Build(deps-dev): Bump the development-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the development-dependencies group with 7 updates in the / directory:

Package	From	To
@astrojs/check	0.9.5	0.9.6
@docsearch/js	3.9.0	4.3.2
astro	5.16.0	5.16.4
prettier	3.6.2	3.7.4
sass-true	10.0.0	10.0.1
stylelint	16.26.0	16.26.1
vnu-jar	25.11.25	25.12.9

Updates @astrojs/check from 0.9.5 to 0.9.6

Release notes

Sourced from @​astrojs/check's releases.

@​astrojs/check@​0.9.6

Patch Changes

• #14740 abfed97 Thanks @​ArmandPhilippot! - Fixes link targets in documentation following repository relocation.

• Updated dependencies [abfed97]:

  • @​astrojs/language-server@​2.16.1

Changelog

Sourced from @​astrojs/check's changelog.

0.9.6

Patch Changes

• #14740 abfed97 Thanks @​ArmandPhilippot! - Fixes link targets in documentation following repository relocation.

• Updated dependencies [abfed97]:

  • @​astrojs/language-server@​2.16.1

Commits

• 7523a1f [ci] release (#14907)
• abfed97 fix: replace withastro/language-tools mentions (#14740)
• f3bc8b2 fix: binary path
• b35983b fix(check): make the binary work in dev mode
• 372b7c3 feat(language-tools): Match monorepo coding style and cleanup
• 820a866 Update from language-tools
• 474f300 fix: tsconfig
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​astrojs/check since your current version.

Updates @docsearch/js from 3.9.0 to 4.3.2

Release notes

Sourced from @​docsearch/js's releases.

v4.3.1

4.3.1 (2025-11-04)

Bug Fixes

• npm: Publish new packages with public access (#2795) (2d045b5)

v4.2.0

4.2.0 (2025-10-06)

Bug Fixes

• askai: Fixes issue with askai state being outside DocSearchModal (#2778) (5d8943b)
• remove hit favorite and hit deletion animations (#2777) (cd9e6fb)
• typo (1ff1198)

Features

• curate AskAI search parameters (#2768) (d8ad7f6)
• dark theme support for Menu (#2776) (01517d9)
• Modal and AskAI UX tweaks (#2765) (0267f55)
• Modal UI/UX fixes and updates (#2780) (a3ab7a8)
• update Ask AI docs (#2775) (9986cbf)

v4.1.0

4.1.0 (2025-09-22)

Bug Fixes

• add docsearch 4 to website (#2767) (9a908b8)

Features

• Split docsearch-react package exports (#2764) (b15f302)

v4.0.1

4.0.1 (2025-09-16)

Bug Fixes

• deps: Adds zod to dependency list (#2759) (4011294)
• modal: Fixes issue with index typings on DocSearchModal (#2760) (55934d8)

v4.0.0

... (truncated)

Changelog

Sourced from @​docsearch/js's changelog.

4.3.2 (2025-11-10)

Bug Fixes

• suggested-questions: Fixes Suggested Questions on dark theme (#2797) (d9c4220)

4.3.1 (2025-11-04)

Bug Fixes

• npm: Publish new packages with public access (#2795) (2d045b5)

4.3.0 (2025-11-04)

Bug Fixes

• docsearch-js: resultsFooterComponent not working in JS CDN version (#2786) (5381e76)
• website: Fix API Reference docs page formatting (#2783) (8980d47)
• website: updated askai markdown documentation (#2788) (f7be2a6)

Features

• Composable API packages versions (#2789) (b91e309)
• composable-api: Document Composable API (#2793) (e5ae33f)
• composable-api: Introduce new Composable API (#2779) (5e9bdfe), closes #2771 #2772 #2774
• suggested-questions: Add suggested questions (#2787) (2b4779a)

4.2.0 (2025-10-06)

Bug Fixes

• askai: Fixes issue with askai state being outside DocSearchModal (#2778) (5d8943b)
• remove hit favorite and hit deletion animations (#2777) (cd9e6fb)
• typo (1ff1198)

Features

• curate AskAI search parameters (#2768) (d8ad7f6)

... (truncated)

Commits

• See full diff in compare view

Updates astro from 5.16.0 to 5.16.4

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #14940 2cf79c2 Thanks @​ematipico! - Fixes a bug where Astro didn't properly combine CSP resources from the csp configuration with those added using the runtime API (Astro.csp.insertDirective()) to form grammatically correct CSP headers

  Now Astro correctly deduplicate CSP resources. For example, if you have a global resource in the configuration file, and then you add a a new one using the runtime APIs.

[email protected]

Patch Changes

• #14889 4bceeb0 Thanks @​florian-lefebvre! - Fixes actions types when using specific TypeScript configurations

• #14929 e0f277d Thanks @​matthewp! - Fixes authentication bypass via double URL encoding in middleware

  Prevents attackers from bypassing path-based authentication checks using multi-level URL encoding (e.g., /%2561dmin instead of /%61dmin). Pathnames are now validated after decoding to ensure no additional encoding remains.

[email protected]

Patch Changes

• #14876 b43dc7f Thanks @​florian-lefebvre! - Fixes a vite warning log during builds when using npm

• #14884 10273e0 Thanks @​florian-lefebvre! - Fixes a case where setting the status of a page to 404 in ssr would show an empty page (or 404.astro page if provided) instead of using the current page

[email protected]

Patch Changes

• #14769 b43ee71 Thanks @​adriandlam! - Fixes an unhandled rejection issue when using Astro with Vercel Workflow DevKit

• #14761 345eb22 Thanks @​ooga! - Updates button attributes types to allow command and commandfor

• #14866 65e214b Thanks @​GameRoMan! - Fixes Astro.glob to be correctly marked as deprecated

• #14894 1ad9a5b Thanks @​delucis! - Fixes support for Astro component rendering in Vitest test suites using a “client” environment such as happy-dom or jsdom

• #14782 abed929 Thanks @​florian-lefebvre! - Improves syncing

Changelog

Sourced from astro's changelog.

5.16.4

Patch Changes

• #14940 2cf79c2 Thanks @​ematipico! - Fixes a bug where Astro didn't properly combine CSP resources from the csp configuration with those added using the runtime API (Astro.csp.insertDirective()) to form grammatically correct CSP headers

  Now Astro correctly deduplicate CSP resources. For example, if you have a global resource in the configuration file, and then you add a a new one using the runtime APIs.

5.16.3

Patch Changes

• #14889 4bceeb0 Thanks @​florian-lefebvre! - Fixes actions types when using specific TypeScript configurations

• #14929 e0f277d Thanks @​matthewp! - Fixes authentication bypass via double URL encoding in middleware

  Prevents attackers from bypassing path-based authentication checks using multi-level URL encoding (e.g., /%2561dmin instead of /%61dmin). Pathnames are now validated after decoding to ensure no additional encoding remains.

5.16.2

Patch Changes

• #14876 b43dc7f Thanks @​florian-lefebvre! - Fixes a vite warning log during builds when using npm

• #14884 10273e0 Thanks @​florian-lefebvre! - Fixes a case where setting the status of a page to 404 in ssr would show an empty page (or 404.astro page if provided) instead of using the current page

5.16.1

Patch Changes

• #14769 b43ee71 Thanks @​adriandlam! - Fixes an unhandled rejection issue when using Astro with Vercel Workflow DevKit

• #14761 345eb22 Thanks @​ooga! - Updates button attributes types to allow command and commandfor

• #14866 65e214b Thanks @​GameRoMan! - Fixes Astro.glob to be correctly marked as deprecated

• #14894 1ad9a5b Thanks @​delucis! - Fixes support for Astro component rendering in Vitest test suites using a “client” environment such as happy-dom or jsdom

• #14782 abed929 Thanks @​florian-lefebvre! - Improves syncing

Commits

• 141c676 [ci] release (#14930)
• d9a43e1 [ci] format
• 2cf79c2 fix(csp): deduplicate CSP resources (#14940)
• c8ac8e5 chore(fonts): classes (#14920)
• 33333e8 [ci] release (#14922)
• aa58d05 [ci] format
• e0f277d fix: prevent authentication bypass via double URL encoding in middleware (#14...
• 4bceeb0 fix: actions infer symbol (#14889)
• e82358c [ci] release (#14918)
• 0a2fe43 [ci] format
• Additional commits viewable in compare view

Updates prettier from 3.6.2 to 3.7.4

Release notes

Sourced from prettier's releases.

3.7.4

What's Changed

• Fix comment in union type gets duplicated by @​fisker in prettier/prettier#18393
• Fix unstable comment print in union type by @​fisker in prettier/prettier#18395
• Avoid quote around LWC interpolations by @​kovsu in prettier/prettier#18383

🔗 Changelog

3.7.3

What's Changed

• Fix prettier.getFileInfo() change that breaks VSCode extension by @​fisker in prettier/prettier#18375

🔗 Changelog

3.7.2

What's Changed

• Fix string print when switching quotes by @​fisker in prettier/prettier#18351
• Preserve quote for embedded HTML attribute values by @​kovsu in prettier/prettier#18352
• Fix comment in empty type literal by @​fisker in prettier/prettier#18364

🔗 Changelog

3.7.1

• Fix performance regression in doc printer (#18342 by @​fisker)

🔗 Changelog

3.7.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.7.4

diff

LWC: Avoid quote around interpolations (#18383 by @​kovsu)

<!-- Input -->
<div foo={bar}>   </div>
<!-- Prettier 3.7.3 (--embedded-language-formatting off) -->
<div foo="{bar}"></div>
<!-- Prettier 3.7.4 (--embedded-language-formatting off) -->
<div foo={bar}></div>

TypeScript: Fix comment inside union type gets duplicated (#18393 by @​fisker)

// Input
type Foo = (/** comment */ a | b) | c;
// Prettier 3.7.3
type Foo = /** comment / (/* comment */ a | b) | c;
// Prettier 3.7.4
type Foo = /** comment */ (a | b) | c;

TypeScript: Fix unstable comment print in union type comments (#18395 by @​fisker)

// Input
type X = (A | B) & (
  // comment
  A | B
);
// Prettier 3.7.3 (first format)
type X = (A | B) &
(// comment
A | B);
// Prettier 3.7.3 (second format)
type X = (
| A
</tr></table>

... (truncated)

Commits

• 7848357 Release 3.7.4
• 7686c59 Release @​prettier/plugin-hermes & @​prettier/plugin-oxc v0.1.3
• fe49434 Remove dead code checking union/intersection types length (#18396)
• ca02b37 Fix unstable comment print (#18395)
• 7efb988 Fix comment in union type get duplicated (#18393)
• cfa92c1 Update dependency @​angular/compiler to v21.0.2 (#18392)
• 1de2737 Update dependency yaml to v2.8.2 (#18391)
• 706aa4e Switch js parse postprocess to onEnter (#18382)
• d3eb2b2 Reuse arrays in visitor keys (#18386)
• c45fef1 Fix LWC attribute with --embedded-language-formatting off (#18383)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prettier since your current version.

Updates sass-true from 10.0.0 to 10.0.1

Release notes

Sourced from sass-true's releases.

v10.0.1

What's Changed

• DOCUMENTATION: Rewrite README documentation by @​jgerigmeyer in oddbird/true#339
• INTERNAL: Update dependencies

Full Changelog: oddbird/true@v10.0.0...v10.0.1

Changelog

Sourced from sass-true's changelog.

10.0.1 (12/04/25)

• DOCUMENTATION: Rewrite README documentation
• INTERNAL: Update dependencies

Commits

• eb736be v10.0.1
• e73f205 Merge pull request #339 from oddbird/js-docs
• 1a0a4b9 reorder docs
• d47c5b5 update changelog
• 83a957d update license
• f33f71c update docs
• e6bbf5e remove comment
• 2eb7d75 Rewrite README file, switch from jest to vitest
• ab27414 Merge pull request #337 from oddbird/dependabot/npm_and_yarn/npm-minor-upgrad...
• c286e1d upgrade herman
• Additional commits viewable in compare view

Updates stylelint from 16.26.0 to 16.26.1

Release notes

Sourced from stylelint's releases.

16.26.1

It fixes numerous false positive bugs, including many in the declaration-property-value-no-unknown rule for the latest CSS specifications.

• Fixed: *-no-unknown false positives for latest specs by integrating @csstools/css-syntax-patches-for-csstree (#8850) (@​romainmenke).
• Fixed: at-rule-no-unknown false positives for @function (#8851) (@​jeddy3).
• Fixed: declaration-property-value-no-unknown false positives for attr(), if() and custom functions (#8853) (@​jeddy3).
• Fixed: function-url-quotes false positives when URLs require quoting (#8804) (@​taearls).
• Fixed: selector-pseudo-element-no-unknown false positives for ::scroll-button() (#8856) (@​Mouvedia).

Changelog

Sourced from stylelint's changelog.

16.26.1 - 2025-11-28

It fixes numerous false positive bugs, including many in the declaration-property-value-no-unknown rule for the latest CSS specifications.

• Fixed: *-no-unknown false positives for latest specs by integrating @csstools/css-syntax-patches-for-csstree (#8850) (@​romainmenke).
• Fixed: at-rule-no-unknown false positives for @function (#8851) (@​jeddy3).
• Fixed: declaration-property-value-no-unknown false positives for attr(), if() and custom functions (#8853) (@​jeddy3).
• Fixed: function-url-quotes false positives when URLs require quoting (#8804) (@​taearls).
• Fixed: selector-pseudo-element-no-unknown false positives for ::scroll-button() (#8856) (@​Mouvedia).

Commits

• b968143 Release 16.26.1 (#8857)
• 2b24b9c Fix selector-pseudo-element-no-unknown false positives for `::scroll-button...
• f152564 Fix *-no-unknown false positives for latest specs by integrating `@csstools...
• 431cb53 Fix at-rule-no-unknown false positives for @function (#8851)
• 119097e Fix declaration-property-value-no-unknown false positives for attr() and ...
• 4b9c68b Fix function-url-quotes false positives when URLs require quoting (#8804)
• 8cc4ced Bump rollup from 4.52.5 to 4.53.2 (#8848)
• 4383feb Bump file-entry-cache from 11.1.0 to 11.1.1 (#8846)
• a8a7560 Bump the eslint group with 2 updates (#8845)
• 947ad33 Fix patch-package warning about mismatched @types/css-tree version (#8844)
• See full diff in compare view

Updates vnu-jar from 25.11.25 to 25.12.9

Release notes

Sourced from vnu-jar's releases.

latest

[!IMPORTANT] The release named “latest” is “production-ready” and is the only release you want to use. This project no longer does “major” version-numbered releases. Release 20.6.30 (30 June 2020) was the final such release. For a changelog of the latest changes, see https://github.com/validator/validator/commits/latest/.

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions