chore(deps): update all non-major dependencies #139

renovate · 2025-10-20T01:11:44Z

This PR contains the following updates:

Package	Change	Age	Confidence
@rocicorp/zero (source)	`^0.23.0` -> `^0.24.0`
@types/node (source)	`22.18.10` -> `22.18.13`
changelogithub	`13.16.0` -> `13.16.1`
pnpm (source)	`10.18.2` -> `10.20.0`
vue-tsc (source)	`3.1.1` -> `3.1.2`

Release Notes

rocicorp/mono (@rocicorp/zero)

antfu/changelogithub (changelogithub)

`v13.16.1`

Compare Source

🐞 Bug Fixes

Fix asset upload for untagged releases - by @josh-hemphill in #74 (86d29)

View changes on GitHub

pnpm/pnpm (pnpm)

`v10.20.0`

Compare Source

Minor Changes

Support --all option in pnpm --help to list all commands #8628.

Patch Changes

When the latest version doesn't satisfy the maturity requirement configured by minimumReleaseAge, pick the highest version that is mature enough, even if it has a different major version #10100.
create command should not verify patch info.
Set managePackageManagerVersions to false, when switching to a different version of pnpm CLI, in order to avoid subsequent switches #10063.

`v10.19.0`

Compare Source

Minor Changes

You can now allow specific versions of dependencies to run postinstall scripts. onlyBuiltDependencies now accepts package names with lists of trusted versions. For example:
```
onlyBuiltDependencies:
  - [email protected] || 21.6.5
  - [email protected]
```
Related PR: #10104.
Added support for exact versions in minimumReleaseAgeExclude #9985.

You can now list one or more specific versions that pnpm should allow to install, even if those versions don’t satisfy the maturity requirement set by minimumReleaseAge. For example:
```
minimumReleaseAge: 1440
minimumReleaseAgeExclude:
  - [email protected]
  - [email protected] || 5.102.1
```

`v10.18.3`

Compare Source

Patch Changes

Fix a bug where pnpm would infinitely recurse when using verifyDepsBeforeInstall: install and pre/post install scripts that called other pnpm scripts #10060.
Fixed scoped registry keys (e.g., @scope:registry) being parsed as property paths in pnpm config get when --location=project is used #9362.
Remove pnpm-specific CLI options before passing to npm publish to prevent "Unknown cli config" warnings #9646.
Fixed EISDIR error when bin field points to a directory #9441.
Preserve version and hasBin for variations packages #10022.
Fixed pnpm config set --location=project incorrectly handling keys with slashes (auth tokens, registry settings) #9884.
When both pnpm-workspace.yaml and .npmrc exist, pnpm config set --location=project now writes to pnpm-workspace.yaml (matching read priority) #10072.
Prevent a table width error in pnpm outdated --long #10040.
Sync bin links after injected dependencies are updated by build scripts. This ensures that binaries created during build processes are properly linked and accessible to consuming projects #10057.

vuejs/language-tools (vue-tsc)

`v3.1.2`

Compare Source

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

socket-security · 2025-10-20T01:13:58Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Package	Supply Chain Security	Quality	Maintenance
@vitest/coverage-v8@3.2.4 ⏵ 4.0.6		^-3	⁺¹
@types/node@22.18.10 ⏵ 22.18.13	⁺¹	⁺¹
@rocicorp/zero@0.23.2025090100 ⏵ 0.24.2025101500	⁺²	⁺²	⁺¹
changelogithub@13.16.0 ⏵ 13.16.1		⁺¹	⁺⁵
knip@5.66.1 ⏵ 5.66.4	⁺¹	⁺¹	⁺¹
lint-staged@16.2.4 ⏵ 16.2.6	⁺¹
@antfu/eslint-config@6.0.0 ⏵ 6.2.0	⁺¹		⁺²
eslint@9.38.0 ⏵ 9.39.0

View full report

renovate bot added chore dependencies labels Oct 20, 2025

renovate bot force-pushed the renovate/all-minor-patch branch 15 times, most recently from b1bec7a to f01edbc Compare October 27, 2025 01:12

renovate bot force-pushed the renovate/all-minor-patch branch 10 times, most recently from 1c306b0 to a9e0cb3 Compare October 31, 2025 06:46

renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 73ce1bd to d0cba73 Compare October 31, 2025 20:40

chore(deps): update all non-major dependencies

028c305

renovate bot force-pushed the renovate/all-minor-patch branch from d0cba73 to 028c305 Compare November 1, 2025 14:32

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore(deps): update all non-major dependencies #139

chore(deps): update all non-major dependencies #139

renovate bot commented Oct 20, 2025 •

edited

Loading

Uh oh!

socket-security bot commented Oct 20, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

chore(deps): update all non-major dependencies #139

Are you sure you want to change the base?

chore(deps): update all non-major dependencies #139

Conversation

renovate bot commented Oct 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

🐞 Bug Fixes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Configuration

Uh oh!

socket-security bot commented Oct 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

renovate bot commented Oct 20, 2025 •

edited

Loading

socket-security bot commented Oct 20, 2025 •

edited

Loading