fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@babel/core (source)	^7.23.0 -> ^7.23.2					dependencies	patch
@babel/preset-env (source)	^7.22.20 -> ^7.23.2					dependencies	minor
@babel/runtime (source)	^7.23.1 -> ^7.23.2					dependencies	patch
@preact/preset-vite	^2.5.0 -> ^2.6.0					devDependencies	minor
@rollup/plugin-commonjs (source)	^25.0.5 -> ^25.0.7					devDependencies	patch
@rollup/plugin-dynamic-import-vars (source)	^2.0.6 -> ^2.0.7					devDependencies	patch
@types/node (source)	^18.18.4 -> ^18.18.5					devDependencies	patch
@types/prompts (source)	^2.4.5 -> ^2.4.6					devDependencies	patch
@types/react (source)	^18.2.25 -> ^18.2.28					devDependencies	patch
@types/react-dom (source)	^18.2.11 -> ^18.2.13					devDependencies	patch
@types/ws (source)	^8.5.6 -> ^8.5.7					devDependencies	patch
@typescript-eslint/eslint-plugin	^6.7.4 -> ^6.7.5					devDependencies	patch
@typescript-eslint/parser	^6.7.4 -> ^6.7.5					devDependencies	patch
eslint-plugin-n	^16.1.0 -> ^16.2.0					devDependencies	minor
magic-string	^0.30.4 -> ^0.30.5					devDependencies	patch
magic-string	^0.30.4 -> ^0.30.5					dependencies	patch
miniflare (source)	^3.20231002.1 -> ^3.20231010.0					devDependencies	minor
phoenix	^1.7.7 -> ^1.7.9					dependencies	patch
playwright-chromium (source)	^1.38.1 -> ^1.39.0					devDependencies	minor
pnpm (source)	8.8.0 -> 8.9.2					packageManager	minor
rollup-plugin-license	^3.1.0 -> ^3.2.0					devDependencies	minor
sass	^1.69.0 -> ^1.69.3					devDependencies	patch
solid-js (source)	^1.7.12 -> ^1.8.1					dependencies	minor
tj-actions/changed-files	v39.2.1 -> v39.2.2					action	patch
vite (source)	^5.0.0-beta.4 -> ^5.0.0-beta.7					devDependencies	patch
vite-plugin-solid	^2.7.0 -> ^2.7.1					devDependencies	patch
vitepress (source)	1.0.0-rc.20 -> 1.0.0-rc.22					devDependencies	patch
vue-tsc	^1.8.18 -> ^1.8.19					devDependencies	patch

---

Release Notes

babel/babel (@​babel/core)

v7.23.2

Compare Source

🐛 Bug Fix

• babel-traverse
  • #​16033 Only evaluate own String/Number/Math methods (@​nicolo-ribaudo)
• babel-preset-typescript
  • #​16022 Rewrite .tsx extension when using rewriteImportExtensions (@​jimmydief)
• babel-helpers
  • #​16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
• babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #​16025 Avoid override mistake in namespace imports (@​nicolo-ribaudo)

preactjs/preset-vite (@​preact/preset-vite)

v2.6.0

Compare Source

Features

• Allow JSX Import Source to be overwritten #​47
• Allow users to opt out of compat aliases #​79

Fixes

• Move types export condition first #​81
• upgrade dependencies and add new stage 3 explicitResourceManagement #​82

rollup/plugins (@​rollup/plugin-commonjs)

v25.0.7

Compare Source

2023-10-15

Bugfixes

• fix: bump magic-string version #​1596

v25.0.6

Compare Source

2023-10-15

Bugfixes

• fix: Keep the shebang at the top of the file content #​1610

rollup/plugins (@​rollup/plugin-dynamic-import-vars)

v2.0.7

Compare Source

2023-10-15

Bugfixes

• fix: bump magic-string version #​1596

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v6.7.5

Compare Source

Bug Fixes

• eslint-plugin: [prefer-string-starts-ends-with] only report slice/substring with correct range (#​7712) (db40a0a)

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v6.7.5

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

eslint-community/eslint-plugin-n (eslint-plugin-n)

v16.2.0

Compare Source

Features

• feat: detect non-member expressions in n/no-sync (#​127) (6d02512)

Bugfixes

• fix: Normalise package.json#files before checking ignores and whitelist (#​123) (fixes #​122) (2d43f48)

Docs & Chores

• docs: fix repository URL:s, tweak badges + remove old non-working codecov (#​125) (5507f43)
• chore: Add a .editorconfig file (#​126) (574df88)
• chore: use maintained npm-run-all fork (#​124) (98ea90e)
• ci: fix actions/setup-node setup for linting (7f54d0c)
• chore: remove unused funding.yml (4f3891c)
• docs: Create a shared settings document (#​115) (7d855e6)
• chore: remove usage of @​eslint/eslintrc (#​116) (150b34f)
• build: add node v20 (#​117) (b7d0536)

rich-harris/magic-string (magic-string)

v0.30.5

Compare Source

Bug Fixes

• update sourcesContent type (#​263) (0e2068d)

cloudflare/miniflare (miniflare)

v3.20231010.0

Compare Source

phoenixframework/phoenix (phoenix)

v1.7.9

Compare Source

Bug fixes

• [Phoenix.CodeReloader] - Fix error in code reloader causing compilation errors
• [phx.new] – fix LiveView debug heex configuration being generated when --no-html pas passed

v1.7.8

Compare Source

Bug fixes

• [Phoenix.ChannelTest] Stringify lists when pushing data
• [Phoenix.Controller] Fix filename when sending downloads with non-ascii names
• [Phoenix.CodeReloader] Remove duplicate warnings on recent Elixir versions
• [Phoenix.CodeReloader] Do not crash code reloader if file information is missing from diagnostic
• [Phoenix.Logger] Do not crash when status is atom
• [phx.gen.release] Fix mix phx.gen.release --docker failing with :http_util error on Elixir v1.15
• [phx.gen.*] Skip map inputs in generated forms as there is no trivial matching input
• [phx.new] Fix tailwind/esbuild config and paths in umbrella projects
• [phx.new] Do not render th for actions if actions are empty

Enhancements

• [Phoenix] Allow latest plug_crypto
• [Phoenix.Endpoint] Support dynamic socket drainer configuration
• [Phoenix.Logger] Change socket serializer/version logs to warning
• [Phoenix.VerifiedRoutes] Add support for static resources with fragments in ~p
• [phx.gen.schema] Support --repo and --migration-dir flags
• [phx.new] Allow <.input type="checkbox"> without value attr in core components
• [phx.new] Allow UTC datetimes in the generators
• [phx.new] Automatically migrate when release starts when using sqlite 3
• [phx.new] Allow ID to be assigned in flash component
• [phx.new] Add --adapter flag for generating application with bandit
• [phx.new] Include DNSCluster for simple clustering
• [phx.routes] Support --method option

microsoft/playwright (playwright-chromium)

v1.39.0

Compare Source

Add custom matchers to your expect

You can extend Playwright assertions by providing custom matchers. These matchers will be available on the expect object.

import { expect as baseExpect } from '@​playwright/test';
export const expect = baseExpect.extend({
  async toHaveAmount(locator: Locator, expected: number, options?: { timeout?: number }) {
    // ... see documentation for how to write matchers.
  },
});

test('pass', async ({ page }) => {
  await expect(page.getByTestId('cart')).toHaveAmount(5);
});

See the documentation for a full example.

Merge test fixtures

You can now merge test fixtures from multiple files or modules:

import { mergeTests } from '@​playwright/test';
import { test as dbTest } from 'database-test-utils';
import { test as a11yTest } from 'a11y-test-utils';

export const test = mergeTests(dbTest, a11yTest);

import { test } from './fixtures';

test('passes', async ({ database, page, a11y }) => {
  // use database and a11y fixtures.
});

Merge custom expect matchers

You can now merge custom expect matchers from multiple files or modules:

import { mergeTests, mergeExpects } from '@​playwright/test';
import { test as dbTest, expect as dbExpect } from 'database-test-utils';
import { test as a11yTest, expect as a11yExpect } from 'a11y-test-utils';

export const test = mergeTests(dbTest, a11yTest);
export const expect = mergeExpects(dbExpect, a11yExpect);

import { test, expect } from './fixtures';

test('passes', async ({ page, database }) => {
  await expect(database).toHaveDatabaseUser('admin');
  await expect(page).toPassA11yAudit();
});

Hide implementation details: box test steps

You can mark a test.step() as "boxed" so that errors inside it point to the step call site.

async function login(page) {
  await test.step('login', async () => {
    // ...
  }, { box: true });  // Note the "box" option here.
}

Error: Timed out 5000ms waiting for expect(locator).toBeVisible()
  ... error details omitted ...

  14 |   await page.goto('https://github.com/login');
> 15 |   await login(page);
     |         ^
  16 | });

See test.step() documentation for a full example.

New APIs

• expect(locator).toHaveAttribute(name)

Browser Versions

• Chromium 119.0.6045.9
• Mozilla Firefox 118.0.1
• WebKit 17.4

This version was also tested against the following stable channels:

• Google Chrome 118
• Microsoft Edge 118

pnpm/pnpm (pnpm)

v8.9.2

Compare Source

Patch Changes

• Don't use reflink on Windows #​7186.
• Do not run node-gyp rebuild if preinstall lifecycle script is present #​7206.

Our Gold Sponsors

Our Silver Sponsors

v8.9.1

Compare Source

Patch Changes

• Optimize selection result output of pnpm update --interactive 7109
• When shared-workspace-lockfile is set to false, read the pnpm settings from package.json files that are nested. This was broken in pnpm v8.9.0 #​7184.
• Fix file cloning to node_modules on Windows Dev Drives #​7186. This is a fix to a regression that was shipped with v8.9.0.
• pnpm dlx should ignore any settings that are in a package.json file found in the current working directory #​7198.

Our Gold Sponsors

Our Silver Sponsors

v8.9.0

Compare Source

Minor Changes

• 🚀Performance improvement: Use reflinks instead of hard links by default on macOS and Windows Dev Drives #​5001.

• The list of packages that are allowed to run installation scripts now may be provided in a separate configuration file. The path to the file should be specified via the pnpm.onlyBuiltDependenciesFile field in package.json. For instance:

  {
    "dependencies": {
      "@​my-org/policy": "1.0.0"
    }
    "pnpm": {
      "onlyBuiltDependenciesFile": "node_modules/@​my-org/policy/allow-build.json"
    }
  }

  In the example above, the list is loaded from a dependency. The JSON file with the list should contain an array of package names. For instance:

  ["esbuild", "@​reflink/reflink"]

  With the above list, only esbuild and @reflink/reflink will be allowed to run scripts during installation.

  Related issue: #​7137.

• Add disallow-workspace-cycles option to error instead of warn about cyclic dependencies

• Allow env rm to remove multiple node versions at once, and introduce env add for installing node versions without setting as default #​7155.

Patch Changes

• Fix memory error in pnpm why when the dependencies tree is too big, the command will now prune the tree to just 10 end leafs and now supports --depth argument #​7122.
• Use neverBuiltDependencies and onlyBuiltDependencies from the root package.json of the workspace, when shared-workspace-lockfile is set to false #​7141.
• Optimize peers resolution to avoid out-of-memory exceptions in some rare cases, when there are too many circular dependencies and peer dependencies #​7149.
• Instead of pnpm.overrides replacing resolutions, the two are now merged. This is intended to make it easier to migrate from Yarn by allowing one to keep using resolutions for Yarn, but adding additional changes just for pnpm using pnpm.overrides.

Our Gold Sponsors

Our Silver Sponsors

mjeanroy/rollup-plugin-license (rollup-plugin-license)

v3.2.0

Compare Source

sass/dart-sass (sass)

v1.69.3

Compare Source

Embedded Sass

• Fix TypeScript type locations in package.json.

v1.69.2

Compare Source

JS API

• Fix a bug where Sass crashed when running in the browser if there was a global
  variable named process.

v1.69.1

Compare Source

• No user-visible changes.

solidjs/solid (solid-js)

v1.8.0

Compare Source

I admit this is not the most exciting release from a feature standpoint. We are in that holding pattern between the end of 1.x and the start of 2.0. We recently made our new reactive experiments public and continue to build those out in public with @​solidjs/signals.

This version is more about addressing some of the fundamentals that will help us in other projects like SolidStart while we do the transition. A big part of this is applying what we have learned when doing performance benchmarks for the work that has been funded by Google Chrome Aurora.

Async and Resources need work and are too all in. It is great to have a solution but now that we have a better understanding we need to start breaking things apart into their fundamental pieces.

De-duping Streaming Serialization

This is the marquee feature of this release and is largely the work of @​lxsmnsyc. Solid has been able to serialize promises and do streaming for a couple of years now, but it was very special-cased. Now it is a generic mechanism.

This matters because it means that we have decoupled the promise serialization from Resources, and in so decoupled the whole when the stream is done from them. This opens up things like nested promises.

More so we have a mechanism now that deeply de-dupes data serialized across flushes. This is important for features like Islands where you might pass the same props to multiple Islands across different Suspense boundaries and don't want to send the data more than once. And even examples where that data can be accessed at varying depths (recursive comments in say a Hackernews site).

Hydration Improvements

Fragments for Hydration have been a bit of a pain and we keep seeming to have different issues reported around element duplication. Most commonly this has been around where there are lazy component siblings or where the fragment is top-level. After looking into and fixing an issue for Astro I decided to look at some of the oldest bugs in Solid and found it was a similar bug.

In many cases, the DOM can change throughout Hydration while doing things like streaming but we need to pause and resume hydration because code isn't available yet. While we don't create elements during hydration, getting an accurate snapshot of the DOM for the current state for future list reconciliation is a process we've had a few tries at but in 1.8 we update this in a way that makes sure it doesn't get out of date.

Also in 1.8, we have added some performance improvements to hydration in the form of not redundantly setting attributes or props as the page hydrates similar to how we don't update text. This is all migration towards a future where we don't need to do as much hydration, but it is important to note that values will be kept as they were on the server rather than how they may compute at runtime during hydration.

Smaller Templates

In 1.7 we removed unnecessary closing tags from template st

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.