chore(deps): bump the minor group with 5 updates

[dependabot]

Bumps the minor group with 5 updates:

Package	From	To
@cloudflare/workers-types	4.20260413.1	4.20260414.1
oxfmt	0.44.0	0.45.0
oxlint	1.59.0	1.60.0
posthog-js	1.367.0	1.368.1
wrangler	4.81.1	4.82.2

Updates @cloudflare/workers-types from 4.20260413.1 to 4.20260414.1

Commits

• See full diff in compare view

Updates oxfmt from 0.44.0 to 0.45.0

Changelog

Sourced from oxfmt's changelog.

[0.45.0] - 2026-04-13

🐛 Bug Fixes

• 50c389b oxfmt: Support .editorconfig quote_type (#20989) (leaysgur)

Commits

• e16848e release(apps): oxlint v1.60.0 && oxfmt v0.45.0 (#21375)
• 50c389b fix(oxfmt): Support .editorconfig quote_type (#20989)
• See full diff in compare view

Updates oxlint from 1.59.0 to 1.60.0

Release notes

Sourced from oxlint's releases.

oxlint v1.27.0 && oxfmt v0.12.0

Oxlint v1.27.0

🚀 Features

• 222a8f0 linter/plugins: Implement SourceCode#isSpaceBetween (#15498) (overlookmotel)
• 2f9735d linter/plugins: Implement context.languageOptions (#15486) (overlookmotel)
• bc731ff linter/plugins: Stub out all Context APIs (#15479) (overlookmotel)
• 5822cb4 linter/plugins: Add extend method to FILE_CONTEXT (#15477) (overlookmotel)
• 7b1e6f3 apps: Add pure rust binaries and release to github (#15469) (Boshen)
• 2a89b43 linter: Introduce debug assertions after fixes to assert validity (#15389) (camc314)
• ad3c45a editor: Add oxc.path.node option (#15040) (Sysix)

🐛 Bug Fixes

• 6f3cd77 linter/no-var: Incorrect warning for blocks (#15504) (Hamir Mahal)
• 6957fb9 linter/plugins: Do not allow access to Context#id in createOnce (#15489) (overlookmotel)
• 7409630 linter/plugins: Allow access to cwd in createOnce in ESLint interop mode (#15488) (overlookmotel)
• 732205e parser: Reject using / await using in a switch case / default clause (#15225) (sapphi-red)
• a17ca32 linter/plugins: Replace Context class (#15448) (overlookmotel)
• ecf2f7b language_server: Fail gracefully when tsgolint executable not found (#15436) (camc314)
• 3c8d3a7 lang-server: Improve logging in failure case for tsgolint (#15299) (camc314)
• ef71410 linter: Use jsx if source type is JS in fix debug assertion (#15434) (camc314)
• e32bbf6 linter/no-var: Handle TypeScript declare keyword in fixer (#15426) (camc314)
• 6565dbe linter/switch-case-braces: Skip comments when searching for : token (#15425) (camc314)
• 85bd19a linter/prefer-class-fields: Insert value after type annotation in fixer (#15423) (camc314)
• fde753e linter/plugins: Block access to context.settings in createOnce (#15394) (overlookmotel)
• ddd9f9f linter/forward-ref-uses-ref: Dont suggest removing wrapper in invalid positions (#15388) (camc314)
• dac2a9c linter/no-template-curly-in-string: Remove fixer (#15387) (camc314)
• 989b8e3 linter/no-var: Only fix to const if the var has an initializer (#15385) (camc314)
• cc403f5 linter/plugins: Return empty object for unimplemented parserServices (#15364) (magic-akari)

⚡ Performance

• 25d577e language_server: Start tools in parallel (#15500) (Sysix)
• 3c57291 linter/plugins: Optimize loops (#15449) (overlookmotel)
• 3166233 linter/plugins: Remove Arcs (#15431) (overlookmotel)
• 9de1322 linter/plugins: Lazily deserialize settings JSON (#15395) (overlookmotel)
• 3049ec2 linter/plugins: Optimize deepFreezeSettings (#15392) (overlookmotel)
• 444ebfd linter/plugins: Use single object for parserServices (#15378) (overlookmotel)

📚 Documentation

• 97d2104 linter: Update comment in lint.rs about default value for tsconfig path (#15530) (Connor Shea)
• 2c6bd9e linter: Always refer as "ES2015" instead of "ES6" (#15411) (sapphi-red)
• a0c5203 linter/import/named: Update "ES7" comment in examples (#15410) (sapphi-red)
• 3dc24b5 linter,minifier: Always refer as "ES Modules" instead of "ES6 Modules" (#15409) (sapphi-red)
• 2ad77fb linter/no-this-before-super: Correct "Why is this bad?" section (#15408) (sapphi-red)
• 57f0ce1 linter: Add backquotes where appropriate (#15407) (sapphi-red)

Oxfmt v0.12.0

... (truncated)

Changelog

Sourced from oxlint's changelog.

[1.60.0] - 2026-04-13

📚 Documentation

• cfd8a4f linter: Don't rely on old eslint doc for available globals (#21334) (Nicolas Le Cam)

Commits

• e16848e release(apps): oxlint v1.60.0 && oxfmt v0.45.0 (#21375)
• cfd8a4f docs(linter): don't rely on old eslint doc for available globals (#21334)
• See full diff in compare view

Updates posthog-js from 1.367.0 to 1.368.1

Release notes

Sourced from posthog-js's releases.

[email protected]

1.368.1

Patch Changes

• #3379 d7c71b1 Thanks @​dmarticus! - Fix bootstrapped feature flags being overwritten by partial /flags response when advanced_only_evaluate_survey_feature_flags is enabled (2026-04-14)
• Updated dependencies []:
  • @​posthog/types@​1.368.1

[email protected]

1.368.0

Minor Changes

• #3345 3fcf5c4 Thanks @​jonmcwest! - Add posthog.captureLog() API for sending structured log entries to PostHog logs (2026-04-13)

Patch Changes

• #3373 f5fe0a8 Thanks @​ksvat! - bump rrweb version (2026-04-13)
• Updated dependencies [3fcf5c4]:
  • @​posthog/types@​1.368.0

Commits

• 8ce322f chore: update versions and lockfile [version bump]
• d7c71b1 fix(browser): merge partial /flags response with bootstrapped flags (#3379)
• 989e664 chore: update versions and lockfile [version bump]
• 3fcf5c4 feat(logs): add captureLog API for structured OTLP log ingestion (#3345)
• f5fe0a8 chore(replay): bump rrweb version (#3373)
• 8996ec3 chore: update versions and lockfile [version bump]
• cf69f96 feat: add Gemini embedContent tracking (#3369)
• c1f2c32 feat(llma): add $ai_stop_reason extraction for all providers (#3368)
• 8046da7 chore(ci): send PostHog failure events for version bump and S3 upload jobs (#...
• See full diff in compare view

Updates wrangler from 4.81.1 to 4.82.2

Release notes

Sourced from wrangler's releases.

[email protected]

Patch Changes

• #13457 9b2b6ba Thanks @​jamesopstad! - Add Flagship OAuth scopes to wrangler login

[email protected]

Patch Changes

• #13453 6b11b07 Thanks @​petebacondarwin! - Disable flagship OAuth scopes that are not yet valid in the Cloudflare backend

  The flagship:read and flagship:write OAuth scopes have been temporarily commented out from the default scopes requested during login, as they are not yet recognized by the Cloudflare backend.

• #13438 dd4e888 Thanks @​dependabot! - fix: handle Vike config files that use a variable-referenced default export

  Newer versions of create-vike (0.0.616+) generate pages/+config.ts files using const config: Config = { ... }; export default config; instead of the previous export default { ... } satisfies Config;. The Wrangler autoconfig AST transformation now resolves Identifier exports to their variable declarations, supporting both old and new Vike config file formats.

[email protected]

Minor Changes

• #13353 5338bb6 Thanks @​mattzcarey! - Add artifacts:write to Wrangler's default OAuth scopes, enabling wrangler login to request access to Cloudflare Artifacts (registries and artifacts).

• #13139 79fd529 Thanks @​roerohan! - feat: add Flagship feature flag binding support

  Adds end-to-end support for the Flagship feature flag binding, which allows Workers to evaluate feature flags from Cloudflare's Flagship service. Configure it in wrangler.json with a flagship array containing binding and app_id entries. In local dev, the binding returns default values for all flag evaluations; use "remote": true in the binding to evaluate flags against the live Flagship service.

• #12983 28bc2be Thanks @​1000hz! - Added the wrangler preview command family for creating Preview deployments (currently in private beta).

• #13197 4fd138b Thanks @​shahsimpson! - Add preview output-file entries for wrangler preview deployments

  wrangler preview now writes a preview entry to the Wrangler output file when WRANGLER_OUTPUT_FILE_PATH or WRANGLER_OUTPUT_FILE_DIRECTORY is configured. The entry includes the Worker name, preview metadata (preview_id, preview_name, preview_slug, preview_urls) and deployment metadata (deployment_id, deployment_urls).

  This makes preview command runs machine-readable in the same output stream as other Wrangler commands, which helps CI integrations consume preview URLs and IDs directly.

• #13159 bafb96b Thanks @​ruifigueira! - Add wrangler browser commands for managing Browser Rendering sessions

  New commands for Browser Rendering DevTools:

  • wrangler browser create [--lab] [--keepAlive <seconds>] [--open] - Create a new session
  • wrangler browser close <sessionId> - Close a session
  • wrangler browser list - List active sessions
  • wrangler browser view [sessionId] [--target <selector>] [--open] - View a live browser session

  The view command auto-selects when only one session exists, or prompts for selection when multiple are available.

  The --open flag controls whether to open DevTools in browser (default: true in interactive mode, false in CI/scripts). Use --no-open to just print the DevTools URL.

  All commands support --json for programmatic output. Also adds browser:write OAuth scope to wrangler login.

• #13392 2589395 Thanks @​emily-shen! - Add telemetry to local REST API

... (truncated)

Commits

• ff14de1 Version Packages (#13460)
• 6c3b773 Revert "[wrangler] Disable flagship OAuth scopes not yet valid in backend" (#...
• 04a2d9c Version Packages (#13452)
• 6b11b07 [wrangler] Disable flagship OAuth scopes not yet valid in backend (#13453)
• dd4e888 [C3] Bump create-vike from 0.0.599 to 0.0.616 in /packages/create-cloudflare/...
• 4e4d146 Version Packages (#13375)
• 2589395 local explorer: add telemetry (#13392)
• 525a46b [wrangler] Fix proxy startup notice polluting stdout for --json commands (#13...
• 1313275 [explorer] add local explorer hotkey to the vite plugin (#13137)
• bafb96b BRAPI-1041: Add browser rendering commands to wrangler (#13159)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

🔦 Lighthouse Benchmark

Last updated: 2026-04-14T08:05:56
Last commit: 6b7fd5c

Tested: https://ks-dependabot-npm-and-yarn-minor-docs.kestra-io.workers.dev on 2026-04-14 08:05 UTC
Compared against main baseline from 2026-04-10

Scores (0–100, higher is better)

Page	Performance	Accessibility	Best Practices	SEO
Home	55	79	59	92
Pricing	99 ▲ +3	88	59	100
Enterprise	89 ▲ +5	78	59	100
Cloud	89	83	59	100
About Us	81 ▼ -14	87	59	100
Docs Landing	98 ▲ +10	84	59	92
Contribute to Kestra (simple docs)	97	84	59	92
Flow (full featured docs)	92 ▲ +5	86	59	92
Blog Index	65 ▼ -16	86	59	100
Blog Post (sample)	98	83	59	100
VS Page (sample)	95	88	59	100
Plugins Landing	93	77	59	92
Plugin Page (sample)	96	87	59	100
Plugin Debug Page (sample)	95	87	59	100
Plugin Debug Return Page (sample)	0 ▼ -94	87	0 ▼ -59	100
Blueprints Landing	91	77	56 ▼ -3	92
Blueprint Audit Logs CSV Export	67 ▲ +6	82	59	100

Core Web Vitals (lower is better)

Page	LCP	FCP	TBT	CLS	Speed Index
Home	1.87 s ▲	1.25 s ▲	668 ms ▼	0.002	3.62 s ▲
Pricing	0.94 s ▲	0.57 s ▲	45 ms ▲	0.000	0.82 s ▲
Enterprise	1.94 s	1.00 s	50 ms ▼	0.000	1.13 s ▲
Cloud	2.19 s ▼	0.52 s ▲	39 ms ▼	0.000	0.93 s
About Us	3.41 s ▼	0.54 s ▲	45 ms ▲	0.000	0.79 s ▲
Docs Landing	0.89 s ▲	0.56 s ▲	102 ms ▲	0.000	0.97 s ▲
Contribute to Kestra (simple docs)	0.95 s ▲	0.49 s ▲	130 ms ▼	0.000	0.84 s ▲
Flow (full featured docs)	0.89 s ▲	0.52 s ▲	211 ms ▼	0.000	1.17 s ▲
Blog Index	7.63 s ▼	0.54 s ▲	60 ms ▼	0.000	30.79 s ▼
Blog Post (sample)	0.95 s ▲	0.45 s ▲	77 ms ▼	0.000	0.77 s ▲
VS Page (sample)	1.50 s	0.58 s ▲	49 ms	0.000	0.87 s ▲
Plugins Landing	0.94 s ▲	0.55 s ▲	55 ms ▼	0.000	2.61 s ▼
Plugin Page (sample)	0.93 s ▲	0.49 s ▲	46 ms ▼	0.051	1.75 s ▼
Plugin Debug Page (sample)	0.94 s ▲	0.53 s ▲	80 ms ▼	0.001	1.90 s ▼
Plugin Debug Return Page (sample)	0.00 s ▲	0.00 s ▲	0 ms ▲	0.000 ▲	0.00 s ▲
Blueprints Landing	1.40 s ▲	0.79 s	39 ms ▲	0.000	2.21 s ▼
Blueprint Audit Logs CSV Export	1.33 s ▲	0.62 s ▲	133 ms ▲	0.485	2.63 s ▼

Legend

▲ improved  ·  ▼ regressed  ·  (blank) no significant change
Score threshold: ±3 pts  ·  Metric threshold: ±10% of baseline

[github-actions]

## 🔦 Lighthouse Benchmark

Tested: https://ks-dependabot-npm-and-yarn-minor-docs.kestra-io.workers.dev on 2026-04-22 06:14 UTC
Compared against main baseline from 2026-04-10

Scores (0–100, higher is better)

Page	Performance	Accessibility	Best Practices	SEO
Home	57	79	59	92
Pricing	97	88	59	100
Enterprise	91	78	59	100
Cloud	95	83	59	100
About Us	81 🔻 -14	87	59	100
Docs Landing	78 🔻 -10	84	59	92
Contribute to Kestra (simple docs)	95	84	59	92
Flow (full featured docs)	80	86	59	92
Blog Index	65 🔻 -16	86	59	100
Blog Post (sample)	86 🔻 -11	83	59	100
VS Page (sample)	91	88	59	100
Plugins Landing	91	77	59	92
Plugin Page (sample)	94	87	59	100
Plugin Debug Page (sample)	96	87	59	100
Plugin Debug Return Page (sample)	97	87	59	100
Blueprints Landing	90	77	56	92
Blueprint Audit Logs CSV Export	66	82	59	100

Core Web Vitals (lower is better)

Page	LCP	FCP	TBT	CLS	Speed Index
Home	2.79 s 🟢	1.12 s 🟢	374 ms 🔻	0.002	4.15 s 🟢
Pricing	0.92 s	0.55 s	119 ms 🔻	0.001	0.74 s
Enterprise	1.70 s	0.88 s	92 ms 🔻	0.003	1.34 s 🟢
Cloud	1.44 s	0.53 s	77 ms 🔻	0.000	0.86 s
About Us	3.28 s 🔻	0.61 s	68 ms	0.000	0.90 s
Docs Landing	2.56 s 🔻	0.61 s 🟢	223 ms 🔻	0.000	0.96 s
Contribute to Kestra (simple docs)	1.00 s	0.55 s	147 ms 🔻	0.003	0.83 s
Flow (full featured docs)	1.87 s 🔻	0.64 s 🟢	285 ms 🔻	0.000	1.16 s
Blog Index	9.87 s 🔻	0.54 s	73 ms 🔻	0.001	28.98 s 🔻
Blog Post (sample)	2.40 s 🔻	0.51 s	112 ms 🔻	0.000	0.67 s 🟢
VS Page (sample)	1.74 s	0.59 s	115 ms 🔻	0.000	1.01 s
Plugins Landing	1.03 s 🟢	0.58 s	145 ms 🔻	0.002	2.26 s 🔻
Plugin Page (sample)	1.02 s	0.48 s	139 ms 🔻	0.051	1.55 s
Plugin Debug Page (sample)	0.90 s	0.52 s	81 ms	0.001	1.67 s 🔻
Plugin Debug Return Page (sample)	0.93 s 🟢	0.50 s	93 ms	0.025	1.54 s
Blueprints Landing	1.50 s	0.82 s	97 ms	0.000	2.05 s 🔻
Blueprint Audit Logs CSV Export	0.95 s 🟢	0.56 s	224 ms 🔻	0.485	2.09 s

Legend

🟢 improved  ·  🔻 regressed  ·  (blank) no significant change
Score threshold: ±10 pts  ·  Metric threshold: ±30% of baseline