chore(deps-dev): bump the dependencies group with 9 updates

[dependabot]

Bumps the dependencies group with 9 updates:

Package	From	To
@types/node	25.9.2	25.9.3
commitizen	4.3.1	4.3.2
eslint	10.4.1	10.5.0
lighthouse	13.3.0	13.4.0
playwright	1.60.0	1.61.0
prettier	3.8.3	3.8.4
semantic-release	25.0.3	25.0.5
typescript-eslint	8.61.0	8.61.1
web-ext	10.3.0	10.4.0

Updates @types/node from 25.9.2 to 25.9.3

Commits

• See full diff in compare view

Updates commitizen from 4.3.1 to 4.3.2

Release notes

Sourced from commitizen's releases.

v4.3.2

4.3.2 (2026-06-12)

• chore(deps): bump semantic-release to 25 for npm trusted publishing (#1029) (6eb168c), closes #1029
• ci(release): bump actions/checkout and actions/setup-node to v4 (#1024) (f5702c4), closes #1024
• ci(release): use npm trusted publishing via OIDC (#1028) (096ed52), closes #1028
• chore(deps) Update all non-major dependencies (#1026) (4e98218), closes #1026
• chore(deps) Update dependency lodash to v4.18.1 [SECURITY] (#1010) (11be6a1), closes #1010
• fix(ci): fix pipelines and update matrices to node 18/20/22 (#1023) (48e4b8b), closes #1023
• docs: update README.md to add contributors (#985) (3c08866), closes #985

Commits

• 6eb168c chore(deps): bump semantic-release to 25 for npm trusted publishing (#1029)
• 096ed52 ci(release): use npm trusted publishing via OIDC (#1028)
• 4e98218 chore(deps) Update all non-major dependencies (#1026)
• f5702c4 ci(release): bump actions/checkout and actions/setup-node to v4 (#1024)
• 11be6a1 chore(deps) Update dependency lodash to v4.18.1 [SECURITY] (#1010)
• 48e4b8b fix(ci): fix pipelines and update matrices to node 18/20/22 (#1023)
• 3c08866 docs: update README.md to add contributors (#985)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for commitizen since your current version.

Updates eslint from 10.4.1 to 10.5.0

Release notes

Sourced from eslint's releases.

v10.5.0

Features

• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)
• b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)
• f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)
• bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)
• c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

• 8ae1b5b docs: Update README (GitHub Actions Bot)
• ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962) (Francesco Trotta)
• f99b47a docs: Update README (GitHub Actions Bot)
• acf03d4 docs: clarify precedence of parserOptions over languageOptions (#20926) (sethamus)

Chores

• b18bf58 chore: update ecosystem plugins (#20959) (ESLint Bot)
• c2d1444 refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (#20951) (Taejin Kim)
• 243b8c5 chore: enhance config-rule to support oneOf, anyOf, and nested schemas (#20788) (kuldeep kumar)
• 217b2a9 test: add unit tests for ParserService (#20949) (Taejin Kim)
• 72003e7 test: add location information to error messages in max-statements (#20945) (lumir)
• 7797c26 refactor: deduplicate isAnySegmentReachable across rules (#20890) (Taejin Kim)
• 67c46fa chore: update ecosystem plugins (#20938) (ESLint Bot)
• 95d8c7a chore: update dependency @​eslint/json to v2 (#20934) (renovate[bot])
• cf9e496 chore: update @​arethetypeswrong/cli to 0.18.3 (#20933) (Pixel998)
• fb6d396 test: run type tests with TypeScript 7 (#20868) (sethamus)

Commits

• de3b672 10.5.0
• 362a518 Build: changelog update for 10.5.0
• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973)
• b565783 feat: report no-with violations at the with keyword (#20971)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967)
• f9c138a feat: report max-depth violations on keywords (#20943)
• 8ae1b5b docs: Update README
• ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962)
• b18bf58 chore: update ecosystem plugins (#20959)
• Additional commits viewable in compare view

Updates lighthouse from 13.3.0 to 13.4.0

Release notes

Sourced from lighthouse's releases.

v13.4.0

Full Changelog

We expect this release to ship in the DevTools of Chrome 151, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributors 👽🐷🐰🐯🐻!

• Thomas Steiner @​tomayac
• KS Nithin @​Nithin0620
• Emanuele @​emazack
• Kirtikumar Anandrao Ramchandani @​KirtiRamchandani
• Rin @​RinZ27
• Michael Hablich @​natorion

Core

• canonical: improve validation for invalid URLs (#16765)
• llms-txt: allow leading whitespace for header check (#17057)
• geolocation-on-start: mention geolocation element (#16835)
• add public Lighthouse types entrypoint (#17028)
• match scripts to network requests using frameId (#16774)
• config: import LH types (#17048)
• driver: add ExecutionContext.evaluateOnObject (#17050)
• driver: check if usage data exists before using (#17033)

Report

• fix performance gauge label, improve load animation (#17045)
• decouple link creation from link details rendering (#17049)
• viewer: persist dark mode when when changing langauge (#17063)

Deps

• upgrade deps (#17070)
• upgrade typescript to 6.0.3 (#17060)
• upgrade terser to 5.48.0 (#17059)
• upgrade esbuild to 0.28.0 (#17058)
• upgrade trace_engine to 0.0.65 (#17046)
• upgrade puppeteer to 25.0.2 (#17019)

Clients

• viewer: prevent toast showing on load (#17069)
• viewer: clear github auth token on 401 error (#17064)
• viewer: disable agentic-browsing in PSI api call (#17041)

I18n

... (truncated)

Changelog

Sourced from lighthouse's changelog.

13.4.0 (2026-06-09)

Full Changelog

We expect this release to ship in the DevTools of Chrome 151, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributors 👽🐷🐰🐯🐻!

• Thomas Steiner @​tomayac
• KS Nithin @​Nithin0620
• Emanuele @​emazack
• Kirtikumar Anandrao Ramchandani @​KirtiRamchandani
• Rin @​RinZ27
• Michael Hablich @​natorion

Core

• canonical: improve validation for invalid URLs (#16765)
• llms-txt: allow leading whitespace for header check (#17057)
• geolocation-on-start: mention geolocation element (#16835)
• add public Lighthouse types entrypoint (#17028)
• match scripts to network requests using frameId (#16774)
• config: import LH types (#17048)
• driver: add ExecutionContext.evaluateOnObject (#17050)
• driver: check if usage data exists before using (#17033)

Report

• fix performance gauge label, improve load animation (#17045)
• decouple link creation from link details rendering (#17049)
• viewer: persist dark mode when when changing langauge (#17063)

Deps

• upgrade deps (#17070)
• upgrade typescript to 6.0.3 (#17060)
• upgrade terser to 5.48.0 (#17059)
• upgrade esbuild to 0.28.0 (#17058)
• upgrade trace_engine to 0.0.65 (#17046)
• upgrade puppeteer to 25.0.2 (#17019)

Clients

• viewer: prevent toast showing on load (#17069)
• viewer: clear github auth token on 401 error (#17064)
• viewer: disable agentic-browsing in PSI api call (#17041)

I18n

... (truncated)

Commits

• cb79bea v13.4.0 (#17073)
• c0ac986 i18n: import (#17071)
• 6894326 tests: exclude origin-isolation-coop-present smoke test (#17072)
• 6c9c6ae deps: upgrade deps (#17070)
• 2a52414 clients(viewer): prevent toast showing on load (#17069)
• 3a52f71 core: match scripts to network requests using frameId (#16774)
• 85c711d core(geolocation-on-start): mention geolocation element (#16835)
• 5bbddf0 core(llms-txt): allow leading whitespace for header check (#17057)
• eb3d98a clients(viewer): clear github auth token on 401 error (#17064)
• 19b38e5 report(viewer): persist dark mode when when changing langauge (#17063)
• Additional commits viewable in compare view

Updates playwright from 1.60.0 to 1.61.0

Release notes

Sourced from playwright's releases.

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

• apiResponse.securityDetails() and apiResponse.serverAddr() mirror the browser-side response.securityDetails() and response.serverAddr().

Browser and Screencast

• New option artifactsDir in browserType.connectOverCDP() controls where artifacts such as traces and downloads are stored when attached to an existing browser.
• New option cursor in screencast.showActions() controls the cursor decoration rendered for pointer actions.
• The onFrame callback in screencast.start() now receives a timestamp of when the frame was presented by the browser.

Test runner

• The testOptions.video option now supports the same set of modes as trace: new 'on-all-retries', 'retain-on-first-failure' and 'retain-on-failure-and-retries' values. See the video modes table for which runs are recorded and kept in each mode.
• Supported expect.soft.poll(...).
• New fullConfig.argv — a snapshot of process.argv from the runner process, handy for reading custom arguments passed after the -- separator.
• New fullConfig.failOnFlakyTests mirrors the config option, so reporters can explain why a flaky run failed.
• testInfo.errors now lists each sub-error of an AggregateError as a separate entry.

... (truncated)

Commits

• 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
• a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
• 8133dcf cherry-pick(#41283): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...
• 812432e chore: mark v1.61.0 (#41277)
• ac05145 fix(fetch): report serverAddr and securityDetails for reused sockets (#41267)
• 056efc9 fix(trace-viewer): add keyboard navigation to NetworkFilters component (#41...
• 41f7b9a chore: fixes uncovered by the .NET 1.61 roll (#41266)
• ba50778 fix(mcp): assign caps as array for legacy --vision flag (#41253)
• b8ee5ae docs: release notes for v1.61 (#41261)
• 49c1f69 fix(trace viewer): load trace from a local file (#41263)
• Additional commits viewable in compare view

Updates prettier from 3.8.3 to 3.8.4

Release notes

Sourced from prettier's releases.

3.8.4

• Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (prettier/prettier#17746 by @​byplayer)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

<!-- Input -->
- a


b


c

d



<!-- Prettier 3.8.3 -->

a

b


c

d



<!-- Prettier 3.8.4 -->


a

b



c

d

Commits

• 1c6ba55 Release 3.8.4
• 4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
• 074aaed Replace main branch in changelog link with tags (#19054)
• c22a003 Bump Prettier dependency to 3.8.3
• 07bad1f Clean changelog_unreleased
• See full diff in compare view

Updates semantic-release from 25.0.3 to 25.0.5

Release notes

Sourced from semantic-release's releases.

v25.0.5

25.0.5 (2026-06-09)

Bug Fixes

• revert: next (#4200) (db8ffaa)

v25.0.4

25.0.4 (2026-06-09)

Bug Fixes

• code-quality: add missing comma in context object for consistency (493d6cd)

Commits

• db8ffaa fix(revert): next (#4200)
• 4e476de docs: update README to include information about the new core engine integration
• 493d6cd fix(code-quality): add missing comma in context object for consistency
• d05e160 refactor: replace direct logger and env-ci replacements with a mockCore funct...
• 4f464a7 test: add tests for core delegation and dry-run policy handling
• 3f5d1b7 refactor: integrate core; remove unused imports and restructuring the main ...
• 7d71f2e refactor: remove obsolete release type constants and notes separator
• 1ae1a19 refactor: remove obsolete test files for logger, git, sensitive data handling...
• bedddc4 refactor: remove obsolete Git-related utilities and logging functions
• 7172195 refactor(tests): remove obsolete tests for plugins and verification
• Additional commits viewable in compare view

Updates typescript-eslint from 8.61.0 to 8.61.1

Release notes

Sourced from typescript-eslint's releases.

v8.61.1

8.61.1 (2026-06-15)

🩹 Fixes

• eslint-plugin: [consistent-indexed-object-style] do not remove comments when fixing (#12396, #10577)
• eslint-plugin: [no-unnecessary-type-assertion] avoid false positive for template literal expressions (#12281)
• eslint-plugin: [no-unnecessary-type-assertion] wrap object literal in parens when removing TSTypeAssertion in arrow body (#12394, #12393)
• eslint-plugin: [no-unnecessary-boolean-literal-compare] fix precedence bug in autofix (#12413)
• eslint-plugin: [no-unnecessary-template-expression] respect ECMAScript line terminators (#12388)

❤️ Thank You

• Anas @​anasm266
• Deftera @​Deftera186
• Kirk Waiblinger @​kirkwaiblinger
• lumir
• Sarath Francis @​sarathfrancis90

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.61.1 (2026-06-15)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• aaad718 chore(release): publish 8.61.1
• See full diff in compare view

Updates web-ext from 10.3.0 to 10.4.0

Release notes

Sourced from web-ext's releases.

10.4.0 (2026-06-12)

main changes

Dependency updates, mainly.

dependencies

• Updated: dependency tmp to 0.2.7 (#3734)
• Updated: dependency @babel/runtime to 7.29.7 (#3729)
• Updated: dependency addons-linter to 10.7.0 (#3739)

dev dependencies

• Updated: dependency @babel/cli to 7.29.7 (#3731)
• Updated: dependency @babel/core to 7.29.7 (#3733)
• Updated: dependency @babel/eslint-parser to 7.29.7 (#3730)
• Updated: dependency @babel/preset-env to 7.29.7 (#3732)
• Updated: dependency @babel/register to 7.29.7 (#3728)
• Updated: dependency @commitlint/cli to 21.0.2 (#3737)
• Updated: dependency @commitlint/config-conventional to 21.0.2 (#3736)
• Updated: dependency mocha to 11.7.6 (#3726)
• Updated: dependencies shell-quote and fx-runner (#3738)

Commits

• 0ad2e8e 10.4.0
• e3d3180 chore(deps): bump addons-linter to 10.7.0 (#3739)
• e838620 chore(deps): bump shell-quote and fx-runner (#3738)
• b0977e7 chore(deps-dev): bump @​commitlint/config-conventional from 21.0.1 to 21.0.2 (...
• 0f3151c chore(deps-dev): bump @​commitlint/cli from 21.0.1 to 21.0.2 (#3737)
• 799e35c chore(deps): bump tmp from 0.2.6 to 0.2.7 (#3734)
• 92b179d chore(deps-dev): bump @​babel/eslint-parser from 7.28.6 to 7.29.7 (#3730)
• be7b076 chore(deps-dev): bump @​babel/cli from 7.28.6 to 7.29.7 (#3731)
• 197225a chore(deps-dev): bump @​babel/register from 7.29.3 to 7.29.7 (#3728)
• 07d6954 chore(deps-dev): bump @​babel/preset-env from 7.29.5 to 7.29.7 (#3732)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions