chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@nuxt/test-utils	^4.0.0 → ^4.0.3			devDependencies	patch
@vue/test-utils	^2.4.6 → ^2.4.10			devDependencies	patch
Hebilicious/reproduire	v0.0.9-mp → v0.0.9			action	patch
actions/setup-node	v6.3.0 → v6.4.0			action	minor
crawler-user-agents	^1.37.0 → ^1.45.0			devDependencies	minor
defu	^6.1.4 → ^6.1.7			dependencies	patch
eslint (source)	^10.1.0 → ^10.3.0			devDependencies	minor
happy-dom	^20.8.9 → ^20.9.0			devDependencies	minor
playwright (source)	^1.58.2 → ^1.60.0			devDependencies	minor
pnpm (source)	10.33.0 → 10.33.4			packageManager	patch
typescript (source)	^6.0.2 → ^6.0.3			devDependencies	patch
vitest (source)	^4.1.2 → ^4.1.6			devDependencies	patch

---

Release Notes

nuxt/test-utils (@​nuxt/test-utils)

v4.0.3

Compare Source

4.0.3 is the next patch release.

👉 Changelog

compare changes

🩹 Fixes

• runtime-utils: Lazily import root-component in mount + render helpers (#​1665)
• runtime-utils: Insert compilerOptions conditionally (#​1659)
• config: Enable sourcemaps when vitest coverage is enabled (#​1674)
• module: Exclude test files from Nuxt plugin registration (#​1666)
• runtime-utils: Provide NuxtLink isActive slot props (#​1640)
• e2e: Wait for HTTP readiness before resolving startServer (#​1675)

🏡 Chore

• Fix typo (#​1663)
• Bump nitro and nuxt pins in nitro-v3 example (#​1678)

❤️ Contributors

• Daniel Roe (@​danielroe)
• Martin Masevski (@​Archetipo95)
• Ryota Watanabe (@​wattanx)
• Jan Müller (@​DerYeger)
• Yoshihiro Yamaguchi (@​yamachi4416)
• Sai Asish Y (@​SAY-5)

v4.0.2

Compare Source

👉 Changelog

compare changes

🩹 Fixes

• config: Respect override dev value (#​1602)

🤖 CI

• Use pnpm publish to resolve workspace dependencies (#​1651)

❤️ Contributors

• Julien Huang (@​huang-julien)
• Vasily Kuzin (@​ExEr7um)

v4.0.1

Compare Source

👉 Changelog

compare changes

🩹 Fixes

• config: Rename deps.optimizer.web to client for vitest4 (#​1593)
• runtime-utils: Fix mockNuxtImport types when using string target (#​1592)
• config: Pass non-project options for non-nuxt simple setup (#​1582)
• config: Do not import defineConfig from vite (1aa5e8748)
• runtime: Handle ResourceLoader removal in jsdom v28 (#​1611)
• config,vitest-environment: Directly import peerDeps (#​1617)
• runtime-utils: Align mount options merge w/ vue-test-utils (#​1610)
• vitest-environment: Avoid vitest/environments import warning (#​1627)
• runtime: Avoid error when vue/test-utils is not installed (#​1646)
• config: Prefer project h3 version if present (#​1641)

🏡 Chore

• Bump vitest-environment-nuxt versions (f5ec72127)
• Use workspace dependency (14fb254a7)
• Example playwright config improve type annotation for devices (#​1581)
• pkg-pr-new prerelease vitest-environment-nuxt (#​1601)
• Allow explicit any (633c93c2a)
• Switch unit test target to dir and move type unit tests to test:types (#​1618)
• Update lockfile (8306abf00)

✅ Tests

• Add failing test for stubbed global provide (#​1314)
• Update assertions deprecated in vitest 4.1 (#​1629)
• Change example/workspace to use glob based projects setup (#​1585)

🤖 CI

• Pin github actions to full-length commit shas (2832fd6d5)
• Avoid checkout for reproduction comment (e4e67ab09)
• Rename workflow (99318b9fc)
• Correctly publish pkg-pr-new prerelease (#​1598)

❤️ Contributors

• Daniel Roe (@​danielroe)
• Yoshihiro Yamaguchi (@​yamachi4416)
• Robin (@​OrbisK)
• Paul Melero (@​paulmelero)

vuejs/test-utils (@​vue/test-utils)

v2.4.10

Compare Source

v2.4.9

Compare Source

compare changes

🩹 Fixes

• Tolerate duplicate attachTo cleanup (#​2830)

📖 Documentation

• Document release process (#​2834)

🏡 Chore

• Migrate renovate config (5d37934)

🤖 CI

• Pin github actions to commit hashes (75dcef3)

❤️ Contributors

• Cédric Exbrayat (@​cexbrayat)
• Daniel Roe (@​danielroe)

v2.4.8

Compare Source

compare changes

🩹 Fixes

• Correct declaration entrypoint (#​2826)

🤖 CI

• Enable pkg.pr.new (#​2827)

❤️ Contributors

• Cédric Exbrayat (@​cexbrayat)
• Daniel Roe (@​danielroe)

v2.4.7

Compare Source

compare changes

🚀 Enhancements

• Add Chinese docs translation (#​2552)
• SetData()/shallowMount with initialData for components using the Composition API / <script setup> (#​2655)

🩹 Fixes

• Preserve code from keyboard events (#​2434)
• Switch browser and require exports definitions (#​2501)
• Re-add peer dependencies but with wider range (#​2511)
• Resolve warnings in docs:dev (30b7491)
• Resolve TypeScript type errors in .vitepress/config (#​2549)
• Accept FunctionalComponent as selector (0bb947f)
• Text() misses content for array functional component (#​2579)
• Use await in test (c5482b4)
• deps: Update dependency vue-component-type-helpers to v3 (#​2683)
• Remove wrapper div when unmount (#​2700)
• Make mount options slots compatible with noUncheckedIndexedAccess true (#​2713)
• Add missing peerDependency @​vue/compiler-dom (75801ba)
• docs: Declare css module for vitepress typecheck (ddaca97)

💅 Refactors

• Enforce consistent usage of type imports (#​2734)

📖 Documentation

• Clarify findComponent vs getComponent (#​2435)
• Update fr docs (67064ef)
• Add note about partial transition stub support (#​2431)
• Fix missing data at passing data section essentials guide (dda205e)
• Fix missing data at passing data section essentials guide fr (ae2c72c)
• Fix plugin TS declaration example (#​2466)
• Fixed incorrect checkbox value check (#​2495)
• Capital letter in sentence fix (#​2499)
• Import missing DOMWrapper on Implementation of the plugin section (#​2519)
• Add migration step for deprecated ref syntax in findAllComponents (#​2498)
• Correct anchor hash links and fix typo (#​2551)
• Center logo on home (#​2559)
• zh-cn: Review a-crash-course (#​2563)
• Use code-group for install commands (#​2571)
• zh-cn: Review event-handing.md (#​2572)
• zh-cn: Enhance conditional-rendering.md (#​2562)
• zh-cn: Review easy-to-test (#​2567)
• zh-cn: Review passing-data.md (#​2575)
• zh-cn: Review async-suspense.md (#​2576)
• zh: 优化 API 文档格式和内容 (#​2569)
• zh: 更新 Vitest 模拟日期和计时器的说明 (#​2578)
• zh-cn: Review http-requests.md (#​2580)
• zh-cn: Review forms (#​2582)
• zh-cn: Guide/advanced/slots.md (#​2565)
• zh: Review extending-vtu (#​2583)
• zh: Review index (#​2584)
• Fix modelValue test example (85bfdf4)
• Removes broken link from plugins.md (69bc1ce)
• zh: Review transitions, component-instance, and reusability-composition (#​2616)
• zh: Review v-model and vuex (#​2617)
• zh: Review all the rest advanced guide (#​2619)
• zh: Review migration (#​2623)
• Fix a typo in transitions.md (#​2635)
• Update crash-course to script setup (c81aa79)
• Update Essentials section to setup (composition api) (#​2647)
• Typos in examples (#​2678)
• Typo in easy-to-test.md (#​2710)
• Add note about mocking requestAnimationFrame for transitions (2324c65)
• Updated example TodoApp to script setup (#​2727)
• Remove "Using data" section from "Conditional Rendering" guide and fix passing data test example (#​2743)
• Follow-up fixes for the conditional rendering guide (#​2744)
• Mention shallowMount stub name changes in migration guide (80e051a)
• Update conditional rendering documentation to clarify isVisible() usage with attachTo (#​2799)
• Restore Options API component for data() mounting example (#​2804)
• Promote Vitest as recommended test runner (#​2805)
• api: Note that setValue does not accept objects on <select> (#​2819)

🏡 Chore

• Add api/index.md to docs:translation:compare (6b8681c)
• Remove unnecessary generic arguments (cfd70c6)
• Ignore TS error in config object (9d0a618)
• Simplify eslint packages (c1d0ffd)
• Use eslint v9 with flat config (2f19fdf)
• Expose Stubs type publicly (#​2492)
• Update documentation file path (9c96594)
• Use pnpm v10 (e4c2cb3)
• Pnpm approve build (81c54e9)
• Use github issue forms (#​2673)
• Exclude class components from test type-checking (0899008)
• Add explicit coverage include for vitest v4 (51672b9)
• Update to prettier v3.7 (fed9e7c)
• Migrate to oxfmt (81c1de9)
• Migrate to oxlint (a361908)
• Prepare TypeScript 6 migration settings (55e1262)
• Adjust tsd config for TypeScript 6 (7d23eb5)
• Avoid TypeScript 6 target deprecation warning (81d063c)

🤖 CI

• Remove node v22 build (7ebf58d)
• Add node v22 build (57540ee)
• Use "pool: threads" instead of vmThreads (d0cbb54)
• Remove node v18 and add v24 (fd9cf95)
• Add trusted publishing release workflow (#​2825)

❤️ Contributors

• Lachlan Miller (@​lmiller1990)
• cexbrayat (@​cexbrayat)
• Nicolas Bonamy (@​nbonamy)
• KatWorkGit (@​KatWorkGit)
• Wouter Kroes (@​wouterkroes)
• Rama Muhammad Murshal (@​ramammurshal)
• Evan You (@​yyx990803)
• Vlad Starkovsky (@​starkovsky)
• Joe (@​joaoprp)
• Priyadarshi Kumar (@​Psingh132)
• Sébastien Ronveaux (@​sronveaux)
• Gilliam (@​Gi11i4m)
• Baranov Dmytro (@​dimas7001)
• BrendonHenrique (@​BrendonHenrique)
• Lorenz van Herwaarden (@​lorenzvanherwaarden)
• wuzhiqing (@​DDDDD12138)
• 阿菜 Cai (@​RSS1102)
• Jinjiang (@​Jinjiang)
• Kylin (@​lxKylin)
• Qianhe Chen (@​chenqianhe)
• 时瑶 (@​KiritaniAyaka)
• h7ml (@​h7ml)
• Nicander (@​Nicander93)
• Take-John (@​takejohn)
• ilyasherstoboev (@​ilyasherstoboev)
• aimerie (@​aimerie)
• Miguel Rincon (@​miguelrincon)
• bcastlel (@​bcastlel)
• Claudiu (@​sofuxro)
• Artem Dragunov (@​dragunovartem99)
• Robin (@​OrbisK)
• Koen Mertens (@​KCMertens)
• meomking (@​CaptainWang98)
• Pepijn Olivier (@​pepijnolivier)
• Tomina (@​Thomaash)
• Gareth Jones (@​G-Rath)
• Jerry Hogan (@​hdJerry)
• Marco Pasqualetti (@​marcalexiei)
• guoxk (@​guoxk-me)
• kimulaco (@​kimulaco)
• Erwan IQUEL (@​Olympus5)
• Matt Van Horn (@​mvanhorn)
• Daniel Roe (@​danielroe)

Hebilicious/reproduire (Hebilicious/reproduire)

v0.0.9

Compare Source

compare changes

actions/setup-node (actions/setup-node)

v6.4.0

Compare Source

monperrus/crawler-user-agents (crawler-user-agents)

v1.45.0

Compare Source

v1.44.0

Compare Source

v1.43.0

Compare Source

v1.42.0

Compare Source

v1.41.0

Compare Source

v1.40.0

Compare Source

v1.39.0

Compare Source

v1.38.0

Compare Source

unjs/defu (defu)

v6.1.7

Compare Source

compare changes

🩹 Fixes

• defu.d.cts: Export Defu types (#​157)

📦 Build

• Correct the types export entry (#​160)

❤️ Contributors

• Jakub Michálek (@​J-Michalek)
• Kricsleo (@​kricsleo)

v6.1.6

Compare Source

compare changes

📦 Build

• Fix mixed types (407b516)

❤️ Contributors

• Pooya Parsa (@​pi0)

v6.1.5

Compare Source

compare changes

🩹 Fixes

• Prevent prototype pollution via __proto__ in defaults (#​156)
• Ignore inherited enumerable properties (11ba022)

🏡 Chore

• Add tea.yaml (70cffe5)
• Update repo (23cc432)
• Fix typecheck (89df6bb)

✅ Tests

• Add more tests for plain objects (b65f603)

🤖 CI

• Bump node (9237d9c)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Kricsleo (@​kricsleo)

eslint/eslint (eslint)

v10.3.0

Compare Source

v10.2.1

Compare Source

v10.2.0

Compare Source

Features

• 586ec2f feat: Add meta.languages support to rules (#​20571) (Copilot)
• 14207de feat: add Temporal to no-obj-calls (#​20675) (Pixel998)
• bbb2c93 feat: add Temporal to ES2026 globals (#​20672) (Pixel998)

Bug Fixes

• 542cb3e fix: update first-party dependencies (#​20714) (Francesco Trotta)

Documentation

• a2af743 docs: add language to configuration objects (#​20712) (Francesco Trotta)
• 845f23f docs: Update README (GitHub Actions Bot)
• 5fbcf59 docs: remove sourceType from ts playground link (#​20477) (Tanuj Kanti)
• 8702a47 docs: Update README (GitHub Actions Bot)
• ddeaded docs: Update README (GitHub Actions Bot)
• 2b44966 docs: add Major Releases section to Manage Releases (#​20269) (Milos Djermanovic)
• eab65c7 docs: update eslint versions in examples (#​20664) (루밀LuMir)
• 3e4a299 docs: update ESM Dependencies policies with note for own-usage packages (#​20660) (Milos Djermanovic)

Chores

• 8120e30 refactor: extract no unmodified loop condition (#​20679) (kuldeep kumar)
• 46e8469 chore: update dependency markdownlint-cli2 to ^0.22.0 (#​20697) (renovate[bot])
• 01ed3aa test: add unit tests for unicode utilities (#​20622) (Manish chaudhary)
• 811f493 ci: remove --legacy-peer-deps from types integration tests (#​20667) (Milos Djermanovic)
• 6b86fcf chore: update dependency npm-run-all2 to v8 (#​20663) (renovate[bot])
• 632c4f8 chore: add prettier update commit to .git-blame-ignore-revs (#​20662) (루밀LuMir)
• b0b0f21 chore: update dependency eslint-plugin-regexp to ^3.1.0 (#​20659) (Milos Djermanovic)
• 228a2dd chore: update dependency eslint-plugin-eslint-plugin to ^7.3.2 (#​20661) (Milos Djermanovic)
• 3ab4d7e test: Add tests for eslintrc-style keys (#​20645) (kuldeep kumar)

capricorn86/happy-dom (happy-dom)

v20.9.0

Compare Source

🎨 Features

• Adds support for event listener properties on Window (e.g. Window.onkeydown) - By @​capricorn86 in task #​2131

microsoft/playwright (playwright)

v1.60.0

Compare Source

🌐 HAR recording on Tracing

tracing.startHar() / tracing.stopHar() expose HAR recording as a first-class tracing API, with the same content, mode and urlFilter options as recordHar. The returned Disposable makes it easy to scope a recording with await using:

await using har = await context.tracing.startHar('trace.har');
const page = await context.newPage();
await page.goto('https://playwright.dev');
// HAR is finalized when `har` goes out of scope.

🪝 Drop API

New locator.drop() simulates an external drag-and-drop of files or clipboard-like data onto an element. Playwright dispatches dragenter, dragover, and drop with a synthetic [DataTransfer] in the page context — works cross-browser and is great for testing upload zones:

await page.locator('#dropzone').drop({
  files: { name: 'note.txt', mimeType: 'text/plain', buffer: Buffer.from('hello') },
});

await page.locator('#dropzone').drop({
  data: {
    'text/plain': 'hello world',
    'text/uri-list': 'https://example.com',
  },
});

🎯 Aria snapshots

• expect(page).toMatchAriaSnapshot() now works on a Page, in addition to a Locator — equivalent to asserting against page.locator('body').
• New boxes option on locator.ariaSnapshot() / page.ariaSnapshot() appends each element's bounding box as [box=x,y,width,height], useful for AI consumption.

🛑 test.abort()

New test.abort() aborts the currently running test from a fixture, hook, or route handler with an optional message. Use it when you have detected an unrecoverable misuse and want to fail the test right away:

test('does not publish to the shared page', async ({ page }) => {
  await page.route('**/publish', route => {
    test.abort('Tests must not publish to the shared page. Use the `clone` option.');
    return route.abort();
  });
  // ...
});

New APIs

Browser, Context and Page

• Event browser.on('context') — fired when a new context is created on the browser.
• BrowserContext now mirrors lifecycle events from its pages: browserContext.on('download'), browserContext.on('frameattached'), browserContext.on('framedetached'), browserContext.on('framenavigated'), browserContext.on('pageclose'), browserContext.on('pageload').

Locators and Assertions

• New option description in page.getByRole() / locator.getByRole() / frame.getByRole() / frameLocator.getByRole() for matching the accessible description.
• New option pseudo in expect(locator).toHaveCSS() reads computed styles from ::before or ::after.
• New option style in locator.highlight() applies extra inline CSS to the highlight overlay, plus new page.hideHighlight() to clear all highlights.

Network

• webSocketRoute.protocols() returns the WebSocket subprotocols requested by the page.
• New option noDefaults in browserType.connectOverCDP() disables Playwright's default overrides on the default context (download behavior, focus emulation, media emulation), so attaching to a user's daily-driver browser doesn't disturb its state.

Errors and Reporting

• New webError.location() mirrors consoleMessage.location().
• consoleMessage.location() now exposes line / column properties (lineNumber / columnNumber are deprecated).
• New testInfoError.errorContext surfaces additional diagnostic context, such as the aria snapshot of the receiver at the time of an expect(...) matcher failure.
• reporter.onError() now receives a workerInfo argument with details about the worker for fixture teardown errors.

Test runner

• New {testFileBaseName} token in testProject.snapshotPathTemplate — file name without extension.
• Test runner now errors when a config tries to override a non-option fixture, and rejects workers: 0 or negative values.

🛠️ Other improvements

• HTML reporter:
  • npx playwright show-report accepts .zip files directly — no need to unzip first.
  • Steps that contain attachments inside nested children show an indicator on the parent step.
  • The repeatEachIndex is shown in the test header when non-zero.
• Trace Viewer adds a pretty-print toggle for JSON / form request and response bodies in the network details panel.

Breaking Changes ⚠️

• Removed long-deprecated APIs:
  • Locator.ariaRef() — use the standard locator.ariaSnapshot() pipeline.
  • handle option on BrowserContext.exposeBinding and Page.exposeBinding.
  • logger option on BrowserType.connect and BrowserType.connectOverCDP — use tracing instead.
  • Context options videosPath / videoSize — use recordVideo instead.

Browser Versions

• Chromium 148.0.7778.96
• Mozilla Firefox 150.0.2
• WebKit 26.4

This version was also tested against the following stable channels:

• Google Chrome 147
• Microsoft Edge 147

v1.59.1

Compare Source

v1.59.0

Compare Source

pnpm/pnpm (pnpm)

v10.33.4: pnpm 10.33.4

Compare Source

Patch Changes

• Pin the integrity of git-hosted tarballs (codeload.github.com, gitlab.com, bitbucket.org) in the lockfile so that subsequent installs detect a tampered or substituted tarball and refuse to install it. Previously the lockfile only stored the tarball URL for git dependencies, so a compromised git host or a man-in-the-middle could serve arbitrary code on later installs without lockfile changes.

  A new gitHosted: true field is recorded on git-hosted tarball resolutions in the lockfile, letting every reader/writer route them by a single typed check instead of pattern-matching the tarball URL in each call site. Lockfiles written by older pnpm versions are enriched on load (URL fallback) so the field can be relied on uniformly across the codebase.

• Fix a regression where pnpm --recursive --filter '!<pkg>' run/exec/test/add would include the workspace root in the matched projects. The workspace root is now correctly excluded by default when only negative --filter arguments are provided, matching the documented behavior. To include the root, pass --include-workspace-root #​11341.

Platinum Sponsors

Gold Sponsors

v10.33.3

Compare Source

v10.33.2

Compare Source

v10.33.1: pnpm 10.33.1

Compare Source

Patch Changes

• When a project's packageManager field selects pnpm v11 or newer, commands that v10 would have passed through to npm (version, login, logout, publish, unpublish, deprecate, dist-tag, docs, ping, search, star, stars, unstar, whoami, etc.) are now handed over to the wanted pnpm, which implements them natively. Previously they silently shelled out to npm — making, for example, pnpm version --help print npm's help on a project with packageManager: pnpm@11.0.0-rc.3 #​11328.

Platinum Sponsors

Gold Sponsors

microsoft/TypeScript (typescript)

v6.0.3

Compare Source

vitest-dev/vitest (vitest)

v4.1.6

Compare Source

   🐞 Bug Fixes

• **bro

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "on Monday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.