Skip to content

chore(deps): update all non-major dependencies #139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
danielroe merged 1 commit into from
Nov 29, 2025
Merged

chore(deps): update all non-major dependencies #139

danielroe merged 1 commit into from
Nov 29, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 20, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence Type Update
@tsconfig/node22 (source) 22.0.2 -> 22.0.5 age confidence devDependencies patch
@types/node (source) 22.18.10 -> 22.19.1 age confidence devDependencies minor
actions/checkout v5.0.0 -> v5.0.1 age confidence action patch
changelogithub 13.16.0 -> 13.16.1 age confidence devDependencies patch
danielroe/provenance-action v0.1.0 -> v0.1.1 age confidence action patch
jose 6.1.0 -> 6.1.2 age confidence dependencies patch
pnpm (source) 10.21.0 -> 10.24.0 age confidence packageManager minor
postgres 18.0-alpine -> 18.1-alpine age confidence minor
vue-tsc (source) 3.1.1 -> 3.1.5 age confidence devDependencies patch

Release Notes

tsconfig/bases (@​tsconfig/node22)

v22.0.5

Compare Source

v22.0.4

Compare Source

v22.0.3

Compare Source

actions/checkout (actions/checkout)

v5.0.1

Compare Source

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

antfu/changelogithub (changelogithub)

v13.16.1

Compare Source

   🐞 Bug Fixes
    View changes on GitHub
danielroe/provenance-action (danielroe/provenance-action)

v0.1.1

Compare Source

compare changes

🚀 Enhancements
  • Add support for bun.lock (#​12)
📖 Documentation
  • Use @main constraint for example (237ceea)
❤️ Contributors
panva/jose (jose)

v6.1.2

Compare Source

Refactor

v6.1.1

Compare Source

Documentation
  • add link to RFC9864 (767edde)
  • link to ML-DSA for JOSE (ed4252c)
  • remove mention of Edge Runtime from the readme (94fdde7)
  • update README.md (25098ef)
Refactor
  • eliminate named exports in the source code (f6ae30d)
  • expose setKeyManagementParameters also on a GeneralEncrypt Recipient (16e6b23)
  • faster path for symmetric key checks (a44c2ec)
  • improve en/decoding overheads (daee426)
pnpm/pnpm (pnpm)

v10.24.0

Compare Source

v10.23.0: pnpm 10.23

Compare Source

Minor Changes

  • Added --lockfile-only option to pnpm list #​10020.

Patch Changes

  • pnpm self-update should download pnpm from the configured npm registry #​10205.
  • pnpm self-update should always install the non-executable pnpm package (pnpm in the registry) and never the @pnpm/exe package, when installing v11 or newer. We currently cannot ship @pnpm/exe as pkg doesn't work with ESM #​10190.
  • Node.js runtime is not added to "dependencies" on pnpm add, if there's a engines.runtime setting declared in package.json #​10209.
  • The installation should fail if an optional dependency cannot be installed due to a trust policy check failure #​10208.
  • pnpm list and pnpm why now display npm: protocol for aliased packages (e.g., foo npm:is-odd@3.0.1) #​8660.
  • Don't add an extra slash to the Node.js mirror URL #​10204.
  • pnpm store prune should not fail if the store contains Node.js packages #​10131.

Platinum Sponsors

Bit

Gold Sponsors

Discord CodeRabbit Workleap
Stackblitz Vite

v10.22.0: pnpm 10.22

Compare Source

Minor Changes

  • Added support for trustPolicyExclude #​10164.

    You can now list one or more specific packages or versions that pnpm should allow to install, even if those packages don't satisfy the trust policy requirement. For example:

    trustPolicy: no-downgrade
trustPolicyExclude:
  - chokidar@4.0.3
  - webpack@4.47.0 || 5.102.1

  • Allow to override the engines field on publish by the publishConfig.engines field.

Patch Changes

  • Don't crash when two processes of pnpm are hardlinking the contents of a directory to the same destination simultaneously #​10179.

Platinum Sponsors

Bit

Gold Sponsors

Discord CodeRabbit Workleap
Stackblitz Vite
vuejs/language-tools (vue-tsc)

v3.1.5

Compare Source

v3.1.4

Compare Source

Bug Fixes
  • fix(language-service): prevent auto-insertion of html snippets in template interpolation (#​5744) - Thanks to @​serkodev!
  • fix(language-service): strip interpolations from document passed to html service - Thanks to @​KazariEX!
  • fix(language-core): report unused @ts-expect-error directive on components with loose props checks (#​5750) - Thanks to @​serkodev and @​KazariEX!
  • fix(language-core): respect directive comments before v-else (#​5753) - Thanks to @​serkodev and @​KazariEX!
Other Changes
  • refactor(language-core): re-implement component references by codegen (#​5736) - Thanks to @​KazariEX!
  • refactor(language-core): simplify calculation of full interpolation content - Thanks to @​KazariEX!

v3.1.3

Compare Source

Features
  • feat(typescript-plugin): allow triggering file references on <template> (#​5734) - Thanks to @​KazariEX!
Bug Fixes
  • fix(vscode): correct syntax highlight in template with lang="html" (#​5728) - Thanks to @​serkodev!
Other Changes
  • refactor(language-core): generate intrinsic elements variable into global types (#​5730) - Thanks to @​KazariEX!
  • refactor(typescript-plugin): remove go to definition trick for auto imported components (#​5733) - Thanks to @​KazariEX!

v3.1.2

Compare Source

Bug Fixes
  • fix(component-meta): import type helpers by relative path
  • fix(language-core): fix syntax error when propTypes has no elements (#​5704) - Thanks to @​so1ve!
  • fix(language-core): omit defined emit props only (#​5705) - Thanks to @​so1ve!
Other Changes
  • docs: fix vue-tsc broken link to example boilerplate in README.md (#​5721) - Thanks to @​heyakyra!

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 15 times, most recently from b1bec7a to f01edbc Compare October 27, 2025 01:12
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 11 times, most recently from a9e0cb3 to 73ce1bd Compare October 31, 2025 15:37
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 17 times, most recently from b3a7b40 to 4778f48 Compare November 25, 2025 18:32
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from af092a6 to 2f91f4d Compare November 29, 2025 14:42
@socket-security
Copy link

socket-security bot commented Nov 29, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​tsconfig/​node22@​22.0.2 ⏵ 22.0.51001007091 -1100
Updated@​types/​node@​22.18.10 ⏵ 22.19.1100 +110081 +195100
Addeduniversal-cookie@​7.2.210010010081100
Updatedchangelogithub@​13.16.0 ⏵ 13.16.19410092 +188 +5100
Updatedjose@​6.1.0 ⏵ 6.1.2100 +110010092 +7100

View full report

@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 2f91f4d to 268ef83 Compare November 29, 2025 16:10
@danielroe danielroe merged commit 8ac81de into main Nov 29, 2025
7 checks passed
@danielroe danielroe deleted the renovate/all-minor-patch branch November 29, 2025 19:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danielroe danielroe danielroe approved these changes

Assignees

No one assigned

Labels

chore dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@danielroe