chore(deps-dev): bump the minor-and-patch group across 1 directory with 12 updates

[dependabot]

Bumps the minor-and-patch group with 12 updates in the / directory:

Package	From	To
@typescript-eslint/eslint-plugin	8.48.0	8.48.1
@typescript-eslint/parser	8.48.0	8.48.1
esbuild	0.27.0	0.27.1
msw	2.12.3	2.12.4
prettier	3.7.3	3.7.4
openai	6.9.1	6.10.0
ts-jest	29.4.5	29.4.6
@google-cloud/storage	7.17.3	7.18.0
@nmshd/connector-sdk	7.1.0	7.2.1
@ory/client	1.22.12	1.22.15
@sentry/node	10.27.0	10.29.0
jsonwebtoken	9.0.2	9.0.3

Updates @typescript-eslint/eslint-plugin from 8.48.0 to 8.48.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.48.1

8.48.1 (2025-12-02)

⏪ Reverts

• eslint-plugin: revert "[no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)" (#11812)

🩹 Fixes

• eslint-plugin: [consistent-type-exports] check value flag before resolving alias (#11769)
• eslint-plugin: honor ignored base types on generic classes (#11767)
• eslint-plugin: [restrict-template-expressions] check base types in allow list (#11764, #11759)

❤️ Thank You

• Josh Goldberg
• OleksandraKordonets
• SangheeSon @​Higangssh
• tao

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.48.1 (2025-12-02)

🩹 Fixes

• eslint-plugin: [restrict-template-expressions] check base types in allow list (#11764, #11759)
• eslint-plugin: honor ignored base types on generic classes (#11767)
• eslint-plugin: [consistent-type-exports] check value flag before resolving alias (#11769)

❤️ Thank You

• Josh Goldberg
• OleksandraKordonets
• SangheeSon @​Higangssh
• tao

You can read about our versioning strategy and releases on our website.

Commits

• 8fe3445 chore(release): publish 8.48.1
• 5ac66a6 fix(eslint-plugin): revert "[no-redundant-type-constituents] use assignabilit...
• 906cc3c fix(eslint-plugin): [restrict-template-expressions] check base types in allow...
• 16cf0f7 test(eslint-plugin): [consistent-type-exports] add more shadowed imports test...
• 0db02ac fix(eslint-plugin): honor ignored base types on generic classes (#11767)
• bb9ba53 fix(eslint-plugin): [consistent-type-exports] check value flag before resolvi...
• See full diff in compare view

Updates @typescript-eslint/parser from 8.48.0 to 8.48.1

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.48.1

8.48.1 (2025-12-02)

⏪ Reverts

• eslint-plugin: revert "[no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)" (#11812)

🩹 Fixes

• eslint-plugin: [consistent-type-exports] check value flag before resolving alias (#11769)
• eslint-plugin: honor ignored base types on generic classes (#11767)
• eslint-plugin: [restrict-template-expressions] check base types in allow list (#11764, #11759)

❤️ Thank You

• Josh Goldberg
• OleksandraKordonets
• SangheeSon @​Higangssh
• tao

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.48.1 (2025-12-02)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• 8fe3445 chore(release): publish 8.48.1
• See full diff in compare view

Updates esbuild from 0.27.0 to 0.27.1

Release notes

Sourced from esbuild's releases.

v0.27.1

• Fix bundler bug with var nested inside if (#4348)

  This release fixes a bug with the bundler that happens when importing an ES module using require (which causes it to be wrapped) and there's a top-level var inside an if statement without being wrapped in a { ... } block (and a few other conditions). The bundling transform needed to hoist these var declarations outside of the lazy ES module wrapper for correctness. See the issue for details.

• Fix minifier bug with for inside try inside label (#4351)

  This fixes an old regression from version v0.21.4. Some code was introduced to move the label inside the try statement to address a problem with transforming labeled for await loops to avoid the await (the transformation involves converting the for await loop into a for loop and wrapping it in a try statement). However, it introduces problems for cross-compiled JVM code that uses all three of these features heavily. This release restricts this transform to only apply to for loops that esbuild itself generates internally as part of the for await transform. Here is an example of some affected code:

  // Original code
  d: {
    e: {
      try {
        while (1) { break d }
      } catch { break e; }
    }
  }
  // Old output (with --minify)
  a:try{e:for(;;)break a}catch{break e}
  // New output (with --minify)
  a:e:try{for(;;)break a}catch{break e}

• Inline IIFEs containing a single expression (#4354)

  Previously inlining of IIFEs (immediately-invoked function expressions) only worked if the body contained a single return statement. Now it should also work if the body contains a single expression statement instead:

  // Original code
  const foo = () => {
    const cb = () => {
      console.log(x())
    }
    return cb()
  }
  // Old output (with --minify)
  const foo=()=>(()=>{console.log(x())})();
  // New output (with --minify)
  const foo=()=>{console.log(x())};

• The minifier now strips empty finally clauses (#4353)

  This improvement means that finally clauses containing dead code can potentially cause the associated try statement to be removed from the output entirely in minified builds:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.1

• Fix bundler bug with var nested inside if (#4348)

  This release fixes a bug with the bundler that happens when importing an ES module using require (which causes it to be wrapped) and there's a top-level var inside an if statement without being wrapped in a { ... } block (and a few other conditions). The bundling transform needed to hoist these var declarations outside of the lazy ES module wrapper for correctness. See the issue for details.

• Fix minifier bug with for inside try inside label (#4351)

  This fixes an old regression from version v0.21.4. Some code was introduced to move the label inside the try statement to address a problem with transforming labeled for await loops to avoid the await (the transformation involves converting the for await loop into a for loop and wrapping it in a try statement). However, it introduces problems for cross-compiled JVM code that uses all three of these features heavily. This release restricts this transform to only apply to for loops that esbuild itself generates internally as part of the for await transform. Here is an example of some affected code:

  // Original code
  d: {
    e: {
      try {
        while (1) { break d }
      } catch { break e; }
    }
  }
  // Old output (with --minify)
  a:try{e:for(;;)break a}catch{break e}
  // New output (with --minify)
  a:e:try{for(;;)break a}catch{break e}

• Inline IIFEs containing a single expression (#4354)

  Previously inlining of IIFEs (immediately-invoked function expressions) only worked if the body contained a single return statement. Now it should also work if the body contains a single expression statement instead:

  // Original code
  const foo = () => {
    const cb = () => {
      console.log(x())
    }
    return cb()
  }
  // Old output (with --minify)
  const foo=()=>(()=>{console.log(x())})();
  // New output (with --minify)
  const foo=()=>{console.log(x())};

• The minifier now strips empty finally clauses (#4353)

  This improvement means that finally clauses containing dead code can potentially cause the associated try statement to be removed from the output entirely in minified builds:

... (truncated)

Commits

• 5e0e56d publish 0.27.1 to npm
• 5a89732 fix #4354: improve IIFE inlining for expressions
• b940218 minify: move unused expr simplification later
• c46d498 fix #4353: remove empty try/finally clauses
• 7a72735 fix #4348: bundler bug with var inside if
• 4e4e177 fix #4351: label + try + for minifier bug
• d6427c9 fix: deno release url wrong comment (#4326)
• 48e3e19 calling Symbol.for with a primitive never throws
• 4ff88d0 update decorator-tests.js snapshot
• 1877e60 calling Symbol with a primitive will never throw
• See full diff in compare view

Updates msw from 2.12.3 to 2.12.4

Release notes

Sourced from msw's releases.

v2.12.4 (2025-12-03)

Bug Fixes

• handle incomplete localStorage in Node.js v25 (#2636) (3da2c762abb923eda60ad220f0534354d1683678) @​rvagg

Commits

• 1a63f17 chore(release): v2.12.4
• 3da2c76 fix: handle incomplete localStorage in Node.js v25 (#2636)
• See full diff in compare view

Updates prettier from 3.7.3 to 3.7.4

Release notes

Sourced from prettier's releases.

3.7.4

What's Changed

• Fix comment in union type gets duplicated by @​fisker in prettier/prettier#18393
• Fix unstable comment print in union type by @​fisker in prettier/prettier#18395
• Avoid quote around LWC interpolations by @​kovsu in prettier/prettier#18383

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.7.4

diff

LWC: Avoid quote around interpolations (#18383 by @​kovsu)

<!-- Input -->
<div foo={bar}>   </div>
<!-- Prettier 3.7.3 (--embedded-language-formatting off) -->
<div foo="{bar}"></div>
<!-- Prettier 3.7.4 (--embedded-language-formatting off) -->
<div foo={bar}></div>

TypeScript: Fix comment inside union type gets duplicated (#18393 by @​fisker)

// Input
type Foo = (/** comment */ a | b) | c;
// Prettier 3.7.3
type Foo = /** comment / (/* comment */ a | b) | c;
// Prettier 3.7.4
type Foo = /** comment */ (a | b) | c;

TypeScript: Fix unstable comment print in union type comments (#18395 by @​fisker)

// Input
type X = (A | B) & (
  // comment
  A | B
);
// Prettier 3.7.3 (first format)
type X = (A | B) &
(// comment
A | B);
// Prettier 3.7.3 (second format)
type X = (
| A
</tr></table>

... (truncated)

Commits

• 7848357 Release 3.7.4
• 7686c59 Release @​prettier/plugin-hermes & @​prettier/plugin-oxc v0.1.3
• fe49434 Remove dead code checking union/intersection types length (#18396)
• ca02b37 Fix unstable comment print (#18395)
• 7efb988 Fix comment in union type get duplicated (#18393)
• cfa92c1 Update dependency @​angular/compiler to v21.0.2 (#18392)
• 1de2737 Update dependency yaml to v2.8.2 (#18391)
• 706aa4e Switch js parse postprocess to onEnter (#18382)
• d3eb2b2 Reuse arrays in visitor keys (#18386)
• c45fef1 Fix LWC attribute with --embedded-language-formatting off (#18383)
• Additional commits viewable in compare view

Updates openai from 6.9.1 to 6.10.0

Release notes

Sourced from openai's releases.

v6.10.0

6.10.0 (2025-12-04)

Full Changelog: v6.9.1...v6.10.0

Features

• api: gpt-5.1-codex-max and responses/compact (935f79e)

Chores

• client: fix logger property type (fdc671f)
• internal: upgrade eslint (9de0f90)

Changelog

Sourced from openai's changelog.

6.10.0 (2025-12-04)

Full Changelog: v6.9.1...v6.10.0

Features

• api: gpt-5.1-codex-max and responses/compact (935f79e)

Chores

• client: fix logger property type (fdc671f)
• internal: upgrade eslint (9de0f90)

Commits

• 0732dd6 release: 6.10.0
• 025ca83 feat(api): gpt-5.1-codex-max and responses/compact
• 80b87bb chore(internal): upgrade eslint
• fb42526 chore(client): fix logger property type
• See full diff in compare view

Updates ts-jest from 29.4.5 to 29.4.6

Release notes

Sourced from ts-jest's releases.

v29.4.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.6 (2025-12-01)

Bug Fixes

• log hybrid module as warning instead of failing tests (#5144) (528d37c), closes #5130

Commits

• 202bde5 chore(release): 29.4.6 (#5146)
• 528d37c fix: log hybrid module as warning instead of failing tests (#5144)
• 141e5af build(deps): update github/codeql-action digest to 497990d
• d281cce build(deps): update google/osv-scanner-action action to v2.3.0
• 0d20322 build(deps): update dependency memfs to ^4.51.0
• 455dde2 build(deps): update dependency js-yaml to ^4.1.1
• d579480 build(deps): update dependency @​types/node to v20.19.25
• f6859d0 build(deps): update dependency @​types/yargs to ^17.0.35
• 4d7e432 build(deps): update github/codeql-action digest to d3ced5c
• 4ea70c9 build(deps): update actions/checkout digest to 34e1148
• Additional commits viewable in compare view

Updates @google-cloud/storage from 7.17.3 to 7.18.0

Release notes

Sourced from @​google-cloud/storage's releases.

v7.18.0

7.18.0 (2025-11-28)

Features

• listBuckets: Add support for returning partial success (#2678) (c7004da)

Changelog

Sourced from @​google-cloud/storage's changelog.

7.18.0 (2025-11-28)

Features

• listBuckets: Add support for returning partial success (#2678) (c7004da)

Commits

• 3e5210f chore(main): release 7.18.0 (#2684)
• c7004da feat(listBuckets): Add support for returning partial success (#2678)
• 633a13a chore(python): remove configure_previous_major_version_branches (#2675)
• bae7040 samples: Add Soft Delete policy and object management samples (#2676)
• See full diff in compare view

Updates @nmshd/connector-sdk from 7.1.0 to 7.2.1

Release notes

Sourced from @​nmshd/connector-sdk's releases.

7.2.1

What's Changed

Bug Fixes

• The GetMessagesRequest is missing content.bodyFormat by @​britsta in nmshd/connector#774

Full Changelog: nmshd/connector@7.2.0...7.2.1

7.2.0

What's Changed

New Features

• Introduce bodyFormat for Mails by @​jkoenig134 in nmshd/connector#772

Full Changelog: nmshd/connector@7.1.0...7.2.0

Commits

• ff21d74 Sort package jsons (#777)
• 1da6559 The GetMessagesRequest is missing content.bodyFormat (#774)
• 81634a9 Introduce bodyFormat for Mails (#772)
• See full diff in compare view

Updates @ory/client from 1.22.12 to 1.22.15

Commits

• See full diff in compare view

Updates @sentry/node from 10.27.0 to 10.29.0

Release notes

Sourced from @​sentry/node's releases.

10.29.0

Important Changes

• feat(solid|solidstart): Bump accepted @​solidjs/router range (#18395)

We expanded the supported version range for @solidjs/router to include 0.14.x and 0.15.x versions.

Other Changes

• fix(logs): Add support for msg in pino integration (#18389)
• fix(node): Include system message in anthropic-ai messages span (#18332)
• fix(tracing): Add missing attributes in vercel-ai spans (#18333)

• chore(tanstackstart-react): clean up re-exported types (#18393)
• ref(core): Avoid looking up openai integration options (#17695)
• test(nuxt): Relax captured unhandled error assertion (#18397)
• test(tanstackstart-react): Set up E2E test application (#18358)

Bundle size 📦

Path	Size
@​sentry/browser	24.22 KB
@​sentry/browser - with treeshaking flags	22.76 KB
@​sentry/browser (incl. Tracing)	40.57 KB
@​sentry/browser (incl. Tracing, Profiling)	45.05 KB
@​sentry/browser (incl. Tracing, Replay)	78.08 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	68.05 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	82.65 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	94.61 KB
@​sentry/browser (incl. Feedback)	40.51 KB
@​sentry/browser (incl. sendFeedback)	28.8 KB
@​sentry/browser (incl. FeedbackAsync)	33.66 KB
@​sentry/react	25.9 KB
@​sentry/react (incl. Tracing)	42.72 KB
@​sentry/vue	28.56 KB
@​sentry/vue (incl. Tracing)	42.32 KB
@​sentry/svelte	24.24 KB
CDN Bundle	26.57 KB
CDN Bundle (incl. Tracing)	41.22 KB
CDN Bundle (incl. Tracing, Replay)	76.9 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	82.23 KB
CDN Bundle - uncompressed	78.09 KB
CDN Bundle (incl. Tracing) - uncompressed	122.4 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	235.71 KB

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

10.29.0

Important Changes

• feat(solid|solidstart): Bump accepted @​solidjs/router range (#18395)

We expanded the supported version range for @solidjs/router to include 0.14.x and 0.15.x versions.

Other Changes

• fix(logs): Add support for msg in pino integration (#18389)
• fix(node): Include system message in anthropic-ai messages span (#18332)
• fix(tracing): Add missing attributes in vercel-ai spans (#18333)

• chore(tanstackstart-react): clean up re-exported types (#18393)
• ref(core): Avoid looking up openai integration options (#17695)
• test(nuxt): Relax captured unhandled error assertion (#18397)
• test(tanstackstart-react): Set up E2E test application (#18358)

10.28.0

Important Changes

• feat(core): Make matcher parameter optional in makeMultiplexedTransport (#10798)

The matcher parameter in makeMultiplexedTransport is now optional with a sensible default. This makes it much easier to use the multiplexed transport for sending events to multiple DSNs based on runtime configuration.

Before:

import { makeFetchTransport, makeMultiplexedTransport } from '@sentry/browser';
const EXTRA_KEY = 'ROUTE_TO';
const transport = makeMultiplexedTransport(makeFetchTransport, args => {
const event = args.getEvent();
if (event?.extra?.[EXTRA_KEY] && Array.isArray(event.extra[EXTRA_KEY])) {
return event.extra[EXTRA_KEY];
}
return [];
});
Sentry.init({
transport,
// ... other options
</tr></table>

... (truncated)

Commits

• 3529d46 release: 10.29.0
• 7b3b613 Merge pull request #18407 from getsentry/prepare-release/10.29.0
• 477f6ad meta(changelog): Update changelog for 10.29.0
• cf5c4ba Merge pull request #18406 from getsentry/manual-master-sync-dev
• 3c5d47f Merge branch 'develop' into manual-master-sync-dev
• 862f415 test(nuxt): Relax captured unhandled error assertion (#18397)
• b6eb205 fix(node): Include system message in anthropic-ai messages span (#18332)
• 65f5006 fix(tracing): Add missing attributes in vercel-ai spans (#18333)
• df4c541 feat(solid|solidstart): Bump accepted @​solidjs/router range (#18395)
• f961771 ref(core): Avoid looking up openai integration options (#17695)
• Additional commits viewable in compare view

Updates jsonwebtoken from 9.0.2 to 9.0.3

Changelog

Sourced from jsonwebtoken's changelog.

9.0.3 - 2025-12-04

• updates jws version to 4.0.1.

Commits

• ed59e76 chore: bump jws to 4.0.1 (#1007)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions