Bump the production-dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the production-dependencies group with 11 updates in the / directory:

Package	From	To
@clack/prompts	0.11.0	1.0.1
@floating-ui/dom	1.7.4	1.7.5
flexsearch	0.8.205	0.8.212
minimatch	10.1.1	10.2.0
pixi.js	8.15.0	8.16.0
preact	10.28.2	10.28.3
rehype-citation	2.3.1	2.3.2
satori	0.19.1	0.19.2
shiki	1.26.2	3.22.0
@types/node	25.0.10	25.2.3
esbuild	0.27.2	0.27.3

Updates @clack/prompts from 0.11.0 to 1.0.1

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.0.1

Patch Changes

• 6404dc1: Disallows selection of disabled options in autocomplete.
• 86e36d8: Adds withGuide support to select prompt.
• c697439: Fixes line wrapping behavior in autocomplete.
• 0ded19c: Simplifies withGuide option checks.
• 0e4ddc9: Fixes withGuide support in password and path prompts.
• 76550d6: Adds withGuide support to selectKey prompt.
• f9b9953: Adds withGuide support to password prompt.
• 0e93ccb: Adds vertical arrangement option to confirm prompt.
• 4e9ae13: Adds withGuide support to confirm prompt.
• 0256238: Adds withGuide support to spinner prompt.
• Updated dependencies [6404dc1]
• Updated dependencies [2533180]
  • @​clack/core@​1.0.1

@​clack/prompts@​1.0.0

Major Changes

• c713fd5: The package is now distributed as ESM-only. In v0 releases, the package was dual-published as CJS and ESM.

  For existing CJS projects using Node v20+, please see Node's guide on Loading ECMAScript modules using require().

Minor Changes

• 415410b: This adds a custom filter function to autocompleteMultiselect. It could be used, for example, to support fuzzy searching logic.

• 7bc3301: Prompts now have a userInput stored separately from their value.

• 8409f2c: feat: add styleFrame option for spinner

• 2837845: Adds suggestion and path prompts

• 99c3530: Adds format option to the note prompt to allow formatting of individual lines

• 0aaee4c: Added new taskLog prompt for log output which is cleared on success

• 729bbb6: Add support for customizable spinner cancel and error messages. Users can now customize these messages either per spinner instance or globally via the updateSettings function to support multilingual CLIs.

  This update also improves the architecture by exposing the core settings to the prompts package, enabling more consistent default message handling across the codebase.

  // Per-instance customization
  const spinner = prompts.spinner({
    cancelMessage: "Operación cancelada", // "Operation cancelled" in Spanish
    errorMessage: "Se produjo un error", // "An error occurred" in Spanish
  });
  // Global customization via updateSettings

... (truncated)

Changelog

Sourced from @​clack/prompts's changelog.

1.0.1

Patch Changes

• 6404dc1: Disallows selection of disabled options in autocomplete.
• 86e36d8: Adds withGuide support to select prompt.
• c697439: Fixes line wrapping behavior in autocomplete.
• 0ded19c: Simplifies withGuide option checks.
• 0e4ddc9: Fixes withGuide support in password and path prompts.
• 76550d6: Adds withGuide support to selectKey prompt.
• f9b9953: Adds withGuide support to password prompt.
• 0e93ccb: Adds vertical arrangement option to confirm prompt.
• 4e9ae13: Adds withGuide support to confirm prompt.
• 0256238: Adds withGuide support to spinner prompt.
• Updated dependencies [6404dc1]
• Updated dependencies [2533180]
  • @​clack/core@​1.0.1

1.0.0

Major Changes

• c713fd5: The package is now distributed as ESM-only. In v0 releases, the package was dual-published as CJS and ESM.

  For existing CJS projects using Node v20+, please see Node's guide on Loading ECMAScript modules using require().

Minor Changes

• 415410b: This adds a custom filter function to autocompleteMultiselect. It could be used, for example, to support fuzzy searching logic.

• 7bc3301: Prompts now have a userInput stored separately from their value.

• 8409f2c: feat: add styleFrame option for spinner

• 2837845: Adds suggestion and path prompts

• 99c3530: Adds format option to the note prompt to allow formatting of individual lines

• 0aaee4c: Added new taskLog prompt for log output which is cleared on success

• 729bbb6: Add support for customizable spinner cancel and error messages. Users can now customize these messages either per spinner instance or globally via the updateSettings function to support multilingual CLIs.

  This update also improves the architecture by exposing the core settings to the prompts package, enabling more consistent default message handling across the codebase.

  // Per-instance customization
  const spinner = prompts.spinner({
    cancelMessage: "Operación cancelada", // "Operation cancelled" in Spanish
    errorMessage: "Se produjo un error", // "An error occurred" in Spanish
  });
  // Global customization via updateSettings
  prompts.updateSettings({
  messages: {
  cancel: "Operación cancelada", // "Operation cancelled" in Spanish
  error: "Se produjo un error", // "An error occurred" in Spanish

... (truncated)

Commits

• 667572b [ci] release (#456)
• 6404dc1 fix: support disabled options in autocomplete (#466)
• ba10721 [ci] format
• 0e4ddc9 fix: respect withGuide option in password and path prompts (#460)
• 0ded19c chore(prompts): simplify guide option checks (#459)
• 0e93ccb feat: add vertical option to confirm prompt (#455)
• 4e9ae13 feat: add withGuide support to confirm prompt (#450)
• f9b9953 feat: add withGuide support to password prompt (#451)
• 76550d6 feat: add withGuide support to selectKey prompt (#452)
• 86e36d8 feat: add withGuide support to select prompt (#453)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​clack/prompts since your current version.

Updates @floating-ui/dom from 1.7.4 to 1.7.5

Changelog

Sourced from @​floating-ui/dom's changelog.

1.7.5

Patch Changes

• Update dependencies: @floating-ui/core@1.7.4

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​floating-ui/dom since your current version.

Updates flexsearch from 0.8.205 to 0.8.212

Commits

• See full diff in compare view

Updates minimatch from 10.1.1 to 10.2.0

Changelog

Sourced from minimatch's changelog.

change log

10.2

• Add braceExpandMax option

10.1

• Add magicalBraces option for escape
• Fix makeRe when partial: true is set.
• Fix makeRe when pattern ends in a final ** path part.

10.0

• Require node 20 or 22 and higher

9.0

• No default export, only named exports.

8.0

• Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
• Bump required Node.js version

7.4

• Add escape() method
• Add unescape() method
• Add Minimatch.hasMagic() method

7.3

• Add support for posix character classes in a unicode-aware way.

7.2

• Add windowsNoMagicRoot option

7.1

• Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

... (truncated)

Commits

• 1a62a2a 10.2.0
• 758b5a3 changelog 10.2
• 903e50b add braceExpandMax option, format
• a50a110 10.1.3
• a08c046 move back to og brace-expansion
• fde70d1 10.1.2
• 05210d8 update deps
• ba4093c update workflows and package stuff
• See full diff in compare view

Updates pixi.js from 8.15.0 to 8.16.0

Release notes

Sourced from pixi.js's releases.

v8.16.0

💾 Download

Installation:

npm install pixi.js@8.16.0

Development Build:

• https://cdn.jsdelivr.net/npm/pixi.js@8.16.0/dist/pixi.js
• https://cdn.jsdelivr.net/npm/pixi.js@8.16.0/dist/pixi.mjs

Production Build:

• https://cdn.jsdelivr.net/npm/pixi.js@8.16.0/dist/pixi.min.js
• https://cdn.jsdelivr.net/npm/pixi.js@8.16.0/dist/pixi.min.mjs

Documentation:

• https://pixijs.download/v8.16.0/docs/index.html

Changed

pixijs/pixijs@v8.15.0...v8.16.0

🚨 Behavior Change

• SplitText now more accurately splits Text across a wider range of TextStyle configurations. This may result in slight changes to character positioning.
• Using SplitText.from from an existing Text now correctly transfers the source anchor to the new instance by mapping the anchor to pivot coordinates. This changes layout and positioning compared to previous behavior.
• SplitBitmapText now correctly defaults to a white fill, matching the behavior of BitmapText.
• HTMLText now correctly respects breakWords and no longer cuts off words that exceed wordWrapWidth.
• HTMLText now respects the alpha value of its fill and stroke.
• Text now correctly aligns when using align: 'right' or align: 'center', resulting in a small positional adjustment.
• Container.cullArea is now correctly interpreted in the container’s local coordinate space and transformed to global coordinates before culling checks.

  // cullArea is defined in local space and transformed during culling
  container.cullArea = new Rectangle(0, 0, 100, 100);

• graphics.texture(texture, 0x000000) will now correctly apply a black tint

🎁 Added

• feat: Canvas renderer by @​krzys @​Zyie in pixijs/pixijs#11815
  • Note: This feature is experimental, please let us know if you run into any issues.

   await app.init({
        preference: 'canvas'
    });

• feat: tagged text by @​Zyie in pixijs/pixijs#11827
  • Note: Currently only works for Text/HTMLText, BitmapText support coming soon

   const text = new Text({
    text: '<bold>Important:</bold> This is <highlight>highlighted</highlight> text',
    style: {

... (truncated)

Commits

• 94156d3 v8.16.0
• 801f4a4 fix bump script
• 5e484ff fix: release scripts for node 24
• c52309f feat: Canvas renderer (#11815)
• 5a08b91 feat: ExternalTexture placeholder resource (#11861)
• 7f78260 perf: use texImage2D instead of texSubImage2D for video in Safari (#11867)
• 09c020f fix: improve html text measurement (#11862)
• 28fcac2 feat: improve stability of SplitText (#11858)
• b91dfcf fix: GC system to ensure render groups are marked as dirty (#11842)
• d537b58 feat: render to array layer (#11803)
• Additional commits viewable in compare view

Updates preact from 10.28.2 to 10.28.3

Release notes

Sourced from preact's releases.

10.28.3

Fixes

• Avoid scheduling suspense state udpates (#5006, thanks @​JoviDeCroock)
• Resolve some suspense crashes (#4999, thanks @​JoviDeCroock)
• Support inheriting namespace through portals (#4993, thanks @​JoviDeCroock)

Maintenance

• Update test with addition of _original (#4989, thanks @​JoviDeCroock)

Commits

• eb1b8c8 10.28.3 (#5007)
• 5023ce8 Avoid scheduling suspense state udpates (#5006)
• 2ac91c4 Resolve some suspense crashes (#4999)
• 4317858 Support inheriting namespace through portals (#4993)
• 25bb34b Update test (#4989)
• See full diff in compare view

Updates rehype-citation from 2.3.1 to 2.3.2

Release notes

Sourced from rehype-citation's releases.

v2.3.2

What's Changed

• Update dependencies by @​timlrx in timlrx/rehype-citation#60
• chore: update ci and netlify node version by @​timlrx in timlrx/rehype-citation#61
• fix: footnote typing by @​timlrx in timlrx/rehype-citation#62

Full Changelog: timlrx/rehype-citation@v2.3.1...v2.3.2

Commits

• 19a9f4d 2.3.2
• d785742 Merge pull request #62 from timlrx/fix-footnote-type
• dbfce48 fix: footnote typing
• b3d64a0 Merge pull request #61 from timlrx/update-ci-node-version
• 21e59f7 chore: update netlify node version
• eceb790 chore: update ci node version
• a86aec6 Merge pull request #60 from timlrx/update-dependencies
• 1796658 chore: update to tailwind v4
• 6bcf5a5 chore: sync changes from citation-js
• 67a76f2 chore: update outdated link
• Additional commits viewable in compare view

Updates satori from 0.19.1 to 0.19.2

Release notes

Sourced from satori's releases.

0.19.2

0.19.2 (2026-02-10)

Bug Fixes

• correct implementation of init function exported by standalone submodule (#716) (7c08d3a)

Commits

• 7c08d3a fix: correct implementation of init function exported by standalone submo...
• See full diff in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates shiki from 1.26.2 to 3.22.0

Release notes

Sourced from shiki's releases.

v3.22.0

   🚀 Features

• Update grammar and themes  -  by @​antfu (40676)

    View changes on GitHub

v3.21.0

   🚀 Features

• Update grammar  -  by @​antfu (6d109)
• core: Preserve HAST data and properties in codeToHast  -  by @​AmanCrafts in shikijs/shiki#1204 (747ea)

   🐞 Bug Fixes

• vitepress-twoslash: Fix scroll blocking on mobile viewports  -  by @​dahlia in shikijs/shiki#1235 (8e931)

    View changes on GitHub

v3.20.0

   🚀 Features

• cli: Add --format option for html output  -  by @​Divyapahuja31 in shikijs/shiki#1211 (28dd0)

   🐞 Bug Fixes

• rehype: Handle promise rejections in lazy language loading  -  by @​ambujvashistha in shikijs/shiki#1221 (99654)
• vitepress-twoslash: Fix popper positions being recomputed too early within vitepress code groups  -  by @​Dschungelabenteuer, charles.gruenais and @​antfu in shikijs/shiki#1116 (19ea5)

   🏎 Performance

• core: Eliminate redundant tokenization call in tokenizeWithTheme  -  by @​ShivanshBhargava and @​NssGourav in shikijs/shiki#1216 (c78b1)

    View changes on GitHub

v3.19.0

   🚀 Features

• Support rootStyle: false option  -  by @​khushthecoder and @​antfu in shikijs/shiki#1184 (baf9a)
• transformers:
  • Add classActiveCode option to notation transformers  -  by @​GreenHacker420 in shikijs/shiki#1171 (a6a44)
  • Add transformerRemoveComments  -  by @​Bitshifter-9, Copilot, @​crazylogic03 and @​antfu in shikijs/shiki#1144 (f2ee3)
• twoslash:
  • Add context parameter to filter option  -  by @​siddu-09 in shikijs/shiki#1173 (ac7f5)

   🐞 Bug Fixes

• Add typesVersions for legacy resolution support  -  by @​khushthecoder in shikijs/shiki#1179 (100b7)
• core: Check embeddedLanguages in registry dependency check  -  by @​vamsi2246 in shikijs/shiki#1178 (6ad16)
• monaco: Correctly handle sparse color map updates  -  by @​wcr-karan in shikijs/shiki#1169 (38c7f)

... (truncated)

Commits

• dba0507 chore: release v3.22.0
• e2acdc4 chore: update snapshot
• 4067676 feat: update grammar and themes
• 85a970c chore: update snapshot
• 5c9cb94 chore: release v3.21.0
• 6d109ce feat: update grammar
• a0b7304 chore: release v3.20.0
• 61c87e8 chore: release v3.19.0
• 0cd35ac test: use using in tests
• a016f19 chore: release v3.18.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for shiki since your current version.

Updates @types/node from 25.0.10 to 25.2.3

Commits

• See full diff in compare view

Updates esbuild from 0.27.2 to 0.27.3

Release notes

Sourced from esbuild's releases.

v0.27.3

• Preserve URL fragments in data URLs (#4370)

  Consider the following HTML, CSS, and SVG:

  • index.html:

    <!DOCTYPE html>
    <html>
      <head><link rel="stylesheet" href="icons.css"></head>
      <body><div class="triangle"></div></body>
    </html>

  • icons.css:

    .triangle {
      width: 10px;
      height: 10px;
      background: currentColor;
      clip-path: url(./triangle.svg#x);
    }

  • triangle.svg:

    <svg xmlns="http://www.w3.org/2000/svg">
      <defs>
        <clipPath id="x">
          <path d="M0 0H10V10Z"/>
        </clipPath>
      </defs>
    </svg>

  The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

  /* icons.css */
  .triangle {
    width: 10px;
    height: 10px;
    background: currentColor;
    clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.3

• Preserve URL fragments in data URLs (#4370)

  Consider the following HTML, CSS, and SVG:

  • index.html:

    <!DOCTYPE html>
    <html>
      <head><link rel="stylesheet" href="icons.css"></head>
      <body><div class="triangle"></div></body>
    </html>

  • icons.css:

    .triangle {
      width: 10px;
      height: 10px;
      background: currentColor;
      clip-path: url(./triangle.svg#x);
    }

  • triangle.svg:

    <svg xmlns="http://www.w3.org/2000/svg">
      <defs>
        <clipPath id="x">
          <path d="M0 0H10V10Z"/>
        </clipPath>
      </defs>
    </svg>

  The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

  /* icons.css */
  .triangle {
    width: 10px;
    height: 10px;
    background: currentColor;
    clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
  }

... (truncated)

Commits

• 9129e00 publish 0.27.3 to npm
• e20e411 small fix to release notes
• 0dc0f2d fix #4322: parse and print CSS @scope rules
• 55fe391 update firefox css gradient support
• 2c35297 update gradient lowering transform
• 9209e44 Update Go to 1.25.7 (#4388)
• e8d861b close #4374: compat table for the using feature
• 19b8887 no longer need williamkapke/node-compat-table
• 7e44218 the kangax/compat-table repo moved to a new url
• 23b9338 run make update-compat-table
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.