build(deps): bump the all-dependencies group with 9 updates

[dependabot]

Bumps the all-dependencies group with 9 updates:

Package	From	To
@sentry/react	10.38.0	10.39.0
mysql2	3.17.1	3.17.2
openai	6.21.0	6.22.0
@redocly/cli	2.18.1	2.18.2
jsdom	28.0.0	28.1.0
rimraf	6.1.2	6.1.3
@typescript-eslint/eslint-plugin	8.55.0	8.56.0
@typescript-eslint/parser	8.55.0	8.56.0
postcss-loader	8.2.0	8.2.1

Updates @sentry/react from 10.38.0 to 10.39.0

Release notes

Sourced from @​sentry/react's releases.

10.39.0

Important Changes

• feat(tanstackstart-react): Auto-instrument server function middleware (#19001)

  The sentryTanstackStart Vite plugin now automatically instruments middleware in createServerFn().middleware([...]) calls. This captures performance data without requiring manual wrapping with wrapMiddlewaresWithSentry().

• feat(nextjs): New experimental automatic vercel cron monitoring (#19192)

  Setting _experimental.vercelCronMonitoring to true in your Sentry configuration will automatically create Sentry cron monitors for your Vercel Cron Jobs.

  Please note that this is an experimental unstable feature and subject to change.

  // next.config.ts
  export default withSentryConfig(nextConfig, {
    _experimental: {
      vercelCronMonitoring: true,
    },
  });

• feat(node-core): Add node-core/light (#18502)

  This release adds a new light-weight @sentry/node-core/light export to @sentry/node-core. The export acts as a light-weight SDK that does not depend on OpenTelemetry and emits no spans.

  Use this SDK when:

  • You only need error tracking, logs or metrics without tracing data (no spans)
  • You want to minimize bundle size and runtime overhead
  • You don't need spans emitted by OpenTelemetry instrumentation

  It supports error tracking and reporting, logs, metrics, automatic request isolation (requires Node.js 22+) and basic tracing via our Sentry.startSpan* APIs.

  Install the SDK by running

  npm install @sentry/node-core

  and add Sentry at the top of your application's entry file:

  import * as Sentry from '@sentry/node-core/light';
  Sentry.init({
  dsn: 'DSN',
  });

Other Changes

... (truncated)

Changelog

Sourced from @​sentry/react's changelog.

10.39.0

Important Changes

• feat(tanstackstart-react): Auto-instrument server function middleware (#19001)

  The sentryTanstackStart Vite plugin now automatically instruments middleware in createServerFn().middleware([...]) calls. This captures performance data without requiring manual wrapping with wrapMiddlewaresWithSentry().

• feat(nextjs): New experimental automatic vercel cron monitoring (#19192)

  Setting _experimental.vercelCronMonitoring to true in your Sentry configuration will automatically create Sentry cron monitors for your Vercel Cron Jobs.

  Please note that this is an experimental unstable feature and subject to change.

  // next.config.ts
  export default withSentryConfig(nextConfig, {
    _experimental: {
      vercelCronMonitoring: true,
    },
  });

• feat(node-core): Add node-core/light (#18502)

  This release adds a new light-weight @sentry/node-core/light export to @sentry/node-core. The export acts as a light-weight SDK that does not depend on OpenTelemetry and emits no spans.

  Use this SDK when:

  • You only need error tracking, logs or metrics without tracing data (no spans)
  • You want to minimize bundle size and runtime overhead
  • You don't need spans emitted by OpenTelemetry instrumentation

  It supports error tracking and reporting, logs, metrics, automatic request isolation (requires Node.js 22+) and basic tracing via our Sentry.startSpan* APIs.

  Install the SDK by running

  npm install @sentry/node-core

  and add Sentry at the top of your application's entry file:

  import * as Sentry from '@sentry/node-core/light';
  Sentry.init({
  dsn: 'DSN',
  });

... (truncated)

Commits

• ab54c5c Make @sentry/opentelemetry not a peer dep in node-core
• f822e69 chore: Lint lerna.json
• c4708d2 release: 10.39.0
• b5e3094 chore: Revert to lerna v8 (#19294)
• 9dea581 Merge pull request #19281 from getsentry/prepare-release/10.39.0
• 12e467f meta(changelog): Update changelog for 10.39.0
• d7df7d4 ref(sveltekit): Use untrack to read route id without invalidation (#19272)
• 24b2ef2 fix(sveltekit): Detect used adapter via svelte.config.js (#19270)
• e051be4 feat(node-core): Add outgoing fetch trace propagation to light mode (#19262)
• eaf297f ref(core): Move shouldPropagateTraceForUrl from opentelemetry to core (#19258)
• Additional commits viewable in compare view

Updates mysql2 from 3.17.1 to 3.17.2

Release notes

Sourced from mysql2's releases.

v3.17.2

3.17.2 (2026-02-16)

Bug Fixes

• format: distinguish delimiters in queries from SQL comments (#4084) (454ba10)
• pool: discard connection on error 1290 (Aurora read-only failure) (#4075) (9188963)
• pool: handle all read-only errors during Aurora failover (#4082) (ce98d8e)

Changelog

Sourced from mysql2's changelog.

3.17.2 (2026-02-16)

Bug Fixes

• distinguish delimiters in queries from SQL comments (#4084) (454ba10)
• pool: discard connection on error 1290 (Aurora read-only failure) (#4075) (9188963)
• pool: handle all read-only errors during Aurora failover (#4082) (ce98d8e)

Commits

• 9a37ff3 chore(master): release 3.17.2 (#4081)
• 454ba10 fix: distinguish delimiters in queries from SQL comments (#4084)
• ce98d8e fix(pool): handle all read-only errors during Aurora failover (#4082)
• 9188963 fix(pool): discard connection on error 1290 (Aurora read-only failure) (#4075)
• efbd419 build(deps): bump @​easyops-cn/docusaurus-search-local in /website (#4079)
• 91bdb02 build(deps): bump lucide-react from 0.563.0 to 0.564.0 in /website (#4078)
• See full diff in compare view

Updates openai from 6.21.0 to 6.22.0

Release notes

Sourced from openai's releases.

v6.22.0

6.22.0 (2026-02-14)

Full Changelog: v6.21.0...v6.22.0

Features

• api: container network_policy and skills (65c1482)

Bug Fixes

• docs: restore helper methods in API reference (3a4c189)
• webhooks: restore webhook type exports (49bbf46)

Chores

• internal: avoid type checking errors with ts-reset (4b0d1f2)

Documentation

• split api.md by standalone resources (48e07d6)
• update comment (e3a1ea0)

Changelog

Sourced from openai's changelog.

6.22.0 (2026-02-14)

Full Changelog: v6.21.0...v6.22.0

Features

• api: container network_policy and skills (65c1482)

Bug Fixes

• docs: restore helper methods in API reference (3a4c189)
• webhooks: restore webhook type exports (49bbf46)

Chores

• internal: avoid type checking errors with ts-reset (4b0d1f2)

Documentation

• split api.md by standalone resources (48e07d6)
• update comment (e3a1ea0)

Commits

• fe49a7b release: 6.22.0
• 07d1636 fix(docs): restore helper methods in API reference
• 8ed3a89 test(types): guard legacy resource type exports
• 2b67577 fix(webhooks): restore webhook type exports
• 61193fe feat(api): container network_policy and skills
• 71c9c98 docs: split api.md by standalone resources
• cf3fe4a codegen metadata
• 0579289 codegen metadata
• aacec4b chore(internal): avoid type checking errors with ts-reset
• 32e3a41 docs: update comment
• See full diff in compare view

Updates @redocly/cli from 2.18.1 to 2.18.2

Release notes

Sourced from @​redocly/cli's releases.

@​redocly/cli@​2.18.2

Patch Changes

• Fixed false positive errors in example validation for OpenAPI 3.0.x and OpenAPI 2.x.
• Updated @​redocly/openapi-core to v2.18.2.

Commits

• 23ef7c4 chore: 🔖 release new versions (#2566)
• 3478262 chore: update coverage thresholds and add new CLI versions into benchmark (#2...
• fc0e99e chore: update openapi-sampler version (#2567)
• 2d2747a fix: use correct schema dialect for oas3.0.x and oas2.x (#2564)
• b83bb0a chore: update npm engine to v11 (#2562)
• See full diff in compare view

Updates jsdom from 28.0.0 to 28.1.0

Release notes

Sourced from jsdom's releases.

Version 28.1.0

• Added blob.text(), blob.arrayBuffer(), and blob.bytes() methods.
• Improved getComputedStyle() to account for CSS specificity when multiple rules apply. (asamuzaK)
• Improved synchronous XMLHttpRequest performance by using a persistent worker thread, avoiding ~400ms of setup overhead on every synchronous request after the first one.
• Improved performance of node.getRootNode(), node.isConnected, and event.dispatchEvent() by caching the root node of document-connected trees.
• Fixed getComputedStyle() to correctly handle !important priority. (asamuzaK)
• Fixed document.getElementById() to return the first element in tree order when multiple elements share the same ID.
• Fixed <svg> elements to no longer incorrectly proxy event handlers to the Window.
• Fixed FileReader event timing and fileReader.result state to more closely follow the spec.
• Fixed a potential hang when synchronous XMLHttpRequest encountered dispatch errors.
• Fixed compatibility with environments where Node.js's built-in fetch() has been used before importing jsdom, by working around undici v6/v7 incompatibilities.

Changelog

Sourced from jsdom's changelog.

28.1.0

• Added blob.text(), blob.arrayBuffer(), and blob.bytes() methods.
• Improved getComputedStyle() to account for CSS specificity when multiple rules apply. (asamuzaK)
• Improved synchronous XMLHttpRequest performance by using a persistent worker thread, avoiding ~400ms of setup overhead on every synchronous request after the first one.
• Improved performance of node.getRootNode(), node.isConnected, and event.dispatchEvent() by caching the root node of document-connected trees.
• Fixed getComputedStyle() to correctly handle !important priority. (asamuzaK)
• Fixed document.getElementById() to return the first element in tree order when multiple elements share the same ID.
• Fixed <svg> elements to no longer incorrectly proxy event handlers to the Window.
• Fixed FileReader event timing and fileReader.result state to more closely follow the spec.
• Fixed a potential hang when synchronous XMLHttpRequest encountered dispatch errors.
• Fixed compatibility with environments where Node.js's built-in fetch() has been used before importing jsdom, by working around undici v6/v7 incompatibilities.

Commits

• 12949b5 Version 28.1.0
• ce4c58f Apply CSS specificity when computing styles
• 7ed55a0 Skip single-byte-decoder encoding tests on Node 20
• f3b1973 Generalize node version conditions in test expectations
• 853c596 Rewrite getElementById ID caching for tree-order correctness
• 5fbfde6 Fix potential sync XHR worker hang from unhandled dispatch errors
• 82df38f Cache the root node for document-connected trees
• ed7c5c0 Add documentation comment to create-event-accessor.js
• b4562e9 Simplify Window.js installEventHandlers
• 7da340f Centralize "determine the target of an event handler"
• Additional commits viewable in compare view

Updates rimraf from 6.1.2 to 6.1.3

Commits

• f738c78 6.1.3
• a164a85 update deps
• 4635ba7 update deps
• 509c53f limit ci workflow permissions
• 68ce04f formatting
• 37680c5 add warning to not pass untrusted input to this method ever
• 786563d remove contributing doc, already covered by .github repo
• dbeef73 contributing
• 84d27af update workflows and standard project junk
• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.55.0 to 8.56.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.56.0

8.56.0 (2026-02-16)

🚀 Features

• support ESLint v10 (#12057)

🩹 Fixes

• use parser options from context.languageOptions (#12043)

❤️ Thank You

• Brad Zacher @​bradzacher
• fnx @​DMartens
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.56.0 (2026-02-16)

🚀 Features

• support ESLint v10 (#12057)

🩹 Fixes

• use parser options from context.languageOptions (#12043)

❤️ Thank You

• Brad Zacher @​bradzacher
• fnx @​DMartens
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 8b8b68f chore(release): publish 8.56.0
• 68a074f feat: support ESLint v10 (#12057)
• c0a359d fix: use parser options from context.languageOptions (#12043)
• See full diff in compare view

Updates @typescript-eslint/parser from 8.55.0 to 8.56.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.56.0

8.56.0 (2026-02-16)

🚀 Features

• support ESLint v10 (#12057)

🩹 Fixes

• use parser options from context.languageOptions (#12043)

❤️ Thank You

• Brad Zacher @​bradzacher
• fnx @​DMartens
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.56.0 (2026-02-16)

🚀 Features

• support ESLint v10 (#12057)

❤️ Thank You

• Brad Zacher @​bradzacher
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 8b8b68f chore(release): publish 8.56.0
• 68a074f feat: support ESLint v10 (#12057)
• See full diff in compare view

Updates postcss-loader from 8.2.0 to 8.2.1

Release notes

Sourced from postcss-loader's releases.

v8.2.1

8.2.1 (2026-02-15)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#717) (a3ed7e2)

Changelog

Sourced from postcss-loader's changelog.

8.2.1 (2026-02-15)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#717) (a3ed7e2)

Commits

• 583677e chore(release): 8.2.1
• a3ed7e2 fix: update peer dependency for @​rspack/core v2 (#717)
• c984ff4 test: fix (#715)
• cc01d2b ci: fix
• d4faa34 docs: update contributing
• b1e4fa5 chore: correct link (#713)
• d990168 chore: migration to main org and branch (#712)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions