chore(deps): update all dependencies

[renovate]

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

---

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@commitlint/cli (source)	^19.8.0 -> ^20.0.0			devDependencies	major
@commitlint/config-conventional (source)	^19.8.0 -> ^20.0.0			devDependencies	major
@html-eslint/parser	^0.44.0 -> ^0.47.0			devDependencies	minor
actions/checkout	v4.2.2 -> v5.0.0			action	major
actions/setup-node	v4.4.0 -> v5.0.0			action	major

---

Release Notes

conventional-changelog/commitlint (@​commitlint/cli)

v20.1.0

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.0.0

Compare Source

Note: Version bump only for package @​commitlint/cli

19.8.1 (2025-05-08)

Bug Fixes

• update dependency tinyexec to v1 (#​4332) (e49449f)

v19.8.1

Compare Source

Bug Fixes

• update dependency tinyexec to v1 (#​4332) (e49449f)

conventional-changelog/commitlint (@​commitlint/config-conventional)

v20.0.0

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

19.8.1 (2025-05-08)

Note: Version bump only for package @​commitlint/config-conventional

v19.8.1

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

yeonjuan/html-eslint (@​html-eslint/parser)

v0.47.0

Compare Source

What's Changed

• docs(require-img-alt): empty alt is allowed by @​duhem-s in #​425
• chore: add playground config hints by @​yeonjuan in #​423
• feat: update bcd for baseline by @​yeonjuan in #​426
• feat: add no-restricted-tags rule by @​yeonjuan in #​427

New Contributors

• @​duhem-s made their first contribution in #​425

Full Changelog: yeonjuan/html-eslint@v0.46.2...v0.47.0

v0.46.2

Compare Source

What's Changed

• fix: fix @​html-eslint/types deps by @​yeonjuan in #​421

Full Changelog: yeonjuan/html-eslint@v0.46.1...v0.46.2

v0.46.0

Compare Source

Breaking Changes ⚠️

• When using the "recommended" configuration, the settings differ from previous versions. Please refer to this page for details.

What's Changed

• feat: support linting doctype in lowercase by @​Nightfirecat in #​411
• feat: arrange recommended configs by @​yeonjuan in #​412
• docs: mention priority ordering in sort-attrs documentation by @​AdamVig in #​414

New Contributors

• @​Nightfirecat made their first contribution in #​411
• @​AdamVig made their first contribution in #​414

Full Changelog: yeonjuan/html-eslint@v0.45.0...v0.46.0

v0.45.0

Compare Source

What's Changed

• chore: add apply suggestion, fix on playground by @​yeonjuan in #​397
• docs: fix by @​yeonjuan in #​398
• feat: add new rule no-ineffective-attrs by @​yeonjuan in #​399
• feat: add message options to the require-attrs by @​yeonjuan in #​401
• feat: update bcd for use-baseline by @​yeonjuan in #​402
• docs: add support by @​yeonjuan in #​405
• fix: tagChildrenIndent Not applied to text child by @​yeonjuan in #​407
• feat: add pattern support to priority option in sort-attrs by @​yeonjuan in #​408

Full Changelog: yeonjuan/html-eslint@v0.44.0...v0.45.0

actions/checkout (actions/checkout)

v5.0.0

Compare Source

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in https://github.com/actions/checkout/pull/2226
• Prepare v5.0.0 release by @​salmanmkc in https://github.com/actions/checkout/pull/2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

Compare Source

What's Changed

• docs: update README.md by @​motss in https://github.com/actions/checkout/pull/1971
• Add internal repos for checking out multiple repositories by @​mouismail in https://github.com/actions/checkout/pull/1977
• Documentation update - add recommended permissions to Readme by @​benwells in https://github.com/actions/checkout/pull/2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in https://github.com/actions/checkout/pull/2044
• Update README.md by @​nebuk89 in https://github.com/actions/checkout/pull/2194
• Update CODEOWNERS for actions by @​TingluoHuang in https://github.com/actions/checkout/pull/2224
• Update package dependencies by @​salmanmkc in https://github.com/actions/checkout/pull/2236
• Prepare release v4.3.0 by @​salmanmkc in https://github.com/actions/checkout/pull/2237

New Contributors

• @​motss made their first contribution in https://github.com/actions/checkout/pull/1971
• @​mouismail made their first contribution in https://github.com/actions/checkout/pull/1977
• @​benwells made their first contribution in https://github.com/actions/checkout/pull/2043
• @​nebuk89 made their first contribution in https://github.com/actions/checkout/pull/2194
• @​salmanmkc made their first contribution in https://github.com/actions/checkout/pull/2236

Full Changelog: actions/checkout@v4...v4.3.0

actions/setup-node (actions/setup-node)

v5.0.0

Compare Source

What's Changed

Breaking Changes

• Enhance caching in setup-node with automatic package manager detection by @​priya-kinthali in #​1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless.
To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

• Upgrade action to use node24 by @​salmanmkc in #​1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​octokit/request-error and @​actions/github by @​dependabot[bot] in #​1227
• Upgrade uuid from 9.0.1 to 11.1.0 by @​dependabot[bot] in #​1273
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in #​1295
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in #​1332
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in #​1345

New Contributors

• @​priya-kinthali made their first contribution in #​1348
• @​salmanmkc made their first contribution in #​1325

Full Changelog: actions/setup-node@v4...v5.0.0

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

 ERROR   ERROR  Unknown option: 'ignore-scripts'
Did you mean 'ignore-workspace'? Use "--config.unknown=value" to force an unknown option.
For help, run: pnpm help dedupe

[changeset-bot]

⚠️ No Changeset found

Latest commit: 4637215

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[pkg-pr-new]

Open in StackBlitz

npm i https://pkg.pr.new/eslint-plugin-prettier@766

commit: 4637215

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 4637215 in 1 minute and 2 seconds. Click for details.

• Reviewed 101 lines of code in 5 files
• Skipped 0 files when reviewing.
• Skipped posting 5 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. .github/workflows/autofix.yml:19

• Draft comment:
  Updated the checkout action to v5.0.0 (pinned to a specific commit) and similarly the setup-node action to v5.0.0. Please ensure that the runner’s minimum version (e.g. v2.327.1) and caching behavior are still appropriate.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is asking the PR author to ensure that the runner's minimum version and caching behavior are still appropriate. This falls under the rule of not asking the author to ensure behavior is intended or to double-check things. Therefore, this comment should be removed.

2. .github/workflows/ci.yml:35

• Draft comment:
  The CI workflow now uses the updated v5.0.0 versions for both checkout and setup-node. Also, note the conditional ESLint installation (for matrix.eslint != 9); ensure this logic correctly installs the desired ESLint versions.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 20% <= threshold 50% The comment is informative about the CI workflow changes and mentions a conditional ESLint installation. However, it does not ask the author to confirm or change anything specific, nor does it suggest any improvements or highlight potential issues. It seems to be more of an informative note rather than a constructive comment.

3. .github/workflows/pkg-pr-new.yml:16

• Draft comment:
  The Publish Any Commit workflow now uses the v5.0.0 versions of checkout and setup-node. This update appears consistent; please verify that the publishing process (via 'pnpm dlx pkg-pr-new publish') continues to operate as expected.
• Reason this comment was not posted:
  Confidence changes required: 33% <= threshold 50% None

4. .github/workflows/release.yml:23

• Draft comment:
  The release workflow now uses updated v5.0.0 actions for checkout and setup-node. Additionally, ensure that the npm upgrade step ('npm install -g npm@latest') and subsequent release steps are fully compatible with the new node environment.
• Reason this comment was not posted:
  Confidence changes required: 50% <= threshold 50% None

5. package.json:73

• Draft comment:
  The dependency updates for commitlint (to v20.0.0) and html-eslint/parser (to ^0.47.0) are applied. Please review any breaking changes or configuration updates required by these new versions and confirm that linking of 'eslint-plugin-prettier' (using 'link:.') is intentional.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 50% <= threshold 50% The comment discusses dependency updates, which is generally not allowed. However, it also asks to confirm the intentional linking of 'eslint-plugin-prettier', which is a specific code suggestion. The part about reviewing breaking changes is not allowed, but the confirmation about linking is valid.

Workflow ID: wflow_mR4jrKlaZbpoPbzx

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}