Bump the npm-dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the npm-dependencies group with 11 updates in the /components/dash-table directory:

Package	From	To
@types/chai	4.3.20	5.2.3
less	4.6.4	4.6.6
typescript	5.9.3	6.0.3
webpack-dev-server	5.2.4	5.2.5
@types/express-serve-static-core	4.19.6	4.19.8
@types/http-proxy	1.17.16	1.17.17
@types/node	24.0.10	26.0.1
@types/qs	6.14.0	6.15.1
@types/send	0.17.5	1.2.1
@types/serve-static	1.15.8	1.15.10
webpack-dev-middleware	7.4.2	7.4.5

Updates @types/chai from 4.3.20 to 5.2.3

Commits

• See full diff in compare view

Updates less from 4.6.4 to 4.6.6

Release notes

Sourced from less's releases.

Release v4.6.6

Changes

See CHANGELOG.md for details.

Installation

npm install less@4.6.6

Release v4.6.5

Changes

See CHANGELOG.md for details.

Installation

npm install less@4.6.5

Changelog

Sourced from less's changelog.

v4.6.6 (2026-06-14)

Changes

• #4450 fix: use printf for PR body to avoid YAML indentation error in run block (@​matthew-dean)
• #4449 fix: correct push event typo in create-release-pr workflow (pus → push:) (@​matthew-dean)
• #4446 fix: avoid TypeError on nested @​supports with dumpLineNumbers (@​sarathfrancis90)
• #4441 Preserve spacing for container feature functions (@​puneetdixit200)
• #4440 chore: prevent dependency lifecycle scripts (@​puckowski)
• #4437 docs: fix incorrect contributor attributions in v4.6.0 changelog (@​barry3406)
• #4434 fix(issue#4316): color calc inside from expression (@​puckowski)

v4.6.5 (2026-06-13)

Bug Fixes

• #4444 Fix browser export interop by routing bundlers to CJS-typed UMD artifact (@​Copilot)
• #4427 Fix parenthesis in media query (@​puckowski)
• #4421 Fix not keyword silently ignored when used without parentheses in conditions (@​Copilot)
• #4426 Upgrade make-dir to v4 to fix security vulnerability (@​jorenbroekema)

Maintenance

• #4447 Automate CHANGELOG generation in release workflow (@​matthew-dean)
• #4448 Add continue-on-error to copilot-review CI job (@​matthew-dean)
• #4445 Fix Playwright chromium install hang on Node current/lts/* (@​matthew-dean)
• #4431 PR-based release flow for alpha branches (@​Copilot)
• #4430 Ensure npm publish is always backed by a GitHub tag, release, and version-bump commit (@​Copilot)
• #4432 Update packageManager to pnpm@9.15.9 to match lockfileVersion 9.0 (@​Copilot)
• #4420 Regression test for @​container mixin parameter variable resolution (@​Copilot)

Commits

• See full diff in compare view

Updates typescript from 5.9.3 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).
• fixed issues query for TypeScript 6.0.3 (Stable).

Downloads are available on:

• npm

TypeScript 6.0

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).

Downloads are available on:

• npm

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 050880c Bump version to 6.0.3 and LKG
• eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
• ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
• 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• Additional commits viewable in compare view

Updates webpack-dev-server from 5.2.4 to 5.2.5

Release notes

Sourced from webpack-dev-server's releases.

v5.2.5

Patch Changes

• Skip the HMR WebSocket path when forwarding upgrade requests to user-defined proxies, so custom proxy WebSocket upgrades are no longer intercepted by the dev server. (by @​bjohansebas in #5680)

Changelog

Sourced from webpack-dev-server's changelog.

5.2.5

Patch Changes

• Skip the HMR WebSocket path when forwarding upgrade requests to user-defined proxies, so custom proxy WebSocket upgrades are no longer intercepted by the dev server. (by @​bjohansebas in #5680)

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

Commits

• c3ee325 chore(release): new release (#5682)
• 60173be feat: add changeset validation and release workflow (#5680)
• 948d5e6 fix(proxy): match the HMR upgrade path exactly like the ws server (#5678)
• 93e8996 fix: skip HMR websocket path when forwarding upgrades to user-defined proxies...
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for webpack-dev-server since your current version.

Updates @types/express-serve-static-core from 4.19.6 to 4.19.8

Commits

• See full diff in compare view

Updates @types/http-proxy from 1.17.16 to 1.17.17

Commits

• See full diff in compare view

Updates @types/node from 24.0.10 to 26.0.1

Commits

• See full diff in compare view

Updates @types/qs from 6.14.0 to 6.15.1

Commits

• See full diff in compare view

Updates @types/send from 0.17.5 to 1.2.1

Commits

• See full diff in compare view

Updates @types/serve-static from 1.15.8 to 1.15.10

Commits

• See full diff in compare view

Updates webpack-dev-middleware from 7.4.2 to 7.4.5

Release notes

Sourced from webpack-dev-middleware's releases.

v7.4.5

7.4.5 (2025-09-24)

Bug Fixes

• unpin memfs (#2176) (c9a0e68)

v7.4.4

7.4.4 (2025-09-23)

Bug Fixes

• pin memfs version (#2174) (044d691)

v7.4.3

7.4.3 (2025-09-05)

Bug Fixes

• do not call the next middleware for 304 responses (#2155) (c26a326)
• do not call the next middleware when request is finished or errored (#2156) (116c680)

Changelog

Sourced from webpack-dev-middleware's changelog.

7.4.5 (2025-09-24)

Bug Fixes

• unpin memfs (#2176) (c9a0e68)

7.4.4 (2025-09-23)

Bug Fixes

• pin memfs version (#2174) (044d691)

7.4.3 (2025-09-05)

Bug Fixes

• do not call the next middleware for 304 responses (#2155) (c26a326)
• do not call the next middleware when request is finished or errored (#2156) (116c680)

Commits

• ec97e06 chore(release): 7.4.5
• c9a0e68 fix: unpin memfs (#2176)
• 0c87e95 chore(deps-dev): bump the dependencies group across 1 directory with 6 update...
• 8f40f5f chore(release): 7.4.4
• 044d691 fix: pin memfs version (#2174)
• 253c7e1 chore(deps-dev): bump the dependencies group with 3 updates (#2170)
• 2535262 chore(deps): bump the dependencies group across 1 directory with 5 updates (#...
• 6b7531e chore: remove CODEOWNERS, too spammy (#2167)
• be10aa6 chore(deps): remove strip-ansi (#2166)
• 0c4431b chore(deps): update
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud