Skip to content

fix: bump the device-page group in /src/slic3r/GUI/DeviceWeb/device_page with 18 updates#612

Open
dependabot[bot] wants to merge 2 commits into
developfrom
dependabot/npm_and_yarn/src/slic3r/GUI/DeviceWeb/device_page/develop/device-page-78da974480
Open

fix: bump the device-page group in /src/slic3r/GUI/DeviceWeb/device_page with 18 updates#612
dependabot[bot] wants to merge 2 commits into
developfrom
dependabot/npm_and_yarn/src/slic3r/GUI/DeviceWeb/device_page/develop/device-page-78da974480

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown

Bumps the device-page group in /src/slic3r/GUI/DeviceWeb/device_page with 18 updates:

Package From To
@radix-ui/react-dialog 1.1.17 1.1.19
@radix-ui/react-popover 1.1.17 1.1.19
@radix-ui/react-toggle-group 1.1.13 1.1.15
@tailwindcss/vite 4.3.1 4.3.2
@tanstack/react-router 1.170.16 1.170.17
i18next 26.3.1 26.3.6
immer 11.1.8 11.1.11
radix-ui 1.6.0 1.6.2
react-i18next 17.0.8 17.0.9
tailwindcss 4.3.1 4.3.2
@tanstack/router-plugin 1.168.18 1.168.19
@vitejs/plugin-react 6.0.2 6.0.3
eslint 10.5.0 10.7.0
globals 17.6.0 17.7.0
terser 5.48.0 5.49.0
typescript 6.0.3 7.0.2
typescript-eslint 8.61.1 8.63.0
vite 8.0.16 8.1.4

Updates @radix-ui/react-dialog from 1.1.17 to 1.1.19

Changelog

Sourced from @​radix-ui/react-dialog's changelog.

1.1.19

  • Updated dependencies: @radix-ui/react-dismissable-layer@1.1.15, @radix-ui/primitive@1.1.5, @radix-ui/react-context@1.2.0, @radix-ui/react-focus-scope@1.1.12, @radix-ui/react-presence@1.1.7

1.1.18

  • Updated dependencies: @radix-ui/react-primitive@2.1.7, @radix-ui/react-dismissable-layer@1.1.14, @radix-ui/react-focus-scope@1.1.11, @radix-ui/react-portal@1.1.13
Commits

Updates @radix-ui/react-popover from 1.1.17 to 1.1.19

Changelog

Sourced from @​radix-ui/react-popover's changelog.

1.1.19

  • Updated dependencies: @radix-ui/react-dismissable-layer@1.1.15, @radix-ui/primitive@1.1.5, @radix-ui/react-context@1.2.0, @radix-ui/react-focus-scope@1.1.12, @radix-ui/react-presence@1.1.7, @radix-ui/react-popper@1.3.3

1.1.18

  • Updated dependencies: @radix-ui/react-primitive@2.1.7, @radix-ui/react-dismissable-layer@1.1.14, @radix-ui/react-focus-scope@1.1.11, @radix-ui/react-popper@1.3.2, @radix-ui/react-portal@1.1.13
Commits

Updates @radix-ui/react-toggle-group from 1.1.13 to 1.1.15

Changelog

Sourced from @​radix-ui/react-toggle-group's changelog.

1.1.15

  • Updated dependencies: @radix-ui/primitive@1.1.5, @radix-ui/react-context@1.2.0, @radix-ui/react-roving-focus@1.1.15, @radix-ui/react-toggle@1.1.14

1.1.14

  • Updated dependencies: @radix-ui/react-primitive@2.1.7, @radix-ui/react-roving-focus@1.1.14, @radix-ui/react-toggle@1.1.13
Commits

Updates @tailwindcss/vite from 4.3.1 to 4.3.2

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.3.2

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.3.2] - 2026-06-26

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Commits

Updates @tanstack/react-router from 1.170.16 to 1.170.17

Release notes

Sourced from @​tanstack/react-router's releases.

@​tanstack/react-router@​1.170.17

Patch Changes

  • Updated dependencies [9809a06]:
    • @​tanstack/router-core@​1.171.14
Changelog

Sourced from @​tanstack/react-router's changelog.

1.170.17

Patch Changes

  • Updated dependencies [9809a06]:
    • @​tanstack/router-core@​1.171.14
Commits

Updates i18next from 26.3.1 to 26.3.6

Release notes

Sourced from i18next's releases.

v26.3.6

  • fix: allow TypeScript 7 in the optional typescript peer dependency range (^5 || ^6 || ^7). With typescript@7.0.2 in a project, npm install failed with an ERESOLVE peer conflict. The published types are TS7-compatible as-is: every test/typescript suite produces identical results under 6.0 and 7.0.2. Reported in react-i18next#1927, thanks @​andikapradanaarif.

v26.3.5

  • fix: $t() nesting options blocks that span multiple lines are now parsed. nest() decided where the nested key ends by testing match[1] with /{.*}/, whose dot does not cross line breaks — so a $t(key, { ... }) options object containing a newline was treated as having no options, mis-split as formatters, and the nested lookup ran without its options (placeholders stayed unresolved). The nesting regexp itself already matches newlines inside $t(...); adding the s (dotAll) flag makes multiline options behave like the single-line form. Thanks @​spokodev (#2440).
  • fix: getUsedParamsDetails (the returnDetails: true path) no longer mutates the passed replace object. It wrote count straight onto options.replace so the returned usedParams would include it — a caller reusing one replace object across t() calls then carried a stale count into later interpolations (e.g. a previous call's count: 5 rendered instead of the current call's value). The details are now built from a copy; usedParams still includes count. Thanks @​spokodev (#2441).
  • fix: with the default skipOnVariables: true + escapeValue: true, a {{placeholder}} carried inside an interpolated value now stays literal even when the value contains escapable characters. The skip logic advanced the regex lastIndex by the raw value length, but the escaped text written into the string is longer, so lastIndex landed inside the inserted value and a trailing {{placeholder}} in it got interpolated — leaking another in-scope variable that should have stayed literal (values without escapable characters were already skipped correctly). The advance now uses the escaped length that is actually written, and the regex-safe $-doubling is applied only at the String.replace call so it can't distort the length arithmetic. Thanks @​spokodev (#2442).

v26.3.4

  • fix(security): deepExtend (used by addResourceBundle(..., deep, overwrite)) no longer recurses into inherited properties. It checked key existence with the in operator, which walks the prototype chain, so a source key matching an inherited built-in (e.g. hasOwnProperty, toString) caused recursion into the shared Object.prototype function and, with overwrite: true, could overwrite e.g. Object.prototype.hasOwnProperty.call with a non-callable value — corrupting a shared built-in process-wide (DoS). Existence is now checked with Object.prototype.hasOwnProperty.call, so such keys are copied as plain own data instead. This complements the existing __proto__/constructor guard and is also strictly more correct for an own-property merge. Only affects applications that pass attacker-controlled data with deep: true and overwrite: true; no standard backend/integration does this. Distinct from CVE-2026-48713 / CVE-2026-48714 (different packages, setPath mechanism). Thanks to zx (Jace) for the responsible disclosure.

v26.3.3

  • fix(types): selector t($ => $.arr, { returnObjects: true, context }) on a JSON array of heterogeneous objects now preserves each element's full shape (e.g. { transKey1: string; transKey2: string }[]) instead of collapsing to a union of partial element types. Two type-level causes: (1) FilterKeys evaluated the whole array element type at once, so keyof (A | B) only saw the keys common to every element — it now distributes over the object union and filters each element independently; (2) when TypeScript merges mismatched array element types it injects phantom optional undefined keys (e.g. transKey1_withContext?: undefined on elements that don't define it), which the context-detection helpers mistook for real context variants — they now skip keys typed as undefined. Also adds a dedicated context + returnObjects: true selector overload using const Fn + ReturnType<Fn>, so Target is no longer collapsed to unknown via ApplyTarget. Resolves Problem 1 of #2398 (Problem 2 was already fixed on master). Thanks @​sauravgupta-dotcom (#2438). Fixes #2398.

v26.3.2

  • fix: chained formatters with a parenthesised option that contains the format separator (e.g. join(separator: ', ')) now work at any position in the chain, not just first. Previously the comma-in-parens reassembly only repaired formats[0], so {{v, uppercase, join(separator: ', ')}} split the join(...) option on the inner comma and never rejoined it, producing corrupt output. Replaced the first-position-only repair with a position-independent pass that re-joins fragments until each open paren closes. Thanks @​spokodev (#2437).
Changelog

Sourced from i18next's changelog.

26.3.6

  • fix: allow TypeScript 7 in the optional typescript peer dependency range (^5 || ^6 || ^7). With typescript@7.0.2 in a project, npm install failed with an ERESOLVE peer conflict. The published types are TS7-compatible as-is: every test/typescript suite produces identical results under 6.0 and 7.0.2. Reported in react-i18next#1927, thanks @​andikapradanaarif.

26.3.5

  • fix: $t() nesting options blocks that span multiple lines are now parsed. nest() decided where the nested key ends by testing match[1] with /{.*}/, whose dot does not cross line breaks — so a $t(key, { ... }) options object containing a newline was treated as having no options, mis-split as formatters, and the nested lookup ran without its options (placeholders stayed unresolved). The nesting regexp itself already matches newlines inside $t(...); adding the s (dotAll) flag makes multiline options behave like the single-line form. Thanks @​spokodev (#2440).
  • fix: getUsedParamsDetails (the returnDetails: true path) no longer mutates the passed replace object. It wrote count straight onto options.replace so the returned usedParams would include it — a caller reusing one replace object across t() calls then carried a stale count into later interpolations (e.g. a previous call's count: 5 rendered instead of the current call's value). The details are now built from a copy; usedParams still includes count. Thanks @​spokodev (#2441).
  • fix: with the default skipOnVariables: true + escapeValue: true, a {{placeholder}} carried inside an interpolated value now stays literal even when the value contains escapable characters. The skip logic advanced the regex lastIndex by the raw value length, but the escaped text written into the string is longer, so lastIndex landed inside the inserted value and a trailing {{placeholder}} in it got interpolated — leaking another in-scope variable that should have stayed literal (values without escapable characters were already skipped correctly). The advance now uses the escaped length that is actually written, and the regex-safe $-doubling is applied only at the String.replace call so it can't distort the length arithmetic. Thanks @​spokodev (#2442).

26.3.4

  • fix(security): deepExtend (used by addResourceBundle(..., deep, overwrite)) no longer recurses into inherited properties. It checked key existence with the in operator, which walks the prototype chain, so a source key matching an inherited built-in (e.g. hasOwnProperty, toString) caused recursion into the shared Object.prototype function and, with overwrite: true, could overwrite e.g. Object.prototype.hasOwnProperty.call with a non-callable value — corrupting a shared built-in process-wide (DoS). Existence is now checked with Object.prototype.hasOwnProperty.call, so such keys are copied as plain own data instead. This complements the existing __proto__/constructor guard and is also strictly more correct for an own-property merge. Only affects applications that pass attacker-controlled data with deep: true and overwrite: true; no standard backend/integration does this. Distinct from CVE-2026-48713 / CVE-2026-48714 (different packages, setPath mechanism). See advisory GHSA-6jcc-5g8w-32mx, CVSS 5.9 (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H). Thanks to zx (Jace) @​manus-use for the responsible disclosure.

26.3.3

  • fix(types): selector t($ => $.arr, { returnObjects: true, context }) on a JSON array of heterogeneous objects now preserves each element's full shape (e.g. { transKey1: string; transKey2: string }[]) instead of collapsing to a union of partial element types. Two type-level causes: (1) FilterKeys evaluated the whole array element type at once, so keyof (A | B) only saw the keys common to every element — it now distributes over the object union and filters each element independently; (2) when TypeScript merges mismatched array element types it injects phantom optional undefined keys (e.g. transKey1_withContext?: undefined on elements that don't define it), which the context-detection helpers mistook for real context variants — they now skip keys typed as undefined. Also adds a dedicated context + returnObjects: true selector overload using const Fn + ReturnType<Fn>, so Target is no longer collapsed to unknown via ApplyTarget. Resolves Problem 1 of #2398 (Problem 2 was already fixed on master). Thanks @​sauravgupta-dotcom (#2438). Fixes #2398.

26.3.2

  • fix: chained formatters with a parenthesised option that contains the format separator (e.g. join(separator: ', ')) now work at any position in the chain, not just first. Previously the comma-in-parens reassembly only repaired formats[0], so {{v, uppercase, join(separator: ', ')}} split the join(...) option on the inner comma and never rejoined it, producing corrupt output. Replaced the first-position-only repair with a position-independent pass that re-joins fragments until each open paren closes. Thanks @​spokodev (#2437).
Commits
  • e1c60d4 26.3.6
  • 04da43e fix: allow typescript 7 in optional peerDependencies range (react-i18next#1927)
  • 8eed4ac build
  • 573ae73 26.3.5
  • cc54b05 docs(changelog): 26.3.5 — multiline $t() options, replace mutation, escaped-l...
  • 3180d67 fix: skip interpolation of placeholders inside escaped values (#2442)
  • d16f5a2 fix: stop mutating the passed replace object when returning details (#2441)
  • bed56c1 fix: parse $t() nesting options block that spans multiple lines (#2440)
  • c19e458 docs(changelog): link GHSA advisory for deepExtend fix
  • 7bb87d0 docs(changelog): reference security advisory for deepExtend fix
  • Additional commits viewable in compare view

Updates immer from 11.1.8 to 11.1.11

Release notes

Sourced from immer's releases.

v11.1.11

11.1.11 (2026-07-03)

Bug Fixes

v11.1.10

11.1.10 (2026-07-03)

Bug Fixes

  • undefined assigned to a prototype-inherited key gets dropped (#1262) (16e225b)

v11.1.9

11.1.9 (2026-07-01)

Bug Fixes

  • prevent prototype pollution via constructor.prototype access (CVE-2026-XXXX) (#1259) (48fc378)
Commits
  • 60ca295 chore(deps): bump @​sigstore/core from 3.2.0 to 3.2.1 (#1258)
  • 858d036 fix: improve DraftMap.{entries,values}() compatibility#1228 (#1228)
  • 89acf94 chore(deps): bump http-proxy-middleware from 2.0.9 to 2.0.10 in /website (#1257)
  • f2b409e chore(deps-dev): bump vite from 6.4.2 to 6.4.3 (#1256)
  • e6eb6e3 chore(deps): bump @​babel/plugin-transform-modules-systemjs in /website (#1238)
  • 5868ec5 chore(deps): bump fast-uri from 3.1.0 to 3.1.2 in /website (#1237)
  • c6ce0e9 chore(deps): bump tar from 7.5.13 to 7.5.16 (#1253)
  • 9ec6559 chore(deps): bump joi from 17.7.0 to 17.13.4 in /website (#1250)
  • 86c3776 chore(deps): bump shell-quote from 1.7.4 to 1.8.4 in /website (#1248)
  • e606b33 chore(deps): bump shell-quote from 1.8.0 to 1.8.4 (#1247)
  • Additional commits viewable in compare view

Updates radix-ui from 1.6.0 to 1.6.2

Changelog

Sourced from radix-ui's changelog.

1.6.2

Other updates

  • Added CSS custom properties for Navigation Menu item indicators' translate values.
  • Fixed a bug in Dismissable Layer causing background nested popovers to close all layers on outside click
  • Fixed runtime errors for Form.Message, Form.Control, Form.Label and Form.ValidityState that are correctly rendered outside of Form.Field components
  • Fixed a bug in form control components to ensure their values are updated when their associated form's is reset. This affects RadioGroup, Slider, Select, and Switch.
  • Fixed menu items, tab triggers, toolbar links, and select items intercepting Space/Enter keys that originate from focusable descendants.
  • Fixed a bug where calling an event handler without an argument would throw, preventing successive event handlers from being called. This affected all components that accept event handlers with internal implementations.
  • Fixed a bug in Context Menu to ensure that the menu properly re-anchors to the latest pointer position when re-triggered in its open state.
  • Fixed stale onEscapeKeyDown/onDismiss handlers on React 19.2.
  • Fixed items in a Roving Focus Group not being auto-focused on mount within a Focus Scope component.
  • Fixed a regression in Dismissable Layer originating from a bug in React's useEffectEvent.
  • Fixed --radix-scroll-area-corner-width and --radix-scroll-area-corner-height not resetting to 0 when a corner is removed. Previously these values would stick around and leave a permanent gap on the remaining scrollbar.
  • Fixed a bug in Slider where stepping with the keyboard would skip a valid value when the current value is off the step grid. Stepping now snaps to the next step-aligned value in the direction of travel, matching native <input type="range"> behavior.

1.6.1

  • Cleared the close timer when unmounting Toast components to prevent memory leaks and errors in test environments.
  • Fixed infinite re-render loop in React 19 caused by unstable composed ref callback references.
  • Removed global React.CSSProperties augmentation from emitted declaration files.
Commits

Updates react-i18next from 17.0.8 to 17.0.9

Changelog

Sourced from react-i18next's changelog.

17.0.9

  • fix: allow TypeScript 7 in the optional typescript peer dependency range (^5 || ^6 || ^7). With typescript@7.0.2 in a project, npm install failed with an ERESOLVE peer conflict. Fixes #1927, thanks @​andikapradanaarif.
  • fix(types): <Trans t={t} ns="ns" …> with a t from useTranslation(['ns']) now typechecks under TypeScript 7. TS7 intersects the Ns inference candidates coming from the t prop (readonly ['ns']) and the ns prop ('ns') into an unsatisfiable 'ns' & readonly ['ns'], where TS6 resolved them. The ns prop on TransProps, TransSelectorProps and IcuTransWithoutContextProps now also accepts a single namespace out of an array-typed Ns (Ns | (Ns extends readonly (infer S extends string)[] ? S : never)) — which matches runtime behavior and is unchanged under TS5/TS6.
Commits
  • 8b4a9ea 17.0.9
  • 422bab1 fix: support typescript 7 — widen peer range and fix Trans ns inference under...
  • 6e18aa9 README: mention npx i18next-cli localize as the zero-to-localized path
  • See full diff in compare view

Updates tailwindcss from 4.3.1 to 4.3.2

Release notes

Sourced from tailwindcss's releases.

v4.3.2

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Changelog

Sourced from tailwindcss's changelog.

[4.3.2] - 2026-06-26

Fixed

  • Support bare spacing values for auto-rows-* and auto-cols-* utilities (e.g. auto-rows-12 and auto-cols-16) (#20229)
  • Prevent @tailwindcss/cli in --watch mode from crashing on Windows when @source points to a directory that doesn't exist (#20242)
  • Prevent @tailwindcss/vite from crashing in Deno v2.8.x when context.parentURL is not a valid URL (#20245)
  • Ensure @tailwindcss/cli in --watch mode rebuilds when the input CSS file changes in an ignored directory (#20246)
  • Allow @variant rules used in addBase(…) to use custom variants defined later (#20247)
  • Prevent @tailwindcss/vite from crashing during HMR when scanned files or directories are deleted (#20259)
  • Generate font-size instead of color declarations for text-[--spacing(…)] (#20260)
  • Prevent @source patterns from scanning unrelated sibling files and folders (#20263)
  • Extract class candidates adjacent to Template Toolkit delimiters like %]…[% in .tt, .tt2, and .tx files (#20269)
  • Extract class candidates from conditional Maud syntax like p.text-black[condition] (#20269)
  • Prevent @position-try rules from triggering unknown at-rule warnings when optimizing CSS (#20277)
  • Support class suggestions for named opacity modifiers from --opacity theme values (#20287)
  • Prevent type errors in @tailwindcss/postcss when used with newer PostCSS patch releases (#20289)
Commits

Updates @tanstack/router-plugin from 1.168.18 to 1.168.19

Release notes

Sourced from @​tanstack/router-plugin's releases.

@​tanstack/router-plugin@​1.168.19

Patch Changes

  • Updated dependencies [9809a06]:
    • @​tanstack/router-core@​1.171.14
    • @​tanstack/react-router@​1.170.17
    • @​tanstack/router-generator@​1.167.18
Changelog

Sourced from @​tanstack/router-plugin's changelog.

1.168.19

Patch Changes

  • Updated dependencies [9809a06]:
    • @​tanstack/router-core@​1.171.14
    • @​tanstack/react-router@​1.170.17
    • @​tanstack/router-generator@​1.167.18
Commits

Updates @vitejs/plugin-react from 6.0.2 to 6.0.3

Changelog

Sourced from @​vitejs/plugin-react's changelog.

6.0.3 (2026-06-23)

Commits
  • 640fd35 release: plugin-react@6.0.3
  • 889efb0 fix(deps): update all non-major dependencies (#1249)
  • 6c57dd4 fix(plugin-react): use '/' base in bundledDev preamble to fix non-root base p...
  • 3cc33a7 fix(deps): update react-related dependencies (#1245)
  • c0f7c7f docs: mention the Biome rule in the "Consistent components exports" section (...
  • cd80f0f fix(deps): update all non-major dependencies (#1241)
  • e38acca fix(deps): update all non-major dependencies (#1227)
  • 9a9bb26 perf(react): improve react compiler preset so that slightly more modules are ...
  • See full diff in compare view

Updates eslint from 10.5.0 to 10.7.0

Release notes

Sourced from eslint's releases.

v10.7.0

Features

  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032) (sethamus)
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063) (fnx)
  • 557fde8 feat: support computed Number.parseInt member access in radix rule (#21041) (Pixel)
  • 0b4a73b feat: add suggestions to no-compare-neg-zero (#21034) (den$)
  • 96cdd42 feat: report invalid signed numeric radix values in radix rule (#21030) (Pixel)

Bug Fixes

  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069) (Pixel)
  • 0d7d70c fix: insert cause outside wrapping parens in preserve-caught-error (#21062) (Mahin Anowar)
  • 75ec753 fix: handle static template literals in eqeqeq rule (#21058) (Pixel)
  • b717a22 fix: prevent eqeqeq null option from reporting non-equality operators (#21057) (Pixel)
  • e35b05f fix: avoid no-invalid-regexp false positive for shadowed RegExp (#21051) (Pixel)
  • a3172b6 fix: avoid no-control-regex false positive for shadowed RegExp (#21050) (Pixel)
  • d1f637e fix: parenthesize sequence expression operands in no-implicit-coercion (#21045) (spokodev)
  • 8859baf fix: avoid prefer-numeric-literals false positive for shadowed globals (#21047) (한국)
  • a9e5961 fix: use-isnan false positive on shadowed NaN/Number (#20958) (sethamus)
  • 8a240a7 fix: avoid false positives in radix rule for spread arguments (#21044) (Pixel)

Documentation

  • c30d808 docs: Update README (GitHub Actions Bot)
  • 5139800 docs: document ESLint migration codemods in v9 and v10 guides (#20980) (Alex Bit)
  • 04174cb docs: Update README (GitHub Actions Bot)
  • 026e130 docs: update semver policy for bug fixes (#21048) (Milos Djermanovic)
  • 9d42fef docs: Update README (GitHub Actions Bot)
  • b230159 docs: Update README (GitHub Actions Bot)
  • 0129972 docs: correct **/.js glob to **/*.js in config files guide (#21036) (EduardF1)

Chores

  • 9489379 chore: update dependency @​eslint/eslintrc to ^3.3.6 (#21076) (renovate[bot])
  • 81a4774 chore: updates for v9.39.5 release (Jenkins)
  • 9835414 chore: enable $ExpectType annotations in all TypeScript files (#21071) (Francesco Trotta)
  • 72adf6b chore: restrict markdownlint-cli2 updates in renovate (#21067) (lumir)
  • 833ec10 chore: update dependency prettier to v3.9.4 (#21061) (renovate[bot])
  • 7ea106d chore: update ecosystem plugins (#21059) (ESLint Bot)
  • 8fb550e chore: add prettier update commit to .git-blame-ignore-revs (#21056) (lumir)
  • e4e1166 chore: update dependency prettier to v3.9.1 (#21055) (renovate[bot])
  • 0493f53 chore: update prettier to v3.9.0 (#21054) (Pixel)
  • 1056a99 chore: update dependency prettier to v3.8.5 (#21049) (renovate[bot])
  • 4d4155d ci: run ecosystem tests on pull requests (#21027) (sethamus)
  • 993539f chore: update dependency @​eslint/json to ^2.0.1 (#21042) (renovate[bot])
  • 53f8b69 test: add error locations to no-constant-binary-expression (#21039) (lumir)
  • 5ab71d5 refactor: clean up radix rule internals (#21015) (Pixel)
  • a80a9a4 chore: update ecosystem plugins (#21035) (ESLint Bot)
  • 7c9a029 ci: add Node.js 26 to CI (#20847) (lumir)

v10.6.0

Features

  • b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981) (Taejin Kim)

... (truncated)

Commits
  • fabd99b 10.7.0
  • 37c5e75 Build: changelog update for 10.7.0
  • 9489379 chore: update dependency @​eslint/eslintrc to ^3.3.6 (#21076)
  • 81a4774 chore: updates for v9.39.5 release
  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069)
  • 9835414 chore: enable $ExpectType annotations in all TypeScript files (#21071)
  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032)
  • c30d808 docs: Update README
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063)
  • 72adf6b chore: restrict markdownlint-cli2 updates in renovate (#21067)
  • Additional commits viewable in compare view

Updates globals from 17.6.0 to 17.7.0

Release notes

Sourced from globals's releases.

Description has been truncated

Bumps the device-page group in /src/slic3r/GUI/DeviceWeb/device_page with 18 updates:

| Package | From | To |
| --- | --- | --- |
| [@radix-ui/react-dialog](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/dialog) | `1.1.17` | `1.1.19` |
| [@radix-ui/react-popover](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/popover) | `1.1.17` | `1.1.19` |
| [@radix-ui/react-toggle-group](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/toggle-group) | `1.1.13` | `1.1.15` |
| [@tailwindcss/vite](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/@tailwindcss-vite) | `4.3.1` | `4.3.2` |
| [@tanstack/react-router](https://github.com/TanStack/router/tree/HEAD/packages/react-router) | `1.170.16` | `1.170.17` |
| [i18next](https://github.com/i18next/i18next) | `26.3.1` | `26.3.6` |
| [immer](https://github.com/immerjs/immer) | `11.1.8` | `11.1.11` |
| [radix-ui](https://github.com/radix-ui/primitives/tree/HEAD/packages/react/radix-ui) | `1.6.0` | `1.6.2` |
| [react-i18next](https://github.com/i18next/react-i18next) | `17.0.8` | `17.0.9` |
| [tailwindcss](https://github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss) | `4.3.1` | `4.3.2` |
| [@tanstack/router-plugin](https://github.com/TanStack/router/tree/HEAD/packages/router-plugin) | `1.168.18` | `1.168.19` |
| [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `6.0.2` | `6.0.3` |
| [eslint](https://github.com/eslint/eslint) | `10.5.0` | `10.7.0` |
| [globals](https://github.com/sindresorhus/globals) | `17.6.0` | `17.7.0` |
| [terser](https://github.com/terser/terser) | `5.48.0` | `5.49.0` |
| [typescript](https://github.com/microsoft/TypeScript) | `6.0.3` | `7.0.2` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.61.1` | `8.63.0` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `8.0.16` | `8.1.4` |


Updates `@radix-ui/react-dialog` from 1.1.17 to 1.1.19
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/dialog/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/dialog)

Updates `@radix-ui/react-popover` from 1.1.17 to 1.1.19
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/popover/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/popover)

Updates `@radix-ui/react-toggle-group` from 1.1.13 to 1.1.15
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/toggle-group/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/toggle-group)

Updates `@tailwindcss/vite` from 4.3.1 to 4.3.2
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.2/packages/@tailwindcss-vite)

Updates `@tanstack/react-router` from 1.170.16 to 1.170.17
- [Release notes](https://github.com/TanStack/router/releases)
- [Changelog](https://github.com/TanStack/router/blob/main/packages/react-router/CHANGELOG.md)
- [Commits](https://github.com/TanStack/router/commits/@tanstack/react-router@1.170.17/packages/react-router)

Updates `i18next` from 26.3.1 to 26.3.6
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/i18next@v26.3.1...v26.3.6)

Updates `immer` from 11.1.8 to 11.1.11
- [Release notes](https://github.com/immerjs/immer/releases)
- [Commits](immerjs/immer@v11.1.8...v11.1.11)

Updates `radix-ui` from 1.6.0 to 1.6.2
- [Changelog](https://github.com/radix-ui/primitives/blob/main/packages/react/radix-ui/CHANGELOG.md)
- [Commits](https://github.com/radix-ui/primitives/commits/HEAD/packages/react/radix-ui)

Updates `react-i18next` from 17.0.8 to 17.0.9
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](i18next/react-i18next@v17.0.8...v17.0.9)

Updates `tailwindcss` from 4.3.1 to 4.3.2
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/commits/v4.3.2/packages/tailwindcss)

Updates `@tanstack/router-plugin` from 1.168.18 to 1.168.19
- [Release notes](https://github.com/TanStack/router/releases)
- [Changelog](https://github.com/TanStack/router/blob/main/packages/router-plugin/CHANGELOG.md)
- [Commits](https://github.com/TanStack/router/commits/@tanstack/router-plugin@1.168.19/packages/router-plugin)

Updates `@vitejs/plugin-react` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.3/packages/plugin-react)

Updates `eslint` from 10.5.0 to 10.7.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.5.0...v10.7.0)

Updates `globals` from 17.6.0 to 17.7.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.6.0...v17.7.0)

Updates `terser` from 5.48.0 to 5.49.0
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](terser/terser@v5.48.0...v5.49.0)

Updates `typescript` from 6.0.3 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

Updates `typescript-eslint` from 8.61.1 to 8.63.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.63.0/packages/typescript-eslint)

Updates `vite` from 8.0.16 to 8.1.4
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v8.1.4/packages/vite)

---
updated-dependencies:
- dependency-name: "@radix-ui/react-dialog"
  dependency-version: 1.1.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: "@radix-ui/react-popover"
  dependency-version: 1.1.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: "@radix-ui/react-toggle-group"
  dependency-version: 1.1.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: "@tailwindcss/vite"
  dependency-version: 4.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: "@tanstack/react-router"
  dependency-version: 1.170.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: i18next
  dependency-version: 26.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: immer
  dependency-version: 11.1.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: radix-ui
  dependency-version: 1.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: react-i18next
  dependency-version: 17.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: tailwindcss
  dependency-version: 4.3.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: "@tanstack/router-plugin"
  dependency-version: 1.168.19
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: device-page
- dependency-name: eslint
  dependency-version: 10.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: device-page
- dependency-name: globals
  dependency-version: 17.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: device-page
- dependency-name: terser
  dependency-version: 5.49.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: device-page
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: device-page
- dependency-name: typescript-eslint
  dependency-version: 8.63.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: device-page
- dependency-name: vite
  dependency-version: 8.1.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: device-page
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Dependency updates javascript JavaScript / TypeScript labels Jul 13, 2026
@dependabot dependabot Bot requested a review from BenJule as a code owner July 13, 2026 12:14
@dependabot dependabot Bot added dependencies Dependency updates javascript JavaScript / TypeScript labels Jul 13, 2026
@github-actions github-actions Bot added area: ci GitHub Actions, CI/CD area: packaging AppImage, .deb, .rpm, Flatpak area: slicing Slicing engine, toolpath generation area: ui User interface / wxWidgets platform: windows Windows-specific issue tests Test files and test infrastructure area: networking Cloud, MQTT, printer connection labels Jul 13, 2026

@s3-review s3-review Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I found nothing to flag.

(Note: the diff was truncated for review, only the first part was looked at.)

baseUrl was removed in TS 7 (TS5102) and path mappings must be
relative now (TS5090). Drop baseUrl + stale ignoreDeprecations and
prefix the @locales mapping with ./

@s3-review s3-review Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

src/slic3r/GUI/DeviceWeb/device_page/package.json (line 31) – the dependency on typescript is bumped from ~6.0.3 to ~7.0.2. Bumping to a new major version of TypeScript can introduce breaking API changes (e.g. removal of node16 lib support, changes to tsconfig handling, updated diagnostic API) that the BambuStudio build scripts, custom type‑definition packages, or other dev‑dependencies (which still target TypeScript 6) may not be compatible with. Until the whole toolchain is verified against TS 7, lock the version back to 6.x or add a migration plan/tests to confirm compatibility.

src/slic3r/GUI/DeviceWeb/device_page/pnpm-lock.yaml (multiple lines) – the lockfile now contains a whole set of @typescript/typescript-* platform packages for every OS/CPU. Those packages are only needed when the typescript binary is installed as a “full” distribution; they add a lot of noise to the lockfile and can cause unnecessary platform‑specific resolution problems (e.g. on Windows the @typescript/typescript-win32-x64 entry may be pulled in even when the build runs on Linux). Consider removing those entries (or using pnpm install --no-optional) if they are not required by the project, to keep the lockfile clean and avoid spurious install failures.

(Note: the diff was truncated for review, only the first part was looked at.)

@BenJule BenJule added this to the v02.07.01-dev milestone Jul 13, 2026
@BenJule BenJule self-assigned this Jul 13, 2026
BenJule added a commit that referenced this pull request Jul 13, 2026
The "Automation: Auto-assign to Project" workflow failed on every
Dependabot PR (#611, #612, #613) because `pull_request` workflows
triggered by Dependabot only receive Dependabot secrets —
`secrets.PROJECT_TOKEN` was empty and the add-to-project step errored.

Switching the trigger to `pull_request_target` runs the job in base-repo
context where repository secrets are available. This is safe for this
workflow: it never checks out or executes PR code, it only touches PR
metadata (project board, assignee, milestone).

Closes #614
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: ci GitHub Actions, CI/CD area: networking Cloud, MQTT, printer connection area: packaging AppImage, .deb, .rpm, Flatpak area: slicing Slicing engine, toolpath generation area: ui User interface / wxWidgets dependencies Dependency updates javascript JavaScript / TypeScript platform: windows Windows-specific issue tests Test files and test infrastructure

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant