chore(deps): update all non-major dependencies#28
Open
renovate[bot] wants to merge 1 commit intomainfrom
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^7.56.0→^7.57.62.0.0-beta.4→2.0.0-beta.6^0.19.4→^0.19.6^0.2.0→^0.2.1^24.10.9→^24.11.0^0.51.1→^0.52.010.28.2+sha512.41872f037ad22f7348e3b1debbaf7e867cfd448f2726d9cf74c08f19507c31d2c8e7a11525b983febc2df640b5438dee6023ebb1f84ed43cc2d654d2bc326264→10.30.3Release Notes
microsoft/rushstack (@microsoft/api-extractor)
v7.57.6Compare Source
Wed, 25 Feb 2026 21:39:42 GMT
Patches
@microsoft/tsdoc-configto~0.18.1to mitigate CVE-2025-69873.v7.57.5Compare Source
Wed, 25 Feb 2026 00:34:29 GMT
Version update only
v7.57.4Compare Source
Tue, 24 Feb 2026 01:13:27 GMT
Version update only
v7.57.3Compare Source
Mon, 23 Feb 2026 00:42:21 GMT
Patches
v7.57.2Compare Source
Fri, 20 Feb 2026 16:14:49 GMT
Patches
v7.57.1Compare Source
Fri, 20 Feb 2026 00:15:03 GMT
Patches
"node"condition before"import"in the"exports"map so that Node.js uses the CJS output (which handles extensionless imports), while bundlers still use ESM via"import". Fixes #5644.v7.57.0Compare Source
Thu, 19 Feb 2026 00:04:52 GMT
Minor changes
lib-commonjs, DTS is now underlib-dts, and ESM is now underlib-esm. Imports tolibstill work as before, handled by the"exports"field inpackage.json.v7.56.3Compare Source
Sat, 07 Feb 2026 01:13:26 GMT
Patches
lodashdependency from~4.17.15to~4.17.23.v7.56.2Compare Source
Wed, 04 Feb 2026 20:42:47 GMT
Patches
v7.56.1Compare Source
Wed, 04 Feb 2026 16:13:27 GMT
Version update only
web-infra-dev/rsbuild (@rsbuild/core)
v2.0.0-beta.6Compare Source
What's Changed
New Features 🎉
Bug Fixes 🐞
Document 📖
Other Changes
New Contributors
Full Changelog: web-infra-dev/rsbuild@v2.0.0-beta.5...v2.0.0-beta.6
v2.0.0-beta.5Compare Source
What's Changed
New Features 🎉
preview.setupMiddlewarestoserver.setupMiddlewaresby @chenjiahan in #7192server.setupconfig by @chenjiahan in #7197portin prod server API by @chenjiahan in #7209startDevServerby @chenjiahan in #7215httpServerfor prod server by @chenjiahan in #7216closemethod for prod server by @chenjiahan in #7217rsbuild.previewby @chenjiahan in #7219openandprintUrlsmethods to preview server by @chenjiahan in #7224Performance 🚀
Bug Fixes 🐞
client.overlay.runtimeby environments by @chenjiahan in #7189dev.setupMiddlewaresin favor ofserver.setupby @chenjiahan in #7229Refactor 🔨
Document 📖
server.setupconfig by @chenjiahan in #7198Other Changes
New Contributors
Full Changelog: web-infra-dev/rsbuild@v2.0.0-beta.4...v2.0.0-beta.5
web-infra-dev/rslib (@rslib/core)
v0.19.6Compare Source
What's Changed
Document 📖
dts.buildrequirement by @Timeless0911 in #1482Other Changes
de0fac2by @renovate[bot] in #1477Full Changelog: web-infra-dev/rslib@v0.19.5...v0.19.6
v0.19.5Compare Source
What's Changed
Document 📖
Other Changes
Full Changelog: web-infra-dev/rslib@v0.19.4...v0.19.5
web-infra-dev/rslint (@rslint/core)
v0.2.1Compare Source
What's Changed
Full Changelog: web-infra-dev/rslint@v0.2.0...v0.2.1
dprint/dprint (dprint)
v0.52.0Compare Source
Changes
--skip-stable-format(#1075)dprint fmt --fail-on-change(#1073)Install
Run
dprint upgradeor see https://dprint.dev/install/Checksums
pnpm/pnpm (pnpm)
v10.30.3Compare Source
v10.30.2Compare Source
v10.30.1: pnpm 10.30.1Compare Source
Patch Changes
/-/npm/v1/security/audits/quickendpoint as the primary audit endpoint, falling back to/-/npm/v1/security/auditswhen it fails #10649.Platinum Sponsors
Gold Sponsors
v10.30.0: pnpm 10.30Compare Source
Minor Changes
pnpm whynow shows a reverse dependency tree. The searched package appears at the root with its dependents as branches, walking back to workspace roots. This replaces the previous forward-tree output which was noisy and hard to read for deeply nested dependencies.Patch Changes
pnpm whydependency pruning to prefer correctness over memory consumption. Reverted PR: #7122.pnpm whyandpnpm listperformance in workspaces with many importers by sharing the dependency graph and materialization cache across all importers instead of rebuilding them independently for each one #10596.Platinum Sponsors
Gold Sponsors
v10.29.3Compare Source
v10.29.2Compare Source
v10.29.1: pnpm 10.29.1Compare Source
Minor Changes
pnpm dlx/pnpxcommand now supports thecatalog:protocol. Example:pnpm dlx shx@catalog:.auditLevelin thepnpm-workspace.yamlfile #10540.workspace:protocol without version specifier. It is now treated asworkspace:*and resolves to the concrete version during publish #10436.Patch Changes
Fixed
pnpm list --jsonreturning incorrect paths when using global virtual store #10187.Fix
pnpm store pathandpnpm store statususing workspace root for path resolution whenstoreDiris relative #10290.Fixed
pnpm run -rfailing with "No projects matched the filters" when an emptypnpm-workspace.yamlexists #10497.Fixed a bug where
catalogMode: strictwould write the literal string"catalog:"topnpm-workspace.yamlinstead of the resolved version specifier when re-adding an existing catalog dependency #10176.Fixed the documentation URL shown in
pnpm completion --helpto point to the correct page at https://pnpm.io/completion #10281.Skip local
file:protocol dependencies duringpnpm fetch. This fixes an issue wherepnpm fetchwould fail in Docker builds when local directory dependencies were not available #10460.Fixed
pnpm audit --jsonto respect the--audit-levelsetting for both exit code and output filtering #10540.update tar to version 7.5.7 to fix security issue
Updating the version of dependency tar to 7.5.7 because the previous one have a security vulnerability reported here: CVE-2026-24842
Fix
pnpm audit --fixreplacing reference overrides (e.g.$foo) with concrete versions #10325.Fix
shamefullyHoistset viaupdateConfigin.pnpmfile.cjsnot being converted topublicHoistPattern#10271.pnpm helpshould correctly report if the currently running pnpm CLI is bundled with Node.js #10561.Add a warning when the current directory contains the PATH delimiter character. On macOS, folder names containing forward slashes (/) appear as colons (:) at the Unix layer. Since colons are PATH separators in POSIX systems, this breaks PATH injection for
node_modules/.bin, causing binaries to not be found when running commands likepnpm exec#10457.Platinum Sponsors
Gold Sponsors
Configuration
📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.