Bump the minor group across 1 directory with 17 updates

[dependabot]

Bumps the minor group with 16 updates in the / directory:

Package	From	To
@creit.tech/stellar-wallets-kit	1.2.5	1.6.0
@stellar/stellar-sdk	13.0.0	13.1.0
@tanstack/react-query	5.59.0	5.66.9
@tanstack/react-query-devtools	5.59.0	5.66.9
dompurify	3.1.7	3.2.4
@types/dompurify	3.0.5	3.2.0
html-react-parser	5.1.18	5.2.2
tslib	2.7.0	2.8.1
uuid	11.0.5	11.1.0
zustand-querystring	0.0.19	0.1.0
@playwright/test	1.47.2	1.50.1
@types/node	22.7.4	22.13.5
lint-staged	15.2.10	15.4.3
prettier	3.3.3	3.5.2
sass	1.79.4	1.85.0
typescript	5.6.2	5.7.3

Updates @creit.tech/stellar-wallets-kit from 1.2.5 to 1.6.0

Release notes

Sourced from @​creit.tech/stellar-wallets-kit's releases.

v1.6.0

1.6.0 (2025-02-21)

Add

• Add module for HOT wallet

v1.5.0

1.5.0 (2025-02-20)

Add

• Add method "assignButtons" to the kit

v1.4.1

1.4.1 (2025-01-09)

Fix

• Make the Trezor module to work with Webpack projects

v1.4.0

1.4.0 (2024-12-20)

Add

• Add Trezor wallets support
• Update the returned value from the openAccountSelector method in the Ledger module.

v1.3.0

1.3.0 (2024-12-05)

Add

• Add Ledger wallets support
• Add new "account selector" component which can be used by wallets based on mnemonic phrases or similar (for example hardware wallets)
• Merge PR #48 - Add signMessage support for Hana wallet

Changelog

Sourced from @​creit.tech/stellar-wallets-kit's changelog.

1.6.0 (2025-02-21)

Add

• Add module for HOT wallet

1.5.0 (2025-02-20)

Add

• Add method "assignButtons" to the kit

1.4.1 (2025-01-09)

Fix

• Make the Trezor module to work with Webpack projects

1.4.0 (2024-12-20)

Add

• Add Trezor wallets support
• Update the returned value from the openAccountSelector method in the Ledger module.

1.3.0 (2024-12-05)

Add

• Add Ledger wallets support
• Add new "account selector" component which can be used by wallets based on mnemonic phrases or similar (for example hardware wallets)
• Merge PR #48 - Add signMessage support for Hana wallet

Commits

• 9066808 Upgrade to 1.6.0
• 99cd40b Merge pull request #55 from hot-dao/add-hot-wallet
• 4a33357 feat: add hot-wallet
• 5592577 Upgrade to 1.5.0
• 5579675 Add "assignButtons" method to the kit.
• 0cdcd9f Upgrade to 1.4.1
• 4d2a2c5 Upgrade to 1.4.1
• 2d88524 Upgrade to 1.4.0
• 5c127a3 Add new TrezorModule and update Ledger returned value from the `openAccountSe...
• 97dbed6 Upgrade to 1.3.0
• Additional commits viewable in compare view

Updates @stellar/stellar-sdk from 13.0.0 to 13.1.0

Release notes

Sourced from @​stellar/stellar-sdk's releases.

v13.1.0

v13.1.0

Added

• Added Horizon.Server.root to obtain information from the Horizon root endpoint (#1122).

Fixed

• When using a friendbot that points to a Horizon instance that has ledger metadata disabled, you can no longer extract the account sequence from the response. Instead, we hit RPC directly (#1107).
• rpc.Server.getEvents() now correctly returns the cursor field at the top-level response (#1124).

Contributors

• @​Shaptic, @​overcat
• @​nnsW3 made their first contribution in stellar/js-stellar-sdk#1083

Full Changelog: stellar/js-stellar-sdk@v13.0.0...v13.1.0

Changelog

Sourced from @​stellar/stellar-sdk's changelog.

v13.1.0

Added

• Added Horizon.Server.root to obtain information from the Horizon root endpoint (#1122).

Fixed

• When using a friendbot that points to a Horizon instance that has ledger metadata disabled, you can no longer extract the account sequence from the response. Instead, we hit RPC directly (#1107).
• rpc.Server.getEvents() now correctly returns the cursor field at the top-level response (#1124).

Commits

• d147768 Prepare v13.1.0 for release (#1123)
• 548e5c3 Move the cursor field in rpc.Server.getEvents to the right place (#1124)
• 3988271 Added Horizon.Server.root to obtain information from the Horizon root endpo...
• 3304995 Fetch metadata via RPC instead of relying on the Friendbot response (#1107)
• bb2e5ba Bump the minor-and-patch group across 1 directory with 4 updates (#1111)
• 25ff204 Fix misc. spelling issues in docs (#1083)
• 24c5032 Allow npm publish to be run manually (#1105)
• 83de316 Drop the protocol-22-beta when publishing to npm (#1104)
• See full diff in compare view

Updates @tanstack/react-query from 5.59.0 to 5.66.9

Release notes

Sourced from @​tanstack/react-query's releases.

v5.66.9

Version 5.66.9 - 2/21/25, 1:19 PM

Changes

Fix

• types: prevent type errors and improve inference for dynamic queries on useQueries and useSuspenseQueries (#8624) (f63ba16) by Yoomin Kang

Packages

• @​tanstack/react-query@​5.66.9
• @​tanstack/solid-query@​5.66.9
• @​tanstack/solid-query-devtools@​5.66.9
• @​tanstack/solid-query-persist-client@​5.66.9
• @​tanstack/svelte-query@​5.66.9
• @​tanstack/vue-query@​5.66.9
• @​tanstack/angular-query-experimental@​5.66.9
• @​tanstack/react-query-devtools@​5.66.9
• @​tanstack/react-query-persist-client@​5.66.9
• @​tanstack/react-query-next-experimental@​5.66.9
• @​tanstack/svelte-query-devtools@​5.66.9
• @​tanstack/svelte-query-persist-client@​5.66.9
• @​tanstack/vue-query-devtools@​5.66.9
• @​tanstack/angular-query-devtools-experimental@​5.66.9

v5.66.8

Version 5.66.8 - 2/20/25, 1:11 PM

Changes

Fix

• react-query: fix inferring data as | undefined when using initialData without queryFn (#8674) (9ac54b1) by Yoomin Kang

Docs

• angular-query: Add Optimistic Updates Example for Angular (#8439) (d07a3db) by @​MatanShushan

Packages

• @​tanstack/react-query@​5.66.8
• @​tanstack/react-query-devtools@​5.66.8
• @​tanstack/react-query-persist-client@​5.66.8
• @​tanstack/react-query-next-experimental@​5.66.8

v5.66.7

Version 5.66.7 - 2/18/25, 2:00 PM

Changes

... (truncated)

Commits

• e474f73 release: v5.66.9
• f63ba16 fix(types): prevent type errors and improve inference for dynamic queries on ...
• a4db9ed release: v5.66.8
• 9ac54b1 fix(react-query): fix inferring data as | undefined when using initialData wi...
• c1ea870 release: v5.66.7
• caf7bde refactor: Simplify useQueries (#8661)
• 470ecb6 release: v5.66.6
• 56183f0 fix(react-query): make error to be shown when using queryOptions with initial...
• 044acae release: v5.66.5
• 9a7bfd9 fix(react-query): fix queryOptions with initialData to work on useSuspenseQue...
• Additional commits viewable in compare view

Updates @tanstack/react-query-devtools from 5.59.0 to 5.66.9

Release notes

Sourced from @​tanstack/react-query-devtools's releases.

v5.66.9

Version 5.66.9 - 2/21/25, 1:19 PM

Changes

Fix

• types: prevent type errors and improve inference for dynamic queries on useQueries and useSuspenseQueries (#8624) (f63ba16) by Yoomin Kang

Packages

• @​tanstack/react-query@​5.66.9
• @​tanstack/solid-query@​5.66.9
• @​tanstack/solid-query-devtools@​5.66.9
• @​tanstack/solid-query-persist-client@​5.66.9
• @​tanstack/svelte-query@​5.66.9
• @​tanstack/vue-query@​5.66.9
• @​tanstack/angular-query-experimental@​5.66.9
• @​tanstack/react-query-devtools@​5.66.9
• @​tanstack/react-query-persist-client@​5.66.9
• @​tanstack/react-query-next-experimental@​5.66.9
• @​tanstack/svelte-query-devtools@​5.66.9
• @​tanstack/svelte-query-persist-client@​5.66.9
• @​tanstack/vue-query-devtools@​5.66.9
• @​tanstack/angular-query-devtools-experimental@​5.66.9

v5.66.8

Version 5.66.8 - 2/20/25, 1:11 PM

Changes

Fix

• react-query: fix inferring data as | undefined when using initialData without queryFn (#8674) (9ac54b1) by Yoomin Kang

Docs

• angular-query: Add Optimistic Updates Example for Angular (#8439) (d07a3db) by @​MatanShushan

Packages

• @​tanstack/react-query@​5.66.8
• @​tanstack/react-query-devtools@​5.66.8
• @​tanstack/react-query-persist-client@​5.66.8
• @​tanstack/react-query-next-experimental@​5.66.8

v5.66.7

Version 5.66.7 - 2/18/25, 2:00 PM

Changes

... (truncated)

Commits

• e474f73 release: v5.66.9
• a4db9ed release: v5.66.8
• c1ea870 release: v5.66.7
• 470ecb6 release: v5.66.6
• 044acae release: v5.66.5
• 0588a46 release: v5.66.4
• 56c24f9 fix(devtools): force LTR direction for DevTools panel (#8656)
• accccf9 release: v5.66.3
• ce7e31e release: v5.66.2
• ebe996d release: v5.66.0
• Additional commits viewable in compare view

Updates @trezor/connect-web from 9.4.4 to 9.4.7

Commits

• See full diff in compare view

Updates dompurify from 3.1.7 to 3.2.4

Release notes

Sourced from dompurify's releases.

DOMPurify 3.2.4

• Fixed a conditional and config dependent mXSS-style bypass reported by @​nsysean
• Added a new feature to allow specific hook removal, thanks @​davecardwell
• Added purify.js and purify.min.js to exports, thanks @​Aetherinox
• Added better logic in case no window object is president, thanks @​yehuya
• Updated some dependencies called out by dependabot
• Updated license files etc to show the correct year

DOMPurify 3.2.3

• Fixed two conditional sanitizer bypasses discovered by @​parrot409 and @​Slonser
• Updated the attribute clobbering checks to prevent future bypasses, thanks @​parrot409

DOMPurify 3.2.2

• Fixed a possible bypass in case a rather specific config for custom elements is set, thanks @​yaniv-git
• Fixed several minor issues with the type definitions, thanks again @​reduckted
• Fixed a minor issue with the types reference for trusted types, thanks @​reduckted
• Fixed a minor problem with the template detection regex on some systems, thanks @​svdb99

DOMPurify 3.2.1

• Fixed several minor issues with the type definitions, thanks @​reduckted @​ghiscoding @​asamuzaK @​MiniDigger
• Fixed an issue with non-minified dist files and order of imports, thanks @​reduckted

DOMPurify 3.2.0

• Added type declarations, thanks @​reduckted , @​philmayfield, @​aloisklink, @​ssi02014 and others
• Fixed a minor issue with the handling of hooks, thanks @​kevin-mizu

Commits

• ec29e65 Merge pull request #1062 from cure53/main
• 1c1b183 chore: Preparing 3.2.4 release
• d18ffcb fix: Changed the template literal regex to avoid a config-dependent bypass
• 0d64d2b Merge pull request #1060 from yehuya/initializeTestImprovements
• 9ad7933 tests: DOMPurify custom window tests improvements
• 72760ca Merge pull request #1059 from yehuya/fixMissingWindowElement
• bc72d44 Fix tests
• 363a89d fix: handle undefined Element in DOMPurify initialization
• f41b45d Update LICENSE
• b25bf26 Update README.md
• Additional commits viewable in compare view

Updates @types/dompurify from 3.0.5 to 3.2.0

Commits

• See full diff in compare view

Updates html-react-parser from 5.1.18 to 5.2.2

Release notes

Sourced from html-react-parser's releases.

v5.2.2

5.2.2 (2024-12-25)

Build System

• deps: bump html-dom-parser from 5.0.12 to 5.0.13 (#1652) (ff0b897)

v5.2.1

5.2.1 (2024-12-16)

Bug Fixes

• package: bump html-dom-parser to 5.0.12 so that \\r isn't escaped (#1642) (a1ef928), closes #1634

v5.2.0

5.2.0 (2024-12-06)

Features

• package: add react 19 to package.json peerDependencies (8b6506c), closes #1455 #1501

v5.1.19

5.1.19 (2024-12-04)

Bug Fixes

• deps: bump html-dom-parser from 5.0.10 to 5.0.11 (#1623) (f11fa35), closes #864 #1617

Changelog

Sourced from html-react-parser's changelog.

5.2.2 (2024-12-25)

Build System

• deps: bump html-dom-parser from 5.0.12 to 5.0.13 (#1652) (ff0b897)

5.2.1 (2024-12-16)

Bug Fixes

• package: bump html-dom-parser to 5.0.12 so that \\r isn't escaped (#1642) (a1ef928), closes #1634

5.2.0 (2024-12-06)

Features

• package: add react 19 to package.json peerDependencies (8b6506c), closes #1455 #1501

5.1.19 (2024-12-04)

Bug Fixes

• deps: bump html-dom-parser from 5.0.10 to 5.0.11 (#1623) (f11fa35), closes #864 #1617

Commits

• 9e89abc Merge pull request #1653 from remarkablemark/release-please--branches--master...
• df83051 chore(master): release 5.2.2
• ff0b897 build(deps): bump html-dom-parser from 5.0.12 to 5.0.13 (#1652)
• 1987ef5 build(deps-dev): bump the typescript-eslint group with 2 updates (#1651)
• b551806 build(deps-dev): bump rollup from 4.28.1 to 4.29.1 (#1650)
• b362004 build(deps-dev): bump preact from 10.25.2 to 10.25.3 (#1646)
• 525aef2 build(deps-dev): bump globals from 15.13.0 to 15.14.0 (#1647)
• df4408f build(deps-dev): bump the typescript-eslint group with 2 updates (#1645)
• 2360c28 build(package): correct repository url error
• ad1812d Merge pull request #1644 from remarkablemark/release-please--branches--master...
• Additional commits viewable in compare view

Updates tslib from 2.7.0 to 2.8.1

Release notes

Sourced from tslib's releases.

v2.8.1

What's Changed

• Fix publish workflow by @​andrewbranch in microsoft/tslib#271
• Include non-enumerable keys in __importStar helper by @​rbuckton in microsoft/tslib#272
• Remove use of ES2015 syntax by @​andrewbranch in microsoft/tslib#275

Full Changelog: microsoft/tslib@v2.8.0...v2.8.1

v2.8.0

What's Changed

• Validate export structure of every entrypoint by @​andrewbranch in microsoft/tslib#269
• Add rewriteRelativeImportExtension helper by @​andrewbranch in microsoft/tslib#270

Full Changelog: microsoft/tslib@v2.7.0...v2.8.0

Commits

• d72d6f7 2.8.1
• 11fa982 Merge pull request #275 from microsoft/bug/es5-compat
• 3c532eb Remove use of ES2015 syntax
• b0076c4 Include non-enumerable keys in __importStar helper (#272)
• 7c11588 Add missing registry-url parameter
• 1fec667 Merge pull request #271 from microsoft/fix-publish
• 097e99e Fix publish workflow
• ca5f7fb 2.8.0
• 2334267 Merge pull request #270 from microsoft/rewriteRelativeImportExtension
• c4cde74 Missed update
• Additional commits viewable in compare view

Updates uuid from 11.0.5 to 11.1.0

Release notes

Sourced from uuid's releases.

v11.1.0

11.1.0 (2025-02-19)

Features

• update TS types to allowUint8Array subtypes for buffer option (#865) (a5231e7)

Changelog

Sourced from uuid's changelog.

11.1.0 (2025-02-19)

Features

• update TS types to allowUint8Array subtypes for buffer option (#865) (a5231e7)

Commits

• 3d1eba0 chore(main): release 11.1.0 (#866)
• a5231e7 feat: update TS types to allowUint8Array subtypes for buffer option (#865)
• aeabb60 docs: docs housecleaning (#864)
• See full diff in compare view

Updates zustand-querystring from 0.0.19 to 0.1.0

Release notes

Sourced from zustand-querystring's releases.

0.1.0, new URL encoding

0.1.0 is a breaking change. The URL encoding and decoding is simplified. Before 0.1.0, zustand-querystring used a proprietary format to encode the state in the URL. While this made the URL more readable and short, it could cause unexpected issues when other tools/libraries tried to parse it. In this new version, encoding and decoding is handled by encodeURIComponent and decodeURIComponent. This makes the state in the URL unreadable, but should be more compatible with third-party tools.

Commits

• 68a9dac chore: release v0.1.0
• 983c6f0 simplify implementation, use plain encodeURIComponent
• b604a2b chore: release v0.0.20-beta.0
• b6e7342 fix url encoding
• See full diff in compare view

Updates @playwright/test from 1.47.2 to 1.50.1

Release notes

Sourced from @​playwright/test's releases.

v1.50.1

Highlights

microsoft/playwright#34483 - [Feature]: single aria snapshot for different engines/browsers microsoft/playwright#34497 - [Bug]: Firefox not handling keepalive: true fetch requests microsoft/playwright#34504 - [Bug]: update snapshots not creating good diffs microsoft/playwright#34507 - [Bug]: snapshotPathTemplate doesnt work when multiple projects microsoft/playwright#34462 - [Bug]: updateSnapshots "changed" throws an error

Browser Versions

• Chromium 133.0.6943.16
• Mozilla Firefox 134.0
• WebKit 18.2

This version was also tested against the following stable channels:

• Google Chrome 132
• Microsoft Edge 132

v1.50.0

Test runner

• New option timeout allows specifying a maximum run time for an individual test step. A timed-out step will fail the execution of the test.

  test('some test', async ({ page }) => {
    await test.step('a step', async () => {
      // This step can time out separately from the test
    }, { timeout: 1000 });
  });

• New method test.step.skip() to disable execution of a test step.

  test('some test', async ({ page }) => {
    await test.step('before running step', async () => {
      // Normal step
    });
  await test.step.skip('not yet ready', async () => {
  // This step is skipped
  });
  await test.step('after running step', async () => {
  // This step still runs even though the previous one was skipped
  });
  });

• Expanded expect(locator).toMatchAriaSnapshot() to allow storing of aria snapshots in separate YAML files.

... (truncated)

Commits

• dbc685c chore: mark v1.50.1 (#34575)
• 13d80f1 cherry-pick(#34560): chore(docs): clarify connection method via BrowserType.c...
• 159210d cherry-pick(#34556): fix(toMatchAriaSnapshot): fail test run when updating mi...
• fbad9f7 cherry-pick(#34537): feat: per-assertion snapshot path template in config (#3...
• 67313fa cherry-pick(#34550): roll follow-ups for .NET and Python
• 4b7794b cherry-pick(#34544): fix(aria): disregard text area textContent
• 1efbedd cherry-pick(#34535): Revert "Reapply "fix(har timing): record connect timing ...
• 1e258e0 cherry-pick(#34420): chore(deps): bump vite from 5.4.6 to 5.4.14 (#34539)
• 7be4ef5 cherry-pick(#34522): test: fetch request through socks proxy over ipv4
• 7b3e590 cherry-pick(#34530): fix(firefox): disable fetch keep-alive for now before a ...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dgozman-ms, a new releaser for @​playwright/test since your current version.

Updates @types/dompurify from 3.0.5 to 3.2.0

Commits

• See full diff in compare view

Updates @types/node from 22.7.4 to 22.13.5

Commits

• See full diff in compare view

Updates lint-staged from 15.2.10 to 15.4.3

Release notes

Sourced from lint-staged's releases.

v15.4.3

Patch Changes

• #1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

v15.4.2

Patch Changes

• #1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

v15.4.1

Patch Changes

• #1504 1c7a45e Thanks @​iiroj! - Default TypeScript config filenames match JS equivalents.

• #1504 9cc18c9 Thanks @​iiroj! - Add missing conditional exports syntax for TypeScript types.

v15.4.0

Minor Changes

• #1500 a8ec1dd Thanks @​iiroj! - Lint-staged now provides TypeScript types for the configuration and main Node.js API. You can use the JSDoc syntax in your JS configuration files:

  /**
   * @filename: lint-staged.config.js
   * @type {import('lint-staged').Configuration}
   */
  export default {
    '*': 'prettier --write',
  }

  It's also possible to use the .ts file extension for the configuration if your Node.js version supports it. The --experimental-strip-types flag was introduced in Node.js v22.6.0 and unflagged in v23.6.0, enabling Node.js to execute TypeScript files without additional configuration.

  export NODE_OPTIONS="--experimental-strip-types"
  npx lint-staged --config lint-staged.config.ts

Patch Changes

• #1501 9b79364 Thanks @​iiroj! - Handle possible failures when logging user shell for debug info.

v15.3.0

Minor Changes

• #1495 e69da9e Thanks @​iiroj! - Added more info to the debug logs so that "environment" info doesn't need to be added separately to GitHub issues.

• #1493 fa0fe98 Thanks @​iiroj! - Added more help messages around the automatic git stash that lint-staged creates as a backup (by default). The console output also displays the short git hash of the stash so that it's easier to recover lost files in case some fatal errors are encountered, or the process is killed before completing.

... (truncated)

Changelog

Sourced from lint-staged's changelog.

15.4.3

Patch Changes

• #1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

15.4.2

Patch Changes

• #1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

15.4.1

Patch Changes

• #1504 1c7a45e Thanks @​iiroj! - Default TypeScript config filenames match JS equivalents.

• #1504 9cc18c9 Thanks @​iiroj! - Add missing conditional exports syntax for TypeScript types.

15.4.0

Minor Changes

• #1500 a8ec1dd Thanks @​iiroj! - Lint-staged now provides TypeScript types for the configuration and main Node.js API. You can use the JSDoc syntax in your JS configuration files:

  /**
   * @filename: lint-staged.config.js
   * @type {import('lint-staged').Configuration}
   */
  export default {
    '*': 'prettier --write',
  }

  It's also possible to use the .ts file extension for the configuration if your Node.js version supports it. The --experimental-strip-types flag was introduced in Node.js v22.6.0 and unflagged in v23.6.0, enabling Node.js to execute TypeScript files without additional configuration.

  export NODE_OPTIONS="--experimental-strip-types"
  npx lint-staged --config lint-staged.config.ts

Patch Changes

• #1501 9b79364 Thanks @​iiroj! - Handle possible failures when logging user shell for debug info.

15.3.0

... (truncated)

Commits

• e53f950 chore(changeset): release
• 089da56 test: fail Jest when coverage is under 100%
• 19aa461 ci: remove code coverage action since it's not working in PRs from forks
• cbfed1d fix: update types.d.ts (#1512)
• aef9e5c chore(changeset): release (#1510)
• 8827ebf build(dependencies): update dependencies and switch to caret ranges (#1509)
• 7f69b3f docs: generalize description from 'linting' to 'tasks' (#1507)
• 1c93c9e chore(changeset): release (#1505)
• c020664 Merge pull request #1504 from lint-staged/fix-typescript
• 1c7a45e fix: default TypeScript config filenames match JS equivalents
• Additional commits viewable in compare view

Updates prettier from 3.3.3 to 3.5.2

Release notes

Sourced from prettier's releases.

3.5.2

🔗 Changelog

3.5.1

🔗 Changelog

3.5.0

diff

🔗 Release note

3.4.2

🔗 Changelog

3.4.1

🔗 Changelog

3.4.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.5.2

diff

Remove module-sync condition (#17156 by @​fisker)

In Prettier 3.5.0, we added module-sync condition to package.json, so that require("prettier") can use ESM version, but turns out it doesn't work if CommonJS and ESM plugins both imports builtin plugins. To solve this problem, we decide simply remove the module-sync condition, so require("prettier") will still use the CommonJS version, we'll revisit until require(ESM) feature is more stable.

3.5.1

diff

Fix CLI crash when cache for old version exists (#17100 by @​sosukesuzuki)

Prettier 3.5 uses a different cache format than previous versions, Prettier 3.5.0 crashes when reading existing cache file, Prettier 3.5.1 fixed the problem.

Support dockercompose and github-actions-workflow in VSCode (#17101 by @​remcohaszing)

Prettier now supports the dockercompose and github-actions-workflow languages in Visual Studio Code.

3.5.0

diff

🔗 Release Notes

3.4.2

diff

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @​tats-u)

Prettier doesn't treat U+30A0 & U+30FB as Japanese. U+30FB is commonly used in Japanese to represent the delimitation of first and last names of non-Jap...

Description has been truncated

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@creit.tech/stellar-wallets-kit@1.6.0 🔁 npm/@creit.tech/stellar-wallets-kit@1.2.5	None	0	529 kB	earrietadev
npm/@hot-wallet/sdk@1.0.11	network	0	142 kB	hot-wallet
npm/@near-js/crypto@1.4.1	None	+2	273 kB	nearndy
npm/@near-js/types@0.3.1	None	0	62.1 kB	nearndy
npm/@near-wallet-selector/core@8.10.0	eval	+1	496 kB	trechriron
npm/@noble/curves@1.2.0	None	+1	2.1 MB	paulmillr
npm/@playwright/test@1.50.1 🔁 npm/@playwright/test@1.47.2	None	0	25.4 kB	dgozman-ms, mxschmitt, pavelfeldman, ...1 more
npm/@solana-program/token@0.4.1	environment	0	1.12 MB	lorisleiva
npm/@solana/accounts@2.0.0	None	0	167 kB	lorisleiva
npm/@solana/addresses@2.0.0	None	0	198 kB	lorisleiva
npm/@solana/assertions@2.0.0	None	0	51.4 kB	lorisleiva
npm/@solana/codecs-core@2.0.0	None	0	495 kB	lorisleiva
npm/@solana/codecs-data-structures@2.0.0	None	0	756 kB	lorisleiva
npm/@solana/codecs-numbers@2.0.0	None	0	246 kB	lorisleiva
npm/@solana/codecs-strings@2.0.0	None	0	208 kB	lorisleiva
npm/@solana/codecs@2.0.0	None	0	18.4 kB	lorisleiva
npm/@solana/errors@2.0.0	Transitive: environment	+1	1.54 MB	lorisleiva
npm/@solana/fast-stable-stringify@2.0.0	None	0	43.1 kB	lorisleiva
npm/@solana/functional@2.0.0	None	0	33.1 kB	lorisleiva
npm/@solana/instructions@2.0.0	None	0	85.8 kB	lorisleiva
npm/@solana/keys@2.0.0	None	0	118 kB	lorisleiva
npm/@solana/options@2.0.0	None	0	147 kB	lorisleiva
npm/@solana/programs@2.0.0	None	0	18.5 kB	lorisleiva
npm/@solana/promises@2.0.0	None	0	59.6 kB	lorisleiva
npm/@solana/rpc-api@2.0.0	None	0	256 kB	lorisleiva
npm/@solana/rpc-parsed-types@2.0.0	None	0	21.9 kB	lorisleiva
npm/@solana/rpc-spec-types@2.0.0	None	0	111 kB	lorisleiva
npm/@solana/rpc-spec@2.0.0	None	0	72.1 kB	lorisleiva
npm/@solana/rpc-subscriptions-api@2.0.0	None	0	146 kB	lorisleiva
npm/@solana/rpc-subscriptions-channel-websocket@2.0.0	None	0	82.5 kB	lorisleiva
npm/@solana/rpc-subscriptions-spec@2.0.0	None	0	197 kB	lorisleiva
npm/@solana/rpc-subscriptions@2.0.0	None	0	263 kB	lorisleiva
npm/@solana/rpc-transformers@2.0.0	None	0	227 kB	lorisleiva
npm/@solana/rpc-transport-http@2.0.0	environment, network	0	121 kB	lorisleiva
npm/@solana/rpc-types@2.0.0	None	0	170 kB	lorisleiva
npm/@solana/rpc@2.0.0	environment	0	129 kB	lorisleiva
npm/@solana/signers@2.0.0	None	0	399 kB	lorisleiva
npm/@solana/subscribable@2.0.0	environment	0	126 kB	lorisleiva
npm/@solana/sysvars@2.0.0	None	0	340 kB	lorisleiva
npm/@solana/transaction-confirmation@2.0.0	None	0	224 kB	lorisleiva
npm/@solana/transaction-messages@2.0.0	None	0	735 kB	lorisleiva
npm/@solana/transactions@2.0.0	None	0	152 kB	lorisleiva
npm/@solana/wallet-adapter-base@0.9.23	None	0	97.3 kB	jordansexton
npm/@solana/wallet-standard-features@1.3.0	None	+1	94.2 kB	solana-devs
npm/@solana/web3.js@1.98.0 🔁 npm/@solana/web3.js@1.95.5	None	+4	13.4 MB	solana-devs
npm/@stellar/freighter-api@4.0.0 🔁 npm/@stellar/freighter-api@3.0.0	None	+1	180 kB	stellar-npm-ci
npm/@stellar/stellar-sdk@13.1.0 🔁 npm/@stellar/stellar-sdk@13.0.0	None	0	14.9 MB	stellar-npm-ci
npm/@tanstack/query-core@5.66.4 🔁 npm/@tanstack/query-core@5.59.0	None	0	1.97 MB	tannerlinsley
npm/@tanstack/query-devtools@5.65.0 🔁 npm/@tanstack/query-devtools@5.58.0	None	0	2.59 MB	tannerlinsley
npm/@tanstack/react-query-devtools@5.66.9 🔁 npm/@tanstack/react-query-devtools@5.59.0	None	0	95.5 kB	tannerlinsley
npm/@tanstack/react-query@5.66.9 🔁 npm/@tanstack/react-query@5.59.0	None	0	0 B
npm/@trezor/analytics@1.2.5 🔁 npm/@trezor/analytics@1.2.3	None	+1	84.2 kB	trezor-ci
npm/@trezor/blockchain-link-types@1.2.5 🔁 npm/@trezor/blockchain-link-types@1.2.3	None	0	60 kB	trezor-ci
npm/@trezor/blockchain-link-utils@1.2.6 🔁 npm/@trezor/blockchain-link-utils@1.2.3	None	0	59.9 kB	trezor-ci
npm/@trezor/blockchain-link@2.3.6 🔁 npm/@trezor/blockchain-link@2.3.3	Transitive: environment, network	+2	2.04 MB	trezor-ci
npm/@trezor/connect-analytics@1.2.4 🔁 npm/@trezor/connect-analytics@1.2.3	None	0	5.52 kB	trezor-ci
npm/@trezor/connect-common@0.2.7 🔁 npm/@trezor/connect-common@0.2.4	None	0	202 kB	trezor-ci
npm/@trezor/connect-web@9.4.7 🔁 npm/@trezor/connect-web@9.4.4	None	+1	170 kB	trezor-ci
npm/@trezor/connect@9.4.7 🔁 npm/@trezor/connect@9.4.4	None	+2	1.5 MB	trezor-ci
npm/@trezor/protobuf@1.2.6 🔁 npm/@trezor/protobuf@1.2.4	None	0	1.01 MB	trezor-ci
npm/@trezor/transport@1.3.7 🔁 npm/@trezor/transport@1.3.4	None	0	168 kB	trezor-ci
npm/@trezor/type-utils@1.1.4 🔁 npm/@trezor/type-utils@1.1.2	None	0	28.1 kB	trezor-ci
npm/@trezor/utxo-lib@2.2.6 🔁 npm/@trezor/utxo-lib@2.2.3	None	0	237 kB	trezor-ci
npm/@types/dompurify@3.2.0 🔁 npm/@types/dompurify@3.0.5	None	0	1.74 kB	types
npm/@wallet-standard/features@1.1.0	None	0	41.1 kB	jordansexton
npm/axios@1.7.9 🔁 npm/axios@1.7.7	None	0	2.13 MB	jasonsaayman
npm/base-x@2.0.6	None	0	7.08 kB	dcousens
npm/borsh@2.0.0	None	0	80.1 kB	boatnear
npm/bs58@4.0.0	None	0	4.79 kB	jprichardson
npm/chalk@5.4.1 🔁 npm/chalk@5.3.0	None	0	44.2 kB	sindresorhus
npm/charenc@0.0.2	None	0	2.93 kB	pvorb
npm/crypt@0.0.2	None	0	5.03 kB	pvorb
npm/depd@2.0.0	environment, eval	0	27.1 kB	dougwilson
npm/dompurify@3.2.4 🔁 npm/dompurify@3.1.7	None	0	308 kB	cure53
npm/domutils@3.2.2 🔁 npm/domutils@3.1.0	None	0	167 kB	feedic
npm/entities@6.0.0	None	0	540 kB	feedic
npm/eventemitter3@4.0.7	None	0	38 kB	lpinca
npm/feaxios@0.0.23 🔁 npm/feaxios@0.0.20	None	0	57.1 kB	divyamsingh234
npm/html-dom-parser@5.0.13 🔁 npm/html-dom-parser@5.0.10	None	0	132 kB	remarkablemark
npm/html-react-parser@5.2.2 🔁 npm/html-react-parser@5.1.18	None	0	468 kB	remarkablemark
npm/htmlparser2@10.0.0 🔁 npm/htmlparser2@9.1.0	None	0	489 kB	feedic
npm/immutable@5.0.3 🔁 npm/immutable@4.3.6	None	0	687 kB	leebyron
npm/js-sha256@0.11.0	None	0	39.5 kB	emn178
npm/lilconfig@3.1.3 🔁 npm/lilconfig@3.1.2	None	0	18 kB	antonk52
npm/lint-staged@15.4.3 🔁 npm/lint-staged@15.2.10	Transitive: environment	+1	329 kB	okonet
npm/listr2@8.2.5 🔁 npm/listr2@8.2.4	None	+1	287 kB	cenk1cenk2
npm/mustache@4.0.0	None	0	110 kB	flipp
npm/node-addon-api@5.1.0	None	0	380 kB	nicknaso
npm/node-gyp-build@4.8.4 🔁 npm/node-gyp-build@4.8.1	None	0	13.9 kB	mafintosh
npm/playwright-core@1.50.1 🔁 npm/playwright-core@1.47.2	None	0	7.84 MB	dgozman, dgozman-ms, pavelfeldman, ...1 more
npm/playwright@1.50.1 🔁 npm/playwright@1.47.2	None	+1	3.34 MB	dgozman, dgozman-ms, pavelfeldman, ...1 more
npm/prettier@3.5.2 🔁 npm/prettier@3.3.3	None	0	7.88 MB	azz, duailibe, fisker, ...8 more
npm/sass@1.85.0 🔁 npm/sass@1.79.4	Transitive: environment	+2	5.97 MB	hcatlin, nex3, sassbot
npm/secp256k1@5.0.0	None	0	2.14 MB	fanatid
npm/semver@7.7.1	None	0	96.7 kB	npm-cli-ops
npm/sha1@1.1.1	None	0	7.68 kB	pvorb
npm/tslib@2.8.1 🔁 npm/tslib@2.6.3, npm/tslib@2.7.0	None	0	90.4 kB	typescript-bot
npm/typescript@5.7.3 🔁 npm/typescript@5.6.2	None	0	22.7 MB	typescript-bot
npm/undici-types@6.20.0 🔁 npm/undici-types@5.26.5	None	0	83.3 kB	matteo.collina
npm/uuid4@2.0.3	None	0	4.41 kB	tracker1
npm/yaml@2.7.0 🔁 npm/yaml@2.5.1	None	0	681 kB	eemeli
npm/zustand-querystring@0.1.0 🔁 npm/zustand-querystring@0.0.19	None	0	21.4 kB	nitedani

🚮 Removed packages: npm/micromatch@4.0.7, npm/ms@2.1.2

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Deprecated	npm/base-x@2.0.6	Reason: use 3.0.0 instead, safe-buffer has been merged and release for compatability	yarn.lock	⚠︎
Deprecated	npm/@types/dompurify@3.2.0	Reason: This is a stub types definition. dompurify provides its own type definitions, so you do not need this installed.	package.json yarn.lock	⚠︎

View full report↗︎

Next steps

What is a deprecated package?

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/base-x@2.0.6
• @SocketSecurity ignore npm/@types/dompurify@3.2.0