chore: bump Playwright dev dependency to version 1.56.0

Signed-off-by: Xe Iaso <me@xeiaso.net>

.devcontainer/docker-compose.yaml

@@ -1,12 +1,12 @@
 services:
   playwright:
-    image: mcr.microsoft.com/playwright:v1.52.0-noble
+    image: mcr.microsoft.com/playwright:v1.56.0-noble
     init: true
     network_mode: service:workspace
     command:
       - /bin/sh
       - -c
-      - npx -y playwright@1.52.0 run-server --port 9001 --host 0.0.0.0
+      - npx -y playwright@1.56.0 run-server --port 9001 --host 0.0.0.0
 
   valkey:
     image: valkey/valkey:8

.github/actions/spelling/allow.txt

@@ -8,3 +8,4 @@ msgbox
 xeact
 ABee
 tencent
+maintnotifications

.github/workflows/asset-verification.yml

@@ -22,11 +22,11 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: latest
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: stable
 

.github/workflows/docker-pr.yml

@@ -26,11 +26,11 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: latest
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: stable
 
@@ -38,7 +38,7 @@ jobs:
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         with:
           images: ghcr.io/${{ github.repository }}
 

.github/workflows/docker.yml

@@ -36,11 +36,11 @@ jobs:
         run: |
           echo "IMAGE=ghcr.io/${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: latest
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: stable
 
@@ -55,7 +55,7 @@ jobs:
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         with:
           images: ${{ env.IMAGE }}
 

.github/workflows/docs-deploy.yml

@@ -33,7 +33,7 @@ jobs:
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         with:
           images: ghcr.io/techarohq/anubis/docs
           tags: |

.github/workflows/docs-test.yml

@@ -22,7 +22,7 @@ jobs:
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         with:
           images: ghcr.io/techarohq/anubis/docs
           tags: |

.github/workflows/go.yml

@@ -24,11 +24,11 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: latest
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: stable
 
@@ -38,7 +38,7 @@ jobs:
         with:
           path: |
             ~/.cache/ms-playwright
-          key: ${{ runner.os }}-playwright-${{ hashFiles('**/go.sum') }}
+          key: ${{ runner.os }}-playwright-1.56.0
 
       - name: install node deps
         run: |
@@ -46,8 +46,8 @@ jobs:
 
       - name: install playwright browsers
         run: |
-          npx --no-install playwright@1.52.0 install --with-deps
+          npx playwright@1.56.0 install --with-deps
-          npx --no-install playwright@1.52.0 run-server --port 9001 &
+          npx playwright@1.56.0 run-server --port 9001 &
 
       - name: Build
         run: npm run build

.github/workflows/package-builds-stable.yml

@@ -25,11 +25,11 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: latest
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: stable
 

.github/workflows/package-builds-unstable.yml

@@ -26,11 +26,11 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
         with:
           node-version: latest
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
           go-version: stable
 

data/clients/docker-client.yaml

@@ -51,3 +51,10 @@
     all:
       - path.startsWith("/v2/")
       - userAgent.contains("containerd/")
+
+- name: allow-renovate
+  action: ALLOW
+  expression:
+    all:
+      - path.startsWith("/v2/")
+      - userAgent.contains("Renovate/")

docs/Dockerfile

@@ -1,4 +1,4 @@
-FROM docker.io/library/node AS build
+FROM docker.io/library/node:lts AS build
 
 WORKDIR /app
 COPY . .

docs/docs/CHANGELOG.md

@@ -13,9 +13,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- This changes the project to: -->
 
+- Expose WEIGHT rule matches as Prometheus metrics.
 - Allow more OCI registry clients [based on feedback](https://github.com/TecharoHQ/anubis/pull/1253#issuecomment-3506744184).
 - Expose services directory in the embedded `(data)` filesystem.
-- Add Ukrainian locale ([#1044](https://github.com/TecharoHQ/anubis/pull/1044))
+- Add Ukrainian locale ([#1044](https://github.com/TecharoHQ/anubis/pull/1044)).
+- Allow Renovate as an OCI registry client.
+- Properly handle 4in6 addresses so that IP matching works with those addresses.
+- Add support to simple Valkey/Redis cluster mode
+- Bump the Playwright dev dependency to 1.56.0
 
 ## v1.23.1: Lyse Hext - Echo 1
 

internal/test/playwright_test.go

@@ -99,7 +99,7 @@ const (
 	actionChallenge action = "CHALLENGE"
 
 	placeholderIP     = "fd11:5ee:bad:c0de::"
-	playwrightVersion = "1.52.0"
+	playwrightVersion = "1.56.0"
 )
 
 type action string

lib/anubis.go

@@ -576,6 +576,7 @@ func (s *Server) check(r *http.Request, lg *slog.Logger) (policy.CheckResult, *p
 				return cr("bot/"+b.Name, b.Action, weight), &b, nil
 			case config.RuleWeigh:
 				lg.Debug("adjusting weight", "name", b.Name, "delta", b.Weight.Adjust)
+				policy.Applications.WithLabelValues("bot/"+b.Name, "WEIGH").Add(1)
 				weight += b.Weight.Adjust
 			}
 		}

lib/http_test.go

@@ -173,148 +173,6 @@ func TestRenderIndexRedirect(t *testing.T) {
 	}
 }
 
-func TestClearCookieHostParameterHonorsDynamicDomain(t *testing.T) {
-	// Test that Host parameter is only used when CookieDynamicDomain is enabled
-	testCases := []struct {
-		name                   string
-		options                Options
-		host                   string
-		expectedDomain         string
-		shouldHaveDomainField  bool
-	}{
-		{
-			name:                   "dynamic domain disabled",
-			options:                Options{CookieDynamicDomain: false},
-			host:                   "subdomain.example.com",
-			expectedDomain:         "",
-			shouldHaveDomainField:  false,
-		},
-		{
-			name:                   "dynamic domain enabled with valid host",
-			options:                Options{CookieDynamicDomain: true},
-			host:                   "subdomain.example.com",
-			expectedDomain:         "example.com",
-			shouldHaveDomainField:  true,
-		},
-		{
-			name:                   "dynamic domain enabled with invalid host",
-			options:                Options{CookieDynamicDomain: true},
-			host:                   "invalid-host",
-			expectedDomain:         "",
-			shouldHaveDomainField:  false,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			srv := spawnAnubis(t, tc.options)
-			rw := httptest.NewRecorder()
-
-			// Test ClearCookie with Host parameter
-			srv.ClearCookie(rw, CookieOpts{Path: "/", Host: tc.host})
-
-			resp := rw.Result()
-			cookies := resp.Cookies()
-
-			if len(cookies) != 1 {
-				t.Errorf("wanted 1 cookie, got %d cookies", len(cookies))
-			}
-
-			ckie := cookies[0]
-
-			if ckie.Name != anubis.CookieName {
-				t.Errorf("wanted cookie named %q, got cookie named %q", anubis.CookieName, ckie.Name)
-			}
-
-			if ckie.MaxAge != -1 {
-				t.Errorf("wanted cookie max age of -1, got: %d", ckie.MaxAge)
-			}
-
-			// Verify domain handling based on CookieDynamicDomain setting
-			if tc.shouldHaveDomainField {
-				if ckie.Domain != tc.expectedDomain {
-					t.Errorf("wanted cookie domain %q, got cookie domain %q", tc.expectedDomain, ckie.Domain)
-				}
-			} else {
-				if ckie.Domain != tc.expectedDomain {
-					t.Errorf("wanted cookie domain %q, got cookie domain %q", tc.expectedDomain, ckie.Domain)
-				}
-			}
-		})
-	}
-}
-
-func TestSetCookieHostParameterHonorsDynamicDomain(t *testing.T) {
-	// Test that SetCookie Host parameter is only used when CookieDynamicDomain is enabled
-	testCases := []struct {
-		name                   string
-		options                Options
-		host                   string
-		expectedDomain         string
-		shouldHaveDomainField  bool
-	}{
-		{
-			name:                   "dynamic domain disabled",
-			options:                Options{CookieDynamicDomain: false},
-			host:                   "subdomain.example.com",
-			expectedDomain:         "",
-			shouldHaveDomainField:  false,
-		},
-		{
-			name:                   "dynamic domain enabled with valid host",
-			options:                Options{CookieDynamicDomain: true},
-			host:                   "subdomain.example.com",
-			expectedDomain:         "example.com",
-			shouldHaveDomainField:  true,
-		},
-		{
-			name:                   "dynamic domain enabled with invalid host",
-			options:                Options{CookieDynamicDomain: true},
-			host:                   "invalid-host",
-			expectedDomain:         "",
-			shouldHaveDomainField:  false,
-		},
-	}
-
-	for _, tc := range testCases {
-		t.Run(tc.name, func(t *testing.T) {
-			srv := spawnAnubis(t, tc.options)
-			rw := httptest.NewRecorder()
-
-			// Test SetCookie with Host parameter
-			srv.SetCookie(rw, CookieOpts{Path: "/", Host: tc.host, Value: "test-value"})
-
-			resp := rw.Result()
-			cookies := resp.Cookies()
-
-			if len(cookies) != 1 {
-				t.Errorf("wanted 1 cookie, got %d cookies", len(cookies))
-			}
-
-			ckie := cookies[0]
-
-			if ckie.Name != anubis.CookieName {
-				t.Errorf("wanted cookie named %q, got cookie named %q", anubis.CookieName, ckie.Name)
-			}
-
-			if ckie.Value != "test-value" {
-				t.Errorf("wanted cookie value %q, got cookie value %q", "test-value", ckie.Value)
-			}
-
-			// Verify domain handling based on CookieDynamicDomain setting
-			if tc.shouldHaveDomainField {
-				if ckie.Domain != tc.expectedDomain {
-					t.Errorf("wanted cookie domain %q, got cookie domain %q", tc.expectedDomain, ckie.Domain)
-				}
-			} else {
-				if ckie.Domain != tc.expectedDomain {
-					t.Errorf("wanted cookie domain %q, got cookie domain %q", tc.expectedDomain, ckie.Domain)
-				}
-			}
-		})
-	}
-}
-
 func TestRenderIndexUnauthorized(t *testing.T) {
 	s := &Server{
 		opts: Options{

lib/policy/checker.go

@@ -51,6 +51,11 @@ func (rac *RemoteAddrChecker) Check(r *http.Request) (bool, error) {
 		return false, fmt.Errorf("%w: %s is not an IP address: %w", ErrMisconfiguration, host, err)
 	}
 
+	// Convert IPv4-mapped IPv6 addresses to IPv4
+	if addr.Is6() && addr.Is4In6() {
+		addr = addr.Unmap()
+	}
+
 	return rac.prefixTable.Contains(addr), nil
 }
 

lib/policy/checker_test.go

@@ -21,6 +21,20 @@ func TestRemoteAddrChecker(t *testing.T) {
 			ok:    true,
 			err:   nil,
 		},
+		{
+			name:  "match_ipv4_in_ipv6",
+			cidrs: []string{"0.0.0.0/0"},
+			ip:    "::ffff:1.1.1.1",
+			ok:    true,
+			err:   nil,
+		},
+		{
+			name:  "match_ipv4_in_ipv6_hex",
+			cidrs: []string{"0.0.0.0/0"},
+			ip:    "::ffff:101:101",
+			ok:    true,
+			err:   nil,
+		},
 		{
 			name:  "match_ipv6",
 			cidrs: []string{"::/0"},

lib/store/valkey/factory.go

@@ -5,80 +5,98 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"time"
 
 	"github.com/TecharoHQ/anubis/lib/store"
 	valkey "github.com/redis/go-redis/v9"
-)
+	"github.com/redis/go-redis/v9/maintnotifications"
-
-var (
-	ErrNoURL  = errors.New("valkey.Config: no URL defined")
-	ErrBadURL = errors.New("valkey.Config: URL is invalid")
 )
 
 func init() {
 	store.Register("valkey", Factory{})
 }
 
-type Factory struct{}
+// Errors kept as-is so other code/tests still pass.
-
+var (
-func (Factory) Build(ctx context.Context, data json.RawMessage) (store.Interface, error) {
+	ErrNoURL  = errors.New("valkey.Config: no URL defined")
-	var config Config
+	ErrBadURL = errors.New("valkey.Config: URL is invalid")
-
+)
-	if err := json.Unmarshal([]byte(data), &config); err != nil {
-		return nil, fmt.Errorf("%w: %w", store.ErrBadConfig, err)
-	}
-
-	if err := config.Valid(); err != nil {
-		return nil, fmt.Errorf("%w: %w", store.ErrBadConfig, err)
-	}
-
-	opts, err := valkey.ParseURL(config.URL)
-	if err != nil {
-		return nil, fmt.Errorf("%w: %w", store.ErrBadConfig, err)
-	}
-
-	rdb := valkey.NewClient(opts)
-
-	if _, err := rdb.Ping(ctx).Result(); err != nil {
-		return nil, fmt.Errorf("can't ping valkey instance: %w", err)
-	}
-
-	return &Store{
-		rdb: rdb,
-	}, nil
-}
-
-func (Factory) Valid(data json.RawMessage) error {
-	var config Config
-	if err := json.Unmarshal([]byte(data), &config); err != nil {
-		return fmt.Errorf("%w: %w", store.ErrBadConfig, err)
-	}
-
-	if err := config.Valid(); err != nil {
-		return fmt.Errorf("%w: %w", store.ErrBadConfig, err)
-	}
-
-	return nil
-}
 
+// Config is what Anubis unmarshals from the "parameters" JSON.
 type Config struct {
-	URL string `json:"url"`
+	URL     string `json:"url"`
+	Cluster bool   `json:"cluster,omitempty"`
 }
 
 func (c Config) Valid() error {
-	var errs []error
-
 	if c.URL == "" {
-		errs = append(errs, ErrNoURL)
+		return ErrNoURL
 	}
 
+	// Just validate that it's a valid Redis URL.
 	if _, err := valkey.ParseURL(c.URL); err != nil {
-		errs = append(errs, ErrBadURL)
+		return fmt.Errorf("%w: %v", ErrBadURL, err)
-	}
-
-	if len(errs) != 0 {
-		return fmt.Errorf("valkey.Config: invalid config: %w", errors.Join(errs...))
 	}
 
 	return nil
 }
+
+// redisClient is satisfied by *valkey.Client and *valkey.ClusterClient.
+type redisClient interface {
+	Get(ctx context.Context, key string) *valkey.StringCmd
+	Set(ctx context.Context, key string, value interface{}, expiration time.Duration) *valkey.StatusCmd
+	Del(ctx context.Context, keys ...string) *valkey.IntCmd
+	Ping(ctx context.Context) *valkey.StatusCmd
+}
+
+type Factory struct{}
+
+func (Factory) Valid(data json.RawMessage) error {
+	var cfg Config
+	if err := json.Unmarshal(data, &cfg); err != nil {
+		return err
+	}
+	return cfg.Valid()
+}
+
+func (Factory) Build(ctx context.Context, data json.RawMessage) (store.Interface, error) {
+	var cfg Config
+	if err := json.Unmarshal(data, &cfg); err != nil {
+		return nil, err
+	}
+	if err := cfg.Valid(); err != nil {
+		return nil, err
+	}
+
+	opts, err := valkey.ParseURL(cfg.URL)
+	if err != nil {
+		return nil, fmt.Errorf("valkey.Factory: %w", err)
+	}
+
+	var client redisClient
+
+	if cfg.Cluster {
+		// Cluster mode: use the parsed Addr as the seed node.
+		clusterOpts := &valkey.ClusterOptions{
+			Addrs: []string{opts.Addr},
+			// Explicitly disable maintenance notifications
+			// This prevents the client from sending CLIENT MAINT_NOTIFICATIONS ON
+			MaintNotificationsConfig: &maintnotifications.Config{
+				Mode: maintnotifications.ModeDisabled,
+			},
+		}
+		client = valkey.NewClusterClient(clusterOpts)
+	} else {
+		opts.MaintNotificationsConfig = &maintnotifications.Config{
+			Mode: maintnotifications.ModeDisabled,
+		}
+		client = valkey.NewClient(opts)
+	}
+
+	// Optional but nice: fail fast if the cluster/single node is unreachable.
+	if err := client.Ping(ctx).Err(); err != nil {
+		return nil, fmt.Errorf("valkey.Factory: ping failed: %w", err)
+	}
+
+	return &Store{client: client}, nil
+}

lib/store/valkey/valkey.go

@@ -2,52 +2,46 @@ package valkey
 
 import (
 	"context"
-	"fmt"
 	"time"
 
 	"github.com/TecharoHQ/anubis/lib/store"
 	valkey "github.com/redis/go-redis/v9"
 )
 
+// Store implements store.Interface on top of Redis/Valkey.
 type Store struct {
-	rdb *valkey.Client
+	client redisClient
 }
 
-func (s *Store) Delete(ctx context.Context, key string) error {
+var _ store.Interface = (*Store)(nil)
-	n, err := s.rdb.Del(ctx, key).Result()
-	if err != nil {
-		return fmt.Errorf("can't delete from valkey: %w", err)
-	}
-
-	switch n {
-	case 0:
-		return fmt.Errorf("%w: %d key(s) deleted", store.ErrNotFound, n)
-	default:
-		return nil
-	}
-}
 
 func (s *Store) Get(ctx context.Context, key string) ([]byte, error) {
-	result, err := s.rdb.Get(ctx, key).Result()
+	cmd := s.client.Get(ctx, key)
-	if err != nil {
+	if err := cmd.Err(); err != nil {
-		if valkey.HasErrorPrefix(err, "redis: nil") {
+		if err == valkey.Nil {
-			return nil, fmt.Errorf("%w: %w", store.ErrNotFound, err)
+			return nil, store.ErrNotFound
 		}
-
+		return nil, err
-		return nil, fmt.Errorf("can't fetch from valkey: %w", err)
 	}
-
+	return cmd.Bytes()
-	return []byte(result), nil
 }
 
 func (s *Store) Set(ctx context.Context, key string, value []byte, expiry time.Duration) error {
-	if _, err := s.rdb.Set(ctx, key, string(value), expiry).Result(); err != nil {
+	return s.client.Set(ctx, key, value, expiry).Err()
-		return fmt.Errorf("can't set %q in valkey: %w", key, err)
+}
-	}
 
+func (s *Store) Delete(ctx context.Context, key string) error {
+	res := s.client.Del(ctx, key)
+	if err := res.Err(); err != nil {
+		return err
+	}
+	if n, _ := res.Result(); n == 0 {
+		return store.ErrNotFound
+	}
 	return nil
 }
 
+// IsPersistent tells Anubis this backend is “real” storage, not in-memory.
 func (s *Store) IsPersistent() bool {
 	return true
 }

package-lock.json

@@ -16,7 +16,7 @@
         "cssnano": "^7.1.2",
         "cssnano-preset-advanced": "^7.0.10",
         "esbuild": "^0.25.12",
-        "playwright": "^1.52.0",
+        "playwright": "^1.56.0",
         "postcss-cli": "^11.0.1",
         "postcss-import": "^16.1.1",
         "postcss-import-url": "^7.2.0",
@@ -1603,13 +1603,13 @@
       }
     },
     "node_modules/playwright": {
-      "version": "1.52.0",
+      "version": "1.56.1",
-      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.52.0.tgz",
+      "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.56.1.tgz",
-      "integrity": "sha512-JAwMNMBlxJ2oD1kce4KPtMkDeKGHQstdpFPcPH3maElAXon/QZeTvtsfXmTMRyO9TslfoYOXkSsvao2nE1ilTw==",
+      "integrity": "sha512-aFi5B0WovBHTEvpM3DzXTUaeN6eN0qWnTkKx4NQaH4Wvcmc153PdaY2UBdSYKaGYw+UyWXSVyxDUg5DoPEttjw==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
-        "playwright-core": "1.52.0"
+        "playwright-core": "1.56.1"
       },
       "bin": {
         "playwright": "cli.js"
@@ -1622,9 +1622,9 @@
       }
     },
     "node_modules/playwright-core": {
-      "version": "1.52.0",
+      "version": "1.56.1",
-      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.52.0.tgz",
+      "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.56.1.tgz",
-      "integrity": "sha512-l2osTgLXSMeuLZOML9qYODUQoPPnUsKsb5/P6LJ2e6uPKXUdPK5WYhN4z03G+YNbWmGDY4YENauNu4ZKczreHg==",
+      "integrity": "sha512-hutraynyn31F+Bifme+Ps9Vq59hKuUCz7H1kDOcBs+2oGguKkWTU50bBWrtz34OUWmIwpBTWDxaRPXrIXkgvmQ==",
       "dev": true,
       "license": "Apache-2.0",
       "bin": {

package.json

@@ -21,7 +21,7 @@
     "cssnano": "^7.1.2",
     "cssnano-preset-advanced": "^7.0.10",
     "esbuild": "^0.25.12",
-    "playwright": "^1.52.0",
+    "playwright": "^1.56.0",
     "postcss-cli": "^11.0.1",
     "postcss-import": "^16.1.1",
     "postcss-import-url": "^7.2.0",
@@ -31,4 +31,4 @@
     "@aws-crypto/sha256-js": "^5.2.0",
     "preact": "^10.27.2"
   }
-}
+}