chore(deps-dev): bump typedoc from 0.28.10 to 0.28.15

[dependabot]

Bumps typedoc from 0.28.10 to 0.28.15.

Release notes

Sourced from typedoc's releases.

v0.28.15

Features

• The gitRevision option now accepts the special value {branch}, which indicates source links should use the current git branch for links, #3041.
• Introduced validation.invalidPath for suppressing warnings caused by referencing relative paths which do not exist when building the documentation, #3033.
• API: Introduced Logger.validationWarning for validation which occurs during conversion rather than during TypeDoc's normal validation step, #3033.

v0.28.14

Features

• Introduced the preservedTypeAnnotationTags option to specify tags whose type annotations should be copied to the output documentation, #3020. API: Introduced typeAnnotation on CommentTag
• Added excludePrivateClassFields option to hide #private members while allowing private members, #3017.
• Added support for TypeScript's @this tag for JS files which describe this parameters, #3026.

Bug Fixes

• Fixed conversion of auto-accessor types on properties with the accessor keyword, #3019.
• Improved handling of HTML tags within headers for anchor generation, #3023.
• Improved support for detecting destructured parameters and renaming them to the name used in the doc comment, #3026.

v0.28.13

Features

• The basePath option now also affects relative link resolution, TypeDoc will also check for paths relative to the provided base path. If you instead want TypeDoc to only change the rendered base path for sources, use the displayBasePath option, #3009.

Bug Fixes

• Fixed bug introduced in 0.28.8 where TypeDoc could not render docs with some mixin classes, #3007.
• @inheritDoc will now correctly overwrite @remarks and @returns blocks on the target comment, #3012.
• The externalSymbolLinkMappings option now works properly on links pointing to inherited/overwritten signatures, #3014.

v0.28.12

Bug Fixes

• Variables marked with @enum now work for symbols imported from another module, #3003.
• Improved magic introduced with #2999 to work with imported symbols, #3003.
• Fixed relative link resolution to file names containing percent encoded URLs, #3006.
• Linking to the project's README file with a relative link will now behave as expected, #3006.
• Reduced unnecessary HTML element rendering in default theme.

... (truncated)

Changelog

Sourced from typedoc's changelog.

v0.28.15 (2025-11-29)

Features

• The gitRevision option now accepts the special value {branch}, which indicates source links should use the current git branch for links, #3041.
• Introduced validation.invalidPath for suppressing warnings caused by referencing relative paths which do not exist when building the documentation, #3033.
• API: Introduced Logger.validationWarning for validation which occurs during conversion rather than during TypeDoc's normal validation step, #3033.

v0.28.14 (2025-10-11)

Features

• Introduced the preservedTypeAnnotationTags option to specify tags whose type annotations should be copied to the output documentation, #3020. API: Introduced typeAnnotation on CommentTag
• Added excludePrivateClassFields option to hide #private members while allowing private members, #3017.
• Added support for TypeScript's @this tag for JS files which describe this parameters, #3026.
• API: Re-introduced relevanceBoost on DeclarationReflection for plugin use, #3036.

Bug Fixes

• Fixed conversion of auto-accessor types on properties with the accessor keyword, #3019.
• Improved handling of HTML tags within headers for anchor generation, #3023.
• Improved support for detecting destructured parameters and renaming them to the name used in the doc comment, #3026.
• Constructor type parameters will now inherit their class's type parameter descriptions if not otherwise specified, #3031.
• Fixed compatibility with @microsoft/tsdoc-config version 0.18.0, #3035.
• Custom theme icons will now be used in the "On This Page" sidebar, #3039.

Thanks!

• @​iclanton
• @​jonchardy

v0.28.13 (2025-09-14)

Features

• The basePath option now also affects relative link resolution, TypeDoc will also check for paths relative to the provided base path. If you instead want TypeDoc to only change the rendered base path for sources, use the displayBasePath option, #3009.

Bug Fixes

• Fixed bug introduced in 0.28.8 where TypeDoc could not render docs with some mixin classes, #3007.
• @inheritDoc will now correctly overwrite @remarks and @returns blocks on the target comment, #3012.
• The externalSymbolLinkMappings option now works properly on links pointing to inherited/overwritten signatures, #3014.

... (truncated)

Commits

• 6c9220e Update changelog for release
• 081712a Bump version to 0.28.15
• 8944d63 Update dprint plugins
• b0dcca6 Update dependencies
• 81fbdf3 Add {branch} option to gitRevision
• fd3344f Add validation.invalidPath
• 88cd991 Thank contributors
• 114b190 Copy type param descriptions to constructors
• 3e70b65 Merge pull request #3035 from iclanton/remove-jsx
• 9906145 Update site/tags/typescript.md
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@gerrit0/mini-shiki	3.17.0	Unknown	Unknown
npm/@shikijs/engine-oniguruma	3.17.0	🟢 5	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review 🟢 5 Found 17/30 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/@shikijs/langs	3.17.0	🟢 5	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review 🟢 5 Found 17/30 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/@shikijs/themes	3.17.0	🟢 5	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review 🟢 5 Found 17/30 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/@shikijs/types	3.17.0	🟢 5	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Code-Review 🟢 5 Found 17/30 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/typedoc	0.28.15	🟢 6.3	Details Check Score Reason Code-Review ⚠️ 1 Prow code reviews found for 3 commits out of the last 30 -- score normalized to 1 Maintained 🟢 10 30 commit(s) out of 30 and 25 issue activity out of 30 found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no badge detected Vulnerabilities 🟢 10 no vulnerabilities detected Token-Permissions ⚠️ 0 non read-only tokens detected in GitHub workflows Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Packaging ⚠️ -1 no published package detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 7 dependency not pinned by hash detected -- score normalized to 7 Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed

Scanned Files

• package-lock.json