chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@nuxt/devtools	^0.2.5 -> ^0.3.1
@nuxt/kit	^3.3.1 -> ^3.3.2
@nuxt/schema	^3.3.1 -> ^3.3.2
@types/node (source)	^18.15.5 -> ^18.15.10
esbuild	^0.17.12 -> ^0.17.14
nuxt	^3.3.1 -> ^3.3.2
pnpm (source)	7.30.0 -> 7.30.3
pnpm (source)	7.28.0 -> 7.30.3
quasar (source)	^2.11.8 -> ^2.11.9
rollup (source)	^3.20.0 -> ^3.20.2
type-fest	^3.6.1 -> ^3.7.1
vite-plugin-pwa	^0.14.5 -> ^0.14.6
vitepress (source)	^1.0.0-alpha.61 -> ^1.0.0-alpha.63

---

Release Notes

nuxt/devtools

v0.3.1

Compare Source

Bug Fixes

• explicit import defineNuxtPlugin (03535dc)

v0.3.0

Compare Source

Changes

• Panel toggle shortcut changed to Shift + Alt + D (#​153)
• Some design improvements
• New tabs
  • Assets
  • Terminals
• Support upgrading packages in devtools
• Able to measure plugins execution time
• For module authors:
  • @nuxt/devtools-kit is introduced, you can safely depend on it
  • @nuxt/devtools/kit is moved @nuxt/devtools-kit
  • @nuxt/devtools/iframe-client is moved to @nuxt/devtools-kit/iframe-client
  • Extendable RPC is introduced, you can now integration your own client-server communication
• Learn more at docs

New Tabs

Assets

The assets tab that shows all your static assets and their information. You can copy the paths of the assets, or the code snippets of using them. In the future, with the integrations of Nuxt Image, you can even optimize images with a single click.

Plugins

Plugins tab shows all the plugins you are using in your app. As plugins runs before the app is mounted,the time spent in each plugin should be minimal to avoid blocking the app from rendering. The time cost of each plugin provided can be helpful to find performance bottlenecks.

Terminals Tab

In some integrations, they might require to have subprocesses running to do certain jobs. Before DevTools, you either hide the output of the subprocess entirely and swallow the potential warnings/errors, or pipe to stdout and pollute your terminal with multiple outputs. Now you can now have the outputs in DevTools for each process and clearly isolated.

---

Bug Fixes

• assets: show <NuxtImage> snippet when @nuxt/image is installed (#​133) (d440f14)
• change shortcut to Shift + Alt + D, close #​153 (ede19a7)
• component inspector, close #​137 (d608a0f)
• components graph layout (b853005)
• display font preview in assets detail (a18c762)
• extra scrollbar (#​139) (a94fd4d)
• improve path display (7ed9657)
• make assets detail scrollable (f0a547d)
• popper text color in light mode (254b45e)
• scrolling regression after splitpanes (455ec6c)
• ui: fix unexpected sidenav icon scale on windows chrome (#​138) (310117a)
• vue inspector in latest Nuxt (f736291)

Features

• able to disable tabs, close #​132 (0572b18)
• add customTabs option, close #​113 (f172ffb)
• add visual dialog to upgrade (d4b43c2)
• ask for restart once upgrade finished (8a97d78)
• expose info on devtools:initialized (71f300d)
• extendable rpc (#​131) (96080a8)
• improve assets details view (7b03da3)
• init terminal support (#​125) (df3b1db)
• initial assets tab (#​120) (fd99453)
• initial support for upgrading packages in devtools (#​134) (4deb883)
• introduce @nuxt/devtools/kit (#​116) (4a403e2)
• measuring plugins time (38acefb)
• option in npm version check (370f799)
• refresh data (09bf33f)
• self upgrade (1a56f53)
• sticky drawer header (#​105) (0813626)
• support file path as meta (6faec60)
• support load shiki-es only when needed (#​142) (ca6a64a)
• support ui scaling, close #​117 (df4a35f)
• ui: always collapse drawer to give more spaces (b7c8add)

Performance Improvements

• hide the horizontal scroll bar (#​124) (6f73c6f)

0.2.5 (2023-02-28)

Bug Fixes

• client: make iframe-client reactive (7f1df2c)
• client: make ws connection non-blocking (6ed46e0)
• deprioritize runtime categoray in components (14d3857)
• filter out lazy runtime component (507cae2)
• ui-kit: make make code block reactive to color mode (2c530d8)
• ui-kit: runtime utils reference (2111622)

Features

• add storage tab (#​100) (c153313)
• disconnect indicator (579e091)
• extract resize panel (a30ea5f)
• ui-kit: introduce NCodeBlock and NMarkdown components (f9a4f4b)

0.2.4 (2023-02-28)

Bug Fixes

• hooks extend type (019bad4)
• ui-kit: remove nuxt components override (132bafe)

Features

• able to disable inspectors, close #​103 (56d9c56)
• add show workspace filter to component graph (ad8118e)
• client: add splitpanes for resizable columns (#​101) (2846ab2)
• re-layout component views (2db818a)
• ui-kit: expose NSectionBlock and NIconTitle, introduce NSelect (#​102) (cebe031)

0.2.3 (2023-02-24)

Bug Fixes

• always extends fs.allow (0c07ee0)
• improve isGlobalInstall detection (500215d)

0.2.2 (2023-02-24)

Bug Fixes

• external vite (fc78ef6)

0.2.1 (2023-02-24)

Bug Fixes

• always show shortcut tip (01ddd67)
• should not override Vite's default fs.allow (9b24dd7)

nuxt/nuxt

v3.3.2

Compare Source

3.3.2 is a patch release with plenty of bug fixes.

✅ Upgrading

As usual, our recommendation for upgrading is to run:

nuxi upgrade --force

This will refresh your lockfile as well, and ensures that you pull in updates from other dependencies that Nuxt relies on, particularly in the unjs ecosystem.

👉 Changelog

compare changes

🔥 Performance

• nuxt: Experimentally disable vue server renderer nitro endpoint (#​19825)

🩹 Fixes

• kit: Provide name to performance.mark() (#​19687)
• nuxt: Unpause DOM updates on suspense resolve (#​19740)
• kit: Handle node 14 performance behaviour (#​19733)
• webpack: Transpile app directory (#​19773)
• nuxt: Unset context after app is created (#​19753)
• cli: Watch dist and register restart hook after nuxt is ready (#​19736)
• nuxt: Ignore falsy modules (#​19684)
• nuxt: Use h3 utilities to set response status/code (#​19713)
• nuxt: Add temporary augmentation for webstorm (and docs) (#​19400)
• nuxt: Handle external navigation to api routes (#​19829)
• nuxt: Observe slot element in custom nuxt-link (#​19802)
• nuxt: Directly render server components (#​19605)
• vite: Support multiple rollup entries (#​19842)
• nuxt: Ignore schema types that eval to any (#​19835)
• nuxt: Use prerender cache for islands (#​19822)
• nuxt: Add missing import in islands template (#​19870)
• kit: Check if nuxt is restarting before updating templates (#​19830)
• test-utils: Allow overriding nitro options (#​19872)
• kit: Add legacy entrypoints for pre v3.3 usage (#​19874)

📖 Documentation

• Fix auto-imports example (#​19520, #​19690)
• Update seo and meta page (#​19697)
• introduction: First batch of improvements (98b9afa6d)
• Update module author guide (#​18551)
• Add 'going further' section for custom routing (#​19565)
• Improve installation prerequisites (c570ae272)
• Update custom routing link (8d644903b)
• Add backticks (#​19721)
• Add link to layout transitions (#​19770)
• Fix typo (#​19775)
• Fix typo (#​19779)
• Fix typo (#​19785)
• Add missing comma (#​19791)
• Update legacy server examples (#​19797)
• Third-party state management and migration guide (#​19798)
• Link to module request issue template (#​19754)
• Improve swr documentation (#​18743)
• Add another example for useAsyncData (#​19225)
• Avoid $fetch in top-level <script setup> (#​19357)
• Removing deprecated coming soon banner (#​19817)
• Add serialization section to data fetching (#​19336)
• Add protocol to superjson link (cebfcb3da)
• Update play on X links (8c11498a5)
• Add missing return statement (fc7867fb0)
• Replace @nuxt/kit example with node built-ins (#​19873)
• Add layers video by LearnVue (d3d09d5d3)
• Improve components page (340725bb0)

🏡 Chore

• Add internal types for nitro/app (#​19745)
• Remove unused TS directive (0b5ba6c3e)
• Bump package versions (6d7161270)
• Bump package versions (2580cc830)
• Bump package versions (3ee97b125)

✅ Tests

• Remove sourcemaps from minimal test (#​19730)
• Bump bundle size (e57c797f2)
• Alias test-utils back to src again (8b06b06a0)

🤖 CI

• Test built packages (#​19767)

❤️ Contributors

• Daniel Roe [email protected]
• Sébastien Chopin (@​Atinux)
• Warflash <nwiesinger67@​gmail.com>
• Pooya Parsa [email protected]
• Harlan Wilton (@​harlan-zw)
• Julien Huang [email protected]
• Mehdi HosseinZade (@​xtoolkit)
• Mahdi Boomeri [email protected]
• Saeid Zareie
• Özüm Eldoğan (@​ozum)
• Jakub Zomerfeld (@​devzom)
• Alan Poulain [email protected]
• Emil Rosenius
• Ege İliklier (@​Maiquu)
• Anthony Fu <anthonyfu117@​hotmail.com>
• Adrien Zaganelli (@​adrienZ)
• Fahmi Elfituri (@​fahmifitu)
• Kuizuo (@​kuizuo)
• Cunzaizhuyi (@​cunzaizhuyi)
• Cue [email protected]
• Fleet Labs Ghana (@​joeokat)
• Zack Hatlen (@​zackha)
• Leopold Kristjansson (@​leopoldkristjansson)
• Nick Medrano
• Matthew Woods <mattwoods9170@​gmail.com>

evanw/esbuild

v0.17.14

Compare Source

• Allow the TypeScript 5.0 const modifier in object type declarations (#​3021)

  The new TypeScript 5.0 const modifier was added to esbuild in version 0.17.5, and works with classes, functions, and arrow expressions. However, support for it wasn't added to object type declarations (e.g. interfaces) due to an oversight. This release adds support for these cases, so the following TypeScript 5.0 code can now be built with esbuild:

  interface Foo { <const T>(): T }
  type Bar = { new <const T>(): T }

• Implement preliminary lowering for CSS nesting (#​1945)

  Chrome has implemented the new CSS nesting specification in version 112, which is currently in beta but will become stable very soon. So CSS nesting is now a part of the web platform!

  This release of esbuild can now transform nested CSS syntax into non-nested CSS syntax for older browsers. The transformation relies on the :is() pseudo-class in many cases, so the transformation is only guaranteed to work when targeting browsers that support :is() (e.g. Chrome 88+). You'll need to set esbuild's target to the browsers you intend to support to tell esbuild to do this transformation. You will get a warning if you use CSS nesting syntax with a target which includes older browsers that don't support :is().

  The lowering transformation looks like this:

  /* Original input */
  a.btn {
    color: #​333;
    &:hover { color: #​444 }
    &:active { color: #​555 }
  }
  
  /* New output (with --target=chrome88) */
  a.btn {
    color: #​333;
  }
  a.btn:hover {
    color: #​444;
  }
  a.btn:active {
    color: #​555;
  }

  More complex cases may generate the :is() pseudo-class:

  /* Original input */
  div, p {
    .warning, .error {
      padding: 20px;
    }
  }
  
  /* New output (with --target=chrome88) */
  :is(div, p) :is(.warning, .error) {
    padding: 20px;
  }

  In addition, esbuild now has a special warning message for nested style rules that start with an identifier. This isn't allowed in CSS because the syntax would be ambiguous with the existing declaration syntax. The new warning message looks like this:

  ▲ [WARNING] A nested style rule cannot start with "p" because it looks like the start of a declaration [css-syntax-error]
  
      <stdin>:1:7:
        1 │ main { p { margin: auto } }
          │        ^
          ╵        :is(p)
  
    To start a nested style rule with an identifier, you need to wrap the identifier in ":is(...)" to
    prevent the rule from being parsed as a declaration.
  

  Keep in mind that the transformation in this release is a preliminary implementation. CSS has many features that interact in complex ways, and there may be some edge cases that don't work correctly yet.

• Minification now removes unnecessary & CSS nesting selectors

  This release introduces the following CSS minification optimizations:

  /* Original input */
  a {
    font-weight: bold;
    & {
      color: blue;
    }
    & :hover {
      text-decoration: underline;
    }
  }
  
  /* Old output (with --minify) */
  a{font-weight:700;&{color:#​00f}& :hover{text-decoration:underline}}
  
  /* New output (with --minify) */
  a{font-weight:700;:hover{text-decoration:underline}color:#​00f}

• Minification now removes duplicates from CSS selector lists

  This release introduces the following CSS minification optimization:

  /* Original input */
  div, div { color: red }
  
  /* Old output (with --minify) */
  div,div{color:red}
  
  /* New output (with --minify) */
  div{color:red}

v0.17.13

Compare Source

• Work around an issue with NODE_PATH and Go's WebAssembly internals (#​3001)

  Go's WebAssembly implementation returns EINVAL instead of ENOTDIR when using the readdir syscall on a file. This messes up esbuild's implementation of node's module resolution algorithm since encountering ENOTDIR causes esbuild to continue its search (since it's a normal condition) while other encountering other errors causes esbuild to fail with an I/O error (since it's an unexpected condition). You can encounter this issue in practice if you use node's legacy NODE_PATH feature to tell esbuild to resolve node modules in a custom directory that was not installed by npm. This release works around this problem by converting EINVAL into ENOTDIR for the readdir syscall.

• Fix a minification bug with CSS @layer rules that have parsing errors (#​3016)

  CSS at-rules require either a {} block or a semicolon at the end. Omitting both of these causes esbuild to treat the rule as an unknown at-rule. Previous releases of esbuild had a bug that incorrectly removed unknown at-rules without any children during minification if the at-rule token matched an at-rule that esbuild can handle. Specifically cssnano can generate @layer rules with parsing errors, and empty @layer rules cannot be removed because they have side effects (@layer didn't exist when esbuild's CSS support was added, so esbuild wasn't written to handle this). This release changes esbuild to no longer discard @layer rules with parsing errors when minifying (the rule @layer c has a parsing error):

  /* Original input */
  @​layer a {
    @​layer b {
      @​layer c
    }
  }
  
  /* Old output (with --minify) */
  @​layer a.b;
  
  /* New output (with --minify) */
  @​layer a.b.c;

• Unterminated strings in CSS are no longer an error

  The CSS specification provides rules for handling parsing errors. One of those rules is that user agents must close strings upon reaching the end of a line (i.e., before an unescaped line feed, carriage return or form feed character), but then drop the construct (declaration or rule) in which the string was found. For example:

  p {
    color: green;
    font-family: 'Courier New Times
    color: red;
    color: green;
  }

  ...would be treated the same as:

  p { color: green; color: green; }

  ...because the second declaration (from font-family to the semicolon after color: red) is invalid and is dropped.

  Previously using this CSS with esbuild failed to build due to a syntax error, even though the code can be interpreted by a browser. With this release, the code now produces a warning instead of an error, and esbuild prints the invalid CSS such that it stays invalid in the output:

  /* esbuild's new non-minified output: */
  p {
    color: green;
    font-family: 'Courier New Times
    color: red;
    color: green;
  }

  /* esbuild's new minified output: */
  p{font-family:'Courier New Times
  color: red;color:green}

pnpm/pnpm

v7.30.3

Compare Source

Patch Changes

• Should use most specific override rule when multiple rules match the same target #​6210.
• Fix regression introduced in v7.30.1 #​6271.

Our Gold Sponsors

Our Silver Sponsors

v7.30.2

Compare Source

v7.30.1

Compare Source

Patch Changes

• Don't write the pnpm-lock.yaml file if it has no changes and pnpm install --frozen-lockfile was executed #​6158.
• Fix git-hosted dependencies referenced via git+ssh that use semver selectors #​6239.
• When publish some package throws an error, the exit code should be non-zero #​5528.
• Only three paths are displayed in pnpm audit output #​6203
• Aliased packages should be used to resolve peer dependencies too #​4301.

Our Gold Sponsors

Our Silver Sponsors

quasarframework/quasar

v2.11.9

Compare Source

New

• feat(QEditor): add events for the link toolbar (link-show and link-hide) (#​15615)

Fixes

• fix(ui): import transformation build script should not touch the new test files #​15608
• fix(QInput): mask - add forgotten text selection for DEL/BS #​15594 (#​15597)

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

• Becoming a sponsor on Github
• One-off donation via PayPal

rollup/rollup

v3.20.2

Compare Source

2023-03-24

Bug Fixes

• Fix a crash when using a manual chunk entry that is not already included in the module graph (#​4921)
• Fix a crash when reporting a warning with incorrect sourcemap information (#​4922)

Pull Requests

• #​4921: Handle manual chunks where the entry is not part of the module graph (@​lukastaegert)
• #​4922: Do not fail if the location of a warning is outside the original source (@​lukastaegert)

v3.20.1

Compare Source

2023-03-23

Bug Fixes

• Fix returned file name from this.getFileName when assets are deduplicated (#​4919)

Pull Requests

• #​4919: Only set asset names when finalizing (@​lukastaegert)

sindresorhus/type-fest

v3.7.1

Compare Source

• Fix missing export (#​580) 3deac35

v3.7.0

Compare Source

New types

• TaggedUnion (#​566) 2e1cec8
• IsLiteral (#​563) 9d00bac
• IsStringLiteral (#​563) 9d00bac
• IsNumericLiteral (#​563) 9d00bac
• IsBooleanLiteral (#​563) 9d00bac
• IsSymbolLiteral (#​563) 9d00bac
• AbstractClass (#​559) 9b12767
• AbstractConstructor (#​559) 9b12767

Improvements

• Except: Add requireExactProps option (#​560) c5743c9
• TsConfigJson: Add TypeScript 5.0 options (#​573) aafc938

antfu/vite-plugin-pwa

v0.14.6

Compare Source

   🐞 Bug Fixes

• Types regression in v0.14.5  -  by @​userquin in https://github.com/vite-pwa/vite-plugin-pwa/issues/491 (32841)

    View changes on GitHub

vuejs/vitepress

v1.0.0-alpha.63

Compare Source

Bug Fixes

• theme: allow adding html as feature icons (e5bc1e1)
• theme: remove label background of code-group tabs (#​2136) (eac03f2)

Features

• more flexible ignoreDeadLinks (#​2135) (3235c23)

v1.0.0-alpha.62

Compare Source

Bug Fixes

• make md includes work with rewrites (#​1898) (3553f01)
• theme: don't show outline when no header is there (#​2117) (42a0ef2)
• theme: fix aside position when footer is there (#​2115) (aecdeb9)
• theme: properly align not found icon in algolia (#​2116) (83ce1b8)
• theme: use locale lang instead of navigator lang for last updated (#​2118) (56a7d9a)

---

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 6c940ea

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[socket-security]

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all

Ignoring: [email protected]

Pull request alert summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

📊 Modified Dependency Overview:

➕ Added Package	Capability Access	+/- Transitive Count	Publisher
[email protected]	network, filesystem, shell, environment	+0	evanw

⬆️ Updated Package	Version Diff	Capability Access	+/- Transitive Count	Publisher
[email protected]	0.14.5...0.14.6	filesystem	+0/-0	userquin
[email protected]	2.11.8...2.11.9	None	+0/-0	rstoenescu

🚮 Removed packages: @nuxt/[email protected], @nuxt/[email protected], @nuxt/[email protected], [email protected]

[sxzz]

@SocketSecurity ignore esbuild@*