chore(deps): update all non-major dependencies (v4)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@ai-sdk/gateway (source)	^1.0.39 -> ^1.0.41
@ai-sdk/vue (source)	^2.0.68 -> ^2.0.76
@iconify-json/lucide	^1.2.69 -> ^1.2.70
@modelcontextprotocol/sdk (source)	^1.20.0 -> ^1.20.1
@regle/core (source)	^1.9.5 -> ^1.9.6
@regle/rules (source)	^1.9.5 -> ^1.9.6
ai (source)	^5.0.68 -> ^5.0.76
eslint (source)	^9.37.0 -> ^9.38.0
happy-dom	^20.0.0 -> ^20.0.6
motion-v	^1.7.2 -> ^1.7.3
nuxt-og-image (source)	^5.1.11 -> ^5.1.12
pnpm (source)	10.18.2 -> 10.18.3
vue-router (source)	^4.5.1 -> ^4.6.3

---

Release Notes

vercel/ai (@​ai-sdk/gateway)

v1.0.41

Compare Source

Patch Changes

• 11a8867: feat (provider/gateway): improve auth error messages

v1.0.40

Compare Source

Patch Changes

• f6a9bf3: feat (provider/gateway): add user and tags provider options

modelcontextprotocol/typescript-sdk (@​modelcontextprotocol/sdk)

v1.20.1

Compare Source

What's Changed

• fix: Add Accept header to auth metadata request by @​SVLaursen in #​901
• Allow empty string as valid URL in DCR workflow by @​fredericbarthelet in #​987
• docs: fix summary contents at readme by @​starfish719 in #​1025
• chore: bump version to 1.20.1 for release by @​felixweinberger in #​1032

New Contributors

• @​SVLaursen made their first contribution in #​901
• @​starfish719 made their first contribution in #​1025

Full Changelog: modelcontextprotocol/typescript-sdk@1.20.0...1.20.1

victorgarciaesgi/regle (@​regle/core)

v1.9.6

Compare Source

   🐞 Bug Fixes

• Memory not released after unmount / form reset #​197  -  by @​victorgarciaesgi in #​197 (39090)

    View changes on GitHub

eslint/eslint (eslint)

v9.38.0

Compare Source

capricorn86/happy-dom (happy-dom)

v20.0.6

Compare Source

v20.0.5

Compare Source

👷‍♂️ Patch fixes

• The setter TreeWalker.currentNode should validate if the value is a Node - By @​capricorn86 in task #​1935

v20.0.4

Compare Source

👷‍♂️ Patch fixes

• Only adds buttons to FormData if they are the submitter - By @​maxmil and @​
  karpiuMG in task #​1859

v20.0.3

Compare Source

👷‍♂️ Patch fixes

• Moves URL resolution to after checking if module preloading is enabled to prevent URL errors to be thrown when unresolvable - By @​iam-medvedev in task #​1851
• Fixes issue where CSS variables aren't parsed correctly when inside CSS functions - By @​fimion in task #​1837

v20.0.2

Compare Source

👷‍♂️ Patch fixes

• Adds frozen intrinsics flag to workers in @happy-dom/server-renderer - By @​capricorn86 in task #​1934

v20.0.1

Compare Source

👷‍♂️ Patch fixes

• Adds warning for environment with unfrozen intrinsics (builtins) when JavaScript evaluation is enabled- By @​capricorn86 in task #​1932
  • A security advisory has been reported showing that the recommended preventive measure of running Node.js with --disallow-code-generation-from-strings wasn't enough to protect against attackers escaping the VM context and accessing process-level functions. Big thanks to @​cristianstaicu for reporting this!
  • The documentation for how to run Happy DOM with JavaScript evaluation enabled in a safer way has been updated. Read more about it in the Wiki

motiondivision/motion-vue (motion-v)

v1.7.3

Compare Source

   🐞 Bug Fixes

• Handle null nodes in compareDocumentPosition  -  by @​rick-hup (2c6c6)

    View changes on GitHub

nuxt-modules/og-image (nuxt-og-image)

v5.1.12

Compare Source

   🐞 Bug Fixes

• Broken google font mirror  -  by @​harlan-zw (7c6f9)

    View changes on GitHub

pnpm/pnpm (pnpm)

v10.18.3

Compare Source

Patch Changes

• Fix a bug where pnpm would infinitely recurse when using verifyDepsBeforeInstall: install and pre/post install scripts that called other pnpm scripts #​10060.
• Fixed scoped registry keys (e.g., @scope:registry) being parsed as property paths in pnpm config get when --location=project is used #​9362.
• Remove pnpm-specific CLI options before passing to npm publish to prevent "Unknown cli config" warnings #​9646.
• Fixed EISDIR error when bin field points to a directory #​9441.
• Preserve version and hasBin for variations packages #​10022.
• Fixed pnpm config set --location=project incorrectly handling keys with slashes (auth tokens, registry settings) #​9884.
• When both pnpm-workspace.yaml and .npmrc exist, pnpm config set --location=project now writes to pnpm-workspace.yaml (matching read priority) #​10072.
• Prevent a table width error in pnpm outdated --long #​10040.
• Sync bin links after injected dependencies are updated by build scripts. This ensures that binaries created during build processes are properly linked and accessible to consuming projects #​10057.

vuejs/router (vue-router)

v4.6.3

Compare Source

Please refer to CHANGELOG.md for details.

v4.6.2

Compare Source

Please refer to CHANGELOG.md for details.

v4.6.1

Compare Source

Please refer to CHANGELOG.md for details.

v4.6.0

Compare Source

Please refer to CHANGELOG.md for details.

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[pkg-pr-new]

npm i https://pkg.pr.new/@nuxt/ui@5224

commit: a8a23bb