Bump the production-dependencies group across 1 directory with 20 updates by dependabot[bot] · Pull Request #79 · float3/float3.github.io

dependabot · 2025-09-15T14:15:15Z

Bumps the production-dependencies group with 20 updates in the / directory:

Package	From	To
@floating-ui/dom	`1.7.1`	`1.7.4`
@napi-rs/simple-git	`0.1.19`	`0.1.22`
chalk	`5.4.1`	`5.6.2`
flexsearch	`0.8.205`	`0.8.212`
is-absolute-url	`4.0.1`	`5.0.0`
mermaid	`11.6.0`	`11.11.0`
pixi.js	`8.10.1`	`8.13.2`
pnpm	`10.12.1`	`10.16.1`
preact	`10.26.8`	`10.27.2`
preact-render-to-string	`6.5.13`	`6.6.1`
pretty-bytes	`7.0.0`	`7.0.1`
react	`19.1.0`	`19.1.1`
@types/react	`19.1.6`	`19.1.13`
sass-migrator	`2.3.2`	`2.4.2`
satori	`0.15.2`	`0.18.2`
sharp	`0.34.2`	`0.34.3`
workerpool	`9.3.2`	`9.3.4`
ws	`8.18.2`	`8.18.3`
esbuild	`0.25.5`	`0.25.9`
tsx	`4.19.4`	`4.20.5`

Updates @floating-ui/dom from 1.7.1 to 1.7.4

Release notes

Sourced from @floating-ui/dom's releases.

@floating-ui/dom@1.7.4

Patch Changes

fix(getViewportRect): account for space left by scrollbar-gutter: stable

@floating-ui/dom@1.7.3

Patch Changes

Update dependencies: @floating-ui/core@1.7.3

@floating-ui/dom@1.7.2

Patch Changes

perf: reduce memory allocations

Update dependencies: @floating-ui/utils@0.2.10, @floating-ui/core@1.7.2

Changelog

Sourced from @floating-ui/dom's changelog.

1.7.4

Patch Changes

fix(getViewportRect): account for space left by scrollbar-gutter: stable

1.7.3

Patch Changes

Update dependencies: @floating-ui/core@1.7.3

1.7.2

Patch Changes

perf: reduce memory allocations

Update dependencies: @floating-ui/utils@0.2.10, @floating-ui/core@1.7.2

Commits

7c33a3d chore: version packages (#3388)
8b34295 fix(getViewportRect): account for scrollbar-gutter: stable space (#3387)
38f8b5a chore: version packages (#3377)
693c9cc fix(flip): ensure perpendicular axis flips with crossAxis alignment (#3376)
9497a55 chore: version packages (#3354)
ac2af58 perf: reduce additional memory allocations
See full diff in compare view

Updates @napi-rs/simple-git from 0.1.19 to 0.1.22

Release notes

Sourced from @napi-rs/simple-git's releases.

v0.1.22

What's Changed

Replace unmaintained goto-bus-stop/setup-zig with mlugg/setup-zig action by @Copilot in Brooooooklyn/simple-git#96

chore(deps): update actions/download-artifact action to v5 by @renovate[bot] in Brooooooklyn/simple-git#97

chore: clippy fix and npm trusted publisher by @Brooooooklyn in Brooooooklyn/simple-git#99

New Contributors

@Copilot made their first contribution in Brooooooklyn/simple-git#96

Full Changelog: Brooooooklyn/simple-git@v0.1.21...v0.1.22

v0.1.21

What's Changed

chore(deps): update cross-platform-actions/action action to v0.29.0 by @renovate[bot] in Brooooooklyn/simple-git#94

fix: link libz.a on Linux x64 gnu by @Brooooooklyn in Brooooooklyn/simple-git#95

Full Changelog: Brooooooklyn/simple-git@v0.1.20...v0.1.21

v0.1.20

What's Changed

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#62

chore(deps): update yarn to v4.5.0 by @renovate[bot] in Brooooooklyn/simple-git#63

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#64

chore(deps): update yarn to v4.5.1 by @renovate[bot] in Brooooooklyn/simple-git#65

chore(deps): update dependency @types/node to v22 by @renovate[bot] in Brooooooklyn/simple-git#66

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#67

chore(deps): update yarn to v4.5.2 by @renovate[bot] in Brooooooklyn/simple-git#68

chore(deps): update yarn to v4.5.3 by @renovate[bot] in Brooooooklyn/simple-git#69

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#70

chore(deps): update cross-platform-actions/action action to v0.26.0 by @renovate[bot] in Brooooooklyn/simple-git#72

chore(deps): update yarn to v4.6.0 by @renovate[bot] in Brooooooklyn/simple-git#73

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#74

fix(deps): update rust crate git2 to 0.20 by @renovate[bot] in Brooooooklyn/simple-git#75

chore(deps): update cross-platform-actions/action action to v0.27.0 by @renovate[bot] in Brooooooklyn/simple-git#77

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#78

chore(deps): update yarn to v4.7.0 by @renovate[bot] in Brooooooklyn/simple-git#79

chore(deps): update yarn to v4.8.0 by @renovate[bot] in Brooooooklyn/simple-git#80

chore(deps): update yarn to v4.8.1 by @renovate[bot] in Brooooooklyn/simple-git#81

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#82

chore(deps): update yarn to v4.9.0 by @renovate[bot] in Brooooooklyn/simple-git#83

chore(deps): update yarn to v4.9.1 by @renovate[bot] in Brooooooklyn/simple-git#84

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#85

chore(deps): update cross-platform-actions/action action to v0.28.0 by @renovate[bot] in Brooooooklyn/simple-git#86

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#87

chore(deps): update yarn to v4.9.2 by @renovate[bot] in Brooooooklyn/simple-git#88

chore(deps): lock file maintenance by @renovate[bot] in Brooooooklyn/simple-git#89

feat: upgrade to NAPI-RS 3.0 by @Brooooooklyn in Brooooooklyn/simple-git#93

... (truncated)

Commits

7d01607 0.1.22
5792944 chore: fix preversion script
6cbeb6e chore: clippy fix and npm trusted publisher (#99)
a1dfc9b chore(deps): update actions/download-artifact action to v5 (#97)
919cd79 ci: replace unmaintained goto-bus-stop/setup-zig with mlugg/setup-zig action ...
3b580ef 0.1.21
a36a282 fix: link libz.a on Linux x64 gnu (#95)
bb9e05e chore(deps): update cross-platform-actions/action action to v0.29.0 (#94)
dea17f8 0.1.20
b66275d feat: upgrade to NAPI-RS 3.0 (#93)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @napi-rs/simple-git since your current version.

Updates chalk from 5.4.1 to 5.6.2

Release notes

Sourced from chalk's releases.

v5.6.2

Fix vulnerability in 5.6.1, see: chalk/chalk#656

v5.6.0

Make WezTerm terminal use true color a8f5bf7

chalk/chalk@v5.5.0...v5.6.0

v5.5.0

Make Ghostty terminal use true color (#653) 79ee2d3

chalk/chalk@v5.4.1...v5.5.0

Commits

5155778 5.6.2
5c91505 5.6.0
a8f5bf7 Make WezTerm terminal use true color
67db246 5.5.0
79ee2d3 Make Ghostty terminal use true color (#653)
See full diff in compare view

Updates flexsearch from 0.8.205 to 0.8.212

Commits

See full diff in compare view

Updates is-absolute-url from 4.0.1 to 5.0.0

Release notes

Sourced from is-absolute-url's releases.

v5.0.0

Breaking

Require Node.js 20 430699d

It now only allows http:// and https:// protocols by default 05e1989

To get the old behavior, pass in {httpOnly: false}

Improvements

Add httpOnly option and make it the default 05e1989

sindresorhus/is-absolute-url@v4.0.1...v5.0.0

Commits

76c6aff 5.0.0
05e1989 Add httpOnly option and make it the default
430699d Require Node.js 20
See full diff in compare view

Updates mermaid from 11.6.0 to 11.11.0

Release notes

Sourced from mermaid's releases.

mermaid@11.11.0

Minor Changes

#6704 012530e Thanks @omkarht! - feat: Added support for new participant types (actor, boundary, control, entity, database, collections, queue) in sequenceDiagram.

#6802 c8e5027 Thanks @darshanr0107! - feat: Update mindmap rendering to support multiple layouts, improved edge intersections, and new shapes

Patch Changes

#6905 33bc4a0 Thanks @darshanr0107! - fix: Render newlines as spaces in class diagrams

#6886 e0b45c2 Thanks @darshanr0107! - fix: Handle arrows correctly when auto number is enabled

mermaid@11.10.1

Patch Changes

#6886 e0b45c2 Thanks @darshanr0107! - fix: Handle arrows correctly when auto number is enabled

mermaid@11.10.0

Minor Changes

#6744 daf8d8d Thanks @SpecularAura! - feat: Added support for per link curve styling in flowchart diagram using edge ids

Patch Changes

#6857 b9ef683 Thanks @knsv! - feat: Exposing elk configuration forceNodeModelOrder and considerModelOrder to the mermaid configuration

#6653 2c0931d Thanks @darshanr0107! - chore: Remove the "-beta" suffix from the XYChart, Block, Sankey diagrams to reflect their stable status

#6683 33e08da Thanks @darshanr0107! - fix: Position the edge label in state diagram correctly relative to the edge

#6693 814b68b Thanks @darshanr0107! - fix: Apply correct dateFormat in Gantt chart to show only day when specified

#6734 fce7cab Thanks @darshanr0107! - fix: handle exclude dates properly in Gantt charts when using dateFormat: 'YYYY-MM-DD HH:mm:ss'

#6733 fc07f0d Thanks @omkarht! - fix: fixed connection gaps in flowchart for roundedRect, stadium and diamond shape

#6876 12e01bd Thanks @sidharthv96! - fix: sanitize icon labels and icon SVGs

Resolves CVE-2025-54880 reported by @fourcube

#6801 01aaef3 Thanks @sidharthv96! - fix: Update casing of ID in requirement diagram

#6796 c36cd05 Thanks @HashanCP! - fix: Make flowchart elk detector regex match less greedy

#6702 8bb29fc Thanks @qraqras! - fix(block): overflowing blocks no longer affect later lines

This may change the layout of block diagrams that have overflowing lines (i.e. block diagrams that use up more columns that the columns specifier).

... (truncated)

Commits

9c85521 Merge pull request #6914 from mermaid-js/changeset-release/master
8a565bc Version Packages
baf510b Merge pull request #6912 from mermaid-js/develop
c1f2d05 Merge pull request #6913 from mermaid-js/fix/mindmap-cypress-visual-tests
bce40e1 fix: resolve failing Cypress visual tests for mindmap diagrams
f47dec3 Merge pull request #6911 from mermaid-js/update-timings
88dc4be chore: update E2E timings
e923208 Merge pull request #6802 from mermaid-js/knsv/mindmap-refactoring
e96614a Merge pull request #6895 from shanti2530/docs/xychart-plotcolorpalette-example
73115cb [autofix.ci] apply automated fixes
Additional commits viewable in compare view

Updates pixi.js from 8.10.1 to 8.13.2

Release notes

Sourced from pixi.js's releases.

v8.13.2

💾 Download

Installation:
npm install pixi.js@8.13.2
Development Build:

https://cdn.jsdelivr.net/npm/pixi.js@8.13.2/dist/pixi.js

https://cdn.jsdelivr.net/npm/pixi.js@8.13.2/dist/pixi.mjs

Production Build:

https://cdn.jsdelivr.net/npm/pixi.js@8.13.2/dist/pixi.min.js

https://cdn.jsdelivr.net/npm/pixi.js@8.13.2/dist/pixi.min.mjs

Documentation:

https://pixijs.download/v8.13.2/docs/index.html

Changed

pixijs/pixijs@v8.13.1...v8.13.2

🐛 Fixed

fix: application destroy for graphics by @Zyie in pixijs/pixijs#11659

fix: recalculate the boundaries of GraphicsContext regardless of rendering dirty state by @mayakwd in pixijs/pixijs#11671

fix: destroy of prepared but not rendered text should not throw an error by @mayakwd in pixijs/pixijs#11672

v8.13.1

💾 Download

Installation:
npm install pixi.js@8.13.1
Development Build:

https://cdn.jsdelivr.net/npm/pixi.js@8.13.1/dist/pixi.js

https://cdn.jsdelivr.net/npm/pixi.js@8.13.1/dist/pixi.mjs

Production Build:

https://cdn.jsdelivr.net/npm/pixi.js@8.13.1/dist/pixi.min.js

https://cdn.jsdelivr.net/npm/pixi.js@8.13.1/dist/pixi.min.mjs

Documentation:

https://pixijs.download/v8.13.1/docs/index.html

Changed

pixijs/pixijs@v8.13.0...v8.13.1

🐛 Fixed

... (truncated)

Commits

8eee29c v8.13.2
2fd06dc fix: application destroy for graphics (#11659)
f3ed022 fix: recalculate the boundaries of GraphicsContext regardless of rendering ...
fbf2049 fix: destroy of prepared but not rendered text should not throw an error (#11...
f601213 v8.13.1
19c6148 fix: fix accessibility debug div tabIndex label (#11654) (#11655)
e8814f8 fix: text texture incorrectly released when destroyed (#11658)
2094ca5 v8.13.0
e301117 feat: simplified caching for text (#11505)
6aeb34a fix: memory leaks in renderer systems (#11581)
Additional commits viewable in compare view

Updates pnpm from 10.12.1 to 10.16.1

Release notes

Sourced from pnpm's releases.

pnpm 10.16.1

Patch Changes

The full metadata cache should be stored not at the same location as the abbreviated metadata. This fixes a bug where pnpm was loading the abbreviated metadata from cache and couldn't find the "time" field as a result #9963.

Forcibly disable ANSI color codes when generating patch diff #9914.

Platinum Sponsors

Gold Sponsors

... (truncated)

Changelog

Sourced from pnpm's changelog.

10.16.1

Patch Changes

The full metadata cache should be stored not at the same location as the abbreviated metadata. This fixes a bug where pnpm was loading the abbreviated metadata from cache and couldn't find the "time" field as a result #9963.

Forcibly disable ANSI color codes when generating patch diff #9914.

10.16.0

Minor Changes
There have been several incidents recently where popular packages were successfully attacked. To reduce the risk of installing a compromised version, we are introducing a new setting that delays the installation of newly released dependencies. In most cases, such attacks are discovered quickly and the malicious versions are removed from the registry within an hour.

The new setting is called minimumReleaseAge. It specifies the number of minutes that must pass after a version is published before pnpm will install it. For example, setting minimumReleaseAge: 1440 ensures that only packages released at least one day ago can be installed.

If you set minimumReleaseAge but need to disable this restriction for certain dependencies, you can list them under the minimumReleaseAgeExclude setting. For instance, with the following configuration pnpm will always install the latest version of webpack, regardless of its release time:
minimumReleaseAgeExclude:
  - webpack
Related issue: #9921.
Added support for finders #9946.

In the past, pnpm list and pnpm why could only search for dependencies by name (and optionally version). For example:
pnpm why minimist
prints the chain of dependencies to any installed instance of minimist:
verdaccio 5.20.1
├─┬ handlebars 4.7.7
│ └── minimist 1.2.8
└─┬ mv 2.1.1
  └─┬ mkdirp 0.5.6
    └── minimist 1.2.8
What if we want to search by other properties of a dependency, not just its name? For instance, find all packages that have react@17 in their peer dependencies?

This is now possible with "finder functions". Finder functions can be declared in .pnpmfile.cjs and invoked with the --find-by=<function name> flag when running pnpm list or pnpm why.

Let's say we want to find any dependencies that have React 17 in peer dependencies. We can add this finder to our .pnpmfile.cjs:

... (truncated)

Commits

ea44ff9 chore(release): 10.16.1
a3c1498 chore(release): 10.16.0
e792927 feat: support finder functions for performing complex searches with list and ...
3d1711a chore(release): 10.15.1
f1552d1 refactor: replace p-any with Promise.any (#9911)
979ce80 chore(release): 10.15.0
facd765 refactor: always use extensions in relative imports (#9878)
c89c93d test: use @jest/globals (#9877)
14c78e8 test: use jest.mocked (#9874)
ba5f447 chore: update registry-mock to v5
Additional commits viewable in compare view

Updates preact from 10.26.8 to 10.27.2

Release notes

Sourced from preact's releases.

10.27.2

Types

Mirror non-JSX types to the 'preact' namespace (#4904, thanks @rschristian)

Fixes

Address memory leak (#4906, thanks @JoviDeCroock)

10.27.1

Performance

Avoid re-inserting children during bailout (#4890, thanks @vasylenkoval)

Types

add missing React.Key (#4864, thanks @shyguy1412)

make React.SVGAttributes generic (#4863, thanks @shyguy1412)

Fixes

Add .render property referencing original render function (#4870, thanks @upupming)

Add .type property referencing original component (#4869, thanks @upupming)

Maintenance

Fix benchmarks for v10.x (#4891, thanks @rschristian)

Correct contributing docs (#4861, thanks @JoviDeCroock)

10.27.0

Features

Update refcallback type to reflect possibility of returning cleanup function and add debug helper exports (#4860, thanks @rschristian)

Backport of preactjs/preact#4830 and preactjs/preact#4801

Fixes

Ensure we rerender after a suspensefully hydrating boundary throws an… (#4856, thanks @JoviDeCroock)

Maintenance

Update 'replaceNode' deprecation comment to point at new shim (#4844, thanks @rschristian)

Reduce some repeated logic (#4814) (#4821, thanks @JoviDeCroock)

10.26.9

Fixes

Export test-utils from compat by @rawrmonstar in preactjs/preact#4783

Escape style object value in precompile transform by @marvinhagemeister in preactjs/preact#4795

Fix signal attribute values not working with precompile transform by @marvinhagemeister in preactjs/preact#4798

... (truncated)

Commits

0dbe636 10.27.2 (#4917)
b0cb7c5 ci: Revert #4911 (#4912)
3e86d02 ci: Kickstart benches again in v10.x w/ successful run (#4911)
0be5d20 refactor (v10): Mirror non-JSX types to the 'preact' namespace (#4904)
a1039cc Prevent frequently updated components from retaining memory (#4906)
02b52e6 10.27.1 (#4892)
28a56ca ci: Fix benchmarks workflow for v10.x (#4891)
d92da32 Port #4888 to v10 (#4890)
89ad340 Merge pull request #4870 from upupming/v10.x-forward-ref-render-field
d698fd2 Merge pull request #4869 from upupming/v10.x-memo-type-field
Additional commits viewable in compare view

Updates preact-render-to-string from 6.5.13 to 6.6.1

Release notes

Sourced from preact-render-to-string's releases.

v6.6.1

Patch Changes

#427 f3f7aab Thanks @rschristian! - Correct semver range to support beta releases of Preact v11

v6.6.0

Minor Changes

#376 81e7da3 Thanks @JoviDeCroock! - Insert comment markers for suspended trees, only in renderToStringAsync

Patch Changes

#425 e750ba1 Thanks @rschristian! - Expand semver range to support the upcoming v11 beta release

#413 27f340b Thanks @f0x52! - Fix async rendering of multiple suspended components in a single Suspense boundary

#424 e7d241c Thanks @JoviDeCroock! - Fix support for signals, we need to detect and unwrap the signal

#423 ec0b614 Thanks @JoviDeCroock! - Add support for new component bits

#417 441dea2 Thanks @rschristian! - Only abort/report errors from renderToPipeableStream() if the stream hasn't already been closed

Changelog

Sourced from preact-render-to-string's changelog.

6.6.1

Patch Changes

#427 f3f7aab Thanks @rschristian! - Correct semver range to support beta releases of Preact v11

6.6.0

Minor Changes

#376 81e7da3 Thanks @JoviDeCroock! - Insert comment markers for suspended trees, only in renderToStringAsync

Patch Changes

#425 e750ba1 Thanks @rschristian! - Expand semver range to support the upcoming v11 beta release

#413 27f340b Thanks @f0x52! - Fix async rendering of multiple suspended components in a single Suspense boundary

#424 e7d241c Thanks @JoviDeCroock! - Fix support for signals, we need to detect and unwrap the signal

#423 ec0b614 Thanks @JoviDeCroock! - Add support for new component bits

#417 441dea2 Thanks @rschristian! - Only abort/report errors from renderToPipeableStream() if the stream hasn't already been closed

Commits

a7a02d4 Version Packages (#428)
f3f7aab fix: Correct semver ranges for v11 beta releases (#427)
abed487 Version Packages (#412)
7d7cc03 Remove unused import (#426)
a911cec Merge pull request #425 from preactjs/chore/expand-semver-for-v11
e750ba1 docs: Add changeset
d995278 chore: Expand semver range for v11
4a8d4a0 Merge pull request #424 from preactjs/fix-signals-support
a5fc66b Ducktype
ec0b614 Support new dirty bit (#423)
Additional commits viewable in compare view

Updates pretty-bytes from 7.0.0 to 7.0.1

Release notes

Sourced from pretty-bytes's releases.

v7.0.1

Fix precision with the binary option (#88) c9fd951

sindresorhus/pretty-bytes@v7.0.0...v7.0.1

Commits

3c77fd1 7.0.1
c9fd951 Fix precision with the binary option (#88)
4186190 Fix CI
See full diff in compare view

Updates react from 19.1.0 to 19.1.1

Release notes

Sourced from react's releases.

19.1.1 (July 28, 2025)

React

Fixed Owner Stacks to work with ES2015 function.name semantics (#33680 by @hoxyq)

Changelog

Sourced from react's changelog.

19.1.1 (July 28, 2025)

React

Fixed Owner Stacks to work with ES2015 function.name semantics (#33680 by @hoxyq)

Commits

87e33ca Set release versions to 19.1.1
5a1eb6f fix: rename bottom stack frame (#33680)
See full diff in compare view

Updates @types/react from 19.1.6 to 19.1.13

Commits

See full diff in compare view

Updates sass-migrator from 2.3.2 to 2.4.2

Release notes

Sourced from sass-migrator's releases.

Sass Migrator 2.4.2

Module Migration

Late @import rules can now be hoisted above safe at-rules in the same file.

Fix a typo in the error message for late @import rules that could not be migrated.

Fix a bug where hoisted @use rules with configuration would have incorrect syntax.

See the full changelog for changes in earlier releases.

Sass Migrator 2.4.1

Module Migrator

Fix a bug where a duplicate namespace would be added to a reassignment of a variable from another module when running on a partially migrated file.

See the full changelog for changes in earlier releases.

Sass Migrator 2.4.0

Module System Migration

Better handling of late @import rules. Previously, these were treated identically to nested imports, but now they can be hoisted to the top of the file where @use is allowed if they do not emit any CSS.

To allow the migrator to hoist even late imports that do emit CSS, use the --unsafe-hoist flag. @import rules that emit CSS will still be converted to meta.load-css() even with this flag if no Sass members are referenced from them.

If there are any plain CSS at-rules that are used by your post-processing tools but never actually result in meaningful CSS, you can pass them (without the @) to --safe-at-rule so that the migrator doesn't consider them to emit CSS when handling late imports.

The migrator's behavior when encountering actual nested imports remains unchanged.

Fix a bug that resulted in duplicate @use rules when migrating stylesheets that contained both a @use and an @import of the same dependency.

See the full changelog for changes in earlier releases.

Sass Migrator 2.3.3

Module System Migration

Fix some bugs in the conversion of private names that are referenced across files to public names, especially when --remove-prefix and/or multiple leading dashes/underscores are involved.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass-migrator's changelog.

2.4.2

Module Migration

Late @import rules can now be hoisted above safe at-rules in the same file.

Fix a typo in the error message for late @import rules that could not be migrated.

Fix a bug where hoisted @use rules with configuration would have incorrect syntax.

2.4.1

Module Migrator

Fix a bug where a duplicate namespace would be added to a reassignment of a variable from another module when running on a partially migrated file.

2.4.0

Module Migrator

Better handling of late @import rules. Previously, these were treated identically to nested imports, but now they can be hoisted to the top of the file where @use is allowed if they do not emit any CSS.

To allow the migrator to hoist even late imports that do emit CSS, use the --unsafe-hoist flag. @import rules that emit CSS will still be converted to meta.load-css() even with this flag if no Sass members are referenced from them.

If there are any plain CSS at-rules that are used by your post-processing tools but never actually result in meaningful CSS, you can pass them (without the @) to --safe-at-rule so that the migrator doesn't consider them to emit CSS when handling late imports.

The migrator's behavior when encountering actual nested imports remains unchanged.

Fix a bug that resulted in duplicate @use rules when migrating stylesheets that contained both a @use and an @import of the same dependency.

2.3.3

Module Migrator

Fix some bugs in the conversion of private names that are referenced across files to public names, especially when --remove-prefix and/or multiple leading dashes/underscores are involved.

Commits

463b1f4 Improved late import hoisting (

…ates Bumps the production-dependencies group with 20 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) | `1.7.1` | `1.7.4` | | [@napi-rs/simple-git](https://github.com/Brooooooklyn/simple-git) | `0.1.19` | `0.1.22` | | [chalk](https://github.com/chalk/chalk) | `5.4.1` | `5.6.2` | | [flexsearch](https://github.com/nextapps-de/flexsearch) | `0.8.205` | `0.8.212` | | [is-absolute-url](https://github.com/sindresorhus/is-absolute-url) | `4.0.1` | `5.0.0` | | [mermaid](https://github.com/mermaid-js/mermaid) | `11.6.0` | `11.11.0` | | [pixi.js](https://github.com/pixijs/pixijs) | `8.10.1` | `8.13.2` | | [pnpm](https://github.com/pnpm/pnpm/tree/HEAD/pnpm) | `10.12.1` | `10.16.1` | | [preact](https://github.com/preactjs/preact) | `10.26.8` | `10.27.2` | | [preact-render-to-string](https://github.com/preactjs/preact-render-to-string) | `6.5.13` | `6.6.1` | | [pretty-bytes](https://github.com/sindresorhus/pretty-bytes) | `7.0.0` | `7.0.1` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.1.0` | `19.1.1` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.1.6` | `19.1.13` | | [sass-migrator](https://github.com/sass/migrator) | `2.3.2` | `2.4.2` | | [satori](https://github.com/vercel/satori) | `0.15.2` | `0.18.2` | | [sharp](https://github.com/lovell/sharp) | `0.34.2` | `0.34.3` | | [workerpool](https://github.com/josdejong/workerpool) | `9.3.2` | `9.3.4` | | [ws](https://github.com/websockets/ws) | `8.18.2` | `8.18.3` | | [esbuild](https://github.com/evanw/esbuild) | `0.25.5` | `0.25.9` | | [tsx](https://github.com/privatenumber/tsx) | `4.19.4` | `4.20.5` | Updates `@floating-ui/dom` from 1.7.1 to 1.7.4 - [Release notes](https://github.com/floating-ui/floating-ui/releases) - [Changelog](https://github.com/floating-ui/floating-ui/blob/master/packages/dom/CHANGELOG.md) - [Commits](https://github.com/floating-ui/floating-ui/commits/@floating-ui/dom@1.7.4/packages/dom) Updates `@napi-rs/simple-git` from 0.1.19 to 0.1.22 - [Release notes](https://github.com/Brooooooklyn/simple-git/releases) - [Commits](Brooooooklyn/simple-git@v0.1.19...v0.1.22) Updates `chalk` from 5.4.1 to 5.6.2 - [Release notes](https://github.com/chalk/chalk/releases) - [Commits](chalk/chalk@v5.4.1...v5.6.2) Updates `flexsearch` from 0.8.205 to 0.8.212 - [Release notes](https://github.com/nextapps-de/flexsearch/releases) - [Changelog](https://github.com/nextapps-de/flexsearch/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextapps-de/flexsearch/commits) Updates `is-absolute-url` from 4.0.1 to 5.0.0 - [Release notes](https://github.com/sindresorhus/is-absolute-url/releases) - [Commits](sindresorhus/is-absolute-url@v4.0.1...v5.0.0) Updates `mermaid` from 11.6.0 to 11.11.0 - [Release notes](https://github.com/mermaid-js/mermaid/releases) - [Commits](https://github.com/mermaid-js/mermaid/compare/mermaid@11.6.0...mermaid@11.11.0) Updates `pixi.js` from 8.10.1 to 8.13.2 - [Release notes](https://github.com/pixijs/pixijs/releases) - [Commits](pixijs/pixijs@v8.10.1...v8.13.2) Updates `pnpm` from 10.12.1 to 10.16.1 - [Release notes](https://github.com/pnpm/pnpm/releases) - [Changelog](https://github.com/pnpm/pnpm/blob/main/pnpm/CHANGELOG.md) - [Commits](https://github.com/pnpm/pnpm/commits/v10.16.1/pnpm) Updates `preact` from 10.26.8 to 10.27.2 - [Release notes](https://github.com/preactjs/preact/releases) - [Commits](preactjs/preact@10.26.8...10.27.2) Updates `preact-render-to-string` from 6.5.13 to 6.6.1 - [Release notes](https://github.com/preactjs/preact-render-to-string/releases) - [Changelog](https://github.com/preactjs/preact-render-to-string/blob/main/CHANGELOG.md) - [Commits](preactjs/preact-render-to-string@v6.5.13...v6.6.1) Updates `pretty-bytes` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/sindresorhus/pretty-bytes/releases) - [Commits](sindresorhus/pretty-bytes@v7.0.0...v7.0.1) Updates `react` from 19.1.0 to 19.1.1 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.1.1/packages/react) Updates `@types/react` from 19.1.6 to 19.1.13 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `sass-migrator` from 2.3.2 to 2.4.2 - [Release notes](https://github.com/sass/migrator/releases) - [Changelog](https://github.com/sass/migrator/blob/main/CHANGELOG.md) - [Commits](sass/migrator@2.3.2...2.4.2) Updates `satori` from 0.15.2 to 0.18.2 - [Release notes](https://github.com/vercel/satori/releases) - [Commits](vercel/satori@0.15.2...0.18.2) Updates `sharp` from 0.34.2 to 0.34.3 - [Release notes](https://github.com/lovell/sharp/releases) - [Commits](lovell/sharp@v0.34.2...v0.34.3) Updates `workerpool` from 9.3.2 to 9.3.4 - [Changelog](https://github.com/josdejong/workerpool/blob/master/HISTORY.md) - [Commits](https://github.com/josdejong/workerpool/commits) Updates `ws` from 8.18.2 to 8.18.3 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.18.2...8.18.3) Updates `esbuild` from 0.25.5 to 0.25.9 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.25.5...v0.25.9) Updates `tsx` from 4.19.4 to 4.20.5 - [Release notes](https://github.com/privatenumber/tsx/releases) - [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs) - [Commits](privatenumber/tsx@v4.19.4...v4.20.5) --- updated-dependencies: - dependency-name: "@floating-ui/dom" dependency-version: 1.7.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@napi-rs/simple-git" dependency-version: 0.1.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: chalk dependency-version: 5.6.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: flexsearch dependency-version: 0.8.212 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: is-absolute-url dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: mermaid dependency-version: 11.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: pixi.js dependency-version: 8.13.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: pnpm dependency-version: 10.16.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: preact dependency-version: 10.27.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: preact-render-to-string dependency-version: 6.6.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: pretty-bytes dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: react dependency-version: 19.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: "@types/react" dependency-version: 19.1.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: sass-migrator dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: satori dependency-version: 0.18.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: sharp dependency-version: 0.34.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: workerpool dependency-version: 9.3.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: ws dependency-version: 8.18.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: esbuild dependency-version: 0.25.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: tsx dependency-version: 4.20.5 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-09-29T14:39:57Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Sep 15, 2025

dependabot bot closed this Sep 29, 2025

dependabot bot deleted the dependabot/npm_and_yarn/production-dependencies-09e505ef3d branch September 29, 2025 14:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the production-dependencies group across 1 directory with 20 updates#79

Bump the production-dependencies group across 1 directory with 20 updates#79
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/production-dependencies-09e505ef3d

dependabot bot commented on behalf of github Sep 15, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Sep 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Sep 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

@​floating-ui/dom@​1.7.4

Patch Changes

@​floating-ui/dom@​1.7.3

Patch Changes

@​floating-ui/dom@​1.7.2

Patch Changes

1.7.4

Patch Changes

1.7.3

Patch Changes

1.7.2

Patch Changes

v0.1.22

What's Changed

New Contributors

v0.1.21

What's Changed

v0.1.20

What's Changed

v5.6.2

v5.6.0

v5.5.0

v5.0.0

Breaking

Improvements

mermaid@11.11.0

Minor Changes

Patch Changes

mermaid@11.10.1

Patch Changes

mermaid@11.10.0

Minor Changes

Patch Changes

v8.13.2

💾 Download

Changed

🐛 Fixed

v8.13.1

💾 Download

Changed

🐛 Fixed

pnpm 10.16.1

Patch Changes

Platinum Sponsors

Gold Sponsors

10.16.1

Patch Changes

10.16.0

Minor Changes

10.27.2

Types

Fixes

10.27.1

Performance

Types

Fixes

Maintenance

10.27.0

Features

Fixes

Maintenance

10.26.9

Fixes

v6.6.1

Patch Changes

v6.6.0

Minor Changes

Patch Changes

6.6.1

Patch Changes

6.6.0

Minor Changes

Patch Changes

v7.0.1

19.1.1 (July 28, 2025)

React

19.1.1 (July 28, 2025)

dependabot bot commented on behalf of github Sep 15, 2025 •

edited

Loading

`@floating-ui/dom@1`.7.4

`@floating-ui/dom@1`.7.3

`@floating-ui/dom@1`.7.2