Bump the dev-minor-deps group across 1 directory with 9 updates

[dependabot]

Bumps the dev-minor-deps group with 9 updates in the / directory:

Package	From	To
@hey-api/openapi-ts	0.84.2	0.84.4
@sentry/cli	2.55.0	2.56.0
@storybook/addon-a11y	9.1.8	9.1.10
@storybook/addon-links	9.1.8	9.1.10
knip	5.64.0	5.64.1
lint-staged	16.2.0	16.2.3
stylelint	16.24.0	16.25.0
typescript	5.9.2	5.9.3
@storybook/react-vite	9.1.8	9.1.10

Updates @hey-api/openapi-ts from 0.84.2 to 0.84.4

Release notes

Sourced from @​hey-api/openapi-ts's releases.

@​hey-api/openapi-ts@​0.84.4

Patch Changes

• fix(client-ofetch): add missing credentials property support (#2710) (ba7e6dc) by @​copilot-swe-agent

• fix(config): do not override interactive config from CLI if defined in config file (#2708) (21e9fa0) by @​copilot-swe-agent

• fix(zod): correct schemas for numeric and boolean enums (#2704) (59ea38e) by @​copilot-swe-agent

@​hey-api/openapi-ts@​0.84.3

Patch Changes

• fix(validators): escaping slashes in regular expressions (#2692) (dba81bc) by @​copilot-swe-agent

Commits

• 453c834 Merge pull request #2705 from hey-api/changeset-release/main
• 9ba9e7d ci: release
• 1f9056a Merge pull request #2708 from hey-api/copilot/fix-e387455f-4997-4ca9-ae1c-c76...
• bfae15d Fix typecheck issues in test files
• 1d09c1d Fix linting issues - correct indentation in detectInteractiveSession
• 21e9fa0 Fix CLI config override for interactive settings
• 2c64ad4 Update init.ts
• 801532b Move TTY detection logic to src with environment variable support
• c4fc4aa Merge pull request #2710 from hey-api/copilot/fix-a01977c0-ddcf-4172-81f2-12f...
• 769269f Add test demonstrating the config merge behavior that would fail with the bug
• Additional commits viewable in compare view

Updates @sentry/cli from 2.55.0 to 2.56.0

Release notes

Sourced from @​sentry/cli's releases.

2.56.0

Various fixes & improvements

• feat: auto-fetch head-ref from GitHub Actions in detached HEAD state (#2805) by @​runningcode
• feat: automatically fetch base SHA in GitHub Actions PR workflows (#2799) by @​runningcode
• feat(preprod): use deflated compression when creating the zip file (#2800) by @​trevor-e
• feat(preprod): make sure at least one app bundle is present for upload (#2795) by @​trevor-e
• feat(preprod): fail upload if app is missing Info.plist (#2793) by @​trevor-e
• feat: restore GitHub Actions base branch detection (#2792) by @​runningcode
• fix: lower log level for missing base ref detection (EME-369) (#2813) by @​runningcode
• fix: simplify debug logging for PR number detection (EME-362) (#2812) by @​runningcode
• fix: serialize VCS tests to prevent race conditions (EME-368) (#2811) by @​runningcode
• fix: Validate SENTRY_RELEASE environment variable (#2807) by @​szokeasaurusrex
• fix: use actual PR head SHA in GitHub Actions instead of merge commit (#2785) by @​runningcode
• fix: suppress warning messages in failing build upload tests (#2791) by @​runningcode

Changelog

Sourced from @​sentry/cli's changelog.

2.56.0

Various fixes & improvements

• feat: auto-fetch head-ref from GitHub Actions in detached HEAD state (#2805) by @​runningcode
• feat: automatically fetch base SHA in GitHub Actions PR workflows (#2799) by @​runningcode
• feat(preprod): use deflated compression when creating the zip file (#2800) by @​trevor-e
• feat(preprod): make sure at least one app bundle is present for upload (#2795) by @​trevor-e
• feat(preprod): fail upload if app is missing Info.plist (#2793) by @​trevor-e
• feat: restore GitHub Actions base branch detection (#2792) by @​runningcode
• fix: lower log level for missing base ref detection (EME-369) (#2813) by @​runningcode
• fix: simplify debug logging for PR number detection (EME-362) (#2812) by @​runningcode
• fix: serialize VCS tests to prevent race conditions (EME-368) (#2811) by @​runningcode
• fix: Validate SENTRY_RELEASE environment variable (#2807) by @​szokeasaurusrex
• fix: use actual PR head SHA in GitHub Actions instead of merge commit (#2785) by @​runningcode
• fix: suppress warning messages in failing build upload tests (#2791) by @​runningcode

Commits

• 0b2ad4c meta: Update changelog for 2.56.0
• 4a864cc release: 2.56.0
• 2a401bc build(deps): bump github/codeql-action from 3.30.3 to 3.30.5 (#2815)
• 69215be build(deps): bump docker/login-action from 3.5.0 to 3.6.0 (#2814)
• 2229943 fix: lower log level for missing base ref detection (EME-369) (#2813)
• 087d7f8 build: Replace brotli2 with brotli (#2809)
• 5670e9c build(rust): Remove adler dependency (#2810)
• 5b1fb22 fix: simplify debug logging for PR number detection (EME-362) (#2812)
• 355993c fix: serialize VCS tests to prevent race conditions (EME-368) (#2811)
• 4ff5286 fix: Validate SENTRY_RELEASE environment variable (#2807)
• Additional commits viewable in compare view

Updates @storybook/addon-a11y from 9.1.8 to 9.1.10

Release notes

Sourced from @​storybook/addon-a11y's releases.

v9.1.10

9.1.10

• Automigrations: Add automigration for viewport and backgrounds - #31614, thanks @​valentinpalkovic!
• Telemetry: Log userAgent in onboarding - #32566, thanks @​shilman!

v9.1.9

9.1.9

• Angular: Enable experimental zoneless detection on Angular v21 - #32580, thanks @​yannbf!
• Svelte: Ignore inherited HTMLAttributes docgen when using utility types - #32173, thanks @​steciuk!

Changelog

Sourced from @​storybook/addon-a11y's changelog.

9.1.10

• Automigrations: Add automigration for viewport and backgrounds - #31614, thanks @​valentinpalkovic!
• Telemetry: Log userAgent in onboarding - #32566, thanks @​shilman!

9.1.9

• Angular: Enable experimental zoneless detection on Angular v21 - #32580, thanks @​yannbf!
• Svelte: Ignore inherited HTMLAttributes docgen when using utility types - #32173, thanks @​steciuk!

Commits

• 642f0cf Bump version from "9.1.9" to "9.1.10" [skip ci]
• 01867d0 Bump version from "9.1.8" to "9.1.9" [skip ci]
• See full diff in compare view

Updates @storybook/addon-links from 9.1.8 to 9.1.10

Release notes

Sourced from @​storybook/addon-links's releases.

v9.1.10

9.1.10

• Automigrations: Add automigration for viewport and backgrounds - #31614, thanks @​valentinpalkovic!
• Telemetry: Log userAgent in onboarding - #32566, thanks @​shilman!

v9.1.9

9.1.9

• Angular: Enable experimental zoneless detection on Angular v21 - #32580, thanks @​yannbf!
• Svelte: Ignore inherited HTMLAttributes docgen when using utility types - #32173, thanks @​steciuk!

Changelog

Sourced from @​storybook/addon-links's changelog.

9.1.10

• Automigrations: Add automigration for viewport and backgrounds - #31614, thanks @​valentinpalkovic!
• Telemetry: Log userAgent in onboarding - #32566, thanks @​shilman!

9.1.9

• Angular: Enable experimental zoneless detection on Angular v21 - #32580, thanks @​yannbf!
• Svelte: Ignore inherited HTMLAttributes docgen when using utility types - #32173, thanks @​steciuk!

Commits

• 642f0cf Bump version from "9.1.9" to "9.1.10" [skip ci]
• 01867d0 Bump version from "9.1.8" to "9.1.9" [skip ci]
• See full diff in compare view

Updates knip from 5.64.0 to 5.64.1

Release notes

Sourced from knip's releases.

Release 5.64.1

• Edit docs (634b59d07353bc09db762ee1b672df06da66da59)
• Edit docs (d3433f00840736e11cc5c845babffe415ecad1fe)
• Add "How to keep package.json under control" article (570f40b15007c075d7f1e4d77bd2970034eec8ec)
• We're incompatible with typescript v7 (f4f9166a0fca265e6f0dc939528836ce7003938f)
• Migrate from bun → pnpm (f18428c53d5bff7bad5259bf053e1d8c2b78881f)
• Migrate from biome v1 → v2 (7ae5d72dadba0d8084842765ba3c045ac9199aa5)
• Update dependencies (3174456e0c0f3086cc52d41cbea647b5a50cc057)
• Re-gen plugins list (2da7ba49e8930c68b3cf8d1421a88cf975af9800)
• Migrate from zod v3 → v4 (a71c1030be3ee6b7312fdb952504a3f1dbe5a694)

Commits

• e0ff0b5 Release 5.64.1
• a71c103 Migrate from zod v3 → v4
• 3174456 Update dependencies
• 7ae5d72 Migrate from biome v1 → v2
• f18428c Migrate from bun → pnpm
• f4f9166 We're incompatible with typescript v7
• See full diff in compare view

Updates lint-staged from 16.2.0 to 16.2.3

Release notes

Sourced from lint-staged's releases.

v16.2.3

Patch Changes

• #1669 27cd541 Thanks @​iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

v16.2.2

Patch Changes

• #1667 699f95d Thanks @​iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

  Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:

  % npx lint-staged --fail-on-changes
  ✔ Backed up original state in git stash (c18d55a3)
  ✔ Running tasks for staged files...
  ✖ Tasks modified files and --fail-on-changes was used!
  ↓ Cleaning up temporary files...
  ✖ lint-staged failed because --fail-on-changes was used.
  Any lost modifications can be restored from a git stash:
  > git stash list --format="%h %s"
  c18d55a3 On main: lint-staged automatic backup
  > git apply --index c18d55a3

v16.2.1

Patch Changes

• #1664 8277b3b Thanks @​iiroj! - The built-in TypeScript types have been updated to more closely match the implementation. Notably, the list of staged files supplied to task functions is readonly string[] and can't be mutated. Thanks @​outslept!

  export default {
  ---  "*": (files: string[]) => void console.log('staged files', files)
  +++  "*": (files: readonly string[]) => void console.log('staged files', files)
  }

• #1654 70b9af3 Thanks @​iiroj! - This version has been published from GitHub Actions using Trusted Publishing for npm packages.

• #1659 4996817 Thanks @​iiroj! - Fix searching configuration files when the working directory is a subdirectory of a git repository, and there are package.json files in the working directory. This situation might happen when running lint-staged for a single package in a monorepo.

• #1654 7021f0a Thanks @​iiroj! - Return the caret semver range (^) to direct dependencies so that future patch and minor versions are allowed. This enables projects to better maintain and deduplicate their own transitive dependencies while not requiring direct updates to lint-staged. This was changed in 16.2.0 after the vulnerability issues with chalk and debug, which were also removed in the same version.

  Given the recent vulnerabilities in the npm ecosystem, it's best to be very careful when updating dependencies.

Changelog

Sourced from lint-staged's changelog.

16.2.3

Patch Changes

• #1669 27cd541 Thanks @​iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

16.2.2

Patch Changes

• #1667 699f95d Thanks @​iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

  Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:

  % npx lint-staged --fail-on-changes
  ✔ Backed up original state in git stash (c18d55a3)
  ✔ Running tasks for staged files...
  ✖ Tasks modified files and --fail-on-changes was used!
  ↓ Cleaning up temporary files...
  ✖ lint-staged failed because --fail-on-changes was used.
  Any lost modifications can be restored from a git stash:
  > git stash list --format="%h %s"
  c18d55a3 On main: lint-staged automatic backup
  > git apply --index c18d55a3

16.2.1

Patch Changes

• #1664 8277b3b Thanks @​iiroj! - The built-in TypeScript types have been updated to more closely match the implementation. Notably, the list of staged files supplied to task functions is readonly string[] and can't be mutated. Thanks @​outslept!

  export default {
  ---  "*": (files: string[]) => void console.log('staged files', files)
  +++  "*": (files: readonly string[]) => void console.log('staged files', files)
  }

• #1654 70b9af3 Thanks @​iiroj! - This version has been published from GitHub Actions using Trusted Publishing for npm packages.

• #1659 4996817 Thanks @​iiroj! - Fix searching configuration files when the working directory is a subdirectory of a git repository, and there are package.json files in the working directory. This situation might happen when running lint-staged for a single package in a monorepo.

• #1654 7021f0a Thanks @​iiroj! - Return the caret semver range (^) to direct dependencies so that future patch and minor versions are allowed. This enables projects to better maintain and deduplicate their own transitive dependencies while not requiring direct updates to lint-staged. This was changed in 16.2.0 after the vulnerability issues with chalk and debug, which were also removed in the same version.

  Given the recent vulnerabilities in the npm ecosystem, it's best to be very careful when updating dependencies.

Commits

• bdcd03a chore(changeset): release
• 27cd541 fix: do not count hidden (partially) unstaged changes when using `--fail-on-c...
• ab2f42e fix: emit correct value to debug logs
• 3fc5832 refactor: make general error messages more clear they originate from lint-staged
• 409d79a chore(changeset): release
• 7edaee9 docs: fix typo in changeset
• 699f95d fix: backup stash example uses real hash if available
• 47d01a9 fix: print backup stash example when failing to --fail-on-changes
• 325dc03 fix: restore unstaged changes on errors when --fail-on-errors or `--no-reve...
• 53bb27b fix: do not drop backup stash when errors and --fail-on-changes was used
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for lint-staged since your current version.

Updates stylelint from 16.24.0 to 16.25.0

Release notes

Sourced from stylelint's releases.

16.25.0

It adds 3 new features, including experimental support for bulk suppressions. It's also our first immutable release, with the package published to npm using trusted publishing and our dependencies updated on a cool down for improved supply chain security.

• Added: support for bulk suppressions (#8564) (@​ryo-manba).
• Added: ignoreAtRules: [] to no-invalid-position-declaration (#8781) (@​jrmlt).
• Added: rule name to custom messages (#8774) (@​jhae-de).

Changelog

Sourced from stylelint's changelog.

16.25.0 - 2025-10-03

It adds 3 new features, including experimental support for bulk suppressions. It's also our first immutable release, with the package published to npm using trusted publishing and our dependencies updated on a cool down for improved supply chain security.

• Added: support for bulk suppressions (#8564) (@​ryo-manba).
• Added: ignoreAtRules: [] to no-invalid-position-declaration (#8781) (@​jrmlt).
• Added: rule name to custom messages (#8774) (@​jhae-de).

Commits

• a6efacb Release 16.25.0 (#8796)
• 9c623fb Document new release workflow (#8793)
• f34b6b4 Fix release-pr workflow failure (#8794)
• acc163e Use consistent workflow names (#8792)
• 55de5ed Use new release workflow (#8791)
• 242f757 Add rule name to custom messages (#8774)
• 9045b3e Bump rollup from 4.50.1 to 4.52.0 (#8789)
• 30abc78 Bump eslint from 9.35.0 to 9.36.0 in the eslint group (#8786)
• 808cff3 Bump stylelint/changelog-to-github-release-action from 0.3.1 to 0.5.1 (#8785)
• b478202 Add ignoreAtRules: [] to no-invalid-position-declaration (#8781)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for stylelint since your current version.

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)
• fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

• npm

Commits

• c63de15 Bump version to 5.9.3 and LKG
• 8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
• a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
• 0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
• bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
• 0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
• 2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
• See full diff in compare view

Updates @storybook/react-vite from 9.1.8 to 9.1.10

Release notes

Sourced from @​storybook/react-vite's releases.

v9.1.10

9.1.10

• Automigrations: Add automigration for viewport and backgrounds - #31614, thanks @​valentinpalkovic!
• Telemetry: Log userAgent in onboarding - #32566, thanks @​shilman!

v9.1.9

9.1.9

• Angular: Enable experimental zoneless detection on Angular v21 - #32580, thanks @​yannbf!
• Svelte: Ignore inherited HTMLAttributes docgen when using utility types - #32173, thanks @​steciuk!

Changelog

Sourced from @​storybook/react-vite's changelog.

9.1.10

• Automigrations: Add automigration for viewport and backgrounds - #31614, thanks @​valentinpalkovic!
• Telemetry: Log userAgent in onboarding - #32566, thanks @​shilman!

9.1.9

• Angular: Enable experimental zoneless detection on Angular v21 - #32580, thanks @​yannbf!
• Svelte: Ignore inherited HTMLAttributes docgen when using utility types - #32173, thanks @​steciuk!

Commits

• 642f0cf Bump version from "9.1.9" to "9.1.10" [skip ci]
• 01867d0 Bump version from "9.1.8" to "9.1.9" [skip ci]
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.