chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@preact/preset-vite	^2.9.0 -> ^2.9.1					devDependencies	patch
@shikijs/vitepress-twoslash (source)	^1.16.2 -> ^1.17.7					devDependencies	minor
@types/react (source)	^18.3.5 -> ^18.3.6					devDependencies	patch
@types/stylus (source)	^0.48.42 -> ^0.48.43					devDependencies	patch
@vue/shared (source)	^3.5.3 -> ^3.5.6					dependencies	patch
eslint-plugin-react	^7.35.2 -> ^7.36.1					devDependencies	minor
eslint-plugin-react-refresh	^0.4.11 -> ^0.4.12					devDependencies	patch
execa	^9.3.1 -> ^9.4.0					devDependencies	minor
express (source)	^4.19.2 -> ^4.21.0					devDependencies	minor
express (source)	^4.19.2 -> ^4.21.0					dependencies	minor
lightningcss	^1.26.0 -> ^1.27.0					devDependencies	minor
miniflare (source)	^3.20240821.1 -> ^3.20240909.2					devDependencies	minor
playwright-chromium (source)	^1.47.0 -> ^1.47.1					devDependencies	patch
pnpm (source)	9.9.0 -> 9.10.0					packageManager	minor
postcss (source)	^8.4.45 -> ^8.4.47					dependencies	patch
preact (source)	^10.23.2 -> ^10.24.0					dependencies	minor
svelte-check	^4.0.1 -> ^4.0.2					devDependencies	patch
tailwindcss (source)	^3.4.10 -> ^3.4.11					dependencies	patch
tailwindcss (source)	^3.4.10 -> ^3.4.11					devDependencies	patch
terser (source)	^5.31.6 -> ^5.32.0					devDependencies	minor
tj-actions/changed-files	v45.0.1 -> v45.0.2					action	patch
tsx (source)	^4.19.0 -> ^4.19.1					devDependencies	patch
typescript-eslint (source)	^8.4.0 -> ^8.6.0					devDependencies	minor
vite (source)	^5.4.3 -> ^5.4.6					devDependencies	patch
vitest (source)	^2.0.5 -> ^2.1.1					devDependencies	minor
vue (source)	^3.5.3 -> ^3.5.6					dependencies	patch
vue (source)	^3.5.3 -> ^3.5.6					devDependencies	patch
vue-router	^4.4.3 -> ^4.4.5					dependencies	patch

---

Release Notes

preactjs/preset-vite (@​preact/preset-vite)

v2.9.1

Compare Source

Bug Fixes

• fix: Ensure preact is optimized by Vite by @​rschristian in https://github.com/preactjs/preset-vite/pull/137
• fix: Support empty string returns in prerenderer by @​rschristian in https://github.com/preactjs/preset-vite/pull/139
• fix: Prerender data API by @​rschristian in https://github.com/preactjs/preset-vite/pull/141
• fix: unable to find TS types under ESM by @​marvinhagemeister in https://github.com/preactjs/preset-vite/pull/142
• fix: Provide original, unpatched fetch impl on globalThis by @​rschristian in https://github.com/preactjs/preset-vite/pull/140

Maintenance

• chore: Fix "repository" field in pkg.json by @​rschristian in https://github.com/preactjs/preset-vite/pull/135
• chore: Remove unused resolve dependency by @​bluwy in https://github.com/preactjs/preset-vite/pull/136

New Contributors

• @​bluwy made their first contribution in https://github.com/preactjs/preset-vite/pull/136

Full Changelog: preactjs/preset-vite@2.9.0...2.9.1

shikijs/shiki (@​shikijs/vitepress-twoslash)

v1.17.7

Compare Source

   🚀 Features

• Allow customize tabindex, close #​778  -  by @​antfu in https://github.com/shikijs/shiki/issues/778 (52b05)
• Update grammar  -  by @​antfu (a560b)

    View changes on GitHub

v1.17.6

Compare Source

   🚀 Features

• engine-js:
  • Improve js engine by replacing hard-coded recursive reference  -  by @​antfu (b3d49)
  • Improve js engine handling for markdown  -  by @​antfu (b05d8)

   🐞 Bug Fixes

• Missing named exports for shiki/wasm and @shikijs/wasm-inlined  -  by @​antfu (3f226)

    View changes on GitHub

v1.17.5

Compare Source

   🚀 Features

• Update grammars  -  by @​antfu (b61e4)
• engine-js:
  • Supports contiguous anchor simulation  -  by @​antfu (43ecc)
  • Introduce simulation option  -  by @​antfu (adf99)

    View changes on GitHub

v1.17.4

Compare Source

No significant changes

    View changes on GitHub

v1.17.0

Compare Source

Refactor the monorepo and separate engines into each own package.

    View changes on GitHub

v1.16.3

Compare Source

   🚀 Features

• Make createCssVariablesTheme no longer experimental  -  by @​antfu (ac10b)
• Use regex to enhance js engine support  -  by @​antfu in https://github.com/shikijs/shiki/issues/762 (ed362)

    View changes on GitHub

vuejs/core (@​vue/shared)

v3.5.6

Compare Source

Bug Fixes

• compile-dom: should be able to stringify mathML (#​11891) (85c138c)
• compiler-sfc: preserve old behavior when using withDefaults with desutructure (8492c3c), closes #​11930
• reactivity: avoid exponential perf cost and reduce call stack depth for deeply chained computeds (#​11944) (c74bb8c), closes #​11928
• reactivity: rely on dirty check only when computed has deps (#​11931) (aa5dafd), closes #​11929
• watch: once option should be ignored by watchEffect (#​11884) (49fa673)
• watch: unwatch should be callable during SSR (#​11925) (2d6adf7), closes #​11924

v3.5.5

Compare Source

Bug Fixes

• compiler-core: fix handling of delimiterOpen in VPre (#​11915) (706d4ac), closes #​11913
• compiler-dom: fix stringify static edge for partially eligible chunks in cached parent (1d99d61), closes #​11879 #​11890
• compiler-dom: should ignore leading newline in <textarea> per spec (3c4bf76)
• compiler-sfc: nested css supports atrule and comment (#​11899) (0e7bc71), closes #​11896
• custom-element: handle nested customElement mount w/ shadowRoot false (#​11861) (f2d8019), closes #​11851 #​11871
• hmr: reload async child wrapped in Suspense + KeepAlive (#​11907) (10a2c60), closes #​11868
• hydration: fix mismatch of leading newline in <textarea> and <pre> (a5f3c2e), closes #​11873 #​11874
• reactivity: properly clean up deps, fix memory leak (8ea5d6d), closes #​11901
• runtime-core: properly update async component nested in KeepAlive (#​11917) (7fe6c79), closes #​11916
• TransitionGroup: not warn unkeyed text children with whitespece preserve (#​11888) (7571f20), closes #​11885

v3.5.4

Compare Source

Bug Fixes

• compiler-sfc: correct scoped injection for nesting selector (#​11854) (b1de75e), closes #​10567
• reactivity: fix markRaw error on already marked object (#​11864) (67d6596), closes #​11862
• Revert "fix: Revert "fix(reactivity): self-referencing computed should refresh"" (e596378)
• runtime-core: handle shallow reactive arrays in renderList correctly (#​11870) (ced59ab), closes #​11869
• types: correctly infer TypeEmits with both tuple and function syntax (#​11840) (dad6738), closes #​11836

Performance Improvements

• reactivity: trigger deps directly instead of storing in an array first (#​11695) (f80d447)

jsx-eslint/eslint-plugin-react (eslint-plugin-react)

v7.36.1

Compare Source

Fixed

• [no-is-mounted]: fix logic in method name check (#​3821 @​Mathias-S)
• [jsx-no-literals]: Avoid crashing on valueless boolean props (#​3823 @​reosarevok)

v7.36.0

Compare Source

Added

• [no-string-refs]: allow this.refs in > 18.3.0 (#​3807 @​henryqdineen)
• [jsx-no-literals] Add elementOverrides option and the ability to ignore this rule on specific elements (#​3812 @​Pearce-Ropion)
• [forward-ref-uses-ref]: add rule for checking ref parameter is added ([#​3667][] @​NotWoods)

Fixed

• [function-component-definition], [boolean-prop-naming], [jsx-first-prop-new-line], [jsx-props-no-multi-spaces], propTypes: use type args (#​3629 @​HenryBrown0)
• JSX pragma: fail gracefully (#​3632 @​ljharb)
• [jsx-props-no-spreading]: add explicitSpread option to schema (#​3799 @​ljharb)

Changed

• [Tests] add @​typescript-eslint/parser v6 (#​3629 @​HenryBrown0)
• [Tests] add @​typescript-eslint/parser v7 and v8 (#​3629 @​hampustagerud)
• [Docs] [no-danger]: update broken link (#​3817 @​lucasrmendonca)
• [types] add jsdoc type annotations (#​3731 @​y-hsgw)
• [Tests] button-has-type: add test case with spread (#​3731 @​y-hsgw)

ArnaudBarre/eslint-plugin-react-refresh (eslint-plugin-react-refresh)

v0.4.12

Compare Source

• Support type assertion on default export (fixes #​48)
• Add default export to fix usage with jiti (fixes #​50)

sindresorhus/execa (execa)

v9.4.0

Compare Source

expressjs/express (express)

v4.21.0

Compare Source

What's Changed

• Deprecate "back" magic string in redirects by @​blakeembrey in https://github.com/expressjs/express/pull/5935
• finalhandler@1.3.1 by @​wesleytodd in https://github.com/expressjs/express/pull/5954
• fix(deps): serve-static@1.16.2 by @​wesleytodd in https://github.com/expressjs/express/pull/5951
• Upgraded dependency qs to 6.13.0 to match qs in body-parser by @​agadzinski93 in https://github.com/expressjs/express/pull/5946

New Contributors

• @​agadzinski93 made their first contribution in https://github.com/expressjs/express/pull/5946

Full Changelog: expressjs/express@4.20.0...4.21.0

v4.20.0

Compare Source

==========

• deps: serve-static@0.16.0
  • Remove link renderization in html while redirecting
• deps: send@0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

parcel-bundler/lightningcss (lightningcss)

v1.27.0

Compare Source

Added

• Add [content-hash] css module pattern by @​rubberpants in https://github.com/parcel-bundler/lightningcss/pull/802. This includes a hash of the file contents rather than the file path (as [hash] works), which can be used to support multiple versions of the same library simultaneously without conflicts.
• Improve error message for pseudo elements followed by selectors by @​kdy1 in https://github.com/parcel-bundler/lightningcss/pull/797
• Implement pure mode lints for CSS Modules by @​kdy1 in https://github.com/parcel-bundler/lightningcss/pull/796. This option enforces the use of a class or id selector in each rule.

Fixed

• Fix box-shadow combination of oklch and currentColor by @​hi-ogawa in https://github.com/parcel-bundler/lightningcss/pull/801
• Add missing browserslist import in docs.md by @​cpeaustriajc in https://github.com/parcel-bundler/lightningcss/pull/798
• Update broken selectors link in homepage by @​20jasper in https://github.com/parcel-bundler/lightningcss/pull/750
• Make CLI example work with Windows by @​tim-we in https://github.com/parcel-bundler/lightningcss/pull/726
• Update copyright year on main page by @​log101 in https://github.com/parcel-bundler/lightningcss/pull/790
• Update browser compat data - parcel-bundler/lightningcss@54390b4

cloudflare/workers-sdk (miniflare)

v3.20240909.2

Patch Changes

• #​6719 5b5dd95 Thanks @​sdnts! - fix: Respect delivery delays for Queue consumers in local dev mode

v3.20240909.1

Compare Source

Minor Changes

• #​6647 d68e8c9 Thanks @​joshthoward! - feat: Configure SQLite backed Durable Objects in local dev

v3.20240909.0

Compare Source

Patch Changes

• #​6673 3f5b934 Thanks @​dependabot! - chore: update dependencies of "miniflare" package

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20240821.1	1.20240909.0
  @​cloudflare/workers-types	^4.20240821.1	^4.20240909.0

v3.20240821.2

Compare Source

Patch Changes

• #​6627 5936282 Thanks @​GregBrimble! - fix: Fixes max asset count error message to properly report count of assets

• #​6612 6471090 Thanks @​dario-piotrowicz! - fix: add hyperdrive bindings support in getBindings

  Note: the returned binding values are no-op/passthrough that can be used inside node.js, meaning
  that besides direct connections via the connect methods, all the other values point to the
  same db connection specified in the user configuration

microsoft/playwright (playwright-chromium)

v1.47.1

Compare Source

pnpm/pnpm (pnpm)

v9.10.0: pnpm 9.10

Compare Source

Minor Changes

• Support for a new CLI flag, --exclude-peers, added to the list and why commands. When --exclude-peers is used, peer dependencies are not printed in the results, but dependencies of peer dependencies are still scanned #​8506.

• Added a new setting to package.json at pnpm.auditConfig.ignoreGhsas for ignoring vulnerabilities by their GHSA code #​6838.

  For instance:

  {
    "pnpm": {
      "auditConfig": {
        "ignoreGhsas": [
          "GHSA-42xw-2xvc-qx8m",
          "GHSA-4w2v-q235-vp99",
          "GHSA-cph5-m8f7-6c5x",
          "GHSA-vh95-rmgr-6w4m"
        ]
      }
    }
  }

Patch Changes

• Throw an exception if pnpm switches to the same version of itself.
• Reduce memory usage during peer dependencies resolution.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

postcss/postcss (postcss)

v8.4.47

Compare Source

• Removed debug code.

v8.4.46

Compare Source

• Fixed Cannot read properties of undefined (reading 'before').

preactjs/preact (preact)

v10.24.0

[Compare S

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.