build(deps): bump the minor-patch group across 1 directory with 7 updates

[dependabot]

Bumps the minor-patch group with 5 updates in the / directory:

Package	From	To
@modelcontextprotocol/sdk	1.18.1	1.26.0
@typescript-eslint/eslint-plugin	8.44.1	8.55.0
eslint-plugin-prettier	5.5.4	5.5.5
prettier	3.6.2	3.8.1
typescript	5.9.2	5.9.3

Updates @modelcontextprotocol/sdk from 1.18.1 to 1.26.0

Release notes

Sourced from @​modelcontextprotocol/sdk's releases.

v1.26.0

Addresses "Sharing server/transport instances can leak cross-client response data" in this GHSA GHSA-345p-7cg4-v4c7

What's Changed

• chore: bump v1.25.3 for backport fixes by @​pcarleton in modelcontextprotocol/typescript-sdk#1412
• fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x backport) by @​samuv in modelcontextprotocol/typescript-sdk#1382
• Fix #1430: Client Credentials providers scopes support (backported) by @​NSeydoux in modelcontextprotocol/typescript-sdk#1442
• chore: bump version to 1.26.0 by @​pcarleton in modelcontextprotocol/typescript-sdk#1479

New Contributors

• @​samuv made their first contribution in modelcontextprotocol/typescript-sdk#1382
• @​NSeydoux made their first contribution in modelcontextprotocol/typescript-sdk#1442

Full Changelog: modelcontextprotocol/typescript-sdk@v1.25.3...v1.26.0

v1.25.3

What's Changed

• [v1.x backport] Use correct schema for client sampling validation when tools are present by @​olaservo in modelcontextprotocol/typescript-sdk#1407
• fix: prevent Hono from overriding global Response object (v1.x) by @​mattzcarey in modelcontextprotocol/typescript-sdk#1411

Full Changelog: modelcontextprotocol/typescript-sdk@v1.25.2...v1.25.3

v1.25.2

What's Changed

• ci: trigger workflow on v1.x branch by @​felixweinberger in modelcontextprotocol/typescript-sdk#1319
• fix: README badges links destinations by @​antonpk1 in modelcontextprotocol/typescript-sdk#907
• fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) by @​pcarleton in modelcontextprotocol/typescript-sdk#1365

New Contributors

• @​antonpk1 made their first contribution in modelcontextprotocol/typescript-sdk#907

Full Changelog: modelcontextprotocol/typescript-sdk@1.25.1...v1.25.2

1.25.1

What's Changed

• spec types - backwards compatibility changes by @​KKonstantinov in modelcontextprotocol/typescript-sdk#1306
• chore: bump version for patch fix by @​felixweinberger in modelcontextprotocol/typescript-sdk#1307

Full Changelog: modelcontextprotocol/typescript-sdk@1.25.0...1.25.1

1.25.0

What's Changed

• list changed handlers on client constructor by @​mattzcarey in modelcontextprotocol/typescript-sdk#1206
• Role - moved from inline to reusable type by @​KKonstantinov in modelcontextprotocol/typescript-sdk#1221
• fix: use versioned npm tag for non-main branch releases by @​pcarleton in modelcontextprotocol/typescript-sdk#1236
• No automatic completion support unless needed - Revisited yet again by @​cliffhall in modelcontextprotocol/typescript-sdk#1237
• fix: Support updating output schema by @​vincent0426 in modelcontextprotocol/typescript-sdk#1048

... (truncated)

Commits

• fe9c07b chore: bump version to 1.26.0 (#1479)
• 4f01e7e fix: add non-null assertions for optional setupServer fields in stateful test
• a05be17 Merge commit from fork
• 50d9fa3 Fix #1430: Client Credentials providers scopes support (backported) (#1442)
• aa81a66 fix(deps): resolve npm audit vulnerabilities and bump dependencies (v1.x back...
• 6aba065 chore: bump v1.25.3 for backport fixes (#1412)
• 6e8f7e1 fix: prevent Hono from overriding global Response object (v1.x) (#1411)
• 12ae856 [v1.x backport] Use correct schema for client sampling validation when tools ...
• b392f02 fix: prevent ReDoS in UriTemplate regex patterns (v1.x backport) (#1365)
• a0c9b13 fix: README badges links destinations (#907)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by pcarleton, a new releaser for @​modelcontextprotocol/sdk since your current version.

