build(deps-dev): bump the development-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the development-dependencies group with 7 updates in the / directory:

Package	From	To
@commitlint/cli	20.2.0	20.3.1
@commitlint/config-conventional	20.2.0	20.3.1
esbuild	0.27.1	0.27.2
eslint	9.39.1	9.39.2
eslint-plugin-prettier	5.5.4	5.5.5
msw	2.12.4	2.12.7
vitest	4.0.15	4.0.17

Updates @commitlint/cli from 20.2.0 to 20.3.1

Release notes

Sourced from @​commitlint/cli's releases.

v20.3.1

20.3.1 (2026-01-08)

Bug Fixes

• fix(types): add scope-delimiter-style types by @​what1s1ove in conventional-changelog/commitlint#4592

Full Changelog: conventional-changelog/commitlint@v20.3.0...v20.3.1

v20.3.0

20.3.0 (2026-01-01)

Features

• feat: add support for .mts config file by @​amir-rahmanii in conventional-changelog/commitlint#4581
• feat(rules): add scope-delimiter-style by @​what1s1ove in conventional-changelog/commitlint#4580

Docs

• docs: add committier to community projects page by @​iamyoki in conventional-changelog/commitlint#4579

New Contributors

• @​iamyoki made their first contribution in conventional-changelog/commitlint#4579
• @​amir-rahmanii made their first contribution in conventional-changelog/commitlint#4581
• @​what1s1ove made their first contribution in conventional-changelog/commitlint#4580

Full Changelog: conventional-changelog/commitlint@v20.2.0...v20.3.0

Changelog

Sourced from @​commitlint/cli's changelog.

20.3.1 (2026-01-08)

Note: Version bump only for package @​commitlint/cli

20.3.0 (2026-01-01)

Note: Version bump only for package @​commitlint/cli

Commits

• be3a280 v20.3.1
• 1c5734d v20.3.0
• See full diff in compare view

Updates @commitlint/config-conventional from 20.2.0 to 20.3.1

Release notes

Sourced from @​commitlint/config-conventional's releases.

v20.3.1

20.3.1 (2026-01-08)

Bug Fixes

• fix(types): add scope-delimiter-style types by @​what1s1ove in conventional-changelog/commitlint#4592

Full Changelog: conventional-changelog/commitlint@v20.3.0...v20.3.1

v20.3.0

20.3.0 (2026-01-01)

Features

• feat: add support for .mts config file by @​amir-rahmanii in conventional-changelog/commitlint#4581
• feat(rules): add scope-delimiter-style by @​what1s1ove in conventional-changelog/commitlint#4580

Docs

• docs: add committier to community projects page by @​iamyoki in conventional-changelog/commitlint#4579

New Contributors

• @​iamyoki made their first contribution in conventional-changelog/commitlint#4579
• @​amir-rahmanii made their first contribution in conventional-changelog/commitlint#4581
• @​what1s1ove made their first contribution in conventional-changelog/commitlint#4580

Full Changelog: conventional-changelog/commitlint@v20.2.0...v20.3.0

Changelog

Sourced from @​commitlint/config-conventional's changelog.

20.3.1 (2026-01-08)

Note: Version bump only for package @​commitlint/config-conventional

20.3.0 (2026-01-01)

Note: Version bump only for package @​commitlint/config-conventional

Commits

• be3a280 v20.3.1
• 1c5734d v20.3.0
• See full diff in compare view

Updates esbuild from 0.27.1 to 0.27.2

Release notes

Sourced from esbuild's releases.

v0.27.2

• Allow import path specifiers starting with #/ (#4361)

  Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

  This change was contributed by @​hybrist.

• Automatically add the -webkit-mask prefix (#4357, #4358)

  This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:

  /* Original code */
  main {
    mask: url(x.png) center/5rem no-repeat
  }
  /* Old output (with --target=chrome110) */
  main {
  mask: url(x.png) center/5rem no-repeat;
  }
  /* New output (with --target=chrome110) */
  main {
  -webkit-mask: url(x.png) center/5rem no-repeat;
  mask: url(x.png) center/5rem no-repeat;
  }

  This change was contributed by @​BPJEnnova.

• Additional minification of switch statements (#4176, #4359)

  This release contains additional minification patterns for reducing switch statements. Here is an example:

  // Original code
  switch (x) {
    case 0:
      foo()
      break
    case 1:
    default:
      bar()
  }
  // Old output (with --minify)
  switch(x){case 0:foo();break;case 1:default:bar()}
  // New output (with --minify)

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.2

• Allow import path specifiers starting with #/ (#4361)

  Previously the specification for package.json disallowed import path specifiers starting with #/, but this restriction has recently been relaxed and support for it is being added across the JavaScript ecosystem. One use case is using it for a wildcard pattern such as mapping #/* to ./src/* (previously you had to use another character such as #_* instead, which was more confusing). There is some more context in nodejs/node#49182.

  This change was contributed by @​hybrist.

• Automatically add the -webkit-mask prefix (#4357, #4358)

  This release automatically adds the -webkit- vendor prefix for the mask CSS shorthand property:

  /* Original code */
  main {
    mask: url(x.png) center/5rem no-repeat
  }
  /* Old output (with --target=chrome110) */
  main {
  mask: url(x.png) center/5rem no-repeat;
  }
  /* New output (with --target=chrome110) */
  main {
  -webkit-mask: url(x.png) center/5rem no-repeat;
  mask: url(x.png) center/5rem no-repeat;
  }

  This change was contributed by @​BPJEnnova.

• Additional minification of switch statements (#4176, #4359)

  This release contains additional minification patterns for reducing switch statements. Here is an example:

  // Original code
  switch (x) {
    case 0:
      foo()
      break
    case 1:
    default:
      bar()
  }
  // Old output (with --minify)
  switch(x){case 0:foo();break;case 1:default:bar()}

... (truncated)

Commits

• cd83297 publish 0.27.2 to npm
• 2759721 additional tests for switch with break
• fd2b4b3 update release notes
• c8d93a7 fix #4357: -webkit- prefix for mask shorthand (#4358)
• 92ff12c compat table: update @types/node
• a35eceb compat table: fix a type error with the new types
• f598984 fix make compat-table to install dependencies
• f7f6df0 release notes for #4361
• 6f8ec15 fix: allow subpath imports that start with #/ (#4361)
• f7ae61f minify some switch statements to if-else statement
• Additional commits viewable in compare view

Updates eslint from 9.39.1 to 9.39.2

Release notes

Sourced from eslint's releases.

v9.39.2

Bug Fixes

• 5705833 fix: warn when eslint-env configuration comments are found (#20381) (sethamus)

Build Related

• 506f154 build: add .scss files entry to knip (#20391) (Milos Djermanovic)

Chores

• 7ca0af7 chore: upgrade to @eslint/js@9.39.2 (#20394) (Francesco Trotta)
• c43ce24 chore: package.json update for @​eslint/js release (Jenkins)
• 4c9858e ci: add v9.x-dev branch (#20382) (Milos Djermanovic)

Commits

• 9278324 9.39.2
• 542266a Build: changelog update for 9.39.2
• 7ca0af7 chore: upgrade to @eslint/js@9.39.2 (#20394)
• c43ce24 chore: package.json update for @​eslint/js release
• 5705833 fix: warn when eslint-env configuration comments are found (#20381)
• 506f154 build: add .scss files entry to knip (#20391)
• 4c9858e ci: add v9.x-dev branch (#20382)
• See full diff in compare view

Updates eslint-plugin-prettier from 5.5.4 to 5.5.5

Release notes

Sourced from eslint-plugin-prettier's releases.

v5.5.5

Patch Changes

• #772 7264ed0 Thanks @​BPScott! - Bump prettier-linter-helpers dependency to v1.0.1

• #776 77651a3 Thanks @​aswils! - fix: bump synckit for yarn PnP ESM issue

Changelog

Sourced from eslint-plugin-prettier's changelog.

5.5.5

Patch Changes

• #772 7264ed0 Thanks @​BPScott! - Bump prettier-linter-helpers dependency to v1.0.1

• #776 77651a3 Thanks @​aswils! - fix: bump synckit for yarn PnP ESM issue

Commits

• e2c154a chore: release eslint-plugin-prettier (#773)
• 6795c1a build(deps): Bump the actions group across 1 directory with 2 updates (#774)
• 77651a3 fix: bump synckit for yarn PnP ESM issue (#776)
• 7264ed0 chore: bump prettier-linter-helpers to v1.0.1 (#772)
• e11a5b7 build(deps): Bump the actions group across 1 directory with 3 updates (#769)
• befda88 ci: enable trusted publishing (#757)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-prettier since your current version.

Updates msw from 2.12.4 to 2.12.7

Release notes

Sourced from msw's releases.

v2.12.7 (2025-12-27)

Bug Fixes

• graphql: export the GraphQLLinkHandlers type (#2647) (cfab780e1d8110736567ebda129a4094e35f4c00) @​kettanaito
• graphql: support TypedDocumentString as request predicate (#2646) (494d5e88791913ae2758b3d9c2b78987d3ac0adf) @​kettanaito
• graphql: remove redundant DocumentNode union (#2645) (0f6e28f6a5ef903d5958348c16b495223820c164) @​kettanaito

v2.12.6 (2025-12-26)

Bug Fixes

• sse: respect the worker quiet option (#2644) (d50f73e72b04122a676617ce84f394b800e623fd) @​kettanaito

v2.12.5 (2025-12-26)

Bug Fixes

• sse: handle multi-line messages (#2643) (1266f612b2399eaea25219020fe93c027dc3fa7a) @​BSteffaniak @​kettanaito

Commits

• e0a4643 chore(release): v2.12.7
• cfab780 fix(graphql): export the GraphQLLinkHandlers type (#2647)
• 494d5e8 fix(graphql): support TypedDocumentString as request predicate (#2646)
• 0f6e28f fix(graphql): remove redundant DocumentNode union (#2645)
• f5e95d3 chore(release): v2.12.6
• d50f73e fix(sse): respect the worker quiet option (#2644)
• 51b3e2d chore(release): v2.12.5
• 1266f61 fix(sse): handle multi-line messages (#2643)
• afb5c40 chore: set workers explicitly in playwright (#2641)
• 09118a2 chore: use --only-shell when installing chromium for tests (#2638)
• See full diff in compare view

Updates vitest from 4.0.15 to 4.0.17

Release notes

Sourced from vitest's releases.

v4.0.17

   🚀 Experimental Features

• Support openTelemetry for browser mode  -  by @​hi-ogawa in vitest-dev/vitest#9180 (1ec3a)
• Support TRACEPARENT and TRACESTATE environment variables for OpenTelemetry context propagation  -  by @​Copilot, hi-ogawa and @​hi-ogawa in vitest-dev/vitest#9295 (876cb)

   🐞 Bug Fixes

• Improve asymmetric matcher diff readability by unwrapping container matchers  -  by @​Copilot, sheremet-va, hi-ogawa and @​hi-ogawa in vitest-dev/vitest#9330 (b2ec7)
• Improve runner error when importing outside of test context  -  by @​sheremet-va in vitest-dev/vitest#9335 (2dd3d)
• Replace crypto.randomUUID to allow insecure environments (fix #9…  -  by @​plusgut in vitest-dev/vitest#9339 and vitest-dev/vitest#9 (e6a3f)
• Handle null options in addEventHandler #9371  -  by @​ThibautMarechal in vitest-dev/vitest#9372 and vitest-dev/vitest#9371 (40841)
• Typo in browser.provider error  -  by @​deammer in vitest-dev/vitest#9394 (4b67f)
• browser:
  • Fix process.env and import.meta.env defines in inline project  -  by @​hi-ogawa in vitest-dev/vitest#9239 (b70c9)
  • Fix upload File instance  -  by @​hi-ogawa in vitest-dev/vitest#9294 (b6778)
  • Fix invalid project token for artifacts assets  -  by @​hi-ogawa in vitest-dev/vitest#9321 (caa7d)
  • Log ErrorEvent.message when unhandled ErrorEvent.error is null  -  by @​hi-ogawa in vitest-dev/vitest#9322 (5d84e)
  • Support fileParallelism on an instance  -  by @​sheremet-va in vitest-dev/vitest#9328 (15006)
• coverage:
  • Remove unnecessary istanbul-lib-source-maps usage  -  by @​AriPerkkio in vitest-dev/vitest#9344 (b0940)
  • Apply patch from istanbuljs/istanbuljs#837  -  by @​AriPerkkio and sapphi-red in vitest-dev/vitest#9413 and vitest-dev/vitest#837 (e05ce)
• fsModuleCache:
  • Don't store importers in cache  -  by @​sheremet-va in vitest-dev/vitest#9422 (75136)
  • Add importers alongside importedModules  -  by @​sheremet-va in vitest-dev/vitest#9423 (59f92)
• mocker:
  • Fix mock transform with class  -  by @​hi-ogawa in vitest-dev/vitest#9421 (d390e)
• pool:
  • Validate environment options when reusing the worker  -  by @​sheremet-va in vitest-dev/vitest#9349 (a8a88)
  • Handle worker start failures gracefully  -  by @​AriPerkkio in vitest-dev/vitest#9337 (200da)
• reporter:
  • Report test module if it failed to run  -  by @​sheremet-va in vitest-dev/vitest#9272 (c7888)
• runner:
  • Respect nested test.only within describe.only  -  by @​Ujjwaljain16 in vitest-dev/vitest#9021 and vitest-dev/vitest#9213 (55d5d)
• typecheck:
  • Improve error message when tsc outputs help text  -  by @​Ujjwaljain16 in vitest-dev/vitest#9214 (7b10a)
• ui:
  • Detect gzip by magic numbers instead of Content-Type header in html reporter  -  by @​Copilot, hi-ogawa and @​hi-ogawa in vitest-dev/vitest#9278 (dd033)
• webdriverio:
  • Fall back to WebDriver Classic #9244  -  by @​JustasMonkev in vitest-dev/vitest#9373 and vitest-dev/vitest#9244 (c23dd)

    View changes on GitHub

v4.0.16

   🐞 Bug Fixes

• Fix browser mode default testTimeout back to 15 seconds  -  by @​hi-ogawa in vitest-dev/vitest#9167 (da0ad)
• Avoid crashing on process.versions stub  -  by @​AriPerkkio in vitest-dev/vitest#9174 (78cfb)
• Reject calling suite function inside test  -  by @​hi-ogawa in vitest-dev/vitest#9198 (1a259)
• Allow inlining fully dynamic import  -  by @​hi-ogawa in vitest-dev/vitest#9137 (56851)

... (truncated)

Commits

• dd54e94 chore: release v4.0.17
• 59f92d4 fix(fsModuleCache): add importers alongside importedModules (#9423)
• 751364e fix(fsModuleCache): don't store importers in cache (#9422)
• 4b67fc2 fix: typo in browser.provider error (#9394)
• 40841ff fix: handle null options in addEventHandler #9371 (#9372)
• 200dadb fix(pool): handle worker start failures gracefully (#9337)
• 1500654 fix(browser): support fileParallelism on an instance (#9328)
• a8a8836 fix(pool): validate environment options when reusing the worker (#9349)
• 7b10ab4 fix(typecheck): improve error message when tsc outputs help text (#9214)
• 876cb84 feat: support TRACEPARENT and TRACESTATE environment variables for OpenTeleme...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.