Bump the all-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the all-dependencies group with 6 updates in the / directory:

Package	From	To
@playwright/test	1.59.1	1.60.0
@types/node	24.12.2	24.12.4
jsdom	29.0.2	29.1.1
msw	2.13.5	2.14.6
tsdown	0.21.10	0.22.0
vitest	4.1.5	4.1.6

Updates @playwright/test from 1.59.1 to 1.60.0

Release notes

Sourced from @​playwright/test's releases.

v1.60.0

🌐 HAR recording on Tracing

tracing.startHar() / tracing.stopHar() expose HAR recording as a first-class tracing API, with the same content, mode and urlFilter options as recordHar. The returned Disposable makes it easy to scope a recording with await using:

await using har = await context.tracing.startHar('trace.har');
const page = await context.newPage();
await page.goto('https://playwright.dev');
// HAR is finalized when `har` goes out of scope.

🪝 Drop API

New locator.drop() simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches dragenter, dragover, and drop with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:

await page.locator('#dropzone').drop({
  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },
});
await page.locator('#dropzone').drop({
data: {
'text/plain': 'hello world',
'text/uri-list': 'https://example.com',
},
});

🎯 Aria snapshots

• expect(page).toMatchAriaSnapshot() now works on a Page, in addition to a Locator — equivalent to asserting against page.locator('body').
• New boxes option on locator.ariaSnapshot() / page.ariaSnapshot() appends each element's bounding box as [box=x,y,width,height], useful for AI consumption.

🛑 test.abort()

New test.abort() aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:

test('does not publish to the shared page', async ({ page }) => {
  await page.route('**/publish', route => {
    test.abort('Tests must not publish to the shared page. Use the `clone` option.');
    return route.abort();
  });
  // ...
});

New APIs

Browser, Context and Page

... (truncated)

Commits

• 87bb9dd cherry-pick(#40747): fix(yauzl): vendor yauzl with destroy-lifecycle fix
• 9a9c51c cherry-pick(#40733): chore(electron): revert #40184 (move Electron API to a s...
• 4b3b628 cherry-pick(#40736): Revert "feat(electron): add timeout option to electronAp...
• f869f96 chore: bump version to v1.60.0 (#40714)
• 7eb6918 cherry-pick(#40710): docs: release notes v1.60
• 118d2aa cherry-pick(#40693): chore(python): formdata path type
• 54012f5 chore(deps): bump ip-address and express-rate-limit (#40680)
• 9fa531d fix(screencast): unblock frame ack when an async client disconnects (#40674)
• 3649db5 chore(mcp): bump default extension protocol to v2 (#40678)
• bb6c009 chore(extension): mark 0.2.1 (#40679)
• Additional commits viewable in compare view

Updates @types/node from 24.12.2 to 24.12.4

Commits

• See full diff in compare view

Updates jsdom from 29.0.2 to 29.1.1

Release notes

Sourced from jsdom's releases.

v29.1.1

• Fixed 'border-radius' computed style serialization. (@​asamuzaK)
• Fixed computed style computation when using 'background-origin' and 'background-clip' CSS properties. (@​asamuzaK)
• Significantly optimized initial calls to getComputedStyle(), before the cache warms up. (@​asamuzaK)

v29.1.0

• Added basic support for the ratio CSS type. (@​asamuzaK)
• Fixed getComputedStyle() sometimes returning outdated results after CSS was modified. (@​asamuzaK)

Commits

• 9b9ea7e 29.1.1
• 07efb78 Optimize computed style comparison
• 5f66329 Fix background-origin/background-clip in background shorthand
• ad8af77 Fix border shorthand handling
• 5a3e88e 29.1.0
• 73db204 Update dependencies and dev dependencies
• a7168a5 Support ratio CSS unit type
• 15346e0 Fix style cache invalidation
• See full diff in compare view

Updates msw from 2.13.5 to 2.14.6

Release notes

Sourced from msw's releases.

v2.14.6 (2026-05-11)

Bug Fixes

• defineNetwork: prevent event forwarding manually (#2740) (ccb40e08e3ef1dd80da217f74a1093be260a3f51) @​kettanaito

v2.14.5 (2026-05-08)

Bug Fixes

• ws: remove all frame listeners on client closure (#2739) (91a5d4131ceae9250acc40e0fa44b3c64f030d3e) @​kettanaito

v2.14.4 (2026-05-07)

Bug Fixes

• add finalize API for handler cleanup (#2738) (a288f5452970da6537ff31fce6b7f99eb620e563) @​kettanaito

v2.14.3 (2026-05-04)

Bug Fixes

• prevent frame abort listener leak (#2737) (c4567d2a398fb3315cebea4b66e9b79022ad569c) @​kettanaito

v2.14.2 (2026-04-29)

Bug Fixes

• export the NetworkApi type (#2734) (f0c03214b59f906ca8e92e3f0bb5d08fdf7d6f5e) @​kettanaito

v2.14.1 (2026-04-29)

Bug Fixes

• export default handler controllers (#2733) (f8dc874a236a4bd376c23cce9dd55ed59b8279e2) @​kettanaito

v2.14.0 (2026-04-29)

Features

• support ws.onUpgrade for handling connection upgrades (#2732) (e00e4d693db34884a316f659b8dcfb507cd79dce) @​kettanaito

Bug Fixes

• do not clone user-provided responses (#2731) (6953307c8061626d31a3651e69d47c885c0e4b76) @​kettanaito
• HttpResponse: forward cookies only when response is used (#2728) (30668e68f403535636bfb8dc12c64299d9c1c6e6) @​kettanaito

v2.13.6 (2026-04-24)

Bug Fixes

... (truncated)

Commits

• 2befc51 chore(release): v2.14.6
• ccb40e0 fix(defineNetwork): prevent event forwarding manually (#2740)
• c07e09b chore(release): v2.14.5
• 91a5d41 fix(ws): remove all frame listeners on client closure (#2739)
• d697485 chore(release): v2.14.4
• a288f54 fix: add finalize API for handler cleanup (#2738)
• de18888 chore(release): v2.14.3
• c4567d2 fix: prevent frame abort listener leak (#2737)
• 4bc4a5c chore(release): v2.14.2
• f0c0321 fix: export the NetworkApi type (#2734)
• Additional commits viewable in compare view

Updates tsdown from 0.21.10 to 0.22.0

Release notes

Sourced from tsdown's releases.

v0.22.0

   🚨 Breaking Changes

• Drop Node.js < 22.18.0 support, make unrun optional, add tsx config loader  -  by @​sxzz (a1042)
• dts: Auto-enable dts when tsconfig declaration is true  -  by @​sxzz in rolldown/tsdown#872 (085f0)
• publint: Use pkg from publint results, require publint v0.3.8+  -  by @​sxzz (413bb)

   🚀 Features

• Upgrade rolldown to 1.0.0-rc.18  -  by @​sxzz (66085)
• Upgrade rolldown to v1.0.0  -  by @​sxzz (fabba)
• exports: Auto-enable bin detection by default  -  by @​sxzz in rolldown/tsdown#873 (abda9)

   🐞 Bug Fixes

• Explicitly drop node 23 support  -  by @​sxzz (85e65)
• debug: Enhance debug logging for pack tarball  -  by @​sxzz and Copilot (5de04)
• exports: Detect types fields nested in conditional exports  -  by @​sxzz (82fa1)
• pkg: Fix duplicate configuration warning logic  -  by @​ho991217 and @​sxzz in rolldown/tsdown#935 (6a0d9)

🔄 Migration Guide

Node.js version

Upgrade to Node.js 22.18.0 or later. Bun and Deno remain supported (experimental).

unrun is no longer bundled

If your environment relies on the unrun config loader (i.e. you're on a Node version without native TypeScript support and use the default auto loader), install it manually:

npm i -D unrun
# or, alternatively, the new tsx loader:
npm i -D tsx

If you use Node.js 22.18.0+ with native TypeScript support, no change is needed — the auto loader will pick native.

dts auto-enabled from tsconfig

If your tsconfig.json has compilerOptions.declaration: true but you do not want tsdown to emit .d.ts files, opt out explicitly:

// tsdown.config.ts
export default defineConfig({
  dts: false,
})

exports.bin auto-detection

... (truncated)

Commits

• e3b454b chore: release v0.22.0
• 809fada docs: remove rolldown warning from getting started
• fabbabf feat: upgrade rolldown to v1.0.0
• 3e41fe3 ci: add node 26 to test matrix
• 6a0d98c fix(pkg): fix duplicate configuration warning logic (#935)
• 85e65d8 fix: explicitly drop node 23 support
• a0f3a08 chore: release v0.22.0-beta.3
• 1380ef4 chore: upgrade deps
• 8f07cae v0.22 (#931)
• b001818 chore: upgrade deps
• Additional commits viewable in compare view

Updates vitest from 4.1.5 to 4.1.6

Release notes

Sourced from vitest's releases.

v4.1.6

   🐞 Bug Fixes

• browser: Provide project reference in ToMatchScreenshotResolvePath  -  by @​macarie and @​sheremet-va in vitest-dev/vitest#10138 (31882)
• Global sequence.concurrent: true with top-level test(..., { concurrent: false }) + depreacte sequential test API and options  -  by @​hi-ogawa, Codex and @​sheremet-va in vitest-dev/vitest#10196 (2847d)
• browser: Simplify orchestrator otel carrier  -  by @​hi-ogawa in vitest-dev/vitest#10285 (18af9)

   🏎 Performance

• Stringify diff objects only once  -  by @​sheremet-va in vitest-dev/vitest#10276 (9f7b1)

    View changes on GitHub

Commits

• a8fd24c chore: release v4.1.6
• 18af98c fix(browser): simplify orchestrator otel carrier (#10285)
• 3188260 feat(browser): provide project reference in ToMatchScreenshotResolvePath (#...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.