Skip to content

chore(deps): update all non-major dependencies #298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update all non-major dependencies #298

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 30, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence Type Update
@eslint/js (source) ^9.28.0 -> ^9.31.0 age confidence devDependencies minor
@types/node (source) ~20.19.0 -> ~20.19.8 age confidence devDependencies patch
@typescript-eslint/eslint-plugin (source) ^8.34.0 -> ^8.37.0 age confidence devDependencies minor
@typescript-eslint/parser (source) ^8.34.0 -> ^8.37.0 age confidence devDependencies minor
@vitest/coverage-v8 (source) ~3.1.4 -> ~3.2.4 age confidence devDependencies minor
changelogithub ^13.15.0 -> ^13.16.0 age confidence devDependencies patch
esbuild ^0.25.5 -> ^0.25.6 age confidence devDependencies patch
eslint (source) ^9.28.0 -> ^9.31.0 age confidence devDependencies minor
eslint-import-resolver-typescript ^4.4.3 -> ^4.4.4 age confidence devDependencies patch
eslint-plugin-import-x ^4.15.2 -> ^4.16.1 age confidence devDependencies patch
node (source) 20.19.2 -> 20.19.4 age confidence patch
pnpm (source) 10.12.1 -> 10.13.1 age confidence minor
prettier (source) 3.5.3 -> 3.6.2 age confidence devDependencies minor
typescript-eslint (source) ^8.34.0 -> ^8.37.0 age confidence devDependencies minor
vitest (source) ~3.1.4 -> ~3.2.4 age confidence devDependencies minor

Release Notes

eslint/eslint (@​eslint/js)

v9.31.0

Compare Source

v9.30.1

Compare Source

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.37.0

Compare Source

🩹 Fixes
  • eslint-plugin: [unified-signatures] fix false positives for ignoreOverloadsWithDifferentJSDoc option (#​11381)
❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.36.0

Compare Source

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.37.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.36.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

vitest-dev/vitest (@​vitest/coverage-v8)

v3.2.4

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v3.2.3

Compare Source

   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub

v3.2.2

Compare Source

   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub

v3.2.1

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v3.2.0

Compare Source

evanw/esbuild (esbuild)

v0.25.6

Compare Source

  • Fix a memory leak when cancel() is used on a build context (#​4231)

    Calling rebuild() followed by cancel() in rapid succession could previously leak memory. The bundler uses a producer/consumer model internally, and the resource leak was caused by the consumer being termianted while there were still remaining unreceived results from a producer. To avoid the leak, the consumer now waits for all producers to finish before terminating.

  • Support empty :is() and :where() syntax in CSS (#​4232)

    Previously using these selectors with esbuild would generate a warning. That warning has been removed in this release for these cases.

  • Improve tree-shaking of try statements in dead code (#​4224)

    With this release, esbuild will now remove certain try statements if esbuild considers them to be within dead code (i.e. code that is known to not ever be evaluated). For example:

    // Original code
return 'foo'
try { return 'bar' } catch {}

// Old output (with --minify)
return"foo";try{return"bar"}catch{}

// New output (with --minify)
return"foo";

  • Consider negated bigints to have no side effects

    While esbuild currently considers 1, -1, and 1n to all have no side effects, it didn't previously consider -1n to have no side effects. This is because esbuild does constant folding with numbers but not bigints. However, it meant that unused negative bigint constants were not tree-shaken. With this release, esbuild will now consider these expressions to also be side-effect free:

    // Original code
let a = 1, b = -1, c = 1n, d = -1n

// Old output (with --bundle --minify)
(()=>{var n=-1n;})();

// New output (with --bundle --minify)
(()=>{})();

  • Support a configurable delay in watch mode before rebuilding (#​3476, #​4178)

    The watch() API now takes a delay option that lets you add a delay (in milliseconds) before rebuilding when a change is detected in watch mode. If you use a tool that regenerates multiple source files very slowly, this should make it more likely that esbuild's watch mode won't generate a broken intermediate build before the successful final build. This option is also available via the CLI using the --watch-delay= flag.

    This should also help avoid confusion about the watch() API's options argument. It was previously empty to allow for future API expansion, which caused some people to think that the documentation was missing. It's no longer empty now that the watch() API has an option.

  • Allow mixed array for entryPoints API option (#​4223)

    The TypeScript type definitions now allow you to pass a mixed array of both string literals and object literals to the entryPoints API option, such as ['foo.js', { out: 'lib', in: 'bar.js' }]. This was always possible to do in JavaScript but the TypeScript type definitions were previously too restrictive.

  • Update Go from 1.23.8 to 1.23.10 (#​4204, #​4207)

    This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain false positive reports (specifically CVE-2025-4673 and CVE-2025-22874) from vulnerability scanners that only detect which version of the Go compiler esbuild uses.

  • Experimental support for esbuild on OpenHarmony (#​4212)

    With this release, esbuild now publishes the @esbuild/openharmony-arm64 npm package for OpenHarmony. It contains a WebAssembly binary instead of a native binary because Go doesn't currently support OpenHarmony. Node does support it, however, so in theory esbuild should now work on OpenHarmony through WebAssembly.

    This change was contributed by @​hqzing.

eslint/eslint (eslint)

v9.31.0

Compare Source

v9.30.1

Compare Source

nodejs/node (node)

v20.19.4

Compare Source

v20.19.3

Compare Source

pnpm/pnpm (pnpm)

v10.13.1

Compare Source

Patch Changes
  • Run user defined pnpmfiles after pnpmfiles of plugins.

v10.13.0

Compare Source

Minor Changes

  • Added the possibility to load multiple pnpmfiles. The pnpmfile setting can now accept a list of pnpmfile locations #​9702.

  • pnpm will now automatically load the pnpmfile.cjs file from any config dependency named @pnpm/plugin-* or pnpm-plugin-* #​9729.

    The order in which config dependencies are initialized should not matter — they are initialized in alphabetical order. If a specific order is needed, the paths to the pnpmfile.cjs files in the config dependencies can be explicitly listed using the pnpmfile setting in pnpm-workspace.yaml.

Patch Changes
  • When patching dependencies installed via pkg.pr.new, treat them as Git tarball URLs #​9694.
  • Prevent conflicts between local projects' config and the global config in dangerouslyAllowAllBuilds, onlyBuiltDependencies, onlyBuiltDependenciesFile, and neverBuiltDependencies #​9628.
  • Sort keys in pnpm-workspace.yaml with deep #​9701.
  • The pnpm rebuild command should not add pkgs included in ignoredBuiltDependencies to ignoredBuilds in node_modules/.modules.yaml #​9338.
  • Replaced shell-quote with shlex for quoting command arguments #​9381.

v10.12.4

Compare Source

Patch Changes

v10.12.3

Compare Source

Patch Changes
  • Restore hoisting of optional peer dependencies when installing with an outdated lockfile.
    Regression introduced in v10.12.2 by #​9648; resolves #​9685.

v10.12.2

Compare Source

Patch Changes
  • Fixed hoisting with enableGlobalVirtualStore set to true #​9648.
  • Fix the --help and -h flags not working as expected for the pnpm create command.
  • The dependency package path output by the pnpm licenses list --json command is incorrect.
  • Fix a bug in which pnpm deploy fails due to overridden dependencies having peer dependencies causing ERR_PNPM_OUTDATED_LOCKFILE #​9595.
prettier/prettier (prettier)

v3.6.2

Compare Source

diff

Markdown: Add missing blank line around code block (#​17675 by @​fisker)
<!-- Input -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```

   1. Another
   2. List

<!-- Prettier 3.6.1 -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```
   1. Another
   2. List

<!-- Prettier 3.6.2 -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```

   1. Another
   2. List

v3.6.1

Compare Source

diff

TypeScript: Allow const without initializer (#​17650, #​17654 by @​fisker)
// Input
export const version: string;

// Prettier 3.6.0 (--parser=babel-ts)
SyntaxError: Unexpected token (1:21)
> 1 | export const version: string;
    |                     ^

// Prettier 3.6.0 (--parser=oxc-ts)
SyntaxError: Missing initializer in const declaration (1:14)
> 1 | export const version: string;
    |              ^^^^^^^^^^^^^^^

// Prettier 3.6.1
export const version: string;
Miscellaneous: Avoid closing files multiple times (#​17665 by @​43081j)

When reading a file to infer the interpreter from a shebang, we use the
n-readlines library to read the first line in order to get the shebang.

This library closes files when it reaches EOF, and we later try close the same
files again. We now close files only if n-readlines did not already close
them.

v3.6.0

Compare Source

diff

🔗 Release Notes

typescript-eslint/typescript-eslint (typescript-eslint)

v8.37.0

Compare Source

🚀 Features
  • typescript-estree: infer tsconfigRootDir from call stack (#​11370)
❤️ Thank You
  • Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

v8.36.0

Compare Source

🚀 Features
  • typescript-eslint: support basePath in tseslint.config() (#​11357)
❤️ Thank You

You can read about our versioning strategy and releases on our website.

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) in timezone Pacific/Auckland, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jun 30, 2025
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jun 30, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from ad41b4b to 77e86f5 Compare July 7, 2025 19:36
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from 137f814 to 0e7c850 Compare July 15, 2025 15:08
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 0e7c850 to 637688c Compare July 16, 2025 04:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants