Skip to content

chore(deps): bump the patch-updates group across 1 directory with 11 updates#31

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-patch-updates-d2fa3751df
Closed

chore(deps): bump the patch-updates group across 1 directory with 11 updates#31
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-patch-updates-d2fa3751df

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 9, 2026

Copy link
Copy Markdown
Contributor

Bumps the patch-updates group with 11 updates in the / directory:

Package From To
@astrojs/check 0.9.6 0.9.9
@astrojs/rss 4.0.15 4.0.18
@astrojs/sitemap 3.7.0 3.7.2
@astrojs/svelte 7.2.3 7.2.5
@iconify-json/material-symbols 1.2.60 1.2.70
katex 0.16.38 0.16.45
react 19.2.4 19.2.6
react-dom 19.2.4 19.2.6
sanitize-html 2.17.1 2.17.3
@astrojs/ts-plugin 1.10.6 1.10.7
@biomejs/biome 2.4.6 2.4.14

Updates @astrojs/check from 0.9.6 to 0.9.9

Release notes

Sourced from @​astrojs/check's releases.

@​astrojs/check@​0.9.9

Patch Changes

Changelog

Sourced from @​astrojs/check's changelog.

0.9.9

Patch Changes

0.9.8

Patch Changes

0.9.7

Patch Changes

0.9.7-beta.1

Patch Changes

0.9.6-beta.1

Patch Changes

0.9.6-alpha.0

Patch Changes

  • Updated dependencies [df6d2d7]:
    • @​astrojs/language-server@​2.16.1-alpha.0
Commits

Updates @astrojs/rss from 4.0.15 to 4.0.18

Release notes

Sourced from @​astrojs/rss's releases.

@​astrojs/rss@​4.0.18

Patch Changes

Changelog

Sourced from @​astrojs/rss's changelog.

4.0.18

Patch Changes

4.0.17

Patch Changes

4.0.16

Patch Changes

4.0.15-beta.4

Patch Changes

4.0.15-beta.3

Patch Changes

4.0.15-beta.2

Patch Changes

4.0.15-beta.1

Patch Changes

... (truncated)

Commits

Updates @astrojs/sitemap from 3.7.0 to 3.7.2

Release notes

Sourced from @​astrojs/sitemap's releases.

@​astrojs/sitemap@​3.7.2

Patch Changes

Changelog

Sourced from @​astrojs/sitemap's changelog.

3.7.2

Patch Changes

3.7.1

Patch Changes

3.6.1-beta.3

Patch Changes

3.6.1-beta.2

Patch Changes

3.6.1-alpha.1

Patch Changes

3.6.1-alpha.0

Patch Changes

Commits

Updates @astrojs/svelte from 7.2.3 to 7.2.5

Changelog

Sourced from @​astrojs/svelte's changelog.

7.2.5

Patch Changes

7.2.4

Patch Changes

  • #15004 16f3994 Thanks @​antonyfaris! - Fixes an issue where Svelte components used in Astro files would incorrectly report type errors when using client:* directives.
Commits

Updates @iconify-json/material-symbols from 1.2.60 to 1.2.70

Commits

Updates katex from 0.16.38 to 0.16.45

Release notes

Sourced from katex's releases.

v0.16.45

0.16.45 (2026-04-05)

Bug Fixes

v0.16.44

0.16.44 (2026-03-27)

Bug Fixes

  • remove extra \jot space at bottom of align/gather/etc. (#4184) (3870ee9)

v0.16.43

0.16.43 (2026-03-26)

Bug Fixes

  • use makeEm() consistently to truncate long CSS decimals (#4181) (0967dcc)

v0.16.42

0.16.42 (2026-03-24)

Features

v0.16.41

0.16.41 (2026-03-24)

Bug Fixes

v0.16.40

0.16.40 (2026-03-20)

Bug Fixes

  • css: specify position: relative for .katex (#4170) (020f0d8)

v0.16.39

0.16.39 (2026-03-19)

... (truncated)

Changelog

Sourced from katex's changelog.

0.16.45 (2026-04-05)

Bug Fixes

0.16.44 (2026-03-27)

Bug Fixes

  • remove extra \jot space at bottom of align/gather/etc. (#4184) (3870ee9)

0.16.43 (2026-03-26)

Bug Fixes

  • use makeEm() consistently to truncate long CSS decimals (#4181) (0967dcc)

0.16.42 (2026-03-24)

Features

0.16.41 (2026-03-24)

Bug Fixes

0.16.40 (2026-03-20)

Bug Fixes

  • css: specify position: relative for .katex (#4170) (020f0d8)

0.16.39 (2026-03-19)

Bug Fixes

Commits
  • 90de979 chore(release): 0.16.45 [ci skip]
  • ee66b78 fix: wrap vcenter mpadded in mrow for valid MathML (#4193)
  • ed12205 refactor: move inline double brushs stroke to helper (#4194)
  • 434d4b8 chore(ci): upgrade to node 24 (#4189)
  • 844a324 chore(deps): bump codecov/codecov-action from 5 to 6 (#4188)
  • 5675226 chore(deps): bump actions/github-script from 7 to 8 (#4179)
  • 34ad75e chore(deps): bump actions/setup-node from 4 to 6 (#4180)
  • 2525c20 chore(deps): bump actions/upload-artifact from 4 to 7 (#4176)
  • 0b7006e chore(release): 0.16.44 [ci skip]
  • 3870ee9 fix: remove extra \jot space at bottom of align/gather/etc. (#4184)
  • Additional commits viewable in compare view

Updates react from 19.2.4 to 19.2.6

Release notes

Sourced from react's releases.

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates react-dom from 19.2.4 to 19.2.6

Release notes

Sourced from react-dom's releases.

19.2.6 (May 6th, 2026)

React Server Components

19.2.5 (April 8th, 2026)

React Server Components

Commits

Updates sanitize-html from 2.17.1 to 2.17.3

Changelog

Sourced from sanitize-html's changelog.

2.17.3 (2026-04-15)

Security

  • Fix vulnerability introduced in version 2.17.2 that allowed XSS attacks if the developer chose to permit option tags. There was no vulnerability when not explicitly allowing option tags.

2.17.2 (2026-03-19)

Changes

  • Upgrade htmlparser2 from 8.x to 10.1.0. This improves security by correctly decoding zero-padded numeric character references (e.g., &[#0000001](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/0000001)) that previously bypassed javascript: URL detection. Also fixes double-encoding of entities inside raw text elements like textarea and option.
Commits

Updates @astrojs/ts-plugin from 1.10.6 to 1.10.7

Changelog

Sourced from @​astrojs/ts-plugin's changelog.

1.10.7

Patch Changes

Commits

Updates @biomejs/biome from 2.4.6 to 2.4.14

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.14

2.4.14

Patch Changes

  • #9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

  • #10157 eefc5ab Thanks @​dyc3! - Fixed #7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

  • #10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

    A function annotated : object returning an object literal:

    function f(): object {
      return { retry: true };
    }
  • #10116 53269eb Thanks @​jiwon79! - Fixed #6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

  • #10092 33d8543 Thanks @​Conaclos! - Fixed #9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

    Given the following organizeImports options:

    {
      "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
    }

    The following code...

    // Comment
    import "package";
    import "./file.js";

    ...was organized as:

    +
      // Comment
      import "package";
    +
      import "./file.js";

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.14

Patch Changes

  • #9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

  • #10157 eefc5ab Thanks @​dyc3! - Fixed #7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

  • #10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

    A function annotated : object returning an object literal:

    function f(): object {
      return { retry: true };
    }
  • #10116 53269eb Thanks @​jiwon79! - Fixed #6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

  • #10092 33d8543 Thanks @​Conaclos! - Fixed #9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

    Given the following organizeImports options:

    {
      "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
    }

    The following code...

    // Comment
    import "package";
    import "./file.js";

    ...was organized as:

    +
      // Comment
      import "package";
    +
      import "./file.js";

    A blank line was added even though the group ':NODE:' doesn't match any imports here. :BLANK_LINE: between never-matched groups and matched groups are now ignored.

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 9, 2026
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Apr 9, 2026

Copy link
Copy Markdown

Deploying tom-chicken-blog with  Cloudflare Pages  Cloudflare Pages

Latest commit: 7bc4a9a
Status: ✅  Deploy successful!
Preview URL: https://ee0063f6.tom-chicken-blog.pages.dev
Branch Preview URL: https://dependabot-npm-and-yarn-patc-hqie.tom-chicken-blog.pages.dev

View logs

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 9, 2026
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-patch-updates-d2fa3751df branch 2 times, most recently from efc2de3 to 941cdaa Compare April 13, 2026 06:04
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-patch-updates-d2fa3751df branch from 941cdaa to 3eeb246 Compare May 8, 2026 05:59
…updates

Bumps the patch-updates group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@astrojs/check](https://github.com/withastro/astro/tree/HEAD/packages/language-tools/astro-check) | `0.9.6` | `0.9.9` |
| [@astrojs/rss](https://github.com/withastro/astro/tree/HEAD/packages/astro-rss) | `4.0.15` | `4.0.18` |
| [@astrojs/sitemap](https://github.com/withastro/astro/tree/HEAD/packages/integrations/sitemap) | `3.7.0` | `3.7.2` |
| [@astrojs/svelte](https://github.com/withastro/astro/tree/HEAD/packages/integrations/svelte) | `7.2.3` | `7.2.5` |
| [@iconify-json/material-symbols](https://github.com/iconify/icon-sets) | `1.2.60` | `1.2.70` |
| [katex](https://github.com/KaTeX/KaTeX) | `0.16.38` | `0.16.45` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.6` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.6` |
| [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) | `2.17.1` | `2.17.3` |
| [@astrojs/ts-plugin](https://github.com/withastro/astro/tree/HEAD/packages/language-tools/ts-plugin) | `1.10.6` | `1.10.7` |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.4.6` | `2.4.14` |



Updates `@astrojs/check` from 0.9.6 to 0.9.9
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/language-tools/astro-check/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/check@0.9.9/packages/language-tools/astro-check)

Updates `@astrojs/rss` from 4.0.15 to 4.0.18
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/astro-rss/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/rss@4.0.18/packages/astro-rss)

Updates `@astrojs/sitemap` from 3.7.0 to 3.7.2
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/sitemap/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/sitemap@3.7.2/packages/integrations/sitemap)

Updates `@astrojs/svelte` from 7.2.3 to 7.2.5
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/integrations/svelte/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/@astrojs/svelte@7.2.5/packages/integrations/svelte)

Updates `@iconify-json/material-symbols` from 1.2.60 to 1.2.70
- [Commits](https://github.com/iconify/icon-sets/commits)

Updates `katex` from 0.16.38 to 0.16.45
- [Release notes](https://github.com/KaTeX/KaTeX/releases)
- [Changelog](https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md)
- [Commits](KaTeX/KaTeX@v0.16.38...v0.16.45)

Updates `react` from 19.2.4 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react)

Updates `react-dom` from 19.2.4 to 19.2.6
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.2.6/packages/react-dom)

Updates `sanitize-html` from 2.17.1 to 2.17.3
- [Changelog](https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md)
- [Commits](https://github.com/apostrophecms/apostrophe/commits/sanitize-html@2.17.3/packages/sanitize-html)

Updates `@astrojs/ts-plugin` from 1.10.6 to 1.10.7
- [Release notes](https://github.com/withastro/astro/releases)
- [Changelog](https://github.com/withastro/astro/blob/main/packages/language-tools/ts-plugin/CHANGELOG.md)
- [Commits](https://github.com/withastro/astro/commits/HEAD/packages/language-tools/ts-plugin)

Updates `@biomejs/biome` from 2.4.6 to 2.4.14
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.14/packages/@biomejs/biome)

---
updated-dependencies:
- dependency-name: "@astrojs/check"
  dependency-version: 0.9.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: "@astrojs/rss"
  dependency-version: 4.0.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: "@astrojs/sitemap"
  dependency-version: 3.7.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: "@astrojs/svelte"
  dependency-version: 7.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: "@astrojs/ts-plugin"
  dependency-version: 1.10.7
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: "@biomejs/biome"
  dependency-version: 2.4.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: "@iconify-json/material-symbols"
  dependency-version: 1.2.65
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: katex
  dependency-version: 0.16.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: react
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: react-dom
  dependency-version: 19.2.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
- dependency-name: sanitize-html
  dependency-version: 2.17.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-patch-updates-d2fa3751df branch from 3eeb246 to 7bc4a9a Compare May 8, 2026 09:03
@dependabot @github

dependabot Bot commented on behalf of github May 12, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 12, 2026
@dependabot dependabot Bot deleted the dependabot-npm_and_yarn-patch-updates-d2fa3751df branch May 12, 2026 11:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants