fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/node (source)	^22.10.2 -> ^22.10.5
bumpp	^9.9.1 -> ^9.10.0
magic-string-ast	^0.6.3 -> ^0.7.0
pnpm (source)	9.15.0 -> 9.15.3
rollup (source)	^4.28.1 -> ^4.30.1
typescript (source)	^5.7.2 -> ^5.7.3
unplugin	^2.1.0 -> ^2.1.2
vite (source)	^6.0.4 -> ^6.0.7

---

Release Notes

antfu/bumpp (bumpp)

v9.10.0

Compare Source

   🚀 Features

• Support --install flag  -  by @​antfu (96a47)

    View changes on GitHub

v9.9.3

Compare Source

   🐞 Bug Fixes

• Throw on exec error, fix #​67  -  by @​antfu in https://github.com/antfu-collective/bumpp/issues/67 (52816)

    View changes on GitHub

v9.9.2

Compare Source

No significant changes

    View changes on GitHub

sxzz/magic-string-ast (magic-string-ast)

v0.7.0

Compare Source

   🚀 Features

• Support native magic-string offset  -  by @​zhiyuanzmj in https://github.com/sxzz/magic-string-ast/issues/50 (5886e)

   🐞 Bug Fixes

• deps: Update all non-major dependencies  -  in https://github.com/sxzz/magic-string-ast/issues/49 (7f814)

    View changes on GitHub

pnpm/pnpm (pnpm)

v9.15.3

Compare Source

v9.15.2: pnpm 9.15.2

Compare Source

Patch Changes

• Fixed publish/pack error with workspace dependencies with relative paths #​8904. It was broken in v9.4.0 (398472c).
• Use double quotes in the command suggestion by pnpm patch on Windows #​7546.
• Do not fall back to SSH, when resolving a git-hosted package if git ls-remote works via HTTPS #​8906.
• Improve how packages with blocked lifecycle scripts are reported during installation. Always print the list of ignored scripts at the end of the output. Include a hint about how to allow the execution of those packages.

Platinum Sponsors

Gold Sponsors

v9.15.1

Compare Source

rollup/rollup (rollup)

v4.30.1

Compare Source

2025-01-07

Bug Fixes

• Prevent invalid code when simplifying unary expressions in switch cases (#​5786)

Pull Requests

• #​5786: fix: consider that literals cannot following switch case. (@​TrickyPi)

v4.30.0

Compare Source

2025-01-06

Features

• Inline values of resolvable unary expressions for improved tree-shaking (#​5775)

Pull Requests

• #​5775: feat: enhance the treehshaking for unary expression (@​TrickyPi)
• #​5783: Improve CI caching for node_modules (@​lukastaegert)

v4.29.2

Compare Source

2025-01-05

Bug Fixes

• Keep import attributes when using dynamic ESM import() expressions from CommonJS (#​5781)

Pull Requests

• #​5772: Improve caching on CI (@​lukastaegert)
• #​5773: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5780: feat: use picocolors instead of colorette (@​re-taro)
• #​5781: fix: keep import attributes for cjs format (@​TrickyPi)

v4.29.1

Compare Source

2024-12-21

Bug Fixes

• Fix crash from deoptimized logical expressions (#​5771)

Pull Requests

• #​5769: Remove unnecessary lifetimes (@​lukastaegert)
• #​5771: fix: do not optimize the literal value if the cache is deoptimized (@​TrickyPi)

v4.29.0

Compare Source

2024-12-20

Features

• Treat objects as truthy and always check second argument to better simplify logical expressions (#​5763)

Pull Requests

• #​5759: docs: add utf-8 encoding to JSON file reading (@​chouchouji)
• #​5760: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #​5763: fix: introduce UnknownFalsyValue for enhancing if statement tree-shaking (@​TrickyPi)
• #​5766: chore(deps): update dependency @​rollup/plugin-node-resolve to v16 (@​renovate[bot])
• #​5767: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])

microsoft/TypeScript (typescript)

v5.7.3

Compare Source

unjs/unplugin (unplugin)

v2.1.2

Compare Source

   🐞 Bug Fixes

• esbuild: Fix again 9f85a26  -  by @​sxzz (4abab)

    View changes on GitHub

v2.1.1

Compare Source

   🐞 Bug Fixes

• esbuild: Pass original build for custom esbuild setup  -  by @​sxzz (9f85a)

    View changes on GitHub

vitejs/vite (vite)

v6.0.7

Compare Source

• fix: fix minify when builder.sharedPlugins: true (#​19025) (f7b1964), closes #​19025
• fix: skip the plugin if it has been called before with the same id and importer (#​19016) (b178c90), closes #​19016
• fix(html): error while removing vite-ignore attribute for inline script (#​19062) (a492253), closes #​19062
• fix(ssr): fix semicolon injection by ssr transform (#​19097) (1c102d5), closes #​19097
• perf: skip globbing for static path in warmup (#​19107) (677508b), closes #​19107
• feat(css): show lightningcss warnings (#​19076) (b07c036), closes #​19076

v6.0.6

Compare Source

• fix: replace runner-side path normalization with fetchModule-side resolve (#​18361) (9f10261), closes #​18361
• fix(css): resolve style tags in HTML files correctly for lightningcss (#​19001) (afff05c), closes #​19001
• fix(css): show correct error when unknown placeholder is used for CSS modules pattern in lightningcs (9290d85), closes #​19070
• fix(resolve): handle package.json with UTF-8 BOM (#​19000) (902567a), closes #​19000
• fix(ssrTransform): preserve line offset when transforming imports (#​19004) (1aa434e), closes #​19004
• chore: fix typo in comment (#​19067) (eb06ec3), closes #​19067
• chore: update comment about build.target (#​19047) (0e9e81f), closes #​19047
• revert: unpin esbuild version (#​19043) (8bfe247), closes #​19043
• test(ssr): test virtual module with query (#​19044) (a1f4b46), closes #​19044

v6.0.5

Compare Source

• fix: esbuild regression (pin to 0.24.0) (#​19027) (4359e0d), closes #​19027

---

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/[email protected]	None	+1	2.37 MB	types
npm/[email protected]	filesystem, unsafe Transitive: environment, network, shell	+59	7.24 MB	antfu
npm/[email protected]	None	+2	593 kB	sxzz
npm/[email protected]	None	+1	2.64 MB	eventualbuddha, lukastaegert, rich_harris, ...2 more
npm/[email protected]	None	0	22.7 MB	andrewbranch, minestarks, rbuckton, ...5 more
npm/[email protected]	Transitive: environment	+2	759 kB	antfu, sxzz
npm/[email protected]	Transitive: environment, filesystem	+5	3.36 MB	antfu, patak, soda, ...2 more

🚮 Removed packages: npm/@types/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