chore(deps-dev): bump the development-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the development-dependencies group with 5 updates in the / directory:

Package	From	To
@types/mdx	2.0.13	2.0.14
@types/node	25.9.1	25.9.2
knip	6.15.0	6.16.1
@types/react	19.2.16	19.2.17
style-dictionary	5.4.3	5.4.4

Updates @types/mdx from 2.0.13 to 2.0.14

Commits

• See full diff in compare view

Updates @types/node from 25.9.1 to 25.9.2

Commits

• See full diff in compare view

Updates knip from 6.15.0 to 6.16.1

Release notes

Sourced from knip's releases.

Release 6.16.1

• Resolve SvelteKit ./$types in monorepos (resolve #1778) (370ef4cefec6540ee7d58249cc402f479ec76405)

Release 6.16.0

• Update sponsors data + fix sponsors layout on narrow screen (fadf13aad5ebc36f7bc2fbc7615bfa77681d3660)
• Detect binaries and entry files in node:child_process calls (fc3598cfac640a2ae53b0113883574bf15bc5d47)
• It works™ (2d9ce845121484ef3ff84e4a761cfd98891d6c09)
• Extend known issues doc w/ workaround (close #1763) (fcd444bf4c6b2ddc5d7bb0ebfd6f3991cf5d0be2)
• Support ignoreExportsUsedInFile per workspace (close #1495) (4b898a971105d865d86d4dc81bc694721bff8793)
• feat(vscode): add workspaceRoot config option to enable use in a VSCode workspace that does not have package.json at the workspace root (#1667) (7c1ebef6ab6d1c5a7f2f920d4243241246b53f4b) - thanks @​anmilleriii!
• Replace minimist with node:util.parseArgs (resolve #1492) (b360c5ce1acfbb2cbd5f4e92ecca6c9b461ae094)
• Preserve minimist numeric coercion and --no-x negation (c12153ce0601378354421e454a6b6bbab74ae9fb)
• Simplify parseArgs adapter (ba15e413be7515620e4224b21483a1a87659dc34)
• Detect and credit registered custom elements (resolve #1394) (62dcda5fa46ccf6bdd94175b725fd38678049319)
• Add Lit and FAST plugins to detect @​customElement classes (348d2c9decf09bb61ab47477bc6cc57e4b089ec3)
• Add new testimonials (77fd7ed7dffaccfa8bc024105fe81dbe09b70671)
• Scope custom path aliases per workspace (resolve #1775) (d908099b52e4fd93b7947bafecbabeddfc7847f3)
• Restructure tests (ec4c77941d42aef54bed9e4dd1cae8e8784aa147)
• Simplify boolean check in parseArgs adapter (ba6865de03785eb49b2adf833f7f769eece78d49)
• Scope static custom-element define detection to the FAST plugin (94632cddd15f75eadd204cb480b3df6c1f2a842d)
• Add Custom Elements feature docs page (230bd734652f3a269b70da09cd26ac7e80a210cd)
• Update known-issues.md (f1f4c1bceef9a6575d7b31cc1340538ea894f824)
• Fix crash on backtick string literals in plugin config (resolve #1776) (f1adc7fbd68fc52a89a4d2a4d6b17d905d051de7)
• Format (e4720cab435be48e1a40afa8c548e21bdb74b14e)
• Fix backtick string literals in require() and plugin-name config arrays (#1776) (d14eb053331daaaeaec89c3c8e04cfeeba7580af)
• Credit custom elements via aliases, scoped registries, and static blocks (d7cbe12bd904f65b20016bdd2dfd4a5d7c5c1524)
• Improve Stencil plugin: credit @​Component and recognize test files (152d73052f87f29b348abbab90e117cfb97dd69b)
• Add Catalyst plugin to credit bare @​controller custom elements (8a37f8c25b03cd4e55bd18ba822906be35fcd97b)
• Document Stencil, Catalyst, static-block custom el reg. (105fba3a829f1cf4cf871035dbc9c170b0de7bc1)
• Auto-format md (f4fcf4e1c6a399d761151fc367125416e7741675)

Commits

• a3169ec Release knip@6.16.1
• 370ef4c Resolve SvelteKit ./$types in monorepos (resolve #1778)
• e9a5a64 Release knip@6.16.0
• 8a37f8c Add Catalyst plugin to credit bare @​controller custom elements
• 152d730 Improve Stencil plugin: credit @​Component and recognize test files
• d7cbe12 Credit custom elements via aliases, scoped registries, and static blocks
• d14eb05 Fix backtick string literals in require() and plugin-name config arrays (#1776)
• f1adc7f Fix crash on backtick string literals in plugin config (resolve #1776)
• 94632cd Scope static custom-element define detection to the FAST plugin
• ba6865d Simplify boolean check in parseArgs adapter
• Additional commits viewable in compare view

Updates @types/react from 19.2.16 to 19.2.17

Commits

• See full diff in compare view

Updates style-dictionary from 5.4.3 to 5.4.4

Release notes

Sourced from style-dictionary's releases.

v5.4.4

Patch Changes

• 23b5e8d: Fix prototype pollution vulnerability in the convertTokenData utility function, this was introduced in version 4.3.0. Any token key that includes __proto__ will be ignored. See Security Advisory GHSA-vj5c-m527-mpff.

Changelog

Sourced from style-dictionary's changelog.

5.4.4

Patch Changes

• 23b5e8d: Fix prototype pollution vulnerability in the convertTokenData utility function, this was introduced in version 4.3.0. Any token key that includes __proto__ will be ignored. See Security Advisory GHSA-vj5c-m527-mpff.

Commits

• 1c90088 chore: release (#1703)
• 23b5e8d fix: prototype pollution in convertTokenData utility GHSA-vj5c-m527-mpff (#1702)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

⚠️ No Changeset found

Latest commit: 88d2f49

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.