chore(deps): bump the minor-and-patch group across 1 directory with 6 updates

[dependabot]

Bumps the minor-and-patch group with 5 updates in the / directory:

Package	From	To
@astrojs/starlight	0.37.3	0.38.1
playwright	1.57.0	1.58.2
@sip-protocol/sdk	0.7.3	0.9.0
typedoc	0.28.16	0.28.17
typedoc-plugin-markdown	4.9.0	4.10.0

Updates @astrojs/starlight from 0.37.3 to 0.38.1

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.38.1

Patch Changes

• #3751 fb955ff Thanks @​pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

@​astrojs/starlight@​0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

  If you are unable to make any changes to your collections at this time, including Starlight's default docs and i18n collections, you can enable the legacy.collectionsBackwardsCompat flag to upgrade to v6 without updating your collections. This temporary flag preserves some legacy v4 content collections features, and will allow you to keep your collections in their current state until the legacy flag is no longer supported.

• #3704 375edcc Thanks @​florian-lefebvre! - Fixes autocomplete for components exported from @astrojs/starlight/components/*

  ⚠️ Potentially breaking change: This change moves some files used in Starlight’s component internals out of the components/ directory. Direct use of these files was not and is not officially supported. If you previously imported TableOfContents/starlight-toc.ts, TableOfContents/TableOfContentsList.astro, Icons.ts, or SidebarPersistState.ts, please review your code when updating.

• #3729 3642625 Thanks @​delucis! - Improves Starlight’s default body font stack to better support languages such as Chinese, Japanese, and Korean on Windows. For most users there should be no visible change.

  If you would prefer to keep the previous font stack, you can add the following custom CSS to your site:

  :root {
    --sl-font-system: ui-sans-serif, system-ui, 'Segoe UI', Roboto,
      'Helvetica Neue', Arial, 'Noto Sans', sans-serif, 'Apple Color Emoji',
      'Segoe UI Emoji', 'Segoe UI Symbol', 'Noto Color Emoji';
  }

• #3598 fff38d5 Thanks @​HiDeoo! - Makes hover styles consistent in Starlight’s navigation bar

... (truncated)

Changelog

Sourced from @​astrojs/starlight's changelog.

0.38.1

Patch Changes

• #3751 fb955ff Thanks @​pyxelr! - Fixes a regression causing global tableOfContents config to be ignored

0.38.0

Minor Changes

• #3644 0d2e7ed Thanks @​HiDeoo! - Adds support for Astro v6, drops support for Astro v5.

  Upgrade Astro and dependencies

  ⚠️ BREAKING CHANGE: Astro v5 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

  npx @astrojs/upgrade

  Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v6. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

  Update your collections

  ⚠️ BREAKING CHANGE: Drops support for content collections backwards compatibility.

  In Astro 5.x, projects could delay upgrading to the new Content Layer API introduced for content collections because of some existing automatic backwards compatibility that was not previously behind a flag. This meant that it was possible to upgrade from Astro 4 to Astro 5 without updating your content collections, even if you had not enabled the legacy.collections flag. Projects would continue to build, and no errors or warnings would be displayed.

  Astro v6.0 now removes this automatic legacy content collections support, along with the legacy.collections flag.

  If you experience content collections errors after updating to v6, check your project for any removed legacy features that may need updating to the Content Layer API. See the Starlight v0.30.0 upgrade guide for detailed instructions on upgrading legacy collections to the new Content Layer API.

  If you are unable to make any changes to your collections at this time, including Starlight's default docs and i18n collections, you can enable the legacy.collectionsBackwardsCompat flag to upgrade to v6 without updating your collections. This temporary flag preserves some legacy v4 content collections features, and will allow you to keep your collections in their current state until the legacy flag is no longer supported.

• #3704 375edcc Thanks @​florian-lefebvre! - Fixes autocomplete for components exported from @astrojs/starlight/components/*

  ⚠️ Potentially breaking change: This change moves some files used in Starlight’s component internals out of the components/ directory. Direct use of these files was not and is not officially supported. If you previously imported TableOfContents/starlight-toc.ts, TableOfContents/TableOfContentsList.astro, Icons.ts, or SidebarPersistState.ts, please review your code when updating.

• #3729 3642625 Thanks @​delucis! - Improves Starlight’s default body font stack to better support languages such as Chinese, Japanese, and Korean on Windows. For most users there should be no visible change.

  If you would prefer to keep the previous font stack, you can add the following custom CSS to your site:

  :root {
    --sl-font-system: ui-sans-serif, system-ui, 'Segoe UI', Roboto,
      'Helvetica Neue', Arial, 'Noto Sans', sans-serif, 'Apple Color Emoji',
      'Segoe UI Emoji', 'Segoe UI Symbol', 'Noto Color Emoji';
  }

... (truncated)

Commits

• ac64c72 [ci] release (#3752)
• fb955ff fix: respect global tableOfContents config with zod v4 (#3751)
• eb7abe2 [ci] release (#3745)
• fff38d5 Tweak header hover effects (#3598)
• 375edcc feat: improve components exports with wildcard (#3704)
• 047dd32 [ci] format
• 3642625 Update default system font stack to better handle CJK locales on Windows (#3729)
• 924070d Pin to old Prettier version to unblock release (#3747)
• a43ee44 [ci] format
• 0d2e7ed Astro 6 support (#3644)
• Additional commits viewable in compare view

Updates playwright from 1.57.0 to 1.58.2

Release notes

Sourced from playwright's releases.

v1.58.2

Highlights

#39121 fix(trace viewer): make paths via stdin work #39129 fix: do not force swiftshader on chromium mac

Browser Versions

• Chromium 145.0.7632.6
• Mozilla Firefox 146.0.1
• WebKit 26.0

v1.58.1

Highlights

#39036 fix(msedge): fix local network permissions #39037 chore: update cft download location #38995 chore(webkit): disable frame sessions on fronzen builds

Browser Versions

• Chromium 145.0.7632.6
• Mozilla Firefox 146.0.1
• WebKit 26.0

v1.58.0

📣 Playwright CLI+SKILLs 📣

We are adding a new token-efficient CLI mode of operation to Playwright with the skills located at playwright-cli. This brings the long-awaited official SKILL-focused CLI mode to our story and makes it more coding agent-friendly.

It is the first snapshot with the essential command set (which is already larger than the original MCP!), but we expect it to grow rapidly. Unlike the token use, that one we expect to go down since snapshots are no longer forced into the LLM!

Timeline

If you're using merged reports, the HTML report Speedboard tab now shows the Timeline:

UI Mode and Trace Viewer Improvements

• New 'system' theme option follows your OS dark/light mode preference
• Search functionality (Cmd/Ctrl+F) is now available in code editors
• Network details panel has been reorganized for better usability
• JSON responses are now automatically formatted for readability

Thanks to @​cpAdm for contributing these improvements!

Miscellaneous

browserType.connectOverCDP() now accepts an isLocal option. When set to true, it tells Playwright that it runs on the same host as the CDP server, enabling file system optimizations.

Breaking Changes ⚠️

• Removed _react and _vue selectors. See locators guide for alternatives.

... (truncated)

Commits

• ce480a9 cherry-pick(#39171): devops: add ubuntu-22.04-arm bot
• e40c137 chore: mark v1.58.2 (#39155)
• 50b7296 cherry-pick(#39152): chore: fix execSync inheriting stdio
• f3dcf50 cherry-pick(#39129): fix: do not force swiftshader on chromium mac
• 8684e08 cherry-pick(#39121): fix(trace viewer): make paths via stdin work
• 97bc385 cherry-pick(#38995): chore(webkit): disable frame sessions on fronzen builds
• ad625fe chore: mark v1.58.1 (#39055)
• f07234d cherry-pick(#39036): fix(msedge): fix local network permissions (#39053)
• ab8136c cherry-pick(#39037): chore: update cft download location (#39052)
• aa6ffeb cherry-pick(#39014): docs: add 1.58 release notes for Java, Python, and C#
• Additional commits viewable in compare view

Updates @sip-protocol/sdk from 0.7.3 to 0.9.0

Changelog

Sourced from @​sip-protocol/sdk's changelog.

0.9.0

Minor Changes

• feat: Ethereum same-chain privacy with shielded transfers via Solidity contracts
  • Fix scanAnnouncements() scanning with correct spending private key
  • Add checkEthereumStealthByEthAddress() for ETH address-based stealth matching
  • Add Base Sepolia and OP Sepolia contract addresses
  • Add spendingPrivateKey to EthereumScanRecipient type

Patch Changes

• fix: DAI mainnet address invalid hex characters
• fix: Remove deprecated checkViewTag() stub
• chore: Update @sip-protocol/types dependency to ^0.2.2

0.8.0

Minor Changes

• feat: Solana same-chain privacy with shielded transfers via Anchor program
  • shieldedTransfer API for native SOL privacy transfers
  • CSPLTokenService and CSPLClient exported from main entry
  • Migrated Solana RPC client to @solana/kit
• feat: Sunspot ZK verifier pipeline for Noir proof verification on Solana
• feat: Network privacy layer (Tor/SOCKS5 proxy support) for Solana RPC calls
• feat: Winternitz vault integration for quantum-resistant key storage
• feat: Browser-compatible proof composition (Halo2 + Kimchi exports)
• feat: BNB Chain (BSC) support for multi-chain stealth addresses
• feat: Oblivious Sync Service interface for private state synchronization
• feat: NEAR fee contract integration for protocol revenue
• feat: Chain-specific optimizations for Solana, EVM, and BNB

Patch Changes

• fix: Use workspace protocol for types dependency
• fix: Relax NEAR benchmark thresholds for CI runners
• chore: Bump ephemeral-rollups-sdk to 0.8.5

0.7.4

Patch Changes

• chore: Version bump with types dependency alignment

0.2.2

Patch Changes

• fix: Remove NoirProofProvider from main entry to fully fix WASM bundling in SSR

... (truncated)

Commits

• See full diff in compare view

Updates @sip-protocol/types from 0.2.1 to 0.2.2

Changelog

Sourced from @​sip-protocol/types's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] - M18 Ethereum Same-Chain Privacy

Added - Noir→EVM ZK Verifier (Phase A: funding_proof)

On-Chain ZK Verification

• FundingVerifier.sol — BB-generated UltraHonk Solidity verifier from Noir funding_proof circuit
• IHonkVerifier.sol — Interface for BB-generated Honk verifiers
• ZKVerifier.sol — Rewritten from mock to production router pattern (delegates to HonkVerifier instances)
• DeployVerifier.s.sol — Deployment script with EIP-170 workaround documentation

Tests (+43 new, 148 total Foundry tests)

• FundingVerifier.t.sol — 7 tests: deployment, empty/garbage proof rejection
• ZKVerifier.t.sol — 31 tests: router pattern, admin, ownership, backwards compat, funding/validity routing
• FundingVerifierE2E.t.sol — 5 tests: real Noir proof verified on-chain (~2.13M gas)

Infrastructure

• generate-proof-fixture.ts — Proof fixture generator (BB WASM + nargo + bb CLI pipeline)
• funding-proof.json — Real proof fixture (8,640 bytes, 3 public inputs)

Deployments (Sepolia v2 — real ZK verifier)

• SIPPrivacy: 0x1FED19684dC108304960db2818CF5a961d28405E
• ZKVerifier: 0x4994c799dF5B47C564cAafe7FdF415c2c2c66436
• FundingVerifier (HonkVerifier): 0x8Ee5F3FC477C308224f58766540A5E7E049B0ECf
• ZKTranscriptLib: 0x588849033F79F3b13f8BF696c1f61C27dE056df4

Changed

• Solidity compiler upgraded from 0.8.24 to 0.8.28 (BB-generated code requires ^0.8.27)
• code_size_limit = 32768 in foundry.toml (BB verifiers exceed EIP-170 with via_ir)
• fs_permissions added for proof fixture reading in tests

Issues

• Closes #805: Noir→EVM ZK verifier deployment (Phase A complete)

---

[0.6.0] - 2025-12-03

Added - M14: Developer Experience

New Packages

• @​sip-protocol/react - React hooks for SIP integration
  • SIPProvider - Context provider for SIP client
  • useSIP() - Access SIP client instance

... (truncated)

Commits

• See full diff in compare view

Updates typedoc from 0.28.16 to 0.28.17

Release notes

Sourced from typedoc's releases.

v0.28.17

Bug Fixes

• Improved handling of comments for type aliases which have been declaration merged with functions, #3064.
• Fixed anchor link generation to members named $, #3065.
• Corrected typing of the plugin option to permit functions, #3066.
• Warnings about unused @param tags will now be properly suppressed when they come from declaration files and the suppressCommentWarningsInDeclarationFiles option is enabled, #3070.
• Fixed conversion of types referencing type parameters on functions, #3071.

Thanks!

• @​pjeby

Changelog

Sourced from typedoc's changelog.

v0.28.17 (2026-02-13)

Bug Fixes

• Improved handling of comments for type aliases which have been declaration merged with functions, #3064.
• Fixed anchor link generation to members named $, #3065.
• Corrected typing of the plugin option to permit functions, #3066.
• Warnings about unused @param tags will now be properly suppressed when they come from declaration files and the suppressCommentWarningsInDeclarationFiles option is enabled, #3070.
• Fixed conversion of types referencing type parameters on functions, #3071.

Thanks!

• @​pjeby

Commits

• 882cfb9 Update changelog for release
• 89dda48 Bump version to 0.28.17
• 5ac59d8 Slightly improve docs for plugin creation
• 6f59389 Update example dependencies
• 977c604 Fix #3070
• 6aba264 Fix OIDC published plugins author links on site
• 9574e72 Fix substitution types
• 2e1967b Even more docs
• 5627474 Fix formatting
• f97ec69 Improve docs for declaration references
• Additional commits viewable in compare view

Updates typedoc-plugin-markdown from 4.9.0 to 4.10.0

Release notes

Sourced from typedoc-plugin-markdown's releases.

typedoc-plugin-markdown@4.10.0

Minor Changes

• A JSON schema to be consumed by typedoc.json is now published to the package root.
• Mark parameters with default values as optional, matching the default TypeDoc theme.

Patch Changes

• Fixed markdownlint errors related to empty table cells and invalid link fragments.
• Anchors inside table cells (when property formats equal "table") are now namespaced by reflection kind (for example property-foo) to prevent collisions with Markdown heading slugs and ensure stable in-page links (#856).
• Resolve "does not have an anchor but one was requested" warnings in verbose log mode (#850).
• Guard against undefined types causing errors in complex types in tables (thanks @​ilyabo).

Changelog

Sourced from typedoc-plugin-markdown's changelog.

4.10.0 (2026-02-06)

Minor Changes

• A JSON schema to be consumed by typedoc.json is now published to the package root.
• Mark parameters with default values as optional, matching the default TypeDoc theme.

Patch Changes

• Fixed markdownlint errors related to empty table cells and invalid link fragments.
• Anchors inside table cells (when property formats equal "table") are now namespaced by reflection kind (for example property-foo) to prevent collisions with Markdown heading slugs and ensure stable in-page links (#856).
• Resolve "does not have an anchor but one was requested" warnings in verbose log mode (#850).
• Guard against undefined types causing errors in complex types in tables (thanks @​ilyabo).

Commits

• f9c8b93 Version Packages
• 3a67289 fix(core): fixed markdownlint errors
• a2d209c fix(core): namespace anchors inside table cells
• 5191340 fix(core): mark parameters with default values as optional
• 7d46ac2 feat(core): publish json schema to package root
• 10cd31b fix(core): resolve incorrect anchor warning messages
• 7c404da fix: Prevent crash in typeDeclarationTable
• ac7e395 chore(docs): updated changelog date
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions