chore(deps): bump the all-dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the all-dependencies group with 12 updates in the /website directory:

Package	From	To
@astrojs/starlight	0.37.6	0.37.7
astro	5.17.3	5.18.0
svelte	5.53.2	5.53.7
@iconify-json/lucide	1.2.93	1.2.96
@iconify-json/simple-icons	1.2.71	1.2.72
@iconify/tailwind4	1.2.1	1.2.3
@tailwindcss/vite	4.2.0	4.2.1
eslint	10.0.1	10.0.3
globals	17.3.0	17.4.0
prettier-plugin-svelte	3.5.0	3.5.1
tailwindcss	4.2.0	4.2.1
typescript-eslint	8.56.0	8.56.1

Updates @astrojs/starlight from 0.37.6 to 0.37.7

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.37.7

Patch Changes

• #3726 8a09b60 Thanks @​delucis! - Fixes an issue using components containing scripts inside Starlight’s steps component in versions of Astro >= 5.16.9

Changelog

Sourced from @​astrojs/starlight's changelog.

0.37.7

Patch Changes

• #3726 8a09b60 Thanks @​delucis! - Fixes an issue using components containing scripts inside Starlight’s steps component in versions of Astro >= 5.16.9

Commits

• 9db01d0 [ci] release (#3727)
• 8a09b60 Ignore \<script> elements when processing \<Steps> (#3726)
• See full diff in compare view

Updates astro from 5.17.3 to 5.18.0

Release notes

Sourced from astro's releases.

astro@5.18.0

Minor Changes

• #15589 b7dd447 Thanks @​qzio! - Adds a new security.actionBodySizeLimit option to configure the maximum size of Astro Actions request bodies.

  This lets you increase the default 1 MB limit when your actions need to accept larger payloads. For example, actions that handle file uploads or large JSON payloads can now opt in to a higher limit.

  If you do not set this option, Astro continues to enforce the 1 MB default to help prevent abuse.

  // astro.config.mjs
  export default defineConfig({
    security: {
      actionBodySizeLimit: 10 * 1024 * 1024, // set to 10 MB
    },
  });

Patch Changes

• #15594 efae11c Thanks @​qzio! - Fix X-Forwarded-Proto validation when allowedDomains includes both protocol and hostname fields. The protocol check no longer fails due to hostname mismatch against the hardcoded test URL.

Changelog

Sourced from astro's changelog.

5.18.0

Minor Changes

• #15589 b7dd447 Thanks @​qzio! - Adds a new security.actionBodySizeLimit option to configure the maximum size of Astro Actions request bodies.

  This lets you increase the default 1 MB limit when your actions need to accept larger payloads. For example, actions that handle file uploads or large JSON payloads can now opt in to a higher limit.

  If you do not set this option, Astro continues to enforce the 1 MB default to help prevent abuse.

  // astro.config.mjs
  export default defineConfig({
    security: {
      actionBodySizeLimit: 10 * 1024 * 1024, // set to 10 MB
    },
  });

Patch Changes

• #15594 efae11c Thanks @​qzio! - Fix X-Forwarded-Proto validation when allowedDomains includes both protocol and hostname fields. The protocol check no longer fails due to hostname mismatch against the hardcoded test URL.

Commits

• 011f061 [ci] release (#15597)
• efae11c fix: X-Forwarded-Proto rejected when allowedDomains includes protocol… (#15594)
• 751ccf0 Update actionBodySizeLimit changeset and make minor (#15600)
• b7dd447 make actionBodySizeLimit configurable (#15589)
• See full diff in compare view

Updates svelte from 5.53.2 to 5.53.7

Release notes

Sourced from svelte's releases.

svelte@5.53.7

Patch Changes

• fix: correctly add __svelte_meta after else-if chains (#17830)

• perf: cache element interactivity and source line splitting in compiler (#17839)

• chore: avoid rescheduling effects during branch commit (#17837)

• perf: optimize CSS selector pruning (#17846)

• fix: preserve original boundary errors when keyed each rows are removed during async updates (#17843)

• perf: avoid O(n²) name scanning in scope generate and unique (#17844)

• fix: preserve each items that are needed by pending batches (#17819)

svelte@5.53.6

Patch Changes

• perf: optimize parser hot paths for faster compilation (#17811)

• fix: SvelteMap incorrectly handles keys with undefined values (#17826)

• fix: SvelteURL search setter now returns the normalized value, matching native URL behavior (#17828)

• fix: visit synthetic value node during ssr (#17824)

• fix: always case insensitive event handlers during ssr (#17822)

• chore: more efficient effect scheduling (#17808)

• perf: optimize compiler analysis phase (#17823)

• fix: skip redundant batch.apply (#17816)

• chore: null out current_batch before committing branches (#17809)

svelte@5.53.5

Patch Changes

• fix: escape innerText and textContent bindings of contenteditable (0df5abcae223058ceb95491470372065fb87951d)

• fix: sanitize transformError values prior to embedding in HTML comments (0298e979371bb583855c9810db79a70a551d22b9)

svelte@5.53.4

Patch Changes

• fix: set server context after async transformError (#17799)

... (truncated)

Changelog

Sourced from svelte's changelog.

5.53.7

Patch Changes

• fix: correctly add __svelte_meta after else-if chains (#17830)

• perf: cache element interactivity and source line splitting in compiler (#17839)

• chore: avoid rescheduling effects during branch commit (#17837)

• perf: optimize CSS selector pruning (#17846)

• fix: preserve original boundary errors when keyed each rows are removed during async updates (#17843)

• perf: avoid O(n²) name scanning in scope generate and unique (#17844)

• fix: preserve each items that are needed by pending batches (#17819)

5.53.6

Patch Changes

• perf: optimize parser hot paths for faster compilation (#17811)

• fix: SvelteMap incorrectly handles keys with undefined values (#17826)

• fix: SvelteURL search setter now returns the normalized value, matching native URL behavior (#17828)

• fix: visit synthetic value node during ssr (#17824)

• fix: always case insensitive event handlers during ssr (#17822)

• chore: more efficient effect scheduling (#17808)

• perf: optimize compiler analysis phase (#17823)

• fix: skip redundant batch.apply (#17816)

• chore: null out current_batch before committing branches (#17809)

5.53.5

Patch Changes

• fix: escape innerText and textContent bindings of contenteditable (0df5abcae223058ceb95491470372065fb87951d)

• fix: sanitize transformError values prior to embedding in HTML comments (0298e979371bb583855c9810db79a70a551d22b9)

5.53.4

... (truncated)

Commits

• 25a1c53 Version Packages (#17842)
• b7bc130 fix: preserve original boundary errors when keyed each rows are removed durin...
• 0965028 perf: optimize CSS selector pruning (#17846)
• 32111f9 perf: avoid O(n²) name scanning in scope generate/unique (#17844)
• 2f12b60 chore: avoid reschedule during branch commit (#17837)
• 00dc13d chore: highlight effect in tree (#17835)
• 86ec210 fix: correctly add __svelte_meta after else-if chains (#17830)
• 7717ba0 fix: preserve each items that are needed by pending batches (#17819)
• 791d5e3 perf: cache element interactivity and source line splitting (#17839)
• 4aa3777 chore: better log_effect_tree (#17833)
• Additional commits viewable in compare view

Updates @iconify-json/lucide from 1.2.93 to 1.2.96

Commits

• See full diff in compare view

Updates @iconify-json/simple-icons from 1.2.71 to 1.2.72

Commits

• See full diff in compare view

Updates @iconify/tailwind4 from 1.2.1 to 1.2.3

Commits

• See full diff in compare view

Updates @tailwindcss/vite from 4.2.0 to 4.2.1

Release notes

Sourced from @​tailwindcss/vite's releases.

v4.2.1

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Changelog

Sourced from @​tailwindcss/vite's changelog.

[4.2.1] - 2026-02-23

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Commits

• 1dce64e 4.2.1 (#19714)
• See full diff in compare view

Updates eslint from 10.0.1 to 10.0.3

Release notes

Sourced from eslint's releases.

v10.0.3

Bug Fixes

• e511b58 fix: update eslint (#20595) (renovate[bot])
• f4c9cf9 fix: include variable name in no-useless-assignment message (#20581) (sethamus)
• ee9ff31 fix: update dependency minimatch to ^10.2.4 (#20562) (Milos Djermanovic)

Documentation

• 9fc31b0 docs: Update README (GitHub Actions Bot)
• 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570) (DesselBane)
• 23b2759 docs: add v10 migration guide link to Use docs index (#20577) (Pixel998)
• 80259a9 docs: Remove deprecated eslintrc documentation files (#20472) (Copilot)
• 9b9b4ba docs: fix typo in no-await-in-loop documentation (#20575) (Pixel998)
• e7d72a7 docs: document TypeScript 5.3 minimum supported version (#20547) (sethamus)

Chores

• ef8fb92 chore: package.json update for eslint-config-eslint release (Jenkins)
• e8f2104 chore: updates for v9.39.4 release (Jenkins)
• 5cd1604 refactor: simplify isCombiningCharacter helper (#20524) (Huáng Jùnliàng)
• 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586) (Milos Djermanovic)
• e32df71 chore: update eslint-plugin-eslint-comments, remove legacy-peer-deps (#20576) (Milos Djermanovic)
• 53ca6ee chore: disable eslint-comments/no-unused-disable rule (#20578) (Milos Djermanovic)
• e121895 ci: pin Node.js 25.6.1 (#20559) (Milos Djermanovic)
• efc5aef chore: update tsconfig.json in eslint-config-eslint (#20551) (Francesco Trotta)

v10.0.2

Bug Fixes

• 2b72361 fix: update ajv to 6.14.0 to address security vulnerabilities (#20537) (루밀LuMir)

Documentation

• 13eeedb docs: link rule type explanation to CLI option --fix-type (#20548) (Mike McCready)
• 98cbf6b docs: update migration guide per Program range change (#20534) (Huáng Jùnliàng)
• 61a2405 docs: add missing semicolon in vars-on-top rule example (#20533) (Abilash)

Chores

• 951223b chore: update dependency @​eslint/eslintrc to ^3.3.4 (#20553) (renovate[bot])
• 6aa1afe chore: update dependency eslint-plugin-jsdoc to ^62.7.0 (#20536) (Milos Djermanovic)

Commits

• bfce7ea 10.0.3
• d44ced8 Build: changelog update for 10.0.3
• e511b58 fix: update eslint (#20595)
• ef8fb92 chore: package.json update for eslint-config-eslint release
• e8f2104 chore: updates for v9.39.4 release
• 5cd1604 refactor: simplify isCombiningCharacter helper (#20524)
• 9fc31b0 docs: Update README
• 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586)
• f4c9cf9 fix: include variable name in no-useless-assignment message (#20581)
• 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570)
• Additional commits viewable in compare view

Updates globals from 17.3.0 to 17.4.0

Release notes

Sourced from globals's releases.

v17.4.0

• Update globals (2026-03-01) (#338) d43a051

---

sindresorhus/globals@v17.3.0...v17.4.0

Commits

• a9cfd74 17.4.0
• d43a051 Update globals (2026-03-01) (#338)
• See full diff in compare view

Updates prettier-plugin-svelte from 3.5.0 to 3.5.1

Changelog

Sourced from prettier-plugin-svelte's changelog.

3.5.1

• (fix) Svelte 5: print trailing attribute comments

Commits

• c4b7844 fix: Svelte 5 - print trailing attribute comments (#513)
• 524bdc0 chore: bump pkg
• See full diff in compare view

Updates tailwindcss from 4.2.0 to 4.2.1

Release notes

Sourced from tailwindcss's releases.

v4.2.1

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Changelog

Sourced from tailwindcss's changelog.

[4.2.1] - 2026-02-23

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

Commits

• 1dce64e 4.2.1 (#19714)
• d15d92c Allow trailing dash in functional utility names (#19696)
• See full diff in compare view

Updates typescript-eslint from 8.56.0 to 8.56.1

Release notes

Sourced from typescript-eslint's releases.

v8.56.1

8.56.1 (2026-02-23)

What's Changed

• chore(deps): update dependency minimatch to v10.2.2 by @​benmccann in typescript-eslint/typescript-eslint#12074

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.56.1 (2026-02-23)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 96a04a9 chore(release): publish 8.56.1
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

❌ Deploy Preview for dds-wg failed.

Name	Link
🔨 Latest commit	041c82c
🔍 Latest deploy log	https://app.netlify.com/projects/dds-wg/deploys/69acd762389cad0008dc06d7