Commit Graph

2709 Commits

Author SHA1 Message Date
dependabot[bot] faae8d00d8 chore(deps-dev): Bump vite from 7.3.2 to 8.1.3
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.2 to 8.1.3.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.3/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 8.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-07-07 20:40:11 +00:00
dependabot[bot] 89d583715f chore(deps): Bump the react group across 1 directory with 7 updates (#1976)
Bumps the react group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) |
`19.2.4` | `19.2.7` |
|
[@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react)
| `19.2.14` | `19.2.17` |
|
[react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom)
| `19.2.4` | `19.2.7` |
| [react-i18next](https://github.com/i18next/react-i18next) | `17.0.7` |
`17.0.8` |
| [react-icons](https://github.com/react-icons/react-icons) | `5.6.0` |
`5.7.0` |
|
[@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react)
| `5.1.4` | `6.0.3` |
|
[eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh)
| `0.5.2` | `0.5.3` |


Updates `react` from 19.2.4 to 19.2.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">react's
releases</a>.</em></p>
<blockquote>
<h2>19.2.7 (June 1st, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Fixed missing <code>FormData</code> entries in Server Actions which
regressed in 19.2.6
(<a
href="https://redirect.github.com/facebook/react/pull/36566">#36566</a>
by <a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a>)</li>
</ul>
<h2>19.2.6 (May 6th, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Type hardening and performance improvements
(<a
href="https://redirect.github.com/facebook/react/pull/36425">#36425</a>
by <a href="https://github.com/eps1lon"><code>@​eps1lon</code></a> and
<a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a>)</li>
</ul>
<h2>19.2.5 (April 8th, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Add more cycle protections (<a
href="https://redirect.github.com/facebook/react/pull/36236">#36236</a>
by <a href="https://github.com/eps1lon"><code>@​eps1lon</code></a> and
<a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/react/react/blob/main/CHANGELOG.md">react's
changelog</a>.</em></p>
<blockquote>
<h2>19.2.7 (June 1, 2026)</h2>
<h3>React Server Components</h3>
<ul>
<li>Fixed missing <code>FormData</code> entries in Server Actions which
regressed in 19.2.6 (<a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a> <a
href="https://redirect.github.com/facebook/react/pull/36566">#36566</a>)</li>
</ul>
<h2>19.2.6 (May 6, 2026)</h2>
<h3>React Server Components</h3>
<ul>
<li>Type hardening and performance improvements (<a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>, <a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a> <a
href="https://redirect.github.com/facebook/react/pull/36425">#36425</a>)</li>
</ul>
<h2>19.2.5 (March 18, 2026)</h2>
<h3>React Server Components</h3>
<ul>
<li>Add more cycle protections (<a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>, <a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a> <a
href="https://redirect.github.com/facebook/react/pull/36236">#36236</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a>
Version 19.2.7 (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591">#36591</a>)</li>
<li><a
href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a>
Version 19.2.6</li>
<li><a
href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a>
19.2.5</li>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/v19.2.7/packages/react">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for react since your current version.</p>
</details>
<br />

Updates `@types/react` from 19.2.14 to 19.2.17
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare
view</a></li>
</ul>
</details>
<br />

Updates `react-dom` from 19.2.4 to 19.2.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/react/releases">react-dom's
releases</a>.</em></p>
<blockquote>
<h2>19.2.7 (June 1st, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Fixed missing <code>FormData</code> entries in Server Actions which
regressed in 19.2.6
(<a
href="https://redirect.github.com/facebook/react/pull/36566">#36566</a>
by <a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a>)</li>
</ul>
<h2>19.2.6 (May 6th, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Type hardening and performance improvements
(<a
href="https://redirect.github.com/facebook/react/pull/36425">#36425</a>
by <a href="https://github.com/eps1lon"><code>@​eps1lon</code></a> and
<a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a>)</li>
</ul>
<h2>19.2.5 (April 8th, 2026)</h2>
<h2>React Server Components</h2>
<ul>
<li>Add more cycle protections (<a
href="https://redirect.github.com/facebook/react/pull/36236">#36236</a>
by <a href="https://github.com/eps1lon"><code>@​eps1lon</code></a> and
<a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/react/react/blob/main/CHANGELOG.md">react-dom's
changelog</a>.</em></p>
<blockquote>
<h2>19.2.7 (June 1, 2026)</h2>
<h3>React Server Components</h3>
<ul>
<li>Fixed missing <code>FormData</code> entries in Server Actions which
regressed in 19.2.6 (<a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a> <a
href="https://redirect.github.com/facebook/react/pull/36566">#36566</a>)</li>
</ul>
<h2>19.2.6 (May 6, 2026)</h2>
<h3>React Server Components</h3>
<ul>
<li>Type hardening and performance improvements (<a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>, <a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a> <a
href="https://redirect.github.com/facebook/react/pull/36425">#36425</a>)</li>
</ul>
<h2>19.2.5 (March 18, 2026)</h2>
<h3>React Server Components</h3>
<ul>
<li>Add more cycle protections (<a
href="https://github.com/eps1lon"><code>@​eps1lon</code></a>, <a
href="https://github.com/unstubbable"><code>@​unstubbable</code></a> <a
href="https://redirect.github.com/facebook/react/pull/36236">#36236</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a>
Version 19.2.7 (<a
href="https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/36591">#36591</a>)</li>
<li><a
href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a>
Version 19.2.6</li>
<li><a
href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a>
19.2.5</li>
<li>See full diff in <a
href="https://github.com/facebook/react/commits/v19.2.7/packages/react-dom">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for react-dom since your current version.</p>
</details>
<br />

Updates `react-i18next` from 17.0.7 to 17.0.8
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's
changelog</a>.</em></p>
<blockquote>
<h2>17.0.8</h2>
<ul>
<li>fix(types): <code>&lt;Trans i18nKey={$ =&gt; ...}&gt;</code> now
typechecks under <code>enableSelector: 'strict'</code>. The
<code>Trans</code> component's conditional type was gated on
<code>_EnableSelector extends true | 'optimize'</code>, excluding
<code>'strict'</code> and falling back to the legacy string-key
signature. Runtime was already correct (it calls
<code>keyFromSelector(i18nKey)</code> whenever <code>typeof i18nKey ===
'function'</code>); this is a type-only fix that widens the conditional
to include <code>'strict'</code>. Thanks <a
href="https://github.com/Faithfinder"><code>@​Faithfinder</code></a> (<a
href="https://redirect.github.com/i18next/react-i18next/pull/1921">#1921</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/react-i18next/commit/a46ad23ad07f1a3440d03cce80d0cab7ad23e2f0"><code>a46ad23</code></a>
17.0.8</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/f715031fd7d90542bacd15d50e57235763527271"><code>f715031</code></a>
update i18next dep</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/a515d5b767366e2b48704d219a3b7e4744e7ce72"><code>a515d5b</code></a>
changelog: 17.0.8 entry for <a
href="https://redirect.github.com/i18next/react-i18next/issues/1921">#1921</a></li>
<li><a
href="https://github.com/i18next/react-i18next/commit/d5ab7c82e93b4cb4b64b298b407745f3dbb235a1"><code>d5ab7c8</code></a>
fix(types): accept selector i18nKey on &lt;Trans&gt; under
enableSelector: 'strict'...</li>
<li><a
href="https://github.com/i18next/react-i18next/commit/b91ba362800ca7af2461306b900731eaad1de19a"><code>b91ba36</code></a>
Add Locize advice section near the top of README</li>
<li>See full diff in <a
href="https://github.com/i18next/react-i18next/compare/v17.0.7...v17.0.8">compare
view</a></li>
</ul>
</details>
<br />

Updates `react-icons` from 5.6.0 to 5.7.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/react-icons/react-icons/releases">react-icons's
releases</a>.</em></p>
<blockquote>
<h2>v5.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>update packages by <a
href="https://github.com/kamijin-fanta"><code>@​kamijin-fanta</code></a>
in <a
href="https://redirect.github.com/react-icons/react-icons/pull/1153">react-icons/react-icons#1153</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/react-icons/react-icons/compare/v5.6.0...v5.7.0">https://github.com/react-icons/react-icons/compare/v5.6.0...v5.7.0</a></p>
<table>
<thead>
<tr>
<th>Icon Library</th>
<th>License</th>
<th>Version</th>
<th align="right">Count</th>
</tr>
</thead>
<tbody>
<tr>
<td><a href="https://circumicons.com/">Circum Icons</a></td>
<td><a
href="https://github.com/Klarr-Agency/Circum-Icons/blob/main/LICENSE">MPL-2.0
license</a></td>
<td>1.0.0</td>
<td align="right">288</td>
</tr>
<tr>
<td><a href="https://fontawesome.com/">Font Awesome 5</a></td>
<td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0
License</a></td>
<td>5.15.4-3-gafecf2a</td>
<td align="right">1612</td>
</tr>
<tr>
<td><a href="https://fontawesome.com/">Font Awesome 6</a></td>
<td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0
License</a></td>
<td>6.7.2-1-g840c215</td>
<td align="right">2060</td>
</tr>
<tr>
<td><a href="https://ionicons.com/">Ionicons 4</a></td>
<td><a
href="https://github.com/ionic-team/ionicons/blob/master/LICENSE">MIT</a></td>
<td>4.6.3</td>
<td align="right">696</td>
</tr>
<tr>
<td><a href="https://ionicons.com/">Ionicons 5</a></td>
<td><a
href="https://github.com/ionic-team/ionicons/blob/master/LICENSE">MIT</a></td>
<td>5.5.4</td>
<td align="right">1332</td>
</tr>
<tr>
<td><a href="http://google.github.io/material-design-icons/">Material
Design icons</a></td>
<td><a
href="https://github.com/google/material-design-icons/blob/master/LICENSE">Apache
License Version 2.0</a></td>
<td>4.0.0-161-gf3fb4442b2</td>
<td align="right">4341</td>
</tr>
<tr>
<td><a href="http://s-ings.com/typicons/">Typicons</a></td>
<td><a href="https://creativecommons.org/licenses/by-sa/3.0/">CC BY-SA
3.0</a></td>
<td>2.1.2</td>
<td align="right">336</td>
</tr>
<tr>
<td><a href="https://octicons.github.com/">Github Octicons
icons</a></td>
<td><a
href="https://github.com/primer/octicons/blob/master/LICENSE">MIT</a></td>
<td>18.3.0</td>
<td align="right">264</td>
</tr>
<tr>
<td><a href="https://feathericons.com/">Feather</a></td>
<td><a
href="https://github.com/feathericons/feather/blob/master/LICENSE">MIT</a></td>
<td>4.29.2</td>
<td align="right">287</td>
</tr>
<tr>
<td><a href="https://lucide.dev/">Lucide</a></td>
<td><a
href="https://github.com/lucide-icons/lucide/blob/main/LICENSE">ISC</a></td>
<td>0.462.0</td>
<td align="right">1541</td>
</tr>
<tr>
<td><a href="https://game-icons.net/">Game Icons</a></td>
<td><a href="https://creativecommons.org/licenses/by/3.0/">CC BY
3.0</a></td>
<td>12920d6565588f0512542a3cb0cdfd36a497f910</td>
<td align="right">4040</td>
</tr>
<tr>
<td><a href="https://erikflowers.github.io/weather-icons/">Weather
Icons</a></td>
<td><a href="http://scripts.sil.org/OFL">SIL OFL 1.1</a></td>
<td>2.0.12</td>
<td align="right">219</td>
</tr>
<tr>
<td><a href="https://vorillaz.github.io/devicons/">Devicons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.8.0</td>
<td align="right">192</td>
</tr>
<tr>
<td><a href="https://github.com/ant-design/ant-design-icons">Ant Design
Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>4.4.2</td>
<td align="right">831</td>
</tr>
<tr>
<td><a href="https://github.com/twbs/icons">Bootstrap Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.13.1</td>
<td align="right">2754</td>
</tr>
<tr>
<td><a href="https://github.com/Remix-Design/RemixIcon">Remix
Icon</a></td>
<td><a href="http://www.apache.org/licenses/">Apache License Version
2.0</a></td>
<td>4.9.1</td>
<td align="right">3229</td>
</tr>
<tr>
<td><a href="https://github.com/icons8/flat-color-icons">Flat Color
Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.0.2</td>
<td align="right">329</td>
</tr>
<tr>
<td><a
href="https://github.com/grommet/grommet-icons">Grommet-Icons</a></td>
<td><a href="http://www.apache.org/licenses/">Apache License Version
2.0</a></td>
<td>4.14.0</td>
<td align="right">637</td>
</tr>
<tr>
<td><a
href="https://github.com/tailwindlabs/heroicons">Heroicons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>1.0.6</td>
<td align="right">460</td>
</tr>
<tr>
<td><a href="https://github.com/tailwindlabs/heroicons">Heroicons
2</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>2.2.0</td>
<td align="right">972</td>
</tr>
<tr>
<td><a href="https://simpleicons.org/">Simple Icons</a></td>
<td><a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0 1.0
Universal</a></td>
<td>16.24.0</td>
<td align="right">3446</td>
</tr>
<tr>
<td><a href="https://thesabbir.github.io/simple-line-icons/">Simple Line
Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>2.5.5</td>
<td align="right">189</td>
</tr>
<tr>
<td><a href="https://github.com/Keyamoon/IcoMoon-Free">IcoMoon
Free</a></td>
<td><a
href="https://github.com/Keyamoon/IcoMoon-Free/blob/master/License.txt">CC
BY 4.0 License</a></td>
<td>d006795ede82361e1bac1ee76f215cf1dc51e4ca</td>
<td align="right">491</td>
</tr>
<tr>
<td><a href="https://github.com/atisawd/boxicons">BoxIcons</a></td>
<td><a
href="https://github.com/atisawd/boxicons/blob/master/LICENSE">MIT</a></td>
<td>2.1.4</td>
<td align="right">1634</td>
</tr>
<tr>
<td><a href="https://github.com/astrit/css.gg">css.gg</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>2.1.4</td>
<td align="right">704</td>
</tr>
<tr>
<td><a href="https://github.com/microsoft/vscode-codicons">VS Code
Icons</a></td>
<td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY
4.0</a></td>
<td>0.0.0</td>
<td align="right">612</td>
</tr>
<tr>
<td><a href="https://github.com/tabler/tabler-icons">Tabler
Icons</a></td>
<td><a href="https://opensource.org/licenses/MIT">MIT</a></td>
<td>3.44.0</td>
<td align="right">6146</td>
</tr>
<tr>
<td><a href="https://github.com/lykmapipo/themify-icons">Themify
Icons</a></td>
<td><a
href="https://github.com/thecreation/standard-icons/blob/master/modules/themify-icons/LICENSE">MIT</a></td>
<td>v0.1.2-2-g9600186</td>
<td align="right">352</td>
</tr>
<tr>
<td><a href="https://icons.radix-ui.com">Radix Icons</a></td>
<td><a
href="https://github.com/radix-ui/icons/blob/master/LICENSE">MIT</a></td>
<td><code>@​radix-ui/react-icons</code><a
href="https://github.com/1"><code>@​1</code></a>.3.2-35-g112af91</td>
<td align="right">332</td>
</tr>
<tr>
<td><a href="https://github.com/phosphor-icons/core">Phosphor
Icons</a></td>
<td><a
href="https://github.com/phosphor-icons/core/blob/main/LICENSE">MIT</a></td>
<td>2.1.1</td>
<td align="right">9072</td>
</tr>
<tr>
<td><a href="https://icons8.com/line-awesome">Icons8 Line
Awesome</a></td>
<td><a
href="https://github.com/icons8/line-awesome/blob/master/LICENSE.md">MIT</a></td>
<td>1.3.1</td>
<td align="right">1544</td>
</tr>
</tbody>
</table>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/react-icons/react-icons/commit/87470d588c5624bf3e291f17527c3ecd1419c8ae"><code>87470d5</code></a>
v5.7.0</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/e1cb06116df395109208fa4786b5e6ae4cc20187"><code>e1cb061</code></a>
fix ci publish</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/bffaab7c0f90d78b240bd06be1c40953be89a992"><code>bffaab7</code></a>
Revert &quot;v5.7.0&quot;</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/2cde989e0d3637fa39471e3f24df99ffb88cb1d1"><code>2cde989</code></a>
v5.7.0</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/dac95ccf8126f41dc068f17fb09573fd86b6a0e9"><code>dac95cc</code></a>
update npm in ci workflow</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/21fcd0452250a30cde4827b83bff3e086b106369"><code>21fcd04</code></a>
Revert &quot;v5.7.0&quot;</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/3a05518a3b8b1fe147c915aea1ca6db6cd212ae8"><code>3a05518</code></a>
v5.7.0</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/c8b5050f417e08a270fc74393d36a7ea844a1977"><code>c8b5050</code></a>
fix github pages deploy</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/2f78ae43254f217c132078956848f257b72ec6cb"><code>2f78ae4</code></a>
Update CI actions, Pages deploy, and staged npm publishing</li>
<li><a
href="https://github.com/react-icons/react-icons/commit/11f5a06ff937287537590bd165ccbd24e9f800e4"><code>11f5a06</code></a>
update packages (<a
href="https://redirect.github.com/react-icons/react-icons/issues/1153">#1153</a>)</li>
<li>See full diff in <a
href="https://github.com/react-icons/react-icons/compare/v5.6.0...v5.7.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for react-icons since your current version.</p>
</details>
<br />

Updates `@types/react` from 19.2.14 to 19.2.17
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare
view</a></li>
</ul>
</details>
<br />

Updates `@vitejs/plugin-react` from 5.1.4 to 6.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite-plugin-react/releases">@​vitejs/plugin-react's
releases</a>.</em></p>
<blockquote>
<h2>plugin-react@6.0.3</h2>
<p>No release notes provided.</p>
<h2>plugin-react@6.0.2</h2>
<h3>Allow all options in reactCompilerPreset (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1189">#1189</a>)</h3>
<p>This is a type only change. Only <code>compilationMode</code> and
<code>target</code> options were available for
<code>reactCompilerPreset</code>.</p>
<h2>plugin-react@6.0.1</h2>
<h3>Expand <code>@rolldown/plugin-babel</code> peer dep range (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1146">#1146</a>)</h3>
<p>Expanded <code>@rolldown/plugin-babel</code> peer dep range to
include <code>^0.2.0</code>.</p>
<h2>plugin-react@6.0.0</h2>
<h3>Remove Babel Related Features (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1123">#1123</a>)</h3>
<p>Vite 8+ can handle React Refresh Transform by Oxc and doesn't need
Babel for it. With that, there are no transform applied that requires
Babel. To reduce the installation size of this plugin, babel is no
longer a dependency of this plugin and the related features are
removed.</p>
<p>If you are using Babel, you can use
<code>@rolldown/plugin-babel</code> together with this plugin:</p>
<pre lang="diff"><code> import { defineConfig } from 'vite'
 import react from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
<p>export default defineConfig({
plugins: [</p>
<ul>
<li>
<pre><code>react({
</code></pre>
</li>
<li>
<pre><code>  babel: {
</code></pre>
</li>
<li>
<pre><code>    plugins: ['@babel/plugin-proposal-throw-expressions'],
</code></pre>
</li>
<li>
<pre><code>  },
</code></pre>
</li>
<li>
<pre><code>}),
</code></pre>
</li>
</ul>
<ul>
<li>
<pre><code>react(),
</code></pre>
</li>
<li>
<pre><code>babel({
</code></pre>
</li>
<li>
<pre><code>  plugins: ['@babel/plugin-proposal-throw-expressions'],
</code></pre>
</li>
<li>
<pre><code>}),
</code></pre>
]
})
</code></pre></li>
</ul>
<p>For React compiler users, you can use
<code>reactCompilerPreset</code> for easier setup with preconfigured
filter to improve build performance:</p>
<pre lang="diff"><code> import { defineConfig } from 'vite'
-import react from '@vitejs/plugin-react'
+import react, { reactCompilerPreset } from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
<p>export default defineConfig({
plugins: [
&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md">@​vitejs/plugin-react's
changelog</a>.</em></p>
<blockquote>
<h2>6.0.3 (2026-06-23)</h2>
<h2>6.0.2 (2026-05-14)</h2>
<h3>Allow all options in reactCompilerPreset (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1189">#1189</a>)</h3>
<p>This is a type only change. Only <code>compilationMode</code> and
<code>target</code> options were available for
<code>reactCompilerPreset</code>.</p>
<h2>6.0.1 (2026-03-13)</h2>
<h3>Expand <code>@rolldown/plugin-babel</code> peer dep range (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1146">#1146</a>)</h3>
<p>Expanded <code>@rolldown/plugin-babel</code> peer dep range to
include <code>^0.2.0</code>.</p>
<h2>6.0.0 (2026-03-12)</h2>
<h2>6.0.0-beta.0 (2026-03-03)</h2>
<h3>Remove Babel Related Features (<a
href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1123">#1123</a>)</h3>
<p>Vite 8+ can handle React Refresh Transform by Oxc and doesn't need
Babel for it. With that, there are no transform applied that requires
Babel. To reduce the installation size of this plugin, babel is no
longer a dependency of this plugin and the related features are
removed.</p>
<p>If you are using Babel, you can use
<code>@rolldown/plugin-babel</code> together with this plugin:</p>
<pre lang="diff"><code> import { defineConfig } from 'vite'
 import react from '@vitejs/plugin-react'
+import babel from '@rolldown/plugin-babel'
<p>export default defineConfig({
plugins: [</p>
<ul>
<li>
<pre><code>react({
</code></pre>
</li>
<li>
<pre><code>  babel: {
</code></pre>
</li>
<li>
<pre><code>    plugins: ['@babel/plugin-proposal-throw-expressions'],
</code></pre>
</li>
<li>
<pre><code>  },
</code></pre>
</li>
<li>
<pre><code>}),
</code></pre>
</li>
</ul>
<ul>
<li>
<pre><code>react(),
</code></pre>
</li>
<li>
<pre><code>babel({
</code></pre>
</li>
<li>
<pre><code>  plugins: ['@babel/plugin-proposal-throw-expressions'],
</code></pre>
</li>
<li>
<pre><code>}),
</code></pre>
]
})
</code></pre></li>
</ul>
<p>For React compiler users, you can use
<code>reactCompilerPreset</code> for easier setup with preconfigured
filter to improve build performance:</p>
<pre lang="diff"><code> import { defineConfig } from 'vite'
-import react from '@vitejs/plugin-react'
+import react, { reactCompilerPreset } from '@vitejs/plugin-react'
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/640fd358a0e82393acfce4e92e19a6ac6e1641a7"><code>640fd35</code></a>
release: plugin-react@6.0.3</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/889efb02cdc4ec978a5e177a37e0213cfded38a4"><code>889efb0</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1249">#1249</a>)</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/6c57dd4c5d71075b48039df2532804e72880da21"><code>6c57dd4</code></a>
fix(plugin-react): use '/' base in bundledDev preamble to fix non-root
base p...</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/3cc33a703636b558a1c1c99e787ddc6bd64aab2d"><code>3cc33a7</code></a>
fix(deps): update react-related dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1245">#1245</a>)</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/c0f7c7ff709dc9d88bc1f29f1b27c1b3e2bfcfca"><code>c0f7c7f</code></a>
docs: mention the Biome rule in the &quot;Consistent components
exports&quot; section (...</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/cd80f0f7b2b750f6e8f719f9c3dbe4f22ddd94db"><code>cd80f0f</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1241">#1241</a>)</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/e38accafea0c7c84f7fc72fd69d9cec731fa7600"><code>e38acca</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1227">#1227</a>)</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/9a9bb26c23b966dceed47ff9ec257faeb0e777d9"><code>9a9bb26</code></a>
perf(react): improve react compiler preset so that slightly more modules
are ...</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/6535b55e956b425e6650ffc2cc98fd23cca1d231"><code>6535b55</code></a>
release: plugin-react@6.0.2</li>
<li><a
href="https://github.com/vitejs/vite-plugin-react/commit/bf0e43b756e3be81f8572d59727c218311f431ef"><code>bf0e43b</code></a>
feat(react): whitelist debugging-options (<a
href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1189">#1189</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.3/packages/plugin-react">compare
view</a></li>
</ul>
</details>
<br />

