fix(deps): update non-major updates

[bottd]

This PR contains the following updates:

Package	Change	Age	Confidence
@cloudflare/workers-types	4.20260124.0 → 4.20260130.0
@takumi-rs/core	0.65.0 → 0.66.7
@takumi-rs/helpers	0.65.0 → 0.66.7
@types/node (source)	24.10.4 → 24.10.9
@types/react (source)	19.2.9 → 19.2.10
bits-ui	2.15.4 → 2.15.5
globals	17.1.0 → 17.2.0
happy-dom	20.3.9 → 20.4.0
happy-dom	20.1.0 → 20.4.0
layerchart	2.0.0-next.27 → 2.0.0-next.44
playwright (source)	1.57.0 → 1.58.0
react (source)	19.2.3 → 19.2.4
svelte (source)	5.48.0 → 5.49.1
svelte (source)	5.48.0 → 5.49.1
typescript-eslint (source)	8.53.1 → 8.54.0
vite-tsconfig-paths	6.0.4 → 6.0.5
wrangler (source)	4.60.0 → 4.61.1

---

Release Notes

cloudflare/workerd (@​cloudflare/workers-types)

v4.20260130.0

Compare Source

v4.20260129.0

Compare Source

v4.20260128.0

Compare Source

v4.20260127.0

Compare Source

kane50613/takumi (@​takumi-rs/core)

v0.66.7

Compare Source

Patch Changes

• a3e7f9c: document all the functions

v0.66.6

Compare Source

v0.66.5

Compare Source

v0.66.4

Compare Source

v0.66.3

Compare Source

v0.66.2

Compare Source

v0.66.1

Compare Source

v0.66.0

Compare Source

Patch Changes

• 80da5a7: remove unused browser field

huntabyte/bits-ui (bits-ui)

v2.15.5

Compare Source

Patch Changes

• fix(Tooltip): allow overriding trigger tabindex (#​1932)

• fix(Pin Input): keyboard navigation (#​1872)

• fix(ScrollArea): cleanup when pointercapture is lost (#​1935)

• fix(Accordion): allow overriding trigger tabindex (#​1932)

• fix(Presence): optimize animation detection for large DOMs (#​1924)

• fix: floating components should respect style prop (#​1934)

• fix(FocusScope): ensure focus scopes works with only 1 tabbable item (#​1933)

sindresorhus/globals (globals)

v17.2.0

Compare Source

• jasmine: Add throwUnless and throwUnlessAsync globals (#​335) 97f23a7

---

capricorn86/happy-dom (happy-dom)

v20.4.0

Compare Source

🎨 Features

• Adds support for caching the compiled code of EcmaScript modules - By @​capricorn86 in task #​2049
• Improves the way nodes are destroyed and garbage collected - By @​capricorn86 in task #​2049

techniq/layerchart (layerchart)

v2.0.0-next.44

Compare Source

Patch Changes

• fix(Canvas): Fix pointer events (hit canvas) when using Brave browser with fingerprinting protection enabled (#​449)

v2.0.0-next.43

Compare Source

Patch Changes

• fix(Highlight|TooltipContext): Support xInterval / yInterval (#​449)

v2.0.0-next.42

Compare Source

Patch Changes

• fix(Calendar): Respect start instead of always start of year (#​657)

v2.0.0-next.41

Compare Source

Patch Changes

• fix(Tooltip): Correctly set tooltip position on chart enter and exit (#​655)

v2.0.0-next.40

Compare Source

Patch Changes

• fix(LineChart): Restore passing xScale / yScale overrides (#​449)

v2.0.0-next.39

Compare Source

Minor Changes

• feat: Support css-only usage (no Tailwind required) while retaining first-class Tailwind support (#​557)

Patch Changes

• feat: Simplify daisyUI, shadcn-svelte, and Skeleton integrations with single line @import 'layerchart/{library}.css' added to app.css (#​557)

• docs: Add examples for standalone, daisyUI v5, shadcn-svelte v1, Skeleton v3, and Svelte UX v2 (next) (including light/dark theming) (#​557)

• feat(LineChart): Support orientation="vertical". Resolves #​640 (#​557)

• feat: Add Html context support for applicable primitives such as Circle, Line, Rect, Text (and more) as well as transitively such as Axis, Grid, Labels (and more) (#​557)

• feat(LinearGradient): Support Html context (#​557)

• fix(Text): Apply fill: currentColor to support more straightforward way of changing color (ex. class="text-red-500" or style="color:red") (#​557)

• fix(TooltipContext): Revert back to pointer events (instead of mouse/touch) but with touch-action: pan-y. Provides simplified events while allowing horizontal scrubbing with vertical scrolling. (#​557)

• feat(TooltipContext): Add touchEvents to control touch event behavior. Defaults to pan-y to allow vertical scrolling but horizontal scrubbing. (#​557)

• fix(TooltipContext): Fix band mode regression when both x/y are scaleBand (ex. punchcard chart) (#​557)

• fix(SimplifiedCharts): Properly handle legend prop as object when determining bottom padding (#​557)

• fix(AreaChart|LineChart|DefaultTooltip): Handle per-series data with different length (#​557)

• feat(Highlight): Support passing opacity (#​557)

• fix(SimplifiedChart): Still add selected legend item opacity when item classes are also applied (#​557)

• feat(Legend): Add selected prop to fade out unselected items (if passed and non-empty) (#​557)

• feat(SeriesState): Add isHighlighted(seriesKey) to easy check if series is hightlight (or should be faded) (#​557)

• fix(Primatives): Apply default classes when using Canvas context (like Svg). Resolves #​544 (#​557)

• refactor: Remove use of layerClass and apply lc-{name} class directly to allow easy component <style> targetting within LayerChart (#​557)

v2.0.0-next.38

Compare Source

Patch Changes

• Update dependencies (#​629)

• fix(autoScale): Ignore null domain values, fixing some brush examples (#​449)

• fix: Update dagreAncestors() and dagreDescendants() util types (#​629)

v2.0.0-next.37

Compare Source

Patch Changes

• fix(ArcChart): Do not pass y accessor to use linear scale fallback (#​449)

v2.0.0-next.36

Compare Source

Patch Changes

• fix(PieChart): Do not pass y accessor to use linear scale fallback (#​631)

v2.0.0-next.35

Compare Source

Patch Changes

• feat(Chart): Automatically determine scale based on data and domain values (instead of defaulting to scaleLinear) (#​624)

v2.0.0-next.34

Compare Source

Minor Changes

• feat(Rule): Support using as data-driven mark (ex. candlestick, lollipop) by default (<Rule> using Chart accessors) or passing explicit x/y accessors (ex. <Rule y={["high", "low"]} />). Resolves #​64 (#​622)

• breaking(Points): Remove <Points links> prop. Use <Rule> with x/y accessor instead (#​622)

Patch Changes

• breaking(Axis): Rename x="left|right" and y="top|bottom" props with # LayerChart prefix (ex. `) (#​622)

v2.0.0-next.33

Compare Source

Patch Changes

• fix(Bars): Fix inverted rect when rendered top-to-bottom or right-to-left. Fixes #​540 (#​613)

• fix(Axis): Filter distinct tick values (useful when manually injecting extra values) (#​615)

• feat(Axis): Use format to filter ticks (integer and date/time). Helpful to keep ticks above a threshold for wide charts or short durations. (#​615)

v2.0.0-next.32

Compare Source

Patch Changes

• fix(Points): Update point.x / point.y based on ctx.radial to simplify children snippet usage (#​611)

v2.0.0-next.31

Compare Source

Minor Changes

• feat(Chart): Add xInterval / yInterval for time scales usage with bar charts (#​562)

• feat(BarChart): Support time scale with xInterval / yInterval props (#​562)

• feat(TooltipContext): Support band mode with time scale (similar to band scale) (#​562)

• feat(ForceSimulation): Added onNodesChange callback to ForceSimulation (#​607)

Patch Changes

• fix(Bar): Clamp radius to width/height to not cause artifacts with small values (including 0) when rounding a single edge. Fixes #​383 (#​610)

• fix(Highlight): Properly handle area highlights with y-axis time scales (#​562)

v2.0.0-next.30

Compare Source

Patch Changes

• fix(AnnotationPoint): Do not propagate mouse/touch move/leave events to TooltipContext after switching from pointer events. Fixes #​598 (#​602)

v2.0.0-next.29

Compare Source

Patch Changes

• fix(Axis): Fix display of axis labels (#​591)

v2.0.0-next.28

Compare Source

Patch Changes

• fix(Axis): Fix memory leak and improve performance when tick values are Date instances (#​586)

microsoft/playwright (playwright)

v1.58.0

Compare Source

📣 Playwright CLI+SKILLs 📣

We are adding a new token-efficient CLI mode of operation to Playwright with the skills located at playwright-cli. This brings the long-awaited official SKILL-focused CLI mode to our story and makes it more coding agent-friendly.

It is the first snapshot with the essential command set (which is already larger than the original MCP!), but we expect it to grow rapidly. Unlike the token use, that one we expect to go down since snapshots are no longer forced into the LLM!

Timeline

If you're using merged reports, the HTML report Speedboard tab now shows the Timeline:

UI Mode and Trace Viewer Improvements

• New 'system' theme option follows your OS dark/light mode preference
• Search functionality (Cmd/Ctrl+F) is now available in code editors
• Network details panel has been reorganized for better usability
• JSON responses are now automatically formatted for readability

Thanks to @​cpAdm for contributing these improvements!

Miscellaneous

browserType.connectOverCDP() now accepts an isLocal option. When set to true, it tells Playwright that it runs on the same host as the CDP server, enabling file system optimizations.

Breaking Changes ⚠️

• Removed _react and _vue selectors. See locators guide for alternatives.
• Removed :light selector engine suffix. Use standard CSS selectors instead.
• Option devtools from browserType.launch() has been removed. Use args: ['--auto-open-devtools-for-tabs'] instead.
• Removed macOS 13 support for WebKit. We recommend to upgrade your macOS version, or keep using an older Playwright version.

Browser Versions

• Chromium 145.0.7632.6
• Mozilla Firefox 146.0.1
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 144
• Microsoft Edge 144

facebook/react (react)

v19.2.4: 19.2.4 (January 26th, 2026)

Compare Source

React Server Components

• Add more DoS mitigations to Server Actions, and harden Server Components (#​35632 by @​gnoff, @​lubieowoce, @​sebmarkbage, @​unstubbable)

sveltejs/svelte (svelte)

v5.49.1

Compare Source

Patch Changes

• fix: merge consecutive large text nodes (#​17587)

• fix: only create async functions in SSR output when necessary (#​17593)

• fix: properly separate multiline html blocks from each other in print() (#​17319)

• fix: prevent unhandled exceptions arising from dangling promises in <script> (#​17591)

v5.49.0

Compare Source

Minor Changes

• feat: allow passing ShadowRootInit object to custom element shadow option (#​17088)

Patch Changes

• fix: throw for unset createContext get on the server (#​17580)

• fix: reset effects inside skipped branches (#​17581)

• fix: preserve old dependencies when updating reaction inside fork (#​17579)

• fix: more conservative assignment_value_stale warnings (#​17574)

• fix: disregard popover elements when determining whether an element has content (#​17367)

• fix: fire introstart/outrostart events after delay, if specified (#​17567)

• fix: increment signal versions when discarding forks (#​17577)

v5.48.5

Compare Source

Patch Changes

• fix: run boundary onerror callbacks in a microtask, in case they result in the boundary's destruction (#​17561)

• fix: prevent unintended exports from namespaces (#​17562)

• fix: each block breaking with effects interspersed among items (#​17550)

v5.48.4

Compare Source

Patch Changes

• fix: avoid duplicating escaped characters in CSS AST (#​17554)

v5.48.3

Compare Source

Patch Changes

• fix: hydration failing with settled async blocks (#​17539)

• fix: add pointer and touch events to a11y_no_static_element_interactions warning (#​17551)

• fix: handle false dynamic components in SSR (#​17542)

• fix: avoid unnecessary block effect re-runs after async work completes (#​17535)

• fix: avoid using dev-mode array.includes wrapper on internal array checks (#​17536)

v5.48.2

Compare Source

Patch Changes

• fix: export wait function from internal client index (#​17530)

v5.48.1

Compare Source

Patch Changes

• fix: hoist snippets above const in same block (#​17516)

• fix: properly hydrate await in {@​html} (#​17528)

• fix: batch resolution of async work (#​17511)

• fix: account for empty statements when visiting in transform async (#​17524)

• fix: avoid async overhead for already settled promises (#​17461)

• fix: better code generation for const tags with async dependencies (#​17518)

typescript-eslint/typescript-eslint (typescript-eslint)

v8.54.0

Compare Source

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

aleclarson/vite-tsconfig-paths (vite-tsconfig-paths)

v6.0.5

Compare Source

cloudflare/workers-sdk (wrangler)

v4.61.1

Compare Source

Patch Changes

• #​12189 eb8a415 Thanks @​NuroDev! - Fixed Durable Object missing migrations warning message.

  If a Workers project includes some durable_objects in it but no migrations we show a warning to the user to add migrations to their config. However, this warning recommended new_classes for their migrations, but we instead now recommend all users use new_sqlite_classes instead.

• #​11804 3b06b18 Thanks @​emily-shen! - fix: allow d1 execute, d1 export, and d1 migrations to work locally without database_id in config.

• #​12183 17961bb Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260124.0	1.20260127.0

• #​12196 52fdfe7 Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260127.0	1.20260128.0

• #​12199 6d8d9cd Thanks @​petebacondarwin! - Prevent wrangler logout from failing when the Wrangler configuration file is invalid

  Previously, if your wrangler.toml or wrangler.json file contained syntax errors or invalid values, the wrangler logout command would fail. Now, configuration parsing errors are caught and logged at debug level, allowing you to log out regardless of the state of your configuration file.

• #​12153 cb72c11 Thanks @​petebacondarwin! - Sanitize commands and arguments in telemetry to prevent accidentally capturing sensitive information.

  Changes:

  • Renamed telemetry fields from command/args to sanitizedCommand/sanitizedArgs to distinguish from historical fields that may have contained sensitive data in older versions
  • Command names now come from command definitions rather than user input, preventing accidental capture of sensitive data pasted as positional arguments
  • Sentry breadcrumbs now use the safe command name from definitions
  • Argument values are only included if explicitly allowed via COMMAND_ARG_ALLOW_LIST
  • Argument keys (names) are always included since they come from command definitions, not user input

• Updated dependencies [8a210af, 17961bb, 52fdfe7, 5f060c9]:

  • miniflare@​4.20260128.0
  • @​cloudflare/unenv-preset@​2.12.0

v4.61.0

Compare Source

Minor Changes

• #​12008 e414f05 Thanks @​penalosa! - Add support for customising the inspector IP address

  Adds a new --inspector-ip CLI flag and dev.inspector_ip configuration option to allow customising the IP address that the inspector server listens on. Previously, the inspector was hardcoded to listen only on 127.0.0.1.

  Example usage:

  # CLI flag
  wrangler dev --inspector-ip 0.0.0.0

  // wrangler.json
  {
  	"dev": {
  		"inspector_ip": "0.0.0.0",
  	},
  }

• #​12034 05714f8 Thanks @​emily-shen! - Add a no-op local explorer worker, which is gated by the experimental flag X_LOCAL_EXPLORER.

Patch Changes

• #​12134 a0a9ef6 Thanks @​NuroDev! - Fixed Fish shell tab completions.

  The wrangler tab completions are powered by @bomb.sh/tab which has been upgraded to version 0.0.12 which includes a fix for the Fish shell which was previously not working at all.

• #​12006 ad4666c Thanks @​penalosa! - Remove --use-remote option from wrangler hyperdrive create command

  Hyperdrive does not support remote bindings during local development - it requires a localConnectionString to connect to a local database. This change removes the confusing "remote resource" prompt that was shown when creating a Hyperdrive config.

  Fixes #​11674

• #​11853 014e7aa Thanks @​43081j! - Use built-in stripVTControlCharacters utility rather than the strip-ansi package.

• #​12040 77e82d2 Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260120.0	1.20260122.0

• #​12061 f08ef21 Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260122.0	1.20260123.0

• #​12088 0641e6c Thanks @​dependabot! - chore: update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260123.0	1.20260124.0

• #​12044 eacedba Thanks @​edmundhung! - Fix wrangler secret list to error when the Worker is not found

  Previously, running wrangler secret list against a non-existent Worker would silently return an empty array, making it difficult to diagnose issues like being logged into the wrong account. It now returns an error with suggestions for common causes.

• #​12150 e8b2ef5 Thanks @​dario-piotrowicz! - Emit autoconfig summary as a separate output entry

  Move the autoconfig summary from the deploy output entry to a dedicated autoconfig output entry type. This entry is now emitted by both wrangler deploy and wrangler setup commands when autoconfig runs, making it easier to track autoconfig results independently of deployments.

• Updated dependencies [014e7aa, e414f05, 77e82d2, f08ef21, 0641e6c, 05714f8, bbd8a5e]:

  • miniflare@​4.20260124.0

---

Configuration

📅 Schedule: Branch creation - "every weekday" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.