Bump the npm_and_yarn group across 3 directories with 15 updates

[dependabot]

Bumps the npm_and_yarn group with 10 updates in the / directory:

Package	From	To
astro	4.14.2	4.16.18
mermaid	10.9.1	10.9.3
@pagefind/default-ui	1.1.0	1.3.0
cookie	0.5.0	0.7.2
youch	3.3.3	3.3.4
cross-spawn	7.0.3	7.0.6
katex	0.16.11	0.16.21
pagefind	1.1.0	1.3.0
path-to-regexp	6.2.2	6.3.0
undici	5.28.4	5.28.5

Bumps the npm_and_yarn group with 1 update in the /.github/actions/assign-issue directory: cross-spawn.
Bumps the npm_and_yarn group with 1 update in the /.github/actions/assign-pr directory: cross-spawn.

Updates astro from 4.14.2 to 4.16.18

Release notes

Sourced from astro's releases.

astro@4.16.18

Patch Changes

• #12757 d0aaac3 Thanks @​matthewp! - Remove all assets created from the server build

• #12757 d0aaac3 Thanks @​matthewp! - Clean server sourcemaps from static output

astro@4.16.17

Patch Changes

• #12632 e7d14c3 Thanks @​ematipico! - Fixes an issue where the checkOrigin feature wasn't correctly checking the content-type header

astro@4.16.16

Patch Changes

• #12542 65e50eb Thanks @​kadykov! - Fix JPEG image size determination

• #12525 cf0d8b0 Thanks @​ematipico! - Fixes an issue where with i18n enabled, Astro couldn't render the 404.astro component for non-existent routes.

Changelog

Sourced from astro's changelog.

4.16.18

Patch Changes

• #12757 d0aaac3 Thanks @​matthewp! - Remove all assets created from the server build

• #12757 d0aaac3 Thanks @​matthewp! - Clean server sourcemaps from static output

4.16.17

Patch Changes

• #12632 e7d14c3 Thanks @​ematipico! - Fixes an issue where the checkOrigin feature wasn't correctly checking the content-type header

4.16.16

Patch Changes

• #12542 65e50eb Thanks @​kadykov! - Fix JPEG image size determination

• #12525 cf0d8b0 Thanks @​ematipico! - Fixes an issue where with i18n enabled, Astro couldn't render the 404.astro component for non-existent routes.

4.16.15

Patch Changes

• #12498 b140a3f Thanks @​ematipico! - Fixes a regression where Astro was trying to access Request.headers

4.16.14

Patch Changes

• #12480 c3b7e7c Thanks @​matthewp! - Removes the default throw behavior in astro:env

• #12444 28dd3ce Thanks @​ematipico! - Fixes an issue where a server island hydration script might fail case the island ID misses from the DOM.

• #12476 80a9a52 Thanks @​florian-lefebvre! - Fixes a case where the Content Layer glob() loader would not update when renaming or deleting an entry

• #12418 25baa4e Thanks @​oliverlynch! - Fix cached image redownloading if it is the first asset

• #12477 46f6b38 Thanks @​ematipico! - Fixes an issue where the SSR build was emitting the dist/server/entry.mjs file with an incorrect import at the top of the file/

• #12365 a23985b Thanks @​apatel369! - Fixes an issue where Astro.currentLocale was not correctly returning the locale for 404 and 500 pages.

4.16.13

Patch Changes

• #12436 453ec6b Thanks @​martrapp! - Fixes a potential null access in the clientside router

... (truncated)

Commits

• 84190aa [ci] release (#12774)
• d0aaac3 Prevent server sourcemaps from being part of client output (#12757)
• ba4aac1 [ci] release (#12648)
• e7d14c3 fix: checkOrigin headers check (#12632)
• 6eac6ba [ci] release (#12536)
• 65e50eb Fix JPEG image size determination (#12542)
• 6fc29e3 fix(deps): update all non-major dependencies (#12410)
• cf0d8b0 fix(i18n): render 404.astro when i18n is enabled (#12525)
• 36d8d92 [ci] release (#12501)
• b140a3f fix(routing): don't access Request headers (#12498)
• Additional commits viewable in compare view

Updates mermaid from 10.9.1 to 10.9.3

Commits

• 85ec96a chore: bump mermaid version to v10.9.3
• 9301a57 style: prettify src/diagrams/block/blockDB.ts
• 2bedd0e chore(deps): update katex to 0.16.11
• 92a07ff chore(deps): update bundled DOMPurify to 3.1.6
• 4dd4997 chore: Bump version
• fc61512 [10] ci: upgrade to pnpm/action-setup@v4 to avoid CI failures
• 402abdf [10] fix: ban version v3.1.7 of DOMPurify
• 8d815f8 Lint fix
• See full diff in compare view

Updates @pagefind/default-ui from 1.1.0 to 1.3.0

Updates cookie from 0.5.0 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

• Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

• Allow leading dot for domain (#174)
  • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
• Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

• perf: parse cookies ~10% faster (#144 by @​kurtextrem and #170)
• fix: narrow the validation of cookies to match RFC6265 (#167 by @​bewinsnw)
• fix: add main to package.json for rspack (#166 by @​proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

• Add partitioned option

Commits

• d19eaa1 0.7.2
• bc38ffd Fix object assignment of hasOwnProperty (#177)
• cf4658f 0.7.1
• 6a8b8f5 Allow leading dot for domain (#174)
• 58015c0 Remove more code and perf wins (#172)
• ab057d6 0.7.0
• 5f02ca8 Migrate history to GitHub releases
• a5d591c Migrate history to GitHub releases
• 51968f9 Skip isNaN
• 9e7ca51 perf(parse): cache length, return early (#144)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates youch from 3.3.3 to 3.3.4

Commits

• See full diff in compare view

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates dset from 3.1.3 to 3.1.4

Commits

• 05b1ec0 3.1.4
• 16d6154 fix: prevent proto assignment via implicit string
• See full diff in compare view

Updates katex from 0.16.11 to 0.16.21

Release notes

Sourced from katex's releases.

v0.16.21

0.16.21 (2025-01-17)

Bug Fixes

• escape \htmlData attribute name (57914ad)
  • See security advisory GHSA-cg87-wmx4-v546

v0.16.20

0.16.20 (2025-01-12)

Bug Fixes

• \providecommand does not overwrite existing macro (#4000) (6d30fe4), closes #3928

v0.16.19

0.16.19 (2024-12-29)

Bug Fixes

• types: improve strict function type (#4009) (4228b4e)

v0.16.18

0.16.18 (2024-12-18)

Bug Fixes

• Actually publish TypeScript type definitions (#4008) (629b873)

v0.16.17

0.16.17 (2024-12-17)

Bug Fixes

• MathML combines multidigit numbers with sup/subscript, comma separators, and multicharacter text when outputting to DOM (#3999) (7d79e22), closes #3995

v0.16.16

0.16.16 (2024-12-17)

Features

• ESM exports, TypeScript types (#3992) (ea9c173)

... (truncated)

Changelog

Sourced from katex's changelog.

0.16.21 (2025-01-17)

Bug Fixes

• escape \htmlData attribute name (57914ad)

0.16.20 (2025-01-12)

Bug Fixes

• \providecommand does not overwrite existing macro (#4000) (6d30fe4), closes #3928

0.16.19 (2024-12-29)

Bug Fixes

• types: improve strict function type (#4009) (4228b4e)

0.16.18 (2024-12-18)

Bug Fixes

• Actually publish TypeScript type definitions (#4008) (629b873)

0.16.17 (2024-12-17)

Bug Fixes

• MathML combines multidigit numbers with sup/subscript, comma separators, and multicharacter text when outputting to DOM (#3999) (7d79e22), closes #3995

0.16.16 (2024-12-17)

Features

• ESM exports, TypeScript types (#3992) (ea9c173)

0.16.15 (2024-12-09)

Features

• italic sans-serif in math mode via \mathsfit command (#3998) (2218901)

0.16.14 (2024-12-08)

... (truncated)

Commits

• 923f2aa chore(release): 0.16.21 [ci skip]
• 57914ad fix: escape \htmlData attribute name
• ff28995 Merge commit from fork
• 28a0bf5 chore(release): 0.16.20 [ci skip]
• 6d30fe4 fix: \providecommand does not overwrite existing macro (#4000)
• 8f47dba chore(deps): update actions/upload-artifact to v4 (#4012)
• 88b5056 chore(release): 0.16.19 [ci skip]
• 4228b4e fix(types): improve strict function type (#4009)
• f934646 chore(release): 0.16.18 [ci skip]
• 629b873 fix: Actually publish TypeScript type definitions (#4008)
• Additional commits viewable in compare view

Updates micromatch from 4.0.7 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates pagefind from 1.1.0 to 1.3.0

Release notes

Sourced from pagefind's releases.

v1.3.0

Core Features & Improvements

• Added --quiet and --silent flags when running the Pagefind CLI, which reduce the logging output to only warnings or only errors respectively.
• Stablized the Pagefind Rust library.
  • Thanks to @​cdxker for leading this in #751 ❤️
  • This library interface has feature parity with the Node and Python indexing APIs, and is a great solution for integrating Pagefind indexing into any Rust-based tooling.

Default UI Features & Improvements

• Added a data-pagefind-ui-meta attribute to the metadata tags on search results in the Default UI, allowing them to be targeted with CSS.
  • For example, a tag on a result containing Date: April 19, 2024 will now have data-pagefind-ui-meta="date".

Fixes & Tweaks

• Fixed an issue where inline metadata would incorrectly render with html-escaped characters.
  • Specifically, tagging metadata inline with data-pagefind-meta="phrase:this < that would index the literal < rather than a < character.
  • This bug didn't occur when using data-pagefind-meta to capture the content of an element.
• Fixed an issue where matches in compound words could (sometimes) be ranked lower than intended.
  • Specifically, for example, matching just the Cannon in CloudCannon may have ranked the word incorrectly.
• Fixed an issue where fragment hashes would change between every Pagefind build.
  • Now, if an HTML page has not changed between two Pagefind indexes, the fragment filename will not change.
  • This saves you from having to re-upload all fragment files after every Pagefind build.

v1.2.0

Core Features & Improvements

• Added Python bindings for indexing sites with Pagefind. This has feature parity with the Node/npx binary wrapper for running Pagefind, as well as feature parity with the NodeJS Indexing API for Pagefind.
  • Enormous thanks to @​SKalt for implementing this in #672 ❤️
  • For documentation, see 📘 Installation > Running via Python, and 📘 Using the Python API.

UI Translations

• Fixed Catalan translations (PR #718 — thanks @​danurbanowicz !).
• *️⃣ Added Persian translations (PR #690 — thanks @​YektaDev !).
• *️⃣ Added Hebrew translations (PR #453 — thanks @​nirtamir2 !).
• *️⃣ Added Arabic translations (PR #533 — thanks @​jermanuts !).

*️⃣ : These languages are the first right-to-left languages in the translation set. Please open any issues if improvements can be made to the Pagefind UI libraries when rendered for these RTL languages.

v1.1.1

Fixes & Tweaks

• Fixes an issue where internal anchor and weight tokens would leak when captured in meta or filter attributes.
• Improves segmentation for extended languages (PR #600 — thanks @​hamano !).
• Improves Pagefind's processing of "index.html" URLs (PR #604 — thanks @​dscho !).
• Fixes some instances of incorrect types in the Pagefind NodeJS API (PRs #642 & #655 — thanks @​vanyauhalin & SKalt !).

UI Translations

• Added Swahili translations

Secutiry

• Fix potential DOM clobbering when initializing Pagefind (Advisory GHSA-gprj-6m2f-j9hx)

Changelog

Sourced from pagefind's changelog.

v1.3.0 (December 18, 2024)

Core Features & Improvements

• Added --quiet and --silent flags when running the Pagefind CLI, which reduce the logging output to only warnings or only errors respectively.
• Stablized the Pagefind Rust library.
  • Thanks to @​cdxker for leading this in #751 ❤️
  • This library interface has feature parity with the Node and Python indexing APIs, and is a great solution for integrating Pagefind indexing into any Rust-based tooling.

Default UI Features & Improvements

• Added a data-pagefind-ui-meta attribute to the metadata tags on search results in the Default UI, allowing them to be targeted with CSS.
  • For example, a tag on a result containing Date: April 19, 2024 will now have data-pagefind-ui-meta="date".

Fixes & Tweaks

• Fixed an issue where inline metadata would incorrectly render with html-escaped characters.
  • Specifically, tagging metadata inline with data-pagefind-meta="phrase:this < that would index the literal < rather than a < character.
  • This bug didn't occur when using data-pagefind-meta to capture the content of an element.
• Fixed an issue where matches in compound words could (sometimes) be ranked lower than intended.
  • Specifically, for example, matching just the Cannon in CloudCannon may have ranked the word incorrectly.
• Fixed an issue where fragment hashes would change between every Pagefind build.
  • Now, if an HTML page has not changed between two Pagefind indexes, the fragment filename will not change.
  • This saves you from having to re-upload all fragment files after every Pagefind build.

v1.2.0 (November 6, 2024)

Core Features & Improvements

• Added Python bindings for indexing sites with Pagefind. This has feature parity with the Node/npx binary wrapper for running Pagefind, as well as feature parity with the NodeJS Indexing API for Pagefind.
  • Enormous thanks to @​SKalt for implementing this in #672 ❤️
  • For documentation, see 📘 Installation > Running via Python, and 📘 Using the Python API.

UI Translations

• Fixed Catalan translations (PR #718 — thanks @​danurbanowicz !).
• *️⃣ Added Persian translations (PR #690 — thanks @​YektaDev !).
• *️⃣ Added Hebrew translations (PR #453 — thanks @​nirtamir2 !).
• *️⃣ Added Arabic translations (PR #533 — thanks @​jermanuts !).

*️⃣ : These languages are the first right-to-left languages in the translation set. Please open any issues if improvements can be made to the Pagefind UI libraries when rendered for these RTL languages.

v1.1.1 (September 3, 2024)

Fixes & Tweaks

• Fixes an issue where internal anchor and weight tokens would leak when captured in meta or filter attributes.
• Improves segmentation for extended languages (PR #600 — thanks @​hamano !).
• Improves Pagefind's processing of "index.html" URLs (PR #604 — thanks @​dscho !).
• Fixes some instances of incorrect types in the Pagefind NodeJS API (PRs #642 & #655 — thanks @​vanyauhalin & SKalt !).

UI Translations

• Added Swahili translations

Security

... (truncated)

Commits

• df0f721 Merge pull request #762 from CloudCannon/chore/changelog
• 597d9a5 Changelog
• a138dd1 Merge pull request #761 from CloudCannon/fix/stable-output
• da3c0f9 Only test fragment stabilization
• c933742 Stabilize filename hashes for fragments
• 36358de Merge pull request #760 from CloudCannon/feat/ui-meta-attribute
• c45609d Merge pull request #759 from CloudCannon/feat/quiet
• ae0d9a1 Added data-pagefind-ui-meta attribute to the default UI as CSS target
• 7899d3d Add --quiet and --silent configuration options when indexing
• 74c4ed8 Merge pull request #758 from CloudCannon/feat/fix-meta-encoding
• Additional commits viewable in compare view

Updates path-to-regexp from 6.2.2 to 6.3.0

Release notes

Sourced from path-to-regexp's releases.

Fix backtracking in 6.x

Fixed

• Add backtrack protection to 6.x (#324) f1253b4

pillarjs/path-to-regexp@v6.2.2...v6.3.0

Commits

• 75a92c3 6.3.0
• f1253b4 Add backtrack protection to 6.x (#324)
• See full diff in compare view

Updates rollup from 4.18.0 to 4.31.0

Release notes

Sourced from rollup's releases.

v4.31.0

4.31.0

2025-01-19

Features

• Do not immediately quit when trying to use watch mode from within non-TTY environments (#5803)

Bug Fixes

• Handle files with more than one UTF-8 BOM header (#5806)

Pull Requests

• #5792: fix(deps): update rust crate swc_compiler_base to v8 (@​renovate[bot])
• #5793: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5794: chore(deps): lock file maintenance (@​renovate[bot])
• #5801: chore(deps): update dependency eslint-config-prettier to v10 (@​renovate[bot])
• #5802: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5803: Support watch mode in yarn, gradle and containers (@​lukastaegert)
• #5806: fix: strip all BOMs (@​TrickyPi)

v4.30.1

4.30.1

2025-01-07

Bug Fixes

• Prevent invalid code when simplifying unary expressions in switch cases (#5786)

Pull Requests

• #5786: fix: consider that literals cannot following switch case. (@​TrickyPi)

v4.30.0

4.30.0

2025-01-06

Features

• Inline values of resolvable unary expressions for improved tree-shaking (#5775)

Pull Requests

• #5775: feat: enhance the treehshaking for unary expression (@​TrickyPi)
• #5783: Improve CI caching for node_modules (@​lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.31.0

2025-01-19

Features

• Do not immediately quit when trying to use watch mode from within non-TTY environments (#5803)

Bug Fixes

• Handle files with more than one UTF-8 BOM header (#5806)

Pull Requests

• #5792: fix(deps): update rust crate swc_compiler_base to v8 (@​renovate[bot])
• #5793: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5794: chore(deps): lock file maintenance (@​renovate[bot])
• #5801: chore(deps): update dependency eslint-config-prettier to v10 (@​renovate[bot])
• #5802: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #5803: Support watch mode in yarn, gradle and containers (@​lukastaegert)
• #5806: fix: strip all BOMs (@​TrickyPi)

4.30.1

2025-01-07

Bug Fixes

• Prevent invalid code when simplifying unary expressions in switch cases (#5786)

Pull Requests

• #5786: fix: consider that literals cannot following switch case. (@​TrickyPi)

4.30.0

2025-01-06

Features

• Inline values of resolvable unary expressions for improved tree-shaking (#5775)

Pull Requests

• #5775: feat: enhance the treehshaking for unary expression (@​TrickyPi)
• #5783: Improve CI caching for node_modules (@​lukastaegert)

4.29.2

2025-01-05

... (truncated)

Commits

• 15c264d 4.31.0
• b9eeec2 fix: strip all BOMs (#5806)
• 0e77fb7 Support watch mode in yarn, gradle and containers (#5803)
• 8e814a5 chore(deps): update dependency eslint-config-prettier to v10 (#5801)
• 1f09912 fix(deps): lock file maintenance minor/patch updates (#5802)
• 1f1e6c7 fix(deps): update rust crate swc_compiler_base to v8 (#5792)
• 7f4e904 chore(deps): lock file maintenance (#5794)
• ad9d904 fix(deps): lock file maintenance minor/patch updates (#5793)
• 9491708 4.30.1
• 39b6a17 fix: consider that literals cannot following switch case. (#5786)
• Additional commits viewable in compare view

Updates undici from 5.28.4 to 5.28.5

Release notes

Sourced from undici's releases.

v5.28.5

⚠️ Security Release ⚠️

Fixes CVE CVE-2025-22150 GHSA-c76h-2ccp-4975 (embargoed until 22-01-2025).

Full Changelog: nodejs/undici@v5.28.4...v5.28.5

Commits

• 6139ed2 Bumped v5.28.5
• 711e207 Backport of c2d78cd
• See full diff in compare view

Updates vite from 5.4.0 to 5.4.14

Release notes

Sourced from vite's releases.

v5.4.14

Please refer to CHANGELOG.md for details.

v5.4.13

Please refer to CHANGELOG.md for details.

v5.4.12

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

v5.4.11

Please refer to CHANGELOG.md for details.

v5.4.10

Please refer to CHANGELOG.md for details.

v5.4.9

Please refer to CHANGELOG.md for details.

v5.4.8

Please refer to CHANGELOG.md for details.

v5.4.7

Please refer to CHANGELOG.md for details.

v5.4.6

Please refer to CHANGELOG.md for details.

v5.4.5

Please refer to CHANGELOG.md for details.

v5.4.4

Please refer to CHANGELOG.md for details.

v5.4.3

Please refer to CHANGELOG.md for details.

plugin-legacy@5.4.3

Please refer to CHANGELOG.md for details.

plugin-legacy@5.4.2

Please refer to CHANGELOG.md for details.

v5.4.2

Please refer to CHANGELOG.md for details.

plugin-legacy@5.4.1

Please refer to CHANGELOG.md for details.

... (truncated)

Changelog

Sourced from vite's changelog.

5.4.14 (2025-01-21)

• fix: preview.allowedHosts with specific values was not respected (#19246) (9df6e6b), closes #19246
• fix: allow CORS from loopback addresses by default (#19249) (7d1699c), closes #19249

5.4.13 (2025-01-20)

• fix: try parse server.origin URL (#19241) (5946215), closes #19241

5.4.12 (2025-01-20)

• fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)
• fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)
• fix: verify token for HMR WebSocket connection (b71a5c8)
• chore: add deps update changelog (ecd2375)

5.4.11 (2024-11-11)

• fix(deps): update dependencies of postcss-modules (ceb15db), closes #18617

5.4.10 (2024-10-23)

• fix: backport #18367,augment hash for CSS files to prevent chromium erroring by loading previous fil (7d1a3bc), closes #18367 #18412

5.4.9 (2024-10-14)

• fix: bump launch-editor-middleware to v2.9.1 (#18348) (508d9ab), closes #18348
• fix(css): fix lightningcss dep url resolution with custom root (#18125) (eae00b5), closes #18125
• fix(data-uri): only match ids starting with data: (#18241) (96084d6), closes #18241
• fix(deps): bump tsconfck (#18322) (dc5434c), closes #18322
• fix(hmr): don't try to rewrite impo...

  Description has been truncated