chore(deps): bump the npm group in /dev/diff with 9 updates

[dependabot]

Bumps the npm group in /dev/diff with 9 updates:

Package	From	To
chalk	5.4.1	5.6.2
dockerode	4.0.6	4.0.9
fs-extra	11.3.0	11.3.2
got	13.0.0	14.6.1
listr2	6.6.1	9.0.5
luxon	3.6.1	3.7.2
pretty-bytes	6.1.1	7.1.0
tar	7.4.3	7.5.1
yargs	17.7.2	18.0.0

Updates chalk from 5.4.1 to 5.6.2

Release notes

Sourced from chalk's releases.

v5.6.2

• Fix vulnerability in 5.6.1, see: chalk/chalk#656

v5.6.0

• Make WezTerm terminal use true color a8f5bf7

---

chalk/chalk@v5.5.0...v5.6.0

v5.5.0

• Make Ghostty terminal use true color (#653) 79ee2d3

---

chalk/chalk@v5.4.1...v5.5.0

Commits

• 5155778 5.6.2
• 5c91505 5.6.0
• a8f5bf7 Make WezTerm terminal use true color
• 67db246 5.5.0
• 79ee2d3 Make Ghostty terminal use true color (#653)
• See full diff in compare view

Updates dockerode from 4.0.6 to 4.0.9

Release notes

Sourced from dockerode's releases.

v4.0.9

What's Changed

• Bump tar-fs from 2.1.3 to 2.1.4 by @​dependabot[bot] in apocas/dockerode#814

Full Changelog: apocas/dockerode@v4.0.8...v4.0.9

v4.0.8

What's Changed

• chore: bump tar-fs dependency version to 2.1.3 by @​mevrin-ueat in apocas/dockerode#813

New Contributors

• @​mevrin-ueat made their first contribution in apocas/dockerode#813

Full Changelog: apocas/dockerode@v4.0.7...v4.0.8

v4.0.7

What's Changed

• Bump tar-fs from 2.1.2 to 2.1.3 by @​dependabot in apocas/dockerode#808

Full Changelog: apocas/dockerode@v4.0.6...v4.0.7

Commits

• b9b1c71 chore: bump version to 4.0.9 and update tar-fs dependency to 2.1.4
• 383e516 Merge pull request #814 from apocas/dependabot/npm_and_yarn/tar-fs-2.1.4
• 726764e Bump tar-fs from 2.1.3 to 2.1.4
• 5e5d65d chore: bump version to 4.0.8 and update tar-fs dependency to 2.1.3
• 7d1bbbb Merge pull request #813 from mevrin-ueat/chore/bump-tar-fs
• 003257f chore: bump tar-fs dependency version to 2.1.3
• 7bc1d4c Update README.md
• 7f41d32 version bump
• 0675052 Merge pull request #808 from apocas/dependabot/npm_and_yarn/tar-fs-2.1.3
• 94902df Bump tar-fs from 2.1.2 to 2.1.3
• See full diff in compare view

Updates fs-extra from 11.3.0 to 11.3.2

Changelog

Sourced from fs-extra's changelog.

11.3.2 / 2025-09-15

• Fix spurrious UnhandledPromiseRejectionWarning that could occur when calling .copy() in some cases (#1056, #1058)

11.3.1 / 2025-08-05

• Fix case where move/moveSync could incorrectly think files are identical on Windows (#1050)

Commits

• 403e8aa 11.3.2
• 47f1095 Fix UnhandledPromiseRejectionWarning in copy (#1058)
• 5e62bb7 11.3.1
• b897b36 fix incorrect identical result for windows node v22+ (#1050)
• 22583f7 Test on more modern Node versions (#1051)
• 83ff8ca Do not mutate args in ensure symlink tests (#1052)
• See full diff in compare view

Updates got from 13.0.0 to 14.6.1

Release notes

Sourced from got's releases.

v14.6.1

• Fix the TS code not being built in 14.6.0.

---

sindresorhus/got@v14.6.0...v14.6.1

v14.6.0

Improvements

• Add beforeCache hook 1c3a041
• Add retryCount to beforeRequest hook context 91cdc48
• Improve HTTPError message to include method and URL 6dd7574
• Add support for typed arrays as request body ecf5633
• Add Node.js diagnostic channel support 3e2a781
• Allow custom Error classes in beforeError hook 1c71194
• Add zstd (Zstandard) compression support 449833a
• Improve validation error messages by including option names f5c54a3
• Add strictContentLength option 4206f0e
• Add support for https.secureOptions option 7ec1714
• Add copyPipedHeaders option to control automatic header copying from piped streams d83dadd
• Add stream.isReadonly property to detect read-only streams 030dfbb

Fixes

• Fix HTTP/2 timings NaN issue 398c11a
• Fix shortcut methods ignoring handler errors f004564
• Fix body reassignment in beforeRetry hooks bf84d36
• Fix beforeError hook not being called for ERR_UNSUPPORTED_PROTOCOL error fb86418
• FIx preserving prefixUrl in hooks 9725fbd
• Fix race condition causing retry after promise settles 1e49781
• Fix stream validation errors causing unhandled rejections 2527bf6
• Fix incorrect content-length when piping decompressed responses 30b3b79
• Fix EPIPE errors bypassing retry logic in Promise API 6ae3e7f
• Fix silent hang when returning cached response with FormData body from beforeRequest hook e09a9bd
• Fix hook type definitions to reflect normalized runtime state 6a544a3
• Fix afterResponse hook validation to allow null body values 60a4419
• Fix DNS timing being non-zero when connecting to IP addresses 3d66aec
• Fix timings.end being undefined when stream is destroyed before completion 4e75679
• Fix properly treating different UNIX socket paths as different origins e5659d4

Meta

I managed to get it almost down to zero issues! 🎉

---

sindresorhus/got@v14.5.0...v14.6.0

v14.5.0

... (truncated)

Commits

• f9faa7a 14.6.1
• a743830 Minor tweak
• 892736c Document how to get better upload progress
• c2ce656 Minor tweaks
• 753d32e 14.6.0
• 599ae74 Code style
• d83dadd Add copyPipedHeaders option to control automatic header copying from piped ...
• 3e2a781 Add Node.js diagnostic channel support
• 6dd7574 Improve HTTPError message to include method and URL
• 1c71194 Allow custom Error classes in beforeError hook
• Additional commits viewable in compare view

Updates listr2 from 6.6.1 to 9.0.5

Commits

• See full diff in compare view

Updates luxon from 3.6.1 to 3.7.2

Changelog

Sourced from luxon's changelog.

3.7.2 (2025-07-09)

• Fix ES6 packaging

3.7.1 (2025-07-09)

• Revert change in ES6 packaging

3.7.0 (2025-07-09)

• Added showZeros option to Duration#toHuman
• Added Duration#removeZeros method.
• Added rounding option to DateTime#toRelative
• Added precision option to ISO formatting methods
• Added signMode option to Duration#toFormat
• Allow escaping single quotes in format strings
• Improve output of Info.months and Info.monthsFormat for ja locale
• Accept lowercase t as a separator in ISO strings
• Accept lowercase z as an offset in ISO strings
• Reject non-finite numbers where previously only NaN was rejected
• Improve the documentation for Interval
• Added a dark theme for the documentation site

Commits

• 4262a38 Version 3.7.2
• 738144d Fix the build ES6 code having the wrong file extension and use it in package....
• 3b2f374 Release version 3.7.1
• c67ee7d Revert "build: use the es6 build for ESM exports (#1707)"
• cfa58a2 Release version 3.7.0
• 7d379cc Fix unsupported signDisplay value
• 4e81ef9 Implement "signMode" on Duration#toFormat
• 5aa55da Improve documentation regarding Interval's half-openness
• b188e10 add dark theme to docs (#1713)
• cf67025 build: use the es6 build for ESM exports (#1707)
• Additional commits viewable in compare view

Updates pretty-bytes from 6.1.1 to 7.1.0

Release notes

Sourced from pretty-bytes's releases.

v7.1.0

• Add fixedWidth option for right-aligned output 73df489
• Add nonBreakingSpace option b637640
• Fix truncation behavior with fraction digits options b64cee5

---

sindresorhus/pretty-bytes@v7.0.1...v7.1.0

v7.0.1

• Fix precision with the binary option (#88) c9fd951

---

sindresorhus/pretty-bytes@v7.0.0...v7.0.1

v7.0.0

Breaking

• Require Node.js 20 13d3727

Improvements

• Add support for BigInt (#85) 386b35a

---

sindresorhus/pretty-bytes@v6.1.1...v7.0.0

Commits

• b7849f7 7.1.0
• 73df489 Add fixedWidth option for right-aligned output
• b64cee5 Fix truncation behavior with fraction digits options
• b637640 Add nonBreakingSpace option
• 3c77fd1 7.0.1
• c9fd951 Fix precision with the binary option (#88)
• 4186190 Fix CI
• 2658a8e 7.0.0
• 13d3727 Require Node.js 20
• 386b35a Add support for BigInt (#85)
• Additional commits viewable in compare view

Updates tar from 7.4.3 to 7.5.1

Changelog

Sourced from tar's changelog.

Changelog

7.5

• Added zstd compression support.

7.4

• Deprecate onentry in favor of onReadEntry for clarity.

7.3

• Add onWriteEntry option

7.2

• DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

• Update minipass to v7.1.0
• Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

• Drop support for node <18
• Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
• Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
• Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.
• Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

6.2

• Add support for brotli compression
• Add maxDepth option to prevent extraction into excessively deep folders.

... (truncated)

Commits

• 64728e8 7.5.1
• 5330eb0 fix: consistent TOCTOU behavior in sync t.list
• dcb0287 7.5.0
• aa1bed9 changelog 7.5
• 49bf8f9 feat: add initial zstd support
• b35ff94 ci: don't bother testing on node 18
• 181be3a update workflows, tshy configs
• 15d4510 7.4.4
• a474465 Fix some typos
• 65ff5be docs(changelog): add missing v7 breaking change
• Additional commits viewable in compare view

Updates yargs from 17.7.2 to 18.0.0

Changelog

Sourced from yargs's changelog.

18.0.0 (2025-05-26)

⚠ BREAKING CHANGES

• command names are not derived from modules passed to command.
• singleton usage of yargs yargs.foo, yargs().argv, has been removed.
• minimum node.js versions now ^20.19.0 || ^22.12.0 || >=23.
• yargs is now ESM first

Features

• commandDir now works with ESM files (#2461) (27eec18)
• locale: adds hebrew translation (#2357) (4266485)
• yargs is now ESM first (d90af45)
• zsh: Add default completion as fallback (#2331) (e02c91b)

Bug Fixes

• addDirectory do not support absolute command dir (#2465) (3a40a78)
• allows ESM modules commands to be extensible using visit option (#2468) (200e1aa)
• browser: fix shims so that yargs continues working in browser context (#2457) (4ae5f57)
• build: address problems with typescript compilation (#2445) (8d72fb3)
• coerce should play well with parser configuration (#2308) (8343c66)
• deps: update dependency yargs-parser to v22 (#2470) (639130d)
• exit after async handler done (#2313) (e326cde)
• handle spaces in bash completion (#2452) (83b7788)
• parser-configuration should work well with generated completion script (#2332) (888db19)
• propagate Dictionary including undefined in value type (#2393) (2b2f7f5)
• zsh: completion no longer requires double tab when using autoloaded (0dd8fe4)

Code Refactoring

• command names are not derived from modules passed to command. (d90af45)
• singleton usage of yargs yargs.foo, yargs().argv, has been removed. (d90af45)

Build System

• minimum node.js versions now ^20.19.0 || ^22.12.0 || >=23. (d90af45)

Commits

• 0bc7255 chore(main): release 18.0.0 (#2325)
• 639130d fix(deps): update dependency yargs-parser to v22 (#2470)
• 200e1aa fix: allows ESM modules commands to be extensible using visit option (#2468)
• 888db19 fix: parser-configuration should work well with generated completion script (...
• 3a40a78 fix: addDirectory do not support absolute command dir (#2465)
• 90e9eca docs: remove to old slack channel (#2466)
• 0dd8fe4 fix(zsh): completion no longer requires double tab when using autoloaded
• 27eec18 feat: commandDir now works with ESM files (#2461)
• f9c72a7 docs: update examples to run from examples folder (#2463)
• e02c91b feat(zsh): Add default completion as fallback (#2331)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.