chore(deps-dev): bump the dev-deps group with 7 updates

[dependabot]

Bumps the dev-deps group with 7 updates:

Package	From	To
@cloudflare/vitest-pool-workers	0.12.17	0.12.18
@cloudflare/workers-types	4.20260303.0	4.20260305.0
@types/node	25.3.0	25.3.3
hono	4.12.2	4.12.3
itty-router	5.0.22	5.0.23
pkg-pr-new	0.0.63	0.0.65
wrangler	4.68.1	4.69.0

Updates @cloudflare/vitest-pool-workers from 0.12.17 to 0.12.18

Release notes

Sourced from @​cloudflare/vitest-pool-workers's releases.

@​cloudflare/vitest-pool-workers@​0.12.18

Patch Changes

• Updated dependencies [99037e3, 295297a, f765244, c0e9e08]:
  • [email protected]
  • [email protected]

Changelog

Sourced from @​cloudflare/vitest-pool-workers's changelog.

0.12.18

Patch Changes

• Updated dependencies [99037e3, 295297a, f765244, c0e9e08]:
  • [email protected]
  • [email protected]

Commits

• 414799d Version Packages (#12670)
• See full diff in compare view

Updates @cloudflare/workers-types from 4.20260303.0 to 4.20260305.0

Commits

• See full diff in compare view

Updates @types/node from 25.3.0 to 25.3.3

Commits

• See full diff in compare view

Updates hono from 4.12.2 to 4.12.3

Release notes

Sourced from hono's releases.

v4.12.3

What's Changed

• fix(validator): prevent type diff bug in form data parsing by @​EdamAme-x in honojs/hono#4753
• fix(jwt): use Math.floor instead of bitwise OR for safe timestamp by @​EdamAme-x in honojs/hono#4754
• fix(jwt): fix JwtVariables for ContextVariableMap by @​yusukebe in honojs/hono#4764
• fix(types): remove DOM type dependencies from ClientResponse and request method by @​YevheniiKotyrlo in honojs/hono#4768
• fix(types): correct middleware types by @​hmnd in honojs/hono#4774
• fix(jwt): prevent memory leak by avoiding mutation of options object by @​EdamAme-x in honojs/hono#4759

New Contributors

• @​YevheniiKotyrlo made their first contribution in honojs/hono#4768
• @​hmnd made their first contribution in honojs/hono#4774

Full Changelog: honojs/hono@v4.12.2...v4.12.3

Commits

• 790c57b 4.12.3
• bda46ac fix(jwt): prevent memory leak by avoiding mutation of options object (#4759)
• 0f505f4 fix(types): correct middleware types (#4774)
• eb9c112 fix(types): remove DOM type dependencies from ClientResponse and request meth...
• b1df304 fix(jwt): fix JwtVariables for ContextVariableMap (#4764)
• e4602ad fix(jwt): use Math.floor instead of bitwise OR for safe timestamp (#4754)
• 4bb70fa fix(validator): prevent type diff bug in form data parsing (#4753)
• See full diff in compare view

Updates itty-router from 5.0.22 to 5.0.23

Release notes

Sourced from itty-router's releases.

Release v5.0.23

See v5.0.23 CHANGELOG entry for notes

Changelog

Sourced from itty-router's changelog.

v5.0.23

• fixed: cors/corsify should no longer throw immutable headers error (edge case fix)

v5.0.20

• docs: export default { ...router } as README example

v5.0.17

• fixed: corsify should clone response before appending headers

v5.0.16

• maintenance: README

v5.0.15

• maintenance: types cleanup and publishing test

v5.0.14

• maintenance: types cleanup and publishing test

v5.0.13

• fixed: Router/AutoRouter stages were not connected to router-level generics

v5.0.12

• fixed: ./types was not being properly exported

v5.0.10

• fixed: response formatters in finally stage could still cross pollute headers in Node

v5.0.9

• fixed: cors preflight should reflect requested headers as the default (required for credentials)

v5.0.7

• fixed: withParams could attempt to bind null (collision with node adapter)

v5.0.6

• fixed: corsify as replacing status codes (now mutates original response)

v5.0.5

• fixed: corsify now properly ignores WebSocket responses

v5.0.4

• fixed: (TypeScript) middleware corrupting downstream request types and args

v5.0.2

• fixed: AutoRouter was missing the router-level generics support of the other 2 routers.
• fixed: All 3 routers had their 3rd generic argument, ResponseType added per the spec.

v5.0.0

• BREAKING: router.fetch replaces router.handle (now deprecated)
• BREAKING: "createCors" has been deprecated in favor of "cors" (new options & requirements)
• changed: previous Router (smallest) is now IttyRouter
• added: Router (full backwards compatability with previous Router) has been added, including:
  • "before" stage (array of request handlers)
  • "finally" stage (array of response handlers)
  • "catch" stage (single error handler)
• added: AutoRouter (batteries-included Router)
• fixed (TS): Routers types have been modified to allow both rotuer-level generics AND route-level generics in the same instance.
• docs: see Migration guide at https://itty.dev/itty-router/migrations/v4-v5

For changes prior to v5, see the v4 CHANGELOG

Commits

• af492f8 released v5.0.23 - cors should no longer throw immutable headers error in cer...
• 51a7a27 version bump on itty-packager
• See full diff in compare view

Updates pkg-pr-new from 0.0.63 to 0.0.65

Commits

• 772c751 release: v0.0.65
• 3fd239e fix: use the SHA from git rev-parse HEAD when publishing (#470)
• dfb6ff7 release: v0.0.64
• f7f6e23 fix: packageManager option sync template mode (#456)
• 7c17dbd fix: use --quiet for --bun option (#458)
• 1c7fc39 fix: commentWithDev option apply template (#455)
• da5827e feat: fallback to non-compact when a package fails to use compact mode (#450)
• See full diff in compare view

Updates wrangler from 4.68.1 to 4.69.0

Release notes

Sourced from wrangler's releases.

[email protected]

Minor Changes

• #12625 c0e9e08 Thanks @​WillTaylorDev! - Add cache configuration option for enabling worker cache (experimental)

  You can now enable cache before worker execution using the new cache configuration:

  {
  	"cache": {
  		"enabled": true,
  	},
  }

  This setting is environment-inheritable and opt-in. When enabled, cache behavior is applied before your worker runs.

  Note: This feature is experimental. The runtime API is not yet generally available.

Patch Changes

• #12661 99037e3 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260302.0	1.20260303.0

• #12680 295297a Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260303.0	1.20260305.0

• #12671 f765244 Thanks @​MattieTK! - fix: Only redact account names in CI environments, not all non-interactive contexts

  The multi-account selection error in getAccountId now only redacts account names when running in a CI environment (detected via ci-info). Non-interactive terminals such as coding agents and piped commands can now see account names, which they need to identify which account to configure. CI logs remain protected.

• Updated dependencies [99037e3, 295297a]:

  • [email protected]

Commits

• 414799d Version Packages (#12670)
• 295297a chore(deps): bump the workerd-and-workers-types group with 2 updates (#12680)
• 99037e3 chore(deps): bump the workerd-and-workers-types group with 2 updates (#12661)
• f765244 fix: restrict account name redaction to CI environments only (#12671)
• c0e9e08 [wrangler] Add worker cache configuration support (#12625)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	94.38%	740 / 784
🔵	Statements	94.32%	764 / 810
🔵	Functions	91.76%	156 / 170
🔵	Branches	86.71%	444 / 512

File Coverage

No changed files found.

Generated in workflow #675 for commit a9f7633 by the Vitest Coverage Report Action

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/chanfana@332

commit: ff07483

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.