Bump the dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the dependencies group with 9 updates in the / directory:

Package	From	To
@swc/core	1.15.18	1.15.21
@types/node	25.3.5	25.5.0
@vitest/ui	4.0.18	4.1.1
typescript	5.9.3	6.0.2
vite	7.3.1	8.0.2
file-type	21.3.1	21.3.4
@aws-sdk/client-s3	3.1004.0	3.1014.0
@aws-sdk/lib-storage	3.1004.0	3.1014.0
@aws-sdk/s3-request-presigner	3.1004.0	3.1014.0

Updates @swc/core from 1.15.18 to 1.15.21

Changelog

Sourced from @​swc/core's changelog.

[1.15.21] - 2026-03-22

Bug Fixes

• (cli) Honor externalHelpers=false in rust binary (#11693) (1be052e)

• (cli) Skip mkdir when --out-file targets the current directory (#11720) (f3f4e51)

• (es/decorators) Resolve 2022-03 issues #9565/#9078/#9079 and add regressions (#11698) (a025d2b)

• (es/fixer) Wrap new opt chain (#11618) (fdcd184)

• (es/flow) Normalize module await bindings for Hermes parity (#11703) (73d8761)

• (es/minifier) Fix compatibility for Wasm plugin (swc_ast_unknown) (#11641) (abd0e45)

• (es/module) Preserve explicit index.js import path when baseUrl is set (#11597) (830dbeb)

• (es/module) Avoid rewriting unknown relative extensions (#11713) (ed09218)

• (es/regexp) Implement transform-named-capturing-groups-regex (#11642) (f62bfa9)

• (es/types) Add new options types (#11683) (62eeee1)

• (malloc) Fallback to system allocator on linux gnu s390x/powerpc (#11606) (e103fac)

• Update lz4_flex to resolve RUSTSEC-2026-0041 (#11701) (7528507)

Documentation

• (agents) Improve guidance (#11626) (1cdfec9)

• (agents) Add AGENTS two-pass rules for es crates (#11634) (12af4a1)

... (truncated)

Commits

• a06c4b9 chore: Publish 1.15.21 with swc_core v59.0.1
• eb169d5 chore: Publish 1.15.21-nightly-20260322.3 with swc_core v59.0.1
• 4c378f7 chore: Publish 1.15.21-nightly-20260322.2 with swc_core v59.0.1
• 1cdd010 chore: Publish 1.15.21-nightly-20260322.1 with swc_core v59.0.1
• de0c918 chore: Publish 1.15.20-nightly-20260302.1 with swc_core v58.0.4
• f79f31e chore: Publish 1.15.19-nightly-20260302.1 with swc_core v58.0.3
• 357255d feat(bindings): Add linux ppc64le and s390x support across npm bindings (#11602)
• See full diff in compare view

Updates @types/node from 25.3.5 to 25.5.0

Commits

• See full diff in compare view

Updates @vitest/ui from 4.0.18 to 4.1.1

Release notes

Sourced from @​vitest/ui's releases.

v4.1.1

   🚀 Features

• experimental:
  • Expose matchesTags to test if the current filter matches tags  -  by @​sheremet-va in vitest-dev/vitest#9913 (eec53)
  • Introduce experimental.vcsProvider  -  by @​sheremet-va in vitest-dev/vitest#9928 (56115)

   🐞 Bug Fixes

• Mark TestProject.testFilesList internal properly  -  by @​sapphi-red in vitest-dev/vitest#9867 (54f26)
• Detect fixture that returns without calling use  -  by @​oilater in vitest-dev/vitest#9831 and vitest-dev/vitest#9861 (633ae)
• Drop vite 8.beta support  -  by @​AriPerkkio in vitest-dev/vitest#9862 (b78f5)
• Type regression in vi.mocked() static class methods  -  by @​purepear and @​hi-ogawa in vitest-dev/vitest#9857 (90926)
• Properly re-evaluate actual modules of mocked external  -  by @​hi-ogawa in vitest-dev/vitest#9898 (ae5ec)
• Preserve coverage report when html reporter overlaps  -  by @​hi-ogawa in vitest-dev/vitest#9889 (2d81a)
• Provide vi.advanceTimers to the preview provider  -  by @​sheremet-va in vitest-dev/vitest#9891 (1bc3e)
• Don't leak event listener in playwright provider  -  by @​sheremet-va in vitest-dev/vitest#9910 (d9355)
• Open browser in --standalone mode without running tests  -  by @​sheremet-va in vitest-dev/vitest#9911 (e78ad)
• Guard disposable and optional body  -  by @​sheremet-va in vitest-dev/vitest#9912 (6fdb2)
• Resolve retry.condition RegExp serialization issue  -  by @​nstepien and @​hi-ogawa in vitest-dev/vitest#9942 (7b605)
• collect:
  • Don't treat extra props on test return as tests  -  by @​sheremet-va in vitest-dev/vitest#9871 (141e7)
• coverage:
  • Simplify provider types  -  by @​AriPerkkio in vitest-dev/vitest#9931 (aaf9f)
  • Load built-in provider without module runner  -  by @​AriPerkkio in vitest-dev/vitest#9939 (bf892)
• expect:
  • Soft assertions continue after .resolves/.rejects promise errors  -  by @​mixelburg, Maks Pikov, Claude Opus 4.6 (1M context) and @​hi-ogawa in vitest-dev/vitest#9843 (6d74b)
  • Fix sinon-chai style API  -  by @​hi-ogawa in vitest-dev/vitest#9943 (0f08d)
• pretty-format:
  • Limit output for large object  -  by @​hi-ogawa and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9949 (0d5f9)

    View changes on GitHub

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

• Return a disposable from doMock()  -  by @​kirkwaiblinger in vitest-dev/vitest#9332 (e3e65)
• Added chai style assertions  -  by @​ronnakamoto and @​sheremet-va in vitest-dev/vitest#8842 (841df)
• Update to sinon/fake-timers v15 and add setTickMode to timer controls  -  by @​atscott and @​sheremet-va in vitest-dev/vitest#8726 (4b480)
• Expose matcher types  -  by @​sheremet-va in vitest-dev/vitest#9448 (3e4b9)
• Add toTestSpecification to reported tasks  -  by @​sheremet-va in vitest-dev/vitest#9464 (1a470)
• Show a warning if vi.mock or vi.hoisted are declared outside of top level of the module  -  by @​sheremet-va in vitest-dev/vitest#9387 (5db54)
• Track and display expectedly failed tests (.fails) in UI and CLI  -  by @​Copilot, sheremet-va and @​sheremet-va in vitest-dev/vitest#9476 (77d75)
• Support tags  -  by @​sheremet-va in vitest-dev/vitest#9478 (de7c8)
• Implement aroundEach and aroundAll hooks  -  by @​sheremet-va in vitest-dev/vitest#9450 (2a8cb)
• Stabilize experimental features  -  by @​sheremet-va in vitest-dev/vitest#9529 (b5fd2)

... (truncated)

Commits

• 1f2d318 chore: release v4.1.1
• 5a60868 refactor: fix typos (#9950)
• 2d81ad8 fix: preserve coverage report when html reporter overlaps (#9889)
• 4150b91 chore: release v4.1.0
• 0c2c013 chore: release v4.1.0-beta.6
• 8c96bb0 refator: update links to npmx (#9783)
• aaf7758 chore: standardize packages README (#9776)
• 79672d7 chore: release v4.1.0-beta.5
• 8880c90 feat(ui): implement filter for slow tests (#9705)
• 50a6cc8 chore(deps): update all non-major dependencies (#9719)
• Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• 206ed1a Deprecate assert in import() (#63172)
• e688ac8 Update dependencies (#63156)
• 29b300d Bump the github-actions group across 1 directory with 2 updates (#63205)
• 0c2c7a3 DOM update (#63183)
• Additional commits viewable in compare view

Updates vite from 7.3.1 to 8.0.2

Release notes

Sourced from vite's releases.

create-vite@8.0.2

Please refer to CHANGELOG.md for details.

v8.0.2

Please refer to CHANGELOG.md for details.

create-vite@8.0.1

Please refer to CHANGELOG.md for details.

v8.0.1

Please refer to CHANGELOG.md for details.

create-vite@8.0.0

Please refer to CHANGELOG.md for details.

plugin-legacy@8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0

Please refer to CHANGELOG.md for details.

v8.0.0-beta.18

Please refer to CHANGELOG.md for details.

v8.0.0-beta.17

Please refer to CHANGELOG.md for details.

v8.0.0-beta.16

Please refer to CHANGELOG.md for details.

v8.0.0-beta.15

Please refer to CHANGELOG.md for details.

v8.0.0-beta.14

Please refer to CHANGELOG.md for details.

v8.0.0-beta.13

Please refer to CHANGELOG.md for details.

v8.0.0-beta.12

Please refer to CHANGELOG.md for details.

v8.0.0-beta.11

Please refer to CHANGELOG.md for details.

v8.0.0-beta.10

Please refer to CHANGELOG.md for details.

v8.0.0-beta.9

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

8.0.2 (2026-03-23)

Features

• update rolldown to 1.0.0-rc.11 (#21998) (ff91c31)

Bug Fixes

• deps: update all non-major dependencies (#21988) (9b7d150)

Miscellaneous Chores

• deps: update dependency @​vitejs/devtools to ^0.1.5 (#21992) (b2dd65b)

8.0.1 (2026-03-19)

Features

• update rolldown to 1.0.0-rc.10 (#21932) (b3c067d)

Bug Fixes

• bundled-dev: properly disable inlineConst optimization (#21865) (6d97142)
• css: lightningcss minify failed when build.target: 'es6' (#21933) (5fcce46)
• deps: update all non-major dependencies (#21878) (6dbbd7f)
• dev: always use ESM Oxc runtime (#21829) (d323ed7)
• dev: handle concurrent restarts in _createServer (#21810) (40bc729)
• handle + symbol in package subpath exports during dep optimization (#21886) (86db93d)
• improve no-cors request block error (#21902) (5ba688b)
• use precise regexes for transform filter to avoid backtracking (#21800) (dbe41bd)
• worker: require(json) result should not be wrapped (#21847) (0672fd2)
• worker: make worker output consistent with client and SSR (#21871) (69454d7)

Miscellaneous Chores

• add changelog rearrange script (#21835) (efef073)
• deps: bump required @vitejs/devtools version to 0.1+ (#21925) (12932f5)
• deps: update rolldown-related dependencies (#21787) (1af1d3a)
• rearrange 8.0 changelog (8e05b61)
• rearrange 8.0 changelog (#21834) (86edeee)

8.0.0 (2026-03-12)

Today, we're thrilled to announce the release of the next Vite major:

• Vite 8.0 announcement blog post
• Docs (translations: 简体中文, 日本語, Español, Português, 한국어, Deutsch, فارسی)
• Migration Guide

⚠ BREAKING CHANGES

... (truncated)

Commits

• 63e040f fix(glob): fix HMR for array patterns with exclusions (#20872)
• 24a61a3 fix(css): improve url escape characters handling (#20847)
• 6bc6c4d fix(dev): skip JS responses for document requests (#20866)
• 166a178 chore: update url of create-react-app license (#20865)
• d4eca98 fix: keep ids for virtual modules as-is (#20808)
• e670799 fix(deps): update artichokie to 0.4.2 (#20864)
• bb950e9 fix(server): drain stdin when not interactive (#20837)
• 788a183 fix(deps): update all non-major dependencies (#20855)
• 4dd06fd chore(deps): update rolldown-related dependencies (#20854)
• d65a983 fix(server): improve malformed URL handling in middlewares (#20830)
• Additional commits viewable in compare view

Updates vitest from 4.0.18 to 4.1.1

Release notes

Sourced from vitest's releases.

v4.1.1

   🚀 Features

• experimental:
  • Expose matchesTags to test if the current filter matches tags  -  by @​sheremet-va in vitest-dev/vitest#9913 (eec53)
  • Introduce experimental.vcsProvider  -  by @​sheremet-va in vitest-dev/vitest#9928 (56115)

   🐞 Bug Fixes

• Mark TestProject.testFilesList internal properly  -  by @​sapphi-red in vitest-dev/vitest#9867 (54f26)
• Detect fixture that returns without calling use  -  by @​oilater in vitest-dev/vitest#9831 and vitest-dev/vitest#9861 (633ae)
• Drop vite 8.beta support  -  by @​AriPerkkio in vitest-dev/vitest#9862 (b78f5)
• Type regression in vi.mocked() static class methods  -  by @​purepear and @​hi-ogawa in vitest-dev/vitest#9857 (90926)
• Properly re-evaluate actual modules of mocked external  -  by @​hi-ogawa in vitest-dev/vitest#9898 (ae5ec)
• Preserve coverage report when html reporter overlaps  -  by @​hi-ogawa in vitest-dev/vitest#9889 (2d81a)
• Provide vi.advanceTimers to the preview provider  -  by @​sheremet-va in vitest-dev/vitest#9891 (1bc3e)
• Don't leak event listener in playwright provider  -  by @​sheremet-va in vitest-dev/vitest#9910 (d9355)
• Open browser in --standalone mode without running tests  -  by @​sheremet-va in vitest-dev/vitest#9911 (e78ad)
• Guard disposable and optional body  -  by @​sheremet-va in vitest-dev/vitest#9912 (6fdb2)
• Resolve retry.condition RegExp serialization issue  -  by @​nstepien and @​hi-ogawa in vitest-dev/vitest#9942 (7b605)
• collect:
  • Don't treat extra props on test return as tests  -  by @​sheremet-va in vitest-dev/vitest#9871 (141e7)
• coverage:
  • Simplify provider types  -  by @​AriPerkkio in vitest-dev/vitest#9931 (aaf9f)
  • Load built-in provider without module runner  -  by @​AriPerkkio in vitest-dev/vitest#9939 (bf892)
• expect:
  • Soft assertions continue after .resolves/.rejects promise errors  -  by @​mixelburg, Maks Pikov, Claude Opus 4.6 (1M context) and @​hi-ogawa in vitest-dev/vitest#9843 (6d74b)
  • Fix sinon-chai style API  -  by @​hi-ogawa in vitest-dev/vitest#9943 (0f08d)
• pretty-format:
  • Limit output for large object  -  by @​hi-ogawa and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9949 (0d5f9)

    View changes on GitHub

v4.1.0

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

• Return a disposable from doMock()  -  by @​kirkwaiblinger in vitest-dev/vitest#9332 (e3e65)
• Added chai style assertions  -  by @​ronnakamoto and @​sheremet-va in vitest-dev/vitest#8842 (841df)
• Update to sinon/fake-timers v15 and add setTickMode to timer controls  -  by @​atscott and @​sheremet-va in vitest-dev/vitest#8726 (4b480)
• Expose matcher types  -  by @​sheremet-va in vitest-dev/vitest#9448 (3e4b9)
• Add toTestSpecification to reported tasks  -  by @​sheremet-va in vitest-dev/vitest#9464 (1a470)
• Show a warning if vi.mock or vi.hoisted are declared outside of top level of the module  -  by @​sheremet-va in vitest-dev/vitest#9387 (5db54)
• Track and display expectedly failed tests (.fails) in UI and CLI  -  by @​Copilot, sheremet-va and @​sheremet-va in vitest-dev/vitest#9476 (77d75)
• Support tags  -  by @​sheremet-va in vitest-dev/vitest#9478 (de7c8)
• Implement aroundEach and aroundAll hooks  -  by @​sheremet-va in vitest-dev/vitest#9450 (2a8cb)
• Stabilize experimental features  -  by @​sheremet-va in vitest-dev/vitest#9529 (b5fd2)

... (truncated)

Commits

• 1f2d318 chore: release v4.1.1
• ebfde79 refactor: rename matchesTagsFilter to matchesTags (#9956)
• 5611500 feat(experimental): introduce experimental.vcsProvider (#9928)
• eec53d9 feat(experimental): expose matchesTagsFilter to test if the current filter ...
• bf89208 fix(coverage): load built-in provider without module runner (#9939)
• 5a60868 refactor: fix typos (#9950)
• aaf9f18 fix(coverage): simplify provider types (#9931)
• 6fdb2ba fix: guard disposable and optional body (#9912)
• e78adcf fix: open browser in --standalone mode without running tests (#9911)
• ae5ec03 fix: properly re-evaluate actual modules of mocked external (#9898)
• Additional commits viewable in compare view

Updates file-type from 21.3.1 to 21.3.4

Release notes

Sourced from file-type's releases.

v21.3.4

• Harden parser more aec20a0

---

sindresorhus/file-type@v21.3.3...v21.3.4

v21.3.3

• Harden parser c48c90b 135f91b

---

sindresorhus/file-type@v21.3.2...v21.3.3

v21.3.2

• Fix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v) a155cd7
• Fix bound recursive BOM and ID3 detection 370ed91

---

sindresorhus/file-type@v21.3.1...v21.3.2

Commits

• fbe8b77 21.3.4
• aec20a0 Harden parser more
• 3afcca5 21.3.3
• c48c90b Harden parser more
• 135f91b Harden parser more
• e18028c 21.3.2
• a155cd7 Fix ZIP bomb in known-size ZIP probing
• 6954817 Harden parser more
• 370ed91 Fix bound recursive BOM and ID3 detection
• d2ecea1 Add a few more safeguards
• Additional commits viewable in compare view

Updates @aws-sdk/client-s3 from 3.1004.0 to 3.1014.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.1014.0

3.1014.0(2026-03-20)

Chores

• xml-builder: bump fast-xml-parser to 5.5.8 (#7876) (80ef6014)
• bump smithy versions (414aa0d1)

Documentation Changes

• client-backup: Fix Typo for S3Backup Options ( S3BackupACLs to BackupACLs) (4d912214)

New Features

• clients: update client endpoints as of 2026-03-20 (6450a12d)
• client-verifiedpermissions: Adds support for Policy Store Aliases, Policy Names, and Policy Template Names. These are customizable identifiers that can be used in place of Policy Store ids, Policy ids, and Policy Template ids respectively in Amazon Verified Permissions APIs. (c8fe1858)
• client-opensearch: Added support for Amazon Managed Service for Prometheus (AMP) as a connected data source in OpenSearch UI. Now users can analyze Prometheus metrics in OpenSearch UI without data copy. (c9bdbb54)
• client-dynamodb: Adding ReplicaArn to ReplicaDescription of a global table replica (51c2c17a)

Tests

• snapshot-testing: fix structure of XML errors from mock service (#7874) (a17511fe)

---

For list of updated packages, view updated-packages.md in assets-3.1014.0.zip

v3.1013.0

3.1013.0(2026-03-19)

Chores

• xml-builder: single-pass XML escape for escapeElement and escapeAttribute (#7833) (97de5649)

New Features

• clients: update client endpoints as of 2026-03-19 (485aa086)
• client-batch: AWS Batch now supports quota management, enabling administrators to allocate shared compute resources across teams and projects through quota shares with capacity limits, resource-sharing strategies, and priority-based preemption - currently available for SageMaker Training job queues. (3e695b9a)
• client-bedrock-agentcore-control: Adds support for the following new features. 1. Enterprise Policies support for AgentCore Browser Tool. 2. Root CA Configuration support for AgentCore Browser Tool and Code Interpreter. (d286f51f)
• client-bedrock-agentcore: This release includes SDK support for the following new features on AgentCore Built In Tools. 1. Enterprise Policies for AgentCore Browser Tool. 2. Root CA Configuration Support for AgentCore Browser Tool and Code Interpreter. 3. API changes to AgentCore Browser Profile APIs (088f0580)
• client-polly: Added bi-directional streaming functionality through a new API, StartSpeechSynthesisStream. This API allows streaming input text through inbound events and receiving audio as part of an output stream simultaneously. (581bf849)
• client-ec2: Amazon EC2 Fleet instant mode now supports launching instances into Interruptible Capacity Reservations, enabling customers to use spare capacity shared by Capacity Reservation owners within their AWS Organization. (5ae4a552)
• client-observabilityadmin: Adding a new field in the CreateCentralizationRuleForOrganization, UpdateCentralizationRuleForOrganization API and updating the GetCentralizationRuleForOrganization API response to include the new field (f8dcb3a1)

Bug Fixes

• xml-builder: configure maxTotalExpansions on fast-xml-parser (#7868) (2ad14770)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.1014.0 (2026-03-20)

Note: Version bump only for package @​aws-sdk/client-s3

3.1013.0 (2026-03-19)

Note: Version bump only for package @​aws-sdk/client-s3

3.1012.0 (2026-03-18)

Note: Version bump only for package @​aws-sdk/client-s3

3.1011.0 (2026-03-17)

Note: Version bump only for package @​aws-sdk/client-s3

3.1010.0 (2026-03-16)

Note: Version bump only for package @​aws-sdk/client-s3

3.1009.0 (2026-03-13)

Note: Version bump only for package @​aws-sdk/client-s3

3.1008.0 (2026-03-12)

... (truncated)

Commits

• 577a874 Publish v3.1014.0
• 414aa0d chore: bump smithy versions
• 19ca473 Publish v3.1013.0
• 7f54759 Publish v3.1012.0
• 950b0c2 chore(codegen): smithy-aws-typescript-codegen 0.47.0 (#7854)
• e171694 Publish v3.1011.0
• 2aa1e6c Publish v3.1010.0
• 7888030 Publish v3.1009.0
• 7bf8888 chore(codegen): sync for retry strategy lifecycle fix (#7842)
• 21ffcaf docs(clients): generate readme block about protocols (#7839)
• Additional commits viewable in compare view

Updates @aws-sdk/lib-storage from 3.1004.0 to 3.1014.0

Release notes

Sourced from @​aws-sdk/lib-storage's releases.

v3.1014.0

3.1014.0(2026-03-20)

Chores

• xml-builder: bump fast-xml-parser to 5.5.8 (#7876) (

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.