chore(deps): Bump the patch-updates group across 1 directory with 16 updates

[dependabot]

Bumps the patch-updates group with 16 updates in the / directory:

Package	From	To
@astrojs/check	0.9.6	0.9.8
@astrojs/rss	4.0.14	4.0.17
@astrojs/svelte	7.2.0	7.2.5
@expressive-code/core	0.41.5	0.41.7
@expressive-code/plugin-collapsible-sections	0.41.5	0.41.7
@expressive-code/plugin-line-numbers	0.41.5	0.41.7
@fontsource/roboto	5.2.9	5.2.10
@iconify-json/material-symbols	1.2.50	1.2.63
astro-expressive-code	0.41.5	0.41.7
dayjs	1.11.19	1.11.20
katex	0.16.27	0.16.40
markdown-it	14.1.0	14.1.1
sanitize-html	2.17.0	2.17.2
@types/sanitize-html	2.16.0	2.16.1
@astrojs/ts-plugin	1.10.6	1.10.7
sanitize-filename	1.6.3	1.6.4

Updates @astrojs/check from 0.9.6 to 0.9.8

Release notes

Sourced from @​astrojs/check's releases.

@​astrojs/check@​0.9.8

Patch Changes

• #15892 a2f597d Thanks @​Princesseuh! - Fixes Astro not being able to find astro check sometimes

• Updated dependencies [7b4b254]:

  • @​astrojs/language-server@​2.16.5

@​astrojs/check@​0.9.7

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #15198 55107a1 Thanks @​HiDeoo! - Updates to Astro 6 beta

• Updated dependencies [bbb5811, df6d2d7]:

  • @​astrojs/language-server@​2.16.1

Changelog

Sourced from @​astrojs/check's changelog.

0.9.8

Patch Changes

• #15892 a2f597d Thanks @​Princesseuh! - Fixes Astro not being able to find astro check sometimes

• Updated dependencies [7b4b254]:

  • @​astrojs/language-server@​2.16.5

0.9.7

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #15198 55107a1 Thanks @​HiDeoo! - Updates to Astro 6 beta

• Updated dependencies [bbb5811, df6d2d7]:

  • @​astrojs/language-server@​2.16.1

0.9.7-beta.1

Patch Changes

• #15198 55107a1 Thanks @​HiDeoo! - Updates to Astro 6 beta

0.9.6-beta.1

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• Updated dependencies [bbb5811]:

  • @​astrojs/language-server@​2.16.1-beta.1

0.9.6-alpha.0

Patch Changes

• Updated dependencies [df6d2d7]:
  • @​astrojs/language-server@​2.16.1-alpha.0

Commits

• 09ecdd7 [ci] release (#15889)
• a2f597d fix(check): Revert publint lint fix (#15892)
• 48e5c4d [ci] release (#15808)
• 1118ac4 feat: update tsconfig template to prepare for TS 6 (#15668)
• ddeb230 chore: address publint suggestions (#15653)
• 7392857 [ci] release (beta) (#15197)
• 55107a1 fix: @astrojs/check beta version (#15198)
• 8dc3f6f [ci] release (beta) (#15189)
• 6feb0d7 Merge main in next (#15125)
• 802685c Merge branch 'main' into next
• Additional commits viewable in compare view

Updates @astrojs/rss from 4.0.14 to 4.0.17

Release notes

Sourced from @​astrojs/rss's releases.

@​astrojs/rss@​4.0.17

Patch Changes

• #15830 8d3f3aa Thanks @​Princesseuh! - Pin fast-xml-parser to 5.4.1 in order to fix an upstream bug

@​astrojs/rss@​4.0.16

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #14956 0ff51df Thanks @​matthewp! - Updates usage of zod to own dependency rather than relying on astro/zod

• #15561 413b0f7 Thanks @​renovate! - Updates fast-xml-parser to v5.3.6

• #15283 daf41c6 Thanks @​eldair! - Updates validation to use Zod v4

• #15373 14252b2 Thanks @​renovate! - Updates zod to v4

Changelog

Sourced from @​astrojs/rss's changelog.

4.0.17

Patch Changes

• #15830 8d3f3aa Thanks @​Princesseuh! - Pin fast-xml-parser to 5.4.1 in order to fix an upstream bug

4.0.16

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

• #14956 0ff51df Thanks @​matthewp! - Updates usage of zod to own dependency rather than relying on astro/zod

• #15561 413b0f7 Thanks @​renovate! - Updates fast-xml-parser to v5.3.6

• #15283 daf41c6 Thanks @​eldair! - Updates validation to use Zod v4

• #15373 14252b2 Thanks @​renovate! - Updates zod to v4

4.0.15-beta.4

Patch Changes

• #15561 413b0f7 Thanks @​renovate! - Updates fast-xml-parser to v5.3.6

4.0.15-beta.3

Patch Changes

• #15373 14252b2 Thanks @​renovate! - Updates zod to v4

4.0.15-beta.2

Patch Changes

• #15283 daf41c6 Thanks @​eldair! - Updates validation to use Zod v4

4.0.15-beta.1

Patch Changes

• #15187 bbb5811 Thanks @​matthewp! - Update to Astro 6 beta

4.0.15-alpha.0

Patch Changes

• #14956 0ff51df Thanks @​matthewp! - Updates usage of zod to own dependency rather than relying on astro/zod

... (truncated)

Commits

• a2fff74 [ci] release (#15826)
• 8d3f3aa fix(rss): Pin fast-xml-parser until upstream fix (#15830)
• 48e5c4d [ci] release (#15808)
• 6453380 fix: manually updates packages who had main releases later than betas (#15816)
• 6414732 Spelling (#15601)
• 1118ac4 feat: update tsconfig template to prepare for TS 6 (#15668)
• 10088fd fix(deps): update all non-major dependencies (#15707)
• 4d49632 [ci] release (beta) (#15590)
• 1cc62dc fix(deps): update all non-major dependencies (#15612)
• 413b0f7 chore(deps): update dependency fast-xml-parser to v5.3.6 [security] (#15561)
• Additional commits viewable in compare view

Updates @astrojs/svelte from 7.2.0 to 7.2.5

Changelog

Sourced from @​astrojs/svelte's changelog.

7.2.5

Patch Changes

• #15070 fa9c464 Thanks @​antonyfaris! - Improve Svelte children prop type checking

7.2.4

Patch Changes

• #15004 16f3994 Thanks @​antonyfaris! - Fixes an issue where Svelte components used in Astro files would incorrectly report type errors when using client:* directives.

7.2.3

Patch Changes

• #14934 4264a36 Thanks @​antonyfaris! - Fixes an issue where Svelte 5 components used in Astro files would not have proper type checking and IntelliSense.

7.2.2

Patch Changes

• #14715 3d55c5d Thanks @​ascorbic! - Adds support for client hydration in getContainerRenderer()

  The getContainerRenderer() function is exported by Astro framework integrations to simplify the process of rendering framework components when using the experimental Container API inside a Vite or Vitest environment. This update adds the client hydration entrypoint to the returned object, enabling client-side interactivity for components rendered using this function. Previously this required users to manually call container.addClientRenderer() with the appropriate client renderer entrypoint.

  See the container-with-vitest demo for a usage example, and the Container API documentation for more information on using framework components with the experimental Container API.

7.2.1

Patch Changes

• #14621 e3175d9 Thanks @​GameRoMan! - Updates vite version to fix CVE

Commits

• e73deb8 [ci] release (#15031)
• fa9c464 fix(svelte): improve Svelte children prop type checking (#15070)
• 1847601 fix(deps): update astro client runtimes (#15085)
• 0343993 [ci] release (#14997)
• 16f3994 fix(svelte): allow client directives (#15004)
• 02c19eb [ci] release (#14959)
• 00c06ef fix(deps): update astro client runtimes (#14978)
• deb6f14 fix(deps): update all non-major dependencies (#14977)
• 4264a36 fix: svelte 5 prop types (#14934)
• b31183d fix(deps): update astro client runtimes (#14881)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​astrojs/svelte since your current version.

Updates @expressive-code/core from 0.41.5 to 0.41.7

Release notes

Sourced from @​expressive-code/core's releases.

@​expressive-code/core@​0.41.7

No release notes provided.

@​expressive-code/core@​0.41.6

No release notes provided.

Changelog

Sourced from @​expressive-code/core's changelog.

0.41.7

0.41.6

Commits

• a6eefe9 [CI] Release (#429)
• 9a99203 Migrate to ESLint v9 with flat config (#421)
• 6bec5bb [CI] Release (#416)
• See full diff in compare view

Updates @expressive-code/plugin-collapsible-sections from 0.41.5 to 0.41.7

Release notes

Sourced from @​expressive-code/plugin-collapsible-sections's releases.

@​expressive-code/plugin-collapsible-sections@​0.41.7

Patch Changes

• @​expressive-code/core@​0.41.7

@​expressive-code/plugin-collapsible-sections@​0.41.6

Patch Changes

• @​expressive-code/core@​0.41.6

Changelog

Sourced from @​expressive-code/plugin-collapsible-sections's changelog.

0.41.7

Patch Changes

• @​expressive-code/core@​0.41.7

0.41.6

Patch Changes

• @​expressive-code/core@​0.41.6

Commits

• a6eefe9 [CI] Release (#429)
• 6bec5bb [CI] Release (#416)
• See full diff in compare view

Updates @expressive-code/plugin-line-numbers from 0.41.5 to 0.41.7

Release notes

Sourced from @​expressive-code/plugin-line-numbers's releases.

@​expressive-code/plugin-line-numbers@​0.41.7

Patch Changes

• @​expressive-code/core@​0.41.7

@​expressive-code/plugin-line-numbers@​0.41.6

Patch Changes

• @​expressive-code/core@​0.41.6

Changelog

Sourced from @​expressive-code/plugin-line-numbers's changelog.

0.41.7

Patch Changes

• @​expressive-code/core@​0.41.7

0.41.6

Patch Changes

• @​expressive-code/core@​0.41.6

Commits

• a6eefe9 [CI] Release (#429)
• 6bec5bb [CI] Release (#416)
• See full diff in compare view

Updates @fontsource/roboto from 5.2.9 to 5.2.10

Commits

• See full diff in compare view

Updates @iconify-json/material-symbols from 1.2.50 to 1.2.63

Commits

• See full diff in compare view

Updates astro-expressive-code from 0.41.5 to 0.41.7

Release notes

Sourced from astro-expressive-code's releases.

astro-expressive-code@0.41.7

Patch Changes

• 0599626: Prevents the frames plugin from treating Twoslash // @filename directives as filename comments. This keeps multi-file Twoslash code blocks intact. Thank you for the report, @​Adammatthiesen!
• Updated dependencies [0599626]
  • rehype-expressive-code@0.41.7

astro-expressive-code@0.41.6

Patch Changes

• 662aa67: Adds support for Astro v6
  • rehype-expressive-code@0.41.6

Changelog

Sourced from astro-expressive-code's changelog.

0.41.7

Patch Changes

• 0599626: Prevents the frames plugin from treating Twoslash // @filename directives as filename comments. This keeps multi-file Twoslash code blocks intact. Thank you for the report, @​Adammatthiesen!
• Updated dependencies [0599626]
  • rehype-expressive-code@0.41.7

0.41.6

Patch Changes

• 662aa67: Adds support for Astro v6
  • rehype-expressive-code@0.41.6

Commits

• a6eefe9 [CI] Release (#429)
• e9d2218 Parallelize astro-expressive-code integration test builds (#422)
• 9a99203 Migrate to ESLint v9 with flat config (#421)
• 6bec5bb [CI] Release (#416)
• 662aa67 support astro 6.0 (#415)
• See full diff in compare view

Updates dayjs from 1.11.19 to 1.11.20

Release notes

Sourced from dayjs's releases.

v1.11.20

1.11.20 (2026-03-12)

Bug Fixes

• Update locale km.js to support meridiem (#3017) (9d2b6a1)
• update updateLocale plugin to merge nested object properties instead of replacing (#3012) (99691c5), closes #1118

Changelog

Sourced from dayjs's changelog.

1.11.20 (2026-03-12)

Bug Fixes

• Update locale km.js to support meridiem (#3017) (9d2b6a1)
• update updateLocale plugin to merge nested object properties instead of replacing (#3012) (99691c5), closes #1118

Commits

• af6e1f8 chore(release): 1.11.20 [skip ci]
• 82babd6 D2M (#3018)
• bbe4ab1 chore: fix lint error
• 99691c5 fix: update updateLocale plugin to merge nested object properties instead of ...
• 9d2b6a1 fix: Update locale km.js to support meridiem (#3017)
• acf21cd chore: update doc
• 55a64e1 chore: update doc
• 807face chore: update doc
• 54f4470 chore: update doc
• 9ea23c7 chore: update doc
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for dayjs since your current version.

Updates katex from 0.16.27 to 0.16.40

Release notes

Sourced from katex's releases.

v0.16.40

0.16.40 (2026-03-20)

Bug Fixes

• css: specify position: relative for .katex (#4170) (020f0d8)

v0.16.39

0.16.39 (2026-03-19)

Bug Fixes

• middle dot in text mode (#4169) (edb45b0), closes #3641

v0.16.38

0.16.38 (2026-03-08)

Bug Fixes

• accent skew mixed with font specifiers (#4159) (aea3375), closes #4121

v0.16.37

0.16.37 (2026-03-06)

Bug Fixes

• negative-width \hphantom and symmetric \smash (#4153) (d4799ca)

v0.16.36

0.16.36 (2026-03-06)

Bug Fixes

• contrib esm bloat (#4157) (2bde1ad)

v0.16.35

0.16.35 (2026-03-05)

Bug Fixes

• version number regression (#4155) (db26b73)

v0.16.34

0.16.34 (2026-03-05)

... (truncated)

Changelog

Sourced from katex's changelog.

0.16.40 (2026-03-20)

Bug Fixes

• css: specify position: relative for .katex (#4170) (020f0d8)

0.16.39 (2026-03-19)

Bug Fixes

• middle dot in text mode (#4169) (edb45b0), closes #3641

0.16.38 (2026-03-08)

Bug Fixes

• accent skew mixed with font specifiers (#4159) (aea3375), closes #4121

0.16.37 (2026-03-06)

Bug Fixes

• negative-width \hphantom and symmetric \smash (#4153) (d4799ca)

0.16.36 (2026-03-06)

Bug Fixes

• contrib esm bloat (#4157) (2bde1ad)

0.16.35 (2026-03-05)

Bug Fixes

• version number regression (#4155) (db26b73)

0.16.34 (2026-03-05)

Bug Fixes

• emoji with variation selector (#4151) (c2606e5)

0.16.33 (2026-02-23)

... (truncated)

Commits

• 71abdcb chore(release): 0.16.40 [ci skip]
• 020f0d8 fix(css): specify position: relative for .katex (#4170)
• 0975b38 test: update selenium images for screenshotter (#4167)
• 9e22c76 chore(release): 0.16.39 [ci skip]
• edb45b0 fix: middle dot in text mode (#4169)
• b38a566 docs: drop IE 11 support (#4168)
• 89bede4 chore: texcmp support for macOS (#4163)
• eda872c chore(release): 0.16.38 [ci skip]
• aea3375 fix: accent skew mixed with font specifiers (#4159)
• 8c2bf2e test: fail on missing screenshot (#4158)
• Additional commits viewable in compare view

Updates markdown-it from 14.1.0 to 14.1.1

Changelog

Sourced from markdown-it's changelog.

[14.1.1] - 2026-01-11

Security

• Fixed regression from v13 in linkify inline rule. Specific patterns could cause high CPU use. Thanks to @​ltduc147 for report.

Commits

• b4a9b65 14.1.1 released
• 4b4bbca Fixed perf regression in linkify-it wrapper
• d2782d8 Add supplementary example-driven documentation (#1092)
• See full diff in compare view

Updates sanitize-html from 2.17.0 to 2.17.2

Changelog

Sourced from sanitize-html's changelog.

2.17.2

Changes

• Upgrade htmlparser2 from 8.x to 10.1.0. This improves security by correctly decoding zero-padded numeric character references (e.g., &[#0000001](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html/issues/0000001)) that previously bypassed javascript: URL detection. Also fixes double-encoding of entities inside raw text elements like textarea and option.

2.17.1 (2026-02-18)

Fixes

• Fix unclosed tags (e.g., <hello) returning empty string in escape and recursiveEscape modes. Fixes #706. Thanks to Byeong Hyeon for the fix.

Commits

• 7e607c9 Changelog reconciliation for release (#5359)
• 49d0bb7 Port/sanitize html community contrib (#5337)
• a9ca4ef For release only (#5328)
• bbf3359 Port sanitize html standalone pr (#5323)
• f5f266c Adds changeset (#5209)
• c9aba85 PRO-8756: monorepo workflows (#5179)
• 107bcd2 Pro 8756 monorepo switch (#5177)
• See full diff in compare view

Updates @types/sanitize-html from 2.16.0 to 2.16.1

Commits

• See full diff in compare view

Updates @astrojs/ts-plugin from 1.10.6 to 1.10.7

Changelog

Sourced from @​astrojs/ts-plugin's changelog.

1.10.7

Patch Changes

• #15820 e20474b Thanks @​Princesseuh! - Fixes broken publish

• Updated dependencies [e20474b]:

  • @​astrojs/yaml2ts@​0.2.3

Commits

• See full diff in compare view

Updates @types/sanitize-html from 2.16.0 to 2.16.1

Commits

• See full diff in compare view

Updates sanitize-filename from 1.6.3 to 1.6.4

Commits

• 6e51552 1.6.4
• 9848644 Do not use vulnerable regex
• 209c39b Bump brace-expansion from 1.1.6 to 1.1.11 (#54)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions