mermaid/garden-of-eden
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore(deps): bump the production-dependencies group with 4 updates #33

Merged
dependabot[bot] merged 1 commit from dependabot/npm_and_yarn/production-dependencies-618e8603a4 into v4 2025-11-13 02:07:35 +00:00
Conversation 1 Commits 1 Files changed 2 +795 -293
dependabot[bot] commented 2025-11-10 16:03:53 +00:00 (Migrated from github.com)
Copy link

Bumps the production-dependencies group with 4 updates: pixi.js, sharp, shiki and esbuild.

Updates pixi.js from 8.14.0 to 8.14.1

Release notes

Sourced from pixi.js's releases.

v8.14.1

💾 Download

Installation:

npm install pixi.js@8.14.1

Development Build:

Production Build:

Documentation:

Changed

https://github.com/pixijs/pixijs/compare/v8.14.0...v8.14.1

🐛 Fixed

🧹 Chores

Commits

Updates sharp from 0.34.4 to 0.34.5

Release notes

Sourced from sharp's releases.

v0.34.5

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag. #4458

  • Add support for BigTIFF output. #4459 @​throwbi

  • Improve error messaging when only warnings issued. #4465

  • Simplify ICC processing when retaining input profiles. #4468

v0.34.5-rc.1

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag. #4458

  • Add support for BigTIFF output. #4459 @​throwbi

  • Improve error messaging when only warnings issued. #4465

  • Simplify ICC processing when retaining input profiles. #4468

v0.34.5-rc.0

  • Upgrade to libvips v8.17.3 for upstream bug fixes.

  • Add experimental support for prebuilt Linux RISC-V 64-bit binaries.

  • Support building from source with npm v12+, deprecate --build-from-source flag. #4458

  • Add support for BigTIFF output. #4459 @​throwbi

  • Improve error messaging when only warnings issued. #4465

... (truncated)

Commits
  • e062456 Release v0.34.5
  • 6450c70 Prerelease v0.34.5-rc.1
  • f7c95d1 TypeScript: consolidate a few enum-like properties
  • ef86a75 Prerelease v0.34.5-rc.0
  • 6c1e840 Use structured binding for tuples where possible
  • e1628d8 Simplify ICC processing when retaining input profiles #4468
  • 4f9f817 Linter: apply all recommended biome settings
  • 09d5aa8 Docs: update internal and libvips doc links
  • 040b73c Upgrade to libvips v8.17.3
  • 1f2f33d Ensure licensing headers are retained by code bundlers
  • Additional commits viewable in compare view

Updates shiki from 3.14.0 to 3.15.0

Release notes

Sourced from shiki's releases.

v3.15.0

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates esbuild from 0.25.12 to 0.27.0

Release notes

Sourced from esbuild's releases.

v0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

  • Use Uint8Array.fromBase64 if available (#4286)

    With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

  • Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

    This raises the operating system requirements for running esbuild:

    • Linux: now requires a kernel version of 3.2 or later
    • macOS: now requires macOS 12 (Monterey) or later

v0.26.0

  • Enable trusted publishing (#4281)

    GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

    Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

Changelog

Sourced from esbuild's changelog.

0.27.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.26.0 or ~0.26.0. See npm's documentation about semver for more information.

  • Use Uint8Array.fromBase64 if available (#4286)

    With this release, esbuild's binary loader will now use the new Uint8Array.fromBase64 function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify target when using this feature with Node (for example --target=node22) unless you're using Node v25+.

  • Update the Go compiler from v1.23.12 to v1.25.4 (#4208, #4311)

    This raises the operating system requirements for running esbuild:

    • Linux: now requires a kernel version of 3.2 or later
    • macOS: now requires macOS 12 (Monterey) or later

0.26.0

  • Enable trusted publishing (#4281)

    GitHub and npm are recommending that maintainers for packages such as esbuild switch to trusted publishing. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.

    Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
Bumps the production-dependencies group with 4 updates: [pixi.js](https://github.com/pixijs/pixijs), [sharp](https://github.com/lovell/sharp), [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) and [esbuild](https://github.com/evanw/esbuild). Updates `pixi.js` from 8.14.0 to 8.14.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pixijs/pixijs/releases">pixi.js's releases</a>.</em></p> <blockquote> <h2>v8.14.1</h2> <h2>💾 Download</h2> <p>Installation:</p> <pre lang="bash"><code>npm install pixi.js@8.14.1 </code></pre> <p>Development Build:</p> <ul> <li><a href="https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.js">https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.js</a></li> <li><a href="https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.mjs">https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.mjs</a></li> </ul> <p>Production Build:</p> <ul> <li><a href="https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.min.js">https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.min.js</a></li> <li><a href="https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.min.mjs">https://cdn.jsdelivr.net/npm/pixi.js@8.14.1/dist/pixi.min.mjs</a></li> </ul> <p>Documentation:</p> <ul> <li><a href="https://pixijs.download/v8.14.1/docs/index.html">https://pixijs.download/v8.14.1/docs/index.html</a></li> </ul> <h2>Changed</h2> <p><a href="https://github.com/pixijs/pixijs/compare/v8.14.0...v8.14.1">https://github.com/pixijs/pixijs/compare/v8.14.0...v8.14.1</a></p> <h3>🐛 Fixed</h3> <ul> <li>fix: bytesPerRow calculation for BufferImageSource in WebGPU by <a href="https://github.com/koteelok"><code>@​koteelok</code></a> in <a href="https://redirect.github.com/pixijs/pixijs/pull/11718">pixijs/pixijs#11718</a></li> <li>fix: Guards mask reset from null reference by <a href="https://github.com/Zyie"><code>@​Zyie</code></a> in <a href="https://redirect.github.com/pixijs/pixijs/pull/11719">pixijs/pixijs#11719</a></li> <li>fix: Prevents errors during worker manager reset by <a href="https://github.com/Zyie"><code>@​Zyie</code></a> in <a href="https://redirect.github.com/pixijs/pixijs/pull/11720">pixijs/pixijs#11720</a></li> </ul> <h3>🧹 Chores</h3> <ul> <li>chore: move transcoders off pixijs.download by <a href="https://github.com/bigtimebuddy"><code>@​bigtimebuddy</code></a> in <a href="https://redirect.github.com/pixijs/pixijs/pull/11730">pixijs/pixijs#11730</a></li> <li>chore: cleanup using optional chaining by <a href="https://github.com/bigtimebuddy"><code>@​bigtimebuddy</code></a> in <a href="https://redirect.github.com/pixijs/pixijs/pull/11713">pixijs/pixijs#11713</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pixijs/pixijs/commit/10a92cf89c1e224a7d4d9f4cffa24bea32a44440"><code>10a92cf</code></a> v8.14.1</li> <li><a href="https://github.com/pixijs/pixijs/commit/15bd3d9d2d99e5cd9aa5817ae75c929d93fcf58d"><code>15bd3d9</code></a> fix: Guards mask reset from null reference (<a href="https://redirect.github.com/pixijs/pixijs/issues/11719">#11719</a>)</li> <li><a href="https://github.com/pixijs/pixijs/commit/91fe1d64027e785fee88789a9b0f9b8c3c54ac5b"><code>91fe1d6</code></a> chore: cleanup using optional chaining (<a href="https://redirect.github.com/pixijs/pixijs/issues/11713">#11713</a>)</li> <li><a href="https://github.com/pixijs/pixijs/commit/3ab094939e2c1c4ae2eae5c8aa6a96fd4ab95c0a"><code>3ab0949</code></a> Fix bytesPerRow calculation for BufferImageSource (<a href="https://redirect.github.com/pixijs/pixijs/issues/11718">#11718</a>)</li> <li><a href="https://github.com/pixijs/pixijs/commit/e40a370544cf1bd844047c5ba86539d79d784273"><code>e40a370</code></a> fix: Prevents errors during worker manager reset (<a href="https://redirect.github.com/pixijs/pixijs/issues/11720">#11720</a>)</li> <li><a href="https://github.com/pixijs/pixijs/commit/63a01c575637674702fff541a78ea3555664c617"><code>63a01c5</code></a> chore: move transcoders off pixijs.download (<a href="https://redirect.github.com/pixijs/pixijs/issues/11730">#11730</a>)</li> <li>See full diff in <a href="https://github.com/pixijs/pixijs/compare/v8.14.0...v8.14.1">compare view</a></li> </ul> </details> <br /> Updates `sharp` from 0.34.4 to 0.34.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lovell/sharp/releases">sharp's releases</a>.</em></p> <blockquote> <h2>v0.34.5</h2> <ul> <li> <p>Upgrade to libvips v8.17.3 for upstream bug fixes.</p> </li> <li> <p>Add experimental support for prebuilt Linux RISC-V 64-bit binaries.</p> </li> <li> <p>Support building from source with npm v12+, deprecate <code>--build-from-source</code> flag. <a href="https://redirect.github.com/lovell/sharp/issues/4458">#4458</a></p> </li> <li> <p>Add support for BigTIFF output. <a href="https://redirect.github.com/lovell/sharp/pull/4459">#4459</a> <a href="https://github.com/throwbi"><code>@​throwbi</code></a></p> </li> <li> <p>Improve error messaging when only warnings issued. <a href="https://redirect.github.com/lovell/sharp/issues/4465">#4465</a></p> </li> <li> <p>Simplify ICC processing when retaining input profiles. <a href="https://redirect.github.com/lovell/sharp/issues/4468">#4468</a></p> </li> </ul> <h2>v0.34.5-rc.1</h2> <ul> <li> <p>Upgrade to libvips v8.17.3 for upstream bug fixes.</p> </li> <li> <p>Add experimental support for prebuilt Linux RISC-V 64-bit binaries.</p> </li> <li> <p>Support building from source with npm v12+, deprecate <code>--build-from-source</code> flag. <a href="https://redirect.github.com/lovell/sharp/issues/4458">#4458</a></p> </li> <li> <p>Add support for BigTIFF output. <a href="https://redirect.github.com/lovell/sharp/pull/4459">#4459</a> <a href="https://github.com/throwbi"><code>@​throwbi</code></a></p> </li> <li> <p>Improve error messaging when only warnings issued. <a href="https://redirect.github.com/lovell/sharp/issues/4465">#4465</a></p> </li> <li> <p>Simplify ICC processing when retaining input profiles. <a href="https://redirect.github.com/lovell/sharp/issues/4468">#4468</a></p> </li> </ul> <h2>v0.34.5-rc.0</h2> <ul> <li> <p>Upgrade to libvips v8.17.3 for upstream bug fixes.</p> </li> <li> <p>Add experimental support for prebuilt Linux RISC-V 64-bit binaries.</p> </li> <li> <p>Support building from source with npm v12+, deprecate <code>--build-from-source</code> flag. <a href="https://redirect.github.com/lovell/sharp/issues/4458">#4458</a></p> </li> <li> <p>Add support for BigTIFF output. <a href="https://redirect.github.com/lovell/sharp/pull/4459">#4459</a> <a href="https://github.com/throwbi"><code>@​throwbi</code></a></p> </li> <li> <p>Improve error messaging when only warnings issued. <a href="https://redirect.github.com/lovell/sharp/issues/4465">#4465</a></p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lovell/sharp/commit/e0624568686516209c434de2d3c0ef6688f0811d"><code>e062456</code></a> Release v0.34.5</li> <li><a href="https://github.com/lovell/sharp/commit/6450c704a686d4205a2c21ddb1d10d5fc28c6c23"><code>6450c70</code></a> Prerelease v0.34.5-rc.1</li> <li><a href="https://github.com/lovell/sharp/commit/f7c95d1bf0f24049ee6ee77b21b1c1bb8d181aa2"><code>f7c95d1</code></a> TypeScript: consolidate a few enum-like properties</li> <li><a href="https://github.com/lovell/sharp/commit/ef86a75560adb40605d3dfc85dc3656a0b88c413"><code>ef86a75</code></a> Prerelease v0.34.5-rc.0</li> <li><a href="https://github.com/lovell/sharp/commit/6c1e840098ea4a25d833518b30703d9b0af83d32"><code>6c1e840</code></a> Use structured binding for tuples where possible</li> <li><a href="https://github.com/lovell/sharp/commit/e1628d8ef5033dedde9ed1ddd4dd681e1fc30e1e"><code>e1628d8</code></a> Simplify ICC processing when retaining input profiles <a href="https://redirect.github.com/lovell/sharp/issues/4468">#4468</a></li> <li><a href="https://github.com/lovell/sharp/commit/4f9f8179a6350448a32851e5daf5508d61c727ba"><code>4f9f817</code></a> Linter: apply all recommended biome settings</li> <li><a href="https://github.com/lovell/sharp/commit/09d5aa8cfa09522ddc67342295cb75ab1d044b09"><code>09d5aa8</code></a> Docs: update internal and libvips doc links</li> <li><a href="https://github.com/lovell/sharp/commit/040b73ca746f4b8e71950708de4a464c7ba6a188"><code>040b73c</code></a> Upgrade to libvips v8.17.3</li> <li><a href="https://github.com/lovell/sharp/commit/1f2f33d9a7eb8ffba91b8576e49a39df5fdebb76"><code>1f2f33d</code></a> Ensure licensing headers are retained by code bundlers</li> <li>Additional commits viewable in <a href="https://github.com/lovell/sharp/compare/v0.34.4...v0.34.5">compare view</a></li> </ul> </details> <br /> Updates `shiki` from 3.14.0 to 3.15.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/shikijs/shiki/releases">shiki's releases</a>.</em></p> <blockquote> <h2>v3.15.0</h2> <h3>   🚀 Features</h3> <ul> <li><strong>lang-ansi</strong>: Fallback for missing theme ANSI colors  -  by <a href="https://github.com/Chanakyasinde"><code>@​Chanakyasinde</code></a> and <a href="https://github.com/antfu"><code>@​antfu</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1095">shikijs/shiki#1095</a> <a href="https://github.com/shikijs/shiki/commit/f36ea6d6"><!-- raw HTML omitted -->(f36ea)<!-- raw HTML omitted --></a></li> <li><strong>transformers</strong>: Support <code>meta.indent</code> for indent guides  -  by <a href="https://github.com/L33Z22L11"><code>@​L33Z22L11</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1087">shikijs/shiki#1087</a> <a href="https://github.com/shikijs/shiki/commit/d8f8967e"><!-- raw HTML omitted -->(d8f89)<!-- raw HTML omitted --></a></li> </ul> <h3>   🐞 Bug Fixes</h3> <ul> <li>Allow singleton highlighter recovery after invalid language error  -  by <a href="https://github.com/Maxiemad"><code>@​Maxiemad</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1091">shikijs/shiki#1091</a> <a href="https://github.com/shikijs/shiki/commit/218c901d"><!-- raw HTML omitted -->(218c9)<!-- raw HTML omitted --></a></li> <li><strong>vitepress-twoslash</strong>: Prevent popper show/hide on dragging  -  by <a href="https://github.com/bluwy"><code>@​bluwy</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/1090">shikijs/shiki#1090</a> <a href="https://github.com/shikijs/shiki/commit/29522e02"><!-- raw HTML omitted -->(29522)<!-- raw HTML omitted --></a></li> </ul> <h5>    <a href="https://github.com/shikijs/shiki/compare/v3.14.0...v3.15.0">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/shikijs/shiki/commit/63ab64b4825fc890dd41d82dad1b5680331e447b"><code>63ab64b</code></a> chore: release v3.15.0</li> <li><a href="https://github.com/shikijs/shiki/commit/218c901dd1a540d83bbf0a5198037ac446c01ded"><code>218c901</code></a> fix: allow singleton highlighter recovery after invalid language error (<a href="https://github.com/shikijs/shiki/tree/HEAD/packages/shiki/issues/1091">#1091</a>)</li> <li><a href="https://github.com/shikijs/shiki/commit/c056371b19e009a7239b5716cd18bf3e01f8754d"><code>c056371</code></a> chore: update snapshot</li> <li>See full diff in <a href="https://github.com/shikijs/shiki/commits/v3.15.0/packages/shiki">compare view</a></li> </ul> </details> <br /> Updates `esbuild` from 0.25.12 to 0.27.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/releases">esbuild's releases</a>.</em></p> <blockquote> <h2>v0.27.0</h2> <p><strong>This release deliberately contains backwards-incompatible changes.</strong> To avoid automatically picking up releases like this, you should either be pinning the exact version of <code>esbuild</code> in your <code>package.json</code> file (recommended) or be using a version range syntax that only accepts patch upgrades such as <code>^0.26.0</code> or <code>~0.26.0</code>. See npm's documentation about <a href="https://docs.npmjs.com/cli/v6/using-npm/semver/">semver</a> for more information.</p> <ul> <li> <p>Use <code>Uint8Array.fromBase64</code> if available (<a href="https://redirect.github.com/evanw/esbuild/issues/4286">#4286</a>)</p> <p>With this release, esbuild's <code>binary</code> loader will now use the new <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array/fromBase64"><code>Uint8Array.fromBase64</code></a> function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify <code>target</code> when using this feature with Node (for example <code>--target=node22</code>) unless you're using Node v25+.</p> </li> <li> <p>Update the Go compiler from v1.23.12 to v1.25.4 (<a href="https://redirect.github.com/evanw/esbuild/issues/4208">#4208</a>, <a href="https://redirect.github.com/evanw/esbuild/pull/4311">#4311</a>)</p> <p>This raises the operating system requirements for running esbuild:</p> <ul> <li>Linux: now requires a kernel version of 3.2 or later</li> <li>macOS: now requires macOS 12 (Monterey) or later</li> </ul> </li> </ul> <h2>v0.26.0</h2> <ul> <li> <p>Enable trusted publishing (<a href="https://redirect.github.com/evanw/esbuild/issues/4281">#4281</a>)</p> <p>GitHub and npm are recommending that maintainers for packages such as esbuild switch to <a href="https://docs.npmjs.com/trusted-publishers">trusted publishing</a>. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.</p> <p>Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's changelog</a>.</em></p> <blockquote> <h2>0.27.0</h2> <p><strong>This release deliberately contains backwards-incompatible changes.</strong> To avoid automatically picking up releases like this, you should either be pinning the exact version of <code>esbuild</code> in your <code>package.json</code> file (recommended) or be using a version range syntax that only accepts patch upgrades such as <code>^0.26.0</code> or <code>~0.26.0</code>. See npm's documentation about <a href="https://docs.npmjs.com/cli/v6/using-npm/semver/">semver</a> for more information.</p> <ul> <li> <p>Use <code>Uint8Array.fromBase64</code> if available (<a href="https://redirect.github.com/evanw/esbuild/issues/4286">#4286</a>)</p> <p>With this release, esbuild's <code>binary</code> loader will now use the new <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Uint8Array/fromBase64"><code>Uint8Array.fromBase64</code></a> function unless it's unavailable in the configured target environment. If it's unavailable, esbuild's previous code for this will be used as a fallback. Note that this means you may now need to specify <code>target</code> when using this feature with Node (for example <code>--target=node22</code>) unless you're using Node v25+.</p> </li> <li> <p>Update the Go compiler from v1.23.12 to v1.25.4 (<a href="https://redirect.github.com/evanw/esbuild/issues/4208">#4208</a>, <a href="https://redirect.github.com/evanw/esbuild/pull/4311">#4311</a>)</p> <p>This raises the operating system requirements for running esbuild:</p> <ul> <li>Linux: now requires a kernel version of 3.2 or later</li> <li>macOS: now requires macOS 12 (Monterey) or later</li> </ul> </li> </ul> <h2>0.26.0</h2> <ul> <li> <p>Enable trusted publishing (<a href="https://redirect.github.com/evanw/esbuild/issues/4281">#4281</a>)</p> <p>GitHub and npm are recommending that maintainers for packages such as esbuild switch to <a href="https://docs.npmjs.com/trusted-publishers">trusted publishing</a>. With this release, a VM on GitHub will now build and publish all of esbuild's packages to npm instead of me. In theory.</p> <p>Unfortunately there isn't really a way to test that this works other than to do it live. So this release is that live test. Hopefully this release is uneventful and is exactly the same as the previous one (well, except for the green provenance attestation checkmark on npm that happens with trusted publishing).</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/evanw/esbuild/commit/2b91699b74da07c2cd2361a5e63c1882575e3bf0"><code>2b91699</code></a> publish 0.27.0 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/22b425c12f59964383df27362294b5f8c034bab3"><code>22b425c</code></a> fix <a href="https://redirect.github.com/evanw/esbuild/issues/4286">#4286</a>: use <code>Uint8Array.fromBase64</code> if present (<a href="https://redirect.github.com/evanw/esbuild/issues/4295">#4295</a>)</li> <li><a href="https://github.com/evanw/esbuild/commit/6d187ef4c9277939c1639ef8c036c07ff62dd33f"><code>6d187ef</code></a> update go 1.25.3 =&gt; 1.25.4</li> <li><a href="https://github.com/evanw/esbuild/commit/9d0d4e71a23dce02d18cf91552304333c1b44cd9"><code>9d0d4e7</code></a> update go 1.23.12 =&gt; 1.25.3 (<a href="https://redirect.github.com/evanw/esbuild/issues/4318">#4318</a>)</li> <li><a href="https://github.com/evanw/esbuild/commit/b6979d89ed4b2aed1ab58d206e65c8bd92ac7c60"><code>b6979d8</code></a> use a patched go compiler for release builds</li> <li><a href="https://github.com/evanw/esbuild/commit/893d2b9661a62575041fa371351c422f887cc43d"><code>893d2b9</code></a> delete temporary <code>release.yml</code> workflow</li> <li><a href="https://github.com/evanw/esbuild/commit/cee391852c39146334894795e658e7a9c7bc4cd8"><code>cee3918</code></a> add a temporary <code>release.yml</code> workflow</li> <li><a href="https://github.com/evanw/esbuild/commit/f5bb1d6ed8c86eea24cda1664ab8812d823daeca"><code>f5bb1d6</code></a> fix <code>publish.yml</code></li> <li><a href="https://github.com/evanw/esbuild/commit/17ff82bebfaf78e97457cb504525584e603bf9f4"><code>17ff82b</code></a> publish 0.26.0 to npm</li> <li><a href="https://github.com/evanw/esbuild/commit/f87181fbf3eb78b6b00cf7b3529d0f6f20cd763c"><code>f87181f</code></a> enable trusted publishing (<a href="https://redirect.github.com/evanw/esbuild/issues/4319">#4319</a>)</li> <li>Additional commits viewable in <a href="https://github.com/evanw/esbuild/compare/v0.25.12...v0.27.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by [GitHub Actions](<a href="https://www.npmjs.com/~GitHub">https://www.npmjs.com/~GitHub</a> Actions), a new releaser for esbuild since your current version.</p> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details>
vercel[bot] commented 2025-11-10 16:03:56 +00:00 (Migrated from github.com)
Copy link

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
gardenofeden Ready Ready Preview Comment Nov 10, 2025 4:04pm
[vc]: #Ml4maxILMu9lPLfF+dVrlk2hWlhCnO+MtoY4EvbfVUo=:eyJpc01vbm9yZXBvIjp0cnVlLCJ0eXBlIjoiZ2l0aHViIiwicHJvamVjdHMiOlt7Im5hbWUiOiJnYXJkZW5vZmVkZW4iLCJpbnNwZWN0b3JVcmwiOiJodHRwczovL3ZlcmNlbC5jb20vZ2xpdHRlcmVsZnMtcHJvamVjdHMvZ2FyZGVub2ZlZGVuLzlVUWRTd01YbmZQQWl5c1B5Um10NExXdXNQcTIiLCJwcmV2aWV3VXJsIjoiZ2FyZGVub2ZlZGVuLWdpdC1kZXBlbmRhYm90LW5wbWFuZHktZDFlMzJmLWdsaXR0ZXJlbGZzLXByb2plY3RzLnZlcmNlbC5hcHAiLCJuZXh0Q29tbWl0U3RhdHVzIjoiREVQTE9ZRUQiLCJsaXZlRmVlZGJhY2siOnsicmVzb2x2ZWQiOjAsInVucmVzb2x2ZWQiOjAsInRvdGFsIjowLCJsaW5rIjoiZ2FyZGVub2ZlZGVuLWdpdC1kZXBlbmRhYm90LW5wbWFuZHktZDFlMzJmLWdsaXR0ZXJlbGZzLXByb2plY3RzLnZlcmNlbC5hcHAifSwicm9vdERpcmVjdG9yeSI6bnVsbH1dfQ== The latest updates on your projects. Learn more about [Vercel for GitHub](https://vercel.link/github-learn-more). | Project | Deployment | Preview | Comments | Updated (UTC) | | :--- | :----- | :------ | :------- | :------ | | [gardenofeden](https://vercel.com/glitterelfs-projects/gardenofeden) | ![Ready](https://vercel.com/static/status/ready.svg) [Ready](https://vercel.com/glitterelfs-projects/gardenofeden/9UQdSwMXnfPAiysPyRmt4LWusPq2) | [Preview](https://gardenofeden-git-dependabot-npmandy-d1e32f-glitterelfs-projects.vercel.app) | [Comment](https://vercel.live/open-feedback/gardenofeden-git-dependabot-npmandy-d1e32f-glitterelfs-projects.vercel.app?via=pr-comment-feedback-link) | Nov 10, 2025 4:04pm |
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something isn't working

  
dependencies

Pull requests that update a dependency file

  
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
github_actions

Pull requests that update GitHub Actions code

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
javascript

Pull requests that update javascript code

  
question

Further information is requested

  
wontfix

This will not be worked on

No labels
bug
dependencies
documentation
duplicate
enhancement
github_actions
good first issue
help wanted
invalid
javascript
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
mermaid/garden-of-eden!33
No description provided.