build(deps): bump the npm-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the npm-dependencies group with 7 updates in the / directory:

Package	From	To
mysql2	3.20.0	3.22.3
pg	8.20.0	8.21.0
@types/node	25.5.2	25.9.1
@swc/core	1.15.24	1.15.33
jest	30.3.0	30.4.2
rollup	4.60.1	4.60.4
typescript	6.0.2	6.0.3

Updates mysql2 from 3.20.0 to 3.22.3

Release notes

Sourced from mysql2's releases.

v3.22.3

3.22.3 (2026-04-24)

Bug Fixes

• allow resetOnRelease in connection config validation (#4278) (e72f923)

v3.22.2

3.22.2 (2026-04-21)

Bug Fixes

• promise: point rejection stacks at caller for promise API (#4267) (c79a3f3)

v3.22.1

3.22.1 (2026-04-17)

Bug Fixes

• async stack traces not pointing to correct source, regression introduced by #4257 (#4265) (5b6206c)
• packet: return INVALID_DATE for zero dates with numeric timezone offset (#1019) (#4258) (cb5adcc)

v3.22.0

3.22.0 (2026-04-10)

Features

• disable mysql_clear_password plugin by default (#4236) (884bec5), closes #1617
• implement COM_RESET_CONNECTION with pool integration (#4148) (49a64cc)

Performance Improvements

• defer Error object creation to error handlers in promise wrappers (#4257) (ab131de)

v3.21.1

3.21.1 (2026-04-09)

Bug Fixes

• limit client flags to server capabilities (#4227) (e1930b8)
• use Number.isSafeInteger for supportBigNumbers boundary check (#4225) (295264b)

v3.21.0

3.21.0 (2026-04-09)

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.22.3 (2026-04-24)

Bug Fixes

• allow resetOnRelease in connection config validation (#4278) (e72f923)

3.22.2 (2026-04-21)

Bug Fixes

• promise: point rejection stacks at caller for promise API (#4267) (c79a3f3)

3.22.1 (2026-04-17)

Bug Fixes

• async stack traces not pointing to correct source, regression introduced by #4257 (#4265) (5b6206c)
• packet: return INVALID_DATE for zero dates with numeric timezone offset (#1019) (#4258) (cb5adcc)

3.22.0 (2026-04-10)

Features

• disable mysql_clear_password plugin by default (#4236) (884bec5), closes #1617
• implement COM_RESET_CONNECTION with pool integration (#4148) (49a64cc)

Performance Improvements

• defer Error object creation to error handlers in promise wrappers (#4257) (ab131de)

3.21.1 (2026-04-09)

Bug Fixes

• limit client flags to server capabilities (#4227) (e1930b8)
• use Number.isSafeInteger for supportBigNumbers boundary check (#4225) (295264b)

3.21.0 (2026-04-09)

Features

• add support for query attributes (#4223) (d732f78)
• types: export ExecuteValues and QueryValues from entry point (9fafd6f)

Commits

• 908402e chore(master): release 3.22.3 (#4279)
• 8078ad0 build(deps): bump lucide-react from 1.8.0 to 1.9.0 in /website (#4280)
• e72f923 fix: allow resetOnRelease in connection config validation (#4278)
• 77afd80 build(deps-dev): bump the dev-dependencies group with 2 updates (#4274)
• 77626a7 chore(master): release 3.22.2 (#4271)
• d615967 build(deps-dev): bump the dev-dependencies group with 2 updates (#4272)
• 9245c08 build(deps-dev): bump poku (#4273)
• c79a3f3 fix(promise): point rejection stacks at caller for promise API (#4267)
• fe5df8e cd: ensure settings are processed by release-please (#4270)
• a65c706 ci(github-actions): upgrade workflows to Node 24 action runtimes (#4268)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for mysql2 since your current version.

Updates pg from 8.20.0 to 8.21.0

Changelog

Sourced from pg's changelog.

pg@8.21.0

• Handle SASL SCRAM server error responses properly.
• Add support for node@26.
• Add scramMaxIterations config option.
• Add client.getTransactionStatus() method.

Commits

• 544b1ce Publish
• cc03fa5 Add scramMaxIterations option to limit SCRAM iteration count (#3677)
• f776327 Remove compatibility code for unsupported versions of Node (<16) (#3678)
• f252870 cleanup: pg utils (#3675)
• c8da6ab Assorted test cleanup (#3673)
• fa47e73 fix: Client#end callback being called multiple times when first is no-op (#...
• 88a7e60 cleanup: Move declaration to more natural place
• 2095247 cleanup: Combine duplicated code in Client#query and avoid unneeded early n...
• 0ac3edd fix: apply SASLprep (RFC 4013) to passwords before SCRAM-SHA-256 PBKDF2 (#3669)
• be880d4 Assorted test fixes and cleanup (#3672)
• Additional commits viewable in compare view

Updates @types/node from 25.5.2 to 25.9.1

Commits

• See full diff in compare view

Updates @swc/core from 1.15.24 to 1.15.33

Changelog

Sourced from @​swc/core's changelog.

[1.15.33] - 2026-05-02

Bug Fixes

• (ci) Update rand lockfile entries (#11827) (7988966)

• (es/minifier) Fold unary bool nullish coalescing (#11826) (e39ae3d)

• (es/minifier) Preserve for-init sequence order (#11837) (16a56d0)

• (es/parser) Parse empty Flow exact object type (#11836) (3d18a26)

Features

• Move swc ast explorer into workspace (#11831) (02a8f81)

[1.15.32] - 2026-04-27

Bug Fixes

• (es/flow) Fix Flow type-only modules in script transforms (#11817) (be38316)

• (es/flow) Avoid restoring module context when flow syntax is enabled (#11819) (3ed7243)

• (es/minifier) Preserve frozen spread registry keys (#11825) (347181c)

• (es/parser) Align Flow generic arrow JSX disambiguation (#11821) (28a7fad)

Features

• (es) Add jsc.preserveSymlinks to swc::Options (#11813) (fe38342)

[1.15.30] - 2026-04-19

Bug Fixes

... (truncated)

Commits

• 0165c94 chore: Publish 1.15.33 with swc_core v65.0.2
• 9ccecaf chore: Publish 1.15.33-nightly-20260502.1 with swc_core v65.0.2
• b815eb2 chore: Publish crates with swc_core v65.0.1
• 364a11c chore: Publish 1.15.32 with swc_core v65.0.0
• 7789132 chore: Publish 1.15.32-nightly-20260427.1 with swc_core v65.0.0
• cd5d7e8 chore: Publish 1.15.31-nightly-20260427.1 with swc_core v65.0.0
• 65bd999 chore: Publish crates with swc_core v65.0.0
• be38316 fix(es/flow): Fix Flow type-only modules in script transforms (#11817)
• 502ad3e chore: Publish 1.15.30 with swc_core v64.0.0
• 99a4503 chore: Publish 1.15.30-nightly-20260418.1 with swc_core v64.0.0
• Additional commits viewable in compare view

Updates jest from 30.3.0 to 30.4.2

Release notes

Sourced from jest's releases.

v30.4.2

Fixes

• [jest-runtime] Fix named imports from CJS modules whose module.exports is a function with own-property exports (#16150)

Full Changelog: jestjs/jest@v30.4.1...v30.4.2

v30.4.1

Features

• [jest-config, jest-core, jest-runner, jest-schemas, jest-types] Allow custom runner configuration options via tuple format ['runner-path', {options}] (#16141)

Fixes

• [jest-runtime] Align CJS-from-ESM default export with Node: module.exports is always the ESM default, __esModule unwrapping is no longer applied (#16143)

Full Changelog: jestjs/jest@v30.4.0...v30.4.1

v30.4.0

Big release! 😀

Main feature is a rewrite of our custom runtime in preparation for stabilisation of native support of ESM. As part of that work require(esm) module is now supported on Node 24.9+ (still requires --experimental-vm-modules like before).

In addition we now support fake timers for the recently released Temporal API in Node v26.

React 19 is also supported properly in pretty-format, meaning snapshots of React components now work like they should.

Due to all the changes, there might be regressions that snuck in. Please report them!

Full list of changes below

Features

• [babel-jest] Support collecting coverage from .mts, .cts (and other) files (#15994)
• [jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types] Add --collect-tests flag to discover and list tests without executing them (#16006)
• [jest-config, jest-runner, jest-worker] Add workerGracefulExitTimeout config option to control how long workers are given to exit before being force-killed (#15984)
• [jest-config] Add support for jest.config.mts as a valid configuration file (#16005)
• [jest-config, jest-core, jest-reporters, jest-runner] verbose and silent can now be set per-project; the project-level value overrides the global value for that project's tests (#16133)
• [@jest/fake-timers] Accept Temporal.Duration in jest.advanceTimersByTime() and jest.advanceTimersByTimeAsync() (#16128)
• [@jest/fake-timers] Accept Temporal.Instant and Temporal.ZonedDateTime in jest.setSystemTime() and useFakeTimers({now}) (#16128)
• [@jest/fake-timers] Support faking Temporal.Now.* (#16131)
• [jest-mock] Add clearMocksOnScope(scope) on ModuleMocker for clearing every mock function exposed on a scope object (#16088)
• [jest-resolve] Add canResolveSync() on Resolver so callers can detect when a user-configured resolver only exports an async hook (#16064)
• [jest-runtime] Use synchronous evaluate() for ES modules without top-level await on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (#16062)
• [jest-runtime] Support require() of ES modules on Node v24.9+ (#16074)
• [jest-runtime] Validate TC39 import attributes (with { type: 'json' }) on ESM imports (#16127)
• [@jest/transform] Add canTransformSync(filename) on ScriptTransformer so callers can pick the sync vs async transform path (#16062)
• [jest-util] Add isError helper (#16076)

... (truncated)

Changelog

Sourced from jest's changelog.

30.4.2

Fixes

• [jest-runtime] Fix named imports from CJS modules whose module.exports is a function with own-property exports (#16150)

30.4.1

Features

• [jest-config, jest-core, jest-runner, jest-schemas, jest-types] Allow custom runner configuration options via tuple format ['runner-path', {options}] (#16141)

Fixes

• [jest-runtime] Align CJS-from-ESM default export with Node: module.exports is always the ESM default, __esModule unwrapping is no longer applied (#16143)

30.4.0

Features

• [babel-jest] Support collecting coverage from .mts, .cts (and other) files (#15994)
• [jest-circus, jest-cli, jest-config, jest-core, jest-jasmine2, jest-types] Add --collect-tests flag to discover and list tests without executing them (#16006)
• [jest-config, jest-runner, jest-worker] Add workerGracefulExitTimeout config option to control how long workers are given to exit before being force-killed (#15984)
• [jest-config] Add support for jest.config.mts as a valid configuration file (#16005)
• [jest-config, jest-core, jest-reporters, jest-runner] verbose and silent can now be set per-project; the project-level value overrides the global value for that project's tests (#16133)
• [@jest/fake-timers] Accept Temporal.Duration in jest.advanceTimersByTime() and jest.advanceTimersByTimeAsync() (#16128)
• [@jest/fake-timers] Accept Temporal.Instant and Temporal.ZonedDateTime in jest.setSystemTime() and useFakeTimers({now}) (#16128)
• [@jest/fake-timers] Support faking Temporal.Now.* (#16131)
• [jest-mock] Add clearMocksOnScope(scope) on ModuleMocker for clearing every mock function exposed on a scope object (#16088)
• [jest-resolve] Add canResolveSync() on Resolver so callers can detect when a user-configured resolver only exports an async hook (#16064)
• [jest-runtime] Use synchronous evaluate() for ES modules without top-level await on Node versions that support it (v24.9+), and prefer the synchronous transform path when a sync transformer is configured (#16062)
• [jest-runtime] Support require() of ES modules on Node v24.9+ (#16074)
• [jest-runtime] Validate TC39 import attributes (with { type: 'json' }) on ESM imports (#16127)
• [@jest/transform] Add canTransformSync(filename) on ScriptTransformer so callers can pick the sync vs async transform path (#16062)
• [jest-util] Add isError helper (#16076)
• [pretty-format] Support React 19 (#16123)

Fixes

• [expect-utils] Fix toStrictEqual failing on structuredClone results due to cross-realm constructor mismatch (#15959)
• [@jest/expect-utils] Prevent toMatchObject/subset matching from throwing when encountering exotic iterables (#15952)
• [fake-timers] Convert Date to milliseconds before passing to @sinonjs/fake-timers (#16029)
• [jest] Export GlobalConfig and ProjectConfig TypeScript types (#16132)
• [jest-circus] Prevent crash when asyncError is undefined for non-Error throws (#16003)
• [jest-circus, jest-jasmine2] Include Error.cause in JSON failureMessages output (#15967)
• [jest-config] Fix preset path resolution on Windows when the preset uses subpath exports (#15961)
• [jest-config] Allow collectCoverage and coverageProvider in project config without a validation warning (#16132)
• [jest-config] Project config validator now emits "is not supported in an individual project configuration" instead of "probably a typing mistake" for known global-only options (#16132)
• [jest-environment-node] Fix --localstorage-file warning on Node 25+ (#16086)
• [jest-reporters] Apply global coverage threshold to unmatched pattern files in addition to glob/path thresholds (#16137)

... (truncated)

Commits

• 746f2a0 v30.4.2
• b3b4a09 v30.4.1
• 5cbb21e v30.4.0
• db7141a fix: allow collectCoverage and coverageProvider in project config (#16132)
• See full diff in compare view

Updates rollup from 4.60.1 to 4.60.4

Release notes

Sourced from rollup's releases.

v4.60.4

4.60.4

2026-05-14

Bug Fixes

• Improve stability of chunk hashes (#6362)

Pull Requests

• #6362: fix: stabilize chunk assignment across parallel file reads (@​sonukapoor, @​Sonu Kapoor, @​TrickyPi, @​lukastaegert)
• #6370: fix(deps): update minor/patch updates (@​renovate[bot])
• #6371: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6372: chore(deps): update react monorepo to v19 (major) (@​renovate[bot])
• #6373: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6375: Resolve vulnerabilities (@​lukastaegert)

v4.60.2

4.60.2

2026-04-18

Bug Fixes

• Resolve a variable rendering bug when generating different formats from the same build (#6350)

Pull Requests

• #6327: docs: fix various typos in source and documentation (@​Abhi3975, @​lukastaegert)
• #6331: fix(deps): update minor/patch updates (@​renovate[bot])
• #6332: chore(deps): update codecov/codecov-action action to v6 (@​renovate[bot])
• #6333: chore(deps): update dependency eslint-plugin-unicorn to v64 (@​renovate[bot])
• #6334: fix(deps): update rust crate swc_compiler_base to v51 (@​renovate[bot])
• #6335: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6346: fix(deps): update minor/patch updates (@​renovate[bot])
• #6347: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6348: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #6349: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6350: fix: reset variable render names between outputs in the same generate (@​barry3406, @​lukastaegert)
• #6351: chore(deps): update minor/patch updates (@​renovate[bot])
• #6352: chore(deps): update cross-platform-actions/action action to v1 (@​renovate[bot])
• #6353: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6354: chore(deps): lock file maintenance (@​renovate[bot])
• #6355: chore(deps): lock file maintenance (@​renovate[bot])
• #6356: chore(deps): lock file maintenance (@​renovate[bot])
• #6358: chore: remove cross-env from devDeps (@​K-tecchan)

Changelog

Sourced from rollup's changelog.

4.60.4

2026-05-14

Bug Fixes

• Improve stability of chunk hashes (#6362)

Pull Requests

• #6362: fix: stabilize chunk assignment across parallel file reads (@​sonukapoor, @​Sonu Kapoor, @​TrickyPi, @​lukastaegert)
• #6370: fix(deps): update minor/patch updates (@​renovate[bot])
• #6371: chore(deps): update dependency lru-cache to v11 (@​renovate[bot], @​lukastaegert)
• #6372: chore(deps): update react monorepo to v19 (major) (@​renovate[bot])
• #6373: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6375: Resolve vulnerabilities (@​lukastaegert)

4.60.3

2026-05-04

Bug Fixes

• Ensure nested "exports" variables are not renamed (#6360)

Pull Requests

• #6360: fix: do not rename nested "exports" bindings that do not conflict (@​tariqrafique, @​lukastaegert)
• #6364: chore(deps): update msys2/setup-msys2 digest to e989830 (@​renovate[bot])
• #6365: fix(deps): update minor/patch updates (@​renovate[bot])
• #6366: fix(deps): update swc monorepo (major) (@​renovate[bot])
• #6367: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)
• #6368: docs: add missing backticks in plugin-development (@​lumirlumir, @​lukastaegert)

4.60.2

2026-04-18

Bug Fixes

• Resolve a variable rendering bug when generating different formats from the same build (#6350)

Pull Requests

• #6327: docs: fix various typos in source and documentation (@​Abhi3975, @​lukastaegert)
• #6331: fix(deps): update minor/patch updates (@​renovate[bot])
• #6332: chore(deps): update codecov/codecov-action action to v6 (@​renovate[bot])
• #6333: chore(deps): update dependency eslint-plugin-unicorn to v64 (@​renovate[bot])
• #6334: fix(deps): update rust crate swc_compiler_base to v51 (@​renovate[bot])
• #6335: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)

... (truncated)

Commits

• d311a84 4.60.4
• 6aa3248 fix: stabilize chunk assignment across parallel file reads (#6362)
• 82a0fe7 Resolve vulnerabilities (#6375)
• 71f5ebc chore(deps): update dependency lru-cache to v11 (#6371)
• af91d77 chore(deps): lock file maintenance (#6373)
• 65e7b94 chore(deps): update react monorepo to v19 (major) (#6372)
• 642587f fix(deps): update minor/patch updates (#6370)
• b47bdab 4.60.3
• 15c5f33 Add again some unneeded dev dependencies, to make some builds succeed
• 12195dc fix: do not rename nested "exports" bindings that do not conflict (#6360)
• Additional commits viewable in compare view

Updates typescript from 6.0.2 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).
• fixed issues query for TypeScript 6.0.3 (Stable).

Downloads are available on:

• npm

Commits

• 050880c Bump version to 6.0.3 and LKG
• eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
• ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
• 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions