chore(deps): bump the minor group across 1 directory with 4 updates

[dependabot]

Bumps the minor group with 4 updates in the / directory: mermaid, oxfmt, oxlint and posthog-js.

Updates mermaid from 11.12.3 to 11.13.0

Release notes

Sourced from mermaid's releases.

mermaid@11.13.0

Minor Changes

• #7352 d6db0b0 Thanks @​remcohaszing! - feat: Export the AsyncIconLoader, SyncIconLoader, and IconLoader types.

• #5932 cdacb0b Thanks @​exoego! - feat: Add venn-beta diagram

• #6789 73e9849 Thanks @​omkarht! - feat: Add half-arrowheads (solid & stick) and central connection support

• #7387 acce4db Thanks @​exoego! - feat: Add Ishikawa diagram (ishikawa-beta)

• #6995 9745f32 Thanks @​darshanr0107! - feat: Deprecate flowchart.htmlLabels in favor of root-level htmlLabels in Mermaid config

• #5814 2dd29be Thanks @​kairi003! - feat: allow to put notes in namespaces on classDiagram

Patch Changes

• #7075 96a766d Thanks @​darshanr0107! - fix: Prevent HTML tags from being escaped in sandbox label rendering

• #6843 32723b2 Thanks @​saurabhg772244! - fix: Support edge animation in hand drawn look

• #7453 a60e615 Thanks @​darshanr0107! - fix: ER diagram edge label positioning

• #6989 1a9d45a Thanks @​darshanr0107! - fix: Resolved parsing error where direction TD was not recognized within subgraphs

• #7178 96ca7c0 Thanks @​omkarht! - fix(treemap): Fixed treemap classDef style application to properly apply user-defined styles

• #7076 60f6331 Thanks @​darshanr0107! - fix: Correct viewBox casing and make SVGs responsive

• #7055 fa15ce8 Thanks @​darshanr0107! - fix: Improve participant parsing and prevent recursive loops on invalid syntax

• #7276 33c7c72 Thanks @​darshanr0107! - fix: respect markdownAutoWrap: false to prevent text auto-wrapping in flowchart markdown labels with htmlLabels enabled.

  Markdown labels with markdownAutoWrap: false, htmlLabels: false set doesn't work correctly.

• #7416 3c069b5 Thanks @​Crafter-Y! - fix: architecture diagram lines should now have the correct length

• #6995 9745f32 Thanks @​darshanr0107! - fix: Support the htmlLabels Mermaid config value whenever possible

• #7293 a408b55 Thanks @​darshanr0107! - fix: Prevent browser hang when using multiline accDescr in XY charts

• #6119 712c1ec Thanks @​NealGooch! - fix: correct block positioning when nested blocks span multiple columns

• #7424 981a62e Thanks @​knsv! - fix: correct BT orientation arc sweep flags in gitGraph drawArrow()

  Swapped SVG arc sweep-flag values in the BT (bottom-to-top) orientation branches of drawArrow() so curves bend in the correct direction. Affects both rerouting and non-rerouting code paths for merge and non-merge arrows.

  Resolves #6593

... (truncated)

Commits

• b1a5e9b Version Packages (#7466)
• bdd7abd fix: use correct package name for elk
• a900618 dummy commit
• a60e615 Fix: ER diagram edge label positioning (#7453)
• 1d17c14 Merge branch 'master' of https://github.com/mermaid-js/mermaid
• 500be12 chore: Update coupon
• 981fbb8 fix(gantt): restore readable outside-text for done tasks in dark mode (#7456)
• 0d5e35a fix(elk): scope rounded edge curve to ELK layout only (#7454)
• de20da7 fix: plausible build
• fcdd95b chore: Update plausible
• Additional commits viewable in compare view

Updates oxfmt from 0.36.0 to 0.42.0

Changelog

Sourced from oxfmt's changelog.

[0.42.0] - 2026-03-24

🚀 Features

• 416865a formatter,oxfmt: Add doc comments for JsdocConfig (#20644) (leaysgur)
• 4fec907 formatter: Add JSDoc comment formatting support (#19828) (Dunqing)

[0.40.0] - 2026-03-12

🐛 Bug Fixes

• bc20217 oxlint,oxfmt: Omit useless | null for Option<T> field from schema (#20273) (leaysgur)

Commits

• 8b0f61d release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)
• b33fbde Revert "release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)"
• 027ce4a release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)
• 180dd0f Revert "release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20649)"
• a8f45a8 release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20649)
• 416865a feat(formatter,oxfmt): Add doc comments for JsdocConfig (#20644)
• 4fec907 feat(formatter): add JSDoc comment formatting support (#19828)
• 5446ebd release(apps): oxlint v1.56.0 && oxfmt v0.41.0 (#20423)
• 6a26b93 release(apps): oxlint v1.55.0 && oxfmt v0.40.0 (#20293)
• bc20217 fix(oxlint,oxfmt): Omit useless | null for Option\<T> field from schema (#...
• Additional commits viewable in compare view

Updates oxlint from 1.51.0 to 1.57.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

• 222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)
• 2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)
• bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)
• 5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)
• 7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)
• 2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)
• ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

• 6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)
• 6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)
• 7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)
• 732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)
• a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)
• ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)
• 3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)
• ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)
• e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)
• 6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)
• 85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)
• fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)
• ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)
• dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)
• 989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)
• cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

• 25d577e language_server: Start tools in parallel (#15500) (Sysix)
• 3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)
• 3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)
• 9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)
• 3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)
• 444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

• 97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)
• 2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)
• a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)
• 3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)
• 2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)
• 57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Changelog

Sourced from oxlint's changelog.

Changelog

All notable changes to this package will be documented in this file.

The format is based on Keep a Changelog.

[1.55.0] - 2026-03-12

🐛 Bug Fixes

• bc20217 oxlint,oxfmt: Omit useless | null for Option<T> field from schema (#20273) (leaysgur)

📚 Documentation

• f339f10 linter/plugins: Promote JS plugins to alpha status (#20281) (overlookmotel)

[1.54.0] - 2026-03-12

📚 Documentation

• 0c7da4f linter: Fix extra closing brace in example config. (#20253) (connorshea)

[1.52.0] - 2026-03-09

🚀 Features

• 61bf388 linter: Add options.reportUnusedDisableDirectives to config file (#19799) (Peter Wagenet)
• 2919313 linter: Introduce denyWarnings config options (#19926) (camc314)
• a607119 linter: Introduce maxWarnings config option (#19777) (camc314)

📚 Documentation

• 6c0e0b5 linter: Add oxlint.config.ts to the config docs. (#19941) (connorshea)
• 160e423 linter: Add a note that the typeAware and typeCheck options require oxlint-tsgolint (#19940) (connorshea)

Commits

• 8b0f61d release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)
• b33fbde Revert "release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)"
• 027ce4a release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20680)
• 180dd0f Revert "release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20649)"
• a8f45a8 release(apps): oxlint v1.57.0 && oxfmt v0.42.0 (#20649)
• 5446ebd release(apps): oxlint v1.56.0 && oxfmt v0.41.0 (#20423)
• 6a26b93 release(apps): oxlint v1.55.0 && oxfmt v0.40.0 (#20293)
• f339f10 docs(linter/plugins): promote JS plugins to alpha status (#20281)
• bc20217 fix(oxlint,oxfmt): Omit useless | null for Option\<T> field from schema (#...
• 36e7d29 release(apps): oxlint v1.54.0 && oxfmt v0.39.0 (#20267)
• Additional commits viewable in compare view

Updates posthog-js from 1.359.0 to 1.364.0

Release notes

Sourced from posthog-js's releases.

posthog-js@1.364.0

1.364.0

Minor Changes

• #3285 00a5079 Thanks @​pauldambra! - Reject the strings "undefined" and "null" in posthog.identify(). All invalid distinct IDs now log a critical console error (always visible, not debug-only). (2026-03-27)

Patch Changes

• #3286 8d34289 Thanks @​marandaneto! - Use async native CompressionStream for gzip compression to avoid blocking the main thread (2026-03-27)
• Updated dependencies [8d34289]:
  • @​posthog/core@​1.24.2
  • @​posthog/types@​1.364.0

posthog-js@1.363.6

1.363.6

Patch Changes

• #3279 32edaad Thanks @​pauldambra! - Bump @​posthog/rrweb packages to 0.0.51, which includes:
  • PostHog/posthog-rrweb#145: fix: handle cross-origin iframe errors during stop handler cleanup
  • PostHog/posthog-rrweb#148: fix: mask textarea innerText mutations
  • PostHog/posthog-rrweb#150: fix: guard WebGLRenderingContext access for iOS compatibility
  • PostHog/posthog-rrweb#151: refactor: extract slimDOMDefaults into shared function
  • PostHog/posthog-rrweb#152: fix: improve nested CSS rule handling
  • PostHog/posthog-rrweb#153: fix: allow clearing adopted stylesheets with empty strings
  • PostHog/posthog-rrweb#154: fix: prevent object reference mutation breaking remote CSS replay
  • PostHog/posthog-rrweb#156: fix: catch all SecurityError variants in stop handler cleanup (2026-03-26)
• Updated dependencies []:
  • @​posthog/types@​1.363.6

posthog-js@1.363.5

1.363.5

Patch Changes

• #3278 c59dc90 Thanks @​dustinbyrne! - Add tree-shakeable ESM extension-bundles entry point for slim builds (2026-03-25)

• #3274 ba08262 Thanks @​pauldambra! - fix: document visibility change shoudln't capture dead click (2026-03-25)

• Updated dependencies [ba08262]:

  • @​posthog/types@​1.363.5

posthog-js@1.363.4

1.363.4

Patch Changes

... (truncated)

Commits

• 287eb91 chore: update versions and lockfile [version bump]
• 00a5079 fix(identify): reject string "undefined"/"null" and always log critical (#3285)
• 343a4ac fix(ci): add --ignoreConfig to tsc calls in minimum TS version check for TS 6...
• 470907d feat(react-native): add $is_emulator property to detect emulator/simulator (#...
• 8d34289 perf(browser): use async CompressionStream for gzip to avoid blocking main th...
• e2f569a chore: update versions and lockfile [version bump]
• 32edaad chore(deps): bump @​posthog/rrweb packages to 0.0.51 (#3279)
• 7327809 chore: update versions and lockfile [version bump]
• a92ba45 chore: remove failure emoji from slack thread on successful release retry (#3...
• 5784dca fix(node): captureException uses distinctId from request context (#3282)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.