Bump the deps group across 1 directory with 11 updates

[dependabot]

Bumps the deps group with 11 updates in the /bundle-size directory:

Package	From	To
@bufbuild/protobuf	2.6.3	2.9.0
@connectrpc/connect	2.0.3	2.1.0
@bufbuild/buf	1.56.0	1.57.2
@bufbuild/protoc-gen-es	2.6.3	2.9.0
esbuild	0.25.8	0.25.10
parcel	2.15.4	2.16.0
typescript	5.9.2	5.9.3
rollup	4.46.2	4.52.3
vite	7.0.6	7.1.7
ts-loader	9.5.2	9.5.4
webpack	5.101.0	5.102.0

Updates @bufbuild/protobuf from 2.6.3 to 2.9.0

Release notes

Sourced from @​bufbuild/protobuf's releases.

v2.9.0

What's Changed

• Support Deno by @​timostamm in bufbuild/protobuf-es#1233

Full Changelog: bufbuild/protobuf-es@v2.8.0...v2.9.0

v2.8.0

What's Changed

• Add support for Edition 2024 by @​timostamm in bufbuild/protobuf-es#1228
• Fix Valid types for interstitial references by @​timostamm in bufbuild/protobuf-es#1230

Full Changelog: bufbuild/protobuf-es@v2.7.0...v2.8.0

v2.7.0

What's Changed

[!IMPORTANT]

TypeScript 5.9 includes breaking changes to lib.d.ts, forcing us to change return types for some functions from Uint8Array to Uint8Array<ArrayBuffer>. See #1200 for details.

• Update to TypeScript 5.9 and change return types from Uint8Array to Uint8Array<ArrayBuffer> by @​timostamm in bufbuild/protobuf-es#1200
• Drop support for Node.js 18 by @​timostamm in bufbuild/protobuf-es#1201
• Run CI on Node.js v24 by @​timostamm in bufbuild/protobuf-es#1199
• Optimize bundle-size impact of fix to closed enum parsing by @​timostamm in bufbuild/protobuf-es#1197

Full Changelog: bufbuild/protobuf-es@v2.6.3...v2.7.0

Commits

• ac7d546 Release 2.9.0 (#1236)
• f7b1a91 Support Deno (#1233)
• 89dd6e7 Release 2.8.0 (#1231)
• c8b4ef9 Add support for Edition 2024 (#1228)
• 92f8536 Release 2.7.0 (#1206)
• 318292b Update to TypeScript 5.9 and change return types from Uint8Array to `Uint8A...
• 2f46046 Optimize bundle-size impact of fix to closed enum parsing (#1197)
• See full diff in compare view

Updates @connectrpc/connect from 2.0.3 to 2.1.0

Release notes

Sourced from @​connectrpc/connect's releases.

v2.1.0

What's Changed

[!IMPORTANT]

TypeScript 5.9 includes breaking changes to lib.d.ts, forcing us to change return types for some functions from Uint8Array to Uint8Array<ArrayBuffer>. This is unlikely to affect you, but if it does, see #1560 for details.

• Update to TypeScript 5.9 and change return types from Uint8Array to Uint8Array<ArrayBuffer> by @​timostamm in connectrpc/connect-es#1560
• Drop support for Node.js 18 by @​timostamm in connectrpc/connect-es#1559

Full Changelog: connectrpc/connect-es@v2.0.4...v2.1.0

v2.0.4

What's Changed

• Fix memory leak in Node.js universal HTTP client by @​timostamm in connectrpc/connect-es#1547

Full Changelog: connectrpc/connect-es@v2.0.3...v2.0.4

Commits

• 8566675 Release 2.1.0 (#1564)
• 4eed0ce Update to TypeScript 5.9 and change return types from Uint8Array to `Uint8A...
• 17ee287 Release 2.0.4 (#1558)
• 5dafeaa Update protobuf-es and dependabot groups (#1549)
• a2606e7 Bump the bench group with 2 updates (#1533)
• 1b8db5d Bump @​bufbuild/buf from 1.55.1 to 1.56.0 (#1537)
• c1510a8 Bump jasmine from 5.8.0 to 5.9.0 (#1538)
• See full diff in compare view

Updates @bufbuild/buf from 1.56.0 to 1.57.2

Release notes

Sourced from @​bufbuild/buf's releases.

v1.57.2

• Fix buf curl for HTTP/2 services.

v1.57.1

• Minor bug fixes and dependency upgrades.

v1.57.0

• Update exclude types to remove unused options reducing the size of generated code.
• Add gitlab-code-quality error format to print errors in the GitLab Code Quality format for buf lint and buf breaking.
• Add source_control_url to json outputs for buf registry {module, plugin} commit commands.

Changelog

Sourced from @​bufbuild/buf's changelog.

[v1.57.2] - 2025-09-16

• Fix buf curl for HTTP/2 services

[v1.57.1] - 2025-09-16

• Minor bug fixes and dependency upgrades.

[v1.57.0] - 2025-08-27

• Update exclude types to remove unused options reducing the size of generated code.
• Add gitlab-code-quality error format to print errors in the GitLab Code Quality format for buf lint and buf breaking.
• Add source_control_url to json outputs for buf registry {module, plugin} commit commands.

Commits

• 2a315f2 Release v1.57.2 (#4017)
• 574a9ea Fix buf curl with HTTP/2 services (#4016)
• f9fbf5d Return to development (#4015)
• a925ce2 Release v1.57.1 (#4013)
• 7e199bd Upgrade generated SDK protoc-gen-go version (#4014)
• 2d0ab7a Use std http.Protocols for http config (#4011)
• 0f230da Upgrade makego (#4012)
• 2344d01 Make upgrade (#4010)
• d5d28ae Bump golang from 1.24-alpine3.22 to 1.25-alpine3.22 (#3963)
• b57df30 Silence config warning on empty rules when policies are defined (#3972)
• Additional commits viewable in compare view

Updates @bufbuild/protoc-gen-es from 2.6.3 to 2.9.0

Release notes

Sourced from @​bufbuild/protoc-gen-es's releases.

v2.9.0

What's Changed

• Support Deno by @​timostamm in bufbuild/protobuf-es#1233

Full Changelog: bufbuild/protobuf-es@v2.8.0...v2.9.0

v2.8.0

What's Changed

• Add support for Edition 2024 by @​timostamm in bufbuild/protobuf-es#1228
• Fix Valid types for interstitial references by @​timostamm in bufbuild/protobuf-es#1230

Full Changelog: bufbuild/protobuf-es@v2.7.0...v2.8.0

v2.7.0

What's Changed

[!IMPORTANT]

TypeScript 5.9 includes breaking changes to lib.d.ts, forcing us to change return types for some functions from Uint8Array to Uint8Array<ArrayBuffer>. See #1200 for details.

• Update to TypeScript 5.9 and change return types from Uint8Array to Uint8Array<ArrayBuffer> by @​timostamm in bufbuild/protobuf-es#1200
• Drop support for Node.js 18 by @​timostamm in bufbuild/protobuf-es#1201
• Run CI on Node.js v24 by @​timostamm in bufbuild/protobuf-es#1199
• Optimize bundle-size impact of fix to closed enum parsing by @​timostamm in bufbuild/protobuf-es#1197

Full Changelog: bufbuild/protobuf-es@v2.6.3...v2.7.0

Commits

• ac7d546 Release 2.9.0 (#1236)
• 89dd6e7 Release 2.8.0 (#1231)
• cdd0dd9 Fix Valid types for interstitial references (#1230)
• 92f8536 Release 2.7.0 (#1206)
• fe3c21b Drop support for Node.js 18 (#1201)
• See full diff in compare view

Updates esbuild from 0.25.8 to 0.25.10

Release notes

Sourced from esbuild's releases.

v0.25.10

• Fix a panic in a minification edge case (#4287)

  This release fixes a panic due to a null pointer that could happen when esbuild inlines a doubly-nested identity function and the final result is empty. It was fixed by emitting the value undefined in this case, which avoids the panic. This case must be rare since it hasn't come up until now. Here is an example of code that previously triggered the panic (which only happened when minifying):

  function identity(x) { return x }
  identity({ y: identity(123) })

• Fix @supports nested inside pseudo-element (#4265)

  When transforming nested CSS to non-nested CSS, esbuild is supposed to filter out pseudo-elements such as ::placeholder for correctness. The CSS nesting specification says the following:

  The nesting selector cannot represent pseudo-elements (identical to the behavior of the ':is()' pseudo-class). We’d like to relax this restriction, but need to do so simultaneously for both ':is()' and '&', since they’re intentionally built on the same underlying mechanisms.

  However, it seems like this behavior is different for nested at-rules such as @supports, which do work with pseudo-elements. So this release modifies esbuild's behavior to now take that into account:

  /* Original code */
  ::placeholder {
    color: red;
    body & { color: green }
    @supports (color: blue) { color: blue }
  }
  /* Old output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  {
  color: blue;
  }
  }
  /* New output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  ::placeholder {
  color: blue;
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.25.10

• Fix a panic in a minification edge case (#4287)

  This release fixes a panic due to a null pointer that could happen when esbuild inlines a doubly-nested identity function and the final result is empty. It was fixed by emitting the value undefined in this case, which avoids the panic. This case must be rare since it hasn't come up until now. Here is an example of code that previously triggered the panic (which only happened when minifying):

  function identity(x) { return x }
  identity({ y: identity(123) })

• Fix @supports nested inside pseudo-element (#4265)

  When transforming nested CSS to non-nested CSS, esbuild is supposed to filter out pseudo-elements such as ::placeholder for correctness. The CSS nesting specification says the following:

  The nesting selector cannot represent pseudo-elements (identical to the behavior of the ':is()' pseudo-class). We’d like to relax this restriction, but need to do so simultaneously for both ':is()' and '&', since they’re intentionally built on the same underlying mechanisms.

  However, it seems like this behavior is different for nested at-rules such as @supports, which do work with pseudo-elements. So this release modifies esbuild's behavior to now take that into account:

  /* Original code */
  ::placeholder {
    color: red;
    body & { color: green }
    @supports (color: blue) { color: blue }
  }
  /* Old output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  {
  color: blue;
  }
  }
  /* New output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  ::placeholder {
  color: blue;

... (truncated)

Commits

• d6b668f publish 0.25.10 to npm
• 5088c19 refactor: use strings.Builder (#4290)
• 755da31 run make update-compat-table
• a1d9c86 fix #4287: marked the wrong issue as fixed
• 73a0b2a fix #4286: minifier panic due to identity function
• 134dadf fix #4265: @supports nested inside ::pseudo
• 195e05c publish 0.25.9 to npm
• 3dac33f fix #3131, fix #3663: yarnpnp + windows + D drive
• 0f2c5c8 mock fs now supports multiple volumes on windows
• 100a51e split out yarnpnp snapshot tests
• Additional commits viewable in compare view

Updates parcel from 2.15.4 to 2.16.0

Release notes

Sourced from parcel's releases.

v2.16.0

This release significantly improves code splitting and tree shaking when scope hoisting is disabled, e.g. when using React Server Components with static rendering. It enables re-exports to be followed when resolving a dependency, so that only used exports from large libraries get bundled together for each page rather than across all pages. This was already the case when using scope hoisting, but now it works without scope hoisting as well.

Added

• JavaScript
  • Code split re-exports when scope hoisting is disabled – Details

Fixed

• JavaScript
  • Scope macro asset unique keys to the parent asset – Details

Changelog

Sourced from parcel's changelog.

[2.16.0] – 2025-09-18

Added

• JavaScript
  • Code split re-exports when scope hoisting is disabled – Details

Fixed

• JavaScript
  • Scope macro asset unique keys to the parent asset – Details

[2.15.3] – 2025-06-20

Fixed

• JavaScript

  • Expose line and column number to macros – Details

• React Server Components

  • Invalidate cache in ReactStaticPackager when pages are added or client components change – Details
  • Fix lazy mode with React Server Components – Details
  • Fix @parcel/rsc duplicate types – Details
  • Ensure publicUrl ends with a slash in react-static packager – Details
  • Fix hash reference replacement in react-static packager – Details

[2.15.2] - 2025-05-24

Fixed

• Core

  • Change minimum required glibc version to 2.26 – Details
  • Cache inline bundle packaging – Details
  • Use stable id for package requests – Details

• HTML

  • Do not remove <meta charset="utf-8"> – Details

• MDX

  • Make URL dependencies in MDX files optional – Details

• React Server Components

  • Fix memory leak in react-static packager – Details

• Resolver

  • Fix resolving source package exports condition from self reference – Details

• SVG

  • Update oxvg – Details

• Compressors

  • Use max level compression for brotli compressor – Details

[2.15.1] - 2025-05-15

... (truncated)

Commits

• See full diff in compare view

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Commits

• 31a0ead Don't compare "missing" to undefined in compareProperties under `exactOpt...
• d4b15eb Enhance type argument completions (#62170)
• 83ff202 Bump the github-actions group across 1 directory with 2 updates (#62507)
• e350126 Port microsoft/typescript-go#1764 (#62510)
• 97610a8 Port microsoft/typescript-go#1757 (#62501)
• 1cd5309 Port microsoft/typescript-go#1759 (#62502)
• 5f183ad Revert PR 61928 (#62423)
• 6f6efb4 Disable conditional exports fallbacks on null values (#62483)
• 96acaa5 Remove no-default-lib (#62435)
• 904e7dd Enable noUncheckedSideEffectImports by default (#62443)
• Additional commits viewable in compare view

Updates rollup from 4.46.2 to 4.52.3

Release notes

Sourced from rollup's releases.

v4.52.3

4.52.3

2025-09-27

Bug Fixes

• Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

• #6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@​Jobians, @​lukastaegert)
• #6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@​renovate[bot])
• #6125: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #6126: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.52.2

4.52.2

2025-09-23

Bug Fixes

• Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

• #6109: fix(rust): use prebuilt std when it is available (@​cyyynthia)

v4.52.1

4.52.1

2025-09-23

Bug Fixes

• Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

• #6121: Simplify top-level await deadlock prevention (@​lukastaegert)

v4.52.0

4.52.0

2025-09-19

Features

• Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.52.3

2025-09-27

Bug Fixes

• Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

• #6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@​Jobians, @​lukastaegert)
• #6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@​renovate[bot])
• #6125: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #6126: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.52.2

2025-09-23

Bug Fixes

• Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

• #6109: fix(rust): use prebuilt std when it is available (@​cyyynthia)

4.52.1

2025-09-23

Bug Fixes

• Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

• #6121: Simplify top-level await deadlock prevention (@​lukastaegert)

4.52.0

2025-09-19

Features

• Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)
• Add support for x86_64-pc-windows-gnu platform (#6110)

Pull Requests

... (truncated)

Commits

• 74c555c 4.52.3
• 4362862 fix(native-loader): safely handle report.getReport() on Termux/Android (#6123)
• 7340c45 chore(deps): pin msys2/setup-msys2 action to fb197b7 (#6124)
• cfe817e chore(deps): lock file maintenance minor/patch updates (#6126)
• 89e4411 fix(deps): lock file maintenance minor/patch updates (#6125)
• fa2315c 4.52.2
• 10b2672 fix(rust): use prebuilt std when it is available (#6109)
• 69b5dd3 4.52.1
• 5eee44c Simplify top-level await deadlock prevention (#6121)
• 2029f63 4.52.0
• Additional commits viewable in compare view

Updates vite from 7.0.6 to 7.1.7

Release notes

Sourced from vite's releases.

v7.1.7

Please refer to CHANGELOG.md for details.

v7.1.6

Please refer to CHANGELOG.md for details.

v7.1.5

Please refer to CHANGELOG.md for details.

v7.1.4

Please refer to CHANGELOG.md for details.

v7.1.3

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.1.2

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.1.1

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

[email protected]

Please refer to CHANGELOG.md for details.

v7.1.0

Please refer to CHANGELOG.md for details.

v7.1.0-beta.1

Please refer to CHANGELOG.md for details.

v7.1.0-beta.0

Please refer to CHANGELOG.md for details.

v7.0.7

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

7.1.7 (2025-09-22)

Bug Fixes

• build: fix ssr environment emitAssets: true when sharedConfigBuild: true (#20787) (4c4583c)
• client: use CSP nonce when rendering error overlay (#20791) (9bc9d12)
• deps: update all non-major dependencies (#20811) (9f2247c)
• glob: handle glob imports from folders starting with dot (#20800) (105abe8)
• hmr: trigger prune event when import is removed from non hmr module (#20768) (9f32b1d)
• hmr: wait for import.meta.hot.prune callbacks to complete before running other HMRs (#20698) (98a3484)

7.1.6 (2025-09-18)

Bug Fixes

• deps: update all non-major dependencies (#20773) (88af2ae)
• esbuild: inject esbuild helper functions with minified $ variables correctly (#20761) (7e8e004)
• fallback terser to main thread when nameCache is provided (#20750) (a679a64)
• types: strict env typings fail when skipLibCheck is false (#20755) (cc54e29)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#20675) (a67bb5f)
• deps: update rolldown-related dependencies (#20772) (d785e72)

7.1.5 (2025-09-08)

Bug Fixes

• apply fs.strict check to HTML files (#20736) (14015d7)
• deps: update all non-major dependencies (#20732) (122bfba)
• upgrade sirv to 3.0.2 (#20735) (09f2b52)

7.1.4 (2025-09-01)

Bug Fixes

• add missing awaits (#20697) (79d10ed)
• deps: update all non-major dependencies (#20676) (5a274b2)
• deps: update all non-major dependencies (#20709) (0401feb)
• pass rollup watch options when building in watch mode (#20674) (f367453)

Miscellaneous Chores

• remove unused constants entry from rolldown.config.ts (#20710) (537fcf9)

Code Refactoring

• remove unnecessary minify parameter from finalizeCss (#20701) (8099582)

7.1.3 (2025-08-19)

Features

• cli: add Node.js version warning for unsupported versions (#20638) (a1be1bf)

... (truncated)

Commits

• 693d255 release: v7.1.7
• 98a3484 fix(hmr): wait for import.meta.hot.prune callbacks to complete before runni...
• 9f32b1d fix(hmr): trigger prune event when import is removed from non hmr module (#20...
• 9f2247c fix(deps): update all non-major dependencies (#20811)
• 105abe8 fix(glob): handle glob imports from folders starting with dot (#20800)
• 4c4583c fix(build): fix ssr environment emitAssets: true when `sharedConfigBuild: t...
• 9bc9d12 fix(client): use CSP nonce when rendering error overlay (#20791)
• 54377f7 release: v7.1.6
• 88af2ae fix(deps): update all non-major dependencies (#20773)
• d785e72 chore(deps): update rolldown-related dependencies (#20772)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vite since your current version.

Updates ts-loader from 9.5.2 to 9.5.4

Release notes

Sourced from ts-loader's releases.

v9.5.4

• chore: typescript 5.9 upgrade - thanks @​johnnyreilly

Skipping 9.5.3 due to a publishing issue

v9.5.3

• fix: add more detailed error messages - thanks @​hai-x

Changelog

Sourced from ts-loader's changelog.

9.5.4

• chore: typescript 5.9 upgrade - thanks @​johnnyreilly

Skipping 9.5.3 due to a publishing issue

Commits

• f7d022f Update changelog for version 9.5.4 (#1677)
• ba825c2 chore: TypeScript 5.9 upgrade (#1676)
• 847a249 feat: stub for 5.8 (#1668)
• 0ee4035 feat: Update push.yml with workflow_dispatch
• d735298 chore: update lockfile (#1666)
• See full diff in compare view

Updates webpack from 5.101.0 to 5.102.0

Release notes

Sourced from webpack's releases.

v5.102.0

Features

• Added static analyze for dynamic imports
• Added support for import file from "./file.ext" with { type: "bytes" } to get the content as Uint8Array (look at example)
• Added support for import file from "./file.ext" with { type: "text" } to get the content as text (look at example)
• Added the snapshot.contextModule to configure snapshots options for context modules
• Added the extractSourceMap option to implement the capabilities of loading source maps by comment, you don't need source-map-loader (look at example)
• The topLevelAwait experiment is now stable (you can remove experiments.topLevelAwait from your webpack.config.js)
• The layers experiment is now stable (you can remove experiments.layers from your webpack.config.js)
• Added function matcher support in rule options

Fixes

• Fixed conflicts caused by multiple concatenate modules
• Ignore import failure during HMR update with ES modules output
• Keep render module order consistent
• Prevent inlining modules that have this exports
• Removed unused timeout attribute of script tag
• Supported UMD chunk format to work in web workers
• Improved CommonJs bundle to ES module library
• Use es-lexer for mjs files for build dependencies
• Fixed support __non_webpack_require__ for ES modules
• Properly handle external modules for CSS
• AssetsByChunkName included assets from chunk.auxiliaryFiles
• Use createRequire only when output is ES module and target is node
• Typescript types

Performance Improvements

• Avoid extra calls for snapshot
• A avoid extra jobs for build dependencies
• Move import attributes to own dependencies

v5.101.3

Fixes

• Fixed resolve execution order issue from extra await in async modules
• Avoid empty block for unused statement
• Collect only specific expressions for destructuring assignment

v5.101.2

Fixes

• Fixed syntax error when comment is on the last line
• Handle var declaration for createRequire
• Distinguish free variable and tagged variable

v5.101.1

Fixes

... (truncated)

Commits

• 14c813a chore(release): 5.102.0
• 761b153 feat: support function matcher in rule options (#19952)
• 8c0fa9e feat: tree shaking nested exports for destructuring assignment (#19955)
• 0a58530 chore(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0 (#19958)
• 042bf86 fix: integrity in http-url test (#19954)
• d9121b3 docs: use markdown instead html (#19938)
• 3f00777 docs: remove unused files (#19937)
• 3cf0d95 chore: add lfx badge (#19934)
• 84e5c12 fix: should analyze correct variable for dynamic import (#19936)
• 44cf16f docs: Revise security policy and reporting guidelines (#19886)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions