chore(deps): bump the production-dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the production-dependencies group with 12 updates in the / directory:

Package	From	To
@webgpu/types	0.1.64	0.1.68
chalk	5.6.0	5.6.2
chokidar	4.0.3	5.0.0
globby	16.0.0	16.1.0
is-absolute-url	4.0.1	5.0.0
preact-render-to-string	6.6.3	6.6.4
rimraf	6.0.1	6.1.2
satori	0.18.2	0.18.3
shiki	3.12.2	3.20.0
@types/node	24.10.1	25.0.3
esbuild	0.27.0	0.27.2
prettier	3.7.3	3.7.4

Updates @webgpu/types from 0.1.64 to 0.1.68

Commits

• bf308cc 0.1.68
• 170eb3b Roll gpuweb, clean up compat additions, fix types for proposed additions (#197)
• 1670564 0.1.67
• 6d24700 Add immediates related changes in types (#195)
• 645c8d5 0.1.66
• 8f608a0 Sync changes from generated to dist (#194)
• b3acacb Add "texture-component-swizzle" feature (#193)
• eb1d104 0.1.65
• 77b6940 Add primitive-index GPUFeatureName (#190)
• d7a9fb1 Test with TypeScript 5.9 (#189)
• Additional commits viewable in compare view

Updates chalk from 5.6.0 to 5.6.2

Release notes

Sourced from chalk's releases.

v5.6.2

• Fix vulnerability in 5.6.1, see: chalk/chalk#656

Commits

• 5155778 5.6.2
• See full diff in compare view

Updates chokidar from 4.0.3 to 5.0.0

Release notes

Sourced from chokidar's releases.

5.0.0

• Make the package ESM-only. Reduces on-disk package size from ~150kb to ~80kb
• Increase minimum node.js version to v20.19. The versions starting from it support loading esm files from cjs
• fix: Make types more precise paulmillr/chokidar#1424
• perf: re-use double slash regex paulmillr/chokidar#1435
• Update readdirp to ESM-only v5
• Lots of minor improvements in tests
• Increase security of NPM releases. Switch to token-less Trusted Publishing, with help of jsbt
• Switch compilation mode to isolatedDeclaration-based typescript for simplified auto-generated docs

New Contributors

• @​mhkeller made their first contribution in paulmillr/chokidar#1426
• @​btea made their first contribution in paulmillr/chokidar#1432

Full Changelog: paulmillr/chokidar@4.0.3...5.0.0

Commits

• c0c8d20 Release 5.0.0.
• b211cec Remove src from npm
• 8742246 Upgrade dev deps, jsbt, ci files. Upgrade readdirp to v5.
• de5a34c Merge pull request #1442 from paulmillr/flaky-buns
• c08a6c4 fix: throttle based on dir + target
• 0c55ab3 test: wait for explicit calls in directory test
• ce81be5 perf: re-use double slash regex (#1435)
• 7d9c1ed Merge pull request #1433 from paulmillr/super-matrices
• 3915541 Merge pull request #1430 from paulmillr/esm-only
• 9308bed chore: use Nodejs 24 in CI (#1432)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for chokidar since your current version.

Updates globby from 16.0.0 to 16.1.0

Release notes

Sourced from globby's releases.

v16.1.0

• Add expandNegationOnlyPatterns option eb78791
• Fix: Normalize leading-slash negation patterns before task generation 59e269f

---

sindresorhus/globby@v16.0.0...v16.1.0

Commits

• 70c011b 16.1.0
• eb78791 Add expandNegationOnlyPatterns option
• 59e269f Fix: Normalize leading-slash negation patterns before task generation
• See full diff in compare view

Updates is-absolute-url from 4.0.1 to 5.0.0

Release notes

Sourced from is-absolute-url's releases.

v5.0.0

Breaking

• Require Node.js 20 430699d
• It now only allows http:// and https:// protocols by default 05e1989
  • To get the old behavior, pass in {httpOnly: false}

Improvements

• Add httpOnly option and make it the default 05e1989

---

sindresorhus/is-absolute-url@v4.0.1...v5.0.0

Commits

• 76c6aff 5.0.0
• 05e1989 Add httpOnly option and make it the default
• 430699d Require Node.js 20
• See full diff in compare view

Updates preact-render-to-string from 6.6.3 to 6.6.4

Release notes

Sourced from preact-render-to-string's releases.

v6.6.4

Patch Changes

• #436 6bce3dd Thanks @​JoviDeCroock! - Ensure that in streaming mode throwing a suspension multiple times from the same component works

Changelog

Sourced from preact-render-to-string's changelog.

6.6.4

Patch Changes

• #436 6bce3dd Thanks @​JoviDeCroock! - Ensure that in streaming mode throwing a suspension multiple times from the same component works

Commits

• 534a37a Merge pull request #437 from preactjs/changeset-release/main
• c869f82 Bump lock version
• 909c4ac Version Packages
• 80ba7dc Merge pull request #436 from preactjs/stream-multi-throw
• 6bce3dd Ensure we can suspend from a given component more than once
• See full diff in compare view

Updates rimraf from 6.0.1 to 6.1.2

Changelog

Sourced from rimraf's changelog.

6.1

• Move to native fs/promises usage instead of promisifying manually.

6.0

• Drop support for nodes before v20
• Add --version to CLI

5.0

• No default export, only named exports

4.4

• Provide Dirent or Stats object as second argument to filter

4.3

• Return boolean indicating whether the path was fully removed
• Add filter option
• bin: add --verbose, -v to print files as they are deleted
• bin: add --no-verbose, -V to not print files as they are deleted
• bin: add -i --interactive to be prompted on each deletion
• bin: add -I --no-interactive to not be prompted on each deletion
• 4.3.1 Fixed inappropriately following symbolic links to directories

v4.2

• Brought back glob support, using the new and improved glob v9

v4.1

• Improved hybrid module with no need to look at the .default dangly bit. .default preserved as a reference to rimraf for compatibility with anyone who came to rely on it in v4.0.
• Accept and ignore -rf and -fr arguments to the bin.

v4.0

• Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
• Accept array of paths or single path.
• Windows performance and reliability improved.
• All strategies separated into explicitly exported methods.
• Drop support for Node.js below version 14
• rewrite in TypeScript

... (truncated)

Commits

• cd45498 6.1.2
• fe9a962 glob@13
• 30dc9d8 6.1.1
• 9dffc3e update glob
• b6462ea mock platform properly in test/index.ts
• 668309f ci: update typedoc action
• 18dc77a 6.1.0
• 2bd2e62 changelog 6.1
• 19311cf refactor: switch to native fs.promises
• 0c437d4 Create separate dir for integration tests
• Additional commits viewable in compare view

Updates satori from 0.18.2 to 0.18.3

Release notes

Sourced from satori's releases.

0.18.3

0.18.3 (2025-09-15)

Bug Fixes

• Support forwardRef wrapped component (#601)

Commits

• 2a0878a fix: Trigger release
• 6d0d0db Support forwardRef wrapped component (#601)
• See full diff in compare view

Updates shiki from 3.12.2 to 3.20.0

Release notes

Sourced from shiki's releases.

v3.20.0

   🚀 Features

• cli: Add --format option for html output  -  by @​Divyapahuja31 in shikijs/shiki#1211 (28dd0)

   🐞 Bug Fixes

• rehype: Handle promise rejections in lazy language loading  -  by @​ambujvashistha in shikijs/shiki#1221 (99654)
• vitepress-twoslash: Fix popper positions being recomputed too early within vitepress code groups  -  by @​Dschungelabenteuer, charles.gruenais and @​antfu in shikijs/shiki#1116 (19ea5)

   🏎 Performance

• core: Eliminate redundant tokenization call in tokenizeWithTheme  -  by @​ShivanshBhargava and @​NssGourav in shikijs/shiki#1216 (c78b1)

    View changes on GitHub

v3.19.0

   🚀 Features

• Support rootStyle: false option  -  by @​khushthecoder and @​antfu in shikijs/shiki#1184 (baf9a)
• transformers:
  • Add classActiveCode option to notation transformers  -  by @​GreenHacker420 in shikijs/shiki#1171 (a6a44)
  • Add transformerRemoveComments  -  by @​Bitshifter-9, Copilot, @​crazylogic03 and @​antfu in shikijs/shiki#1144 (f2ee3)
• twoslash:
  • Add context parameter to filter option  -  by @​siddu-09 in shikijs/shiki#1173 (ac7f5)

   🐞 Bug Fixes

• Add typesVersions for legacy resolution support  -  by @​khushthecoder in shikijs/shiki#1179 (100b7)
• core: Check embeddedLanguages in registry dependency check  -  by @​vamsi2246 in shikijs/shiki#1178 (6ad16)
• monaco: Correctly handle sparse color map updates  -  by @​wcr-karan in shikijs/shiki#1169 (38c7f)

    View changes on GitHub

v3.18.0

   🚀 Features

• transformers: Support zeroIndexed option to transformerMetaHighlight  -  by @​manak-sharma20 in shikijs/shiki#1149 (c39ff)

   🐞 Bug Fixes

• core:
  • Correct offset calculation in mergeWhitespaceTokens  -  by @​Karthikeya1500 in shikijs/shiki#1162 (15e73)
  • Allow langAlias to special languages, close #1164  -  by @​antfu in shikijs/shiki#1164 (45ab1)

    View changes on GitHub

v3.17.1

   🚀 Features

... (truncated)

Commits

• a0b7304 chore: release v3.20.0
• 61c87e8 chore: release v3.19.0
• 0cd35ac test: use using in tests
• a016f19 chore: release v3.18.0
• 355d207 chore: release v3.17.1
• b4d3a57 chore: release v3.17.0
• e6d21b0 fix(shiki): rename createdBundledHighlighter to createBundledHighlighter ...
• fe08ee0 chore: release v3.16.0
• 02dab9b feat: update grammars
• 4bf5be3 chore: update snapshot
• Additional commits viewable in compare view

Updates @types/node from 24.10.1 to 25.0.3

Commits

• See full diff in compare view

Updates esbuild from 0.27.0 to 0.27.2

Release notes

Sourced from esbuild's releases.

v0.27.2

• Allow import path specifiers starting with #/ (#4361)

  Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

  This change was contributed by @​hybrist.

• Automatically add the -webkit-mask prefix (#4357, #4358)

  This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:

  /* Original code */
  main {
    mask: url(x.png) center/5rem no-repeat
  }
  /* Old output (with --target=chrome110) */
  main {
  mask: url(x.png) center/5rem no-repeat;
  }
  /* New output (with --target=chrome110) */
  main {
  -webkit-mask: url(x.png) center/5rem no-repeat;
  mask: url(x.png) center/5rem no-repeat;
  }

  This change was contributed by @​BPJEnnova.

• Additional minification of switch statements (#4176, #4359)

  This release contains additional minification patterns for reducing switch statements. Here is an example:

  // Original code
  switch (x) {
    case 0:
      foo()
      break
    case 1:
    default:
      bar()
  }
  // Old output (with --minify)
  switch(x){case 0:foo();break;case 1:default:bar()}
  // New output (with --minify)

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.2

• Allow import path specifiers starting with #/ (#4361)

  Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

  This change was contributed by @​hybrist.

• Automatically add the -webkit-mask prefix (#4357, #4358)

  This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:

  /* Original code */
  main {
    mask: url(x.png) center/5rem no-repeat
  }
  /* Old output (with --target=chrome110) */
  main {
  mask: url(x.png) center/5rem no-repeat;
  }
  /* New output (with --target=chrome110) */
  main {
  -webkit-mask: url(x.png) center/5rem no-repeat;
  mask: url(x.png) center/5rem no-repeat;
  }

  This change was contributed by @​BPJEnnova.

• Additional minification of switch statements (#4176, #4359)

  This release contains additional minification patterns for reducing switch statements. Here is an example:

  // Original code
  switch (x) {
    case 0:
      foo()
      break
    case 1:
    default:
      bar()
  }
  // Old output (with --minify)
  switch(x){case 0:foo();break;case 1:default:bar()}

... (truncated)

Commits

• cd83297 publish 0.27.2 to npm
• 2759721 additional tests for switch with break
• fd2b4b3 update release notes
• c8d93a7 fix #4357: -webkit- prefix for mask shorthand (#4358)
• 92ff12c compat table: update @types/node
• a35eceb compat table: fix a type error with the new types
• f598984 fix make compat-table to install dependencies
• f7f6df0 release notes for #4361
• 6f8ec15 fix: allow subpath imports that start with #/ (#4361)
• f7ae61f minify some switch statements to if-else statement
• Additional commits viewable in compare view

Updates prettier from 3.7.3 to 3.7.4

Release notes

Sourced from prettier's releases.

3.7.4

What's Changed

• Fix comment in union type gets duplicated by @​fisker in prettier/prettier#18393
• Fix unstable comment print in union type by @​fisker in prettier/prettier#18395
• Avoid quote around LWC interpolations by @​kovsu in prettier/prettier#18383

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.7.4

diff

LWC: Avoid quote around interpolations (#18383 by @​kovsu)

<!-- Input -->
<div foo={bar}>   </div>
<!-- Prettier 3.7.3 (--embedded-language-formatting off) -->
<div foo="{bar}"></div>
<!-- Prettier 3.7.4 (--embedded-language-formatting off) -->
<div foo={bar}></div>

TypeScript: Fix comment inside union type gets duplicated (#18393 by @​fisker)

// Input
type Foo = (/** comment */ a | b) | c;
// Prettier 3.7.3
type Foo = /** comment / (/* comment */ a | b) | c;
// Prettier 3.7.4
type Foo = /** comment */ (a | b) | c;

TypeScript: Fix unstable comment print in union type comments (#18395 by @​fisker)

// Input
type X = (A | B) & (
  // comment
  A | B
);
// Prettier 3.7.3 (first format)
type X = (A | B) &
(// comment
A | B);
// Prettier 3.7.3 (second format)
type X = (
| A
</tr></table>

... (truncated)

Commits

• 7848357 Release 3.7.4
• 7686c59 Release @​prettier/plugin-hermes & @​prettier/plugin-oxc v0.1.3
• fe49434 Remove dead code checking union/intersection types length (#18396)
• ca02b37 Fix unstable comment print (#18395)
• 7efb988 Fix comment in union type get duplicated (#18393)
• cfa92c1 Update dependency @​angular/compiler to v21.0.2 (#18392)
• 1de2737 Update dependency yaml to v2.8.2 (#18391)
• 706aa4e Switch js parse postprocess to onEnter (#18382)
• d3eb2b2 Reuse arrays in visitor keys (#18386)
• c45fef1 Fix LWC attribute with --embedded-language-formatting off (#18383)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions