Skip to content

deps: bump the npm-minor-patch group with 2 updates#176

Merged
arespawn merged 3 commits into
mainfrom
dependabot/npm_and_yarn/npm-minor-patch-cdb6e86ca8
Feb 25, 2026
Merged

deps: bump the npm-minor-patch group with 2 updates#176
arespawn merged 3 commits into
mainfrom
dependabot/npm_and_yarn/npm-minor-patch-cdb6e86ca8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 25, 2026
edited
Loading

Bumps the npm-minor-patch group with 2 updates: pino-pretty and esbuild.

Updates pino-pretty from 13.1.2 to 13.1.3

Release notes

Sourced from pino-pretty's releases.

v13.1.3

What's Changed

New Contributors

Full Changelog: pinojs/pino-pretty@v13.1.2...v13.1.3

Commits
  • 08425cd v13.1.3
  • 6afb524 fix: messageFormat print 0 value (#635)
  • 70c73ea build(deps): bump fast-copy from 3.0.2 to 4.0.0 (#637)
  • 2cd9794 build(deps): bump actions/checkout from 5 to 6 (#636)
  • c06e276 Update format-time.js documentation to match functionality (#632)
  • 47ffb45 build(deps): bump pino-abstract-transport from 2.0.0 to 3.0.0 (#629)
  • 932af85 build(deps-dev): bump pino from 9.14.0 to 10.1.0 (#628)
  • 6d48318 build(deps-dev): bump borp from 0.20.2 to 0.21.0 (#627)
  • 3b89a0c build(deps): bump actions/setup-node from 4 to 6 (#626)
  • ab0ccab Add in the README file a snippet to use pino-pretty only for dev (#623)
  • See full diff in compare view

Updates esbuild from 0.25.12 to 0.27.3

Release notes

Sourced from esbuild's releases.

v0.27.3

  • Preserve URL fragments in data URLs (#4370)

    Consider the following HTML, CSS, and SVG:

    • index.html:

      <!DOCTYPE html>
<html>
  <head><link rel="stylesheet" href="icons.css"></head>
  <body><div class="triangle"></div></body>
</html>

    • icons.css:

      .triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url(./triangle.svg#x);
}

    • triangle.svg:

      <svg xmlns="http://www.w3.org/2000/svg">
  <defs>
    <clipPath id="x">
      <path d="M0 0H10V10Z"/>
    </clipPath>
  </defs>
</svg>

    The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

    /* icons.css */
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
}

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.27.3

  • Preserve URL fragments in data URLs (#4370)

    Consider the following HTML, CSS, and SVG:

    • index.html:

      <!DOCTYPE html>
<html>
  <head><link rel="stylesheet" href="icons.css"></head>
  <body><div class="triangle"></div></body>
</html>

    • icons.css:

      .triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url(./triangle.svg#x);
}

    • triangle.svg:

      <svg xmlns="http://www.w3.org/2000/svg">
  <defs>
    <clipPath id="x">
      <path d="M0 0H10V10Z"/>
    </clipPath>
  </defs>
</svg>

    The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

    /* icons.css */
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
}

... (truncated)

Commits
  • 9129e00 publish 0.27.3 to npm
  • e20e411 small fix to release notes
  • 0dc0f2d fix #4322: parse and print CSS @scope rules
  • 55fe391 update firefox css gradient support
  • 2c35297 update gradient lowering transform
  • 9209e44 Update Go to 1.25.7 (#4388)
  • e8d861b close #4374: compat table for the using feature
  • 19b8887 no longer need williamkapke/node-compat-table
  • 7e44218 the kangax/compat-table repo moved to a new url
  • 23b9338 run make update-compat-table
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for esbuild since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Feb 25, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot
deps: bump the npm-minor-patch group with 2 updates
b41fcb6 
Bumps the npm-minor-patch group with 2 updates: [pino-pretty](https://github.com/pinojs/pino-pretty) and [esbuild](https://github.com/evanw/esbuild).


Updates `pino-pretty` from 13.1.2 to 13.1.3
- [Release notes](https://github.com/pinojs/pino-pretty/releases)
- [Commits](pinojs/pino-pretty@v13.1.2...v13.1.3)

Updates `esbuild` from 0.25.12 to 0.27.3
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.25.12...v0.27.3)

---
updated-dependencies:
- dependency-name: pino-pretty
  dependency-version: 13.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-minor-patch
- dependency-name: esbuild
  dependency-version: 0.27.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm-minor-patch-cdb6e86ca8 branch from c8ecb10 to b41fcb6 Compare February 25, 2026 08:24
@arespawn arespawn self-requested a review February 25, 2026 08:28
@arespawn arespawn enabled auto-merge February 25, 2026 08:37
@arespawn arespawn merged commit 588f030 into main Feb 25, 2026
4 checks passed
@arespawn arespawn deleted the dependabot/npm_and_yarn/npm-minor-patch-cdb6e86ca8 branch February 25, 2026 08:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arespawn arespawn arespawn approved these changes

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arespawn