⬆️(deps): Bump pako from 2.2.0 to 3.0.0

[dependabot]

Bumps pako from 2.2.0 to 3.0.0.

Changelog

Sourced from pako's changelog.

[3.0.0] - 2026-06-26

Added

• Generated type definitions.
• Low-level zlib API exports.
• .onStart() hooks for advanced stream setup.

Changed

• Switched sources to TypeScript, and tests, examples and benchmarks to ESM.
• Changed exports to named-only. Use import * as pako from 'pako' instead of default import if you need the whole API as an object.
• Changed package files layout. See package.json for supported entry points.
• legacyHash default is now false. Binary output is now compatible with nodejs by default.
• dictionary option now accepts only Uint8Array / ArrayBuffer (no String anymore).
• .onEnd() now only assembles output chunks into result, and no longer sets the err / msg fields.
• Use native TextEncoder / TextDecoder for string conversion. Removed shims.
• Replaced { to: 'string' }) with { toText: true }) for UTF-8 text output in high-level helpers (inflate, inflateRaw, ungzip).
• Build dist/ on publish instead of keeping generated bundles in git.
• Inflate.push() after stream end returns the decode result, not always false.

Removed

• Default export. import pako from 'pako' is no longer supported.
• { to: 'string' }) option from the streaming Inflate class. It now always emits byte chunks.
• Automatic gzip header collection in Inflate. Use .onStart() with zlibInflateGetHeader() to read gzip metadata.
• Prebuilt dist/ bundles from repository.

Commits

• c81171d 3.0.0 released
• 36896e3 doc: grammar fixes
• 4d64d46 doc: refresh snippets
• 169e034 doc: add repo link and make git hashes short
• a7a1212 Drop orphaned .method option
• 7c3e893 Add missed Error wrap in throw
• 16fb5c4 Make Inflate.push() no-op after stream ended
• ef2f14a Unity .err / .msg filling and make .result of single type
• 86864a8 Return back ungzip as alias
• 1754a8b Add default value for options param
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.