chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@types/node (source)	^24.10.9 → ^24.10.12
@vitejs/plugin-vue (source)	^6.0.3 → ^6.0.4
bumpp	^10.4.0 → ^10.4.1
motion	^12.29.2 → ^12.33.0
ora	^9.1.0 → ^9.3.0
pnpm (source)	10.28.2 → 10.29.1
vite-plugin-vue-devtools (source)	^8.0.5 → ^8.0.6

---

Release Notes

vitejs/vite-plugin-vue (@​vitejs/plugin-vue)

v6.0.4

Bug Fixes

• deps: update all non-major dependencies (#​709) (924b28e)
• deps: update all non-major dependencies (#​722) (8a95809)
• deps: update all non-major dependencies (#​726) (e69d751)

Miscellaneous Chores

• add metadata for vite-plugin-registry (#​730) (239eb6a)
• deps: update dependency rollup to ^4.57.1 (#​733) (cd0c8a8)
• deps: update upstream (#​727) (fa3ea0e)

antfu-collective/bumpp (bumpp)

v10.4.1

Compare Source

   🚀 Features

• Add custom path to config  -  by @​OskarLebuda in #​107 (0f2e4)

    View changes on GitHub

motiondivision/motion (motion)

v12.33.0

Compare Source

Added

• <motion />: New propagate.tap prop prevents tap gestures from propagating to parents.

v12.32.0

Compare Source

Added

• transition.inherit: When true, inherit transition values from less-specific transitions.

v12.31.3

Compare Source

Fixed

• <motion />: Ensure animation state is reset after being re-suspended.
• Prevent stale values when mixing transitionEnd and transition.type: false.
• Drag: Fix "sticky" throw velocity on initial interaciton.
• Drag: Ensure catching a thrown element kills its velocity.

v12.31.2

Compare Source

Fixed

• onHoverStart and onHoverEnd first argument now correctly typed as PointerEvent.
• whileHover: No longer persists after drag end.
• AnimatePresence: Allow changing mode prop.

v12.31.1

Compare Source

Added

• Drag constraints updated even when draggable or constraints resize outside of React renders.

v12.31.0

Compare Source

Added

• animate: Support for bi-directional callbacks within animation sequences.

Fixed

• Ensure onPan never fires before onPanStart.

v12.30.1

Compare Source

Fixed

• Allow drag to be initiated by child a and button elements.

v12.30.0

Compare Source

Added

• MotionConfig: Add skipAnimations option.

Fixed

• animate: Prevent error when calling stop() on removed elements.
• animateLayout: Fixing shared element animations when animate called before animateLayout.

v12.29.3

Compare Source

Fixed

• Reorder: Fixed viewport autoscroll.

sindresorhus/ora (ora)

v9.3.0

Compare Source

• Reduce flicker in rendering 2ab4f76

---

v9.2.0

Compare Source

• Update stdin-discarder dependency (#​251) 020eaba

---

pnpm/pnpm (pnpm)

v10.29.1: pnpm 10.29.1

Compare Source

Minor Changes

• The pnpm dlx / pnpx command now supports the catalog: protocol. Example: pnpm dlx shx@catalog:.
• Support configuring auditLevel in the pnpm-workspace.yaml file #​10540.
• Support bare workspace: protocol without version specifier. It is now treated as workspace:* and resolves to the concrete version during publish #​10436.

Patch Changes

• Fixed pnpm list --json returning incorrect paths when using global virtual store #​10187.

• Fix pnpm store path and pnpm store status using workspace root for path resolution when storeDir is relative #​10290.

• Fixed pnpm run -r failing with "No projects matched the filters" when an empty pnpm-workspace.yaml exists #​10497.

• Fixed a bug where catalogMode: strict would write the literal string "catalog:" to pnpm-workspace.yaml instead of the resolved version specifier when re-adding an existing catalog dependency #​10176.

• Fixed the documentation URL shown in pnpm completion --help to point to the correct page at https://pnpm.io/completion #​10281.

• Skip local file: protocol dependencies during pnpm fetch. This fixes an issue where pnpm fetch would fail in Docker builds when local directory dependencies were not available #​10460.

• Fixed pnpm audit --json to respect the --audit-level setting for both exit code and output filtering #​10540.

• update tar to version 7.5.7 to fix security issue

  Updating the version of dependency tar to 7.5.7 because the previous one have a security vulnerability reported here: CVE-2026-24842

• Fix pnpm audit --fix replacing reference overrides (e.g. $foo) with concrete versions #​10325.

• Fix shamefullyHoist set via updateConfig in .pnpmfile.cjs not being converted to publicHoistPattern #​10271.

• pnpm help should correctly report if the currently running pnpm CLI is bundled with Node.js #​10561.

• Add a warning when the current directory contains the PATH delimiter character. On macOS, folder names containing forward slashes (/) appear as colons (:) at the Unix layer. Since colons are PATH separators in POSIX systems, this breaks PATH injection for node_modules/.bin, causing binaries to not be found when running commands like pnpm exec #​10457.

Platinum Sponsors

Gold Sponsors

vuejs/devtools (vite-plugin-vue-devtools)

v8.0.6

Compare Source

   🚀 Features

• Add IIFE and ESM browser builds  -  by @​skirtles-code in #​1024 (62fe5)

    View changes on GitHub

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.