NPM: Bump the npm-dependencies group with 4 updates

[dependabot]

Bumps the npm-dependencies group with 4 updates: mermaid, vega, vega-tooltip and esbuild.

Updates mermaid from 11.11.0 to 11.12.0

Release notes

Sourced from mermaid's releases.

[email protected]

Minor Changes

• #6921 764b315 Thanks @​quilicicf! - feat: Add IDs in architecture diagrams

Patch Changes

• #6950 a957908 Thanks @​shubhamparikh2704! - chore: Fix mindmap rendering in docs and apply tidytree layout

• #6826 1d36810 Thanks @​darshanr0107! - fix: Ensure edge label color is applied when using classDef with edge IDs

• #6945 d318f1a Thanks @​darshanr0107! - fix: Resolve gantt chart crash due to invalid array length

• #6918 cfe9238 Thanks @​shubhamparikh2704! - chore: revert marked dependency from ^15.0.7 to ^16.0.0

  • Reverted marked package version to ^16.0.0 for better compatibility
  • This is a dependency update that maintains API compatibility
  • All tests pass with the updated version

Commits

• 0116b27 Merge pull request #6961 from mermaid-js/changeset-release/master
• 634f336 Version Packages
• 37e3a69 Merge pull request #6956 from mermaid-js/develop
• 0de0b06 Merge pull request #6958 from dijitali/fix/arch-icon-docs
• 619515e Merge pull request #6925 from mermaid-js/renovate/patch-all-patch
• 59c8b07 Merge branch 'develop' of https://github.com/mermaid-js/mermaid into renovate...
• 9e72bbf Merge pull request #6955 from mermaid-js/sidv/updateArgos
• 2a2c46f chore: Update argos to 6.1.1
• f25df35 Merge pull request #6959 from mermaid-js/remove-changeset
• 398345a chore: remove duplicate changeset file
• Additional commits viewable in compare view

Updates vega from 6.1.2 to 6.2.0

Commits

• 4dea729 chore: v6.2.0 (#4126)
• fff016b Merge commit from fork
• 7971816 fix: replace all problematic Unicode characters (#4130)
• 8c1d17a fix: fix handling of null values in stringValue (#4127)
• 4ac16df fix: Typo in codegen expression (#4128)
• f5c1f43 feat: use blazediff to speed up visual diffs (#4125)
• 81a72cb Merge commit from fork
• 9e3f408 chore(deps-dev): bump @​babel/core from 7.28.0 to 7.28.3 (#4123)
• 158d62e chore(deps-dev): bump rollup from 4.44.1 to 4.50.0 (#4124)
• 248718b chore(deps-dev): bump typescript from 5.8.3 to 5.9.2 (#4122)
• Additional commits viewable in compare view

Updates vega-tooltip from 1.0.0 to 1.1.0

Release notes

Sourced from vega-tooltip's releases.

Release 1.1.0

1.1.0 (2025-09-18)

Bug Fixes

• install jsdom (2fa4ef9)
• update versions in specs (#1028) (7e20bb2)

Features

• Support newlines (#1075) (f8b83a3)

Changelog

Sourced from vega-tooltip's changelog.

1.1.0 (2025-09-18)

Bug Fixes

• install jsdom (2fa4ef9)
• update versions in specs (#1028) (7e20bb2)

Features

• Support newlines (#1075) (f8b83a3)

Commits

• 52a59e3 chore: release v1.1.0
• 2fa4ef9 fix: install jsdom
• 3c4c1cf chore: update deps
• f8b83a3 feat: Support newlines (#1075)
• 0cd9257 chore(deps): bump tmp and @​inquirer/editor (#1087)
• 4192350 chore(deps-dev): bump vite from 7.0.6 to 7.1.5 (#1086)
• a815afa chore(deps-dev): bump eslint-config-prettier from 10.1.5 to 10.1.8 (#1076)
• ed21e97 chore(deps-dev): bump eslint from 9.30.1 to 9.32.0 (#1077)
• e49983d chore(deps-dev): bump typescript-eslint from 8.35.1 to 8.38.0 (#1078)
• 5f4cb3a chore(deps-dev): bump @​eslint/js from 9.30.1 to 9.32.0 (#1079)
• Additional commits viewable in compare view

Updates esbuild from 0.25.9 to 0.25.10

Release notes

Sourced from esbuild's releases.

v0.25.10

• Fix a panic in a minification edge case (#4287)

  This release fixes a panic due to a null pointer that could happen when esbuild inlines a doubly-nested identity function and the final result is empty. It was fixed by emitting the value undefined in this case, which avoids the panic. This case must be rare since it hasn't come up until now. Here is an example of code that previously triggered the panic (which only happened when minifying):

  function identity(x) { return x }
  identity({ y: identity(123) })

• Fix @supports nested inside pseudo-element (#4265)

  When transforming nested CSS to non-nested CSS, esbuild is supposed to filter out pseudo-elements such as ::placeholder for correctness. The CSS nesting specification says the following:

  The nesting selector cannot represent pseudo-elements (identical to the behavior of the ':is()' pseudo-class). We’d like to relax this restriction, but need to do so simultaneously for both ':is()' and '&', since they’re intentionally built on the same underlying mechanisms.

  However, it seems like this behavior is different for nested at-rules such as @supports, which do work with pseudo-elements. So this release modifies esbuild's behavior to now take that into account:

  /* Original code */
  ::placeholder {
    color: red;
    body & { color: green }
    @supports (color: blue) { color: blue }
  }
  /* Old output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  {
  color: blue;
  }
  }
  /* New output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  ::placeholder {
  color: blue;
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.25.10

• Fix a panic in a minification edge case (#4287)

  This release fixes a panic due to a null pointer that could happen when esbuild inlines a doubly-nested identity function and the final result is empty. It was fixed by emitting the value undefined in this case, which avoids the panic. This case must be rare since it hasn't come up until now. Here is an example of code that previously triggered the panic (which only happened when minifying):

  function identity(x) { return x }
  identity({ y: identity(123) })

• Fix @supports nested inside pseudo-element (#4265)

  When transforming nested CSS to non-nested CSS, esbuild is supposed to filter out pseudo-elements such as ::placeholder for correctness. The CSS nesting specification says the following:

  The nesting selector cannot represent pseudo-elements (identical to the behavior of the ':is()' pseudo-class). We’d like to relax this restriction, but need to do so simultaneously for both ':is()' and '&', since they’re intentionally built on the same underlying mechanisms.

  However, it seems like this behavior is different for nested at-rules such as @supports, which do work with pseudo-elements. So this release modifies esbuild's behavior to now take that into account:

  /* Original code */
  ::placeholder {
    color: red;
    body & { color: green }
    @supports (color: blue) { color: blue }
  }
  /* Old output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  {
  color: blue;
  }
  }
  /* New output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  ::placeholder {
  color: blue;

... (truncated)

Commits

• d6b668f publish 0.25.10 to npm
• 5088c19 refactor: use strings.Builder (#4290)
• 755da31 run make update-compat-table
• a1d9c86 fix #4287: marked the wrong issue as fixed
• 73a0b2a fix #4286: minifier panic due to identity function
• 134dadf fix #4265: @supports nested inside ::pseudo
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions