chore(deps-dev): bump the dev-minor-patch group across 1 directory with 8 updates

[dependabot]

Bumps the dev-minor-patch group with 8 updates in the / directory:

Package	From	To
prettier-plugin-tailwindcss	0.7.2	0.8.0
@types/bun	1.3.12	1.3.14
fast-check	4.7.0	4.8.0
marked	18.0.2	18.0.3
prisma	7.7.0	7.8.0
@types/node	25.6.0	25.9.0
eslint	10.2.1	10.4.0
eslint-config-next	16.2.4	16.2.6

Updates prettier-plugin-tailwindcss from 0.7.2 to 0.8.0

Release notes

Sourced from prettier-plugin-tailwindcss's releases.

v0.8.0

Changed

• Require at least Prettier 3.7.x (#420)

Added

• Export public sorting APIs to /sorter (#438)

Fixed

• Remove top-level await (#420)
• Improve load-time performance (#420)
• Improve config resolution caching with directory-based cache (#432)
• Load compatible plugins on demand and tighten plugin detection (#437)
• Load v3/v4 modules only when needed (#439)
• Remove recast/ast-types deps and optimize dynamic JS attribute handling (#440)
• Remove unused deps (#441)
• Use the plugin that has already been imported rather than dynamically importing it again (#442)
• Skip visiting non-node children (#443)
• Optimize whitespace-only class detection (#429)
• Fix v3 config loading with Jiti re-exports (#448)
• Collapse whitespace in template literals with adjacent quasis (#427)
• Improve canCollapseWhitespaceIn handling for "tailwindPreserveWhitespace": true (#428)

v0.7.4

Same as v0.7.2, since v0.7.3 contained breaking changes.

v0.7.3

Changed

• Remove top-level await (#420)
• Improve load-time performance (#420)

Fixed

• Collapse whitespace in template literals with adjacent quasis (#427)

Changelog

Sourced from prettier-plugin-tailwindcss's changelog.

[0.8.0] - 2026-04-27

Changed

• Require at least Prettier 3.7.x (#420)

Added

• Export public sorting APIs to /sorter (#438)

Fixed

• Remove top-level await (#420)
• Improve load-time performance (#420)
• Improve config resolution caching with directory-based cache (#432)
• Load compatible plugins on demand and tighten plugin detection (#437)
• Load v3/v4 modules only when needed (#439)
• Remove recast/ast-types deps and optimize dynamic JS attribute handling (#440)
• Remove unused deps (#441)
• Use the plugin that has already been imported rather than dynamically importing it again (#442)
• Skip visiting non-node children (#443)
• Optimize whitespace-only class detection (#429)
• Fix v3 config loading with Jiti re-exports (#448)
• Collapse whitespace in template literals with adjacent quasis (#427)
• Improve canCollapseWhitespaceIn handling for "tailwindPreserveWhitespace": true (#428)

Commits

• f77532e 0.8.0
• 4815377 Update the changelog for recent PRs (#449)
• 0a7ddcb Fix insiders tags sometimes published to latest channel (#453)
• 8066e85 release on published event
• 3b0ed57 move --silent flag before the script
• f7d2598 0.7.3
• 9a51191 merge release.yml and release-insiders.yml
• 3997fbd Use explicit import() expressions in plugin load arrays for bundler compatibi...
• 125a8bc Fix v3 config loading with Jiti re-exports (#448)
• 2ac6e70 Enable minify: "dce-only in tsdown (#447)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for prettier-plugin-tailwindcss since your current version.

Updates @types/bun from 1.3.12 to 1.3.14

Commits

• See full diff in compare view

Updates fast-check from 4.7.0 to 4.8.0

Release notes

Sourced from fast-check's releases.

New arbitrary to chain in a loop fashion

[Code][Diff]

Features

• (PR#6678) Add chainUntil arbitrary for iterative chaining

Fixes

• (PR#6965) Bug: Restore ability not to use skipLibCheck
• (PR#6877) CI: Lowercase discussion_category_name to "announcements"
• (PR#6878) CI: Scope permissions of clean-caches
• (PR#6880) CI: Add PR-authoring guidance for Claude
• (PR#6887) CI: Delete CLAUDE.md
• (PR#6888) CI: Use tilde ranges for security dependency overrides
• (PR#6891) CI: Disable Renovate updates on pnpm overrides
• (PR#6899) CI: Scope Claude hooks to $CLAUDE_PROJECT_DIR
• (PR#6905) CI: Enable pnpm global virtual store
• (PR#6933) CI: Pin pnpm in npm install commands
• (PR#6932) CI: Grant discussions: write to release jobs
• (PR#6935) CI: Skip PR template check for dubzzz
• (PR#6937) CI: Mirror the repo to tangled
• (PR#6938) CI: Add missing runs-on for tangled
• (PR#6889) Doc: Add release notes for fast-check 4.7.0
• (PR#6900) Doc: Fix broken API reference links
• (PR#6844) Doc: Extract manual setup guide into dedicated page
• (PR#6845) Doc: Add index pages for documentation sections
• (PR#6918) Doc: Fix Documentation link to point to first doc page
• (PR#6939) Doc: Link to Tangled mirror of fast-check
• (PR#6934) Test: Tolerate \p{...} value drift in docs tests
• (PR#6951) Test: Fix poisoning tests for latest Node

---

Changelog

Sourced from fast-check's changelog.

4.8.0

New arbitrary to chain in a loop fashion [Code][Diff]

Features

• (PR#6678) Add chainUntil arbitrary for iterative chaining

Fixes

• (PR#6965) Bug: Restore ability not to use skipLibCheck
• (PR#6877) CI: Lowercase discussion_category_name to "announcements"
• (PR#6878) CI: Scope permissions of clean-caches
• (PR#6880) CI: Add PR-authoring guidance for Claude
• (PR#6887) CI: Delete CLAUDE.md
• (PR#6888) CI: Use tilde ranges for security dependency overrides
• (PR#6891) CI: Disable Renovate updates on pnpm overrides
• (PR#6899) CI: Scope Claude hooks to $CLAUDE_PROJECT_DIR
• (PR#6905) CI: Enable pnpm global virtual store
• (PR#6933) CI: Pin pnpm in npm install commands
• (PR#6932) CI: Grant discussions: write to release jobs
• (PR#6935) CI: Skip PR template check for dubzzz
• (PR#6937) CI: Mirror the repo to tangled
• (PR#6938) CI: Add missing runs-on for tangled
• (PR#6889) Doc: Add release notes for fast-check 4.7.0
• (PR#6900) Doc: Fix broken API reference links
• (PR#6844) Doc: Extract manual setup guide into dedicated page
• (PR#6845) Doc: Add index pages for documentation sections
• (PR#6918) Doc: Fix Documentation link to point to first doc page
• (PR#6939) Doc: Link to Tangled mirror of fast-check
• (PR#6934) Test: Tolerate \p{...} value drift in docs tests
• (PR#6951) Test: Fix poisoning tests for latest Node

---

Commits

• c0da76f 🔖 Update CHANGELOG.md for fast-check@4.8.0, @​fast-check/ava@​3.0.1 (#6967)
• df6f4c1 🐛 Restore ability not to use skipLibCheck (#6965)
• af612c5 ⬆️ Update dependency @​types/node to ^24.12.3 (#6952)
• 917dda4 ✅ Fix poisoning tests for latest Node (#6951)
• acb5c6f ✅ Tolerate \p{...} value drift in docs tests (#6934)
• 26cab19 ✨ Add chainUntil arbitrary for iterative chaining (#6678)
• 16f65f6 ⬆️ Update dependency oxlint to ^1.60.0 (#6856)
• 0a8ce9a ⬆️ Update dependency @​microsoft/api-extractor to ^7.58.7 (#6898)
• debb9b6 📝 Fix broken API reference links (#6900)
• 642e651 ⬆️ Update dependency typescript to ~6.0.3 (#6886)
• Additional commits viewable in compare view

Updates marked from 18.0.2 to 18.0.3

Release notes

Sourced from marked's releases.

v18.0.3

18.0.3 (2026-05-01)

Bug Fixes

• avoid task checkbox for setext heading text (#3960) (2608e81)

Commits

• e8dc395 chore(release): 18.0.3 [skip ci]
• 2608e81 fix: avoid task checkbox for setext heading text (#3960)
• dba76f6 chore(deps-dev): bump eslint from 10.2.0 to 10.2.1 (#3953)
• 015f1eb chore(deps-dev): bump typescript from 6.0.2 to 6.0.3 (#3954)
• 17c06e9 chore: fix building license for docs (#3952)
• 55a54b5 chore: Rename LICENSE.md to LICENSE for better compatibility with Bazel tooli...
• See full diff in compare view

Updates prisma from 7.7.0 to 7.8.0

Release notes

Sourced from prisma's releases.

7.8.0

Today, we are excited to share the 7.8.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

Highlights

ORM

Features

Prisma Client

• Added a queryPlanCacheMaxSize option to the PrismaClient constructor for fine-grained control over the query plan cache. Pass 0 to disable the cache entirely, or omit it to use the default cache size. A larger value can improve performance in applications that execute many unique queries, while a smaller one can reduce memory usage. (#29503)

Bug Fixes

Prisma Client

• Fixed an equality filter panic and incorrect ::jsonb cast when filtering on PostgreSQL JSON list columns. Queries using where: { jsonListField: { equals: [...] } }prisma/prisma-engines#5804
• Fixed case-insensitive JSON field filtering (mode: insensitive), allowing where: { jsonField: { equals: "...", mode: "insensitive" } }prisma/prisma-engines#5806
• Fixed incorrect parameterization of enum values that have a custom database name set via @map. (#29422)
• Fixed a database parameter limit check (P2029), which could incorrectly reject or miss over-limit queries. (#29422)
• Fixed a regression that caused missing SQL Server VARCHARprisma/prisma-engines#5801

Schema Engine

• Fixed a misleading error message in prisma migrate diff that referenced the --shadow-database-url CLI flag, which was removed in Prisma 7. (#29455)
• Fixed prisma migrate dev (and shadow database migration replay in general) failing with CREATE INDEX CONCURRENTLY cannot run inside a transaction blockprisma/prisma-engines#5799
• Fixed PostgreSQL introspection silently dropping sequence defaults when the database returns the schema-qualified form pg_catalog.nextval('sequence_name'::regclass) instead of the bare nextval(...). Columns backed by sequences now correctly appear as @default(autoincrement())prisma/prisma-engines#5802

Driver Adapters

• @​prisma/adapter-d1: Savepoint operations (createSavepoint, rollbackToSavepoint, releaseSavepoint) now silently no-op with debug logging instead of executing SQL statements, consistent with how the D1 adapter already treats top-level transactions. (#29499)

Open roles at Prisma

Interested in joining Prisma? We're growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our Careers page and find the role that's right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

Commits

• 5723406 fix(cli): route bootstrap telemetry to Prisma Web Properties project (#29473)
• See full diff in compare view

Updates @types/node from 25.6.0 to 25.9.0

Commits

• See full diff in compare view

Updates eslint from 10.2.1 to 10.4.0

Release notes

Sourced from eslint's releases.

v10.4.0

Features

• 1a45ec5 feat: check sequence expressions in for-direction (#20701) (kuldeep kumar)
• 450040b feat: add includeIgnoreFile() to eslint/config (#20735) (Kirk Waiblinger)

Bug Fixes

• 544c0c3 fix: escape code path DOT labels in debug output (#20866) (Pixel998)
• 6799431 fix: update dependency @​eslint/config-helpers to ^0.6.0 (#20850) (renovate[bot])
• f078fef fix: handle non-array deprecated rule replacements (#20825) (xbinaryx)

Documentation

• 7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869) (Pavel)
• db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865) (Kirk Waiblinger)
• 9084664 docs: Update README (GitHub Actions Bot)
• 9cc7387 docs: Update README (GitHub Actions Bot)
• 3d7b548 docs: Update README (GitHub Actions Bot)
• 191ec3c docs: Update README (GitHub Actions Bot)

Chores

• 6616856 chore: upgrade knip to v6 (#20875) (Pixel998)
• d13b084 ci: ensure auto-created PRs run CI (#20860) (lumir)
• e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862) (dependabot[bot])
• d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863) (kuldeep kumar)
• 24db8cb test: add tests for SuppressionsService.save() (#20802) (kuldeep kumar)
• 2ef0549 chore: update ecosystem plugins (#20857) (github-actions[bot])
• a429791 ci: remove eslint-webpack-plugin types integration test (#20668) (Milos Djermanovic)
• 9e37386 chore: replace recast with range approach in code-sample-minimizer (#20682) (Copilot)
• 0dd1f9f test: disable warning for vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER (#20845) (Francesco Trotta)
• 9da3c7b refactor: remove deprecated meta.language and migrate meta.dialects (#20716) (Pixel998)
• 2099ed1 refactor: add meta.defaultOptions to more rules, enable linting (#20800) (xbinaryx)
• f1dfbc9 chore: update ecosystem plugins (#20836) (github-actions[bot])
• c759413 ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 (#20843) (dependabot[bot])
• 5b817d6 test: add unit tests for lib/shared/ast-utils (#20838) (kuldeep kumar)
• 1c13ae3 test: add unit tests for lib/shared/severity (#20835) (kuldeep kumar)

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)

... (truncated)

Commits

• 452c401 10.4.0
• b6417e8 Build: changelog update for 10.4.0
• 6616856 chore: upgrade knip to v6 (#20875)
• d13b084 ci: ensure auto-created PRs run CI (#20860)
• 7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869)
• e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862)
• 544c0c3 fix: escape code path DOT labels in debug output (#20866)
• db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865)
• d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863)
• 9084664 docs: Update README
• Additional commits viewable in compare view

Updates eslint-config-next from 16.2.4 to 16.2.6

Release notes

Sourced from eslint-config-next's releases.

v16.2.6

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

• GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
• GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
• GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
• GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
• GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
• GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
• GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

• GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
• GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
• GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API
• GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses

Low:

• GHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting
• GHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned

Core Changes

• fix: preserve HTTP access fallbacks during prerender recovery (#92231)
• Fix fallback route params case in app-page handler (#91737)
• Fix invalid HTML response for route-level RSC requests in deployment adapter (#91541)
• Patch setHeader for direct route handlers (#93101)
• Include deployment id in cacheHandlers keys (#93453)
• Fix double-encoding of URL pathname parts in client param parsing (#93491)

v16.2.5

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

• GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
• GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
• GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
• GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
• GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades

... (truncated)

Commits

• ee6e79b v16.2.6
• 766148f v16.2.5
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for eslint-config-next since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions