chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@nuxt/eslint-config (source)	0.3.13 -> 0.5.7					devDependencies	minor
@types/node (source)	20.12.7 -> 20.16.10					devDependencies	minor
bumpp	9.5.2 -> 9.6.1					devDependencies	minor
husky	9.0.11 -> 9.1.6					devDependencies	minor
lint-staged	15.2.9 -> 15.2.10					devDependencies	patch
node (source)	20.12.2 -> 20.18.0					volta	minor
playwright (source)	1.45.3 -> 1.47.2					devDependencies	minor
pnpm (source)	9.8.0 -> 9.12.0					packageManager	minor
typescript (source)	5.3.3 -> 5.6.2					devDependencies	minor

---

Release Notes

nuxt/eslint (@​nuxt/eslint-config)

v0.5.7

Compare Source

   🚀 Features

• Update deps, remove @types/eslint  -  by @​antfu (a24f3)

    View changes on GitHub

v0.5.6

Compare Source

   🚀 Features

• module: Support customizable config.configFile, use relative path to resolve, fix #​495  -  by @​antfu in https://github.com/nuxt/eslint/issues/495 (a4ab4)

    View changes on GitHub

v0.5.5

Compare Source

   🐞 Bug Fixes

• Remove unused dependencies  -  by @​bluwy in https://github.com/nuxt/eslint/issues/493 (46d0d)

    View changes on GitHub

v0.5.4

Compare Source

   🚀 Features

• config: Support Nuxt 4 convention by default, resolve #​487  -  by @​antfu in https://github.com/nuxt/eslint/issues/487 (42aed)

    View changes on GitHub

v0.5.3

Compare Source

No significant changes

    View changes on GitHub

v0.5.2

Compare Source

   🐞 Bug Fixes

• eslint-config: Do not eagerly import ts-eslint parser, close #​485  -  by @​antfu in https://github.com/nuxt/eslint/issues/485 (4b5d6)

    View changes on GitHub

v0.5.1

Compare Source

   🚀 Features

• Improve error messages for plugin conflicts, close #​450, close #​474  -  by @​antfu in https://github.com/nuxt/eslint/issues/450 and https://github.com/nuxt/eslint/issues/474 (bc055)

    View changes on GitHub

v0.5.0

Compare Source

   🚀 Features

• Enable @typescript-eslint/no-import-type-side-effects, close #​439  -  by @​antfu in https://github.com/nuxt/eslint/issues/439 (7361c)
• Upgrade @typescript-eslint to v8  -  by @​antfu in https://github.com/nuxt/eslint/issues/471 (4d08e)

    View changes on GitHub

v0.4.0

Compare Source

   🚀 Features

• Upgrade @types/eslint  -  by @​antfu (ebc8f)
• Enable features.typescript only when typescript is installed locally, fix #​437  -  by @​antfu in https://github.com/nuxt/eslint/issues/437 (77bc7)
• Include nitro unimport to globals as well, close #​461  -  by @​antfu in https://github.com/nuxt/eslint/issues/461 (533fa)
• Add public folder to default ignore, close #​453  -  by @​antfu in https://github.com/nuxt/eslint/issues/453 (b0e3e)
• Add server components to single root list, fix #​457  -  by @​antfu and kingyue737 in https://github.com/nuxt/eslint/issues/457 (6e232)

    View changes on GitHub

antfu/bumpp (bumpp)

v9.6.1

Compare Source

   🚀 Features

• Improve commit printing  -  by @​antfu (aaad5)

    View changes on GitHub

v9.6.0

Compare Source

   🚀 Features

• Print recent commits since last tag  -  by @​antfu (0e377)

   🐞 Bug Fixes

• The recursive option is not working in the bump.config.ts file  -  by @​gz65555 in https://github.com/antfu-collective/bumpp/issues/42 (4fda6)
• Improve printed commit messages  -  by @​antfu (2e634)

    View changes on GitHub

typicode/husky (husky)

v9.1.6

Compare Source

v9.1.5

Compare Source

v9.1.4

Compare Source

v9.1.3

Compare Source

• fix: better handle space in PATH

v9.1.2

Compare Source

v9.1.1

Compare Source

v9.1.0

Compare Source

Super saiyan god dog! It's over 9.0.0!

There's a bug with this release which prevents the deprecation notice to appear and requires to remove #!/usr/bin/env sh and . "$(dirname -- "$0")/_/husky.sh" (which are deprecated by the way). I'll publish a new version to fix that. Sorry about any inconvenience.

What's new

You can now run package commands directly, no need for npx or equivalents.
It makes writing hooks more intuitive and is also slightly faster 🐺⚡️

### .husky/pre-commit
- npx jest
+ jest # ~0.2s faster

A new recipe has been added to the docs. Lint staged files without external dependencies (inspired by Prettier docs). Feel free to modify it.

### .husky/pre-commit
prettier $(git diff --cached --name-only --diff-filter=ACMR | sed 's| |\\ |g') --write --ignore-unknown
git update-index --again

For more advanced use cases, see lint-staged.

Fixes

• bunx husky init command
• Workaround for some hooks implementation on Windows 🤷

Deprecations

• Remove #!/usr/bin/env sh and . "$(dirname -- "$0")/_/husky.sh" from your hooks
• Move your code from ~/.huskyrc to .config/husky/init.sh

Support for these will be removed in v10, notices have been added.

Friendly reminder

If Git hooks don't fit your workflow, you can disable Husky globally. Just add export HUSKY=0 to .config/husky/init.sh.

I've seen some confusion about this on X, so just a heads-up!

Sponsoring

Husky is downloaded over 45M times per month and used by ~1.5M projects. If your company wants to sponsor, you can do so here: GitHub Sponsors.

Have a nice summer ☀️ I'm open to new opportunities/consulting so feel free to drop me a message 😉

lint-staged/lint-staged (lint-staged)

v15.2.10

Compare Source

Patch Changes

• #​1471 e3f283b Thanks @​iiroj! - Update minor dependencies, including micromatch@~4.0.8.

nodejs/node (node)

v20.18.0: 2024-10-03, Version 20.18.0 'Iron' (LTS), @​targos

Notable Changes

Experimental Network Inspection Support in Node.js

This update introduces the initial support for network inspection in Node.js.
Currently, this is an experimental feature, so you need to enable it using the --experimental-network-inspection flag.
With this feature enabled, you can inspect network activities occurring within a JavaScript application.

To use network inspection, start your Node.js application with the following command:

$ node --inspect-wait --experimental-network-inspection index.js

Please note that the network inspection capabilities are in active development.
We are actively working on enhancing this feature and will continue to expand its functionality in future updates.

• Network inspection is limited to the http and https modules only.
• The Network tab in Chrome DevTools will not be available until the
  feature request on the Chrome DevTools side is addressed.

Contributed by Kohei Ueno in #​53593 and #​54246

Exposes X509_V_FLAG_PARTIAL_CHAIN to tls.createSecureContext

This releases introduces a new option to the API tls.createSecureContext. From
now on, tls.createSecureContext({ allowPartialTrustChain: true }) can be used
to treat intermediate (non-self-signed) certificates in the trust CA certificate
list as trusted.

Contributed by Anna Henningsen in #​54790

New option for vm.createContext() to create a context with a freezable globalThis

Node.js implements a flavor of vm.createContext() and friends that creates a context without contextifying its global
object when vm.constants.DONT_CONTEXTIFY is used. This is suitable when users want to freeze the context
(impossible when the global is contextified i.e. has interceptors installed) or speed up the global access if they
don't need the interceptor behavior.

Contributed by Joyee Cheung in #​54394

Deprecations

• [64aa31f6e5] - repl: doc-deprecate instantiating node:repl classes without new (Aviv Keller) #​54842
• [4c52ee3d7f] - zlib: deprecate instantiating classes without new (Yagiz Nizipli) #​54708

Other Notable Changes

• [b80da2f964] - buffer: optimize createFromString (Robert Nagy) #​54324
• [02b36cbd2d] - (SEMVER-MINOR) lib: add EventSource Client (Aras Abbasi) #​51575
• [879546a9bf] - (SEMVER-MINOR) src,lib: add performance.uvMetricsInfo (Rafael Gonzaga) #​54413
• [f789f4c92d] - (SEMVER-MINOR) test_runner: support module mocking (Colin Ihrig) #​52848
• [4eb0749b6c] - (SEMVER-MINOR) url: implement parse method for safer URL parsing (Ali Hassan) #​52280

Commits

• [013c48f0e9] - benchmark: --no-warnings to avoid DEP/ExpWarn log (Rafael Gonzaga) #​54928
• [194fc113ac] - benchmark: add buffer.isAscii benchmark (RafaelGSS) #​54740
• [7410d51cb9] - benchmark: add buffer.isUtf8 bench (RafaelGSS) #​54740
• [2393f21e8a] - benchmark: add access async version to bench (Rafael Gonzaga) #​54747
• [b8779721f0] - benchmark: enhance dc publish benchmark (Rafael Gonzaga) #​54745
• [4078aa83ff] - benchmark: add match and doesNotMatch bench (RafaelGSS) #​54734
• [66acab9976] - benchmark: add rejects and doesNotReject bench (RafaelGSS) #​54734
• [6db777fb3a] - benchmark: add throws and doesNotThrow bench (RafaelGSS) #​54734
• [8f101560ce] - benchmark: add strictEqual and notStrictEqual bench (RafaelGSS) #​54734
• [2c9e4c936e] - benchmark: adds groups to better separate benchmarks (Giovanni Bucci) #​54393
• [671c3ac633] - benchmark: fix benchmark for file path and URL conversion (Early Riser) #​54190
• [8c8708cb5b] - benchmark: use assert.ok searchparams (Rafael Gonzaga) #​54334
• [8b71fa79e2] - benchmark: add stream.compose benchmark (jakecastelli) #​54308
• [93ee36e3a0] - benchmark: rename count to n (Rafael Gonzaga) #​54271
• [f2971b6f0b] - benchmark: change assert() to assert.ok() (Rafael Gonzaga) #​54254
• [f48f2c212c] - benchmark: support --help in CLI (Aviv Keller) #​53358
• [0309b0520b] - benchmark: remove force option as force defaults to true (Yelim Koo) #​54203
• [b6e8305b2d] - benchmark: use assert.ok instead of assert (Rafael Gonzaga) #​54176
• [90c660d26a] - benchmark: add require-esm benchmark (Joyee Cheung) #​52166
• [1b8584b52e] - benchmark,doc: add CPU scaling governor to perf (Rafael Gonzaga) #​54723
• [0b9161b330] - benchmark,doc: mention bar.R to the list of scripts (Rafael Gonzaga) #​54722
• [84bf93b7ea] - buffer: allow invalid encoding in from (Robert Nagy) #​54533
• [d04246a0d7] - buffer: optimize byteLength for common encodings (Robert Nagy) #​54342
• [f36831f694] - buffer: optimize createFromString (Robert Nagy) #​54324
• [f5f40c8088] - buffer: optimize for common encodings (Robert Nagy) #​54319
• [76c37703be] - buffer: add JSDoc to blob bytes method (Roberto Simonini) #​54117
• [3012d31404] - buffer: use faster integer argument check (Robert Nagy) #​54089
• [3505782801] - buffer: make indexOf(byte) faster (Tobias Nießen) #​53455
• [d285fc1f68] - build: upgrade clang-format to v18 (Aviv Keller) #​53957
• [d288ec3b0a] - build: fix conflicting V8 object print flags (Daeyeon Jeong) #​54785
• [e862eecac9] - build: do not build with code cache for core coverage collection (Joyee Cheung) #​54633
• [f7a606eb96] - build: turn off -Wrestrict (Richard Lau) #​54737
• [71ca2665e4] - build: reclaim disk space on macOS GHA runner (jakecastelli) #​54658
• [82d8051c39] - build: don't clean obj.target directory if it doesn't exist (Joyee Cheung) #​54337
• [6e550b1f26] - build: update ruff to 0.5.2 (Aviv Keller) #​53909
• [e2ea7b26d7] - build: fix ./configure --help format error (Zhenwei Jin) #​53066
• [eb2402d569] - build: enable building with shared uvwasi lib (Pooja D P) #​43987
• [45732314d4] - build: sync V8 warning cflags with BUILD.gn (Michaël Zasso) #​52873
• [6e0a2bb54c] - build: harmonize Clang checks (Michaël Zasso) #​52873
• [3f78d4eb28] - cli: add --expose-gc flag available to NODE_OPTIONS (Juan José) #​53078
• [a110409b2a] - console: use validateOneOf for colorMode validation (HEESEUNG) #​54245
• [231ab788ea] - crypto: reject dh,x25519,x448 in {Sign,Verify}Final (Huáng Jùnliàng) #​53774
• [a5984e4570] - crypto: return a clearer error when loading an unsupported pkcs12 (Tim Perry) #​54485
• [f287cd77bd] - crypto: remove unused kHashTypes internal (Antoine du Hamel) #​54627
• [1fc904f8c4] - deps: update cjs-module-lexer to 1.4.1 (Node.js GitHub Bot) #​54846
• [95b55c39b1] - deps: update simdutf to 5.5.0 (Node.js GitHub Bot) #​54434
• [cf6ded5dd3] - deps: update cjs-module-lexer to 1.4.0 (Node.js GitHub Bot) #​54713
• [7f8edce3f1] - deps: update c-ares to v1.33.1 (Node.js GitHub Bot) #​54549
• [9a4a7b7ecc] - deps: update undici to 6.19.8 (Node.js GitHub Bot) #​54456
• [87ca1d7fee] - deps: update simdutf to 5.3.4 (Node.js GitHub Bot) #​54312
• [d3a743f182] - deps: update zlib to 1.3.0.1-motley-71660e1 (Node.js GitHub Bot) #​53464
• [926981aa9f] - deps: update zlib to 1.3.0.1-motley-c2469fd (Node.js GitHub Bot) #​53464
• [654c8d1fdc] - deps: update zlib to 1.3.0.1-motley-68e57e6 (Node.js GitHub Bot) #​53464
• [2477e79172] - deps: update zlib to 1.3.0.1-motley-8b7eff8 (Node.js GitHub Bot) #​53464
• [3d8113faf5] - deps: update zlib to 1.3.0.1-motley-e432200 (Node.js GitHub Bot) #​53464
• [ac294e3db4] - deps: update zlib to 1.3.0.1-motley-887bb57 (Node.js GitHub Bot) #​53464
• [239588b968] - deps: update c-ares to v1.33.0 (Node.js GitHub Bot) #​54198
• [6e7de37ed3] - deps: update undici to 6.19.7 (Node.js GitHub Bot) #​54286
• [38aa9d6ea9] - deps: update acorn to 8.12.1 (Node.js GitHub Bot) #​53465
• [d30145f663] - deps: update undici to 6.19.5 (Node.js GitHub Bot) #​54076
• [c169d9c12b] - deps: update simdutf to 5.3.1 (Node.js GitHub Bot) #​54196
• [92f3447957] - doc: add missing EventSource docs to globals (Matthew Aitken) #​55022
• [2879ce9681] - doc: fix broken Android building link (Niklas Wenzel) #​54922
• [096623b59a] - doc: add support link for aduh95 (Antoine du Hamel) #​54866
• [1dfd238781] - doc: run license-builder (github-actions[bot]) #​54854
• [a6c748fffb] - doc: experimental flag for global accessible APIs (Chengzhong Wu) #​54330
• [d48a22fa14] - doc: add ERR_INVALID_ADDRESS to errors.md (Aviv Keller) #​54661
• [4a840cecfa] - doc: add support link for mcollina (Matteo Collina) #​54786
• [ec22d86512] - doc: mark --conditions CLI flag as stable (Guy Bedford) #​54209
• [77c702ca07] - doc: fix typo in recognizing-contributors (Tobias Nießen) #​54822
• [62953ef9fb] - doc: clarify --max-old-space-size and --max-semi-space-size units (Alexandre ABRIOUX) #​54477
• [e2bab0f2b2] - doc: replace --allow-fs-read by --allow-fs-write in related section (M1CK431) #​54427
• [9cbfd5b33a] - doc: add support link for marco-ippolito (Marco Ippolito) #​54789
• [53167b29ef] - doc: fix typo (Michael Dawson) #​54640
• [87f78a35f7] - doc: fix webcrypto.md AES-GCM backticks (Filip Skokan) #​54621
• [7c83c15221] - doc: add documentation about os.tmpdir() overrides (Joyee Cheung) #​54613
• [4bfd832d70] - doc: add support me link for anonrig (Yagiz Nizipli) #​54611
• [22a103e5ec] - doc: add alert on REPL from TCP socket (Rafael Gonzaga) #​54594
• [b6374c24e1] - doc: fix typo in styleText description (Rafael Gonzaga) #​54616
• [2f5b98ee1f] - doc: add getHeapStatistics() property descriptions (Benji Marinacci) #​54584
• [482302b99b] - doc: fix information about including coverage files (Aviv Keller) #​54527
• [b3708e7df4] - doc: support collaborators - talk amplification (Michael Dawson) #​54508
• [c86fe23012] - doc: add note about shasum generation failure (Marco Ippolito) #​54487
• [d53e6cf755] - doc: fix capitalization in module.md (shallow-beach) #​54488
• [cdc6713f18] - doc: add esm examples to node:https (Alfredo González) #​54399
• [1ac1fe4e65] - doc: fix error description of the max header size (Egawa Ryo) #​54125
• [244542b720] - doc: add git node security --cleanup (Rafael Gonzaga) #​54381
• [69fb71f54c] - doc: add note on weakness of permission model (Tobias Nießen) #​54268
• [83b2cb908b] - doc: add versions when --watch-preserve-output was added (Théo LUDWIG) #​54328
• [460fb49483] - doc: replace v19 mention in Current release (Rafael Gonzaga) #​54361
• [994b46a160] - doc: correct peformance entry types (Jason Zhang) #​54263
• [f142e668cb] - doc: fix typo in method name in the sea doc (Eliyah Sundström) #​54027
• [9529a30dba] - doc: mark process.nextTick legacy (Marco Ippolito) #​51280
• [7e25fabb91] - doc: add esm examples to node:http2 (Alfredo González) #​54292
• [6a4f05e384] - doc: explicitly mention node:fs module restriction (Rafael Gonzaga) #​54269
• [53f5c54997] - doc: warn for windows build bug (Jason Zhang) #​54217
• [07bde054f3] - doc: make some parameters optional in tracingChannel.traceCallback (Deokjin Kim) #​54068
• [62bf03b5f1] - doc: add esm examples to node:dns (Alfredo González) #​54172
• [fb2b19184b] - doc: add KevinEady as a triager (Chengzhong Wu) #​54179
• [24976bfba0] - doc: add esm examples to node:console (Alfredo González) #​54108
• [4e7edc40f7] - doc: fix sea assets example (Sadzurami) #​54192
• [322b5d91e1] - doc: add links to security steward companies (Aviv Keller) #​52981
• [6ab271510e] - doc: move onread option from socket.connect() to new net.socket() (sendoru) #​54194
• [39c30ea08f] - doc: move release key for Myles Borins (Richard Lau) #​54059
• [e9fc54804a] - doc: refresh instructions for building node from source (Liran Tal) #​53768
• [f131dc625a] - doc: add documentation for blob.bytes() method (jaexxin) #​54114
• [8d41bb900b] - doc: add missing new lines to custom test reporter examples (Eddie Abbondanzio) #​54152
• [2acaeaba77] - doc: update list of Triagers on the README.md (Antoine du Hamel) #​54138
• [fff8eb2792] - doc: expand troubleshooting section (Liran Tal) #​53808
• [402121520f] - doc: clarify useCodeCache setting for cross-platform SEA generation (Yelim Koo) #​53994
• [272484b8b2] - doc: test for cli options (Aras Abbasi) #​51623
• [c4d0ca4710] - doc, build: fixup build docs (Aviv Keller) #​54899
• [2e3e17748b] - doc, child_process: add esm snippets (Aviv Keller) #​53616
• [c40b4b4f27] - doc, meta: fix broken link in onboarding.md (Aviv Keller) #​54886
• [beff587b94] - doc, meta: add missing , to BUILDING.md (Aviv Keller) #​54409
• [c114585430] - doc, meta: replace command with link to keys (Aviv Keller) #​53745
• [0843077a99] - doc, test: simplify test README table (Aviv Keller) #​53971
• [2df7bc0e32] - doc,tools: enforce use of node: prefix (Antoine du Hamel) #​53950
• [0dd4639391] - esm: fix support for URL instances in import.meta.resolve (Antoine du Hamel) #​54690
• [f0c55e206d] - fs: refactor rimraf to avoid using primordials (Yagiz Nizipli) #​54834
• [f568384bbd] - fs: refactor handleTimestampsAndMode to remove redundant call (HEESEUNG) #​54369
• [2fb7cc9715] - fs: fix typings (Yagiz Nizipli) #​53626
• [596940cfa0] - http: reduce likelihood of race conditions on keep-alive timeout (jazelly) #​54863
• [6e13a7ba02] - http: remove prototype primordials (Antoine du Hamel) #​53698
• [99f96eb3f7] - http2: remove prototype primordials (Antoine du Hamel) #​53696
• [41f5eacc1a] - https: only use default ALPNProtocols when appropriate (Brian White) #​54411
• [59a39520e1] - (SEMVER-MINOR) inspector: support Network.loadingFailed event (Kohei Ueno) #​54246
• [d1007fb1a9] - inspector: provide detailed info to fix DevTools frontend errors (Kohei Ueno) #​54156
• [3b93507949] - (SEMVER-MINOR) inspector: add initial support for network inspection (Kohei Ueno) #​53593
• [fc37b801c8] - lib: remove unnecessary async (jakecastelli) #​54829
• [d86f24787b] - lib: make WeakRef safe in abort_controller (jazelly) #​54791
• [77c59224e5] - lib: add note about removing node:sys module (Rafael Gonzaga) #​54743
• [b8c06dce02] - lib: ensure no holey array in fixed_queue (Jason Zhang) #​54537
• [b85c8ce1fc] - lib: refactor SubtleCrypto experimental warnings (Filip Skokan) #​54620
• [e84812c1b5] - lib: respect terminal capabilities on styleText (Rafael Gonzaga) #​54389
• [c004abaf17] - lib: replace spread operator with primordials function (YoonSoo_Shin) #​54053
• [b79aeabc4d] - lib: avoid for of loop and remove unnecessary variable in zlib (YoonSoo_Shin) #​54258
• [f4085363c6] - lib: fix unhandled errors in webstream adapters (Fedor Indutny) #​54206
• [1ad857e748] - lib: fix typos in comments within internal/streams (YoonSoo_Shin) #​54093
• [02b36cbd2d] - (SEMVER-MINOR) lib: add EventSource Client (Aras Abbasi) #​51575
• [afbf2c0530] - lib,permission: support Buffer to permission.has (Rafael Gonzaga) #​54104
• [54af47395d] - meta: bump peter-evans/create-pull-request from 6.1.0 to 7.0.1 (dependabot[bot]) #​54820
• [a0c10f2ed9] - meta: add Windows ARM64 to flaky-tests list (Aviv Keller) #​54693
• [27b06880e1] - meta: bump actions/setup-python from 5.1.1 to 5.2.0 (Rich Trott) #​54691
• [8747af1037] - meta: update sccache to v0.8.1 (Aviv Keller) #​54720
• [3f753d87a6] - meta: bump step-security/harden-runner from 2.9.0 to 2.9.1 (dependabot[bot]) #​54704
• [6f103ae25d] - meta: bump actions/upload-artifact from 4.3.4 to 4.4.0 (dependabot[bot]) #​54703
• [3e6a9bb04e] - meta: bump github/codeql-action from 3.25.15 to 3.26.6 (dependabot[bot]) #​54702
• [c666ebc4e4] - meta: fix links in SECURITY.md (Aviv Keller) #​54696
• [4d361b3bed] - meta: fix contributing codeowners (Aviv Keller) #​54641
• [36931aa183] - meta: remind users to use a supported version in bug reports (Aviv Keller) #​54481
• [cf283d9ca7] - meta: run coverage-windows when vcbuild.bat updated (Aviv Keller) #​54412
• [67ca397c9f] - meta: add test-permission-* CODEOWNERS (Rafael Gonzaga) #​54267
• [b61a2f5b79] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #​54210
• [dd8ab83667] - meta: add module label for the lib/internal/modules folder (Aviv Keller) #​52858
• [db78978d17] - meta: bump actions/upload-artifact from 4.3.3 to 4.3.4 (dependabot[bot]) #​54166
• [ca808dd9e5] - meta: bump actions/download-artifact from 4.1.7 to 4.1.8 (dependabot[bot]) #​54167
• [a35d980146] - meta: bump actions/setup-python from 5.1.0 to 5.1.1 (dependabot[bot]) #​54165
• [3a103c3a17] - meta: bump step-security/harden-runner from 2.8.1 to 2.9.0 (dependabot[bot]) #​54169
• [775ebbe0e8] - meta: bump actions/setup-node from 4.0.2 to 4.0.3 (dependabot[bot]) #​54170
• [7d5dd6f1d1] - meta: bump github/codeql-action from 3.25.11 to 3.25.15 (dependabot[bot]) #​54168
• [80dd38dde3] - meta: bump ossf/scorecard-action from 2.3.3 to 2.4.0 (dependabot[bot]) #​54171
• [90b632ee02] - module: warn on detection in

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - "before 4am on Monday" (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@nuxt/eslint-config@0.5.7	Transitive: environment, filesystem, unsafe	+157	25.6 MB	antfu
npm/@types/node@20.16.10	None	0	2.21 MB	types
npm/bumpp@9.6.1	environment, filesystem, unsafe Transitive: network, shell	+81	7.29 MB	antfu
npm/husky@9.1.6	environment, filesystem, shell	0	4.03 kB	typicode
npm/lint-staged@15.2.10	Transitive: environment, filesystem, shell	+52	1.56 MB	okonet
npm/playwright@1.47.2	None	+1	10.6 MB	dgozman, dgozman-ms, pavelfeldman, ...1 more

🚮 Removed packages: npm/@nuxt/eslint-config@0.3.13, npm/@types/node@20.12.7, npm/bumpp@9.5.2, npm/husky@9.0.11, npm/lint-staged@15.2.9, npm/playwright@1.45.3, npm/typescript@5.3.3

View full report↗︎