Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

Bump the production-dependencies group across 1 directory with 20 updates

Open
Number: #79
Type: Pull Request
State: Open
Author: dependabot[bot] dependabot[bot]
Association: Contributor
Comments: 0
Created: September 15, 2025 at 02:15 PM UTC
(6 months ago)
Updated: September 15, 2025 at 02:15 PM UTC
(6 months ago)
Labels:
dependencies javascript
Description:

Bumps the production-dependencies group with 20 updates in the / directory:

Package From To
@floating-ui/dom 1.7.1 1.7.4
@napi-rs/simple-git 0.1.19 0.1.22
chalk 5.4.1 5.6.2
flexsearch 0.8.205 0.8.212
is-absolute-url 4.0.1 5.0.0
mermaid 11.6.0 11.11.0
pixi.js 8.10.1 8.13.2
pnpm 10.12.1 10.16.1
preact 10.26.8 10.27.2
preact-render-to-string 6.5.13 6.6.1
pretty-bytes 7.0.0 7.0.1
react 19.1.0 19.1.1
@types/react 19.1.6 19.1.13
sass-migrator 2.3.2 2.4.2
satori 0.15.2 0.18.2
sharp 0.34.2 0.34.3
workerpool 9.3.2 9.3.4
ws 8.18.2 8.18.3
esbuild 0.25.5 0.25.9
tsx 4.19.4 4.20.5

Updates @floating-ui/dom from 1.7.1 to 1.7.4

Release notes

Sourced from @​floating-ui/dom's releases.

@​floating-ui/dom@​1.7.4

Patch Changes

  • fix(getViewportRect): account for space left by scrollbar-gutter: stable

@​floating-ui/dom@​1.7.3

Patch Changes

  • Update dependencies: @floating-ui/core@1.7.3

@​floating-ui/dom@​1.7.2

Patch Changes

  • perf: reduce memory allocations
  • Update dependencies: @floating-ui/utils@0.2.10, @floating-ui/core@1.7.2
Changelog

Sourced from @​floating-ui/dom's changelog.

1.7.4

Patch Changes

  • fix(getViewportRect): account for space left by scrollbar-gutter: stable

1.7.3

Patch Changes

  • Update dependencies: @floating-ui/core@1.7.3

1.7.2

Patch Changes

  • perf: reduce memory allocations
  • Update dependencies: @floating-ui/utils@0.2.10, @floating-ui/core@1.7.2
Commits

Updates @napi-rs/simple-git from 0.1.19 to 0.1.22

Release notes

Sourced from @​napi-rs/simple-git's releases.

v0.1.22

What's Changed

New Contributors

Full Changelog: https://github.com/Brooooooklyn/simple-git/compare/v0.1.21...v0.1.22

v0.1.21

What's Changed

Full Changelog: https://github.com/Brooooooklyn/simple-git/compare/v0.1.20...v0.1.21

v0.1.20

What's Changed

... (truncated)

Commits
  • 7d01607 0.1.22
  • 5792944 chore: fix preversion script
  • 6cbeb6e chore: clippy fix and npm trusted publisher (#99)
  • a1dfc9b chore(deps): update actions/download-artifact action to v5 (#97)
  • 919cd79 ci: replace unmaintained goto-bus-stop/setup-zig with mlugg/setup-zig action ...
  • 3b580ef 0.1.21
  • a36a282 fix: link libz.a on Linux x64 gnu (#95)
  • bb9e05e chore(deps): update cross-platform-actions/action action to v0.29.0 (#94)
  • dea17f8 0.1.20
  • b66275d feat: upgrade to NAPI-RS 3.0 (#93)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​napi-rs/simple-git since your current version.


Updates chalk from 5.4.1 to 5.6.2

Release notes

Sourced from chalk's releases.

v5.6.2

v5.6.0

  • Make WezTerm terminal use true color a8f5bf7

https://github.com/chalk/chalk/compare/v5.5.0...v5.6.0

v5.5.0

  • Make Ghostty terminal use true color (#653) 79ee2d3

https://github.com/chalk/chalk/compare/v5.4.1...v5.5.0

Commits

Updates flexsearch from 0.8.205 to 0.8.212

Commits

Updates is-absolute-url from 4.0.1 to 5.0.0

Release notes

Sourced from is-absolute-url's releases.

v5.0.0

Breaking

  • Require Node.js 20 430699d
  • It now only allows http:// and https:// protocols by default 05e1989
    • To get the old behavior, pass in {httpOnly: false}

Improvements

  • Add httpOnly option and make it the default 05e1989

https://github.com/sindresorhus/is-absolute-url/compare/v4.0.1...v5.0.0

Commits

Updates mermaid from 11.6.0 to 11.11.0

Release notes

Sourced from mermaid's releases.

mermaid@11.11.0

Minor Changes

  • #6704 012530e Thanks @​omkarht! - feat: Added support for new participant types (actor, boundary, control, entity, database, collections, queue) in sequenceDiagram.

  • #6802 c8e5027 Thanks @​darshanr0107! - feat: Update mindmap rendering to support multiple layouts, improved edge intersections, and new shapes

Patch Changes

mermaid@11.10.1

Patch Changes

mermaid@11.10.0

Minor Changes

Patch Changes

... (truncated)

Commits
  • 9c85521 Merge pull request #6914 from mermaid-js/changeset-release/master
  • 8a565bc Version Packages
  • baf510b Merge pull request #6912 from mermaid-js/develop
  • c1f2d05 Merge pull request #6913 from mermaid-js/fix/mindmap-cypress-visual-tests
  • bce40e1 fix: resolve failing Cypress visual tests for mindmap diagrams
  • f47dec3 Merge pull request #6911 from mermaid-js/update-timings
  • 88dc4be chore: update E2E timings
  • e923208 Merge pull request #6802 from mermaid-js/knsv/mindmap-refactoring
  • e96614a Merge pull request #6895 from shanti2530/docs/xychart-plotcolorpalette-example
  • 73115cb [autofix.ci] apply automated fixes
  • Additional commits viewable in compare view

Updates pixi.js from 8.10.1 to 8.13.2

Release notes

Sourced from pixi.js's releases.

v8.13.2

💾 Download

Installation:

npm install pixi.js@8.13.2

Development Build:

Production Build:

Documentation:

Changed

https://github.com/pixijs/pixi.js/compare/v8.13.1...v8.13.2

🐛 Fixed

v8.13.1

💾 Download

Installation:

npm install pixi.js@8.13.1

Development Build:

Production Build:

Documentation:

Changed

https://github.com/pixijs/pixi.js/compare/v8.13.0...v8.13.1

🐛 Fixed

... (truncated)

Commits

Updates pnpm from 10.12.1 to 10.16.1

Release notes

Sourced from pnpm's releases.

pnpm 10.16.1

Patch Changes

  • The full metadata cache should be stored not at the same location as the abbreviated metadata. This fixes a bug where pnpm was loading the abbreviated metadata from cache and couldn't find the "time" field as a result #9963.
  • Forcibly disable ANSI color codes when generating patch diff #9914.

Platinum Sponsors

Gold Sponsors

... (truncated)

Changelog

Sourced from pnpm's changelog.

10.16.1

Patch Changes

  • The full metadata cache should be stored not at the same location as the abbreviated metadata. This fixes a bug where pnpm was loading the abbreviated metadata from cache and couldn't find the "time" field as a result #9963.
  • Forcibly disable ANSI color codes when generating patch diff #9914.

10.16.0

Minor Changes

  • There have been several incidents recently where popular packages were successfully attacked. To reduce the risk of installing a compromised version, we are introducing a new setting that delays the installation of newly released dependencies. In most cases, such attacks are discovered quickly and the malicious versions are removed from the registry within an hour.

    The new setting is called minimumReleaseAge. It specifies the number of minutes that must pass after a version is published before pnpm will install it. For example, setting minimumReleaseAge: 1440 ensures that only packages released at least one day ago can be installed.

    If you set minimumReleaseAge but need to disable this restriction for certain dependencies, you can list them under the minimumReleaseAgeExclude setting. For instance, with the following configuration pnpm will always install the latest version of webpack, regardless of its release time:

    minimumReleaseAgeExclude:
  - webpack

    Related issue: #9921.

  • Added support for finders #9946.

    In the past, pnpm list and pnpm why could only search for dependencies by name (and optionally version). For example:

    pnpm why minimist

    prints the chain of dependencies to any installed instance of minimist:

    verdaccio 5.20.1
├─┬ handlebars 4.7.7
│ └── minimist 1.2.8
└─┬ mv 2.1.1
  └─┬ mkdirp 0.5.6
    └── minimist 1.2.8

    What if we want to search by other properties of a dependency, not just its name? For instance, find all packages that have react@17 in their peer dependencies?

    This is now possible with "finder functions". Finder functions can be declared in .pnpmfile.cjs and invoked with the --find-by=<function name> flag when running pnpm list or pnpm why.

    Let's say we want to find any dependencies that have React 17 in peer dependencies. We can add this finder to our .pnpmfile.cjs:

... (truncated)

Commits
  • ea44ff9 chore(release): 10.16.1
  • a3c1498 chore(release): 10.16.0
  • e792927 feat: support finder functions for performing complex searches with list and ...
  • 3d1711a chore(release): 10.15.1
  • f1552d1 refactor: replace p-any with Promise.any (#9911)
  • 979ce80 chore(release): 10.15.0
  • facd765 refactor: always use extensions in relative imports (#9878)
  • c89c93d test: use @​jest/globals (#9877)
  • 14c78e8 test: use jest.mocked (#9874)
  • ba5f447 chore: update registry-mock to v5
  • Additional commits viewable in compare view

Updates preact from 10.26.8 to 10.27.2

Release notes

Sourced from preact's releases.

10.27.2

Types

Fixes

10.27.1

Performance

Types

Fixes

Maintenance

10.27.0

Features

Fixes

  • Ensure we rerender after a suspensefully hydrating boundary throws an… (#4856, thanks @​JoviDeCroock)

Maintenance

10.26.9

Fixes

... (truncated)

Commits

Updates preact-render-to-string from 6.5.13 to 6.6.1

Release notes

Sourced from preact-render-to-string's releases.

v6.6.1

Patch Changes

v6.6.0

Minor Changes

Patch Changes

Changelog

Sourced from preact-render-to-string's changelog.

6.6.1

Patch Changes

6.6.0

Minor Changes

Patch Changes

  • #413 27f340b Thanks @​f0x52! - Fix async rendering of multiple suspended components in a single Suspense boundary
  • #417 441dea2 Thanks @​rschristian! - Only abort/report errors from renderToPipeableStream() if the stream hasn't already been closed
Commits

Updates pretty-bytes from 7.0.0 to 7.0.1

Release notes

Sourced from pretty-bytes's releases.

v7.0.1

  • Fix precision with the binary option (#88) c9fd951

https://github.com/sindresorhus/pretty-bytes/compare/v7.0.0...v7.0.1

Commits

Updates react from 19.1.0 to 19.1.1

Release notes

Sourced from react's releases.

19.1.1 (July 28, 2025)

React

  • Fixed Owner Stacks to work with ES2015 function.name semantics (#33680 by @​hoxyq)
Changelog

Sourced from react's changelog.

19.1.1 (July 28, 2025)

React

  • Fixed Owner Stacks to work with ES2015 function.name semantics (#33680 by @​hoxyq)
Commits

Updates @types/react from 19.1.6 to 19.1.13

Commits

Updates sass-migrator from 2.3.2 to 2.4.2

Release notes

Sourced from sass-migrator's releases.

Sass Migrator 2.4.2

Module Migration

  • Late @import rules can now be hoisted above safe at-rules in the same file.

  • Fix a typo in the error message for late @import rules that could not be migrated.

  • Fix a bug where hoisted @use rules with configuration would have incorrect syntax.

See the full changelog for changes in earlier releases.

Sass Migrator 2.4.1

Module Migrator

  • Fix a bug where a duplicate namespace would be added to a reassignment of a variable from another module when running on a partially migrated file.

See the full changelog for changes in earlier releases.

Sass Migrator 2.4.0

Module System Migration

  • Better handling of late @import rules. Previously, these were treated identically to nested imports, but now they can be hoisted to the top of the file where @use is allowed if they do not emit any CSS.

    To allow the migrator to hoist even late imports that do emit CSS, use the --unsafe-hoist flag. @import rules that emit CSS will still be converted to meta.load-css() even with this flag if no Sass members are referenced from them.

    If there are any plain CSS at-rules that are used by your post-processing tools but never actually result in meaningful CSS, you can pass them (without the @) to --safe-at-rule so that the migrator doesn't consider them to emit CSS when handling late imports.

    The migrator's behavior when encountering actual nested imports remains unchanged.

  • Fix a bug that resulted in duplicate @use rules when migrating stylesheets that contained both a @use and an @import of the same dependency.

See the full changelog for changes in earlier releases.

Sass Migrator 2.3.3

Module System Migration

  • Fix some bugs in the conversion of private names that are referenced across files to public names, especially when --remove-prefix and/or multiple leading dashes/underscores are involved.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass-migrator's changelog.

2.4.2

Module Migration

  • Late @import rules can now be hoisted above safe at-rules in the same file.

  • Fix a typo in the error message for late @import rules that could not be migrated.

  • Fix a bug where hoisted @use rules with configuration would have incorrect syntax.

2.4.1

Module Migrator

  • Fix a bug where a duplicate namespace would be added to a reassignment of a variable from another module when running on a partially migrated file.

2.4.0

Module Migrator

  • Better handling of late @import rules. Previously, these were treated identically to nested imports, but now they can be hoisted to the top of the file where @use is allowed if they do not emit any CSS.

    To allow the migrator to hoist even late imports that do emit CSS, use the --unsafe-hoist flag. @import rules that emit CSS will still be converted to meta.load-css() even with this flag if no Sass members are referenced from them.

    If there are any plain CSS at-rules that are used by your post-processing tools but never actually result in meaningful CSS, you can pass them (without the @) to --safe-at-rule so that the migrator doesn't consider them to emit CSS when handling late imports.

    The migrator's behavior when encountering actual nested imports remains unchanged.

  • Fix a bug that resulted in duplicate @use rules when migrating stylesheets that contained both a @use and an @import of the same dependency.

2.3.3

Module Migrator

  • Fix some bugs in the conversion of private names that are referenced across files to public names, especially when --remove-prefix and/or multiple leading dashes/underscores are involved.
Commits
Package Dependencies
Package:
 @types/react
Ecosystem:
npm
Version Change:
19.1.6 → 19.1.13
Update Type:
Patch
Package:
ws
Ecosystem:
npm
Version Change:
8.18.2 → 8.18.3
Update Type:
Patch
Package:
esbuild
Ecosystem:
npm
Version Change:
0.25.5 → 0.25.9
Update Type:
Patch
Package:
react
Ecosystem:
npm
Version Change:
19.1.0 → 19.1.1
Update Type:
Patch
Package:
tsx
Ecosystem:
npm
Version Change:
4.19.4 → 4.20.5
Update Type:
Minor
Package:
is-absolute-url
Ecosystem:
npm
Version Change:
4.0.1 → 5.0.0
Update Type:
Major
Package:
satori
Ecosystem:
npm
Version Change:
0.15.2 → 0.18.2
Update Type:
Minor
Package:
pixi.js
Ecosystem:
npm
Version Change:
8.10.1 → 8.13.2
Update Type:
Minor
Package:
chalk
Ecosystem:
npm
Version Change:
5.4.1 → 5.6.2
Update Type:
Minor
Package:
sharp
Ecosystem:
npm
Version Change:
0.34.2 → 0.34.3
Update Type:
Patch
Package:
mermaid
Ecosystem:
npm
Version Change:
11.6.0 → 11.11.0
Update Type:
Minor
Package:
flexsearch
Ecosystem:
npm
Version Change:
0.8.205 → 0.8.212
Update Type:
Patch
Package:
pnpm
Ecosystem:
npm
Version Change:
10.12.1 → 10.16.1
Update Type:
Minor
Package:
@floating-ui/dom
Ecosystem:
npm
Version Change:
1.7.1 → 1.7.4
Update Type:
Patch
Package:
preact
Ecosystem:
npm
Version Change:
10.26.8 → 10.27.2
Update Type:
Minor
Package:
workerpool
Ecosystem:
npm
Version Change:
9.3.2 → 9.3.4
Update Type:
Patch
Package:
pretty-bytes
Ecosystem:
npm
Version Change:
7.0.0 → 7.0.1
Update Type:
Patch
Package:
sass-migrator
Ecosystem:
npm
Version Change:
2.3.2 → 2.4.2
Update Type:
Minor
Package:
preact-render-to-string
Ecosystem:
npm
Version Change:
6.5.13 → 6.6.1
Update Type:
Minor
Package:
@napi-rs/simple-git
Ecosystem:
npm
Version Change:
0.1.19 → 0.1.22
Update Type:
Patch
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 7790069
UUID: 2829454418
Node ID: PR_kwDOIhknRc6opgxS
Host: GitHub
Repository: float3/float3.github.io
Merge State: Unknown