Skip to content

chore(deps): bump @docusaurus/core from 3.9.2 to 3.10.0 in /docs#333

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/docs/docusaurus/core-3.10.0
Open

chore(deps): bump @docusaurus/core from 3.9.2 to 3.10.0 in /docs#333
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/docs/docusaurus/core-3.10.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps @docusaurus/core from 3.9.2 to 3.10.0.

Release notes

Sourced from @​docusaurus/core's releases.

3.10.0 (2026-04-07)

🚀 New Feature

  • docusaurus-types, docusaurus
    • #11896 feat(core): add future.v4.mdx1CompatDisabledByDefault flag (@​slorber)
    • #11797 feat(core): promote siteConfig.storage to stable + add future.v4.siteStorageNamespacing flag [Claude] (@​slorber)
    • #11571 feat(core): support custom html elements in head tags (@​lebalz)
  • create-docusaurus
    • #11897 feat(create-docusaurus): update init template to .mdx extension and strict MDX syntax (@​slorber)
    • #11696 feat(create-docusaurus): Newly initialized TS sites should use "strict: true" (@​slorber)
    • #11611 feat(create-docusaurus): enable creation in current directory (@​Mcheung7272)
  • Other
    • #11874 feat(ci): improve npm supply chain security - improve Dependabot config (@​slorber)
    • #11712 feat(publish): Use trusted publishing (OIDC) for canary releases (@​slorber)
  • create-docusaurus, docusaurus-bundler, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-pwa, docusaurus-types, docusaurus
    • #11802 feat(core): Docusaurus Faster is stable + v4 future flag turns it on by default (@​slorber)
  • docusaurus-mdx-loader, docusaurus-utils, docusaurus
    • #11777 feat(cli): write-heading-ids CLI now supports the --syntax and --migrate options (@​slorber)
  • docusaurus-mdx-loader
    • #11755 feat(mdx-loader): add support for explicit headingId based on MD/MDX comments (@​slorber)
  • docusaurus-theme-live-codeblock, docusaurus-theme-translations
  • docusaurus-theme-classic, docusaurus-theme-common
    • #11734 feat(theme): Split <DocCard>, improve extensibility, better handling of emoji icons, stable classNames (@​slorber)
    • #11733 feat(theme): Use React context for <Tabs>, allow custom <TabItem> components (@​slorber)
  • docusaurus-faster, docusaurus
    • #11715 feat(bundler): upgrade to Rspack 1.7, remove useless experimental feature flags (@​slorber)
  • docusaurus-plugin-content-pages
  • docusaurus-mdx-loader, docusaurus-theme-classic
    • #11642 feat(mdx-loader): add admonitions directive support for class/id shortcuts (@​lebalz)
  • docusaurus-theme-classic
  • docusaurus-theme-search-algolia
  • create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-sitemap, docusaurus-types, docusaurus-utils, docusaurus
    • #11512 feat(core): New siteConfig future.experimental_vcs API + future.experimental_faster.gitEagerVcs flag (@​slorber)

🐛 Bug Fix

  • docusaurus
    • #11844 fix(core): fix url.resolve() Node.js deprecation warning (@​slorber)
    • #11833 fix(core): upgrade serve handler min version to for upgrade users to a secure version (@​BearAlliance)
    • #11763 fix(cli): fix write-heading-ids CLI when no files provided (@​slorber)
    • #11693 fix(core): Remove deprecated experiments.lazyBarrel config for RsPack (@​VedikaGupt)
    • #11604 fix(core): webpack aliases shouldn't be created for test files and typedefs (@​slorber)
    • #11603 fix(core): Fix openBrowser AppleScript support for Arc (@​slorber)
    • #11579 fix(core): in isInternalUrl(), URI protocol scheme detection should implement the spec more strictly (@​slorber)

... (truncated)

Changelog

Sourced from @​docusaurus/core's changelog.

3.10.0 (2026-04-07)

🚀 New Feature

  • docusaurus-types, docusaurus
    • #11896 feat(core): add future.v4.mdx1CompatDisabledByDefault flag (@​slorber)
    • #11797 feat(core): promote siteConfig.storage to stable + add future.v4.siteStorageNamespacing flag [Claude] (@​slorber)
    • #11571 feat(core): support custom html elements in head tags (@​lebalz)
  • create-docusaurus
    • #11897 feat(create-docusaurus): update init template to .mdx extension and strict MDX syntax (@​slorber)
    • #11696 feat(create-docusaurus): Newly initialized TS sites should use "strict: true" (@​slorber)
    • #11611 feat(create-docusaurus): enable creation in current directory (@​Mcheung7272)
  • Other
    • #11874 feat(ci): improve npm supply chain security - improve Dependabot config (@​slorber)
    • #11712 feat(publish): Use trusted publishing (OIDC) for canary releases (@​slorber)
  • create-docusaurus, docusaurus-bundler, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-pwa, docusaurus-types, docusaurus
    • #11802 feat(core): Docusaurus Faster is stable + v4 future flag turns it on by default (@​slorber)
  • docusaurus-mdx-loader, docusaurus-utils, docusaurus
    • #11777 feat(cli): write-heading-ids CLI now supports the --syntax and --migrate options (@​slorber)
  • docusaurus-mdx-loader
    • #11755 feat(mdx-loader): add support for explicit headingId based on MD/MDX comments (@​slorber)
  • docusaurus-theme-live-codeblock, docusaurus-theme-translations
  • docusaurus-theme-classic, docusaurus-theme-common
    • #11734 feat(theme): Split <DocCard>, improve extensibility, better handling of emoji icons, stable classNames (@​slorber)
    • #11733 feat(theme): Use React context for <Tabs>, allow custom <TabItem> components (@​slorber)
  • docusaurus-faster, docusaurus
    • #11715 feat(bundler): upgrade to Rspack 1.7, remove useless experimental feature flags (@​slorber)
  • docusaurus-plugin-content-pages
  • docusaurus-mdx-loader, docusaurus-theme-classic
    • #11642 feat(mdx-loader): add admonitions directive support for class/id shortcuts (@​lebalz)
  • docusaurus-theme-classic
  • docusaurus-theme-search-algolia
  • create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-sitemap, docusaurus-types, docusaurus-utils, docusaurus
    • #11512 feat(core): New siteConfig future.experimental_vcs API + future.experimental_faster.gitEagerVcs flag (@​slorber)

🐛 Bug Fix

  • docusaurus
    • #11844 fix(core): fix url.resolve() Node.js deprecation warning (@​slorber)
    • #11833 fix(core): upgrade serve handler min version to for upgrade users to a secure version (@​BearAlliance)
    • #11763 fix(cli): fix write-heading-ids CLI when no files provided (@​slorber)
    • #11693 fix(core): Remove deprecated experiments.lazyBarrel config for RsPack (@​VedikaGupt)
    • #11604 fix(core): webpack aliases shouldn't be created for test files and typedefs (@​slorber)
    • #11603 fix(core): Fix openBrowser AppleScript support for Arc (@​slorber)
    • #11579 fix(core): in isInternalUrl(), URI protocol scheme detection should implement the spec more strictly (@​slorber)

... (truncated)

Commits
  • 0d98888 v3.10.0
  • 4892e7f feat(core): add future.v4.mdx1CompatDisabledByDefault flag (#11896)
  • 543eaeb fix(core): fix url.resolve() Node.js deprecation warning (#11844)
  • 1a52592 fix(faster): upgrade Rspack, fix Yarn PnP support (#11817)
  • 4a0273f fix(create-docusaurus): fix support for TypeScript 6.0 + fix our CI (#11843)
  • f659aef fix(core): upgrade serve handler min version to for upgrade users to a secure...
  • 1451780 chore(ci): fixes for the npm trusted publishing workflow (#11823)
  • 5dff744 chore(ci): add Trusted Publishing release workflow through dispatch action (#...
  • 29c3b5c feat(core): Docusaurus Faster is stable + v4 future flag turns it on by defau...
  • 2a7f8b9 feat(core): promote siteConfig.storage to stable + add `future.v4.siteStora...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​docusaurus/core since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump @docusaurus/core from 3.9.2 to 3.10.0 in /docs
03d6589 
Bumps [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.10.0/packages/docusaurus)

---
updated-dependencies:
- dependency-name: "@docusaurus/core"
  dependency-version: 3.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 13, 2026

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from rubenmarcus as a code owner April 13, 2026 11:00
@chatgpt-codex-connector
Copy link
Copy Markdown

chatgpt-codex-connector bot commented Apr 13, 2026

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

@github-actions github-actions bot added the chore label Apr 13, 2026
@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Apr 13, 2026

Greptile Summary

Dependabot bumps @docusaurus/core from 3.9.2 to 3.10.0 in the /docs site, updating package.json and pnpm-lock.yaml. However, all sibling Docusaurus packages (@docusaurus/preset-classic, @docusaurus/module-type-aliases, @docusaurus/tsconfig, @docusaurus/types) remain at 3.9.2, creating a version mismatch that the Docusaurus team explicitly warns against and that can cause duplicate dependency resolution and runtime failures.

Confidence Score: 3/5

Not safe to merge without also bumping all other @docusaurus/* packages to 3.10.0.

A P1 version mismatch exists: @docusaurus/core is at 3.10.0 while preset-classic and all devDependency Docusaurus packages stay at 3.9.2. Docusaurus packages must be upgraded together; mixing versions can produce dual installations, React context mismatches, or broken internal APIs that break the docs build.

docs/package.json — needs the other @docusaurus/* packages bumped to 3.10.0.

Important Files Changed

Filename Overview
docs/package.json Bumps @docusaurus/core to 3.10.0 but leaves preset-classic, module-type-aliases, tsconfig, and types at 3.9.2, creating a version mismatch across the Docusaurus package family.
docs/pnpm-lock.yaml Lockfile correctly updated to reflect the @docusaurus/core 3.10.0 resolution and transitive Babel dependency updates.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["docs/package.json"] --> B["@docusaurus/core@3.10.0 ✅"]
    A --> C["@docusaurus/preset-classic@3.9.2 ⚠️"]
    A --> D["@docusaurus/module-type-aliases@3.9.2 ⚠️"]
    A --> E["@docusaurus/tsconfig@3.9.2 ⚠️"]
    A --> F["@docusaurus/types@3.9.2 ⚠️"]
    C --> G["pnpm resolves @docusaurus/core@3.9.2 internally"]
    B --> H["Two copies of @docusaurus/core in node_modules"]
    G --> H
    H --> I["⚠️ Potential React context mismatch / build failure"]
Loading
Prompt To Fix All With AI 
This is a comment left during a code review.
Path: docs/package.json
Line: 25-26

Comment:
**Mismatched Docusaurus package versions**

`@docusaurus/core` is bumped to `3.10.0` while `@docusaurus/preset-classic`, `@docusaurus/module-type-aliases`, `@docusaurus/tsconfig`, and `@docusaurus/types` all remain at `3.9.2`. Docusaurus packages are released together and are designed to run at the same version — mixing versions can cause duplicate package installations (two copies of `@docusaurus/core` resolved by pnpm: one direct, one pulled by `preset-classic`) and runtime breakage through React context mismatches or mismatched internal APIs. All Docusaurus packages should be upgraded together.

```suggestion
    "@docusaurus/core": "3.10.0",
    "@docusaurus/preset-classic": "3.10.0",
```

Also update the devDependencies to match:
```
"@docusaurus/module-type-aliases": "3.10.0",
"@docusaurus/tsconfig": "3.10.0",
"@docusaurus/types": "3.10.0",
```

How can I resolve this? If you propose a fix, please make it concise.

Reviews (1): Last reviewed commit: "chore(deps): bump @docusaurus/core from ..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps bot reviewed Apr 13, 2026
View reviewed changes
Comment thread docs/package.json
Comment on lines +25 to 26
"@docusaurus/core": "3.10.0",
"@docusaurus/preset-classic": "3.9.2",
Copy link
Copy Markdown
Contributor

@greptile-apps greptile-apps bot Apr 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Mismatched Docusaurus package versions

@docusaurus/core is bumped to 3.10.0 while @docusaurus/preset-classic, @docusaurus/module-type-aliases, @docusaurus/tsconfig, and @docusaurus/types all remain at 3.9.2. Docusaurus packages are released together and are designed to run at the same version — mixing versions can cause duplicate package installations (two copies of @docusaurus/core resolved by pnpm: one direct, one pulled by preset-classic) and runtime breakage through React context mismatches or mismatched internal APIs. All Docusaurus packages should be upgraded together.

Suggested change
"@docusaurus/core": "3.10.0",
"@docusaurus/preset-classic": "3.9.2",
"@docusaurus/core": "3.10.0",
"@docusaurus/preset-classic": "3.10.0",

Also update the devDependencies to match:

"@docusaurus/module-type-aliases": "3.10.0",
"@docusaurus/tsconfig": "3.10.0",
"@docusaurus/types": "3.10.0",
Prompt To Fix With AI 
This is a comment left during a code review.
Path: docs/package.json
Line: 25-26

Comment:
**Mismatched Docusaurus package versions**

`@docusaurus/core` is bumped to `3.10.0` while `@docusaurus/preset-classic`, `@docusaurus/module-type-aliases`, `@docusaurus/tsconfig`, and `@docusaurus/types` all remain at `3.9.2`. Docusaurus packages are released together and are designed to run at the same version — mixing versions can cause duplicate package installations (two copies of `@docusaurus/core` resolved by pnpm: one direct, one pulled by `preset-classic`) and runtime breakage through React context mismatches or mismatched internal APIs. All Docusaurus packages should be upgraded together.

```suggestion
    "@docusaurus/core": "3.10.0",
    "@docusaurus/preset-classic": "3.10.0",
```

Also update the devDependencies to match:
```
"@docusaurus/module-type-aliases": "3.10.0",
"@docusaurus/tsconfig": "3.10.0",
"@docusaurus/types": "3.10.0",
```

How can I resolve this? If you propose a fix, please make it concise.

claude[bot]
claude bot reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — straightforward Dependabot minor version bump for docs tooling.

Extended reasoning...

Overview

This PR updates @docusaurus/core from 3.9.2 to 3.10.0 in the /docs directory, touching only docs/package.json and docs/pnpm-lock.yaml. No application or library code is modified.

Security risks

None. This is a documentation site dependency (Docusaurus), not production application code. The upstream release notes include a security-adjacent fix (upgrading serve handler to a secure version), which is a net positive.

Level of scrutiny

Low. This is a Dependabot-generated minor version bump to well-maintained, widely-used documentation infrastructure. Minor version bumps in the Docusaurus ecosystem are generally backward-compatible by convention.

Other factors

No bugs were found by the automated bug hunting system. The PR timeline has no unresolved human reviewer comments. This change is entirely confined to the docs subdirectory and has no impact on the main application codebase.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@claude claude[bot] claude[bot] left review comments

@rubenmarcus rubenmarcus Awaiting requested review from rubenmarcus rubenmarcus is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

chore dependencies documentation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants