Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@babel/generator (source)	^7.27.5 -> ^7.28.0
@babel/types (source)	^7.27.6 -> ^7.28.0
@changesets/cli (source)	^2.28.1 -> ^2.29.5
@pnpm/lockfile.fs (source)	^1001.1.12 -> ^1001.1.14
@pnpm/lockfile.utils (source)	^1001.0.11 -> ^1001.0.12
@pnpm/lockfile.walker (source)	^1001.0.9 -> ^1001.0.10
@rollup/pluginutils (source)	^5.1.4 -> ^5.2.0
@types/node (source)	^20.19.0 -> ^20.19.4
@types/react (source)	^19.1.6 -> ^19.1.8
@typescript-eslint/eslint-plugin (source)	^8.33.1 -> ^8.35.1
@typescript-eslint/parser (source)	^8.33.1 -> ^8.35.1
eslint-import-resolver-typescript	^4.4.3 -> ^4.4.4
eslint-plugin-import	^2.31.0 -> ^2.32.0
lint-staged	^16.1.0 -> ^16.1.2
pnpm (source)	10.11.1 -> 10.12.4
postcss (source)	^8.5.4 -> ^8.5.6
postcss-import	^16.1.0 -> ^16.1.1
prettier (source)	^3.5.3 -> ^3.6.2
rollup (source)	^4.41.1 -> ^4.44.1
sass	^1.89.1 -> ^1.89.2
vitefu	^1.0.6 -> ^1.0.7
vitest (source)	^3.2.2 -> ^3.2.4
zod (source)	^3.25.55 -> ^3.25.71
zod-validation-error	^3.4.1 -> ^3.5.2
zx (source)	^8.5.5 -> ^8.6.1

---

Release Notes

babel/babel (@​babel/generator)

v7.28.0

Compare Source

🚀 New Feature

• babel-node
  • #​17147 Support top level await in node repl (@​liuxingbaoyu)
• babel-types
  • #​17258 feat(matchesPattern): support super/private/meta (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #​17355 Add explicit resource management to preset-env (@​JLHwung)
• babel-core, babel-parser
  • #​17390 Support sourceType: "commonjs" (@​JLHwung)
• babel-generator, babel-parser
  • #​17346 Materialize explicitResourceManagement parser plugin (@​JLHwung)
• babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-transform-object-rest-spread, babel-traverse, babel-types
  • #​17391 LVal coverage updates (Part 2) (@​JLHwung)
• babel-parser, babel-traverse, babel-types
  • #​17378 Accept bigints in t.bigIntLiteral factory (@​JLHwung)
• babel-generator, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-react-display-name, babel-types
  • #​17277 Transform discard binding (@​JLHwung)
• babel-generator, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-transform-block-scoping, babel-plugin-transform-object-rest-spread, babel-plugin-transform-typescript, babel-traverse, babel-types
  • #​17163 Parse discard binding (@​JLHwung)

🐛 Bug Fix

• babel-helper-globals, babel-plugin-transform-classes, babel-traverse
  • #​17297 Create babel-helper-globals (@​JLHwung)
• babel-types
  • #​17009 feature: TSTypeOperator: keyof (#​16799) (@​coderaiser)

🏠 Internal

• babel-compat-data, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-json-modules, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • #​17403 Update babel-polyfill packages (@​nicolo-ribaudo)

changesets/changesets (@​changesets/cli)

v2.29.5

Compare Source

v2.29.4

Compare Source

Patch Changes

• #​1668 65d6632 Thanks @​Andarist! - Fixed a crash in pre mode when trying to version private packages when tagging for private package is disabled

• Updated dependencies [65d6632]:

  • @​changesets/assemble-release-plan@​6.0.8
  • @​changesets/get-release-plan@​4.0.12

v2.29.3

Compare Source

Patch Changes

• #​1589 de8bebc Thanks @​remorses, @​vzt7! - Fixed a crash in prerelease mode when a package misses the version field in its package.json

• #​1619 c1e8a78 Thanks @​manucorporat! - Support ../ in publishConfig.directory when publishing packages

• Updated dependencies [de8bebc]:

  • @​changesets/assemble-release-plan@​6.0.7
  • @​changesets/get-release-plan@​4.0.11

v2.29.2

Compare Source

Patch Changes

• #​1636 f73f84a Thanks @​Netail! - Correctly resolve new changesets with since option when the .changeset directory is not directly in the git root

• Updated dependencies [f73f84a]:

  • @​changesets/read@​0.6.5
  • @​changesets/git@​3.0.4
  • @​changesets/get-release-plan@​4.0.10
  • @​changesets/apply-release-plan@​7.0.12

v2.29.1

Compare Source

Patch Changes

• #​1620 b15e629 Thanks @​Netail! - Correctly fetch new changesets with since if the git option diff.relative has been set to true

• Updated dependencies [b15e629]:

  • @​changesets/git@​3.0.3
  • @​changesets/apply-release-plan@​7.0.11
  • @​changesets/read@​0.6.4
  • @​changesets/get-release-plan@​4.0.9

v2.29.0

Compare Source

Minor Changes

• #​1470 29f34a3 Thanks @​JounQin! - Support scoped registries configured using package.json#publishConfig

rollup/plugins (@​rollup/pluginutils)

v5.2.0

2025-06-17

Features

• feat: add exactRegex and prefixRegex (#​1865)

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.35.1

Compare Source

🩹 Fixes

• remove prettier from eslint-plugin (#​11339)

❤️ Thank You

• Abhijeet Singh @​cseas

You can read about our versioning strategy and releases on our website.

v8.35.0

Compare Source

🚀 Features

• eslint-plugin: [no-base-to-string] add checkUnknown Option (#​11128)

❤️ Thank You

• Kim Sang Du @​developer-bandi

You can read about our versioning strategy and releases on our website.

v8.34.1

Compare Source

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.34.0

Compare Source

🩹 Fixes

• typescript-estree: add validation to interface extends (#​11271)

❤️ Thank You

• Tao

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.35.1

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.35.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.34.1

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

v8.34.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

import-js/eslint-import-resolver-typescript (eslint-import-resolver-typescript)

v4.4.4

Compare Source

Patch Changes

• #​468 93b39d2 Thanks @​renovate! - chore(deps): bump stable-hash-x v0.2.0

• #​466 799f1ce Thanks @​anomiex! - fix: include options hash in cache key for options normalization

import-js/eslint-plugin-import (eslint-plugin-import)

v2.32.0

Compare Source

Added

• add [enforce-node-protocol-usage] rule and import/node-version setting ([#​3024], thanks [@​GoldStrikeArch] and [@​sevenc-nanashi])
• add TypeScript types ([#​3097], thanks [@​G-Rath])
• [extensions]: add `pathGroupOverrides to allow enforcement decision overrides based on specifier ([#​3105], thanks [@​Xunnamius])
• [order]: add sortTypesGroup option to allow intragroup sorting of type-only imports ([#​3104], thanks [@​Xunnamius])
• [order]: add newlines-between-types option to control intragroup sorting of type-only imports ([#​3127], thanks [@​Xunnamius])
• [order]: add consolidateIslands option to collapse excess spacing for aesthetically pleasing imports ([#​3129], thanks [@​Xunnamius])

Fixed

• [no-unused-modules]: provide more meaningful error message when no .eslintrc is present ([#​3116], thanks [@​michaelfaith])
• configs: added missing name attribute for eslint config inspector ([#​3151], thanks [@​NishargShah])
• [order]: ensure arcane imports do not cause undefined behavior ([#​3128], thanks [@​Xunnamius])
• [order]: resolve undefined property access issue when using named ordering ([#​3166], thanks [@​Xunnamius])
• [enforce-node-protocol-usage]: avoid a crash with some TS code ([#​3173], thanks [@​ljharb])
• [order]: codify invariants from docs into config schema ([#​3152], thanks [@​Xunnamius])

Changed

• [Docs] [extensions], [order]: improve documentation ([#​3106], thanks [@​Xunnamius])
• [Docs] add flat config guide for using tseslint.config() ([#​3125], thanks [@​lnuvy])
• [Docs] add missing comma ([#​3122], thanks [@​RyanGst])
• [readme] Update flatConfig example to include typescript config ([#​3138], thanks [@​intellix])
• [Refactor] [order]: remove unnecessary negative check ([#​3167], thanks [@​JounQin])
• [Docs] [no-unused-modules]: add missing double quote ([#​3191], thanks [@​albertpastrana])
• [Docs] no-restricted-paths: clarify wording and fix errors ([#​3172], thanks [@​greim])

lint-staged/lint-staged (lint-staged)

v16.1.2

Compare Source

Patch Changes

• #​1570 a7c0c88 Thanks @​ItsNickBarry! - When using --diff-filter with the D option to include deleted staged files, lint-staged no longer tries to stage the deleted files, unless they're no longer deleted. Previously this caused an error from git add like fatal: pathspec 'deleted-file' did not match any files.

• 38f942e Thanks @​iiroj! - Removed an extraneous log entry that printed shouldHidePArtiallyStagedFiles to console output.

v16.1.1

Compare Source

Patch Changes

• #​1565 3686977 Thanks @​iiroj! - Lint-staged now explicitly warns about potential data loss when using --no-stash.

• #​1571 02299a9 Thanks @​iiroj! - Function tasks (introduced in v16.0.0) only received the staged files matching the conpmnfigured glob, instead of all staged files.

• #​1563 bc61c74 Thanks @​iiroj! - This version fixes incorrect behavior where unstaged changes were committed when using the --no-stash option. This happened because --no-stash implied --no-hide-partially-staged, meaning unstaged changes to files which also had other staged changes were added to the commit by lint-staged; this is no longer the case.

  The previous (incorrect) behavior can still be achieved by using both options --no-stash --no-hide-partially-staged at the same time.

pnpm/pnpm (pnpm)

v10.12.4

Compare Source

Patch Changes

• Fix pnpm licenses command for local dependencies #​9583.

• Fix a bug in which pnpm ls --filter=not-exist --json prints nothing instead of an empty array #​9672.

• Fix a deadlock that sometimes happens during peer dependency resolution #​9673.

• Running pnpm install after pnpm fetch should hoist all dependencies that need to be hoisted.
  Fixes a regression introduced in [v10.12.2] by [#​9648]; resolves [#​9689].

  [v10.12.2]: https://github.com/pnpm/pnpm/releases/tag/v10.12.2Add commentMore actions
  [#​9648]: https://github.com/pnpm/pnpm/pull/9648
  [#​9689]: https://github.com/pnpm/pnpm/issues/9689

v10.12.3

Compare Source

Patch Changes

• Restore hoisting of optional peer dependencies when installing with an outdated lockfile.
  Regression introduced in v10.12.2 by #​9648; resolves #​9685.

v10.12.2

Compare Source

Patch Changes

• Fixed hoisting with enableGlobalVirtualStore set to true #​9648.
• Fix the --help and -h flags not working as expected for the pnpm create command.
• The dependency package path output by the pnpm licenses list --json command is incorrect.
• Fix a bug in which pnpm deploy fails due to overridden dependencies having peer dependencies causing ERR_PNPM_OUTDATED_LOCKFILE #​9595.

v10.12.1

Minor Changes

• Experimental. Added support for global virtual stores. When enabled, node_modules contains only symlinks to a central virtual store, rather to node_modules/.pnpm. By default, this central store is located at <store-path>/links (you can find the store path by running pnpm store path).

  In the central virtual store, each package is hard linked into a directory whose name is the hash of its dependency graph. This allows multiple projects on the system to symlink shared dependencies from this central location, significantly improving installation speed when a warm cache is available.

  This is conceptually similar to how NixOS manages packages, using dependency graph hashes to create isolated and reusable package directories.

  To enable the global virtual store, set enableGlobalVirtualStore: true in your root pnpm-workspace.yaml, or globally via:

  pnpm config -g set enable-global-virtual-store true

  NOTE: In CI environments, where caches are typically cold, this setting may slow down installation. pnpm automatically disables the global virtual store when running in CI.

  Related PR: #​8190

• The pnpm update command now supports updating catalog: protocol dependencies and writes new specifiers to pnpm-workspace.yaml.
• Added two new CLI options (--save-catalog and --save-catalog-name=<name>) to pnpm add to save new dependencies as catalog entries. catalog: or catalog:<name> will be added to package.json and the package specifier will be added to the catalogs or catalog[<name>] object in pnpm-workspace.yaml #​9425.
• Semi-breaking. The keys used for side-effects caches have changed. If you have a side-effects cache generated by a previous version of pnpm, the new version will not use it and will create a new cache instead #​9605.
• Added a new setting called ci for explicitly telling pnpm if the current environment is a CI or not.

Patch Changes

• Sort versions printed by pnpm patch using semantic versioning rules.
• Improve the way the error message displays mismatched specifiers. Show differences instead of 2 whole objects #​9598.
• Revert #​9574 to fix a regression #​9596.

postcss/postcss (postcss)

v8.5.6

Compare Source

• Fixed ContainerWithChildren type discriminating (by @​Goodwine).

v8.5.5

Compare Source

• Fixed package.json→exports compatibility with some tools (by @​JounQin).

postcss/postcss-import (postcss-import)

v16.1.1

Compare Source

• Fix incorrect cascade layer order when some resources can not be inlined (#​567, #​574)

prettier/prettier (prettier)

v3.6.2

Compare Source

diff

Markdown: Add missing blank line around code block (#​17675 by @​fisker)

<!-- Input -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```

   1. Another
   2. List

<!-- Prettier 3.6.1 -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```
   1. Another
   2. List

<!-- Prettier 3.6.2 -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```

   1. Another
   2. List

v3.6.1

Compare Source

diff

TypeScript: Allow const without initializer (#​17650, #​17654 by @​fisker)

// Input
export const version: string;

// Prettier 3.6.0 (--parser=babel-ts)
SyntaxError: Unexpected token (1:21)
> 1 | export const version: string;
    |                     ^

// Prettier 3.6.0 (--parser=oxc-ts)
SyntaxError: Missing initializer in const declaration (1:14)
> 1 | export const version: string;
    |              ^^^^^^^^^^^^^^^

// Prettier 3.6.1
export const version: string;

Miscellaneous: Avoid closing files multiple times (#​17665 by @​43081j)

When reading a file to infer the interpreter from a shebang, we use the
n-readlines library to read the first line in order to get the shebang.

This library closes files when it reaches EOF, and we later try close the same
files again. We now close files only if n-readlines did not already close
them.

v3.6.0

Compare Source

diff

🔗 Release Notes

rollup/rollup (rollup)

v4.44.1

Compare Source

2025-06-26

Bug Fixes

• Reinstate maxParallelFileOps limit of 1000 to resolve the issue for some (#​5992)

Pull Requests

• #​5988: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #​5992: Set maxParallelFileOps to 1000 (@​lukastaegert)

v4.44.0

Compare Source

2025-06-19

Features

• Remove limit on maxParallelFileOps as this could break watch mode with the commonjs plugin (#​5986)

Bug Fixes

• Provide better source mappings when coarse intermediate maps are used (#​5985)

Pull Requests

• #​5984: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #​5985: Improve approximation of coarse sourcemap segments (@​TrickyPi)
• #​5986: Remove limit on max parallel file ops (@​lukastaegert)

v4.43.0

Compare Source

2025-06-11

Features

• Provide new fs option and this.fs API to replace file system (#​5944)

Pull Requests

• #​5944: feat(options): Add an option for overriding the file system module in the JS API (@​EggDice, @​lukastaegert)

v4.42.0

Compare Source

2025-06-06

Features

• Add option to allow the input to be located in the output in watch mode (#​5966)

Pull Requests

• #​5966: feat: watch mode add allowInputInsideOutputPath option (@​btea, @​lukastaegert)

v4.41.2

Compare Source

2025-06-06

Bug Fixes

• Detect named export usages in dynamic imports with then and non-arrow function expressions (#​5977)
• Do not replace usages of constant variables with their values for readability (#​5968)

Pull Requests

• #​5968: fix: preserve constant identifiers in unary expressions instead of magic numbers (@​OmkarJ13, @​lukastaegert)
• #​5969: chore(deps): update dependency yargs-parser to v22 (@​renovate[bot], @​lukastaegert)
• #​5970: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5971: chore(deps): lock file maintenance (@​renovate[bot])
• #​5976: Update README.md (@​ftlno, @​lukastaegert)
• #​5977: fix: consider function expression in thenable when tree-shaking dynamic imports (@​TrickyPi)
• #​5981: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5982: Debug/fix watch pipeline (@​lukastaegert)

sass/dart-sass (sass)

v1.89.2

Compare Source

Embedded Host

• Fixed a compilation error caused by an outdated buf dependency.

svitejs/vitefu (vitefu)

v1.0.7

Compare Source

• Allow Vite 7 peer dependency (#​21)

vitest-dev/vitest (vitest)

v3.2.4

Compare Source

   🐞 Bug Fixes

• Use correct path for optimisation of strip-literal  -  by @​mrginglymus in https://github.com/vitest-dev/vitest/issues/8139 (44940)
• Print uint and buffer as a simple string  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8141 (b86bf)
• browser:
  • Show a helpful error when spying on an export  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8178 (56007)
• cli:
  • vitest run --watch should be watch-mode  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8128 (657e8)
  • Use absolute path environment on Windows  -  by @​colinaaa in https://github.com/vitest-dev/vitest/issues/8105 (85dc0)
  • Throw error when --shard x/<count> exceeds count of test files  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8112 (8a18c)
• coverage:
  • Ignore SCSS in browser mode  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8161 (0c3be)
• deps:
  • Update all non-major dependencies  -  in https://github.com/vitest-dev/vitest/issues/8123 (93f32)
• expect:
  • Handle async errors in expect.soft  -  by @​lzl0304 in https://github.com/vitest-dev/vitest/issues/8145 (68699)
• pool:
  • Auto-adjust minWorkers when only maxWorkers specified  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8110 (14dc0)
• reporter:
  • task.meta should be available in custom reporter's errors  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8115 (27df6)
• runner:
  • Preserve handler wrapping on extend  -  by @​pengooseDev in https://github.com/vitest-dev/vitest/issues/8153 (a9281)
• ui:
  • Ensure ui config option works correctly  -  by @​lzl0304 in https://github.com/vitest-dev/vitest/issues/8147 (42eeb)

    View changes on GitHub

v3.2.3

Compare Source

   🚀 Features

• browser: Use base url instead of vitest  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8126 (1d8eb)
• ui: Show test annotations and metadata in the test report tab  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8093 (c69be)

   🐞 Bug Fixes

• Rerun tests when project's setup file is changed  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8097 (0f335)
• Revert expect.any return type  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8129 (47514)
• Run only the name plugin last, not all config plugins  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8130 (83862)
• pool:
  • Throw if user's tests use process.send()  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8125 (dfe81)
• runner:
  • Fast sequential task updates missing  -  by @​AriPerkkio in [https://github.com/fix(runner): fast sequential task updates missing vitest-dev/vitest#8121](https://github.com/vitest-dev/vitest/issu

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

🦋 Changeset detected

Latest commit: fe6f8b0

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR