Skip to content

build(deps): bump the frontend group across 1 directory with 24 updates#378

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/services/frontend/frontend-dc60575a02
Open

build(deps): bump the frontend group across 1 directory with 24 updates#378
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/services/frontend/frontend-dc60575a02

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the frontend group with 24 updates in the /services/frontend directory:

Package From To
axios 1.16.1 1.18.1
dompurify 3.4.7 3.4.11
libphonenumber-js 1.13.4 1.13.7
vue 3.5.34 3.5.39
vuetify 4.0.8 4.1.2
@hey-api/openapi-ts 0.97.3 0.99.0
@playwright/test 1.60.0 1.61.1
@types/luxon 3.7.1 3.7.2
@typescript-eslint/eslint-plugin 8.60.0 8.62.0
@typescript-eslint/parser 8.60.0 8.62.0
@vitest/coverage-v8 4.1.7 4.1.9
@vue/compiler-dom 3.5.34 3.5.39
@vue/server-renderer 3.5.34 3.5.39
@vue/test-utils 2.4.10 2.4.11
@vue/typescript-plugin 3.3.3 3.3.5
eslint 10.4.1 10.6.0
eslint-plugin-vue 10.9.1 10.9.2
fast-xml-parser 5.8.0 5.9.3
globals 17.6.0 17.7.0
sass 1.100.0 1.101.0
typescript-eslint 8.60.0 8.62.0
vitest 4.1.8 4.1.9
vue-eslint-parser 10.4.0 10.4.1
vue-tsc 3.3.3 3.3.5

Updates axios from 1.16.1 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

v1.18.0 — June 13, 2026

This release hardens redirect and URL handling, improves the validateStatus configuration semantics, and includes updates to documentation, dependencies, and release metadata.

🔒 Security Fixes

  • Redirect Header Safety: Added Node HTTP adapter support for stripping caller-specified sensitive headers on cross-origin redirects, helping prevent custom auth headers such as API keys from leaking to another origin. (#10892)

  • URL And Request Hardening: Rejects malformed http: and https: URLs that omit // with ERR_INVALID_URL, while tightening prototype-pollution-safe config reads, stream size limits, FormData depth handling, data URL sizing, and local NO_PROXY matching. (#11000)

🐛 Bug Fixes

  • Status Validation: Added transitional.validateStatusUndefinedResolves so applications can opt in to treating validateStatus: undefined like the option was omitted, while validateStatus: null remains the explicit way to accept every status. (#10899)

🔧 Maintenance & Chores

  • Documentation: Published the v1.17.0 release notes, fixed a changelog typo, clarified the package update PR policy, and marked the proxy request config as Node.js-only in the advanced docs. (#10984, #10988, #10992, #10995)

  • Dependencies: Bumped @babel/core, @babel/preset-env, @commitlint/cli, @commitlint/config-conventional, @rollup/plugin-babel, @rollup/plugin-commonjs, @vitest/browser, @vitest/browser-playwright, eslint, lint-staged, rollup, vitest, and actions/checkout. (#10989, #10996, #10997)

  • Release Metadata: Prepared the 1.18.0 release by updating package metadata and the runtime VERSION value. (#11003)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

  • Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
  • Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

  • HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

  • Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)

... (truncated)

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates dompurify from 3.4.7 to 3.4.11

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.11

  • Fixed an issue with a leaky config for hooks via setConfig, thanks @​trace37labs
  • Bumped vulnerable development dependencies to arrive at plain 0 with npm audit
  • Updated the osv-scanner suppression list as no vulnerable dependencies are left for now
  • Updated up the linting tool-chain and removed now-redundant lint directives
  • Updated the documentation is several spots, README, wiki, etc.
  • Bumped several dependencies where possible

DOMPurify 3.4.10

  • Refactored codebase for clarity: extracted the public type declarations into types.ts
  • Decomposed the three largest sanitizer functions into focused helpers
  • Removed duplicated defaults and dead branches, consolidated SAFE_FOR_TEMPLATES scrubbing into single shared path
  • Improved per-node performance by hoisting the mXSS probe regexes and testing textContent before innerHTML
  • Added a deterministic micro-benchmark harness (npm run bench) with a --compare mode
  • Reduced CI cost by running the full three-engine browser suite once per PR
  • Refreshed the demos/ folder so every demo runs again, and added a SVG-via-<img> demo
  • Documented the bench and test:happydom scripts in the README
  • Completed the Attack Classes & Bypass History wiki page
  • Bumped several dependencies where possible

DOMPurify 3.4.9

  • Further improved the handling of Trusted Types config options, thanks @​offset
  • Further improved the handling of IN_PLACE sanitization, thanks @​mozfreddyb
  • Added more test coverage for IN_PLACE and Trusted Types related usage
  • Bumped several dependencies where possible
  • Updated README and wiki with more accurate documentation & attack samples

DOMPurify 3.4.8

  • Cleaned up the repository root, renamed some and removed unneeded files
  • Fixed an issue with handling of Trusted Types policies, thanks @​fulstadev
  • Fixed the node iterator for better template scrubbing, thanks @​IamLeandrooooo
  • Included formerly missing LICENSE-MPL in published npm package, thanks @​asamuzaK
  • Bumped several dependencies where possible
Commits

Updates libphonenumber-js from 1.13.4 to 1.13.7

Changelog

Sourced from libphonenumber-js's changelog.

1.13.7 / 18.6.2026

  • Updated metadata to version 9.0.33:
    • Updated phone metadata for region code(s): BF, KE, MC, MW, NO, SG, SI, UG, VN
    • Updated geocoding data for country calling code(s): 47 (en)
    • Updated carrier data for country calling code(s): 36 (en), 40 (en), 65 (en), 84 (en), 232 (en), 235 (en), 250 (en), 256 (en), 265 (en), 386 (en), 503 (en), 1868 (en)

1.13.6 / 5.6.2026

  • Updated metadata to version 9.0.32:
    • Updated phone metadata for region code(s): DZ, JP, NO, SJ, SO, UG
    • Updated carrier data for country calling code(s): 33 (en), 47 (en), 233 (en), 252 (en), 256 (en)

1.13.5 / 03.06.2026

  • Converted any "tagged" types back to simple strings. Originally, some developers lobbied the use of so-called "tagged" types in this package in order to return more "strict" values. My knowledge of TypeScript at that time was limited to just its title, so I naturally succumbed to that influence and merged whatever changes seemed to be consensual between the participants in the issue discussions. Now though I can see how the concept of "tagged" types is redundant and adds nothing, so I decided to revert any "tagged" types back to simple strings.

1.13.3 / 22.5.2026

  • Updated metadata to version 9.0.31:
    • Updated alternate formatting data for country calling code(s): 84
    • Updated phone metadata for region code(s): AI, BO, DZ, ET, GE, GM, IN, TR, UG, VN
    • Updated short number metadata for region code(s): IT
    • Updated geocoding data for country calling code(s): 213 (en)
    • Updated carrier data for country calling code(s): 34 (en), 43 (en), 84 (en), 90 (en), 220 (en), 251 (en), 256 (en), 354 (en), 591 (en), 1264 (en)

1.13.0 / 08.05.2026

  • Merged a pull request by Matt d'Entremont that adds ES6-only versions of min/max/mobile/core exports.

    • The new exports are:

      • minlibphonenumber-js/min/es6
      • maxlibphonenumber-js/max/es6
      • mobile — libphonenumber-js/mobile/es6
      • "custom" — libphonenumber-js/core/es6
    • The bundle size reduction is roughly 37 KB raw and 3.8-4.1 KB gzipped.

... (truncated)

Commits

Updates vue from 3.5.34 to 3.5.39

Release notes

Sourced from vue's releases.

v3.5.39

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.38

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.37

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.35

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.39 (2026-06-25)

Bug Fixes

3.5.38 (2026-06-11)

3.5.37 (2026-06-11)

3.5.36 (2026-06-11)

Bug Fixes

  • compiler-core: avoid crash on CDATA at the document root (#14916) (0ea17e2)
  • compiler-core: prefix dynamic keys on v-memo elements (#14922) (68e978e), closes #14920
  • compiler-sfc: handle vue-ignore on leading intersection/union type (#14950) (0dcd225), closes #12254
  • compiler-sfc: respect var hoisting in props destructure (48ad452)
  • reactivity: preserve watch callback return value when wrapped for once: true (#14902) (450a8a8)
  • runtime-core: add dev warning for silent catch in compat mode and fix test description typo (#14891) (db3e117)
  • runtime-core: force model update when reverted before sync (#14897) (7f76378), closes #13524
  • runtime-core: skip async component callbacks after unmount (#14911) (5300ead)
  • transition: avoid move transition for hidden v-show group children (#14895) (c11f6ee), closes #14894
  • watch: trigger immediate callback for empty sources (#14914) (1f2ca7e), closes #14898

3.5.35 (2026-05-27)

Bug Fixes

... (truncated)

Commits
  • c0606e9 release: v3.5.39
  • 4b659e6 fix(runtime-dom): preserve option modifier event names (#8338)
  • 232f402 fix(types): support named tuple emits (#12676)
  • 671997a fix(teleport): handle teleport unmount edge case (#12705)
  • 164af63 fix(hydration): respect data-allow-mismatch on conditional branches (#12801)
  • 2f374cd fix(runtime-core): normalize function children for elements and Teleport (#9108)
  • 87b73b6 fix(runtime-core): preserve once event listener name (#8341)
  • 027da6b fix(ssr): dedupe inherited scope ids during vnode rendering (#15005)
  • 024cf06 fix(hydration): force patch dynamic props when hydrating (#9083)
  • be7ce31 fix(compiler-core): correct filter rewrite recursion (#14959)
  • Additional commits viewable in compare view

Updates vuetify from 4.0.8 to 4.1.2

Release notes

Sourced from vuetify's releases.

v4.1.2

🔧 Bug Fixes

  • theme: async transition should return a Promise (904f949), closes #22900
  • utilites: merge height values into single group (ff6e4e4), closes #22916
  • VDialog: clear inline styles when enabling fullscreen mode (ea29378), closes #22926
  • VOverlay: static location should snap to edges using CSS (#22921) (4fc3c8e), closes #22911
  • VOverlay: do not clear position when closing (923b3b6), closes #22930
  • VOverlay: keep overlay attached with iOS keyboard open (#22923) (2e51298), closes #22376
  • VOverlay: resolve size with CSS function (calc, min, vw) to pixels (bf105bf)
  • VOverlay: dimension props should be reactive in static strategy (eb56d37)
  • VPagination: predictable length behavior in flex container (#22912) (e7016b1), closes #22907
  • VTreeview: apply hide-actions to group nodes (e5555ae), closes #22919

v4.1.1

🔧 Bug Fixes

  • VMenu: prevent focus change during IME input (#21008) (374c955), closes #21001
  • VNumberInput: emit change when using controls and arrows (2ab2509)
  • VOverlay: respect % dimension boundaries (eaec65f), closes #22890
  • VSelect: close menu when click lands inside host overlay (7ed9a54), closes #22897
  • VSnackbar: more reliable progress bar (5e6fe60), closes #22894
  • VTable: apply background and border for fixed-footer (ecabcc5)
  • VTooltip: avoid stealing focus (77d1a8a), closes #22891
  • VTooltip: merge content class and props (5cc3278)

🧪 Labs

  • VHeatmap: keep legend bar visible in forced-colors mode (58e3e7d)
  • VHighlight: support forced-colors mode (067228c)

v4.1.0

The following components have been promoted to the core framework from labs:

🚀 Features

... (truncated)

Commits
  • 5cc805b chore(release): publish v4.1.2
  • 904f949 fix(theme): async transition should return a Promise
  • 4fc3c8e fix(VOverlay): static location should snap to edges using CSS (#22921)
  • 923b3b6 fix(VOverlay): do not clear position when closing
  • 2e51298 fix(VOverlay): keep overlay attached with iOS keyboard open (#22923)
  • ea29378 fix(VDialog): clear inline styles when enabling fullscreen mode
  • e5555ae fix(VTreeview): apply hide-actions to group nodes
  • ff6e4e4 fix(utilites): merge height values into single group
  • a7323f7 chore: correct name for specs folder
  • bf105bf fix(VOverlay): resolve size with CSS function (calc, min, vw) to pixels
  • Additional commits viewable in compare view

Updates @hey-api/openapi-ts from 0.97.3 to 0.99.0

Changelog

Sourced from @​hey-api/openapi-ts's changelog.

0.99.0

Minor Changes

To better represent its functionality, the plugin.symbols property has been renamed to plugin.imports.

Plugin duplicates behavior

If you specified the same plugin multiple times, only the last instance would be used. We eventually added a warning for this behavior, but that didn't treat the root issue. This release changes that by merging duplicate plugin configurations.

Removed plugin.external() function

This function was used to reference external symbols. All plugins now use the Imports API, which allows you to reference external symbols in a type-safe way through plugin.imports.

Patch Changes

  • api: replace ~ fields with $ (#4086) (d5ca286) by @​mrlubos

  • config: add Presets API (3b4ee7a) by @​mrlubos

  • plugin(@​hey-api/client-angular): fix: send an empty object request body when explicitly provided in flat parameters mode (#4070) (ab522ef) by @​matthewjamesadam

  • client: use getBaseUrl() function to determine default value (#3772) (4026955) by @​mrlubos

  • plugin(zod): improve discriminator handling (680b947) by @​mrlubos

  • plugin(@​tanstack/preact-query): fix: strip initialData from the inferred result types for infinite query options (7a4b0cf) by @​mrlubos

  • plugin(@​tanstack/solid-query): fix: strip initialData from the inferred result types for infinite query options (7a4b0cf) by @​mrlubos

  • plugin(valibot): support custom regular expression error messages with x-pattern-message (#4117) (3ed3afb) by @​pullfrog

  • plugin(@​hey-api/client-next): fix: send an empty object request body when explicitly provided in flat parameters mode (#4070) (f6d4512) by @​matthewjamesadam

  • plugin(@​hey-api/client-axios): fix: send an empty object request body when explicitly provided in flat parameters mode (#4070) (f6d4512) by @​matthewjamesadam

  • plugin(zod): support creating optional request schemas (11315c7) by @​mrlubos

  • plugin(@​tanstack/react-query): fix: strip initialData from the inferred result types for infinite query options (7a4b0cf) by @​mrlubos

  • plugin(@​hey-api/client-ky): fix: send an empty object request body when explicitly provided in flat parameters mode (#4070) (f6d4512) by @​matthewjamesadam

... (truncated)

Commits

Updates @playwright/test from 1.60.0 to 1.61.1

Release notes

Sourced from @​playwright/test's releases.

v1.61.1

Bug Fixes

  • #41365 [Bug]: Expect.Extend matcher with same name as default matcher in same expect instance overrides default matchers implementation to custom matcher
  • #41351 [Bug]: Playwright UI mode: apiRequestContext._wrapApiCall reports unexpected number of bytes (same test passes in headed mode)
  • #41360 [Bug]: Trace viewer: message times in websockets are downscaled by 1000
  • #41311 [Bug]: [Regression]: Sync loader throws "context.conditions?.includes is not a function" on Node 22.15
  • #41371 [Regression]: Sync ESM loader (registerHooks) fails to resolve extensionless .ts subpath imports across pnpm workspace symlinks

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

Browser and Screencast

... (truncated)

Commits
  • 39e3553 cherry-pick(#41399): fix(test): load require-reached files as commonjs in syn...
  • 4328122 chore: mark v1.61.1 (#41404)
  • 2c29a94 fix(tracing): stop recording websocket frames outside of chunks (#41398)
  • 4324b19 cherry-pick(#41367): fix(test): keep builtin expect matchers on base extend
  • 041e7e3 cherry-pick(#41364): fix(har): WebSocket message timestamps should be in mi...
  • b8a0fc3 cherry-pick(#41309, #43149): Revert "fix(firefox): treat `navigationCommitted...
  • b5a3175 cherry-pick(#41319): fix(loader): support other node versions
  • d4724a9 cherry-pick(#41290): feat(docker): add Ubuntu 26.04 (Resolute Raccoon) image
  • 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
  • a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
  • Additional commits viewable in compare view

Updates @types/luxon from 3.7.1 to 3.7.2

Commits

Updates @typescript-eslint/eslint-plugin from 8.60.0 to 8.62.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.62.0

8.62.0 (2026-06-22)

🚀 Features

  • remove redundant package.json "files" (#12444)

🩹 Fix...

Description has been truncated

Bumps the frontend group with 24 updates in the /services/frontend directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.16.1` | `1.18.1` |
| [dompurify](https://github.com/cure53/DOMPurify) | `3.4.7` | `3.4.11` |
| [libphonenumber-js](https://gitlab.com/catamphetamine/libphonenumber-js) | `1.13.4` | `1.13.7` |
| [vue](https://github.com/vuejs/core) | `3.5.34` | `3.5.39` |
| [vuetify](https://github.com/vuetifyjs/vuetify/tree/HEAD/packages/vuetify) | `4.0.8` | `4.1.2` |
| [@hey-api/openapi-ts](https://github.com/hey-api/hey-api/tree/HEAD/packages/openapi-ts) | `0.97.3` | `0.99.0` |
| [@playwright/test](https://github.com/microsoft/playwright) | `1.60.0` | `1.61.1` |
| [@types/luxon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/luxon) | `3.7.1` | `3.7.2` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.60.0` | `8.62.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.60.0` | `8.62.0` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.7` | `4.1.9` |
| [@vue/compiler-dom](https://github.com/vuejs/core/tree/HEAD/packages/compiler-dom) | `3.5.34` | `3.5.39` |
| [@vue/server-renderer](https://github.com/vuejs/core/tree/HEAD/packages/server-renderer) | `3.5.34` | `3.5.39` |
| [@vue/test-utils](https://github.com/vuejs/test-utils) | `2.4.10` | `2.4.11` |
| [@vue/typescript-plugin](https://github.com/vuejs/language-tools/tree/HEAD/packages/typescript-plugin) | `3.3.3` | `3.3.5` |
| [eslint](https://github.com/eslint/eslint) | `10.4.1` | `10.6.0` |
| [eslint-plugin-vue](https://github.com/vuejs/eslint-plugin-vue) | `10.9.1` | `10.9.2` |
| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.8.0` | `5.9.3` |
| [globals](https://github.com/sindresorhus/globals) | `17.6.0` | `17.7.0` |
| [sass](https://github.com/sass/dart-sass) | `1.100.0` | `1.101.0` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.60.0` | `8.62.0` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.8` | `4.1.9` |
| [vue-eslint-parser](https://github.com/vuejs/vue-eslint-parser) | `10.4.0` | `10.4.1` |
| [vue-tsc](https://github.com/vuejs/language-tools/tree/HEAD/packages/tsc) | `3.3.3` | `3.3.5` |



Updates `axios` from 1.16.1 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.16.1...v1.18.1)

Updates `dompurify` from 3.4.7 to 3.4.11
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.4.7...3.4.11)

Updates `libphonenumber-js` from 1.13.4 to 1.13.7
- [Changelog](https://gitlab.com/catamphetamine/libphonenumber-js/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/libphonenumber-js/commits/master)

Updates `vue` from 3.5.34 to 3.5.39
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.5.34...v3.5.39)

Updates `vuetify` from 4.0.8 to 4.1.2
- [Release notes](https://github.com/vuetifyjs/vuetify/releases)
- [Commits](https://github.com/vuetifyjs/vuetify/commits/v4.1.2/packages/vuetify)

Updates `@hey-api/openapi-ts` from 0.97.3 to 0.99.0
- [Release notes](https://github.com/hey-api/hey-api/releases)
- [Changelog](https://github.com/hey-api/hey-api/blob/main/packages/openapi-ts/CHANGELOG.md)
- [Commits](https://github.com/hey-api/hey-api/commits/@hey-api/openapi-ts@0.99.0/packages/openapi-ts)

