Skip to content

Bump the npm_and_yarn group across 1 directory with 11 updates #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 11 updates #1

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 21, 2026

Bumps the npm_and_yarn group with 6 updates in the /plugins directory:

Package From To
solid-js 1.7.8 1.9.4
esbuild 0.18.12 0.25.0
vite 4.4.4 5.4.21
@babel/traverse 7.22.8 7.28.6
axios 1.4.0 1.13.2
braces 3.0.2 3.0.3

Updates solid-js from 1.7.8 to 1.9.4

Release notes

Sourced from solid-js's releases.

v1.9.0 - LGTM!

This release like the last is focusing on small quality of life improvements and adjustments that will help us move towards 2.0. So while not the most exciting release to everyone it provides some really important features and fixes to some developers.

And unlike many previous releases the vast majority of the work and features came from PRs from the community. So really all I can say is Looks Good to Me!

Better JSX Validation

While still incomplete across templates we've added JSDOM to the compiler to better detect invalid HTML at build time by comparing what we expect the template to be with what a browser would output. This now includes things that are nested we didn't detect before like putting <a> inside other <a> tags which will lead to the browser "correcting" it in less than intuitive ways.

Improved Exports

While each environment in solid-js/web has its own methods to be used in the compiler. We are now exporting the client methods from the server to prevent weird import errors. Now these methods will throw if used in this environment but shouldn't break your build.

Additionally we have seen some issues in bundlers that incorrectly feed our ESM exports back through the browser field. While this is a known issue they all pointed issues at each other and with no intention of fixing it. We have removed the browser field in this release, meaning some legacy packages may have issues resolving browser if they don't support export conditions.

This is regretful but this blocked deployments on several platforms and since this was the only fix at our disposal after two years of attempting to push this issue to the bundlers to no avail, we've moved forward with it.

Custom Element improvements

We have a few improvements to our custom element support in this release. First off we now detect elements with the is attribute as custom elements which means all the special behavior is afforded to them.

We've also improved our event handler delegating retargetting to better handle shadow DOM events. There were cases where we skipped over part of the tree.

Finally we've added the bool: attribute namespace to handle explicitly setting certain attributes according to boolean attribute rules. While this isn't necessary for built-in booleans currently we handle most attributes as properties and we lacked a specific override. But now we have it:

<my-element bool:enable={isEnabled()}></my-element>

Support for handleEvent Syntax in Non-Delegated Events

A little known thing is that events actually also support objects instead of functions (See: https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener)

We(thanks @​titoBouzout) realized we can use this mechanism as a way to set advanced rules like passive or capture on this object as way to handle all current and future event attributes that browsers might add. This way we don't need specific mechanisms like oncapture: (which is now deprecated).

Instead using on: you can set the event properties you wish.

<>
  <div on:click={{
    handleEvent(e) {
      console.log("clicked", e)
    },
    once:true
  }/>
  <div on:wheel={{
    handleEvent(e) {
      e.preventDefault() // only works on not passive events
      e.stopPropagation()  
</tr></table>

... (truncated)

Changelog

Sourced from solid-js's changelog.

Changelog

1.8.0 - 2023-10-09

I admit this is not the most exciting release from a feature standpoint. We are in that holding pattern between the end of 1.x and the start of 2.0. We recently made our new reactive experiments public and continue to build those out in public with @​solidjs/signals.

This version is more about addressing some of the fundamentals that will help us in other projects like SolidStart while we do the transition. A big part of this is applying what we have learned when doing performance benchmarks for the work that has been funded by Google Chrome Aurora.

Async and Resources need work and are too all in. It is great to have a solution but now that we have a better understanding we need to start breaking things apart into their fundamental pieces.

De-duping Streaming Serialization

This is the marquee feature of this release and is largely the work of @​lxsmnsyc. Solid has been able to serialize promises and do streaming for a couple of years now, but it was very special-cased. Now it is a generic mechanism.

This matters because it means that we have decoupled the promise serialization from Resources, and in so decoupled the whole when the stream is done from them. This opens up things like nested promises.

More so we have a mechanism now that deeply de-dupes data serialized across flushes. This is important for features like Islands where you might pass the same props to multiple Islands across different Suspense boundaries and don't want to send the data more than once. And even examples where that data can be accessed at varying depths (recursive comments in say a Hackernews site).

Hydration Improvements

Fragments for Hydration have been a bit of a pain and we keep seeming to have different issues reported around element duplication. Most commonly this has been around where there are lazy component siblings or where the fragment is top-level. After looking into and fixing an issue for Astro I decided to look at some of the oldest bugs in Solid and found it was a similar bug.

In many cases, the DOM can change throughout Hydration while doing things like streaming but we need to pause and resume hydration because code isn't available yet. While we don't create elements during hydration, getting an accurate snapshot of the DOM for the current state for future list reconciliation is a process we've had a few tries at but in 1.8 we update this in a way that makes sure it doesn't get out of date.

Also in 1.8, we have added some performance improvements to hydration in the form of not redundantly setting attributes or props as the page hydrates similar to how we don't update text. This is all migration towards a future where we don't need to do as much hydration, but it is important to note that values will be kept as they were on the server rather than how they may compute at runtime during hydration.

Smaller Templates

In 1.7 we removed unnecessary closing tags from template strings. It was a bit painful because we were a bit overzealous at first. While I believe in the end we got to a good place, ultimately all but the simplest reductions have been hidden behind a compiler flag(omitNestedClosingTags). Thanks to work from @​intrnl we are implementing another template size reduction technique of removing unnecessary quotes. Quotes are actually not required by HTML in some cases and it can add up.

Other

Fix NGINX Server Side Includes

Comments led with # are treated as special directives for a few different servers so we've needed to change our open hydration markers to $. As usual, your version of Solid and the Babel Plugin should be the same to ensure this matches up.

Better Guards on Global Scripts

Solid uses an inline HydrationScript as a way to do processing before the framework and code have loaded. To handle things like event capture and streaming. However, we didn't do a good job of guarding the right thing when multiple were added to the same page, a situation that can happen in Micro-frontends or 3rd party Islands solutions. Now the script guards against duplicate inclusion.

1.7.0 - 2023-03-30

Solid has experienced incredible growth in usage the last 6 months. Companies are using it to power production applications and SolidStart Beta has been a big part of that. As a natural part of this growth and increased use at scale we are continuing to learn what works well and what the rough edges in Solid are today.

This v1.7 release marks the beginning of the migration roadmap to v2.0. We are beginning to re-evaluate core APIs and will begin introducing new ones while reasonably deprecating older ones in a manner that eases breaking changes. Our intention is to ease the broader ecosystem into preparing for improvements that a major 2.0 will unlock for the whole community.

Improved TypeScript

Null-Asserted Control Flow

... (truncated)

Commits
  • 9316baf v1.9.4
  • 7f9cd3d lazy image, tagged template detection, security fixes
  • dca942a formatting
  • b93956f fix escaping in resolution done outside of DOM Expressions
  • 4d824b0 Merge branch 'main' of github.com:solidjs/solid
  • 199dd69 fix reconcile null guard
  • 32aa744 Improve resolving arguments in createResource (#2353)
  • 73822b2 v1.9.3
  • 5a14ab8 fix #2337 empty attributes in solid-element
  • 9b70a15 validation fixes, type updates, ssr attribute fix
  • Additional commits viewable in compare view

Updates esbuild from 0.18.12 to 0.25.0

Release notes

Sourced from esbuild's releases.

v0.25.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.24.0 or ~0.24.0. See npm's documentation about semver for more information.

  • Restrict access to esbuild's development server (GHSA-67mh-4wv8-2f99)

    This change addresses esbuild's first security vulnerability report. Previously esbuild set the Access-Control-Allow-Origin header to * to allow esbuild's development server to be flexible in how it's used for development. However, this allows the websites you visit to make HTTP requests to esbuild's local development server, which gives read-only access to your source code if the website were to fetch your source code's specific URL. You can read more information in the report.

    Starting with this release, CORS will now be disabled, and requests will now be denied if the host does not match the one provided to --serve=. The default host is 0.0.0.0, which refers to all of the IP addresses that represent the local machine (e.g. both 127.0.0.1 and 192.168.0.1). If you want to customize anything about esbuild's development server, you can put a proxy in front of esbuild and modify the incoming and/or outgoing requests.

    In addition, the serve() API call has been changed to return an array of hosts instead of a single host string. This makes it possible to determine all of the hosts that esbuild's development server will accept.

    Thanks to @​sapphi-red for reporting this issue.

  • Delete output files when a build fails in watch mode (#3643)

    It has been requested for esbuild to delete files when a build fails in watch mode. Previously esbuild left the old files in place, which could cause people to not immediately realize that the most recent build failed. With this release, esbuild will now delete all output files if a rebuild fails. Fixing the build error and triggering another rebuild will restore all output files again.

  • Fix correctness issues with the CSS nesting transform (#3620, #3877, #3933, #3997, #4005, #4037, #4038)

    This release fixes the following problems:

    • Naive expansion of CSS nesting can result in an exponential blow-up of generated CSS if each nesting level has multiple selectors. Previously esbuild sometimes collapsed individual nesting levels using :is() to limit expansion. However, this collapsing wasn't correct in some cases, so it has been removed to fix correctness issues.

      /* Original code */
.parent {
  > .a,
  > .b1 > .b2 {
    color: red;
  }
}
/* Old output (with --supported:nesting=false) */
.parent > :is(.a, .b1 > .b2) {
color: red;
}
/* New output (with --supported:nesting=false) */
.parent > .a,
.parent > .b1 > .b2 {
color: red;
}

      Thanks to @​tim-we for working on a fix.

    • The & CSS nesting selector can be repeated multiple times to increase CSS specificity. Previously esbuild ignored this possibility and incorrectly considered && to have the same specificity as &. With this release, this should now work correctly:

      /* Original code (color should be red) */

... (truncated)

Changelog

Sourced from esbuild's changelog.

Changelog: 2023

This changelog documents all esbuild versions published in the year 2023 (versions 0.16.13 through 0.19.11).

0.19.11

  • Fix TypeScript-specific class transform edge case (#3559)

    The previous release introduced an optimization that avoided transforming super() in the class constructor for TypeScript code compiled with useDefineForClassFields set to false if all class instance fields have no initializers. The rationale was that in this case, all class instance fields are omitted in the output so no changes to the constructor are needed. However, if all of this is the case and there are #private instance fields with initializers, those private instance field initializers were still being moved into the constructor. This was problematic because they were being inserted before the call to super() (since super() is now no longer transformed in that case). This release introduces an additional optimization that avoids moving the private instance field initializers into the constructor in this edge case, which generates smaller code, matches the TypeScript compiler's output more closely, and avoids this bug:

    // Original code
class Foo extends Bar {
  #private = 1;
  public: any;
  constructor() {
    super();
  }
}
// Old output (with esbuild v0.19.9)
class Foo extends Bar {
constructor() {
super();
this.#private = 1;
}
#private;
}
// Old output (with esbuild v0.19.10)
class Foo extends Bar {
constructor() {
this.#private = 1;
super();
}
#private;
}
// New output
class Foo extends Bar {
#private = 1;
constructor() {
super();
}
}

  • Minifier: allow reording a primitive past a side-effect (#3568)

    The minifier previously allowed reordering a side-effect past a primitive, but didn't handle the case of reordering a primitive past a side-effect. This additional case is now handled:

... (truncated)

Commits
  • e9174d6 publish 0.25.0 to npm
  • c27dbeb fix hosts in plugin-tests.js
  • 6794f60 fix hosts in node-unref-tests.js
  • de85afd Merge commit from fork
  • da1de1b fix #4065: bitwise operators can return bigints
  • f4e9d19 switch case liveness: default is always last
  • 7aa47c3 fix #4028: minify live/dead switch cases better
  • 22ecd30 minify: more constant folding for strict equality
  • 4cdf03c fix #4053: reordering of .tsx in node_modules
  • dc71977 fix #3692: 0 now picks a random ephemeral port
  • Additional commits viewable in compare view

Updates vite from 4.4.4 to 5.4.21

Release notes

Sourced from vite's releases.

v5.4.21

Please refer to CHANGELOG.md for details.

v5.4.20

Please refer to CHANGELOG.md for details.

v5.4.19

Please refer to CHANGELOG.md for details.

v5.4.18

Please refer to CHANGELOG.md for details.

v4.5.14

Please refer to CHANGELOG.md for details.

v4.5.13

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.4.21 (2025-10-20)

5.4.20 (2025-09-08)

5.4.19 (2025-04-30)

5.4.18 (2025-04-10)

5.4.17 (2025-04-03)

5.4.16 (2025-03-31)

5.4.15 (2025-03-24)

5.4.14 (2025-01-21)

... (truncated)

Commits

Updates @babel/traverse from 7.22.8 to 7.28.6

Release notes

Sourced from @​babel/traverse's releases.

v7.28.6 (2026-01-12)

Thanks @​kadhirash and @​kolvian for your first PRs!

🐛 Bug Fix

  • babel-cli, babel-code-frame, babel-core, babel-helper-check-duplicate-nodes, babel-helper-fixtures, babel-helper-plugin-utils, babel-node, babel-plugin-transform-flow-comments, babel-plugin-transform-modules-commonjs, babel-plugin-transform-property-mutators, babel-preset-env, babel-traverse, babel-types
  • babel-plugin-transform-regenerator
  • babel-plugin-transform-react-jsx

💅 Polish

  • babel-core, babel-standalone

🏠 Internal

  • babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-proposal-decorators, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-json-strings, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-regexp-modifiers, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-sets-regex

🏃‍♀️ Performance

  • babel-plugin-transform-react-jsx

Committers: 7

v7.28.5 (2025-10-23)

Thank you @​CO0Ki3, @​Olexandr88, and @​youthfulhps for your first PRs!

👓 Spec Compliance

🐛 Bug Fix

  • babel-plugin-proposal-destructuring-private
  • babel-parser
  • babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

Changelog

Tags:

  • 💥 [Breaking Change]
  • 👓 [Spec Compliance]
  • 🚀 [New Feature]
  • 🐛 [Bug Fix]
  • 📝 [Documentation]
  • 🏠 [Internal]
  • 💅 [Polish]

Note: Gaps between patch versions are faulty, broken or test releases.

This file contains the changelog starting from v7.15.0.

v7.28.5 (2025-10-23)

👓 Spec Compliance

🐛 Bug Fix

  • babel-plugin-proposal-destructuring-private
  • babel-parser
  • babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring
  • babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-optional-chaining, babel-traverse, babel-types
  • babel-traverse

🏠 Internal

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​babel/traverse since your current version.


Updates axios from 1.4.0 to 1.13.2

Release notes

Sourced from axios's releases.

Release v1.13.2

Release notes:

Bug Fixes

  • http: fix 'socket hang up' bug for keep-alive requests when using timeouts; (#7206) (8d37233)
  • http: use default export for http2 module to support stubs; (#7196) (0588880)

Performance Improvements

Contributors to this release

Release v1.13.1

Release notes:

Bug Fixes

  • http: fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; (#7193) (bcd5581)

Contributors to this release

Release v1.13.0

Release notes:

Bug Fixes

  • fetch: prevent TypeError when config.env is undefined (#7155) (015faec)
  • resolve issue #7131 (added spacing in mergeConfig.js) (#7133) (9b9ec98)

Features

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.13.2 (2025-11-04)

Bug Fixes

  • http: fix 'socket hang up' bug for keep-alive requests when using timeouts; (#7206) (8d37233)
  • http: use default export for http2 module to support stubs; (#7196) (0588880)

Performance Improvements

Contributors to this release

1.13.1 (2025-10-28)

Bug Fixes

  • http: fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; (#7193) (bcd5581)

Contributors to this release

1.13.0 (2025-10-27)

Bug Fixes

  • fetch: prevent TypeError when config.env is undefined (#7155) (015faec)
  • resolve issue #7131 (added spacing in mergeConfig.js) (#7133) (9b9ec98)

Features

Contributors to this release

... (truncated)

Commits
  • 08b84b5 chore(release): v1.13.2 (#7207)
  • 8d37233 fix(http): fix 'socket hang up' bug for keep-alive requests when using timeou...
  • 12c314b perf(http): fix early loop exit; (#7202)
  • f6d79e7 chore(sponsor): update sponsor block (#7203)
  • 0588880 fix(http): use default export for http2 module to support stubs; (#7196)
  • 1ef8e72 chore(release): v1.13.1 (#7194)
  • bcd5581 fix(http): fixed a regression that caused the data stream to be interrupted f...
  • c9b3371 chore: enhance styling and responsiveness in client.html (#7173)
  • 9ead04d [Release] v1.13.0 (#7189)
  • d000fbf fix(http2): fix possible race condition when handling http2 stream on almost ...
  • Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

Updates follow-redirects from 1.15.2 to 1.15.11

Commits
  • 21ef28a Release version 1.15.11 of the npm package.
  • 7c88135 Roll back tree shaking.
  • 6e389ba Release version 1.15.10 of the npm package.
  • 5bc496e Shake me up before you go-go.
  • 694d6b4 Bump minimist from 1.2.5 to 1.2.8
  • e4e55c7 Release version 1.15.9 of the npm package.
  • 31a1abf Attempt much more gentle detection.
  • d2aaa97 Fix url field.
  • 62558f0 Release version 1.15.8 of the npm package.
  • a8d1cee Return subtlety.
  • Additional commits viewable in compare view

Updates form-data from 4.0.0 to 4.0.5

Release notes

Sourced from form-data's releases.

v4.0.4

v4.0.4 - 2025-07-16

Commits

  • [meta] add auto-changelog 811f682
  • [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76
  • [Fix] Switch to using crypto random for boundary values 3d17230
  • [Tests] fix linting errors 5e34080
  • [meta] actually ensure the readme backup isn’t published 316c82b
  • [Dev Deps] update @ljharb/eslint-config 58c25d7
  • [meta] fix readme capitalization 2300ca1

v4.0.3

v4.0.3 - 2025-06-05

Fixed

Commits

  • [eslint] use a shared config 426ba9a
  • [eslint] fix some spacing issues 2094191
  • [Refactor] use hasown 81ab41b
  • [Fix] validate boundary type in setBoundary() method 8d8e469
  • [Tests] add tests to check the behavior of getBoundary with non-strings

@dependabot
Bump the npm_and_yarn group across 1 directory with 11 updates
da8a663 
Bumps the npm_and_yarn group with 6 updates in the /plugins directory:

| Package | From | To |
| --- | --- | --- |
| [solid-js](https://github.com/solidjs/solid) | `1.7.8` | `1.9.4` |
| [esbuild](https://github.com/evanw/esbuild) | `0.18.12` | `0.25.0` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `4.4.4` | `5.4.21` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.22.8` | `7.28.6` |
| [axios](https://github.com/axios/axios) | `1.4.0` | `1.13.2` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |



Updates `solid-js` from 1.7.8 to 1.9.4
- [Release notes](https://github.com/solidjs/solid/releases)
- [Changelog](https://github.com/solidjs/solid/blob/main/CHANGELOG.md)
- [Commits](solidjs/solid@v1.7.8...v1.9.4)

Updates `esbuild` from 0.18.12 to 0.25.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2023.md)
- [Commits](evanw/esbuild@v0.18.12...v0.25.0)

Updates `vite` from 4.4.4 to 5.4.21
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.21/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.21/packages/vite)

Updates `@babel/traverse` from 7.22.8 to 7.28.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.6/packages/babel-traverse)

Updates `axios` from 1.4.0 to 1.13.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.4.0...v1.13.2)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `follow-redirects` from 1.15.2 to 1.15.11
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.11)

Updates `form-data` from 4.0.0 to 4.0.5
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.0...v4.0.5)

Updates `postcss` from 8.4.26 to 8.5.6
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.26...8.5.6)

Updates `rollup` from 3.26.2 to 4.55.3
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG-3.md)
- [Commits](rollup/rollup@v3.26.2...v4.55.3)

Updates `seroval` from 0.5.1 to 1.4.2
- [Release notes](https://github.com/lxsmnsyc/seroval/releases)
- [Commits](https://github.com/lxsmnsyc/seroval/commits)

---
updated-dependencies:
- dependency-name: solid-js
  dependency-version: 1.9.4
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.25.0
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 5.4.21
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-version: 7.28.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-version: 1.13.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 8.5.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.55.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: seroval
  dependency-version: 1.4.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 21, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants