Skip to content

Bump the minor-and-patch group across 1 directory with 15 updates#9

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-3e90427cfd
Closed

Bump the minor-and-patch group across 1 directory with 15 updates#9
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-3e90427cfd

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 14, 2026

Copy link
Copy Markdown

Bumps the minor-and-patch group with 15 updates in the / directory:

Package From To
@playwright/test 1.58.2 1.59.1
@types/node 25.5.0 25.6.0
axe-core 4.11.1 4.11.3
dompurify 3.3.3 3.4.0
jsdom 29.0.1 29.0.2
vitest 4.1.2 4.1.4
vue 3.5.31 3.5.32
react 19.2.4 19.2.5
react-dom 19.2.4 19.2.5
react-router-dom 7.13.2 7.14.1
svelte 5.55.0 5.55.4
primevue 4.5.4 4.5.5
@vue/compiler-sfc 3.5.31 3.5.32
ts-loader 9.5.4 9.5.7
webpack 5.105.4 5.106.1

Updates @playwright/test from 1.58.2 to 1.59.1

Release notes

Sourced from @​playwright/test's releases.

v1.59.1

Bug Fixes

  • [Windows] Reverted hiding console window when spawning browser processes, which caused regressions including broken codegen, --ui and show commands (#39990)

v1.59.0

🎬 Screencast

New page.screencast API provides a unified interface for capturing page content with:

  • Screencast recordings
  • Action annotations
  • Visual overlays
  • Real-time frame capture
  • Agentic video receipts

Screencast recording — record video with precise start/stop control, as an alternative to the recordVideo option:

await page.screencast.start({ path: 'video.webm' });
// ... perform actions ...
await page.screencast.stop();

Action annotations — enable built-in visual annotations that highlight interacted elements and display action titles during recording:

await page.screencast.showActions({ position: 'top-right' });

screencast.showActions() accepts position ('top-left', 'top', 'top-right', 'bottom-left', 'bottom', 'bottom-right'), duration (ms per annotation), and fontSize (px). Returns a disposable to stop showing actions.

Action annotations can also be enabled in test fixtures via the video option:

// playwright.config.ts
export default defineConfig({
  use: {
    video: {
      mode: 'on',
      show: {
        actions: { position: 'top-left' },
        test: { position: 'top-right' },
      },
</tr></table> 

... (truncated)

Commits
  • d466ac5 chore: mark v1.59.1 (#40005)
  • 530e7e5 cherry-pick(#4004): fix(cli): kill-all should kill dashboard
  • 9aa216c cherry-pick(#39994): Revert "fix(windows): hide console window when spawning ...
  • 01b2b15 cherry-pick(#39980): chore: more release notes fixes
  • a5cb6c9 cherry-pick(#39972): chore: expose browser.bind and browser.unbind APIs
  • 99a17b5 cherry-pick(#39975): chore: support opening .trace files via .link indirection
  • 43607c3 cherry-pick(#39974): chore(webkit): update Safari user-agent version to 26.4
  • 62cabe1 cherry-pick(#39969): chore(npm): include all *.md from lib (#39970)
  • 0c65a75 cherry-pick(#39968): chore: screencast.showActions api
  • f04155b cherry-pick(#39958): chore: release notes for langs v1.59
  • Additional commits viewable in compare view

Updates @types/node from 25.5.0 to 25.6.0

Commits

Updates axe-core from 4.11.1 to 4.11.3

Release notes

Sourced from axe-core's releases.

Release 4.11.3

This release addresses a few false positives, which may reduce the number of issues on terget-size and aria-allowed-attr.

Bug Fixes

  • aria-allowed-attr: restrict br and wbr elements to aria-hidden only (#4974) (1d80163)
  • target-size: ignore position: fixed elements that are offscreen when page is scrolled (#5066) (5906273), closes #5065

Release 4.11.2

This release addresses a number of false positives, including ones related to target size. It adds new affordances for ARIA, and adds a clarification around the scrollable regions rule.

Bug Fixes

  • aria-valid-attr-value: handle multiple aria-errormessage IDs (#4973) (9322148)
  • aria: prevent getOwnedVirtual from returning duplicate nodes (#4987) (99d1e77), closes #4840
  • DqElement: avoid calling constructors with cloneNode (#5013) (88bc57f)
  • existing-rule: aria-busy now shows an error message for a use with unallowed children (#5017) (dded75a)
  • scrollable-region-focusable: clarify the issue is in safari (#4995) (2567afd), closes WebKit#190870 WebKit#277290
  • scrollable-region-focusable: do not fail scroll areas when all content is visible without scrolling (#4993) (240f8b5)
  • target-size: determine offset using clientRects if target is display:inline (#5012) (69d81c1)
  • target-size: ignore widgets that are inline with other inline elements (#5000) (cf8a3c0)
Changelog

Sourced from axe-core's changelog.

4.11.3 (2026-04-13)

Bug Fixes

  • aria-allowed-attr: restrict br and wbr elements to aria-hidden only (#4974) (1d80163)
  • target-size: ignore position: fixed elements that are offscreen when page is scrolled (#5066) (5906273), closes #5065

4.11.2 (2026-03-30)

Bug Fixes

  • aria-valid-attr-value: handle multiple aria-errormessage IDs (#4973) (9322148)
  • aria: prevent getOwnedVirtual from returning duplicate nodes (#4987) (99d1e77), closes #4840
  • DqElement: avoid calling constructors with cloneNode (#5013) (88bc57f)
  • existing-rule: aria-busy now shows an error message for a use with unallowed children (#5017) (dded75a)
  • scrollable-region-focusable: clarify the issue is in safari (#4995) (2567afd), closes WebKit#190870 WebKit#277290
  • scrollable-region-focusable: do not fail scroll areas when all content is visible without scrolling (#4993) (240f8b5)
  • target-size: determine offset using clientRects if target is display:inline (#5012) (69d81c1)
  • target-size: ignore widgets that are inline with other inline elements (#5000) (cf8a3c0)
Commits
  • c71e3dd chore(release): v4.11.3 (#5070)
  • 3ab66ba chore(release): 4.11.3
  • 5906273 fix(target-size): ignore position: fixed elements that are offscreen when pag...
  • d5a5705 refactor(frame-messenger): Guard against inherited properties as topics and c...
  • 1d80163 fix(aria-allowed-attr): restrict br and wbr elements to aria-hidden only (#4974)
  • baa580b chore: bump the npm-low-risk group with 8 updates (#5053)
  • 0463a3f chore: bump actions/upload-artifact from 6.0.0 to 7.0.0 (#5054)
  • 7e06043 chore: bump actions/download-artifact from 7.0.0 to 8.0.1 (#5056)
  • 41093da chore(release): v4.11.2 (#5049)
  • 66c26aa chore(release): 4.11.2
  • Additional commits viewable in compare view

Updates dompurify from 3.3.3 to 3.4.0

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.0

Most relevant changes:

  • Fixed a problem with FORBID_TAGS not winning over ADD_TAGS, thanks @​kodareef5
  • Fixed several minor problems and typos regarding MathML attributes, thanks @​DavidOliver
  • Fixed ADD_ATTR/ADD_TAGS function leaking into subsequent array-based calls, thanks @​1Jesper1
  • Fixed a missing SAFE_FOR_TEMPLATES scrub in RETURN_DOM path, thanks @​bencalif
  • Fixed a prototype pollution via CUSTOM_ELEMENT_HANDLING, thanks @​trace37labs
  • Fixed an issue with ADD_TAGS function form bypassing FORBID_TAGS, thanks @​eddieran
  • Fixed an issue with ADD_ATTR predicates skipping URI validation, thanks @​christos-eth
  • Fixed an issue with USE_PROFILES prototype pollution, thanks @​christos-eth
  • Fixed an issue leading to possible mXSS via Re-Contextualization, thanks @​researchatfluidattacks and others
  • Fixed an issue with closing tags leading to possible mXSS, thanks @​frevadiscor
  • Fixed a problem with the type dentition patcher after Node version bump
  • Fixed freezing BS runs by reducing the tested browsers array
  • Bumped several dependencies where possible
  • Added needed files for OpenSSF scorecard checks

Published Advisories are here: https://github.com/cure53/DOMPurify/security/advisories?state=published

Commits

Updates jsdom from 29.0.1 to 29.0.2

Release notes

Sourced from jsdom's releases.

v29.0.2

  • Significantly improved and sped up getComputedStyle(). Computed value rules are now applied across a broader set of properties, and include fixes related to inheritance, defaulting keywords, custom properties, and color-related values such as currentcolor and system colors. (@​asamuzaK)
  • Fixed CSS 'background' and 'border' shorthand parsing. (@​asamuzaK)
Commits
  • 2a1e2cd 29.0.2
  • 4097d66 Resolve computed CSS values lazily in CSSStyleDeclaration
  • cf5523f Add more test cases for nested color-mix with currentColor
  • b33b616 Add test that getComputedStyle() works with !important
  • 6bf559c Add test for custom property inheritance in computed styles
  • 6817657 Fix border shorthand handling
  • 470f5c5 Consolidate color helpers
  • 3db53cb Fix background shorthand handlers
  • 678e840 Remove some longhand property files
  • d526a07 Add regression test for getComputedStyle() liveness
  • See full diff in compare view

Updates vitest from 4.1.2 to 4.1.4

Release notes

Sourced from vitest's releases.

v4.1.4

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub

v4.1.3

   🚀 Experimental Features

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • ac04bac chore: release v4.1.4
  • 82c858d chore: Remove no-op function in plugin config logic (#8501)
  • d4fbb5c feat(experimental): support aria snapshot (#9668)
  • b77de96 feat(reporter): add filterMeta option to json reporter (#10078)
  • a120e3a feat(experimental): expose assertion as a public field (#10095)
  • 5375780 feat(coverage): default to text reporter skipFull if agent detected (#10018)
  • a1b5f0f fix: make expect(..., message) consistent as error message prefix (#10068)
  • 203f07a fix: use "black" foreground for labeled terminal message to ensure contrast (...
  • 2dc0d62 chore: release v4.1.3
  • 7827363 feat: add experimental.preParse flag (#10070)
  • Additional commits viewable in compare view

Updates vue from 3.5.31 to 3.5.32

Release notes

Sourced from vue's releases.

v3.5.32

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.32 (2026-04-03)

Bug Fixes

Reverts

Commits
  • 9a2eb53 release: v3.5.32
  • 32b44f1 fix(teleport): handle updates before deferred mount (#14642)
  • f166353 fix(runtime-core): prevent currentInstance leak into sibling render during as...
  • 302c47a fix(types): use private branding for shallowReactive (#14641)
  • e20ddb0 fix(types): allow customRef to have different getter/setter types (#14639)
  • 219d83b Revert "fix(server-renderer): cleanup component effect scopes after SSR rende...
  • fa23116 chore: fix typos in changelogs (#14653)
  • See full diff in compare view

Updates react from 19.2.4 to 19.2.5

Release notes

Sourced from react's releases.

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates react-dom from 19.2.4 to 19.2.5

Release notes

Sourced from react-dom's releases.

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates react-router-dom from 7.13.2 to 7.14.1

Changelog

Sourced from react-router-dom's changelog.

v7.14.1

Patch Changes

7.14.0

Patch Changes

  • Updated dependencies:
    • react-router@7.14.0
Commits

Updates svelte from 5.55.0 to 5.55.4

Release notes

Sourced from svelte's releases.

svelte@5.55.4

Patch Changes

  • fix: never mark a child effect root as inert (#18111)

  • fix: reset context after waiting on blockers of @const expressions (#18100)

  • fix: keep flushing new eager effects (#18102)

svelte@5.55.3

Patch Changes

  • fix: ensure proper HMR updates for dynamic components (#18079)

  • fix: correctly calculate @const blockers (#18039)

  • fix: freeze deriveds once their containing effects are destroyed (#17921)

  • fix: defer error boundary rendering in forks (#18076)

  • fix: avoid false positives for reactivity loss warning (#18088)

svelte@5.55.2

Patch Changes

  • fix: invalidate @const tags based on visible references in legacy mode (#18041)

  • fix: handle parens in template expressions more robustly (#18075)

  • fix: disallow -- in idPrefix (#18038)

  • fix: correct types for ontoggle on <details> elements (#18063)

  • fix: don't override $destroy/set/on instance methods in dev mode (#18034)

  • fix: unskip branches of earlier batches after commit (#18048)

  • fix: never set derived.v inside fork (#18037)

  • fix: skip rebase logic in non-async mode (#18040)

  • fix: don't reset status of uninitialized deriveds (#18054)

svelte@5.55.1

Patch Changes

  • fix: correctly handle bindings on the server (#18009)

  • fix: prevent hydration error on async {@html ...} (#17999)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.55.4

Patch Changes

  • fix: never mark a child effect root as inert (#18111)

  • fix: reset context after waiting on blockers of @const expressions (#18100)

  • fix: keep flushing new eager effects (#18102)

5.55.3

Patch Changes

  • fix: ensure proper HMR updates for dynamic components (#18079)

  • fix: correctly calculate @const blockers (#18039)

  • fix: freeze deriveds once their containing effects are destroyed (#17921)

  • fix: defer error boundary rendering in forks (#18076)

  • fix: avoid false positives for reactivity loss warning (#18088)

5.55.2

Patch Changes

  • fix: invalidate @const tags based on visible references in legacy mode (#18041)

  • fix: handle parens in template expressions more robustly (#18075)

  • fix: disallow -- in idPrefix (#18038)

  • fix: correct types for ontoggle on <details> elements (#18063)

  • fix: don't override $destroy/set/on instance methods in dev mode (#18034)

  • fix: unskip branches of earlier batches after commit (#18048)

  • fix: never set derived.v inside fork (#18037)

  • fix: skip rebase logic in non-async mode (#18040)

  • fix: don't reset status of uninitialized deriveds (#18054)

5.55.1

Patch Changes

... (truncated)

Commits

Updates primevue from 4.5.4 to 4.5.5

Release notes

Sourced from primevue's releases.

PrimeVue 4.5.5

What's Changed

New Contributors

Full Changelog: primefaces/primevue@4.5.4...4.5.5

Changelog

Sourced from primevue's changelog.

4.5.5 (2026-04-08)

Full Changelog

Implemented New Features and Enhancements:

  • Timeline: use ordered list for Timeline component to improve accessibility #8155

Fixed bugs:

  • Tree: add filteredNodes to Tree filter event and forward filter event in TreeSelect #8525
  • PrimeIcons: Missing EXPAND key in PrimeIcons #8524
  • broken zIndex with global primevue zIndex undefined #8523
  • Galleria ZIndex Clear throws error when container is unmounted in fullscreen #8519
  • Splitter does not re-initialize when SplitterPanel :size prop changes reactively #8517
  • AutoComplete enter key behavior #8516
  • TieredMenu: popup menu does not reposition when triggered from different elements #8509
  • Select: option selection can run when overlay is already hidden #8508
  • Date column filters cannot take in strings to compare #8506
  • DataTable cannot handle sparse arrays #8503
  • Tooltip elements are not being removed from the DOM when hideDelay is active #8480
  • Splitter does not initialize panels added dynamically via v-if after mount #8477
  • Tab: TabPanel slot types missing scope when asChild is true #8470
  • DatePicker Range throws TypeError on days before 12/1/1969 #8469
  • DatePicker manual input fails when using custom AM/PM locale labels #8462
  • DataTable Column Filter Overlay requires double click to close after internal interaction #8460
  • Autocomplete's clear event not emitted when clicking the clear X button #8459
  • MultiSelect with optionValue object and display="chip" removes 2 chips instead of 1 #8456
  • DatePicker: externally updated modelValue can open with incorrect header year #8455
  • InputNumber: Cursor freezes after first digit when using currency="PYG" and locale="es-PY" #8453
  • DataTable/VirtualScroller: Table errors when virtual loading true and no loading slot provided #8451
  • DatePicker throws error when v-model is initialized with string value #8450
  • DatePicker: year-change event emits inconsistent month values depending on navigation method #8436
  • Select options still selectable after dropdown is hidden #8431
  • Select - Filter - Only able to type one character when Input is not focused #8427
  • FileUpload: TypeError on drag events when component unmounts #8424
  • FormField.d.ts exports duplicate FormEmits type colliding with Form #8420
  • TreeTable: missing types #8419
  • ScrollPanel: horizontal scroll bar goes outside the content div when scrollXRatio is too small #8415
  • Datepicker overlay loses focus capture when selecting different month or year #8402
  • InputOTP allows paste when readonly #8401
  • TieredMenu: hasSubmenu holds items (array) instead of boolean #8397
  • InputNumber allows paste input when disabled #8391
  • Splitter seperator role should be on gutter-handle not gutter #8381
  • Step and StepPanel not reactive after mount #8377
  • SpeedDial: MenuItem disabled not working at all #8375
  • TreeTable: TreeNode children are not sorted #8361
  • Tree: Expose dropPosition or relativePosition in node-drop event #8360
  • Tree Drag and Drop Does Not Prevent Dropping a Node Into Itself or Descendants #8353
  • Wrong step values in nested Stepper (Horizontal in Vertical) #8310

... (truncated)

Commits
  • 66dde67 chore: version 4.5.5 released
  • 625bab0 fix: nested splitter calc defects
  • 83c2750 Fixed #8265 - DataTable writes to localStorage on every reactive change in he...
  • 489913a Fixed #8278 - DataTable row expansion remains open on page change
  • cebb8ed Fixed #8280 - Select an option in MultiSelect/DatePicker within DataTable not...
  • e96df81 Fixed #8288 - AutoComplete doesnt accept mouse selections inside Datatables
  • f4a0100 Fixed #8523 - broken zIndex with global primevue zIndex undefined
  • f8511e0 Fixed #8519 - Galleria ZIndex Clear throws error when container is unmounted ...
  • 103fd6b Fixed #8178 - Password always has aria-haspopup set to true
  • 8ef1a67 Fixed #8218 - DataTable: fixing tabindex initialization with initial selectio...
  • Additional commits viewable in compare view

Updates @vue/compiler-sfc from 3.5.31 to 3.5.32

Release notes

Sourced from @​vue/compiler-sfc's releases.

v3.5.32

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from @​vue/compiler-sfc's changelog.

3.5.32 (2026-04-03)

Bug Fixes

  • runtime-core: prevent currentInstance leak into sibling render during async setup re-entry (#14668) (f166353), closes #14667
  • teleport: handle updates before deferred mount (#14642) (32b44f1), closes #14640
  • types: allow customRef to have different getter/setter types (#14639) (

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 14, 2026
@dependabot dependabot Bot changed the title Bump the minor-and-patch group with 15 updates Bump the minor-and-patch group across 1 directory with 15 updates Apr 14, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/minor-and-patch-3e90427cfd branch 7 times, most recently from 3a4c778 to de79a0c Compare April 15, 2026 22:36
Bumps the minor-and-patch group with 15 updates:

| Package | From | To |
| --- | --- | --- |
| [@playwright/test](https://github.com/microsoft/playwright) | `1.58.2` | `1.59.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.0` | `25.6.0` |
| [axe-core](https://github.com/dequelabs/axe-core) | `4.11.1` | `4.11.3` |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.3.3` | `3.4.0` |
| [jsdom](https://github.com/jsdom/jsdom) | `29.0.1` | `29.0.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.2` | `4.1.4` |
| [vue](https://github.com/vuejs/core) | `3.5.31` | `3.5.32` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.5` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.5` |
| [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.13.2` | `7.14.1` |
| [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `5.55.0` | `5.55.4` |
| [primevue](https://github.com/primefaces/primevue/tree/HEAD/packages/primevue) | `4.5.4` | `4.5.5` |
| [@vue/compiler-sfc](https://github.com/vuejs/core/tree/HEAD/packages/compiler-sfc) | `3.5.31` | `3.5.32` |
| [ts-loader](https://github.com/TypeStrong/ts-loader) | `9.5.4` | `9.5.7` |
| [webpack](https://github.com/webpack/webpack) | `5.105.4` | `5.106.1` |


Updates `@playwright/test` from 1.58.2 to 1.59.1
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.58.2...v1.59.1)

Updates `@types/node` from 25.5.0 to 25.6.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `axe-core` from 4.11.1 to 4.11.3
- [Release notes](https://github.com/dequelabs/axe-core/releases)
- [Changelog](https://github.com/dequelabs/axe-core/blob/v4.11.3/CHANGELOG.md)
- [Commits](dequelabs/axe-core@v4.11.1...v4.11.3)

Updates `dompurify` from 3.3.3 to 3.4.0
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.3.3...3.4.0)

Updates `jsdom` from 29.0.1 to 29.0.2
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Commits](jsdom/jsdom@v29.0.1...v29.0.2)

Updates `vitest` from 4.1.2 to 4.1.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/vitest)

Updates `vue` from 3.5.31 to 3.5.32
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.31...v3.5.32)

Updates `react` from 19.2.4 to 19.2.5
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react)

Updates `react-dom` from 19.2.4 to 19.2.5
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react-dom)

Updates `react-router-dom` from 7.13.2 to 7.14.1
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.14.1/packages/react-router-dom)

Updates `svelte` from 5.55.0 to 5.55.4
- [Release notes](https://github.com/sveltejs/svelte/releases)
- [Changelog](https://github.com/sveltejs/svelte/blob/main/packages/svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/svelte/commits/svelte@5.55.4/packages/svelte)

Updates `primevue` from 4.5.4 to 4.5.5
- [Release notes](https://github.com/primefaces/primevue/releases)
- [Changelog](https://github.com/primefaces/primevue/blob/master/CHANGELOG.md)
- [Commits](https://github.com/primefaces/primevue/commits/4.5.5/packages/primevue)

Updates `@vue/compiler-sfc` from 3.5.31 to 3.5.32
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vuejs/core/commits/v3.5.32/packages/compiler-sfc)

Updates `ts-loader` from 9.5.4 to 9.5.7
- [Release notes](https://github.com/TypeStrong/ts-loader/releases)
- [Changelog](https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md)
- [Commits](TypeStrong/ts-loader@v9.5.4...v9.5.7)

Updates `webpack` from 5.105.4 to 5.106.1
- [Release notes](https://github.com/webpack/webpack/releases)
- [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md)
- [Commits](webpack/webpack@v5.105.4...v5.106.1)

---
updated-dependencies:
- dependency-name: "@playwright/test"
  dependency-version: 1.59.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: "@types/node"
  dependency-version: 25.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: axe-core
  dependency-version: 4.11.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: dompurify
  dependency-version: 3.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: jsdom
  dependency-version: 29.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vitest
  dependency-version: 4.1.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: vue
  dependency-version: 3.5.32
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: react
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: react-dom
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: react-router-dom
  dependency-version: 7.14.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: svelte
  dependency-version: 5.55.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: primevue
  dependency-version: 4.5.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: "@vue/compiler-sfc"
  dependency-version: 3.5.32
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: ts-loader
  dependency-version: 9.5.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: webpack
  dependency-version: 5.106.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/minor-and-patch-3e90427cfd branch from de79a0c to dda993e Compare April 16, 2026 18:41
kurtstohrer added a commit that referenced this pull request Apr 16, 2026
A playground file-dep (antenna-component-library) was still pulling
dompurify@3.3.3 transitively, leaving it in the root lockfile and keeping
Dependabot alert #9 open. Override in package.json pins everything to
>=3.4.0, so the lockfile now only resolves 3.4.0.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@dependabot @github

dependabot Bot commented on behalf of github Apr 16, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 16, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/minor-and-patch-3e90427cfd branch April 16, 2026 18:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants