chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@nuxt/eslint-config (source)	^1.11.0 → ^1.15.2			devDependencies	minor
actions/checkout	v6.0.1 → v6.0.2			action	patch
actions/setup-node	v6.1.0 → v6.3.0			action	minor
actions/stale	v10.1.1 → v10.2.0			action	minor
crawler-user-agents	^1.22.0 → ^1.37.0			devDependencies	minor
eslint (source)	^10.0.2 → ^10.1.0			devDependencies	minor
happy-dom	^20.0.11 → ^20.8.9			devDependencies	minor
playwright (source)	^1.57.0 → ^1.58.2			devDependencies	minor
pnpm (source)	10.25.0 → 10.33.0			packageManager	minor
vitest (source)	^4.0.2 → ^4.1.2			devDependencies	patch

---

Release Notes

nuxt/eslint (@​nuxt/eslint-config)

v1.15.2

Compare Source

   🐞 Bug Fixes

• Prevent race condition of running checker module before eslint config is written  -  by @​sebbayer in #​653 (69aa4)

    View changes on GitHub

v1.15.1

Compare Source

   🐞 Bug Fixes

• Downgrade @eslint/js, fix #​647  -  by @​antfu in #​647 (2c1c1)

    View changes on GitHub

v1.15.0

Compare Source

   🚀 Features

• Relax peer deps range to support ESLint v10, fix #​642  -  by @​antfu in #​642 (305a9)

    View changes on GitHub

v1.14.0

Compare Source

   🚀 Features

• eslint-config: Add no-page-meta-runtime-values  -  by @​danielroe in #​641 (b74a0)

    View changes on GitHub

v1.13.0

Compare Source

   🚀 Features

• Upgrade eslint-flat-config-utils eslint-plugin-import-lite and eslint-plugin-jsdoc  -  by @​antfu (10bf9)

    View changes on GitHub

v1.12.1

Compare Source

No significant changes

    View changes on GitHub

actions/checkout (actions/checkout)

v6.0.2

Compare Source

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in #​2356

actions/setup-node (actions/setup-node)

v6.3.0

Compare Source

What's Changed

Enhancements:

• Support parsing devEngines field by @​susnux in #​1283

When using node-version-file: package.json, setup-node now prefers devEngines.runtime over engines.node.

Dependency updates:

• Fix npm audit issues by @​gowridurgad in #​1491
• Replace uuid with crypto.randomUUID() by @​trivikr in #​1378
• Upgrade minimatch from 3.1.2 to 3.1.5 by @​dependabot in #​1498

Bug fixes:

• Remove hardcoded bearer for mirror-url @​marco-ippolito in #​1467
• Scope test lockfiles by package manager and update cache tests by @​gowridurgad in #​1495

New Contributors

• @​susnux made their first contribution in #​1283

Full Changelog: actions/setup-node@v6...v6.3.0

v6.2.0

Compare Source

actions/stale (actions/stale)

v10.2.0

Compare Source

monperrus/crawler-user-agents (crawler-user-agents)

v1.37.0

Compare Source

v1.36.0

Compare Source

v1.35.0

Compare Source

v1.34.0

Compare Source

v1.33.0

Compare Source

v1.32.0

Compare Source

v1.31.0

Compare Source

v1.30.0

Compare Source

v1.29.0

Compare Source

v1.28.0

Compare Source

v1.27.0

Compare Source

v1.26.0

Compare Source

v1.25.0

Compare Source

v1.24.0

Compare Source

v1.23.0

Compare Source

eslint/eslint (eslint)

v10.1.0

Compare Source

Features

• ff4382b feat: apply fix for no-var in TSModuleBlock (#​20638) (Tanuj Kanti)
• 0916995 feat: Implement api support for bulk-suppressions (#​20565) (Blake Sager)

Bug Fixes

• 2b8824e fix: Prevent no-var autofix when a variable is used before declaration (#​20464) (Amaresh S M)
• e58b4bf fix: update eslint (#​20597) (renovate[bot])

Documentation

• b7b57fe docs: use correct JSDoc link in require-jsdoc.md (#​20641) (mkemna-clb)
• 58e4cfc docs: add deprecation notice partial (#​20639) (Milos Djermanovic)
• 7143dbf docs: update v9 migration guide for @eslint/js usage (#​20540) (fnx)
• 035fc4f docs: note that globalReturn applies only with sourceType: "script" (#​20630) (Milos Djermanovic)
• e972c88 docs: merge ESLint option descriptions into type definitions (#​20608) (Francesco Trotta)
• 7f10d84 docs: Update README (GitHub Actions Bot)
• aeed007 docs: open playground link in new tab (#​20602) (Tanuj Kanti)
• a0d1a37 docs: Add AI Usage Policy (#​20510) (Nicholas C. Zakas)

Chores

• a9f9cce chore: update dependency eslint-plugin-unicorn to ^63.0.0 (#​20584) (Milos Djermanovic)
• 1f42bd7 chore: update prettier to 3.8.1 (#​20651) (루밀LuMir)
• c0a6f4a chore: update dependency @​eslint/json to ^1.2.0 (#​20652) (renovate[bot])
• cc43f79 chore: update dependency c8 to v11 (#​20650) (renovate[bot])
• 2ce4635 chore: update dependency @​eslint/json to v1 (#​20649) (renovate[bot])
• f0406ee chore: update dependency markdownlint-cli2 to ^0.21.0 (#​20646) (renovate[bot])
• dbb4c95 chore: remove trunk (#​20478) (sethamus)
• c672a2a test: fix CLI test for empty output file (#​20640) (kuldeep kumar)
• c7ada24 ci: bump pnpm/action-setup from 4.3.0 to 4.4.0 (#​20636) (dependabot[bot])
• 07c4b8b test: fix RuleTester test without test runners (#​20631) (Francesco Trotta)
• 079bba7 test: Add tests for isValidWithUnicodeFlag (#​20601) (Manish chaudhary)
• 5885ae6 ci: unpin Node.js 25.x in CI (#​20615) (Copilot)
• f65e5d3 chore: update pnpm/action-setup digest to b906aff (#​20610) (renovate[bot])

v10.0.3

Compare Source

capricorn86/happy-dom (happy-dom)

v20.8.9

Compare Source

👷‍♂️ Patch fixes

• Fixes issue where cookies from the current origin was being forwarded to the target origin in fetch requests - By @​capricorn86 in task #​2117
  • A security advisory (GHSA-w4gp-fjgq-3q4g) was reported for this security vulnerability. Big thanks to @​r74tech for reporting this!

v20.8.8

Compare Source

👷‍♂️ Patch fixes

• Fixes issue where export names can be interpolated as executable code in ESM - By @​capricorn86 in task #​2113
  • A security advisory (GHSA-6q6h-j7hj-3r64) has been reported that shows a security vulnerability where it may be possible to escape the VM context and get access to process level functionality in unsafe environments using CommonJS. Big thanks to @​tndud042713 for reporting this!

v20.8.7

Compare Source

👷‍♂️ Patch fixes

• Replace implementing Node.js Console with common IConsole interface to support latest version of Bun - By @​YevheniiKotyrlo in task #​1845

v20.8.6

Compare Source

👷‍♂️ Patch fixes

• Request.formData() should honor "Content-Type" header - By @​brianhelba in task #​2106

v20.8.5

Compare Source

👷‍♂️ Patch fixes

• Fixes error thrown when modifying DOM structure in connectedCallback() - By @​capricorn86 in task #​2110

v20.8.4

Compare Source

v20.8.3

Compare Source

👷‍♂️ Patch fixes

• Throw error if event is not of type Event in dispatchEvent - By @​capricorn86 in task #​2054

v20.8.2

Compare Source

👷‍♂️ Patch fixes

• Resets Event.cancelBubble and Event.defaultPrevented when calling Event.initEvent() - By @​capricorn86 in task #​2090

v20.8.1

Compare Source

👷‍♂️ Patch fixes

• Make "inert" attribute block focus interactions - By @​coffeeandwork in task #​1422

v20.8.0

Compare Source

v20.7.2

Compare Source

👷‍♂️ Patch fixes

• Properly decode CSS escape sequences in attribute selector values - By @​silverwind

v20.7.1

Compare Source

v20.7.0

Compare Source

🎨 Features

• Adds support for Window.getScreenDetails() - By @​TrevorBurnham in task #​1923
• Extends Screen from EventTarget - By @​TrevorBurnham in task #​1923

v20.6.5

Compare Source

👷‍♂️ Patch fixes

• Add clearImmediate to Jest environment global scope - By @​TrevorBurnham in task #​1927

v20.6.4

Compare Source

👷‍♂️ Patch fixes

• Normalize invalid input type attribute to "text" per HTML spec - By @​atzzCokeK in task #​2053

v20.6.3

Compare Source

👷‍♂️ Patch fixes

• Refactors query selector parser to be able to handle complex rules - By @​capricorn86 in task #​1910
• Fixes issue related to using query selector for attribute in XML document - By @​capricorn86 in task #​1912
• Fixes issue with using quotes within quotes for attribute query selector (e.g. [data-value="it's a test"]) - By @​capricorn86 in task #​2034

v20.6.2

Compare Source

👷‍♂️ Patch fixes

• Update entities package version to resolve missing export for vue and vue-compat v3.5 - By @​acollins1991 in task #​2066

v20.6.1

Compare Source

v20.6.0

Compare Source

v20.5.5

Compare Source

v20.5.4

Compare Source

👷‍♂️ Patch fixes

• Implement Text.wholeText property - By @​aki05162525 in task #​1959

v20.5.3

Compare Source

v20.5.2

Compare Source

v20.5.1

Compare Source

v20.5.0

Compare Source

v20.4.0

Compare Source

🎨 Features

• Adds support for caching the compiled code of EcmaScript modules - By @​capricorn86 in task #​2049
• Improves the way nodes are destroyed and garbage collected - By @​capricorn86 in task #​2049

v20.3.9

Compare Source

👷‍♂️ Patch fixes

• Accept Document nodes as valid boundary points in Selection API - By @​skoch13 in task #​1952

v20.3.8

Compare Source

👷‍♂️ Patch fixes

• The getters for the properties focusNode and focusOffset in the Selection API returned incorrect values - By @​skoch13 in task #​1850

v20.3.7

Compare Source

👷‍♂️ Patch fixes

• Updates README.md for the "@​happy-dom/server-renderer" package - By @​capricorn86 in task #​2035

v20.3.6

Compare Source

👷‍♂️ Patch fixes

• Fixes issue where it wasn't possible to toggle the "open" attribute of <details> by clicking on a child of the <summary> element - By @​Nxooah in task #​1928

v20.3.5

Compare Source

👷‍♂️ Patch fixes

• Use internal property for "location" in BrowserFrameURL to avoid mock interference - By @​marchaos in task #​1964
• Add optional chaining to the "hostname" and pathname" properties to check if they are undefined in CookieURLUtility - By @​marchaos in task #​1968

v20.3.4

Compare Source

v20.3.3

Compare Source

v20.3.2

Compare Source

v20.3.1

Compare Source

👷‍♂️ Patch fixes

• Normalizes the "format" parameter according to the HTML specification in DataTransfer.getData() - By @​marchaos in task #​1965
• Handle partial responses in XMLHttpRequest - By @​rexxars in task #​1890

v20.3.0

Compare Source

🎨 Features

• Use RegExp to convert ASCII character casing to improve performance - By @​TrevorBurnham in task #​1886

v20.2.0

Compare Source

🎨 Features

• Use Element.classList.contains() instead of splitting className in query selectors to improve performance as it's cached - By @​TrevorBurnham in task #​1884

v20.1.1

Compare Source

👷‍♂️ Patch fixes

• Fixes caching in querySelector() - By @​TrevorBurnham in task #​1882
• Avoid sort in querySelector() to improve performance - By @​TrevorBurnham in task #​1882

v20.1.0

Compare Source

🎨 Features

• Adds support for BrowserPage.evaluateModule() and BrowserFrame.evaluateModule() - By @​capricorn86 in task #​1944
• Adds support for module to the browser settings - By @​capricorn86 in task #​1944
  • This makes it possible to add a custom resolver or a node module resolver
• Adds support for dynamic import() to JavaScript evaluation - By @​capricorn86 in task #​1944
  • It was previously only supported when using type="module" on script elements
• Adds support for WebSocket - By @​capricorn86 in task #​1944
• Adds support for CloseEvent - By @​capricorn86 in task #​1944
• Adds support for render.setupScript and render.mode to the configuration in @​happy-dom/server-renderer - By @​capricorn86 in task #​1944
• Changes name from urls to renderItems in the configuration in @​happy-dom/server-renderer - By @​capricorn86 in task #​1944
• Adds support for rendering strings in @​happy-dom/server-renderer - By @​capricorn86 in task #​1944
• Makes JavaScript evaluation disabled by default in @​happy-dom/server-renderer - By @​capricorn86 in task #​1944

👷‍♂️ Patch fixes

• Several fixed to the EcmaScript module compiler (esm) - By @​capricorn86 in task #​1944
• Fixes issue where rendering using Worker's didn't work in @​happy-dom/server-renderer - By @​capricorn86 in task #​1944

microsoft/playwright (playwright)

v1.58.2

Compare Source

v1.58.1

Compare Source

Highlights

#​39036 fix(msedge): fix local network permissions
#​39037 chore: update cft download location
#​38995 chore(webkit): disable frame sessions on fronzen builds

Browser Versions

• Chromium 145.0.7632.6
• Mozilla Firefox 146.0.1
• WebKit 26.0

v1.58.0

Compare Source

pnpm/pnpm (pnpm)

v10.33.0

Compare Source

v10.32.1: pnpm 10.32.1

Compare Source

Patch Changes

• Fix a regression where pnpm-workspace.yaml without a packages field caused all directories to be treated as workspace projects. This broke projects that use pnpm-workspace.yaml only for settings (e.g. minimumReleaseAge) without defining workspace packages #​10909.

Platinum Sponsors

Gold Sponsors

v10.32.0: pnpm 10.32

Compare Source

Minor Changes

• Added --all flag to pnpm approve-builds that approves all pending builds without interactive prompts #​10136.

Patch Changes

• Reverted change related to setting explicitly the npm config file path, which caused regressions.
• Reverted fix related to lockfile-include-tarball-url. Fixes #​10915.

Platinum Sponsors

Gold Sponsors

v10.31.0

Compare Source

v10.30.3

Compare Source

v10.30.2

Compare Source

v10.30.1: pnpm 10.30.1

Compare Source

Patch Changes

• Use the /-/npm/v1/security/audits/quick endpoint as the primary audit endpoint, falling back to /-/npm/v1/security/audits when it fails #​10649.

Platinum Sponsors

Gold Sponsors

v10.30.0: pnpm 10.30

Compare Source

Minor Changes

• pnpm why now shows a reverse dependency tree. The searched package appears at the root with its dependents as branches, walking back to workspace roots. This replaces the previous forward-tree output which was noisy and hard to read for deeply nested dependencies.

Patch Changes

• Revert pnpm why dependency pruning to prefer correctness over

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.