Bump the prod-dependencies-minor group across 1 directory with 12 updates

[dependabot]

Bumps the prod-dependencies-minor group with 12 updates in the / directory:

Package	From	To
@xterm/addon-fit	0.10.0	0.11.0
@xterm/addon-search	0.15.0	0.16.0
@xterm/addon-serialize	0.13.0	0.14.0
@xterm/addon-web-links	0.11.0	0.12.0
@xterm/addon-webgl	0.18.0	0.19.0
overlayscrollbars	2.12.0	2.13.0
react-hook-form	7.63.0	7.70.0
shiki	3.13.0	3.20.0
tailwind-merge	3.3.1	3.4.0
winston	3.18.3	3.19.0
ws	8.18.3	8.19.0
sass	1.91.0	1.97.1

Updates @xterm/addon-fit from 0.10.0 to 0.11.0

Commits

• ce1d788 Bumped bower version to 0.11
• 01e48b7 Revamped the attach addon
• a1717fd Update docs index
• c9f5f23 Started documenting methods
• 21dde3c Updated version, in docs
• 73bf6d1 Started documenting events
• See full diff in compare view

Updates @xterm/addon-search from 0.15.0 to 0.16.0

Commits

• ede9ee4 Bump version to 0.16
• 53f5672 Fix #3
• 9d00eec Fix #2
• See full diff in compare view

Updates @xterm/addon-serialize from 0.13.0 to 0.14.0

Commits

• d07f613 Bump version to 0.14
• 7355a04 Further fixing of xterm.fit
• See full diff in compare view

Updates @xterm/addon-web-links from 0.11.0 to 0.12.0

Commits

• 561fc59 Added screenshot for docs
• See full diff in compare view

Updates @xterm/addon-webgl from 0.18.0 to 0.19.0

Commits

• 670efc4 Bump Bower version to 0.19
• 74f9526 [addon attach] Implement auto-detaching on socket close/error
• See full diff in compare view

Updates overlayscrollbars from 2.12.0 to 2.13.0

Changelog

Sourced from overlayscrollbars's changelog.

2.13.0

Features

• Add fine grained debounce options via options.debounce. The option is now an object which results in more freedom / fine grained debounce options. A debounce can now be specified for mutations, resizes, events and environmental changes independently. The old options.debounce option syntax is still supported and works but its deprecated in favor of the new syntax. #744 #729

Commits

• 79fc954 v2.13.0
• fbf2111 docs improvements
• 84e1aaa typo
• 1fc130d improvements
• 7a91eb9 feat: implement fine-tuned debounce settings
• bcfcb0c revert iOS26 workaround as it is fixed by webkit already
• 46bfa2a v2.12.1
• 1ee9cd1 v2.12.1
• a499be9 some focus code
• 5371586 fix: workaround for scrolltimeline animation bug in Safari v26
• See full diff in compare view

Updates react-hook-form from 7.63.0 to 7.70.0

Release notes

Sourced from react-hook-form's releases.

Version 7.70.0

✅ watch type improvement (#13228) 🐞 fix: prevent field array ghost elements with keepDirtyValues (#13188) 🐞 fix: improve invalid date handling in deepEqual and validation (#13230) 🐞 fix(types): handle branded types correctly in DeepPartial (#13222) 🐞 fix native validation focus issue (#13220) 🐞 change spread operator to set name with depricated names prop, then override with new name prop is supplied (#13214) 🐞 fix: prevent duplicate subscription trigger in setValue (#13206) (#13209) 👌 chore: fix lib type check include tests (#13229)

thanks to @​EdwardEB, @​constantly-dev & @​a28689604

🎄 Version 7.69.0

📏 feat: align API with useWatch (#13192) 🤦🏻‍♂️ chore: update @​deprecated names prop on (#13198) 🏥 chore: safely call function methods on elements (#13190) 🪖 chore: cve-2025-67779 (#13196) 🪖 chore: cve-2025-55184 & cve-2025-55183 (#13194) 🪖 chore: CVE-2025-55182 Critical RCE vulnerabilty (#13175) 🔬 test: add regression tests for #12837 and #13136 (#13187) 🐞 fix(reset): preserve isValid state when keepIsValid option is used (#13173) 🐞 fix: ensure each createFormControl.subscribe subscription listens only to the changes it subscribes to (#12968) 🐞 fix(validation): batch isValidating state updates with validation result (#13181) 🐞 fix(createFormControl): resolve race condition between setError and setFocus (#13138) (#13169) 🧿 fix control prop type (#13189) 🔔 chore: clean cloneObject logic (#13179)

thanks to @​PierreCrb, @​a28689604, @​AnuragM7666, @​ap0nia, @​dusan233 & @​hlongc

Version 7.68.0

🎧 feat: <FormStateSubscribe /> component (#13142)

import { useForm, FormStateSubscribe } from 'react-hook-form';
const App = () => {
const { register, control } = useForm();
return (
<div>
<form>
<input {...register('foo')} />
<input {...register('bar')} />
</form>
{/* re-render only when formState of foo changes */}
<FormStateSubscribe
control={control}
name={"foo"}
render={({errors}) => <span>{errors.foo?.message}</span>}
/>
</tr></table>

... (truncated)

Commits

• d810ff5 7.70.0
• c54ebf9 🐞 fix: prevent field array ghost elements with keepDirtyValues (#13188)
• 3966596 ✅ watch type improvement (#13228)
• 29885bb 🐞 fix: improve invalid date handling in deepEqual and validation (#13230)
• 9c22bc7 👌 chore: fix lib type check include tests (#13229)
• 76db177 🐞 fix(types): handle branded types correctly in DeepPartial (#13222)
• 8d693a7 🐞 fix native validation focus issue (#13220)
• 74e652c 🐞 change spread operator to set name with depricated names prop, then overrid...
• 94c8af1 ☺️ chore: move regression test to setValue.test.tsx (#13211)
• e45b4cb 🐞 fix: prevent duplicate subscription trigger in setValue (#13206) (#13209)
• Additional commits viewable in compare view

Updates shiki from 3.13.0 to 3.20.0

Release notes

Sourced from shiki's releases.

v3.20.0

   🚀 Features

• cli: Add --format option for html output  -  by @​Divyapahuja31 in shikijs/shiki#1211 (28dd0)

   🐞 Bug Fixes

• rehype: Handle promise rejections in lazy language loading  -  by @​ambujvashistha in shikijs/shiki#1221 (99654)
• vitepress-twoslash: Fix popper positions being recomputed too early within vitepress code groups  -  by @​Dschungelabenteuer, charles.gruenais and @​antfu in shikijs/shiki#1116 (19ea5)

   🏎 Performance

• core: Eliminate redundant tokenization call in tokenizeWithTheme  -  by @​ShivanshBhargava and @​NssGourav in shikijs/shiki#1216 (c78b1)

    View changes on GitHub

v3.19.0

   🚀 Features

• Support rootStyle: false option  -  by @​khushthecoder and @​antfu in shikijs/shiki#1184 (baf9a)
• transformers:
  • Add classActiveCode option to notation transformers  -  by @​GreenHacker420 in shikijs/shiki#1171 (a6a44)
  • Add transformerRemoveComments  -  by @​Bitshifter-9, Copilot, @​crazylogic03 and @​antfu in shikijs/shiki#1144 (f2ee3)
• twoslash:
  • Add context parameter to filter option  -  by @​siddu-09 in shikijs/shiki#1173 (ac7f5)

   🐞 Bug Fixes

• Add typesVersions for legacy resolution support  -  by @​khushthecoder in shikijs/shiki#1179 (100b7)
• core: Check embeddedLanguages in registry dependency check  -  by @​vamsi2246 in shikijs/shiki#1178 (6ad16)
• monaco: Correctly handle sparse color map updates  -  by @​wcr-karan in shikijs/shiki#1169 (38c7f)

    View changes on GitHub

v3.18.0

   🚀 Features

• transformers: Support zeroIndexed option to transformerMetaHighlight  -  by @​manak-sharma20 in shikijs/shiki#1149 (c39ff)

   🐞 Bug Fixes

• core:
  • Correct offset calculation in mergeWhitespaceTokens  -  by @​Karthikeya1500 in shikijs/shiki#1162 (15e73)
  • Allow langAlias to special languages, close #1164  -  by @​antfu in shikijs/shiki#1164 (45ab1)

    View changes on GitHub

v3.17.1

   🚀 Features

... (truncated)

Commits

• a0b7304 chore: release v3.20.0
• 61c87e8 chore: release v3.19.0
• 0cd35ac test: use using in tests
• a016f19 chore: release v3.18.0
• 355d207 chore: release v3.17.1
• b4d3a57 chore: release v3.17.0
• e6d21b0 fix(shiki): rename createdBundledHighlighter to createBundledHighlighter ...
• fe08ee0 chore: release v3.16.0
• 02dab9b feat: update grammars
• 4bf5be3 chore: update snapshot
• Additional commits viewable in compare view

Updates tailwind-merge from 3.3.1 to 3.4.0

Release notes

Sourced from tailwind-merge's releases.

v3.4.0

New Features

• Performance optimizations which make tailwind-merge >10% faster
  • Vibe optimization by @​quantizor in dcastil/tailwind-merge#547
  • Additional optimizations by @​quantizor in dcastil/tailwind-merge#619

Documentation

• Improve docs by clarifying things, adding more examples by @​dcastil in dcastil/tailwind-merge#618
• Make examples more realistic by @​dcastil in dcastil/tailwind-merge#617
• Add custom variant as an alternative to docs by @​kidonng in dcastil/tailwind-merge#592

Other

• Improve benchmarking suite by @​quantizor in dcastil/tailwind-merge#620

Full Changelog: dcastil/tailwind-merge@v3.3.1...v3.4.0

Thanks to @​brandonmcconnell, @​manavm1990, @​langy, @​roboflow, @​syntaxfm, @​getsentry, @​codecov and a private sponsor for sponsoring tailwind-merge! ❤️

Commits

• 3e1256a v3.4.0
• e15f392 add changelog for v3.4.0
• 75e9aef Merge pull request #619 from quantizor/further-improvements
• 1bafc9c Make benchmark test names consistent
• 0799c12 revert: remove array-based string building optimization
• 1927858 test: add ultra long class list benchmark
• 87baba3 Remove unnecessary pre-computed conflict maps
• 7831c8e perf: pre-compute conflict arrays at initialization
• 1a3d133 perf: replace localeCompare with direct string comparison
• 0270028 perf: use index-based recursion to avoid array allocations
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for tailwind-merge since your current version.

Updates winston from 3.18.3 to 3.19.0

Release notes

Sourced from winston's releases.

v3.19.0

• Run npm audit fix e7ccdc4
• Don't include jest.config.js in npm package 5a63c8c
• fix: append error cause when using logger.child() (#2467) e74a7ae
• Bump rimraf from 5.0.1 to 5.0.10 (#2517) 8a956fd
• fix: ensure File transport flushes all data before emitting finish (#2594) 86c890f
• Bump actions/setup-node from 4 to 6 (#2589) 3b8be02
• Bump @​babel/core from 7.28.0 to 7.28.5 (#2591) f4c3e2c
• Bump actions/checkout from 4 to 6 (#2593) dd7906e
• chore: migrate test runner from mocha to jest (#2567) 2e9eb18

---

winstonjs/winston@v3.18.3...v3.19.0

Commits

• ed45345 3.19.0
• e7ccdc4 Run npm audit fix
• 5a63c8c Don't include jest.config.js in npm package
• e74a7ae fix: append error cause when using logger.child() (#2467)
• 8a956fd Bump rimraf from 5.0.1 to 5.0.10 (#2517)
• 86c890f fix: ensure File transport flushes all data before emitting finish (#2594)
• 3b8be02 Bump actions/setup-node from 4 to 6 (#2589)
• f4c3e2c Bump @​babel/core from 7.28.0 to 7.28.5 (#2591)
• dd7906e Bump actions/checkout from 4 to 6 (#2593)
• 2e9eb18 chore: migrate test runner from mocha to jest (#2567)
• See full diff in compare view

Updates ws from 8.18.3 to 8.19.0

Release notes

Sourced from ws's releases.

8.19.0

Features

• Added the closeTimeout option (#2308).

Bug fixes

• Handled a forthcoming breaking change in Node.js core (19984854).

Commits

• 61349ec [dist] 8.19.0
• 3f9ffc6 [feature] Introduce the closeTimeout option (#2308)
• 1998485 [fix] Ensure all remaining data is read as a single chunk
• 726c373 [doc] Sort options alphabetically
• b151f1e [ci] Update actions/checkout action to v6
• dabdd5b [ci] Update actions/setup-node action to v6
• 86eac5b [ci] Test on node 25
• 1891e14 [ci] Update actions/setup-node action to v5
• aa28c77 [ci] Update actions/checkout action to v5
• See full diff in compare view

Updates sass from 1.91.0 to 1.97.1

Release notes

Sourced from sass's releases.

Dart Sass 1.97.1

To install Sass 1.97.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

See the full changelog for changes in earlier releases.

Dart Sass 1.97.0

To install Sass 1.97.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Add support for the display-p3-linear color space.

See the full changelog for changes in earlier releases.

Dart Sass 1.96.0

To install Sass 1.96.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Allow numbers with complex units (more than one numerator unit or more than zero denominator units) to be emitted to CSS. These are now emitted as calc() expressions, which now support complex units in plain CSS.

See the full changelog for changes in earlier releases.

Dart Sass 1.95.1

To install Sass 1.95.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• No user-visible changes.

See the full changelog for changes in earlier releases.

Dart Sass 1.95.0

To install Sass 1.95.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

... (truncated)

Changelog

Sourced from sass's changelog.

1.97.1

• Fix a bug with the new CSS-style if() syntax where values would be evaluated even if their conditions didn't match.

1.97.0

• Add support for the display-p3-linear color space.

1.96.0

• Allow numbers with complex units (more than one numerator unit or more than zero denominator units) to be emitted to CSS. These are now emitted as calc() expressions, which now support complex units in plain CSS.

1.95.1

• No user-visible changes.

1.95.0

• Add support for the CSS-style if() function. In addition to supporting the plain CSS syntax, this also supports a sass() query that takes a Sass expression that evaluates to true or false at preprocessing time depending on whether the Sass value is truthy. If there are no plain-CSS queries, the function will return the first value whose query returns true during preprocessing. For example, if(sass(false): 1; sass(true): 2; else: 3) returns 2.

• The old Sass if() syntax is now deprecated. Users are encouraged to migrate to the new CSS syntax. if($condition, $if-true, $if-false) can be changed to if(sass($condition): $if-true; else: $if-false).

  See the Sass website for details.

• Plain-CSS if() functions are now considered "special numbers", meaning that they can be used in place of arguments to CSS color functions.

• Plain-CSS if() functions and attr() functions are now considered "special variable strings" (like var()), meaning they can now be used in place of multiple arguments or syntax fragments in various CSS functions.

1.94.3

• Fix the span reported for standalone % expressions followed by whitespace.

1.94.2

... (truncated)

Commits

• 62ec662 Use pwsh instead of powershell (#2710)
• b2f2532 Don't evaluate if() values if the condition doesn't match (#2707)
• 0c7083a Add support for the display-p3-linear color space (#2703)
• f6bdc02 Add support for complex units in CSS (#2699)
• 4aa6d5f Support parseSelectors in ImportCache (#2701)
• eae38c5 Fix an incorrect link in the changelog (#2700)
• 4747063 Bump the sass-parser version (#2697)
• 2abc89e Merge pull request #2693 from sass/css-if
• 2f7a16c Revert "Bump chokidar from 4.0.3 to 5.0.0 in /package (#2690)" (#2691)
• 38d4ac8 Add ArgumentList.namedSpans
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for sass since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}