.2 to 12.0.0-beta-10 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1442">openlayers/ol-mapbox-style#1442</a></li> <li>Bump typescript from 5.9.3 to 6.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/ol-mapbox-style/pull/1445">openlayers/ol-mapbox-style#1445</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/openlayers/ol-mapbox-style/compare/v13.4.0...v13.4.1">https://github.com/openlayers/ol-mapbox-style/compare/v13.4.0...v13.4.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/openlayers/ol-mapbox-style/blob/main/CHANGELOG.md">ol-mapbox-style's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
869cbec10a |
chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.2 (#1823)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v4.35.2</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> <li>Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.35.2 - 15 Apr 2026</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> <li>The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. <a href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li> <li>Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. <a href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li> <li>Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li> </ul> <h2>4.35.1 - 27 Mar 2026</h2> <ul> <li>Fix incorrect minimum required Git version for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a>: it should have been 2.36.0, not 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3781">#3781</a></li> </ul> <h2>4.35.0 - 27 Mar 2026</h2> <ul> <li>Reduced the minimum Git version required for <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> from 2.38.0 to 2.11.0. <a href="https://redirect.github.com/github/codeql-action/pull/3767">#3767</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1">2.25.1</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3773">#3773</a></li> </ul> <h2>4.34.1 - 20 Mar 2026</h2> <ul> <li>Downgrade default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3">2.24.3</a> due to issues with a small percentage of Actions and JavaScript analyses. <a href="https://redirect.github.com/github/codeql-action/pull/3762">#3762</a></li> </ul> <h2>4.34.0 - 20 Mar 2026</h2> <ul> <li>Added an experimental change which disables TRAP caching when <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. <a href="https://redirect.github.com/github/codeql-action/pull/3569">#3569</a></li> <li>We are rolling out improved incremental analysis to C/C++ analyses that use build mode <code>none</code>. We expect this rollout to be complete by the end of April 2026. <a href="https://redirect.github.com/github/codeql-action/pull/3584">#3584</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0">2.25.0</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3585">#3585</a></li> </ul> <h2>4.33.0 - 16 Mar 2026</h2> <ul> <li> <p>Upcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. <a href="https://redirect.github.com/github/codeql-action/pull/3562">#3562</a></p> <p>To opt out of this change:</p> <ul> <li><strong>Repositories owned by an organization:</strong> Create a custom repository property with the name <code>github-codeql-file-coverage-on-prs</code> and the type "True/false", then set this property to <code>true</code> in the repository's settings. For more information, see <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">Managing custom properties for repositories in your organization</a>. Alternatively, if you are using an advanced setup workflow, you can set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using default setup:</strong> Switch to an advanced setup workflow and set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> <li><strong>User-owned repositories using advanced setup:</strong> Set the <code>CODEQL_ACTION_FILE_COVERAGE_ON_PRS</code> environment variable to <code>true</code> in your workflow.</li> </ul> </li> <li> <p>Fixed <a href="https://redirect.github.com/github/codeql-action/issues/3555">a bug</a> which caused the CodeQL Action to fail loading repository properties if a "Multi select" repository property was configured for the repository. <a href="https://redirect.github.com/github/codeql-action/pull/3557">#3557</a></p> </li> <li> <p>The CodeQL Action now loads <a href="https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization">custom repository properties</a> on GitHub Enterprise Server, enabling the customization of features such as <code>github-codeql-disable-overlay</code> that was previously only available on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/3559">#3559</a></p> </li> <li> <p>Once <a href="https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries">private package registries</a> can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. <a href="https://redirect.github.com/github/codeql-action/pull/3563">#3563</a></p> </li> <li> <p>Fixed the retry mechanism for database uploads. Previously this would fail with the error "Response body object should not be disturbed or locked". <a href="https://redirect.github.com/github/codeql-action/pull/3564">#3564</a></p> </li> <li> <p>A warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3570">#3570</a></p> </li> </ul> <h2>4.32.6 - 05 Mar 2026</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
2b0ed59203 |
chore(deps-dev): Bump cypress from 15.13.1 to 15.14.0 (#1822)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [cypress](https://github.com/cypress-io/cypress) from 15.13.1 to 15.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cypress-io/cypress/releases">cypress's releases</a>.</em></p> <blockquote> <h2>v15.14.0</h2> <p>Changelog: <a href="https://docs.cypress.io/app/references/changelog#15-14-0">https://docs.cypress.io/app/references/changelog#15-14-0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e3a32fb72f |
chore(deps-dev): Bump eslint-plugin-react-hooks from 7.0.1 to 7.1.0 (#1820)
Bumps [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) from 7.0.1 to 7.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">eslint-plugin-react-hooks's releases</a>.</em></p> <blockquote> <h2>eslint-plugin-react-hooks@7.1.0 (April 16, 2026)</h2> <p>This release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better <code>set-state-in-effect</code> detection, improved ref validation, and more helpful error reporting.</p> <ul> <li>Add ESLint v10 support. (<a href="https://github.com/azat-io"><code>@azat-io</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35720">#35720</a>)</li> <li>Skip compilation for non-React files to improve performance. (<a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35589">#35589</a>)</li> <li>Fix exhaustive deps bug with Flow type casting. (<a href="https://github.com/jorge-cab"><code>@jorge-cab</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35691">#35691</a>)</li> <li>Fix <code>useEffectEvent</code> checks in component syntax. (<a href="https://github.com/jbrown215"><code>@jbrown215</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35041">#35041</a>)</li> <li>Improved <code>set-state-in-effect</code> validation with fewer false negatives. (<a href="https://github.com/jorge-cab"><code>@jorge-cab</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35134">#35134</a>, <a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35147">#35147</a>, <a href="https://github.com/jackpope"><code>@jackpope</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35214">#35214</a>, <a href="https://github.com/chesnokov-tony"><code>@chesnokov-tony</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35419">#35419</a>, <a href="https://github.com/jsleitor"><code>@jsleitor</code></a> in <a href="https://redirect.github.com/facebook/react/pull/36107">#36107</a>)</li> <li>Improved ref validation for non-mutating functions and event handler props. (<a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35893">#35893</a>, <a href="https://github.com/kolvian"><code>@kolvian</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35062">#35062</a>)</li> <li>Compiler now reports all errors instead of stopping at the first. (<a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35873">#35873</a>–<a href="https://redirect.github.com/facebook/react/pull/35884">#35884</a>)</li> <li>Improved source locations and error display in compiler diagnostics. (<a href="https://github.com/nathanmarks"><code>@nathanmarks</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35348">#35348</a>, <a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/34963">#34963</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md">eslint-plugin-react-hooks's changelog</a>.</em></p> <blockquote> <h2>7.1.0</h2> <p>This release adds ESLint v10 support, improves performance by skipping compilation for non-React files, and includes compiler lint improvements including better <code>set-state-in-effect</code> detection, improved ref validation, and more helpful error reporting.</p> <ul> <li>Add ESLint v10 support. (<a href="https://github.com/azat-io"><code>@azat-io</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35720">#35720</a>)</li> <li>Skip compilation for non-React files to improve performance. (<a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35589">#35589</a>)</li> <li>Fix exhaustive deps bug with Flow type casting. (<a href="https://github.com/jorge-cab"><code>@jorge-cab</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35691">#35691</a>)</li> <li>Fix <code>useEffectEvent</code> checks in component syntax. (<a href="https://github.com/jbrown215"><code>@jbrown215</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35041">#35041</a>)</li> <li>Improved <code>set-state-in-effect</code> validation with fewer false negatives. (<a href="https://github.com/jorge-cab"><code>@jorge-cab</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35134">#35134</a>, <a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35147">#35147</a>, <a href="https://github.com/jackpope"><code>@jackpope</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35214">#35214</a>, <a href="https://github.com/chesnokov-tony"><code>@chesnokov-tony</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35419">#35419</a>, <a href="https://github.com/jsleitor"><code>@jsleitor</code></a> in <a href="https://redirect.github.com/facebook/react/pull/36107">#36107</a>)</li> <li>Improved ref validation for non-mutating functions and event handler props. (<a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35893">#35893</a>, <a href="https://github.com/kolvian"><code>@kolvian</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35062">#35062</a>)</li> <li>Compiler now reports all errors instead of stopping at the first. (<a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35873">#35873</a>–<a href="https://redirect.github.com/facebook/react/pull/35884">#35884</a>)</li> <li>Improved source locations and error display in compiler diagnostics. (<a href="https://github.com/nathanmarks"><code>@nathanmarks</code></a> in <a href="https://redirect.github.com/facebook/react/pull/35348">#35348</a>, <a href="https://github.com/josephsavona"><code>@josephsavona</code></a> in <a href="https://redirect.github.com/facebook/react/pull/34963">#34963</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/facebook/react/commits/eslint-plugin-react-hooks@7.1.0/packages/eslint-plugin-react-hooks">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
da4b84cdfd |
chore(deps): Bump i18next from 26.0.4 to 26.0.5 (#1818)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [i18next](https://github.com/i18next/i18next) from 26.0.4 to 26.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/releases">i18next's releases</a>.</em></p> <blockquote> <h2>v26.0.5</h2> <ul> <li>fix: <code>cloneInstance().changeLanguage()</code> no longer fails to update language state when the target language is not yet loaded — a race between <code>init()</code>'s deferred <code>load()</code> and the user's <code>changeLanguage()</code> could overwrite <code>isLanguageChangingTo</code>, causing <code>setLngProps</code> to be skipped <a href="https://redirect.github.com/i18next/i18next/issues/2422">2422</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.0.5</h2> <ul> <li>fix: <code>cloneInstance().changeLanguage()</code> no longer fails to update language state when the target language is not yet loaded — a race between <code>init()</code>'s deferred <code>load()</code> and the user's <code>changeLanguage()</code> could overwrite <code>isLanguageChangingTo</code>, causing <code>setLngProps</code> to be skipped <a href="https://redirect.github.com/i18next/i18next/issues/2422">2422</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
58166e3a9e |
chore(deps): Bump ol from 10.8.0 to 10.9.0 (#1816)
Bumps [ol](https://github.com/openlayers/openlayers) from 10.8.0 to 10.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/openlayers/openlayers/releases">ol's releases</a>.</em></p> <blockquote> <h2>v10.9.0</h2> <h2>Summary</h2> <p>In the 10.9 release, GeoZarr and GeoTIFF support saw major improvements — including multi-group band support, per-band metadata, and more efficient tile loading. WebGL rendering precision and performance were enhanced, and several vector rendering, hit detection, and trackpad zoom interaction issues were resolved.</p> <h2>What's Changed</h2> <ul> <li>Updates for the 10.8.0 release by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17325">openlayers/openlayers#17325</a></li> <li>Update package version to 10.8.1-dev by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17327">openlayers/openlayers#17327</a></li> <li>Example: export map as GeoTIFF or PNG with world file by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17313">openlayers/openlayers#17313</a></li> <li>Flat style / allow literal number arrays as well for the <code>in</code> (haystack) operator by <a href="https://github.com/jahow"><code>@jahow</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17334">openlayers/openlayers#17334</a></li> <li>Fix typos in GeoZARR source by <a href="https://github.com/m-mohr"><code>@m-mohr</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17348">openlayers/openlayers#17348</a></li> <li>chore(deps-dev): bump jspdf from 4.1.0 to 4.2.0 in the development-security group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17337">openlayers/openlayers#17337</a></li> <li>chore(deps): bump geotiff from 3.0.2 to 3.0.3 in the production-minor-patch group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17339">openlayers/openlayers#17339</a></li> <li>chore(deps-dev): bump the development-security group across 1 directory with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17358">openlayers/openlayers#17358</a></li> <li>chore(deps-dev): bump the development-minor-patch group across 1 directory with 13 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17360">openlayers/openlayers#17360</a></li> <li>Add support for custom fetch client in GeoTIFF source and examples by <a href="https://github.com/BeGj"><code>@BeGj</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17346">openlayers/openlayers#17346</a></li> <li>Add shared vertices equal by <a href="https://github.com/andreasbaa"><code>@andreasbaa</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17349">openlayers/openlayers#17349</a></li> <li>Fix updateGeometry_ to preserve per-geometry Z/M values by <a href="https://github.com/andreasbaa"><code>@andreasbaa</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17347">openlayers/openlayers#17347</a></li> <li>Update raster source docs by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17342">openlayers/openlayers#17342</a></li> <li>Update geotiff to v3.0.4 by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17363">openlayers/openlayers#17363</a></li> <li>Fix stroked polygon after non-stroked polygon with overlaps:false by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17364">openlayers/openlayers#17364</a></li> <li>Improve GeoZarr nodata handling by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17355">openlayers/openlayers#17355</a></li> <li>Store gdal metadata instead of a promise thereof by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17344">openlayers/openlayers#17344</a></li> <li>fix(test): handle image load errors in ImageLayer CORS test by <a href="https://github.com/wietzesuijker"><code>@wietzesuijker</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17372">openlayers/openlayers#17372</a></li> <li>Use provided stride for render feature geometry operations by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17367">openlayers/openlayers#17367</a></li> <li>Cache opened zarrita arrays across GeoZarr tile loads by <a href="https://github.com/wietzesuijker"><code>@wietzesuijker</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17369">openlayers/openlayers#17369</a></li> <li>Parallelize band array opens in GeoZarr loadTile_ by <a href="https://github.com/wietzesuijker"><code>@wietzesuijker</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17370">openlayers/openlayers#17370</a></li> <li>Optimize GeoZarr tile sizes by aligning with inner shards by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17362">openlayers/openlayers#17362</a></li> <li>Load unknown projections for GeoTIFF source <a href="https://redirect.github.com/openlayers/openlayers/issues/17153">#17153</a> by <a href="https://github.com/m-mohr"><code>@m-mohr</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17208">openlayers/openlayers#17208</a></li> <li>Fix node deprecation warning by <a href="https://github.com/M393"><code>@M393</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17387">openlayers/openlayers#17387</a></li> <li>Default stroke for hitdetection by <a href="https://github.com/qulol"><code>@qulol</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17365">openlayers/openlayers#17365</a></li> <li>Fix issue 17380 - Call reprioritize conditionally in handlePostRender by <a href="https://github.com/andrfra"><code>@andrfra</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17381">openlayers/openlayers#17381</a></li> <li>Use correct tileUrlFunction when loading source tiles by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17392">openlayers/openlayers#17392</a></li> <li>Do not set a fill for patterns that are not loaded yet by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17384">openlayers/openlayers#17384</a></li> <li>Webgl / Better performance when filtering out features by <a href="https://github.com/jahow"><code>@jahow</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17393">openlayers/openlayers#17393</a></li> <li>More efficient loading of striped GeoTIFFs and reprojected WebGL tiles by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17394">openlayers/openlayers#17394</a></li> <li>GeoTIFF: Provide min/max/nodata per band by <a href="https://github.com/m-mohr"><code>@m-mohr</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17396">openlayers/openlayers#17396</a></li> <li>Fix openflights link in flight animation example by <a href="https://github.com/ChandlerSwift"><code>@ChandlerSwift</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17398">openlayers/openlayers#17398</a></li> <li>Remove separate group option for the GeoZarr source by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17378">openlayers/openlayers#17378</a></li> <li>Fix type imports with stricter hints from tsconfig by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17376">openlayers/openlayers#17376</a></li> <li><a href="https://redirect.github.com/openlayers/openlayers/issues/17397">#17397</a> Fix text on circle features not working with declutter by <a href="https://github.com/Adanteh"><code>@Adanteh</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17400">openlayers/openlayers#17400</a></li> <li>Fix Feature clone with custom geometry name by <a href="https://github.com/MoonE"><code>@MoonE</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17404">openlayers/openlayers#17404</a></li> <li>Inflate trackpad pinch-to-zoom deltas by <a href="https://github.com/src73"><code>@src73</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17405">openlayers/openlayers#17405</a></li> <li>chore(deps): bump actions/upload-artifact from 6 to 7 in the actions group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17390">openlayers/openlayers#17390</a></li> <li>chore(deps-dev): bump dompurify from 3.3.1 to 3.3.2 in the development-security group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17373">openlayers/openlayers#17373</a></li> <li>Compute resolution from spatial:bbox and spatial:shape by <a href="https://github.com/ahocevar"><code>@ahocevar</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17410">openlayers/openlayers#17410</a></li> <li>Heatmap: Inline blurSlope computation to fix expression-based blur/radius (<a href="https://redirect.github.com/openlayers/openlayers/issues/17412">#17412</a>) by <a href="https://github.com/JoJoeGoing"><code>@JoJoeGoing</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17413">openlayers/openlayers#17413</a></li> <li>Add rendering test for line offset with detailed river geometries by <a href="https://github.com/viktorijasolovjova"><code>@viktorijasolovjova</code></a> in <a href="https://redirect.github.com/openlayers/openlayers/pull/17414">openlayers/openlayers#17414</a></li> <li>chore(deps-dev): bump the development-security group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17415">openlayers/openlayers#17415</a></li> <li>chore(deps): bump dawidd6/action-download-artifact from 14 to 19 in the actions group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/openlayers/openlayers/pull/17420">openlayers/openlayers#17420</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
7c8a1f92cc |
chore(deps): Bump react-i18next from 17.0.2 to 17.0.4 (#1814)
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 17.0.2 to 17.0.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's changelog</a>.</em></p> <blockquote> <h2>17.0.4</h2> <ul> <li>fix: avoid <code>React does not recognize the 'i18nIsDynamicList' prop on a DOM element</code> warning <a href="https://redirect.github.com/i18next/react-i18next/issues/1915">1915</a></li> </ul> <h2>17.0.3</h2> <ul> <li>fix: avoid invalid prop on <code>React.Fragment</code> inside <code><Trans /></code> <a href="https://redirect.github.com/i18next/react-i18next/issues/1914">1914</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |