chore(deps-dev): bump the minor-and-patch group across 1 directory with 8 updates

[dependabot]

Bumps the minor-and-patch group with 8 updates in the / directory:

Package	From	To
@typescript-eslint/eslint-plugin	8.53.0	8.53.1
@typescript-eslint/parser	8.53.0	8.53.1
globals	17.0.0	17.1.0
prettier	3.8.0	3.8.1
@apollo/server	5.2.0	5.3.0
@sentry/node	10.34.0	10.36.0
cors	2.8.5	2.8.6
pg	8.17.1	8.17.2

Updates @typescript-eslint/eslint-plugin from 8.53.0 to 8.53.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.53.1

8.53.1 (2026-01-19)

🩹 Fixes

• eslint-plugin: [consistent-indexed-object-style] skip fixer if interface is a default export (#11951)
• utils: make RuleCreator root defaultOptions optional (#11956)

❤️ Thank You

• Cameron
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.53.1 (2026-01-19)

🩹 Fixes

• utils: make RuleCreator root defaultOptions optional (#11956)
• eslint-plugin: [consistent-indexed-object-style] skip fixer if interface is a default export (#11951)

❤️ Thank You

• Cameron
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

Commits

• 9940e53 chore(release): publish 8.53.1
• e0f2a01 fix(utils): make RuleCreator root defaultOptions optional (#11956)
• 76f8ff7 fix(eslint-plugin): [consistent-indexed-object-style] skip fixer if interface...
• See full diff in compare view

Updates @typescript-eslint/parser from 8.53.0 to 8.53.1

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.53.1

8.53.1 (2026-01-19)

🩹 Fixes

• eslint-plugin: [consistent-indexed-object-style] skip fixer if interface is a default export (#11951)
• utils: make RuleCreator root defaultOptions optional (#11956)

❤️ Thank You

• Cameron
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.53.1 (2026-01-19)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

• 9940e53 chore(release): publish 8.53.1
• See full diff in compare view

Updates globals from 17.0.0 to 17.1.0

Release notes

Sourced from globals's releases.

v17.1.0

• Add webpack and rspack globals (#333) 65cae73

---

sindresorhus/globals@v17.0.0...v17.1.0

Commits

• 7a2f354 17.1.0
• 65cae73 Add webpack and rspack globals (#333)
• 3efe5aa Remove script transform (#332)
• See full diff in compare view

Updates prettier from 3.8.0 to 3.8.1

Release notes

Sourced from prettier's releases.

3.8.1

• Include available printers in plugin type declarations (#18706 by @​porada)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.1

diff

Include available printers in plugin type declarations (#18706 by @​porada)

// Input
import * as prettierPluginEstree from "prettier/plugins/estree";
// Prettier 3.8.0
// Property 'printers' does not exist on type 'typeof import("prettier/plugins/estree")'. ts(2339)
prettierPluginEstree.printers.estree; //=> any
// Prettier 3.8.1
prettierPluginEstree.printers.estree; //=> Printer
prettierPluginEstree.printers["estree-json"]; //=> Printer

Commits

• 90983f4 Release 3.8.1
• 57f702f Include available printers in plugin type declarations (#18706)
• bece827 Revert change in release script
• 82a4ab2 Bump Prettier dependency to 3.8.0
• 5213ee4 Clean changelog_unreleased
• f95ad0f Comment out finished steps
• b2034e8 Fix release script
• 5824b15 Release 3.8.0
• 0433601 Add blog post for v3.8.0 (#18639)
• c45fef1 Fix LWC attribute with --embedded-language-formatting off (#18383)
• See full diff in compare view

Updates @apollo/server from 5.2.0 to 5.3.0

Release notes

Sourced from @​apollo/server's releases.

@​apollo/server-integration-testsuite@​5.3.0

Patch Changes

• Updated dependencies [8e54e58, 26320bc]:
  • @​apollo/server@​5.3.0

@​apollo/server@​5.3.0

Minor Changes

• #8062 8e54e58 Thanks @​cristunaranjo! - Allow configuration of graphql execution options (maxCoercionErrors)

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    executionOptions: {
      maxCoercionErrors: 50,
    },
  });

• #8014 26320bc Thanks @​mo4islona! - Expose graphql validation options.

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    validationOptions: {
      maxErrors: 10,
    },
  });

Changelog

Sourced from @​apollo/server's changelog.

5.3.0

Minor Changes

• #8062 8e54e58 Thanks @​cristunaranjo! - Allow configuration of graphql execution options (maxCoercionErrors)

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    executionOptions: {
      maxCoercionErrors: 50,
    },
  });

• #8014 26320bc Thanks @​mo4islona! - Expose graphql validation options.

  const server = new ApolloServer({
    typeDefs,
    resolvers,
    validationOptions: {
      maxErrors: 10,
    },
  });

Commits

• 443e547 fix repository urls
• 28d6d47 Version Packages (#8172)
• 26320bc feat: Allow configuration of graphql validation options #8014
• f2c16a7 bump dependency
• 8e54e58 feat: Allow configuration of graphql execution options(maxCoercionErrors)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​apollo/server since your current version.

Updates @sentry/node from 10.34.0 to 10.36.0

Release notes

Sourced from @​sentry/node's releases.

10.36.0

• feat(node): Add Prisma v7 support (#18908)
• feat(opentelemetry): Support db.system.name attribute for database spans (#18902)
• feat(deps): Bump OpenTelemetry dependencies (#18878)
• fix(core): Sanitize data URLs in http.client spans (#18896)
• fix(nextjs): Add ALS runner fallbacks for serverless environments (#18889)
• fix(node): Profiling debug ID matching (#18817)

• chore(deps-dev): bump @​remix-run/server-runtime from 2.15.2 to 2.17.3 in /packages/remix (#18750)

Bundle size 📦

Path	Size
@​sentry/browser	24.61 KB
@​sentry/browser - with treeshaking flags	23.15 KB
@​sentry/browser (incl. Tracing)	41.04 KB
@​sentry/browser (incl. Tracing, Profiling)	45.56 KB
@​sentry/browser (incl. Tracing, Replay)	78.74 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags	68.63 KB
@​sentry/browser (incl. Tracing, Replay with Canvas)	83.32 KB
@​sentry/browser (incl. Tracing, Replay, Feedback)	95.24 KB
@​sentry/browser (incl. Feedback)	40.94 KB
@​sentry/browser (incl. sendFeedback)	29.19 KB
@​sentry/browser (incl. FeedbackAsync)	34.07 KB
@​sentry/browser (incl. Metrics)	25.69 KB
@​sentry/browser (incl. Logs)	25.84 KB
@​sentry/browser (incl. Metrics & Logs)	26.48 KB
@​sentry/react	26.3 KB
@​sentry/react (incl. Tracing)	43.22 KB
@​sentry/vue	28.95 KB
@​sentry/vue (incl. Tracing)	42.79 KB
@​sentry/svelte	24.63 KB
CDN Bundle	27.13 KB
CDN Bundle (incl. Tracing)	41.83 KB
CDN Bundle (incl. Tracing, Logs, Metrics)	42.63 KB
CDN Bundle (incl. Tracing, Replay)	77.67 KB
CDN Bundle (incl. Tracing, Replay, Feedback)	82.98 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics)	83.87 KB
CDN Bundle - uncompressed	79.36 KB
CDN Bundle (incl. Tracing) - uncompressed	123.84 KB
CDN Bundle (incl. Tracing, Logs, Metrics) - uncompressed	126.61 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed	237.64 KB
CDN Bundle (incl. Tracing, Replay, Feedback) - uncompressed	250.14 KB
CDN Bundle (incl. Tracing, Replay, Feedback, Logs, Metrics) - uncompressed	252.89 KB

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

10.36.0

• feat(node): Add Prisma v7 support (#18908)
• feat(opentelemetry): Support db.system.name attribute for database spans (#18902)
• feat(deps): Bump OpenTelemetry dependencies (#18878)
• fix(core): Sanitize data URLs in http.client spans (#18896)
• fix(nextjs): Add ALS runner fallbacks for serverless environments (#18889)
• fix(node): Profiling debug ID matching

• chore(deps-dev): bump @​remix-run/server-runtime from 2.15.2 to 2.17.3 in /packages/remix (#18750)

10.35.0

Important Changes

• feat(tanstackstart-react): Add sentryTanstackStart vite plugin to manage automatic source map uploads (#18712)

  You can now configure source maps upload for TanStack Start using the sentryTanstackStart Vite plugin:

  // vite.config.ts
  import { defineConfig } from 'vite';
  import { sentryTanstackStart } from '@sentry/tanstackstart-react';
  import { tanstackStart } from '@tanstack/react-start/plugin/vite';
  export default defineConfig({
  plugins: [
  sentryTanstackStart({
  authToken: process.env.SENTRY_AUTH_TOKEN,
  org: 'your-org',
  project: 'your-project',
  }),
  tanstackStart(),
  ],
  });

Other Changes

• feat(browser): Add CDN bundle for tracing.replay.feedback.logs.metrics (#18785)
• feat(browser): Add shim package for logs (#18831)
• feat(cloudflare): Automatically set the release id when CF_VERSION_METADATA is enabled (#18855)
• feat(core): Add ignored client report event drop reason (#18815)
• feat(logs): Add Log exports to browser and node packages (#18857)
• feat(node-core,bun): Export processSessionIntegration from node-core and add it to bun (#18852)

... (truncated)

Commits

• 21ec8f1 release: 10.36.0
• d4660db meta(changelog): Update changelog for 10.36.0 (#18915)
• d185952 meta(changelog): Update changelog for 10.36.0
• ba390df fix(node): Profiling debug ID matching
• f66969d Merge branch 'develop' into timfish/fix/profiling-debug-images
• 6d9a7f7 PR reivew
• 65afa6a feat(node): Add Prisma v7 support (#18908)
• 4695148 fix(core): Sanitize data URLs in http.client spans (#18896)
• 2f0d9dc feat(opentelemetry): Support db.system.name attribute for database spans (#...
• 9115e19 feat(deps): Bump OpenTelemetry dependencies (#18878)
• Additional commits viewable in compare view

Updates cors from 2.8.5 to 2.8.6

Release notes

Sourced from cors's releases.

v2.8.6

What's Changed

• Build: Node.js@12.16 and Node.js.13.12 by @​smondal in expressjs/cors#189
• Update README.md for origin function callback parameters by @​dstudzinski in expressjs/cors#180
• Suggest passing false for disallowed domains, not erroring by @​shackpank in expressjs/cors#175
• Changed the term whitelist to allowlist in Documentation by @​jkasun in expressjs/cors#200
• Fix typo in README by @​alex-grover in expressjs/cors#207
• Added new link & website in the README by @​manjunath00 in expressjs/cors#269
• Fix functions call with extra parameter by @​LuisEGR in expressjs/cors#245
• 🐛 Fix readme status badge by @​homersimpsons in expressjs/cors#306
• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/cors#321
• ci: fix errors in ci github action for node 8 by @​inigomarquinez in expressjs/cors#322
• test: improved test robustness by @​Alex-GF in expressjs/cors#320
• chore: upgrade scorecard workflow pinned action versions by @​carpasse in expressjs/cors#341
• ci: add CodeQL (SAST) by @​bjohansebas in expressjs/cors#340
• docs: remove broken link to demo site by @​dpopp07 in expressjs/cors#344
• OSSF Scorecard recommendations by @​UlisesGascon in expressjs/cors#350
• build(deps): bump github/codeql-action from 3.24.7 to 3.28.19 by @​dependabot[bot] in expressjs/cors#351
• build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 by @​dependabot[bot] in expressjs/cors#353
• build(deps): bump actions/checkout from 4.1.1 to 4.2.2 by @​dependabot[bot] in expressjs/cors#354
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.2 by @​dependabot[bot] in expressjs/cors#355
• build(deps-dev): bump express from 4.17.1 to 4.21.2 by @​dependabot[bot] in expressjs/cors#356
• build(deps): bump actions/upload-artifact from 4.5.0 to 4.6.2 by @​dependabot[bot] in expressjs/cors#352
• build(deps-dev): bump mocha from 9.1.1 to 9.2.2 by @​dependabot[bot] in expressjs/cors#358
• update the docs for per request config by @​jonchurch in expressjs/cors#338
• (fix): readme updated for #271 origin option for * by @​dhananjaysa92 in expressjs/cors#289
• ci: upgrade Node versions by @​UlisesGascon in expressjs/cors#359
• chore: add funding to package.json by @​bjohansebas in expressjs/cors#363
• build(deps): bump github/codeql-action from 3.28.19 to 4.31.2 by @​dependabot[bot] in expressjs/cors#371
• build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in expressjs/cors#370
• docs: Cleanup README by @​efekrskl in expressjs/cors#374
• chore: add node v25 by @​imangas in expressjs/cors#375
• Extend CI test matrix by @​imangas in expressjs/cors#376
• docs: simplify code examples with header comments by @​jonchurch in expressjs/cors#386
• docs: tweak intro, add note w/ browser enforcement, FAQ by @​jonchurch in expressjs/cors#385
• chore: remove HISTORY.md and nonexistent CONTRIBUTING.md from tarball by @​Phillip9587 in expressjs/cors#388
• Release: 2.8.6 by @​UlisesGascon in expressjs/cors#390

New Contributors

• @​smondal made their first contribution in expressjs/cors#189
• @​dstudzinski made their first contribution in expressjs/cors#180
• @​shackpank made their first contribution in expressjs/cors#175
• @​jkasun made their first contribution in expressjs/cors#200
• @​alex-grover made their first contribution in expressjs/cors#207
• @​manjunath00 made their first contribution in expressjs/cors#269
• @​LuisEGR made their first contribution in expressjs/cors#245
• @​homersimpsons made their first contribution in expressjs/cors#306
• @​inigomarquinez made their first contribution in expressjs/cors#321
• @​Alex-GF made their first contribution in expressjs/cors#320
• @​carpasse made their first contribution in expressjs/cors#341

... (truncated)

Changelog

Sourced from cors's changelog.

2.8.6 / 2026-01-22

• Improve documentation (API, context, examples...)
• Remove additional markdown files from tarball

Commits

• f00a8c1 2.8.6 (#390)
• 848e2bd chore: remove HISTORY.md and nonexistent CONTRIBUTING.md from tarball (#388)
• cf8947e docs: tweak intro, add note w/ browser enforcement, FAQ (#385)
• bbf62a5 docs: simplify code examples with header comments (#386)
• f442e77 Extend CI test matrix (#376)
• d5cf6cd ci: add support for node@25 (#375)
• 7e6f7ee docs: revamp content (#374)
• b25644c build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#370)
• f881e91 build(deps): bump github/codeql-action from 3.28.19 to 4.31.2 (#371)
• 9a9a760 chore: add funding to package.json (#363)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for cors since your current version.

Updates pg from 8.17.1 to 8.17.2

Commits

• 5b68a11 Publish
• ea06db5 Remove node: prefix from imports (#3584)
• a3a4567 remove unused variable (#3562)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.