fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/node (source)	^22.10.9 -> ^22.13.10
pnpm (source)	9.15.4 -> 9.15.7
prettier (source)	^3.4.2 -> ^3.5.3
publint (source)	^0.3.2 -> ^0.3.8
semver	^7.6.3 -> ^7.7.1
typescript (source)	^5.7.3 -> ^5.8.2

---

Release Notes

pnpm/pnpm (pnpm)

v9.15.7: pnpm 9.15.7

Compare Source

Patch Changes

• pnpm self-update should not leave a directory with a broken pnpm installation if the installation fails.
• Allow scope registry CLI option without --config. prefix such as --@​scope:registry=https://scope.example.com/npm #​9089.
• pnpm self-update should not read the pnpm settings from the package.json file in the current working directory.
• pnpm update -i should list only packages that have newer versions #​9206.
• Fix a bug causing entries in the catalogs section of the pnpm-lock.yaml file to be removed when dedupe-peer-dependents=false on a filtered install. #​9112

Platinum Sponsors

Gold Sponsors

v9.15.6: pnpm 9.15.6

Compare Source

Patch Changes

• Fix instruction for updating pnpm with corepack #​9101.
• Print pnpm's version after the execution time at the end of the console output.
• The pnpm version specified by packageManager cannot start with v.
• Fix a bug causing catalog snapshots to be removed from the pnpm-lock.yaml file when using --fix-lockfile and --filter. #​8639
• Fix a bug causing catalog protocol dependencies to not re-resolve on a filtered install #​8638.

v9.15.5: pnpm 9.15.5

Compare Source

Patch Changes

• Verify that the package name is valid when executing the publish command.
• When running pnpm install, the preprepare and postprepare scripts of the project should be executed #​8989.
• Quote args for scripts with shell-quote to support new lines (on POSIX only) #​8980.
• Proxy settings should be respected, when resolving Git-hosted dependencies #​6530.
• Replace strip-ansi with the built-in util.stripVTControlCharacters #​9009.

Platinum Sponsors

Gold Sponsors

prettier/prettier (prettier)

v3.5.3

Compare Source

v3.5.2

Compare Source

diff

Remove module-sync condition (#​17156 by @​fisker)

In Prettier 3.5.0, we added module-sync condition to package.json, so that require("prettier") can use ESM version, but turns out it doesn't work if CommonJS and ESM plugins both imports builtin plugins. To solve this problem, we decide simply remove the module-sync condition, so require("prettier") will still use the CommonJS version, we'll revisit until require(ESM) feature is more stable.

v3.5.1

Compare Source

diff

Fix CLI crash when cache for old version exists (#​17100 by @​sosukesuzuki)

Prettier 3.5 uses a different cache format than previous versions, Prettier 3.5.0 crashes when reading existing cache file, Prettier 3.5.1 fixed the problem.

Support dockercompose and github-actions-workflow in VSCode (#​17101 by @​remcohaszing)

Prettier now supports the dockercompose and github-actions-workflow languages in Visual Studio Code.

v3.5.0

Compare Source

diff

🔗 Release Notes

publint/publint (publint)

v0.3.8

Compare Source

Patch Changes

• Support passing a tarball path to the publint CLI. This allows to easily lint any tarball files at hand. (#​166)

  npx publint ./mylib-1.0.0.tgz

• The publint API now returns a pkg object as a convenience to pass it to formatMessage (#​166)

• Updated dependencies [02d169b]:

  • @​publint/pack@​0.1.2

v0.3.7

Compare Source

Patch Changes

• The "imports" field is now linted with the following rules: (#​162)

  • IMPORTS_KEY_INVALID: Ensure the imports key starts with a #
  • IMPORTS_VALUE_INVALID: Ensure the imports value is a valid path that starts with a ./
  • IMPORTS_GLOB_NO_MATCHED_FILES: Ensure the imports glob matches at least one file
  • IMPORTS_DEFAULT_SHOULD_BE_LAST: Ensure the "default" condition is last in an entrypoint's object
  • IMPORTS_MODULE_SHOULD_BE_ESM: Ensure the "module" condition file is ESM
  • IMPORTS_MODULE_SHOULD_PRECEDE_REQUIRE: Ensure the "module" condition precedes the "require" condition in an entrypoint's object

• Improve SSH git URL detection when checking the "repository" field. Values like "git@github.com:user/project.git" is now detected as a valid git URL, but will be suggested to use a full git URL instead, like "git+ssh://git@github.com/user/project.git" (28da844)

• Fix exports types message when the "require" or "import" condition already exists but the dts file format is still invalid (a731ec3)

v0.3.6

Compare Source

Patch Changes

• Fix checking bin field file path that omits .js or /index.js (04f289e)

v0.3.5

Compare Source

Patch Changes

• Check the "bin" field if the referenced file exists, has the correct JS format, and can be executed (#​150)

• Deprecate the deps command. The command has been tricky to maintain and incomplete (e.g. doesn't lint recursively). A separate tool can be used to run publint on dependencies instead, e.g. npx renoma --filter-rules "publint". (#​149)

v0.3.4

Compare Source

Patch Changes

• When globbing "exports" values that contains *, also respect "exports" keys that mark paths as null. For example: (b9605ae)

  {
    "exports": {
      "./*": "./dist/*",
      "./browser/*": null
    }
  }

  The glob in "./*": "./dist/*" will no longer match and lint files in "./browser/*" as it's marked null (internal).

• Update logs when running the publint CLI: (58d96a2)

  • The publint version is now displayed.
  • The packing command is also displayed.
  • Messages are now logged in the order of errors, warnings, and suggestions, instead of the other way round, to prioritize errors.
  • The publint deps command no longer logs passing dependencies. Only failing dependencies are logged.

  Examples:

  $ npx publint
  $ Running publint v0.X.X for my-library...
  $ Packing files with `npm pack`...
  $ All good!

  $ npx publint deps
  $ Running publint v0.X.X for my-library deps...
  $ x my-dependency
  $ Errors:
  $ 1. ...

• Fix detecting shorthand repository URLs with the . character (09d8cbb)

• Clarify message when "types" is not the first condition in the "exports" field (5a6ba00)

• Correctly detect if a "types" value in "exports" is used for dual publishing (3f3d8b2)

v0.3.3

Compare Source

Patch Changes

• Rename EXPORT_TYPES_INVALID_FORMAT message to EXPORTS_TYPES_INVALID_FORMAT (#​139)

• Allow versioned types conditions (e.g. "types@>=5.2") in "exports" when checking for "types" condition ordering (#​138)

npm/node-semver (semver)

v7.7.1

Compare Source

Bug Fixes

• af761c0 #​764 inc: fully capture prerelease identifier (#​764) (@​wraithgar)

v7.7.0

Compare Source

Features

• 0864b3c #​753 add "release" inc type (#​753) (@​mbtools)

Bug Fixes

• d588e37 #​755 diff: fix prerelease to stable version diff logic (#​755) (@​eminberkayd, berkay.daglar)
• 8a34bde #​754 add identifier validation to inc() (#​754) (@​mbtools)

Documentation

• 67e5478 #​756 readme: added missing period for consistency (#​756) (@​shaymolcho)
• 868d4bb #​749 clarify comment about obsolete prefixes (#​749) (@​mbtools, @​ljharb)

Chores

• 145c554 #​741 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• 753e02b #​747 bump @​npmcli/template-oss from 4.23.3 to 4.23.4 (#​747) (@​dependabot[bot], @​npm-cli-bot)
• 0b812d5 #​744 postinstall for dependabot template-oss PR (@​hashtagchris)

microsoft/TypeScript (typescript)

v5.8.2

Compare Source

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.