Bump prettier from 3.8.0 to 3.8.1

[dependabot]

Bumps prettier from 3.8.0 to 3.8.1.

Release notes

Sourced from prettier's releases.

3.8.1

• Include available printers in plugin type declarations (#18706 by @​porada)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.1

diff

Include available printers in plugin type declarations (#18706 by @​porada)

// Input
import * as prettierPluginEstree from "prettier/plugins/estree";
// Prettier 3.8.0
// Property 'printers' does not exist on type 'typeof import("prettier/plugins/estree")'. ts(2339)
prettierPluginEstree.printers.estree; //=> any
// Prettier 3.8.1
prettierPluginEstree.printers.estree; //=> Printer
prettierPluginEstree.printers["estree-json"]; //=> Printer

Commits

• 90983f4 Release 3.8.1
• 57f702f Include available printers in plugin type declarations (#18706)
• bece827 Revert change in release script
• 82a4ab2 Bump Prettier dependency to 3.8.0
• 5213ee4 Clean changelog_unreleased
• f95ad0f Comment out finished steps
• b2034e8 Fix release script
• 5824b15 Release 3.8.0
• 0433601 Add blog post for v3.8.0 (#18639)
• c45fef1 Fix LWC attribute with --embedded-language-formatting off (#18383)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ COPYPASTE	jscpd	yes		no	no	1.8s
✅ EDITORCONFIG	editorconfig-checker	2		0	0	0.01s
✅ JSON	jsonlint	2		0	0	0.13s
✅ JSON	npm-package-json-lint	yes		no	no	0.56s
✅ JSON	prettier	2		0	0	0.73s
✅ JSON	v8r	2		0	0	7.02s
✅ REPOSITORY	checkov	yes		no	no	18.73s
✅ REPOSITORY	gitleaks	yes		no	no	1.8s
✅ REPOSITORY	git_diff	yes		no	no	0.03s
❌ REPOSITORY	grype	yes		3	no	36.06s
✅ REPOSITORY	secretlint	yes		no	no	1.03s
✅ REPOSITORY	syft	yes		no	no	3.14s
❌ REPOSITORY	trivy	yes		1	no	8.51s
✅ REPOSITORY	trivy-sbom	yes		no	no	1.73s
✅ REPOSITORY	trufflehog	yes		no	no	3.73s
✅ SPELL	cspell	3		0	0	2.9s
❌ SPELL	lychee	2		2	0	2.59s

Detailed Issues

❌ REPOSITORY / grype - 3 errors

[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
NAME  INSTALLED  FIXED IN  TYPE  VULNERABILITY        SEVERITY  EPSS          RISK   
qs    6.14.0     6.14.1    npm   GHSA-6rw7-vpxm-498p  High      0.2% (36th)   0.1    
hono  4.11.2     4.11.4    npm   GHSA-3vhc-576x-3qv4  High      < 0.1% (2nd)  < 0.1  
hono  4.11.2     4.11.4    npm   GHSA-f67f-6cw9-8mq4  High      < 0.1% (2nd)  < 0.1
[0036] ERROR discovered vulnerabilities at or above the severity threshold

❌ SPELL / lychee - 2 errors

[404] https://opencollective.com/unrs-resolver | Network error: Not Found
[403] https://www.patreon.com/feross | Network error: Forbidden
📝 Summary
---------------------
🔍 Total..........707
✅ Successful.....704
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........1
❓ Unknown..........0
🚫 Errors...........2

Errors in package-lock.json
[404] https://opencollective.com/unrs-resolver | Network error: Not Found
[403] https://www.patreon.com/feross | Network error: Forbidden

❌ REPOSITORY / trivy - 1 error

2026-01-23T07:10:17Z	INFO	[vulndb] Need to update DB
2026-01-23T07:10:17Z	INFO	[vulndb] Downloading vulnerability DB...
2026-01-23T07:10:17Z	INFO	[vulndb] Downloading artifact...	repo="mirror.gcr.io/aquasec/trivy-db:2"
27.37 MiB / 83.10 MiB [-------------------->________________________________________] 32.94% ? p/s ?61.81 MiB / 83.10 MiB [--------------------------------------------->_______________] 74.38% ? p/s ?83.10 MiB / 83.10 MiB [----------------------------------------------------------->] 100.00% ? p/s ?83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 92.76 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 92.76 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 92.76 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 86.77 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 86.77 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 86.77 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 81.18 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 81.18 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 81.18 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 75.94 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 75.94 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 75.94 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 71.04 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 71.04 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 71.04 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 66.46 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 66.46 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 66.46 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 62.17 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [---------------------------------------------->] 100.00% 62.17 MiB p/s ETA 0s83.10 MiB / 83.10 MiB [-------------------------------------------------] 100.00% 18.83 MiB p/s 4.6s2026-01-23T07:10:22Z	INFO	[vulndb] Artifact successfully downloaded	repo="mirror.gcr.io/aquasec/trivy-db:2"
2026-01-23T07:10:22Z	INFO	[vuln] Vulnerability scanning is enabled
2026-01-23T07:10:22Z	INFO	[misconfig] Misconfiguration scanning is enabled
2026-01-23T07:10:22Z	INFO	[misconfig] Need to update the checks bundle
2026-01-23T07:10:22Z	INFO	[misconfig] Downloading the checks bundle...
165.46 KiB / 165.46 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2026-01-23T07:10:25Z	INFO	[npm] To collect the license information of packages, "npm install" needs to be performed beforehand	dir="node_modules"
2026-01-23T07:10:25Z	INFO	Suppressing dependencies for development and testing. To display them, try the '--include-dev-deps' flag.
2026-01-23T07:10:25Z	INFO	Number of language-specific files	num=1
2026-01-23T07:10:25Z	INFO	[npm] Detecting vulnerabilities...
2026-01-23T07:10:25Z	INFO	Detected config files	num=1

Report Summary

┌───────────────────┬────────────┬─────────────────┬───────────────────┐
│      Target       │    Type    │ Vulnerabilities │ Misconfigurations │
├───────────────────┼────────────┼─────────────────┼───────────────────┤
│ package-lock.json │    npm     │        3        │         -         │
├───────────────────┼────────────┼─────────────────┼───────────────────┤
│ Dockerfile        │ dockerfile │        -        │         0         │
└───────────────────┴────────────┴─────────────────┴───────────────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.68/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


package-lock.json (npm)
=======================
Total: 3 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 3, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                           Title                            │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼────────────────────────────────────────────────────────────┤
│ hono    │ CVE-2026-22817 │ HIGH     │ fixed  │ 4.11.2            │ 4.11.4        │ Hono JWT Middleware's JWT Algorithm Confusion via Unsafe   │
│         │                │          │        │                   │               │ Default (HS256) Allows Token...                            │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2026-22817                 │
│         ├────────────────┤          │        │                   │               ├────────────────────────────────────────────────────────────┤
│         │ CVE-2026-22818 │          │        │                   │               │ Hono JWK Auth Middleware has JWT algorithm confusion when  │
│         │                │          │        │                   │               │ JWK lacks "alg"...                                         │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2026-22818                 │
├─────────┼────────────────┤          │        ├───────────────────┼───────────────┼────────────────────────────────────────────────────────────┤
│ qs      │ CVE-2025-15284 │          │        │ 6.14.0            │ 6.14.1        │ qs: qs: Denial of Service via improper input validation in │
│         │                │          │        │                   │               │ array parsing...                                           │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2025-15284                 │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴────────────────────────────────────────────────────────────┘

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff