Skip to content

deps(npm): bump the npm-all group with 7 updates#72

Merged
eugenehp merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-all-9b277d4920
Jun 22, 2026
Merged

deps(npm): bump the npm-all group with 7 updates#72
eugenehp merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-all-9b277d4920

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm-all group with 7 updates:

Package From To
@tauri-apps/api 2.11.0 2.11.1
@playwright/test 1.60.0 1.61.0
@sveltejs/kit 2.65.1 2.66.0
@tauri-apps/cli 2.11.2 2.11.3
playwright 1.60.0 1.61.0
sharp 0.35.1 0.35.2
vitest 4.1.8 4.1.9

Updates @tauri-apps/api from 2.11.0 to 2.11.1

Release notes

Sourced from @​tauri-apps/api's releases.

@​tauri-apps/api v2.11.1

No known vulnerabilities found

[2.11.1]

Enhancements

  • 916782601 (#15520 by @​polw1) Document that Monitor.size, Monitor.position and Monitor.workArea are in physical pixels, with examples showing how to convert them to the logical pixels expected by window creation options via toLogical(monitor.scaleFactor).
> @tauri-apps/[email protected] npm-publish /home/runner/work/tauri/tauri/packages/api
> pnpm build && cd ./dist && pnpm publish --access public --loglevel silly --no-git-checks

> @​tauri-apps/api@​2.11.1 build /home/runner/work/tauri/tauri/packages/api > rollup -c --configPlugin typescript

�[36m �[1m./src/app.ts, ./src/core.ts, ./src/dpi.ts, ./src/event.ts, ./src/image.ts, ./src/index.ts, ./src/menu.ts, ./src/mocks.ts, ./src/path.ts, ./src/tray.ts, ./src/webview.ts, ./src/webviewWindow.ts, ./src/window.ts�[22m → �[1m./dist, ./dist�[22m...�[39m �[32mcreated �[1m./dist, ./dist�[22m in �[1m883ms�[22m�[39m �[36m �[1msrc/index.ts�[22m → �[1m../../crates/tauri/scripts/bundle.global.js�[22m...�[39m �[32mcreated �[1m../../crates/tauri/scripts/bundle.global.js�[22m in �[1m1.4s�[22m�[39m npm verbose cli /opt/hostedtoolcache/node/24.16.0/x64/bin/node /opt/hostedtoolcache/node/24.16.0/x64/bin/npm npm info using [email protected] npm info using [email protected] npm silly config load:file:/opt/hostedtoolcache/node/24.16.0/x64/lib/node_modules/npm/npmrc npm silly config load:file:/tmp/286e8dee195254a4370e608b672019b0/.npmrc npm silly config load:file:/home/runner/.npmrc npm silly config load:file:/home/runner/.config/pnpm/rc npm verbose title npm publish tauri-apps-api-2.11.1.tgz npm verbose argv "publish" "--ignore-scripts" "tauri-apps-api-2.11.1.tgz" "--access" "public" "--loglevel" "silly" npm verbose logfile logs-max:10 dir:/home/runner/.npm/_logs/2026-06-17T13_41_23_851Z- npm verbose logfile /home/runner/.npm/_logs/2026-06-17T13_41_23_851Z-debug-0.log npm warn Unknown env config "verify-deps-before-run". This will stop working in the next major version of npm. See npm help npmrc for supported config options. npm warn Unknown env config "npm-globalconfig". This will stop working in the next major version of npm. See npm help npmrc for supported config options. npm warn Unknown env config "overrides". This will stop working in the next major version of npm. See npm help npmrc for supported config options. npm warn Unknown env config "_jsr-registry". This will stop working in the next major version of npm. See npm help npmrc for supported config options. npm silly logfile done cleaning log files npm verbose publish [ 'tauri-apps-api-2.11.1.tgz' ] </tr></table>

... (truncated)

Commits

Updates @playwright/test from 1.60.0 to 1.61.0

Release notes

Sourced from @​playwright/test's releases.

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

Browser and Screencast

  • New option artifactsDir in browserType.connectOverCDP() controls where artifacts such as traces and downloads are stored when attached to an existing browser.
  • New option cursor in screencast.showActions() controls the cursor decoration rendered for pointer actions.
  • The onFrame callback in screencast.start() now receives a timestamp of when the frame was presented by the browser.

Test runner

  • The testOptions.video option now supports the same set of modes as trace: new 'on-all-retries', 'retain-on-first-failure' and 'retain-on-failure-and-retries' values. See the video modes table for which runs are recorded and kept in each mode.
  • Supported expect.soft.poll(...).
  • New fullConfig.argv — a snapshot of process.argv from the runner process, handy for reading custom arguments passed after the -- separator.
  • New fullConfig.failOnFlakyTests mirrors the config option, so reporters can explain why a flaky run failed.
  • testInfo.errors now lists each sub-error of an AggregateError as a separate entry.

... (truncated)

Commits
  • 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
  • a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
  • 8133dcf cherry-pick(#41283): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...
  • 812432e chore: mark v1.61.0 (#41277)
  • ac05145 fix(fetch): report serverAddr and securityDetails for reused sockets (#41267)
  • 056efc9 fix(trace-viewer): add keyboard navigation to NetworkFilters component (#41...
  • 41f7b9a chore: fixes uncovered by the .NET 1.61 roll (#41266)
  • ba50778 fix(mcp): assign caps as array for legacy --vision flag (#41253)
  • b8ee5ae docs: release notes for v1.61 (#41261)
  • 49c1f69 fix(trace viewer): load trace from a local file (#41263)
  • Additional commits viewable in compare view

Updates @sveltejs/kit from 2.65.1 to 2.66.0

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.66.0

Minor Changes

  • feat: precompress prerendered .md and .mdx files (#15893)

  • feat: warn the user when they forget to make boolean inputs optional in their form schemas (#15804)

Patch Changes

  • fix: blur active element before component update during navigation so that blur/focusout handlers fire while old component data is still valid (#15452)

  • fix: ensure base is available from $service-worker during development (#15882)

  • fix: use correct relative asset paths when rendering an error page for a missing __data.json request (#15884)

  • fix: preserve active for await consumers across query.live reconnects (#16022)

  • fix: settle query.live reconnect promise on all exit paths, preventing invalidateAll() from deadlocking when a live query is offline or interrupted (#16022)

  • fix: preserve last value when a query.live stream completes without yielding on reconnect (#16022)

  • fix: remove types: ['node'] from generated tsconfig to avoid errors when @types/node is not installed (#15709)

  • fix: prefer pages over endpoints when prerendering (#16076)

  • fix: restore snapshots after afterNavigate callbacks (#16066)

  • fix: support ws:/wss: and trusted-types-eval for CSP sources (#15938)

  • fix: omit empty file inputs from remote form data (#15898)

  • fix: fail early if a route with +page and +server is marked as prerenderable (#16075)

  • fix: wait a tick before resetting forms (#15805)

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.66.0

Minor Changes

  • feat: precompress prerendered .md and .mdx files (#15893)

  • feat: warn the user when they forget to make boolean inputs optional in their form schemas (#15804)

Patch Changes

  • fix: blur active element before component update during navigation so that blur/focusout handlers fire while old component data is still valid (#15452)

  • fix: ensure base is available from $service-worker during development (#15882)

  • fix: use correct relative asset paths when rendering an error page for a missing __data.json request (#15884)

  • fix: preserve active for await consumers across query.live reconnects (#16022)

  • fix: settle query.live reconnect promise on all exit paths, preventing invalidateAll() from deadlocking when a live query is offline or interrupted (#16022)

  • fix: preserve last value when a query.live stream completes without yielding on reconnect (#16022)

  • fix: remove types: ['node'] from generated tsconfig to avoid errors when @types/node is not installed (#15709)

  • fix: prefer pages over endpoints when prerendering (#16076)

  • fix: restore snapshots after afterNavigate callbacks (#16066)

  • fix: support ws:/wss: and trusted-types-eval for CSP sources (#15938)

  • fix: omit empty file inputs from remote form data (#15898)

  • fix: fail early if a route with +page and +server is marked as prerenderable (#16075)

  • fix: wait a tick before resetting forms (#15805)

... (truncated)

Commits
  • 4c9b8f1 Version Packages (#16062)
  • 276744d fix: preflight schemas apply correctly when chained before for (#15863)
  • e8c8d84 chore: DRY out __sveltekit_xyz123 stuff (#16085)
  • 4eabadc fix: fail early if a route with +page and +server is marked as prerendera...
  • de47227 chore: correctly type keys of the URL object (#16078)
  • f8c842c fix: prefer pages over endpoints when prerendering (#16076)
  • 63f1b0b fix: blur active element before component update during navigation (#15452)
  • 860b3c7 fix: remove types: ['node'] from generated tsconfig (#15709)
  • 8740132 fix: show error.html when root layout load() throws in SPA mode (#15798)
  • 0d8ef59 chore: await web-first assertions in basics client tests (#16068)
  • Additional commits viewable in compare view

Updates @tauri-apps/cli from 2.11.2 to 2.11.3

Release notes

Sourced from @​tauri-apps/cli's releases.

@​tauri-apps/cli v2.11.3

[2.11.3]

Bug Fixes

  • 50b0237ed (#15549 by @​Legend-Master) Escape special characters in productName when generating Android strings.xml

  • 728c8d4a5 (#15473 by @​Legend-Master) Skip building bundles when using tauri android run

  • be0cb0d43 (#15344 by @​raglady) Fix NDK_HOME environment variable not honored when set

  • ed8fd411f (#15552 by @​Legend-Master) Make ureq_proto show trace level logs only on -vvv instead of -vv

  • fca4a31f9 (#15454 by @​fallintoplace) Fix tauri migrate generating invalid namespace imports for aliased pluginified imports from @tauri-apps/api.

    Inputs like import { cli as superCli } from "@tauri-apps/api" now migrate to import * as superCli from "@tauri-apps/plugin-cli" instead of producing invalid ESM syntax. The migration tests also reparse migrated JS, Svelte, and Vue output so syntax regressions are caught directly.

Dependencies

Commits

Updates playwright from 1.60.0 to 1.61.0

Release notes

Sourced from playwright's releases.

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

Browser and Screencast

  • New option artifactsDir in browserType.connectOverCDP() controls where artifacts such as traces and downloads are stored when attached to an existing browser.
  • New option cursor in screencast.showActions() controls the cursor decoration rendered for pointer actions.
  • The onFrame callback in screencast.start() now receives a timestamp of when the frame was presented by the browser.

Test runner

  • The testOptions.video option now supports the same set of modes as trace: new 'on-all-retries', 'retain-on-first-failure' and 'retain-on-failure-and-retries' values. See the video modes table for which runs are recorded and kept in each mode.
  • Supported expect.soft.poll(...).
  • New fullConfig.argv — a snapshot of process.argv from the runner process, handy for reading custom arguments passed after the -- separator.
  • New fullConfig.failOnFlakyTests mirrors the config option, so reporters can explain why a flaky run failed.
  • testInfo.errors now lists each sub-error of an AggregateError as a separate entry.

... (truncated)

Commits
  • 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
  • a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
  • 8133dcf cherry-pick(#41283): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...
  • 812432e chore: mark v1.61.0 (#41277)
  • ac05145 fix(fetch): report serverAddr and securityDetails for reused sockets (#41267)
  • 056efc9 fix(trace-viewer): add keyboard navigation to NetworkFilters component (#41...
  • 41f7b9a chore: fixes uncovered by the .NET 1.61 roll (#41266)
  • ba50778 fix(mcp): assign caps as array for legacy --vision flag (#41253)
  • b8ee5ae docs: release notes for v1.61 (#41261)
  • 49c1f69 fix(trace viewer): load trace from a local file (#41263)
  • Additional commits viewable in compare view

Updates sharp from 0.35.1 to 0.35.2

Release notes

Sourced from sharp's releases.

v0.35.2

v0.35.2-rc.2

  • TypeScript: Add mediaType to metadata response. #4492

  • Improve WebAssembly fallback detection. #4513

  • Improve code bundler support with stub binaries. #4543

  • Verify GIF effort option is an integer. #4544 @​metsw24-max

  • Verify recomb matrix entries are numbers. #4545 @​metsw24-max

  • TypeScript: Replace namespace with named exports for ESM. #4546

... (truncated)

Commits
  • c9622a3 Release v0.35.2
  • cd4568f Upgrade to sharp-libvips v1.3.1
  • 78390cf Tests: Add font file to prevent font discovery flakiness (#4550)
  • 61210b4 Verify convolve kernel values are numbers (#4549)
  • 1cb27dc Prerelease v0.35.2-rc.2
  • c7606c3 Upgrade to sharp-libvips v1.3.1-rc.0
  • 29d1e9e Prerelease v0.35.2-rc.1
  • bbba0a1 Improve code bundler support with stub binaries
  • ab52866 Bound dilate and erode width to avoid mask-size overflow (#4548)
  • 0f594dd Prerelease v0.35.2-rc.0
  • Additional commits viewable in compare view

Updates vitest from 4.1.8 to 4.1.9

Release notes

Sourced from vitest's releases.

v4.1.9

🐞 Bug Fixes

View changes on GitHub
Commits
  • a7a61e7 chore: release v4.1.9 (#10598)
  • 934b0f5 fix(pool): prevent test run hang on worker crash (#10543) [backport to v4] (#...
  • 7fb2965 fix(browser): wait for orchestrator readiness before resolving browser sessio...
  • a518019 fix: fix importOriginal with optimizer and query import [backport to v4] (#...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the npm-all group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [@tauri-apps/api](https://github.com/tauri-apps/tauri) | `2.11.0` | `2.11.1` |
| [@playwright/test](https://github.com/microsoft/playwright) | `1.60.0` | `1.61.0` |
| [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.65.1` | `2.66.0` |
| [@tauri-apps/cli](https://github.com/tauri-apps/tauri) | `2.11.2` | `2.11.3` |
| [playwright](https://github.com/microsoft/playwright) | `1.60.0` | `1.61.0` |
| [sharp](https://github.com/lovell/sharp) | `0.35.1` | `0.35.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.8` | `4.1.9` |


Updates `@tauri-apps/api` from 2.11.0 to 2.11.1
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](https://github.com/tauri-apps/tauri/compare/@tauri-apps/api-v2.11.0...@tauri-apps/api-v2.11.1)

Updates `@playwright/test` from 1.60.0 to 1.61.0
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.60.0...v1.61.0)

Updates `@sveltejs/kit` from 2.65.1 to 2.66.0
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/[email protected]/packages/kit)

Updates `@tauri-apps/cli` from 2.11.2 to 2.11.3
- [Release notes](https://github.com/tauri-apps/tauri/releases)
- [Commits](https://github.com/tauri-apps/tauri/compare/@tauri-apps/cli-v2.11.2...@tauri-apps/cli-v2.11.3)

Updates `playwright` from 1.60.0 to 1.61.0
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.60.0...v1.61.0)

Updates `sharp` from 0.35.1 to 0.35.2
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.35.1...v0.35.2)

Updates `vitest` from 4.1.8 to 4.1.9
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.9/packages/vitest)

---
updated-dependencies:
- dependency-name: "@tauri-apps/api"
  dependency-version: 2.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: "@playwright/test"
  dependency-version: 1.61.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: "@sveltejs/kit"
  dependency-version: 2.66.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: "@tauri-apps/cli"
  dependency-version: 2.11.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: playwright
  dependency-version: 1.61.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-all
- dependency-name: sharp
  dependency-version: 0.35.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
- dependency-name: vitest
  dependency-version: 4.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@dependabot dependabot Bot requested a review from eugenehp as a code owner June 22, 2026 06:10
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@eugenehp eugenehp merged commit 5f36209 into main Jun 22, 2026
17 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm-all-9b277d4920 branch June 22, 2026 08:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant