chore(deps): update all non-major dependencies #3526

renovate · 2025-09-08T02:54:11Z

Coming soon: The Renovate bot (GitHub App) will be renamed to Mend. PRs from Renovate will soon appear from 'Mend'. Learn more here.

This PR contains the following updates:

Package	Change	Age	Confidence
@cloudflare/workers-types	`^4.20250910.0` -> `^4.20250920.0`
@nuxt/devtools (source)	`^2.6.3` -> `^2.6.5`
@nuxt/ui-pro (source)	`^3.3.3` -> `^3.3.4`
@shikijs/langs (source)	`^3.12.2` -> `^3.13.0`
@types/bun (source)	`^1.2.21` -> `^1.2.22`
@types/node (source)	`^24.3.1` -> `^24.5.2`
@valibot/to-json-schema (source)	`^1.0.0` -> `^1.3.0`
c12	`^3.2.0` -> `^3.3.0`
docus	`4.1.3` -> `4.2.0`
eslint (source)	`^9.35.0` -> `^9.36.0`
minisearch (source)	`^7.1.2` -> `^7.2.0`
nypm	`^0.6.1` -> `^0.6.2`
pnpm (source)	`10.15.1` -> `10.17.0`
release-it	`^19.0.4` -> `^19.0.5`
shiki (source)	`^3.12.2` -> `^3.13.0`
valibot (source)	`^1.0.0` -> `^1.1.0`
vue-tsc (source)	`^3.0.6` -> `^3.0.7`
wrangler (source)	`^4.35.0` -> `^4.38.0`

Release Notes

cloudflare/workerd (@cloudflare/workers-types)

nuxt/devtools (@nuxt/devtools)

`v2.6.5`

Compare Source

Bug Fixes

ensure path resolve is safe (1fabb49)

`v2.6.4`

Compare Source

Bug Fixes

using textContent instead of innerHtml for auth pagechore: update lock (7cadbbe)

nuxt/ui-pro (@nuxt/ui-pro)

`v3.3.4`

Compare Source

shikijs/shiki (@shikijs/langs)

`v3.13.0`

Compare Source

🚀 Features

transformers: Render indent guides - by @KazariEX and @antfu in #1060 (aecd1)

View changes on GitHub

`v3.12.3`

Compare Source

🐞 Bug Fixes

@shikijs/twoslash version specifier - by @9romise in #1078 (a1cde)

View changes on GitHub

fabian-hiller/valibot (@valibot/to-json-schema)

`v1.1.0`

Compare Source

Many thanks to @EltonLobo07, @sacrosanctic, @muningis, @EskiMojo14, @MOZGIII, @vktrl and @jasperteo for contributing to this release.

Read the release notes on our website for a quick overview of the most exciting new features in this release.

Add message method to overwrite local error message configuration of a schema (pull request #1103)
Add summarize method to summarize issues into a pretty-printable multi-line string (pull request #1158)
Add getTitle, getDescription and getMetadata methods to extract metadata of a schema (pull request #1154)
Add minEntries and maxEntries validation action to validate number of object entries (pull request #1100)
Add entries and notEntries validation action to validate number of object entries (pull request #1156)
Add parseJson and stringifyJson transformation action to parse and stringify JSON (pull request #1137)
Add flavor transformation action to flavor the output type of a schema (pull request #950)
Add support for bigints to multipleOf validation action (pull request #1164)
Change implementation of variant and variantAsync schema to improve performance by aborting validation of discriminators early (pull request #1110)
Change name of NanoIDAction and NanoIDIssue interface to NanoIdAction and NanoIdIssue (pull request #1171)
Fix internal MarkOptional type to fix input and output type of objects in edge cases (issue #1176)

unjs/c12 (c12)

`v3.3.0`

Compare Source

compare changes

🚀 Enhancements

Support loading config with array exports (#272)
Allow extends without extension (#268)

🩹 Fixes

loadDotenv: cwd is optional (#273)

📖 Documentation

Improve dotenv section with multiple files example (#270)

🏡 Chore

Update readme (5f803d6)
Sort a-z (40207d2)
Update lockfile (2cc4f5e)
Update lockfile (38e04db)

✅ Tests

Add missing await (63e5b5e)
Update snapshot (bc671c4)

❤️ Contributors

Pooya Parsa (@pi0)
Devbro1 [email protected]
Carson (@carson2222)
Igal Klebanov [email protected]

nuxt-content/docus (docus)

`v4.2.0`

Compare Source

Features

i18n: add BE, PL, and RU locales (#1186) (db3edb4)
support custom layouts (#1187) (a4cd642)

Bug Fixes

unshift custom css to give a priority (681d88e)

`v4.1.4`

Compare Source

Bug Fixes

reactive navigation in production (b073f01)

eslint/eslint (eslint)

`v9.36.0`

Compare Source

lucaong/minisearch (minisearch)

`v7.2.0`

Compare Source

[fix] Relax the return type of extractField to allow non-string values
(when a field is stored but not indexed, it can be any type)
- Add stringifyField option to customize how field values are turned into strings
  for indexing

`v7.1.3`

Compare Source

unjs/nypm (nypm)

`v0.6.2`

Compare Source

compare changes

🚀 Enhancements

runScript: Support custom env (#215)
dlx and packages option for dlxCommand (#218)

🏡 Chore

Update deps (71dd2a2)
Uopdate deps (539afd3)
Update readme (3e9f5d3)

❤️ Contributors

Rihan (@RihanArfan)
Pooya Parsa (@pi0)
Fedor Chubukov (@Exeteres)

pnpm/pnpm (pnpm)

`v10.17.0`

Compare Source

Minor Changes

The minimumReleaseAgeExclude setting now supports patterns. For instance:
```
minimumReleaseAge: 1440
minimumReleaseAgeExclude:
  - "@&#8203;eslint/*"
```
Related PR: #9984.

Patch Changes

Don't ignore the minimumReleaseAge check, when the package is requested by exact version and the packument is loaded from cache #9978.
When minimumReleaseAge is set and the active version under a dist-tag is not mature enough, do not downgrade to a prerelease version in case the original version wasn't a prerelease one #9979.

`v10.16.1`

Compare Source

Patch Changes

The full metadata cache should be stored not at the same location as the abbreviated metadata. This fixes a bug where pnpm was loading the abbreviated metadata from cache and couldn't find the "time" field as a result #9963.
Forcibly disable ANSI color codes when generating patch diff #9914.

`v10.16.0`

Compare Source

Minor Changes

There have been several incidents recently where popular packages were successfully attacked. To reduce the risk of installing a compromised version, we are introducing a new setting that delays the installation of newly released dependencies. In most cases, such attacks are discovered quickly and the malicious versions are removed from the registry within an hour.

The new setting is called minimumReleaseAge. It specifies the number of minutes that must pass after a version is published before pnpm will install it. For example, setting minimumReleaseAge: 1440 ensures that only packages released at least one day ago can be installed.

If you set minimumReleaseAge but need to disable this restriction for certain dependencies, you can list them under the minimumReleaseAgeExclude setting. For instance, with the following configuration pnpm will always install the latest version of webpack, regardless of its release time:
```
minimumReleaseAgeExclude:
  - webpack
```
Related issue: #9921.
Added support for finders #9946.

In the past, pnpm list and pnpm why could only search for dependencies by name (and optionally version). For example:
```
pnpm why minimist
```
prints the chain of dependencies to any installed instance of minimist:
```
verdaccio 5.20.1
├─┬ handlebars 4.7.7
│ └── minimist 1.2.8
└─┬ mv 2.1.1
  └─┬ mkdirp 0.5.6
    └── minimist 1.2.8
```
What if we want to search by other properties of a dependency, not just its name? For instance, find all packages that have react@17 in their peer dependencies?

This is now possible with "finder functions". Finder functions can be declared in .pnpmfile.cjs and invoked with the --find-by=<function name> flag when running pnpm list or pnpm why.

Let's say we want to find any dependencies that have React 17 in peer dependencies. We can add this finder to our .pnpmfile.cjs:
```
module.exports = {
  finders: {
    react17: (ctx) => {
      return ctx.readManifest().peerDependencies?.react === "^17.0.0";
    },
  },
};
```
Now we can use this finder function by running:
```
pnpm why --find-by=react17
```
pnpm will find all dependencies that have this React in peer dependencies and print their exact locations in the dependency graph.
```
@&#8203;apollo/client 4.0.4
├── @&#8203;graphql-typed-document-node/core 3.2.0
└── graphql-tag 2.12.6
```
It is also possible to print out some additional information in the output by returning a string from the finder. For example, with the following finder:
```
module.exports = {
  finders: {
    react17: (ctx) => {
      const manifest = ctx.readManifest();
      if (manifest.peerDependencies?.react === "^17.0.0") {
        return `license: ${manifest.license}`;
      }
      return false;
    },
  },
};
```
Every matched package will also print out the license from its package.json:
```
@&#8203;apollo/client 4.0.4
├── @&#8203;graphql-typed-document-node/core 3.2.0
│   license: MIT
└── graphql-tag 2.12.6
    license: MIT
```

Patch Changes

Fix deprecation warning printed when executing pnpm with Node.js 24 #9529.
Throw an error if nodeVersion is not set to an exact semver version #9934.
pnpm publish should be able to publish a .tar.gz file #9927.
Canceling a running process with Ctrl-C should make pnpm run return a non-zero exit code #9626.

release-it/release-it (release-it)

`v19.0.5`

Compare Source

Add link to release-it-gitea plugin (bf6f1fb)
Bump actions/checkout from 4 to 5 (#1243) (e42e7dc) - thanks @dependabot[bot]!
Add OIDC publishing docs (#1245) (9933c0d) - thanks @mceachen!
Bump actions/setup-node from 4 to 5 (#1247) (7d9b77f) - thanks @dependabot[bot]!
Auto-format (96181f3)
Update dependencies (0b907d1)
Remove redundant knip entry (ca2f7b5)

vuejs/language-tools (vue-tsc)

`v3.0.7`

Compare Source

Bug Fixes

fix(vscode): show welcome page only when opening a Vue file
fix(language-core): generate slot parameters in the same way as interpolation (#5618) - Thanks to @KazariEX!
fix(language-core): do not generate variables for builtin directives - Thanks to @KazariEX!

Other Changes

docs(vscode): add descriptions for premium feature configurations (#5612) - Thanks to @KazariEX!
refactor(typescript-plugin): explicitly request parameters (#5623)
chore(lint): enable @typescript-eslint/no-unnecessary-condition (#5630)
refactor(language-server): reimplement Reactivity Visualization in typescript plugin (#5632)
refactor(language-server): parsing interpolations in extension client (#5633)
refactor(vscode): reimplement Focus Mode base on folding ranges (#5634)
chore(vscode): disable Focus Mode by default (#5578)
refactor(vscode): set delay of reactivity visualization updates to 250ms - Thanks to @KazariEX!

cloudflare/workers-sdk (wrangler)

`v4.38.0`

Compare Source

Minor Changes

#10654 a4e2439 Thanks @laplab! - Switch to WRANGLER_R2_SQL_AUTH_TOKEN env variable for R2 SQL secret. Update the response format for R2 SQL
#10676 f76da43 Thanks @penalosa! - Support ctx.exports in wrangler types
#10651 6caf938 Thanks @edevil! - Added new attribute "allowed_sender_addresses" to send email binding.

Patch Changes

#10674 1cc258e Thanks @penalosa! - Fix remote/local display for KV/D1/R2 & Browser bindings
#10678 b30263e Thanks @penalosa! - Remove dummy auth from SDK setup
#10678 b30263e Thanks @penalosa! - Add WRANGLER_TRACE_ID environment variable to support internal testing
#10561 769ffb1 Thanks @danielrs! - Do not show subdomain status mismatch warnings on first deploy.
Updated dependencies [b59e3e1, e9b0c66, 6caf938, 88132bc]:
- miniflare@4.20250917.0
- @cloudflare/unenv-preset@2.7.4

`v4.37.1`

Compare Source

Patch Changes

#10658 3029b9a Thanks @1000hz! - Fixed an issue with service tags not being applied properly to Workers when the Wrangler configuration file did not include a top-level name property.
#10657 31ec996 Thanks @penalosa! - Disable remote bindings with the --local flag
Updated dependencies [783afeb]:
- miniflare@4.20250913.0

`v4.37.0`

Compare Source

Minor Changes

#10546 d53a0bc Thanks @1000hz! - On deploy or version upload, Workers with multiple environments are tagged with metadata that groups them together in the Cloudflare Dashboard.
#10596 735785e Thanks @penalosa! - Add Miniflare & Wrangler support for unbound Durable Objects
#10622 15c34e2 Thanks @nagraham! - Modify R2 Data Catalog compaction commands to enable/disable for Catalog (remove table/namespace args), and require Cloudflare API token on enable.

Patch Changes

Updated dependencies [735785e]:
- miniflare@4.20250906.2

`v4.36.0`

Compare Source

Minor Changes

#10604 135e066 Thanks @penalosa! - Enable Remote Bindings without the need for the --x-remote-bindings flag
#10558 30f558e Thanks @laplab! - Add commands to send queries and manage R2 SQL product.
#10574 d8860ac Thanks @efalcao! - Add support for VPC services CRUD via wrangler vpc service
#10119 336a75d Thanks @dxh9845! - Add support for dynamically loading 'external' Miniflare plugins for unsafe Worker bindings (developed outside of the workers-sdk repo)

Patch Changes

#10212 0837a8d Thanks @jamesopstad! - Add preserveOriginalMain option to unstable_readConfig. This will pass the original main value through, without converting it to an absolute path.
#10541 da24079 Thanks @qjex! - stable ratelimit binding

Rate Limiting in Workers is now generally available, ratelimit can be removed from unsafe bindings.
#10479 ffa2600 Thanks @nagraham! - feat: Add wrangler commands for the R2 Data Catalog compaction feature
#9955 51553ef Thanks @penalosa! - Integrate the Cloudflare SDK into Wrangler (internal refactor)
Updated dependencies [e2b838f, 336a75d]:
- miniflare@4.20250906.1

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

vercel · 2025-09-08T02:54:18Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Updated (UTC)
content-docs	Ready	Preview	Sep 20, 2025 6:38pm

pkg-pr-new · 2025-09-08T02:56:17Z

npm i https://pkg.pr.new/@nuxt/content@3526

commit: d91da82

cloudflare-workers-and-pages · 2025-09-08T02:58:33Z

Deploying content with Cloudflare Pages

Latest commit:	`d91da82`
Status:	✅ Deploy successful!
Preview URL:	https://1c5c232a.content-f0q.pages.dev
Branch Preview URL:	https://renovate-all-minor-patch.content-f0q.pages.dev

View logs

gitguardian · 2025-09-15T07:01:15Z

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
While these secrets were previously flagged, we no longer have a reference to the
specific commits where they were detected. Once a secret has been leaked into a git
repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

^{_{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}}

vercel bot deployed to Preview September 8, 2025 03:01 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 82d5eba to c7d2980 Compare September 8, 2025 18:47

vercel bot deployed to Preview September 8, 2025 18:51 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from c7d2980 to 3606879 Compare September 9, 2025 03:25

vercel bot deployed to Preview September 9, 2025 03:29 View deployment

renovate bot changed the title ~~chore(deps): update all non-major dependencies~~ chore(deps): update all non-major dependencies - autoclosed Sep 9, 2025

renovate bot closed this Sep 9, 2025

renovate bot deleted the renovate/all-minor-patch branch September 9, 2025 15:41

renovate bot changed the title ~~chore(deps): update all non-major dependencies - autoclosed~~ chore(deps): update all non-major dependencies Sep 15, 2025

renovate bot reopened this Sep 15, 2025

renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 3606879 to b886e8f Compare September 15, 2025 07:01

vercel bot deployed to Preview September 15, 2025 07:05 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from b886e8f to 4288ced Compare September 15, 2025 14:14

vercel bot deployed to Preview September 15, 2025 14:18 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 4288ced to f88d235 Compare September 16, 2025 03:32

vercel bot deployed to Preview September 16, 2025 03:36 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from f88d235 to 72a797b Compare September 16, 2025 11:28

vercel bot deployed to Preview September 16, 2025 11:31 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 72a797b to ec30d2d Compare September 16, 2025 16:07

vercel bot deployed to Preview September 16, 2025 16:16 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from ec30d2d to 2a3582a Compare September 16, 2025 23:05

vercel bot deployed to Preview September 16, 2025 23:11 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 2a3582a to 2f0f857 Compare September 17, 2025 03:24

vercel bot deployed to Preview September 17, 2025 03:28 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 2f0f857 to e73d88f Compare September 17, 2025 16:01

vercel bot deployed to Preview September 17, 2025 16:07 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from e73d88f to 47cfde4 Compare September 18, 2025 03:27

vercel bot deployed to Preview September 18, 2025 03:31 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 47cfde4 to ed362b7 Compare September 18, 2025 10:56

vercel bot deployed to Preview September 18, 2025 11:00 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from ed362b7 to 62860e6 Compare September 18, 2025 15:28

vercel bot deployed to Preview September 18, 2025 15:31 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 62860e6 to 4f5a94e Compare September 19, 2025 02:58

vercel bot deployed to Preview September 19, 2025 03:02 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 4f5a94e to e5d4f84 Compare September 19, 2025 10:19

vercel bot deployed to Preview September 19, 2025 10:26 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from e5d4f84 to e8ff1b0 Compare September 19, 2025 15:05

vercel bot deployed to Preview September 19, 2025 15:09 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from e8ff1b0 to 8c82ccf Compare September 19, 2025 18:52

vercel bot deployed to Preview September 19, 2025 18:56 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 8c82ccf to 5f604f2 Compare September 19, 2025 22:10

vercel bot deployed to Preview September 19, 2025 22:14 View deployment

renovate bot force-pushed the renovate/all-minor-patch branch from 5f604f2 to 4a0c5b4 Compare September 20, 2025 02:28

vercel bot deployed to Preview September 20, 2025 02:32 View deployment

chore(deps): update all non-major dependencies

d91da82

renovate bot force-pushed the renovate/all-minor-patch branch from 4a0c5b4 to d91da82 Compare September 20, 2025 18:34

vercel bot deployed to Preview September 20, 2025 18:38 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore(deps): update all non-major dependencies #3526

chore(deps): update all non-major dependencies #3526

renovate bot commented Sep 8, 2025 •

edited

Loading

Uh oh!

vercel bot commented Sep 8, 2025 •

edited

Loading

Uh oh!

pkg-pr-new bot commented Sep 8, 2025 •

edited

Loading

Uh oh!

cloudflare-workers-and-pages bot commented Sep 8, 2025 •

edited

Loading

Uh oh!

gitguardian bot commented Sep 15, 2025 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

chore(deps): update all non-major dependencies #3526

Are you sure you want to change the base?

chore(deps): update all non-major dependencies #3526

Conversation

renovate bot commented Sep 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Bug Fixes

Bug Fixes

🚀 Features

🐞 Bug Fixes

🚀 Enhancements

🩹 Fixes

📖 Documentation

🏡 Chore

✅ Tests

❤️ Contributors

Features

Bug Fixes

Bug Fixes

🚀 Enhancements

🏡 Chore

❤️ Contributors

Minor Changes

Patch Changes

Patch Changes

Minor Changes

Patch Changes

Bug Fixes

Other Changes

Minor Changes

Patch Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Configuration

Uh oh!

vercel bot commented Sep 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

pkg-pr-new bot commented Sep 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

cloudflare-workers-and-pages bot commented Sep 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Deploying content with Cloudflare Pages

Uh oh!

gitguardian bot commented Sep 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

️✅ There are no secrets present in this pull request anymore.

Uh oh!

Uh oh!

renovate bot commented Sep 8, 2025 •

edited

Loading

vercel bot commented Sep 8, 2025 •

edited

Loading

pkg-pr-new bot commented Sep 8, 2025 •

edited

Loading

cloudflare-workers-and-pages bot commented Sep 8, 2025 •

edited

Loading

gitguardian bot commented Sep 15, 2025 •

edited

Loading