chore(deps): bump the minor-and-patch group across 1 directory with 12 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the minor-and-patch group with 12 updates in the / directory:

Package	From	To
@capacitor/android	8.2.0	8.3.0
@capacitor/cli	8.2.0	8.3.0
@capacitor/core	8.2.0	8.3.0
@capacitor/ios	8.2.0	8.3.0
fuse.js	7.1.0	7.3.0
web-vitals	5.1.0	5.2.0
@playwright/test	1.58.2	1.59.1
@types/node	25.5.0	25.5.2
@vitest/coverage-v8	4.1.0	4.1.2
canvas	3.2.2	3.2.3
eslint	10.1.0	10.2.0
vitest	4.1.0	4.1.2

Updates @capacitor/android from 8.2.0 to 8.3.0

Release notes

Sourced from @​capacitor/android's releases.

8.3.0

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Changelog

Sourced from @​capacitor/android's changelog.

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Commits

• 39f084a Release 8.3.0
• 27e6aa8 feat(cli): support SPM package traits in generated Package.swift (#8351)
• f03cfbe chore: direct Feature Requests to canny (#8395)
• 69476ab fix(cli): inline CSS sourcemaps in addition to JS sourcemaps (#8377)
• d2ee84f feat(cli): Experimental config for swift-tools-version in SPM apps (#8372)
• a9f2181 fix(android): correctly parsing server.url when they include paths (#8391)
• afb80f2 fix(ios): make getArray accesible on Objective-C plugins (#8392)
• 14e4af2 chore: change needs reproduction bot message (#8390)
• 4e99598 fix(SystemBars): use native safe area insets on Android (#8384)
• 003099a fix(http): handle URL objects on fetch (#8386)
• Additional commits viewable in compare view

Updates @capacitor/cli from 8.2.0 to 8.3.0

Release notes

Sourced from @​capacitor/cli's releases.

8.3.0

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Changelog

Sourced from @​capacitor/cli's changelog.

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Commits

• 39f084a Release 8.3.0
• 27e6aa8 feat(cli): support SPM package traits in generated Package.swift (#8351)
• f03cfbe chore: direct Feature Requests to canny (#8395)
• 69476ab fix(cli): inline CSS sourcemaps in addition to JS sourcemaps (#8377)
• d2ee84f feat(cli): Experimental config for swift-tools-version in SPM apps (#8372)
• a9f2181 fix(android): correctly parsing server.url when they include paths (#8391)
• afb80f2 fix(ios): make getArray accesible on Objective-C plugins (#8392)
• 14e4af2 chore: change needs reproduction bot message (#8390)
• 4e99598 fix(SystemBars): use native safe area insets on Android (#8384)
• 003099a fix(http): handle URL objects on fetch (#8386)
• Additional commits viewable in compare view

Updates @capacitor/core from 8.2.0 to 8.3.0

Release notes

Sourced from @​capacitor/core's releases.

8.3.0

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Changelog

Sourced from @​capacitor/core's changelog.

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Commits

• 39f084a Release 8.3.0
• 27e6aa8 feat(cli): support SPM package traits in generated Package.swift (#8351)
• f03cfbe chore: direct Feature Requests to canny (#8395)
• 69476ab fix(cli): inline CSS sourcemaps in addition to JS sourcemaps (#8377)
• d2ee84f feat(cli): Experimental config for swift-tools-version in SPM apps (#8372)
• a9f2181 fix(android): correctly parsing server.url when they include paths (#8391)
• afb80f2 fix(ios): make getArray accesible on Objective-C plugins (#8392)
• 14e4af2 chore: change needs reproduction bot message (#8390)
• 4e99598 fix(SystemBars): use native safe area insets on Android (#8384)
• 003099a fix(http): handle URL objects on fetch (#8386)
• Additional commits viewable in compare view

Updates @capacitor/ios from 8.2.0 to 8.3.0

Release notes

Sourced from @​capacitor/ios's releases.

8.3.0

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Changelog

Sourced from @​capacitor/ios's changelog.

8.3.0 (2026-03-25)

Bug Fixes

• android: correctly parsing server.url when they include paths (#8391) (a9f2181)
• cli: inline CSS sourcemaps in addition to JS sourcemaps (#8377) (69476ab)
• http: handle URL objects on fetch (#8386) (003099a)
• ios: make getArray accesible on Objective-C plugins (#8392) (afb80f2)
• SystemBars: use native safe area insets on Android (#8384) (4e99598)

Features

• cli: Experimental config for swift-tools-version in SPM apps (#8372) (d2ee84f)
• cli: support SPM package traits in generated Package.swift (#8351) (27e6aa8)

Commits

• 39f084a Release 8.3.0
• 27e6aa8 feat(cli): support SPM package traits in generated Package.swift (#8351)
• f03cfbe chore: direct Feature Requests to canny (#8395)
• 69476ab fix(cli): inline CSS sourcemaps in addition to JS sourcemaps (#8377)
• d2ee84f feat(cli): Experimental config for swift-tools-version in SPM apps (#8372)
• a9f2181 fix(android): correctly parsing server.url when they include paths (#8391)
• afb80f2 fix(ios): make getArray accesible on Objective-C plugins (#8392)
• 14e4af2 chore: change needs reproduction bot message (#8390)
• 4e99598 fix(SystemBars): use native safe area insets on Android (#8384)
• 003099a fix(http): handle URL objects on fetch (#8386)
• Additional commits viewable in compare view

Updates fuse.js from 7.1.0 to 7.3.0

Release notes

Sourced from fuse.js's releases.

v7.3.0

Features

• Token search — per-term fuzzy matching with IDF scoring (68c1dcf)
• Fuse.match() — static method for single string matching (460eb5b)
• BigInt support for indexing and search (0ae662c)
• removeAt() now returns the removed item (8cec7e2)
• Support keyless string entries in logical queries (8695556)
• getFn null return, escaped pipe in extended search, empty query returns all (d33b735)

Bug Fixes

• Merge overlapping match indices in extended search (06c5e97)
• Inverse patterns now work correctly across multiple keys (9351882)
• Handle quoted tokens with inner spaces and quotes in extended search (c226523)
• Handle non-decomposable diacritics in stripDiacritics (5a01f29)
• Coerce non-string array values to strings during indexing (db0e181)
• Strip getFn from keys in toJSON() for safe serialization (0f2a69b)

Internal

• Full TypeScript rewrite of source code
• Dropped UMD builds and babel preset-env
• Upgraded to Rollup 4, Vitest 2, TypeScript 6, ESLint 9
• Frozen default config to prevent mutation across instances
• Rewrote documentation as standalone markdown files

v7.2.0

Features

• Add Fuse.use() for runtime plugin registration

Performance

• Inline Bitap score computation to reduce object allocation in hot loops
• Batch removeAll for O(n) bulk removes instead of O(n*k)
• Heap-based top-k selection when limit is set
• Cache compiled searcher for repeated queries

Benchmarked on 10k records: 9-14% faster core search, 49x faster bulk remove.

Bug Fixes

• search: Deduplicate and merge overlapping match indices (#735)
• search: Preserve original array indices in nested path traversal (#786)
• types: Correct key type in FuseSortFunctionMatch (#811)
• types: Correct keys type in parseIndex parameter (#794)

Full Changelog: krisk/Fuse@v7.1.0...v7.2.0

Changelog

Sourced from fuse.js's changelog.

7.3.0 (2026-04-04)

Features

• add BigInt support for indexing and search (0ae662c), closes #814
• add static Fuse.match() for single string matching (460eb5b)
• add token search — per-term fuzzy matching with IDF scoring (68c1dcf)
• getFn null return, escaped pipe in extended search, empty query returns all (d33b735), closes #800 #765 #728
• removeAt() now returns the removed item (8cec7e2), closes #675
• search: support keyless string entries in logical queries (8695556), closes #736

Bug Fixes

• index: coerce non-string array values to strings during indexing (db0e181), closes #738
• index: strip getFn from keys in toJSON() for safe serialization (0f2a69b), closes #798
• lint: suppress unused var in toJSON destructure (d63c0e8)
• merge overlapping match indices in extended search (06c5e97)
• search: handle non-decomposable diacritics in stripDiacritics (5a01f29), closes home-assistant/frontend#30399 #816
• search: handle quoted tokens with inner spaces and quotes in extended search (c226523), closes #810
• search: inverse patterns now work correctly across multiple keys (9351882), closes #712

7.2.0 (2026-04-02)

Features

• add Fuse.use() for runtime plugin registration (8546a9b)

Performance

• inline Bitap score computation to reduce object allocation in hot loops (8546a9b)
• batch removeAll for O(n) bulk removes instead of O(n*k) (8546a9b)
• heap-based top-k selection when limit is set (8546a9b)
• cache compiled searcher for repeated queries (8546a9b)

Bug Fixes

• search: deduplicate and merge overlapping match indices (60c393a), closes #735
• search: preserve original array indices in nested path traversal (a1451be), closes #786
• types: correct key type in FuseSortFunctionMatch (fecee16), closes #811
• types: correct keys type in parseIndex parameter (58c7c73), closes #794

Commits

• aae48f5 chore(release): 7.3.0
• d63c0e8 fix(lint): suppress unused var in toJSON destructure
• 44dfdb4 chore: add funding field to package.json
• 65dadf5 docs: add performance guide with benchmark script
• 0ae662c feat: add BigInt support for indexing and search
• 8153c9d docs: fix tsconfig to resolve "no inputs found" error
• 6afb2ed docs: add "When to Use It" section to token search page
• 0e74a9c docs: simplify Getting Started page title
• 80330ed docs: fix sidebar titles and restore subheading expansion
• 6cd0cee docs: remove unused TwitterFollow and Version components
• Additional commits viewable in compare view

Updates web-vitals from 5.1.0 to 5.2.0

Changelog

Sourced from web-vitals's changelog.

v5.2.0 (2026-03-25)

• Replace filter()[0] with find() for better performance (#658)
• Use queueMicrotask for microtask scheduling (#660)
• Simplify the event and LoAF entry clean up logic (#662)
• Remove obsolete FID polyfill types (#675)
• Use LargestContentfulPaint.id as fallback when element is removed from DOM (#676)
• Fix bug for onLCP when attached late (#697)
• FHandle initially hidden pages and onLCP registered on visibility change (#698)
• Ensure we clear idle callbacks in whenIdleOrHidden (#707)
• Limit pending events to conserve memory (#710)
• Add includeProcessedEventEntries option (#714)
• Reduce bundle size by refactoring (#713)

Commits

• c071fd0 Release v5.2.0
• 15cd449 Prep changelog for v.5.2.0 (#693)
• 384dd9c Reduce bundle size by refactoring (#713)
• 1742e6b Add includeProcessedEventEntries option (#714)
• 4733a93 Bump flatted from 3.3.3 to 3.4.2 (#718)
• efc4845 Bump fast-xml-parser from 5.5.6 to 5.5.7 (#717)
• 8e4e689 Bump undici from 6.23.0 to 6.24.1 (#716)
• 9750cc9 Bump fast-xml-parser from 5.4.2 to 5.5.6 (#715)
• 8fb24d7 Limit pending events to conserve memory (#710)
• 1a8233e Address flaky test (#711)
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates @playwright/test from 1.58.2 to 1.59.1

Release notes

Sourced from @​playwright/test's releases.

v1.59.1

Bug Fixes

• [Windows] Reverted hiding console window when spawning browser processes, which caused regressions including broken codegen, --ui and show commands (#39990)

v1.59.0

🎬 Screencast

New page.screencast API provides a unified interface for capturing page content with:

• Screencast recordings
• Action annotations
• Visual overlays
• Real-time frame capture
• Agentic video receipts

Screencast recording — record video with precise start/stop control, as an alternative to the recordVideo option:

await page.screencast.start({ path: 'video.webm' });
// ... perform actions ...
await page.screencast.stop();

Action annotations — enable built-in visual annotations that highlight interacted elements and display action titles during recording:

await page.screencast.showActions({ position: 'top-right' });

screencast.showActions() accepts position ('top-left', 'top', 'top-right', 'bottom-left', 'bottom', 'bottom-right'), duration (ms per annotation), and fontSize (px). Returns a disposable to stop showing actions.

Action annotations can also be enabled in test fixtures via the video option:

// playwright.config.ts
export default defineConfig({
  use: {
    video: {
      mode: 'on',
      show: {
        actions: { position: 'top-left' },
        test: { position: 'top-right' },
      },
</tr></table> 

... (truncated)

Commits

• d466ac5 chore: mark v1.59.1 (#40005)
• 530e7e5 cherry-pick(#4004): fix(cli): kill-all should kill dashboard
• 9aa216c cherry-pick(#39994): Revert "fix(windows): hide console window when spawning ...
• 01b2b15 cherry-pick(#39980): chore: more release notes fixes
• a5cb6c9 cherry-pick(#39972): chore: expose browser.bind and browser.unbind APIs
• 99a17b5 cherry-pick(#39975): chore: support opening .trace files via .link indirection
• 43607c3 cherry-pick(#39974): chore(webkit): update Safari user-agent version to 26.4
• 62cabe1 cherry-pick(#39969): chore(npm): include all *.md from lib (#39970)
• 0c65a75 cherry-pick(#39968): chore: screencast.showActions api
• f04155b cherry-pick(#39958): chore: release notes for langs v1.59
• Additional commits viewable in compare view

Updates @types/node from 25.5.0 to 25.5.2

Commits

• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.0 to 4.1.2

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.2

This release bumps Vitest's flatted version and removes version pinning to resolve flatted's CVE related issues (vitest-dev/vitest#9975).

   🐞 Bug Fixes

• Don't resolve setupFiles from parent directory  -  by @​hi-ogawa in vitest-dev/vitest#9960 (7aa93)
• Ensure sequential mock/unmock resolution  -  by @​hi-ogawa and Claude Opus 4.6 in vitest-dev/vitest#9830 (7c065)
• browser: Take failure screenshot if toMatchScreenshot can't capture a stable screenshot  -  by @​macarie in vitest-dev/vitest#9847 (faace)
• coverage: Correct coverageConfigDefaults values and types  -  by @​Arthie in vitest-dev/vitest#9940 (b3c99)
• pretty-format: Fix output limit over counting  -  by @​hi-ogawa in vitest-dev/vitest#9965 (d3b7a)
• Disable colors if agent is detected  -  by @​sheremet-va and @​AriPerkkio in vitest-dev/vitest#9851 (6f97b)

    View changes on GitHub

v4.1.1

   🚀 Features

• experimental:
  • Expose matchesTags to test if the current filter matches tags  -  by @​sheremet-va in vitest-dev/vitest#9913 (eec53)
  • Introduce experimental.vcsProvider  -  by @​sheremet-va in vitest-dev/vitest#9928 (56115)

   🐞 Bug Fixes

• Mark TestProject.testFilesList internal properly  -  by @​sapphi-red in vitest-dev/vitest#9867 (54f26)
• Detect fixture that returns without calling use  -  by @​oilater in vitest-dev/vitest#9831 and vitest-dev/vitest#9861 (633ae)
• Drop vite 8.beta support  -  by @​AriPerkkio in vitest-dev/vitest#9862 (b78f5)
• Type regression in vi.mocked() static class methods  -  by @​purepear and @​hi-ogawa in vitest-dev/vitest#9857 (90926)
• Properly re-evaluate actual modules of mocked external  -  by @​hi-ogawa in vitest-dev/vitest#9898 (ae5ec)
• Preserve coverage report when html reporter overlaps  -  by @​hi-ogawa in vitest-dev/vitest#9889 (2d81a)
• Provide vi.advanceTimers to the preview provider  -  by @​sheremet-va in vitest-dev/vitest#9891 (1bc3e)
• Don't leak event listener in playwright provider  -  by @​sheremet-va in vitest-dev/vitest#9910 (d9355)
• Open browser in --standalone mode without running tests  -  by @​sheremet-va in vitest-dev/vitest#9911 (e78ad)
• Guard disposable and optional body  -  by @​sheremet-va in vitest-dev/vitest#9912 (6fdb2)
• Resolve retry.condition RegExp serialization issue  -  by @​nstepien and @​hi-ogawa in vitest-dev/vitest#9942 (7b605)
• collect:
  • Don't treat extra props on test return as tests  -  by @​sheremet-va in vitest-dev/vitest#9871 (141e7)
• coverage:
  • Simplify provider types  -  by @​AriPerkkio in vitest-dev/vitest#9931 (aaf9f)
  • Load built-in provider without module runner  -  by @​AriPerkkio in vitest-dev/vitest#9939 (bf892)
• expect:
  • Soft assertions continue after .resolves/.rejects promise errors  -  by @​mixelburg, Maks Pikov, Claude Opus 4.6 (1M context) and @​hi-ogawa in vitest-dev/vitest#9843 (6d74b)
  • Fix sinon-chai style API  -  by @​hi-ogawa in vitest-dev/vitest#9943 (0f08d)
• pretty-format:
  • Limit output for large object  -  by @​hi-ogawa and Claude Opus 4.6 (1M context) in vitest-dev/vitest#9949 (0d5f9)

    View changes on GitHub

Commits

• fc6f482 chore: release v4.1.2
• 1f2d318 chore: release v4.1.1
• aaf9f18 fix(coverage): simplify provider types (#9931)
• See full diff in compare view

Updates canvas from 3.2.2 to 3.2.3

Release notes

Sourced from canvas's releases.

v3.2.3

Fixed

• Fix building with gcc (#2559)

Changelog

Sourced from canvas's changelog.

3.2.3

Fixed

• Fix building with gcc (#2559)

Commits

• f91598e v3.2.3
• 1541544 PAGE_SIZE shouldn't be unsigned
• See full diff in

[github-actions]

🤖 CI Summary

Job	Status
Unit Tests	✅ success
Lint	✅ success
Build	✅ success
E2E Tests	✅ success

📦 Bundle Size

Main JS: 50KB

📋 What to do if tests fail?

• Unit Tests: Check the test output in the Actions tab
• Lint: Run npm run lint locally
• E2E Tests: Check Playwright report artifacts
• Skipped jobs: Path filters detected no relevant changes

---

Updated: 2026-04-06T02:05:47.435Z

[github-actions]

⚠️ SonarCloud Analysis

Quality Gate: UNKNOWN

New Code

Metric	Value
🐛 Bugs	N/A
🔓 Vulnerabilities	N/A
🔥 Security Hotspots	N/A
🧹 Code Smells	N/A
📊 Coverage	N/A
📋 Duplication	N/A
🕐 New Debt	N/A

Ratings

	Reliability	Security	Maintainability
Grade	N/A	N/A	N/A

Overall Project

Metric	Value
📊 Coverage	N/A
🕐 Technical Debt	N/A
📏 Lines of Code	N/A
🐛 Bugs	N/A
🔓 Vulnerabilities	N/A
🧹 Code Smells	N/A
📋 Duplication	N/A

View full analysis on SonarCloud

---

SonarCloud · 9c22e5d · 2026-04-06 02:06:06 UTC

[jtn0123]

@dependabot rebase

[github-actions]

🎉 This PR is included in version 1.12.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