build(deps): bump the minor-and-patch group across 1 directory with 8 updates

[dependabot]

Bumps the minor-and-patch group with 8 updates in the / directory:

Package	From	To
@semantic-release/github	12.0.3	12.0.5
@semantic-release/npm	13.1.3	13.1.4
@types/node	25.2.0	25.2.3
esbuild	0.27.2	0.27.3
typescript-eslint	8.54.0	8.55.0
pino	10.3.0	10.3.1
viem	2.45.1	2.45.2
hono	4.11.7	4.11.9

Updates @semantic-release/github from 12.0.3 to 12.0.5

Release notes

Sourced from @​semantic-release/github's releases.

v12.0.5

12.0.5 (2026-02-07)

Bug Fixes

• latest: add make_latest property to the GH release POST request during publish (#1157) (38051ba)

v12.0.4

12.0.4 (2026-02-06)

Bug Fixes

• remove failTitle arg in findSRIssues call (#1164) (f7bdd88)

Commits

• 38051ba fix(latest): add make_latest property to the GH release POST request during...
• be62f5e chore(deps): update dependency cpy to v13 (#1161)
• f7bdd88 fix: remove failTitle arg in findSRIssues call (#1164)
• fce4835 chore(deps): update dependency tempy to v3.2.0 (#1162)
• e044f74 chore(deps): update dependency semantic-release to v25.0.3 (#1159)
• e9ace6f chore(deps): lock file maintenance (#1158)
• See full diff in compare view

Updates @semantic-release/npm from 13.1.3 to 13.1.4

Release notes

Sourced from @​semantic-release/npm's releases.

v13.1.4

13.1.4 (2026-02-06)

Bug Fixes

• deps: update dependency @​actions/core to v3 (#1085) (17abfe1)

Commits

• 17abfe1 fix(deps): update dependency @​actions/core to v3 (#1085)
• 97dbe2c chore(deps): update dependency semantic-release to v25.0.3 (#1087)
• 4aac7fe chore(deps): lock file maintenance (#1086)
• f4f2e9b chore(deps): update dependency lockfile-lint to v5 (#1084)
• 27c3e45 chore(deps): lock file maintenance (#1083)
• b3044ab chore(deps): update npm to v11.8.0 (#1082)
• ca88997 chore(deps): update dependency prettier to v3.8.1 (#1080)
• b622f79 chore(deps): update dependency publint to v0.3.17 (#1079)
• e667a35 build(deps): bump lodash from 4.17.21 to 4.17.23 (#1074)
• 9133448 chore(deps): update dependency lodash-es to v4.17.23 [security] (#1078)
• Additional commits viewable in compare view

Updates @types/node from 25.2.0 to 25.2.3

Commits

• See full diff in compare view

Updates esbuild from 0.27.2 to 0.27.3

Release notes

Sourced from esbuild's releases.

v0.27.3

• Preserve URL fragments in data URLs (#4370)

  Consider the following HTML, CSS, and SVG:

  • index.html:

    <!DOCTYPE html>
    <html>
      <head><link rel="stylesheet" href="icons.css"></head>
      <body><div class="triangle"></div></body>
    </html>

  • icons.css:

    .triangle {
      width: 10px;
      height: 10px;
      background: currentColor;
      clip-path: url(./triangle.svg#x);
    }

  • triangle.svg:

    <svg xmlns="http://www.w3.org/2000/svg">
      <defs>
        <clipPath id="x">
          <path d="M0 0H10V10Z"/>
        </clipPath>
      </defs>
    </svg>

  The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

  /* icons.css */
  .triangle {
    width: 10px;
    height: 10px;
    background: currentColor;
    clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.3

• Preserve URL fragments in data URLs (#4370)

  Consider the following HTML, CSS, and SVG:

  • index.html:

    <!DOCTYPE html>
    <html>
      <head><link rel="stylesheet" href="icons.css"></head>
      <body><div class="triangle"></div></body>
    </html>

  • icons.css:

    .triangle {
      width: 10px;
      height: 10px;
      background: currentColor;
      clip-path: url(./triangle.svg#x);
    }

  • triangle.svg:

    <svg xmlns="http://www.w3.org/2000/svg">
      <defs>
        <clipPath id="x">
          <path d="M0 0H10V10Z"/>
        </clipPath>
      </defs>
    </svg>

  The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

  /* icons.css */
  .triangle {
    width: 10px;
    height: 10px;
    background: currentColor;
    clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
  }

... (truncated)

Commits

• 9129e00 publish 0.27.3 to npm
• e20e411 small fix to release notes
• 0dc0f2d fix #4322: parse and print CSS @scope rules
• 55fe391 update firefox css gradient support
• 2c35297 update gradient lowering transform
• 9209e44 Update Go to 1.25.7 (#4388)
• e8d861b close #4374: compat table for the using feature
• 19b8887 no longer need williamkapke/node-compat-table
• 7e44218 the kangax/compat-table repo moved to a new url
• 23b9338 run make update-compat-table
• Additional commits viewable in compare view

Updates typescript-eslint from 8.54.0 to 8.55.0

Release notes

Sourced from typescript-eslint's releases.

v8.55.0

8.55.0 (2026-02-09)

🚀 Features

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#11992)

🩹 Fixes

• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#11990)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#11966, #12000)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#11984)
• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#11949)
• typescript-estree: forbid invalid modifier in object expression (#11931)

❤️ Thank You

• Christian Rose @​chrros95
• fisker Cheung @​fisker
• Josh Goldberg
• Maria Solano @​MariaSolOs
• Minyeong Kim @​minyeong981
• SungHyun627 @​SungHyun627
• Yukihiro Hasegawa @​y-hsgw

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.55.0 (2026-02-09)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• fedfe86 chore(release): publish 8.55.0
• b931f8c chore: use workspace refs for workspace deps (#12018)
• 1f17a79 chore: migrate to pnpm (#11248)
• See full diff in compare view

Updates pino from 10.3.0 to 10.3.1

Release notes

Sourced from pino's releases.

v10.3.1

What's Changed

• build(deps): bump actions/checkout from 6.0.1 to 6.0.2 by @​dependabot[bot] in pinojs/pino#2385
• build(deps-dev): bump eslint-plugin-n from 17.23.1 to 17.23.2 by @​dependabot[bot] in pinojs/pino#2386
• docs: clarify transport level filtering behavior by @​mcollina in pinojs/pino#2390
• fix(transport): sanitize invalid NODE_OPTIONS preloads for workers by @​mcollina in pinojs/pino#2391

Full Changelog: pinojs/pino@v10.3.0...v10.3.1

Commits

• 6b34498 Bumped v10.3.1
• f1203e6 fix(transport): sanitize invalid NODE_OPTIONS preloads for workers (#2391)
• 6a8e598 docs: clarify transport level filtering behavior (#2390)
• 49a4807 Merge branch 'main' of github.com:pinojs/pino
• 960bbbb build(deps-dev): bump eslint-plugin-n from 17.23.1 to 17.23.2 (#2386)
• e2a5b4a build(deps): bump actions/checkout from 6.0.1 to 6.0.2 (#2385)
• 04859e2 chore: update gitignore for ai assistant files
• See full diff in compare view

Updates viem from 2.45.1 to 2.45.2

Release notes

Sourced from viem's releases.

viem@2.45.2

Patch Changes

• #4300 cc60e25ca55c022a56ed9e991ec23cb615593da6 Thanks @​LXPDevs! - Added LuxePorts chain.

• #4306 e3901661ba0442d6ae66c4d702396e8ee247d03f Thanks @​izharan-fireblocks! - Added WalletConnectSessionSettlementError as a non-retryable transport error.

• #4301 662215f12310c3c2b17424093d3f4922693432f2 Thanks @​xGreen-project! - Added XGR Mainnet chain.

• #4315 56d0920fd654ab93e89fff77769b0c982b8928d5 Thanks @​jxom! - Fixed sendCallsSync to respect client-level action overrides (e.g. smart account clients).

• #4294 8c3fa2684820c80e8908cc799fd47815594e4871 Thanks @​Oighty! - Added Citrea Mainnet chain support.

• #4321 059274e18c19270e7f7e98f0b087e7986d5a6dd7 Thanks @​highonrice! - Updated the native currency of Stable Mainnet.

• #4319 746f5ae3b220313748bf7e0eb2d86f07848b6628 Thanks @​brotherlymite! - Added etherscan explorer for MegaETH.

• #4305 428ef7cd7b4d6e9860296df841ce2f4a8d494bc1 Thanks @​LxpSrDev! - Added LuxePorts chain.

Commits

• 4b7585c chore: version package (#4299)
• 8a9ea09 chore: up
• 1551de3 tests: up
• 80ec121 chore: lockfile
• 8303124 chore: audit
• 91022ca revert: "feat: add EIP712Domain type definition to user operation and transac...
• 4ddced7 revert: "Fix gasPrice leaking into EIP-1559 transactions" (#4325)
• aa11d34 chore: audit
• c361135 chore: fmt
• 428ef7c feat: add luxeports mainnet chain definition (#4305)
• Additional commits viewable in compare view

Updates hono from 4.11.7 to 4.11.9

Release notes

Sourced from hono's releases.

v4.11.9

What's Changed

• fix(url): ignore fragment identifiers in getPath() by @​sano-suguru in honojs/hono#4627
• fix: determine if rendered or not by node.vC[0] instead of referring to node.pP by @​usualoma in honojs/hono#4663

Full Changelog: honojs/hono@v4.11.8...v4.11.9

v4.11.8

What's Changed

• fix(jsx): preserve context when using await before html helper by @​kaigritun in honojs/hono#4662
• fix(bearer-auth): make auth-scheme case-insensitive by @​bytaesu in honojs/hono#4659

New Contributors

• @​kaigritun made their first contribution in honojs/hono#4662

Full Changelog: honojs/hono@v4.11.7...v4.11.8

Commits

• 69ad885 4.11.9
• 3d536ff fix: determine if rendered or not by node.vC[0] instead of referring to `no...
• 0c1d4c7 fix(url): ignore fragment identifiers in getPath() (#4627)
• 5ca5c3e 4.11.8
• 3aa2f9a fix(bearer-auth): make auth-scheme case-insensitive (#4659)
• cea7b7b fix(jsx): preserve context when using await before html helper (#4662)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions