chore(deps): bump the production-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates in the / directory: @dotenvx/dotenvx, express-rate-limit, pacote and typescript-eslint.

Updates @dotenvx/dotenvx from 1.52.0 to 1.55.1

Release notes

Sourced from @​dotenvx/dotenvx's releases.

v1.55.1

see CHANGELOG

v1.55.0

see CHANGELOG

v1.54.1

see CHANGELOG

v1.54.0

see CHANGELOG

v1.53.0

see CHANGELOG

Changelog

Sourced from @​dotenvx/dotenvx's changelog.

1.55.1 (2026-03-13)

Added

• Respect dotenvx-ops status (on|off) (#749)

1.55.0 (2026-03-13)

Added

• Add 'KEYS OFF COMPUTER' security feature when dotenvx-ops installed (#746)

Removed

• Remove ProKeypair logic

1.54.1 (2026-03-06)

Changed

• Fix npm publish

1.54.0 (2026-03-06)

Removed

• Remove ops observe (radar feature). If needed download dotenvx-ops and reach out to me directly at mot@dotenvx.com. (#745)

1.53.0 (2026-03-05)

Removed

• Remove radar. It has been a year since replaced by ops. (#743)

Commits

• 2679fa4 1.55.1
• 9dac684 changelog 🪵
• d181654 Merge pull request #749 from dotenvx/fix-when-ops-off
• c812ca5 respect ops being off
• 0246872 1.55.0
• fba36ad changelog 🪵
• f9e30dc keys off computer
• f0658b9 change to shield
• f844177 Merge pull request #746 from dotenvx/ops-hook
• 0a3bb4a README
• Additional commits viewable in compare view

Updates express-rate-limit from 8.2.1 to 8.3.1

Release notes

Sourced from express-rate-limit's releases.

v8.3.1

You can view the changelog here.

v8.3.0

You can view the changelog here.

Commits

• 47e5b29 8.3.1
• eb61179 v8.3.1 changelog
• a17377d Fix broken link for contributing guide
• 5aa3f6c fix: revert the dts-bundle-generator update
• 06dea83 ci: run test on node 20, 22, 24, 25 and drop 18 as it reached eol
• c86a27d chore: update dependencies
• 8898ffa chore: migrate biome schema and run formatter
• dd544fd docs: update changelog with backported releases
• 9c90752 ci: setup oidc connect with npm for automatatic publish
• e4477fa 8.3.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for express-rate-limit since your current version.

Updates pacote from 21.4.0 to 21.5.0

Release notes

Sourced from pacote's releases.

v21.5.0

21.5.0 (2026-03-09)

Features

• d912f17 #457 expose fetched attestation bundles on manifest (#457) (@​mitchdenny)

Chores

• 586a55d #471 template-oss-apply for new macos images (#471) (@​wraithgar)
• d1cc5c8 #460 template-oss-apply for release branches (#460) (@​wraithgar)
• b741e8b #468 bump @​npmcli/template-oss from 4.28.0 to 4.29.0 (#468) (@​dependabot[bot], @​npm-cli-bot)

Changelog

Sourced from pacote's changelog.

21.5.0 (2026-03-09)

Features

• d912f17 #457 expose fetched attestation bundles on manifest (#457) (@​mitchdenny)

Chores

• 586a55d #471 template-oss-apply for new macos images (#471) (@​wraithgar)
• d1cc5c8 #460 template-oss-apply for release branches (#460) (@​wraithgar)
• b741e8b #468 bump @​npmcli/template-oss from 4.28.0 to 4.29.0 (#468) (@​dependabot[bot], @​npm-cli-bot)

Commits

• 6c2555a chore: release 21.5.0 (#470)
• 586a55d chore: template-oss-apply for new macos images (#471)
• d912f17 feat: expose fetched attestation bundles on manifest (#457)
• b741e8b chore: bump @​npmcli/template-oss from 4.28.0 to 4.29.0 (#468)
• d1cc5c8 chore: template-oss-apply for release branches (#460)
• See full diff in compare view

Updates typescript-eslint from 8.56.1 to 8.57.0

Release notes

Sourced from typescript-eslint's releases.

v8.57.0

8.57.0 (2026-03-09)

🚀 Features

• eslint-plugin: [no-unnecessary-condition] allow literal loop conditions in for/do loops (#12080)

🩹 Fixes

• eslint-plugin: [strict-void-return] false positives with overloads (#12055)
• eslint-plugin: handle statically analyzable computed keys in prefer-readonly (#12079)
• eslint-plugin: guard against negative paramIndex in no-useless-default-assignment (#12077)
• eslint-plugin: [prefer-promise-reject-errors] add allow TypeOrValueSpecifier to prefer-promise-reject-errors (#12094)
• eslint-plugin: [no-base-to-string] fix false positive for toString with overloads (#12089)
• typescript-estree: switch back to use ts.getModifiers() (#12034)
• typescript-estree: if the template literal is tagged and the text has an invalid escape, cooked will be null (#11355)

❤️ Thank You

• Brad Zacher @​bradzacher
• Brian Schlenker @​bschlenk
• Evyatar Daud @​StyleShit
• fisker Cheung @​fisker
• James Henry @​JamesHenry
• Josh Goldberg
• Kirk Waiblinger @​kirkwaiblinger
• Moses Odutusin @​thebolarin
• Newton Yuan @​NewtonYuan
• SungHyun627 @​SungHyun627
• Younsang Na @​nayounsang

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.57.0 (2026-03-09)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 2c6aeee chore(release): publish 8.57.0
• f696dad chore: use pnpm catalog (#12047)
• a09921e chore: update vitest to 4.x (#12071)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

⚠️ Changeset Validation Failed

The following packages have been modified but are not included in any changeset:

• @grasdouble/cdn_autobuild-server
• @grasdouble/lufa_config_eslint
• @grasdouble/lufa_design-system-storybook
• @grasdouble/lufa_microfrontend_home
• @grasdouble/lufa_microfrontend_main-container

What you need to do:

1. Run pnpm changeset to create a new changeset
2. Select the modified packages that need version bumps
3. Choose the appropriate version bump (major, minor, or patch)
4. Write a clear description of the changes
5. Commit the generated changeset file

All modified packages:

• ❌ @grasdouble/cdn_autobuild-server
• ❌ @grasdouble/lufa_config_eslint
• ❌ @grasdouble/lufa_design-system-storybook
• ❌ @grasdouble/lufa_microfrontend_home
• ❌ @grasdouble/lufa_microfrontend_main-container

Why is this important?

Changesets ensure that:

• All package changes are properly versioned
• Changelogs are automatically generated
• Dependent packages are updated correctly
• Release notes are comprehensive

Need help?

• Changesets documentation

[github-actions]

🧩 Design System Packages — CI Report

✅ All checks passed!

All design system package checks completed successfully. 🎉

📋 Check Summary

Package	Check	Status
🪙 Tokens	validate:tokens	✅ Passed
🪙 Tokens	prettier:check	✅ Passed
🎨 Themes	lint	✅ Passed
🎨 Themes	typecheck	✅ Passed
🎨 Themes	validate:token-usage	✅ Passed
🎨 Themes	validate:theme:all	✅ Passed
🎨 Themes	prettier:check	✅ Passed
🧩 Main	lint	✅ Passed
🧩 Main	typecheck	✅ Passed
🧩 Main	validate:token-usage	✅ Passed
🧩 Main	validate:components:strict	✅ Passed
🧩 Main	prettier:check	✅ Passed
📖 Storybook	lint	✅ Passed
📖 Storybook	typecheck	✅ Passed
📖 Storybook	validate:token-usage	✅ Passed
📖 Storybook	prettier:check	✅ Passed
🔧 CLI	lint	✅ Passed
🔧 CLI	typecheck	✅ Passed
🔧 CLI	validate:token-usage	✅ Passed
🔧 CLI	prettier:check	✅ Passed
📚 Docusaurus	lint	✅ Passed
📚 Docusaurus	typecheck	✅ Passed
📚 Docusaurus	validate:token-usage	✅ Passed
📚 Docusaurus	prettier:check	✅ Passed
🎭 Playwright	lint	✅ Passed
🎭 Playwright	typecheck	✅ Passed
🎭 Playwright	validate:token-usage	✅ Passed
🎭 Playwright	prettier:check	✅ Passed

---

📊 View full run details

[github-actions]

🎭 Playwright Component Test Results

✅ All Tests Passed!

No visual regressions detected. All components render as expected! 🎉

Metric	Count
Total Tests	721
Passed	721 ✅
Failed	0
Visual Diffs	0
Execution Time	106.22s / 120s ✅

📋 Components Tested

All design system components were tested in:

• ☀️ Light mode
• 🌙 Dark mode
• 💻 Desktop viewport (1280x720)

Tested Components:

• Box, Stack, Text, Icon
• Button, Badge, Divider
• Center, Container, Flex, Grid
• Portal, VisuallyHidden, Label
• Input, Card (compositions)

---

📊 View full test report