fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@iconify-json/material-symbols	^1.2.12 -> ^1.2.13					dependencies	patch
@playwright/test (source)	^1.49.1 -> ^1.50.0					devDependencies	minor
@types/node (source)	^22.10.7 -> ^22.10.9					devDependencies	patch
daisyui (source)	5.0.0-beta.1 -> 5.0.0-beta.2					dependencies	patch
github.com/docker/docker	v27.5.0+incompatible -> v27.5.1+incompatible					require	patch
lint-staged	^15.4.1 -> ^15.4.2					devDependencies	patch
mcr.microsoft.com/playwright	v1.49.1-jammy -> v1.50.0-jammy						minor
node	23.6.0-alpine -> 23.6.1-alpine					stage	patch
vitest (source)	^3.0.3 -> ^3.0.4					devDependencies	patch

---

Release Notes

microsoft/playwright (@​playwright/test)

v1.50.0

Compare Source

Test runner

• New option timeout allows specifying a maximum run time for an individual test step. A timed-out step will fail the execution of the test.

  test('some test', async ({ page }) => {
    await test.step('a step', async () => {
      // This step can time out separately from the test
    }, { timeout: 1000 });
  });

• New method test.step.skip() to disable execution of a test step.

  test('some test', async ({ page }) => {
    await test.step('before running step', async () => {
      // Normal step
    });
  
    await test.step.skip('not yet ready', async () => {
      // This step is skipped
    });
  
    await test.step('after running step', async () => {
      // This step still runs even though the previous one was skipped
    });
  });

• Expanded expect(locator).toMatchAriaSnapshot() to allow storing of aria snapshots in separate YAML files.

• Added method expect(locator).toHaveAccessibleErrorMessage() to assert the Locator points to an element with a given aria errormessage.

• Option testConfig.updateSnapshots added the configuration enum changed. changed updates only the snapshots that have changed, whereas all now updates all snapshots, regardless of whether there are any differences.

• New option testConfig.updateSourceMethod defines the way source code is updated when testConfig.updateSnapshots is configured. Added overwrite and 3-way modes that write the changes into source code, on top of existing patch mode that creates a patch file.

  npx playwright test --update-snapshots=changed --update-source-method=3way

• Option testConfig.webServer added a gracefulShutdown field for specifying a process kill signal other than the default SIGKILL.

• Exposed testStep.attachments from the reporter API to allow retrieval of all attachments created by that step.

UI updates

• Updated default HTML reporter to improve display of attachments.
• New button for picking elements to produce aria snapshots.
• Additional details (such as keys pressed) are now displayed alongside action API calls in traces.
• Display of canvas content in traces is error-prone. Display is now disabled by default, and can be enabled via the Display canvas content UI setting.
• Call and Network panels now display additional time information.

Breaking

• expect(locator).toBeEditable() and locator.isEditable() now throw if the target element is not <input>, <select>, or a number of other editable elements.
• Option testConfig.updateSnapshots now updates all snapshots when set to all, rather than only the failed/changed snapshots. Use the new enum changed to keep the old functionality of only updating the changed snapshots.

Browser Versions

• Chromium 133.0.6943.16
• Mozilla Firefox 134.0
• WebKit 18.2

This version was also tested against the following stable channels:

• Google Chrome 132
• Microsoft Edge 132

docker/docker (github.com/docker/docker)

v27.5.1+incompatible

Compare Source

lint-staged/lint-staged (lint-staged)

v15.4.2

Compare Source

Patch Changes

• #​1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

nodejs/node (node)

v23.6.1: 2025-01-21, Version 23.6.1 (Current), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

• CVE-2025-23083 - src,loader,permission: throw on InternalWorker use when permission model is enabled (High)
• CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR_PROTO (Medium)
• CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)

Dependency update:

• CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)

Commits

• [f2ad4d3af8] - (CVE-2025-22150) deps: update undici to v6.21.1 (Matteo Collina) nodejs-private/node-private#654
• [0afc6f9600] - (CVE-2025-23084) path: fix path traversal in normalize() on Windows (RafaelGSS) nodejs-private/node-private#555
• [3c7686163e] - (CVE-2025-23085) src: fix HTTP2 mem leak on premature close and ERR_PROTO (RafaelGSS) nodejs-private/node-private#650
• [51938f023a] - (CVE-2025-23083) src,loader,permission: throw on InternalWorker use (RafaelGSS) nodejs-private/node-private#629

vitest-dev/vitest (vitest)

v3.0.4

Compare Source

   🐞 Bug Fixes

• Filter projects eagerly during config resolution  -  by @​sheremet-va and @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7313 (dff44)
• Apply development &nbsp;-&nbsp; by @&#8203;hi-ogawa and @&#8203;sheremet-va [<samp>(produ)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/production condition on Vite 6 (#​7301))
• browser: Restrict served files from /__screenshot-error  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7340 (ed9ae)
• deps: Update all non-major dependencies  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7297 (38ea8)
• runner: Timeout long sync hook  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7289 (c60ee)
• typechecking: Support typechecking parsing with Vite 6  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7335 (bff70)
• types: Fix public types  -  by @​mrginglymus and @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7328 (ce6af)

    View changes on GitHub

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.