Skip to content

Comments

chore(deps): lock file maintenance npm packages#5878

Merged
renovate[bot] merged 1 commit intomainfrom
renovate/npm-packages
Aug 24, 2025
Merged

chore(deps): lock file maintenance npm packages#5878
renovate[bot] merged 1 commit intomainfrom
renovate/npm-packages

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 24, 2025

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
lockFileMaintenance All locks refreshed
zx (source) dependencies patch 8.8.0 -> 8.8.1 age adoption passing confidence
@vueuse/core (source) dependencies minor 13.6.0 -> 13.7.0 age adoption passing confidence
knip (source) devDependencies minor 5.62.0 -> 5.63.0 age adoption passing confidence
pnpm (source) packageManager minor 10.14.0 -> 10.15.0 age adoption passing confidence
rollup (source) devDependencies minor 4.46.2 -> 4.48.0 age adoption passing confidence
tinybench devDependencies patch 5.0.0 -> 5.0.1 age adoption passing confidence
tsx (source) devDependencies patch 4.20.4 -> 4.20.5 age adoption passing confidence
vite (source) dependencies patch 7.1.2 -> 7.1.3 age adoption passing confidence
vue (source) dependencies patch 3.5.18 -> 3.5.19 age adoption passing confidence
zx (source) devDependencies patch 8.8.0 -> 8.8.1 age adoption passing confidence

🔧 This Pull Request updates lock files to use the latest dependency versions.


Release Notes

google/zx (zx)

v8.8.1: — Turbo Flush

Compare Source

We keep improving the projects internal infra to bring more stability, safety and performance for artifacts.

Featfixes

  • Applied flags filtration for CLI-driven deps install #​1308
  • Added kill() event logging #​1312
  • Set SIGTERM as kill() fallback signal #​1313
  • Allowed stdio() arg be an array #​1311
const p = $({halt: true})`cmd`
p.stdio([stream, 'ignore', 'pipe'])

Enhancements

vueuse/vueuse (@​vueuse/core)

v13.7.0

Compare Source

   🚨 Breaking Changes
   🚀 Features
   🐞 Bug Fixes
   🏎 Performance
    View changes on GitHub
webpro-nl/knip (knip)

v5.63.0

Compare Source

pnpm/pnpm (pnpm)

v10.15.0

Compare Source

Minor Changes
  • Added the cleanupUnusedCatalogs configuration. When set to true, pnpm will remove unused catalog entries during installation #​9793.
  • Automatically load pnpmfiles from config dependencies that are named @*/pnpm-plugin-* #​9780.
  • pnpm config get now prints an INI string for an object value #​9797.
  • pnpm config get now accepts property paths (e.g. pnpm config get catalog.react, pnpm config get .catalog.react, pnpm config get 'packageExtensions["@​babel/parser"].peerDependencies["@​babel/types"]'), and pnpm config set now accepts dot-leading or subscripted keys (e.g. pnpm config set .ignoreScripts true).
  • pnpm config get --json now prints a JSON serialization of config value, and pnpm config set --json now parses the input value as JSON.
Patch Changes
  • Semi-breaking. When automatically installing missing peer dependencies, prefer versions that are already present in the direct dependencies of the root workspace package #​9835.
  • When executing the pnpm create command, must verify whether the node version is supported even if a cache already exists #​9775.
  • When making requests for the non-abbreviated packument, add */* to the Accept header to avoid getting a 406 error on AWS CodeArtifact #​9862.
  • The standalone exe version of pnpm works with glibc 2.26 again #​9734.
  • Fix a regression in which pnpm dlx pkg --help doesn't pass --help to pkg #​9823.
rollup/rollup (rollup)

v4.48.0

Compare Source

2025-08-23

Features
  • If configured, also keep unparseable import attributes of external dynamic imports in the output(#​6071)
Bug Fixes
  • Ensure variables referenced in non-removed import attributes are included (#​6071)
Pull Requests

v4.47.1

Compare Source

2025-08-21

Bug Fixes
  • Revert build process changes to investigate issues (#​6077)
Pull Requests

v4.47.0

Compare Source

2025-08-21

Features
  • Aggressively reduce WASM build size (#​6053)
Bug Fixes
  • Fix illegal instruction error on Android ARM platforms (#​6072)
  • Allow to pass explicit undefined for optional fields in Rollup types (#​6061)
Pull Requests

v4.46.4

Compare Source

2025-08-20

Bug Fixes
  • Do not omit synthetic namespaces when only accessed via in operator (#​6052)
Pull Requests

v4.46.3

Compare Source

2025-08-18

Bug Fixes
  • Resolve illegal instruction error on arm64 architectures (#​6055)
  • Resolve sourcemap generation performance regression (#​6057)
Pull Requests
tinylibs/tinybench (tinybench)

v5.0.1

Compare Source

   🐞 Bug Fixes
    View changes on GitHub
privatenumber/tsx (tsx)

v4.20.5

Compare Source

Bug Fixes
  • handle ambiguous packages (796053a)

This release is also available on:

vitejs/vite (vite)

v7.1.3

Compare Source

Features
Bug Fixes
Performance Improvements
Miscellaneous Chores
Code Refactoring
Tests
vuejs/core (vue)

v3.5.19

Compare Source

Bug Fixes

Configuration

📅 Schedule: Branch creation - "before 9am on monday" in timezone Asia/Shanghai, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot enabled auto-merge August 24, 2025 16:49
@socket-security
Copy link

socket-security bot commented Aug 24, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updated@​types/​react@​19.1.10 ⏵ 19.1.11100 +110078 +196100
Updatedknip@​5.62.0 ⏵ 5.63.098 +11009294 +5100
Updatedrollup@​4.46.2 ⏵ 4.48.097 +110010099 +1100

View full report

@netlify
Copy link

netlify bot commented Aug 24, 2025

Deploy Preview for rolldown-rs canceled.

Name Link
🔨 Latest commit ff33e27
🔍 Latest deploy log https://app.netlify.com/projects/rolldown-rs/deploys/68ab43eda5e13800080cc96b

@renovate renovate bot force-pushed the renovate/npm-packages branch from a2222d0 to ff33e27 Compare August 24, 2025 16:55
@renovate renovate bot added this pull request to the merge queue Aug 24, 2025
Merged via the queue into main with commit a918275 Aug 24, 2025
31 checks passed
@renovate renovate bot deleted the renovate/npm-packages branch August 24, 2025 17:16
shulaoda added a commit that referenced this pull request Aug 25, 2025
## [1.0.0-beta.34] - 2025-08-25

### 💥 BREAKING CHANGES

- improve merging of top-level `transform` option with `tsconfig` (#5882) by @shulaoda
- support top-level `tsconfig` (#5842) by @shulaoda

### 🚀 Features

- rolldown_plugin_esm_external_require: export namespace directly for Node builtin modules (#5885) by @shulaoda
- rolldown_plugin_dynamic_import_vars: warn by default when errors occur (#5866) by @shulaoda
- support adding note for diagnostic (#5864) by @IWANABETHATGUY
- rolldown_plugin_vite_css_post: align partial css chunk logic (#5861) by @shulaoda
- setup `rolldown_binding_watcher` (#5859) by @hyf0
- rolldown_plugin_vite_css_post: align css url replace logic (#5857) by @shulaoda
- node/dev: binding for `DevEngine` (#5852) by @hyf0
- dev: introduce `DevEngine` to support build for devlopement scenario (#5808) by @hyf0
- Show a information log to tell built-in features if a plugin covered by built-in features are used (#5845) by @IWANABETHATGUY
- rolldown_plugin_vite_css_post: align partial css url replace logic (#5837) by @shulaoda
- rolldown_plugin_vite_css_post: align CSS chunk concatenation logic (#5836) by @shulaoda
- rolldown_plugin_transform: support `useDefineForClassFields=false` with `target>=es2022` (#5841) by @sapphi-red
- expose `esmExternalRequirePlugin` (#5810) by @shulaoda
- rolldown_plugin_esm_external_require: basic implementation (#5809) by @shulaoda
- rolldown: oxc v0.82.3 (#5807) by @Boshen
- expose `oxc_minifier` options (#5804) by @IWANABETHATGUY
- rolldown_plugin_require_to_import: initialize (#5797) by @shulaoda
- adjust codegen `initial_indent` for concatenateWrappedModule (#5779) by @IWANABETHATGUY
- rolldown: align default value of `option.context` (#5745) by @situ2001

### 🐛 Bug Fixes

- topLevelVar option removes class name, causing a TypeError in static block (#5888) by @IWANABETHATGUY
- a esm module required by other module can't be a inner module of concatenateModuleGroup (#5875) by @IWANABETHATGUY
- rolldown_plugin_transform: align `lang` logic correctly (#5874) by @shulaoda
- Runtime error occurs depending on the lazy import order. (#5873) by @IWANABETHATGUY
- when importee is ts or tsx adding potential false positive note for `missing_export` diagnostic (#5862) by @IWANABETHATGUY
- hmr: boundary and accept_via was reversed (#5843) by @sapphi-red
- returning result of this.resolve in resolveId hook impacts bundle size (#5851) by @IWANABETHATGUY
- rolldown_plugin_transform: set `typescript.removeClassFieldsWithoutInitializer` for `useDefineForClassFields=false` (#5840) by @sapphi-red
- hmr: `import.meta.hot.accept` in patch file should work (#5823) by @sapphi-red
- proper handle pife and profiler_names for concatenate_wrapped_modules (#5835) by @IWANABETHATGUY
- jsx preserve break component which is default export (#5751) by @shulaoda
- hmr: ensure patch file name to be unique (#5825) by @sapphi-red
- hmr: re-execute the boundary module rather than the accepted module (#5822) by @sapphi-red
- Rolldown cannot treeshake unused branch (#5829) by @IWANABETHATGUY
- `inlineConst` with constant propagation (#5826) by @IWANABETHATGUY
- don't mangle variable names when `minify: 'dce-only'` is used (#5830) by @sapphi-red
- return actual normalized minify options (#5818) by @IWANABETHATGUY
- plugin/vite-resolve: try non-prefixed index before prefixed index (#5801) by @sapphi-red
- throw a semantic error message instead of panic (#5796) by @AliceLanniste
- rolldown: run DCE on chunk when `minify: dce-only` (#5792) by @Boshen
- the import attribute has been removed. (#5794) by @IWANABETHATGUY
- don't match CRLF for `/./` (#5790) by @IWANABETHATGUY
- node: allow `output.topLevelVar` by options validator (#5789) by @sapphi-red
- node: allow `transform.jsx: 'preserve'` by options validator (#5781) by @sapphi-red
- preserve default export for `preserveModules` (#5780) by @shulaoda
- browser: sync exports (#5776) by @sxzz
- rolldown_plugin_transform: skip builtin transform for module id with null byte (#5775) by @hi-ogawa

### 🚜 Refactor

- move common transform types into rolldown_common (#5876) by @shulaoda
- rolldown_plugin_vite_css_post: extract `finalize_vite_css_urls` (#5860) by @shulaoda
- rust: make `NotifyWatcher` WASM-compatible (#5855) by @hyf0
- rust/dev: remove improper deref for `BuildDriver` (#5854) by @hyf0
- incremental: use `clone_in_with_semantic_ids` for program cloning (#5853) by @shulaoda
- rolldown_plugin_esm_external_require: tweak code (#5824) by @shulaoda
- improve `resolve_dependencies` (#5795) by @shulaoda
- simplify method calls in `PluginContext` (#5785) by @situ2001

### 📚 Documentation

- builtin-plugins: clarify behavior of `esmExternalRequirePlugin` (#5886) by @sapphi-red
- builtin-plugins: add documentation for `esmExternalRequirePlugin` (#5813) by @shulaoda
- support extracting doc for reference type (#5834) by @IWANABETHATGUY
- optimization.inlineConst (#5831) by @IWANABETHATGUY
- update description for output.minify (#5816) by @IWANABETHATGUY
- plugins: extract plugins into a separate section (#5812) by @shulaoda

### ⚡ Performance

- string_wizard: reduce allocation (#5793) by @Brooooooklyn

### 🧪 Testing

- hmr: import.meta.hot.accept cases (#5821) by @sapphi-red
- hmr: static import cases (#5820) by @sapphi-red
- hmr: no boundary full reload case (#5819) by @sapphi-red

### ⚙️ Miscellaneous Tasks

- deps: update `oxc-resolver` to v11.7.0 (#5889) by @shulaoda
- deps: lock file maintenance (#5880) by @renovate[bot]
- deps: lock file maintenance rust crates (#5881) by @renovate[bot]
- deps: update github-actions (#5877) by @renovate[bot]
- deps: lock file maintenance rust crates (#5879) by @renovate[bot]
- deps: lock file maintenance npm packages (#5878) by @renovate[bot]
- bump rolldown-ariadne (#5863) by @IWANABETHATGUY
- remove usage of `quote_expr`, `quote_stmt` (#5858) by @IWANABETHATGUY
- vite-tests: run all test suites even if some test suites failed (#5828) by @sapphi-red
- vite-tests: set `_VITE_TEST_JS_PLUGIN` instead of `_VITE_TEST_NATIVE_PLUGIN` (#5827) by @sapphi-red
- deps: use `vitepress@^2.0.0-alpha.12` instead (#5811) by @shulaoda
- deps: update dependency rolldown-plugin-dts to v0.15.7 (#5814) by @renovate[bot]
- add example with oxc transform styled components plugin (#5800) by @IWANABETHATGUY
- deprecate top-level `jsx` option in favor of `transform.jsx` (#5783) by @shulaoda
- deps: update crate-ci/typos action to v1.35.5 (#5786) by @renovate[bot]
- update default value of options.context (#5777) by @IWANABETHATGUY

### ◀️ Revert

- "fix: jsx preserve break component which is default export (#5764)" (#5856) by @shulaoda

Co-authored-by: shulaoda <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants