chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/hash-sum (source)	^1.0.0 -> ^1.0.1
@types/node (source)	^18.18.5 -> ^18.18.6
marked (source)	^9.1.1 -> ^9.1.2
pnpm (source)	8.7.6 -> 8.9.2
rimraf	^5.0.1 -> ^5.0.5
sass	^1.67.0 -> ^1.69.4
tsx	^3.12.10 -> ^3.14.0

---

Release Notes

markedjs/marked (marked)

v9.1.2

Compare Source

Bug Fixes

• trim newline from blockquote token.text (#​3037) (92033e5)

pnpm/pnpm (pnpm)

v8.9.2

Compare Source

Patch Changes

• Don't use reflink on Windows #​7186.
• Do not run node-gyp rebuild if preinstall lifecycle script is present #​7206.

Our Gold Sponsors

Our Silver Sponsors

v8.9.1

Compare Source

Patch Changes

• Optimize selection result output of pnpm update --interactive 7109
• When shared-workspace-lockfile is set to false, read the pnpm settings from package.json files that are nested. This was broken in pnpm v8.9.0 #​7184.
• Fix file cloning to node_modules on Windows Dev Drives #​7186. This is a fix to a regression that was shipped with v8.9.0.
• pnpm dlx should ignore any settings that are in a package.json file found in the current working directory #​7198.

Our Gold Sponsors

Our Silver Sponsors

v8.9.0

Compare Source

Minor Changes

• 🚀Performance improvement: Use reflinks instead of hard links by default on macOS and Windows Dev Drives #​5001.

• The list of packages that are allowed to run installation scripts now may be provided in a separate configuration file. The path to the file should be specified via the pnpm.onlyBuiltDependenciesFile field in package.json. For instance:

  {
    "dependencies": {
      "@​my-org/policy": "1.0.0"
    }
    "pnpm": {
      "onlyBuiltDependenciesFile": "node_modules/@​my-org/policy/allow-build.json"
    }
  }

  In the example above, the list is loaded from a dependency. The JSON file with the list should contain an array of package names. For instance:

  ["esbuild", "@​reflink/reflink"]

  With the above list, only esbuild and @reflink/reflink will be allowed to run scripts during installation.

  Related issue: #​7137.

• Add disallow-workspace-cycles option to error instead of warn about cyclic dependencies

• Allow env rm to remove multiple node versions at once, and introduce env add for installing node versions without setting as default #​7155.

Patch Changes

• Fix memory error in pnpm why when the dependencies tree is too big, the command will now prune the tree to just 10 end leafs and now supports --depth argument #​7122.
• Use neverBuiltDependencies and onlyBuiltDependencies from the root package.json of the workspace, when shared-workspace-lockfile is set to false #​7141.
• Optimize peers resolution to avoid out-of-memory exceptions in some rare cases, when there are too many circular dependencies and peer dependencies #​7149.
• Instead of pnpm.overrides replacing resolutions, the two are now merged. This is intended to make it easier to migrate from Yarn by allowing one to keep using resolutions for Yarn, but adding additional changes just for pnpm using pnpm.overrides.

Our Gold Sponsors

Our Silver Sponsors

v8.8.0

Compare Source

Minor Changes

• Add --reporter-hide-prefix option for run command to hide project name as prefix for lifecycle log outputs of running scripts #​7061.

Patch Changes

• Pass through the --ignore-scripts command to install, when running pnpm dedupe --ignore-scripts #​7102.
• Throw meaningful error for config sub commands#​7106.
• When the node-linker is set to hoisted, the package.json files of the existing dependencies inside node_modules will be checked to verify their actual versions. The data in the node_modules/.modules.yaml and node_modules/.pnpm/lock.yaml may not be fully reliable, as an installation may fail after changes to dependencies were made but before those state files were updated #​7107.
• Don't update git-hosted dependencies when adding an unrelated dependency #​7008.

Our Gold Sponsors

Our Silver Sponsors

isaacs/rimraf (rimraf)

v5.0.5

Compare Source

v5.0.4

Compare Source

v5.0.3

Compare Source

v5.0.2

Compare Source

sass/dart-sass (sass)

v1.69.4

Compare Source

• No user-visible changes.

v1.69.3

Compare Source

Embedded Sass

• Fix TypeScript type locations in package.json.

v1.69.2

Compare Source

JS API

• Fix a bug where Sass crashed when running in the browser if there was a global
  variable named process.

v1.69.1

Compare Source

• No user-visible changes.

v1.69.0

Compare Source

• Add a meta.get-mixin() function that returns a mixin as a first-class Sass
  value.

• Add a meta.apply() mixin that includes a mixin value.

• Add a meta.module-mixins() function which returns a map from mixin names in
  a module to the first-class mixins that belong to those names.

• Add a meta.accepts-content() function which returns whether or not a mixin
  value can take a content block.

• Add support for the relative color syntax from CSS Color 5. This syntax
  cannot be used to create Sass color values. It is always emitted as-is in the
  CSS output.

Dart API

• Deprecate Deprecation.calcInterp since it was never actually emitted as a
  deprecation.

Embedded Sass

• Fix a rare race condition where the embedded compiler could freeze when a
  protocol error was immediately followed by another request.

v1.68.0

Compare Source

• Fix the source spans associated with the abs-percent deprecation.

JS API

• Non-filesystem importers can now set the nonCanonicalScheme field, which
  declares that one or more URL schemes (without :) will never be used for
  URLs returned by the canonicalize() method.

• Add a containingUrl field to the canonicalize() and findFileUrl()
  methods of importers, which is set to the canonical URL of the stylesheet that
  contains the current load. For filesystem importers, this is always set; for
  other importers, it's set only if the current load has no URL scheme, or if
  its URL scheme is declared as non-canonical by the importer.

Dart API

• Add AsyncImporter.isNonCanonicalScheme, which importers (async or sync) can
  use to indicate that a certain URL scheme will never be used for URLs returned
  by the canonicalize() method.

• Add AsyncImporter.containingUrl, which is set during calls to the
  canonicalize() method to the canonical URL of the stylesheet that contains
  the current load. This is set only if the current load has no URL scheme, or
  if its URL scheme is declared as non-canonical by the importer.

Embedded Sass

• The CalculationValue.interpolation field is deprecated and will be removed
  in a future version. It will no longer be set by the compiler, and if the host
  sets it it will be treated as equivalent to CalculationValue.string except
  that "(" and ")" will be added to the beginning and end of the string
  values.

• Properly include TypeScript types in the sass-embedded package.

esbuild-kit/tsx (tsx)

v3.14.0

Compare Source

Bug Fixes

• cache: scope cache directory to user (#​332) (7e916f5)

Features

• support Node v20.6.0 module.register() & --import flag (#​337) (23e4694)

---

This release is also available on:

• npm package (@​latest dist-tag)

v3.13.0

Compare Source

Features

• esm & cjs loaders (#​320) (e46366d)

---

This release is also available on:

• npm package (@​latest dist-tag)

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

Size Report

Bundles

File	Size	Gzip	Brotli
runtime-dom.global.prod.js	85.9 kB	32.6 kB	29.5 kB
vue.global.prod.js	132 kB	49.3 kB	44.4 kB

Usages

Name	Size	Gzip	Brotli
createApp	47.9 kB	18.8 kB	17.2 kB
createSSRApp	50.6 kB	19.9 kB	18.2 kB
defineCustomElement	50.3 kB	19.6 kB	17.9 kB
overall	61.2 kB	23.7 kB	21.6 kB

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Ignored Deployment

Name	Status	Preview	Updated (UTC)
sfc-playground	⬜️ Ignored (Inspect)		Oct 2, 2023 10:53pm

[netlify]

❌ Deploy Preview for vue-sfc-playground failed.

Name	Link
🔨 Latest commit	f18555b
🔍 Latest deploy log	https://app.netlify.com/sites/vue-sfc-playground/deploys/6531e8c407dbe10008c9a2e9