chore(deps): bump the patch-updates group across 1 directory with 7 updates

[dependabot]

Bumps the patch-updates group with 7 updates in the / directory:

Package	From	To
@hono/node-server	1.19.9	1.19.11
eslint-plugin-import-x	4.16.1	4.16.2
turbo	2.8.12	2.8.20
sql.js	1.14.0	1.14.1
@types/sql.js	1.4.9	1.4.10
fumadocs-mdx	14.2.9	14.2.11
postcss	8.5.6	8.5.8

Updates @hono/node-server from 1.19.9 to 1.19.11

Release notes

Sourced from @​hono/node-server's releases.

v1.19.11

What's Changed

• fix: do not overwrite Content-Length in the fast path pattern if Content-Length already exists. by @​usualoma in honojs/node-server#309

Full Changelog: honojs/node-server@v1.19.10...v1.19.11

v1.19.10

Security Fix

Fixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (%2F handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.

See GHSA-wc8c-qw6v-h7f6 for details.

Commits

• ecd4d6b 1.19.11
• c944899 fix: do not overwrite Content-Length in the fast path pattern if Content-Leng...
• 2f8ca36 1.19.10
• 455015b Merge commit from fork
• cc05c48 chore: add benchmark for comparing with npm and local (dev) (#305)
• 58c4412 chore: Adding LICENSE file with MIT license referenced in README.md (#297)
• b1daa4c docs(readme): add @​usualoma as an author (#300)
• See full diff in compare view

Updates eslint-plugin-import-x from 4.16.1 to 4.16.2

Release notes

Sourced from eslint-plugin-import-x's releases.

v4.16.2

Patch Changes

• #457 1da4043 Thanks @​SukkaW! - Make the no-unused-modules rule no-op on ESLint 10 or later for now before we can implement an alternative. A warning message about this behavior is added, and can be suppressed with the new suppressMissingFileEnumeratorAPIWarning rule option (import-x/no-unused-modules: ['error', { suppressMissingFileEnumeratorAPIWarning: true }]).

• #450 a51be0f Thanks @​andrewgaun! - fix(deps): Bumping minimatch 10 version to avoid dependency with a critical vulnerability

  Updating the minimum minimatch 10 version to 10.1.2 which updates a dependency (@​isaacs/brace-expansion) with a critical vulnerability. See GHSA-7h2j-956f-4vf2

• #466 b669aca Thanks @​SukkaW! - Make eslint-plugin-import-x compatible with ESLint's defineConfig

• #434 a3aae61 Thanks @​stepankuzmin! - fix(deps): replace type-fest with @​package-json/types

  PackageJson types are imported in published declaration files (lib/rules/no-extraneous-dependencies.d.ts and lib/utils/read-pkg-up.d.ts), which causes TypeScript compilation errors for consumers who don't have skipLibCheck enabled. Replacing type-fest with the smaller @​package-json/types package ensures the types are available to all consumers while reducing bundle size.

• #458 60312ee Thanks @​SukkaW! - Bump peer deps version range to include ESLint 10 support

• #443 b416a8a Thanks @​baevm! - consistent-type-specifier-style: Add exception for TS resolution-mode import attributes

• #454 d3f8d67 Thanks @​SukkaW! - First step toward ESLint 10 support:

  • sourceType determination now prefers context.languageOptions when possible
  • Ensure context.parserOptions no longer results in crashes with ESLint 10
  • Merge getParser and getParserPath implementations into one getParserOrPath

• #406 d0a7816 Thanks @​marcalexiei! - fix(package): remove config and rules exports pointing to empty files

Changelog

Sourced from eslint-plugin-import-x's changelog.

4.16.2

Patch Changes

• #457 1da4043 Thanks @​SukkaW! - Make the no-unused-modules rule no-op on ESLint 10 or later for now before we can implement an alternative. A warning message about this behavior is added, and can be suppressed with the new suppressMissingFileEnumeratorAPIWarning rule option (import-x/no-unused-modules: ['error', { suppressMissingFileEnumeratorAPIWarning: true }]).

• #450 a51be0f Thanks @​andrewgaun! - fix(deps): Bumping minimatch 10 version to avoid dependency with a critical vulnerability

  Updating the minimum minimatch 10 version to 10.1.2 which updates a dependency (@​isaacs/brace-expansion) with a critical vulnerability. See GHSA-7h2j-956f-4vf2

• #466 b669aca Thanks @​SukkaW! - Make eslint-plugin-import-x compatible with ESLint's defineConfig

• #434 a3aae61 Thanks @​stepankuzmin! - fix(deps): replace type-fest with @​package-json/types

  PackageJson types are imported in published declaration files (lib/rules/no-extraneous-dependencies.d.ts and lib/utils/read-pkg-up.d.ts), which causes TypeScript compilation errors for consumers who don't have skipLibCheck enabled. Replacing type-fest with the smaller @​package-json/types package ensures the types are available to all consumers while reducing bundle size.

• #458 60312ee Thanks @​SukkaW! - Bump peer deps version range to include ESLint 10 support

• #443 b416a8a Thanks @​baevm! - consistent-type-specifier-style: Add exception for TS resolution-mode import attributes

• #454 d3f8d67 Thanks @​SukkaW! - First step toward ESLint 10 support:

  • sourceType determination now prefers context.languageOptions when possible
  • Ensure context.parserOptions no longer results in crashes with ESLint 10
  • Merge getParser and getParserPath implementations into one getParserOrPath

• #406 d0a7816 Thanks @​marcalexiei! - fix(package): remove config and rules exports pointing to empty files

Commits

• 69ddbba chore: release eslint-plugin-import-x (#407)
• b669aca fix(#421): defineConfig compatible (#466)
• 60312ee chore: prepare for ESLint 10 more (#458)
• 1da4043 refactor: make no-unused-modules no-op on ESLint 10 or later (#457)
• d801fd7 docs: remove SublimeLinter-eslint mention in README (#432)
• 1909953 chore(deps): update dependency minimatch to v9.0.8 [security] (#460)
• b416a8a fix: consistent-type-specifier-style with prefer-inline and TS resolution...
• a51be0f chore(deps): bumping minimatch 10 to 10.1.2 to avoid dependencies with cr...
• d3f8d67 refactor: first step toward ESLint 10 support (#454)
• a3aae61 fix(deps): replace type-fest w/ @package-json/types (#434)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-import-x since your current version.

Updates turbo from 2.8.12 to 2.8.20

Release notes

Sourced from turbo's releases.

Turborepo v2.8.20

What's Changed

Changelog

• fix: Prevent stdin from being dropped for persistent tasks in stream mode by @​anthonyshew in vercel/turborepo#12394

Full Changelog: vercel/turborepo@v2.8.19...v2.8.20

Turborepo v2.8.20-canary.1

What's Changed

Examples

• chore: Upgrade Next.js to 16.2.0 in examples and apps by @​anthonyshew in vercel/turborepo#12389

Changelog

• fix: Detect scoped @turbo/{platform} packages in local binary resolution by @​EmojiPati in vercel/turborepo#12386
• fix: Support legacy unscoped binary package names in Node.js shim by @​anthonyshew in vercel/turborepo#12391
• fix: Prevent stdin from being dropped for persistent tasks in stream mode by @​anthonyshew in vercel/turborepo#12394

New Contributors

• @​EmojiPati made their first contribution in vercel/turborepo#12386

Full Changelog: vercel/turborepo@v2.8.19-canary.3...v2.8.20-canary.1

Turborepo v2.8.19

What's Changed

turbo-ignore

• feat: Deprecate turbo-ignore in favor of turbo query affected by @​anthonyshew in vercel/turborepo#12382
• fix: Tailored turbo-ignore deprecation notice for Vercel users by @​anthonyshew in vercel/turborepo#12385

Examples

• chore: Upgrade Next.js to 16.2.0 in examples and apps by @​anthonyshew in vercel/turborepo#12389

Changelog

• fix: Detect scoped @turbo/{platform} packages in local binary resolution by @​EmojiPati in vercel/turborepo#12386
• fix: Support legacy unscoped binary package names in Node.js shim by @​anthonyshew in vercel/turborepo#12391

New Contributors

• @​EmojiPati made their first contribution in vercel/turborepo#12386

Full Changelog: vercel/turborepo@v2.8.18...v2.8.19

Turborepo v2.8.19-canary.3

What's Changed

turbo-ignore

• fix: Tailored turbo-ignore deprecation notice for Vercel users by @​anthonyshew in vercel/turborepo#12385

... (truncated)

Commits

• b61c532 publish 2.8.20 to registry
• 8f0e719 release(turborepo): 2.8.20-canary.1 (#12395)
• 106fa3e fix: Prevent stdin from being dropped for persistent tasks in stream mode (...
• 66f2c36 release(turborepo): 2.8.19 (#12392)
• 7da779a fix: Support legacy unscoped binary package names in Node shim (#12391)
• 9d977f1 fix: Detect scoped @turbo/{platform} packages in local binary resolution (#...
• 2ff8fc9 chore: Upgrade Next.js to 16.2.0 in examples and apps (#12389)
• ee90d8e release(turborepo): 2.8.19-canary.3 (#12387)
• 4b2eae6 fix: Tailored turbo-ignore deprecation notice for Vercel users (#12385)
• 1885f08 release(turborepo): 2.8.19-canary.2 (#12384)
• Additional commits viewable in compare view

Updates sql.js from 1.14.0 to 1.14.1

Commits

• 8088a68 Fix browser bundle (#625)
• ee29605 Update devcontainer + migrate linting to ESLint 10 (#623)
• d58d741 sqlite 3.45.2 (#581)
• See full diff in compare view

Updates @types/sql.js from 1.4.9 to 1.4.10

Commits

• See full diff in compare view

Updates @types/sql.js from 1.4.9 to 1.4.10

Commits

• See full diff in compare view

Updates fumadocs-mdx from 14.2.9 to 14.2.11

Release notes

Sourced from fumadocs-mdx's releases.

fumadocs-mdx@14.2.11

Patch Changes

• 3144149: Fix dynamic index generation so generated dynamic.ts imports node:path and passes lazy entries to create.doc() / create.docs() as arrays.
• Updated dependencies [f45d703]
• Updated dependencies [45aa454]
  • fumadocs-core@16.7.0

fumadocs-mdx@14.2.10

Patch Changes

• c2678c0: Improve llms.txt generation via remark-llms plugin
• Updated dependencies [c2678c0]
• Updated dependencies [417f07a]
• Updated dependencies [bb07706]
• Updated dependencies [f065406]
  • fumadocs-core@16.6.17

Commits

• faf02ff Chore: Bump deps
• b38168d Version Packages
• 0ddaa8a CLI: Preserve layout imports for slots
• 42bf43e OpenAPI: Implement newer JSON Schema spec $ref resolution behaviour
• 8c6fe9c Docs: rename sidebar tabs to layout tabs
• 4fd51b7 UI: migrate Base UI
• 67d6855 Docs: migrate
• 0c3eda7 UI: clean code
• 875d88a UI: forward hooks via slots
• 484da08 UI: introduce slots system
• Additional commits viewable in compare view

Updates postcss from 8.5.6 to 8.5.8

Release notes

Sourced from postcss's releases.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Changelog

Sourced from postcss's changelog.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

Commits

• 65de537 Release 8.5.8 version
• b2c6d97 Run git hook register
• 0ae0a49 Update Processor#version
• 6ee9f14 Release 8.5.7 version
• 3fbc951 Fix uvu Node.js 25 support
• 52db53e Update dependencies
• 497daef Speed up source map annotation cleaning by moving from RegExp
• 41e739a Remove banner
• 1329142 chore: speed up space-only string check in lib/parser.js (#2064)
• 23beff9 Update dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
objectos	Ready	Preview, Comment	Mar 23, 2026 2:18am
objectos-demo	Error		Mar 23, 2026 2:18am