chore(deps): bump the production-dependencies group with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates: @supabase/supabase-js, glob, rotating-file-stream and sanitize-html.

Updates @supabase/supabase-js from 2.95.3 to 2.97.0

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.97.0

2.97.0 (2026-02-18)

🚀 Features

• auth: add skipAutoInitialize option to prevent constructor auto-init (#2123)

❤️ Thank You

• Katerina Skroumpelou @​mandarini

v2.96.1-canary.0

2.96.1-canary.0 (2026-02-18)

🚀 Features

• auth: add skipAutoInitialize option to prevent constructor auto-init (#2123)

❤️ Thank You

• Katerina Skroumpelou @​mandarini

v2.96.0

2.96.0 (2026-02-17)

🚀 Features

• storage: add setHeader method to BaseApiClient (#2079)

🩹 Fixes

• auth: resolve Firefox content script Promise.then() security errors in locks (#2112)
• postgrest: enforce type safety for table and view names in from() method (#2058)
• realtime: remove unnecessary check in removeChannel (#2109)

❤️ Thank You

• David Barrell @​dabarrell
• Dominik Pilipczuk @​snickerdoodle2
• Katerina Skroumpelou @​mandarini
• Vaibhav @​7ttp

v2.95.4-canary.2

2.95.4-canary.2 (2026-02-12)

🩹 Fixes

• auth: resolve Firefox content script Promise.then() security errors in locks (#2112)

❤️ Thank You

... (truncated)

Changelog

Sourced from @​supabase/supabase-js's changelog.

2.97.0 (2026-02-18)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

2.96.0 (2026-02-17)

This was a version bump only for @​supabase/supabase-js to align it with other projects, there were no code changes.

Commits

• 32c319b docs(supabase): document UNUSED_EXTERNAL_IMPORT build warning as false positi...
• fb84c6e chore(release): version 2.96.0 changelogs (#2121)
• 27779b2 chore(release): version 2.95.3 changelogs (#2102)
• See full diff in compare view

Updates glob from 13.0.3 to 13.0.6

Commits

• e80cb38 13.0.6
• 9cdbbff revert tsgo, not ready for test coverage correctness yet
• 89c99ba use tsgo compiler
• b7275d5 update deps, expand engines to include node 18
• 942e360 update workflows, pull taprc out of package.json
• 4a0d53c update tap for mockImport bugfix
• ef94ad2 update tap
• 180c2d4 update docs
• 37993c8 remove stray console.error in test
• 03ae4c2 13.0.5
• Additional commits viewable in compare view

Updates rotating-file-stream from 3.2.8 to 3.2.9

Changelog

Sourced from rotating-file-stream's changelog.

• 2026-02-21 - v3.2.9
  • Updated the README to reflect current API. - ref: #116
  • Changed options types to allow strings from ENV or files while continuing checking literal values. - ref: #122
• 2026-02-01 - v3.2.8
  • Fixed a bug causing gzip files to not being properly closed (thanks to rritik772)
• 2025-08-25 - v3.2.7
  • Improved type safety (thanks to kricsleo)
• 2025-02-10 - v3.2.6
  • Fixed a bug when using explicit false value for compress option (thanks to eranbetzalel)
• 2024-09-16 - v3.2.5
  • Use mtime rather than ctime to sort files history.
• 2024-09-13 - v3.2.4
  • Fixed a bug with electron (thanks to mrawji)
• 2024-06-10 - v3.2.3
  • Fixed ESM dist.
• 2024-06-08 - v3.2.2
  • Fixed ESM dist.
• 2023-12-28 - v3.2.1
  • Restored support for Node.js v14.
  • Badges (but dependents) from shields.io.
• 2023-12-27 - v3.2.0
  • Added intervalUTC as requested.
• 2023-07-22 - v3.1.1
  • Fixed a bug which causes occasional crashes on rotation by timer (thanks to diwic)
• 2023-02-09 - v3.1.0
  • ENOENT errors while unlinking files now emits "warning" events rather than "error".
• 2022-05-25 - v3.0.4
  • Fixed required Node.js version in README.md
• 2022-02-22 - v3.0.3
  • Experimental ESM dist
• 2021-11-20 - v3.0.2
  • Required Node.js v14
• 2021-11-06 - v3.0.1
  • external event emitted even if in error
  • exported class RotatingFileStreamError
  • Minor README.md fixes
• 2021-11-04 - v3.0.0
  • Released v3 - please check the README.md
• 2021-09-26 - v2.1.6
  • Made the package compliant with Node.js v14 and v16
  • Removed duplicated description for initialRotation option (thanks to ttoomm318)
• 2021-02-19 - v2.1.5
  • Changed _writev to make it compliant with Node.js v14; this should solve #67
• 2021-02-02 - v2.1.4
  • Fixed a bug which requires a write operation to emit errors on open (thanks to Raynos)
• 2020-07-07 - v2.1.3
  • Fixed a bug causing EEXIST opening two files in same not existing directory in a rapid sequence (thanks to jameslahm)
• 2020-07-04 - v2.1.2
  • Applied a change to use on mounts with the noexec option (thanks to jvassev)
• 2020-05-13 - v2.1.1

... (truncated)

Commits

• 86715c7 3.2.9
• See full diff in compare view

Updates sanitize-html from 2.17.0 to 2.17.1

Changelog

Sourced from sanitize-html's changelog.

2.17.1 (2026-02-18)

Fixes

• Fix unclosed tags (e.g., <hello) returning empty string in escape and recursiveEscape modes. Fixes #706. Thanks to Byeong Hyeon for the fix.

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.