Skip to content

chore(deps): update all non-major dependencies#2267

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch
Open

chore(deps): update all non-major dependencies#2267
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch

Conversation

@renovate

@renovate renovate Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
@types/node (source) ^24.13.2^24.13.3 age confidence pnpm-workspace.overrides patch
@types/node (source) ^24.13.2^24.13.3 age confidence devDependencies patch
@unhead/vue (source) ^3.1.4^3.1.7 age confidence devDependencies patch 3.1.8
@vitest/coverage-v8 (source) ^4.1.8^4.1.10 age confidence devDependencies patch
MatteoGabriele/agentscan-action v2.0.0v2.0.1 age confidence action patch
actions/stale v10.3.0v10.4.0 age confidence action minor
better-sqlite3 ^12.10.1^12.11.1 age confidence dependencies minor
docus ^5.12.1^5.12.3 age confidence dependencies patch
dorny/paths-filter v4.0.1v4.0.2 age confidence action patch
eslint (source) 10.5.010.7.0 age confidence devDependencies minor
happy-dom ^20.10.3^20.10.6 age confidence devDependencies patch
knip (source) ^6.16.1^6.26.0 age confidence devDependencies minor
playwright-core (source) ^1.60.0^1.61.1 age confidence devDependencies minor
pnpm (source) 11.6.011.11.0 age confidence packageManager minor 11.12.0
pnpm/action-setup v6.0.8v6.0.9 age confidence action patch
semver ^7.8.4^7.8.5 age confidence devDependencies patch
std-env ^4.1.0^4.2.0 age confidence dependencies minor
tailwindcss (source) ^4.3.1^4.3.2 age confidence dependencies patch
vitest (source) ^4.1.8^4.1.10 age confidence devDependencies patch
vue (source) 3.5.383.5.39 age confidence pnpm-workspace.overrides patch
vue (source) 3.5.383.5.39 age confidence devDependencies patch
vue-tsc (source) ^3.3.5^3.3.7 age confidence devDependencies patch

Release Notes

unjs/unhead (@​unhead/vue)

v3.1.7

Compare Source

   🐞 Bug Fixes
   🏎 Performance
    View changes on GitHub

v3.1.6

Compare Source

   🏎 Performance
    View changes on GitHub

v3.1.5

Compare Source

   🐞 Bug Fixes
   🏎 Performance
    View changes on GitHub
vitest-dev/vitest (@​vitest/coverage-v8)

v4.1.10

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v4.1.9

Compare Source

🐞 Bug Fixes
  • Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in #​10546 (a5180)
  • browser:
    • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in #​10555 (7fb29)
    • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in #​10497 and #​10556 (fbc62)
  • mocker:
    • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in #​10548 (2c955)
  • pool:
    • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in #​10543 and #​10564 (934b0)
View changes on GitHub
MatteoGabriele/agentscan-action (MatteoGabriele/agentscan-action)

v2.0.1

Compare Source

v2.0.1

  • fix: scan the PR/issue author instead of the triggering actor
    The action now resolves the username from payload.pull_request.user.login / payload.issue.user.login first, falling back to context.actor only if neither is present. (#​31)

Full Changelog: MatteoGabriele/agentscan-action@v2.0.0...v2.0.1

actions/stale (actions/stale)

v10.4.0

Compare Source

What's Changed

Bug Fix
Dependency Updates
  • Bump undici to 6.27.0 via override, clean up stale license files, and version to 10.4.0. by @​dependabot in #​1342

New Contributors

Full Changelog: actions/stale@v10.3.0...v10.4.0

WiseLibs/better-sqlite3 (better-sqlite3)

v12.11.1

Compare Source

What's Changed

Full Changelog: WiseLibs/better-sqlite3@v12.11.0...v12.11.1

nuxt-content/docus (docus)

v5.12.3

Compare Source

Bug Fixes

v5.12.2

Compare Source

Features
  • assistant: refine tool display and streaming behavior (#​1390) (a2ac34c)
Bug Fixes
  • layer: scope UI variant defaults to docus components (#​1395) (82abeca)
dorny/paths-filter (dorny/paths-filter)

v4.0.2

Compare Source

eslint/eslint (eslint)

v10.7.0

Compare Source

Features

  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#​21032) (sethamus)
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#​21063) (fnx)
  • 557fde8 feat: support computed Number.parseInt member access in radix rule (#​21041) (Pixel)
  • 0b4a73b feat: add suggestions to no-compare-neg-zero (#​21034) (den$)
  • 96cdd42 feat: report invalid signed numeric radix values in radix rule (#​21030) (Pixel)

Bug Fixes

  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#​21069) (Pixel)
  • 0d7d70c fix: insert cause outside wrapping parens in preserve-caught-error (#​21062) (Mahin Anowar)
  • 75ec753 fix: handle static template literals in eqeqeq rule (#​21058) (Pixel)
  • b717a22 fix: prevent eqeqeq null option from reporting non-equality operators (#​21057) (Pixel)
  • e35b05f fix: avoid no-invalid-regexp false positive for shadowed RegExp (#​21051) (Pixel)
  • a3172b6 fix: avoid no-control-regex false positive for shadowed RegExp (#​21050) (Pixel)
  • d1f637e fix: parenthesize sequence expression operands in no-implicit-coercion (#​21045) (spokodev)
  • 8859baf fix: avoid prefer-numeric-literals false positive for shadowed globals (#​21047) (한국)
  • a9e5961 fix: use-isnan false positive on shadowed NaN/Number (#​20958) (sethamus)
  • 8a240a7 fix: avoid false positives in radix rule for spread arguments (#​21044) (Pixel)

Documentation

  • c30d808 docs: Update README (GitHub Actions Bot)
  • 5139800 docs: document ESLint migration codemods in v9 and v10 guides (#​20980) (Alex Bit)
  • 04174cb docs: Update README (GitHub Actions Bot)
  • 026e130 docs: update semver policy for bug fixes (#​21048) (Milos Djermanovic)
  • 9d42fef docs: Update README (GitHub Actions Bot)
  • b230159 docs: Update README (GitHub Actions Bot)
  • 0129972 docs: correct **/.js glob to **/*.js in config files guide (#​21036) (EduardF1)

Chores

v10.6.0

Compare Source

Features

  • b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#​20981) (Taejin Kim)
  • f291007 feat: add checkRelationalComparisons to no-constant-binary-expression (#​20948) (sethamus)

Bug Fixes

  • 6b05784 fix: prefer-exponentiation-operator invalid autofix at statement start (#​20997) (Milos Djermanovic)
  • bb9eb2a fix: account for shadowed Boolean in no-extra-boolean-cast (#​21013) (den$)
  • 8fd8741 fix: don't report shadowed undefined in radix rule (#​21011) (Pixel)
  • 5784980 fix: don't report shadowed undefined in no-throw-literal (#​21010) (Pixel)
  • 9cd1e6d fix: suppress invalid class suggestion in no-promise-executor-return (#​21008) (Pixel)
  • d4eb2dc fix: don't report shadowed undefined in prefer-promise-reject-errors (#​21006) (Pixel)
  • 2360464 fix: prefer-promise-reject-errors false positives for shadowed Promise (#​21003) (den$)
  • 63d52d2 fix: restore max-classes-per-file report range (#​21002) (Pixel)
  • 7feaff0 fix: callback detection logic for IIFEs in max-nested-callbacks (#​20979) (fnx)
  • 399a2ec fix: don't report inner non-callbacks in max-nested-callbacks (#​20995) (Milos Djermanovic)

Documentation

  • a83683d docs: Update README (GitHub Actions Bot)
  • f5449f9 docs: document userland patterns for global assertionOptions in RuleT… (#​20986) (playgirl)
  • bea49f7 docs: Update README (GitHub Actions Bot)
  • e5f70f9 docs: update code-path diagrams (#​20984) (Tanuj Kanti)
  • 8890c2d docs: add TypeScript config guidance for MCP server (#​20796) (Pierluigi Lenoci)
  • 3eb3d9b docs: Update README (GitHub Actions Bot)
  • c5bb59c docs: Update README (GitHub Actions Bot)
  • eb3c97c docs: fix grammar in prefer-const rule description (#​20983) (lumir)

Chores

capricorn86/happy-dom (happy-dom)

v20.10.6

Compare Source

👷‍♂️ Patch fixes

v20.10.5

Compare Source

👷‍♂️ Patch fixes
  • Adds cache to query selector parser - By @​capricorn86 in task #​2142
    • The selector parser degraded in performance in v20.6.3 to solve more complex selectors
    • Parsing is still a bit slower, but the cache will hopefully mitigate most of the problem

v20.10.4

Compare Source

👷‍♂️ Patch fixes
  • Coerce null qualifiedName to empty string in createDocument - By @​Firer in task #​2206
webpro-nl/knip (knip)

v6.26.0: Release 6.26.0

Compare Source

  • ci: add path filters (#​1871) (4249935) - thanks @​trueberryless!
  • Add CodeRabbit as gold sponsor (1da09fd)
  • Fix up docs a bit more (39125a7)
  • Don't report ambient declaration files as unused (aed361c)
  • Register oclif command files as entries (3b4d58c)
  • Add electron-vite plugin (d92107e)
  • Add esbuild plugin (ef3b601)
  • Ignore more globally available binaries (8292981)
  • Resolve #-imports to source when node condition is unbuilt (resolve #​1873) (f2713ed)
  • Ignore gh as a globally available binary (a6f0772)
  • Resolve Vitest benchmark files as entries (5742913)
  • Extract shared Vue auto-import machinery into plugins/_vue (7301075)
  • Scope compiler extensions per workspace (5e6f82b)
  • Resolve auto-imported components in the Vue SFC compiler (009aad8)
  • Add plugins for the Vue auto-import ecosystem (f638c83)
  • Enable Vue SFC compiler on unplugin-vue and @​vitejs/plugin-vue (9396ab1)
  • Recognize vite-plugin-vue-meta-layouts (same layouts convention) (3ceee89)
  • Add vite-plugin-pages and unplugin-icons plugins (9bc1754)
  • Add vite-plugin-pwa and @​intlify/unplugin-vue-i18n plugins (45dea0a)
  • Dog, food. (e1249ad)
  • Update query snapshot (a45941d)
  • Don't misread Nitro route types as Vue component auto-imports (43aecd5)
  • Read oxlint jsPlugins from vite-plus vite.config and .oxlintrc.json (589ffda)
  • Add vite-plus plugin for run.tasks and staged scripts (f041c19)
  • Support @​vite-pwa/nuxt PWA config in nuxt.config (8fa7b11)
  • Add @​vite-pwa/assets-generator plugin (4254f7d)
  • Add @​nuxtjs/i18n plugin (dfb9acb)
  • Read plugin entries from vite.config options and index.html (d533da8)
  • Fix false positives in VitePress, next-mdx and unplugin-vue-i18n plugins (b99702a)
  • Respect optional peers in pnpm and Yarn packageExtensions (aab080b)
  • Detect babel plugins in the Storybook config (5dea975)
  • Add shared AST helpers for imported calls and first property values (c84bb7a)
  • Inline trivial resolveFromAST wrappers and normalize orval and sst (620079d)
  • Extract inline resolveFromAST implementations to dedicated files (b5231c1)
  • Normalize resolveFromAST files to a uniform contract (fc1ba0f)
  • chore: migrate to Astro 7 and Sätteri (#​1875) (f256a5b) - thanks @​trueberryless!
  • Show contributor count on docs homepage (6b8454a)
  • Exclude gitignored package entry points (606e5d0)
  • Add Tauri plugin (199180d)
  • Add Laravel plugin (1974533)
  • Add Quasar plugin (a220729)

v6.25.0: Release 6.25.0

Compare Source

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "on Monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from danielroe as a code owner June 22, 2026 04:00
@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @emnapi/runtime is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@nuxt/eslint-config@1.16.0npm/docus@5.12.3npm/@unhead/vue@3.1.7npm/knip@6.26.0npm/ipx@3.1.1npm/@emnapi/runtime@1.11.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@emnapi/runtime@1.11.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm better-sqlite3 is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: docs/package.jsonnpm/better-sqlite3@12.11.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/better-sqlite3@12.11.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm happy-dom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package.jsonnpm/happy-dom@20.10.6

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/happy-dom@20.10.6. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jun 22, 2026

Copy link
Copy Markdown

Deploying nuxt-image with  Cloudflare Pages  Cloudflare Pages

Latest commit: 3e95ac8
Status: ✅  Deploy successful!
Preview URL: https://9c341c2b.nuxt-image.pages.dev
Branch Preview URL: https://renovate-all-minor-patch.nuxt-image.pages.dev

View logs

@pkg-pr-new

pkg-pr-new Bot commented Jun 22, 2026

Copy link
Copy Markdown

Open in StackBlitz

npm i https://pkg.pr.new/@nuxt/image@2267

commit: 3e95ac8

@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 6f901e9 to e2f1b2e Compare June 23, 2026 16:42
@codecov-commenter

codecov-commenter commented Jun 23, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 32.61%. Comparing base (0c5e8db) to head (8c9284b).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #2267   +/-   ##
=======================================
  Coverage   32.61%   32.61%           
=======================================
  Files           7        7           
  Lines         371      371           
  Branches      131      131           
=======================================
  Hits          121      121           
  Misses        194      194           
  Partials       56       56           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 14 times, most recently from a3905d3 to bd2aeb0 Compare June 30, 2026 20:16
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 9 times, most recently from 51e1ca1 to 6b4af66 Compare July 9, 2026 00:08
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 215271a to 7b50f05 Compare July 11, 2026 11:54
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 7b50f05 to 3e95ac8 Compare July 12, 2026 00:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant