fix(deps): update non-major-updates (feature/beta-release)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@tanstack/react-query (source)	^5.95.0 → ^5.95.2			dependencies	patch
@typescript-eslint/eslint-plugin (source)	^8.57.1 → ^8.57.2			devDependencies	patch
@typescript-eslint/parser (source)	^8.57.1 → ^8.57.2			devDependencies	patch
@typescript-eslint/utils (source)	^8.57.1 → ^8.57.2			devDependencies	patch
@vitest/coverage-istanbul (source)	^4.0.18 → ^4.1.1			devDependencies	minor
@vitest/coverage-v8 (source)	^4.0.18 → ^4.1.1			devDependencies	minor
@vitest/ui (source)	^4.0.18 → ^4.1.1			devDependencies	minor
github/codeql-action	05b1a5d → 72c0b0e			action	digest
i18next (source)	^25.10.4 → ^25.10.5			dependencies	patch
knip (source)	^6.0.2 → ^6.0.4			devDependencies	patch
react-i18next	^16.6.1 → ^16.6.2			dependencies	patch
react-router-dom (source)	^7.13.1 → ^7.13.2			dependencies	patch
renovatebot/github-action	v46.1.5 → v46.1.6			action	patch
tar	^7.5.12 → ^7.5.13			devDependencies	patch
typescript (source)	^6.0.1-rc → ^6.0.2			devDependencies	patch
typescript (source)	^6.0.1-rc → ^6.0.2			overrides	patch
typescript-eslint (source)	^8.57.1 → ^8.57.2			devDependencies	patch
vite (source)	^8.0.1 → ^8.0.2			devDependencies	patch
vite (source)	8.0.1 → 8.0.2			overrides	patch
vite (source)	^8.0.1 → ^8.0.2			devDependencies	patch
vitest (source)	^4.0.18 → ^4.1.1			devDependencies	minor

---

Release Notes

vitest-dev/vitest (@​vitest/coverage-istanbul)

v4.1.1

Compare Source

   🚀 Features

• experimental:
  • Expose matchesTags to test if the current filter matches tags  -  by @​sheremet-va in #​9913 (eec53)
  • Introduce experimental.vcsProvider  -  by @​sheremet-va in #​9928 (56115)

   🐞 Bug Fixes

• Mark TestProject.testFilesList internal properly  -  by @​sapphi-red in #​9867 (54f26)
• Detect fixture that returns without calling use  -  by @​oilater in #​9831 and #​9861 (633ae)
• Drop vite 8.beta support  -  by @​AriPerkkio in #​9862 (b78f5)
• Type regression in vi.mocked() static class methods  -  by @​purepear and @​hi-ogawa in #​9857 (90926)
• Properly re-evaluate actual modules of mocked external  -  by @​hi-ogawa in #​9898 (ae5ec)
• Preserve coverage report when html reporter overlaps  -  by @​hi-ogawa in #​9889 (2d81a)
• Provide vi.advanceTimers to the preview provider  -  by @​sheremet-va in #​9891 (1bc3e)
• Don't leak event listener in playwright provider  -  by @​sheremet-va in #​9910 (d9355)
• Open browser in --standalone mode without running tests  -  by @​sheremet-va in #​9911 (e78ad)
• Guard disposable and optional body  -  by @​sheremet-va in #​9912 (6fdb2)
• Resolve retry.condition RegExp serialization issue  -  by @​nstepien and @​hi-ogawa in #​9942 (7b605)
• collect:
  • Don't treat extra props on test return as tests  -  by @​sheremet-va in #​9871 (141e7)
• coverage:
  • Simplify provider types  -  by @​AriPerkkio in #​9931 (aaf9f)
  • Load built-in provider without module runner  -  by @​AriPerkkio in #​9939 (bf892)
• expect:
  • Soft assertions continue after .resolves/.rejects promise errors  -  by @​mixelburg, Maks Pikov, Claude Opus 4.6 (1M context) and @​hi-ogawa in #​9843 (6d74b)
  • Fix sinon-chai style API  -  by @​hi-ogawa in #​9943 (0f08d)
• pretty-format:
  • Limit output for large object  -  by @​hi-ogawa and Claude Opus 4.6 (1M context) in #​9949 (0d5f9)

    View changes on GitHub

v4.1.0

Compare Source

Vitest 4.1 is out!

This release page lists all changes made to the project during the 4.1 beta. To get a review of all the new features, read our blog post.

   🚀 Features

• Return a disposable from doMock()  -  by @​kirkwaiblinger in #​9332 (e3e65)
• Added chai style assertions  -  by @​ronnakamoto and @​sheremet-va in #​8842 (841df)
• Update to sinon/fake-timers v15 and add setTickMode to timer controls  -  by @​atscott and @​sheremet-va in #​8726 (4b480)
• Expose matcher types  -  by @​sheremet-va in #​9448 (3e4b9)
• Add toTestSpecification to reported tasks  -  by @​sheremet-va in #​9464 (1a470)
• Show a warning if vi.mock or vi.hoisted are declared outside of top level of the module  -  by @​sheremet-va in #​9387 (5db54)
• Track and display expectedly failed tests (.fails) in UI and CLI  -  by @​Copilot, sheremet-va and @​sheremet-va in #​9476 (77d75)
• Support tags  -  by @​sheremet-va in #​9478 (de7c8)
• Implement aroundEach and aroundAll hooks  -  by @​sheremet-va in #​9450 (2a8cb)
• Stabilize experimental features  -  by @​sheremet-va in #​9529 (b5fd2)
• Accept new or all in --update flag  -  by @​sheremet-va in #​9543 (a5acf)
• Support meta in test options  -  by @​sheremet-va in #​9535 (7d622)
• Support type inference with a new test.extend syntax  -  by @​sheremet-va in #​9550 (e5385)
• Support vite 8 beta, fix type issues in the config with different vite versions  -  by @​sheremet-va in #​9587 (99028)
• Add assertion helper to hide internal stack traces  -  by @​hi-ogawa and Claude Opus 4.6 in #​9594 (eeb0a)
• Store failure screenshots using artifacts API  -  by @​macarie in #​9588 (24603)
• Allow vitest list to statically collect tests instead of running files to collect them  -  by @​sheremet-va in #​9630 (7a8e7)
• Add --detect-async-leaks  -  by @​AriPerkkio in #​9528 (c594d)
• Implement mockThrow and mockThrowOnce  -  by @​thor-juhasz and @​sheremet-va in #​9512 (61917)
• Support update: "none" and add docs about snapshots behavior on CI  -  by @​hi-ogawa in #​9700 (05f18)
• Support playwright launchOptions with connectOptions  -  by @​hi-ogawa in #​9702 (f0ff1)
• Add page/locator.mark API to enhance playwright trace  -  by @​hi-ogawa in #​9652 (d0ee5)
• api:
  • Support tests starting or ending with test in experimental_parseSpecification  -  by @​jgillick and Jeremy Gillick in #​9235 (2f367)
  • Add filters to createSpecification  -  by @​sheremet-va in #​9336 (c8e6c)
  • Expose runTestFiles as alternative to runTestSpecifications  -  by @​sheremet-va in #​9443 (43d76)
  • Add allowWrite and allowExec options to api  -  by @​sheremet-va in #​9350 (20e00)
  • Allow passing down test cases to toTestSpecification  -  by @​sheremet-va in #​9627 (6f17d)
• browser:
  • Add userEvent.wheel API  -  by @​macarie in #​9188 (66080)
  • Add filterNode option to prettyDOM for filtering browser assertion error output  -  by @​Copilot, sheremet-va and @​sheremet-va in #​9475 (d3220)
  • Support playwright persistent context  -  by @​hi-ogawa, Claude Opus 4.6 and @​sheremet-va in #​9229 (f865d)
  • Added detailsPanelPosition option and button  -  by @​shairez in #​9525 (c8a31)
  • Use BlazeDiff instead of pixelmatch  -  by @​macarie in #​9514 (30936)
  • Add findElement and enable strict mode in webdriverio and preview  -  by @​sheremet-va in #​9677 (c3f37)
• cli:
  • Add @​bomb.sh/tab completions  -  by @​AmirSa12 and @​sheremet-va in #​8639 (200f3)
• coverage:
  • Support ignore start/stop ignore hints  -  by @​AriPerkkio in #​9204 (e59c9)
  • Add coverage.changed option to report only changed files  -  by @​kykim00 and @​AriPerkkio in #​9521 (1d939)
• experimental:
  • Add onModuleRunner hook to worker.init  -  by @​sheremet-va in #​9286 (e977f)
  • Option to disable the module runner  -  by @​sheremet-va and @​AriPerkkio in #​9210 (9be61)
  • Add importDurations: { limit, print } options  -  by @​hi-ogawa, Claude Opus 4.6 and @​sheremet-va in #​9401 (7e10f)
  • Add print and fail thresholds for importDurations  -  by @​hi-ogawa and Claude Opus 4.6 in #​9533 (3f7a5)
• fixtures:
  • Pass down file context to beforeAll/afterAll  -  by @​sheremet-va in #​9572 (c8339)
• reporters:
  • Add agent reporter to reduce ai agent token usage  -  by @​cpojer in #​9779 (3e9e0)
• runner:
  • Enhance retry options  -  by @​MazenSamehR, Matan Shavit, @​AriPerkkio and @​sheremet-va in #​9370 (9e4cf)
• ui:
  • Allow run individual test/suites  -  by @​userquin in #​9465 (73b10)
  • Add project filter/sort support  -  by @​userquin in #​8689 (0c7ea)
  • Add duration sorting to explorer  -  by @​julianhahn and @​cursoragent in #​9603 (209b1)
  • Implement filter for slow tests  -  by @​DerYeger and @​userquin in #​9705 (8880c)
• vitest:
  • Add run summary in GitHub Actions Reporter  -  by @​macarie and jhnance in #​9579 (96bfc)

   🐞 Bug Fixes

• Deprecate several vitest/* entry points  -  by @​sheremet-va in #​9347 (fd459)
• Use meta.url in createRequire  -  by @​sheremet-va in #​9441 (e3422)
• Preact browser mode init example of render function not async  -  by @​WuMingDao in #​9375 (2bea5)
• Deprecate unused types in matcher context  -  by @​sheremet-va in #​9449 (20f87)
• Handle external/noExternal during configEnvironment hook  -  by @​hi-ogawa and Claude Opus 4.6 in #​9508 (59ea2)
• Replace default ssr environment runner with Vitest server module runner  -  by @​hi-ogawa and Claude Opus 4.6 in #​9506 (cd5db)
• Propagate experimental CLI options to child projects  -  by @​hi-ogawa and Claude Opus 4.6 in #​9531 (b624f)
• Show a warning when browser.isolate is used  -  by @​sheremet-va in #​9410 (3d48e)
• Fix vi.mock({ spy: true }) node v8 coverage  -  by @​hi-ogawa, hi-ogawa and Claude Opus 4.6 in #​9541 (687b6)
• Don't show internal ssr handler in errors  -  by @​sheremet-va in #​9547 (76c43)
• Close vitest if it failed to start  -  by @​sheremet-va in #​9573 (728ba)
• Fix ssr environment runner in project  -  by @​hi-ogawa in #​9584 (09006)
• Trim trailing white spaces in code block  -  by @​hi-ogawa in #​9591 (f78be)
• Support inline snapshot inside test.for/each  -  by @​hi-ogawa in #​9590 (615fd)
• Apply source maps for external module stack trace  -  by @​hi-ogawa in #​9152 (79e20)
• Remove the .name from statically collected test  -  by @​sheremet-va in #​9596 (b66ff)
• Don't suppress warnings on pnp  -  by @​sheremet-va in #​9602 (89cbd)
• Support snapshot with expect.soft  -  by @​iumehara, @​hi-ogawa and Claude Opus 4.6 in #​9231 (3eb2c)
• Log seed when only sequence.shuffle.tests is enabled  -  by @​kaigritun, Kai Gritun and @​sheremet-va in #​9576 (8182b)
• Externalize expect/src/utils from vitest  -  by @​hi-ogawa in #​9616 (48739)
• Ignore test.override during static collection  -  by @​sheremet-va in #​9620 (09174)
• Increase stacktrace limit for --detect-async-leaks  -  by @​AriPerkkio in #​9638 (9fd4c)
• Hanging-reporter link in cli  -  by @​flx-sta in #​9649 (7c103)
• Fix teardown timeout of aroundEach/All when inner aroundEach/All throws  -  by @​hi-ogawa in #​9657 (4ec6c)
• Fix ui mode / html reporter and coverage integration  -  by @​hi-ogawa and Claude Opus 4.6 in #​9626 (86fad)
• Don't continue when aroundEach/All setup timed out  -  by @​hi-ogawa in #​9670 (bb013)
• Align VitestRunnerConfig optional fields with SerializedConfig  -  by @​hi-ogawa in #​9661 (79520)
• Handle Symbol values in format utility  -  by @​nami8824 in #​9658 (0583f)
• Deprecate toBe* spy assertions in favor of toHaveBeen* (and toThrowError)  -  by @​sheremet-va in #​9665 (4d390)
• Don't propagate nested aroundEach/All errors but aggregate them on runner  -  by @​hi-ogawa in #​9673 (b6365)
• Show a better error if there is a pending dynamic import  -  by @​sheremet-va in #​9676 (7ef5c)
• Preserve stack trace of resolves/rejects chained assertion error  -  by @​hi-ogawa in #​9679 (c6151)
• Handle module-sync condition in vmThreads/vmForks require  -  by @​lesleh in #​9650 and #​9651 (bb203)
• Hooks should respect maxConcurrency  -  by @​hi-ogawa in #​9653 (16d13)
• Recursively autospy module object  -  by @​hi-ogawa in #​9687 (695a8)
• Remove trailing spaces from diff error log  -  by @​hi-ogawa and @​sheremet-va in #​9680 (395d1)
• Respect project resolve.conditions for externals  -  by @​hi-ogawa in #​9717 (1d498)
• Use object for WeakMap instead of a symbol to support webcontainers  -  by @​sheremet-va in #​9731 (c5225)
• Fix re-mocking virtual module  -  by @​hi-ogawa in #​9748 (3cbbb)
• Cancelling should stop current test immediately  -  by @​AriPerkkio in #​9729 (0cb2f)
• Make mockObject change backwards compatible  -  by @​sheremet-va in #​9744 (84c69)
• Fix URL.name on jsdom  -  by @​hi-ogawa in #​9767 (031f3)
• Save and restore module graph in blob reporter  -  by @​hi-ogawa in #​9740 (84355)
• Don't silence reporter errors from test runtime events handler in normal run and --merge-reports  -  by @​hi-ogawa in #​9727 (4072d)
• Fix vi.importActual() for virtual modules  -  by @​hi-ogawa and Claude Opus 4.6 in #​9772 (1e89e)
• Throw FixtureAccessError if suite hook accesses undefined fixture  -  by @​sheremet-va in #​9786 (fc2ce)
• Allow hyphens in project config file name pattern  -  by @​Koutaro-Hanabusa and @​hi-ogawa in #​9760 (33e96)
• Manual and redirect mock shouldn't load or transform original module  -  by @​hi-ogawa and Claude Opus 4.6 in #​9774 (a8216)
• hideSkippedTests should not hide test.todo  -  by @​oilater in #​9562 and #​9781 (8181e)
• Allow catch/finally for async assertion  -  by @​hi-ogawa in #​9827 (031f0)
• Resolve fixture overrides from test's suite in beforeEach hooks  -  by @​hi-ogawa and Claude Opus 4.6 in #​9826 (99e52)
• Use isAgent check, not just TTY, for watch mode  -  by @​sheremet-va in #​9841 (c3cac)
• Use performance.now to measure test timeout duration  -  by @​hi-ogawa and Claude Opus 4.6 in #​9795 (f48a6)
• Correctly identify concurrent test during static analysis  -  by @​sheremet-va in #​9846 (1de0a)
• browser:
  • Avoid updating screenshots when toMatchScreenshot passes  -  by @​macarie in #​9289 (46aab)
  • Hide injected data-testid attributes  -  by @​sheremet-va in #​9503 (c8d2c)
  • Throw an error if iframe was reloaded  -  by @​sheremet-va in #​9516 (73a81)
  • Encode projectName in browser client URL  -  by @​dkkim0122 in #​9523 (5b164)
  • Don't take failure screenshot if tests have artifacts created by toMatchScreenshot  -  by @​macarie in #​9552 (83ca0)
  • Remove --remote-debugging-address from chrome args  -  by @​hi-ogawa and @​AriPerkkio in #​9712 (f09bb)
  • Make sure userEvent actions support ensureAwaited  -  by @​sheremet-va in #​9732 (97685)
  • Types of getCDPSession and cdp()  -  by @​AriPerkkio in #​9716 (689a2)
  • Skip esbuild.legalComments when using rolldown-vite  -  by @​Copilot, hi-ogawa and @​hi-ogawa in #​9803 (3505f)
• chai:
  • Don't allow deepEqual in the config because it's not serializable  -  by @​sheremet-va in #​9666 (9ee99)
• coverage:
  • Infer transform mode for uncovered files  -  by @​AriPerkkio in #​9435 (f3967)
  • thresholds.autoUpdate to preserve ending whitespace  -  by @​AriPerkkio in #​9436 (7e534)
• deps:
  • Update all non-major dependencies  -  by @​hi-ogawa in #​9192 (90c30)
  • Update all non-major dependencies  -  in #​9485 (c0118)
  • Update all non-major dependencies  -  in #​9567 (13c9e)
• docs:
  • Fix old /config/#option hash links causing hydration errors  -  by @​hi-ogawa, Claude Opus 4.6 and @​sheremet-va in #​9610 (a603c)
• expect:
  • toMatchObject(Map/Set) should expect Map/Set on left hand side  -  by @​hi-ogawa and Claude Opus 4.6 in #​9532 (381da)
  • Fix objectContaining with proxy  -  by @​hi-ogawa and Claude Opus 4.6 in #​9554 (7ce34)
  • Support arbitrary value equality for toThrow and make Error detection robust  -  by @​hi-ogawa and Claude Opus 4.6 in #​9570 (de215)
• mock:
  • Inject helpers after hashbang if present  -  by @​sheremet-va in #​9545 (65432)
• mocker:
  • Update vite's peer dependency range  -  by @​sheremet-va in #​9808 (36f9a)
• reporter:
  • dot reporter leaves pending tests  -  by @​AriPerkkio in #​9684 (4d793)
• runner:
  • Mark repeated tests as finished on last run  -  by @​AriPerkkio in #​9707 (cc735)
• spy:
  • Support deep partial in vi.mocked  -  by @​j2h30728 in #​8152 and #​9493 (71cb5)
  • Fallback to object accessor if descriptor's value is undefined  -  by @​sheremet-va in #​9511 (6f181)
  • Throw correct errors when shorthand methods are used on a class  -  by @​sheremet-va in #​9513 (5d0fd)
• types:
  • bench.reporters no longer gives type errors when passing file name string paths  -  by @​Bertie690 in #​9695 (093c8)
• ui:
  • Process artifact attachments when generating HTML reporter  -  by @​macarie in #​9472 (96eb9)
  • Don't fail if --ui and --root are specified together  -  by @​sheremet-va in #​9536 (d9305)

   🏎 Performance

• pretty-format: Combine DOMElement plugins  -  by @​sheremet-va in #​9581 (da85a)

    View changes on GitHub

renovatebot/github-action (renovatebot/github-action)

v46.1.6

Compare Source

Documentation

• update references to renovatebot/github-action to v46.1.5 (f73dab3)

Miscellaneous Chores

• deps: update actions/cache action to v5.0.4 (5d78527)
• deps: update commitlint monorepo to v20.4.4 (797b143)
• deps: update commitlint monorepo to v20.5.0 (1f1c4d0)
• deps: update dependency esbuild to v0.27.4 (f5e1677)
• deps: update dependency lint-staged to v16.3.3 (a40b316)
• deps: update dependency lint-staged to v16.3.4 ([db5bf53](http

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

[github-actions]

✅ Supply Chain Verification Results

✅ PASSED

📦 SBOM Summary

• Components: 1483

🔍 Vulnerability Scan

Severity	Count
🔴 Critical	0
🟠 High	0
🟡 Medium	4
🟢 Low	2
Total	6

📎 Artifacts

• SBOM (CycloneDX JSON) and Grype results available in workflow artifacts

---

_{Generated by Supply Chain Verification workflow • View Details}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.