build(deps): bump the actions-deps group with 8 updates

[dependabot]

Bumps the actions-deps group with 8 updates:

Package	From	To
@graphql-tools/delegate	12.0.11	12.0.12
@babel/parser	7.29.0	7.29.2
content-tag	4.1.0	4.1.1
svelte	5.53.12	5.53.13
@graphql-tools/stitch	10.1.15	10.1.16
@babel/runtime	7.28.6	7.29.2
@graphql-tools/wrap	11.1.11	11.1.12
wrangler	4.74.0	4.75.0

Updates @graphql-tools/delegate from 12.0.11 to 12.0.12

Changelog

Sourced from @​graphql-tools/delegate's changelog.

12.0.12

Patch Changes

• #2106 da68d27 Thanks @​ardatan! - - Optimizations to select ONLY required fields when fetching the missing fields from other subgraphs
  • Do not try to resolve types from the subschemas which only have the stub types, for example if a subgraph only has id field as a stub, do not use that subgraph as a target subgraph for resolving the type, because it will not have any other fields than id.

Commits

• 8c3e2ea Upcoming Release Changes (#2116)
• da68d27 fix(federation/delegate): optimizations on type merging (#2106)
• See full diff in compare view

Updates @babel/parser from 7.29.0 to 7.29.2

Release notes

Sourced from @​babel/parser's releases.

v7.29.1 (2026-02-04)

🐛 Bug Fix

• babel-standalone
  • #17771 [7.x backport] fix: ensure targets.esmodules is validated (@​JLHwung)
• babel-generator
  • #17776 [7.x backport] Fix undefined when 64 indents (@​liuxingbaoyu)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

Commits

• 37d5595 v7.29.2
• f030ad3 [7.x backport] async x => {} must be in leading pos (#17840)
• See full diff in compare view

Updates content-tag from 4.1.0 to 4.1.1

Release notes

Sourced from content-tag's releases.

v4.1.1-content-tag

Release (2026-03-17)

• content-tag 4.1.1 (patch)

🐛 Bug Fix

• content-tag
  • #124 introduce a constructor in LocateContentTagVisitor (@​ef4)
  • #118 Performance idea: add ascii skip char counting happy path. Worth the complexity? (@​johanrd)
  • #116 Fix missing utf16 codepoint fields in Node.js type definitions "must be manually kept in sync with ./index.d.cts" (@​johanrd)

🏠 Internal

• content-tag
  • #127 Tweak release-plan to use our custom setup action (@​NullVoxPopuli)
  • #126 Revert "Prepare Release v4.1.1" (@​NullVoxPopuli)
  • #121 Prepare Release v4.1.1 (@​github-actions[bot])
  • #122 Reroll lockfile (@​NullVoxPopuli)
  • #119 Update release plan via: pnpm dlx create-release-plan-setup@latest --update (@​NullVoxPopuli)
  • #120 Migrate fully to pnpm (@​NullVoxPopuli)
  • #117 Fix CI: add --locked to cargo install wasm-opt (@​Copilot)
  • #115 Force re-try of publish (@​NullVoxPopuli)

Committers: 5

• Copilot [Bot] (@​copilot-swe-agent)
• Edward Faulkner (@​ef4)
• GitHub Actions [Bot] (@​github-actions)
• @​NullVoxPopuli
• @​johanrd

Changelog

Sourced from content-tag's changelog.

content-tag Changelog

Release (2026-03-17)

• content-tag 4.1.1 (patch)

🐛 Bug Fix

• content-tag
  • #124 introduce a constructor in LocateContentTagVisitor (@​ef4)
  • #118 Performance idea: add ascii skip char counting happy path. Worth the complexity? (@​johanrd)
  • #116 Fix missing utf16 codepoint fields in Node.js type definitions "must be manually kept in sync with ./index.d.cts" (@​johanrd)

🏠 Internal

• content-tag
  • #127 Tweak release-plan to use our custom setup action (@​NullVoxPopuli)
  • #126 Revert "Prepare Release v4.1.1" (@​NullVoxPopuli)
  • #121 Prepare Release v4.1.1 (@​github-actions[bot])
  • #122 Reroll lockfile (@​NullVoxPopuli)
  • #119 Update release plan via: pnpm dlx create-release-plan-setup@latest --update (@​NullVoxPopuli)
  • #120 Migrate fully to pnpm (@​NullVoxPopuli)
  • #117 Fix CI: add --locked to cargo install wasm-opt (@​Copilot)
  • #115 Force re-try of publish (@​NullVoxPopuli)

Committers: 5

• Copilot [Bot] (@​copilot-swe-agent)
• Edward Faulkner (@​ef4)
• GitHub Actions [Bot] (@​github-actions)
• @​NullVoxPopuli
• @​johanrd

Release (2025-11-25)

content-tag 4.1.0 (minor)

🚀 Enhancement

• content-tag
  • #112 indentation stripping (@​NullVoxPopuli)
  • #108 add utf16 code points range (@​patricklx)

📝 Documentation

• content-tag
  • #111 Fix return type in readme to include code and map (as the dts already… (@​NullVoxPopuli)

🏠 Internal

• content-tag
  • #107 Configure prettier (@​NullVoxPopuli)
  • #104 Add additional js/runtime tests for how to use character offsets (@​NullVoxPopuli)

Committers: 2

• Patrick Pircher (@​patricklx)
• @​NullVoxPopuli

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for content-tag since your current version.

Updates svelte from 5.53.12 to 5.53.13

Release notes

Sourced from svelte's releases.

svelte@5.53.13

Patch Changes

• fix: ensure $inspect after top level await doesn't break builds (#17943)

• fix: resume inert effects when they come from offscreen (#17942)

• fix: don't eagerly access not-yet-initialized functions in template (#17938)

• fix: discard batches made obsolete by commit (#17934)

• fix: ensure "is standalone child" is correctly reset (#17944)

• fix: remove nodes in boundary when work is pending and HMR is active (#17932)

Changelog

Sourced from svelte's changelog.

5.53.13

Patch Changes

• fix: ensure $inspect after top level await doesn't break builds (#17943)

• fix: resume inert effects when they come from offscreen (#17942)

• fix: don't eagerly access not-yet-initialized functions in template (#17938)

• fix: discard batches made obsolete by commit (#17934)

• fix: ensure "is standalone child" is correctly reset (#17944)

• fix: remove nodes in boundary when work is pending and HMR is active (#17932)

Commits

• 6a303c3 Version Packages (#17936)
• f081a6c fix: resume inert effects when they come from offscreen (#17942)
• 1cd0645 fix: remove nodes in boundary when work is pending and HMR is active (#17932)
• 32a48ed fix: don't eagerly access not-yet-initialized functions in template (#17938)
• b472171 fix: ensure $inspect after top level await doesn't break builds (#17943)
• d4bd6ad fix: ensure "is standalone child" is correctly reset (#17944)
• 98e8b63 fix: discard batches made obsolete by commit (#17934)
• See full diff in compare view

Updates @graphql-tools/stitch from 10.1.15 to 10.1.16

Changelog

Sourced from @​graphql-tools/stitch's changelog.

10.1.16

Patch Changes

• Updated dependencies [da68d27]:
  • @​graphql-tools/delegate@​12.0.12
  • @​graphql-tools/batch-delegate@​10.0.18
  • @​graphql-tools/wrap@​11.1.12

Commits

• 8c3e2ea Upcoming Release Changes (#2116)
• See full diff in compare view

Updates @babel/runtime from 7.28.6 to 7.29.2

Release notes

Sourced from @​babel/runtime's releases.

v7.29.1 (2026-02-04)

🐛 Bug Fix

• babel-standalone
  • #17771 [7.x backport] fix: ensure targets.esmodules is validated (@​JLHwung)
• babel-generator
  • #17776 [7.x backport] Fix undefined when 64 indents (@​liuxingbaoyu)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• @​liuxingbaoyu

v7.29.0 (2026-01-31)

Thanks @​simbahax for your first PR!

🚀 New Feature

• babel-types
  • #17750 [7.x backport] Add attributes import declaration builder (@​JLHwung)
• babel-standalone
  • #17663 [7.x backport] feat(standalone): export async transform (@​JLHwung)
  • #17725 [7.x backport] feat: read standalone targets from data-targets (@​JLHwung)

🐛 Bug Fix

• babel-parser
  • #17765 fix(parser): correctly parse type assertions in extends clause (@​nicolo-ribaudo)
  • #17723 [7.x backport] fix(parser): improve super type argument parsing (@​JLHwung)
• babel-traverse
  • #17708 fix(traverse): provide a hub when traversing a File or Program and no parentPath is given (@​simbahax)
• babel-plugin-transform-block-scoping, babel-traverse
  • #17737 [7.x backport] fix: Rename switch discriminant references when body creates shadowing variable (@​magic-akari)

🏃‍♀️ Performance

• babel-generator, babel-runtime-corejs3
  • #17642 [Babel 7] Improve generator performance (@​liuxingbaoyu)

Committers: 6

• David (@​simbahax)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu
• @​magic-akari

Commits

• 37d5595 v7.29.2
• See full diff in compare view

Updates @graphql-tools/wrap from 11.1.11 to 11.1.12

Changelog

Sourced from @​graphql-tools/wrap's changelog.

11.1.12

Patch Changes

• Updated dependencies [da68d27]:
  • @​graphql-tools/delegate@​12.0.12

Commits

• 8c3e2ea Upcoming Release Changes (#2116)
• da68d27 fix(federation/delegate): optimizations on type merging (#2106)
• See full diff in compare view

Updates wrangler from 4.74.0 to 4.75.0

Release notes

Sourced from wrangler's releases.

wrangler@4.75.0

Minor Changes

• #12492 3b81fc6 Thanks @​thomasgauvin! - feat: add wrangler tunnel commands for managing Cloudflare Tunnels

  Adds a new set of commands for managing remotely-managed Cloudflare Tunnels directly from Wrangler:

  • wrangler tunnel create <name> - Create a new Cloudflare Tunnel
  • wrangler tunnel list - List all tunnels in your account
  • wrangler tunnel info <tunnel> - Display details about a specific tunnel
  • wrangler tunnel delete <tunnel> - Delete a tunnel (with confirmation)
  • wrangler tunnel run <tunnel> - Run a tunnel using cloudflared
  • wrangler tunnel quick-start <url> - Start a temporary tunnel (Try Cloudflare)

  The run and quick-start commands automatically download and manage the cloudflared binary, caching it in ~/.wrangler/cloudflared/. Users are prompted before downloading and warned if their PATH-installed cloudflared is outdated. You can override the binary location with the CLOUDFLARED_PATH environment variable.

  All commands are marked as experimental.

Patch Changes

• #12927 c9b3184 Thanks @​penalosa! - Bump undici from 7.18.2 to 7.24.4

• #12875 13df6c7 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260312.1	1.20260316.1

• #12935 df0d112 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260316.1	1.20260317.1

• #12928 81ee98e Thanks @​petebacondarwin! - Migrate chrome-devtools-patches deployment from Cloudflare Pages to Workers + Assets

  The DevTools frontend is now deployed as a Cloudflare Workers + Assets project instead of a Cloudflare Pages project. This uses wrangler deploy for production deployments and wrangler versions upload for PR preview deployments.

  The inspector proxy origin allowlists in both wrangler and miniflare have been updated to accept connections from the new workers.dev domain patterns, while retaining the legacy pages.dev patterns for backward compatibility.

• #12835 c600ce0 Thanks @​dario-piotrowicz! - Fix execution freezing on debugger statements when DevTools is not attached

  Previously, wrangler always sent Debugger.enable to the runtime on connection, even when DevTools wasn't open. This caused scripts to freeze on debugger statements. Now Debugger.enable is only sent when DevTools is actually attached, and Debugger.disable is sent when DevTools disconnects to stop the runtime from performing debugging work.

• #12894 f509d13 Thanks @​gpanders! - Simplify description of --json option

... (truncated)

Commits

• a671740 Version Packages (#12923)
• e25bd0e Update prettier to 3.8.1 (#12939)
• df0d112 Bump the workerd-and-workers-types group with 2 updates (#12935)
• 81ee98e [chrome-devtools-patches] Migrate deployment from Cloudflare Pages to Workers...
• 3b81fc6 feat(wrangler): add wrangler tunnel (#12492)
• 13df6c7 Bump the workerd-and-workers-types group with 2 updates (#12875)
• 0a7fef9 wrangler: reject cross-drive module paths (#11888)
• f509d13 Remove superfluous adjective from --json description (#12894)
• c600ce0 Fix execution freezing on debugger statements when DevTools is not attached...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

🦋 Changeset detected

Latest commit: a9b750a

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 6 packages

Name	Type
@ardatan/relay-compiler	Patch
@graphql-tools/graphql-tag-pluck	Patch
@graphql-tools/relay-operation-optimizer	Patch
@graphql-tools/code-file-loader	Patch
@graphql-tools/git-loader	Patch
@graphql-tools/github-loader	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[github-actions]

💻 Website Preview

The latest changes are available as preview in: https://pr-8056.graphql-tools.pages.dev