Updates zod-to-json-schema from 3.24.6 to 3.25.1

Changelog

Sourced from zod-to-json-schema's changelog.

Changelog

Version	Change
3.25.1	Fixes large install size due to accidental inclusion of test files. Thanks, Felix Mosheev!
3.25.0	Adds support for v3.25 and v3 through v4 (import { z } from "zod/v3"). Big thank you to both Andrey Gubanovs and especially to Faïz Hernawan Abdillah, whose more minimal implementation was merged. This will likely be the final release of zod-to-json-schema, as v4 now supports JSON schema natively.
3.24.6	Removed use of instanceOf to check for optional properties as differing package versions could produce intermittent bugs. Added OpenAiAnyType to work around their schema restrictions.
3.24.5	Update .npmignore to drop 2 mb of test files. Thanks Misha Kaletsky!
3.24.4	Added options to set the value of additionalProperties in objects and record
3.24.3	Adds postProcess callback option
3.24.2	Restructured internals to remove circular dependencies which apparently might cause some build systems to whine a bit. Big thanks to Víctor Hernández for the fix.
3.24.1	Adds OpenAI target
3.24.0	Implements new string checks (jwt, base64url, cidr ipv4/v6), matching the new Zod version
3.23.5	Module import hotfix by Enzo Monjardín. Thanks!
3.23.4	Fixes branded regex property names and a weird edgecase in arrays. Thanks to Isaiah Marc Sanchez and Mitchell Merry!
3.23.3	More tests (Thanks Brett Zamir!), removed dead code
3.23.2	Lazily loads Emoji regex to avoid incompatibility with some environments. Thanks Jacob Lee!
3.23.1	Best-effort RegEx flag support by Spappz! Some minor fixes and additions, such as the title option.
3.23.0	Adds support for base64, date, time, duration and nanoid string validations. A warm welcome and a big thanks to Colin, the creator of Zod, joining in as a contributor :)
3.22.5	Adds new z.date() parsing options and override callback
3.22.4	Adds fix for nullable references in OpenAPI mode
3.22.3	Adjust root path from "#/" to "#" according to RFC 6901
3.22.2	Adds "output" pipe strategy
3.22.1	Fixes broken imports when using some bundlers
3.22.0	Support readonly. Export both CJS and ESM. Export everything from index. Alternative map parser. Improved pattern handling and updated sources.
3.21.4	Fixes missing support for exact array length
3.21.3	Fixes issue #77 (Reference path to nullable schemas in Open-API mode)
3.21.2	Adds "integer" type Date output to support min/max checks, markdownDescription option, fixes "none" refStrategy by adding "seen" and adds an option to use "pattern" with Zods' email enum instead of "format".
3.21.1	New target (2019-09) along with improved intersection schemas, improved mutual recursion references in definitions, descriptions respected in union parser and not removed in collapsed
3.21.0	Added new string validations (ip, emoji, etc) and BigInt checks to support Zod 3.21
3.20.5	Added uniqueItems to Set and an option to disregard pipe schemas
3.20.4	Bugfixes and improved record parsing for openApi3
3.20.3	Added Cuid2 support introduced in Zod 3.20.3
3.20.2	Reintroduced conditional simplified return-type for when target is OpenAPI 3
3.20.1	Fixed inconsistent casing in imports
3.20.0	Adds support for Zod 3.20 with catch and pipe parser as well as new string validations. Refactored Ref handling; adding definitions no longer considered experimental. Main API function refactored and simplified; output type less defined but a lot easier to maintain. Doubt anyone will miss it. Narrator: Someone did in fact miss it
3.19.4	Adds custom error message support
3.19.3	Mark definitions as experimental in the readme
3.19.2	Added definitions option
3.19.1	Strict unions fix
3.19.0	No new features added in Zod, parity bump
3.18.2	Fixes support for native enums
3.18.1	Add strictUnions options
3.18.0	Added support for branded types
3.17.2	Fix for reference paths when supplying name option string.
3.17.1	Added startsWith and endsWith string checks. Merge multiple pattern checks into allOf array.
3.17.0	Added switch case handler for new trim "check". No changes to functionality.
3.15.x - 3.16.x	Skipped: Did not change the Zod API in any way relevant for this package.
3.14.1	Dependabot security updates
3.14.0	Moves Zod into peerDependencies. Supports checks for sets, NaN-type (sort of), discriminated union type and standalone optional properties (as unions with undefined)

... (truncated)

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.44.1 to 8.55.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.55.0

8.55.0 (2026-02-09)

🚀 Features

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#11992)

🩹 Fixes

• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#11990)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#11966, #12000)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#11984)
• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#11949)
• typescript-estree: forbid invalid modifier in object expression (#11931)

❤️ Thank You

• Christian Rose @​chrros95
• fisker Cheung @​fisker
• Josh Goldberg
• Maria Solano @​MariaSolOs
• Minyeong Kim @​minyeong981
• SungHyun627 @​SungHyun627
• Yukihiro Hasegawa @​y-hsgw

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.54.0

8.54.0 (2026-01-26)

🚀 Features

• eslint-plugin-internal: add prefer-tsutils-methods rule (#11974, #11625)
• scope-manager: support ScopeManager#addGlobals (#11914)
• typescript-estree: add shortcut methods to ParserServicesWithTypeInformation (#11965, #11955)

🩹 Fixes

• eslint-plugin: [no-unused-private-class-members] private destructured class member is defined but used (#11785)
• eslint-plugin: [no-unnecessary-type-assertion] check both base constraint and actual type for non-null assertions (#11967, #11559)
• scope-manager: fix catch clause scopes def.name (#11982)
• scope-manager: prevent misidentification of "use strict" directives (#11995)
• utils: handle missing FlatESLint and LegacyESLint (#11958)

❤️ Thank You

• Brad Zacher @​bradzacher
• fnx @​DMartens

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.55.0 (2026-02-09)

🚀 Features

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#11992)

🩹 Fixes

• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#11949)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#11984)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#11966, #12000)
• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#11990)

❤️ Thank You

• Christian Rose @​chrros95
• Josh Goldberg
• Maria Solano @​MariaSolOs
• Minyeong Kim @​minyeong981
• SungHyun627 @​SungHyun627
• Yukihiro Hasegawa @​y-hsgw

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.54.0 (2026-01-26)

🚀 Features

• eslint-plugin-internal: add prefer-tsutils-methods rule (#11974, #11625)
• typescript-estree: add shortcut methods to ParserServicesWithTypeInformation (#11965, #11955)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-assertion] check both base constraint and actual type for non-null assertions (#11967, #11559)
• deps: update dependency prettier to v3.8.0 (#11991)
• scope-manager: fix catch clause scopes def.name (#11982)
• eslint-plugin: [no-unused-private-class-members] private destructured class member is defined but used (#11785)

❤️ Thank You

• Brad Zacher @​bradzacher
• Josh Goldberg
• MinJae @​Ju-MINJAE
• Minyeong Kim @​minyeong981
• overlookmotel
• Yuya Yoshioka @​YuyaYoshioka
• 김현수 @​Kimsoo0119

... (truncated)

Commits

• fedfe86 chore(release): publish 8.55.0
• 8a95834 fix(eslint-plugin): [no-useless-default-assignment] reduce param index to ts ...
• 4ba1e72 fix(eslint-plugin): [no-useless-default-assignment] report unnecessary defaul...
• a1f8617 feat(utils): deprecate defaultOptions in favor of meta.defaultOptions (#11992)
• 3f0ce54 fix(eslint-plugin): [no-useless-default-assignment] require strictNullChecks ...
• 3df0002 fix(eslint-plugin): [no-unused-vars] remove trailing newline when removing en...
• b931f8c chore: use workspace refs for workspace deps (#12018)
• 1f17a79 chore: migrate to pnpm (#11248)
• d423e57 chore(release): publish 8.54.0
• 80e33ff feat(eslint-plugin-internal): add prefer-tsutils-methods rule (#11974)
• Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.44.1 to 8.55.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.55.0

8.55.0 (2026-02-09)

🚀 Features

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#11992)

🩹 Fixes

• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#11990)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#11966, #12000)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#11984)
• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#11949)
• typescript-estree: forbid invalid modifier in object expression (#11931)

❤️ Thank You

• Christian Rose @​chrros95
• fisker Cheung @​fisker
• Josh Goldberg
• Maria Solano @​MariaSolOs
• Minyeong Kim @​minyeong981
• SungHyun627 @​SungHyun627
• Yukihiro Hasegawa @​y-hsgw

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.54.0

8.54.0 (2026-01-26)

🚀 Features

• eslint-plugin-internal: add prefer-tsutils-methods rule (#11974, #11625)
• scope-manager: support ScopeManager#addGlobals (#11914)
• typescript-estree: add shortcut methods to ParserServicesWithTypeInformation (#11965, #11955)

🩹 Fixes

• eslint-plugin: [no-unused-private-class-members] private destructured class member is defined but used (#11785)
• eslint-plugin: [no-unnecessary-type-assertion] check both base constraint and actual type for non-null assertions (#11967, #11559)
• scope-manager: fix catch clause scopes def.name (#11982)
• scope-manager: prevent misidentification of "use strict" directives (#11995)
• utils: handle missing FlatESLint and LegacyESLint (#11958)

❤️ Thank You

• Brad Zacher @​bradzacher
• fnx @​DMartens

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.55.0 (2026-02-09)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.54.0 (2026-01-26)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.53.1 (2026-01-19)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.53.0 (2026-01-12)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.52.0 (2026-01-05)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.51.0 (2025-12-29)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.50.1 (2025-12-22)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.50.0 (2025-12-15)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

... (truncated)

Commits

• fedfe86 chore(release): publish 8.55.0
• b931f8c chore: use workspace refs for workspace deps (#12018)
• 1f17a79 chore: migrate to pnpm (#11248)
• d423e57 chore(release): publish 8.54.0
• 9940e53 chore(release): publish 8.53.1
• 3021ede chore(release): publish 8.53.0
• 9ddd571 chore(release): publish 8.52.0
• 95c7c73 chore: update deps to latest minor/patch (#11921)
• e4c57f5 chore(release): publish 8.51.0
• d520b88 chore(release): publish 8.50.1
• Additional commits viewable in compare view

Updates eslint-plugin-prettier from 5.5.4 to 5.5.5

Release notes

Sourced from eslint-plugin-prettier's releases.

v5.5.5

Patch Changes

• #772 7264ed0 Thanks @​BPScott! - Bump prettier-linter-helpers dependency to v1.0.1

• #776 77651a3 Thanks @​aswils! - fix: bump synckit for yarn PnP ESM issue

Changelog

Sourced from eslint-plugin-prettier's changelog.

5.5.5

Patch Changes

• #772 7264ed0 Thanks @​BPScott! - Bump prettier-linter-helpers dependency to v1.0.1

• #776 77651a3 Thanks @​aswils! - fix: bump synckit for yarn PnP ESM issue

Commits

• e2c154a chore: release eslint-plugin-prettier (#773)
• 6795c1a build(deps): Bump the actions group across 1 directory with 2 updates (#774)
• 77651a3 fix: bump synckit for yarn PnP ESM issue (#776)
• 7264ed0 chore: bump prettier-linter-helpers to v1.0.1 (#772)
• e11a5b7 build(deps): Bump the actions group across 1 directory with 3 updates (#769)
• befda88 ci: enable trusted publishing (#757)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-prettier since your current version.

Updates prettier from 3.6.2 to 3.8.1

Release notes

Sourced from prettier's releases.

3.8.1

• Include available printers in plugin type declarations (#18706 by @​porada)

🔗 Changelog

3.8.0

• Support Angular v21.1

diff

🔗 Release note "Prettier 3.8: Support for Angular v21.1"

3.7.4

What's Changed

• Fix comment in union type gets duplicated by @​fisker in prettier/prettier#18393
• Fix unstable comment print in union type by @​fisker in prettier/prettier#18395
• Avoid quote around LWC interpolations by @​kovsu in prettier/prettier#18383

🔗 Changelog

3.7.3

What's Changed

• Fix prettier.getFileInfo() change that breaks VSCode extension by @​fisker in prettier/prettier#18375

🔗 Changelog

3.7.2

What's Changed

• Fix string print when switching quotes by @​fisker in prettier/prettier#18351
• Preserve quote for embedded HTML attribute values by @​kovsu in prettier/prettier#18352
• Fix comment in empty type literal by @​fisker in prettier/prettier#18364

🔗 Changelog

3.7.1

• Fix performance regression in doc printer (#18342 by @​fisker)

🔗 Changelog

3.7.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.8.1

diff

Include available printers in plugin type declarations (#18706 by @​porada)

// Input
import * as prettierPluginEstree from "prettier/plugins/estree";
// Prettier 3.8.0
// Property 'printers' does not exist on type 'typeof import("prettier/plugins/estree")'. ts(2339)
prettierPluginEstree.printers.estree; //=> any
// Prettier 3.8.1
prettierPluginEstree.printers.estree; //=> Printer
prettierPluginEstree.printers["estree-json"]; //=> Printer

3.8.0

diff

🔗 Release Notes

3.7.4

diff

LWC: Avoid quote around interpolations (#18383 by @​kovsu)

<!-- Input -->
<div foo={bar}>   </div>
<!-- Prettier 3.7.3 (--embedded-language-formatting off) -->
<div foo="{bar}"></div>
<!-- Prettier 3.7.4 (--embedded-language-formatting off) -->
<div foo={bar}></div>

TypeScript: Fix comment inside union type gets duplicated (#18393 by @​fisker)

// Input
type Foo = (/** comment */ a | b) | c;
</tr></table> 

... (truncated)

Commits

• 90983f4 Release 3.8.1
• 57f702f Include available printers in plugin type declarations (#18706)
• bece827 Revert change in release script
• 82a4ab2 Bump Prettier dependency to 3.8.0
• 5213ee4 Clean changelog_unreleased
• f95ad0f Comment out finished steps
• b2034e8 Fix release script
• 5824b15 Release 3.8.0
• 0433601 Add blog post for v3.8.0 (#18639)
• b04d05b Remove lint step from release script (#18415)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prettier since your current version.

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Note: this tag was recreated to point at the correct commit. The npm package contained the correct content.

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)
• fixed issues query for Typescript 5.9.3 (Stable).

Downloads are available on:

• npm

Commits

• c63de15 Bump version to 5.9.3 and LKG
• 8428ca4 🤖 Pick PR #62438 (Fix incorrectly ignored dts file fr...) into release-5.9 (#...
• a131cac 🤖 Pick PR #62351 (Add missing Float16Array constructo...) into release-5.9 (#...
• 0424333 🤖 Pick PR #62423 (Revert PR 61928) into release-5.9 (#62425)
• bdb641a 🤖 Pick PR #62311 (Fix parenthesizer rules for manuall...) into release-5.9 (#...
• 0d9b9b9 🤖 Pick PR #61978 (Restructure CI to prepare for requi...) into release-5.9 (#...
• 2dce0c5 Intentionally regress one buggy declaration output to an older version (#62163)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions