deps: bump the dependencies group across 1 directory with 14 updates

[dependabot]

Updates the requirements on @astrojs/db, @posthog/types, @sentry/astro, cssnano, lucide-react, posthog-js, @biomejs/biome, astro, cssnano-preset-advanced, cypress, eslint, jsdom, postcss and zod to permit the latest version.
Updates @astrojs/db to 0.21.1

Release notes

Sourced from @​astrojs/db's releases.

@​astrojs/db@​0.21.1

Patch Changes

• #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

Changelog

Sourced from @​astrojs/db's changelog.

0.21.1

Patch Changes

• #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

0.21.0

Minor Changes

• #16289 5d580c0 Thanks @​maxmalkin! - Adds a new getDbError() helper exported from astro:db. It walks the error .cause chain and returns the underlying LibsqlError, or undefined if the error did not originate from libSQL. This is needed because drizzle-orm 0.44+ wraps query errors in a DrizzleQueryError whose .cause is the real LibsqlError.

  Upgrading

  Code that reads .code or .message after catching a database error should migrate from isDbError() to getDbError():

  // Before
  import { isDbError } from 'astro:db';
  try {
    await db.insert(MyTable).values({ ... });
  } catch (e) {
    if (isDbError(e)) {
      console.error(e.code, e.message);
    }
  }
  // After
  import { getDbError } from 'astro:db';
  try {
  await db.insert(MyTable).values({ ... });
  } catch (e) {
  const dbError = getDbError(e);
  if (dbError) {
  console.error(dbError.code, dbError.message);
  }
  }

  isDbError() is still exported and still returns true for wrapped errors, but its return type is now boolean instead of the err is LibsqlError type predicate. Code that relied on the narrowing to access .code or .message directly will now produce a TypeScript error pointing you to getDbError().

Patch Changes

• #16289 5d580c0 Thanks @​maxmalkin! - Fixes a SQL injection vulnerability by updating drizzle-orm to ^0.45.2, patching GHSA-gpj5-g38j-94v9 (CVE-2026-39356).

0.20.1

Patch Changes

• #15364 948b693 Thanks @​VagnoDev! - Replace deprecated deep-diff with microdiff and resolve subdependency warnings.

... (truncated)

Commits

• cc02799 [ci] release (#16533)
• 5cf6c51 fix: Zod 4.4.0 compat for server config and error map (#16534)
• 8884edf refactor(db): use correct virtual types for tests (#16499)
• See full diff in compare view

Updates @posthog/types to 1.372.6

Release notes

Sourced from @​posthog/types's releases.

@​posthog/types@​1.372.6

1.372.6

Changelog

Sourced from @​posthog/types's changelog.

1.372.6

1.372.5

1.372.4

1.372.3

1.372.2

1.372.1

1.372.0

1.371.4

1.371.3

1.371.2

Patch Changes

• #3453 96f19b7 Thanks @​turnipdabeets! - Lift OTLP log serialization helpers from posthog-js into @​posthog/core so the upcoming React Native logs feature consumes the same builders. Browser gains two fixes as a side effect: NaN and ±Infinity attribute values no longer get silently dropped during JSON encoding, and the scope.version OTLP field is now populated with the SDK version (changes the server's instrumentation_scope column from "posthog-js@" to "posthog-js@"). (2026-04-23)

1.371.1

1.371.0

Minor Changes

• #3432 1a8b727 Thanks @​richardsolomou! - refactor: rename __add_tracing_headers to addTracingHeaders. The __ prefix signalled an internal/experimental option, but the config is a public API (documented for linking LLM traces to session replays). __add_tracing_headers continues to work as a deprecated alias on the browser SDK.

  Also exposes patchFetchForTracingHeaders from @posthog/core so non-browser SDKs can reuse the implementation. (2026-04-23)

1.370.1

1.370.0

Minor Changes

• #3389 922a1c1 Thanks @​hpouillot! - Add exception steps to error tracking (aka breadcrumbs) (2026-04-22)

1.369.5

... (truncated)

Commits

• c1ac939 chore: update versions and lockfile [version bump]
• 04db756 feat(logs): flush RN logs queue to /i/v1/logs with batching (#3480)
• d0db43d chore: update versions and lockfile [version bump]
• 983118f chore: update versions and lockfile [version bump]
• See full diff in compare view

Updates @sentry/astro to 10.51.0

Release notes

Sourced from @​sentry/astro's releases.

10.51.0

Important Changes

• feat(cloudflare): Add trace propagation for RPC method calls (#20343)

  Trace context is now propagated across Cloudflare Workers RPC calls, connecting traces between Workers and Durable Objects. This feature is opt-in and requires setting enableRpcTracePropagation: true in your SDK configuration:

  // Worker
  export default Sentry.withSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    handler,
  );
  // Durable Object
  export const MyDurableObject = Sentry.instrumentDurableObjectWithSentry(
  env => ({
  dsn: env.SENTRY_DSN,
  enableRpcTracePropagation: true,
  }),
  MyDurableObjectBase,
  );

• feat(hono)!: Change setup for @sentry/hono/node (init in external file) (#20497)

  To improve Node.js instrumentation, the sentry() middleware exported from @sentry/hono/node no longer accepts configuration options. Instead, you must configure the SDK by calling Sentry.init() in a dedicated instrumentation file that runs before your application code (read more in the Hono SDK readme:

  // instrument.mjs (or instrument.ts)
  import * as Sentry from '@sentry/hono/node';
  Sentry.init({
  dsn: 'DSN',
  tracesSampleRate: 1.0,
  });

• feat(nitro): Add @sentry/nitro SDK (#19224)

  A new @sentry/nitro package provides first-class Sentry support for Nitro applications, with HTTP handler and error instrumentation, middleware tracing, request isolation, and build-time source map uploading via withSentryConfig. Read more in the Nitro SDK docs and the Nitro SDK readme.

Other Changes

... (truncated)

Changelog

Sourced from @​sentry/astro's changelog.

10.51.0

Important Changes

• feat(cloudflare): Add trace propagation for RPC method calls (#20343)

  Trace context is now propagated across Cloudflare Workers RPC calls, connecting traces between Workers and Durable Objects. This feature is opt-in and requires setting enableRpcTracePropagation: true in your SDK configuration:

  // Worker
  export default Sentry.withSentry(
    env => ({
      dsn: env.SENTRY_DSN,
      enableRpcTracePropagation: true,
    }),
    handler,
  );
  // Durable Object
  export const MyDurableObject = Sentry.instrumentDurableObjectWithSentry(
  env => ({
  dsn: env.SENTRY_DSN,
  enableRpcTracePropagation: true,
  }),
  MyDurableObjectBase,
  );

• feat(hono)!: Change setup for @sentry/hono/node (init in external file) (#20497)

  To improve Node.js instrumentation, the sentry() middleware exported from @sentry/hono/node no longer accepts configuration options. Instead, you must configure the SDK by calling Sentry.init() in a dedicated instrumentation file that runs before your application code (read more in the Hono SDK readme:

  // instrument.mjs (or instrument.ts)
  import * as Sentry from '@sentry/hono/node';
  Sentry.init({
  dsn: 'DSN',
  tracesSampleRate: 1.0,
  });

• feat(nitro): Add @sentry/nitro SDK (#19224)

  A new @sentry/nitro package provides first-class Sentry support for Nitro applications, with HTTP handler and error instrumentation, middleware tracing, request isolation, and build-time source map uploading via withSentryConfig. Read more in the Nitro SDK docs and the Nitro SDK readme.

Other Changes

... (truncated)

Commits

• dc0b839 release: 10.51.0
• b3cabee Merge pull request #20599 from getsentry/prepare-release/10.51.0
• 3be99a9 meta(changelog): Update changelog for 10.51.0
• bea1aad test(browser): Unflake some more tests (#20591)
• 50aa085 test(node): Unflake postgres tests (#20593)
• 1166839 fix(hono): Distinguish .use() middleware in sub-apps from .all() handlers...
• 217ad4a test(node): Fix flaky ANR test (#20592)
• 91ffb3f test(node): Fix flaky worker thread integration test (#20588)
• c4e3902 chore(ci): Do not report flaky test issues if we cannot find a test name (#20...
• c0005cd test(node): Update timeout for cron integration tests (#20586)
• Additional commits viewable in compare view

Updates cssnano to 7.1.8

Release notes

Sourced from cssnano's releases.

v7.1.8

What's Changed

• fix(postcss-minify-selectors): reject :is() fold for :nth-child(... of S) to preserve cascade by @​dkryaklin in cssnano/cssnano#1785
• Update postcss and @​colordx/core by @​ludofischer in cssnano/cssnano#1786

Full Changelog: https://github.com/cssnano/cssnano/compare/[email protected]@7.1.8

Commits

• ed403db Publish cssnano 7.1.8
• 7e56dba fix: update postcss
• d1780fd fix: update @​colordx-core
• 0005443 chore: add changeset
• bedd609 fix(postcss-minify-selectors): reject :is() fold for :nth-child(... of S) to ...
• aed9ec0 docs: update website for release
• See full diff in compare view

Updates lucide-react to 1.14.0

Release notes

Sourced from lucide-react's releases.

Version 1.14.0

What's Changed

• feat(icons): added repeat-off icon by @​jguddas in lucide-icons/lucide#3102

Full Changelog: lucide-icons/lucide@1.13.0...1.14.0

Commits

• See full diff in compare view

Updates posthog-js to 1.372.6

Release notes

Sourced from posthog-js's releases.

[email protected]

1.372.6

Patch Changes

• #3492 cf56753 Thanks @​lucasheriques! - Add translated survey rendering support in React Native and share survey translation logic through @posthog/core. (2026-05-01)
• Updated dependencies [cf56753, 04db756]:
  • @​posthog/core@​1.28.0
  • @​posthog/types@​1.372.6

Commits

• c1ac939 chore: update versions and lockfile [version bump]
• 9ee2c9c docs(ai): drop resource-level distinct_id from vercel-ai examples (#3501)
• cf56753 feat(surveys): support translations on react native (#3492)
• 04db756 feat(logs): flush RN logs queue to /i/v1/logs with batching (#3480)
• ee12365 chore: upload browser source maps to S3 (#3509)
• 466612d chore: update versions and lockfile [version bump]
• 38e85c9 perf(ai): drop O(N²) prompt trim and reuse encoder/decoder (#3507)
• b02194b chore: update versions and lockfile [version bump]
• 70ba8f8 feat(flags): support mixed targeting in local evaluation (#3474)
• a65a8be chore: update versions and lockfile [version bump]
• Additional commits viewable in compare view

Updates @biomejs/biome to 2.4.14

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.14

2.4.14

Patch Changes

• #9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

• #10157 eefc5ab Thanks @​dyc3! - Fixed #7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

• #10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

  A function annotated : object returning an object literal:

  function f(): object {
    return { retry: true };
  }

• #10116 53269eb Thanks @​jiwon79! - Fixed #6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

• #10092 33d8543 Thanks @​Conaclos! - Fixed #9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

  Given the following organizeImports options:

  {
    "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
  }

  The following code...

  // Comment
  import "package";
  import "./file.js";

  ...was organized as:

  +
    // Comment
    import "package";
  +
    import "./file.js";

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.14

Patch Changes

• #9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

• #10157 eefc5ab Thanks @​dyc3! - Fixed #7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

• #10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

  A function annotated : object returning an object literal:

  function f(): object {
    return { retry: true };
  }

• #10116 53269eb Thanks @​jiwon79! - Fixed #6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

• #10092 33d8543 Thanks @​Conaclos! - Fixed #9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

  Given the following organizeImports options:

  {
    "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
  }

  The following code...

  // Comment
  import "package";
  import "./file.js";

  ...was organized as:

  +
    // Comment
    import "package";
  +
    import "./file.js";

  A blank line was added even though the group ':NODE:' doesn't match any imports here. :BLANK_LINE: between never-matched groups and matched groups are now ignored.

... (truncated)

Commits

• 46393e0 ci: release (#10100)
• ae659dd feat(lint/js): add noExcessiveNestedCallbacks (#10188)
• d62b331 feat(lint/js): add useMathMinMax (#9926)
• 7acf1e0 feat(lint/js): add noReactStringRefs (#9922)
• 491b171 feat(lint/js): add useTestHooksOnTop (#9393)
• 4a664c1 fix(noShadow): make sure it doesn't shadow types (#10083)
• See full diff in compare view

Updates astro from 6.1.10 to 6.2.1

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #16531 76db01d Thanks @​rodrigosdev! - Fixes config validation for omitted integrations fields with newer Zod versions.

• #16535 7df0fe4 Thanks @​rururux! - Fixed an issue where a warning was displayed when the server property was missing during config validation, even though it is not required.

• #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

[email protected]

Minor Changes

• #16187 fe58071 Thanks @​gllmt! - Adds a waitUntil option to the RenderOptions so that adapters can forward runtime background-task hooks to Astro.

  When provided by an adapter, runtime cache providers receive context.waitUntil in CacheProvider.onRequest(), which allows background cache work such as stale-while-revalidate without blocking the response. The Cloudflare adapter now forwards ExecutionContext.waitUntil to this API.

• #16290 a49637a Thanks @​ViVaLaDaniel! - Ensures that server.allowedHosts (and vite.preview.allowedHosts) configuration is respected when using astro preview with the @astrojs/cloudflare adapter. This improves security by preventing DNS rebinding attacks when previewing Cloudflare builds locally.

• #15725 4108ec1 Thanks @​meyer! - Adds support for a new 'jsx' value for the compressHTML option. When set, whitespace is stripped using JSX whitespace rules instead of the default HTML compression strategy.

  // astro.config.mjs
  import { defineConfig } from 'astro/config';
  export default defineConfig({
  compressHTML: 'jsx',
  });

  In JSX, whitespaces never matter, as such, no amount of indentation, or newlines will not affect the rendered output. For instance, the following code:

  <div>
    <span>foo</span>
    <span>bar</span>
  </div>

  will be rendered as foobar, whereas with HTML whitespace rules, a space would be present between the words due to the newline and indentation between the tags.

• #16477 28fb3e1 Thanks @​ematipico! - Adds experimental support for configurable log handlers.

  This experimental feature provides better control over Astro's logging infrastructure by allowing users to replace the default console output with custom logging implementations (e.g., structured JSON). This is particularly useful for users using on-demand rendering and wishing to connect their log aggregation services, such as Kibana, Logstash, CloudWatch, Grafana, or Loki.

  By default, Astro provides three built-in log handlers (json, node, and console), but you can also create your own.

  JSON logging

... (truncated)

Changelog

Sourced from astro's changelog.

6.2.1

Patch Changes

• #16531 76db01d Thanks @​rodrigosdev! - Fixes config validation for omitted integrations fields with newer Zod versions.

• #16535 7df0fe4 Thanks @​rururux! - Fixed an issue where a warning was displayed when the server property was missing during config validation, even though it is not required.

• #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

6.2.0

Minor Changes

• #16187 fe58071 Thanks @​gllmt! - Adds a waitUntil option to the RenderOptions so that adapters can forward runtime background-task hooks to Astro.

  When provided by an adapter, runtime cache providers receive context.waitUntil in CacheProvider.onRequest(), which allows background cache work such as stale-while-revalidate without blocking the response. The Cloudflare adapter now forwards ExecutionContext.waitUntil to this API.

• #16290 a49637a Thanks @​ViVaLaDaniel! - Ensures that server.allowedHosts (and vite.preview.allowedHosts) configuration is respected when using astro preview with the @astrojs/cloudflare adapter. This improves security by preventing DNS rebinding attacks when previewing Cloudflare builds locally.

• #15725 4108ec1 Thanks @​meyer! - Adds support for a new 'jsx' value for the compressHTML option. When set, whitespace is stripped using JSX whitespace rules instead of the default HTML compression strategy.

  // astro.config.mjs
  import { defineConfig } from 'astro/config';
  export default defineConfig({
  compressHTML: 'jsx',
  });

  In JSX, whitespaces never matter, as such, no amount of indentation, or newlines will not affect the rendered output. For instance, the following code:

  <div>
    <span>foo</span>
    <span>bar</span>
  </div>

  will be rendered as foobar, whereas with HTML whitespace rules, a space would be present between the words due to the newline and indentation between the tags.

• #16477 28fb3e1 Thanks @​ematipico! - Adds experimental support for configurable log handlers.

  This experimental feature provides better control over Astro's logging infrastructure by allowing users to replace the default console output with custom logging implementations (e.g., structured JSON). This is particularly useful for users using on-demand rendering and wishing to connect their log aggregation services, such as Kibana, Logstash, CloudWatch, Grafana, or Loki.

  By default, Astro provides three built-in log handlers (json, node, and console), but you can also create your own.

... (truncated)

Commits

• cc02799 [ci] release (#16533)
• 5cf6c51 fix: Zod 4.4.0 compat for server config and error map (#16534)
• 7df0fe4 fix(astro): make server property correctly optional in config validation (#...
• 76db01d fix(config): update validation for omitted integrations fields with newer Z...
• 3af3543 [ci] release (#16512)
• b7916ef docs: improve readability of remotePattern section (#16508)
• 449b51d fix(test): type html minification properties (#16514)
• f832c3b fix: cloudflare allowed hosts test (#16513)
• b9a5b58 [ci] format
• 0f7c3c8 feat: svg optimizer (#16333)
• Additional commits viewable in compare view

Updates cssnano-preset-advanced to 7.0.16

Commits

• ed403db Publish cssnano 7.1.8
• 7e56dba fix: update postcss
• d1780fd fix: update @​colordx-core
• 0005443 chore: add changeset
• bedd609 fix(postcss-minify-selectors): reject :is() fold for :nth-child(... of S) to ...
• aed9ec0 docs: update website for release
• See full diff in compare view

Updates cypress to 15.14.2

Release notes

Sourced from cypress's releases.

v15.14.2

Changelog: https://docs.cypress.io/app/references/changelog#15-14-2

Commits

• 545556e dependency(listr): upgrade listr 3.x to 9.x (#33640)
• ea98906 test: fix flake in readFile retries assertions until they pass (#33692)
• f159200 chore: upgrades ts-loader to 9.5.7 (#33691)
• d4b0324 test: stabilize flaky 'Your tests are loading...' waits (#33689)
• 3442523 fix: guard cy.wait against undefined retry responses (#33651)
• 3592361 fix: set primary remote state before HTTP server accepts requests (#33686)
• 47bb659 chore: updating v8 snapshot cache (#33690)
• 9363b86 update axios (#33687)
• 56472e3 chore: skip adding the install comment on the commit (#33685)
• d86bc45 chore: updating v8 snapshot cache (#33683)
• Additional commits viewable in compare view

Updates eslint to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
• 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
• 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
• 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
• 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
• f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
• a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
• 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
• b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
• 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

Commits

• 7889204 10.3.0
• 5b69b4f Build: changelog update for 10.3.0
• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
• b6ae5cf fix: handle unavailable require cache (#20812)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
• 379571a feat: add suggestions for no-unused-private-class-members (#20773)
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
• Additional commits viewable in compare view

Updates jsdom to 29.1.1

Release notes

Sourced from jsdom's releases.

v29.1.1

• Fixed 'border-radius' computed style serialization. (@​asamuzaK)
• Fixed computed style computation when using 'background-origin' and 'background-clip' CSS properties. (@​asamuzaK)
• Significantly optimized initial calls to getComputedStyle(), before the cache warms up. (@​asamuzaK)

Commits

• 9b9ea7e 29.1.1
• 07efb78 Optimize computed style comparison
• 5f66329 Fix background-origin/background-clip in background shorthand
• ad8af77 Fix border shorthand handling
• See full diff in compare view

Updates postcss to 8.5.13

Release notes

Sourced from postcss's releases.

8.5.13

• Fixed postcss-scss commend regression.

Changelog

Sourced from postcss's changelog.

8.5.13

• Fixed postcss-scss commend regression.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

8.5.6

• Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

• Fixed package.json→exports compatibility with some tools (by @​JounQin).

8.5.4

• Fixed Parcel compatibility issue (by @​git-sumitchaudhary).

8.5.3

• Added more details to Unknown word error (by @​hiepxanh).
• Fixed types (by @​romainmenke).
• Fixed docs (by @​catnipan).

8.5.2

• Fixed end position of rules with semicolon (by @​romainmenke).

... (truncated)

Commits

• af58cf1 Release 8.5.13 version
• f227dbd Temporary ignore pnpm 11 config
• d3abd40 Update dependencies
• dd06c3e Revert stringifier changes because of the conflict with postcss-scss
• ae889c8 Try to fix CI
• e0093e4 Move to pnpm 11
• See full diff in compare view

Updates zod to 4.4.2

Release notes

Sourced from
^{Need help on this PR? Tag @codesmith with what you need.}

• Let Codesmith autofix CI failures and bot reviews

[cloudflare-workers-and-pages]

Deploying ozze with    Cloudflare Pages

Latest commit:	54fdf15
Status:	🚫  Build failed.

View logs

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.