deps: bump the dependency-updates group across 1 directory with 8 updates

[dependabot]

Bumps the dependency-updates group with 8 updates in the / directory:

Package	From	To
@primer/octicons-react	19.25.0	19.27.0
@primer/react	38.22.0	38.24.0
babel-plugin-styled-components	2.1.4	2.3.0
downshift	9.3.2	9.3.3
framer-motion	12.38.0	12.40.0
postcss	8.5.14	8.5.15
@npmcli/template-oss	5.0.0	5.1.0
semver	7.8.0	7.8.1

Updates @primer/octicons-react from 19.25.0 to 19.27.0

Release notes

Sourced from @​primer/octicons-react's releases.

v19.27.0

Minor Changes

• #1203 a69618e4 Thanks @​ericwbailey! - Add flag icon

Patch Changes

• #1212 02bd1ef8 Thanks @​ericwbailey! - remove hardcoded fill from flag icon

v19.26.0

Minor Changes

• #1197 b45f1d35 Thanks @​lukasoppermann! - Add repo-forked-locked icon

Patch Changes

• #1209 9a7e2146 Thanks @​siddharthkp! - fix: remove hardcoded fill from sandbox icon

Changelog

Sourced from @​primer/octicons-react's changelog.

19.27.0

Minor Changes

• #1203 a69618e4 Thanks @​ericwbailey! - Add flag icon

Patch Changes

• #1212 02bd1ef8 Thanks @​ericwbailey! - remove hardcoded fill from flag icon

19.26.0

Minor Changes

• #1197 b45f1d35 Thanks @​lukasoppermann! - Add repo-forked-locked icon

Patch Changes

• #1209 9a7e2146 Thanks @​siddharthkp! - fix: remove hardcoded fill from sandbox icon

Commits

• 7ee4aaf Version Packages (#1210)
• 02bd1ef Fix: Remove hardcoded fill from flag icon (#1212)
• 3af9603 Re-enable @​arethetypeswrong/cli in CI with pinned [email protected] (#1211)
• a69618e Add flag octicon (#1203)
• 33125a6 Version Packages (#1207)
• 9a7e214 fix: remove hardcoded fill from sandbox icon (#1209)
• b45f1d3 Clean up repo-forked-locked icons formatting (#1197)
• dd29350 Add pull request template (#1206)
• 71ab988 Bump next from 16.1.7 to 16.2.6 in /lib/octicons_react (#1205)
• 5397cb7 Rename skip-changeset label to "skip changeset" (#1204)
• Additional commits viewable in compare view

Updates @primer/react from 38.22.0 to 38.24.0

Release notes

Sourced from @​primer/react's releases.

@​primer/react@​38.24.0

Minor Changes

• #7829 228019c Thanks @​adierkens! - ActionList: Add ActionList.GroupHeading.TrailingAction for header-level actions on grouped lists. Closes #2043.

  When the primer_react_action_list_group_heading_trailing_action feature flag is enabled, you can place an ActionList.GroupHeading.TrailingAction (a small invisible IconButton) inside ActionList.GroupHeading to render a uniform square action target next to the group's heading. Only supported inside an ActionList with the default list role — using it inside ActionMenu or with role="listbox" will throw.

  <ActionList>
    <ActionList.Group>
      <ActionList.GroupHeading as="h3">
        Custom fields
        <ActionList.GroupHeading.TrailingAction label="New field" icon={PlusIcon} />
      </ActionList.GroupHeading>
      <ActionList.Item>...</ActionList.Item>
    </ActionList.Group>
  </ActionList>

• #7838 8ddf1b0 Thanks @​llastflowers! - Add data-component attributes and associated tests for Hidden, InlineMessage, KeybindingHint, Label, and LabelGroup

• #7776 d6f61c1 Thanks @​llastflowers! - Add data-component attributes for Blankslate, BranchName, Breadcrumbs, ButtonGroup, Checkbox, CheckboxGroup, CircleBadge, ConfirmationDialog, CounterLabel, and Dialog to provide stable selectors.

• #7816 aef8548 Thanks @​iansan5653! - Replace ActionBar overflow calculations with CSS wrapping approach to improve performance and stability

• #7831 0de97c2 Thanks @​liuliu-dev! - Dialog: Support custom width values.

• #7819 8ed6149 Thanks @​llastflowers! - Add data-component attributes for Details, Flash, FormControl (+ update InputValidation to forward from FormControl.Validation), Header, and Heading.

Patch Changes

• #7842 635357e Thanks @​joshblack! - DataTable: Treat zero as a populated value when sorting numeric columns

• #7824 6889235 Thanks @​jonrohan! - Fix usePaneWidth triggering unnecessary React re-renders on every window resize

• #7833 dfed7ca Thanks @​copilot-swe-agent! - Timeline: Remove border override from TimelineBadge when variant is set

@​primer/react@​38.23.0

Minor Changes

• #7817 51a7a28 Thanks @​francinelucca! - - ActionList: Expand selectableRoles and listRoleTypes to include treeitem and tree.
  • Export ActionListContainerContext as ActionList.ContainerContext.
  • Export useRovingTabIndex from the public API with additional configuration options (preventScroll and dependencies).

Patch Changes

• #7805 8f8844e Thanks @​TylerJDev! - AnchoredOverlay: Disables CSS anchor positioning if portalContainerName is true. (behind primer_react_css_anchor_positioning feature flag)

• #7800 ce88bdf Thanks @​francinelucca! - chore: add primer_react_styled_react_use_primer_theme_providers feature flag to DefaultFeatureFlags

... (truncated)

Commits

• 509f46d Release tracking (#7835)
• 8ddf1b0 data-component adr part 4 (#7838)
• 635357e fix: update DataTable sorting for zero values (#7842)
• 3420bd3 chore(deps-dev): bump basic-ftp from 5.0.5 to 5.2.0 (#7596)
• 0de97c2 Dialog: Support custom width values (#7831)
• d3c8fe2 Replace deprecated ref helper usage (#7834)
• 36a4922 Removing all unused components from @​primer/styled-react (#7806)
• 6889235 Fix usePaneWidth triggering unnecessary React re-renders on every window re...
• aef8548 Re-add (unrevert) "Replace ActionBar overflow calculations with CSS wrapping ...
• d6f61c1 data-component adr part 2 (#7776)
• Additional commits viewable in compare view

Updates babel-plugin-styled-components from 2.1.4 to 2.3.0

Release notes

Sourced from babel-plugin-styled-components's releases.

v2.3.0

Minor Changes

• 0c5f21d: Add a cssPropImportPath option to control which package the css-prop transform auto-imports styled from when the file has no existing styled import. Defaults to 'styled-components' (existing behavior). React Native targets can set it to 'styled-components/native' so the auto-injected import resolves to the right runtime.
• 0c5f21d: Detect styled declarations that go through a local alias of the import, including the TypeScript theme-typing pattern const styled = baseStyled as ThemedStyledInterface<MyTheme>. After type-stripping Babel sees a plain const styled = baseStyled, and the detector now follows single-identifier alias chains so styled.div resolves back to the original import.

Patch Changes

• 0c5f21d: Fix invalid output when a css={{ ... }} object key matches a local binding name (e.g. ({ position }) => <div css={{ position: 'absolute' }} />). The reducer no longer mis-treats non-computed property names as scope references, so plain keys stay literal while only computed [expr] keys are extracted as prop interpolations.
• 0c5f21d: Recognize TypeScript's __importDefault interop helper alongside Babel's _interopRequireDefault. Files compiled through tsc / ts-jest (which emit var sc_1 = __importDefault(require('styled-components'))) now flow into the same detection path as Babel-compiled output, so styled declarations downstream pick up displayName and componentId as expected.

v2.2.0

Minor Changes

• a40e3f7: Refresh the toolchain and fix a handful of css-prop transform bugs that had crept in under recent Babel versions.
  • When a file already imports styled and also uses one or more css={…} props, every styled component now keeps its display name and stable component id. Previously the cache that tracks the local default import could be overwritten on each css-prop usage, which silently dropped the display name and id for the surrounding styled.div declarations.
  • css={{ [foo]: bar }} with a non-primitive value no longer fails Babel's validator. Computed keys are preserved through the css-prop object rewrite.
  • Friendlier error messages when the css-prop transform encounters a JSX name shape it can't infer, instead of a confusing internal ReferenceError.
  • Long-running watch processes (Next dev, webpack-dev-server, jest watch) no longer leak import-detection state between files.
  • Removed the runtime lodash dependency. The plugin now ships with @babel/core as a declared peer.
  • Dev tooling moved to pnpm and changesets. Plugin behavior is unchanged.

Changelog

Sourced from babel-plugin-styled-components's changelog.

2.3.0

Minor Changes

• 0c5f21d: Add a cssPropImportPath option to control which package the css-prop transform auto-imports styled from when the file has no existing styled import. Defaults to 'styled-components' (existing behavior). React Native targets can set it to 'styled-components/native' so the auto-injected import resolves to the right runtime.
• 0c5f21d: Detect styled declarations that go through a local alias of the import, including the TypeScript theme-typing pattern const styled = baseStyled as ThemedStyledInterface<MyTheme>. After type-stripping Babel sees a plain const styled = baseStyled, and the detector now follows single-identifier alias chains so styled.div resolves back to the original import.

Patch Changes

• 0c5f21d: Fix invalid output when a css={{ ... }} object key matches a local binding name (e.g. ({ position }) => <div css={{ position: 'absolute' }} />). The reducer no longer mis-treats non-computed property names as scope references, so plain keys stay literal while only computed [expr] keys are extracted as prop interpolations.
• 0c5f21d: Recognize TypeScript's __importDefault interop helper alongside Babel's _interopRequireDefault. Files compiled through tsc / ts-jest (which emit var sc_1 = __importDefault(require('styled-components'))) now flow into the same detection path as Babel-compiled output, so styled declarations downstream pick up displayName and componentId as expected.

2.2.0

Minor Changes

• a40e3f7: Refresh the toolchain and fix a handful of css-prop transform bugs that had crept in under recent Babel versions.
  • When a file already imports styled and also uses one or more css={…} props, every styled component now keeps its display name and stable component id. Previously the cache that tracks the local default import could be overwritten on each css-prop usage, which silently dropped the display name and id for the surrounding styled.div declarations.
  • css={{ [foo]: bar }} with a non-primitive value no longer fails Babel's validator. Computed keys are preserved through the css-prop object rewrite.
  • Friendlier error messages when the css-prop transform encounters a JSX name shape it can't infer, instead of a confusing internal ReferenceError.
  • Long-running watch processes (Next dev, webpack-dev-server, jest watch) no longer leak import-detection state between files.
  • Removed the runtime lodash dependency. The plugin now ships with @babel/core as a declared peer.
  • Dev tooling moved to pnpm and changesets. Plugin behavior is unchanged.

Commits

• ab3aaf5 Version Packages (#422)
• 0c5f21d fix: css-prop key shadowing, ts-jest detection, import aliasing (#421)
• d0add03 Version Packages (#419)
• a40e3f7 chore: modernize dependencies and fix css prop import detection (#418)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for babel-plugin-styled-components since your current version.

Updates downshift from 9.3.2 to 9.3.3

Release notes

Sourced from downshift's releases.

v9.3.3

9.3.3 (2026-05-18)

Bug Fixes

• docusaurus: update and fix webpack issue (#1685) (efe364e)

Commits

• efe364e fix(docusaurus): update and fix webpack issue (#1685)
• See full diff in compare view

Updates framer-motion from 12.38.0 to 12.40.0

Changelog

Sourced from framer-motion's changelog.

[12.40.0] 2026-05-21

Added

• path option to transition.
• arc() for motion along an arc.

[12.39.0] 2026-05-18

Added

• Support for repeatType and repeatDelay in animation sequences.

Fixed

• Variants: Re-run keyframe animations when switching between variant labels even when they share identical keyframe arrays.
• Drag: Preserve in-flight motion value animations across React 19 reorder unmount/remount so dragSnapToOrigin no longer leaves the drag transform stranded after a layout swap.
• LazyMotion: Share React contexts between the framer-motion and framer-motion/m (and therefore motion/react and motion/react-m) CJS bundles so that <m.div> from the /m subpath picks up features loaded by <LazyMotion> from the main entry point.
• useScroll: Support hydrating target and container refs from anywhere in the tree.
• Drag: Gesture no longer starts from incorrect start point when rendered inside <AnimatePresence initial={false} />.
• Drag: dragConstraints, when set as viewport-relative ref, no longer break on scroll.§
• Updated visualElement hydration order.
• useAnimate: Now respects skipAnimations.
• AnimatePresence: Fix object-form initial values not applied on re-entry after exit completes.
• scroll: Fixed callback progress when tracking an element.
• useScroll: Fix hardware acceleration when tracking an element.

Commits

• 38ebb94 v12.40.0
• b1f766c Latest
• bca5544 Merge pull request #3699 from motiondivision/lochie/arcs-injectable
• f1a96cf arc(): rename amp/rotate, expose MotionPath, fix explicit cw/ccw
• b4aaba0 pathRotation: non-destructive orientToPath rotation channel
• 8604ef3 Make arcs injectable via transition.path = arc()
• f90fe29 add orientToPath
• 9ebe999 fix: test
• bc2107e Revert "no should"
• 6eeb92d no should
• Additional commits viewable in compare view

Updates postcss from 8.5.14 to 8.5.15

Release notes

Sourced from postcss's releases.

8.5.15

• Fixed declaration parsing performance (by @​homanp).

Changelog

Sourced from postcss's changelog.

8.5.15

• Fixed declaration parsing performance (by @​homanp).

Commits

• eae46db Release 8.5.15 version
• 79508ff Update CI actions
• b128e21 Speed up declaration parsing by avoiding creating new array on each token
• 9825dca Fix code format
• 55789c8 Update dependencies
• 84fbbe9 Install older pnpm action for old Node.js
• 9f860bd Revert pnpm action for old Node.js
• 0877198 Update CI actions
• b2d1a33 Fix linter warnings
• 0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness
• Additional commits viewable in compare view

Updates @npmcli/template-oss from 5.0.0 to 5.1.0

Release notes

Sourced from @​npmcli/template-oss's releases.

v5.1.0

5.1.0 (2026-05-11)

Features

• 6cdec2a #562 breaking changes don't get dropped from prerelease to release (@​owlstronaut)

Changelog

Sourced from @​npmcli/template-oss's changelog.

5.1.0 (2026-05-11)

Features

• 6cdec2a #562 breaking changes don't get dropped from prerelease to release (@​owlstronaut)

Commits

• 8108ddd chore: release 5.1.0 (#563)
• 6cdec2a feat: breaking changes don't get dropped from prerelease to release
• See full diff in compare view

Updates semver from 7.8.0 to 7.8.1

Release notes

Sourced from semver's releases.

v7.8.1

7.8.1 (2026-05-21)

Bug Fixes

• 17aa702 #869 strip build metadata before comparator trimming (#869) (@​owlstronaut)
• 5f3ca13 #867 handle prerelease bounds in subset (#867) (@​puneetdixit200, Puneet Dixit)

Changelog

Sourced from semver's changelog.

7.8.1 (2026-05-21)

Bug Fixes

• 17aa702 #869 strip build metadata before comparator trimming (#869) (@​owlstronaut)
• 5f3ca13 #867 handle prerelease bounds in subset (#867) (@​puneetdixit200, Puneet Dixit)

Commits

• 7641608 chore: release 7.8.1 (#868)
• 17aa702 fix: strip build metadata before comparator trimming (#869)
• 5f3ca13 fix: handle prerelease bounds in subset (#867)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions