fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@babel/core (source)	^7.21.8 -> ^7.22.1
@types/babel__core (source)	^7.20.0 -> ^7.20.1
pnpm (source)	8.5.1 -> 8.6.0
vite (source)	^4.3.8 -> ^4.3.9

---

Release Notes

babel/babel

v7.22.1

Compare Source

🐛 Bug Fix

• babel-preset-env
  • #​15658 Workaround for broken babel-preset-react-app (@​nicolo-ribaudo)

v7.22.0

Compare Source

🚀 New Feature

• babel-parser, babel-plugin-transform-typescript
  • #​15497 [ts] Support import ... = and export = in scripts (@​nicolo-ribaudo)
• babel-compat-data, babel-core, babel-plugin-proposal-unicode-sets-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-standalone
  • #​15636 Add unicode-sets-regex transform to preset-env (@​JLHwung)
• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-runtime, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone
  • #​15633 Implement transform support for using declarations (@​nicolo-ribaudo)
• babel-plugin-proposal-import-attributes-to-assertions
  • #​15620 Create @babel/plugin-proposal-import-attributes-to-assertions (@​nicolo-ribaudo)
• babel-core, babel-generator, babel-parser, babel-plugin-syntax-import-attributes, babel-preset-env, babel-standalone, babel-types
  • #​15536 Add support for the updated import attributes proposal (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-traverse, babel-types
  • #​15520 Parse await using declarations (@​JLHwung)
• babel-core, babel-helper-create-regexp-features-plugin, babel-parser
  • #​15638 Enable regexp unicode sets parsing by default (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-plugin-syntax-decorators, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #​15570 Add decorators version 2023-05 (@​nicolo-ribaudo)

💅 Polish

• babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-jsx, babel-traverse, babel-types
  • #​15549 Improve type definitions for validators (@​liuxingbaoyu)

🏠 Internal

• babel-parser
  • #​15630 Unify parsing of import/export modifiers (type/typeof/module) (@​nicolo-ribaudo)
• babel-compat-data, babel-helper-transform-fixture-test-runner, babel-node, babel-plugin-proposal-decorators, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-transform-async-generator-functions, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • #​15531 Allow polyfill providers to specify custom @babel/runtime pkg (@​nicolo-ribaudo)
• babel-core, babel-plugin-proposal-async-generator-functions, babel-plugin-proposal-class-properties, babel-plugin-proposal-class-static-block, babel-plugin-proposal-decorators, babel-plugin-proposal-dynamic-import, babel-plugin-proposal-export-namespace-from, babel-plugin-proposal-function-sent, babel-plugin-proposal-json-strings, babel-plugin-proposal-logical-assignment-operators, babel-plugin-proposal-nullish-coalescing-operator, babel-plugin-proposal-numeric-separator, babel-plugin-proposal-object-rest-spread, babel-plugin-proposal-optional-catch-binding, babel-plugin-proposal-optional-chaining, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-private-methods, babel-plugin-proposal-private-property-in-object, babel-plugin-proposal-unicode-property-regex, babel-preset-env, babel-standalone
  • #​15614 Rename -proposal-s that became standard to -transform- (@​nicolo-ribaudo)

pnpm/pnpm

v8.6.0

Compare Source

Minor Changes

• Some settings influence the structure of the lockfile, so we cannot reuse the lockfile if those settings change. As a result, we need to store such settings in the lockfile. This way we will know with which settings the lockfile has been created.

  A new field will now be present in the lockfile: settings. It will store the values of two settings: autoInstallPeers and excludeLinksFromLockfile. If someone tries to perform a frozen-lockfile installation and their active settings don't match the ones in the lockfile, then an error message will be thrown.

  The lockfile format version is bumped from v6.0 to v6.1.

  Related PR: #​6557
  Related issue: #​6312

• A new setting, exclude-links-from-lockfile, is now supported. When enabled, specifiers of local linked dependencies won't be duplicated in the lockfile.

  This setting was primarily added for use by Bit CLI, which links core aspects to node_modules from external directories. As such, the locations may vary across different machines, resulting in the generation of lockfiles with differing locations.

Patch Changes

• Don't print "Lockfile is up-to-date" message before finishing all the lockfile checks #​6544.
• When updating dependencies, preserve the range prefix in aliased dependencies. So npm:foo@1.0.0 becomes npm:foo@1.1.0.
• Print a meaningful error when a project referenced by the workspace: protocol is not found in the workspace #​4477.
• pnpm rebuild should not fail when node-linker is set to hoisted and there are skipped optional dependencies #​6553.
• Peers resolution should not fail when a linked in dependency resolves a peer dependency.
• Build projects in a workspace in correct order #​6568.

Our Gold Sponsors

Our Silver Sponsors

vitejs/vite

v4.3.9

Compare Source

• fix: fs.deny with leading double slash (#​13348) (813ddd6), closes #​13348
• fix: optimizeDeps during build and external ids (#​13274) (e3db771), closes #​13274
• fix(css): return deps if have no postcss plugins (#​13344) (28923fb), closes #​13344
• fix(legacy): style insert order (#​13266) (e444375), closes #​13266
• chore: revert prev release commit (2a30a07)
• release: v4.3.9 (5c9abf7)
• docs: optimizeDeps.needsInterop (#​13323) (b34e79c), closes #​13323
• test: respect commonjs options in playgrounds (#​13273) (19e8c68), closes #​13273
• refactor: simplify SSR options' if statement (#​13254) (8013a66), closes #​13254
• perf(ssr): calculate stacktrace offset lazily (#​13256) (906c4c1), closes #​13256

---

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[socket-security]

New dependency changes detected. Learn more about Socket for GitHub ↗︎

---

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Pull request alert summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

---

📊 Modified Dependency Overview:

🚮 Removed packages: @sxzz/eslint-config@2.4.6, @types/babel__core@7.20.0, @vue/babel-plugin-jsx@1.1.1, @vue/babel-preset-jsx@1.4.0, tsup@6.7.0