fix(deps): update all non-major dependencies

[a-klos]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update	Pending
@eslint/js (source)	9.39.2 -> 9.39.3			devDependencies	patch
@intlify/unplugin-vue-i18n (source)	11.0.3 -> 11.0.7			devDependencies	patch
@rushstack/eslint-patch (source)	1.15.0 -> 1.16.1			devDependencies	minor
@sit-onyx/icons (source)	1.5.0 -> 1.6.0			devDependencies	minor
@tailwindcss/postcss (source)	4.1.18 -> 4.2.0			devDependencies	minor	4.2.1
@tailwindcss/vite (source)	4.1.18 -> 4.2.0			devDependencies	minor	4.2.1
@tsconfig/node21 (source)	21.0.7 -> 21.0.8			devDependencies	patch
@types/node (source)	22.19.10 -> 22.19.11			devDependencies	patch	22.19.13 (+1)
@typescript-eslint/eslint-plugin (source)	8.54.0 -> 8.56.0			devDependencies	minor	8.56.1
@typescript-eslint/parser (source)	8.54.0 -> 8.56.0			devDependencies	minor	8.56.1
@vue/eslint-config-typescript	14.6.0 -> 14.7.0			devDependencies	minor
azure-core (source)	1.38.0 -> 1.38.2			dependencies	patch
black (changelog)	25.11.0 -> 25.12.0			lint	minor
boto3	1.42.49 -> 1.42.54			dependencies	patch	1.42.59 (+4)
boto3	1.42.44 -> 1.42.54			dependencies	patch	1.42.59 (+4)
botocore	1.42.49 -> 1.42.54			dependencies	patch	1.42.59 (+4)
coverage	7.11.3 -> 7.13.4			test	minor
daisyui (source)	5.5.18 -> 5.5.19			devDependencies	patch
debugpy (source)	1.8.17 -> 1.8.20			dev	patch
docling (changelog)	2.73.1 -> 2.74.0			dependencies	minor	2.75.0
eslint (source)	9.39.2 -> 9.39.3			devDependencies	patch
eslint-plugin-cypress	5.2.1 -> 5.3.0			devDependencies	minor
eslint-plugin-vue (source)	10.7.0 -> 10.8.0			devDependencies	minor
fastapi (changelog)	^0.128.0 -> ^0.129.0			dependencies	minor	0.134.0 (+6)
fastapi (changelog)	^0.128.0 -> ^0.129.0			dependencies	minor	0.134.0 (+6)
filelock	3.20.3 -> 3.24.3			dependencies	minor
flake8-pyproject (changelog)	1.2.3 -> 1.2.4			lint	patch
langchain (changelog)	1.2.9 -> 1.2.10			dependencies	patch
langchain-core (changelog)	1.2.13 -> 1.2.14			dependencies	patch	1.2.16 (+1)
langchain-openai (changelog)	1.1.8 -> 1.1.10			dependencies	patch
langchain-text-splitters (changelog)	1.1.0 -> 1.1.1			dependencies	patch
langfuse	3.14.1 -> 3.14.4			dependencies	patch	3.14.5
langfuse (source)	1.5.19 -> 1.5.20				patch	1.5.21
langfuse/langfuse	3.152.0 -> 3.155.0				minor	3.155.1
langfuse/langfuse-worker	3.152.0 -> 3.155.0				minor	3.155.1
langgraph (source, changelog)	1.0.8 -> 1.0.9			dependencies	patch	1.0.10
langsmith	^0.6.3 -> ^0.7.0			dependencies	minor	0.7.9 (+2)
markitdown	0.1.4 -> 0.1.5			dependencies	patch
numpy (changelog)	2.3.5 -> 2.4.2			dependencies	minor
ollama (source)	1.41.0 -> 1.44.0				minor	1.46.0 (+1)
pydantic-settings (changelog)	2.12.0 -> 2.13.1			dependencies	minor
qdrant (source)	1.16.3 -> 1.17.0				minor
qdrant-client	1.16.2 -> 1.17.0			dependencies	minor
stackit (source)	~> 0.80.0 -> ~> 0.82.0			required_provider	minor	0.83.0
tailwindcss (source)	4.1.18 -> 4.2.0			devDependencies	minor	4.2.1
tesserocr	2.9.2 -> 2.10.0			dependencies	minor
unstructured	0.18.31 -> 0.20.8			dependencies	minor	0.21.5 (+3)
uvicorn (changelog)	^0.40.0 -> ^0.41.0			dependencies	minor
vue (source)	3.5.27 -> 3.5.28			dependencies	patch	3.5.29
vue-eslint-parser	10.2.0 -> 10.4.0			devDependencies	minor
vue-tsc (source)	3.2.4 -> 3.2.5			devDependencies	patch

---

Release Notes

eslint/eslint (@​eslint/js)

v9.39.3

Compare Source

Bug Fixes

• 791bf8d fix: restore TypeScript 4.0 compatibility in types (#​20504) (sethamus)

Chores

• 8594a43 chore: upgrade @​eslint/js@​9.39.3 (#​20529) (Milos Djermanovic)
• 9ceef92 chore: package.json update for @​eslint/js release (Jenkins)
• af498c6 chore: ignore /docs/v9.x in link checker (#​20453) (Milos Djermanovic)

intlify/bundle-tools (@​intlify/unplugin-vue-i18n)

v11.0.7

Compare Source

Full Changelog: intlify/bundle-tools@v11.0.6...v11.0.7

microsoft/rushstack (@​rushstack/eslint-patch)

v1.16.1

Compare Source

Fri, 20 Feb 2026 00:15:04 GMT

Patches

• Add "node" condition before "import" in the "exports" map so that Node.js uses the CJS output (which handles extensionless imports), while bundlers still use ESM via "import". Fixes #​5644.

v1.16.0

Compare Source

Thu, 19 Feb 2026 00:04:52 GMT

Minor changes

• Normalize package layout. CommonJS is now under lib-commonjs, DTS is now under lib-dts, and ESM is now under lib-esm. Imports to lib still work as before, handled by the "exports" field in package.json.

SchwarzIT/onyx (@​sit-onyx/icons)

v1.6.0

Compare Source

Minor Changes

• 3e34b0c: feat: update icons

New

• dremio
• pubsub-service

tailwindlabs/tailwindcss (@​tailwindcss/postcss)

v4.2.0

Compare Source

Added

• Add mauve, olive, mist, and taupe color palettes to the default theme (#​19627)
• Add @tailwindcss/webpack package to run Tailwind CSS as a webpack plugin (#​19610)
• Add pbs-* and pbe-* utilities for padding-block-start and padding-block-end (#​19601)
• Add mbs-* and mbe-* utilities for margin-block-start and margin-block-end (#​19601)
• Add scroll-pbs-* and scroll-pbe-* utilities for scroll-padding-block-start and scroll-padding-block-end (#​19601)
• Add scroll-mbs-* and scroll-mbe-* utilities for scroll-margin-block-start and scroll-margin-block-end (#​19601)
• Add border-bs-* and border-be-* utilities for border-block-start and border-block-end (#​19601)
• Add inline-*, min-inline-*, max-inline-* utilities for inline-size, min-inline-size, and max-inline-size (#​19612)
• Add block-*, min-block-*, max-block-* utilities for block-size, min-block-size, and max-block-size (#​19612)
• Add inset-s-*, inset-e-*, inset-bs-*, inset-be-* utilities for inset-inline-start, inset-inline-end, inset-block-start, and inset-block-end (#​19613)
• Add font-features-* utility for font-feature-settings (#​19623)

Fixed

• Prevent double @supports wrapper for color-mix values (#​19450)
• Allow whitespace around @source inline() argument (#​19461)
• Emit comment when source maps are saved to files when using @tailwindcss/cli (#​19447)
• Detect utilities containing capital letters followed by numbers (#​19465)
• Fix class extraction for Rails' strict locals (#​19525)
• Align @utility name validation with Oxide scanner rules (#​19524)
• Fix infinite loop when using @variant inside @custom-variant (#​19633)
• Allow multiples of .25 in aspect-* fractions (e.g. aspect-8.5/11) (#​19688)
• Ensure changes to external files listed via @source trigger a full page reload when using @tailwindcss/vite (#​19670)
• Improve performance of Oxide scanner in bigger projects by reducing file system walks (#​19632)
• Ensure import aliases in Astro v5 work without crashing when using @tailwindcss/vite (#​19677)
• Allow escape characters in @utility names to improve support with formatters such as Biome (#​19626)
• Fix incorrect canonicalization results when canonicalizing multiple times (#​19675)
• Add .jj to default ignored content directories (#​19687)

Deprecated

• Deprecate start-* and end-* utilities in favor of inset-s-* and inset-e-* utilities (#​19613)

tsconfig/bases (@​tsconfig/node21)

v21.0.8

Compare Source

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.56.0

Compare Source

🚀 Features

• support ESLint v10 (#​12057)

🩹 Fixes

• use parser options from context.languageOptions (#​12043)

❤️ Thank You

• Brad Zacher @​bradzacher
• fnx @​DMartens
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.55.0

Compare Source

🚀 Features

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#​11992)

🩹 Fixes

• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#​11949)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#​11984)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#​11966, #​12000)
• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#​11990)

❤️ Thank You

• Christian Rose @​chrros95
• Josh Goldberg
• Maria Solano @​MariaSolOs
• Minyeong Kim @​minyeong981
• SungHyun627 @​SungHyun627
• Yukihiro Hasegawa @​y-hsgw

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.56.0

Compare Source

🚀 Features

• support ESLint v10 (#​12057)

❤️ Thank You

• Brad Zacher @​bradzacher
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.55.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

vuejs/eslint-config-typescript (@​vue/eslint-config-typescript)

v14.7.0

Compare Source

What's Changed

• fix: respect global ignores when scanning for vue files to lint by @​haoqunjiang in #​239
• feat: support ESLint 10 as peer dependency

Full Changelog: vuejs/eslint-config-typescript@v14.6.0...v14.7.0

Azure/azure-sdk-for-python (azure-core)

v1.38.2

Compare Source

1.38.2 (2026-02-18)

Bugs Fixed

• Fixed PipelineClient.format_url to preserve the leading slash when the URL template starts with /?. #​45218

v1.38.1

Compare Source

1.38.1 (2026-02-10)

Bugs Fixed

• Fixed PipelineClient.format_url to avoid adding trailing slashes when the URL template contains only query parameters. #​45044

psf/black (black)

v25.12.0

Compare Source

Highlights

• Black no longer supports running with Python 3.9 (#​4842)

Stable style

• Fix bug where comments preceding # fmt: off/# fmt: on blocks were incorrectly
  removed, particularly affecting Jupytext's # %% [markdown] comments (#​4845)
• Fix crash when multiple # fmt: skip comments are used in a multi-part if-clause, on
  string literals, or on dictionary entries with long lines (#​4872)
• Fix possible crash when fmt: directives aren't on the top level (#​4856)
• Preserve parentheses when # type: ignore comments would be merged with other
  comments on the same line, preventing AST equivalence failures (#​4888)

Preview style

• Fix fmt: skip skipping the line after instead of the line it's on (#​4855)
• Remove unnecessary parentheses from the left-hand side of assignments while preserving
  magic trailing commas and intentional multiline formatting (#​4865)
• Fix fix_fmt_skip_in_one_liners crashing on with statements (#​4853)
• Fix fix_fmt_skip_in_one_liners crashing on annotated parameters (#​4854)
• Fix new lines being added after imports with # fmt: skip on them (#​4894)

Packaging

• Releases now include arm64 Windows binaries and wheels (#​4814)

Integrations

• Add output-file input to GitHub Action psf/black to write formatter output to a
  file for artifact capture and log cleanliness (#​4824)

boto/boto3 (boto3)

v1.42.54

Compare Source

=======

• api-change:appstream: [botocore] Adding new attribute to disable IMDS v1 APIs for fleet, Image Builder and AppBlockBuilder instances.
• api-change:ecs: [botocore] Migrated to Smithy. No functional changes
• api-change:endpoint-rules: [botocore] Update endpoint-rules client to latest version
• api-change:sagemaker-runtime: [botocore] Added support for S3OutputPathExtension and Filename parameters to the InvokeEndpointAsync API to allow users to customize the S3 output path and file name for async inference response payloads.
• api-change:signer-data: [botocore] This release introduces AWS Signer Data Plane SDK client supporting GetRevocationStatus API. The new client enables AWS PrivateLink connectivity with both private DNS and VPC endpoint URLs.
• api-change:ssm: [botocore] Add support for AssociationDispatchAssumeRole in AWS SSM State Manager.
• api-change:trustedadvisor: [botocore] Adding a new enum attribute(statusReason) to TrustedAdvisorAPI response. This attribute explains reasoning behind check status for certain specific scenarios.

v1.42.53

Compare Source

=======

• api-change:bcm-dashboards: [botocore] The Billing and Cost Management GetDashboard API now returns identifier for each widget, enabling users to uniquely identify widgets within their dashboards.
• api-change:ecr: [botocore] Adds multiple artifact types filter support in ListImageReferrers API.
• api-change:pca-connector-scep: [botocore] AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately.
• enhancement:checksums: [botocore] Added support for the SHA512 checksum algorithm. When the optional AWS CRT (awscrt) dependency is installed, support is also enabled for the XXHASH64, XXHASH3, and XXHASH128 checksum algorithms. Also added pass-through support for customer-provided MD5 checksum headers (without SDK-side MD5 calculation or validation).

v1.42.52

Compare Source

=======

• api-change:cleanrooms: [botocore] This release adds support for federated catalogs in Athena-sourced configured tables.
• api-change:connect: [botocore] Correcting in-app notifications API documentation.

v1.42.51

Compare Source

=======

• api-change:ec2: [botocore] Add Operator field to CreatePlacementGroup and DescribePlacementGroup APIs.
• api-change:evidently: [botocore] The evidently client has been removed following the deprecation of the service.
• api-change:grafana: [botocore] This release updates Amazon Managed Grafana's APIs to support customer managed KMS keys.
• api-change:iotanalytics: [botocore] The iotanalytics client has been removed following the deprecation of the service.
• api-change:rds: [botocore] Adds support for the StorageEncryptionType field to specify encryption type for DB clusters, DB instances, snapshots, automated backups, and global clusters.
• api-change:workspaces-web: [botocore] Adds support for branding customization without requiring a custom wallpaper.

v1.42.50

Compare Source

=======

• api-change:arc-region-switch: [botocore] Clarify documentation on ARC Region Switch start-plan-execution operation
• api-change:ec2: [botocore] Documentation updates for EC2 Secondary Networks
• api-change:ecr: [botocore] Adds support for enabling blob mounting, and removes support for Clair based image scanning
• api-change:kafka: [botocore] Amazon MSK now supports dual-stack connectivity (IPv4 and IPv6) for existing MSK clusters. You can enable dual-stack on existing clusters by specifying the NetworkType parameter in updateConnectivity API.
• api-change:kms: [botocore] Added support for Decrypt and ReEncrypt API's to use dry run feature without ciphertext for authorization validation
• api-change:qconnect: [botocore] Update MessageType enum to include missing types.

boto/botocore (botocore)

v1.42.54

Compare Source

=======

• api-change:appstream: Adding new attribute to disable IMDS v1 APIs for fleet, Image Builder and AppBlockBuilder instances.
• api-change:ecs: Migrated to Smithy. No functional changes
• api-change:endpoint-rules: Update endpoint-rules client to latest version
• api-change:sagemaker-runtime: Added support for S3OutputPathExtension and Filename parameters to the InvokeEndpointAsync API to allow users to customize the S3 output path and file name for async inference response payloads.
• api-change:signer-data: This release introduces AWS Signer Data Plane SDK client supporting GetRevocationStatus API. The new client enables AWS PrivateLink connectivity with both private DNS and VPC endpoint URLs.
• api-change:ssm: Add support for AssociationDispatchAssumeRole in AWS SSM State Manager.
• api-change:trustedadvisor: Adding a new enum attribute(statusReason) to TrustedAdvisorAPI response. This attribute explains reasoning behind check status for certain specific scenarios.

v1.42.53

Compare Source

=======

• api-change:bcm-dashboards: The Billing and Cost Management GetDashboard API now returns identifier for each widget, enabling users to uniquely identify widgets within their dashboards.
• api-change:ecr: Adds multiple artifact types filter support in ListImageReferrers API.
• api-change:pca-connector-scep: AWS Private CA Connector for SCEP now supports AWS PrivateLink, allowing your clients to request certificates from within your Amazon Virtual Private Cloud (VPC) without traversing the public internet. With this launch, you can create VPC endpoints to connect to your SCEP connector privately.
• enhancement:checksums: Added support for the SHA512 checksum algorithm. When the optional AWS CRT (awscrt) dependency is installed, support is also enabled for the XXHASH64, XXHASH3, and XXHASH128 checksum algorithms. Also added pass-through support for customer-provided MD5 checksum headers (without SDK-side MD5 calculation or validation).

v1.42.52

Compare Source

=======

• api-change:cleanrooms: This release adds support for federated catalogs in Athena-sourced configured tables.
• api-change:connect: Correcting in-app notifications API documentation.

v1.42.51

Compare Source

=======

• api-change:ec2: Add Operator field to CreatePlacementGroup and DescribePlacementGroup APIs.
• api-change:evidently: The evidently client has been removed following the deprecation of the service.
• api-change:grafana: This release updates Amazon Managed Grafana's APIs to support customer managed KMS keys.
• api-change:iotanalytics: The iotanalytics client has been removed following the deprecation of the service.
• api-change:rds: Adds support for the StorageEncryptionType field to specify encryption type for DB clusters, DB instances, snapshots, automated backups, and global clusters.
• api-change:workspaces-web: Adds support for branding customization without requiring a custom wallpaper.

v1.42.50

Compare Source

=======

• api-change:arc-region-switch: Clarify documentation on ARC Region Switch start-plan-execution operation
• api-change:ec2: Documentation updates for EC2 Secondary Networks
• api-change:ecr: Adds support for enabling blob mounting, and removes support for Clair based image scanning
• api-change:kafka: Amazon MSK now supports dual-stack connectivity (IPv4 and IPv6) for existing MSK clusters. You can enable dual-stack on existing clusters by specifying the NetworkType parameter in updateConnectivity API.
• api-change:kms: Added support for Decrypt and ReEncrypt API's to use dry run feature without ciphertext for authorization validation
• api-change:qconnect: Update MessageType enum to include missing types.

coveragepy/coveragepy (coverage)

v7.13.4

Compare Source

• Fix: the third-party code fix in 7.13.3 required examining the parent
  directories where coverage was run. In the unusual situation that one of the
  parent directories is unreadable, a PermissionError would occur, as
  described in issue 2129_. This is now fixed.

• Fix: in test suites that change sys.path, coverage.py could fail with
  "RuntimeError: Set changed size during iteration" as described and fixed in
  pull 2130_. Thanks, Noah Fatsi.

• We now publish ppc64le wheels, thanks to Pankhudi Jain <pull 2121_>_.

.. _pull 2121: #​2121
.. _issue 2129: #​2129
.. _pull 2130: #​2130

.. _changes_7-13-3:

v7.13.3

Compare Source

• Fix: in some situations, third-party code was measured when it shouldn't have
  been, slowing down test execution. This happened with layered virtual
  environments such as uv sometimes makes. The problem is fixed, closing issue 2082_. Now any directory on sys.path that is inside a virtualenv is
  considered third-party code.

.. _issue 2082: #​2082

.. _changes_7-13-2:

v7.13.2

Compare Source

• Fix: when Python is installed via symlinks, for example with Homebrew, the
  standard library files could be incorrectly included in coverage reports.
  This is now fixed, closing issue 2115_.

• Fix: if a data file is created with no read permissions, the combine step
  would fail completely. Now a warning is issued and the file is skipped.
  Closes issue 2117_.

.. _issue 2115: #​2115
.. _issue 2117: #​2117

.. _changes_7-13-1:

v7.13.1

Compare Source

• Added: the JSON report now includes a "start_line" key for function and
  class regions, indicating the first line of the region in the source. Closes
  issue 2110_.

• Added: The debug data command now takes file names as arguments on the
  command line, so you can inspect specific data files without needing to set
  the COVERAGE_FILE environment variable.

• Fix: the JSON report used to report module docstrings as executed lines,
  which no other report did, as described in issue 2105_. This is now fixed,
  thanks to Jianrong Zhao.

• Fix: coverage.py uses a more disciplined approach to detecting where
  third-party code is installed, and avoids measuring it. This shouldn't change
  any behavior. If you find that it does, please get in touch.

• Performance: data files that will be combined now record their hash as part
  of the file name. This lets us skip duplicate data more quickly, speeding the
  combining step.

• Docs: added a section explaining more about what is considered a missing
  branch and how it is reported: :ref:branch_explain, as requested in issue 1597. Thanks to Ayisha Mohammed <pull 2092_>.

• Tests: the test suite misunderstood what core was being tested if
  COVERAGE_CORE wasn't set on 3.14+. This is now fixed, closing issue 2109_.

.. _issue 1597: #​1597
.. _pull 2092: #​2092
.. _issue 2105: #​2105
.. _issue 2109: #​2109
.. _issue 2110: #​2110

.. _changes_7-13-0:

v7.13.0

[Compare Source](https://redirect.github.com/cov

---

Configuration

📅 Schedule: Branch creation - "before 4am" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.