chore(deps): bump the bun group with 5 updates

[dependabot]

Bumps the bun group with 5 updates:

Package	From	To
fast-xml-parser	5.8.0	5.9.3
@playwright/test	1.60.0	1.61.1
@screenly/edge-apps	1.0.0	1.1.1
npm-run-all2	9.0.1	9.0.2
prettier	3.8.3	3.8.5

Updates fast-xml-parser from 5.8.0 to 5.9.3

Release notes

Sourced from fast-xml-parser's releases.

v5.9.3

What's Changed

• Harden GitHub Actions workflows by @​martincostello in NaturalIntelligence/fast-xml-parser#841
• GitHub Actions workflow fixes by @​martincostello in NaturalIntelligence/fast-xml-parser#844

New Contributors

• @​martincostello made their first contribution in NaturalIntelligence/fast-xml-parser#841

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.9.2...v5.9.3

v5.9.2

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.9.1...v5.9.2

v5.9.1

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.9.0...v5.9.1

update strnum, use is-unsafe

• update strnum to 2.3.0
  • you can set hex, binary, enotation, infinity, unicode
• validate unsafe HTML or XML data in doctype entities unsing 'is-unsafe' library. User can override rules by overriding EntityDecoder.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

*5.9.3 / 2026-06-19

• update strnum

*5.9.2 / 2026-06-17

• dummy release to test changes in github action

*5.9.1 / 2026-06-17

• dummy release to test release from github action

*5.9.0 / 2026-06-15

• update strnum to 2.3.0
  • you can set hex, binary, enotation, infinity, unicode
• validate unsafe HTML or XML data in doctype entities unsing 'is-unsafe' library. User can override rules by overriding EntityDecoder.

*5.8.0 / 2026-05-12

• integrate xml-naming to validate DOCTYPE entity name and notation name (using qname becaue of backward compatibility)
  • This will consider xml-version as well. '1.0' is default
• update strnum to 2.3.0
  • You can set octal and binary parsing which is bydeault off
• update fast-xml-builder to 1.2.0
  • can sanitize tag names if found invalid
  • fix format output

5.7.3 / 2006-05-05

• fix: alwaysCreateTextNode should create text node when attributes are present for self closing node
• fix stop node expression when ns prefix is removed (found by iruizsalinas)
• update XML Builder to 1.1.7
• mark addEntity deprecated

5.7.2 / 2026-04-25

• allow numerical external entity for backward compatibility
• fix #705: attributesGroupName working with preserveOrder
• fix #817: stackoverflow when tag expression is very long

5.7.1 / 2026-04-20

• fix typo in CJS typing file

5.7.0 / 2026-04-17

• Use @nodable/entities v2.1.0
  • breaking changes
    • single entity scan. You're not allowed to user entity value to form another entity name.
    • you cant add numeric external entity
    • entity error message when expantion limit is crossed might change

... (truncated)

Commits

• 93a09f1 5.9.3
• 9c1905e update strnum
• 8d71292 GitHub Actions workflow fixes (#844)
• 784a044 Harden GitHub Actions workflows (#841)
• bf9b81a 5.9.2
• 232abf5 update publish action for better security
• 73411fa update checklist
• d57e33b 5.9.1
• 3be603a testing release from Github
• b6c41ea Add GitHub Actions workflow for npm publishing
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for fast-xml-parser since your current version.

Updates @playwright/test from 1.60.0 to 1.61.1

Release notes

Sourced from @​playwright/test's releases.

v1.61.1

Bug Fixes

• #41365 [Bug]: Expect.Extend matcher with same name as default matcher in same expect instance overrides default matchers implementation to custom matcher
• #41351 [Bug]: Playwright UI mode: apiRequestContext._wrapApiCall reports unexpected number of bytes (same test passes in headed mode)
• #41360 [Bug]: Trace viewer: message times in websockets are downscaled by 1000
• #41311 [Bug]: [Regression]: Sync loader throws "context.conditions?.includes is not a function" on Node 22.15
• #41371 [Regression]: Sync ESM loader (registerHooks) fails to resolve extensionless .ts subpath imports across pnpm workspace symlinks

v1.61.0

🔑 WebAuthn passkeys

New Credentials virtual authenticator, available via browserContext.credentials, lets tests register passkeys and answer navigator.credentials.create() / navigator.credentials.get() ceremonies in the page — no real hardware key required, works in all browsers:

const context = await browser.newContext();
// Seed a passkey your backend provisioned for a test user.
await context.credentials.create('example.com', {
id: credentialId,
userHandle,
privateKey,
publicKey,
});
await context.credentials.install();
const page = await context.newPage();
await page.goto('https://example.com/login');
// The page's navigator.credentials.get() is answered with the seeded passkey.

You can also let the app register a passkey once in a setup test, read it back with credentials.get(), and seed it into later tests — see Credentials for details.

🗃️ Web Storage

New WebStorage API, available via page.localStorage and page.sessionStorage, reads and writes the page's storage for the current origin:

await page.localStorage.setItem('token', 'abc');
const token = await page.localStorage.getItem('token');
const items = await page.sessionStorage.items();

New APIs

Network

• apiResponse.securityDetails() and apiResponse.serverAddr() mirror the browser-side response.securityDetails() and response.serverAddr().

Browser and Screencast

... (truncated)

Commits

• 39e3553 cherry-pick(#41399): fix(test): load require-reached files as commonjs in syn...
• 4328122 chore: mark v1.61.1 (#41404)
• 2c29a94 fix(tracing): stop recording websocket frames outside of chunks (#41398)
• 4324b19 cherry-pick(#41367): fix(test): keep builtin expect matchers on base extend
• 041e7e3 cherry-pick(#41364): fix(har): WebSocket message timestamps should be in mi...
• b8a0fc3 cherry-pick(#41309, #43149): Revert "fix(firefox): treat `navigationCommitted...
• b5a3175 cherry-pick(#41319): fix(loader): support other node versions
• d4724a9 cherry-pick(#41290): feat(docker): add Ubuntu 26.04 (Resolute Raccoon) image
• 1cc5a90 cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...
• a6772bd cherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...
• Additional commits viewable in compare view

Updates @screenly/edge-apps from 1.0.0 to 1.1.1

Release notes

Sourced from @​screenly/edge-apps's releases.

v1.1.1

What's Changed

Other Changes

• docs(sentry): document error reporting utilities by @​nicomiguelino in Screenly/edge-apps-library#41

Full Changelog: Screenly/edge-apps-library@v1.1.0...v1.1.1

v1.1.0

What's Changed

Other Changes

• chore: remove bun repo config by @​nicomiguelino in Screenly/edge-apps-library#29
• feat(sentry): add error reporting utilities by @​rusko124 in Screenly/edge-apps-library#36
• chore(release): bump version to 1.1.0 by @​nicomiguelino in Screenly/edge-apps-library#40

New Contributors

• @​rusko124 made their first contribution in Screenly/edge-apps-library#36

Full Changelog: Screenly/edge-apps-library@v1.0.0...v1.1.0

Commits

• 65c3d68 chore(release): bump version to 1.1.1 (#41)
• 2e32690 chore(release): bump version to 1.1.0 (#40)
• 1714c1b feat(sentry): add error reporting utilities
• ef2e58c chore: remove bun repo config (#29)
• See full diff in compare view

Updates npm-run-all2 from 9.0.1 to 9.0.2

Release notes

Sourced from npm-run-all2's releases.

v9.0.2

Merged

• fix: update Node.js version requirements [#232](https://github.com/bcomnes/npm-run-all2/issues/232)
• Upgrade: Bump codecov/codecov-action from 6 to 7 [#233](https://github.com/bcomnes/npm-run-all2/issues/233)
• fix: bump shell-quote to ^1.8.4 [#236](https://github.com/bcomnes/npm-run-all2/issues/236)
• Upgrade: Bump pidtree from 0.6.1 to 1.0.0 [#234](https://github.com/bcomnes/npm-run-all2/issues/234)

Changelog

Sourced from npm-run-all2's changelog.

v9.0.2

Merged

• fix: update Node.js version requirements [#232](https://github.com/bcomnes/npm-run-all2/issues/232)
• Upgrade: Bump codecov/codecov-action from 6 to 7 [#233](https://github.com/bcomnes/npm-run-all2/issues/233)
• fix: bump shell-quote to ^1.8.4 [#236](https://github.com/bcomnes/npm-run-all2/issues/236)
• Upgrade: Bump pidtree from 0.6.1 to 1.0.0 [#234](https://github.com/bcomnes/npm-run-all2/issues/234)

Commits

• ed22aa9 9.0.2
• 9fa0e66 fix: update Node.js version requirements (#232)
• 604c2a4 Upgrade: Bump codecov/codecov-action from 6 to 7 (#233)
• 5812591 fix: bump shell-quote to ^1.8.4 (#236)
• d4b4211 Upgrade: Bump pidtree from 0.6.1 to 1.0.0 (#234)
• See full diff in compare view

Updates prettier from 3.8.3 to 3.8.5

Release notes

Sourced from prettier's releases.

3.8.5

• Fix Flow variance annotation print (#19022 by @​marcoww6)

🔗 Changelog

3.8.4

• Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (prettier/prettier#17746 by @​byplayer)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.5

diff

Flow: Support readonly as a variance annotation (#19022 by @​marcoww6)

Flow now accepts readonly as a property variance annotation, equivalent to + (covariant/read-only).

// Input
type T = {
  readonly foo: string,
};
// Prettier 3.8.4
SyntaxError
// Prettier 3.8.5
type T = {
readonly foo: string,
};

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

<!-- Input -->
- a


b


c

d



<!-- Prettier 3.8.3 -->

a

b


c

d



</tr></table>

... (truncated)

Commits

• 1ce8c47 Release 3.8.5
• 74923fa Fix variance annotation
• 8b4eb33 Bump Prettier dependency to 3.8.4
• e9cbdfa Clean changelog_unreleased
• 1c6ba55 Release 3.8.4
• 4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
• 074aaed Replace main branch in changelog link with tags (#19054)
• c22a003 Bump Prettier dependency to 3.8.3
• 07bad1f Clean changelog_unreleased
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions