chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@babel/types (source)	^7.25.2 -> ^7.25.6
@rollup/pluginutils (source)	^5.1.0 -> ^5.1.1
@sxzz/eslint-config	^4.1.0 -> ^4.2.0
@types/node (source)	^20.16.0 -> ^20.16.5
@vue-macros/test-utils (source)	^1.6.0 -> ^1.7.0
ast-kit	^1.1.0 -> ^1.2.0
bumpp	^9.5.1 -> ^9.5.2
esbuild	^0.23.1 -> ^0.24.0
eslint (source)	^9.9.0 -> ^9.11.0
pnpm (source)	9.7.1 -> 9.11.0
rollup (source)	^4.21.0 -> ^4.22.4
tsup (source)	^8.2.4 -> ^8.3.0
tsx (source)	^4.17.0 -> ^4.19.1
typescript (source)	^5.5.4 -> ^5.6.2
unplugin	^1.12.2 -> ^1.14.1
vite (source)	^5.4.1 -> ^5.4.7
vite-node (source)	^2.0.5 -> ^2.1.1
vitest (source)	^2.0.5 -> ^2.1.1
vue (source)	^3.4.38 -> ^3.5.8

---

Release Notes

babel/babel (@​babel/types)

v7.25.6

Compare Source

🐛 Bug Fix

• babel-generator
  • #​16783 Properly print inner comments in TS array types (@​nicolo-ribaudo)
  • #​16775 fix: jsx whitespace is not properly preserved when retainLines (@​liuxingbaoyu)
• babel-traverse
  • #​16727 fix: path.getAssignmentIdentifiers may be undefined (@​liuxingbaoyu)
• babel-parser
  • #​16761 fix: improve static canFollowModifier checks (@​JLHwung)
• babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
  • #​16769 Only wrap functions in superPropertyGet helper (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  • #​16780 Do not enforce printing space between ( and comments (@​nicolo-ribaudo)
• babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
  • #​16781 Don't throw when enabling both syntax-import-{assertions,attributes} (@​nicolo-ribaudo)
• babel-generator
  • #​16782 TS union/intersection nested in union does not need parens (@​nicolo-ribaudo)

🏠 Internal

• babel-generator
  • #​16777 Remove unused parent params in the generator (@​nicolo-ribaudo)

v7.25.4

Compare Source

🐛 Bug Fix

• babel-traverse
  • #​16756 fix: Skip computed key when renaming (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #​16755 fix: Decorator 2018-09 may throw an exception (@​liuxingbaoyu)
• babel-types
  • #​16710 Visit AST fields nodes according to their syntactical order (@​nicolo-ribaudo)
• babel-generator
  • #​16709 Print semicolon after TS export namespace as A (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
  • #​16722 Avoid unnecessary parens around sequence expressions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-transform-class-properties
  • #​16714 Avoid unnecessary parens around exported arrow functions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread
  • #​16712 Avoid printing unnecessary parens around object destructuring (@​nicolo-ribaudo)

🔬 Output optimization

• babel-generator
  • #​16740 Avoid extra spaces between comments/regexps in compact mode (@​nicolo-ribaudo)

rollup/plugins (@​rollup/pluginutils)

v5.1.1

2024-09-22

Bugfixes

• fix: improve regex performance (#​1753)

sxzz/eslint-config (@​sxzz/eslint-config)

v4.2.0

Compare Source

   🚀 Features

• Enable sxzz/prefer-string-function  -  by @​sxzz (d6264)

    View changes on GitHub

v4.1.6

Compare Source

No significant changes

    View changes on GitHub

v4.1.5

Compare Source

   🐞 Bug Fixes

• Upgrade deps, fix import @eslint/markdown  -  by @​sxzz (36683)

    View changes on GitHub

v4.1.4

Compare Source

No significant changes

    View changes on GitHub

v4.1.3

Compare Source

   🐞 Bug Fixes

• Disable unicorn/consistent-function-scoping for unit test files of typescript  -  by @​sxzz (47090)

    View changes on GitHub

v4.1.2

Compare Source

   🐞 Bug Fixes

• Disable unicorn/consistent-function-scoping for unit test files  -  by @​sxzz (f7d3c)

    View changes on GitHub

v4.1.1

Compare Source

   🐞 Bug Fixes

• Skip arrow function for consistent-function-scoping  -  by @​sxzz (ff38c)

    View changes on GitHub

vue-macros/vue-macros (@​vue-macros/test-utils)

v1.7.0

Minor Changes

• 2b8760c Thanks @​sxzz! - Switch to ESM packages

v1.6.2

Patch Changes

• 9a61a50 Thanks @​sxzz! - improve single file bundle

v1.6.1

Compare Source

Patch Changes

• fc3d9c1 Thanks @​sxzz! - Remove unused dependencies

sxzz/ast-kit (ast-kit)

v1.2.0

Compare Source

   🚀 Features

• Support functional test of isIdentifierOf  -  by @​sxzz (9011d)
• Expose getBabelParserOptions  -  by @​sxzz (09256)

   🐞 Bug Fixes

• deps:
  • Update all non-major dependencies  -  (9bcca)
  • Update all non-major dependencies  -  (f7bc1)

    View changes on GitHub

antfu/bumpp (bumpp)

v9.5.2

Compare Source

   🐞 Bug Fixes

• Check file exists before update  -  by @​ryoppippi in https://github.com/antfu-collective/bumpp/issues/40 (cf526)

    View changes on GitHub

evanw/esbuild (esbuild)

v0.24.0

Compare Source

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#​3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#​3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#​3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#​3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#​3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

eslint/eslint (eslint)

v9.11.0

Compare Source

Features

• ec30c73 feat: add "eslint/universal" to export Linter (#​18883) (唯然)
• c591da6 feat: Add language to types (#​18917) (Nicholas C. Zakas)
• 492eb8f feat: limit the name given to ImportSpecifier in id-length (#​18861) (Tanuj Kanti)
• 19c6856 feat: Add no-useless-constructor suggestion (#​18799) (Jordan Thomson)
• a48f8c2 feat: add type FormatterFunction, update LoadedFormatter (#​18872) (Francesco Trotta)

Bug Fixes

• 5e5f39b fix: add missing types for no-restricted-exports rule (#​18914) (Kristóf Poduszló)
• 8f630eb fix: add missing types for no-param-reassign options (#​18906) (Kristóf Poduszló)
• d715781 fix: add missing types for no-extra-boolean-cast options (#​18902) (Kristóf Poduszló)
• 2de5742 fix: add missing types for no-misleading-character-class options (#​18905) (Kristóf Poduszló)
• c153084 fix: add missing types for no-implicit-coercion options (#​18903) (Kristóf Poduszló)
• fa11b2e fix: add missing types for no-empty-function options (#​18901) (Kristóf Poduszló)
• a0deed1 fix: add missing types for camelcase options (#​18897) (Kristóf Poduszló)

Documentation

• e4e5709 docs: correct prefer-object-has-own type definition comment (#​18924) (Nitin Kumar)
• 91cbd18 docs: add unicode abbreviations in no-irregular-whitespace rule (#​18894) (Alix Royere)
• 59cfc0f docs: clarify resultsMeta in LoadedFormatter type (#​18881) (Milos Djermanovic)
• adcc50d docs: Update README (GitHub Actions Bot)
• 4edac1a docs: Update README (GitHub Actions Bot)

Build Related

• 959d360 build: Support updates to previous major versions (#​18871) (Milos Djermanovic)

Chores

• ca21a64 chore: upgrade @​eslint/js@​9.11.0 (#​18927) (Milos Djermanovic)
• a10f90a chore: package.json update for @​eslint/js release (Jenkins)
• e4e02cc refactor: Extract processor logic into ProcessorService (#​18818) (Nicholas C. Zakas)
• 6d4484d chore: updates for v8.57.1 release (Jenkins)
• 71f37c5 refactor: use optional chaining when validating config rules (#​18893) (lucasrmendonca)
• 2c2805f chore: Add PR note to all templates (#​18892) (Nicholas C. Zakas)
• 7b852ce refactor: use Directive class from @eslint/plugin-kit (#​18884) (Milos Djermanovic)
• d594ddd chore: update dependency @​eslint/core to ^0.6.0 (#​18863) (renovate[bot])
• 78b2421 chore: Update change.yml (#​18882) (Nicholas C. Zakas)
• a416f0a chore: enable $ExpectType comments in .ts files (#​18869) (Francesco Trotta)

v9.10.0

Compare Source

v9.9.1

Compare Source

pnpm/pnpm (pnpm)

v9.11.0

Compare Source

v9.10.0: pnpm 9.10

Compare Source

Minor Changes

• Support for a new CLI flag, --exclude-peers, added to the list and why commands. When --exclude-peers is used, peer dependencies are not printed in the results, but dependencies of peer dependencies are still scanned #​8506.

• Added a new setting to package.json at pnpm.auditConfig.ignoreGhsas for ignoring vulnerabilities by their GHSA code #​6838.

  For instance:

  {
    "pnpm": {
      "auditConfig": {
        "ignoreGhsas": [
          "GHSA-42xw-2xvc-qx8m",
          "GHSA-4w2v-q235-vp99",
          "GHSA-cph5-m8f7-6c5x",
          "GHSA-vh95-rmgr-6w4m"
        ]
      }
    }
  }

Patch Changes

• Throw an exception if pnpm switches to the same version of itself.
• Reduce memory usage during peer dependencies resolution.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v9.9.0

Compare Source

v9.8.0

Compare Source

rollup/rollup (rollup)

v4.22.4

Compare Source

2024-09-21

Bug Fixes

• Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#​5671)

Pull Requests

• #​5670: refactor: Use object.prototype to check for reserved properties (@​YuHyeonWook)
• #​5671: Fix DOM Clobbering CVE (@​lukastaegert)

v4.22.3

Compare Source

2024-09-21

Bug Fixes

• Ensure that mutations in modules without side effects are observed while properly handling transitive dependencies (#​5669)

Pull Requests

• #​5669: Ensure impure dependencies of pure modules are added (@​lukastaegert)

v4.22.2

Compare Source

2024-09-20

Bug Fixes

• Revert fix for side effect free modules until other issues are investigated (#​5667)

Pull Requests

• #​5667: Partially revert #​5658 and re-apply #​5644 (@​lukastaegert)

v4.22.1

Compare Source

2024-09-20

Bug Fixes

• Revert #​5644 "stable chunk hashes" while issues are being investigated

Pull Requests

• #​5663: chore(deps): update dependency inquirer to v11 (@​renovate[bot], @​lukastaegert)
• #​5664: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5665: fix: type in CI file (@​YuHyeonWook)
• #​5666: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.22.0

Compare Source

2024-09-19

Features

• Add additional known global values to avoid access side effects (#​5651)

Bug Fixes

• Ensure deterministic chunk hash generation despite async renderChunk hook (#​5644)
• Improve side effect detection when using "smallest" treeshaking preset when imports are optimized away (#​5658)

Pull Requests

• #​5644: fix: apply final hashes deterministically with stable placeholders set (@​mattkubej, @​lukastaegert)
• #​5646: chore(deps): update dependency @​mermaid-js/mermaid-cli to v11 (@​renovate[bot])
• #​5647: chore(deps): update dependency concurrently to v9 (@​renovate[bot])
• #​5648: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5651: feat: add AggregateError, FinalizationRegistry, WeakRef to knownGlobals (@​re-taro)
• #​5653: Fix example selection in REPL (@​lukastaegert)
• #​5657: chore(deps): update dependency vite to v5.4.6 [security] (@​renovate[bot])
• #​5658: Detect variable reassignments in modules without side effects (@​lukastaegert)

v4.21.3

Compare Source

2024-09-12

Bug Fixes

• Always respect side effects in left-hand side of optional chain (#​5642)
• Update stack trace for augmented errors to not hide relevant information (#​5640)

Pull Requests

• #​5636: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5637: chore(deps): lock file maintenance (@​renovate[bot])
• #​5640: fix: keep the message of stack up-to-date (@​TrickyPi)
• #​5642: fix: include left-side effect of optional chaining in the end of hasEffectsAsChainElement (@​TrickyPi)

v4.21.2

Compare Source

2024-08-30

Bug Fixes

• Handle IIFE/UMD namespace definitions conflicting with a builtin property (#​5605)

Pull Requests

• #​5605: fix: Wrong namespace property definition (@​thirumurugan-git, @​lukastaegert)
• #​5630: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5631: chore(deps): lock file maintenance (@​renovate[bot])
• #​5632: chore(deps): lock file maintenance (@​renovate[bot])

v4.21.1

Compare Source

2024-08-26

Bug Fixes

• Ensure closeWatcher hook is called when watch mode is aborted via Ctrl+C (#​5618)
• Do not produce invalid code for import.meta.url in compact mode (#​5624)
• Do not throw when generating chunk names when preserving modules in Windows (#​5625)

Pull Requests

• #​5591: chore(deps): update dependency @​types/eslint to v9 (@​renovate[bot], @​lukastaegert)
• #​5618: preload the WASM file even though the version is undefined. (@​TrickyPi)
• #​5619: Call and await closeWatcher hooks on exit signals (@​lukastaegert)
• #​5622: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #​5624: fix: add space for DOCUMENT_CURRENT_SCRIPT template (@​TrickyPi)
• #​5625: fix: get the right chunk name for preserve modules in Windows (@​TrickyPi, @​lukastaegert)

egoist/tsup (tsup)

v8.3.0

Compare Source

Bug Fixes

• fix experimentalDts file cleaning and watching (#​1199) (76dc18b)

Features

• add support for cts and mts config files (#​1178) (ec811b3)
• add support for async injectStyle (#​1193) (f25a9db)

privatenumber/tsx (tsx)

v4.19.1

Compare Source

v4.19.0

Compare Source

v4.18.0

[Compare Source](https://redirect.github.com/private

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/[email protected]	environment	+3	2.56 MB	nicolo-ribaudo
npm/@rollup/[email protected]	None	+3	223 kB	guybedford, lukastaegert, rich_harris, ...1 more
npm/@sxzz/[email protected]	environment Transitive: eval, filesystem, shell, unsafe	+236	37.5 MB	sxzz
npm/@types/[email protected]	None	+1	2.26 MB	types
npm/@vue-macros/[email protected]	Transitive: environment, eval, filesystem, shell, unsafe	+97	16.7 MB	sxzz
npm/[email protected]	None	+2	2.01 MB	sxzz
npm/[email protected]	environment, filesystem, unsafe Transitive: network, shell	+71	7.02 MB	antfu
npm/[email protected]	environment, filesystem, network, shell	0	134 kB	esbuild, evanw
npm/[email protected]	environment Transitive: eval, filesystem, shell, unsafe	+89	10.2 MB	eslintbot
npm/[email protected]	None	+1	2.3 MB	eventualbuddha, lukastaegert, rich_harris, ...2 more
npm/[email protected]	Transitive: environment, filesystem, network, shell, unsafe	+95	7.65 MB	egoist, sxzz
npm/[email protected]	Transitive: filesystem, unsafe	+3	678 kB	hirokiosame
npm/[email protected]	None	0	22.4 MB	typescript-bot
npm/[email protected]	Transitive: environment	+2	776 kB	antfu, sxzz
npm/[email protected]	Transitive: environment	+4	364 kB	antfu, oreanno, patak, ...1 more
npm/[email protected]	Transitive: environment, filesystem, network, shell	+5	3.77 MB	antfu, patak, soda, ...2 more
npm/[email protected]	Transitive: environment, filesystem, shell, unsafe	+30	3.76 MB	antfu, oreanno, patak, ...1 more
npm/[email protected]	environment, eval Transitive: filesystem	+19	13.4 MB	yyx990803

🚮 Removed packages: npm/@babel/[email protected], npm/@rollup/[email protected], npm/@sxzz/[email protected], npm/@types/[email protected], npm/@vue-macros/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