chore(deps): bump @docusaurus/types from 3.9.2 to 3.10.0 in /docs

[dependabot]

Bumps @docusaurus/types from 3.9.2 to 3.10.0.

Release notes

Sourced from @​docusaurus/types's releases.

3.10.0 (2026-04-07)

🚀 New Feature

• docusaurus-types, docusaurus
  • #11896 feat(core): add future.v4.mdx1CompatDisabledByDefault flag (@​slorber)
  • #11797 feat(core): promote siteConfig.storage to stable + add future.v4.siteStorageNamespacing flag [Claude] (@​slorber)
  • #11571 feat(core): support custom html elements in head tags (@​lebalz)
• create-docusaurus
  • #11897 feat(create-docusaurus): update init template to .mdx extension and strict MDX syntax (@​slorber)
  • #11696 feat(create-docusaurus): Newly initialized TS sites should use "strict: true" (@​slorber)
  • #11611 feat(create-docusaurus): enable creation in current directory (@​Mcheung7272)
• Other
  • #11874 feat(ci): improve npm supply chain security - improve Dependabot config (@​slorber)
  • #11712 feat(publish): Use trusted publishing (OIDC) for canary releases (@​slorber)
• create-docusaurus, docusaurus-bundler, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-pwa, docusaurus-types, docusaurus
  • #11802 feat(core): Docusaurus Faster is stable + v4 future flag turns it on by default (@​slorber)
• docusaurus-mdx-loader, docusaurus-utils, docusaurus
  • #11777 feat(cli): write-heading-ids CLI now supports the --syntax and --migrate options (@​slorber)
• docusaurus-mdx-loader
  • #11755 feat(mdx-loader): add support for explicit headingId based on MD/MDX comments (@​slorber)
• docusaurus-theme-live-codeblock, docusaurus-theme-translations
  • #11675 feat(theme-live-codeblock): reset button + wire position prop (@​NPX2218)
• docusaurus-theme-classic, docusaurus-theme-common
  • #11734 feat(theme): Split <DocCard>, improve extensibility, better handling of emoji icons, stable classNames (@​slorber)
  • #11733 feat(theme): Use React context for <Tabs>, allow custom <TabItem> components (@​slorber)
• docusaurus-faster, docusaurus
  • #11715 feat(bundler): upgrade to Rspack 1.7, remove useless experimental feature flags (@​slorber)
• docusaurus-plugin-content-pages
  • #11666 feat(pages): add support for Markdown file path links (@​VedantMadane)
• docusaurus-mdx-loader, docusaurus-theme-classic
  • #11642 feat(mdx-loader): add admonitions directive support for class/id shortcuts (@​lebalz)
• docusaurus-theme-classic
  • #11635 feat(theme): add MDXComponents/Li to swizzle config (@​moskalakamil)
• docusaurus-theme-search-algolia
  • #11581 feat(theme-search-algolia): allow overriding transformSearchClient (@​hugohaggmark)
  • #11541 feat(theme-search-algolia): add support for DocSearch v4.3.2 and new Suggested Questions (@​NatanTechofNY)
• create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-sitemap, docusaurus-types, docusaurus-utils, docusaurus
  • #11512 feat(core): New siteConfig future.experimental_vcs API + future.experimental_faster.gitEagerVcs flag (@​slorber)

🐛 Bug Fix

• docusaurus
  • #11844 fix(core): fix url.resolve() Node.js deprecation warning (@​slorber)
  • #11833 fix(core): upgrade serve handler min version to for upgrade users to a secure version (@​BearAlliance)
  • #11763 fix(cli): fix write-heading-ids CLI when no files provided (@​slorber)
  • #11693 fix(core): Remove deprecated experiments.lazyBarrel config for RsPack (@​VedikaGupt)
  • #11604 fix(core): webpack aliases shouldn't be created for test files and typedefs (@​slorber)
  • #11603 fix(core): Fix openBrowser AppleScript support for Arc (@​slorber)
  • #11579 fix(core): in isInternalUrl(), URI protocol scheme detection should implement the spec more strictly (@​slorber)

... (truncated)

Changelog

Sourced from @​docusaurus/types's changelog.

3.10.0 (2026-04-07)

🚀 New Feature

• docusaurus-types, docusaurus
  • #11896 feat(core): add future.v4.mdx1CompatDisabledByDefault flag (@​slorber)
  • #11797 feat(core): promote siteConfig.storage to stable + add future.v4.siteStorageNamespacing flag [Claude] (@​slorber)
  • #11571 feat(core): support custom html elements in head tags (@​lebalz)
• create-docusaurus
  • #11897 feat(create-docusaurus): update init template to .mdx extension and strict MDX syntax (@​slorber)
  • #11696 feat(create-docusaurus): Newly initialized TS sites should use "strict: true" (@​slorber)
  • #11611 feat(create-docusaurus): enable creation in current directory (@​Mcheung7272)
• Other
  • #11874 feat(ci): improve npm supply chain security - improve Dependabot config (@​slorber)
  • #11712 feat(publish): Use trusted publishing (OIDC) for canary releases (@​slorber)
• create-docusaurus, docusaurus-bundler, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-pwa, docusaurus-types, docusaurus
  • #11802 feat(core): Docusaurus Faster is stable + v4 future flag turns it on by default (@​slorber)
• docusaurus-mdx-loader, docusaurus-utils, docusaurus
  • #11777 feat(cli): write-heading-ids CLI now supports the --syntax and --migrate options (@​slorber)
• docusaurus-mdx-loader
  • #11755 feat(mdx-loader): add support for explicit headingId based on MD/MDX comments (@​slorber)
• docusaurus-theme-live-codeblock, docusaurus-theme-translations
  • #11675 feat(theme-live-codeblock): reset button + wire position prop (@​NPX2218)
• docusaurus-theme-classic, docusaurus-theme-common
  • #11734 feat(theme): Split <DocCard>, improve extensibility, better handling of emoji icons, stable classNames (@​slorber)
  • #11733 feat(theme): Use React context for <Tabs>, allow custom <TabItem> components (@​slorber)
• docusaurus-faster, docusaurus
  • #11715 feat(bundler): upgrade to Rspack 1.7, remove useless experimental feature flags (@​slorber)
• docusaurus-plugin-content-pages
  • #11666 feat(pages): add support for Markdown file path links (@​VedantMadane)
• docusaurus-mdx-loader, docusaurus-theme-classic
  • #11642 feat(mdx-loader): add admonitions directive support for class/id shortcuts (@​lebalz)
• docusaurus-theme-classic
  • #11635 feat(theme): add MDXComponents/Li to swizzle config (@​moskalakamil)
• docusaurus-theme-search-algolia
  • #11581 feat(theme-search-algolia): allow overriding transformSearchClient (@​hugohaggmark)
  • #11541 feat(theme-search-algolia): add support for DocSearch v4.3.2 and new Suggested Questions (@​NatanTechofNY)
• create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-sitemap, docusaurus-types, docusaurus-utils, docusaurus
  • #11512 feat(core): New siteConfig future.experimental_vcs API + future.experimental_faster.gitEagerVcs flag (@​slorber)

🐛 Bug Fix

• docusaurus
  • #11844 fix(core): fix url.resolve() Node.js deprecation warning (@​slorber)
  • #11833 fix(core): upgrade serve handler min version to for upgrade users to a secure version (@​BearAlliance)
  • #11763 fix(cli): fix write-heading-ids CLI when no files provided (@​slorber)
  • #11693 fix(core): Remove deprecated experiments.lazyBarrel config for RsPack (@​VedikaGupt)
  • #11604 fix(core): webpack aliases shouldn't be created for test files and typedefs (@​slorber)
  • #11603 fix(core): Fix openBrowser AppleScript support for Arc (@​slorber)
  • #11579 fix(core): in isInternalUrl(), URI protocol scheme detection should implement the spec more strictly (@​slorber)

... (truncated)

Commits

• 0d98888 v3.10.0
• 4892e7f feat(core): add future.v4.mdx1CompatDisabledByDefault flag (#11896)
• 1451780 chore(ci): fixes for the npm trusted publishing workflow (#11823)
• 5dff744 chore(ci): add Trusted Publishing release workflow through dispatch action (#...
• 29c3b5c feat(core): Docusaurus Faster is stable + v4 future flag turns it on by defau...
• 2a7f8b9 feat(core): promote siteConfig.storage to stable + add `future.v4.siteStora...
• c6a86ff feat(core): support custom html elements in head tags (#11571)
• acc66c1 feat(core): New siteConfig future.experimental_vcs API + `future.experimen...
• bca9ce7 chore: release v3.9.2 (#11491)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​docusaurus/types since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[greptile-apps]

Greptile Summary

Bumps @docusaurus/types from 3.9.2 to 3.10.0 in the docs package. The change is limited to devDependencies and the corresponding pnpm lockfile update — no runtime code is affected.

Confidence Score: 5/5

Safe to merge — isolated devDependency bump with no runtime impact.

Only @docusaurus/types (a TypeScript type-definitions-only devDependency) is updated. No runtime or production code is touched. The lockfile is consistent. No P0/P1 findings.

No files require special attention.

Important Files Changed

Filename	Overview
docs/package.json	Bumps @docusaurus/types from 3.9.2 to 3.10.0 in devDependencies; @docusaurus/module-type-aliases and @docusaurus/tsconfig remain at 3.9.2.
docs/pnpm-lock.yaml	Lockfile updated to resolve @docusaurus/types@3.10.0; old 3.9.2 entry retained for transitive dependents.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[docs/package.json] -->|devDependency bump| B["@docusaurus/types 3.9.2 → 3.10.0"]
    B --> C[docs/pnpm-lock.yaml updated]
    C --> D["3.10.0 resolved\n(3.9.2 retained for transitive deps)"]
    style B fill:#d4edda,stroke:#28a745
    style D fill:#fff3cd,stroke:#856404

Loading

_{Reviews (1): Last reviewed commit: "chore(deps): bump @docusaurus/types from..." | Re-trigger Greptile}

[claude]

🔴 The pnpm lockfile has a genuine integrity inconsistency introduced by this bump: the url-loader@4.1.1 snapshot key was renamed to url-loader@4.1.1(file-loader@6.2.0(webpack@5.106.1))(webpack@5.106.1) (claiming file-loader resolved against webpack@5.106.1), but the snapshot body's optionalDependencies still references file-loader: 6.2.0(webpack@5.104.1) — the old variant. Additionally, @docusaurus/mdx-loader@3.9.2's direct file-loader dep was not updated to webpack@5.106.1 unlike the sibling bundler and utils snapshots, and @docusaurus/bundler@3.9.2 now resolves webpack@5.106.1 while @docusaurus/core@3.9.2 remains on webpack@5.104.1. To fix the most critical issue, update url-loader's optionalDependencies entry from file-loader: 6.2.0(webpack@5.104.1) to file-loader: 6.2.0(webpack@5.106.1), or run pnpm install again to regenerate a clean lockfile.

Extended reasoning...

Bug 1 (normal severity): url-loader snapshot key/body mismatch

The most concrete issue introduced by this PR is a lockfile integrity inconsistency in the url-loader@4.1.1 snapshot. The snapshot key was updated to url-loader@4.1.1(file-loader@6.2.0(webpack@5.106.1))(webpack@5.106.1), and the webpack dependency inside the snapshot body was correctly set to 5.106.1. However, the optionalDependencies entry was NOT updated and still reads file-loader: 6.2.0(webpack@5.104.1). The snapshot key encodes the peer resolution variant (i.e., which file-loader was resolved) but the actual installed dependency contradicts this — the key claims the webpack@5.106.1 variant of file-loader was used, but the body installs the webpack@5.104.1 variant.

Code path and proof: In docs/pnpm-lock.yaml, the url-loader snapshot key at line ~13553 reads url-loader@4.1.1(file-loader@6.2.0(webpack@5.106.1))(webpack@5.106.1). The dependencies.webpack inside the snapshot was updated to 5.106.1. But optionalDependencies.file-loader at line ~13560 still says 6.2.0(webpack@5.104.1). Both file-loader snapshots coexist: file-loader@6.2.0(webpack@5.104.1) (pre-existing, line ~10318) and the newly added file-loader@6.2.0(webpack@5.106.1) (line ~10324). The url-loader snapshot was only half-updated.

Why existing code doesn't prevent it: This lockfile was generated by Dependabot/pnpm's automatic peer resolution. pnpm partially re-resolved the peer graph when @docusaurus/types was bumped to 3.10.0 (which itself depends on webpack@5.106.1), but the url-loader snapshot's optionalDependencies block was missed in the update.

Impact: Running pnpm install --frozen-lockfile in CI may detect this key/body inconsistency and fail, blocking builds. Even if pnpm silently accepts it, it installs file-loader@6.2.0(webpack@5.104.1) for url-loader while the snapshot key encodes the webpack@5.106.1 variant — a subtle peer dependency mismatch. The practical runtime risk is low since webpack 5.104→5.106 is a minor patch bump with no breaking file-loader API changes.

Bug 2 (nit): @docusaurus/mdx-loader direct file-loader dep not updated

The @docusaurus/mdx-loader@3.9.2 snapshot now has an internal inconsistency: its direct file-loader dependency remains as 6.2.0(webpack@5.104.1) while the same snapshot's url-loader key references 4.1.1(file-loader@6.2.0(webpack@5.106.1))(webpack@5.106.1) and webpack was updated to 5.106.1. The sibling packages @docusaurus/bundler@3.9.2 and @docusaurus/utils@3.9.2 both correctly updated their file-loader deps to 6.2.0(webpack@5.106.1). One refutation notes that since bug 1 means url-loader's optionalDependencies also resolve to webpack@5.104.1 file-loader, all file-loader references in mdx-loader effectively use the same instance — this is correct and reduces the practical impact to cosmetic inconsistency. Severity: nit.

Bug 3 (nit): webpack version split between bundler and core

Before this PR, both @docusaurus/bundler@3.9.2 and @docusaurus/core@3.9.2 resolved to webpack@5.104.1. After this PR, bundler's snapshot was updated to webpack@5.106.1 (all its loaders/plugins updated) while core's snapshot remains on webpack@5.104.1 (html-webpack-plugin, react-loadable-ssr-addon, webpack-dev-server unchanged). One refutation correctly notes this is pnpm's deterministic peer resolution artifact and that webpack plugins use tapable hook APIs (not instanceof checks), making cross-version breakage unlikely at 5.104→5.106. The @docusaurus/types@3.10.0 package was officially released on 2026-04-07 and would have caused widespread failures if this were truly incompatible. Severity: nit.

Fix: The most actionable fix for bug 1 is to manually correct the url-loader snapshot's optionalDependencies entry from file-loader: 6.2.0(webpack@5.104.1) to file-loader: 6.2.0(webpack@5.106.1), or alternatively regenerate the lockfile by running pnpm install from scratch in the docs/ directory.