Skip to content

chore(deps): update all non-major dependencies #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 8, 2025
Merged

chore(deps): update all non-major dependencies #161

merged 1 commit into from
Aug 8, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 19, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@rollup/plugin-typescript (source) 12.1.3 -> 12.1.4 age confidence
pnpm (source) 10.12.1 -> 10.14.0 age confidence
rollup (source) 4.43.0 -> 4.46.2 age confidence
typescript (source) 5.8.3 -> 5.9.2 age confidence

Release Notes

rollup/plugins (@​rollup/plugin-typescript)

v12.1.4

2025-06-28

Bugfixes
pnpm/pnpm (pnpm)

v10.14.0

Compare Source

Minor Changes

  • Added support for JavaScript runtime resolution

    Declare Node.js, Deno, or Bun in devEngines.runtime (inside package.json) and let pnpm download and pin it automatically.

    Usage example:

    {
  "devEngines": {
    "runtime": {
      "name": "node",
      "version": "^24.4.0",
      "onFail": "download" (we only support the "download" value for now)
    }
  }
}

    How it works:

    1. pnpm install resolves your specified range to the latest matching runtime version.
    2. The exact version (and checksum) is saved in the lockfile.
    3. Scripts use the local runtime, ensuring consistency across environments.

    Why this is better:

    1. This new setting supports also Deno and Bun (vs. our Node-only settings useNodeVersion and executionEnv.nodeVersion)
    2. Supports version ranges (not just a fixed version).
    3. The resolved version is stored in the pnpm lockfile, along with an integrity checksum for future validation of the Node.js content's validity.
    4. It can be used on any workspace project (like executionEnv.nodeVersion). So, different projects in a workspace can use different runtimes.
    5. For now devEngines.runtime setting will install the runtime locally, which we will improve in future versions of pnpm by using a shared location on the computer.

    Related PR: #​9755.

  • Add --cpu, --libc, and --os to pnpm install, pnpm add, and pnpm dlx to customize supportedArchitectures via the CLI #​7510.

Patch Changes
  • Fix a bug in which pnpm add downloads packages whose libc differ from pnpm.supportedArchitectures.libc.
  • The integrities of the downloaded Node.js artifacts are verified #​9750.
  • Allow dlx to parse CLI flags and options between the dlx command and the command to run or between the dlx command and -- #​9719.
  • pnpm install --prod should removing hoisted dev dependencies #​9782.
  • Fix an edge case bug causing local tarballs to not re-link into the virtual store. This bug would happen when changing the contents of the tarball without renaming the file and running a filtered install.
  • Fix a bug causing pnpm install to incorrectly assume the lockfile is up to date after changing a local tarball that has peers dependencies.

v10.13.1

Compare Source

Patch Changes
  • Run user defined pnpmfiles after pnpmfiles of plugins.

v10.13.0

Compare Source

Minor Changes

  • Added the possibility to load multiple pnpmfiles. The pnpmfile setting can now accept a list of pnpmfile locations #​9702.

  • pnpm will now automatically load the pnpmfile.cjs file from any config dependency named @pnpm/plugin-* or pnpm-plugin-* #​9729.

    The order in which config dependencies are initialized should not matter — they are initialized in alphabetical order. If a specific order is needed, the paths to the pnpmfile.cjs files in the config dependencies can be explicitly listed using the pnpmfile setting in pnpm-workspace.yaml.

Patch Changes
  • When patching dependencies installed via pkg.pr.new, treat them as Git tarball URLs #​9694.
  • Prevent conflicts between local projects' config and the global config in dangerouslyAllowAllBuilds, onlyBuiltDependencies, onlyBuiltDependenciesFile, and neverBuiltDependencies #​9628.
  • Sort keys in pnpm-workspace.yaml with deep #​9701.
  • The pnpm rebuild command should not add pkgs included in ignoredBuiltDependencies to ignoredBuilds in node_modules/.modules.yaml #​9338.
  • Replaced shell-quote with shlex for quoting command arguments #​9381.

v10.12.4

Compare Source

Patch Changes

v10.12.3

Compare Source

Patch Changes
  • Restore hoisting of optional peer dependencies when installing with an outdated lockfile.
    Regression introduced in v10.12.2 by #​9648; resolves #​9685.

v10.12.2

Compare Source

Patch Changes
  • Fixed hoisting with enableGlobalVirtualStore set to true #​9648.
  • Fix the --help and -h flags not working as expected for the pnpm create command.
  • The dependency package path output by the pnpm licenses list --json command is incorrect.
  • Fix a bug in which pnpm deploy fails due to overridden dependencies having peer dependencies causing ERR_PNPM_OUTDATED_LOCKFILE #​9595.
rollup/rollup (rollup)

v4.46.2

Compare Source

2025-07-29

Bug Fixes
  • Fix in-operator handling for external namespace and when the left side cannot be analyzed (#​6041)
Pull Requests

v4.46.1

Compare Source

2025-07-28

Bug Fixes
  • Do not fail when using the in operator on external namespaces (#​6036)
Pull Requests

v4.46.0

Compare Source

2025-07-27

Features
  • Optimize in checks on namespaces to keep them treeshake-able (#​6029)
Pull Requests

v4.45.3

Compare Source

2025-07-26

Bug Fixes
  • Do not fail build if a const is reassigned but warn instead (#​6020)
  • Fail with a helpful error message if an exported binding is not defined (#​6023)
Pull Requests

v4.45.1

Compare Source

2025-07-15

Bug Fixes
  • Resolve crash when using certain conditional expressions (#​6009)
Pull Requests

v4.45.0

Compare Source

2025-07-12

Features
  • Improve tree-shaking when both branches of a conditional expression return the same boolean value (#​6000)
  • In environments that support both CJS and ESM, prefer the ESM build of Rollup (#​6005)
Bug Fixes
  • Ensure static blocks do not prevent tree-shaking if they access this (#​6001)
Pull Requests

v4.44.2

Compare Source

2025-07-04

Bug Fixes
  • Correctly handle @__PURE__ annotations after new keyword (#​5998)
  • Generate correct source mapping for closing braces of block statements (#​5999)
Pull Requests

v4.44.1

Compare Source

2025-06-26

Bug Fixes
  • Reinstate maxParallelFileOps limit of 1000 to resolve the issue for some (#​5992)
Pull Requests

v4.44.0

Compare Source

2025-06-19

Features
  • Remove limit on maxParallelFileOps as this could break watch mode with the commonjs plugin (#​5986)
Bug Fixes
  • Provide better source mappings when coarse intermediate maps are used (#​5985)
Pull Requests
microsoft/TypeScript (typescript)

v5.9.2

Compare Source

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@sourcery-ai Sourcery AI
Copy link

sourcery-ai bot commented Jun 19, 2025
edited
Loading

Reviewer's Guide

Upgrade Rollup to v4.44.0 by bumping version references in package.json and regenerating the pnpm lockfile, including related plugins and binary integrity hashes.

File-Level Changes

Change Details Files
Bump Rollup and plugin versions
  • Update rollup specifier and version in package.json
  • Bump @rollup/plugin-terser, @rollup/plugin-typescript and @rollup/pluginutils to reference [email protected]
  • Adjust optionalDependencies for Rollup in plugin entries
 package.json
pnpm-lock.yaml
Regenerate lockfile with new integrity hashes
  • Update resolution/version entries for all platform-specific rollup binaries to 4.44.0
  • Refresh SHA512 integrity hashes throughout pnpm-lock.yaml
 pnpm-lock.yaml
Add new @types/estree version pnpm-lock.yaml
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch from bf64c79 to 3679ee2 Compare June 23, 2025 02:37
@renovate renovate bot changed the title chore(deps): update dependency rollup to v4.44.0 chore(deps): update all non-major dependencies Jun 23, 2025
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch from 3679ee2 to 39d94d4 Compare June 24, 2025 17:08
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch 3 times, most recently from 70b7e2c to d92a73d Compare July 12, 2025 10:12
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch from d92a73d to b6596eb Compare July 15, 2025 21:07
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch 6 times, most recently from 71ce6da to 33aceea Compare August 1, 2025 00:44
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch from 33aceea to 4a0d97f Compare August 8, 2025 14:45
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch from 4a0d97f to 2cd7b4e Compare August 8, 2025 14:55
@renovate renovate bot force-pushed the renovate/all-non-major-dependencies branch from 2cd7b4e to e4916ac Compare August 8, 2025 15:03
@liby liby merged commit 486d092 into main Aug 8, 2025
@renovate renovate bot deleted the renovate/all-non-major-dependencies branch August 8, 2025 17:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@liby