Updates `@playwright/test` from 1.60.0 to 1.61.1
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.60.0...v1.61.1)

Updates `@types/luxon` from 3.7.1 to 3.7.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/luxon)

Updates `@typescript-eslint/eslint-plugin` from 8.60.0 to 8.62.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.60.0 to 8.62.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/parser)

Updates `@vitest/coverage-v8` from 4.1.7 to 4.1.9
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/coverage-v8)

Updates `@vue/compiler-dom` from 3.5.34 to 3.5.39
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vuejs/core/commits/v3.5.39/packages/compiler-dom)

Updates `@vue/server-renderer` from 3.5.34 to 3.5.39
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vuejs/core/commits/v3.5.39/packages/server-renderer)

Updates `@vue/test-utils` from 2.4.10 to 2.4.11
- [Release notes](https://github.com/vuejs/test-utils/releases)
- [Commits](vuejs/test-utils@v2.4.10...v2.4.11)

Updates `@vue/typescript-plugin` from 3.3.3 to 3.3.5
- [Release notes](https://github.com/vuejs/language-tools/releases)
- [Changelog](https://github.com/vuejs/language-tools/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vuejs/language-tools/commits/v3.3.5/packages/typescript-plugin)

Updates `eslint` from 10.4.1 to 10.6.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.4.1...v10.6.0)

Updates `eslint-plugin-vue` from 10.9.1 to 10.9.2
- [Release notes](https://github.com/vuejs/eslint-plugin-vue/releases)
- [Changelog](https://github.com/vuejs/eslint-plugin-vue/blob/master/CHANGELOG.md)
- [Commits](vuejs/eslint-plugin-vue@v10.9.1...v10.9.2)

Updates `fast-xml-parser` from 5.8.0 to 5.9.3
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v5.8.0...v5.9.3)

Updates `globals` from 17.6.0 to 17.7.0
- [Release notes](https://github.com/sindresorhus/globals/releases)
- [Commits](sindresorhus/globals@v17.6.0...v17.7.0)

Updates `sass` from 1.100.0 to 1.101.0
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.100.0...1.101.0)

Updates `typescript-eslint` from 8.60.0 to 8.62.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.0/packages/typescript-eslint)

Updates `vitest` from 4.1.8 to 4.1.9
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/vitest)

Updates `vue-eslint-parser` from 10.4.0 to 10.4.1
- [Release notes](https://github.com/vuejs/vue-eslint-parser/releases)
- [Commits](vuejs/vue-eslint-parser@v10.4.0...v10.4.1)

Updates `vue-tsc` from 3.3.3 to 3.3.5
- [Release notes](https://github.com/vuejs/language-tools/releases)
- [Changelog](https://github.com/vuejs/language-tools/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vuejs/language-tools/commits/v3.3.5/packages/tsc)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: dompurify
  dependency-version: 3.4.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: libphonenumber-js
  dependency-version: 1.13.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: vue
  dependency-version: 3.5.39
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: vuetify
  dependency-version: 4.1.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@hey-api/openapi-ts"
  dependency-version: 0.99.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@playwright/test"
  dependency-version: 1.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@types/luxon"
  dependency-version: 3.7.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: "@vue/compiler-dom"
  dependency-version: 3.5.39
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: "@vue/server-renderer"
  dependency-version: 3.5.39
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: "@vue/test-utils"
  dependency-version: 2.4.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: "@vue/typescript-plugin"
  dependency-version: 3.3.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: eslint-plugin-vue
  dependency-version: 10.9.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: fast-xml-parser
  dependency-version: 5.9.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: globals
  dependency-version: 17.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: sass
  dependency-version: 1.101.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: typescript-eslint
  dependency-version: 8.62.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: frontend
- dependency-name: vitest
  dependency-version: 4.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: vue-eslint-parser
  dependency-version: 10.4.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
- dependency-name: vue-tsc
  dependency-version: 3.3.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: frontend
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants