Update All NPM Dependencies (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@prantlf/jsonlint (source)	16.0.0 → 17.0.1
ag-grid-community (source)	34.3.1 → 35.0.1
globals	16.4.0 → 17.1.0
lefthook	1.13.6 → 2.0.15
prism-code-editor	4.1.0 → 5.0.1
stylelint (source)	16.25.0 → 17.0.0
stylelint-config-standard	39.0.1 → 40.0.0

---

Release Notes

prantlf/jsonlint (@​prantlf/jsonlint)

v17.0.1

Compare Source

Bug Fixes

• Upgrade dependencies (afd41a8)

v17.0.0

Compare Source

Features

• Control line break in empty {} and [] (a0ef54b)

Refactoring

• Load native Node.js packages with node: prefix (09fbaf1)
• Replace fast-glob with node:glob (a87f19f)

BREAKING CHANGES

Pretty-printing will not insert a line break between
empty {} and [] by default. Although this will probably be the
desired output of all users, it might break some use cases, which
dependend on the extra line break. It can be achieved again by setting
the new option --no-compact-empty-objects (compactEmptyObjects: false).

The minimum supported version of Node.js is 22 from now on.
Also, any file path supplied on the command line is considered a glob
pattern. It shouldn't break anything though.

The minimum supported version of Node.js is 18 from now on.

v16.1.0

Compare Source

Features

• Upgrade dependencies (3dedeec)
• Add ajv-formats and ajv-keywords plugins to support the latest JSON Schema drafts (63a3b3b)
• Allow disabling strict mode of schema compilation (0d605b6)
• Print colourful JSON diff (f9e43de)
• Ability to force crlf (ca7fa7f)

Bug Fixes

• Fix schema validation instructions (ffa29c3)

ag-grid/ag-grid (ag-grid-community)

v35.0.1

Compare Source

v35.0.0

Compare Source

sindresorhus/globals (globals)

v17.1.0

Compare Source

• Add webpack and rspack globals (#​333) 65cae73

---

v17.0.0

Compare Source

Breaking

• Split audioWorklet environment from browser (#​320) 7bc293e

Improvements

• Update globals (#​329) ebe1063
• Get all browser globals from both chrome and firefox (#​321) 59ceff8
• Add bunBuiltin environment (#​324) 1bc6e3b
• Add denoBuiltin environment (#​324) 1bc6e3b
• Add paintWorklet environment (#​323) 4b78f56
• Add sharedWorker environment (#​322) 4a02a85

---

v16.5.0

Compare Source

• Update globals (2025-11-01) (#​316) 6d441ca
• Add Vue, Svelte, and Astro globals (#​314) ea31521

---

evilmartians/lefthook (lefthook)

v2.0.15

Compare Source

• docs: clarify remote settings (#​1260) by @​mrexox
• feat: skip scripts if args given with empty file template (#​1277) by @​mrexox

v2.0.14

Compare Source

• fix: skip if any files template is empty (#​1275) by @​mrexox
• feat: add jsonc support (#​1274) by @​mrexox
• deps: switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#​1261) by @​scop
• fix: don't install custom hooks to hooks dir (#​1246) by @​scop
• deps: December 2025 (#​1209) by @​mrexox

v2.0.13

Compare Source

• fix: set extends to empty slice after loading remotes (#​1259) by @​mrexox
• fix: allow custom hooks in JSON schema by updating generator (#​1250) by @​jeonghoon11
• docs: remove duplicate config: false description (#​1245) by @​scop
• chore: add more tests (#​1244) by @​mrexox

v2.0.12

Compare Source

• chore: small changes on diff printing (#​1242) by @​mrexox
• feat: ability to show diff when failing on changes (#​1227) by @​scop
• fix: make short status parser more robust (#​1236) by @​scop
• docs: fix readme (#​1235) by @​matdibu

v2.0.11

Compare Source

• feat: refetch and cleanup on ref change (#​1210) by @​mrexox
• ci: npm trusted publishing (#​1234) by @​mrexox
• feat: more rudimentary shell completions (#​1230) by @​scop

v2.0.10

Compare Source

• feat: add no_auto_install to lefthook.yml (#​1231) by @​pavelzw
• fix: skip if empty files template (#​1233) by @​mrexox

v2.0.9

Compare Source

• fix: skip pre commit hook if no staged files (#​1229) by @​mrexox
• fix: do not try to hash-object directories (#​1220) by @​scop
• fix: check and report Scanner errors (#​1222) by @​scop
• refactor: command executor tweaks (#​1224) by @​scop
• refactor: remove some redundant code (#​1221) by @​scop
• fix: improve separation of options and filenames for more git commands (#​1225) by @​scop
• chore: upgrade golangci-lint to 2.7.1, add godoclint (#​1223) by @​scop
• chore: remove unnecessary .svg executable permissions (#​1219) by @​scop

v2.0.8

Compare Source

• fix: do not escape custom templates in command replacement (#​1213) by @​joevin-sql-docto

v2.0.7

Compare Source

• fix: prefer using lefthook from the $PATH (#​1211) by @​joevin-sql-docto

v2.0.6

Compare Source

• feat: save original executable location in hooks (#​1208) by @​mrexox
• docs: encourage python install using pipx (#​1207) by @​franzramadhan

v2.0.5

Compare Source

• feat: add optional args to scripts (#​1206) by @​mrexox
• deps: November 2025 (#​1200) by @​mrexox
• chore: upgrade golangci-lint to 2.6.1, add modernize (#​1190) by @​scop
• chore: publish artifact attestations (#​1189) by @​scop

v2.0.4

Compare Source

• fix: glob_matcher jsonschema values
• feat: add optional standard glob matcher (doublestar) (#​1188) by @​jasonwbarnett

v2.0.3

Compare Source

• feat: fail_on_changes non-ci option (#​1186) by @​scop
• deps: update mimetypes (#​1185) by @​mrexox

v2.0.2

Compare Source

• fix: add mutex lock before all git commands (#​1178) by @​mrexox

v2.0.1

Compare Source

• fix: set extends to empty slice after loading remotes (#​1259) by @​mrexox
• fix: allow custom hooks in JSON schema by updating generator (#​1250) by @​jeonghoon11
• docs: remove duplicate config: false description (#​1245) by @​scop
• chore: add more tests (#​1244) by @​mrexox

v2.0.0

Compare Source

Breaking changes

• exclude option no longer accepts regexp, only globs.
• skip_output option is dropped, use output instead.
• Some CLI arguments have changed their names to make it more consistent. See lefthook run -h for details.
• for only and skip options with - run: '...' values the command executer was changed to Bourne Shell.

Commits

• fix: accept --fail-on-changes=false as override value (#​1168) by @​mrexox
• feat: [breaking] use sh as command executor on Windows (#​1166) by @​mrexox
• refactor: [breaking] drop support for exclude regexp (#​1162) by @​mrexox
• refactor: [breaking] drop deprecated skip_output option (#​1159) by @​mrexox
• refactor: [breaking] use another cli framework (#​1155) by @​mrexox

jonpyt/prism-code-editor (prism-code-editor)

v5.0.1

Compare Source

• Updated HTML, SVG, and React JSX autocompletion data (2da5b4e) (7220858) (7f2e9b5)
• Made tag matching case insensitive in HTML so <DIV> and </div> can be matched together (0cba41c)
• Fixed aria-activedescendant not always being added to the textarea when opening the autocompletion tooltip (332024c)

v5.0.0

Compare Source

Breaking changes

Many CSS variable names have been changed (5e80b80). To migrate, perform a controlled search and replace on your project. The following table shows which names have been changed:

Old variable name	New variable name
--editor__line-number	--pce-line-number
--editor__bg-highlight	--pce-bg-highlight
--editor__border-highlight	--pce-border-highlight
--editor__bg-selection-match	--pce-selection-match
--editor__bg-scrollbar	--pce-scrollbar
--editor__bg-fold	--pce-bg-fold
--editor__bg	--pce-bg
--bg-guide-indent	--pce-guide-indent
--widget__bg-input	--pce-widget-bg-input
--widget__bg-active	--pce-widget-bg-active
--widget__bg-hover	--pce-widget-bg-hover
--widget__bg-error	--pce-widget-bg-error
--widget__bg	--pce-widget-bg
--widget__border	--pce-widget-border
--widget__color-active	--pce-widget-color-active
--widget__color-options	--pce-widget-color-options
--widget__color	--pce-widget-color
--widget__focus-ring	--pce-widget-focus
--widget__error-ring	--pce-widget-error
--search__bg-find	--pce-search-match

• Line numbers now use CSS counters instead of a data-line attribute (5fabaae)
• Changed to class added to the next/prev match buttons in the search widget from next-match and prev-match to pce-next and pce-prev (e5f109b)
• Removed the alwaysShow parameter of the showInvisibles() extension. Use tokenizeInvisibles() instead to highlight all invisibles (be0510a)
• All tokens with the global regex flag now use greedy matching. This means the greedy flag is no longer needed (b938258)
• The editor is now passed as an additional argument to listener options instead of through this. This does not apply to listeners added by the editor.on() method (0b8243f)

// Instead of this:
const options = {
  onUpdate(value) { console.log(this.container) }
}

// Do this:
const options = {
  onUpdate(value, editor) { console.log(editor.container) }
}

New features

• Added a new customCursor() extension. Check the custom cursor guide to see it in action (95f08c3) (328e6e7)
• Added a getDocumentPosition() utility to calculate the cursor's column, line, and selected character count (459f878)
• Bracket/tag pair pair highlighting can now be added to any container (2477f8f)
• The CSS variable --pce-cursor can now be used to configure the cursor's color. This variable also doesn't affect the cursor of the inputs inside the search widget (5fabaae)

Other changes

• editor.extensions.history.clear() is now called automatically after changing the editor's value (940d1ff)
• Made the focus border around the next/prev match buttons in the search widget red during an error (7f58e2a)
• Fixed interacting with the search widget scrolling the editor in Chrome due to scroll padding issues (34bc36f) (1bb72e9)
• Fixed Cursor.getPosition() returning the old position when called inside a selectionChange handler added before the cursorPosition() extension (4154f0b)
• Many opening punctuation tokens now use greedy matching. This means the two single quotes inside an attribute like value="''foo" won't be highlighted as punctuation (bf972ce)
• Plain-text merging in large JSX documents is now much faster (596f291) (e194d2c)
• CSS variables are now highlighted without css-extras (019d65a)
• Removed color token from stylus grammar (ab750e1)

v4.2.0

Compare Source

Changes

• Increased width of search widget in narrow editors (9e14dbb)
• Updated HTML and CSS autocompletion data (da9bb8e)
• Improved URL and markdown highlighting for some themes (1227a17)

New features

• Added startQuery() and insertCompletion() methods to the AutoComplete extension (#​49) (db22e78)
• Added 3 new utilities to prism-code-editor/prism/utils to modify tokens (1a91d26):
  • tokenizeString(): applies a tokenization function to all strings
  • tokenizeInvisibles(): uses tokenizeString() to highlight all spaces and tabs as tokens.
  • tokenizeDataUris(): uses tokenizeString() to highlight the body of data-uris like data:image/svg+xml,<svg></svg>.

stylelint/stylelint (stylelint)

v17.0.0

Compare Source

It contains 14 breaking changes, which we've detailed in the migrating to 17.0.0 guide. Additionally, it adds 3 options to the rules and fixes 9 bugs. We've also released compatible versions of our shared config, Visual Studio Code extension, Node.js Rule Tester and Jest preset.

• Removed: CommonJS Node.js API (#​8859) (@​jeddy3).
• Removed: output property in the Node.js API returned resolved object (#​8878) (@​jeddy3).
• Removed: support for Node.js less than 20.19.0 (#​8867) (@​jeddy3).
• Removed: GitHub formatter (#​8888) (@​jeddy3).
• Removed: resolveNestedSelectors option from selector-class-pattern (#​8931) (@​jeddy3).
• Removed: checkContextFunctionalPseudoClasses option from selector-max-id (#​8913) (@​jeddy3).
• Changed: default fix mode to strict (#​8889) (@​jeddy3).
• Changed: report to be consistent and predictable in how it handles the provided position arguments (#​8217) (@​romainmenke).
• Changed: selector-max-* syntax rules for standard CSS nesting and modern functional pseudo-classes (#​8913) (@​jeddy3).
• Changed: *-specificity semantic rules for standard CSS nesting (#​8913) (@​jeddy3).
• Changed: no-duplicate-selectors and selector-no-qualifying-type for standard CSS nesting (#​8913) (@​jeddy3).
• Changed: *-list rules to have consistent behaviour for vendor prefixes and case (#​8912) (@​jeddy3).
• Changed: *-no-vendor-prefix rules to have consistent behaviour for their ignore*: [] secondary options (#​8924) (@​jeddy3).
• Changed: declaration-property-max-values rule to have consistent behaviour for vendor prefixes (#​8926) (@​jeddy3).
• Added: except: ["after-block"] to custom-property-empty-line-before (#​8921) (@​kovsu).
• Added: except: ["after-block"] to declaration-empty-line-before (#​8910) (@​kovsu).
• Added: ignoreSelectors: [] to no-duplicate-selectors (#​8883) (@​kovsu).
• Fixed: Windows drive letter casing inconsistencies when matching patterns against file paths (#​8941) (@​adalinesimonian).
• Fixed: CLI help to include TypeScript config files (#​8908) (@​kovsu).
• Fixed: at-rule-descriptor-no-unknown false positives for declarations within feature-value-blocks (#​8868) (@​kovsu).
• Fixed: declaration-block-no-redundant-longhand-properties false negatives for short and long combinations (#​8892) (@​nathannewyen).
• Fixed: media-feature-name-no-unknown false positives for namespaced dollar variables and range context queries (#​8890) (@​kovsu).
• Fixed: nesting-selector-no-missing-scoping-root false positives for CSS-in-JS (#​8905) (@​kovsu).
• Fixed: no-invalid-position-declaration false negatives for embedded blocks (#​8907) (@​kovsu).
• Fixed: selector-no-qualifying-type false negatives for :is/where() (#​8940) (@​romainmenke).
• Fixed: selector-type-no-unknown false positives for MathML 4 tags (#​8874) (@​jeddy3).

v16.26.1

Compare Source

It fixes numerous false positive bugs, including many in the declaration-property-value-no-unknown rule for the latest CSS specifications.

• Fixed: *-no-unknown false positives for latest specs by integrating @csstools/css-syntax-patches-for-csstree (#​8850) (@​romainmenke).
• Fixed: at-rule-no-unknown false positives for @function (#​8851) (@​jeddy3).
• Fixed: declaration-property-value-no-unknown false positives for attr(), if() and custom functions (#​8853) (@​jeddy3).
• Fixed: function-url-quotes false positives when URLs require quoting (#​8804) (@​taearls).
• Fixed: selector-pseudo-element-no-unknown false positives for ::scroll-button() (#​8856) (@​Mouvedia).

v16.26.0

Compare Source

It adds 1 feature and fixes 2 bugs.

• Added: support for customSyntax with function export (#​8834) (@​silverwind).
• Fixed: custom-property-no-missing-var-function false positives for style query in if() function (#​8813) (@​sajdakabir).
• Fixed: media-feature-range-notation false positives for multiple queries and except: exact-value (#​8832) (@​jeddy3).

stylelint/stylelint-config-standard (stylelint-config-standard)

v40.0.0

Compare Source

• Removed: stylelint less than 17.0.0 from peer dependencies.
• Removed: support for Node.js less than 20.19.0.
• Changed: updated to stylelint-config-recommended@18.0.0.
• Changed: module type to ESM.

---

Configuration

📅 Schedule: Branch creation - "every 2 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm warn Unknown env config "store". This will stop working in the next major version of npm.
npm warn ERESOLVE overriding peer dependency
npm warn While resolving: stylelint-config-recommended@17.0.0
npm warn Found: stylelint@17.0.0
npm warn node_modules/stylelint
npm warn   dev stylelint@"17.0.0" from the root project
npm warn   1 more (stylelint-config-standard)
npm warn
npm warn Could not resolve dependency:
npm warn peer stylelint@"^16.23.0" from stylelint-config-recommended@17.0.0
npm warn node_modules/stylelint-config-recommended
npm warn
npm warn Conflicting peer dependency: stylelint@16.26.1
npm warn node_modules/stylelint
npm warn   peer stylelint@"^16.23.0" from stylelint-config-recommended@17.0.0
npm warn   node_modules/stylelint-config-recommended
npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: stylelint-plugin-logical-css@1.2.3
npm error Found: stylelint@17.0.0
npm error node_modules/stylelint
npm error   dev stylelint@"17.0.0" from the root project
npm error   peer stylelint@"^17.0.0" from stylelint-config-standard@40.0.0
npm error   node_modules/stylelint-config-standard
npm error     dev stylelint-config-standard@"40.0.0" from the root project
npm error
npm error Could not resolve dependency:
npm error peer stylelint@"^14.0.0 || ^15.0.0 || ^16.0.0" from stylelint-plugin-logical-css@1.2.3
npm error node_modules/stylelint-plugin-logical-css
npm error   dev stylelint-plugin-logical-css@"1.2.3" from the root project
npm error
npm error Conflicting peer dependency: stylelint@16.26.1
npm error node_modules/stylelint
npm error   peer stylelint@"^14.0.0 || ^15.0.0 || ^16.0.0" from stylelint-plugin-logical-css@1.2.3
npm error   node_modules/stylelint-plugin-logical-css
npm error     dev stylelint-plugin-logical-css@"1.2.3" from the root project
npm error
npm error Fix the upstream dependency conflict, or retry
npm error this command with --force or --legacy-peer-deps
npm error to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /runner/cache/others/npm/_logs/2026-02-22T04_29_57_927Z-eresolve-report.txt
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-02-22T04_29_57_927Z-debug-0.log