chore(deps): update all non-major dependencies (v3)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@iconify-json/lucide	^1.2.73 -> ^1.2.74			dependencies	patch
@iconify-json/vscode-icons	^1.2.35 -> ^1.2.36			dependencies	patch
@vitejs/plugin-vue (source)	^6.0.1 -> ^6.0.2			devDependencies	patch
actions/checkout	v5.0.0 -> v5.0.1			action	patch
better-sqlite3	^12.4.1 -> ^12.4.6			dependencies	patch
joi	^18.0.1 -> ^18.0.2			dependencies	patch
pnpm (source)	10.22.0 -> 10.23.0			packageManager	minor
unplugin (source)	^2.3.10 -> ^2.3.11			dependencies	patch
vite (source)	^7.1.12 -> ^7.2.4			devDependencies	patch
wrangler (source)	^4.47.0 -> ^4.50.0			devDependencies	minor

---

Release Notes

vitejs/vite-plugin-vue (@​vitejs/plugin-vue)

v6.0.2

Bug Fixes

• deps: update all non-major dependencies (#​643) (b702c1f)
• deps: update all non-major dependencies (#​653) (c6bd324)
• deps: update all non-major dependencies (#​663) (dbcd1d0)
• deps: update all non-major dependencies (#​665) (428dde0)
• deps: update all non-major dependencies (#​671) (59e0a51)
• deps: update all non-major dependencies (#​679) (f226dab)
• deps: update all non-major dependencies (#​685) (d990206)
• deps: update all non-major dependencies (#​688) (46edd7e)
• deps: update all non-major dependencies (#​692) (13accf3)
• deps: update all non-major dependencies (#​694) (9c77f01)
• deps: update all non-major dependencies (#​704) (ecb581a)
• fix hmr of dynamically loaded vue sfc modules in apps with tailwind (#​702) (0a883f7)

Miscellaneous Chores

• deps: update dependency rollup to ^4.52.3 (#​674) (dd91393)
• deps: update dependency rollup to ^4.52.5 (#​684) (a291b66)
• deps: update dependency rollup to ^4.53.1 (#​695) (0b238ea)
• deps: update dependency rollup to ^4.53.2 (#​703) (847808f)
• deps: update upstream (#​638) (f7cef18)
• deps: update upstream (#​642) (be57955)
• deps: update upstream (#​652) (3030263)
• deps: update upstream (#​666) (e6ece54)
• deps: update upstream (#​670) (5d3313f)
• deps: update upstream (#​678) (3f0593f)

actions/checkout (actions/checkout)

v5.0.1

Compare Source

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in #​2301

Full Changelog: actions/checkout@v5...v5.0.1

WiseLibs/better-sqlite3 (better-sqlite3)

v12.4.6

Compare Source

What's Changed

• Fix npm publishing by @​mceachen in #​1423

Full Changelog: WiseLibs/better-sqlite3@v12.4.5...v12.4.6

v12.4.5

Compare Source

What's Changed

• Add support for Node v25 and Electron 39+ prebuilds by @​mceachen in #​1422

Full Changelog: WiseLibs/better-sqlite3@v12.4.4...v12.4.5

hapijs/joi (joi)

v18.0.2

Compare Source

pnpm/pnpm (pnpm)

v10.23.0: pnpm 10.23

Compare Source

Minor Changes

• Added --lockfile-only option to pnpm list #​10020.

Patch Changes

• pnpm self-update should download pnpm from the configured npm registry #​10205.
• pnpm self-update should always install the non-executable pnpm package (pnpm in the registry) and never the @pnpm/exe package, when installing v11 or newer. We currently cannot ship @pnpm/exe as pkg doesn't work with ESM #​10190.
• Node.js runtime is not added to "dependencies" on pnpm add, if there's a engines.runtime setting declared in package.json #​10209.
• The installation should fail if an optional dependency cannot be installed due to a trust policy check failure #​10208.
• pnpm list and pnpm why now display npm: protocol for aliased packages (e.g., foo npm:[email protected]) #​8660.
• Don't add an extra slash to the Node.js mirror URL #​10204.
• pnpm store prune should not fail if the store contains Node.js packages #​10131.

Platinum Sponsors

Gold Sponsors

unjs/unplugin (unplugin)

v2.3.11

Compare Source

   🚀 Features

• Expose input source map for webpack-like bundlers  -  by @​sethfowler-datadog in #​565 (60ad4)

    View changes on GitHub

vitejs/vite (vite)

v7.2.4

Compare Source

Bug Fixes

• revert "perf(deps): replace debug with obug (#​21107)" (2d66b7b)

v7.2.3

Compare Source

Bug Fixes

• allow multiple bindCLIShortcuts calls with shortcut merging (#​21103) (5909efd)
• deps: update all non-major dependencies (#​21096) (6a34ac3)
• deps: update all non-major dependencies (#​21128) (4f8171e)

Performance Improvements

• deps: replace debug with obug (#​21107) (acfe939)

Miscellaneous Chores

• deps: update dependency @​rollup/plugin-commonjs to v29 (#​21099) (02ceaec)
• deps: update rolldown-related dependencies (#​21095) (39a0a15)
• deps: update rolldown-related dependencies (#​21127) (5029720)

cloudflare/workers-sdk (wrangler)

v4.50.0

Compare Source

Minor Changes

• #​11219 524a6e5 Thanks @​Ltadrian! - Implement Hyperdrive binding TLS miniflare proxy. This will allow for wrangler dev hyperdrive bindings to connect to external
  databases that require TLS.

• #​11233 c922a81 Thanks @​emily-shen! - Add containers.unsafe to allow internal users to use additional container features

Patch Changes

• #​11353 0cf696d Thanks @​vicb! - Use the native node:domain module when available

  It is enabled when the enable_nodejs_domain_module compatibility flag is set.

• #​11328 bb44120 Thanks @​ascorbic! - Fixes a bug that caused wrangler deploy to hang when deploying SvelteKit sites with experimental autoconfig

• #​11025 4a158e9 Thanks @​devin-ai-integration! - Use the native node:wasi module when available

  It is enabled when the enable_nodejs_wasi_module compatibility flag is set.

• Updated dependencies [0cf696d, 524a6e5, 4a158e9]:

  • @​cloudflare/unenv-preset@​2.7.11
  • miniflare@​4.20251118.1

v4.49.1

Compare Source

Patch Changes

• #​11344 c758809 Thanks @​dario-piotrowicz! - Fix: mark the r2 bulk command as hidden and experimental

• #​11339 dfba912 Thanks @​dario-piotrowicz! - Fix wrangler deploy erroring when it pulls down remote configs of workers containing an assets binding

• Updated dependencies [e5ec8cf]:

  • miniflare@​4.20251118.0

v4.49.0

Compare Source

Minor Changes

• #​10703 c5c4ee5 Thanks @​danlapid! - Add support for streaming tail consumers in local dev. This is an experimental new feature that allows you to register a tailStream() handler (compared to the existing tail() handler), which will receive streamed tail events from your Worker (compared to the tail() handler, which only receives batched events after your Worker has finished processing).

• #​11251 7035804 Thanks @​penalosa! - When the WRANGLER_HIDE_BANNER environment variable is provided, Wrangler will no longer display a version banner. This applies to all commands.

  For instance, previously running wrangler docs would give the following output:

  > wrangler docs
   ⛅️ wrangler 4.47.0
  ───────────────────
  Opening a link in your default browser: https://developers.cloudflare.com/workers/wrangler/commands/
  

  With WRANGLER_HIDE_BANNER, this is now:

  > WRANGLER_HIDE_BANNER=true wrangler docs
  Opening a link in your default browser: https://developers.cloudflare.com/workers/wrangler/commands/
  

• #​11285 d014fa7 Thanks @​vicb! - Implement the wrangler r2 bulk put bucket-name --filename list.json command.

  The command uploads multiple objects to an R2 bucket.

  The list of object is provided as a JSON encoded file via --filename. It is a list of key and file (respectively the name and the content for the object).

  [
    { "key": "/path/to/obj", "file": "/path/to/file_1"},
    { "key": "/path/to/other/obj", "file": "/path/to/file_2"},
    // ...
  ]
  

  Uploads are executed concurrently and the level of concurrency can be set via --concurrency.

  The command supports the same options as wrangler r2 object put, minus --file, and --pipe and plus --concurrency

• #​11268 15b8460 Thanks @​penalosa! - Support SvelteKit projects in autoconfig

• #​11258 2011b6a Thanks @​dario-piotrowicz! - Add --dry-run flag to wrangler setup and also a dryRun option to runAutoConfig

Patch Changes

• #​11261 a352c7f Thanks @​petebacondarwin! - Avoid using object lookup for OAuth Error classes

• #​11286 8e99766 Thanks @​dario-piotrowicz! - fix: make sure that experimental_patchConfig doesn't throw if it encounters a null value

• #​11279 d0d3fe6 Thanks @​vicb! - bump p-queue to ^9.0.0

• #​11278 92afbba Thanks @​ascorbic! - Fixes a bug that caused .dev.vars to be ignored in OpenNext

• #​11244 65b4afe Thanks @​petebacondarwin! - Internal refactoring to improve error traceability in wrangler dev

• #​11238 da8442f Thanks @​jamesopstad! - Add unstable_getDurableObjectClassNameToUseSQLiteMap export. This is an internal function for use in the Vite plugin.

• #​11266 09cb720 Thanks @​penalosa! - Use the smol-toml library for parsing TOML instead of @​iarna/toml

• #​11236 793e2b4 Thanks @​ascorbic! - Refresh expired preview tokens when running in remote dev mode

• #​11286 8e99766 Thanks @​dario-piotrowicz! - fix: wrangler deploy failing to patch local wrangler.jsonc files if the remote tail_consumers value is null

• #​11275 9cbf126 Thanks @​dario-piotrowicz! - Ensure that wrangler deploy run with a positional argument or with --assets does not trigger the autoconfig process (even with --experimental-autoconfig)

• #​11242 dd1e560 Thanks @​dario-piotrowicz! - Fix: make sure that remote proxy sessions's debug logs are enabled when the wrangler log level is set to "debug"

• Updated dependencies [c5c4ee5, d0041e2, 827d017]:

  • miniflare@​4.20251113.0

v4.48.0

Compare Source

Minor Changes

• #​11212 3908162 Thanks @​dario-piotrowicz! - Add autoconfig changes summary for wrangler deploy --x-autoconfig with the option for users to cancel the operation

• #​11229 14d79f2 Thanks @​dario-piotrowicz! - Enables experimental-deploy-remote-diff-check flag by default (the flag is still present for now so that users can turn it off if needed) and improves the remote config diffing logic (to include less noise in the diff presented to the user)

• #​11245 dfc6513 Thanks @​vicb! - Change how Wrangler selects default ports for dev sessions.

  If no port is specified, Wrangler now probes the default port and the 10 consecutive ports after it before falling back to a random port.
  This will help getting a stable port number across dev sessions.
  Both the http server and inspector ports are affected.

Patch Changes

• #​11177 43fe9f3 Thanks @​MattieTK! - Added bun detection to package manager analytics

• Updated dependencies [305ffb3, 46ccf0e]:

  • miniflare@​4.20251109.1

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[pkg-pr-new]

npm i https://pkg.pr.new/@nuxt/ui@5475

commit: 6864acf