chore(deps): bump the patch-updates group across 1 directory with 7 updates

[dependabot]

Bumps the patch-updates group with 7 updates in the / directory:

Package	From	To
@hono/node-server	1.19.9	1.19.11
eslint	10.0.2	10.0.3
eslint-plugin-import-x	4.16.1	4.16.2
turbo	2.8.12	2.8.17
sql.js	1.14.0	1.14.1
fumadocs-mdx	14.2.9	14.2.10
postcss	8.5.6	8.5.8

Updates @hono/node-server from 1.19.9 to 1.19.11

Release notes

Sourced from @​hono/node-server's releases.

v1.19.11

What's Changed

• fix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by @​usualoma in honojs/node-server#309

Full Changelog: honojs/node-server@v1.19.10...v1.19.11

v1.19.10

Security Fix

Fixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (%2F handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.

See GHSA-wc8c-qw6v-h7f6 for details.

Commits

• ecd4d6b 1.19.11
• c944899 fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...
• 2f8ca36 1.19.10
• 455015b Merge commit from fork
• cc05c48 chore: add benchmark for comparing with npm and local (dev) (#305)
• 58c4412 chore: Adding LICENSE file with MIT license referenced in README.md (#297)
• b1daa4c docs(readme): add @​usualoma as an author (#300)
• See full diff in compare view

Updates eslint from 10.0.2 to 10.0.3

Release notes

Sourced from eslint's releases.

v10.0.3

Bug Fixes

• e511b58 fix: update eslint (#20595) (renovate[bot])
• f4c9cf9 fix: include variable name in no-useless-assignment message (#20581) (sethamus)
• ee9ff31 fix: update dependency minimatch to ^10.2.4 (#20562) (Milos Djermanovic)

Documentation

• 9fc31b0 docs: Update README (GitHub Actions Bot)
• 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570) (DesselBane)
• 23b2759 docs: add v10 migration guide link to Use docs index (#20577) (Pixel998)
• 80259a9 docs: Remove deprecated eslintrc documentation files (#20472) (Copilot)
• 9b9b4ba docs: fix typo in no-await-in-loop documentation (#20575) (Pixel998)
• e7d72a7 docs: document TypeScript 5.3 minimum supported version (#20547) (sethamus)

Chores

• ef8fb92 chore: package.json update for eslint-config-eslint release (Jenkins)
• e8f2104 chore: updates for v9.39.4 release (Jenkins)
• 5cd1604 refactor: simplify isCombiningCharacter helper (#20524) (Huáng Jùnliàng)
• 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586) (Milos Djermanovic)
• e32df71 chore: update eslint-plugin-eslint-comments, remove legacy-peer-deps (#20576) (Milos Djermanovic)
• 53ca6ee chore: disable eslint-comments/no-unused-disable rule (#20578) (Milos Djermanovic)
• e121895 ci: pin Node.js 25.6.1 (#20559) (Milos Djermanovic)
• efc5aef chore: update tsconfig.json in eslint-config-eslint (#20551) (Francesco Trotta)

Commits

• bfce7ea 10.0.3
• d44ced8 Build: changelog update for 10.0.3
• e511b58 fix: update eslint (#20595)
• ef8fb92 chore: package.json update for eslint-config-eslint release
• e8f2104 chore: updates for v9.39.4 release
• 5cd1604 refactor: simplify isCombiningCharacter helper (#20524)
• 9fc31b0 docs: Update README
• 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586)
• f4c9cf9 fix: include variable name in no-useless-assignment message (#20581)
• 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570)
• Additional commits viewable in compare view

Updates eslint-plugin-import-x from 4.16.1 to 4.16.2

Release notes

Sourced from eslint-plugin-import-x's releases.

v4.16.2

Patch Changes

• #457 1da4043 Thanks @​SukkaW! - Make the no-unused-modules rule no-op on ESLint 10 or later for now before we can implement an alternative. A warning message about this behavior is added, and can be suppressed with the new suppressMissingFileEnumeratorAPIWarning rule option (import-x/no-unused-modules: ['error', { suppressMissingFileEnumeratorAPIWarning: true }]).

• #450 a51be0f Thanks @​andrewgaun! - fix(deps): Bumping minimatch 10 version to avoid dependency with a critical vulnerability

  Updating the minimum minimatch 10 version to 10.1.2 which updates a dependency (@​isaacs/brace-expansion) with a critical vulnerability. See GHSA-7h2j-956f-4vf2

• #466 b669aca Thanks @​SukkaW! - Make eslint-plugin-import-x compatible with ESLint's defineConfig

• #434 a3aae61 Thanks @​stepankuzmin! - fix(deps): replace type-fest with @​package-json/types

  PackageJson types are imported in published declaration files (lib/rules/no-extraneous-dependencies.d.ts and lib/utils/read-pkg-up.d.ts), which causes TypeScript compilation errors for consumers who don't have skipLibCheck enabled. Replacing type-fest with the smaller @​package-json/types package ensures the types are available to all consumers while reducing bundle size.

• #458 60312ee Thanks @​SukkaW! - Bump peer deps version range to include ESLint 10 support

• #443 b416a8a Thanks @​baevm! - consistent-type-specifier-style: Add exception for TS resolution-mode import attributes

• #454 d3f8d67 Thanks @​SukkaW! - First step toward ESLint 10 support:

  • sourceType determination now prefers context.languageOptions when possible
  • Ensure context.parserOptions no longer results in crashes with ESLint 10
  • Merge getParser and getParserPath implementations into one getParserOrPath

• #406 d0a7816 Thanks @​marcalexiei! - fix(package): remove config and rules exports pointing to empty files

Changelog

Sourced from eslint-plugin-import-x's changelog.

4.16.2

Patch Changes

• #457 1da4043 Thanks @​SukkaW! - Make the no-unused-modules rule no-op on ESLint 10 or later for now before we can implement an alternative. A warning message about this behavior is added, and can be suppressed with the new suppressMissingFileEnumeratorAPIWarning rule option (import-x/no-unused-modules: ['error', { suppressMissingFileEnumeratorAPIWarning: true }]).

• #450 a51be0f Thanks @​andrewgaun! - fix(deps): Bumping minimatch 10 version to avoid dependency with a critical vulnerability

  Updating the minimum minimatch 10 version to 10.1.2 which updates a dependency (@​isaacs/brace-expansion) with a critical vulnerability. See GHSA-7h2j-956f-4vf2

• #466 b669aca Thanks @​SukkaW! - Make eslint-plugin-import-x compatible with ESLint's defineConfig

• #434 a3aae61 Thanks @​stepankuzmin! - fix(deps): replace type-fest with @​package-json/types

  PackageJson types are imported in published declaration files (lib/rules/no-extraneous-dependencies.d.ts and lib/utils/read-pkg-up.d.ts), which causes TypeScript compilation errors for consumers who don't have skipLibCheck enabled. Replacing type-fest with the smaller @​package-json/types package ensures the types are available to all consumers while reducing bundle size.

• #458 60312ee Thanks @​SukkaW! - Bump peer deps version range to include ESLint 10 support

• #443 b416a8a Thanks @​baevm! - consistent-type-specifier-style: Add exception for TS resolution-mode import attributes

• #454 d3f8d67 Thanks @​SukkaW! - First step toward ESLint 10 support:

  • sourceType determination now prefers context.languageOptions when possible
  • Ensure context.parserOptions no longer results in crashes with ESLint 10
  • Merge getParser and getParserPath implementations into one getParserOrPath

• #406 d0a7816 Thanks @​marcalexiei! - fix(package): remove config and rules exports pointing to empty files

Commits

• 69ddbba chore: release eslint-plugin-import-x (#407)
• b669aca fix(#421): defineConfig compatible (#466)
• 60312ee chore: prepare for ESLint 10 more (#458)
• 1da4043 refactor: make no-unused-modules no-op on ESLint 10 or later (#457)
• d801fd7 docs: remove SublimeLinter-eslint mention in README (#432)
• 1909953 chore(deps): update dependency minimatch to v9.0.8 [security] (#460)
• b416a8a fix: consistent-type-specifier-style with prefer-inline and TS resolution...
• a51be0f chore(deps): bumping minimatch 10 to 10.1.2 to avoid dependencies with cr...
• d3f8d67 refactor: first step toward ESLint 10 support (#454)
• a3aae61 fix(deps): replace type-fest w/ @package-json/types (#434)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-import-x since your current version.

Updates turbo from 2.8.12 to 2.8.17

Release notes

Sourced from turbo's releases.

Turborepo v2.8.17

Full Changelog: vercel/turborepo@v2.8.17-canary.16...v2.8.17

Turborepo v2.8.17-canary.16

What's Changed

create-turbo

• fix: Remove redundant online check from create-turbo by @​anthonyshew in vercel/turborepo#12281

Full Changelog: vercel/turborepo@v2.8.17-canary.15...v2.8.17-canary.16

Turborepo v2.8.17-canary.15

What's Changed

Changelog

• fix: Fix non-deterministic hashOfExternalDependencies with Bun lockfiles by @​anthonyshew in vercel/turborepo#12279

Full Changelog: vercel/turborepo@v2.8.17-canary.14...v2.8.17-canary.15

Turborepo v2.8.17-canary.14

What's Changed

create-turbo

• fix: Replace dns.lookup with https.get for create-turbo online check by @​anthonyshew in vercel/turborepo#12277

Full Changelog: vercel/turborepo@v2.8.17-canary.13...v2.8.17-canary.14

Turborepo v2.8.17-canary.13

What's Changed

Changelog

• feat: Use task graph for watch by @​anthonyshew in vercel/turborepo#12275
• fix: Use BTreeMap for bundled_deps in bun PackageIndex by @​anthonyshew in vercel/turborepo#12266

Full Changelog: vercel/turborepo@v2.8.17-canary.12...v2.8.17-canary.13

Turborepo v2.8.17-canary.12

... (truncated)

Commits

• fd0e0f6 publish 2.8.17 to registry
• c921a26 release(turborepo): 2.8.17-canary.16 (#12282)
• 766dad4 fix: Remove redundant online check from create-turbo (#12281)
• 8fb7673 release(turborepo): 2.8.17-canary.15 (#12280)
• bb1e1da fix: Fix non-deterministic hashOfExternalDependencies with Bun lockfiles (#12...
• 85719d6 release(turborepo): 2.8.17-canary.14 (#12278)
• 9b69f8c fix: Replace dns.lookup with https.get for create-turbo online check (#12277)
• 5677b17 release(turborepo): 2.8.17-canary.13 (#12276)
• d1833fa fix: Use BTreeMap for bundled_deps in bun PackageIndex (#12266)
• 29bf4a5 feat: Use task graph for watch (#12275)
• Additional commits viewable in compare view

Updates sql.js from 1.14.0 to 1.14.1

Commits

• 8088a68 Fix browser bundle (#625)
• ee29605 Update devcontainer + migrate linting to ESLint 10 (#623)
• d58d741 sqlite 3.45.2 (#581)
• See full diff in compare view

Updates fumadocs-mdx from 14.2.9 to 14.2.10

Release notes

Sourced from fumadocs-mdx's releases.

fumadocs-mdx@14.2.10

Patch Changes

• c2678c0: Improve llms.txt generation via remark-llms plugin
• Updated dependencies [c2678c0]
• Updated dependencies [417f07a]
• Updated dependencies [bb07706]
• Updated dependencies [f065406]
  • fumadocs-core@16.6.17

Commits

• 89b7750 Version Packages (#3102)
• 9c56f6d Base UI: fix types
• c2678c0 MDX: Improve llms.txt generation via remark-llms plugin
• c3a723e UI: fix codeblock RSC highlighting
• c8a7612 format
• 04bd349 Chore: Migrate to Vite 8
• 8b3179f Content: output as collection pack
• 417f07a Core: Expose Markdown stringifier
• f065406 Core & Content: support fuma-content integration
• 14ab30e Chore: Update sponsors page
• Additional commits viewable in compare view

Updates postcss from 8.5.6 to 8.5.8

Release notes

Sourced from postcss's releases.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Changelog

Sourced from postcss's changelog.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Commits

• 65de537 Release 8.5.8 version
• b2c6d97 Run git hook register
• 0ae0a49 Update Processor#version
• 6ee9f14 Release 8.5.7 version
• 3fbc951 Fix uvu Node.js 25 support
• 52db53e Update dependencies
• 497daef Speed up source map annotation cleaning by moving from RegExp
• 41e739a Remove banner
• 1329142 chore: speed up space-only string check in lib/parser.js (#2064)
• 23beff9 Update dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
objectos	Ready	Preview, Comment	Mar 16, 2026 2:18am
objectos-demo	Error		Mar 16, 2026 2:18am