Updates `eslint-plugin-react-refresh` from 0.5.2 to 0.5.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases">eslint-plugin-react-refresh's
releases</a>.</em></p>
<blockquote>
<h2>v0.5.3</h2>
<ul>
<li>Fix check for non component class exported via <code>export {
}</code> <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110">#110</a>
(fixes <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109">#109</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md">eslint-plugin-react-refresh's
changelog</a>.</em></p>
<blockquote>
<h2>0.5.3</h2>
<ul>
<li>Fix check for non component class exported via <code>export {
}</code> <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110">#110</a>
(fixes <a
href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109">#109</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/00818e991486da1e4b76f510f5f9113271549944"><code>00818e9</code></a>
v0.5.3 [publish]</li>
<li><a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/202fc4a8bddcfb442a317ad604693d8436c3d3ea"><code>202fc4a</code></a>
Fix PascalCase class exported via <code>export { Name }</code>
incorrectly treated as Re...</li>
<li>See full diff in <a
href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.5.2...v0.5.3">compare
view</a></li>
</ul>
</details>
<br />

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarelM <harel.mazor@gmail.com>
2026-07-07 20:38:05 +00:00
Harel M fadf01a51d Remove jsonlint build hack (#1987)
## Launch Checklist

This removes the jsonlint build hack that was used for a long time due
to json lint part of the style spec package that was missing a fix.
This is now no longer needed with the latest style spec package.

 - [x] Briefly describe the changes in this PR.
2026-07-07 20:27:43 +00:00
dependabot[bot] 251fe40fde chore(deps): Bump actions/setup-go from 6.4.0 to 6.5.0 (#1960)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.4.0
to 6.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v6.5.0</h2>
<h2>What's Changed</h2>
<h3>Dependency update</h3>
<ul>
<li>Upgrade actions dependencies by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
with <a href="https://github.com/Copilot"><code>@​Copilot</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/744">actions/setup-go#744</a></li>
<li>Upgrade <code>@​types/node</code> and typescript-eslint dependencies
to resolve npm audit findings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/755">actions/setup-go#755</a></li>
<li>Upgrade <code>@​actions/cache</code> to 5.1.0, log cache write
denied by <a
href="https://github.com/jasongin"><code>@​jasongin</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/758">actions/setup-go#758</a></li>
<li>Upgrade version to 6.5.0 in package.json and package-lock.json by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/762">actions/setup-go#762</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
with <a href="https://github.com/Copilot"><code>@​Copilot</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/744">actions/setup-go#744</a></li>
<li><a href="https://github.com/jasongin"><code>@​jasongin</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/758">actions/setup-go#758</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v6...v6.5.0">https://github.com/actions/setup-go/compare/v6...v6.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-go/commit/924ae3a1cded613372ab5595356fb5720e22ba16"><code>924ae3a</code></a>
chore: bump version to 6.5.0 in package.json and package-lock.json (<a
href="https://redirect.github.com/actions/setup-go/issues/762">#762</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/e91cc3bfe0c3efd0b2d1dc3a51269c9038deb4f1"><code>e91cc3b</code></a>
Bump <code>@​actions/cache</code> to 5.1.0, log cache write denied (<a
href="https://redirect.github.com/actions/setup-go/issues/758">#758</a>)</li>
<li><a
href="https://github.com/actions/setup-go/commit/4a2405e6aebff6aabd8e43618539aa35cf90ac92"><code>4a2405e</code></a>
chore: update <code>@​types/node</code> and <a
href="https://github.com/typescript-eslint"><code>@​typescript-eslint</code></a>
dependencies to latest versi...</li>
<li><a
href="https://github.com/actions/setup-go/commit/78961f6f84d799cd858575bb931c3e51d3b13290"><code>78961f6</code></a>
chore: update <a
href="https://github.com/actions"><code>@​actions</code></a>
dependencies and refresh license cache (<a
href="https://redirect.github.com/actions/setup-go/issues/744">#744</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=6.4.0&new-version=6.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-07 22:54:04 +03:00
dependabot[bot] f175749fb7 chore(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0 (#1938)
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
6.0.1 to 7.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<p>⚠️ Due to migration issues with keybase, we are unable to update our
keys under the <code>codecovsecurity</code> account. We have deleted the
account and are using <code>codecovsecops</code> with the original gpg
key</p>
<h2>What's Changed</h2>
<ul>
<li>ci: remove Enforce License Compliance workflow by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1950">codecov/codecov-action#1950</a></li>
<li>chore(release): 7.0.0 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1957">codecov/codecov-action#1957</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v6.0.1...v7.0.0">https://github.com/codecov/codecov-action/compare/v6.0.1...v7.0.0</a></p>
<h2>v6.0.2</h2>
<p>This is a copy of the <code>v7.0.0</code> release to make updates
easier</p>
<h2>What's Changed</h2>
<ul>
<li>ci: remove Enforce License Compliance workflow by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1950">codecov/codecov-action#1950</a></li>
<li>chore(release): 7.0.0 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1957">codecov/codecov-action#1957</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v6.0.1...v6.0.2">https://github.com/codecov/codecov-action/compare/v6.0.1...v6.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's
changelog</a>.</em></p>
<blockquote>
<h2>v5.5.2</h2>
<h3>What's Changed</h3>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2">https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2</a></p>
<h2>v5.5.1</h2>
<h3>What's Changed</h3>
<ul>
<li>fix: overwrite pr number on fork by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1871">codecov/codecov-action#1871</a></li>
<li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1868">codecov/codecov-action#1868</a></li>
<li>build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1867">codecov/codecov-action#1867</a></li>
<li>fix: update to use local app/ dir by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1872">codecov/codecov-action#1872</a></li>
<li>docs: fix typo in README by <a
href="https://github.com/datalater"><code>@​datalater</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1866">codecov/codecov-action#1866</a></li>
<li>Document a <code>codecov-cli</code> version reference example by <a
href="https://github.com/webknjaz"><code>@​webknjaz</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1774">codecov/codecov-action#1774</a></li>
<li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1861">codecov/codecov-action#1861</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1833">codecov/codecov-action#1833</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1">https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1</a></p>
<h2>v5.5.0</h2>
<h3>What's Changed</h3>
<ul>
<li>feat: upgrade wrapper to 0.2.4 by <a
href="https://github.com/jviall"><code>@​jviall</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1864">codecov/codecov-action#1864</a></li>
<li>Pin actions/github-script by Git SHA by <a
href="https://github.com/martincostello"><code>@​martincostello</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1859">codecov/codecov-action#1859</a></li>
<li>fix: check reqs exist by <a
href="https://github.com/joseph-sentry"><code>@​joseph-sentry</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1835">codecov/codecov-action#1835</a></li>
<li>fix: Typo in README by <a
href="https://github.com/spalmurray"><code>@​spalmurray</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1838">codecov/codecov-action#1838</a></li>
<li>docs: Refine OIDC docs by <a
href="https://github.com/spalmurray"><code>@​spalmurray</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1837">codecov/codecov-action#1837</a></li>
<li>build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1829">codecov/codecov-action#1829</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0">https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0</a></p>
<h2>v5.4.3</h2>
<h3>What's Changed</h3>
<ul>
<li>build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by
<code>@​app/dependabot</code> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1822">codecov/codecov-action#1822</a></li>
<li>fix: OIDC on forks by <a
href="https://github.com/joseph-sentry"><code>@​joseph-sentry</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1823">codecov/codecov-action#1823</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3">https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3</a></p>
<h2>v5.4.2</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/codecov/codecov-action/commit/fb8b3582c8e4def4969c97caa2f19720cb33a72f"><code>fb8b358</code></a>
chore(release): 7.0.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1957">#1957</a>)</li>
<li><a
href="https://github.com/codecov/codecov-action/commit/ca0a928a4cb3911011e868128a5cd90437c12db1"><code>ca0a928</code></a>
ci: remove Enforce License Compliance workflow (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1950">#1950</a>)</li>
<li>See full diff in <a
href="https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=6.0.1&new-version=7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-07 22:53:49 +03:00
dependabot[bot] f9219c3c83 chore(deps): Bump github/codeql-action/autobuild from 4.36.2 to 4.36.3 (#1986)
Bumps
[github/codeql-action/autobuild](https://github.com/github/codeql-action)
from 4.36.2 to 4.36.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action/autobuild's
releases</a>.</em></p>
<blockquote>
<h2>v4.36.3</h2>
<p>No user facing changes.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action/autobuild's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.36.3 - 01 Jul 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.2 - 04 Jun 2026</h2>
<ul>
<li>Cache CodeQL CLI version information across Actions steps. <a
href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li>
<li>Reduce requests while waiting for analysis processing by using
exponential backoff when polling SARIF processing status. <a
href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li>
</ul>
<h2>4.36.1 - 02 Jun 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.0 - 22 May 2026</h2>
<ul>
<li><em>Breaking change</em>: Bump the minimum required CodeQL bundle
version to 2.19.4. <a
href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li>
<li>Add support for SHA-256 Git object IDs. <a
href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li>
</ul>
<h2>4.35.5 - 15 May 2026</h2>
<ul>
<li>We have improved how the JavaScript bundles for the CodeQL Action
are generated to avoid duplication across bundles and reduce the size of
the repository by around 70%. This should have no effect on the runtime
behaviour of the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li>
<li>For performance and accuracy reasons, <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> will now only be enabled on a pull request when
diff-informed analysis is also enabled for that run. If diff-informed
analysis is unavailable (for example, because the PR diff ranges could
not be computed), the action will fall back to a full analysis. <a
href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li>
<li>If multiple inputs are provided for the GitHub-internal
<code>analysis-kinds</code> input, only <code>code-scanning</code> will
be enabled. The <code>analysis-kinds</code> input is experimental, for
GitHub-internal use only, and may change without notice at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li>
<li>Added an experimental change which, when running a Code Scanning
analysis for a PR with <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> enabled, prefers CodeQL CLI versions that have
a cached overlay-base database for the configured languages. This speeds
up analysis for a repository when there is not yet a cached overlay-base
database for the latest CLI version. We expect to roll this change out
to everyone in May. <a
href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li>
</ul>
<h2>4.35.4 - 07 May 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li>
</ul>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a"><code>54f647b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3984">#3984</a>
from github/update-v4.36.3-1f34ec164</li>
<li><a
href="https://github.com/github/codeql-action/commit/e78819e05527766c3c5919e3177647e280c6cb83"><code>e78819e</code></a>
Trigger checks</li>
<li><a
href="https://github.com/github/codeql-action/commit/2c9d3d63eb4941734e2d29468953529a56f5ff1c"><code>2c9d3d6</code></a>
Update changelog for v4.36.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/1f34ec16430d82636d18716acc7aaa6d843b35a9"><code>1f34ec1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3983">#3983</a>
from github/mbg/repo-props/ff-for-config-file-prop</li>
<li><a
href="https://github.com/github/codeql-action/commit/d5f0145480025b49d8b08c3f6b36e6ad41a68c90"><code>d5f0145</code></a>
Log when repository property has a value but is ignored</li>
<li><a
href="https://github.com/github/codeql-action/commit/f27f56386a3c745af8d7bbfb806098c714a5e32a"><code>f27f563</code></a>
Add test for when the FF is off</li>
<li><a
href="https://github.com/github/codeql-action/commit/0025d0f2b5676fde748a0be9725dcce18dd9f986"><code>0025d0f</code></a>
Use FF</li>
<li><a
href="https://github.com/github/codeql-action/commit/f7fa18f05d107ff6735857c3510fbff190c9a1eb"><code>f7fa18f</code></a>
Add FF for config file repo property</li>
<li><a
href="https://github.com/github/codeql-action/commit/628fc3f124e68b0151f0d2a5d81e864ee1e42335"><code>628fc3f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3979">#3979</a>
from github/henrymercer/overlay-db-cleanup-size-tele...</li>
<li><a
href="https://github.com/github/codeql-action/commit/9cfb67bab9b32441237f92d4ba29a7f3ccff259f"><code>9cfb67b</code></a>
Add clarifying comments</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action/autobuild&package-manager=github_actions&previous-version=4.36.2&new-version=4.36.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-07 13:53:51 +00:00
dependabot[bot] f78b9ccaaa chore(deps): Bump @codemirror/view from 6.43.4 to 6.43.5 (#1985)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.4
to 6.43.5.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/view/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.43.4&new-version=6.43.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-07 13:51:35 +00:00
dependabot[bot] bb73a2b1e8 chore(deps): Bump github/codeql-action/analyze from 4.36.2 to 4.36.3 (#1982)
Bumps
[github/codeql-action/analyze](https://github.com/github/codeql-action)
from 4.36.2 to 4.36.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action/analyze's
releases</a>.</em></p>
<blockquote>
<h2>v4.36.3</h2>
<p>No user facing changes.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action/analyze's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.36.3 - 01 Jul 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.2 - 04 Jun 2026</h2>
<ul>
<li>Cache CodeQL CLI version information across Actions steps. <a
href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li>
<li>Reduce requests while waiting for analysis processing by using
exponential backoff when polling SARIF processing status. <a
href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li>
</ul>
<h2>4.36.1 - 02 Jun 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.0 - 22 May 2026</h2>
<ul>
<li><em>Breaking change</em>: Bump the minimum required CodeQL bundle
version to 2.19.4. <a
href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li>
<li>Add support for SHA-256 Git object IDs. <a
href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li>
</ul>
<h2>4.35.5 - 15 May 2026</h2>
<ul>
<li>We have improved how the JavaScript bundles for the CodeQL Action
are generated to avoid duplication across bundles and reduce the size of
the repository by around 70%. This should have no effect on the runtime
behaviour of the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li>
<li>For performance and accuracy reasons, <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> will now only be enabled on a pull request when
diff-informed analysis is also enabled for that run. If diff-informed
analysis is unavailable (for example, because the PR diff ranges could
not be computed), the action will fall back to a full analysis. <a
href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li>
<li>If multiple inputs are provided for the GitHub-internal
<code>analysis-kinds</code> input, only <code>code-scanning</code> will
be enabled. The <code>analysis-kinds</code> input is experimental, for
GitHub-internal use only, and may change without notice at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li>
<li>Added an experimental change which, when running a Code Scanning
analysis for a PR with <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> enabled, prefers CodeQL CLI versions that have
a cached overlay-base database for the configured languages. This speeds
up analysis for a repository when there is not yet a cached overlay-base
database for the latest CLI version. We expect to roll this change out
to everyone in May. <a
href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li>
</ul>
<h2>4.35.4 - 07 May 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li>
</ul>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a"><code>54f647b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3984">#3984</a>
from github/update-v4.36.3-1f34ec164</li>
<li><a
href="https://github.com/github/codeql-action/commit/e78819e05527766c3c5919e3177647e280c6cb83"><code>e78819e</code></a>
Trigger checks</li>
<li><a
href="https://github.com/github/codeql-action/commit/2c9d3d63eb4941734e2d29468953529a56f5ff1c"><code>2c9d3d6</code></a>
Update changelog for v4.36.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/1f34ec16430d82636d18716acc7aaa6d843b35a9"><code>1f34ec1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3983">#3983</a>
from github/mbg/repo-props/ff-for-config-file-prop</li>
<li><a
href="https://github.com/github/codeql-action/commit/d5f0145480025b49d8b08c3f6b36e6ad41a68c90"><code>d5f0145</code></a>
Log when repository property has a value but is ignored</li>
<li><a
href="https://github.com/github/codeql-action/commit/f27f56386a3c745af8d7bbfb806098c714a5e32a"><code>f27f563</code></a>
Add test for when the FF is off</li>
<li><a
href="https://github.com/github/codeql-action/commit/0025d0f2b5676fde748a0be9725dcce18dd9f986"><code>0025d0f</code></a>
Use FF</li>
<li><a
href="https://github.com/github/codeql-action/commit/f7fa18f05d107ff6735857c3510fbff190c9a1eb"><code>f7fa18f</code></a>
Add FF for config file repo property</li>
<li><a
href="https://github.com/github/codeql-action/commit/628fc3f124e68b0151f0d2a5d81e864ee1e42335"><code>628fc3f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3979">#3979</a>
from github/henrymercer/overlay-db-cleanup-size-tele...</li>
<li><a
href="https://github.com/github/codeql-action/commit/9cfb67bab9b32441237f92d4ba29a7f3ccff259f"><code>9cfb67b</code></a>
Add clarifying comments</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action/analyze&package-manager=github_actions&previous-version=4.36.2&new-version=4.36.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-07 15:24:39 +03:00
dependabot[bot] a4da75d722 chore(deps): Bump docker/login-action from 4.2.0 to 4.4.0 (#1983)
Bumps [docker/login-action](https://github.com/docker/login-action) from
4.2.0 to 4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<ul>
<li>Skip empty <code>registry-auth</code> secret mask by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/1035">docker/login-action#1035</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> and
<code>@​aws-sdk/client-ecr-public</code> to 3.1077.0 <a
href="https://redirect.github.com/docker/login-action/pull/1034">docker/login-action#1034</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v4.3.0...v4.4.0">https://github.com/docker/login-action/compare/v4.3.0...v4.4.0</a></p>
<h2>v4.3.0</h2>
<ul>
<li>Preserve names in esbuild bundle by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/1022">docker/login-action#1022</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> and
<code>@​aws-sdk/client-ecr-public</code> to 3.1076.0 <a
href="https://redirect.github.com/docker/login-action/pull/999">docker/login-action#999</a>
<a
href="https://redirect.github.com/docker/login-action/pull/1030">docker/login-action#1030</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.90.0 to 0.92.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/1004">docker/login-action#1004</a>
<a
href="https://redirect.github.com/docker/login-action/pull/1027">docker/login-action#1027</a></li>
<li>Bump <code>@​sigstore/core</code> from 3.1.0 to 3.2.1 in <a
href="https://redirect.github.com/docker/login-action/pull/1023">docker/login-action#1023</a></li>
<li>Bump <code>@​sigstore/verify</code> from 3.1.0 to 3.1.1 in <a
href="https://redirect.github.com/docker/login-action/pull/1029">docker/login-action#1029</a></li>
<li>Bump http-proxy-agent and https-proxy-agent to 9.1.0 in <a
href="https://redirect.github.com/docker/login-action/pull/1017">docker/login-action#1017</a></li>
<li>Bump js-yaml from 4.1.1 to 5.2.0 in <a
href="https://redirect.github.com/docker/login-action/pull/1028">docker/login-action#1028</a></li>
<li>Bump sigstore from 4.1.0 to 4.1.1 in <a
href="https://redirect.github.com/docker/login-action/pull/1031">docker/login-action#1031</a></li>
<li>Bump tmp from 0.2.5 to 0.2.7 in <a
href="https://redirect.github.com/docker/login-action/pull/1002">docker/login-action#1002</a></li>
<li>Bump undici from 6.24.1 to 6.27.0 in <a
href="https://redirect.github.com/docker/login-action/pull/1020">docker/login-action#1020</a></li>
<li>Bump vite from 7.3.3 to 7.3.6 in <a
href="https://redirect.github.com/docker/login-action/pull/1019">docker/login-action#1019</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v4.2.0...v4.3.0">https://github.com/docker/login-action/compare/v4.2.0...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/af1e73f918a031802d376d3c8bbc3fe56130a9b0"><code>af1e73f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/1034">#1034</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependen...</li>
<li><a
href="https://github.com/docker/login-action/commit/da722bde43bacb027adfc67d42dbaa4c0f9e550b"><code>da722bd</code></a>
[dependabot skip] chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/2916ad60bd5cb72f07aa54c69fdcc61749c09b7a"><code>2916ad6</code></a>
build(deps): bump the aws-sdk-dependencies group across 1 directory with
2 up...</li>
<li><a
href="https://github.com/docker/login-action/commit/ca0a662f786e4cfddce972005bd68f3dafc3a903"><code>ca0a662</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/1035">#1035</a>
from crazy-max/fix-registry-auth-empty-mask</li>
<li><a
href="https://github.com/docker/login-action/commit/c455755a579833bf0d2e4e54e3beb413ef10cc80"><code>c455755</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/48351901f89581a7c12870c787d3f06d1f498438"><code>4835190</code></a>
skip empty registry-auth secret mask</li>
<li><a
href="https://github.com/docker/login-action/commit/992421c6e6806a7f6df609d1bfff374f9eca3004"><code>992421c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/1033">#1033</a>
from docker/dependabot/github_actions/docker/bake-ac...</li>
<li><a
href="https://github.com/docker/login-action/commit/b249b43765525dd7951068267a34cf63f22ab4f0"><code>b249b43</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/1032">#1032</a>
from docker/dependabot/github_actions/docker/bake-ac...</li>
<li><a
href="https://github.com/docker/login-action/commit/1b67977736863551a88ff218642a2d7628b10520"><code>1b67977</code></a>
build(deps): bump docker/bake-action from 7.2.0 to 7.3.0</li>
<li><a
href="https://github.com/docker/login-action/commit/9d49d6a3234c78daa10c3c12183ef7b6caa8e69e"><code>9d49d6a</code></a>
build(deps): bump docker/bake-action/subaction/matrix</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/650006c6eb7dba73a995cc03b0b2d7f5ca915bee...af1e73f918a031802d376d3c8bbc3fe56130a9b0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=4.2.0&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-06 13:53:39 +00:00
dependabot[bot] 1b314b11b9 chore(deps): Bump github/codeql-action/init from 4.36.2 to 4.36.3 (#1981)
Bumps
[github/codeql-action/init](https://github.com/github/codeql-action)
from 4.36.2 to 4.36.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action/init's
releases</a>.</em></p>
<blockquote>
<h2>v4.36.3</h2>
<p>No user facing changes.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action/init's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.36.3 - 01 Jul 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.2 - 04 Jun 2026</h2>
<ul>
<li>Cache CodeQL CLI version information across Actions steps. <a
href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li>
<li>Reduce requests while waiting for analysis processing by using
exponential backoff when polling SARIF processing status. <a
href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li>
</ul>
<h2>4.36.1 - 02 Jun 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.0 - 22 May 2026</h2>
<ul>
<li><em>Breaking change</em>: Bump the minimum required CodeQL bundle
version to 2.19.4. <a
href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li>
<li>Add support for SHA-256 Git object IDs. <a
href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li>
</ul>
<h2>4.35.5 - 15 May 2026</h2>
<ul>
<li>We have improved how the JavaScript bundles for the CodeQL Action
are generated to avoid duplication across bundles and reduce the size of
the repository by around 70%. This should have no effect on the runtime
behaviour of the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li>
<li>For performance and accuracy reasons, <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> will now only be enabled on a pull request when
diff-informed analysis is also enabled for that run. If diff-informed
analysis is unavailable (for example, because the PR diff ranges could
not be computed), the action will fall back to a full analysis. <a
href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li>
<li>If multiple inputs are provided for the GitHub-internal
<code>analysis-kinds</code> input, only <code>code-scanning</code> will
be enabled. The <code>analysis-kinds</code> input is experimental, for
GitHub-internal use only, and may change without notice at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li>
<li>Added an experimental change which, when running a Code Scanning
analysis for a PR with <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> enabled, prefers CodeQL CLI versions that have
a cached overlay-base database for the configured languages. This speeds
up analysis for a repository when there is not yet a cached overlay-base
database for the latest CLI version. We expect to roll this change out
to everyone in May. <a
href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li>
</ul>
<h2>4.35.4 - 07 May 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li>
</ul>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a"><code>54f647b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3984">#3984</a>
from github/update-v4.36.3-1f34ec164</li>
<li><a
href="https://github.com/github/codeql-action/commit/e78819e05527766c3c5919e3177647e280c6cb83"><code>e78819e</code></a>
Trigger checks</li>
<li><a
href="https://github.com/github/codeql-action/commit/2c9d3d63eb4941734e2d29468953529a56f5ff1c"><code>2c9d3d6</code></a>
Update changelog for v4.36.3</li>
<li><a
href="https://github.com/github/codeql-action/commit/1f34ec16430d82636d18716acc7aaa6d843b35a9"><code>1f34ec1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3983">#3983</a>
from github/mbg/repo-props/ff-for-config-file-prop</li>
<li><a
href="https://github.com/github/codeql-action/commit/d5f0145480025b49d8b08c3f6b36e6ad41a68c90"><code>d5f0145</code></a>
Log when repository property has a value but is ignored</li>
<li><a
href="https://github.com/github/codeql-action/commit/f27f56386a3c745af8d7bbfb806098c714a5e32a"><code>f27f563</code></a>
Add test for when the FF is off</li>
<li><a
href="https://github.com/github/codeql-action/commit/0025d0f2b5676fde748a0be9725dcce18dd9f986"><code>0025d0f</code></a>
Use FF</li>
<li><a
href="https://github.com/github/codeql-action/commit/f7fa18f05d107ff6735857c3510fbff190c9a1eb"><code>f7fa18f</code></a>
Add FF for config file repo property</li>
<li><a
href="https://github.com/github/codeql-action/commit/628fc3f124e68b0151f0d2a5d81e864ee1e42335"><code>628fc3f</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3979">#3979</a>
from github/henrymercer/overlay-db-cleanup-size-tele...</li>
<li><a
href="https://github.com/github/codeql-action/commit/9cfb67bab9b32441237f92d4ba29a7f3ccff259f"><code>9cfb67b</code></a>
Add clarifying comments</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action/init&package-manager=github_actions&previous-version=4.36.2&new-version=4.36.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-06 13:52:12 +00:00
github-actions[bot] 66377f5dcf Bump version to 3.1.0 (#1978)
Automated changes by
[create-pull-request](https://github.com/peter-evans/create-pull-request)
GitHub action

Co-authored-by: HarelM <3269297+HarelM@users.noreply.github.com>
v3.1.0
2026-07-06 15:28:36 +03:00
dependabot[bot] fc4a7c5ab9 chore(deps-dev): Bump eslint from 10.5.0 to 10.6.0 (#1969)
Bumps [eslint](https://github.com/eslint/eslint) from 10.5.0 to 10.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v10.6.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/b1f910628e29a018c860e2352bc14cd07c853d67"><code>b1f9106</code></a>
feat: detect Symbol() and BigInt() in no-constant-binary-expression (<a
href="https://redirect.github.com/eslint/eslint/issues/20981">#20981</a>)
(Taejin Kim)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f291007cb73f55c09cf3c2aa3a405df379a5c594"><code>f291007</code></a>
feat: add checkRelationalComparisons to no-constant-binary-expression
(<a
href="https://redirect.github.com/eslint/eslint/issues/20948">#20948</a>)
(sethamus)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/6b05784eb271ac98ca3e1e2a48c4b14bb588c786"><code>6b05784</code></a>
fix: prefer-exponentiation-operator invalid autofix at statement start
(<a
href="https://redirect.github.com/eslint/eslint/issues/20997">#20997</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/bb9eb2ab28daf6e6dafc62daa6b5daf9c2b7046c"><code>bb9eb2a</code></a>
fix: account for shadowed <code>Boolean</code> in
<code>no-extra-boolean-cast</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/21013">#21013</a>)
(den$)</li>
<li><a
href="https://github.com/eslint/eslint/commit/8fd8741009a3ed7845c89bfe2fb3eaa2119b2d15"><code>8fd8741</code></a>
fix: don't report shadowed undefined in <code>radix</code> rule (<a
href="https://redirect.github.com/eslint/eslint/issues/21011">#21011</a>)
(Pixel)</li>
<li><a
href="https://github.com/eslint/eslint/commit/5784980ce8ba99556db98907895d82ef49cd0a27"><code>5784980</code></a>
fix: don't report shadowed undefined in no-throw-literal (<a
href="https://redirect.github.com/eslint/eslint/issues/21010">#21010</a>)
(Pixel)</li>
<li><a
href="https://github.com/eslint/eslint/commit/9cd1e6de5bad487a9c713bdc9fda5af7ea0babcd"><code>9cd1e6d</code></a>
fix: suppress invalid class suggestion in no-promise-executor-return (<a
href="https://redirect.github.com/eslint/eslint/issues/21008">#21008</a>)
(Pixel)</li>
<li><a
href="https://github.com/eslint/eslint/commit/d4eb2dc95f17cdf491edca91b7d9caf05b86253f"><code>d4eb2dc</code></a>
fix: don't report shadowed undefined in prefer-promise-reject-errors (<a
href="https://redirect.github.com/eslint/eslint/issues/21006">#21006</a>)
(Pixel)</li>
<li><a
href="https://github.com/eslint/eslint/commit/23604646db6d987d01edb8aa5f4d2a88bd4c01d0"><code>2360464</code></a>
fix: prefer-promise-reject-errors false positives for shadowed Promise
(<a
href="https://redirect.github.com/eslint/eslint/issues/21003">#21003</a>)
(den$)</li>
<li><a
href="https://github.com/eslint/eslint/commit/63d52d28de705ec46f328d18166e8b7170b3f024"><code>63d52d2</code></a>
fix: restore max-classes-per-file report range (<a
href="https://redirect.github.com/eslint/eslint/issues/21002">#21002</a>)
(Pixel)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7feaff0cfb8d6a6260d3ea56887c9161daf8c700"><code>7feaff0</code></a>
fix: callback detection logic for IIFEs in max-nested-callbacks (<a
href="https://redirect.github.com/eslint/eslint/issues/20979">#20979</a>)
(fnx)</li>
<li><a
href="https://github.com/eslint/eslint/commit/399a2ec81bcbcff2c67920db51d9276b20ac1025"><code>399a2ec</code></a>
fix: don't report inner non-callbacks in
<code>max-nested-callbacks</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20995">#20995</a>)
(Milos Djermanovic)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/a83683db1c27193c2ad333fc5c0aedcc8a293db7"><code>a83683d</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f5449f96c2caabbc1a28b15211873e2f672f5ae5"><code>f5449f9</code></a>
docs: document userland patterns for global assertionOptions in RuleT…
(<a
href="https://redirect.github.com/eslint/eslint/issues/20986">#20986</a>)
(playgirl)</li>
<li><a
href="https://github.com/eslint/eslint/commit/bea49f7b2899ebf708482f977ef2ada41fd2c3f0"><code>bea49f7</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/e5f70f9b06683a887dd0d6dc1cc91a9c9bea816d"><code>e5f70f9</code></a>
docs: update code-path diagrams (<a
href="https://redirect.github.com/eslint/eslint/issues/20984">#20984</a>)
(Tanuj Kanti)</li>
<li><a
href="https://github.com/eslint/eslint/commit/8890c2d40880b195b9167735c24ec0cc5de5eb96"><code>8890c2d</code></a>
docs: add TypeScript config guidance for MCP server (<a
href="https://redirect.github.com/eslint/eslint/issues/20796">#20796</a>)
(Pierluigi Lenoci)</li>
<li><a
href="https://github.com/eslint/eslint/commit/3eb3d9b1b5edecc3fcae0519ddba0e3745e889e3"><code>3eb3d9b</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c5bb59cf613dabafd550227b6adaa9327b1095f5"><code>c5bb59c</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/eb3c97c776731ce11b28cc99f0271f41b9994701"><code>eb3c97c</code></a>
docs: fix grammar in prefer-const rule description (<a
href="https://redirect.github.com/eslint/eslint/issues/20983">#20983</a>)
(lumir)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/6a42034a57a816b0a313720b3b9df09455bd0b5e"><code>6a42034</code></a>
ci: run ecosystem tests on main branch (<a
href="https://redirect.github.com/eslint/eslint/issues/20891">#20891</a>)
(sethamus)</li>
<li><a
href="https://github.com/eslint/eslint/commit/3dbacdbb31673c87ca86ecafbb18712d8d1daed8"><code>3dbacdb</code></a>
ci: bump actions/checkout from 6 to 7 (<a
href="https://redirect.github.com/eslint/eslint/issues/21014">#21014</a>)
(dependabot[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/c3abfca7c96cc9a244f54eeb66e9971c59280354"><code>c3abfca</code></a>
chore: correct JSDoc param types in html formatter (<a
href="https://redirect.github.com/eslint/eslint/issues/21018">#21018</a>)
(Minseon Kim)</li>
<li><a
href="https://github.com/eslint/eslint/commit/a8323209cdbefefd540c5beeaa51418d8ec40f9e"><code>a832320</code></a>
ci: split ecosystem tests into separate jobs (<a
href="https://redirect.github.com/eslint/eslint/issues/21001">#21001</a>)
(xbinaryx)</li>
<li><a
href="https://github.com/eslint/eslint/commit/27166e78511db526688afc34bbfab1a458405f3f"><code>27166e7</code></a>
chore: update ecosystem plugins (<a
href="https://redirect.github.com/eslint/eslint/issues/21005">#21005</a>)
(ESLint Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/865d76e40107d4fa10a17fc3203b303eb8a88dc3"><code>865d76e</code></a>
ci: bump pnpm/action-setup from 6.0.8 to 6.0.9 (<a
href="https://redirect.github.com/eslint/eslint/issues/20989">#20989</a>)
(dependabot[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/27a88c9fa7c040f4cd39e5a5e6e2d02441c408ef"><code>27a88c9</code></a>
chore: update dependency markdown-it to v14 in root (<a
href="https://redirect.github.com/eslint/eslint/issues/20994">#20994</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/970cea62b295d931a4109abedeb21ba192d3f2be"><code>970cea6</code></a>
chore: update dependency markdown-it to v14 (<a
href="https://redirect.github.com/eslint/eslint/issues/20993">#20993</a>)
(Milos Djermanovic)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b482120bacb40204fbf16f3b20be7207057157a5"><code>b482120</code></a>
chore: update dependency prettier to v3.8.4 (<a
href="https://redirect.github.com/eslint/eslint/issues/20990">#20990</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/6993fb3173da84999fc208507b93f523aa657448"><code>6993fb3</code></a>
chore: update ecosystem plugins (<a
href="https://redirect.github.com/eslint/eslint/issues/20985">#20985</a>)
(ESLint Bot)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/5d12a0419636abb71628b7e45063a943c454a7c7"><code>5d12a04</code></a>
10.6.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/f7ca54b138c4ba7b8e65f83b7fe58cc8de50af8b"><code>f7ca54b</code></a>
Build: changelog update for 10.6.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/6a42034a57a816b0a313720b3b9df09455bd0b5e"><code>6a42034</code></a>
ci: run ecosystem tests on main branch (<a
href="https://redirect.github.com/eslint/eslint/issues/20891">#20891</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b1f910628e29a018c860e2352bc14cd07c853d67"><code>b1f9106</code></a>
feat: detect Symbol() and BigInt() in no-constant-binary-expression (<a
href="https://redirect.github.com/eslint/eslint/issues/20981">#20981</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/3dbacdbb31673c87ca86ecafbb18712d8d1daed8"><code>3dbacdb</code></a>
ci: bump actions/checkout from 6 to 7 (<a
href="https://redirect.github.com/eslint/eslint/issues/21014">#21014</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c3abfca7c96cc9a244f54eeb66e9971c59280354"><code>c3abfca</code></a>
chore: correct JSDoc param types in html formatter (<a
href="https://redirect.github.com/eslint/eslint/issues/21018">#21018</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/a83683db1c27193c2ad333fc5c0aedcc8a293db7"><code>a83683d</code></a>
docs: Update README</li>
<li><a
href="https://github.com/eslint/eslint/commit/a8323209cdbefefd540c5beeaa51418d8ec40f9e"><code>a832320</code></a>
ci: split ecosystem tests into separate jobs (<a
href="https://redirect.github.com/eslint/eslint/issues/21001">#21001</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/6b05784eb271ac98ca3e1e2a48c4b14bb588c786"><code>6b05784</code></a>
fix: prefer-exponentiation-operator invalid autofix at statement start
(<a
href="https://redirect.github.com/eslint/eslint/issues/20997">#20997</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/bb9eb2ab28daf6e6dafc62daa6b5daf9c2b7046c"><code>bb9eb2a</code></a>
fix: account for shadowed <code>Boolean</code> in
<code>no-extra-boolean-cast</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/21013">#21013</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v10.5.0...v10.6.0">compare
view</a></li>
</ul>
</details>
<br />

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-03 14:00:04 +00:00
dependabot[bot] d4f90b9bd7 chore(deps): Bump downshift from 9.3.6 to 9.4.0 (#1975)
Bumps [downshift](https://github.com/downshift-js/downshift) from 9.3.6
to 9.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/downshift-js/downshift/releases">downshift's
releases</a>.</em></p>
<blockquote>
<h2>v9.4.0</h2>
<h1><a
href="https://github.com/downshift-js/downshift/compare/v9.3.6...v9.4.0">9.4.0</a>
(2026-06-30)</h1>
<h3>Features</h3>
<ul>
<li>fix React Compiler compatibility. (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1690">#1690</a>)
(<a
href="https://github.com/downshift-js/downshift/commit/1bb8b75e506fe807a5c5201a103d1bd128e5a5e2">1bb8b75</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/downshift-js/downshift/commit/1bb8b75e506fe807a5c5201a103d1bd128e5a5e2"><code>1bb8b75</code></a>
feat: fix React Compiler compatibility. (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1690">#1690</a>)</li>
<li><a
href="https://github.com/downshift-js/downshift/commit/3c7584b62e900b80b998c2d486c3ff458b30214c"><code>3c7584b</code></a>
docs: fix docs dark mode example contrast (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1694">#1694</a>)</li>
<li>See full diff in <a
href="https://github.com/downshift-js/downshift/compare/v9.3.6...v9.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=downshift&package-manager=npm_and_yarn&previous-version=9.3.6&new-version=9.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-03 13:52:06 +00:00
dependabot[bot] aa5693ad6b chore(deps): Bump i18next from 26.3.3 to 26.3.4 (#1974)
Bumps [i18next](https://github.com/i18next/i18next) from 26.3.3 to
26.3.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v26.3.4</h2>
<ul>
<li>fix(security): <code>deepExtend</code> (used by
<code>addResourceBundle(..., deep, overwrite)</code>) no longer recurses
into inherited properties. It checked key existence with the
<code>in</code> operator, which walks the prototype chain, so a source
key matching an inherited built-in (e.g. <code>hasOwnProperty</code>,
<code>toString</code>) caused recursion into the shared
<code>Object.prototype</code> function and, with <code>overwrite:
true</code>, could overwrite e.g.
<code>Object.prototype.hasOwnProperty.call</code> with a non-callable
value — corrupting a shared built-in process-wide (DoS). Existence is
now checked with <code>Object.prototype.hasOwnProperty.call</code>, so
such keys are copied as plain own data instead. This complements the
existing <code>__proto__</code>/<code>constructor</code> guard and is
also strictly more correct for an own-property merge. Only affects
applications that pass attacker-controlled data with <code>deep:
true</code> and <code>overwrite: true</code>; no standard
backend/integration does this. Distinct from CVE-2026-48713 /
CVE-2026-48714 (different packages, <code>setPath</code> mechanism).
Thanks to zx (Jace) for the responsible disclosure.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.3.4</h2>
<ul>
<li>fix(security): <code>deepExtend</code> (used by
<code>addResourceBundle(..., deep, overwrite)</code>) no longer recurses
into inherited properties. It checked key existence with the
<code>in</code> operator, which walks the prototype chain, so a source
key matching an inherited built-in (e.g. <code>hasOwnProperty</code>,
<code>toString</code>) caused recursion into the shared
<code>Object.prototype</code> function and, with <code>overwrite:
true</code>, could overwrite e.g.
<code>Object.prototype.hasOwnProperty.call</code> with a non-callable
value — corrupting a shared built-in process-wide (DoS). Existence is
now checked with <code>Object.prototype.hasOwnProperty.call</code>, so
such keys are copied as plain own data instead. This complements the
existing <code>__proto__</code>/<code>constructor</code> guard and is
also strictly more correct for an own-property merge. Only affects
applications that pass attacker-controlled data with <code>deep:
true</code> and <code>overwrite: true</code>; no standard
backend/integration does this. Distinct from CVE-2026-48713 /
CVE-2026-48714 (different packages, <code>setPath</code> mechanism). See
advisory <a
href="https://github.com/i18next/i18next/security/advisories/GHSA-6jcc-5g8w-32mx">GHSA-6jcc-5g8w-32mx</a>,
CVSS 5.9 (<code>CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H</code>).
Thanks to zx (Jace) <a
href="https://github.com/manus-use"><code>@​manus-use</code></a> for the
responsible disclosure.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/817ede5146e6d366645982885b0a729861d10a3a"><code>817ede5</code></a>
26.3.4</li>
<li><a
href="https://github.com/i18next/i18next/commit/46d0dd80b505b6b69feccebbe7d9c4fd66c8f85c"><code>46d0dd8</code></a>
build</li>
<li><a
href="https://github.com/i18next/i18next/commit/642137b7786d83661ec3ee53027798dc4b81d30a"><code>642137b</code></a>
fix(security): prevent deepExtend from recursing into inherited
built-ins</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.3.3...v26.3.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.3.3&new-version=26.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-03 13:51:06 +00:00
dependabot[bot] c596006e25 chore(deps-dev): Bump typescript-eslint from 8.62.0 to 8.62.1 (#1973)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.62.0 to 8.62.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.62.1</h2>
<h2>8.62.1 (2026-06-29)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [prefer-optional-chain] use
suggestion instead of autofix for trailing binary operator (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12328">#12328</a>)</li>
<li><strong>eslint-plugin:</strong>
[no-unnecessary-boolean-literal-compare] preserve boolean result in
fixer for nullable true comparisons (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12365">#12365</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
parenthesize object literal at left edge of expression statement (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12443">#12443</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12418">#12418</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>mdm317</li>
<li>Patrick Aleite</li>
<li>송재욱</li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.62.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.62.1 (2026-06-29)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.62.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/3ea32f4ba5e196c08c6da1095619d7f65ba4905e"><code>3ea32f4</code></a>
chore(release): publish 8.62.1</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.62.0&new-version=8.62.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-03 13:49:52 +00:00
dependabot[bot] 99b70a5fe8 chore(deps): Bump cypress-io/github-action from 7.4.0 to 7.4.1 (#1972)
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 7.4.0 to 7.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.4.1</h2>
<h2><a
href="https://github.com/cypress-io/github-action/compare/v7.4.0...v7.4.1">7.4.1</a>
(2026-06-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update transient dependency to undici 6.27.0
(<a
href="https://redirect.github.com/cypress-io/github-action/issues/1807">#1807</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/fa4a118725a8f001170d49631ea89e5d66fee626">fa4a118</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/github-action/commit/fa4a118725a8f001170d49631ea89e5d66fee626"><code>fa4a118</code></a>
fix(deps): update transient dependency to undici 6.27.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1807">#1807</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/a609ff3e0785adbfe6d791246f0753efcac6b430"><code>a609ff3</code></a>
chore(deps): update dependency cypress to v15.18.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1805">#1805</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/f34caf174c7c963934ce4d4a42b693b7948f2b0e"><code>f34caf1</code></a>
chore(deps): update webpack (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1803">#1803</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/a96a1cc1cec77938149a3789c30753561583f536"><code>a96a1cc</code></a>
chore(deps): update tailwindcss monorepo to ^4.3.1 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1802">#1802</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/2952a93a95c3b427bcc869bf023eee9ace5da587"><code>2952a93</code></a>
chore(deps): execute npm audit fix (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1800">#1800</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/4affc969de931eeb754601e2f609c5cc8570420d"><code>4affc96</code></a>
chore(deps): update yarn monorepo to v4.17.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1804">#1804</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/47646e1836697bfbba7622f189e32efba1b3e7aa"><code>47646e1</code></a>
chore(deps): update actions/checkout to v7 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1797">#1797</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/1b202e7fd031e9175e60706cc0b4dea5ac59cb5c"><code>1b202e7</code></a>
chore(deps): update dependency <code>@​vercel/ncc</code> to v0.44.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1796">#1796</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/345abf6f15f00f50bcc3cc93120d18feea99a356"><code>345abf6</code></a>
chore(deps): lock file maintenance (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1793">#1793</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/e0ea1ad818d933ed2ba225606e39593de003a62e"><code>e0ea1ad</code></a>
chore(deps): update dependency prettier to v3.8.4 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1795">#1795</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/github-action/compare/948d67d3074f1bbb6379c8bdbb04e95d2f8e593f...fa4a118725a8f001170d49631ea89e5d66fee626">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=7.4.0&new-version=7.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-02 13:51:57 +00:00
dependabot[bot] 84310f1798 chore(deps-dev): Bump postcss from 8.5.15 to 8.5.16 (#1971)
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.15 to
8.5.16.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.5.16</h2>
<ul>
<li>Fixed <code>Input#origin()</code> position (by <a
href="https://github.com/mizdra"><code>@​mizdra</code></a>).</li>
<li>Fixed <code>raws</code> after rehydrating a JSON AST (by <a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
<li>Fixed putting parent-less node in <code>nodes</code> of new node (by
<a
href="https://github.com/MahinAnowar"><code>@​MahinAnowar</code></a>).</li>
<li>Fixed computing <code>offset</code> in <code>positionBy()</code> (by
<a
href="https://github.com/greymoth-jp"><code>@​greymoth-jp</code></a>).</li>
<li>Fixed <code>rangeBy()</code> on <code>index: 0</code> (by <a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.5.16</h2>
<ul>
<li>Fixed <code>Input#origin()</code> position (by <a
href="https://github.com/mizdra"><code>@​mizdra</code></a>).</li>
<li>Fixed <code>raws</code> after rehydrating a JSON AST (by <a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
<li>Fixed putting parent-less node in <code>nodes</code> of new node (by
<a
href="https://github.com/MahinAnowar"><code>@​MahinAnowar</code></a>).</li>
<li>Fixed computing <code>offset</code> in <code>positionBy()</code> (by
<a
href="https://github.com/greymoth-jp"><code>@​greymoth-jp</code></a>).</li>
<li>Fixed <code>rangeBy()</code> on <code>index: 0</code> (by <a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/postcss/postcss/commit/92ccc93ff15bd193491d67fad9763e62d489dfad"><code>92ccc93</code></a>
Release 8.5.16 version</li>
<li><a
href="https://github.com/postcss/postcss/commit/818bdd6043359af773ccc3ca8663053d61a707c8"><code>818bdd6</code></a>
Update formatting</li>
<li><a
href="https://github.com/postcss/postcss/commit/46e451068ee6160b837865b715cf6972f28fabd5"><code>46e4510</code></a>
Fix <code>Input#origin()</code> returning incorrect position (<a
href="https://redirect.github.com/postcss/postcss/issues/2036">#2036</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/34942ce76c0b0c9ee65b1421017ac71855e722c4"><code>34942ce</code></a>
Fix tests</li>
<li><a
href="https://github.com/postcss/postcss/commit/d4feed645314ee421edf80ee9ebe453cc75c997f"><code>d4feed6</code></a>
Don't clone root-less child nodes in container constructor (<a
href="https://redirect.github.com/postcss/postcss/issues/2097">#2097</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/da323fc8d327a38199a21987dcbf7e27e3bc34f3"><code>da323fc</code></a>
Revert version update to fix old Node.js on CI</li>
<li><a
href="https://github.com/postcss/postcss/commit/886336919497516df8f140d0fb327bd125e35053"><code>8863369</code></a>
Update dependencies</li>
<li><a
href="https://github.com/postcss/postcss/commit/3828982213fec6bc13d0791b1adf40393be0935e"><code>3828982</code></a>
Preserve node raws when rehydrating a JSON AST (<a
href="https://redirect.github.com/postcss/postcss/issues/2100">#2100</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/d1e80b830386b08dcd5b962fd466d1c51f28e82d"><code>d1e80b8</code></a>
Fix Node#rangeBy() ignoring index 0 (<a
href="https://redirect.github.com/postcss/postcss/issues/2091">#2091</a>)</li>
<li><a
href="https://github.com/postcss/postcss/commit/b91e4a63907325d98b75d11fda546bdd91acc608"><code>b91e4a6</code></a>
Fix Node.js 26 tests</li>
<li>Additional commits viewable in <a
href="https://github.com/postcss/postcss/compare/8.5.15...8.5.16">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new
releaser for postcss since your current version.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.15&new-version=8.5.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-07-02 13:51:26 +00:00
dependabot[bot] 4679af47eb chore(deps): Bump @codemirror/view from 6.43.3 to 6.43.4 (#1970)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.3
to 6.43.4.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/view/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.43.3&new-version=6.43.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-30 13:51:22 +00:00
dependabot[bot] bb743a01ee chore(deps-dev): Bump cypress from 15.17.0 to 15.18.0 (#1966)
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.17.0 to
15.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/cypress/releases">cypress's
releases</a>.</em></p>
<blockquote>
<h2>v15.18.0</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-18-0">https://docs.cypress.io/app/references/changelog#15-18-0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/cypress/commit/fa083dbc716f2fd1c50ba505ee9c400366c922f6"><code>fa083db</code></a>
fix: prevent proxy crash on IPv6 literal hosts in cy.visit (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34146">#34146</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/063636c047f63747db9155f9b6dd71874710f0a7"><code>063636c</code></a>
chore(ci): only install firefox in UI test jobs that target it (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34142">#34142</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/02aa75de2afc9632a1d80a0629099125fb16fb58"><code>02aa75d</code></a>
feat: add removeSRIAttributes config option to strip SRI from
first-party res...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/2d6b11ec3f63c59b1afb563467ceeee889404be0"><code>2d6b11e</code></a>
chore(deps): bump undici to 6.27.0 for SNYK-JS-UNDICI-17372658 (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34121">#34121</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/56759eaef142cf84d4c8e32b430c73adfaf69f1e"><code>56759ea</code></a>
misc: remove the global install warning from cypress install (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34139">#34139</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/d47b81db661033eb2ee4cc25851b00609952fa1a"><code>d47b81d</code></a>
chore: resync yarn.lock (shell-quote) (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34145">#34145</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/19ac7196b0c04a749524db6f6cca4a23df6f1228"><code>19ac719</code></a>
chore(ci): remove duplicate test run in npm-webpack-dev-server job (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34141">#34141</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/6f96dac9af3caf620381f5fe90141b9c3a939680"><code>6f96dac</code></a>
docs: document PR title prefixes, changelog, and template requirements
(<a
href="https://redirect.github.com/cypress-io/cypress/issues/34128">#34128</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/d70617532c88956b7b412be04ded639d8e941628"><code>d706175</code></a>
chore: correct misleading WebKit browser debug log message (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34135">#34135</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/fb767947ef37a0191c6514a857bf75e648c5859b"><code>fb76794</code></a>
chore: remove no-op CYPRESS_DOWNLOAD_USE_CA environment variable (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34131">#34131</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.17.0...v15.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.17.0&new-version=15.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-29 13:54:34 +00:00
dependabot[bot] 28ceff7b0e chore(deps): Bump @maplibre/maplibre-gl-style-spec from 25.0.0 to 25.0.1 (#1965)
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 25.0.0 to 25.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v25.0.1</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li><code>has</code> filter now returns <code>false</code> when a
property exists but is set to <code>undefined</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1712">#1712</a>)
(by <a
href="https://github.com/xavierjs"><code>@​xavierjs</code></a>)</li>
<li>Fix incorrect replacement suggestion in error messages for mixed
legacy+expression <code>$type</code> filters (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1727">#1727</a>,
<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1728">#1728</a>)
(by <a
href="https://github.com/ciscorn"><code>@​ciscorn</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>25.0.1</h2>
<h3>🐞 Bug fixes</h3>
<ul>
<li><code>has</code> filter now returns <code>false</code> when a
property exists but is set to <code>undefined</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1712">#1712</a>)
(by <a
href="https://github.com/xavierjs"><code>@​xavierjs</code></a>)</li>
<li>Fix incorrect replacement suggestion in error messages for mixed
legacy+expression <code>$type</code> filters (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1727">#1727</a>,
<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1728">#1728</a>)
(by <a
href="https://github.com/ciscorn"><code>@​ciscorn</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/ef522e45a28e0efafabbebb27197d3440c99fe34"><code>ef522e4</code></a>
Bump js version to 25.0.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1739">#1739</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/14e1a146d97f369f7f1903b22f4e4f1848805476"><code>14e1a14</code></a>
fix: simplify legacy+expression $type filter suggestions (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1728">#1728</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/1acc24620e74cf14cbaf187d97ffc467f62e5981"><code>1acc246</code></a>
Add AI usage note to CONTRIBUTING.md (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1729">#1729</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/bc77eda0780c039352e2808a691d046431f5d852"><code>bc77eda</code></a>
build(deps-dev): bump oxfmt from 0.55.0 to 0.56.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1733">#1733</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/936d5ff7f65d9f697e62e6e9c8b16775a34a1171"><code>936d5ff</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 63.0.7 to 63.0.10 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1734">#1734</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/e57824f3c5c28e3a3dee09f2b8fd49939138dfe5"><code>e57824f</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1732">#1732</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/f6256f23ca5d50be24e0861bd44e4a33d04f92c4"><code>f6256f2</code></a>
build(deps-dev): bump globals from 17.6.0 to 17.7.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1736">#1736</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/47e628483b47a68ac0e82a8e4fe684d8efd13659"><code>47e6284</code></a>
build(deps): bump <code>@​mapbox/jsonlint-lines-primitives</code> from
2.0.2 to 2.0.3 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1738">#1738</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/d67067c58f126afee866f97531e48e776700d0fd"><code>d67067c</code></a>
build(deps-dev): bump rolldown from 1.1.2 to 1.1.3 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1737">#1737</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/f60c345a0f99207212c1fd3981ba9fb93d5a5240"><code>f60c345</code></a>
build(deps-dev): bump <code>@​types/node</code> from 26.0.0 to 26.0.1
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1735">#1735</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v25.0.0...v25.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=25.0.0&new-version=25.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-29 13:53:51 +00:00
dependabot[bot] b533c9dc24 chore(deps): Bump @codemirror/view from 6.43.1 to 6.43.3 (#1967)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.1
to 6.43.3.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/view/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.43.1&new-version=6.43.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-29 13:53:07 +00:00
dependabot[bot] a421a93ca8 chore(deps): Bump i18next from 26.3.1 to 26.3.3 (#1968)
Bumps [i18next](https://github.com/i18next/i18next) from 26.3.1 to
26.3.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v26.3.3</h2>
<ul>
<li>fix(types): selector <code>t($ =&gt; $.arr, { returnObjects: true,
context })</code> on a JSON array of <strong>heterogeneous</strong>
objects now preserves each element's full shape (e.g. <code>{ transKey1:
string; transKey2: string }[]</code>) instead of collapsing to a union
of partial element types. Two type-level causes: (1)
<code>FilterKeys</code> evaluated the whole array element type at once,
so <code>keyof (A | B)</code> only saw the keys common to every element
— it now distributes over the object union and filters each element
independently; (2) when TypeScript merges mismatched array element types
it injects phantom optional <code>undefined</code> keys (e.g.
<code>transKey1_withContext?: undefined</code> on elements that don't
define it), which the context-detection helpers mistook for real context
variants — they now skip keys typed as <code>undefined</code>. Also adds
a dedicated <code>context</code> + <code>returnObjects: true</code>
selector overload using <code>const Fn</code> +
<code>ReturnType&lt;Fn&gt;</code>, so <code>Target</code> is no longer
collapsed to <code>unknown</code> via <code>ApplyTarget</code>. Resolves
Problem 1 of <a
href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a>
(Problem 2 was already fixed on master). Thanks <a
href="https://github.com/sauravgupta-dotcom"><code>@​sauravgupta-dotcom</code></a>
(<a
href="https://redirect.github.com/i18next/i18next/pull/2438">#2438</a>).
Fixes <a
href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a>.</li>
</ul>
<h2>v26.3.2</h2>
<ul>
<li>fix: chained formatters with a parenthesised option that contains
the format separator (e.g. <code>join(separator: ', ')</code>) now work
at <strong>any</strong> position in the chain, not just first.
Previously the comma-in-parens reassembly only repaired
<code>formats[0]</code>, so <code>{{v, uppercase, join(separator: ',
')}}</code> split the <code>join(...)</code> option on the inner comma
and never rejoined it, producing corrupt output. Replaced the
first-position-only repair with a position-independent pass that
re-joins fragments until each open paren closes. Thanks <a
href="https://github.com/spokodev"><code>@​spokodev</code></a> (<a
href="https://redirect.github.com/i18next/i18next/pull/2437">#2437</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.3.3</h2>
<ul>
<li>fix(types): selector <code>t($ =&gt; $.arr, { returnObjects: true,
context })</code> on a JSON array of <strong>heterogeneous</strong>
objects now preserves each element's full shape (e.g. <code>{ transKey1:
string; transKey2: string }[]</code>) instead of collapsing to a union
of partial element types. Two type-level causes: (1)
<code>FilterKeys</code> evaluated the whole array element type at once,
so <code>keyof (A | B)</code> only saw the keys common to every element
— it now distributes over the object union and filters each element
independently; (2) when TypeScript merges mismatched array element types
it injects phantom optional <code>undefined</code> keys (e.g.
<code>transKey1_withContext?: undefined</code> on elements that don't
define it), which the context-detection helpers mistook for real context
variants — they now skip keys typed as <code>undefined</code>. Also adds
a dedicated <code>context</code> + <code>returnObjects: true</code>
selector overload using <code>const Fn</code> +
<code>ReturnType&lt;Fn&gt;</code>, so <code>Target</code> is no longer
collapsed to <code>unknown</code> via <code>ApplyTarget</code>. Resolves
Problem 1 of <a
href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a>
(Problem 2 was already fixed on master). Thanks <a
href="https://github.com/sauravgupta-dotcom"><code>@​sauravgupta-dotcom</code></a>
(<a
href="https://redirect.github.com/i18next/i18next/pull/2438">#2438</a>).
Fixes <a
href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a>.</li>
</ul>
<h2>26.3.2</h2>
<ul>
<li>fix: chained formatters with a parenthesised option that contains
the format separator (e.g. <code>join(separator: ', ')</code>) now work
at <strong>any</strong> position in the chain, not just first.
Previously the comma-in-parens reassembly only repaired
<code>formats[0]</code>, so <code>{{v, uppercase, join(separator: ',
')}}</code> split the <code>join(...)</code> option on the inner comma
and never rejoined it, producing corrupt output. Replaced the
first-position-only repair with a position-independent pass that
re-joins fragments until each open paren closes. Thanks <a
href="https://github.com/spokodev"><code>@​spokodev</code></a> (<a
href="https://redirect.github.com/i18next/i18next/pull/2437">#2437</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/cf7080d363c0bc775681215bba6513a3610dee8b"><code>cf7080d</code></a>
26.3.3</li>
<li><a
href="https://github.com/i18next/i18next/commit/05fd7be281a3c2175da16c9e867a91d95e034889"><code>05fd7be</code></a>
build</li>
<li><a
href="https://github.com/i18next/i18next/commit/cc0bd80943eae4f45867abbd78c0ae8dd964bb82"><code>cc0bd80</code></a>
changelog: 26.3.3 entry for <a
href="https://redirect.github.com/i18next/i18next/issues/2438">#2438</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/9cbfa6353b6ab726c42be1e6ed52aab5b0601612"><code>9cbfa63</code></a>
fix(types): preserve selector returnObjects shape with context (<a
href="https://redirect.github.com/i18next/i18next/issues/2438">#2438</a>)</li>
<li><a
href="https://github.com/i18next/i18next/commit/3b047122f5ad5b99a29f9138bb8542de125c8783"><code>3b04712</code></a>
26.3.2</li>
<li><a
href="https://github.com/i18next/i18next/commit/fc20f5dd5ae9744045942e135e93dd787e4bc869"><code>fc20f5d</code></a>
changelog: 26.3.2 entry for <a
href="https://redirect.github.com/i18next/i18next/issues/2437">#2437</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/6901e04f07f0eec1848242d8af26509ab5438920"><code>6901e04</code></a>
fix: reassemble comma-in-parens formatters at any chain position (<a
href="https://redirect.github.com/i18next/i18next/issues/2437">#2437</a>)</li>
<li><a
href="https://github.com/i18next/i18next/commit/6e086281e2ff40e0beabd5a75f94f777332a7304"><code>6e08628</code></a>
README: mention npx i18next-cli localize as the zero-to-localized
path</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.3.1...v26.3.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.3.1&new-version=26.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-29 13:52:50 +00:00
dependabot[bot] 27e50795a8 chore(deps-dev): Bump stylelint from 17.13.0 to 17.14.0 (#1964)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.13.0
to 17.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.14.0</h2>
<p>It fixes 3 bugs, including a false negative one.</p>
<ul>
<li>Fixed: performance of getting module paths (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9354">#9354</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: performance by dynamically importing <code>TIMING</code> only
on use (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9356">#9356</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>function-calc-no-unspaced-operator</code> false
negatives for unspaced <code>+</code> and <code>-</code> operators
following a <code>*</code> or <code>/</code> operator (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9357">#9357</a>)
(<a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.14.0 - 2026-06-25</h2>
<p>It fixes 3 bugs, including a false negative one.</p>
<ul>
<li>Fixed: performance of getting module paths (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9354">#9354</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: performance by dynamically importing <code>TIMING</code> only
on use (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9356">#9356</a>)
(<a href="https://github.com/jeddy3"><code>@​jeddy3</code></a>).</li>
<li>Fixed: <code>function-calc-no-unspaced-operator</code> false
negatives for unspaced <code>+</code> and <code>-</code> operators
following a <code>*</code> or <code>/</code> operator (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9357">#9357</a>)
(<a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/f36e1703ecba024bec91953f6134bae3102066ab"><code>f36e170</code></a>
Release 17.14.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9371">#9371</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/9334bff61c34a76446bbcedacfaa4aadcbfc3e0a"><code>9334bff</code></a>
Bump actions/checkout from 6.0.3 to 7.0.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9367">#9367</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/f73637469133a38df5528811760170a23e6dd269"><code>f736374</code></a>
Bump npm-run-all2 from 9.0.1 to 9.0.2 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9370">#9370</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/78e1b44ed3dd26217d68e7e558115aab2e000645"><code>78e1b44</code></a>
Bump postcss-selector-parser from 7.1.2 to 7.1.4 in the postcss group
(<a
href="https://redirect.github.com/stylelint/stylelint/issues/9369">#9369</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/cab5acda822100659a6abc8c34206189b207e122"><code>cab5acd</code></a>
Bump eslint from 10.4.1 to 10.5.0 in the eslint group (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9368">#9368</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/89b95e1b320f7e46db4440ababbdb23ad26bf6f5"><code>89b95e1</code></a>
Bump prettier from 3.8.3 to 3.8.4 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9363">#9363</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/7ecce9403cfaca6cea7cb5eda85c9e4de1d63f6c"><code>7ecce94</code></a>
Bump cosmiconfig from 9.0.1 to 9.0.2 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9362">#9362</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/fa54191ff81168564ebbb1018811fb91b2339d66"><code>fa54191</code></a>
Bump postcss-selector-parser from 7.1.1 to 7.1.2 in the postcss group
(<a
href="https://redirect.github.com/stylelint/stylelint/issues/9361">#9361</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/8c3cf6920f10fde3e715a8a2e00569b688d0381e"><code>8c3cf69</code></a>
Bump <code>@​csstools/css-syntax-patches-for-csstree</code> from 1.1.4
to 1.1.5 in the csst...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/c61d3dbb931e6bad346d60b5fcb1fc7f7a6f90ca"><code>c61d3db</code></a>
Fix performance of getting module paths (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9354">#9354</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.13.0...17.14.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.13.0&new-version=17.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-29 13:52:18 +00:00
dependabot[bot] bc25bfaced chore(deps): Bump @codemirror/state from 6.6.0 to 6.7.0 (#1963)
Bumps [@codemirror/state](https://github.com/codemirror/state) from
6.6.0 to 6.7.0.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/state/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/state&package-manager=npm_and_yarn&previous-version=6.6.0&new-version=6.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-29 13:51:00 +00:00
dependabot[bot] 4d46fb94d5 chore(deps-dev): Bump typescript-eslint from 8.61.1 to 8.62.0 (#1959)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.61.1 to 8.62.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.62.0</h2>
<h2>8.62.0 (2026-06-22)</h2>
<h3>🚀 Features</h3>
<ul>
<li>remove redundant package.json &quot;files&quot; (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12444">#12444</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li>add &quot;files&quot; to rule-schema-to-typescript-types (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12441">#12441</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.62.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.62.0 (2026-06-22)</h2>
<h3>🚀 Features</h3>
<ul>
<li>remove redundant package.json &quot;files&quot; (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12444">#12444</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.62.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/54e285728e5d8cb83fadb8041189f0c3b4ab436a"><code>54e2857</code></a>
chore(release): publish 8.62.0</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/81e4c2654c3f4d923766a888691add2c45b5d64a"><code>81e4c26</code></a>
feat: remove redundant package.json &quot;files&quot; (<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12444">#12444</a>)</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.61.1&new-version=8.62.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-26 13:51:11 +00:00
dependabot[bot] e23679ac45 chore(deps-dev): Bump uuid from 14.0.0 to 14.0.1 (#1958)
Bumps [uuid](https://github.com/uuidjs/uuid) from 14.0.0 to 14.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/uuidjs/uuid/releases">uuid's
releases</a>.</em></p>
<blockquote>
<h2>v14.0.1</h2>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v14.0.0...v14.0.1">14.0.1</a>
(2026-06-20)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>add types condition to node export for moduleResolution bundler (<a
href="https://redirect.github.com/uuidjs/uuid/issues/961">#961</a>) (<a
href="https://github.com/uuidjs/uuid/commit/27ffae5e867823b8c7db255975d65358fbdb1a7e">27ffae5</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md">uuid's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/uuidjs/uuid/compare/v14.0.0...v14.0.1">14.0.1</a>
(2026-06-20)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>add types condition to node export for moduleResolution bundler (<a
href="https://redirect.github.com/uuidjs/uuid/issues/961">#961</a>) (<a
href="https://github.com/uuidjs/uuid/commit/27ffae5e867823b8c7db255975d65358fbdb1a7e">27ffae5</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/uuidjs/uuid/commit/70177807e9229dfacde2038dc1e722f1828f358a"><code>7017780</code></a>
chore(main): release 14.0.1 (<a
href="https://redirect.github.com/uuidjs/uuid/issues/964">#964</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/f2c3e4b513e47968f568ad1bf96417c6924e83a7"><code>f2c3e4b</code></a>
chore: fix release-please workflow (<a
href="https://redirect.github.com/uuidjs/uuid/issues/963">#963</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/27ffae5e867823b8c7db255975d65358fbdb1a7e"><code>27ffae5</code></a>
fix: add types condition to node export for moduleResolution bundler (<a
href="https://redirect.github.com/uuidjs/uuid/issues/961">#961</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/664cb3163531f49d3a5125f732d38724621bfcaa"><code>664cb31</code></a>
Remove outdated security contact information (<a
href="https://redirect.github.com/uuidjs/uuid/issues/959">#959</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/d729016037c4e1b09a522f4854a96f4f4add9047"><code>d729016</code></a>
fix(ci): checkout PR head commit in browser workflow (<a
href="https://redirect.github.com/uuidjs/uuid/issues/957">#957</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/89a5ebcc56999fc25c95350f922693b71fb11d32"><code>89a5ebc</code></a>
Workflows (<a
href="https://redirect.github.com/uuidjs/uuid/issues/948">#948</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/196e208db33d568d8d43d5b549d5d0eb3d9b0fbf"><code>196e208</code></a>
chore: fix workflow (<a
href="https://redirect.github.com/uuidjs/uuid/issues/947">#947</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/95af4489be459d6ba14d137b6fcd87ffd0953e91"><code>95af448</code></a>
chore: update workflows (<a
href="https://redirect.github.com/uuidjs/uuid/issues/946">#946</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/3b57f95555ab1b8432213264b5eaa318958fb8fe"><code>3b57f95</code></a>
chore: add workflow_dispatch (<a
href="https://redirect.github.com/uuidjs/uuid/issues/944">#944</a>)</li>
<li><a
href="https://github.com/uuidjs/uuid/commit/a433096a74e1d1815432fb1bed8115369785a1a9"><code>a433096</code></a>
chore: add 12.x and 13.x maintenance release branches (<a
href="https://redirect.github.com/uuidjs/uuid/issues/941">#941</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/uuidjs/uuid/compare/v14.0.0...v14.0.1">compare
view</a></li>
</ul>
</details>
<details>
<summary>Install script changes</summary>
<p>This version modifies <code>prepare</code> script that runs during
installation. Review the package contents before updating.</p>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uuid&package-manager=npm_and_yarn&previous-version=14.0.0&new-version=14.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-23 13:51:14 +00:00
dependabot[bot] 2d57829cb9 chore(deps): Bump actions/checkout from 6.0.2 to 7.0.0 (#1957)
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2
to 7.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>block checking out fork pr for pull_request_target and workflow_run
by <a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
<li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the
minor-actions-dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2458">actions/checkout#2458</a></li>
<li>Bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2460">actions/checkout#2460</a></li>
<li>Bump js-yaml from 4.1.0 to 4.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2461">actions/checkout#2461</a></li>
<li>Bump <code>@​actions/core</code> and
<code>@​actions/tool-cache</code> and Remove uuid by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2459">actions/checkout#2459</a></li>
<li>upgrade module to esm and update dependencies by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2463">actions/checkout#2463</a></li>
<li>Bump the minor-npm-dependencies group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2462">actions/checkout#2462</a></li>
<li>getting ready for checkout v7 release by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2464">actions/checkout#2464</a></li>
<li>update error wording by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2467">actions/checkout#2467</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.3...v7.0.0">https://github.com/actions/checkout/compare/v6.0.3...v7.0.0</a></p>
<h2>v6.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update changelog by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2357">actions/checkout#2357</a></li>
<li>fix: expand merge commit SHA regex and add SHA-256 test cases by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
<li>Fix checkout init for SHA-256 repositories by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2439">actions/checkout#2439</a></li>
<li>Update changelog for v6.0.3 by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2446">actions/checkout#2446</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yaananth"><code>@​yaananth</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.3">https://github.com/actions/checkout/compare/v6...v6.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v7.0.0</h2>
<ul>
<li>Block checking out fork PR for pull_request_target and workflow_run
by <a href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2454">actions/checkout#2454</a></li>
<li>Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the
minor-actions-dependencies group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2458">actions/checkout#2458</a></li>
<li>Bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2460">actions/checkout#2460</a></li>
<li>Bump js-yaml from 4.1.0 to 4.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2461">actions/checkout#2461</a></li>
<li>Bump <code>@​actions/core</code> and
<code>@​actions/tool-cache</code> and Remove uuid by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2459">actions/checkout#2459</a></li>
<li>upgrade module to esm and update dependencies by <a
href="https://github.com/aiqiaoy"><code>@​aiqiaoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2463">actions/checkout#2463</a></li>
<li>Bump the minor-npm-dependencies group across 1 directory with 3
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/checkout/pull/2462">actions/checkout#2462</a></li>
</ul>
<h2>v6.0.3</h2>
<ul>
<li>Fix checkout init for SHA-256 repositories by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2439">actions/checkout#2439</a></li>
<li>fix: expand merge commit SHA regex and add SHA-256 test cases by <a
href="https://github.com/yaananth"><code>@​yaananth</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2414">actions/checkout#2414</a></li>
</ul>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0"><code>9c091bb</code></a>
update error wording (<a
href="https://redirect.github.com/actions/checkout/issues/2467">#2467</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/1044a6dea927916f2c38ba5aeffbc0a847b1221a"><code>1044a6d</code></a>
getting ready for checkout v7 release (<a
href="https://redirect.github.com/actions/checkout/issues/2464">#2464</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/f0282184c7ce73ab54c7e4ab5a617122602e575f"><code>f028218</code></a>
Bump the minor-npm-dependencies group across 1 directory with 3 updates
(<a
href="https://redirect.github.com/actions/checkout/issues/2462">#2462</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/d914b262ffc244530a203ab40decab34c3abf34d"><code>d914b26</code></a>
upgrade module to esm and update dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/2463">#2463</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/537c7ef99cef6e5ddb5e7ff5d16d14510503801d"><code>537c7ef</code></a>
Bump <code>@​actions/core</code> and <code>@​actions/tool-cache</code>
and Remove uuid (<a
href="https://redirect.github.com/actions/checkout/issues/2459">#2459</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/130a169078a413d3a5246a393625e8e742f387f6"><code>130a169</code></a>
Bump js-yaml from 4.1.0 to 4.2.0 (<a
href="https://redirect.github.com/actions/checkout/issues/2461">#2461</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/7d09575332117a40b46e5e020664df234cd416f3"><code>7d09575</code></a>
Bump flatted from 3.3.1 to 3.4.2 (<a
href="https://redirect.github.com/actions/checkout/issues/2460">#2460</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/0f9f3aa320cb53abeb534aeb54048075d9697a0e"><code>0f9f3aa</code></a>
Bump actions/publish-immutable-action (<a
href="https://redirect.github.com/actions/checkout/issues/2458">#2458</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/f9e715a95fcd1f9253f77dd28f11e88d2d6460c7"><code>f9e715a</code></a>
block checking out fork pr for pull_request_target and workflow_run (<a
href="https://redirect.github.com/actions/checkout/issues/2454">#2454</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/df4cb1c069e1874edd31b4311f1884172cec0e10"><code>df4cb1c</code></a>
Update changelog for v6.0.3 (<a
href="https://redirect.github.com/actions/checkout/issues/2446">#2446</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=6.0.2&new-version=7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-22 13:53:27 +00:00
dependabot[bot] 16092ccf1a chore(deps-dev): Bump typescript-eslint from 8.61.0 to 8.61.1 (#1955)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.61.0 to 8.61.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.61.1</h2>
<h2>8.61.1 (2026-06-15)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> [consistent-indexed-object-style] do
not remove comments when fixing (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12396">#12396</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/10577">#10577</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion]
avoid false positive for template literal expressions (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12281">#12281</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion] wrap
object literal in parens when removing TSTypeAssertion in arrow body (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12394">#12394</a>,
<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12393">#12393</a>)</li>
<li><strong>eslint-plugin:</strong>
[no-unnecessary-boolean-literal-compare] fix precedence bug in autofix
(<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12413">#12413</a>)</li>
<li><strong>eslint-plugin:</strong> [no-unnecessary-template-expression]
respect ECMAScript line terminators (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12388">#12388</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Anas <a
href="https://github.com/anasm266"><code>@​anasm266</code></a></li>
<li>Deftera <a
href="https://github.com/Deftera186"><code>@​Deftera186</code></a></li>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>lumir</li>
<li>Sarath Francis <a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.61.1 (2026-06-15)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/aaad7187b529c4b6ff8088ffd7e948c69c2763b6"><code>aaad718</code></a>
chore(release): publish 8.61.1</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.61.0&new-version=8.61.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-19 13:50:55 +00:00
dependabot[bot] 9c594b46c6 chore(deps): Bump form-data from 4.0.5 to 4.0.6 (#1954)
Bumps [form-data](https://github.com/form-data/form-data) from 4.0.5 to
4.0.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/form-data/form-data/blob/master/CHANGELOG.md">form-data's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6">v4.0.6</a>
- 2026-06-12</h2>
<h3>Commits</h3>
<ul>
<li>[Fix] escape CR, LF, and <code>&quot;</code> in field names and
filenames <a
href="https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99"><code>8dff42c</code></a></li>
<li>[Dev Deps] update <code>@ljharb/eslint-config</code>,
<code>auto-changelog</code>, <code>tape</code> <a
href="https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1"><code>f31d21e</code></a></li>
<li>[Deps] update <code>hasown</code>, <code>mime-types</code> <a
href="https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd"><code>92ae0eb</code></a></li>
<li>[Dev Deps] update <code>js-randomness-predictor</code> <a
href="https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97"><code>67b0f65</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"><code>64190db</code></a>
v4.0.6</li>
<li><a
href="https://github.com/form-data/form-data/commit/92ae0eb5da94d6f01925d5f4fcffb2a1e50ed7cd"><code>92ae0eb</code></a>
[Deps] update <code>hasown</code>, <code>mime-types</code></li>
<li><a
href="https://github.com/form-data/form-data/commit/f31d21ef10bf46e46344c3ee4f99acbef6be43e1"><code>f31d21e</code></a>
[Dev Deps] update <code>@ljharb/eslint-config</code>,
<code>auto-changelog</code>, <code>tape</code></li>
<li><a
href="https://github.com/form-data/form-data/commit/8dff42c6da654ed4e7ad4acb7f8ccd3831217c99"><code>8dff42c</code></a>
[Fix] escape CR, LF, and <code>&quot;</code> in field names and
filenames</li>
<li><a
href="https://github.com/form-data/form-data/commit/67b0f65c2e0b065a511d42227d35e4d367644e97"><code>67b0f65</code></a>
[Dev Deps] update <code>js-randomness-predictor</code></li>
<li>See full diff in <a
href="https://github.com/form-data/form-data/compare/v4.0.5...v4.0.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=form-data&package-manager=npm_and_yarn&previous-version=4.0.5&new-version=4.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-18 14:00:20 +00:00
dependabot[bot] 9e5a21ce3a chore(deps-dev): Bump the vitest group with 2 updates (#1952)
Bumps the vitest group with 2 updates:
[@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8)
and
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).

Updates `@vitest/coverage-v8` from 4.1.8 to 4.1.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">@​vitest/coverage-v8's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.9</h2>
<h3>🐞 Bug Fixes</h3>
<ul>
<li>Fix <code>importOriginal</code> with optimizer and query import
[backport to v4] - by <strong>Hiroshi Ogawa</strong>, <strong>David
Harris</strong>, <strong>Codex</strong>and <strong>Vladimir</strong> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/10546">vitest-dev/vitest#10546</a>
<a href="https://github.com/vitest-dev/vitest/commit/a5180190c"><!-- raw
HTML omitted -->(a5180)<!-- raw HTML omitted --></a></li>
<li><strong>browser</strong>:
<ul>
<li>Wait for orchestrator readiness before resolving browser sessions
[backport to v4] - by <strong>Vladimir</strong> and <strong>Séamus
O'Connor</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10555">vitest-dev/vitest#10555</a>
<a href="https://github.com/vitest-dev/vitest/commit/7fb29651a"><!-- raw
HTML omitted -->(7fb29)<!-- raw HTML omitted --></a></li>
<li>Wait for iframe tester readiness before preparing [backport to v4] -
by <strong>Vladimir</strong> and <strong>Séamus O'Connor</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10497">vitest-dev/vitest#10497</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10556">vitest-dev/vitest#10556</a>
<a href="https://github.com/vitest-dev/vitest/commit/fbc626c40"><!-- raw
HTML omitted -->(fbc62)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>mocker</strong>:
<ul>
<li>Hoist vi.mock() for vite-plus/test imports [backport to v4] - by
<strong>Hiroshi Ogawa</strong>, <strong>LongYinan</strong>,
<strong>Claude Opus 4.8</strong> and <strong>Vladimir</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10548">vitest-dev/vitest#10548</a>
<a href="https://github.com/vitest-dev/vitest/commit/2c9559c02"><!-- raw
HTML omitted -->(2c955)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>pool</strong>:
<ul>
<li>Prevent test run hang on worker crash [backport to v4] - by
<strong>Ari Perkkiö</strong> and <strong>Jattioui Ismail</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10543">vitest-dev/vitest#10543</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10564">vitest-dev/vitest#10564</a>
<a href="https://github.com/vitest-dev/vitest/commit/934b0f587"><!-- raw
HTML omitted -->(934b0)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h5><a
href="https://github.com/vitest-dev/vitest/compare/v4.1.8...v4.1.9">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/a7a61e78c7d0718f00173cff6800a91a344457d4"><code>a7a61e7</code></a>
chore: release v4.1.9 (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8/issues/10598">#10598</a>)</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/coverage-v8">compare
view</a></li>
</ul>
</details>
<br />

Updates `vitest` from 4.1.8 to 4.1.9
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.9</h2>
<h3>🐞 Bug Fixes</h3>
<ul>
<li>Fix <code>importOriginal</code> with optimizer and query import
[backport to v4] - by <strong>Hiroshi Ogawa</strong>, <strong>David
Harris</strong>, <strong>Codex</strong>and <strong>Vladimir</strong> in
<a
href="https://redirect.github.com/vitest-dev/vitest/issues/10546">vitest-dev/vitest#10546</a>
<a href="https://github.com/vitest-dev/vitest/commit/a5180190c"><!-- raw
HTML omitted -->(a5180)<!-- raw HTML omitted --></a></li>
<li><strong>browser</strong>:
<ul>
<li>Wait for orchestrator readiness before resolving browser sessions
[backport to v4] - by <strong>Vladimir</strong> and <strong>Séamus
O'Connor</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10555">vitest-dev/vitest#10555</a>
<a href="https://github.com/vitest-dev/vitest/commit/7fb29651a"><!-- raw
HTML omitted -->(7fb29)<!-- raw HTML omitted --></a></li>
<li>Wait for iframe tester readiness before preparing [backport to v4] -
by <strong>Vladimir</strong> and <strong>Séamus O'Connor</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10497">vitest-dev/vitest#10497</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10556">vitest-dev/vitest#10556</a>
<a href="https://github.com/vitest-dev/vitest/commit/fbc626c40"><!-- raw
HTML omitted -->(fbc62)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>mocker</strong>:
<ul>
<li>Hoist vi.mock() for vite-plus/test imports [backport to v4] - by
<strong>Hiroshi Ogawa</strong>, <strong>LongYinan</strong>,
<strong>Claude Opus 4.8</strong> and <strong>Vladimir</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10548">vitest-dev/vitest#10548</a>
<a href="https://github.com/vitest-dev/vitest/commit/2c9559c02"><!-- raw
HTML omitted -->(2c955)<!-- raw HTML omitted --></a></li>
</ul>
</li>
<li><strong>pool</strong>:
<ul>
<li>Prevent test run hang on worker crash [backport to v4] - by
<strong>Ari Perkkiö</strong> and <strong>Jattioui Ismail</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10543">vitest-dev/vitest#10543</a>
and <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10564">vitest-dev/vitest#10564</a>
<a href="https://github.com/vitest-dev/vitest/commit/934b0f587"><!-- raw
HTML omitted -->(934b0)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h5><a
href="https://github.com/vitest-dev/vitest/compare/v4.1.8...v4.1.9">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/a7a61e78c7d0718f00173cff6800a91a344457d4"><code>a7a61e7</code></a>
chore: release v4.1.9 (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10598">#10598</a>)</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/934b0f587cb61d8338d83f525295322692a2db40"><code>934b0f5</code></a>
fix(pool): prevent test run hang on worker crash (<a
href="https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest/issues/10543">#10543</a>)
[backport to v4] (#...</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/7fb29651afbae2a9b0cefe6c031a9308f168ac60"><code>7fb2965</code></a>
fix(browser): wait for orchestrator readiness before resolving browser
sessio...</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/a5180190c1be7089e3705e3dd9e84fea118d09d3"><code>a518019</code></a>
fix: fix <code>importOriginal</code> with optimizer and query import
[backport to v4] (#...</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-18 13:51:33 +00:00
dependabot[bot] 5032a3f3c6 chore(deps-dev): Bump eslint from 10.4.1 to 10.5.0 (#1950)
Bumps [eslint](https://github.com/eslint/eslint) from 10.4.1 to 10.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v10.5.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad"><code>5ca8c52</code></a>
feat: correct stack tracking in max-nested-callbacks (<a
href="https://redirect.github.com/eslint/eslint/issues/20973">#20973</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c"><code>b565783</code></a>
feat: report no-with violations at the with keyword (<a
href="https://redirect.github.com/eslint/eslint/issues/20971">#20971</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684"><code>2ce032f</code></a>
feat: report max-lines-per-function violations at function head (<a
href="https://redirect.github.com/eslint/eslint/issues/20966">#20966</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f"><code>732cb3e</code></a>
feat: report max-nested-callbacks violations at function head (<a
href="https://redirect.github.com/eslint/eslint/issues/20967">#20967</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7"><code>f9c138a</code></a>
feat: report max-depth violations on keywords (<a
href="https://redirect.github.com/eslint/eslint/issues/20943">#20943</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/bdb496cc0d54b6d0a023aef9abd5f040ccff2101"><code>bdb496c</code></a>
feat: correct max-depth handling for else-if chains (<a
href="https://redirect.github.com/eslint/eslint/issues/20944">#20944</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c29687354a7f96093f57f7d73eecb866ad5e2953"><code>c296873</code></a>
feat: update error loc in <code>max-statements</code> to function header
(<a
href="https://redirect.github.com/eslint/eslint/issues/20907">#20907</a>)
(Taejin Kim)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56"><code>8ae1b5b</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781"><code>ca7eb90</code></a>
docs: update Node.js prerequisites to include ICU support (<a
href="https://redirect.github.com/eslint/eslint/issues/20962">#20962</a>)
(Francesco Trotta)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f99b47a6799be25321552402a49303bb06a43fe4"><code>f99b47a</code></a>
docs: Update README (GitHub Actions Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/acf03d4eed31d259c7dc62af5b9640629784f7cc"><code>acf03d4</code></a>
docs: clarify precedence of parserOptions over languageOptions (<a
href="https://redirect.github.com/eslint/eslint/issues/20926">#20926</a>)
(sethamus)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8"><code>b18bf58</code></a>
chore: update ecosystem plugins (<a
href="https://redirect.github.com/eslint/eslint/issues/20959">#20959</a>)
(ESLint Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/c2d1444df77cb42e5a0b89ab70496879d180a54d"><code>c2d1444</code></a>
refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable
(<a
href="https://redirect.github.com/eslint/eslint/issues/20951">#20951</a>)
(Taejin Kim)</li>
<li><a
href="https://github.com/eslint/eslint/commit/243b8c56014bbbe63771185b0731d8dd4d1316e9"><code>243b8c5</code></a>
chore: enhance config-rule to support oneOf, anyOf, and nested schemas
(<a
href="https://redirect.github.com/eslint/eslint/issues/20788">#20788</a>)
(kuldeep kumar)</li>
<li><a
href="https://github.com/eslint/eslint/commit/217b2a91f46137c5ffd693965e71306c4c15ea6b"><code>217b2a9</code></a>
test: add unit tests for ParserService (<a
href="https://redirect.github.com/eslint/eslint/issues/20949">#20949</a>)
(Taejin Kim)</li>
<li><a
href="https://github.com/eslint/eslint/commit/72003e781d76bd4ee0d98a6601730d0b829070f9"><code>72003e7</code></a>
test: add location information to error messages in
<code>max-statements</code> (<a
href="https://redirect.github.com/eslint/eslint/issues/20945">#20945</a>)
(lumir)</li>
<li><a
href="https://github.com/eslint/eslint/commit/7797c266977b0bc4971aa79721813d480de72cd1"><code>7797c26</code></a>
refactor: deduplicate isAnySegmentReachable across rules (<a
href="https://redirect.github.com/eslint/eslint/issues/20890">#20890</a>)
(Taejin Kim)</li>
<li><a
href="https://github.com/eslint/eslint/commit/67c46fa6e4f34e88cc6bc82f8a0dcc917c65d257"><code>67c46fa</code></a>
chore: update ecosystem plugins (<a
href="https://redirect.github.com/eslint/eslint/issues/20938">#20938</a>)
(ESLint Bot)</li>
<li><a
href="https://github.com/eslint/eslint/commit/95d8c7a99f991abd8ab618d0ee2cbd4f58effc29"><code>95d8c7a</code></a>
chore: update dependency <code>@​eslint/json</code> to v2 (<a
href="https://redirect.github.com/eslint/eslint/issues/20934">#20934</a>)
(renovate[bot])</li>
<li><a
href="https://github.com/eslint/eslint/commit/cf9e496205142cd4971b9f98aed85866d1010b9c"><code>cf9e496</code></a>
chore: update <code>@​arethetypeswrong/cli</code> to 0.18.3 (<a
href="https://redirect.github.com/eslint/eslint/issues/20933">#20933</a>)
(Pixel998)</li>
<li><a
href="https://github.com/eslint/eslint/commit/fb6d3960cacc51fc12383fa5ded2382adbf90c1c"><code>fb6d396</code></a>
test: run type tests with TypeScript 7 (<a
href="https://redirect.github.com/eslint/eslint/issues/20868">#20868</a>)
(sethamus)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/eslint/eslint/commit/de3b672a267e32607db04176ce4775664acb3145"><code>de3b672</code></a>
10.5.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/362a5185134290db696d39f97c9da609ded54040"><code>362a518</code></a>
Build: changelog update for 10.5.0</li>
<li><a
href="https://github.com/eslint/eslint/commit/5ca8c5278edea1fd84d3ba83d8ea3f52fb3831ad"><code>5ca8c52</code></a>
feat: correct stack tracking in max-nested-callbacks (<a
href="https://redirect.github.com/eslint/eslint/issues/20973">#20973</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b5657837604fa5e8cf1278074782025cadd34b6c"><code>b565783</code></a>
feat: report no-with violations at the with keyword (<a
href="https://redirect.github.com/eslint/eslint/issues/20971">#20971</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/2ce032fbc72a1a80c024c084a4f382fb6dece684"><code>2ce032f</code></a>
feat: report max-lines-per-function violations at function head (<a
href="https://redirect.github.com/eslint/eslint/issues/20966">#20966</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/732cb3e09d5b8b809b5f461d118a5d9fdcd6427f"><code>732cb3e</code></a>
feat: report max-nested-callbacks violations at function head (<a
href="https://redirect.github.com/eslint/eslint/issues/20967">#20967</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/f9c138a0ba7d8e37aed39aef4a3ff1cae8c669f7"><code>f9c138a</code></a>
feat: report max-depth violations on keywords (<a
href="https://redirect.github.com/eslint/eslint/issues/20943">#20943</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/8ae1b5b856dc031cd6c701d89a4df7da4772cd56"><code>8ae1b5b</code></a>
docs: Update README</li>
<li><a
href="https://github.com/eslint/eslint/commit/ca7eb90127dcad917188bb1342623f02a272e781"><code>ca7eb90</code></a>
docs: update Node.js prerequisites to include ICU support (<a
href="https://redirect.github.com/eslint/eslint/issues/20962">#20962</a>)</li>
<li><a
href="https://github.com/eslint/eslint/commit/b18bf58c5ac748415ffffdff2d96980fbd6a57e8"><code>b18bf58</code></a>
chore: update ecosystem plugins (<a
href="https://redirect.github.com/eslint/eslint/issues/20959">#20959</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v10.4.1...v10.5.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=10.4.1&new-version=10.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-16 13:51:32 +00:00
dependabot[bot] d7f7207675 chore(deps-dev): Bump sass from 1.100.0 to 1.101.0 (#1946)
Bumps [sass](https://github.com/sass/dart-sass) from 1.100.0 to 1.101.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/releases">sass's
releases</a>.</em></p>
<blockquote>
<h2>Dart Sass 1.101.0</h2>
<p>To install Sass 1.101.0, download one of the packages below and <a
href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or
see <a href="https://sass-lang.com/install">the Sass website</a> for
full installation instructions.</p>
<h1>Changes</h1>
<ul>
<li><strong>Potentially breaking bug fix:</strong> The Node package
importer now properly supports resolving import-only variants of Sass
files declared in the <code>exports</code>, <code>sass</code>, and
<code>style</code> fields of <code>package.json</code>. Previously,
these files were ignored even when loaded via <code>@import</code>, so
any code relying on loading module-system-only files this way may
break.</li>
</ul>
<p>See the <a
href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#11010">full
changelog</a> for changes in earlier releases.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's
changelog</a>.</em></p>
<blockquote>
<h2>1.101.0</h2>
<ul>
<li><strong>Potentially breaking bug fix:</strong> The Node package
importer now properly
supports resolving import-only variants of Sass files declared in the
<code>exports</code>, <code>sass</code>, and <code>style</code> fields
of <code>package.json</code>. Previously, these
files were ignored even when loaded via <code>@import</code>, so any
code relying on
loading module-system-only files this way may break.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sass/dart-sass/commit/63b9922f5ddbf34bc742b50949e0ee5c47f4686d"><code>63b9922</code></a>
Load import-only files through package.json <code>exports</code> (<a
href="https://redirect.github.com/sass/dart-sass/issues/2772">#2772</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/c7e9947100e8ffdabfe314a4e342595f2bccff35"><code>c7e9947</code></a>
Migrate from bufbuild/buf-setup-action to bufbuild/buf-action (<a
href="https://redirect.github.com/sass/dart-sass/issues/2773">#2773</a>)</li>
<li><a
href="https://github.com/sass/dart-sass/commit/7674a4c29d05c844dcffd40a91e7cf2ac216d524"><code>7674a4c</code></a>
Bump postcss from 8.5.13 to 8.5.15 in /pkg/sass-parser (<a
href="https://redirect.github.com/sass/dart-sass/issues/2774">#2774</a>)</li>
<li>See full diff in <a
href="https://github.com/sass/dart-sass/compare/1.100.0...1.101.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sass&package-manager=npm_and_yarn&previous-version=1.100.0&new-version=1.101.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-15 13:53:16 +00:00
dependabot[bot] 8b3ef5dbfc chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.10.0 to 25.0.0 (#1947)
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.10.0 to 25.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v25.0.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>⚠️ Change legacy filter expression validation to add suggestions on
invalid expressions (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1709">#1709</a>)
(by <a href="https://github.com/HarelM">HarelM</a>)</li>
<li>Allow global state expressions in <code>fill-layer-opacity</code>
and <code>line-layer-opacity</code>. (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1699">#1699</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>25.0.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>⚠️ Change legacy filter expression validation to add suggestions on
invalid expressions (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1709">#1709</a>)
(by <a href="https://github.com/HarelM">HarelM</a>)</li>
<li>Allow global state expressions in <code>fill-layer-opacity</code>
and <code>line-layer-opacity</code>. (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1699">#1699</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/fd56865d2e93aa3df9dae96f402f46dbedc44388"><code>fd56865</code></a>
Bump js version to 25.0.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1711">#1711</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/ace975a46763df55e8bb9a08e7ec28e7ba30cb76"><code>ace975a</code></a>
fix: mixed legacy+expression filter handling (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1709">#1709</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/cacf925de9a8b675f1810d63785cd32e6dbbfdc4"><code>cacf925</code></a>
Fix lint warnings (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1710">#1710</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/e23008ad6cf4ee613791a6e101c5de6cf4da3dd9"><code>e23008a</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1707">#1707</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/52b769dc995136a492cb4e28f96d78c46fa25f7e"><code>52b769d</code></a>
build(deps-dev): bump rolldown from 1.1.0 to 1.1.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1708">#1708</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/3a3aa9f20e34c2656476a36f45622f24aa78f14f"><code>3a3aa9f</code></a>
build(deps-dev): bump oxfmt from 0.53.0 to 0.54.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1702">#1702</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/c612f73496de92ed0c99f4cf55afb9a63570b414"><code>c612f73</code></a>
build(deps-dev): bump eslint from 10.4.1 to 10.5.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1706">#1706</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/a0f540ba7f32d63a76f2bbc32f9348df4ad92f3f"><code>a0f540b</code></a>
build(deps-dev): bump rollup from 4.61.1 to 4.62.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1705">#1705</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/53a399099ce1328a3ad19060a0d9fa8c603e14f2"><code>53a3990</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.60.1 to 8.61.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1703">#1703</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/06ef6d3dd5353056530450f750a33c94639df41b"><code>06ef6d3</code></a>
build(deps-dev): bump semver from 7.8.2 to 7.8.4 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1704">#1704</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.10.0...v25.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.10.0&new-version=25.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-15 13:52:43 +00:00
dependabot[bot] 71f59ec652 chore(deps-dev): Bump cypress from 15.16.0 to 15.17.0 (#1948)
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.16.0 to
15.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/cypress/releases">cypress's
releases</a>.</em></p>
<blockquote>
<h2>v15.17.0</h2>
<p>Changelog: <a
href="https://docs.cypress.io/app/references/changelog#15-17-0">https://docs.cypress.io/app/references/changelog#15-17-0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/cypress/commit/b22780a9bb118b86730e22243aba16e25e7a5bed"><code>b22780a</code></a>
chore: Update Chrome (stable) to 149.0.7827.102 and Chrome for Testing
(stabl...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/ada42a7c2f69f19877c089327724d24478219fb3"><code>ada42a7</code></a>
chore: send standard identity headers on cy-prompt/studio session
requests (#...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/6017154185cd8fbffbae90fde90cea7c78108730"><code>6017154</code></a>
perf(server): release pending automation requests after response (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34037">#34037</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/6be559a1bd4375beb2918a94c26cf7cc5f30d1a8"><code>6be559a</code></a>
chore: don't redeclare inherited observable Session.name (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34034">#34034</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/437a08e149563695b1eb5d91c0c3aaf50712ee14"><code>437a08e</code></a>
chore: update need help link for auto provision project slug error modal
(<a
href="https://redirect.github.com/cypress-io/cypress/issues/34">#34</a>...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/04dd2965f1bf70c06e8b6d380cacaed0860e3667"><code>04dd296</code></a>
refactor(proxy): request/response interception adapters and wire
middleware (...</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/482cd419704a381b9a56778f6431da7b4c1d5a9e"><code>482cd41</code></a>
chore: reporter support for test replay embedding (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34031">#34031</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/f3de1b27f194a3d3dc5ad87bce2852e5b253a016"><code>f3de1b2</code></a>
chore: reorder changelog entries for release by popularity of issue (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34032">#34032</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/b60b68f9b83b5f93c49b88c6ca74505f535476f8"><code>b60b68f</code></a>
misc: warn when a --spec pattern matches no spec files (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34023">#34023</a>)</li>
<li><a
href="https://github.com/cypress-io/cypress/commit/e0fe6e097f9414175c25cfd6f7264cad497a1526"><code>e0fe6e0</code></a>
perf: Fix Command Log performance regression on hover (<a
href="https://redirect.github.com/cypress-io/cypress/issues/34029">#34029</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/cypress/compare/v15.16.0...v15.17.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress&package-manager=npm_and_yarn&previous-version=15.16.0&new-version=15.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-15 13:51:45 +00:00
dependabot[bot] 50f42d7791 chore(deps): Bump @codemirror/lint from 6.9.6 to 6.9.7 (#1945)
Bumps [@codemirror/lint](https://github.com/codemirror/lint) from 6.9.6
to 6.9.7.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/lint/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/lint&package-manager=npm_and_yarn&previous-version=6.9.6&new-version=6.9.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-12 13:51:57 +00:00
dependabot[bot] 37ad002184 chore(deps-dev): Bump typescript-eslint from 8.60.1 to 8.61.0 (#1944)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.60.1 to 8.61.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.61.0</h2>
<h2>8.61.0 (2026-06-08)</h2>
<h3>🚀 Features</h3>
<ul>
<li><strong>ast-spec:</strong> change type of
<code>UnaryExpression.prefix</code> to always <code>true</code> (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12372">#12372</a>)</li>
<li><strong>ast-spec:</strong> tighten types of
<code>ArrowFunction</code>, <code>YieldExpression</code>,
<code>TSTypePredicate</code> (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12373">#12373</a>)</li>
</ul>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>rule-schema-to-typescript-types:</strong> respect ECMAScript
line terminators (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12374">#12374</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>Kirk Waiblinger <a
href="https://github.com/kirkwaiblinger"><code>@​kirkwaiblinger</code></a></li>
<li>lumir</li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.61.0 (2026-06-08)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.61.0">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/16a5b247affc32af21b695cf96dfd75d7ded50a3"><code>16a5b24</code></a>
chore(release): publish 8.61.0</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.60.1&new-version=8.61.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-12 13:51:41 +00:00
dependabot[bot] aa92e8eab4 chore(deps): Bump @codemirror/view from 6.43.0 to 6.43.1 (#1943)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.0
to 6.43.1.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/codemirror/view/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@codemirror/view&package-manager=npm_and_yarn&previous-version=6.43.0&new-version=6.43.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-12 13:51:02 +00:00
dependabot[bot] 84885f97ca chore(deps-dev): Bump stylelint from 17.12.0 to 17.13.0 (#1940)
Bumps [stylelint](https://github.com/stylelint/stylelint) from 17.12.0
to 17.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/releases">stylelint's
releases</a>.</em></p>
<blockquote>
<h2>17.13.0</h2>
<p>It fixes 3 bugs, including a false negative one.</p>
<ul>
<li>Fixed: <code>declaration-block-no-duplicate-properties</code> false
negatives for interleaved non-consecutive duplicates with <code>ignore:
[&quot;consecutive-duplicates(-*)&quot;]</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9324">#9324</a>)
(<a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
<li>Fixed: <code>selector-max-type</code> false positives for nested
selectors (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9319">#9319</a>)
(<a
href="https://github.com/romainmenke"><code>@​romainmenke</code></a>).</li>
<li>Fixed: <code>selector-type-no-unknown</code> false positives for
<code>install</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9308">#9308</a>)
(<a
href="https://github.com/Mouvedia"><code>@​Mouvedia</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint/stylelint/blob/main/CHANGELOG.md">stylelint's
changelog</a>.</em></p>
<blockquote>
<h2>17.13.0 - 2026-06-06</h2>
<p>It fixes 3 bugs, including a false negative one.</p>
<ul>
<li>Fixed: <code>declaration-block-no-duplicate-properties</code> false
negatives for interleaved non-consecutive duplicates with <code>ignore:
[&quot;consecutive-duplicates(-*)&quot;]</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9324">#9324</a>)
(<a
href="https://github.com/sarathfrancis90"><code>@​sarathfrancis90</code></a>).</li>
<li>Fixed: <code>selector-max-type</code> false positives for nested
selectors (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9319">#9319</a>)
(<a
href="https://github.com/romainmenke"><code>@​romainmenke</code></a>).</li>
<li>Fixed: <code>selector-type-no-unknown</code> false positives for
<code>install</code> (<a
href="https://redirect.github.com/stylelint/stylelint/pull/9308">#9308</a>)
(<a
href="https://github.com/Mouvedia"><code>@​Mouvedia</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint/stylelint/commit/7fcee2b3155adb43daa2078762a15c2d9a24e69b"><code>7fcee2b</code></a>
Release 17.13.0 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9342">#9342</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/3b7287b2eb88474f63f6d17474e87ba836bf1f43"><code>3b7287b</code></a>
Refactor to reuse shared utilities (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9337">#9337</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/8e889c3394f410916343a5e4c2b372ec514184d0"><code>8e889c3</code></a>
Bump lint-staged from 17.0.4 to 17.0.5 (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9334">#9334</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/a74aab46df5a94afa0cf4fddc9faf6eeacf34293"><code>a74aab4</code></a>
Bump the stylelint-actions group with 5 updates (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9333">#9333</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/74c644828b839add46650d67390a0f1094dbcf7a"><code>74c6448</code></a>
Fix <code>declaration-block-no-duplicate-properties</code> false
negatives for interleav...</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/1cd26ac54ed16b92f77487f85b9305ca320f4085"><code>1cd26ac</code></a>
Skip changeset verification on fork PRs CI (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9331">#9331</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/712b9867f7a1fa631813f577d7941686a10d3a58"><code>712b986</code></a>
Fix vulnerable dependencies via <code>npm audit fix</code> (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9328">#9328</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/27196b71dbc255bd612ad26dee40bf276a8123b0"><code>27196b7</code></a>
Fix CI badge in README.md (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9329">#9329</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/179bba2e5a3264f9e96baf3318afdf113ea4f8dc"><code>179bba2</code></a>
Refactor to use <code>@import</code> over <code>@typedef</code> for
simple imports (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9326">#9326</a>)</li>
<li><a
href="https://github.com/stylelint/stylelint/commit/94eab544e488dddb43829353649da8debd6427b5"><code>94eab54</code></a>
Document using our PR template (<a
href="https://redirect.github.com/stylelint/stylelint/issues/9327">#9327</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint/stylelint/compare/17.12.0...17.13.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint&package-manager=npm_and_yarn&previous-version=17.12.0&new-version=17.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-10 13:51:44 +00:00
dependabot[bot] 404d106b8d chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.9.0 to 24.10.0 (#1937)
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.9.0 to 24.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v24.10.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Added <code>{line,fill}-layer-opacity</code> paint property. It
applies opacity to the whole layer as a whole layer so overlapping
features change in an uniform way. (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1650">#1650</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>24.10.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Added <code>{line,fill}-layer-opacity</code> paint property. It
applies opacity to the whole layer as a whole layer so overlapping
features change in an uniform way. (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1650">#1650</a>)
(by <a
href="https://github.com/CommanderStorm"><code>@​CommanderStorm</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/486830b1d830c82d1d7869f8e770d223069914d7"><code>486830b</code></a>
Bump js version to 24.10.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1698">#1698</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/d6ef337ae66714adec18011fa4edb4a6a1c74294"><code>d6ef337</code></a>
build(deps): bump codecov/codecov-action from 6.0.1 to 7.0.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1688">#1688</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/8fd6822309d5a1c45078b06b4fe2ee32a52708d6"><code>8fd6822</code></a>
feat: add <code>{line,fill}-layer-opacity</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1650">#1650</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/11e1c2b3555499ad55f15545e742c443459d8faf"><code>11e1c2b</code></a>
build(deps-dev): bump <code>@​types/node</code> from 25.9.1 to 25.9.2
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1695">#1695</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/3bd5ed2da2bd6ba27543141bb9abf1882a67b01a"><code>3bd5ed2</code></a>
build(deps-dev): bump rolldown from 1.0.3 to 1.1.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1693">#1693</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/b67254d3927ecea0b80e275e8c8ca5f824aee238"><code>b67254d</code></a>
build(deps-dev): bump rollup from 4.60.4 to 4.61.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1696">#1696</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/8c8c0e08baff1b3d561d05c6c75ce0557e1329e3"><code>8c8c0e0</code></a>
build(deps-dev): bump oxfmt from 0.52.0 to 0.53.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1691">#1691</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/16505dd2a179fdcb1bcf3a893b8e99e0361a9ff3"><code>16505dd</code></a>
build(deps-dev): bump semver from 7.8.1 to 7.8.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1694">#1694</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/31a3a4c580084eab688c95384515a643c6d6be00"><code>31a3a4c</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1692">#1692</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/719017ed1e866e020dee16fe11b22c4cd8e53cb2"><code>719017e</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 63.0.1 to 63.0.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1690">#1690</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.9.0...v24.10.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.9.0&new-version=24.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-09 13:51:40 +00:00
dependabot[bot] a8efa9cb1f chore(deps): Bump github/codeql-action from 4.36.1 to 4.36.2 (#1936)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.36.1 to 4.36.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.36.2</h2>
<ul>
<li>Cache CodeQL CLI version information across Actions steps. <a
href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li>
<li>Reduce requests while waiting for analysis processing by using
exponential backoff when polling SARIF processing status. <a
href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.36.2 - 04 Jun 2026</h2>
<ul>
<li>Cache CodeQL CLI version information across Actions steps. <a
href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li>
<li>Reduce requests while waiting for analysis processing by using
exponential backoff when polling SARIF processing status. <a
href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li>
</ul>
<h2>4.36.1 - 02 Jun 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.0 - 22 May 2026</h2>
<ul>
<li><em>Breaking change</em>: Bump the minimum required CodeQL bundle
version to 2.19.4. <a
href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li>
<li>Add support for SHA-256 Git object IDs. <a
href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li>
</ul>
<h2>4.35.5 - 15 May 2026</h2>
<ul>
<li>We have improved how the JavaScript bundles for the CodeQL Action
are generated to avoid duplication across bundles and reduce the size of
the repository by around 70%. This should have no effect on the runtime
behaviour of the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li>
<li>For performance and accuracy reasons, <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> will now only be enabled on a pull request when
diff-informed analysis is also enabled for that run. If diff-informed
analysis is unavailable (for example, because the PR diff ranges could
not be computed), the action will fall back to a full analysis. <a
href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li>
<li>If multiple inputs are provided for the GitHub-internal
<code>analysis-kinds</code> input, only <code>code-scanning</code> will
be enabled. The <code>analysis-kinds</code> input is experimental, for
GitHub-internal use only, and may change without notice at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li>
<li>Added an experimental change which, when running a Code Scanning
analysis for a PR with <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> enabled, prefers CodeQL CLI versions that have
a cached overlay-base database for the configured languages. This speeds
up analysis for a repository when there is not yet a cached overlay-base
database for the latest CLI version. We expect to roll this change out
to everyone in May. <a
href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li>
</ul>
<h2>4.35.4 - 07 May 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li>
</ul>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
<li>The Git version 2.36.0 requirement for improved incremental analysis
now only applies to repositories that contain submodules. <a
href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li>
<li>Python analysis on GHES no longer extracts the standard library,
relying instead on models of the standard library. This should result in
significantly faster extraction and analysis times, while the effect on
alerts should be minimal. <a
href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li>
<li>Fixed a bug in the validation of OIDC configurations for private
registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/8aad20d150bbac5944a9f9d289da16a4b0d87c1e"><code>8aad20d</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3949">#3949</a>
from github/update-v4.36.2-dcb947ce1</li>
<li><a
href="https://github.com/github/codeql-action/commit/f521b08cd8f468ab193ea950a589cb2e9c869c6a"><code>f521b08</code></a>
Add additional changelog notes</li>
<li><a
href="https://github.com/github/codeql-action/commit/8aeff0ffb7b78582ee0d0e6eebb8140684400d08"><code>8aeff0f</code></a>
Update changelog for v4.36.2</li>
<li><a
href="https://github.com/github/codeql-action/commit/dcb947ce15976d40ea82935510b2db4872ec124c"><code>dcb947c</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3948">#3948</a>
from github/update-bundle/codeql-bundle-v2.25.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/c251bcefa178f7780f62f150002acffe3d07fde9"><code>c251bce</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/62953c18b35f59e28351d2f1e806925aef8b1e3c"><code>62953c1</code></a>
Update default bundle to codeql-bundle-v2.25.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/423b570baf1976cd7a3daeba5d6e9f9b76432f37"><code>423b570</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3946">#3946</a>
from github/dependabot/npm_and_yarn/npm-minor-5d507a...</li>
<li><a
href="https://github.com/github/codeql-action/commit/c35d1b164463ee62a100735382aaaa525c5d3496"><code>c35d1b1</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3947">#3947</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/github/codeql-action/commit/cb1a588b02755b176e7b9d033ed4b69312f0e1bd"><code>cb1a588</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3937">#3937</a>
from github/robertbrignull/waitForProcessing_backoff</li>
<li><a
href="https://github.com/github/codeql-action/commit/ba47406412c54532b5b4fcfbaf877c9e2382b206"><code>ba47406</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3943">#3943</a>
from github/henrymercer/cache-cli-version-info</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/87557b9c84dde89fdd9b10e88954ac2f4248e463...8aad20d150bbac5944a9f9d289da16a4b0d87c1e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.36.1&new-version=4.36.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 13:53:23 +00:00
dependabot[bot] 91c9b280ff chore(deps): Bump i18next from 26.3.0 to 26.3.1 (#1935)
Bumps [i18next](https://github.com/i18next/i18next) from 26.3.0 to
26.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/releases">i18next's
releases</a>.</em></p>
<blockquote>
<h2>v26.3.1</h2>
<ul>
<li>fix(types): <code>t()</code> with a <code>keyPrefix</code> no longer
pollutes its return type with sibling keys' values. A regression in
26.3.0 — the <code>[Res] extends [never]</code> guards added to
<code>KeysBuilderWithReturnObjects</code> /
<code>KeysBuilderWithoutReturnObjects</code> turned the builders into
deferred conditional types, so <code>KeyPrefix&lt;Ns&gt;</code> stopped
resolving to a literal union and <code>keyPrefix</code> inference
widened to the whole namespace. Symptom: <code>useTranslation(ns, {
keyPrefix: 'a.b' })</code> then <code>t('title')</code> would resolve to
<code>'&lt;a.b&gt;.title' | '&lt;other.path&gt;.title' | ...</code>
instead of just the scoped value. Affected every
<code>react-i18next</code> user using <code>keyPrefix</code>. Restored
to the eager 26.2.0 form. The same-namespace conflict handling from <a
href="https://redirect.github.com/i18next/i18next/issues/2434">#2434</a>
still works via <code>_DropConflictKeys</code> at the merge layer (in
<code>options.d.ts</code>). Thanks <a
href="https://github.com/aaronrosenthal"><code>@​aaronrosenthal</code></a>
(<a
href="https://redirect.github.com/i18next/i18next/pull/2436">#2436</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's
changelog</a>.</em></p>
<blockquote>
<h2>26.3.1</h2>
<ul>
<li>fix(types): <code>t()</code> with a <code>keyPrefix</code> no longer
pollutes its return type with sibling keys' values. A regression in
26.3.0 — the <code>[Res] extends [never]</code> guards added to
<code>KeysBuilderWithReturnObjects</code> /
<code>KeysBuilderWithoutReturnObjects</code> turned the builders into
deferred conditional types, so <code>KeyPrefix&lt;Ns&gt;</code> stopped
resolving to a literal union and <code>keyPrefix</code> inference
widened to the whole namespace. Symptom: <code>useTranslation(ns, {
keyPrefix: 'a.b' })</code> then <code>t('title')</code> would resolve to
<code>'&lt;a.b&gt;.title' | '&lt;other.path&gt;.title' | ...</code>
instead of just the scoped value. Affected every
<code>react-i18next</code> user using <code>keyPrefix</code>. Restored
to the eager 26.2.0 form. The same-namespace conflict handling from <a
href="https://redirect.github.com/i18next/i18next/issues/2434">#2434</a>
still works via <code>_DropConflictKeys</code> at the merge layer (in
<code>options.d.ts</code>). Thanks <a
href="https://github.com/aaronrosenthal"><code>@​aaronrosenthal</code></a>
(<a
href="https://redirect.github.com/i18next/i18next/pull/2436">#2436</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/i18next/i18next/commit/7bdb5d70d4142dde36d46ae66f207da304d77fed"><code>7bdb5d7</code></a>
26.3.1</li>
<li><a
href="https://github.com/i18next/i18next/commit/a655e3230d76501852e027033d2dcaba1c14f434"><code>a655e32</code></a>
changelog: 26.3.1 entry for <a
href="https://redirect.github.com/i18next/i18next/issues/2436">#2436</a></li>
<li><a
href="https://github.com/i18next/i18next/commit/57ed81222d0f4ad29633877ca4d76e1f751f7603"><code>57ed812</code></a>
fix(types): keyPrefix no longer pollutes t() return type with sibling
keys (#...</li>
<li>See full diff in <a
href="https://github.com/i18next/i18next/compare/v26.3.0...v26.3.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=i18next&package-manager=npm_and_yarn&previous-version=26.3.0&new-version=26.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 13:52:50 +00:00
dependabot[bot] 1b99eb000f chore(deps): Bump downshift from 9.3.4 to 9.3.6 (#1934)
Bumps [downshift](https://github.com/downshift-js/downshift) from 9.3.4
to 9.3.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/downshift-js/downshift/releases">downshift's
releases</a>.</em></p>
<blockquote>
<h2>v9.3.6</h2>
<h2><a
href="https://github.com/downshift-js/downshift/compare/v9.3.5...v9.3.6">9.3.6</a>
(2026-06-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>getHighlightedIndexOnOpen:</strong> remove added check from
migration (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1692">#1692</a>)
(<a
href="https://github.com/downshift-js/downshift/commit/69e02d89484e0936bbe026b7ac53caceddd8d26f">69e02d8</a>)</li>
</ul>
<h2>v9.3.5</h2>
<h2><a
href="https://github.com/downshift-js/downshift/compare/v9.3.4...v9.3.5">9.3.5</a>
(2026-06-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>disabled:</strong> remove disabled from spread regression
(<a
href="https://redirect.github.com/downshift-js/downshift/issues/1689">#1689</a>)
(<a
href="https://github.com/downshift-js/downshift/commit/63b7e5b8ca776bb2cf778224b67c86123581a775">63b7e5b</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/downshift-js/downshift/commit/69e02d89484e0936bbe026b7ac53caceddd8d26f"><code>69e02d8</code></a>
fix(getHighlightedIndexOnOpen): remove added check from migration (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1692">#1692</a>)</li>
<li><a
href="https://github.com/downshift-js/downshift/commit/63b7e5b8ca776bb2cf778224b67c86123581a775"><code>63b7e5b</code></a>
fix(disabled): remove disabled from spread regression (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1689">#1689</a>)</li>
<li><a
href="https://github.com/downshift-js/downshift/commit/5a5c07199f45b7abff537309b23335000a08abb3"><code>5a5c071</code></a>
dev: fix leftover typescript migration issues (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1691">#1691</a>)</li>
<li>See full diff in <a
href="https://github.com/downshift-js/downshift/compare/v9.3.4...v9.3.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=downshift&package-manager=npm_and_yarn&previous-version=9.3.4&new-version=9.3.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 13:52:32 +00:00
dependabot[bot] 304bea60f2 chore(deps-dev): Bump stylelint-scss from 7.1.1 to 7.2.0 (#1932)
Bumps [stylelint-scss](https://github.com/stylelint-scss/stylelint-scss)
from 7.1.1 to 7.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint-scss/stylelint-scss/releases">stylelint-scss's
releases</a>.</em></p>
<blockquote>
<h2>7.2.0</h2>
<ul>
<li>Added: <code>dollar-variable-no-missing-interpolation</code> autofix
for Sass functions in custom properties (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1287">#1287</a>).</li>
<li>Added: <code>declaration-property-value-no-unknown</code> support
for namespaced functions (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1289">#1289</a>).</li>
<li>Updated: <code>at-rule-conditional-no-parentheses</code> improve
autofix (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1286">#1286</a>).</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stylelint-scss/stylelint-scss/compare/v7.1.1...v7.2.0">https://github.com/stylelint-scss/stylelint-scss/compare/v7.1.1...v7.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stylelint-scss/stylelint-scss/blob/master/CHANGELOG.md">stylelint-scss's
changelog</a>.</em></p>
<blockquote>
<h1>7.2.0</h1>
<ul>
<li>Added: <code>dollar-variable-no-missing-interpolation</code> autofix
for Sass functions in custom properties (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1287">#1287</a>).</li>
<li>Added: <code>declaration-property-value-no-unknown</code> support
for namespaced functions (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1289">#1289</a>).</li>
<li>Updated: <code>at-rule-conditional-no-parentheses</code> improve
autofix (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1286">#1286</a>).</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stylelint-scss/stylelint-scss/compare/v7.1.1...v7.2.0">https://github.com/stylelint-scss/stylelint-scss/compare/v7.1.1...v7.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/e7c92d143a99cac7822bc99632f6064037b7a9a9"><code>e7c92d1</code></a>
7.2.0</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/ecdc3c37fe99119fa37dc0dbd5fa833aad93b393"><code>ecdc3c3</code></a>
Prepare version 7.2.0 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1301">#1301</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/ddffe930d88339827a6dedcfb88d8d3c41539a5f"><code>ddffe93</code></a>
build(deps-dev): bump stylelint from 17.10.0 to 17.12.0 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1300">#1300</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/6eb763054361ae49bd521237060903ea9b9efa3a"><code>6eb7630</code></a>
Update Jest to latest version (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1299">#1299</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/ac4dffb473979c1d520069242e10f9e052b8be83"><code>ac4dffb</code></a>
build(deps-dev): bump <code>@​lavamoat/allow-scripts</code> from 5.0.1
to 5.0.2 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1298">#1298</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/ac1e7faca9d5145b99b985d77aec1a1c18bce0aa"><code>ac1e7fa</code></a>
build(deps): bump <code>@​csstools/css-calc</code> from 3.2.0 to 3.2.1
(<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1297">#1297</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/b483811b8af2d577a8950b23250257ad0162fdc9"><code>b483811</code></a>
build(deps-dev): bump postcss from 8.5.14 to 8.5.15 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1295">#1295</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/2c8816586fd3b3df8a88e57a10ef5d8684e5c27e"><code>2c88165</code></a>
build(deps-dev): bump lint-staged from 16.4.0 to 17.0.5 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1292">#1292</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/f4aea2666ee4840c7cf27245a8379c2f38db0db0"><code>f4aea26</code></a>
build(deps): bump <code>@​csstools/css-syntax-patches-for-csstree</code>
(<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1294">#1294</a>)</li>
<li><a
href="https://github.com/stylelint-scss/stylelint-scss/commit/db3c20ed4598659e019f4c52cfecaaddb84ca611"><code>db3c20e</code></a>
build(deps-dev): bump eslint from 10.3.0 to 10.4.0 (<a
href="https://redirect.github.com/stylelint-scss/stylelint-scss/issues/1293">#1293</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/stylelint-scss/stylelint-scss/compare/v7.1.1...v7.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stylelint-scss&package-manager=npm_and_yarn&previous-version=7.1.1&new-version=7.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 13:51:59 +00:00
dependabot[bot] 6a7fcafda3 chore(deps): Bump @maplibre/maplibre-gl-style-spec from 24.8.5 to 24.9.0 (#1931)
Bumps
[@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec)
from 24.8.5 to 24.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/releases">@​maplibre/maplibre-gl-style-spec's
releases</a>.</em></p>
<blockquote>
<h2>v24.9.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Allow <code>fill-color</code> when <code>fill-pattern</code> is set,
for SDF fill pattern colorization (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1683">#1683</a>)
(by <a
href="https://github.com/bradymadden97"><code>@​bradymadden97</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Resolve <code>[&quot;global-state&quot;, key]</code> to
<code>null</code> instead of <code>undefined</code> when the key is
unset but other global state keys are set (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1531">#1531</a>)
(by <a href="https://github.com/SAY-5"><code>@​SAY-5</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@​maplibre/maplibre-gl-style-spec's
changelog</a>.</em></p>
<blockquote>
<h2>24.9.0</h2>
<h3> Features and improvements</h3>
<ul>
<li>Allow <code>fill-color</code> when <code>fill-pattern</code> is set,
for SDF fill pattern colorization (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1683">#1683</a>)
(by <a
href="https://github.com/bradymadden97"><code>@​bradymadden97</code></a>)</li>
</ul>
<h3>🐞 Bug fixes</h3>
<ul>
<li>Resolve <code>[&quot;global-state&quot;, key]</code> to
<code>null</code> instead of <code>undefined</code> when the key is
unset but other global state keys are set (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1531">#1531</a>)
(by <a href="https://github.com/SAY-5"><code>@​SAY-5</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/fa9983745aedbd953ede7821d4c4fbdeb73af9bc"><code>fa99837</code></a>
Bump js version to 24.9.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1686">#1686</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/49897e302b0d257f5002235591f38b2be306066a"><code>49897e3</code></a>
fix: resolve global-state to null for unset key when other keys are set
(<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1684">#1684</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/c422204aadc32dd478122820e98fd781c24842e8"><code>c422204</code></a>
Allow fill-color with fill-pattern for SDF fill pattern colorization (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1683">#1683</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/325accc56e5a7a49b804ae4e5c53afe385ff4df6"><code>325accc</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code> (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1675">#1675</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/1d0a09c6f9f881220c8130b8dc87f9dbc744c5ab"><code>1d0a09c</code></a>
build(deps-dev): bump oxfmt from 0.51.0 to 0.52.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1676">#1676</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/785dfddcb7c7b6916c61c3fcbeb3b9812e3a59f2"><code>785dfdd</code></a>
build(deps-dev): bump rolldown-plugin-dts from 0.25.1 to 0.25.2 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1677">#1677</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/cea4a98c297d53eabed5a99d8aa733a3a4dc3da4"><code>cea4a98</code></a>
build(deps-dev): bump eslint-plugin-jsdoc from 63.0.0 to 63.0.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1680">#1680</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/c2cd45bdfd9bbd19bf7c154df457e593faf3fd83"><code>c2cd45b</code></a>
build(deps-dev): bump eslint from 10.4.0 to 10.4.1 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1679">#1679</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/ce6439afe000921d7b1ba93c5ad3bf18bc038de3"><code>ce6439a</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.59.4 to 8.60.0 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1678">#1678</a>)</li>
<li><a
href="https://github.com/maplibre/maplibre-style-spec/commit/091577834462ae9d606027281a71dac5edef3c61"><code>0915778</code></a>
build(deps-dev): bump rolldown from 1.0.2 to 1.0.3 (<a
href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1674">#1674</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/maplibre/maplibre-style-spec/compare/v24.8.5...v24.9.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@maplibre/maplibre-gl-style-spec&package-manager=npm_and_yarn&previous-version=24.8.5&new-version=24.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-08 13:51:41 +00:00
dependabot[bot] a267b06586 chore(deps): Bump github/codeql-action from 4.36.0 to 4.36.1 (#1929)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 4.36.0 to 4.36.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.36.1</h2>
<p>No user facing changes.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.36.2 - 04 Jun 2026</h2>
<ul>
<li>Cache CodeQL CLI version information across Actions steps. <a
href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li>
<li>Reduce requests while waiting for analysis processing by using
exponential backoff when polling SARIF processing status. <a
href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li>
</ul>
<h2>4.36.1 - 02 Jun 2026</h2>
<p>No user facing changes.</p>
<h2>4.36.0 - 22 May 2026</h2>
<ul>
<li><em>Breaking change</em>: Bump the minimum required CodeQL bundle
version to 2.19.4. <a
href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li>
<li>Add support for SHA-256 Git object IDs. <a
href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li>
</ul>
<h2>4.35.5 - 15 May 2026</h2>
<ul>
<li>We have improved how the JavaScript bundles for the CodeQL Action
are generated to avoid duplication across bundles and reduce the size of
the repository by around 70%. This should have no effect on the runtime
behaviour of the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li>
<li>For performance and accuracy reasons, <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> will now only be enabled on a pull request when
diff-informed analysis is also enabled for that run. If diff-informed
analysis is unavailable (for example, because the PR diff ranges could
not be computed), the action will fall back to a full analysis. <a
href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li>
<li>If multiple inputs are provided for the GitHub-internal
<code>analysis-kinds</code> input, only <code>code-scanning</code> will
be enabled. The <code>analysis-kinds</code> input is experimental, for
GitHub-internal use only, and may change without notice at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li>
<li>Added an experimental change which, when running a Code Scanning
analysis for a PR with <a
href="https://redirect.github.com/github/roadmap/issues/1158">improved
incremental analysis</a> enabled, prefers CodeQL CLI versions that have
a cached overlay-base database for the configured languages. This speeds
up analysis for a repository when there is not yet a cached overlay-base
database for the latest CLI version. We expect to roll this change out
to everyone in May. <a
href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li>
</ul>
<h2>4.35.4 - 07 May 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li>
</ul>
<h2>4.35.3 - 01 May 2026</h2>
<ul>
<li><em>Upcoming breaking change</em>: Add a deprecation warning for
customers using CodeQL version 2.19.3 and earlier. These versions of
CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise
Server 3.15, and will be unsupported by the next minor release of the
CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li>
<li>Configurations for private registries that use Cloudsmith or GCP
OIDC are now accepted. <a
href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li>
<li>Best-effort connection tests for private registries now use
<code>GET</code> requests instead of <code>HEAD</code> for better
compatibility with various registry implementations. For NuGet feeds,
the test is now always performed against the service index. <a
href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li>
<li>Fixed a bug where two diagnostics produced within the same
millisecond could overwrite each other on disk, causing one of them to
be lost. <a
href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li>
</ul>
<h2>4.35.2 - 15 Apr 2026</h2>
<ul>
<li>The undocumented TRAP cache cleanup feature that could be enabled
using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment
variable is deprecated and will be removed in May 2026. If you are
affected by this, we recommend disabling TRAP caching by passing the
<code>trap-caching: false</code> input to the <code>init</code> Action.
<a
href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li>
<li>The Git version 2.36.0 requirement for improved incremental analysis
now only applies to repositories that contain submodules. <a
href="https://redirect.github.com/github/codeql-action/pull/3789">#3789</a></li>
<li>Python analysis on GHES no longer extracts the standard library,
relying instead on models of the standard library. This should result in
significantly faster extraction and analysis times, while the effect on
alerts should be minimal. <a
href="https://redirect.github.com/github/codeql-action/pull/3794">#3794</a></li>
<li>Fixed a bug in the validation of OIDC configurations for private
registries that was added in CodeQL Action 4.33.0 / 3.33.0. <a
href="https://redirect.github.com/github/codeql-action/pull/3807">#3807</a></li>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2">2.25.2</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3823">#3823</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/87557b9c84dde89fdd9b10e88954ac2f4248e463"><code>87557b9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3940">#3940</a>
from github/update-v4.36.1-2a1689ed4</li>
<li><a
href="https://github.com/github/codeql-action/commit/94310119648b77e2153bf970fd244062806781de"><code>9431011</code></a>
Update changelog for v4.36.1</li>
<li><a
href="https://github.com/github/codeql-action/commit/2a1689ed43ccdf7eea07e03a75371ce6801d28e6"><code>2a1689e</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3939">#3939</a>
from github/henrymercer/skip-overlay-revert-when-exp...</li>
<li><a
href="https://github.com/github/codeql-action/commit/524532393a46071bdfc81527a811ffa69e16723a"><code>5245323</code></a>
Disable missing diff-ranges fallback when overlay enabled manually</li>
<li><a
href="https://github.com/github/codeql-action/commit/d1eb1207b45130d2edf64a0aa1c93be23510592f"><code>d1eb120</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3933">#3933</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="https://github.com/github/codeql-action/commit/115001ba8d0198846992657731666b08686c8ded"><code>115001b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3934">#3934</a>
from github/dependabot/npm_and_yarn/npm-minor-86fb5c...</li>
<li><a
href="https://github.com/github/codeql-action/commit/cef2e7a910879f4626a24b251504bde16bfe4e76"><code>cef2e7a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3925">#3925</a>
from github/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="https://github.com/github/codeql-action/commit/5e6adf70ed0299cdf20f90e4e37ac5dd30ab7501"><code>5e6adf7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3936">#3936</a>
from github/dependabot/npm_and_yarn/tmp-0.2.7</li>
<li><a
href="https://github.com/github/codeql-action/commit/ad170e6c4eaf671895978420267d6cb49b66b706"><code>ad170e6</code></a>
Merge branch 'main' into
dependabot/github_actions/dot-github/workflows/actio...</li>
<li><a
href="https://github.com/github/codeql-action/commit/6a37b3a57ac457a679b84930a67c233c15f5ac41"><code>6a37b3a</code></a>
Rebuild</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...87557b9c84dde89fdd9b10e88954ac2f4248e463">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=4.36.0&new-version=4.36.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-05 13:52:01 +00:00
dependabot[bot] 129593dbc8 chore(deps-dev): Bump typescript-eslint from 8.60.0 to 8.60.1 (#1928)
Bumps
[typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint)
from 8.60.0 to 8.60.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.60.1</h2>
<h2>8.60.1 (2026-06-01)</h2>
<h3>🩹 Fixes</h3>
<ul>
<li><strong>eslint-plugin:</strong> respect ECMAScript line terminators
in ts-comment rules (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12352">#12352</a>)</li>
<li><strong>eslint-plugin:</strong> [no-shadow] correct rule to match
ESLint v10 handling (<a
href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12182">#12182</a>)</li>
</ul>
<h3>❤️ Thank You</h3>
<ul>
<li>lumir</li>
<li>Nevette Bailey <a
href="https://github.com/nevette-bailey"><code>@​nevette-bailey</code></a></li>
</ul>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's
changelog</a>.</em></p>
<blockquote>
<h2>8.60.1 (2026-06-01)</h2>
<p>This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.</p>
<p>See <a
href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.1">GitHub
Releases</a> for more information.</p>
<p>You can read about our <a
href="https://typescript-eslint.io/users/versioning">versioning
strategy</a> and <a
href="https://typescript-eslint.io/users/releases">releases</a> on our
website.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/4f84a697aedc436559c3ae09b5b357d98b448d68"><code>4f84a69</code></a>
chore(release): publish 8.60.1</li>
<li><a
href="https://github.com/typescript-eslint/typescript-eslint/commit/1849b530c254fb4f89d7270160f3a998e4acd964"><code>1849b53</code></a>
chore: typecheck using tsgo (<a
href="https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint/issues/12139">#12139</a>)</li>
<li>See full diff in <a
href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.1/packages/typescript-eslint">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript-eslint&package-manager=npm_and_yarn&previous-version=8.60.0&new-version=8.60.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-05 13:50:38 +00:00
dependabot[bot] 5df51d4dc1 chore(deps-dev): Bump the vitest group with 2 updates (#1924)
Bumps the vitest group with 2 updates:
[@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8)
and
[vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).

Updates `@vitest/coverage-v8` from 4.1.7 to 4.1.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">@​vitest/coverage-v8's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.8</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li><strong>browser</strong>:
<ul>
<li>Disable client <code>cdp</code> API when <code>allowWrite/allowExec:
false</code> [backport to v4]  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> and
<strong>Codex</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10450">vitest-dev/vitest#10450</a>
<a href="https://github.com/vitest-dev/vitest/commit/e4067b3b1"><!-- raw
HTML omitted -->(e4067)<!-- raw HTML omitted --></a></li>
<li>Remove orphaned Playwright route when same module is mocked via
multiple ids [backport to v4]  -  by <a
href="https://github.com/toxik"><code>@​toxik</code></a> and <a
href="https://github.com/Zelys-DFKH"><code>@​Zelys-DFKH</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10474">vitest-dev/vitest#10474</a>
<a href="https://github.com/vitest-dev/vitest/commit/675b4343f"><!-- raw
HTML omitted -->(675b4)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f"><code>e61f2dd</code></a>
chore: release v4.1.8</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9"><code>e4067b3</code></a>
fix(browser): disable client <code>cdp</code> API when
<code>allowWrite/allowExec: false</code> [ba...</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/coverage-v8">compare
view</a></li>
</ul>
</details>
<br />

Updates `vitest` from 4.1.7 to 4.1.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitest-dev/vitest/releases">vitest's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.8</h2>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li><strong>browser</strong>:
<ul>
<li>Disable client <code>cdp</code> API when <code>allowWrite/allowExec:
false</code> [backport to v4]  -  by <a
href="https://github.com/hi-ogawa"><code>@​hi-ogawa</code></a> and
<strong>Codex</strong> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10450">vitest-dev/vitest#10450</a>
<a href="https://github.com/vitest-dev/vitest/commit/e4067b3b1"><!-- raw
HTML omitted -->(e4067)<!-- raw HTML omitted --></a></li>
<li>Remove orphaned Playwright route when same module is mocked via
multiple ids [backport to v4]  -  by <a
href="https://github.com/toxik"><code>@​toxik</code></a> and <a
href="https://github.com/Zelys-DFKH"><code>@​Zelys-DFKH</code></a> in <a
href="https://redirect.github.com/vitest-dev/vitest/issues/10474">vitest-dev/vitest#10474</a>
<a href="https://github.com/vitest-dev/vitest/commit/675b4343f"><!-- raw
HTML omitted -->(675b4)<!-- raw HTML omitted --></a></li>
</ul>
</li>
</ul>
<h5>    <a
href="https://github.com/vitest-dev/vitest/compare/v4.1.7...v4.1.8">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e61f2dd2a0ba0a266c1c5e0334aad3799fee527f"><code>e61f2dd</code></a>
chore: release v4.1.8</li>
<li><a
href="https://github.com/vitest-dev/vitest/commit/e4067b3b150005fd42cf75f994300119245806b9"><code>e4067b3</code></a>
fix(browser): disable client <code>cdp</code> API when
<code>allowWrite/allowExec: false</code> [ba...</li>
<li>See full diff in <a
href="https://github.com/vitest-dev/vitest/commits/v4.1.8/packages/vitest">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-04 13:51:00 +00:00
dependabot[bot] 7403e3c552 chore(deps): Bump react-router and react-router-dom (#1923)
Bumps
[react-router](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router)
and
[react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom).
These dependencies needed to be updated together.
Updates `react-router` from 6.30.3 to 6.30.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/remix-run/react-router/releases">react-router's
releases</a>.</em></p>
<blockquote>
<h2>v6.30.4</h2>
<p>See the changelog for release notes: <a
href="https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6304">https://github.com/remix-run/react-router/blob/v6/CHANGELOG.md#v6304</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/remix-run/react-router/blob/react-router@6.30.4/packages/react-router/CHANGELOG.md">react-router's
changelog</a>.</em></p>
<blockquote>
<h2>v6.30.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies:
<ul>
<li><a
href="https://github.com/remix-run/react-router/releases/tag/@remix-run/router@1.23.3"><code>@remix-run/router@1.23.3</code></a></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/remix-run/react-router/commit/651211cd615a4b3a1d3f6ca8465eedbcac4f146c"><code>651211c</code></a>
Release v6.30.4 (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15120">#15120</a>)</li>
<li><a
href="https://github.com/remix-run/react-router/commit/f82a6f9a75a1284e33d91241ebe9242001031d9d"><code>f82a6f9</code></a>
Bring new release process into v6 branch (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router/issues/15115">#15115</a>)</li>
<li>See full diff in <a
href="https://github.com/remix-run/react-router/commits/react-router@6.30.4/packages/react-router">compare
view</a></li>
</ul>
</details>
<br />

Updates `react-router-dom` from 6.30.3 to 6.30.4
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/remix-run/react-router/blob/react-router-dom@6.30.4/packages/react-router-dom/CHANGELOG.md">react-router-dom's
changelog</a>.</em></p>
<blockquote>
<h2>v6.30.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies:
<ul>
<li><a
href="https://github.com/remix-run/react-router/releases/tag/react-router@6.30.4"><code>react-router@6.30.4</code></a></li>
<li><a
href="https://github.com/remix-run/react-router/releases/tag/@remix-run/router@1.23.3"><code>@remix-run/router@1.23.3</code></a></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/remix-run/react-router/commit/651211cd615a4b3a1d3f6ca8465eedbcac4f146c"><code>651211c</code></a>
Release v6.30.4 (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15120">#15120</a>)</li>
<li><a
href="https://github.com/remix-run/react-router/commit/f82a6f9a75a1284e33d91241ebe9242001031d9d"><code>f82a6f9</code></a>
Bring new release process into v6 branch (<a
href="https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom/issues/15115">#15115</a>)</li>
<li>See full diff in <a
href="https://github.com/remix-run/react-router/commits/react-router-dom@6.30.4/packages/react-router-dom">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/maplibre/maputnik/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-04 02:21:57 +00:00
dependabot[bot] 1ad0c9019d chore(deps): Bump cypress-io/github-action from 7.3.0 to 7.4.0 (#1922)
Bumps
[cypress-io/github-action](https://github.com/cypress-io/github-action)
from 7.3.0 to 7.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's
releases</a>.</em></p>
<blockquote>
<h2>v7.4.0</h2>
<h1><a
href="https://github.com/cypress-io/github-action/compare/v7.3.0...v7.4.0">7.4.0</a>
(2026-06-01)</h1>
<h3>Features</h3>
<ul>
<li><strong>deps:</strong> remove Node.js 25 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1781">#1781</a>)
(<a
href="https://github.com/cypress-io/github-action/commit/948d67d3074f1bbb6379c8bdbb04e95d2f8e593f">948d67d</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md">cypress-io/github-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>This document gives an overview of changes to the Cypress GitHub
JavaScript Action <a
href="https://github.com/cypress-io/github-action">cypress-io/github-action</a>.</p>
<p>See <a
href="https://github.com/cypress-io/github-action/releases">Releases</a>
for full details of changes.</p>
<table>
<thead>
<tr>
<th>Version</th>
<th>Changes</th>
</tr>
</thead>
<tbody>
<tr>
<td>v7.4.0</td>
<td>Examples remove Node.js 25. End of support for Node.js 25.</td>
</tr>
<tr>
<td>v7.3.0</td>
<td>Add parameter <code>expose</code> for <a
href="https://docs.cypress.io/api/cypress-api/expose"><code>Cypress.expose()</code></a>
support</td>
</tr>
<tr>
<td>v7.2.0</td>
<td>Examples remove Node.js 20. End of support for Node.js 20.</td>
</tr>
<tr>
<td>v7.1.0</td>
<td>Add parameter <code>package-manager-cache</code></td>
</tr>
<tr>
<td>v7.0.0</td>
<td>Action runs under Node.js 24 instead of Node.js 20</td>
</tr>
<tr>
<td>v6.10.0</td>
<td>Examples remove Node.js 23. End of support for Node.js 23.</td>
</tr>
<tr>
<td>v6.9.0</td>
<td>Add parameter validation for <code>command</code></td>
</tr>
<tr>
<td>v6.8.0</td>
<td>Examples remove Node.js 18. End of support for Node.js 18.</td>
</tr>
<tr>
<td>v6.7.10</td>
<td>Examples updated to Cypress 14</td>
</tr>
<tr>
<td>v6.7.9</td>
<td>Migrate to <code>@actions/cache@4.0.0</code> for continued access to
GitHub Actions caching services</td>
</tr>
<tr>
<td>v6.7.0</td>
<td>Examples remove Node.js 21. End of support for Node.js 21.</td>
</tr>
<tr>
<td>v6.6.0</td>
<td>Add parameter <code>summary-title</code></td>
</tr>
<tr>
<td>v6.5.0</td>
<td>Examples remove Node.js 16. End of support for Node.js 16.</td>
</tr>
<tr>
<td>v6.4.0</td>
<td>Action adds PR number and URL if available when recording</td>
</tr>
<tr>
<td>v6.3.0</td>
<td>v6 is recommended action version</td>
</tr>
<tr>
<td>v6.2.0</td>
<td>Examples updated to Cypress 13</td>
</tr>
<tr>
<td>v6.1.0</td>
<td>Examples for Cypress 9 archived in action's <a
href="https://github.com/cypress-io/github-action/tree/v5">v5</a>
branch</td>
</tr>
<tr>
<td>v6.0.0</td>
<td>Action runs under Node.js 20 instead of Node.js 16</td>
</tr>
<tr>
<td>v5.8.1</td>
<td>Examples remove Node.js 19. End of support for Node.js 19</td>
</tr>
<tr>
<td>v5.8.0</td>
<td>Add GitHub step output <code>resultsUrl</code>. Deprecate
<code>dashboardUrl</code>.</td>
</tr>
<tr>
<td>v5.7.0</td>
<td>Add basic Yarn Modern Plug'n'Play support</td>
</tr>
<tr>
<td>v5.6.2</td>
<td>Examples add Node.js 20. End of support and removal of Node.js 14
examples.</td>
</tr>
<tr>
<td>v5.6.0</td>
<td>Add check for lockfile presence</td>
</tr>
<tr>
<td>v5.5.0</td>
<td>Examples add Yarn Modern</td>
</tr>
<tr>
<td>v5.4.0</td>
<td>Examples add Yarn Classic</td>
</tr>
<tr>
<td>v5.3.0</td>
<td>Add parameter <code>publish-summary</code> (default
<code>true</code>)</td>
</tr>
<tr>
<td>v5.2.0</td>
<td>Examples add Node.js 19</td>
</tr>
<tr>
<td>v5.1.0</td>
<td>Add parameter <code>auto-cancel-after-failures</code></td>
</tr>
<tr>
<td>v5.0.0</td>
<td>Examples add Node.js 18 and remove Node.js 12</td>
</tr>
<tr>
<td>v4.2.2</td>
<td>Dependency on GitHub <code>set-output</code> workflow command
removed</td>
</tr>
<tr>
<td>v4.2.0</td>
<td>Support for <code>pnpm</code> added</td>
</tr>
<tr>
<td>v4.0.0</td>
<td>Support for Cypress 10 and later versions added</td>
</tr>
<tr>
<td>v3</td>
<td>Action runs under Node.js 16 instead of Node.js 12</td>
</tr>
<tr>
<td>v2</td>
<td>Cypress runs using the <a
href="https://on.cypress.io/module-api">Module API</a></td>
</tr>
<tr>
<td>v1</td>
<td><em>This version is no longer runnable in GitHub due to security
changes.</em></td>
</tr>
</tbody>
</table>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/cypress-io/github-action/commit/948d67d3074f1bbb6379c8bdbb04e95d2f8e593f"><code>948d67d</code></a>
feat(deps): remove Node.js 25 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1781">#1781</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/2b7e08ae8c9b661a771e3dc864829fb8693cb1af"><code>2b7e08a</code></a>
chore(deps): update dependency node to v24.16.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1777">#1777</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/69a0c7c0a5b2c0a81167f0c738897ef3f72d9693"><code>69a0c7c</code></a>
test: complete cypress@15.16.0 update (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1778">#1778</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/e487d96c701316778ffaea5fccafca4d1ab58f41"><code>e487d96</code></a>
chore(deps): update node.js to v24.16.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1770">#1770</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/5cfba340db24c57a561fe6f3ba8883deffc72d82"><code>5cfba34</code></a>
chore(deps): update dependency webpack to ^5.107.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1771">#1771</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/65ccb9f02c0b9dc4579b4a11398bfd779f4fc377"><code>65ccb9f</code></a>
chore: add minimum release age and vulnerability alerts to renovate
config (#...</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/5130fef9c331a8525857c7c8eb41a70f366f4a7b"><code>5130fef</code></a>
chore(deps): update dependency cypress to v15.16.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1773">#1773</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/e910707b25409dff74381de369cb753872ec2016"><code>e910707</code></a>
test: exclude Cypress from Yarn Modern npmMinimalAgeGate (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1774">#1774</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/984bd80d6ee014c17e5503f1e6924ce8be94e57e"><code>984bd80</code></a>
chore(deps): update yarn to v4.15.0 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1768">#1768</a>)</li>
<li><a
href="https://github.com/cypress-io/github-action/commit/1c3bb666393340ff658f6dca68f689592d921dfa"><code>1c3bb66</code></a>
chore(deps): update dependency vite to ^8.0.14 (<a
href="https://redirect.github.com/cypress-io/github-action/issues/1769">#1769</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cypress-io/github-action/compare/dace029018fcdf86e0df89a31bc3cfa5b32570d8...948d67d3074f1bbb6379c8bdbb04e95d2f8e593f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cypress-io/github-action&package-manager=github_actions&previous-version=7.3.0&new-version=7.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-04 02:02:28 +00:00
dependabot[bot] f9e18fd774 chore(deps): Bump downshift from 9.3.3 to 9.3.4 (#1921)
Bumps [downshift](https://github.com/downshift-js/downshift) from 9.3.3
to 9.3.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/downshift-js/downshift/releases">downshift's
releases</a>.</em></p>
<blockquote>
<h2>v9.3.4</h2>
<h2><a
href="https://github.com/downshift-js/downshift/compare/v9.3.3...v9.3.4">9.3.4</a>
(2026-05-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>bring back action props and update the hooks to use TypeScript fully
(<a
href="https://redirect.github.com/downshift-js/downshift/issues/1683">#1683</a>)
(<a
href="https://github.com/downshift-js/downshift/commit/b415eea3a9d1744fd706ccb58b8b9a87bd8a98f8">b415eea</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/downshift-js/downshift/commit/b415eea3a9d1744fd706ccb58b8b9a87bd8a98f8"><code>b415eea</code></a>
fix: bring back action props and update the hooks to use TypeScript
fully (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1">#1</a>...</li>
<li><a
href="https://github.com/downshift-js/downshift/commit/71cf356f2a417c94894116a8f81b429ec220d346"><code>71cf356</code></a>
dev: replace cypress with playwright (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1687">#1687</a>)</li>
<li><a
href="https://github.com/downshift-js/downshift/commit/cfefe77d8268502f2a40a1c8625772b6f2bb6ed8"><code>cfefe77</code></a>
docs(useMultipleSelection): remove itemToString prop references (<a
href="https://redirect.github.com/downshift-js/downshift/issues/1684">#1684</a>)</li>
<li>See full diff in <a
href="https://github.com/downshift-js/downshift/compare/v9.3.3...v9.3.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=downshift&package-manager=npm_and_yarn&previous-version=9.3.3&new-version=9.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-04 02:01:08 +00:00