chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@eslint/js (source)	^9.12.0 -> ^9.13.0
@rollup/plugin-commonjs (source)	^28.0.0 -> ^28.0.1
@rollup/plugin-dynamic-import-vars (source)	^2.1.3 -> ^2.1.4
@types/lodash (source)	^4.17.10 -> ^4.17.12
@types/node (source)	^20.16.11 -> ^20.16.13
@vitejs/plugin-react (source)	^4.3.2 -> ^4.3.3
acorn	^8.12.1 -> ^8.13.0
eslint (source)	^9.12.0 -> ^9.13.0
eslint-plugin-react-refresh	^0.4.12 -> ^0.4.13
execa	^9.4.0 -> ^9.4.1
miniflare (source)	^3.20241004.0 -> ^3.20241011.0
picocolors	^1.1.0 -> ^1.1.1
pnpm (source)	9.12.1 -> 9.12.2
sass	^1.79.5 -> ^1.80.3
sass-embedded	^1.79.5 -> ^1.80.3
serve	^14.2.3 -> ^14.2.4
stylus	^0.63.0 -> ^0.64.0
tailwindcss (source)	^3.4.13 -> ^3.4.14
terser (source)	^5.34.1 -> ^5.36.0
tslib (source)	^2.7.0 -> ^2.8.0

---

Release Notes

eslint/eslint (@​eslint/js)

v9.13.0

Compare Source

Features

• 381c32b feat: Allow languages to provide defaultLanguageOptions (#​19003) (Milos Djermanovic)
• bf723bd feat: Improve eslintrc warning message (#​19023) (Milos Djermanovic)
• 1def4cd feat: drop support for jiti v1.21 (#​18996) (Francesco Trotta)
• f879be2 feat: export ESLint.defaultConfig (#​18983) (Nitin Kumar)

Bug Fixes

• 78836d4 fix: update the complexity rule type (#​19027) (Nitin Kumar)
• 064c8b6 fix: update rule types (#​18925) (Nitin Kumar)

Documentation

• abdbfa8 docs: mark LintMessage#nodeType as deprecated (#​19019) (Nitin Kumar)
• 19e68d3 docs: update deprecated rules type definitions (#​19018) (Nitin Kumar)
• 7dd402d docs: Update examples of passing multiple values to a CLI option (#​19006) (Milos Djermanovic)
• 5dcbc51 docs: Add example with side-effect imports to no-restricted-imports (#​18997) (Milos Djermanovic)
• 1ee87ca docs: Update README (GitHub Actions Bot)
• 2c3dbdc docs: Use prerendered sponsors for README (#​18988) (Milos Djermanovic)

Chores

• 68d2d9d chore: upgrade to @eslint/[email protected] and @eslint/core@^0.7.0 (#​19034) (Francesco Trotta)
• 2211f0a chore: package.json update for @​eslint/js release (Jenkins)
• c7abaef perf: using Node.js compile cache (#​19012) (唯然)
• 1d7c077 chore: add pkg.type "commonjs" (#​19011) (唯然)
• 468e3bd test: fix ESLint tests (#​19021) (Francesco Trotta)
• ed4635f ci: upgrade [email protected] (#​18992) (Milos Djermanovic)
• efad767 chore: remove unused ignore dependency (#​18993) (Amaresh S M)

rollup/plugins (@​rollup/plugin-commonjs)

v28.0.1

2024-10-16

Updates

• chore: upgrade picomatch (#​1775)

rollup/plugins (@​rollup/plugin-dynamic-import-vars)

v2.1.4

2024-10-16

Updates

• chore: switch to tinyglobby for fewer dependencies (#​1780)

vitejs/vite-plugin-react (@​vitejs/plugin-react)

v4.3.3

Compare Source

React Compiler runtimeModule option removed

React Compiler was updated to accept a target option and runtimeModule was removed. vite-plugin-react will still detect runtimeModule for backwards compatibility.

When using a custom runtimeModule or target !== '19', the plugin will not try to pre-optimize react/compiler-runtime dependency.

The react-compiler-runtime is now available on npm can be used instead of the local shim for people using the compiler with React < 19.

Here is the configuration to use the compiler with React 18 and correct source maps in development:

npm install babel-plugin-react-compiler react-compiler-runtime @​babel/plugin-transform-react-jsx-development

export default defineConfig(({ command }) => {
  const babelPlugins = [['babel-plugin-react-compiler', { target: '18' }]]
  if (command === 'serve') {
    babelPlugins.push(['@​babel/plugin-transform-react-jsx-development', {}])
  }

  return {
    plugins: [react({ babel: { plugins: babelPlugins } })],
  }
})

acornjs/acorn (acorn)

v8.13.0

Compare Source

eslint/eslint (eslint)

v9.13.0

Compare Source

ArnaudBarre/eslint-plugin-react-refresh (eslint-plugin-react-refresh)

v0.4.13

Compare Source

• Support for react-redux connect (export default connect(mapStateToProps, mapDispatchToProps)(MyComponent)) (fixes #​51)
• Support for Arbitrary Module Identifiers syntax (fixes #​52)

sindresorhus/execa (execa)

v9.4.1

Compare Source

Bug fixes

• Fix using process.execPath with Deno. Thanks @​w3cj! (#​1160)

cloudflare/workers-sdk (miniflare)

v3.20241011.0

Compare Source

Patch Changes

• #​6961 5761020 Thanks @​dependabot! - chore: update dependencies of "miniflare" package

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20241004.0	1.20241011.1
  @​cloudflare/workers-types	^4.20241004.0	^4.20241011.0

• #​6943 7859a04 Thanks @​sdnts! - fix: local queues now respect consumer max delays and retry delays properly

alexeyraspopov/picocolors (picocolors)

v1.1.1

Compare Source

• Moved TypeScript declarations to a d.ts file (#​82)
• Reworked color detection algorithm to properly work with empty strings in NO_COLOR and FORCE_COLOR env variables (#​87)
• Eliminated require() call to make the package compatible with some tools (#​87)

pnpm/pnpm (pnpm)

v9.12.2: pnpm 9.12.2

Compare Source

Patch Changes

• When checking whether a file in the store has executable permissions, the new approach checks if at least one of the executable bits (owner, group, and others) is set to 1. Previously, a file was incorrectly considered executable only when all the executable bits were set to 1. This fix ensures that files with any executable permission, regardless of the user class, are now correctly identified as executable #​8546.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

sass/dart-sass (sass)

v1.80.3

Compare Source

• Fix a bug where @import url("...") would crash in plain CSS files.

• Improve consistency of how warnings are emitted by different parts of the
  compiler. This should result in minimal user-visible changes, but different
  types of warnings should now respond more reliably to flags like --quiet,
  --verbose, and --silence-deprecation.

v1.80.2

Compare Source

• Fix a bug where deprecation warnings were incorrectly emitted for the
  plain-CSS invert() function.

v1.80.1

Compare Source

• Fix a bug where repeated deprecation warnings were not automatically limited.

v1.80.0

Compare Source

• @import is now officially deprecated, as are global built-in functions that
  are available within built-in modules. See the Sass blog post for more
  details on the deprecation process.

Embedded Host

• Fix an error that would sometimes occur when deprecation warnings were
  emitted when using a custom importer with the legacy API.

v1.79.6

Compare Source

• Fix a bug where Sass would add an extra */ after loud comments with
  whitespace after an explicit */ in the indented syntax.

• Potentially breaking bug fix: Adding text after an explicit */ in the
  indented syntax is now an error, rather than silently generating invalid CSS.

Embedded Host

• Properly export the SassBoolean type.

sass/embedded-host-node (sass-embedded)

v1.80.3

Compare Source

• Fix a bug where @import url("...") would crash in plain CSS files.

• Improve consistency of how warnings are emitted by different parts of the
  compiler. This should result in minimal user-visible changes, but different
  types of warnings should now respond more reliably to flags like --quiet,
  --verbose, and --silence-deprecation.

v1.80.2

Compare Source

• Fix a bug where deprecation warnings were incorrectly emitted for the
  plain-CSS invert() function.

v1.80.1

Compare Source

• Fix a bug where repeated deprecation warnings were not automatically limited.

v1.80.0

Compare Source

• @import is now officially deprecated, as are global built-in functions that
  are available within built-in modules. See the Sass blog post for more
  details on the deprecation process.

Embedded Host

• Fix an error that would sometimes occur when deprecation warnings were
  emitted when using a custom importer with the legacy API.

v1.79.6

Compare Source

• Fix a bug where Sass would add an extra */ after loud comments with
  whitespace after an explicit */ in the indented syntax.

• Potentially breaking bug fix: Adding text after an explicit */ in the
  indented syntax is now an error, rather than silently generating invalid CSS.

Embedded Host

• Properly export the SassBoolean type.

vercel/serve (serve)

v14.2.4

Compare Source

Patches

• Bump serve-handler, vitest, and `typescript: #​812

stylus/stylus (stylus)

v0.64.0

Compare Source

===================

• drop node v14 support #​2899
• upgrading glob eliminates outdated dependency issues #​2899

tailwindlabs/tailwindcss (tailwindcss)

v3.4.14

Compare Source

Fixed

• Don't set display: none on elements that use hidden="until-found" (#​14625)

terser/terser (terser)

v5.36.0

Compare Source

• Support import attributes with syntax

v5.35.0

Compare Source

• Ensure parent directory exists when using --output on CLI (#​1530)

Microsoft/tslib (tslib)

v2.8.0

Compare Source

What's Changed

• Validate export structure of every entrypoint by @​andrewbranch in https://github.com/microsoft/tslib/pull/269
• Add rewriteRelativeImportExtension helper by @​andrewbranch in https://github.com/microsoft/tslib/pull/270

Full Changelog: microsoft/tslib@v2.7.0...v2.8.0

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

Scope: all 221 workspace projects
Progress: resolved 1, reused 0, downloaded 0, added 0
Progress: resolved 94, reused 0, downloaded 0, added 0
Progress: resolved 228, reused 0, downloaded 0, added 0
Progress: resolved 290, reused 0, downloaded 0, added 0
Progress: resolved 516, reused 0, downloaded 0, added 0
Progress: resolved 684, reused 0, downloaded 0, added 0
Progress: resolved 804, reused 0, downloaded 0, added 0
Progress: resolved 957, reused 0, downloaded 0, added 0
Progress: resolved 1097, reused 0, downloaded 0, added 0
Progress: resolved 1214, reused 0, downloaded 0, added 0
 ERR_PNPM_PATCH_NOT_APPLIED  The following patches were not applied: [email protected]

Either remove them from "patchedDependencies" or update them to match packages in your dependencies.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[sapphi-red]

Package size change:

before

npm notice package size: 748.3 kB
npm notice unpacked size: 3.2 MB

after

npm notice package size: 724.4 kB
npm notice unpacked size: 3.1 MB