chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@iconify-json/logos	^1.2.4 -> ^1.2.9
@iconify-json/lucide	^1.2.57 -> ^1.2.63
@iconify-json/simple-icons	^1.2.43 -> ^1.2.48
@nuxt/eslint (source)	^1.5.2 -> ^1.9.0
@nuxt/ui-pro (source)	^3.2.0 -> ^3.3.2
@nuxtjs/mdc	^0.17.1 -> ^0.17.2
@types/node (source)	^22.16.4 -> ^22.17.2
drizzle-orm (source)	^0.44.3 -> ^0.44.4
eslint (source)	^9.31.0 -> ^9.34.0
nuxt-auth-utils	^0.5.20 -> ^0.5.23
pnpm (source)	10.13.1 -> 10.15.0
typescript (source)	^5.8.3 -> ^5.9.2
vue-tsc (source)	^3.0.1 -> ^3.0.6
workers-ai-provider	^0.7.2 -> ^0.7.5
wrangler (source)	^4.24.4 -> ^4.32.0

---

Release Notes

nuxt/eslint (@​nuxt/eslint)

v1.9.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (b80cb)

   🐞 Bug Fixes

• Add defineNuxtConfig as ESLint's globals, close #​603  -  by @​antfu in https://github.com/nuxt/eslint/issues/603 (2e67f)

    View changes on GitHub

v1.8.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (932a7)

    View changes on GitHub

v1.7.1

Compare Source

   🐞 Bug Fixes

• Include eslint-typegen.d.ts in nuxt.node.d.ts, close #​596  -  by @​antfu in https://github.com/nuxt/eslint/issues/596 (ab74e)

    View changes on GitHub

v1.7.0

Compare Source

   🚀 Features

• Upgrade eslint-plugin-unicorn  -  by @​antfu (b3b7d)

    View changes on GitHub

v1.6.0

Compare Source

   🐞 Bug Fixes

• Bring back eslint-plugin-import-x as default, close #​590  -  by @​antfu in https://github.com/nuxt/eslint/issues/590 (e43d6)

    View changes on GitHub

nuxt/ui-pro (@​nuxt/ui-pro)

v3.3.2

Compare Source

v3.3.1

Compare Source

v3.3.0

Compare Source

drizzle-team/drizzle-orm (drizzle-orm)

v0.44.4

Compare Source

• Fix wrong DrizzleQueryError export. thanks @​nathankleyn

eslint/eslint (eslint)

v9.34.0

Compare Source

v9.33.0

Compare Source

v9.32.0

Compare Source

atinux/nuxt-auth-utils (nuxt-auth-utils)

v0.5.23

Compare Source

compare changes

🚀 Enhancements

• Add Ory provider (#​417)
• Add Roblox OAuth provider (#​420)
• Add GitHub state param (#​423)

🩹 Fixes

• Prevent session password in .env from being included in production builds (#​419)

🏡 Chore

• Update deps (7e86ab9)

❤️ Contributors

• Sébastien Chopin (@​atinux)
• Tom Lewis (@​tomlewis0)
• Dog (@​dgxo)
• Matthew Messinger (@​mattmess1221)
• Jordan Labrosse [email protected]

v0.5.22

Compare Source

compare changes

🚀 Enhancements

• Add Okta OAuth provider (#​429)

🩹 Fixes

• keycloak: Allow fetch userinfo using internal url (#​430)

📖 Documentation

• Fix missing auth.d.ts session types in server dir Nuxt 4 (#​437)

🏡 Chore

• release: V0.5.20 (f7127f5)
• Update to return when using invalidState (60f32d8)
• release: V0.5.21 (c645d59)

❤️ Contributors

• Sébastien Chopin (@​atinux)
• André Biseth [email protected]
• Han [email protected]
• Eckhardt (Kaizen) Dreyer [email protected]

v0.5.21

Compare Source

compare changes

🩹 Fixes

• keycloak: Allow fetch userinfo using internal url (#​430)

📖 Documentation

• Fix missing auth.d.ts session types in server dir Nuxt 4 (#​437)

🏡 Chore

• release: V0.5.20 (f7127f5)
• Update to return when using invalidState (60f32d8)

❤️ Contributors

• Han [email protected]
• Sébastien Chopin (@​atinux)
• Eckhardt (Kaizen) Dreyer [email protected]

pnpm/pnpm (pnpm)

v10.15.0

Compare Source

Minor Changes

• Added the cleanupUnusedCatalogs configuration. When set to true, pnpm will remove unused catalog entries during installation #​9793.
• Automatically load pnpmfiles from config dependencies that are named @*/pnpm-plugin-* #​9780.
• pnpm config get now prints an INI string for an object value #​9797.
• pnpm config get now accepts property paths (e.g. pnpm config get catalog.react, pnpm config get .catalog.react, pnpm config get 'packageExtensions["@​babel/parser"].peerDependencies["@​babel/types"]'), and pnpm config set now accepts dot-leading or subscripted keys (e.g. pnpm config set .ignoreScripts true).
• pnpm config get --json now prints a JSON serialization of config value, and pnpm config set --json now parses the input value as JSON.

Patch Changes

• Semi-breaking. When automatically installing missing peer dependencies, prefer versions that are already present in the direct dependencies of the root workspace package #​9835.
• When executing the pnpm create command, must verify whether the node version is supported even if a cache already exists #​9775.
• When making requests for the non-abbreviated packument, add */* to the Accept header to avoid getting a 406 error on AWS CodeArtifact #​9862.
• The standalone exe version of pnpm works with glibc 2.26 again #​9734.
• Fix a regression in which pnpm dlx pkg --help doesn't pass --help to pkg #​9823.

v10.14.0

Compare Source

Minor Changes

• Added support for JavaScript runtime resolution

  Declare Node.js, Deno, or Bun in devEngines.runtime (inside package.json) and let pnpm download and pin it automatically.

  Usage example:

  {
    "devEngines": {
      "runtime": {
        "name": "node",
        "version": "^24.4.0",
        "onFail": "download" (we only support the "download" value for now)
      }
    }
  }

  How it works:

  1. pnpm install resolves your specified range to the latest matching runtime version.
  2. The exact version (and checksum) is saved in the lockfile.
  3. Scripts use the local runtime, ensuring consistency across environments.

  Why this is better:

  1. This new setting supports also Deno and Bun (vs. our Node-only settings useNodeVersion and executionEnv.nodeVersion)
  2. Supports version ranges (not just a fixed version).
  3. The resolved version is stored in the pnpm lockfile, along with an integrity checksum for future validation of the Node.js content's validity.
  4. It can be used on any workspace project (like executionEnv.nodeVersion). So, different projects in a workspace can use different runtimes.
  5. For now devEngines.runtime setting will install the runtime locally, which we will improve in future versions of pnpm by using a shared location on the computer.

  Related PR: #​9755.

• Add --cpu, --libc, and --os to pnpm install, pnpm add, and pnpm dlx to customize supportedArchitectures via the CLI #​7510.

Patch Changes

• Fix a bug in which pnpm add downloads packages whose libc differ from pnpm.supportedArchitectures.libc.
• The integrities of the downloaded Node.js artifacts are verified #​9750.
• Allow dlx to parse CLI flags and options between the dlx command and the command to run or between the dlx command and -- #​9719.
• pnpm install --prod should removing hoisted dev dependencies #​9782.
• Fix an edge case bug causing local tarballs to not re-link into the virtual store. This bug would happen when changing the contents of the tarball without renaming the file and running a filtered install.
• Fix a bug causing pnpm install to incorrectly assume the lockfile is up to date after changing a local tarball that has peers dependencies.

microsoft/TypeScript (typescript)

v5.9.2

Compare Source

vuejs/language-tools (vue-tsc)

v3.0.6

Compare Source

v3.0.5

Compare Source

Features

• feat(language-core): introduce compileSFCStyle to provide style related infomation (#​5548) - Thanks to @​KazariEX!
• feat(language-service): completion snippet for v-for (#​5553) - Thanks to @​KazariEX!

Bug Fixes

• fix(language-core): generate modelModifiers for explicitly declared default model name (#​5558) - Thanks to @​KazariEX!
• fix(language-service): more responsive .value insertion
• fix(vscode): add class scope fallback for component semantic tokens (#​5559) - Thanks to @​KazariEX!
• fix(vscode): make sure extension is loaded immediately
• fix(language-service): only check globalTypesPath for FS files
• fix(vscode): handle fail tsserver requests to avoid memory leak
• fix(vscode): do not delay the execution of restartExtensionHost
• fix(language-core): avoid references highlight of unrelated native element tags (#​5563) - Thanks to @​KazariEX!
• fix(language-core): tolerance for incomplete root template tag
• fix(language-core): enable navigation code feature on directive modifiers - Thanks to @​KazariEX!

Other Changes

• chore(language-service): improve global types error message for JS projects (#​5574) - Thanks to @​Ciallo-Chiaki!

v3.0.4

Compare Source

Features

• feat(language-service): check casing when dropping component into template - Thanks to @​KazariEX!
• feat(language-service): native completion experience for slot names (#​5552) - Thanks to @​KazariEX!

Bug Fixes

• fix(language-core): avoid clearing global types path when local compiler options is present - Thanks to @​KazariEX!
• fix(language-core): do not evaluate skipTemplateCodegen when exposing $slots - Thanks to @​KazariEX!
• fix(language-service): correct kind and order of component completion items - Thanks to @​KazariEX!
• fix(component-meta): filter events out of props (#​5547) - Thanks to @​Akryum!

Other Changes

• refactor(language-core): allow configuring checkUnknownEvents and checkUnknownComponents in sfc (#​5537) - Thanks to @​KazariEX!
• chore(language-service): add restart server hint to global types warning - Thanks to @​KazariEX!

v3.0.3

Compare Source

Bug Fixes

• fix(language-core): find node_modules based on file's directory (#​5525) - Thanks to @​KazariEX!
• fix(language-core): do not spread exposed object (#​5526) - Thanks to @​KazariEX!
• fix(vscode): prompt manual reload in remote envs (#​5530)

Other Changes

• refactor(tsc): return the result of runTsc (#​5517) - Thanks to @​escaton!

v3.0.2

Compare Source

Features

• feat(language-core): introduce globalTypesPath option for non-npm like environment (#​5505) - Thanks to @​KazariEX!
• feat: forward tsserver's semantic tokens via language server (#​5512) - Thanks to @​KazariEX!

Bug Fixes

• fix(vscode): correct syntax highlight of control directives ending with / or ) - Thanks to @​KazariEX!
• fix(language-core): infer parameter type of union slots to be union instead of intersection (#​5475) - Thanks to @​KazariEX!
• fix(vscode): remove colorizedBracketPairs config for plaintext
• fix(language-core): avoid early access to local types to skip unnecessary type generation - Thanks to @​KazariEX!
• fix(language-core): treat <component> without is prop as normal component - Thanks to @​KazariEX!
• fix(vscode): make sure tsserver loads @vue/typescript-plugin last (#​5483)
• fix(language-core): only keep navigation code feature on static name value of <slot> - Thanks to @​KazariEX!
• fix(language-server): add allowJs to reactivity analyze host - Thanks to @​KazariEX!
• fix(language-core): do not set template lang to md for markdown (#​5497) - Thanks to @​KazariEX!
• fix(typescript-plugin): exclude items of kind module from template completion - Thanks to @​KazariEX!
• fix(language-core): walk identifiers correctly within type nodes in interpolation (#​5501) - Thanks to @​KazariEX!
• fix(language-service): correct position calculation of twoslash queries (#​5503) - Thanks to @​KazariEX!
• fix(language-core): avoid redundant increment of block variable depth (#​5511) - Thanks to @​KazariEX!
• fix(language-service): re-implement twoslash queries in script - Thanks to @​KazariEX!

