chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@types/node (source)	^20.12.8 → ^20.19.40
@vitest/coverage-v8 (source)	^1.5.3 → ^1.6.1
changelogen	^0.5.5 → ^0.6.2
eslint (source)	^8.57.0 → ^8.57.1
eslint-config-unjs	^0.2.1 → ^0.6.2
pnpm (source)	9.0.6 → 9.15.9
prettier (source)	^3.2.5 → ^3.8.3
typescript (source)	^5.4.5 → ^5.9.3
vitest (source)	^1.5.3 → ^1.6.1

---

Release Notes

vitest-dev/vitest (@​vitest/coverage-v8)

v1.6.1

Compare Source

This release includes security patches for:

• Remote Code Execution when accessing a malicious website while Vitest API server is listening | CVE-2025-24964

   🐞 Bug Fixes

• backport #​7317 to v1 - by @​hi-ogawa in #​7319

    View changes on GitHub

v1.6.0

Compare Source

   🚀 Features

• Support standalone mode  -  by @​sheremet-va in #​5565 (bdce0)
• Custom "snapshotEnvironment" option  -  by @​sheremet-va in #​5449 (30f72)
• benchmark: Support comparing benchmark result  -  by @​hi-ogawa and @​sheremet-va in #​5398 (f8d3d)
• browser: Allow injecting scripts  -  by @​sheremet-va in #​5656 (21e58)
• reporter: Support includeConsoleOutput and addFileAttribute in junit  -  by @​hi-ogawa in #​5659 (2f913)
• ui: Sort items by file name  -  by @​btea in #​5652 (1f726)

   🐞 Bug Fixes

• Keep order of arguments for .each in custom task collectors  -  by @​sheremet-va in #​5640 (7d57c)
• Call resolveId('vitest') after buildStart  -  by @​hi-ogawa in #​5646 (f5faf)
• Hash the name of the file when caching  -  by @​sheremet-va in #​5654 (c9e68)
• Don't panic on empty files in node_modules  -  by @​sheremet-va (40c29)
• Use toJSON for error serialization  -  by @​hi-ogawa in #​5526 (19a21)
• coverage:
  • Exclude *.test-d.* by default  -  by @​MindfulPol in #​5634 (bfe8a)
  • Apply vite-node's wrapper only to executed files  -  by @​AriPerkkio in #​5642 (c9883)
• vm:
  • Support network imports  -  by @​sheremet-va in #​5610 (103a6)

   🏎 Performance

• Improve performance of forks pool  -  by @​sheremet-va in #​5592 (d8304)
• Unnecessary rpc call when coverage is disabled  -  by @​AriPerkkio in #​5658 (c5712)

    View changes on GitHub

unjs/changelogen (changelogen)

v0.6.2

Compare Source

compare changes

🩹 Fixes

• cli: Accept hideAuthorEmail arg (#​275)

📖 Documentation

• Add note about version number interpretation (#​272)

🌊 Types

• config.types accept boolean value (#​278)

🏡 Chore

• readme: Fix typo (#​270)
• Update deps (037ac74)

❤️ Contributors

• Philipp Kief (@​PKief)
• Pooya Parsa (@​pi0)
• Azat S. (@​azat-io)
• Adarsh DK <adarsh.dk24012@​gmail.com>
• B. Jonson (@​who-jonson)

v0.6.1

Compare Source

compare changes

🩹 Fixes

• Pass cwd in more places before running commands (#​266)

🏡 Chore

• Update deps (f728b52)
• Update tsconfig (e5dced7)

✅ Tests

• Update snapshot (ec2618f)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Daniel Roe (@​danielroe)

v0.6.0

Compare Source

compare changes

🚀 Enhancements

• Update jiti to v2 (6e85d32)
• Add check for breaking changes in commit body (#​228)
• Hide author email address via flag (#​247)
• Add noAuthors option (#​183)

🩹 Fixes

• Use https proto for author's github link (#​225)
• Use https proto for author's github link in tests (#​226)
• Release version regex supporting pre versions (#​259)
• Use correct compare changes URL for Bitbucket (#​257)
• Use tag template for version title and compare change link (#​255)
• Render usernames in github changelog (#​265)

💅 Refactors

• Use consola for colors (49e0401)
• Use confbox for yaml parsing (19e940c)

📦 Build

• ⚠️ Esm-only dist (4a22de6)

🏡 Chore

• Lint (031cfd6)
• Update deps (b184f23)
• Update ci (8662c4e)
• Update esm-only deps (0d5e31d)

✅ Tests

• Add tests for parsing co-authors from commit body (#​229)

⚠️ Breaking Changes

• ⚠️ Esm-only dist (4a22de6)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Klein Petr (@​kleinpetr)
• Jasper Zonneveld (@​JaZo)
• Thorsten Seyschab (@​toddeTV)
• Philipp Kief (@​PKief)
• Jan-Henrik Damaschke jdamaschke@outlook.de
• Damian Głowala (@​DamianGlowala)

v0.5.7

Compare Source

compare changes

🩹 Fixes

• bump: Avoid using + for canary suffix (#​224)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.5.6

Compare Source

compare changes

🚀 Enhancements

• Add option to sign git tags (#​117)
• git: Support parse git messages that have prefix emoji (#​146)

🩹 Fixes

• github: Use bearer token (#​180)
• Handle repo name with multiple segments (#​219)
• Lowercase scope when filtering (#​199)

💅 Refactors

• Replace execa with execSync (#​222)
• Use human readable date for canary versions (#​223)
• Update execCommand (68127be)

🏡 Chore

• Apply automated lint fixes (72c407f)
• Update ci (bcb16cb)
• Update non major deps (7f714c9)
• Update to eslint v9 (fd40be9)
• Apply automated lint fixes (673255b)
• Update deps (3cfbe27)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Klein Petr (@​kleinpetr)
• Wan Chiu (@​wan54)
• Jianqi Pan (@​Jannchie)
• Vasily Kuzin exer7um@gmail.com
• Daniel Roe (@​danielroe)

eslint/eslint (eslint)

v8.57.1

Compare Source

unjs/eslint-config (eslint-config-unjs)

v0.6.2

Compare Source

compare changes

🩹 Fixes

• Disable array immutation rules for now (3cde73a)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.6.1

Compare Source

compare changes

💅 Refactors

• Migrate to @eslint/markdown (2f92a53)
• Update default rules (84cdbad)

📦 Build

• Migrate to obuild (8f36bf1)

🏡 Chore

• Update deps (4347a4f)
• Update globals to v17 (4f168b4)
• Update unicorn to 62 (e737dd7)
• release: V0.6.0 (b683294)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.6.0

Compare Source

compare changes

💅 Refactors

• Migrate to @eslint/markdown (2f92a53)

📦 Build

• Migrate to obuild (8f36bf1)

🏡 Chore

• Update deps (4347a4f)
• Update globals to v17 (4f168b4)
• Update unicorn to 62 (e737dd7)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.5.0

Compare Source

compare changes

📦 Build

• ⚠️ Update dependencies (9bff5ca)

⚠️ Breaking Changes

• ⚠️ Update dependencies (9bff5ca)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.2

Compare Source

compare changes

💅 Refactors

• Use Linter.Config as return type (2cce21a)
• Reflax markdown rules (587c6a7)

🏡 Chore

• Update deps (c179c22)
• release: V0.4.1 (a8fb144)
• Update deps (0431414)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.1

Compare Source

compare changes

💅 Refactors

• Use Linter.Config as return type (2cce21a)
• Reflax markdown rules (587c6a7)

🏡 Chore

• Update deps (c179c22)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.0

Compare Source

compare changes

🏡 Chore

• ⚠️ Update dependencies (ec5727e)
• Use eslint ts support with jiti (0d531f8)

⚠️ Breaking Changes

• ⚠️ Update dependencies (ec5727e)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.2

Compare Source

compare changes

🏡 Chore

• Update unicorn plugin to 53 (0a944e4)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.1

Compare Source

compare changes

🩹 Fixes

• markdown: Override default rules (4765dd5)

🏡 Chore

• Remove prerelease script (pnpm why ?!) (a98c465)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.0

Compare Source

compare changes

pnpm/pnpm (pnpm)

v9.15.9: pnpm 9.15.9

Compare Source

Patch Changes

• Fix running pnpm CLI from pnpm CLI on Windows when the CLI is bundled to an executable #​8971.

Platinum Sponsors

Gold Sponsors

v9.15.8: pnpm 9.15.8

Compare Source

Patch Changes

• pnpm self-update should always update the version in the packageManager field of package.json.
• The pnpm CLI process should not stay hanging, when --silent reporting is used.
• When --loglevel is set to error, don't show installation summary, execution time, and big tarball download progress.
• Don't show info output when --loglevel=error is used.

Platinum Sponsors

Gold Sponsors

v9.15.7: pnpm 9.15.7

Compare Source

Patch Changes

• pnpm self-update should not leave a directory with a broken pnpm installation if the installation fails.
• Allow scope registry CLI option without --config. prefix such as --@​scope:registry=https://scope.example.com/npm #​9089.
• pnpm self-update should not read the pnpm settings from the package.json file in the current working directory.
• pnpm update -i should list only packages that have newer versions #​9206.
• Fix a bug causing entries in the catalogs section of the pnpm-lock.yaml file to be removed when dedupe-peer-dependents=false on a filtered install. #​9112

Platinum Sponsors

Gold Sponsors

v9.15.6: pnpm 9.15.6

Compare Source

Patch Changes

• Fix instruction for updating pnpm with corepack #​9101.
• Print pnpm's version after the execution time at the end of the console output.
• The pnpm version specified by packageManager cannot start with v.
• Fix a bug causing catalog snapshots to be removed from the pnpm-lock.yaml file when using --fix-lockfile and --filter. #​8639
• Fix a bug causing catalog protocol dependencies to not re-resolve on a filtered install #​8638.

v9.15.5: pnpm 9.15.5

Compare Source

Patch Changes

• Verify that the package name is valid when executing the publish command.
• When running pnpm install, the preprepare and postprepare scripts of the project should be executed #​8989.
• Quote args for scripts with shell-quote to support new lines (on POSIX only) #​8980.
• Proxy settings should be respected, when resolving Git-hosted dependencies #​6530.
• Replace strip-ansi with the built-in util.stripVTControlCharacters #​9009.

Platinum Sponsors

Gold Sponsors

v9.15.4: pnpm 9.15.4

Compare Source

Patch Changes

• Ensure that recursive pnpm update --latest <pkg> updates only the specified package, with dedupe-peer-dependents=true.

Platinum Sponsors

Gold Sponsors

v9.15.3: pnpm 9.15.3

Compare Source

Patch Changes

• Fixed the Regex used to find the package manifest during packing #​8938.
• pnpm update --filter <pattern> --latest <pkg> should only change the specified package for the specified workspace, when dedupe-peer-dependents is set to true #​8877.
• Exclude .DS_Store file at patch-commit #​8922.
• Fix a bug in which pnpm patch is unable to bring back old patch without specifying @version suffix #​8919.

Platinum Sponsors

Gold Sponsors

config help if that's undesired. If you want to rebase/retry this PR, check this box This PR was generated by Mend Renovate. View the repository job log.