Skip to content

chore(deps): update all non-major dependencies #241

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
renovate merged 1 commit into from
Feb 11, 2026
Merged

chore(deps): update all non-major dependencies #241

renovate merged 1 commit into from
Feb 11, 2026
+955 −1,106

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 9, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@angular/compiler (source) ^21.1.2^21.1.3 age confidence
@astrojs/compiler (source) ^2.13.0^2.13.1 age confidence
@iconify-json/ri ^1.2.9^1.2.10 age confidence
@iconify-json/vscode-icons ^1.2.40^1.2.41 age confidence
@nuxt/kit (source) ^4.3.0^4.3.1 age confidence
@sxzz/eslint-config ^7.6.0^7.7.1 age confidence
@typescript-eslint/parser (source) ^8.54.0^8.55.0 age confidence
@vue/compiler-dom (source) ^3.5.27^3.5.28 age confidence
@vue/compiler-sfc (source) ^3.5.27^3.5.28 age confidence
@vueuse/core (source) ^14.2.0^14.2.1 age confidence
@vueuse/nuxt (source) ^14.2.0^14.2.1 age confidence
bumpp ^10.4.0^10.4.1 age confidence
esbuild ^0.27.2^0.27.3 age confidence
flow-parser (source) ^0.299.0^0.300.0 age confidence
meriyah ^7.0.0^7.1.0 age confidence
nuxt (source) ^4.3.0^4.3.1 age confidence
pnpm (source) 10.28.210.29.3 age confidence
rolldown (source) ^1.0.0-rc.3^1.0.0-rc.4 age confidence
svelte (source) ^5.49.2^5.50.1 age confidence
vite (source) ^8.0.0-beta.12^8.0.0-beta.13 age confidence
vue (source) ^3.5.27^3.5.28 age confidence

Release Notes

angular/angular (@​angular/compiler)

v21.1.3

Compare Source

core
Commit Type Description
2b254bc050 fix linkedSignal.update should propagate errors
e5110b4fa1 fix export DirectiveWithBindings
2cf4da0ea1 fix hold constructors weakly in DepsTracker cache
70a5b651be fix prevent element duplication with dynamic components
forms
Commit Type Description
6f75b6e3f6 fix Resolves debounce promise on abort in debounceForDuration
localize
Commit Type Description
4c7126d23b fix add support for unit-test builder in ng-add schematic
router
Commit Type Description
d6268c0bbb fix limit UrlParser recursion depth to prevent stack overflow
49a36f4cc7 perf Use .bind to avoid holding other closures in memory
withastro/compiler (@​astrojs/compiler)

v2.13.1

Compare Source

Patch Changes
  • 357b8fe: Fixes a panic when parsing files with a closing frontmatter fence (---) but no opening fence. The compiler now returns a helpful diagnostic error instead of crashing.
  • cba568f: Fixes the "Unterminated string literal" error when using multiline attribute values on components.
nuxt/nuxt (@​nuxt/kit)

v4.3.1

Compare Source

4.3.1 is a regularly scheduled patch release.

👉 Changelog

compare changes

🩹 Fixes
  • nuxt: Correct reference format of server builder (#​34177)
  • nuxt: Add status/statusText getters to NuxtError (#​34188)
  • nuxt: Don't inject shared types for differing auto-imports (#​34191)
  • schema: Add direnv and vendor to default ignore (#​34190)
  • nuxt: Focus hash links after navigation (#​34193)
  • nuxt: Exclude head runtime from unhead imports transform (#​34195)
  • kit: Include prereleases in semver satisfy check (#​34210)
  • nitro: Encode unicode paths in x-nitro-prerender header (#​34202)
  • nuxt: Watch server/ for builder:watch hook (#​34208)
  • nitro: Preserve error.message for fatal errors (#​34226)
  • Only enable dynamic imports when ts plugin (#​34205)
  • webpack: Use H3Error for 403 in dev server (#​34233)
  • nuxt: Ensure NuxtError extends Error type (#​34242)
  • vite: Use H3Error for 404 in dev server (#​34225)
  • nuxt: Add backwards compat for #app barrel export in keyed functions (#​34199)
  • nuxt: Track + re-add custom routes on hmr (#​32044)
  • nuxt: Keep vnode when leaving deeper nested route (#​33778)
  • vite: Prevent CSS flickering in dev mode after config changes (#​33856)
  • nuxt: Do not start view transition if there is no route (#​33723)
  • nuxt: Call deferHydration done on NuxtPage unmount (#​34152)
  • nuxt: Handle invalid datetime in ` (#​33992)
  • nuxt: Preserve middleware error status in 404 fallback (#​34148)
  • nitro: Do not augment nuxt/schema (#​34255)
  • nuxt: Cache manifest files to preserve buildId (#​34002)
  • nuxt: Don't decode query string in SSR context URL (#​34252)
  • nuxt: Allow specifying moduleDependencies by meta.name (#​34263)
  • nuxt: Resolve #components import mapping conflict for packages outside rootDir (#​34139)
  • vite,webpack: Use node.res to send 403/404 (#​34266)
  • nitro,nuxt: Align path encoding with vue-router (#​34265)
  • nitro: Augment nuxt/schema once more (552bbd8d1)
💅 Refactors
  • nuxt: Prefer genObjectKey to omit unnecessary quotes (#​34245)
  • nuxt: Use ComponentProps helper to extract layout props (#​34248)
📖 Documentation
  • Update roadmap dates (#​34166)
  • Correct default value of nitroAutoImports (#​34182)
  • Clarify shared type context limitations for custom imports (#​34194)
  • Fix broken links (#​34223)
  • Document payload extraction for ISR/SWR routes (#​34222)
  • Update default aliases in configuration reference (#​34237)
  • Update example of email validation (#​34247)
  • Align server alias examples with #server and rootDir (#​34259)
  • Add documentation for keyedComposables (#​34201)
🏡 Chore
✅ Tests
  • Vitest v4 compatibility (825b2c202)
  • Add runtime tests for deeply nested <NuxtPage> navigation (048efc030)
❤️ Contributors
sxzz/eslint-config (@​sxzz/eslint-config)

v7.7.1

Compare Source

   🐞 Bug Fixes
  • Disable no-useless-assignment for vue, remove reactivity transform support  -  by @​sxzz (beb15)
    View changes on GitHub

v7.7.0

Compare Source

   🚀 Features
    View changes on GitHub

v7.6.1

Compare Source

No significant changes

    View changes on GitHub
typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.55.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

vuejs/core (@​vue/compiler-dom)

v3.5.28

Compare Source

Bug Fixes
vueuse/vueuse (@​vueuse/core)

v14.2.1

Compare Source

   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub
antfu-collective/bumpp (bumpp)

v10.4.1

Compare Source

   🚀 Features
    View changes on GitHub
evanw/esbuild (esbuild)

v0.27.3

Compare Source

  • Preserve URL fragments in data URLs (#​4370)

    Consider the following HTML, CSS, and SVG:

    • index.html:

      <!DOCTYPE html>
<html>
  <head><link rel="stylesheet" href="icons.css"></head>
  <body><div class="triangle"></div></body>
</html>

    • icons.css:

      .triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url(./triangle.svg#x);
}

    • triangle.svg:

      <svg xmlns="http://www.w3.org/2000/svg">
  <defs>
    <clipPath id="x">
      <path d="M0 0H10V10Z"/>
    </clipPath>
  </defs>
</svg>

    The CSS uses a URL fragment (the #x) to reference the clipPath element in the SVG file. Previously esbuild's CSS bundler didn't preserve the URL fragment when bundling the SVG using the dataurl loader, which broke the bundled CSS. With this release, esbuild will now preserve the URL fragment in the bundled CSS:

    /* icons.css */
.triangle {
  width: 10px;
  height: 10px;
  background: currentColor;
  clip-path: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg"><defs><clipPath id="x"><path d="M0 0H10V10Z"/></clipPath></defs></svg>#x');
}

  • Parse and print CSS @scope rules (#​4322)

    This release includes dedicated support for parsing @scope rules in CSS. These rules include optional "start" and "end" selector lists. One important consequence of this is that the local/global status of names in selector lists is now respected, which improves the correctness of esbuild's support for CSS modules. Minification of selectors inside @scope rules has also improved slightly.

    Here's an example:

    /* Original code */
@&#8203;scope (:global(.foo)) to (:local(.bar)) {
  .bar {
    color: red;
  }
}

/* Old output (with --loader=local-css --minify) */
@&#8203;scope (:global(.foo)) to (:local(.bar)){.o{color:red}}

/* New output (with --loader=local-css --minify) */
@&#8203;scope(.foo)to (.o){.o{color:red}}

  • Fix a minification bug with lowering of for await (#​4378, #​4385)

    This release fixes a bug where the minifier would incorrectly strip the variable in the automatically-generated catch clause of lowered for await loops. The code that generated the loop previously failed to mark the internal variable references as used.

  • Update the Go compiler from v1.25.5 to v1.25.7 (#​4383, #​4388)

    This PR was contributed by @​MikeWillCook.

facebook/flow (flow-parser)

v0.300.0

Compare Source

Misc:

  • Minor changes to the flow-upgrade script
meriyah/meriyah (meriyah)

v7.1.0

Compare Source

Features
pnpm/pnpm (pnpm)

v10.29.3

Compare Source

v10.29.2

Compare Source

v10.29.1: pnpm 10.29.1

Compare Source

Minor Changes

  • The pnpm dlx / pnpx command now supports the catalog: protocol. Example: pnpm dlx shx@catalog:.
  • Support configuring auditLevel in the pnpm-workspace.yaml file #​10540.
  • Support bare workspace: protocol without version specifier. It is now treated as workspace:* and resolves to the concrete version during publish #​10436.

Patch Changes

  • Fixed pnpm list --json returning incorrect paths when using global virtual store #​10187.

  • Fix pnpm store path and pnpm store status using workspace root for path resolution when storeDir is relative #​10290.

  • Fixed pnpm run -r failing with "No projects matched the filters" when an empty pnpm-workspace.yaml exists #​10497.

  • Fixed a bug where catalogMode: strict would write the literal string "catalog:" to pnpm-workspace.yaml instead of the resolved version specifier when re-adding an existing catalog dependency #​10176.

  • Fixed the documentation URL shown in pnpm completion --help to point to the correct page at https://pnpm.io/completion #​10281.

  • Skip local file: protocol dependencies during pnpm fetch. This fixes an issue where pnpm fetch would fail in Docker builds when local directory dependencies were not available #​10460.

  • Fixed pnpm audit --json to respect the --audit-level setting for both exit code and output filtering #​10540.

  • update tar to version 7.5.7 to fix security issue

    Updating the version of dependency tar to 7.5.7 because the previous one have a security vulnerability reported here: CVE-2026-24842

  • Fix pnpm audit --fix replacing reference overrides (e.g. $foo) with concrete versions #​10325.

  • Fix shamefullyHoist set via updateConfig in .pnpmfile.cjs not being converted to publicHoistPattern #​10271.

  • pnpm help should correctly report if the currently running pnpm CLI is bundled with Node.js #​10561.

  • Add a warning when the current directory contains the PATH delimiter character. On macOS, folder names containing forward slashes (/) appear as colons (:) at the Unix layer. Since colons are PATH separators in POSIX systems, this breaks PATH injection for node_modules/.bin, causing binaries to not be found when running commands like pnpm exec #​10457.

Platinum Sponsors

Bit

Gold Sponsors

Discord CodeRabbit Workleap
Stackblitz Vite
rolldown/rolldown (rolldown)

v1.0.0-rc.4

Compare Source

🚀 Features
🐛 Bug Fixes
🚜 Refactor
📚 Documentation
🧪 Testing
  • ensure runtime module is preserved even if it's not used but has side effects (#​8213) by @​hyf0
⚙️ Miscellaneous Tasks
sveltejs/svelte (svelte)

v5.50.1

Compare Source

Patch Changes

  • fix: render boolean attribute values as empty strings for XHTML compliance (#​17648)

  • fix: prevent async render tag hydration mismatches (#​17652)

v5.50.0

Compare Source

Minor Changes
  • feat: allow use of createContext when instantiating components programmatically (#​17575)
Patch Changes

  • fix: ensure infinite effect loops are cleared after flushing (#​17601)

  • fix: allow {#key NaN} (#​17642)

  • fix: detect store in each block expression regardless of AST shape (#​17636)

  • fix: treat <menu> like <ul>/<ol> for a11y role checks (#​17638)

  • fix: add vite-ignore comment inside dynamic crypto import (#​17623)

  • chore: wrap JSDoc URLs in @see and @link tags (#​17617)

  • fix: properly hydrate already-resolved async blocks (#​17641)

  • fix: emit each_key_duplicate error in production (#​16724)

  • fix: exit resolved async blocks on correct node when hydrating (#​17640)

vitejs/vite (vite)

v8.0.0-beta.13

Compare Source

Features
Bug Fixes
Miscellaneous Chores
Code Refactoring
Tests

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies label Feb 9, 2026
@bolt-new-by-stackblitz
Copy link

bolt-new-by-stackblitz bot commented Feb 9, 2026

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@vercel
Copy link

vercel bot commented Feb 9, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
ast-explorer Ready Ready Preview, Comment Feb 11, 2026 3:03pm

@socket-security
Copy link

socket-security bot commented Feb 9, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​typescript-eslint/​parser@​8.55.01001007198100
Updatedesbuild@​0.27.2 ⏵ 0.27.3911007392100
Updated@​angular/​compiler@​21.1.2 ⏵ 21.1.3751007898 +2100
Updated@​vue/​compiler-dom@​3.5.27 ⏵ 3.5.28991007696100
Updated@​vueuse/​core@​14.2.0 ⏵ 14.2.1100 +11007791100
Updated@​iconify-json/​ri@​1.2.9 ⏵ 1.2.101001008091 +1100
Updated@​iconify-json/​vscode-icons@​1.2.40 ⏵ 1.2.41100 +110081 +195 +2100
Updatedbumpp@​10.4.0 ⏵ 10.4.19610082 +192 +2100
Updated@​sxzz/​eslint-config@​7.6.0 ⏵ 7.7.183 +110010096 +1100
Updated@​vueuse/​nuxt@​14.2.0 ⏵ 14.2.11001008391 -1100
Updatedflow-parser@​0.299.0 ⏵ 0.300.09510088 +1100100
Updated@​astrojs/​compiler@​2.13.0 ⏵ 2.13.1100 +1100929480
Updated@​vue/​compiler-sfc@​3.5.27 ⏵ 3.5.28911009696100
Updatedmeriyah@​7.0.0 ⏵ 7.1.099 +1100100 +193 +6100
Updated@​nuxt/​kit@​4.3.0 ⏵ 4.3.19910010095 +2100
Updatednuxt@​4.3.0 ⏵ 4.3.19710010096 +2100

View full report

@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 2eee144 to 720a245 Compare February 9, 2026 05:58
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 720a245 to 31d69f8 Compare February 9, 2026 10:43
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 31d69f8 to 0da9ea8 Compare February 9, 2026 13:12
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 0da9ea8 to 103b8bf Compare February 9, 2026 18:30
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 103b8bf to b94ee0f Compare February 10, 2026 05:46
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from b94ee0f to 0b9069e Compare February 10, 2026 09:12
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 0b9069e to 14f8ce6 Compare February 10, 2026 22:08
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 14f8ce6 to d780247 Compare February 11, 2026 15:02
@renovate renovate bot merged commit 6e17f00 into main Feb 11, 2026
6 checks passed
@renovate renovate bot deleted the renovate/all-minor-patch branch February 11, 2026 17:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants