Skip to content

build(deps): Bump the patch-minor group with 9 updates#652

Merged
evadecker merged 1 commit intomainfrom
dependabot/npm_and_yarn/patch-minor-9853f4406b
Nov 5, 2025
Merged

build(deps): Bump the patch-minor group with 9 updates#652
evadecker merged 1 commit intomainfrom
dependabot/npm_and_yarn/patch-minor-9853f4406b

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 3, 2025

Bumps the patch-minor group with 9 updates:

Package From To
@astrojs/db 0.18.1 0.18.2
@astrojs/mdx 4.3.8 4.3.9
@astrojs/react 4.4.0 4.4.1
astro 5.15.1 5.15.3
dayjs 1.11.18 1.11.19
@biomejs/biome 2.3.1 2.3.2
@types/node 24.9.1 24.10.0
html-validate 10.2.1 10.3.0
sass 1.93.2 1.93.3

Updates @astrojs/db from 0.18.1 to 0.18.2

Release notes

Sourced from @​astrojs/db's releases.

@​astrojs/db@​0.18.2

Patch Changes

Changelog

Sourced from @​astrojs/db's changelog.

0.18.2

Patch Changes

Commits

Updates @astrojs/mdx from 4.3.8 to 4.3.9

Release notes

Sourced from @​astrojs/mdx's releases.

@​astrojs/mdx@​4.3.9

Patch Changes

Changelog

Sourced from @​astrojs/mdx's changelog.

4.3.9

Patch Changes

Commits

Updates @astrojs/react from 4.4.0 to 4.4.1

Release notes

Sourced from @​astrojs/react's releases.

@​astrojs/react@​4.4.1

Patch Changes

Changelog

Sourced from @​astrojs/react's changelog.

4.4.1

Patch Changes

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​astrojs/react since your current version.


Updates astro from 5.15.1 to 5.15.3

Release notes

Sourced from astro's releases.

astro@5.15.3

Patch Changes

  • #14627 b368de0 Thanks @​matthewp! - Fixes skew protection support for images and font URLs

    Adapter-level query parameters (assetQueryParams) are now applied to all image and font asset URLs, including:

    • Dynamic optimized images via /_image endpoint
    • Static optimized image files
    • Font preload tags and font requests when using the experimental Fonts API
  • #14631 3ad33f9 Thanks @​KurtGokhan! - Adds the astro/jsx-dev-runtime export as an alias for astro/jsx-runtime

astro@5.15.2

Patch Changes

  • #14623 c5fe295 Thanks @​delucis! - Fixes a leak of server runtime code when importing SVGs in client-side code. Previously, when importing an SVG file in client code, Astro could end up adding code for rendering SVGs on the server to the client bundle.

  • #14621 e3175d9 Thanks @​GameRoMan! - Updates vite version to fix CVE

Changelog

Sourced from astro's changelog.

5.15.3

Patch Changes

  • #14627 b368de0 Thanks @​matthewp! - Fixes skew protection support for images and font URLs

    Adapter-level query parameters (assetQueryParams) are now applied to all image and font asset URLs, including:

    • Dynamic optimized images via /_image endpoint
    • Static optimized image files
    • Font preload tags and font requests when using the experimental Fonts API
  • #14631 3ad33f9 Thanks @​KurtGokhan! - Adds the astro/jsx-dev-runtime export as an alias for astro/jsx-runtime

5.15.2

Patch Changes

  • #14623 c5fe295 Thanks @​delucis! - Fixes a leak of server runtime code when importing SVGs in client-side code. Previously, when importing an SVG file in client code, Astro could end up adding code for rendering SVGs on the server to the client bundle.

  • #14621 e3175d9 Thanks @​GameRoMan! - Updates vite version to fix CVE

Commits

Updates dayjs from 1.11.18 to 1.11.19

Release notes

Sourced from dayjs's releases.

v1.11.19

1.11.19 (2025-10-31)

Bug Fixes

  • added usage warnings for diff + updated unit tests (#2948) (269a7a9)
  • dont instantiate regexes within ar locale functions to avoid performance overhead (#2898) (af5e9f0)
  • replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#2930) (9e9f76c)
  • Updated Belarusian locale with relative time (#2656) (1d8746c)
Changelog

Sourced from dayjs's changelog.

1.11.19 (2025-10-31)

Bug Fixes

  • added usage warnings for diff + updated unit tests (#2948) (269a7a9)
  • dont instantiate regexes within ar locale functions to avoid performance overhead (#2898) (af5e9f0)
  • replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#2930) (9e9f76c)
  • Updated Belarusian locale with relative time (#2656) (1d8746c)
Commits

Updates @biomejs/biome from 2.3.1 to 2.3.2

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.2

2.3.2

Patch Changes

  • #7859 c600618 Thanks @​Netail! - Added the nursery rule noIncrementDecrement, disallows the usage of the unary operators ++ and --.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome couldn't properly parse text expressions that contained nested curly brackets. This was breaking parsing in Astro and Svelte files.

  • #7874 e617d36 Thanks @​Bertie690! - Fixed #7230: noUselessStringConcat no longer emits false positives for multi-line strings with leading + operators.

    Previously, the rule did not check for leading newlines on the + operator, emitting false positives if one occurred at the start of a line.
    Notably, formatting with operatorLinebreak="before" would move the + operators to the start of lines automatically, resulting in spurious errors whenever a multi-line string was used.

    Now, the rule correctly detects and ignores multi-line concatenations with leading operators as well, working regardless of the setting of operatorLinebreak.

    Example

    // The following code used to error if the `+` operators were at the start of lines (as opposed to the end).
    // Now, the rule correctly recognizes this as a stylistic concatenation and ignores it.
    const reallyLongStringThatShouldNotError =
      "Lorem ipsum dolor sit amet consectetur adipiscing elit." +
      "Quisque faucibus ex sapien vitae pellentesque sem placerat." +
      "In id cursus mi pretium tellus duis convallis." +
      "Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla";
  • #7786 33ffcd5 Thanks @​daivinhtran! - Fixed #7601: Properly match Grit plugin's code snippet with only one child.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome Language Server panicked when opening HTML-ish files when the experimental full support is enabled.

What's Changed

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.2

Patch Changes

  • #7859 c600618 Thanks @​Netail! - Added the nursery rule noIncrementDecrement, disallows the usage of the unary operators ++ and --.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome couldn't properly parse text expressions that contained nested curly brackets. This was breaking parsing in Astro and Svelte files.

  • #7874 e617d36 Thanks @​Bertie690! - Fixed #7230: noUselessStringConcat no longer emits false positives for multi-line strings with leading + operators.

    Previously, the rule did not check for leading newlines on the + operator, emitting false positives if one occurred at the start of a line.
    Notably, formatting with operatorLinebreak="before" would move the + operators to the start of lines automatically, resulting in spurious errors whenever a multi-line string was used.

    Now, the rule correctly detects and ignores multi-line concatenations with leading operators as well, working regardless of the setting of operatorLinebreak.

    Example

    // The following code used to error if the `+` operators were at the start of lines (as opposed to the end).
    // Now, the rule correctly recognizes this as a stylistic concatenation and ignores it.
    const reallyLongStringThatShouldNotError =
      "Lorem ipsum dolor sit amet consectetur adipiscing elit." +
      "Quisque faucibus ex sapien vitae pellentesque sem placerat." +
      "In id cursus mi pretium tellus duis convallis." +
      "Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla";
  • #7786 33ffcd5 Thanks @​daivinhtran! - Fixed #7601: Properly match Grit plugin's code snippet with only one child.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome Language Server panicked when opening HTML-ish files when the experimental full support is enabled.

Commits

Updates @types/node from 24.9.1 to 24.10.0

Commits

Updates html-validate from 10.2.1 to 10.3.0

Release notes

Sourced from html-validate's releases.

v10.3.0

10.3.0 (2025-11-02)

Features

  • html5: allow <button> as first child of <select> (3de8a0f), closes #321
  • html5: allow <option> to have child content (6056325), closes #321
  • html5: support <selectedcontent> element (d3d2c22), closes #321
  • html5: support hidden="until-found" (baa033f), closes #322
  • meta: permittedOrder can take a selector list for elements with equal order requirement (b3f92c2)
  • parse <title> content as literal characters instead of HTML elements (3399ab5), closes #326

Bug Fixes

  • html5: allow blocking attribute on <link rel="expect"> (5bbabc4), closes #327
  • html5: disallow blocking attribute on <link rel="preload"> and <link rel="modulepreload"> (0a17e50)
  • html5: let <selectedcontent> fulfill the accessible text content requirement of <button> elements (d1dff73), closes #321
  • rules: ignore omitted type attribute on <button> when used as first child of <select> (1476960), closes #321
Changelog

Sourced from html-validate's changelog.

10.3.0 (2025-11-02)

Features

  • html5: allow <button> as first child of <select> (3de8a0f), closes #321
  • html5: allow <option> to have child content (6056325), closes #321
  • html5: support <selectedcontent> element (d3d2c22), closes #321
  • html5: support hidden="until-found" (baa033f), closes #322
  • meta: permittedOrder can take a selector list for elements with equal order requirement (b3f92c2)
  • parse <title> content as literal characters instead of HTML elements (3399ab5), closes #326

Bug Fixes

  • html5: allow blocking attribute on <link rel="expect"> (5bbabc4), closes #327
  • html5: disallow blocking attribute on <link rel="preload"> and <link rel="modulepreload"> (0a17e50)
  • html5: let <selectedcontent> fulfill the accessible text content requirement of <button> elements (d1dff73), closes #321
  • rules: ignore omitted type attribute on <button> when used as first child of <select> (1476960), closes #321
Commits
  • 99637f2 chore(release): 10.3.0
  • 8fbc4af Merge branch 'bugfix/link-blocking' into 'master'
  • 0a17e50 fix(html5): disallow blocking attribute on \<link rel="preload"> and `<lin...
  • 5bbabc4 fix(html5): allow blocking attribute on \<link rel="expect">
  • 0b6c61a Merge branch 'feature/hidden-until-found' into 'master'
  • baa033f feat(html5): support hidden="until-found"
  • 046de95 Merge branch 'feature/custom-select' into 'master'
  • acb874f test: test against example from mdn
  • 6056325 feat(html5): allow \<option> to have child content
  • 3de8a0f feat(html5): allow \<button> as first child of \<select>
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitLab CI/CD](https://www.npmjs.com/~GitLab CI/CD), a new releaser for html-validate since your current version.


Updates sass from 1.93.2 to 1.93.3

Release notes

Sourced from sass's releases.

Dart Sass 1.93.3

To install Sass 1.93.3, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Fix a performance regression that was introduced in 1.92.0.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.93.3

  • Fix a performance regression that was introduced in 1.92.0.
Commits
  • 4e5bd25 Stop holding onto stack traces for every CSS declaration (#2666)
  • 65b77ee Bump analyzer, protobuf, protoc_plugin and dartdoc (#2660)
  • e61936c Bump actions/setup-node from 4 to 6 (#2661)
  • b5f4c67 Bump actions/setup-node from 5 to 6 in /.github/util/initialize (#2662)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the patch-minor group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [@astrojs/db](https://github.com/withastro/astro/tree/HEAD/packages/db) | `0.18.1` | `0.18.2` |
| [@astrojs/mdx](https://github.com/withastro/astro/tree/HEAD/packages/integrations/mdx) | `4.3.8` | `4.3.9` |
| [@astrojs/react](https://github.com/withastro/astro/tree/HEAD/packages/integrations/react) | `4.4.0` | `4.4.1` |
| [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) | `5.15.1` | `5.15.3` |
| [dayjs](https://github.com/iamkun/dayjs) | `1.11.18` | `1.11.19` |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.3.1` | `2.3.2` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.9.1` | `24.10.0` |
| [html-validate](https://gitlab.com/html-validate/html-validate) | `10.2.1` | `10.3.0` |
| [sass](https://github.com/sass/dart-sass) | `1.93.2` | `1.93.3` |


Updates `@astrojs/db` from 0.18.1 to 0.18.2
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/db/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/db@0.18.2/packages/db)

Updates `@astrojs/mdx` from 4.3.8 to 4.3.9
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/mdx/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/mdx@4.3.9/packages/integrations/mdx)

Updates `@astrojs/react` from 4.4.0 to 4.4.1
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/react/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/react@4.4.1/packages/integrations/react)

Updates `astro` from 5.15.1 to 5.15.3
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/astro/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/astro@5.15.3/packages/astro)

Updates `dayjs` from 1.11.18 to 1.11.19
- [Release notes](https://github.com/iamkun/dayjs/releases)
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md)
- [Commits](iamkun/dayjs@v1.11.18...v1.11.19)

Updates `@biomejs/biome` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.3.2/packages/@biomejs/biome)

Updates `@types/node` from 24.9.1 to 24.10.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `html-validate` from 10.2.1 to 10.3.0
- [Release notes](https://gitlab.com/html-validate/html-validate/tags)
- [Changelog](https://gitlab.com/html-validate/html-validate/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/html-validate/html-validate/compare/v10.2.1...v10.3.0)

Updates `sass` from 1.93.2 to 1.93.3
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.93.2...1.93.3)

---
updated-dependencies:
- dependency-name: "@astrojs/db"
  dependency-version: 0.18.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-minor
- dependency-name: "@astrojs/mdx"
  dependency-version: 4.3.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-minor
- dependency-name: "@astrojs/react"
  dependency-version: 4.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-minor
- dependency-name: astro
  dependency-version: 5.15.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-minor
- dependency-name: dayjs
  dependency-version: 1.11.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-minor
- dependency-name: "@biomejs/biome"
  dependency-version: 2.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-minor
- dependency-name: "@types/node"
  dependency-version: 24.10.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-minor
- dependency-name: html-validate
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: patch-minor
- dependency-name: sass
  dependency-version: 1.93.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 3, 2025
@netlify
Copy link

netlify bot commented Nov 3, 2025

Deploy Preview for eva-town ready!

Name Link
🔨 Latest commit 21838dc
🔍 Latest deploy log https://app.netlify.com/projects/eva-town/deploys/690861f8910cce00080d8089
😎 Deploy Preview https://deploy-preview-652--eva-town.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse
1 paths audited
Performance: 99
Accessibility: 100
Best Practices: 100
SEO: 100
PWA: 70
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify project configuration.

@evadecker evadecker merged commit c366c96 into main Nov 5, 2025
8 checks passed
@evadecker evadecker deleted the dependabot/npm_and_yarn/patch-minor-9853f4406b branch November 5, 2025 21:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant