fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update	Pending
@changesets/cli (source)	^2.29.4 -> ^2.29.7			devDependencies	patch
@mheob/commitlint-config (source)	^1.2.2 -> ^1.2.5			devDependencies	patch
@mheob/eslint-config (source)	^8.8.3 -> ^8.14.5			devDependencies	minor
@mheob/prettier-config (source)	^3.3.3 -> ^3.4.0			devDependencies	minor
@types/node (source)	^22.15.23 -> ^22.19.1			devDependencies	minor
@vitest/coverage-v8 (source)	^3.1.4 -> ^3.2.4			devDependencies	minor
codecov/codecov-action	v5.4.3 -> v5.5.1			action	minor
cz-git (source)	^1.11.1 -> ^1.12.0			devDependencies	minor
dotenv	^16.5.0 -> ^16.6.1			dependencies	minor
eslint (source)	^9.27.0 -> ^9.39.1			devDependencies	minor
lint-staged	^16.1.0 -> ^16.2.7			devDependencies	minor
node (source)	22.16.0 -> 22.21.1				minor
node (source)	^22.16.0 -> ^22.21.1			engines	minor
pnpm (source)	10.11.0 -> 10.23.0			packageManager	minor
prettier (source)	^3.5.3 -> ^3.6.2			devDependencies	minor
tsdown (source)	^0.12.4 -> ^0.16.6			devDependencies	minor	0.16.7
tsx (source)	^4.19.4 -> ^4.20.6			devDependencies	minor
typescript (source)	^5.8.3 -> ^5.9.3			devDependencies	minor
vitest (source)	^3.1.4 -> ^3.2.4			devDependencies	minor

---

Release Notes

changesets/changesets (@​changesets/cli)

v2.29.7

Compare Source

Patch Changes

• Updated dependencies [957f24e]:
  • @​changesets/apply-release-plan@​7.0.13

v2.29.6

Compare Source

Patch Changes

• #​1712 a3563b0 Thanks @​benmccann! - Switch to maintained fork of external-editor

v2.29.5

Compare Source

Patch Changes

• #​1693 6352819 Thanks @​Andarist! - Fixed an issue with workspace:^ and workspace:~ dependency ranges not being semantically treated as, respectively, ^CURRENT_VERSION and ~CURRENT_VERSION. This led to dependent packages being, at times, bumped too often when their dependencies with those ranges were bumped.

• Updated dependencies [6352819]:

  • @​changesets/assemble-release-plan@​6.0.9
  • @​changesets/get-release-plan@​4.0.13

mheob/config (@​mheob/commitlint-config)

v1.2.5

Compare Source

Patch Changes

• #​313 (@​mheob): fix issues after upgrade

v1.2.4

Compare Source

Patch Changes

• #​287 (@​renovate): update all non-major deoendencies

v1.2.3

Compare Source

Patch Changes

• #​280 (@​mheob): update all non-major dependencies

vitest-dev/vitest (@​vitest/coverage-v8)

v3.2.4

Compare Source

   🐞 Bug Fixes

• Use correct path for optimisation of strip-literal  -  by @​mrginglymus in #​8139 (44940)
• Print uint and buffer as a simple string  -  by @​sheremet-va in #​8141 (b86bf)
• browser:
  • Show a helpful error when spying on an export  -  by @​sheremet-va in #​8178 (56007)
• cli:
  • vitest run --watch should be watch-mode  -  by @​AriPerkkio in #​8128 (657e8)
  • Use absolute path environment on Windows  -  by @​colinaaa in #​8105 (85dc0)
  • Throw error when --shard x/<count> exceeds count of test files  -  by @​AriPerkkio in #​8112 (8a18c)
• coverage:
  • Ignore SCSS in browser mode  -  by @​sheremet-va in #​8161 (0c3be)
• deps:
  • Update all non-major dependencies  -  in #​8123 (93f32)
• expect:
  • Handle async errors in expect.soft  -  by @​lzl0304 in #​8145 (68699)
• pool:
  • Auto-adjust minWorkers when only maxWorkers specified  -  by @​AriPerkkio in #​8110 (14dc0)
• reporter:
  • task.meta should be available in custom reporter's errors  -  by @​AriPerkkio in #​8115 (27df6)
• runner:
  • Preserve handler wrapping on extend  -  by @​pengooseDev in #​8153 (a9281)
• ui:
  • Ensure ui config option works correctly  -  by @​lzl0304 in #​8147 (42eeb)

    View changes on GitHub

v3.2.3

Compare Source

   🚀 Features

• browser: Use base url instead of vitest  -  by @​sheremet-va in #​8126 (1d8eb)
• ui: Show test annotations and metadata in the test report tab  -  by @​sheremet-va in #​8093 (c69be)

   🐞 Bug Fixes

• Rerun tests when project's setup file is changed  -  by @​sheremet-va in #​8097 (0f335)
• Revert expect.any return type  -  by @​sheremet-va in #​8129 (47514)
• Run only the name plugin last, not all config plugins  -  by @​sheremet-va in #​8130 (83862)
• pool:
  • Throw if user's tests use process.send()  -  by @​AriPerkkio in #​8125 (dfe81)
• runner:
  • Fast sequential task updates missing  -  by @​AriPerkkio in #​8121 (7bd11)
  • Comments between fixture destructures  -  by @​AriPerkkio in #​8127 (dc469)
• vite-node:
  • Unable to handle errors where sourcemap mapping empty  -  by @​blake-newman and @​hi-ogawa in #​8071 (8aa25)

    View changes on GitHub

v3.2.2

Compare Source

   🚀 Features

• Support rolldown-vite  -  by @​sheremet-va and @​hi-ogawa in #​7509 (c8d62)

   🐞 Bug Fixes

• browser:
  • Calculate prepare time from createTesters call on the main thread  -  by @​sheremet-va in #​8101 (142c7)
  • Optimize build output and always prebundle vitest  -  by @​sheremet-va (00a39)
  • Make custom locators available in vitest-browser-* packages  -  by @​sheremet-va in #​8103 (247ef)
• expect:
  • Ensure we can always self toEqual  -  by @​dubzzz in #​8094 (02ec8)
• reporter:
  • Allow dot reporter to work in non interactive terminals  -  by @​bstephen1 and @​AriPerkkio in #​7994 (6db9f)

    View changes on GitHub

v3.2.1

Compare Source

   🐞 Bug Fixes

• Use sha1 instead of md5 for hashing  -  by @​sheremet-va (e4c73)
• expect:
  • Fix chai import in dts  -  by @​hi-ogawa in #​8077 (a7593)
  • Export DeeplyAllowMatchers  -  by @​sheremet-va in #​8078 (30ab4)

    View changes on GitHub

v3.2.0

Compare Source

   🚀 Features

• Provide ctx.signal  -  by @​sheremet-va in #​7878 (e761f)
• Support custom colors for test.name  -  by @​AriPerkkio in #​7809 (4af5d)
• Add vi.mockObject to automock any object  -  by @​hi-ogawa and @​sheremet-va in #​7761 (465bd)
• Introduce watchTriggerPatterns option  -  by @​sheremet-va in #​7778 (a0675)
• Deprecate workspace in favor of projects  -  by @​sheremet-va and @​AriPerkkio in #​7923 (41beb)
• Explicit Resource Management support in mocked functions  -  by @​EskiMojo14 in #​7927 (b67d3)
• Add sequence.groupOrder option  -  by @​sheremet-va in #​7852 (d1a1d)
• Initial support for Temporal equality  -  by @​dirkluijk in #​8007 (52bd7)
• Support Vite 7  -  by @​sheremet-va in #​8003 (1716b)
• Track module execution totalTime and selfTime  -  by @​abrenneke in #​8027 (95961)
• Annotation API  -  by @​sheremet-va in #​7953 (b03f2)
• browser:
  • Implement connect option for playwright browser provider  -  by @​egfx-notifications and @​sheremet-va in #​7915 (029c0)
  • Add screenshot.save option  -  by @​sheremet-va in #​7777 (d9f51)
  • Custom locators API  -  by @​sheremet-va in #​7993 (e6fbd)
• coverage:
  • V8 experimental AST-aware remapping  -  by @​AriPerkkio in #​7736 (78a3d)
• reporter:
  • Add onWritePath option to github-actions  -  by @​nwalters512 and @​AriPerkkio in #​8015 (abd3b)
• vitest:
  • Allow per-file and per-worker fixtures  -  by @​sheremet-va and @​AriPerkkio in #​7704 (9cbfc)

   🐞 Bug Fixes

• Replace micromatch with picomatch  -  by @​sapphi-red in #​7951 (df076)
• Try to catch unhandled error outside of a test  -  by @​sheremet-va in #​7968 (46421)
• Generate a separate config for "vitest init browser" instead of a workspace file  -  by @​sheremet-va in #​7934 (e84e2)
• Switch ExpectStatic any types to AsymmetricMatcher<unknown>, with DeeplyAllowMatchers<T>  -  by @​JoshuaKGoldberg in #​7016 (8ec44)
• Remove unused exports  -  by @​sheremet-va in #​7618 (33d05)
• Throw an error if typechecker failed to spawn  -  by @​sheremet-va in #​7990 (0e960)
• Ignore non-string stack properties  -  by @​sheremet-va in #​7995 (330f9)
• Apply browser CLI options only if the project has the browser set in the config already  -  by @​sheremet-va in #​7984 (70358)
• Ensure errors keep their message and stack after toJSON serialisation  -  by @​sheremet-va in #​8053 (3bdf0)
• browser:
  • Resolve FS commands relative to the project root  -  by @​sheremet-va in #​7896 (69ac9)
  • Run tests serially if provider doesn't provide a mocker  -  by @​sheremet-va in #​8032 (227a9)
  • Resolve upload files relative to the project root  -  by @​sheremet-va in #​8042 (b9a31)
  • Await mocker invalidation to avoid race condition with "mock wasn't registered"  -  by @​sheremet-va in #​8021 (b34ff)
  • Share vite cache with the project cache  -  by @​sheremet-va in #​8049 (0cbad)
  • Add this type to locators.extend  -  by @​sheremet-va in #​8069 (70fb0)
• cache:
  • Preserve test results from previous runs  -  by @​macko911 in #​8043 (d6ef0)
• cli:
  • Add built-in reporters list to --help output  -  by @​pengooseDev in #​7955 (ef6ef)
  • Parse --silent values properly  -  by @​AriPerkkio in #​8055 (8fad7)
• coverage:
  • Istanbul provider to not use Vite preserved query params  -  by @​AriPerkkio in #​7939 (a05d4)
  • Browser + v8 in source tests missing  -  by @​AriPerkkio in #​7946 (51cd8)
  • In-source test cases excluded  -  by @​AriPerkkio in #​7985 (407c0)
• dev:
  • Fix relay of custom equality testers  -  by @​StefanLiebscher in #​6140 (6dc1d)
• expect:
  • Unbundle @types/chai  -  by @​hi-ogawa in #​7937 (525f5)
  • Support type-safe declaration of custom matchers  -  by @​kettanaito and @​sheremet-va in #​7656 (e996b)
• reporters:
  • Check the test result again when tests are rerunning  -  by @​sheremet-va in #​8063 (35e31)
• spy:
  • Copy over static properties from the function  -  by @​sheremet-va in #​7780 (9b9f0)
• typecheck:
  • Don't panic during vitest list command  -  by @​sheremet-va in #​7933 (ba6da)
  • Avoid creating a temporary tsconfig file when typechecking  -  by @​sheremet-va in #​7967 (34f43)
• vite-node:
  • Add __vite_ssr_exportName__  -  by @​hi-ogawa in #​7925 (76091)
• vitest:
  • Adjust getWorkerMemoryLimit priority for vmForks  -  by @​pengooseDev in #​7960 (5a91e)
• wdio:
  • Don't scale browser in headless mode  -  by @​sheremet-va in #​8033 (c23b0)

    View changes on GitHub

codecov/codecov-action (codecov/codecov-action)

v5.5.1

Compare Source

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in #​1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in #​1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in #​1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in #​1872
• docs: fix typo in README by @​datalater in #​1866
• Document a codecov-cli version reference example by @​webknjaz in #​1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in #​1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in #​1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

Compare Source

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in #​1864
• Pin actions/github-script by Git SHA by @​martincostello in #​1859
• fix: check reqs exist by @​joseph-sentry in #​1835
• fix: Typo in README by @​spalmurray in #​1838
• docs: Refine OIDC docs by @​spalmurray in #​1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in #​1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

Zhengqbbb/cz-git (cz-git)

v1.12.0

Compare Source

Features

• cz-git: default upperCaseSubject cancel auto-capitalize (#​237) (8eb7292), closes #​236 #​158

1.11.2 (2025-06-13)

Bug Fixes

• cz-git: without scope calc maxSubjectLength error (#​230) (1a9b61c)

1.11.1 (2025-03-03)

Bug Fixes

• cz-git: default option types add undefined keyword (c7a2d5d), closes #​206
• docs: Fixed typo 'userEmoji -> useEmoji (#​212) (f0231ae)
• plugin-loader: loading ESM configure using URL format (#​219) (50d7675), closes #​216 #​217
• plugin-loader: when CZ_DEBUG=1 --config specify config file not show (8557221), closes #​207

v1.11.2

Compare Source

Features

• cz-git: default upperCaseSubject cancel auto-capitalize (#​237) (8eb7292), closes #​236 #​158

1.11.2 (2025-06-13)

Bug Fixes

• cz-git: without scope calc maxSubjectLength error (#​230) (1a9b61c)

1.11.1 (2025-03-03)

Bug Fixes

• cz-git: default option types add undefined keyword (c7a2d5d), closes #​206
• docs: Fixed typo 'userEmoji -> useEmoji (#​212) (f0231ae)
• plugin-loader: loading ESM configure using URL format (#​219) (50d7675), closes #​216 #​217
• plugin-loader: when CZ_DEBUG=1 --config specify config file not show (8557221), closes #​207

motdotla/dotenv (dotenv)

v16.6.1

Compare Source

Changed

• Default quiet to true – hiding the runtime log message (#​874)
• NOTICE: 17.0.0 will be released with quiet defaulting to false. Use config({ quiet: true }) to suppress.
• And check out the new dotenvx. As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch require('dotenv').config() for require('@​dotenvx/dotenvx').config().

v16.6.0

Compare Source

Added

• Default log helpful message [[email protected]] injecting env (1) from .env (#​870)
• Use { quiet: true } to suppress
• Aligns dotenv more closely with dotenvx.

eslint/eslint (eslint)

v9.39.1

Compare Source

v9.39.0

Compare Source

v9.38.0

Compare Source

Features

• ce40f74 feat: update complexity rule to only highlight function header (#​20048) (Atul Nair)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#​20187) (Francesco Trotta)

Bug Fixes

• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#​20201) (Francesco Trotta)
• a1f06a3 fix: correct SourceCode typings (#​20114) (Pixel998)

Documentation

• 462675a docs: improve web accessibility by hiding non-semantic character (#​20205) (루밀LuMir)
• c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#​20203) (루밀LuMir)
• b39e71a docs: Update README (GitHub Actions Bot)
• cd39983 docs: move custom-formatters type descriptions to nodejs-api (#​20190) (Percy Ma)

Chores

• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#​20221) (Milos Djermanovic)
• 25d0e33 chore: package.json update for @​eslint/js release (Jenkins)
• c82b5ef refactor: Use types from @​eslint/core (#​20168) (Nicholas C. Zakas)
• ff31609 ci: add Node.js 25 to ci.yml (#​20220) (루밀LuMir)
• 004577e ci: bump github/codeql-action from 3 to 4 (#​20211) (dependabot[bot])
• eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#​20206) (Milos Djermanovic)
• 4168a18 chore: fix typo in legacy-eslint.js (#​20202) (Sweta Tanwar)
• 205dbd2 chore: fix typos (#​20200) (ntnyq)
• dbb200e chore: use team member's username when name is not available in data (#​20194) (Milos Djermanovic)
• 8962089 chore: mark deprecated rules as available until v11.0.0 (#​20184) (Pixel998)

v9.37.0

Compare Source

Features

• 39f7fb4 feat: preserve-caught-error should recognize all static "cause" keys (#​20163) (Pixel998)
• f81eabc feat: support TS syntax in no-restricted-imports (#​19562) (Nitin Kumar)

Bug Fixes

• a129cce fix: correct no-loss-of-precision false positives for leading zeros (#​20164) (Francesco Trotta)
• 09e04fc fix: add missing AST token types (#​20172) (Pixel998)
• 861c6da fix: correct ESLint typings (#​20122) (Pixel998)

Documentation

• b950359 docs: fix typos across the docs (#​20182) (루밀LuMir)
• 42498a2 docs: improve ToC accessibility by hiding non-semantic character (#​20181) (Percy Ma)
• 29ea092 docs: Update README (GitHub Actions Bot)
• 5c97a04 docs: show availableUntil in deprecated rule banner (#​20170) (Pixel998)
• 90a71bf docs: update README files to add badge and instructions (#​20115) (루밀LuMir)
• 1603ae1 docs: update references from master to main (#​20153) (루밀LuMir)

Chores

• afe8a13 chore: update @eslint/js dependency to version 9.37.0 (#​20183) (Francesco Trotta)
• abee4ca chore: package.json update for @​eslint/js release (Jenkins)
• fc9381f chore: fix typos in comments (#​20175) (overlookmotel)
• e1574a2 chore: unpin jiti (#​20173) (renovate[bot])
• e1ac05e refactor: mark ESLint.findConfigFile() as async, add missing docs (#​20157) (Pixel998)
• 347906d chore: update eslint (#​20149) (renovate[bot])
• 0cb5897 test: remove tmp dir created for circular fixes in multithread mod

---

Configuration

📅 Schedule: Branch creation - "before 4am on Wednesday" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[height]

Link Height tasks by mentioning a task ID in the pull request title or commit messages, or description and comments with the keyword link (e.g. "Link T-123").

💡Tip: You can also use "Close T-X" to automatically close a task when the pull request is merged.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 8bd03de

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud