Update docusaurus monorepo to v3.10.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@docusaurus/core (source)	3.9.2 → 3.10.1
@docusaurus/module-type-aliases (source)	3.9.2 → 3.10.1
@docusaurus/plugin-client-redirects (source)	3.9.2 → 3.10.1
@docusaurus/preset-classic (source)	3.9.2 → 3.10.1
@docusaurus/tsconfig (source)	3.9.2 → 3.10.1
@docusaurus/types (source)	3.9.2 → 3.10.1

---

Release Notes

facebook/docusaurus (@​docusaurus/core)

v3.10.1

Compare Source

🐛 Bug Fix

• docusaurus-bundler
  • #​11981 fix(bundler): fix v3 webpackbar bug due to webpack breaking change (@​slorber)

🔧 Maintenance

• docusaurus
  • #​11982 chore: cherry-pick commits for v3.10.1 patch release (@​slorber)

Committers: 1

• Sébastien Lorber (@​slorber)

v3.10.0

Compare Source

🚀 New Feature

• docusaurus-types, docusaurus
  • #​11896 feat(core): add future.v4.mdx1CompatDisabledByDefault flag (@​slorber)
  • #​11797 feat(core): promote siteConfig.storage to stable + add future.v4.siteStorageNamespacing flag [Claude] (@​slorber)
  • #​11571 feat(core): support custom html elements in head tags (@​lebalz)
• create-docusaurus
  • #​11897 feat(create-docusaurus): update init template to .mdx extension and strict MDX syntax (@​slorber)
  • #​11696 feat(create-docusaurus): Newly initialized TS sites should use "strict: true" (@​slorber)
  • #​11611 feat(create-docusaurus): enable creation in current directory (@​Mcheung7272)
• Other
  • #​11874 feat(ci): improve npm supply chain security - improve Dependabot config (@​slorber)
  • #​11712 feat(publish): Use trusted publishing (OIDC) for canary releases (@​slorber)
• create-docusaurus, docusaurus-bundler, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-pwa, docusaurus-types, docusaurus
  • #​11802 feat(core): Docusaurus Faster is stable + v4 future flag turns it on by default (@​slorber)
• docusaurus-mdx-loader, docusaurus-utils, docusaurus
  • #​11777 feat(cli): write-heading-ids CLI now supports the --syntax and --migrate options (@​slorber)
• docusaurus-mdx-loader
  • #​11755 feat(mdx-loader): add support for explicit headingId based on MD/MDX comments (@​slorber)
• docusaurus-theme-live-codeblock, docusaurus-theme-translations
  • #​11675 feat(theme-live-codeblock): reset button + wire position prop (@​NPX2218)
• docusaurus-theme-classic, docusaurus-theme-common
  • #​11734 feat(theme): Split <DocCard>, improve extensibility, better handling of emoji icons, stable classNames (@​slorber)
  • #​11733 feat(theme): Use React context for <Tabs>, allow custom <TabItem> components (@​slorber)
• docusaurus-faster, docusaurus
  • #​11715 feat(bundler): upgrade to Rspack 1.7, remove useless experimental feature flags (@​slorber)
• docusaurus-plugin-content-pages
  • #​11666 feat(pages): add support for Markdown file path links (@​VedantMadane)
• docusaurus-mdx-loader, docusaurus-theme-classic
  • #​11642 feat(mdx-loader): add admonitions directive support for class/id shortcuts (@​lebalz)
• docusaurus-theme-classic
  • #​11635 feat(theme): add MDXComponents/Li to swizzle config (@​moskalakamil)
• docusaurus-theme-search-algolia
  • #​11581 feat(theme-search-algolia): allow overriding transformSearchClient (@​hugohaggmark)
  • #​11541 feat(theme-search-algolia): add support for DocSearch v4.3.2 and new Suggested Questions (@​NatanTechofNY)
• create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-sitemap, docusaurus-types, docusaurus-utils, docusaurus
  • #​11512 feat(core): New siteConfig future.experimental_vcs API + future.experimental_faster.gitEagerVcs flag (@​slorber)

🐛 Bug Fix

• docusaurus
  • #​11844 fix(core): fix url.resolve() Node.js deprecation warning (@​slorber)
  • #​11833 fix(core): upgrade serve handler min version to for upgrade users to a secure version (@​BearAlliance)
  • #​11763 fix(cli): fix write-heading-ids CLI when no files provided (@​slorber)
  • #​11693 fix(core): Remove deprecated experiments.lazyBarrel config for RsPack (@​VedikaGupt)
  • #​11604 fix(core): webpack aliases shouldn't be created for test files and typedefs (@​slorber)
  • #​11603 fix(core): Fix openBrowser AppleScript support for Arc (@​slorber)
  • #​11579 fix(core): in isInternalUrl(), URI protocol scheme detection should implement the spec more strictly (@​slorber)
  • #​11550 fix(core): optimize i18n integration for site builds + improve inference of locale config (@​slorber)
• docusaurus-faster, docusaurus
  • #​11817 fix(faster): upgrade Rspack, fix Yarn PnP support (@​slorber)
• create-docusaurus, docusaurus-logger, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-google-gtag, docusaurus-plugin-pwa, docusaurus
  • #​11843 fix(create-docusaurus): fix support for TypeScript 6.0 + fix our CI (@​slorber)
• docusaurus-utils
  • #​11804 fix(utils): Git Eager VSC should have better DX (@​slorber)
• docusaurus-theme-classic
  • #​11796 fix(theme): restore copy-text-to-clipboard as lazy fallback for non-secure contexts (@​dmoranp)
  • #​11513 fix(a11y): add Space key support for navbar dropdowns (@​TheCyperpunk)
  • #​11565 fix(theme): Change code block line from span to div, fix Firefox text selection/copy bug (@​slorber)
• docusaurus-plugin-content-docs
  • #​11794 fix(content-docs): translate generated-index category titles in pagination links (@​dmoranp)
  • #​11743 fix(content-docs): use category key for generated-index translation lookup (@​4RH1T3CT0R7)
  • #​11616 fix(docs): breadcrumb APIs only return category/docs items, ignoring links (@​Chesars)
• docusaurus-plugin-google-gtag
  • #​11770 fix(create-docusaurus): update @​types/gtag.js to 0.0.20 (@​fresh3nough)
• docusaurus-theme-search-algolia
  • #​11683 fix(algolia): upgrade to DocSearch 4.5 + fix types (@​slorber)
  • #​11560 fix(theme-search-algolia): preserve query strings in useSearchResultUrlProcessor (@​pyrytakala)
• docusaurus-plugin-content-blog
  • #​11736 fix(content-blog): fix wrong path variable in feed XSLT CSS file validation (@​akshatsinha0)
  • #​11577 fix(blog): Fix author paginated page url: /blog/authors/<author>/page/2 (@​slorber)
  • #​11562 chore(blog): refactor blog Content, remove useless blogListPaginated attribute (@​slorber)
  • #​11559 fix(content-blog): filter unlisted posts from author pages (@​pyrytakala)
• docusaurus-theme-classic, docusaurus-theme-common
  • #​11713 fix(a11y): remove useKeyboardNavigation hook (@​nmggithub)
• docusaurus-plugin-ideal-image
  • #​11659 fix(ideal-image): <IdealImage> should forward remaining props to the underlying component (@​tempoz)
• eslint-plugin
  • #​11587 fix(eslint-plugin): specify exact type of no-untranslated-text rule options (@​andreww2012)
• docusaurus-mdx-loader
  • #​11530 fix(mdx-loader): fix url.parse deprecation warning on Node 24+ (@​kou029w)
• docusaurus-bundler, docusaurus-faster, docusaurus-theme-mermaid
  • #​11496 fix(faster): fix server build SWC / browserslist node target (@​slorber)

🏃‍♀️ Performance

• docusaurus-plugin-content-blog
  • #​11707 refactor(content-blog): decouple getTagsFile from generateBlogPosts (@​garry00107)
• create-docusaurus, docusaurus-utils, docusaurus
  • #​11684 refactor(create-docusaurus): remove useless dependencies (docusaurus-utils, execa, fs-extra) + simplify some code (@​slorber)
• create-docusaurus
  • #​11653 refactor(create-docusaurus): replace lodash with native implementation (@​torresgol10)

📝 Documentation

• docusaurus
  • #​11779 chore(website): migrate MDX heading ids to comment syntax + upgrade Crowdin parser version (@​slorber)
• Other
  • #​11784 docs(website): change recommended syntax for math equations (@​slorber)
  • #​11623 docs: Add expose-markdown-docusaurus-plugin resource (@​FlyNumber)

🤖 Dependencies

• Other
  • #​11886 chore(deps): bump react-json-view-lite from 2.3.0 to 2.5.0 (@​dependabot[bot])
  • #​11885 chore(deps): bump postcss from 8.5.4 to 8.5.8 (@​dependabot[bot])
  • #​11888 chore(deps): bump lodash from 4.17.23 to 4.18.1 (@​dependabot[bot])
  • #​11882 chore(deps): bump @​babel/core from 7.28.6 to 7.29.0 (@​dependabot[bot])
  • #​11880 chore(deps): bump fs-extra and @​types/fs-extra (@​dependabot[bot])
  • #​11861 chore(deps): bump preactjs/compressed-size-action from 2.9.0 to 2.9.1 (@​dependabot[bot])
  • #​11851 chore(deps): bump handlebars from 4.7.7 to 4.7.9 (@​dependabot[bot])
  • #​11849 chore(deps): bump convict from 6.2.4 to 6.2.5 (@​dependabot[bot])
  • #​11857 chore(deps): bump node-forge from 1.3.2 to 1.4.0 (@​dependabot[bot])
  • #​11838 chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 (@​dependabot[bot])
  • #​11822 chore(deps): bump flatted from 3.3.1 to 3.4.2 (@​dependabot[bot])
  • #​11810 chore(deps): bump marocchino/sticky-pull-request-comment from 2.9.4 to 3.0.2 (@​dependabot[bot])
  • #​11811 chore(deps): bump treosh/lighthouse-ci-action from 12.6.1 to 12.6.2 (@​dependabot[bot])
  • #​11813 chore(deps): bump socket.io-parser from 4.2.4 to 4.2.6 (@​dependabot[bot])
  • #​11806 chore(deps): bump yauzl from 3.1.3 to 3.2.1 (@​dependabot[bot])
  • #​11789 chore(deps): bump actions/dependency-review-action from 4.8.3 to 4.9.0 (@​dependabot[bot])
  • #​11790 chore(deps): bump actions/setup-node from 6.2.0 to 6.3.0 (@​dependabot[bot])
  • #​11776 chore(deps): bump dompurify from 3.2.5 to 3.3.2 (@​dependabot[bot])
  • #​11768 chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (@​dependabot[bot])
  • #​11774 chore(deps): bump svgo from 3.2.0 to 3.3.3 (@​dependabot[bot])
  • #​11762 chore(deps): bump rollup from 2.79.2 to 2.80.0 (@​dependabot[bot])
  • #​11756 chore(deps): bump actions/dependency-review-action from 4.8.2 to 4.8.3 (@​dependabot[bot])
  • #​11692 chore(deps): bump actions/checkout from 6.0.1 to 6.0.2 (@​dependabot[bot])
  • #​11679 chore(deps): bump lodash from 4.17.21 to 4.17.23 (@​dependabot[bot])
  • #​11674 chore(deps): bump actions/setup-node from 6.1.0 to 6.2.0 (@​dependabot[bot])
  • #​11625 chore(deps): bump preactjs/compressed-size-action from 2.8.0 to 2.9.0 - pin all remaining GitHub actions (@​dependabot[bot])
  • #​11608 chore(deps): bump actions/setup-node from 6.0.0 to 6.1.0 (@​dependabot[bot])
  • #​11609 chore(deps): bump actions/checkout from 6.0.0 to 6.0.1 (@​dependabot[bot])
  • #​11589 chore(deps): bump mdast-util-to-hast from 13.2.0 to 13.2.1 (@​dependabot[bot])
  • #​11574 chore(deps): bump node-forge from 1.3.1 to 1.3.2 (@​dependabot[bot])
  • #​11557 chore(deps): bump actions/dependency-review-action from 4.8.1 to 4.8.2 (@​dependabot[bot])
  • #​11569 chore(deps): bump actions/checkout from 5.0.0 to 6.0.0 (@​dependabot[bot])
  • #​11551 chore(deps): bump js-yaml from 4.1.0 to 4.1.1 (@​dependabot[bot])
  • #​11514 chore(deps): bump actions/upload-artifact from 4 to 5 (@​dependabot[bot])
  • #​11515 chore(deps): bump github/codeql-action from 4.30.9 to 4.31.0 (@​dependabot[bot])
  • #​11504 chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 (@​dependabot[bot])
  • #​11503 chore(deps): bump actions/setup-node from 5.0.0 to 6.0.0 (@​dependabot[bot])
• docusaurus-bundler, docusaurus-mdx-loader
  • #​11717 chore(deps): bump webpack from 5.95.0 to 5.104.1 (@​dependabot[bot])

🔧 Maintenance

• Other
  • #​11846 chore(website): disable mdx1Compat.comments on our site (@​slorber)
  • #​11845 chore(website): Upgrade to Algolia v4.6 (@​slorber)
  • #​11795 chore(ci): canary/trusted publishing shouldn't use any caching (@​slorber)
  • #​11753 chore: Add basic AGENTS.md (@​slorber)
  • #​11639 test(jest): simplify Jest snapshotPathNormalizer.ts (@​slorber)
  • #​11626 chore(website): upgrade to DocSearch 4.4.0 + fix little website theming issues (@​slorber)
  • #​11553 chore(ci): upgrade Netlify to Node 24 (LTS) + add git backfill command (@​slorber)
• create-docusaurus, docusaurus-babel, docusaurus-bundler, docusaurus-cssnano-preset, docusaurus-faster, docusaurus-logger, docusaurus-mdx-loader, docusaurus-module-type-aliases, docusaurus-plugin-client-redirects, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-css-cascade-layers, docusaurus-plugin-debug, docusaurus-plugin-google-analytics, docusaurus-plugin-google-gtag, docusaurus-plugin-google-tag-manager, docusaurus-plugin-ideal-image, docusaurus-plugin-pwa, docusaurus-plugin-rsdoctor, docusaurus-plugin-sitemap, docusaurus-plugin-svgr, docusaurus-plugin-vercel-analytics, docusaurus-preset-classic, docusaurus-remark-plugin-npm2yarn, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-live-codeblock, docusaurus-theme-mermaid, docusaurus-theme-search-algolia, docusaurus-theme-translations, docusaurus-tsconfig, docusaurus-types, docusaurus-utils-common, docusaurus-utils-validation, docusaurus-utils, docusaurus, eslint-plugin, lqip-loader, stylelint-copyright
  • #​11823 chore(ci): fixes for the npm trusted publishing workflow (@​slorber)
  • #​11819 chore(ci): add Trusted Publishing release workflow through dispatch action (@​slorber)
• docusaurus-plugin-content-docs, docusaurus-plugin-ideal-image, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-theme-mermaid, docusaurus-utils, docusaurus
  • #​11698 chore(monorepo): upgrade React packages to v19 (@​slorber)
• docusaurus-cssnano-preset, docusaurus-logger, docusaurus-mdx-loader, docusaurus-plugin-client-redirects, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-plugin-ideal-image, docusaurus-remark-plugin-npm2yarn, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-utils-validation, docusaurus-utils, docusaurus
  • #​11702 chore(monorepo): upgrade to Jest 30 (@​slorber)
• docusaurus-theme-classic, docusaurus-theme-common, docusaurus
  • #​11697 chore(monorepo): upgrade React monorepo types to v19 (@​slorber)
• docusaurus-babel
  • #​11586 chore(deps): remove unused @​babel/runtime-corejs3 dependency (@​JustinBeckwith)
• docusaurus-plugin-content-blog
  • #​11564 test(blog): Add basic tests for blog routes. (@​slorber)

🌐 Translations

• docusaurus-theme-translations
  • #​11632 feat(i18n): add Urdu (ur) default theme translations (@​hammadurrehman2006)
  • #​11533 fix(translations): complete theme translations for Algolia pt-br (@​luicfrr)

Committers: 41

• Akshat Sinha (@​akshatsinha0)
• Aleksandar Zgonjan (@​acosoft)
• Andrew Kazakov (@​andreww2012)
• Anukool Pandey (@​ANUKOOL324)
• Artem Lytkin (@​4RH1T3CT0R7)
• Balthasar Hofer (@​lebalz)
• Bhoomi Sharma (@​Bhoomi070)
• Cesar Garcia (@​Chesars)
• Denny Morán (@​dmoranp)
• Dmitriy Rotaenko (@​dmitriyrotaenko)
• Eoin Shaughnessy (@​EoinTrial)
• Gaurav Sulsule (@​garry00107)
• Gnana Eswar Gunturu (@​GnanaEswarGunturu)
• Hugo Häggmark (@​hugohaggmark)
• Ivan Torres (@​torresgol10)
• Justin Beckwith (@​JustinBeckwith)
• Kamil Moskała (@​moskalakamil)
• Kohei Watanabe (@​kou029w)
• Kuldeep Prasad Mishra (@​kmish9685)
• Kunwardeep Singh (@​work109677-sudo)
• Luiz Carlos (@​luicfrr)
• Matthew Cheung (@​Mcheung7272)
• Max Clayton Clowes (@​mcclowes)
• Misrilal (@​Misrilal-Sah)
• Muhammad Hammad ur Rehman (@​hammadurrehman2006)
• Nader Jaber (@​FlyNumber)
• Natan Yagudayev (@​NatanTechofNY)
• Neel Bansal (@​NPX2218)
• Nick Cacace (@​BearAlliance)
• Noah Gregory (@​nmggithub)
• Poetry Of Code (@​poetryofcode)
• Pyry Takala (@​pyrytakala)
• Salman Chishti (@​salmanmkc)
• Sreehari Upas (@​SreehariU)
• Sébastien Lorber (@​slorber)
• Vedant Madane (@​VedantMadane)
• Vedika Gupta (@​VedikaGupt)
• Zoey Greer (@​tempoz)
• @​TheCyperpunk
• @​snikkrs
• fre$h (@​fresh3nough

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[doubleword-code]

Summary

This PR updates the Docusaurus dependency lock files from v3.8.1 to v3.10.1. While this is primarily a dependency update managed by Renovate, there are several important considerations that need to be addressed before merging.

Verdict: Needs Changes - The Node.js engine requirement mismatch is blocking.

Research notes

• Docusaurus 3.9 Release Notes: Docusaurus 3.9+ dropped support for Node.js 18, requiring Node.js >=20.0. This is documented as a non-breaking change since Node 18 reached End-of-Life.
• Docusaurus 3.10 Release Notes: This is the last v3.x release, focused on v4 preparation with future flags. Key changes include stricter MDX syntax recommendations, storage API changes, and VCS API improvements.
• npm Security Best Practices: The Docusaurus team recommends using release cooldowns and security scanning for supply chain protection.

Suggested next steps

1. Blocking: Update package.json engines field to require node: ">=20.0" to match Docusaurus 3.10's actual requirements
2. Non-blocking: Consider updating admonition syntax in MDX files from :::tip Title to :::tip[Title] for better MDX v3 compatibility
3. Non-blocking: Verify the CI/CD pipeline runs on Node.js 20+ before merging

General findings

Lock File Pattern

This PR updates only lock files without changing package.json version constraints. The package.json specifies ^3.9.2 which correctly resolves to 3.10.1 per semver. However, consider whether you want to:

• Update package.json to explicitly target ^3.10.1 for clarity
• Or keep the current pattern where Renovate manages lock file updates independently

Future Flags Configuration

The docusaurus.config.ts already has future.v4: true enabled, which opts into all v4 breaking changes early. This is good for forward compatibility, but be aware that v3.10 introduces several v4 future flags:

• future.v4.siteStorageNamespacing: May reset localStorage keys
• future.v4.fasterByDefault: Enables Docusaurus Faster (Rspack-based build)
• future.v4.mdx1CompatDisabledByDefault: Stricter MDX parsing

MDX Syntax Compatibility

The codebase uses the legacy admonition syntax (:::tip Title) which currently works but will require migration before v4. No HTML comments (<!-- -->) or legacy heading IDs ({#id}) were found, which is good.

General findings (auto-demoted from inline due to pre-validation)

• Blocking package.json:49 — Node.js version requirement mismatch.
  • (demoted: path "package.json" is not in the PR diff)
• Non-blocking docs/3-inference-stack/index.mdx:22 — Legacy admonition syntax detected.
  • (demoted: path "docs/3-inference-stack/index.mdx" is not in the PR diff)
• Non-blocking docs/3-inference-stack/2-usage/2-ingress.mdx:42 — Multiple instances of legacy admonition syntax in this file.
  • (demoted: path "docs/3-inference-stack/2-usage/2-ingress.mdx" is not in the PR diff)
• Nit docusaurus.config.ts:12 — Good to see future.v4: true already enabled.
  • (demoted: path "docusaurus.config.ts" is not in the PR diff)

[doubleword-code]

Summary

This PR upgrades Docusaurus from 3.9.2 to 3.10.1 (the final v3.x release) along with all transitive dependencies. The upgrade itself is straightforward, but there's a critical compatibility issue with the future.v4: true flag that will likely cause build failures.

Verdict: Needs changes before merge - The configuration enables v4 future flags, but the content uses deprecated MDX v1 syntax that will break with strict MDX parsing.

Research notes

• Docusaurus 3.10 Release Notes: This is the last v3.x release, designed to help teams prepare for v4
• Docusaurus 3.10.1 Patch: Fixes webpackbar bug from webpack breaking change
• Key changes in 3.10:
  • future.v4: true enables all v4 preparation flags including future.v4.mdx1CompatDisabledByDefault
  • MDX v3 doesn't support HTML comments <!-- -->, only JSX comments {/* */}
  • .md files should be CommonMark, .mdx files should be MDX
  • Blog truncation should use {/* truncate */} not <!-- truncate -->

Suggested next steps

1. Blocking: Either remove future.v4: true flag OR migrate all MDX content to strict syntax:

   • Rename .md files containing MDX (JSX elements, comments) to .mdx
   • Replace <!-- truncate --> with {/* truncate */} in all blog posts (15 files affected)

2. Recommended: Consider enabling future flags individually instead of all at once to better control the migration path

3. Test the build locally with yarn build or npm run build after making changes

General findings

Dependency Upgrade Scope

The upgrade affects:

• Docusaurus core packages: 3.9.2 → 3.10.1
• Algolia client libraries: 5.42.0 → 5.52.1 (multiple packages)
• Babel packages: Various updates to 7.29.x
• Security fixes: Multiple packages updated including send, serve-handler, selfsigned (security improvements noted in release notes)
• React 19 support: Already using React 19, compatible with Docusaurus 3.10

Positive aspects

• Lock files are properly updated for both npm and yarn
• No breaking API changes for the features currently in use
• Security improvements in transitive dependencies
• The site doesn't use problematic features like custom heading IDs or admonitions that would also need migration

General findings (auto-demoted from inline due to pre-validation)

• Blocking docusaurus.config.ts:12 — Enabling future.v4: true activates future.v4.mdx1CompatDisabledByDefault, which disables MDX v1 compatibility mode. However, your content uses MDX v1 syntax that will break.
  • (demoted: path "docusaurus.config.ts" is not in the PR diff)

[doubleword-code]

Summary

This PR updates the Docusaurus monorepo from v3.8.1 to v3.10.1 via Renovate. The update is primarily a dependency bump affecting package-lock.json and yarn.lock - no source code changes are included.

Verdict: Approved with Non-blocking observations - This is a routine dependency update that includes important security fixes, but there are a few items worth noting for the team's awareness.

Research notes

Fetched the official Docusaurus release notes:

• v3.10.1 (2026-04-30): Bug fix for webpackbar due to webpack breaking change (#11981)
• v3.10.0 (2026-04-07): Minor release with new features including MDX 1 compatibility flag, custom HTML elements in head tags, Rspack 1.7 upgrade, and various bug fixes
• v3.9.2 (2025-10-17): Bug fixes including CSS counter minification, Algolia AskAI validation, and theme translation improvements

Key transitive dependency security updates observed in the diff:

• qs: 6.13.0 → 6.15.2 (Express.js query string parser - addresses prototype pollution vulnerabilities)
• path-to-regexp: 0.1.12 → 0.1.13 (Express path matching - ReDoS vulnerability fix)
• selfsigned: 2.4.1 → 5.5.0 (Major version jump, now uses @peculiar/x509 and pkijs instead of node-forge)
• send: 0.19.0 → 0.19.2 (Static asset serving - security hardening)
• serve-static: 1.16.2 → 1.16.3 (Static file serving)
• raw-body: 2.5.2 → 2.5.3 (HTTP request body parsing)
• express: implicitly updated through lockfile refresh

Suggested next steps

1. Test the build locally - Run yarn build to ensure the Docusaurus build completes successfully with v3.10.1
2. Verify the webpackbar fix - Since v3.10.1 specifically addresses a webpack breaking change, confirm dev server (yarn start) works without errors
3. Check for visual regressions - The minor version bump (3.10.0) includes theme changes that could affect styling

General findings

No blocking issues identified. The dependency updates appear to be standard semver-compatible upgrades with security patches included.

[doubleword-code]

Summary

This PR updates the Docusaurus monorepo from v3.9.2 to v3.10.1 via Renovate. The update includes:

• Docusaurus 3.10.0: Minor release with new features (MDX improvements, theme enhancements, Rspack upgrades, accessibility fixes)
• Docusaurus 3.10.1: Patch release fixing a webpackbar bug caused by a webpack breaking change

The package.json correctly uses ^3.9.2 semver range which allows the 3.10.x update. Only lock files (package-lock.json, yarn.lock) are modified.

Verdict: Ready to approve - this is a routine dependency update with no breaking changes for end users.

Research notes

• Docusaurus 3.10.1 release notes - Single bug fix for webpackbar in v3
• Docusaurus 3.10.0 release notes - Feature release with MDX improvements, theme enhancements, accessibility fixes, and Rspack 1.7 upgrade
• Notable transitive dependency updates include security-relevant packages (qs 6.13.0→6.15.2, path-to-regexp 0.1.12→0.1.13, selfsigned 2.x→5.x)

Suggested next steps

1. Approve and merge - This is a safe, routine update
2. After merging, verify the docs site builds correctly and run any visual regression tests if available

General findings

No issues found. This is a well-scoped Renovate PR that only updates lock files to match the allowed semver range in package.json. The transitive dependency updates appear to be standard maintenance updates including security patches.