chore(deps): bump the minor-and-patch group with 9 updates

[dependabot]

Bumps the minor-and-patch group with 9 updates:

Package	From	To
better-sqlite3	12.10.0	12.11.1
@playwright/test	1.60.0	1.61.0
@sveltejs/kit	2.64.0	2.65.1
@vitest/coverage-v8	4.1.8	4.1.9
eslint	10.4.1	10.5.0
eslint-plugin-security	4.0.0	4.0.1
prettier	3.8.3	3.8.4
typescript-eslint	8.61.0	8.61.1
vitest	4.1.8	4.1.9

Updates better-sqlite3 from 12.10.0 to 12.11.1

Release notes

Sourced from better-sqlite3's releases.

v12.11.1

What's Changed

• Fix Electron v42 build errors on Windows by @​m4heshd in WiseLibs/better-sqlite3#1488

Full Changelog: WiseLibs/better-sqlite3@v12.11.0...v12.11.1

v12.11.0

⚠️CAUTION: NOT A VIABLE RELEASE

Use v12.11.1 instead.

What's Changed

• Add missing Electron v42 build target by @​m4heshd in WiseLibs/better-sqlite3#1486

Full Changelog: WiseLibs/better-sqlite3@v12.10.1...v12.11.0

v12.10.1

What's Changed

• Bump the github-actions group across 1 directory with 4 updates by @​dependabot[bot] in WiseLibs/better-sqlite3#1451
• Fix V8 external API usage for Electron 42 by @​tstone-1 in WiseLibs/better-sqlite3#1475

Full Changelog: WiseLibs/better-sqlite3@v12.10.0...v12.10.1

Commits

• 4cbc39c 12.11.1
• 02b743f Fix Electron v42 build errors on Windows (#1488)
• 39a6e55 12.11.0
• f36d8c6 Add missing Electron v42 build target (#1486)
• da6152c 12.10.1
• 5bb63a2 Fix V8 external API usage for Electron 42 (#1475)
• ca60e36 Bump the github-actions group across 1 directory with 4 updates (#1451)
• f93f490 Update SQLite to version 3.53.2 (#1483)
• See full diff in compare view

Updates @playwright/test from 1.60.0 to 1.61.0

Release notes

Sourced from @​playwright/test's releases.

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

• apiResponse.securityDetails() and apiResponse.serverAddr() mirror the browser-side response.securityDetails() and response.serverAddr().

Browser and Screencast

• New option artifactsDir in browserType.connectOverCDP() controls where artifacts such as traces and downloads are stored when attached to an existing browser.
• New option cursor in screencast.showActions() controls the cursor decoration rendered for pointer actions.
• The onFrame callback in screencast.start() now receives a timestamp of when the frame was presented by the browser.

Test runner

• The testOptions.video option now supports the same set of modes as trace: new 'on-all-retries', 'retain-on-first-failure' and 'retain-on-failure-and-retries' values. See the video modes table for which runs are recorded and kept in each mode.
• Supported expect.soft.poll(...).
• New fullConfig.argv — a snapshot of process.argv from the runner process, handy for reading custom arguments passed after the -- separator.
• New fullConfig.failOnFlakyTests mirrors the config option, so reporters can explain why a flaky run failed.
• testInfo.errors now lists each sub-error of an AggregateError as a separate entry.

... (truncated)

Commits

• 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
• a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
• 8133dcf cherry-pick(#41283): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...
• 812432e chore: mark v1.61.0 (#41277)
• ac05145 fix(fetch): report serverAddr and securityDetails for reused sockets (#41267)
• 056efc9 fix(trace-viewer): add keyboard navigation to NetworkFilters component (#41...
• 41f7b9a chore: fixes uncovered by the .NET 1.61 roll (#41266)
• ba50778 fix(mcp): assign caps as array for legacy --vision flag (#41253)
• b8ee5ae docs: release notes for v1.61 (#41261)
• 49c1f69 fix(trace viewer): load trace from a local file (#41263)
• Additional commits viewable in compare view

Updates @sveltejs/kit from 2.64.0 to 2.65.1

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.65.1

Patch Changes

• fix: avoid importing the Vite development client code into builds with a non-standard NODE_ENV (#16023)

• fix: don't emit the unused bundle and stylesheet files when using bundleStrategy: 'inline' (#16025)

• fix: reset queries before navigating when invalidateAll is set (#16014)

• fix: regression in loading assets for absolute path apps (#16026)

@​sveltejs/kit@​2.65.0

Minor Changes

• feat: allow queries to refresh other queries (#16012)

Patch Changes

• fix: dedupe remote data (#15991)

• fix: skip client build if all routes have CSR disabled (#15936)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.65.1

Patch Changes

• fix: avoid importing the Vite development client code into builds with a non-standard NODE_ENV (#16023)

• fix: don't emit the unused bundle and stylesheet files when using bundleStrategy: 'inline' (#16025)

• fix: reset queries before navigating when invalidateAll is set (#16014)

• fix: regression in loading assets for absolute path apps (#16026)

2.65.0

Minor Changes

• feat: allow queries to refresh other queries (#16012)

Patch Changes

• fix: dedupe remote data (#15991)

• fix: skip client build if all routes have CSR disabled (#15936)

Commits

• c5382b7 Version Packages (#16016)
• b82ba81 fix: don't emit the unused bundle and stylesheet files when using `bundleStra...
• 1f9bc79 fix: regression in loading assets for apps configured with absolute paths (#1...
• 7e4cade fix: don't emit the dev bootstrap into builds with a non-standard NODE_ENV (#...
• 9d963e4 fix: reset queries before navigating when invalidateAll is set (#16014)
• ce77bf3 Version Packages (#15988)
• 372a6a6 fix: dedupe remote data (#15991)
• 607713e fix: copy public directory assets if client build is skipped (#16004)
• 3968fb9 fix: skip client build if all routes have CSR disabled (#15936)
• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.8 to 4.1.9

Commits

• See full diff in compare view

Updates eslint from 10.4.1 to 10.5.0

Release notes

Sourced from eslint's releases.

v10.5.0

Features

• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)
• b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)
• f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)
• bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)
• c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

• 8ae1b5b docs: Update README (GitHub Actions Bot)
• ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962) (Francesco Trotta)
• f99b47a docs: Update README (GitHub Actions Bot)
• acf03d4 docs: clarify precedence of parserOptions over languageOptions (#20926) (sethamus)

Chores

• b18bf58 chore: update ecosystem plugins (#20959) (ESLint Bot)
• c2d1444 refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (#20951) (Taejin Kim)
• 243b8c5 chore: enhance config-rule to support oneOf, anyOf, and nested schemas (#20788) (kuldeep kumar)
• 217b2a9 test: add unit tests for ParserService (#20949) (Taejin Kim)
• 72003e7 test: add location information to error messages in max-statements (#20945) (lumir)
• 7797c26 refactor: deduplicate isAnySegmentReachable across rules (#20890) (Taejin Kim)
• 67c46fa chore: update ecosystem plugins (#20938) (ESLint Bot)
• 95d8c7a chore: update dependency @​eslint/json to v2 (#20934) (renovate[bot])
• cf9e496 chore: update @​arethetypeswrong/cli to 0.18.3 (#20933) (Pixel998)
• fb6d396 test: run type tests with TypeScript 7 (#20868) (sethamus)

Commits

• de3b672 10.5.0
• 362a518 Build: changelog update for 10.5.0
• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973)
• b565783 feat: report no-with violations at the with keyword (#20971)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967)
• f9c138a feat: report max-depth violations on keywords (#20943)
• 8ae1b5b docs: Update README
• ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962)
• b18bf58 chore: update ecosystem plugins (#20959)
• Additional commits viewable in compare view

Updates eslint-plugin-security from 4.0.0 to 4.0.1

Release notes

Sourced from eslint-plugin-security's releases.

eslint-plugin-security: v4.0.1

4.0.1 (2026-06-12)

Bug Fixes

• treat import.meta.dirname and import.meta.filename as static (#200) (74c97bb)

Changelog

Sourced from eslint-plugin-security's changelog.

4.0.1 (2026-06-12)

Bug Fixes

• treat import.meta.dirname and import.meta.filename as static (#200) (74c97bb)

Commits

• cb8645c chore: release 4.0.1 🚀 (#204)
• 74c97bb fix: treat import.meta.dirname and import.meta.filename as static (#200)
• 0b45f82 chore(deps-dev): bump shell-quote from 1.7.4 to 1.8.4 (#202)
• 954149a chore(deps-dev): bump handlebars from 4.7.7 to 4.7.9 (#198)
• d5012b6 chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 (#197)
• b53d8b4 chore(deps-dev): bump flatted from 3.3.1 to 3.4.2 (#196)
• 7876750 chore(deps): bump minimatch (#194)
• See full diff in compare view

Updates prettier from 3.8.3 to 3.8.4

Release notes

Sourced from prettier's releases.

3.8.4

• Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (prettier/prettier#17746 by @​byplayer)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

<!-- Input -->
- a


b


c

d



<!-- Prettier 3.8.3 -->

a

b


c

d



<!-- Prettier 3.8.4 -->


a

b



c

d

Commits

• 1c6ba55 Release 3.8.4
• 4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
• 074aaed Replace main branch in changelog link with tags (#19054)
• c22a003 Bump Prettier dependency to 3.8.3
• 07bad1f Clean changelog_unreleased
• See full diff in compare view

Updates typescript-eslint from 8.61.0 to 8.61.1

Release notes

Sourced from typescript-eslint's releases.

v8.61.1

8.61.1 (2026-06-15)

🩹 Fixes

• eslint-plugin: [consistent-indexed-object-style] do not remove comments when fixing (#12396, #10577)
• eslint-plugin: [no-unnecessary-type-assertion] avoid false positive for template literal expressions (#12281)
• eslint-plugin: [no-unnecessary-type-assertion] wrap object literal in parens when removing TSTypeAssertion in arrow body (#12394, #12393)
• eslint-plugin: [no-unnecessary-boolean-literal-compare] fix precedence bug in autofix (#12413)
• eslint-plugin: [no-unnecessary-template-expression] respect ECMAScript line terminators (#12388)

❤️ Thank You

• Anas @​anasm266
• Deftera @​Deftera186
• Kirk Waiblinger @​kirkwaiblinger
• lumir
• Sarath Francis @​sarathfrancis90

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.61.1 (2026-06-15)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• aaad718 chore(release): publish 8.61.1
• See full diff in compare view

Updates vitest from 4.1.8 to 4.1.9

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.