chore(deps): bump the pnpm-dependencies group with 6 updates

[dependabot]

Bumps the pnpm-dependencies group with 6 updates:

Package	From	To
@types/node	25.7.0	25.9.0
tsx	4.21.0	4.22.2
nuxt	4.4.5	4.4.6
vue-router	5.0.6	5.0.7
eslint	10.3.0	10.4.0
vue-tsc	3.2.8	3.3.0

Updates @types/node from 25.7.0 to 25.9.0

Commits

• See full diff in compare view

Updates tsx from 4.21.0 to 4.22.2

Release notes

Sourced from tsx's releases.

v4.22.2

4.22.2 (2026-05-18)

Bug Fixes

• preserve CJS JSON require in ESM hooks (35b700b)
• preserve named exports from CommonJS TypeScript (11de737)
• support module.exports require(esm) interop (cf8f199)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.22.1

4.22.1 (2026-05-17)

Bug Fixes

• resolve tsconfig path aliases containing a colon (#780) (6979f28)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.22.0

4.22.0 (2026-05-14)

Features

• upgrade esbuild to 0.28 (#789) (b29f6ee)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.21.1

4.21.1 (2026-05-14)

Bug Fixes

• support Node 20.11/21.2 import.meta paths (acf3d8f)
• support Node.js 24.15.0 (c1d2d45)
• support Node.js 26.1.0 and 25.9.0 (1d7e528)

---

This release is also available on:

... (truncated)

Commits

• 35b700b fix: preserve CJS JSON require in ESM hooks
• ef807db chore: update testing dependencies
• 3917090 test: document compatibility test taxonomy
• de8113f refactor: centralize Node capability facts
• c1f62db test: consolidate tsconfig path edge coverage
• 4e08174 test: consolidate loader hook coverage
• 674bb30 test: consolidate tsImport commonjs mts coverage
• e6972ac test: stabilize process interaction tests
• 9736a80 test: safely decode stdout stream tex
• 11de737 fix: preserve named exports from CommonJS TypeScript
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for tsx since your current version.

Updates nuxt from 4.4.5 to 4.4.6

Release notes

Sourced from nuxt's releases.

v4.4.6

4.4.6 is the next patch release.

👉 Changelog

compare changes

🩹 Fixes

• vite: Use spa entry for vite-node fallback (#35037)
• vite: Invalidate SSR module cache when modules are invalidated via plugin hooks (a86657a0e)
• nuxt: Match deduplicated resolveComponent calls in jsx blocks (#35028)
• nuxt: Prefer our own builder/server deps (#35029)
• nuxt: Update useFetch key even with watch: false (#35002)
• nitro: Mark @babel/plugin-syntax-typescript as optional peer dep (#35041)
• nitro: Add json extension to payload cache items (#35043)
• nuxt: Handle errors fetching app manifest (#35050)
• nuxt: Encode html-significant characters in external redirect body (#35052)
• nuxt: Preserve setPageLayout props on same-path navigation (#35055)
• vite: Don't strip buildAssetsDir from vite-node SSR ids (#35040)
• nuxt: Mark useLoadingIndicator properties as readonly (#35062)
• vite: Strip queries in css inline styles map (#35067)
• nitro: Validate island request hash matches props (#35077)
• nitro: Use regexp to strip query (163e18d4b)
• nitro: Use statusCode for nitro v2 compatibility (952f6841e)
• nitro-server: Re-export h3 named symbols statically (cd99001c8)
• nuxt: Render component-less parent routes during client-side nav (#35036)
• kit: Respect tsConfig.exclude in legacy tsconfig.json (#35079)
• nuxt: Run middleware for page islands (#35092)

💅 Refactors

• rspack,webpack: Extract same-origin check for dev middleware (#35051)

📖 Documentation

• Remove CSB, set node 22 and use steps for clarity (#35066)

🏡 Chore

• One more type, one more (50dcf15bb)
• Remove unneeded (?) overrides (6997093af)
• Use explicit versions for fixture dependencies (294a734d4)
• Ignore link-like syntax in code (2584a549c)
• Narrow engines.node in test (5bb17fb47)
• Remove unused import (a52d78626)

✅ Tests

• Relax relative time assertion (c3dcd16f9)
• Add type (732d844ad)
• Drop h3 v2 types (8286e5fcd)

🤖 CI

• Clean up agent-scan workflow (ab8317547)
• Continue autofix workflow when test:engines fails (3025e561e)
• Improve workflows (#35088)

❤️ Contributors

• Daniel Roe (@​danielroe)

... (truncated)

Commits

• 30a45f7 v4.4.6
• e881fe8 fix(nuxt): run middleware for page islands (#35092)
• 3310097 fix(nuxt): render component-less parent routes during client-side nav (#35036)
• b29f805 chore(deps): update all non-major dependencies (4.x) (#35075)
• e9cddf4 fix(nitro): validate island request hash matches props (#35077)
• 7499721 fix(nuxt): mark useLoadingIndicator properties as readonly (#35062)
• 38507a8 chore(deps): update dependency cssnano to v8 (4.x) (#35038)
• 5abe6d3 chore(deps): update all non-major dependencies (4.x) (#35046)
• 4bdd9dd fix(nuxt): preserve setPageLayout props on same-path navigation (#35055)
• 1ca9c44 fix(nuxt): encode html-significant characters in external redirect body (#35052)
• Additional commits viewable in compare view

Updates vue-router from 5.0.6 to 5.0.7

Release notes

Sourced from vue-router's releases.

v5.0.7

   🚀 Features

• Upgrade to babel 8  -  by @​posva (8d3e6)
• Make defineParamParser() more intuitive  -  by @​posva (8715b)
• Upgrade @vue/devtools-api  -  by @​posva (87c3a)
• matcher: Hint at params: {} workaround in discarded params warning  -  by @​posva and shanliuling in vuejs/router#2689 (c2b13)
• param-parsers: Add include/exclude options  -  by @​posva (91cde)

   🐞 Bug Fixes

• matcher:
  • Finalize param token before processing escaped colon  -  by @​babu-ch and @​posva in vuejs/router#2654 (20521)
• query:
  • Use Object.create(null) to prevent prototype pollution  -  by @​wdskuki, wdsmini and @​posva in vuejs/router#2661 (be88c)
• resolve:
  • Omit empty optional params from resolved params  -  by @​babu-ch and @​posva in vuejs/router#2434 (1ef09)
• types:
  • Wire RouteNamedMap via generated routes.d.ts  -  by @​posva in vuejs/router#2700 (aef99)
• unplugin:
  • Avoid generating empty routes  -  by @​FrontEndDog and @​posva in vuejs/router#2642 (10a8b)
  • Apply definePage path-param parser overrides  -  by @​posva in vuejs/router#2699 (c8074)
• volar:
  • Drop runtime @vue/language-core import  -  by @​danielroe in vuejs/router#2710 (8af50)

    View changes on GitHub

Commits

• ddd20c3 release: vue-router@5.0.7
• 91cdec3 feat(param-parsers): add include/exclude options
• 8af50c9 fix(volar): drop runtime @vue/language-core import (#2710)
• b840cd6 chore(ci): set least-privilege workflow token permissions (#2708)
• 51c1672 chore(release): use @​clack/prompts
• af77a7c chore: playground param type
• 641200a refactor(param-parsers): simplify defineParamParser
• 9b9896e chore: comments
• d41897b refactor: wip of defineParamParser
• 17d51fb chore: logs
• Additional commits viewable in compare view

Updates eslint from 10.3.0 to 10.4.0

Release notes

Sourced from eslint's releases.

v10.4.0

Features

• 1a45ec5 feat: check sequence expressions in for-direction (#20701) (kuldeep kumar)
• 450040b feat: add includeIgnoreFile() to eslint/config (#20735) (Kirk Waiblinger)

Bug Fixes

• 544c0c3 fix: escape code path DOT labels in debug output (#20866) (Pixel998)
• 6799431 fix: update dependency @​eslint/config-helpers to ^0.6.0 (#20850) (renovate[bot])
• f078fef fix: handle non-array deprecated rule replacements (#20825) (xbinaryx)

Documentation

• 7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869) (Pavel)
• db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865) (Kirk Waiblinger)
• 9084664 docs: Update README (GitHub Actions Bot)
• 9cc7387 docs: Update README (GitHub Actions Bot)
• 3d7b548 docs: Update README (GitHub Actions Bot)
• 191ec3c docs: Update README (GitHub Actions Bot)

Chores

• 6616856 chore: upgrade knip to v6 (#20875) (Pixel998)
• d13b084 ci: ensure auto-created PRs run CI (#20860) (lumir)
• e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862) (dependabot[bot])
• d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863) (kuldeep kumar)
• 24db8cb test: add tests for SuppressionsService.save() (#20802) (kuldeep kumar)
• 2ef0549 chore: update ecosystem plugins (#20857) (github-actions[bot])
• a429791 ci: remove eslint-webpack-plugin types integration test (#20668) (Milos Djermanovic)
• 9e37386 chore: replace recast with range approach in code-sample-minimizer (#20682) (Copilot)
• 0dd1f9f test: disable warning for vm.constants.USE_MAIN_CONTEXT_DEFAULT_LOADER (#20845) (Francesco Trotta)
• 9da3c7b refactor: remove deprecated meta.language and migrate meta.dialects (#20716) (Pixel998)
• 2099ed1 refactor: add meta.defaultOptions to more rules, enable linting (#20800) (xbinaryx)
• f1dfbc9 chore: update ecosystem plugins (#20836) (github-actions[bot])
• c759413 ci: bump pnpm/action-setup from 6.0.3 to 6.0.5 (#20843) (dependabot[bot])
• 5b817d6 test: add unit tests for lib/shared/ast-utils (#20838) (kuldeep kumar)
• 1c13ae3 test: add unit tests for lib/shared/severity (#20835) (kuldeep kumar)

Commits

• 452c401 10.4.0
• b6417e8 Build: changelog update for 10.4.0
• 6616856 chore: upgrade knip to v6 (#20875)
• d13b084 ci: ensure auto-created PRs run CI (#20860)
• 7e52a71 docs: add mention of @eslint-react/eslint-plugin (#20869)
• e71c7af ci: bump pnpm/action-setup from 6.0.5 to 6.0.7 (#20862)
• 544c0c3 fix: escape code path DOT labels in debug output (#20866)
• db3468b docs: tweak wording around ambiguous CJS-vs-ESM config (#20865)
• d84393d test: add unit tests for SuppressionsService.applySuppressions() (#20863)
• 9084664 docs: Update README
• Additional commits viewable in compare view

Updates vue-tsc from 3.2.8 to 3.3.0

Release notes

Sourced from vue-tsc's releases.

v3.3.0

Features

Refined Autocomplete for Component Props

Previously, we inferred props used for autocomplete from the component itself's type, which did not work well with components whose props need to be inferred dynamically, such as generics or discriminated unions.

Now, we have improved this feature to better align with TS behavior. See the following example:

<script lang="ts" setup>
  defineProps<
    | { type: "foo"; foo: string }
    | { type: "bar"; bar: string }
  >();
</script>
&lt;template>
<Self type="foo" :| />
<!--              ^ [foo, ...] -->
<Self type="bar" :| />
<!--              ^ [bar, ...] -->
</template>

When triggering completions at the two positions above, we will now get the props that are actually available in each corresponding case.

(PR: #5709)

Check Required Fallthrough Attributes

Consider the following structure:

<!-- basic.vue -->
<script lang="ts" setup>
  defineProps<{
    foo: string;
    bar: string;
  }>();
</script>

<!-- comp.vue -->
<script lang="ts" setup>
  import Basic from "./basic.vue";
</script>
&lt;template>
</tr></table>

... (truncated)

Changelog

Sourced from vue-tsc's changelog.

3.3.0 (2026-05-18)

language-core

• feat: check required fallthrough attributes (#6049) - Thanks to @​KazariEX!
• fix: penetrate v-if branch fragments when collecting single root nodes - Thanks to @​KazariEX!
• refactor: rename Sfc APIs to IR - Thanks to @​KazariEX!

language-service

• fix: reuse ASTs for define assignment suggestions - Thanks to @​KazariEX!
• fix: re-support html.customData (#5910) - Thanks to @​Bomberus!
• fix: strip ="" only for plain boolean props completion edits - Thanks to @​KazariEX!
• fix: reset to default data provider after running with vue data provider - Thanks to @​KazariEX!

typescript-plugin

• feat: refine props completion logic to follow TS behavior (#5709) - Thanks to @​KazariEX!

vscode

• fix: include extraFileExtensions in tsserver configure request payload (#6048) - Thanks to @​KazariEX!
• fix: write typescript plugins at build time (#6050) - Thanks to @​KazariEX!
• fix: avoid infinite diagnostics on Vue files when project diagnostics is enabled (#6051) - Thanks to @​KazariEX!

3.2.9 (2026-05-14)

language-core

• fix: do not process inline markdown syntax in semantic-aware segments (#6038) - Thanks to @​KazariEX!
• perf: rewrite a subset of template node transforms (#5769) - Thanks to @​KazariEX!

vscode

• fix: trigger file rename edits when moving folders with Vue files (#6046) - Thanks to @​KazariEX!

workspace

• chore: bump volar services to 0.0.71 (#6043) - Thanks to @​TRIS-H!

Commits

• 1088dce v3.3.0 (#6052)
• c8e90e4 v3.2.9 (#6045)
• ae6f658 chore: refine package publish file lists
• 2d029c7 chore: bump deps
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions