Bump the workspace-deps group with 8 updates

[dependabot]

Bumps the workspace-deps group with 8 updates:

Package	From	To
eslint	10.2.1	10.3.0
typescript-eslint	8.59.0	8.59.1
astro	6.1.9	6.2.1
@astrojs/check	0.9.8	0.9.9
lighthouse	13.1.0	13.2.0
tinybench	6.0.0	6.0.1
zod	4.3.6	4.4.1
@google-cloud/bigquery	8.1.1	8.3.0

Updates eslint from 10.2.1 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
• 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
• 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
• 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
• 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
• f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
• a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
• 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
• b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
• 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

Commits

• 7889204 10.3.0
• 5b69b4f Build: changelog update for 10.3.0
• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
• b6ae5cf fix: handle unavailable require cache (#20812)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
• 379571a feat: add suggestions for no-unused-private-class-members (#20773)
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
• Additional commits viewable in compare view

Updates typescript-eslint from 8.59.0 to 8.59.1

Release notes

Sourced from typescript-eslint's releases.

v8.59.1

8.59.1 (2026-04-27)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-assertion] fix crash "TypeError: checker.getTypeArguments is not a function" (#12246)
• eslint-plugin: [no-unnecessary-type-assertion] preserve index signatures in undefined unions (#12257)
• eslint-plugin: [no-unnecessary-type-assertion] preserve phantom type arguments in generic inference (#12269)
• eslint-plugin: [no-unnecessary-type-assertion] avoid false positive in logical assignment assertions (#12278)
• eslint-plugin: [no-unnecessary-type-arguments] handle instantiation expressions (#12220)
• eslint-plugin: [no-unnecessary-condition] treat void as nullish in no-unnecessary-condition (#12241)

❤️ Thank You

• anasm266 @​anasm266
• Anshika Jain @​Anshikakalpana
• Ulrich Stark
• yugo innami @​nami8824

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.59.1 (2026-04-27)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• 5245793 chore(release): publish 8.59.1
• See full diff in compare view

Updates astro from 6.1.9 to 6.2.1

Release notes

Sourced from astro's releases.

astro@6.2.1

Patch Changes

• #16531 76db01d Thanks @​rodrigosdev! - Fixes config validation for omitted integrations fields with newer Zod versions.

• #16535 7df0fe4 Thanks @​rururux! - Fixed an issue where a warning was displayed when the server property was missing during config validation, even though it is not required.

• #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

astro@6.2.0

Minor Changes

• #16187 fe58071 Thanks @​gllmt! - Adds a waitUntil option to the RenderOptions so that adapters can forward runtime background-task hooks to Astro.

  When provided by an adapter, runtime cache providers receive context.waitUntil in CacheProvider.onRequest(), which allows background cache work such as stale-while-revalidate without blocking the response. The Cloudflare adapter now forwards ExecutionContext.waitUntil to this API.

• #16290 a49637a Thanks @​ViVaLaDaniel! - Ensures that server.allowedHosts (and vite.preview.allowedHosts) configuration is respected when using astro preview with the @astrojs/cloudflare adapter. This improves security by preventing DNS rebinding attacks when previewing Cloudflare builds locally.

• #15725 4108ec1 Thanks @​meyer! - Adds support for a new 'jsx' value for the compressHTML option. When set, whitespace is stripped using JSX whitespace rules instead of the default HTML compression strategy.

  // astro.config.mjs
  import { defineConfig } from 'astro/config';
  export default defineConfig({
  compressHTML: 'jsx',
  });

  In JSX, whitespaces never matter, as such, no amount of indentation, or newlines will not affect the rendered output. For instance, the following code:

  <div>
    <span>foo</span>
    <span>bar</span>
  </div>

  will be rendered as foobar, whereas with HTML whitespace rules, a space would be present between the words due to the newline and indentation between the tags.

• #16477 28fb3e1 Thanks @​ematipico! - Adds experimental support for configurable log handlers.

  This experimental feature provides better control over Astro's logging infrastructure by allowing users to replace the default console output with custom logging implementations (e.g., structured JSON). This is particularly useful for users using on-demand rendering and wishing to connect their log aggregation services, such as Kibana, Logstash, CloudWatch, Grafana, or Loki.

  By default, Astro provides three built-in log handlers (json, node, and console), but you can also create your own.

  JSON logging

... (truncated)

Changelog

Sourced from astro's changelog.

6.2.1

Patch Changes

• #16531 76db01d Thanks @​rodrigosdev! - Fixes config validation for omitted integrations fields with newer Zod versions.

• #16535 7df0fe4 Thanks @​rururux! - Fixed an issue where a warning was displayed when the server property was missing during config validation, even though it is not required.

• #16534 5cf6c51 Thanks @​matthewp! - Fixes compatibility with Zod 4.4.0 for the server config property and error formatting

6.2.0

Minor Changes

• #16187 fe58071 Thanks @​gllmt! - Adds a waitUntil option to the RenderOptions so that adapters can forward runtime background-task hooks to Astro.

  When provided by an adapter, runtime cache providers receive context.waitUntil in CacheProvider.onRequest(), which allows background cache work such as stale-while-revalidate without blocking the response. The Cloudflare adapter now forwards ExecutionContext.waitUntil to this API.

• #16290 a49637a Thanks @​ViVaLaDaniel! - Ensures that server.allowedHosts (and vite.preview.allowedHosts) configuration is respected when using astro preview with the @astrojs/cloudflare adapter. This improves security by preventing DNS rebinding attacks when previewing Cloudflare builds locally.

• #15725 4108ec1 Thanks @​meyer! - Adds support for a new 'jsx' value for the compressHTML option. When set, whitespace is stripped using JSX whitespace rules instead of the default HTML compression strategy.

  // astro.config.mjs
  import { defineConfig } from 'astro/config';
  export default defineConfig({
  compressHTML: 'jsx',
  });

  In JSX, whitespaces never matter, as such, no amount of indentation, or newlines will not affect the rendered output. For instance, the following code:

  <div>
    <span>foo</span>
    <span>bar</span>
  </div>

  will be rendered as foobar, whereas with HTML whitespace rules, a space would be present between the words due to the newline and indentation between the tags.

• #16477 28fb3e1 Thanks @​ematipico! - Adds experimental support for configurable log handlers.

  This experimental feature provides better control over Astro's logging infrastructure by allowing users to replace the default console output with custom logging implementations (e.g., structured JSON). This is particularly useful for users using on-demand rendering and wishing to connect their log aggregation services, such as Kibana, Logstash, CloudWatch, Grafana, or Loki.

  By default, Astro provides three built-in log handlers (json, node, and console), but you can also create your own.

... (truncated)

Commits

• cc02799 [ci] release (#16533)
• 5cf6c51 fix: Zod 4.4.0 compat for server config and error map (#16534)
• 7df0fe4 fix(astro): make server property correctly optional in config validation (#...
• 76db01d fix(config): update validation for omitted integrations fields with newer Z...
• 3af3543 [ci] release (#16512)
• b7916ef docs: improve readability of remotePattern section (#16508)
• 449b51d fix(test): type html minification properties (#16514)
• f832c3b fix: cloudflare allowed hosts test (#16513)
• b9a5b58 [ci] format
• 0f7c3c8 feat: svg optimizer (#16333)
• Additional commits viewable in compare view

Updates @astrojs/check from 0.9.8 to 0.9.9

Release notes

Sourced from @​astrojs/check's releases.

@​astrojs/check@​0.9.9

Patch Changes

• #16471 f56bb3f Thanks @​delucis! - Adds support for TypeScript v6 to peer dependencies range

• Updated dependencies [8c62159]:

  • @​astrojs/language-server@​2.16.7

Changelog

Sourced from @​astrojs/check's changelog.

0.9.9

Patch Changes

• #16471 f56bb3f Thanks @​delucis! - Adds support for TypeScript v6 to peer dependencies range

• Updated dependencies [8c62159]:

  • @​astrojs/language-server@​2.16.7

Commits

• c1f2e4f [ci] release (#16467)
• f56bb3f Widen typescript peer dependency range to allow v6 (#16471)
• 184700c fix(deps): update language tools (#16230)
• 88fcc98 fix integrations links across docs (#16098)
• b9e96da fix(deps): update dependency vitest to v4 (#15372)
• See full diff in compare view

Updates lighthouse from 13.1.0 to 13.2.0

Changelog

Sourced from lighthouse's changelog.

13.2.0 (2026-04-30)

Full Changelog

We expect this release to ship in the DevTools of Chrome 150, and to PageSpeed Insights within 2 weeks.

New contributors

Thanks to our new contributors 👽🐷🐰🐯🐻!

• ducky-duke @​ducky-duke
• Simon Zünd @​szuend

New Audits

• webmcp-form-coverage: add audit for missing webmcp tool annotations (#16964)
• webmcp-registered-tools: add audit to list registered webmcp tools (#16959)
• webmcp-schema-validity: add audit to check WebMCP schema issues (#16973)

Core

• implement UKM Invalidate fallback for LCP (#16956)
• agentic: add new agentic browsing category (#16953)
• agentic_category: add disclaimer to category description (#16990)
• config: aggregate agent accessabilty audits (#16982)
• config: update llms.txt to refine validation logic (#16986)
• config: implement llms.txt check for AI agents (#16970)
• config: move specific accessibility audits to default config (#16966)
• config: enable and add new axe audits for agentic category (#16965)
• config: add accessibility audits to agentic-browsing-config (#16963)
• source-maps: guard against out-of-bounds sourceIndex (#16969)
• webmcp: adjust how webmcp audits handle lack of WebMCP support (#16987)

Report

• create agentic-browsing sample report (#16988)

Deps

• upgrade deps (#16992)
• upgrade web-features to 3.24.0 (#16977)
• upgrade trace_engine to 0.0.64 (#16955)

Docs

• release: fix heading style (#16989)
• release: update release docs and scripts (#16954)

Misc

• prepare devtools build for TS6 upgrade (#16968)

... (truncated)

Commits

• a160d34 v13.2.0 (#16994)
• 2caf7c2 deps: upgrade deps (#16992)
• dd652bf core(webmcp): adjust how webmcp audits handle lack of WebMCP support (#16987)
• 0381a81 core(agentic_category): add disclaimer to category description (#16990)
• 9f10dd4 docs(release): fix heading style (#16989)
• fa25485 core(config): aggregate agent accessabilty audits (#16982)
• ebddc17 report: create agentic-browsing sample report (#16988)
• 4b9a592 core(config): update llms.txt to refine validation logic (#16986)
• 0d0e3c4 misc(build): include license.md in bundle (#16981)
• bdcfdc7 misc(build): update devtools for agents bundle and tests (#16980)
• Additional commits viewable in compare view

Updates tinybench from 6.0.0 to 6.0.1

Release notes

Sourced from tinybench's releases.

v6.0.1

   🐞 Bug Fixes

• Make eslint works again  -  by @​jerome-benoit (6c3ab)
• Use the same signature when implementing BenchLike  -  by @​sheremet-va in tinylibs/tinybench#541 (5a123)

    View changes on GitHub

Commits

• 562ed45 chore: release v6.0.1
• 4724e19 chore(deps): lock file maintenance (#540)
• 5a12342 fix: use the same signature when implementing BenchLike (#541)
• d0cb651 chore(deps): update dependency @​commitlint/cli to ^20.5.2 (#539)
• e7adb04 chore(deps): update all non-major dependencies (#538)
• 5eb6c46 chore(deps): lock file maintenance (#536)
• 6e8d9ed chore(deps): update dependency eslint-plugin-perfectionist to ^5.9.0 (#535)
• 0e1b94f chore(deps): update all non-major dependencies (#534)
• e0cadf8 chore(deps): lock file maintenance (#532)
• 99989fb chore(deps): update all non-major dependencies (#533)
• Additional commits viewable in compare view

Updates zod from 4.3.6 to 4.4.1

Release notes

Sourced from zod's releases.

v4.4.1

Commits:

• 481f7be4238c83ed58183f921b2646f340a91c6a ci: gate release publishing on full test workflow
• 95ccab423aec720b2523c3a64cdc7e3204537cc7 test(v3): restore optional undefined expectations
• cede2c63739a5823d6aa5093d291e9a111da943d fix(v4): reject tuple holes before required defaults (#5900)
• edd0bf0f5ada4a8dc581c259407d7bbad0a71ea7 release: 4.4.1
• 180d83d1dbe6a59260710cc8637a3dea2281ee56 docs: remove Jazz featured sponsor

v4.4.0

4.4.0

This is a minor release with a wide set of correctness and soundness fixes. Some fixes intentionally make Zod stricter, so code that depended on previously accepted invalid or ambiguous inputs may need small updates.

Potentially breaking bug fixes

Tuple defaults now materialize output values correctly

Fixed in #5661. Tuple parsing now more accurately reflects defaults, optional tails, explicit undefined, and under-filled inputs. The headline behavior is that defaults in tuple positions now properly appear in parsed output.

const schema = z.tuple([
  z.string(),
  z.string().default("fallback"),
]);
schema.parse(["a"]);
// ["a", "fallback"]

Trailing optional elements that are absent still stay absent; they are not filled with undefined.

const schema = z.tuple([
  z.string(),
  z.string().optional(),
]);
schema.parse(["a"]);
// ["a"]

But explicit undefined values supplied by the caller are preserved.

schema.parse(["a", undefined]);
// ["a", undefined]

When optional elements appear before later defaults, the parsed tuple is now dense so array operations behave predictably.

... (truncated)

Commits

• 180d83d docs: remove Jazz featured sponsor
• edd0bf0 release: 4.4.1
• cede2c6 fix(v4): reject tuple holes before required defaults (#5900)
• 95ccab4 test(v3): restore optional undefined expectations
• 481f7be ci: gate release publishing on full test workflow
• d05f026 release: 4.4.0
• f778e02 build: bump zshy for JSR wildcard exports
• 6db607b fix(release): keep JSR manifest publishable
• ad0b827 ci: update release workflow for trusted publishing
• b6066b3 fix(v4): align object and tuple optionality handling (#5661)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for zod since your current version.

Updates @google-cloud/bigquery from 8.1.1 to 8.3.0

Release notes

Sourced from @​google-cloud/bigquery's releases.

bigquery: v8.2.0

8.2.0 (2026-02-19)

Features

• Add high precision TIMESTAMP values for queries (#7147) (bea42b2)

Changelog

Sourced from @​google-cloud/bigquery's changelog.

8.3.0 (2026-04-09)

Features

• bigquery: Allow the user to ask for skipping parsing rows when querying (#7848) (e500d40)

Bug Fixes

• Unblock the releases on Node Bigquery (#7946) (7fad2f6)

8.2.0 (2026-02-19)

Features

• Add high precision TIMESTAMP values for queries (#7147) (bea42b2)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[cloudflare-workers-and-pages]

Deploying framework-tracker with    Cloudflare Pages

Latest commit:	8d7933a
Status:	✅  Deploy successful!
Preview URL:	https://116bb33d.framework-tracker.pages.dev
Branch Preview URL:	https://dependabot-npm-and-yarn-work-04ze.framework-tracker.pages.dev

View logs