fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@arnaud-barre/tnode	^0.24.0 -> ^0.25.0
@types/node (source)	^22.10.9 -> ^22.15.33
@types/semver (source)	^7.5.8 -> ^7.7.0
prettier (source)	^3.4.2 -> ^3.6.2
publint (source)	^0.3.2 -> ^0.3.12
semver	^7.6.3 -> ^7.7.2
typescript (source)	^5.7.3 -> ^5.8.3

---

Release Notes

ArnaudBarre/tnode (@​arnaud-barre/tnode)

v0.25.0

Compare Source

prettier/prettier (prettier)

v3.6.2

Compare Source

diff

Markdown: Add missing blank line around code block (#​17675 by @​fisker)

<!-- Input -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```

   1. Another
   2. List

<!-- Prettier 3.6.1 -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```
   1. Another
   2. List

<!-- Prettier 3.6.2 -->
1. Some text, and code block below, with newline after code block

   ```yaml
   ---
   foo: bar
   ```

   1. Another
   2. List

v3.6.1

Compare Source

diff

TypeScript: Allow const without initializer (#​17650, #​17654 by @​fisker)

// Input
export const version: string;

// Prettier 3.6.0 (--parser=babel-ts)
SyntaxError: Unexpected token (1:21)
> 1 | export const version: string;
    |                     ^

// Prettier 3.6.0 (--parser=oxc-ts)
SyntaxError: Missing initializer in const declaration (1:14)
> 1 | export const version: string;
    |              ^^^^^^^^^^^^^^^

// Prettier 3.6.1
export const version: string;

Miscellaneous: Avoid closing files multiple times (#​17665 by @​43081j)

When reading a file to infer the interpreter from a shebang, we use the
n-readlines library to read the first line in order to get the shebang.

This library closes files when it reaches EOF, and we later try close the same
files again. We now close files only if n-readlines did not already close
them.

v3.6.0

Compare Source

diff

🔗 Release Notes

v3.5.3

Compare Source

v3.5.2

Compare Source

diff

Remove module-sync condition (#​17156 by @​fisker)

In Prettier 3.5.0, we added module-sync condition to package.json, so that require("prettier") can use ESM version, but turns out it doesn't work if CommonJS and ESM plugins both imports builtin plugins. To solve this problem, we decide simply remove the module-sync condition, so require("prettier") will still use the CommonJS version, we'll revisit until require(ESM) feature is more stable.

v3.5.1

Compare Source

diff

Fix CLI crash when cache for old version exists (#​17100 by @​sosukesuzuki)

Prettier 3.5 uses a different cache format than previous versions, Prettier 3.5.0 crashes when reading existing cache file, Prettier 3.5.1 fixed the problem.

Support dockercompose and github-actions-workflow in VSCode (#​17101 by @​remcohaszing)

Prettier now supports the dockercompose and github-actions-workflow languages in Visual Studio Code.

v3.5.0

Compare Source

diff

🔗 Release Notes

publint/publint (publint)

v0.3.12

Compare Source

Patch Changes

• Fix shebang check to allow spaces after the #! (#​183)

v0.3.11

Compare Source

Patch Changes

• Update EXPORTS_GLOB_NO_DEPRECATED_SUBPATH_MAPPING message and severity to error (#​179)

• Add a new warning when the "exports" or "imports" field contain a fallback array as most tooling will only the pick the first value that can be parsed, and other tooling may work differently leading to inconsistent behaviors (#​180)

v0.3.10

Compare Source

Patch Changes

• Support custom conditions in "exports" that points to raw TS or TSX files. This configuration is common in monorepo setups where packages refer to the raw files among themselves using a custom condition so custom aliasing isn't needed. (b34ea94)

  With this support, the "types" condition is allowed to come after any exports of the raw TS or TSX files. File existence checks are also disabled for raw TS and TSX files reference as after publish these files may intentionally be not published.

v0.3.9

Compare Source

Patch Changes

• Support the formatMessage utility in the browser. It has a new color: 'html' option to highlight important parts with <strong> tags instead of ANSI colors. It also has a new reference: boolean option so the messages are worded in reference of the message location. (e1cfef0)

• If formatMessage is passed a package.json object with missing keys, the message part that references the value will now fallback to "undefined" instead of completely erroring out. (45962d1)

v0.3.8

Compare Source

Patch Changes

• Support passing a tarball path to the publint CLI. This allows to easily lint any tarball files at hand. (#​166)

  npx publint ./mylib-1.0.0.tgz

• The publint API now returns a pkg object as a convenience to pass it to formatMessage (#​166)

• Updated dependencies [02d169b]:

  • @​publint/pack@​0.1.2

v0.3.7

Compare Source

Patch Changes

• The "imports" field is now linted with the following rules: (#​162)

  • IMPORTS_KEY_INVALID: Ensure the imports key starts with a #
  • IMPORTS_VALUE_INVALID: Ensure the imports value is a valid path that starts with a ./
  • IMPORTS_GLOB_NO_MATCHED_FILES: Ensure the imports glob matches at least one file
  • IMPORTS_DEFAULT_SHOULD_BE_LAST: Ensure the "default" condition is last in an entrypoint's object
  • IMPORTS_MODULE_SHOULD_BE_ESM: Ensure the "module" condition file is ESM
  • IMPORTS_MODULE_SHOULD_PRECEDE_REQUIRE: Ensure the "module" condition precedes the "require" condition in an entrypoint's object

• Improve SSH git URL detection when checking the "repository" field. Values like "git@github.com:user/project.git" is now detected as a valid git URL, but will be suggested to use a full git URL instead, like "git+ssh://git@github.com/user/project.git" (28da844)

• Fix exports types message when the "require" or "import" condition already exists but the dts file format is still invalid (a731ec3)

v0.3.6

Compare Source

Patch Changes

• Fix checking bin field file path that omits .js or /index.js (04f289e)

v0.3.5

Compare Source

Patch Changes

• Check the "bin" field if the referenced file exists, has the correct JS format, and can be executed (#​150)

• Deprecate the deps command. The command has been tricky to maintain and incomplete (e.g. doesn't lint recursively). A separate tool can be used to run publint on dependencies instead, e.g. npx renoma --filter-rules "publint". (#​149)

v0.3.4

Compare Source

Patch Changes

• When globbing "exports" values that contains *, also respect "exports" keys that mark paths as null. For example: (b9605ae)

  {
    "exports": {
      "./*": "./dist/*",
      "./browser/*": null
    }
  }

  The glob in "./*": "./dist/*" will no longer match and lint files in "./browser/*" as it's marked null (internal).

• Update logs when running the publint CLI: (58d96a2)

  • The publint version is now displayed.
  • The packing command is also displayed.
  • Messages are now logged in the order of errors, warnings, and suggestions, instead of the other way round, to prioritize errors.
  • The publint deps command no longer logs passing dependencies. Only failing dependencies are logged.

  Examples:

  $ npx publint
  $ Running publint v0.X.X for my-library...
  $ Packing files with `npm pack`...
  $ All good!

  $ npx publint deps
  $ Running publint v0.X.X for my-library deps...
  $ x my-dependency
  $ Errors:
  $ 1. ...

• Fix detecting shorthand repository URLs with the . character (09d8cbb)

• Clarify message when "types" is not the first condition in the "exports" field (5a6ba00)

• Correctly detect if a "types" value in "exports" is used for dual publishing (3f3d8b2)

v0.3.3

Compare Source

Patch Changes

• Rename EXPORT_TYPES_INVALID_FORMAT message to EXPORTS_TYPES_INVALID_FORMAT (#​139)

• Allow versioned types conditions (e.g. "types@>=5.2") in "exports" when checking for "types" condition ordering (#​138)

npm/node-semver (semver)

v7.7.2

Compare Source

Bug Fixes

• fcafb61 #​780 add missing 'use strict' directives (#​780) (@​Fdawgs)
• c99f336 #​781 prerelease identifier starting with digits (#​781) (@​mbtools)

Chores

• c760403 #​784 template-oss-apply for workflow permissions (#​784) (@​wraithgar)
• 2677f2a #​778 bump @​npmcli/template-oss from 4.23.6 to 4.24.3 (#​778) (@​dependabot[bot], @​npm-cli-bot)

v7.7.1

Compare Source

Bug Fixes

• af761c0 #​764 inc: fully capture prerelease identifier (#​764) (@​wraithgar)

v7.7.0

Compare Source

Features

• 0864b3c #​753 add "release" inc type (#​753) (@​mbtools)

Bug Fixes

• d588e37 #​755 diff: fix prerelease to stable version diff logic (#​755) (@​eminberkayd, berkay.daglar)
• 8a34bde #​754 add identifier validation to inc() (#​754) (@​mbtools)

Documentation

• 67e5478 #​756 readme: added missing period for consistency (#​756) (@​shaymolcho)
• 868d4bb #​749 clarify comment about obsolete prefixes (#​749) (@​mbtools, @​ljharb)

Chores

• 145c554 #​741 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• 753e02b #​747 bump @​npmcli/template-oss from 4.23.3 to 4.23.4 (#​747) (@​dependabot[bot], @​npm-cli-bot)
• 0b812d5 #​744 postinstall for dependabot template-oss PR (@​hashtagchris)

microsoft/TypeScript (typescript)

v5.8.3

Compare Source

v5.8.2

Compare Source

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.