Bump the minor-and-patch group across 1 directory with 9 updates

[dependabot]

Bumps the minor-and-patch group with 9 updates in the / directory:

Package	From	To
@grafana/faro-react	2.2.3	2.2.4
@grafana/faro-web-sdk	2.2.3	2.2.4
@grafana/faro-web-tracing	2.2.3	2.2.4
axios	1.13.5	1.13.6
react-hook-form	7.71.1	7.71.2
unleash-client	6.9.6	6.10.1
less	4.2.0	4.5.1
msw	2.7.3	2.12.10
webpack	5.104.1	5.105.4

Updates @grafana/faro-react from 2.2.3 to 2.2.4

Changelog

Sourced from @​grafana/faro-react's changelog.

2.2.4

• Feature (@grafana/faro-instrumentation-replay [experimental]): Add recordAfter option to configure replay recording start timing (DOMContentLoaded or load), with load as the default.

• Chore (@grafana/faro-*): Updated multiple dependencies including OpenTelemetry v0.212.0 and npm-run-all2 v7 (#1900, #1899, #1891, #1902).

• Chore (demo): Updated dependency react-router to v7.12.0 to address security vulnerability (#1834).

Commits

• a86e300 v2.2.4
• 8bb59d0 chore(deps): update patch updates (#1899)
• See full diff in compare view

Updates @grafana/faro-web-sdk from 2.2.3 to 2.2.4

Changelog

Sourced from @​grafana/faro-web-sdk's changelog.

2.2.4

• Feature (@grafana/faro-instrumentation-replay [experimental]): Add recordAfter option to configure replay recording start timing (DOMContentLoaded or load), with load as the default.

• Chore (@grafana/faro-*): Updated multiple dependencies including OpenTelemetry v0.212.0 and npm-run-all2 v7 (#1900, #1899, #1891, #1902).

• Chore (demo): Updated dependency react-router to v7.12.0 to address security vulnerability (#1834).

Commits

• a86e300 v2.2.4
• f00ab44 chore(deps): update dependency eslint to v10 (#1893)
• 8bb59d0 chore(deps): update patch updates (#1899)
• db3d97b chore(deps): update patch updates (#1891)
• See full diff in compare view

Updates @grafana/faro-web-tracing from 2.2.3 to 2.2.4

Changelog

Sourced from @​grafana/faro-web-tracing's changelog.

2.2.4

• Feature (@grafana/faro-instrumentation-replay [experimental]): Add recordAfter option to configure replay recording start timing (DOMContentLoaded or load), with load as the default.

• Chore (@grafana/faro-*): Updated multiple dependencies including OpenTelemetry v0.212.0 and npm-run-all2 v7 (#1900, #1899, #1891, #1902).

• Chore (demo): Updated dependency react-router to v7.12.0 to address security vulnerability (#1834).

Commits

• a86e300 v2.2.4
• 1c7fbe0 fix(deps): update npm-dependencies (#1900)
• See full diff in compare view

Updates axios from 1.13.5 to 1.13.6

Release notes

Sourced from axios's releases.

v1.13.6

This release focuses on platform compatibility, error handling improvements, and code quality maintenance.

⚠️ Important Changes

• Breaking Changes: None identified in this release.
• Action Required: Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.

🚀 New Features

• React Native Blob Support: Axios now includes support for React Native Blob objects. Thanks to @​moh3n9595 for the initial implementation. (#5764)
• Code Quality: Implemented prettier across the codebase and resolved associated formatting issues. (#7385)

🐛 Bug Fixes

• Environment Compatibility:

  • Fixed module exports for React Native and Browserify environments. (#7386)
  • Added safe FormData detection for the WeChat Mini Program environment. (#7324)

• Error Handling:

  • AxiosError.message is now correctly enumerable. (#7392)
  • AxiosError.from now correctly copies the status property from the source error, ensuring better error propagation. (#7403)

🔧 Maintenance & Chores

• Dependencies: Updated the development_dependencies group (5 updates). (#7432)
• Infrastructure: Migrated @​rollup/plugin-babel from v5.3.1 to v6.1.0. (#7424)
• Documentation: Added missing JSDoc comments to utilities. (#7427)

🌟 New Contributors

We are thrilled to welcome our new contributors! Thank you for helping improve the project:

• @​Gudahtt (#7386)
• @​ybbus (#7392)
• @​Shiwaangee (#7324)
• @​skrtheboss (#7403)
• @​Janaka66 (#7427)
• @​moh3n9595 (#5764)
• @​digital-wizard48 (#7424)

Full Changelog: v1.13.5...v1.13.6

Commits

• 7108c88 chore(release): prepare release 1.13.6 (#7446)
• 20a0ba3 refactor(deps): migrate @​rollup/plugin-babel from v5.3.1 to v6.1.0 (#7424)
• 885b4af feat: support react native blob objects (#5764)
• 00d97b9 docs(utils): add missing JSDoc comments (#7427)
• 9712548 chore(deps-dev): bump the development_dependencies group across 1 directory w...
• d51accb fix(core): copy status from source error in AxiosError.from (#7403)
• 3e30bbf chore: fix publish to only run on v1 tags
• 672491d fix: safe FormData detection for WeChat Mini Program (#7306) (#7324)
• 822e3e4 fix: make AxiosError.message property enumerable (#7392)
• ef3711d feat: implement prettier and fix all issues (#7385)
• Additional commits viewable in compare view

Updates react-hook-form from 7.71.1 to 7.71.2

Release notes

Sourced from react-hook-form's releases.

Version 7.71.2

🕵️‍♂️ fix: use DeepPartialSkipArrayKey for WatchObserver value parameter (#13278) 🧹 fix(clearErrors): emit name signal for targeted field updates (#13280)

thanks to @​veeceey, @​kaigritun, @​pgoslatara & @​seongbiny

Commits

• 85684f9 7.71.2
• 4933dcc 🧹 fix(clearErrors): emit name signal for targeted field updates (#13280)
• 319b3ed 🕵️‍♂️ fix: use DeepPartialSkipArrayKey for WatchObserver value parameter (#13...
• 0e04ad3 🏋️‍♀️ chore: Update outdated GitHub Actions versions (#13274)
• 3adba2b ✅ test: add unit tests for update utility (#13268)
• See full diff in compare view

Updates unleash-client from 6.9.6 to 6.10.1

Release notes

Sourced from unleash-client's releases.

v6.10.1

What's Changed

• fix: revert proxy-from-env by @​gastonfournier in Unleash/unleash-node-sdk#840
• chore: ensure cjs compatibility by @​gastonfournier in Unleash/unleash-node-sdk#841
• chore(deps): update dependency minimatch to v9.0.7 [security] by @​renovate[bot] in Unleash/unleash-node-sdk#834

Full Changelog: Unleash/unleash-node-sdk@v6.10.0...v6.10.1

v6.10.0

What's Changed

• chore(deps): update dependency @​tsconfig/node20 to v20.1.9 by @​renovate[bot] in Unleash/unleash-node-sdk#825
• fix(deps): update dependency proxy-from-env to v2 by @​renovate[bot] in Unleash/unleash-node-sdk#828
• feat: regex constraint support by @​sighphyre in Unleash/unleash-node-sdk#833
• chore: quick and dirty benchmark for regex by @​sighphyre in Unleash/unleash-node-sdk#835
• docs: fix tag filter example by @​sighphyre in Unleash/unleash-node-sdk#826
• chore: add code owners by @​sighphyre in Unleash/unleash-node-sdk#837
• chore(deps): bump qs from 6.14.1 to 6.14.2 by @​dependabot[bot] in Unleash/unleash-node-sdk#831
• chore(deps): bump rollup from 4.53.3 to 4.59.0 by @​dependabot[bot] in Unleash/unleash-node-sdk#838

Full Changelog: Unleash/unleash-node-sdk@v6.9.6...v6.10.0

v6.9.7-beta.0

What's Changed

• chore(deps): update dependency @​tsconfig/node20 to v20.1.9 by @​renovate[bot] in Unleash/unleash-node-sdk#825
• fix(deps): update dependency proxy-from-env to v2 by @​renovate[bot] in Unleash/unleash-node-sdk#828
• feat: regex constraint support by @​sighphyre in Unleash/unleash-node-sdk#833

Full Changelog: Unleash/unleash-node-sdk@v6.9.6...v6.9.7-beta.0

Commits

• 4cb118e v6.10.1
• 756dce3 chore(deps): update dependency minimatch to v9.0.7 [security] (#834)
• f45792f chore: ensure cjs compatibility (#841)
• 9f81096 fix: revert proxy-from-env (#840)
• bcc2e47 v6.10.0
• f794144 chore(deps): bump rollup from 4.53.3 to 4.59.0 (#838)
• 26a3378 chore(deps): bump qs from 6.14.1 to 6.14.2 (#831)
• 79e41e5 chore: add code owners (#837)
• 34e488b docs: fix tag filter example (#826)
• 72b8af4 chore: simple benchmark isEnabled (#835)
• Additional commits viewable in compare view

Updates less from 4.2.0 to 4.5.1

Release notes

Sourced from less's releases.

v4.5.1

• Internal test refactor (#4378).
• Initial auto-publishing implementation (#4390 and #4391)

v4.4.2

• #4357 Migrate Less test data to use valid CSS (@​matthew-dean)
• #4363 Fix #4362 no spacing regression for function (@​puckowski)

v4.4.1

• #4342 Add support for CSS scroll state container queries (@​puckowski)
• #4349 Fix #4348 parse layer nesting syntax (@​puckowski)

v4.4.0

• #4337 Add support for layer at-rule (@​puckowski)
• #4340 Add support for import at-rule layer functionality (@​puckowski)
• #4346 Fix #4343 add color operands (@​puckowski)

v4.3.0

#4319 Add deprecation warnings to Less output during parsing and new quiet flag (@​matthew-dean) #4320 Update README.md to remove Lerna reference (@​matthew-dean) #4322 Revise Playwright install method for CI stability (@​puckowski) #4333 Add support for starting-style at rule. (@​puckowski)

v4.2.2

less/less.js#4290 Fix less/less.js#4268 nested pseudo-selector parsing (@​puckowski) less/less.js#4291 Enhance Less.js test environment setup (#4291) (@​iChenLei) less/less.js#4295 Fix less/less.js#4252 container queries created via mixin evaluating variables incorrectly (@​puckowski) less/less.js#4294 Fix less/less.js#3737 allow blank variable declarationd (@​puckowski) less/less.js#4292 Fix less/less.js#4258 variable interpolation after math (@​puckowski) less/less.js#4293 Fix less/less.js#4264 strip line comment from expression (@​puckowski) less/less.js#4302 Fix less/less.js#4301 at-rule declarations missing (@​puckowski) less/less.js#4309 Fix Node 23 CI (#4309) (@​iChenLei)

v4.2.1

• #4235 Fix container style queries extra space resolved (@​puckowski)

Changelog

Sourced from less's changelog.

Change Log

v4.4.2 (2025-08-27)

• #4357 Migrate Less test data to use valid CSS (@​matthew-dean)
• #4363 Fix #4362 no spacing regression for function (@​puckowski)

v4.4.1 (2025-07-25)

• #4342 Add support for CSS scroll state container queries (@​puckowski)
• #4349 Fix #4348 parse layer nesting syntax (@​puckowski)

v4.4.0 (2025-05-31)

• #4337 Add support for layer at-rule (@​puckowski)
• #4340 Add support for import at-rule layer functionality (@​puckowski)
• #4346 Fix #4343 add color operands (@​puckowski)

v4.3.0 (2025-04-04)

• #4319 Add deprecation warnings to Less output during parsing and new quiet flag (@​matthew-dean)
• #4320 Update README.md to remove Lerna reference (@​matthew-dean)
• #4322 Revise Playwright install method for CI stability (@​puckowski)
• #4333 Add support for starting-style at rule. (@​puckowski)

v4.2.2 (2025-01-04)

• #4290 Fix #4268 nested pseudo-selector parsing (@​puckowski)
• #4291 Enhance Less.js test environment setup (#4291) (@​iChenLei)
• #4295 Fix #4252 container queries created via mixin evaluating variables incorrectly (@​puckowski)
• #4294 Fix #3737 allow blank variable declarationd (@​puckowski)
• #4292 Fix #4258 variable interpolation after math (@​puckowski)
• #4293 Fix #4264 strip line comment from expression (@​puckowski)
• #4302 Fix #4301 at-rule declarations missing (@​puckowski)
• #4309 Fix Node 23 CI (#4309) (@​iChenLei)

v4.2.1 (2024-09-26)

• #4237 Fix #4235 container style queries extra space resolved (@​puckowski)

Commits

• 6e81606 Fix auto-publishing permissions / graceful fallback (#4391)
• 5cd329c Set up auto-publishing and alpha branch (#4390)
• 4322869 [Needs reviews!] Mega test refactor (#4378)
• 1bde4bd Release/v4.4.2 (#4364)
• 5ed7100 fix(issue#4362) no spacing regression for function (#4363)
• 9c06159 Migrate Less to use valid CSS (#4357)
• 9d345ff Release v4.4.1 (#4351)
• 6e0095d CSS scroll state container queries and improved function handling (#4342)
• 01a187e fix(issue#4348): parse layer nesting syntax (#4349)
• 033e3b3 Release v4.4.0 (#4345)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for less since your current version.

Install script changes

This version adds postinstall script that runs during installation. Review the package contents before updating.

Updates msw from 2.7.3 to 2.12.10

Release notes

Sourced from msw's releases.

v2.12.10 (2026-02-10)

Bug Fixes

• export AnyHandler type (#2663) (90f9be4f96b7fb071ef655a8044eca3c15910404) @​kettanaito

v2.12.9 (2026-02-06)

Bug Fixes

• ws: support relative urls in ws.link (#2661) (2f1d23c1c4392638a7dfbc95d00ede6062aeae6c) @​kettanaito

v2.12.8 (2026-02-03)

Bug Fixes

• update @mswjs/interceptors to fix a memory leak (#2659) (e5e905f60c4ad8dd621e720cde26390c84104362) @​kettanaito
• update rettime (#2657) (3a7b4510138bc6e7ab5078f53e623d6a25cfd9ac) @​kettanaito

v2.12.7 (2025-12-27)

Bug Fixes

• graphql: export the GraphQLLinkHandlers type (#2647) (cfab780e1d8110736567ebda129a4094e35f4c00) @​kettanaito
• graphql: support TypedDocumentString as request predicate (#2646) (494d5e88791913ae2758b3d9c2b78987d3ac0adf) @​kettanaito
• graphql: remove redundant DocumentNode union (#2645) (0f6e28f6a5ef903d5958348c16b495223820c164) @​kettanaito

v2.12.6 (2025-12-26)

Bug Fixes

• sse: respect the worker quiet option (#2644) (d50f73e72b04122a676617ce84f394b800e623fd) @​kettanaito

v2.12.5 (2025-12-26)

Bug Fixes

• sse: handle multi-line messages (#2643) (1266f612b2399eaea25219020fe93c027dc3fa7a) @​BSteffaniak @​kettanaito

v2.12.4 (2025-12-03)

Bug Fixes

• handle incomplete localStorage in Node.js v25 (#2636) (3da2c762abb923eda60ad220f0534354d1683678) @​rvagg

v2.12.3 (2025-11-23)

Bug Fixes

• publish the types used in HttpHandler (#2560) (1af6cee52f47a39a297f901610acb4daae17c7ea) @​SerkanSipahi @​kettanaito

... (truncated)

Commits

• 720d55f chore(release): v2.12.10
• 90f9be4 fix: export AnyHandler type (#2663)
• 4859e41 chore(release): v2.12.9
• 2f1d23c fix(ws): support relative urls in ws.link (#2661)
• 9a82137 chore(release): v2.12.8
• d2dd270 chore: fetch correct depth for release
• 4cfccff chore: update pnpm version everywhere
• 4de516b chore: set pnpm to 9.15.0 in package.json
• 7538501 chore: split release job into two (#2660)
• 9886892 chore: update @ossjs/release
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for msw since your current version.

Install script changes

This version modifies postinstall script that runs during installation. Review the package contents before updating.

Updates webpack from 5.104.1 to 5.105.4

Release notes

Sourced from webpack's releases.

v5.105.4

Patch Changes

• Add Module.getSourceBasicTypes to distinguish basic source types and clarify how modules with non-basic source types like remote still produce JavaScript output. (by @​xiaoxiaojx in #20546)

• Handle createRequire in expressions. (by @​alexander-akait in #20549)

• Fixed types for multi stats. (by @​alexander-akait in #20556)

• Remove empty needless js output for normal css module. (by @​JSerFeng in #20162)

• Update enhanced-resolve to support new features for tsconfig.json. (by @​alexander-akait in #20555)

• Narrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like "x" in ns. (by @​hai-x in #20561)

v5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

v5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

v5.105.1

Patch Changes

... (truncated)

Changelog

Sourced from webpack's changelog.

5.105.4

Patch Changes

• Add Module.getSourceBasicTypes to distinguish basic source types and clarify how modules with non-basic source types like remote still produce JavaScript output. (by @​xiaoxiaojx in #20546)

• Handle createRequire in expressions. (by @​alexander-akait in #20549)

• Fixed types for multi stats. (by @​alexander-akait in #20556)

• Remove empty needless js output for normal css module. (by @​JSerFeng in #20162)

• Update enhanced-resolve to support new features for tsconfig.json. (by @​alexander-akait in #20555)

• Narrows export presence guard detection to explicit existence checks on namespace imports only, i.e. patterns like "x" in ns. (by @​hai-x in #20561)

5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

... (truncated)

Commits

• 27c13b4 chore(release): new release (#20550)
• 9b2f41e chore: bump terser plugin (#20569)
• eafe060 fix: narrow the export presence guard detection (#20561)
• 75d605c refactor: add AppendOnlyStackedSet iteration support and tests (#20560)
• afa607d refactor: remove unused code (#20562)
• 4098902 test: add source files for web-webworker and web-webworker-auto-public-path (...
• f97be67 refactor: fix duplicated word in Compilation JSDoc (#20547)
• 9d76fff refactor: add Module.getSourceBasicTypes for basic JS type detection (#20546)
• a3d7839 fix: types for multi stats (#20556)
• b8e9b05 fix: update enhanced-resolve to support new features for tsconfig.json (#...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions