test(deps): bump the npm group across 1 directory with 3 updates

[dependabot]

Bumps the npm group with 3 updates in the / directory: @playwright/test, @types/node and playwright-bdd.

Updates @playwright/test from 1.59.1 to 1.60.0

Release notes

Sourced from @​playwright/test's releases.

v1.60.0

🌐 HAR recording on Tracing

tracing.startHar() / tracing.stopHar() expose HAR recording as a first-class tracing API, with the same content, mode and urlFilter options as recordHar. The returned Disposable makes it easy to scope a recording with await using:

await using har = await context.tracing.startHar('trace.har');
const page = await context.newPage();
await page.goto('https://playwright.dev');
// HAR is finalized when `har` goes out of scope.

🪝 Drop API

New locator.drop() simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches dragenter, dragover, and drop with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:

await page.locator('#dropzone').drop({
  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },
});
await page.locator('#dropzone').drop({
data: {
'text/plain': 'hello world',
'text/uri-list': 'https://example.com',
},
});

🎯 Aria snapshots

• expect(page).toMatchAriaSnapshot() now works on a Page, in addition to a Locator — equivalent to asserting against page.locator('body').
• New boxes option on locator.ariaSnapshot() / page.ariaSnapshot() appends each element's bounding box as [box=x,y,width,height], useful for AI consumption.

🛑 test.abort()

New test.abort() aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:

test('does not publish to the shared page', async ({ page }) => {
  await page.route('**/publish', route => {
    test.abort('Tests must not publish to the shared page. Use the `clone` option.');
    return route.abort();
  });
  // ...
});

New APIs

Browser, Context and Page

... (truncated)

Commits

• 87bb9dd cherry-pick(#40747): fix(yauzl): vendor yauzl with destroy-lifecycle fix
• 9a9c51c cherry-pick(#40733): chore(electron): revert #40184 (move Electron API to a s...
• 4b3b628 cherry-pick(#40736): Revert "feat(electron): add timeout option to electronAp...
• f869f96 chore: bump version to v1.60.0 (#40714)
• 7eb6918 cherry-pick(#40710): docs: release notes v1.60
• 118d2aa cherry-pick(#40693): chore(python): formdata path type
• 54012f5 chore(deps): bump ip-address and express-rate-limit (#40680)
• 9fa531d fix(screencast): unblock frame ack when an async client disconnects (#40674)
• 3649db5 chore(mcp): bump default extension protocol to v2 (#40678)
• bb6c009 chore(extension): mark 0.2.1 (#40679)
• Additional commits viewable in compare view

Updates @types/node from 25.6.0 to 25.8.0

Commits

• See full diff in compare view

Updates playwright-bdd from 8.5.0 to 8.5.1

Release notes

Sourced from playwright-bdd's releases.

Release 8.5.1

• fix: support Playwright 1.60+.

Changelog

Sourced from playwright-bdd's changelog.

[8.5.1] - 2026-05-12

• fix: support Playwright 1.60+.

Commits

• d9e94c2 update cucumber packages and fix tests
• 9fc0aa8 update minor deps
• ff62aec changelog
• dc330bd fix for pw 1.60
• 6f01e7f fix: validate used step definitions with strict Cucumber-compatible arity checks
• b6aed9f update docs
• 4e4aa1b final fixes
• 52f0610 Expose doc string media types
• 5ce2288 fix gitattributes on win
• 0779d5a add tests for step hooks
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edge ➔ ghcr.io/philips-software/amp-devcontainer-base:pr-1284

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	71.82 MB	71.82 MB	+60 B (+0%)	🔼
linux/arm64	70.12 MB	70.12 MB	256 B (0%)	🔽

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	23		0	0	0.26s
✅ DOCKERFILE	hadolint	3		0	0	0.21s
✅ JSON	npm-package-json-lint	yes		no	no	0.51s
✅ JSON	prettier	21	4	0	0	0.67s
✅ JSON	v8r	21		0	0	13.64s
✅ MARKDOWN	markdownlint	12	0	0	0	1.31s
✅ MARKDOWN	markdown-table-formatter	12	0	0	0	0.34s
✅ REPOSITORY	checkov	yes		no	no	26.65s
✅ REPOSITORY	gitleaks	yes		no	no	0.97s
✅ REPOSITORY	git_diff	yes		no	no	0.02s
✅ REPOSITORY	grype	yes		no	no	58.03s
✅ REPOSITORY	secretlint	yes		no	no	2.28s
✅ REPOSITORY	syft	yes		no	no	2.39s
✅ REPOSITORY	trivy	yes		no	no	13.19s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.5s
✅ REPOSITORY	trufflehog	yes		no	no	6.55s
⚠️ SPELL	lychee	83		1	0	21.66s
✅ YAML	prettier	31	0	0	0	1.37s
✅ YAML	v8r	31		0	0	13.97s
✅ YAML	yamllint	31		0	0	1.28s

Detailed Issues

⚠️ SPELL / lychee - 1 error

[IGNORED] docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62 | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....123
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/salesforce@v9.4.0 (58 linters)
• oxsecurity/megalinter/flavors/javascript@v9.4.0 (61 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-rust:edge ➔ ghcr.io/philips-software/amp-devcontainer-rust:pr-1284

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	468.63 MB	468.63 MB	+37 B (+0%)	🔼
linux/arm64	419.81 MB	419.81 MB	372 B (0%)	🔽

[github-actions]

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-cpp:edge ➔ ghcr.io/philips-software/amp-devcontainer-cpp:pr-1284

📈 Size Comparison Table

OS/Platform	Previous	Current	Change	Trend
linux/amd64	547.82 MB	547.82 MB	558 B (0%)	🔽
linux/arm64	527.01 MB	527.01 MB	+312 B (+0%)	🔼

[github-actions]

Test Results

 13 files  ±0   13 suites  ±0   23m 49s ⏱️ + 2m 41s
 33 tests ±0   33 ✅ ±0  0 💤 ±0  0 ❌ ±0 
137 runs  ±0  137 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 014495f. ± Comparison against base commit 2f093b6.

♻️ This comment has been updated with latest results.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

Pull Request Report (#1284)

Static measures

Description	Value
Number of added lines	27
Number of deleted lines	27
Number of changed files	2
Number of commits	2
Number of reviews	1
Number of comments (w/o review comments)	6
Number of reviews that contains a comment to resolve	0
Number of reviews that requested a change from the author	0
Number of reviews that approved the Pull Request	1
Get the total number of participants of a Pull Request	5

Time related measures

Description	Value
PR lead time (from creation to close of PR)	6.1 Days
Time that was spend on the branch before the PR was created	2 Sec
Time that was spend on the branch before the PR was merged	6.1 Days
Time to merge after last review	1 Days

Status check related measures

Description	Value
Total runtime for last status check run (Workflow for PR)	1.3 Hours
Total time spend in last status check run on PR	24 Min