build(deps): bump the npm-packages group across 1 directory with 8 updates

[dependabot]

Bumps the npm-packages group with 8 updates in the / directory:

Package	From	To
chart.js	4.5.0	4.5.1
@types/node	24.3.0	24.7.2
cypress	14.5.4	15.4.0
dotenv	17.2.1	17.2.3
esbuild	0.25.9	0.25.10
luxon	3.7.1	3.7.2
sass	1.90.0	1.93.2
start-server-and-test	2.0.13	2.1.2

Updates chart.js from 4.5.0 to 4.5.1

Release notes

Sourced from chart.js's releases.

v4.5.1

Essential Links

• npm
• Migration guide
• Docs
• API
• Samples

Bugs Fixed

• #12098 Do not notify plugins after their uninstall function has been called
• #12096 Sync Doughnut chart legend options to legend plugin
• #12097 Attempt fixing charts shrinking on certain zoom values in Chrome

Types

• #12122 fix(types): add drawingArea to RadialLinearScale
• #12120 fix(types): allow null for line chart point values (#12027)
• #12099 Add data.datasets[].tooltip.callbacks to Typescript types

Development

• #12132 Bump version to 4.5.1
• #12118 Bump actions/setup-node from 4 to 5

Thanks to @​LeeLenaleee, @​anshukushwaha07, @​bojidar-bg, @​dependabot[bot] and dependabot[bot]

Commits

• 9c5cf9f Bump version to 4.5.1 (#12132)
• e275269 fix(types): add drawingArea to RadialLinearScale (#12122)
• a5262b1 fix(types): allow null for line chart point values (#12027) (#12120)
• be2740b Bump actions/setup-node from 4 to 5 (#12118)
• 6372280 Do not notify plugins after their uninstall function has been called (#12098)
• 4a62c17 Add data.datasets[].tooltip.callbacks to Typescript types (#12099)
• beb77e4 Sync Doughnut chart legend options to legend plugin (#12096)
• 5feebdf Fix charts shinking in size on certain Zoom values in Chrome (#12097)
• See full diff in compare view

Updates @types/node from 24.3.0 to 24.7.2

Commits

• See full diff in compare view

Updates cypress from 14.5.4 to 15.4.0

Release notes

Sourced from cypress's releases.

v15.4.0

Changelog: https://docs.cypress.io/app/references/changelog#15-4-0

v15.3.0

Changelog: https://docs.cypress.io/app/references/changelog#15-3-0

v15.2.0

Changelog: https://docs.cypress.io/app/references/changelog#15-2-0

v15.1.0

Changelog: https://docs.cypress.io/app/references/changelog#15-1-0

v15.0.0

Changelog: https://docs.cypress.io/app/references/changelog#15-0-0

Commits

• 9005a7b chore: release 15.4.0 (#32666)
• 0c718e0 feat: add toggle to hide fetch requests (#32658)
• 74bae64 internal: (studio) display cert error (#32657)
• 1804d35 misc: Next button visibility and behaviour during stepping. Fixes #32476 (#32...
• 6e8dc8e test: (studio) fix empty spec test (#32661)
• e3f4064 internal: rename excludeFromAI type (#32653)
• 113a136 chore: updating v8 snapshot cache (#32651)
• e5c1dee chore: updating v8 snapshot cache (#32652)
• 4969ef3 chore: updating v8 snapshot cache (#32650)
• b1ec294 internal: (studio) update session id on studio initialization (#32648)
• Additional commits viewable in compare view

Updates dotenv from 17.2.1 to 17.2.3

Changelog

Sourced from dotenv's changelog.

17.2.3 (2025-09-29)

Changed

• Fixed typescript error definition (#912)

17.2.2 (2025-09-02)

Added

• 🙏 A big thank you to new sponsor Tuple.app - the premier screen sharing app for developers on macOS and Windows. Go check them out. It's wonderful and generous of them to give back to open source by sponsoring dotenv. Give them some love back.

Commits

• affe113 17.2.3
• db1ff1f changelog 🪵
• 7063f16 Merge pull request #913 from motdotla/new-tips
• 0bbe72c test against expected tips
• 017951b only run .js tests
• 39eda1f add space back
• fcc030e update tips
• b6c7a0d updated tips - as Dotenvx Radar has been renamed Dotenvx Ops
• b3c8b16 remove unnecessary call to npx
• d6e4c17 Merge pull request #912 from adjerbetian/fix/typescript-error-definition
• Additional commits viewable in compare view

Updates esbuild from 0.25.9 to 0.25.10

Release notes

Sourced from esbuild's releases.

v0.25.10

• Fix a panic in a minification edge case (#4287)

  This release fixes a panic due to a null pointer that could happen when esbuild inlines a doubly-nested identity function and the final result is empty. It was fixed by emitting the value undefined in this case, which avoids the panic. This case must be rare since it hasn't come up until now. Here is an example of code that previously triggered the panic (which only happened when minifying):

  function identity(x) { return x }
  identity({ y: identity(123) })

• Fix @supports nested inside pseudo-element (#4265)

  When transforming nested CSS to non-nested CSS, esbuild is supposed to filter out pseudo-elements such as ::placeholder for correctness. The CSS nesting specification says the following:

  The nesting selector cannot represent pseudo-elements (identical to the behavior of the ':is()' pseudo-class). We’d like to relax this restriction, but need to do so simultaneously for both ':is()' and '&', since they’re intentionally built on the same underlying mechanisms.

  However, it seems like this behavior is different for nested at-rules such as @supports, which do work with pseudo-elements. So this release modifies esbuild's behavior to now take that into account:

  /* Original code */
  ::placeholder {
    color: red;
    body & { color: green }
    @supports (color: blue) { color: blue }
  }
  /* Old output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  {
  color: blue;
  }
  }
  /* New output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  ::placeholder {
  color: blue;
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.25.10

• Fix a panic in a minification edge case (#4287)

  This release fixes a panic due to a null pointer that could happen when esbuild inlines a doubly-nested identity function and the final result is empty. It was fixed by emitting the value undefined in this case, which avoids the panic. This case must be rare since it hasn't come up until now. Here is an example of code that previously triggered the panic (which only happened when minifying):

  function identity(x) { return x }
  identity({ y: identity(123) })

• Fix @supports nested inside pseudo-element (#4265)

  When transforming nested CSS to non-nested CSS, esbuild is supposed to filter out pseudo-elements such as ::placeholder for correctness. The CSS nesting specification says the following:

  The nesting selector cannot represent pseudo-elements (identical to the behavior of the ':is()' pseudo-class). We’d like to relax this restriction, but need to do so simultaneously for both ':is()' and '&', since they’re intentionally built on the same underlying mechanisms.

  However, it seems like this behavior is different for nested at-rules such as @supports, which do work with pseudo-elements. So this release modifies esbuild's behavior to now take that into account:

  /* Original code */
  ::placeholder {
    color: red;
    body & { color: green }
    @supports (color: blue) { color: blue }
  }
  /* Old output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  {
  color: blue;
  }
  }
  /* New output (with --supported:nesting=false) */
  ::placeholder {
  color: red;
  }
  body :is() {
  color: green;
  }
  @​supports (color: blue) {
  ::placeholder {
  color: blue;

... (truncated)

Commits

• d6b668f publish 0.25.10 to npm
• 5088c19 refactor: use strings.Builder (#4290)
• 755da31 run make update-compat-table
• a1d9c86 fix #4287: marked the wrong issue as fixed
• 73a0b2a fix #4286: minifier panic due to identity function
• 134dadf fix #4265: @supports nested inside ::pseudo
• See full diff in compare view

Updates luxon from 3.7.1 to 3.7.2

Changelog

Sourced from luxon's changelog.

3.7.2 (2025-07-09)

• Fix ES6 packaging

Commits

• 4262a38 Version 3.7.2
• 738144d Fix the build ES6 code having the wrong file extension and use it in package....
• See full diff in compare view

Updates sass from 1.90.0 to 1.93.2

Release notes

Sourced from sass's releases.

Dart Sass 1.93.2

To install Sass 1.93.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• No user-visible changes.

JavaScript API

• Fix another error in the release process for @sass/types.

See the full changelog for changes in earlier releases.

Dart Sass 1.93.1

To install Sass 1.93.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• No user-visible changes.

JavaScript API

• Fix an error in the release process for @sass/types.

See the full changelog for changes in earlier releases.

Dart Sass 1.93.0

To install Sass 1.93.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

• Fix a crash when a style rule contains a nested @import, and the loaded file @uses a user-defined module as well as @includes a top-level mixin which emits top-level declarations.

JavaScript API

• Release a @sass/types package which contains the type annotations used by both the sass and sass-embedded package without any additional code or dependencies.

See the full changelog for changes in earlier releases.

Dart Sass 1.92.1

To install Sass 1.92.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

... (truncated)

Changelog

Sourced from sass's changelog.

1.93.2

• No user-visible changes.

JavaScript API

• Fix another error in the release process for @sass/types.

1.93.1

• No user-visible changes.

JavaScript API

• Fix an error in the release process for @sass/types.

1.93.0

• Fix a crash when a style rule contains a nested @import, and the loaded file @uses a user-defined module as well as @includes a top-level mixin which emits top-level declarations.

JavaScript API

• Release a @sass/types package which contains the type annotations used by both the sass and sass-embedded package without any additional code or dependencies.

1.92.1

• Fix a bug where variable definitions from one imported, forwarded module would not be passed as implicit configuration to a later imported, forwarded module.

1.92.0

• Breaking change: Emit declarations, childless at-rules, and comments in the order they appear in the source even when they're interleaved with nested rules. This obsoletes the mixed-decls deprecation.

• Breaking change: The function name type() is now fully reserved for the plain CSS function. This means that @function definitions with the name type will produce errors, while function calls will be parsed as special function strings.

• Configuring private variables using @use ... with, @forward ... with, and meta.load-css(..., $with: ...) is now deprecated. Private variables were always intended to be fully encapsulated within the module that defines them, and this helps enforce that encapsulation.

... (truncated)

Commits

• b8b35e8 Mark @​sass/types as public (#2653)
• 0b7d6d9 Empty commit
• 4e94339 Fix the release script for @sass/types (#2651)
• 710ef80 Switch to macos-15-intel runner (#2650)
• 307226a Publish a @sass/types package with the types of the shared JS API (#2639)
• edfe90d Fix crash when @​importing a Sass file that @​uses another file (#2599)
• 9360866 Bump actions/setup-node from 4 to 5 (#2643)
• 7737af5 Bump actions/setup-node from 4 to 5 in /.github/util/initialize (#2644)
• f7f0342 Fix bug with implicit configuration (#2642)
• ea9f7be Bump postcss from 8.5.5 to 8.5.6 in /pkg/sass-parser (#2607)
• Additional commits viewable in compare view

Updates start-server-and-test from 2.0.13 to 2.1.2

Release notes

Sourced from start-server-and-test's releases.

v2.1.2

2.1.2 (2025-09-19)

Bug Fixes

• deps: update dependency wait-on to v8.0.5 (#407) (e09a718)

v2.1.1

2.1.1 (2025-09-17)

Bug Fixes

• deps: update dependency debug to v4.4.3 (#406) (d0db7f6)

v2.1.0

2.1.0 (2025-09-04)

Features

• support axios proxy (#402) (b399fec)

Commits

• e09a718 fix(deps): update dependency wait-on to v8.0.5 (#407)
• d0db7f6 fix(deps): update dependency debug to v4.4.3 (#406)
• b399fec feat: support axios proxy (#402)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions