fix(deps): update all dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@aptre/common	^0.21.2 -> ^0.22.0					devDependencies	minor
@aptre/protobuf-es-lite	^0.4.1 -> ^0.5.0					resolutions	minor
@aptre/protobuf-es-lite	^0.4.1 -> ^0.5.0					dependencies	minor
@types/react (source)	19.1.2 -> 19.1.13					devDependencies	patch
@types/react-dom (source)	19.1.2 -> 19.1.9					devDependencies	patch
@vitejs/plugin-react (source)	^4.4.0 -> ^5.0.0					devDependencies	major
actions/checkout	v4.2.2 -> v5.0.0					action	major
actions/dependency-review-action	v4.5.0 -> v4.7.3					action	minor
actions/setup-go	v5.2.0 -> v6.0.0					action	major
actions/setup-node	v4.1.0 -> v5.0.0					action	major
github.com/aperturerobotics/common	v0.22.7 -> v0.22.12					require	patch
github.com/aperturerobotics/protobuf-go-lite	v0.9.1 -> v0.11.0					require	minor
github.com/aperturerobotics/starpc	v0.39.6 -> v0.39.8					require	patch
github/codeql-action	v3.28.0 -> v3.30.3					action	minor
globals	16.0.0 -> 16.4.0					devDependencies	minor
go (source)	1.24.2 -> 1.25.1					toolchain	minor
prettier (source)	3.5.3 -> 3.6.2					devDependencies	minor
react (source)	19.1.0 -> 19.1.1					dependencies	patch
react-dom (source)	19.1.0 -> 19.1.1					dependencies	patch
starpc	^0.38.1 -> ^0.39.0					dependencies	minor
typescript (source)	5.8.3 -> 5.9.2					devDependencies	minor

---

Release Notes

aperturerobotics/common (@​aptre/common)

v0.22.12

Compare Source

v0.22.11

Compare Source

v0.22.10

Compare Source

v0.22.9

Compare Source

v0.22.8

Compare Source

v0.22.7

Compare Source

v0.22.6

Compare Source

v0.22.5

Compare Source

v0.22.4

Compare Source

v0.22.3

Compare Source

v0.22.2

Compare Source

v0.22.1

Compare Source

v0.22.0

Compare Source

aperturerobotics/protobuf-es-lite (@​aptre/protobuf-es-lite)

v0.5.2

Compare Source

v0.5.1

Compare Source

v0.5.0

Compare Source

v0.4.9

Compare Source

vitejs/vite-plugin-react (@​vitejs/plugin-react)

v5.0.2

Compare Source

Skip transform hook completely in rolldown-vite in dev if possible (#​783)

v5.0.1

Compare Source

Set optimizeDeps.rollupOptions.transform.jsx instead of optimizeDeps.rollupOptions.jsx for rolldown-vite (#​735)

optimizeDeps.rollupOptions.jsx is going to be deprecated in favor of optimizeDeps.rollupOptions.transform.jsx.

Perf: skip babel-plugin-react-compiler if code has no "use memo" when { compilationMode: "annotation" } (#​734)

Respect tsconfig jsxImportSource (#​726)

Fix reactRefreshHost option on rolldown-vite (#​716)

Fix RefreshRuntime being injected twice for class components on rolldown-vite (#​708)

Skip babel-plugin-react-compiler on non client environment (689)

v5.0.0

Compare Source

v4.7.0

Compare Source

Add HMR support for compound components (#​518)

HMR now works for compound components like this:

const Root = () => <div>Accordion Root</div>
const Item = () => <div>Accordion Item</div>

export const Accordion = { Root, Item }

Return Plugin[] instead of PluginOption[] (#​537)

The return type has changed from react(): PluginOption[] to more specialized type react(): Plugin[]. This allows for type-safe manipulation of plugins, for example:

// previously this causes type errors
react({ babel: { plugins: ['babel-plugin-react-compiler'] } })
  .map(p => ({ ...p, applyToEnvironment: e => e.name === 'client' }))

v4.6.0

Compare Source

Add raw Rolldown support

This plugin only worked with Vite. But now it can also be used with raw Rolldown. The main purpose for using this plugin with Rolldown is to use react compiler.

v4.5.2

Compare Source

Suggest @vitejs/plugin-react-oxc if rolldown-vite is detected #​491

Emit a log which recommends @vitejs/plugin-react-oxc when rolldown-vite is detected to improve performance and use Oxc under the hood. The warning can be disabled by setting disableOxcRecommendation: false in the plugin options.

Use optimizeDeps.rollupOptions instead of optimizeDeps.esbuildOptions for rolldown-vite #​489

This suppresses the warning about optimizeDeps.esbuildOptions being deprecated in rolldown-vite.

Add Vite 7-beta to peerDependencies range #​497

React plugins are compatible with Vite 7, this removes the warning when testing the beta.

v4.5.1

Compare Source

Add explicit semicolon in preambleCode #​485

This fixes an edge case when using HTML minifiers that strips line breaks aggressively.

v4.5.0

Compare Source

Add filter for rolldown-vite #​470

Added filter so that it is more performant when running this plugin with rolldown-powered version of Vite.

Skip HMR for JSX files with hooks #​480

This removes the HMR warning for hooks with JSX.

v4.4.1

Compare Source

Fix type issue when using moduleResolution: "node" in tsconfig #​462

actions/checkout (actions/checkout)

v5.0.0

Compare Source

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in https://github.com/actions/checkout/pull/2226
• Prepare v5.0.0 release by @​salmanmkc in https://github.com/actions/checkout/pull/2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

Compare Source

What's Changed

• docs: update README.md by @​motss in https://github.com/actions/checkout/pull/1971
• Add internal repos for checking out multiple repositories by @​mouismail in https://github.com/actions/checkout/pull/1977
• Documentation update - add recommended permissions to Readme by @​benwells in https://github.com/actions/checkout/pull/2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in https://github.com/actions/checkout/pull/2044
• Update README.md by @​nebuk89 in https://github.com/actions/checkout/pull/2194
• Update CODEOWNERS for actions by @​TingluoHuang in https://github.com/actions/checkout/pull/2224
• Update package dependencies by @​salmanmkc in https://github.com/actions/checkout/pull/2236
• Prepare release v4.3.0 by @​salmanmkc in https://github.com/actions/checkout/pull/2237

New Contributors

• @​motss made their first contribution in https://github.com/actions/checkout/pull/1971
• @​mouismail made their first contribution in https://github.com/actions/checkout/pull/1977
• @​benwells made their first contribution in https://github.com/actions/checkout/pull/2043
• @​nebuk89 made their first contribution in https://github.com/actions/checkout/pull/2194
• @​salmanmkc made their first contribution in https://github.com/actions/checkout/pull/2236

Full Changelog: actions/checkout@v4...v4.3.0

actions/dependency-review-action (actions/dependency-review-action)

v4.7.3: 4.7.3

Compare Source

What's Changed

• Add explicit permissions to workflow files by @​AshelyTC in #​966
• Claire153/fix spamming mentioned issue by @​claire153 in #​974

Full Changelog: actions/dependency-review-action@v4...v4.7.3

v4.7.2: 4.7.2

Compare Source

What's Changed

• Add Missing Languages to CodeQL Advanced Configuration by @​KyFaSt in #​945
• Deprecate deny lists by @​claire153 in #​958
• Address discrepancy between docs and reality by @​ahpook in #​960

New Contributors

• @​KyFaSt made their first contribution in #​945
• @​claire153 made their first contribution in #​958
• @​ahpook made their first contribution in #​960

Full Changelog: actions/dependency-review-action@v4...v4.7.2

v4.7.1

Compare Source

• Packages added to allow-dependencies-licenses will be allowed even if the package in question has no license information #​889
• License expressions (e.g. Ruby OR GPL-2.0) in the allow list are automatically discarded so that they don't invalidate the whole allow list, which should just be license identifier (e.g. Ruby)

v4.7.0

Compare Source

• Handle complex license expressions (e.g. MIT AND GPL-2.0) in allow lists (fixes #​809 and probably others)
• Replace OTHER in package licenses with LicenseRef-clearlydefined-OTHER so that parsing passes

v4.6.0

Compare Source

What's Changed

• Updating multiple dependency versions by @​Ahmed3lmallah in #​870
• Grouping minor and patch dependabot updates to lessen the number of PRs by @​Ahmed3lmallah in #​876
• Bump actions/stale from 9.0.0 to 9.1.0 by @​dependabot in #​878
• Bump undici from 5.28.4 to 5.28.5 by @​dependabot in #​877
• DR Action should link to the proxima stamp when appropriate in error messages by @​AshelyTC in #​891
• Allow deny package removal by @​ellenfieldn in #​888
• Fix typos by @​omahs in #​893
• Bump esbuild from 0.19.5 to 0.25.0 by @​dependabot in #​900
• Bump octokit and related dependencies by @​RomanIakovlev in #​904
• Bump @​babel/helpers from 7.23.2 to 7.26.10 by @​dependabot in #​905
• Bump @​octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 by @​dependabot in #​899
• Update transitive dependency spdx-license-ids by @​ailox in #​855
• To not print OpenSSF Scorecard section if no dependencies scanned by @​fabasoad in #​884
• Improve usage of this action in dependency-review.yml by @​fabasoad in #​883
• Clarify comment-summary-in-pr behaviour by @​Pantelis-Santorinios in #​902
• Prepare 4.6.0 Release candidate by @​brrygrdn in #​910

New Contributors

• @​AshelyTC made their first contribution in #​891
• @​ellenfieldn made their first contribution in #​888
• @​omahs made their first contribution in #​893
• @​RomanIakovlev made their first contribution in #​904
• @​ailox made their first contribution in #​855
• @​fabasoad made their first contribution in #​884
• @​Pantelis-Santorinios made their first contribution in #​902
• @​brrygrdn made their first contribution in #​910

Full Changelog: actions/dependency-review-action@v4.5.0...v4.6.0

actions/setup-go (actions/setup-go)

v6.0.0

Compare Source

What's Changed

Breaking Changes

• Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @​matthewhughes934 in #​460
• Upgrade Nodejs runtime from node20 to node 24 by @​salmanmkc in #​624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot[bot] in #​589
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in #​591
• Upgrade @​typescript-eslint/parser from 8.31.1 to 8.35.1 by @​dependabot[bot] in #​590
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in #​594
• Upgrade typescript from 5.4.2 to 5.8.3 by @​dependabot[bot] in #​538
• Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @​dependabot[bot] in #​603
• Upgrade form-data to bring in fix for critical vulnerability by @​matthewhughes934 in #​618
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in #​631

New Contributors

• @​matthewhughes934 made their first contribution in #​618
• @​salmanmkc made their first contribution in #​624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

Compare Source

What's Changed

Bug fixes:

• Update self-hosted environment validation by @​priyagupta108 in #​556
• Add manifest validation and improve error handling by @​priyagupta108 in #​586
• Update template link by @​jsoref in #​527

Dependency updates:

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in #​574
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in #​573
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in #​582
• Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @​dependabot in #​537

New Contributors

• @​jsoref made their first contribution in #​527

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

Compare Source

What's Changed

Dependency updates :

• Upgrade semver from 7.6.0 to 7.6.3 by @​dependabot in #​535
• Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by @​dependabot in #​536
• Upgrade @​action/cache from 4.0.0 to 4.0.2 by @​aparnajyothi-y in #​568
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in #​541

New Contributors

• @​aparnajyothi-y made their first contribution in #​568

Full Changelog: actions/setup-go@v5...v5.4.0

v5.3.0

Compare Source

What's Changed

• Use the new cache service: upgrade @actions/cache to ^4.0.0 by @​Link- in #​531
• Configure Dependabot settings by @​HarithaVattikuti in #​530
• Document update - permission section by @​HarithaVattikuti in #​533
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in #​534

New Contributors

• @​Link- made their first contribution in #​531

Full Changelog: actions/setup-go@v5...v5.3.0

actions/setup-node (actions/setup-node)

v5.0.0

Compare Source

What's Changed

Breaking Changes

• Enhance caching in setup-node with automatic package manager detection by @​priya-kinthali in #​1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless.
To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

• Upgrade action to use node24 by @​salmanmkc in #​1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​octokit/request-error and @​actions/github by @​dependabot[bot] in #​1227
• Upgrade uuid from 9.0.1 to 11.1.0 by @​dependabot[bot] in #​1273
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in #​1295
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in #​1332
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in #​1345

New Contributors

• @​priya-kinthali made their first contribution in #​1348
• @​salmanmkc made their first contribution in #​1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

Compare Source

What's Changed

Bug fixes:

• Make eslint-compact matcher compatible with Stylelint by @​FloEdelmann in #​98
• Add support for indented eslint output by @​fregante in #​1245

Enhancement:

• Support private mirrors by @​marco-ippolito in #​1240

Dependency update:

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in #​1262

New Contributors

• @​FloEdelmann made their first contribution in #​98
• @​fregante made their first contribution in #​1245
• @​marco-ippolito made their first contribution in #​1240

Full Changelog: actions/setup-node@v4...v4.4.0

v4.3.0

Compare Source

What's Changed

Dependency updates

• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in #​1200
• Upgrade @​action/cache from 4.0.0 to 4.0.2 by @​gowridurgad in #​1251
• Upgrade @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in #​1203
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot in #​1220

New Contributors

• @​gowridurgad made their first contribution in #​1251

Full Changelog: actions/setup-node@v4...v4.3.0

v4.2.0

Compare Source

What's Changed

• Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by @​aparnajyothi-y in #​1174
• Add recommended permissions section to readme by @​benwells in #​1193
• Configure Dependabot settings by @​HarithaVattikuti in #​1192
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in #​1191
• Upgrade pnpm/action-setup from 2 to 4 by @​dependabot in #​1194
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in #​1195
• Upgrade semver from 7.6.0 to 7.6.3 by @​dependabot in #​1196
• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot in #​1201
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in #​1205

New Contributors

• @​benwells made their first contribution in #​1193

Full Changelog: actions/setup-node@v4...v4.2.0

aperturerobotics/protobuf-go-lite (github.com/aperturerobotics/protobuf-go-lite)

v0.11.0

Compare Source

v0.10.1

Compare Source

v0.10.0

Compare Source

aperturerobotics/starpc (github.com/aperturerobotics/starpc)

v0.39.8

Compare Source

v0.39.7

Compare Source

github/codeql-action (github/codeql-action)

v3.30.3

[Compare Source](htt

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 2 additional dependencies were updated

Details:

Package	Change
github.com/aperturerobotics/util	v1.31.0 -> v1.31.3
github.com/libp2p/go-libp2p	v0.42.0 -> v0.43.0