Other Changes

• refactor(vscode): make welcome page code public - Thanks to @​KazariEX!
• refactor(vscode): add premium feature settings
• chore: migrate from minimatch to picomatch (#​5499) - Thanks to @​KazariEX!
• chore: update volar to 2.4.19
  • fix(typescript): skip source file search when .d.${ext}.ts file exists (volarjs/volar.js#277)
• revert: type support of slot children (#​5137) (#​5514) - Thanks to @​KazariEX!

cloudflare/ai (workers-ai-provider)

v0.7.5

Compare Source

Patch Changes

• #​263 7b2745a Thanks @​byule! - fix: use correct fieldname and format for tool_call ids

v0.7.4

Compare Source

Patch Changes

• #​261 50fad0f Thanks @​threepointone! - fix: pass a tool call id and read it back out for tool calls

v0.7.3

Compare Source

Patch Changes

• #​258 b1ee224 Thanks @​threepointone! - fix: don't crash if a model response has only tool calls

cloudflare/workers-sdk (wrangler)

v4.32.0

Compare Source

Minor Changes

• #​10354 da40571 Thanks @​edmundhung! - Enable cross-process communication for wrangler dev with multiple config files

  Workers running in separate wrangler dev sessions can now communicate with each other regardless of whether you are running with single or multiple config files.

  Check out the Developing with multiple Workers guide to learn more about the different approaches and when to use each one.

• #​10012 4728c68 Thanks @​penalosa! - Support unsafe dynamic worker loading bindings

Patch Changes

• #​10245 d304055 Thanks @​edmundhung! - Migrate wrangler dev to use Miniflare dev registry implementation

  Updated wrangler dev to use a shared dev registry implementation that now powers both the Cloudflare Vite plugin and Wrangler. This internal refactoring has no user-facing changes but consolidates registry logic for better consistency across tools.

• #​10407 f534c0d Thanks @​emily-shen! - default containers.rollout_active_grace_period to 0

• #​10425 0a96e69 Thanks @​dario-piotrowicz! - Fix debugging logs not including headers for CF API requests and responses

  Fix the fact that wrangler, when run with the WRANGLER_LOG=DEBUG and WRANGLER_LOG_SANITIZE=false environment variables, displays {} instead of the actual headers for requests and responses for CF API fetches

• #​10337 f9f7519 Thanks @​emily-shen! - containers: rollout_step_percentage now also accepts an array of numbers. Previously it accepted a single number, and each rollout step would target the same percentage of instances. Now users can customise percentages for each step.

  rollout_step_percentage also now defaults to [10,100] (previously 25), which should make rollouts progress slightly faster.

  You can also use wrangler deploy --containers-rollout=immediate to override rollout settings in Wrangler configuration and update all instances in one step. Note this doesn't override rollout_active_grace_period if configured.

• Updated dependencies [4728c68]:

  • [email protected]

v4.31.0

Compare Source

Minor Changes

• #​10314 9b09751 Thanks @​dario-piotrowicz! - Show possible local vs. dashboard diff information on deploys

  When re-deploying a Worker using wrangler deploy, if the configuration has been modified in the Cloudflare dashboard, the local configuration will overwrite the remote one. This can lead to unexpected results for users. To address this, currently wrangler deploy warns users about potential configuration overrides (without presenting them) and prompts them to confirm whether they want to proceed.

  The changes here improve the above flow in the following way:

  • If the local changes only add new configurations (without modifying or removing existing ones), the deployment proceeds automatically without warnings or prompts, as these changes are non-destructive and safe.
  • If the local changes modify or remove existing configurations, wrangler deploy now displays a git-like diff showing the differences between the dashboard and local configurations. This allows users to review and understand the impact of their changes before confirming the deployment.

• #​10334 cadf19a Thanks @​jonesphillip! - Added queues subscription command to Wrangler including create, update, delete, get, list

Patch Changes

• #​10374 20520fa Thanks @​edmundhung! - Simplify debug package resolution with nodejs_compat

  A patched version of debug was previously introduced that resolved the package to a custom implementation. However, this caused issues due to CJS/ESM interop problems. We now resolve the debug package to use the Node.js implementation instead.

• #​10249 875197a Thanks @​penalosa! - Support JSRPC for remote bindings. This unlocks:

  • JSRPC over Service Bindings
  • JSRPC over Dispatch Namespace Bindings
  • Email
  • Pipelines

• Updated dependencies [565c3a3, ddadb93, 20520fa, 875197a]:

  • [email protected]
  • @​cloudflare/unenv-preset@​2.6.2

v4.30.0

Compare Source

Minor Changes

• #​10341 76a6701 Thanks @​garvit-gupta! - feat: Add Wrangler command for Vectorize list-vectors operation

Patch Changes

• #​10217 979984b Thanks @​veggiedefender! - Increase the maxBuffer size for capnp uploads

• #​10356 80e964c Thanks @​WillTaylorDev! - fix: Update regex for valid branch name to remove 61 char length requirement, allowing for longer branch names to be specified for preview aliases.

• #​10289 a5a1426 Thanks @​emily-shen! - Cleanup container images created during local dev if no changes have been made.

  We now untag old images that were created by Wrangler/Vite if we find that the image content and configuration is unchanged, so that we don't keep accumulating image tags.

• #​10315 0c04da9 Thanks @​emily-shen! - Add rollout_active_grace_period option to containers configuration.

  This allows users to configure how long an active container should keep running for during a rollout, before the upgrade is applied.

• #​10321 b524a6f Thanks @​emily-shen! - print prettier errors during container deployment

• #​10253 eb32a3a Thanks @​emily-shen! - fix redeploying container apps when previous deploy failed or container (but not image) was deleted.

  Previously this failed with No changes detected but no previous image found as we assumed there would be a previous deployment when an image exists in the registry.

• #​9990 4288a61 Thanks @​penalosa! - Fix startup profiling when sourcemaps are enabled

• Updated dependencies [d54d8b7, ae0c806]:

  • [email protected]

v4.29.1

Compare Source

Patch Changes

• Updated dependencies [5020694]:
  • [email protected]

v4.29.0

Compare Source

Minor Changes

• #​10283 80960b9 Thanks @​WillTaylorDev! - Support long branch names in generation of branch aliases in WCI.

• #​10312 bd8223d Thanks @​devin-ai-integration! - Added --domain flag to wrangler deploy command for deploying to custom domains. Use --domain example.com to deploy directly to a custom domain without manually configuring routes.

• #​8318 8cf47f9 Thanks @​gnekich! - Introduce json output flag for wrangler pages deployment list

Patch Changes

• #​10232 e7cae16 Thanks @​emily-shen! - fix: validate wrangler containers delete ID to ensure a valid ID has been provided. Previously if you provided the container name (or any non-ID shaped string) you would get an auth error instead of a 404.

• #​10139 3b6ab8a Thanks @​dom96! - Removes mention of cf-requirements when Python Workers are enabled

• #​10259 c58a05c Thanks @​dario-piotrowicz! - Ensure that maybeStartOrUpdateRemoteProxySession considers the potential account_id from the user's wrangler config

  Currently if the user has an account_id in their wrangler config file, such id won't be taken into consideration for the remote proxy session, the changes here make sure that it is (note that the auth option of maybeStartOrUpdateRemoteProxySession, if provided, takes precedence over this id value).

  The changes here also fix the same issue for wrangler dev and getPlatformProxy (since they use maybeStartOrUpdateRemoteProxySession under the hook).

• #​10288 42aafa3 Thanks @​tgarg-cf! - Do not attempt to update queue producer settings when deploying a Worker with a queue binding

  Previously, each deployed Worker would update a subset of the queue producer's settings for each queue binding, which could result in broken queue producers or at least conflicts where different Workers tried to set different producer settings on a shared queue.

• #​10242 70bd966 Thanks @​devin-ai-integration! - Add experimental API to expose Wrangler command tree structure for documentation generation

• #​10258 d391076 Thanks @​nikitassharma! - Add the option to allow all tiers when creating a container

• #​10248 422ae22 Thanks @​emily-shen! - fix: re-push container images on deploy even if the only change was to the Dockerfile

• #​10179 5d5ecd5 Thanks @​pombosilva! - Prevent defining multiple workflows with the same "name" property in the same wrangler file

• #​10232 e7cae16 Thanks @​emily-shen! - include containers API calls in output of WRANGLER_LOG=debug

• #​10243 d481901 Thanks @​devin-ai-integration! - Remove async_hooks polyfill - now uses native workerd implementation

  The async_hooks module is now provided natively by workerd, making the polyfill unnecessary. This improves performance and ensures better compatibility with Node.js async_hooks APIs.

• #​10060 9aad334 Thanks @​edmundhung! - refactor: switch getPlatformProxy() to use Miniflare's dev registry implementation

  Updated getPlatformProxy() to use Miniflare's dev registry instead of Wrangler's implementation. Previously, you had to start a wrangler or vite dev session before accessing the proxy bindings to connect to those workers. Now the order doesn't matter.

• #​10219 28494f4 Thanks @​dario-piotrowicz! - fix NonRetryableError thrown with an empty error message not stopping workflow retries locally

• Updated dependencies [1479fd0, 05c5b28, e3d9703, d481901]:

  • [email protected]
  • @​cloudflare/unenv-preset@​2.6.1

v4.28.1

Compare Source

Patch Changes

• #​10130 773cca3 Thanks @​dario-piotrowicz! - update maybeStartOrUpdateRemoteProxySession config argument (to allow callers to specify an environment)

  Before this change maybeStartOrUpdateRemoteProxySession could be called with either the path to a wrangler config file or the configuration of a worker. The former override however did not allow the caller to specify an environment, so the maybeStartOrUpdateRemoteProxySession API has been updated so that in the wrangler config case an object (with the path and a potential environment) needs to be passed instead.

  For example, before callers could invoke the function in the following way

  await maybeStartOrUpdateRemoteProxySession(configPath);

  note that there is no way to tell the function what environment to use when parsing the wrangle configuration.

  Now callers will instead call the function in the following way:

  await maybeStartOrUpdateRemoteProxySession({
  	path: configPath,
  	environment: targetEnvironment,
  });

  note that now a target environment can be specified.

• #​10130 773cca3 Thanks @​dario-piotrowicz! - fix getPlatformProxy not taking into account the potentially specified environment for remote bindings

• #​10122 2e8eb24 Thanks @​dario-piotrowicz! - fix startWorker not respecting auth options for remote bindings

  fix startWorker currently not taking into account the auth field
  that can be provided as part of the dev options when used in conjunction
  with remote bindings

  example:

  Given the following

  import { unstable_startWorker } from "wrangler";
  
  const worker = await unstable_startWorker({
  	entrypoint: "./worker.js",
  	bindings: {
  		AI: {
  			type: "ai",
  			experimental_remote: true,
  		},
  	},
  	dev: {
  		experimentalRemoteBindings: true,
  		auth: {
  			accountId: "<ACCOUNT_ID>",
  			apiToken: {
  				apiToken: "<API_TOKEN>",
  			},
  		},
  	},
  });
  
  await worker.ready;

  wrangler will now use the provided <ACCOUNT_ID> and <API_TOKEN> to integrate with
  the remote AI binding instead of requiring the user to authenticate.

• #​10209 93c4c26 Thanks @​devin-ai-integration! - fix: strip ANSI escape codes from log files to improve readability and parsing

• #​9774 48853a6 Thanks @​nikitassharma! - Validate container configuration against account limits in wrangler to give early feedback to the user

• #​10122 2e8eb24 Thanks @​dario-piotrowicz! - fix incorrect TypeScript type for AI binding in the startWorker API

v4.28.0

Compare Source

Minor Changes

• #​9530 e82aa19 Thanks @​Akshit222! - Add --json flag to r2 bucket info command for machine-readable output.

Patch Changes

• #​10004 b4d1373 Thanks @​dario-piotrowicz! - fix wrangler dev logs being logged on the incorrect level in some cases

  currently the way wrangler dev prints logs is faulty, for example the following code

  console.error("this is an error");
  console.warn("this is a warning");
  console.debug("this is a debug");

  inside a worker would cause the following logs:

  ✘ [ERROR] this is an error
  
  ✘ [ERROR] this is a warning
  
  this is a debug
  

  (note that the warning is printed as an error and the debug log is printed even if by default it should not)

  the changes here make sure that the logs are instead logged to their correct level, so for the code about the following will be

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[nuxthub-admin]

✅ Deployed chat-template

Deployed chat-template 718a37b to preview

🔗	renovate-all-minor-patch.chat-template.pages.dev
📌	8efaafdd.chat-template.pages.dev
📱	View QR Code

📋 View deployment logs