Skip to content

deps: bump the minor-and-patch group across 1 directory with 6 updates#24

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-b94d00eca2
Open

deps: bump the minor-and-patch group across 1 directory with 6 updates#24
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-and-patch-b94d00eca2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the minor-and-patch group with 6 updates in the / directory:

Package From To
@garmin/fitsdk 21.205.0 21.208.0
sharp 0.35.0 0.35.3
autoprefixer 10.5.0 10.5.2
playwright 1.60.0 1.61.1
postcss 8.5.15 8.5.16
tsx 4.22.4 4.23.0

Updates @garmin/fitsdk from 21.205.0 to 21.208.0

Release notes

Sourced from @​garmin/fitsdk's releases.

21.208.0

See release notes for full list of changes https://forums.garmin.com/developer/fit-sdk/b/news-announcements

Commits
  • 8c3c16b Merge pull request #41 from garmin/production/21.208.0_81
  • e16739d Garmin FIT SDK 21.208.0
  • 98a5ae0 Add NPM Provenance publishing and attestation
  • 2695e5c Add NPM Provenance publishing and attestation
  • c8fa210 Merge pull request #39 from garmin/leagcyModeDoc
  • 31aaa4c Update README to include legacyArrayMode
  • See full diff in compare view

Updates sharp from 0.35.0 to 0.35.3

Release notes

Sourced from sharp's releases.

v0.35.3

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

  • Improve code bundler support by resolving path to libvips binary.

  • Increase default concurrency when use of MALLOC_ARENA_MAX is detected.

  • Emit warning about binaries provided by Electron for use on Linux.

  • Add hasAlpha property to output info. #4500

  • TypeScript: Return more precise Buffer<ArrayBuffer> from toBuffer. #4520 @​Andarist

  • Bound clahe width and height to avoid signed overflow. #4551 @​metsw24-max

  • Bound trim margin to avoid signed overflow. #4552 @​metsw24-max

  • Reject infinite values when validating numbers. #4553 @​metsw24-max

  • Bound extract region to libvips coordinate limit. #4555 @​metsw24-max

  • Verify background colour values are numbers. #4556 @​metsw24-max

  • Bound create and raw input dimensions to coordinate limit. #4558 @​metsw24-max

  • Tighten recomb and affine matrix verification. #4560 @​chatman-media

  • Verify cache memory limit to avoid overflow. #4561 @​metsw24-max

v0.35.3-rc.2

  • Tighten verification of text dimensions, TIFF tile dimensions and extend values.

... (truncated)

Commits
  • 1018449 Release v0.35.3
  • ba303a7 Prerelease v0.35.3-rc.2
  • 4f94fc5 Upgrade to sharp-libvips v1.3.2
  • c5e7a3f Bump devDeps, fix Deno/Windows smoke tests
  • 9a8d002 Docs: Add changelog entry and note about transferable #4520
  • 8694db0 TypeScript: Return more precise Buffer\<ArrayBuffer> from toBuffer (#4520)
  • e000d0b Prerelease v0.35.3-rc.1
  • 9554ca9 Prerelease v0.35.3-rc.0
  • 6a29fd5 Emit warning about native binaries on Linux Electron
  • 540d2ea Increase default concurrency when use of MALLOC_ARENA_MAX detected
  • Additional commits viewable in compare view

Updates autoprefixer from 10.5.0 to 10.5.2

Release notes

Sourced from autoprefixer's releases.

10.5.2

  • Moved -webkit-fill-available before -moz-available, so Firefox will use -webkit- version which is closer to stretch.

10.5.1

Changelog

Sourced from autoprefixer's changelog.

10.5.2

  • Moved -webkit-fill-available before -moz-available, so Firefox will use -webkit- version which is closer to stretch.

10.5.1

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for autoprefixer since your current version.


Updates playwright from 1.60.0 to 1.61.1

Release notes

Sourced from playwright's releases.

v1.61.1

Bug Fixes

  • #41365 [Bug]: Expect.Extend matcher with same name as default matcher in same expect instance overrides default matchers implementation to custom matcher
  • #41351 [Bug]: Playwright UI mode: apiRequestContext._wrapApiCall reports unexpected number of bytes (same test passes in headed mode)
  • #41360 [Bug]: Trace viewer: message times in websockets are downscaled by 1000
  • #41311 [Bug]: [Regression]: Sync loader throws "context.conditions?.includes is not a function" on Node 22.15
  • #41371 [Regression]: Sync ESM loader (registerHooks) fails to resolve extensionless .ts subpath imports across pnpm workspace symlinks

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

Browser and Screencast

... (truncated)

Commits
  • 39e3553 cherry-pick(#41399): fix(test): load require-reached files as commonjs in syn...
  • 4328122 chore: mark v1.61.1 (#41404)
  • 2c29a94 fix(tracing): stop recording websocket frames outside of chunks (#41398)
  • 4324b19 cherry-pick(#41367): fix(test): keep builtin expect matchers on base extend
  • 041e7e3 cherry-pick(#41364): fix(har): WebSocket message timestamps should be in mi...
  • b8a0fc3 cherry-pick(#41309, #43149): Revert "fix(firefox): treat `navigationCommitted...
  • b5a3175 cherry-pick(#41319): fix(loader): support other node versions
  • d4724a9 cherry-pick(#41290): feat(docker): add Ubuntu 26.04 (Resolute Raccoon) image
  • 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
  • a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
  • Additional commits viewable in compare view

Updates postcss from 8.5.15 to 8.5.16

Release notes

Sourced from postcss's releases.

8.5.16

Changelog

Sourced from postcss's changelog.

8.5.16

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for postcss since your current version.


Updates tsx from 4.22.4 to 4.23.0

Release notes

Sourced from tsx's releases.

v4.23.0

4.23.0 (2026-07-03)

Bug Fixes

Features


This release is also available on:

v4.22.5

4.22.5 (2026-07-02)

Bug Fixes

  • isolate hook state per async module.register() registration (a305f36)

This release is also available on:

Commits
  • 1dfad37 docs: cite esbuild's extension-resolution model in node notes
  • 257bbbb fix: avoid redundant filesystem probes during module resolution
  • c178197 feat: add multi-scenario startup benchmark suite
  • 51800ac docs: add Node internals knowledge base (notes/node)
  • a305f36 fix: isolate hook state per async module.register() registration
  • ca501a9 chore: upgrade skills-npm to v1.2.0
  • 596cd1f test: cover __dirname, __filename, & require.cache in CJS TS file
  • 75d9bf0 test: lock in lenient ESM for ambiguous and CJS-typed packages
  • 1472f3e test: cover ESM-syntax dependency with omitted "type" field
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@garmin/fitsdk](https://github.com/garmin/fit-javascript-sdk) | `21.205.0` | `21.208.0` |
| [sharp](https://github.com/lovell/sharp) | `0.35.0` | `0.35.3` |
| [autoprefixer](https://github.com/postcss/autoprefixer) | `10.5.0` | `10.5.2` |
| [playwright](https://github.com/microsoft/playwright) | `1.60.0` | `1.61.1` |
| [postcss](https://github.com/postcss/postcss) | `8.5.15` | `8.5.16` |
| [tsx](https://github.com/privatenumber/tsx) | `4.22.4` | `4.23.0` |



Updates `@garmin/fitsdk` from 21.205.0 to 21.208.0
- [Release notes](https://github.com/garmin/fit-javascript-sdk/releases)
- [Commits](garmin/fit-javascript-sdk@21.205.0...21.208.0)

Updates `sharp` from 0.35.0 to 0.35.3
- [Release notes](https://github.com/lovell/sharp/releases)
- [Commits](lovell/sharp@v0.35.0...v0.35.3)

Updates `autoprefixer` from 10.5.0 to 10.5.2
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@10.5.0...10.5.2)

Updates `playwright` from 1.60.0 to 1.61.1
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](microsoft/playwright@v1.60.0...v1.61.1)

Updates `postcss` from 8.5.15 to 8.5.16
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.15...8.5.16)

Updates `tsx` from 4.22.4 to 4.23.0
- [Release notes](https://github.com/privatenumber/tsx/releases)
- [Changelog](https://github.com/privatenumber/tsx/blob/master/release.config.cjs)
- [Commits](privatenumber/tsx@v4.22.4...v4.23.0)

---
updated-dependencies:
- dependency-name: "@garmin/fitsdk"
  dependency-version: 21.208.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: sharp
  dependency-version: 0.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: autoprefixer
  dependency-version: 10.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: playwright
  dependency-version: 1.61.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: postcss
  dependency-version: 8.5.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: tsx
  dependency-version: 4.23.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 6, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants