Bump the npm-development group across 1 directory with 6 updates

[dependabot]

Bumps the npm-development group with 6 updates in the / directory:

Package	From	To
@github/local-action	7.0.0	7.0.1
@rollup/plugin-commonjs	29.0.0	29.0.2
@types/node	25.2.3	25.6.0
globals	17.3.0	17.4.0
prettier	3.8.1	3.8.2
rollup	4.57.1	4.60.1

Updates @github/local-action from 7.0.0 to 7.0.1

Release notes

Sourced from @​github/local-action's releases.

v7.0.1

What's Changed

• Build(deps): Bump lodash from 4.17.21 to 4.17.23 by @​dependabot[bot] in github/local-action#251
• Build(deps): Bump fast-xml-parser from 5.3.3 to 5.3.5 by @​dependabot[bot] in github/local-action#257
• Build(deps-dev): Bump the npm-development group across 1 directory with 5 updates by @​dependabot[bot] in github/local-action#259
• Build(deps): Bump comment-json from 4.4.1 to 4.5.1 by @​dependabot[bot] in github/local-action#256
• Build(deps): Bump the npm-production group across 1 directory with 2 updates by @​dependabot[bot] in github/local-action#258
• Build(deps): Bump fast-xml-parser from 5.3.5 to 5.3.6 by @​dependabot[bot] in github/local-action#260
• Update ESLint and remove outdated dependencies by @​ncalteen in github/local-action#261

Full Changelog: github/local-action@v7.0.0...v7.0.1

Commits

• See full diff in compare view

Updates @rollup/plugin-commonjs from 29.0.0 to 29.0.2

Changelog

Sourced from @​rollup/plugin-commonjs's changelog.

v29.0.2

2026-03-06

Bugfixes

• commonjs: conditional exports (#1952)

v29.0.1

2026-03-05

Bugfixes

• commonjs: correctly replaces shorthand "global" property in object (#1957)

Commits

• 2de0d62 chore(release): commonjs v29.0.2
• ab65325 fix(commonjs): conditional exports (#1952)
• 7d22981 chore(repo): add rollup-plugin keyword in package.json (#1955)
• a79ae55 chore(release): commonjs v29.0.1
• bb41cfd chore(release): commonjs v29.0.1
• 14ae186 fix(commonjs): correctly replaces shorthand "global" property in object (#1957)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​rollup/plugin-commonjs since your current version.

Updates @types/node from 25.2.3 to 25.6.0

Commits

• See full diff in compare view

Updates globals from 17.3.0 to 17.4.0

Release notes

Sourced from globals's releases.

v17.4.0

• Update globals (2026-03-01) (#338) d43a051

---

sindresorhus/globals@v17.3.0...v17.4.0

Commits

• a9cfd74 17.4.0
• d43a051 Update globals (2026-03-01) (#338)
• See full diff in compare view

Updates prettier from 3.8.1 to 3.8.2

Release notes

Sourced from prettier's releases.

3.8.2

• Support Angular v21.2

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.2

diff

Angular: Support Angular v21.2 (#18722, #19034 by @​fisker)

Exhaustive typechecking with @default never;

<!-- Input -->
@switch (foo) {
  @case (1) {}
  @default never;
}
<!-- Prettier 3.8.1 -->
SyntaxError: Incomplete block "default never". If you meant to write the @ character, you should use the "&#64;" HTML entity instead. (3:3)
<!-- Prettier 3.8.2 -->
@​switch (foo) {
@​case (1) {}
@​default never;
}

arrow function and instanceof expressions.

<!-- Input -->
@let fn = (a) =>        a?    1:2;
{{ fn ( a         instanceof b)}}
<!-- Prettier 3.8.1 -->
@​let fn = (a) =>        a?    1:2;
{{ fn ( a         instanceof b)}}
<!-- Prettier 3.8.2 -->
@​let fn = (a) => (a ? 1 : 2);
{{ fn(a instanceof b) }}

Commits

• b31557c Release 3.8.2
• 96bbaed Support Angular v21.2 (#18722)
• 881360b Support default never in Angular v21.2 (#19034)
• 07d6724 Bump Prettier dependency to 3.8.1
• 8b4a53a Clean changelog_unreleased
• See full diff in compare view

Updates rollup from 4.57.1 to 4.60.1

Release notes

Sourced from rollup's releases.

v4.60.1

4.60.1

2026-03-30

Bug Fixes

• Resolve a situation where side effect imports could be dropped due to a caching issue (#6286)

Pull Requests

• #6286: fix: skip dropping side-effects on namespaceReexportsByName cache hit (#6274) (@​littlegrayss, @​TrickyPi)
• #6317: chore(deps): pin dependencies (@​renovate[bot], @​lukastaegert)
• #6318: chore(deps): update msys2/setup-msys2 digest to cafece8 (@​renovate[bot], @​lukastaegert)
• #6319: chore(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6320: chore(deps): pin dependency typescript to v5 (@​renovate[bot], @​lukastaegert)
• #6321: chore(deps): update openharmony-rs/setup-ohos-sdk action to v1 (@​renovate[bot], @​lukastaegert)
• #6322: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #6323: chore(deps): lock file maintenance (@​renovate[bot])
• #6324: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)

v4.60.0

4.60.0

2026-03-22

Features

• Support source phase imports as long as they are external (#6279)

Pull Requests

• #6279: feat: external only Source Phase imports support (@​guybedford, @​lukastaegert)

v4.59.1

4.59.1

2026-03-21

Bug Fixes

• Fix a crash when using lazy dynamic imports with moduleSideEffects:false (#6306)

Pull Requests

• #6281: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6282: chore(deps): update github artifact actions (major) (@​renovate[bot], @​lukastaegert)
• #6283: chore(deps): update dependency nyc to v18 (@​renovate[bot], @​lukastaegert)
• #6284: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #6285: chore(deps): lock file maintenance (@​renovate[bot])

... (truncated)

Changelog

Sourced from rollup's changelog.

4.60.1

2026-03-30

Bug Fixes

• Resolve a situation where side effect imports could be dropped due to a caching issue (#6286)

Pull Requests

• #6286: fix: skip dropping side-effects on namespaceReexportsByName cache hit (#6274) (@​littlegrayss, @​TrickyPi)
• #6317: chore(deps): pin dependencies (@​renovate[bot], @​lukastaegert)
• #6318: chore(deps): update msys2/setup-msys2 digest to cafece8 (@​renovate[bot], @​lukastaegert)
• #6319: chore(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6320: chore(deps): pin dependency typescript to v5 (@​renovate[bot], @​lukastaegert)
• #6321: chore(deps): update openharmony-rs/setup-ohos-sdk action to v1 (@​renovate[bot], @​lukastaegert)
• #6322: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #6323: chore(deps): lock file maintenance (@​renovate[bot])
• #6324: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)

4.60.0

2026-03-22

Features

• Support source phase imports as long as they are external (#6279)

Pull Requests

• #6279: feat: external only Source Phase imports support (@​guybedford, @​lukastaegert)

4.59.1

2026-03-21

Bug Fixes

• Fix a crash when using lazy dynamic imports with moduleSideEffects:false (#6306)

Pull Requests

• #6281: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6282: chore(deps): update github artifact actions (major) (@​renovate[bot], @​lukastaegert)
• #6283: chore(deps): update dependency nyc to v18 (@​renovate[bot], @​lukastaegert)
• #6284: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #6285: chore(deps): lock file maintenance (@​renovate[bot])
• #6290: chore(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6291: chore(deps): update dependency @​shikijs/vitepress-twoslash to v4 (@​renovate[bot])
• #6292: chore(deps): lock file maintenance (@​renovate[bot])

... (truncated)

Commits

• ae871d7 4.60.1
• 51f8f60 fix: skip dropping side-effects on namespaceReexportsByName cache hit (#6274)...
• ca55406 chore(deps): pin dependency typescript to v5 (#6320)
• fe50d86 chore(deps): pin dependencies (#6317)
• 42785ff chore(deps): update minor/patch updates (#6319)
• 65e82a9 chore(deps): update msys2/setup-msys2 digest to cafece8 (#6318)
• c336205 chore(deps): update openharmony-rs/setup-ohos-sdk action to v1 (#6321)
• b25d25e fix(deps): update swc monorepo (major) (#6322)
• 119abdb chore(deps): lock file maintenance (#6324)
• 5598a66 chore(deps): lock file maintenance (#6323)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​types/​node@​25.2.3 ⏵ 25.6.0
	globals@​17.3.0 ⏵ 17.4.0	+1		+1
	rollup@​4.57.1 ⏵ 4.60.1		+16
	prettier@​3.8.1 ⏵ 3.8.2			+1
	@​rollup/​plugin-commonjs@​29.0.0 ⏵ 29.0.2	+1
	@​github/​local-action@​7.0.0 ⏵ 7.0.1				+1

View full report