chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/node (source)	^22.13.8 -> ^22.13.10
pnpm (source)	10.5.2 -> 10.6.4
vite (source)	^6.2.0 -> ^6.2.2
vitest (source)	^3.0.7 -> ^3.0.9

---

Release Notes

pnpm/pnpm (pnpm)

v10.6.4: pnpm 10.6.4

Compare Source

Patch Changes

• Fix pnpm dlx with --allow-build flag #​9263.
• Invalid Node.js version in use-node-version should not cause pnpm itself to break #​9276.
• The max amount of workers running for linking packages from the store has been reduced to 4 to achieve optimal results #​9286. The workers are performing many file system operations, so increasing the number of CPUs doesn't help performance after some point.

Platinum Sponsors

Gold Sponsors

v10.6.3

Compare Source

Patch Changes

• pnpm install --prod=false should not crash, when executed in a project with a pnpm-workspace.yaml file #​9233. This fixes regression introduced via #​9211.

• Add the missing node-options config to recursive run #​9180.

• Removed a branching code path that only executed when dedupe-peer-dependents=false. We believe this internal refactor will not result in behavior changes, but we expect it to make future pnpm versions behave more consistently for projects that override dedupe-peer-dependents to false. There should be less unique bugs from turning off dedupe-peer-dependents.

  See details in #​9259.

v10.6.2

Compare Source

Patch Changes

• pnpm self-update should always update the version in the packageManager field of package.json.
• Fix running pnpm CLI from pnpm CLI on Windows when the CLI is bundled to an executable #​8971.
• pnpm patch-commit will now use the same filesystem as the store directory to compare and create patch files.
• Don't show info output when --loglevel=error is used.
• peerDependencyRules should be set in pnpm-workspace.yaml to take effect.

v10.6.1

Compare Source

Patch Changes

• The pnpm CLI process should not stay hanging, when --silent reporting is used.
• When --loglevel is set to error, don't show installation summary, execution time, and big tarball download progress.
• Don't ignore pnpm.patchedDependencies from package.json #​9226.
• When executing the approve-builds command, if package.json contains onlyBuiltDependencies or ignoredBuiltDependencies, the selected dependency package will continue to be written into package.json.
• When a package version cannot be found in the package metadata, print the registry from which the package was fetched.

v10.6.0

Compare Source

Minor Changes

• pnpm-workspace.yaml can now hold all the settings that .npmrc accepts. The settings should use camelCase #​9211.

  pnpm-workspace.yaml example:

  verifyDepsBeforeRun: install
  optimisticRepeatInstall: true
  publicHoistPattern:
    - "*types*"
    - "!@​types/react"

• Projects using a file: dependency on a local tarball file (i.e. .tgz, .tar.gz, .tar) will see a performance improvement during installation. Previously, using a file: dependency on a tarball caused the lockfile resolution step to always run. The lockfile will now be considered up-to-date if the tarball is unchanged.

Patch Changes

• pnpm self-update should not leave a directory with a broken pnpm installation if the installation fails.
• fast-glob replace with tinyglobby to reduce the size of the pnpm CLI dependencies #​9169.
• pnpm deploy should not remove fields from the deployed package's package.json file #​9215.
• pnpm self-update should not read the pnpm settings from the package.json file in the current working directory.
• Fix pnpm deploy creating a package.json without the imports and license field #​9193.
• pnpm update -i should list only packages that have newer versions #​9206.
• Fix a bug causing entries in the catalogs section of the pnpm-lock.yaml file to be removed when dedupe-peer-dependents=false on a filtered install. #​9112

vitejs/vite (vite)

v6.2.2

Compare Source

• fix: await client buildStart on top level buildStart (#​19624) (b31faab), closes #​19624
• fix(css): inline css correctly for double quote use strict (#​19590) (d0aa833), closes #​19590
• fix(deps): update all non-major dependencies (#​19613) (363d691), closes #​19613
• fix(indexHtml): ensure correct URL when querying module graph (#​19601) (dc5395a), closes #​19601
• fix(preview): use preview https config, not server (#​19633) (98b3160), closes #​19633
• fix(ssr): use optional chaining to prevent "undefined is not an object" happening in `ssrRewriteStac (4309755), closes #​19612
• feat: show friendly error for malformed base (#​19616) (2476391), closes #​19616
• feat(worker): show asset filename conflict warning (#​19591) (367d968), closes #​19591
• chore: extend commit hash correctly when ambigious with a non-commit object (#​19600) (89a6287), closes #​19600

v6.2.1

Compare Source

• refactor: remove isBuild check from preAliasPlugin (#​19587) (c9e086d), closes #​19587
• refactor: restore endsWith usage (#​19554) (6113a96), closes #​19554
• refactor: use applyToEnvironment in internal plugins (#​19588) (f678442), closes #​19588
• fix(css): stabilize css module hashes with lightningcss in dev mode (#​19481) (92125b4), closes #​19481
• fix(deps): update all non-major dependencies (#​19555) (f612e0f), closes #​19555
• fix(reporter): fix incorrect bundle size calculation with non-ASCII characters (#​19561) (437c0ed), closes #​19561
• fix(sourcemap): combine sourcemaps with multiple sources without matched source (#​18971) (e3f6ae1), closes #​18971
• fix(ssr): named export should overwrite export all (#​19534) (2fd2fc1), closes #​19534
• feat: add *?url&no-inline type and warning for .json?inline / .json?no-inline (#​19566) (c0d3667), closes #​19566
• test: add glob import test case (#​19516) (aa1d807), closes #​19516
• test: convert config playground to unit tests (#​19568) (c0e68da), closes #​19568
• test: convert resolve-config playground to unit tests (#​19567) (db5fb48), closes #​19567
• perf: flush compile cache after 10s (#​19537) (6c8a5a2), closes #​19537
• chore(css): move environment destructuring after condition check (#​19492) (c9eda23), closes #​19492
• chore(html): remove unnecessary value check (#​19491) (797959f), closes #​19491

vitest-dev/vitest (vitest)

v3.0.9

Compare Source

   🐞 Bug Fixes

• Typings of ctx.skip() as never  -  by @​sirlancelot in https://github.com/vitest-dev/vitest/issues/7608 (09f35)
• Cleanup vitest in public resolveConfig API  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7623 (db14a)
• Fix toHaveBeenCalledWith(asymmetricMatcher) with undefined arguments  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7624 (0fb21)
• Race condition in RPC filesystem cache.  -  by @​dts in https://github.com/vitest-dev/vitest/issues/7531 (b7f55)
• Fix getState().testPath during collection with no isolation  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7640 (3fb3f)
• Support custom toString method in %s format  -  by @​pengooseDev in https://github.com/vitest-dev/vitest/issues/7637 (46d93)
• browser:
  • Fail playwright timeouts earlier than a test timeout  -  by @​sheremet-va and @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7565 (5eb4c)
  • Remove @​testing-library/dom from dependencies #​7555)"  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7628 and https://github.com/vitest-dev/vitest/issues/7555 (94b27)
• coverage:
  • Browser mode + coverage.all  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7597 (422ba)
• runner:
  • Show stacktrace on hook timeout error  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7502 (268a1)
• vite-node:
  • Fix source map of inlined node_modules  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7557 (34aa3)
  • Fix missing buildStart  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7652 (29f5a)
• web-worker:
  • Ensure removeEventListener is bound to worker  -  by @​joelgallant in https://github.com/vitest-dev/vitest/issues/7631 (ff42b)

    View changes on GitHub

v3.0.8

Compare Source

   🐞 Bug Fixes

• Fix fetch cache multiple writes  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7546 (1a8b4)
• Use browser.isolate instead of config.isolate  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7560 (4b5ed)
• Remove vestigial spy stub, import directly from @vitest/spy  -  by @​mrginglymus in https://github.com/vitest-dev/vitest/issues/7575 (7f7ff)
• Correctly split the argv string  -  by @​btea in https://github.com/vitest-dev/vitest/issues/7533 (4325a)
• browser:
  • Remove @​testing-library/dom from dependencies  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7555 (5387a)
  • Improve source map handling for bundled files  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7534 (e2c57)
  • Print related test file and potential test in unhandled errors  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7564 (fee90)
• runner:
  • Fix beforeEach/All cleanup callback timeout  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7500 (0c292)
  • Fix and simplify Task.suite initialization  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7414 (ca9ff)
• snapshot:
  • Allow inline snapshot calls on same location with same snapshot  -  by @​jycouet and @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7464 (d5cb8)
• vite-node:
  • Fix buildStart on Vite 6  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7480 (c0f47)

    View changes on GitHub

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.