Skip to content

fix(deps): bump the all-minor-patch group across 1 directory with 11 updates#40

Merged
SkeLLLa merged 1 commit into
masterfrom
dependabot/npm_and_yarn/all-minor-patch-246300836d
Jun 22, 2026
Merged

fix(deps): bump the all-minor-patch group across 1 directory with 11 updates#40
SkeLLLa merged 1 commit into
masterfrom
dependabot/npm_and_yarn/all-minor-patch-246300836d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 21, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-minor-patch group with 11 updates in the / directory:

Package From To
@unovis/svelte 1.6.5 1.6.6
@unovis/ts 1.6.5 1.6.6
dexie 4.4.3 4.4.4
@inlang/paraglide-js 2.18.2 2.20.1
@sveltejs/kit 2.63.0 2.66.0
@tailwindcss/vite 4.3.0 4.3.1
eslint 10.4.1 10.5.0
prettier 3.8.3 3.8.4
semantic-release 25.0.3 25.0.5
tailwindcss 4.3.0 4.3.1
typescript-eslint 8.60.1 8.61.1

Updates @unovis/svelte from 1.6.5 to 1.6.6

Release notes

Sourced from @​unovis/svelte's releases.

1.6.6

What's Changed

... (truncated)

Commits
  • 4f18887 Release: 1.6.6
  • 6c92288 Misc: Refresh license reports
  • c737c1e Misc: Changed license report output format to Markdown
  • 60f0f45 Misc: Refine the gather-licenses script
  • f38321e Dev: Minor code cleanup
  • 5ffe639 Dev | Examples: Add Synced Crosshairs for Vue, Svelte, Solid
  • See full diff in compare view

Updates @unovis/ts from 1.6.5 to 1.6.6

Release notes

Sourced from @​unovis/ts's releases.

1.6.6

What's Changed

... (truncated)

Commits
  • 4f18887 Release: 1.6.6
  • daa9589 Misc: Fix vulnerabilites
  • 4010bd1 Misc: Update remaining dark selectors
  • adbdaa7 chore(dev): add dark theme example, replace all root theme-dark with selectors
  • 4c22dc5 fix(utils): support dark theme CSS selectors
  • 4d1eef2 Revert "Component | Graph: Intro expand or collapse graph nodes"
  • c4970a9 Revert "Dev | Graph: Intro expand or collapse graph nodes example"
  • 39bb131 Dev | Graph: Intro expand or collapse graph nodes example
  • dd70394 Component | Graph: Intro expand or collapse graph nodes
  • c485b2f Component | Crosshair: Add configurable visibility threshold
  • Additional commits viewable in compare view

Updates dexie from 4.4.3 to 4.4.4

Release notes

Sourced from dexie's releases.

Dexie v4.4.4

This is a maintenance release that resolves a bug in useLiveQuery caching and includes a TypeScript typing enhancement.

Related Package Releases

Package Version
dexie 4.4.4
dexie-cloud-addon 4.4.13 (no change)
dexie-react-hooks 4.4.0 (no change)
y-dexie 4.4.0 (no change)

Bug Fixes

dexie@4.4.4

  • fix: useLiveQuery fails to detect updates when mutating queried objects in-place and calling put() — In default/cloned cache mode (cache: 'cloned'), mutating queried objects in-place and subsequently calling put() on them would pollute the cache directly, preventing subsequent live-queries from detecting the change because the "before" and "after" states in the cache became identical. Live-queries now deeply clone results on read to completely isolate query results from in-place consumer mutations. (#2310). Reported in #2309 by @​laukaichung. Fixed by @​liz709 and @​dfahlander .

Other Changes

dexie@4.4.4

  • fix: typescript typings - add missing table4 parameter to transaction method — Added the missing table4 parameter to the typescript type definition of Dexie.transaction(), aligning it with other table parameters. Contributed by @​renbaoshuo (#2311)
Commits
  • f151e96 chore: bump version to 4.4.4
  • 0cc46ac perf(live-query): avoid redundant double deepClone on initial query cache pop...
  • fb5d3b7 test(live-query): revert prettier formatting and keep only targeted test fixes
  • 8c8c24d test(live-query): parameterize issue 2309 test and fix pre-existing syntax/pr...
  • bb4c265 test(live-query): change actualResults to let to avoid TypeError in tests
  • a6edadb fix(live-query): clone results on cache read when cache: 'cloned' is used (is...
  • 9485361 Add missing table4 parameter typing to transaction method
  • See full diff in compare view

Updates @inlang/paraglide-js from 2.18.2 to 2.20.1

Changelog

Sourced from @​inlang/paraglide-js's changelog.

2.20.1

Patch Changes

  • 8c3493d: Fix server cookie locale parsing when Cookie headers omit whitespace after semicolons.

2.20.0

Minor Changes

  • 2c34351: Emit messages/package.json with { "type": "module", "sideEffects": false } for message-modules output, declaring the generated message modules side-effect-free.

    This lets bundlers (notably Vite 8 / Rolldown) drop unused re-exports from the m barrel per entry, instead of bundling every message used anywhere in the app into one shared chunk that every entry downloads. Without it, per-page JS scales with the union of all messages used across the app rather than with the messages a given route actually uses.

    The declaration is scoped to messages/, so runtime.js (which has real side effects) is unaffected. type: "module" is included because the package.json creates a new module scope for messages/; without it, the generated ESM files would default to CommonJS (a package.json without type is CJS in Node, even when the consuming project is type: "module").

    See opral/paraglide-js#668

Patch Changes

  • 921c3be: experimentalMiddlewareLocaleSplitting: the injected inline script now reuses the nonce from the response's Content-Security-Policy header, so it is allowed under a strict CSP instead of being blocked and breaking hydration. Automatic - no configuration needed.

2.19.0

Minor Changes

  • 67a8942: Compile pattern-level function-reference annotations to registry calls

    Annotations attached directly to pattern expressions (e.g. i18next's {{count, number}} imported via plugin-i18next) were silently dropped and compiled to plain interpolation. They now compile through the same registry.* path as local-variable annotations:

    // before
    const en_views = (i) => `${i?.count} views`;
    // after
    const en_views = (i) => `${registry.number("en", i?.count, {})} views`;

    Unknown formatter names fall back to plain interpolation with a compile-time warning instead of failing or staying silent. compilePattern() gained an optional locale parameter, required to compile annotations.

    Fixes opral/paraglide-js#694

  • d57efa1: Skip recompilation when inputs are unchanged across bundler runs in the same process

    vite build fires buildStart once per environment (client, ssr, ...) and each run did a full compile() — project loading and message compilation — even though the inputs hadn't changed. The plugin now hashes the tracked input files, their directory listings, and the output-affecting options after a successful compile, and skips compile() entirely when the digest matches on the next run. The second and later environments become near-free:

    vite v6.4.1 building for production...
    ✔ [paraglide-js] Compilation complete (locale-modules)
    ✓ built in 634ms
    vite v6.4.1 building SSR bundle for production...
    

... (truncated)

Commits

Updates @sveltejs/kit from 2.63.0 to 2.66.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.66.0

Minor Changes

  • feat: precompress prerendered .md and .mdx files (#15893)

  • feat: warn the user when they forget to make boolean inputs optional in their form schemas (#15804)

Patch Changes

  • fix: blur active element before component update during navigation so that blur/focusout handlers fire while old component data is still valid (#15452)

  • fix: ensure base is available from $service-worker during development (#15882)

  • fix: use correct relative asset paths when rendering an error page for a missing __data.json request (#15884)

  • fix: preserve active for await consumers across query.live reconnects (#16022)

  • fix: settle query.live reconnect promise on all exit paths, preventing invalidateAll() from deadlocking when a live query is offline or interrupted (#16022)

  • fix: preserve last value when a query.live stream completes without yielding on reconnect (#16022)

  • fix: remove types: ['node'] from generated tsconfig to avoid errors when @types/node is not installed (#15709)

  • fix: prefer pages over endpoints when prerendering (#16076)

  • fix: restore snapshots after afterNavigate callbacks (#16066)

  • fix: support ws:/wss: and trusted-types-eval for CSP sources (#15938)

  • fix: omit empty file inputs from remote form data (#15898)

  • fix: fail early if a route with +page and +server is marked as prerenderable (#16075)

  • fix: wait a tick before resetting forms (#15805)

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.66.0

Minor Changes

  • feat: precompress prerendered .md and .mdx files (#15893)

  • feat: warn the user when they forget to make boolean inputs optional in their form schemas (#15804)

Patch Changes

  • fix: blur active element before component update during navigation so that blur/focusout handlers fire while old component data is still valid (#15452)

  • fix: ensure base is available from $service-worker during development (#15882)

  • fix: use correct relative asset paths when rendering an error page for a missing __data.json request (#15884)

  • fix: preserve active for await consumers across query.live reconnects (#16022)

  • fix: settle query.live reconnect promise on all exit paths, preventing invalidateAll() from deadlocking when a live query is offline or interrupted (#16022)

  • fix: preserve last value when a query.live stream completes without yielding on reconnect (#16022)

  • fix: remove types: ['node'] from generated tsconfig to avoid errors when @types/node is not installed (#15709)

  • fix: prefer pages over endpoints when prerendering (#16076)

  • fix: restore snapshots after afterNavigate callbacks (#16066)

  • fix: support ws:/wss: and trusted-types-eval for CSP sources (#15938)

  • fix: omit empty file inputs from remote form data (#15898)

  • fix: fail early if a route with +page and +server is marked as prerenderable (#16075)

  • fix: wait a tick before resetting forms (#15805)

... (truncated)

Commits
  • 4c9b8f1 Version Packages (#16062)
  • 276744d fix: preflight schemas apply correctly when chained before for (#15863)
  • e8c8d84 chore: DRY out __sveltekit_xyz123 stuff (#16085)
  • 4eabadc fix: fail early if a route with +page and +server is marked as prerendera...
  • de47227 chore: correctly type keys of the URL object (#16078)
  • f8c842c fix: prefer pages over endpoints when prerendering (#16076)
  • 63f1b0b fix: blur active element before component update during navigation (#15452)
  • 860b3c7 fix: remove types: ['node'] from generated tsconfig (#15709)
  • 8740132 fix: show error.html when root layout load() throws in SPA mode (#15798)
  • 0d8ef59 chore: await web-first assertions in basics client tests (#16068)
  • Additional commits viewable in compare view

Updates @tailwindcss/vite from 4.3.0 to 4.3.1

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.3.1

Added

  • Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

  • Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)
  • Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)
  • Allow @apply to be used with CSS mixins (#19427)
  • Ensure not-* correctly negates @container queries, including style(…) queries (#20059)
  • Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)
  • Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)
  • Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)
  • Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)]px-[calc(1rem+0)]) (#20127)
  • Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px]left-[99999px], not left-24999.75) (#20130)
  • Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)
  • Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)
  • Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)
  • Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)
  • Allow @variant to be used inside addBase (#19480)
  • Ensure @source globs with symlinks are preserved (#20203)
  • Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)
  • Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)
  • Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)
  • Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)
  • Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)
  • Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)]w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)
  • Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

  • Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)
  • Generate var(--spacing) instead of calc(var(--spacing) * 1) for spacing utilities like m-1 and left-1 (#20196)
Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.3.1] - 2026-06-12

Added

  • Add --silent option to suppress output in @tailwindcss/cli (#20100)

Fixed

  • Remove deprecation warnings by using Module#registerHooks instead of Module#register on Node 26+ (#20028)
  • Canonicalization: don't crash when plugin utilities throw for unsupported values (#20052)
  • Allow @apply to be used with CSS mixins (#19427)
  • Ensure not-* correctly negates @container queries, including style(…) queries (#20059)
  • Ensure drop-shadow-* color utilities work with custom shadow values containing calc(…) (#20080)
  • Fix 'Sourcemap is likely to be incorrect' warnings when using @tailwindcss/vite (#20103)
  • Ensure @tailwindcss/webpack can be installed in Rspack projects without requiring webpack as a peer dependency (#20027)
  • Canonicalization: don't suggest invalid calc(…) expressions (e.g. px-[calc(1rem+0px)]px-[calc(1rem+0)]) (#20127)
  • Canonicalization: avoid suggesting large spacing-scale values for arbitrary lengths (e.g. left-[99999px]left-[99999px], not left-24999.75) (#20130)
  • Ensure @tailwindcss/cli in --watch mode recovers when a tracked dependency is deleted and restored (#20137)
  • Ensure standalone @tailwindcss/cli binaries are ignored when scanning for class candidates (#20139)
  • Ensure class candidates are extracted from Twig addClass(…) and removeClass(…) calls (#20198)
  • Don't crash in the Ruby or Vue preprocessors when scanning files containing invalid UTF-8 bytes (#19588)
  • Allow @variant to be used inside addBase (#19480)
  • Ensure @source globs with symlinks are preserved (#20203)
  • Ensure later @source rules can re-include files excluded by earlier @source not rules (#20203)
  • Upgrade: don't migrate empty class rules to invalid @utility rules (#20205)
  • Ensure transitions between inset-shadow-none and other inset shadows work correctly (#20208)
  • Ensure explicitly referenced @source directories are scanned even when ignored by git (#20214)
  • Ensure @source globs ending in **/* preserve dynamic path segments to avoid scanning too many files (#20217)
  • Canonicalization: don't fold calc(…) divisions when the result would require high precision (e.g. w-[calc(100%/3.5)]w-[calc(100%/3.5)], not w-[28.571428571428573%]) (#20221)
  • Serve ESM type declarations to ESM importers of @tailwindcss/postcss (#20228)

Changed

  • Generate 0 instead of calc(var(--spacing) * 0) for spacing utilities like m-0 and left-0 (#20196)
  • Generate var(--spacing) instead of calc(var(--spacing) * 1) for spacing utilities like m-1 and left-1 (#20196)
Commits

Updates eslint from 10.4.1 to 10.5.0

Release notes

Sourced from eslint's releases.

v10.5.0

Features

  • 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)
  • b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)
  • 2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)
  • 732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)
  • f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)
  • bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)
  • c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

  • 8ae1b5b docs: Update README (GitHub Actions Bot)
  • ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962) (Francesco Trotta)
  • f99b47a docs: Update README (GitHub Actions Bot)
  • acf03d4 docs: clarify precedence of parserOptions over languageOptions (#20926) (sethamus)

Chores

  • b18bf58 chore: update ecosystem plugins (#20959) (ESLint Bot)
  • c2d1444 refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (#20951) (Taejin Kim)
  • 243b8c5 chore: enhance config-rule to support oneOf, anyOf, and nested schemas (#20788) (kuldeep kumar)
  • 217b2a9 test: add unit tests for ParserService (#20949) (Taejin Kim)
  • 72003e7 test: add location information to error messages in max-statements (#20945) (lumir)
  • 7797c26 refactor: deduplicate isAnySegmentReachable across rules (#20890) (Taejin Kim)
  • 67c46fa chore: update ecosystem plugins (#20938) (ESLint Bot)
  • 95d8c7a chore: update dependency @​eslint/json to v2 (#20934) (renovate[bot])
  • cf9e496 chore: update @​arethetypeswrong/cli to 0.18.3 (#20933) (Pixel998)
  • fb6d396 test: run type tests with TypeScript 7 (#20868) (sethamus)
Commits

Updates prettier from 3.8.3 to 3.8.4

Release notes

Sourced from prettier's releases.

3.8.4

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

<!-- Input -->
- a


b


c

d



<!-- Prettier 3.8.3 -->

a

b


c

d



<!-- Prettier 3.8.4 -->


a

b



c

d
Commits
  • 1c6ba55 Release 3.8.4
  • 4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
  • 074aaed Replace main branch in changelog link with tags (#19054)
  • c22a003 Bump Prettier dependency to 3.8.3
  • 07bad1f Clean changelog_unreleased
  • See full diff in Description has been truncated

…updates

Bumps the all-minor-patch group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@unovis/svelte](https://github.com/f5/unovis/tree/HEAD/packages/svelte) | `1.6.5` | `1.6.6` |
| [@unovis/ts](https://github.com/f5/unovis/tree/HEAD/packages/ts) | `1.6.5` | `1.6.6` |
| [dexie](https://github.com/dexie/Dexie.js) | `4.4.3` | `4.4.4` |
| [@inlang/paraglide-js](https://github.com/opral/paraglide-js) | `2.18.2` | `2.20.1` |
| [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.63.0` | `2.66.0` |
| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.0` | `4.3.1` |
| [eslint](https://github.com/eslint/eslint) | `10.4.1` | `10.5.0` |
| [prettier](https://github.com/prettier/prettier) | `3.8.3` | `3.8.4` |
| [semantic-release](https://github.com/semantic-release/semantic-release) | `25.0.3` | `25.0.5` |
| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.3.0` | `4.3.1` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.60.1` | `8.61.1` |



Updates `@unovis/svelte` from 1.6.5 to 1.6.6
- [Release notes](https://github.com/f5/unovis/releases)
- [Commits](https://github.com/f5/unovis/commits/1.6.6/packages/svelte)

Updates `@unovis/ts` from 1.6.5 to 1.6.6
- [Release notes](https://github.com/f5/unovis/releases)
- [Commits](https://github.com/f5/unovis/commits/1.6.6/packages/ts)

Updates `dexie` from 4.4.3 to 4.4.4
- [Release notes](https://github.com/dexie/Dexie.js/releases)
- [Commits](dexie/Dexie.js@v4.4.3...v4.4.4)

Updates `@inlang/paraglide-js` from 2.18.2 to 2.20.1
- [Changelog](https://github.com/opral/paraglide-js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/opral/paraglide-js/commits)

Updates `@sveltejs/kit` from 2.63.0 to 2.66.0
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/kit@2.66.0/packages/kit)

Updates `@tailwindcss/vite` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/@tailwindcss-vite)

Updates `eslint` from 10.4.1 to 10.5.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.4.1...v10.5.0)

Updates `prettier` from 3.8.3 to 3.8.4
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.8.3...3.8.4)

Updates `semantic-release` from 25.0.3 to 25.0.5
- [Release notes](https://github.com/semantic-release/semantic-release/releases)
- [Commits](semantic-release/semantic-release@v25.0.3...v25.0.5)

Updates `tailwindcss` from 4.3.0 to 4.3.1
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.1/packages/tailwindcss)

Updates `typescript-eslint` from 8.60.1 to 8.61.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.1/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: "@unovis/svelte"
  dependency-version: 1.6.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: "@unovis/ts"
  dependency-version: 1.6.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: dexie
  dependency-version: 4.4.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: "@inlang/paraglide-js"
  dependency-version: 2.20.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-minor-patch
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.66.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-minor-patch
- dependency-name: "@tailwindcss/vite"
  dependency-version: 4.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: eslint
  dependency-version: 10.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-minor-patch
- dependency-name: prettier
  dependency-version: 3.8.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: semantic-release
  dependency-version: 25.0.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: tailwindcss
  dependency-version: 4.3.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-minor-patch
- dependency-name: typescript-eslint
  dependency-version: 8.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 21, 2026
@dependabot dependabot Bot requested a review from SkeLLLa as a code owner June 21, 2026 22:07
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 21, 2026
@socket-security

Copy link
Copy Markdown

@socket-security

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @typescript-eslint/eslint-plugin is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/typescript-eslint@8.61.1npm/@typescript-eslint/eslint-plugin@8.61.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.61.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm js-yaml is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/semantic-release@25.0.5npm/js-yaml@4.2.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/js-yaml@4.2.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@codecov

codecov Bot commented Jun 21, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 91.47%. Comparing base (9838f8a) to head (83f726f).
⚠️ Report is 3 commits behind head on master.

Additional details and impacted files
@@           Coverage Diff           @@
##           master      #40   +/-   ##
=======================================
  Coverage   91.47%   91.47%           
=======================================
  Files          42       42           
  Lines        6173     6173           
  Branches      481      481           
=======================================
  Hits         5647     5647           
  Misses        504      504           
  Partials       22       22           
Flag Coverage Δ
js_open_source 91.47% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@SkeLLLa SkeLLLa merged commit 1ac15ad into master Jun 22, 2026
11 checks passed
@SkeLLLa SkeLLLa deleted the dependabot/npm_and_yarn/all-minor-patch-246300836d branch June 22, 2026 08:07
@github-actions

Copy link
Copy Markdown

🎉 This PR is included in version 1.25.2 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code released

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant