chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@cloudflare/workers-types	^4.20251120.0 -> ^4.20251121.0
@types/bun (source)	^1.3.2 -> ^1.3.3
@vitest/coverage-v8 (source)	^4.0.12 -> ^4.0.13
better-sqlite3	^12.4.1 -> ^12.4.6
pnpm (source)	10.19.0 -> 10.23.0
vitest (source)	^4.0.12 -> ^4.0.13
wrangler (source)	^4.49.1 -> ^4.50.0

---

Release Notes

cloudflare/workerd (@​cloudflare/workers-types)

v4.20251121.0

Compare Source

vitest-dev/vitest (@​vitest/coverage-v8)

v4.0.13

Compare Source

   🐞 Bug Fixes

• types:
  • Don't use type from Vite 7.1  -  by @​sheremet-va in #​9071 (6356b)
  • Don't import node.js dependent types in vitest/browser  -  by @​sheremet-va in #​9068 (332af)

   🏎 Performance

• Avoid fetchModule roundtrip if the module is cached  -  by @​sheremet-va in #​9075 (b27e0)
• experimental: If fsCacheModule is enabled, read from the memory when possible  -  by @​sheremet-va in #​9076 (6b9a1)

    View changes on GitHub

WiseLibs/better-sqlite3 (better-sqlite3)

v12.4.6

Compare Source

What's Changed

• Fix npm publishing by @​mceachen in #​1423

Full Changelog: WiseLibs/better-sqlite3@v12.4.5...v12.4.6

v12.4.5

Compare Source

What's Changed

• Add support for Node v25 and Electron 39+ prebuilds by @​mceachen in #​1422

Full Changelog: WiseLibs/better-sqlite3@v12.4.4...v12.4.5

pnpm/pnpm (pnpm)

v10.23.0: pnpm 10.23

Compare Source

Minor Changes

• Added --lockfile-only option to pnpm list #​10020.

Patch Changes

• pnpm self-update should download pnpm from the configured npm registry #​10205.
• pnpm self-update should always install the non-executable pnpm package (pnpm in the registry) and never the @pnpm/exe package, when installing v11 or newer. We currently cannot ship @pnpm/exe as pkg doesn't work with ESM #​10190.
• Node.js runtime is not added to "dependencies" on pnpm add, if there's a engines.runtime setting declared in package.json #​10209.
• The installation should fail if an optional dependency cannot be installed due to a trust policy check failure #​10208.
• pnpm list and pnpm why now display npm: protocol for aliased packages (e.g., foo npm:[email protected]) #​8660.
• Don't add an extra slash to the Node.js mirror URL #​10204.
• pnpm store prune should not fail if the store contains Node.js packages #​10131.

Platinum Sponsors

Gold Sponsors

v10.22.0: pnpm 10.22

Compare Source

Minor Changes

• Added support for trustPolicyExclude #​10164.

  You can now list one or more specific packages or versions that pnpm should allow to install, even if those packages don't satisfy the trust policy requirement. For example:

  trustPolicy: no-downgrade
  trustPolicyExclude:
    - [email protected]
    - [email protected] || 5.102.1

• Allow to override the engines field on publish by the publishConfig.engines field.

Patch Changes

• Don't crash when two processes of pnpm are hardlinking the contents of a directory to the same destination simultaneously #​10179.

Platinum Sponsors

Gold Sponsors

v10.21.0

Compare Source

v10.20.0

Compare Source

Minor Changes

• Support --all option in pnpm --help to list all commands #​8628.

Patch Changes

• When the latest version doesn't satisfy the maturity requirement configured by minimumReleaseAge, pick the highest version that is mature enough, even if it has a different major version #​10100.
• create command should not verify patch info.
• Set managePackageManagerVersions to false, when switching to a different version of pnpm CLI, in order to avoid subsequent switches #​10063.

cloudflare/workers-sdk (wrangler)

v4.50.0

Compare Source

Minor Changes

• #​11219 524a6e5 Thanks @​Ltadrian! - Implement Hyperdrive binding TLS miniflare proxy. This will allow for wrangler dev hyperdrive bindings to connect to external
  databases that require TLS.

• #​11233 c922a81 Thanks @​emily-shen! - Add containers.unsafe to allow internal users to use additional container features

Patch Changes

• #​11353 0cf696d Thanks @​vicb! - Use the native node:domain module when available

  It is enabled when the enable_nodejs_domain_module compatibility flag is set.

• #​11328 bb44120 Thanks @​ascorbic! - Fixes a bug that caused wrangler deploy to hang when deploying SvelteKit sites with experimental autoconfig

• #​11025 4a158e9 Thanks @​devin-ai-integration! - Use the native node:wasi module when available

  It is enabled when the enable_nodejs_wasi_module compatibility flag is set.

• Updated dependencies [0cf696d, 524a6e5, 4a158e9]:

  • @​cloudflare/unenv-preset@​2.7.11
  • miniflare@​4.20251118.1

---

Configuration

📅 Schedule: Branch creation - "after 2am and before 3am" (UTC), Automerge - "after 1am and before 2am" (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.