build(deps): bump the minor-and-patch group with 10 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the minor-and-patch group with 10 updates:

Package	From	To
isomorphic-dompurify	2.32.0	2.33.0
@vscode/vsce	3.7.0	3.7.1
@aws-sdk/client-s3	3.934.0	3.939.0
@aws-sdk/s3-request-presigner	3.934.0	3.939.0
marked	17.0.0	17.0.1
@cloudflare/vite-plugin	1.15.0	1.15.2
@cloudflare/workers-types	4.20251119.0	4.20251125.0
vue-tsc	3.1.4	3.1.5
wrangler	4.49.0	4.50.0
@codemirror/autocomplete	6.19.1	6.20.0

Updates isomorphic-dompurify from 2.32.0 to 2.33.0

Release notes

Sourced from isomorphic-dompurify's releases.

2.33.0: Improved Web Worker support

Changelog

• Improved Web Worker compatibility (partial) #242 (thanks @​wSedlacek for the contribution and @​coderabbitai for advice)

See the complete changelog for more details.

Release

2.33.0

Commits

• f6613bd docs: Improved readme.
• 4404586 docs: Improved readme. Incremented project version.
• 6d06f11 Merge pull request #242 from wSedlacek/feat/worker-support
• a279561 Merge pull request #376 from kkomelin/dependabot/npm_and_yarn/vitest-4.0.13
• 89679a9 chore(deps-dev): bump vitest from 4.0.12 to 4.0.13
• e93ddbd Merge pull request #375 from kkomelin/dependabot/npm_and_yarn/vitest-4.0.12
• 4b4ae36 chore(deps-dev): bump vitest from 4.0.10 to 4.0.12
• 0350339 Merge pull request #374 from kkomelin/dependabot/npm_and_yarn/vitest-4.0.10
• 34cb568 chore(deps-dev): bump vitest from 4.0.9 to 4.0.10
• bd37ccc Merge pull request #373 from kkomelin/dependabot/npm_and_yarn/vitest-4.0.9
• Additional commits viewable in compare view

Updates @vscode/vsce from 3.7.0 to 3.7.1

Release notes

Sourced from @​vscode/vsce's releases.

v3.7.1

Changes:

• #1223: Bump js-yaml
• #1222: Bump glob

This list of changes was auto generated.

v3.7.1-1

Changes:

• #1223: Bump js-yaml

This list of changes was auto generated.

v3.7.1-0

Changes:

• #1222: Bump glob

This list of changes was auto generated.

Commits

• 44181d1 Merge pull request #1223 from microsoft/dependabot/npm_and_yarn/multi-75e6bc5210
• a831389 Bump js-yaml
• 5d9e78f Merge pull request #1222 from microsoft/dependabot/npm_and_yarn/multi-12cb0b0c21
• c9023e9 Bump glob
• See full diff in compare view

Updates @aws-sdk/client-s3 from 3.934.0 to 3.939.0

Release notes

Sourced from @​aws-sdk/client-s3's releases.

v3.939.0

3.939.0(2025-11-24)

Chores

• scripts: reduce api validation to packages/lib only (#7519) (eb74d6a0)

New Features

• client-cloudwatch-logs: New CloudWatch Logs feature - LogGroup Deletion Protection, a capability that allows customers to safeguard their critical CloudWatch log groups from accidental or unintended deletion. (02360329)
• client-cloudfront: Add TrustStore, ConnectionFunction APIs to CloudFront SDK (168505ee)

Bug Fixes

• clients: export enum objects for string shapes (#7521) (62f648df)
• cloudfront-signer: skip extended encoding for query parameters in the base url (#7515) (954d411e)

Tests

• increase beforeAll hook timeouts (#7518) (720ba4cd)

---

For list of updated packages, view updated-packages.md in assets-3.939.0.zip

v3.938.0

3.938.0(2025-11-21)

Chores

• codegen: smithy-aws-typescript-codegen 0.38.0 (#7513) (cdb4d374)

Documentation Changes

• client-elastic-load-balancing-v2: This release adds the health check log feature in ALB, allowing customers to send detailed target health check log data directly to their designated Amazon S3 bucket. (d5c668b7)

New Features

• clients: update client endpoints as of 2025-11-21 (770cf0d9)
• client-redshift: Added support for Amazon Redshift Federated Permissions and AWS IAM Identity Center trusted identity propagation. (b030ee0c)
• client-invoicing: Added the CreateProcurementPortalPreference, GetProcurementPortalPreference, PutProcurementPortalPreference, UpdateProcurementPortalPreferenceStatus, ListProcurementPortalPreferences and DeleteProcurementPortalPreference APIs for procurement portal preference management. (612d1d7c)
• client-transfer: Adds support for creating Webapps accessible from a VPC. (b863762b)
• client-marketplace-entitlement-service: Endpoint update for new region (764e4bf5)
• client-sagemaker: Enhanced SageMaker HyperPod instance groups with support for MinInstanceCount, CapacityRequirements (Spot/On-Demand), and KubernetesConfig (labels and taints). Also Added speculative decoding and MaxInstanceCount for model optimization jobs. (86804322)
• client-quicksight: Amazon Quick Suite now supports QuickChat as an embedding type when calling the GenerateEmbedUrlForRegisteredUser API, enabling developers to embed conversational AI agents directly into their applications. (1fb46165)
• client-sagemaker-runtime-http2: Add support for bidirectional streaming invocations on SageMaker AI real-time endpoints (32887fca)
• client-lex-models-v2: Adds support for Intent Disambiguation, allowing resolution of ambiguous user inputs when multiple intents match by presenting clarifying questions to users. Also adds Speech Detection Sensitivity configuration for optimizing voice activity detection sensitivity levels in various noise environments. (7338fd92)
• client-redshift-serverless: Added UpdateLakehouseConfiguration API to manage Amazon Redshift Federated Permissions and AWS IAM Identity Center trusted identity propagation for namespaces. (e45c0a74)
• client-lambda: Launching Enhanced Error Handling and ESM Grouping capabilities for Kafka ESMs (adfe1d80)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-s3's changelog.

3.939.0 (2025-11-24)

Note: Version bump only for package @​aws-sdk/client-s3

3.937.0 (2025-11-20)

Features

• client-s3: Enable / Disable ABAC on a general purpose bucket. (9816b26)

3.936.0 (2025-11-19)

Note: Version bump only for package @​aws-sdk/client-s3

3.935.0 (2025-11-19)

Features

• client-s3: Adds support for blocking SSE-C writes to general purpose buckets. (cee2e72)

Commits

• 1592379 Publish v3.939.0
• 9981cbc Publish v3.937.0
• 9816b26 feat(client-s3): Enable / Disable ABAC on a general purpose bucket.
• a180cc7 Publish v3.936.0
• c31b14b Publish v3.935.0
• cee2e72 feat(client-s3): Adds support for blocking SSE-C writes to general purpose bu...
• ac2be51 chore(codegen): update for smithy/core serde fixes (#7511)
• See full diff in compare view

Updates @aws-sdk/s3-request-presigner from 3.934.0 to 3.939.0

Release notes

Sourced from @​aws-sdk/s3-request-presigner's releases.

v3.939.0

3.939.0(2025-11-24)

Chores

• scripts: reduce api validation to packages/lib only (#7519) (eb74d6a0)

New Features

• client-cloudwatch-logs: New CloudWatch Logs feature - LogGroup Deletion Protection, a capability that allows customers to safeguard their critical CloudWatch log groups from accidental or unintended deletion. (02360329)
• client-cloudfront: Add TrustStore, ConnectionFunction APIs to CloudFront SDK (168505ee)

Bug Fixes

• clients: export enum objects for string shapes (#7521) (62f648df)
• cloudfront-signer: skip extended encoding for query parameters in the base url (#7515) (954d411e)

Tests

• increase beforeAll hook timeouts (#7518) (720ba4cd)

---

For list of updated packages, view updated-packages.md in assets-3.939.0.zip

v3.938.0

3.938.0(2025-11-21)

Chores

• codegen: smithy-aws-typescript-codegen 0.38.0 (#7513) (cdb4d374)

Documentation Changes

• client-elastic-load-balancing-v2: This release adds the health check log feature in ALB, allowing customers to send detailed target health check log data directly to their designated Amazon S3 bucket. (d5c668b7)

New Features

• clients: update client endpoints as of 2025-11-21 (770cf0d9)
• client-redshift: Added support for Amazon Redshift Federated Permissions and AWS IAM Identity Center trusted identity propagation. (b030ee0c)
• client-invoicing: Added the CreateProcurementPortalPreference, GetProcurementPortalPreference, PutProcurementPortalPreference, UpdateProcurementPortalPreferenceStatus, ListProcurementPortalPreferences and DeleteProcurementPortalPreference APIs for procurement portal preference management. (612d1d7c)
• client-transfer: Adds support for creating Webapps accessible from a VPC. (b863762b)
• client-marketplace-entitlement-service: Endpoint update for new region (764e4bf5)
• client-sagemaker: Enhanced SageMaker HyperPod instance groups with support for MinInstanceCount, CapacityRequirements (Spot/On-Demand), and KubernetesConfig (labels and taints). Also Added speculative decoding and MaxInstanceCount for model optimization jobs. (86804322)
• client-quicksight: Amazon Quick Suite now supports QuickChat as an embedding type when calling the GenerateEmbedUrlForRegisteredUser API, enabling developers to embed conversational AI agents directly into their applications. (1fb46165)
• client-sagemaker-runtime-http2: Add support for bidirectional streaming invocations on SageMaker AI real-time endpoints (32887fca)
• client-lex-models-v2: Adds support for Intent Disambiguation, allowing resolution of ambiguous user inputs when multiple intents match by presenting clarifying questions to users. Also adds Speech Detection Sensitivity configuration for optimizing voice activity detection sensitivity levels in various noise environments. (7338fd92)
• client-redshift-serverless: Added UpdateLakehouseConfiguration API to manage Amazon Redshift Federated Permissions and AWS IAM Identity Center trusted identity propagation for namespaces. (e45c0a74)
• client-lambda: Launching Enhanced Error Handling and ESM Grouping capabilities for Kafka ESMs (adfe1d80)

... (truncated)

Changelog

Sourced from @​aws-sdk/s3-request-presigner's changelog.

3.939.0 (2025-11-24)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.937.0 (2025-11-20)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.936.0 (2025-11-19)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

3.935.0 (2025-11-19)

Note: Version bump only for package @​aws-sdk/s3-request-presigner

Commits

• 1592379 Publish v3.939.0
• 9981cbc Publish v3.937.0
• a180cc7 Publish v3.936.0
• c31b14b Publish v3.935.0
• ac2be51 chore(codegen): update for smithy/core serde fixes (#7511)
• See full diff in compare view

Updates marked from 17.0.0 to 17.0.1

Release notes

Sourced from marked's releases.

v17.0.1

17.0.1 (2025-11-20)

Bug Fixes

• fix block elements in task item (#3828) (921ee22)

Commits

• 16209f5 chore(release): 17.0.1 [skip ci]
• 921ee22 fix: fix block elements in task item (#3828)
• 1e47df2 chore(deps-dev): Bump @​semantic-release/npm from 13.1.1 to 13.1.2 (#3841)
• 8a355d1 chore(deps-dev): Bump @​markedjs/eslint-config from 1.0.13 to 1.0.14 (#3835)
• c43a67e chore(deps-dev): Bump eslint from 9.39.0 to 9.39.1 (#3834)
• de635d8 chore(deps-dev): Bump esbuild from 0.25.12 to 0.27.0 (#3833)
• 554cd8d chore(deps-dev): Bump marked-highlight from 2.2.2 to 2.2.3 (#3832)
• 1711dbb chore(deps-dev): Bump @​semantic-release/github from 12.0.1 to 12.0.2 (#3831)
• 23b9d01 docs: Modernize Docs UI with Tailwind, Dark Mode, and Improved Layout (#3814)
• See full diff in compare view

Updates @cloudflare/vite-plugin from 1.15.0 to 1.15.2

Release notes

Sourced from @​cloudflare/vite-plugin's releases.

@​cloudflare/vite-plugin@​1.15.2

Patch Changes

• #11342 a55c0e4 Thanks @​jamesopstad! - fix: email method not working in ExportedHandler exports in development

• #11322 49eada3 Thanks @​jamesopstad! - Add cloudflare:node to built-in modules

• Updated dependencies [0cf696d, 524a6e5, c922a81, bb44120, 4a158e9]:

  • @​cloudflare/unenv-preset@​2.7.11
  • [email protected]
  • [email protected]

@​cloudflare/vite-plugin@​1.15.1

Patch Changes

• #11331 52ebfa9 Thanks @​edmundhung! - Dispose Miniflare when preview server is closed

• Updated dependencies [e5ec8cf, c758809, dfba912]:

  • [email protected]
  • [email protected]

Changelog

Sourced from @​cloudflare/vite-plugin's changelog.

1.15.2

Patch Changes

• #11342 a55c0e4 Thanks @​jamesopstad! - fix: email method not working in ExportedHandler exports in development

• #11322 49eada3 Thanks @​jamesopstad! - Add cloudflare:node to built-in modules

• Updated dependencies [0cf696d, 524a6e5, c922a81, bb44120, 4a158e9]:

  • @​cloudflare/unenv-preset@​2.7.11
  • [email protected]
  • [email protected]

1.15.1

Patch Changes

• #11331 52ebfa9 Thanks @​edmundhung! - Dispose Miniflare when preview server is closed

• Updated dependencies [e5ec8cf, c758809, dfba912]:

  • [email protected]
  • [email protected]

Commits

• 86eab8e Version Packages (#11356)
• a55c0e4 fix: email method not working in ExportedHandler exports in development (#1...
• 49eada3 Add cloudflare:node to built-in modules (#11322)
• 9f3cfc2 Version Packages (#11334)
• 52ebfa9 fix(vite-plugin-cloudflare): dispose miniflare when preview server is closed ...
• e5ec8cf Bump the workerd-and-workers-types group with 2 updates (#11318)
• See full diff in compare view

Updates @cloudflare/workers-types from 4.20251119.0 to 4.20251125.0

Commits

• See full diff in compare view

Updates vue-tsc from 3.1.4 to 3.1.5

Release notes

Sourced from vue-tsc's releases.

v3.1.5

Features

• feat(language-service): support tsconfig path alias resolution for document links (#5562) - Thanks to @​KazariEX!
• feat(language-server): add serverInfo to initialized result (#5767) - Thanks to @​kada49!

Bug Fixes

• fix(vscode): correct highlighting of tags starting with template (#5755) - Thanks to @​serkodev and @​KazariEX!
• fix(language-core): allow loose props checks on generic components (#5748) - Thanks to @​serkodev!
• fix(language-core): avoid vue-tsc crash during single file checks (#5768) - Thanks to @​KazariEX!
• fix(language-core): dispose virtual code correctly - Thanks to @​KazariEX!

Performance

• perf(language-core): skip unnecessary runtime codegen step (#5766) - Thanks to @​KazariEX!

❤️ Thanks to Our Sponsors

... (truncated)

Changelog

Sourced from vue-tsc's changelog.

3.1.5 (2025-11-23)

Features

• feat(language-service): support tsconfig path alias resolution for document links (#5562) - Thanks to @​KazariEX!
• feat(language-server): add serverInfo to initialized result (#5767) - Thanks to @​kada49!

Bug Fixes

• fix(vscode): correct highlighting of tags starting with template (#5755) - Thanks to @​serkodev and @​KazariEX!
• fix(language-core): allow loose props checks on generic components (#5748) - Thanks to @​serkodev!
• fix(language-core): avoid vue-tsc crash during single file checks (#5768) - Thanks to @​KazariEX!
• fix(language-core): dispose virtual code correctly - Thanks to @​KazariEX!

Performance

• perf(language-core): skip unnecessary runtime codegen step (#5766) - Thanks to @​KazariEX!

Commits

• 093e403 v3.1.5 (#5764)
• c25d7e9 refactor(language-core): rename __VLS_unknownProps to __VLS_PROPS_FALLBACK
• 342cf3b refactor(language-core): rename unknown props to __VLS_unknownProps for con...
• 5d841f4 fix(language-core): defineModel for generic component types (#5748)
• See full diff in compare view

Updates wrangler from 4.49.0 to 4.50.0

Release notes

Sourced from wrangler's releases.

[email protected]

Minor Changes

• #11219 524a6e5 Thanks @​Ltadrian! - Implement Hyperdrive binding TLS miniflare proxy. This will allow for wrangler dev hyperdrive bindings to connect to external databases that require TLS.

• #11233 c922a81 Thanks @​emily-shen! - Add containers.unsafe to allow internal users to use additional container features

Patch Changes

• #11353 0cf696d Thanks @​vicb! - Use the native node:domain module when available

  It is enabled when the enable_nodejs_domain_module compatibility flag is set.

• #11328 bb44120 Thanks @​ascorbic! - Fixes a bug that caused wrangler deploy to hang when deploying SvelteKit sites with experimental autoconfig

• #11025 4a158e9 Thanks @​devin-ai-integration! - Use the native node:wasi module when available

  It is enabled when the enable_nodejs_wasi_module compatibility flag is set.

• Updated dependencies [0cf696d, 524a6e5, 4a158e9]:

  • @​cloudflare/unenv-preset@​2.7.11
  • [email protected]

[email protected]

Patch Changes

• #11344 c758809 Thanks @​dario-piotrowicz! - Fix: mark the r2 bulk command as hidden and experimental

• #11339 dfba912 Thanks @​dario-piotrowicz! - Fix wrangler deploy erroring when it pulls down remote configs of workers containing an assets binding

• Updated dependencies [e5ec8cf]:

  • [email protected]

Commits

• 86eab8e Version Packages (#11356)
• 524a6e5 SQC-652 Implement Hyperdrive binding TLS miniflare proxy. This will (#11219)
• c922a81 Add unsafe.containers (#11233)
• bb44120 Pass --no-git-check flag to sv add (#11328)
• 8ba8d99 refactor unenv e2e tests (#11354)
• d162ddc test: don't render logs to the console in output.test.ts (#11357)
• 4a158e9 Use the native node:wasi module when available (#11025)
• 0cf696d Use the native node:domain module when available (#11353)
• 9f3cfc2 Version Packages (#11334)
• c758809 Fix: mark the r2 bulk command as hidden and experimental (#11344)
• Additional commits viewable in compare view

Updates @codemirror/autocomplete from 6.19.1 to 6.20.0

Changelog

Sourced from @​codemirror/autocomplete's changelog.

6.20.0 (2025-11-20)

New features

Completions now support a sortText property to influence sort order.

Commits

• d5e37b3 Mark version 6.20.0
• 7c8e0d5 Add support for Completion.sortText
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

🚀 Surge Preview has been successfully deployed!

Preview URL: https://doocs-md-preview-pr-1165.surge.sh

_{Built with commit 3102624}

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml