Skip to content

chore(deps-dev): bump the dev-deps group across 1 directory with 2 updates#24

Closed
dependabot[bot] wants to merge 5 commits into
mainfrom
dependabot/npm_and_yarn/dev-deps-8c5d8a3660
Closed

chore(deps-dev): bump the dev-deps group across 1 directory with 2 updates#24
dependabot[bot] wants to merge 5 commits into
mainfrom
dependabot/npm_and_yarn/dev-deps-8c5d8a3660

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the dev-deps group with 2 updates in the / directory: katex and @types/node.

Updates katex from 0.16.47 to 0.17.0

Release notes

Sourced from katex's releases.

v0.17.0

0.17.0 (2026-05-22)

Performance Improvements

  • simplify defineFunction to avoid destructuring, improve typing (#4222) (fb604e6)

BREAKING CHANGES

  • The internal API for __defineFunction changed: you should no longer wrap properties in props.
Changelog

Sourced from katex's changelog.

0.17.0 (2026-05-22)

Performance Improvements

  • simplify defineFunction to avoid destructuring, improve typing (#4222) (fb604e6)

BREAKING CHANGES

  • The internal API for __defineFunction changed: you should no longer wrap properties in props.
Commits
  • 3dec549 chore(release): 0.17.0 [ci skip]
  • fb604e6 perf: simplify defineFunction to avoid destructuring, improve typing (#4222)
  • 6caa636 refactor: tighten ParseNode types (#4219)
  • afed784 docs: make first supportive organizations logos bigger (#4216)
  • b02d9ac chore(deps): update dependency webpack-dev-server to v5.2.4 [security] (#4220)
  • See full diff in compare view

Updates @types/node from 25.9.3 to 25.9.4

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

AIEPhoenix and others added 5 commits July 6, 2026 06:08
…eta infrastructure

- Reorganize both packages' stories into capability groups (Features /
  Configuration / Theming / Extending / Robustness; Mantine Features +
  Configuration) with an Introduction.mdx guide mapping the whole tree.
- Shared _shared/ bases (coreMeta / mantineMeta / colorScheme /
  SideBySide) enforce the CSF constraints (literal title+tags, explicit
  meta annotation) and live theme switching, incl. on autodocs pages via
  ThemedDocsContainer.
- Scope the dark highlight.js theme through Sass meta.load-css
  (globals.scss): CSS @import cannot be nested under a selector — the
  old globals.css silently dropped the dark scoping at build time.
- Align CrossChunkFootnote with the shared conventions; reframe the
  RemoveComments demo around a case with a real visible difference.
- New stories: Core/Theming/Extra Styles and
  Core/Extending/TypeScript Generics (executable docs for the generic
  config/metadata surface).
- Drop the react-scan decorator and the dead src story globs.
- renderHastSubtree now clones by default (structural cloneHastForRender,
  shares position/data): memoized hast is never mutated in place, so a
  non-idempotent urlTransform can no longer compound across re-renders
  without a re-parse (registry bump / G3 flush / transform swap). The
  legacy single-use path opts out; non-element inline items skip the
  per-frame clone; aggregateFootnotesIfLast drops its manual JSON clone.
- documentRegistry selectors read from version-keyed tables built in one
  pass — fingerprint computation drops from O(blocks x refs) per frame
  to O(1) lookups per version.
- ownLabels is ref-stabilized (shared setsEqual) so streaming tokens no
  longer re-register the chunk and wake every renderer per token.
- computeBlockFingerprint uses JSON tuple encoding (delimiter-injection
  proof); buildBlocks degrades offset-less nodes to inline items instead
  of dropping them; phantom labels are injected raw (micromark keeps
  escapes inside identifiers, so verbatim round-trips by construction).
- useReferenceFlipWarning: recency-window burst detection plus a
  sustained consecutive-flip trigger that survives StrictMode's
  double-invoke; nested-wrapper prod warning is once-per-instance; new
  dev warning (via the shared useWouldCoordinate gate) when the legacy
  path renders under <AIMarkdownDocuments> with an explicit documentId.
- Remove the dead per-element documentId attribute plumbing (handlers,
  sanitize allowlist, placeholder props); context remains the source.
…verage

- Restore the 'use client' directive in the built entry (tsup keeps only
  the entry file's directive; internal ones were silently dropped, which
  crashed Server Component imports in Next.js App Router).
- Mermaid: split parse-stage failures (streaming-incomplete code — keep
  the last good diagram silently) from draw-stage failures (real errors
  for the CURRENT code — show the error view instead of letting a stale
  diagram masquerade as new content). suppressErrorRendering replaces
  the error-bomb graphic; the temp-element sweep only runs for the
  attempt that still owns the host.
- Replace dead Tailwind/Iconify class names with inline SVGs via a
  shared TablerIcon wrapper; revoke the view-in-new-window blob URL
  unconditionally.
- Extract code text with a recursive toCodeText (br -> newline) instead
  of fabricating blank lines; thread AIMarkdown generics through as
  <TConfig, TRenderData>; export MantineAIMPreCode / MantineAIMMermaidCode
  for composition from custom pre overrides.
- Document the footguns (JSON deep-parse re-serialization, global
  mermaid.initialize, autoDetectUnknownLanguage streaming cost) in the
  README; light chart-type tag uses Mantine color variables.
- New jsdom client suite (mocked mermaid lifecycle with real
  clear-host-first geometry, PreCode language matrix) plus extended SSR
  tests: 7 -> 21 cases.
…ind spots

Release safety (release.yml):
- Tag check now verifies EVERY published manifest, not just the root —
  pnpm publish -r silently skips existing versions, so a drifted package
  could previously ship nothing while the run stayed green.
- Republish idempotency guard: an existing version is only allowed on a
  re-run of the same workflow run (GITHUB_RUN_ATTEMPT > 1); pnpm's OIDC
  publish records no gitHead, so commit identity can't come from the
  registry.
- Post-publish registry existence assertion (with retry), tag-on-main
  ancestry check, storybook browser suite in the gates, idempotent
  gh release create, multi-section + era-boundary-aware notes extraction.
- version-packages.mjs refuses only FULL no-op bumps (partial runs stay
  re-runnable) and skips non-package dirs.

CI (ci.yml): storybook-test task (headless Chromium smoke of all
stories), attw + publint packaging checks, PR-only cancel-in-progress,
workflow_dispatch.

Static analysis: stories and .storybook are now typechecked (per-package
tsconfig.stories.json as the single-pass superset config, root
tsconfig.storybook.json) and linted (.storybook un-ignored; scripts get
node globals).

Packaging & deps: engines >=18 and LICENSE in both tarballs; dompurify
floor ^3.4.11 (prod audit clean); katex aligned to rehype-katex's 0.16
line; eslint-plugin-react-hooks pinned ~7.0.1 (7.1 conflicts with the
block-memo ref patterns); policy-scoped minor updates (mermaid,
remark-cjk-friendly, storybook, vitest, playwright, prettier, sass);
jsdom for the client test suites; dependabot dev-deps groups.

release:dry replaces the legacy local publish script — same gates as the
tag workflow, publish is dry-run only (trusted publishing stays the sole
real path); CONTRIBUTING updated accordingly.
…dates

Bumps the dev-deps group with 2 updates in the / directory: [katex](https://github.com/KaTeX/KaTeX) and [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `katex` from 0.16.47 to 0.17.0
- [Release notes](https://github.com/KaTeX/KaTeX/releases)
- [Changelog](https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md)
- [Commits](KaTeX/KaTeX@v0.16.47...v0.17.0)

Updates `@types/node` from 25.9.3 to 25.9.4
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: katex
  dependency-version: 0.17.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: "@types/node"
  dependency-version: 25.9.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 6, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 7, 2026
@dependabot
dependabot Bot deleted the dependabot/npm_and_yarn/dev-deps-8c5d8a3660 branch July 7, 2026 02:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant