chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@nuxt/eslint (source)	1.4.1 -> 1.9.0			dependencies	minor
@nuxt/image (source)	1.10.0 -> 1.11.0			dependencies	minor
@nuxt/scripts	^0.11.5 -> ^0.12.0			dependencies	minor
@playwright/test (source)	1.52.0 -> 1.56.0			devDependencies	minor
@vueuse/nuxt (source)	13.3.0 -> 13.9.0			dependencies	minor
danielroe/provenance-action	v0.1.0 -> v0.1.1			action	patch
lint-staged	16.1.0 -> 16.2.4			devDependencies	minor
mcr.microsoft.com/playwright	v1.52.0-noble -> v1.56.0-noble			container	minor
nuxt-og-image (source)	5.1.4 -> 5.1.11			dependencies	patch
pnpm (source)	10.11.1 -> 10.18.2			packageManager	minor
simple-git-hooks	2.13.0 -> 2.13.1			devDependencies	patch
typescript (source)	5.8.3 -> 5.9.3			devDependencies	minor
unplugin-vue-router (source)	^0.12.0 -> ^0.15.0			dependencies	minor
vue-sonner	2.0.0 -> 2.0.9			dependencies	patch
vue-tsc (source)	3.0.1 -> 3.1.1			devDependencies	minor

---

Release Notes

nuxt/eslint (@​nuxt/eslint)

v1.9.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (b80cb)

   🐞 Bug Fixes

• Add defineNuxtConfig as ESLint's globals, close #​603  -  by @​antfu in #​603 (2e67f)

    View changes on GitHub

v1.8.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (932a7)

    View changes on GitHub

v1.7.1

Compare Source

   🐞 Bug Fixes

• Include eslint-typegen.d.ts in nuxt.node.d.ts, close #​596  -  by @​antfu in #​596 (ab74e)

    View changes on GitHub

v1.7.0

Compare Source

   🚀 Features

• Upgrade eslint-plugin-unicorn  -  by @​antfu (b3b7d)

    View changes on GitHub

v1.6.0

Compare Source

   🐞 Bug Fixes

• Bring back eslint-plugin-import-x as default, close #​590  -  by @​antfu in #​590 (e43d6)

    View changes on GitHub

v1.5.2

Compare Source

   🚀 Features

• Add option features.import.plugin to swap plugin implementation, close #​587  -  by @​antfu in #​587 (66f5e)

    View changes on GitHub

v1.5.1

Compare Source

   🐞 Bug Fixes

• eslint-config: Replace deprecated vue/object-property-newline option  -  by @​amery in #​586 (7805e)

    View changes on GitHub

v1.5.0

Compare Source

   🚀 Features

• Switch to eslint-plugin-import-lite, update deps  -  by @​antfu (31bd8)

   🐞 Bug Fixes

• eslint-config: Add file type restrictions to prevent CSS parsing errors  -  by @​amery in #​584 (40521)

    View changes on GitHub

nuxt/image (@​nuxt/image)

v1.11.0

Compare Source

compare changes

🚀 Enhancements

• Add support for image helpers in nitro endpoints (#​1473)
• ipx: Log the architecture of the build (#​1808)

🩹 Fixes

• Remove layer0 and edgio providers (#​1763)
• Add back layer0 and edgio providers (without) tests (a99ce09)
• cloudflare: Don't add baseURL if there are no operations (#​1790)
• ipx: Always use ipx provider if external baseURL is provided (#​1800)
• ipxStatic: Strip repeated slashes from image path (#​1801)
• Avoid deep type instantiation (12b37a2)

📖 Documentation

• Fix typo (#​1762)
• Fix link to runtime/providers (#​1819)

🏡 Chore

• Disable shamefully-hoist (#​1795)
• Do not ignore typescript upgrades (0809991)
• Switch to using typesVersions field (b4af05a)
• Allow major bumps in changelog (d486587)
• Enable oxc-resolver build (4be31c7)
• Release v1.11.0 (3123997)

✅ Tests

• Exclude layer0 + edgio from unit tests (3682a90)

🤖 CI

• Run tests against 1.x branch (0c83646)
• Add release workflow and add pkg.pr.new (#​1791)
• Set fetch-depth (18ae6c7)
• Test vs node 20 (e6babef)

❤️ Contributors

• Daniel Roe (@​danielroe)
• Matis (@​matisbag)
• Amir Afshar (@​Afshar07)
• Sébastien Chopin (@​atinux)
• Nicolas Großmann (@​grossmann94)

nuxt/scripts (@​nuxt/scripts)

v0.12.1

Compare Source

   🐞 Bug Fixes

• Resolve import paths as absolute  -  by @​harlan-zw (a2173)

   🏎 Performance

• googleMaps: Avoid multiple rerenders when adding markers to clusterer  -  by @​DamianGlowala in #​517 (1f5e1)

    View changes on GitHub

v0.12.0

Compare Source

This release includes the merge of several new available scripts:

• 🚀 New Scripts: PayPal, Reddit Pixel, and Databuddy
• 🗺️ Google Map Declarative SFC API
• 🔨 Reworked devtools
• 🐛 15 bug fixes

Thank you to all contributors. An extra special shout out to @​OrbisK, @​dennisadriaans, @​DamianGlowala, @​vachmara & @​gelanderosh for their contributions in this release.

⚠️ Please test when upgrading, as there is breaking changes included.

   🚨 Breaking Changes

• matomoAnalytics: watch mode  -  by @​harlan-zw in #​514 (31798)
• stripe: Stripe basil  -  by @​gelanderosh in #​509 (21500)

   🚀 Features

• Add databuddy analytics  -  by @​vachmara in #​495 (cdc2b)
• PayPal SDK  -  by @​harlan-zw and Robin Kehl in #​503 (c4cb1)
• Reddit Pixel  -  by @​harlan-zw and Dennis in #​507 (28ce2)
• Bundling cache expiration & bypass  -  by @​harlan-zw in #​497 (bf491)
• New event triggers  -  by @​harlan-zw in #​515 (6fbeb)
• devtools: Improved tracking  -  by @​harlan-zw (9aa00)
• google-maps: Declarative SFC API  -  by @​harlan-zw and @​DamianGlowala in #​510 (ca1ec)

   🐞 Bug Fixes

• Merge query parms when overriding scriptInput.src  -  by @​harlan-zw in #​500 (abe57)
• Gracefully handle production only scripts  -  by @​harlan-zw (a53ab)
• Drop #imports usage  -  by @​harlan-zw (67b7e)
• Drop performanceMarkFeature emits  -  by @​harlan-zw (c079f)
• Respect env data when bundling  -  by @​harlan-zw (86410)
• Improved debugging when bundling fails  -  by @​harlan-zw (34d7b)
• devtools:
  • Show URL logos correctly  -  by @​harlan-zw (30aba)
  • Show error status's  -  by @​harlan-zw (22d91)
  • Show validation errors  -  by @​harlan-zw (c9e1a)
  • Add null safety  -  by @​harlan-zw in #​501 (31cd2)
• googleAnalytics:
  • Support customer ids  -  by @​harlan-zw (20aa9)
• gtm:
  • Broken onBeforeGtmStart arguments  -  by @​endorfin and @​harlan-zw in #​494 (1edcd)
• matomo:
  • Broken event tracking  -  by @​harlan-zw (712a8)
• types:
  • Publish types for node context  -  by @​harlan-zw (695b7)
• useScriptEventPage:
  • Remove hooks on dispose  -  by @​harlan-zw (cf5d7)

    View changes on GitHub

v0.11.13

Compare Source

compare changes

🚀 Enhancements

• Add databuddy analytics (#​495)
• PayPal SDK (#​503)
• Reddit Pixel (#​507)
• stripe: ⚠️ Stripe basil (#​509)
• google-maps: Declarative SFC API (#​510)
• Bundling cache expiration & bypass (#​497)
• devtools: Improved tracking (9aa000d)
• matomoAnalytics: ⚠️ watch mode (#​514)
• New event triggers (#​515)

🩹 Fixes

• devtools: Show URL logos correctly (30abad4)
• devtools: Show error status's (22d91c5)
• devtools: Show validation errors (c9e1a20)
• devtools: Add null safety (#​501)
• Merge query parms when overriding scriptInput.src (#​500)
• gtm: Broken onBeforeGtmStart arguments (#​494)
• types: Publish types for node context (695b7f1)
• matomo: Broken event tracking (712a869)
• Gracefully handle production only scripts (a53ab33)
• Drop #imports usage (67b7e70)
• Drop performanceMarkFeature emits (c079f51)
• googleAnalytics: Support customer ids (20aa9d5)
• Respect env data when bundling (864102f)
• Improved debugging when bundling fails (34d7be7)
• useScriptEventPage: Remove hooks on dispose (cf5d715)

📖 Documentation

• Improve responsiveness (#​505)
• Improve bundling documentation (#​498)

🏡 Chore

• Type issue (fe6ea30)
• Changelog (83e9954)
• Bump deps (110eaa9)
• Bump lock (57ea493)
• Missing paypal type (3c01eb8)
• Bump deps (511b57f)
• Types (1ae8043)
• Standalone playground (8662c66)
• Tidy up playground (dbed5b7)
• Sync playground (6571544)
• Lint (b7213e0)
• Lint (78fbd7c)
• Lint (6361c68)
• Broken tests (ba85f61)
• Bump deps (a27120d)
• Lint (ecada33)
• Fix broken test (9dd054f)
• Bump deps (b98c236)
• Maybe fix nightly (b9f6727)

⚠️ Breaking Changes

• stripe: ⚠️ Stripe basil (#​509)
• matomoAnalytics: ⚠️ watch mode (#​514)

❤️ Contributors

• Harlan Wilton (@​harlan-zw)
• René Kersten rene.kersten@gmail.com
• Gelanderos gelanderos@artlesslabs.com
• Vachmara valentinchmara@gmail.com

v0.11.10

Compare Source

compare changes

🏡 Chore

• NPM trusted publishing (b785b61)
• Sync changelog (032f73c)
• Bump deps (abfa89e)
• Sync lock (f26b0a2)
• Broken release script (c79c45a)

❤️ Contributors

• Harlan Wilton (@​harlan-zw)

v0.11.9

Compare Source

compare changes

🏡 Chore

• Migrate to addTypeTemplate (399e0c2)
• Add nightly releases (e49434e)
• Drop nuxt peer dependency (dc4e84a)
• Missing sqlite dep (922467c)

❤️ Contributors

• Harlan Wilton (@​harlan-zw)

microsoft/playwright (@​playwright/test)

v1.56.0

Compare Source

v1.55.1

Compare Source

Highlights

#​37479 - [Bug]: Upgrade Chromium to 140.0.7339.186.
#​37147 - [Regression]: Internal error: step id not found.
#​37146 - [Regression]: HTML reporter displays a broken chip link when there are no projects.
#​37137 - Revert "fix(a11y): track inert elements as hidden".

Browser Versions

• Chromium 140.0.7339.186
• Mozilla Firefox 141.0
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 139
• Microsoft Edge 139

v1.55.0

Compare Source

v1.54.2

Compare Source

Highlights

https://github.com/microsoft/playwright/issues/36714 - [Regression]: Codegen is not able to launch in Administrator Terminal on Windows (ProtocolError: Protocol error)https://github.com/microsoft/playwright/issues/368288 - [Regression]: Playwright Codegen keeps spamming with selected optiohttps://github.com/microsoft/playwright/issues/3681010 - [Regression]: Starting Codegen with target language doesn't work anymore

Browser Versions

• Chromium 139.0.7258.5
• Mozilla Firefox 140.0.2
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 140
• Microsoft Edge 140

v1.54.1

Compare Source

v1.54.0

Compare Source

Highlights

• New cookie property partitionKey in browserContext.cookies() and browserContext.addCookies(). This property allows to save and restore partitioned cookies. See CHIPS MDN article for more information. Note that browsers have different support and defaults for cookie partitioning.

• New option noSnippets to disable code snippets in the html report.

  import { defineConfig } from '@​playwright/test';
  
  export default defineConfig({
    reporter: [['html', { noSnippets: true }]]
  });

• New property location in test annotations, for example in testResult.annotations and testInfo.annotations. It shows where the annotation like test.skip or test.fixme was added.

Command Line

• New option --user-data-dir in multiple commands. You can specify the same user data dir to reuse browsing state, like authentication, between sessions.

  npx playwright codegen --user-data-dir=./user-data

• Option -gv has been removed from the npx playwright test command. Use --grep-invert instead.

• npx playwright open does not open the test recorder anymore. Use npx playwright codegen instead.

Miscellaneous

• Support for Node.js 16 has been removed.
• Support for Node.js 18 has been deprecated, and will be removed in the future.

Browser Versions

• Chromium 139.0.7258.5
• Mozilla Firefox 140.0.2
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 140
• Microsoft Edge 140

v1.53.2

Compare Source

v1.53.1

Compare Source

v1.53.0

Compare Source

Trace Viewer and HTML Reporter Updates

• New Steps in Trace Viewer and HTML reporter:

• New option in 'html' reporter to set the title of a specific test run:

  import { defineConfig } from '@​playwright/test';
  
  export default defineConfig({
    reporter: [['html', { title: 'Custom test run #​1028' }]]
  });

Miscellaneous

• New option kind in testInfo.snapshotPath() controls which snapshot path template is used.

• New method locator.describe() to describe a locator. Used for trace viewer and reports.

  const button = page.getByTestId('btn-sub').describe('Subscribe button');
  await button.click();

• npx playwright install --list will now list all installed browsers, versions and locations.

Browser Versions

• Chromium 138.0.7204.4
• Mozilla Firefox 139.0
• WebKit 18.5

This version was also tested against the following stable channels:

• Google Chrome 137
• Microsoft Edge 137

vueuse/vueuse (@​vueuse/nuxt)

v13.9.0

Compare Source

   🚀 Features

• onLongPress: Allow function as value in delay  -  by @​keeplearning66 in #​4979 (415f3)
• useAsyncState: Allow initial value to be a ref  -  by @​43081j in #​4992 (e38e8)

   🐞 Bug Fixes

• types: Update type casting for watch functions to use WatchSource  -  by @​ArthurDarkstone in #​4966 (00a72)
• useUrlSearchParams: Restore proper history and navigation behavior  -  by @​yosong-github and @​ilyaliao in #​4969 (1cff4)

    View changes on GitHub

v13.8.0

Compare Source

   🚀 Features

• useEventSource: Add serializer  -  by @​imddc and @​ilyaliao in #​4953 (64651)

   🏎 Performance

• docs: Replace twoslash with own function for comparing js snippet  -  by @​serkodev in #​4977 (909fd)
• usePointer: Use shallowRef for better performance  -  by @​broBinChen and xiaobin in #​4980 (ce09e)
• usePreferredLanguages: Use shallowRef for better performance  -  by @​ilyaliao in #​4973 (361c8)

    View changes on GitHub

v13.7.0

Compare Source

   🚨 Breaking Changes

• useAsyncState: Set globalThis.reportError as default onError  -  by @​kalu5 in #​4951 (f6e88)

   🚀 Features

• computedAsync: Use globalThis.reportError as default onError  -  by @​babu-ch in #​4943 (226a2)
• useClipboardItems: Expose read()  -  by @​OrbisK in #​4954 (d03b2)
• useDevicePixelRatio: Improve types  -  by @​doyuli in #​4927 (1b3d4)
• useSpeechSynthesisOptions: Add option onBoundary  -  by @​pkc918 in #​4960 (c0dca)
• useTimeAgoIntl: Add useTimaAgoIntl  -  by @​northword and Anthony Fu in #​4821 (81815)

   🐞 Bug Fixes

• ci: Avoid duplicate nr update execution in docs:build  -  by @​serkodev in #​4925 (a73ee)
• useAnimate: Respect immediate: false with conditionally rendered elements  -  by @​curtgrimes in #​4947 (90c7f)
• useGamepad: Correct type assertion for vibrationActuator  -  by @​ArthurDarkstone in #​4964 (c5277)
• useStorage: Make sure to always read data if new value is undefined  -  by @​OrbisK in #​4957 (22116)

   🏎 Performance

• twoslash: Optimize twoslash cache  -  by @​doyuli in #​4939 (93064)
• useMutationObserver: Watch ref directly  -  by @​VividLemon in #​4940 (01cd9)

    View changes on GitHub

v13.6.0

Compare Source

   🚀 Features

• Mark templateRef as deprecated  -  by @​ilyaliao in #​4894 (0271e)
• useFileDialog: Add MaybRef to multiple, accept, capture, reset, and directory  -  by @​hunterwilhelm, Anthony Fu and @​antfu in #​4813 (a44bd)
• useFocusTrap: Expose updateContainerElements for dynamic contai…  -  by @​PeikyLiu and @​ilyaliao in #​4849 (3d5e5)
• useIDBKeyval: Add options.serializer  -  by @​matthewjumpsoffbuildings, @​OrbisK and @​43081j in #​4781 (bb831)
• useStorageAsync: Add onReady option and Promise return  -  by @​asika32764, Fernando Fernández, @​OrbisK and Anthony Fu in #​4158 (3a2df)
• useTransition: Support custom window  -  by @​byronogis and Anthony Fu in #​4850 (a75f4)

   🐞 Bug Fixes

• onClickOutside: The order of overload signatures  -  by @​whiteyebrw, @​ilyaliao and Anthony Fu in #​4839 (d5812)
• types: Use Vue's native MaybeRef and MaybeRefOrGetter instead  -  by @​RYGRIT in #​4913 (2d179)
• useDraggable: Add capture prop to component  -  by @​wgh970312 in #​4911 (547f8)
• useMagicKeys: Prevent incorrect clearing of other keys after releasing shift  -  by @​keeplearning66 in #​4916 (d7f28)
• useMouseInElement: Correctly update elementX and elementY  -  by @​cszhjh and @​ilyaliao in #​4846 (cf02b)
• useVirtualList: Resolve invalid watch source  -  by @​cszhjh and @​OrbisK in #​4857 (d2381)

    View changes on GitHub

v13.5.0

Compare Source

   🚀 Features

• useSpeechSynthesis: Add reactivity for volume  -  by @​whiteyebrw in #​4837 (4d125)

   🐞 Bug Fixes

• useCookie: Update universal-cookie range to ^7 || ^8 #​4834

    View changes on GitHub

v13.4.0

Compare Source

   🚀 Features

• shared: Introduce TimerHandle for setTimeout type  -  by @​ilyaliao in #​4801 (319d8)
• useAsyncState: Add executeImmediate with the same type as the promise fn  -  by @​davidglezz in #​4716 (82740)
• useEventSource: Added lastEventId for named events  -  by @​whiteyebrw in #​4791 (f6f0b)
• useFetch: Support for custom abort reason  -  by @​doyuli in #​4820 (44c0b)
• useRefHistory: Add shouldCommit  -  by @​JonathanSchndr, Anthony Fu and Robin in #​4471 (18acf)
• useUrlSearchParams: Add a stringify option for users to provide stringify logic  -  by @​mingXta, Robin and Anthony Fu in #​4773 (6a523)

   🐞 Bug Fixes

• computedWithControl: Allow deeply watching source  -  by @​MetRonnie and Anthony Fu in #​4786 (ffc1a)
• useDevicesList: Check for device availability before requesting permissions  -  by @​ilyaliao in #​4818 (c424f)
• useEventListener: Improve types  -  by @​ArthurDarkstone, liliang18 and @​Alfred-Skyblue in #​4787 (6f565)
• useIdle: Changed the reset call when the initial value is true  -  by @​whiteyebrw in #​4800 (c6469)
• useMouseInElement: Fixing the issue where target element updates were not considered.  -  by @​Codfisher and bgm.cod in #​4782 (04af9)
• useScreenSafeArea: Сhanged initial value update  -  by @​whiteyebrw in #​4789 (ae573)
• useScriptTag: Support passing nonce  -  by @​1-dilikelei and 董梁玮 in #​4753 (57370)
• useScroll: Use mutationObserver to update arrivedState when the DOM is changed  -  by @​andylou0102, AndyLuo, Robin and Anthony Fu in #​4433 (135d5)
• watchIgnorable: Add and export types  -  by @​ArthurDarkstone, liliang18 and Robin in #​4809 (0e10e)

   🏎 Performance

• computedWithControl: Optimize with shallowRef  -  by @​broBinChen and binge_c-admin in #​4826 (2c91a)

    View changes on GitHub

danielroe/provenance-action (danielroe/provenance-action)

v0.1.1

Compare Source

compare changes

🚀 Enhancements

• Add support for bun.lock (#​12)

📖 Documentation

• Use @main constraint for example (237ceea)

❤️ Contributors

• Daniel Roe (@​danielroe)

lint-staged/lint-staged (lint-staged)

v16.2.4

Compare Source

Patch Changes

• #​1682 0176038 Thanks @​iiroj! - Update dependencies, including nano-spawn@2.0.0 with bug fixes.

• #​1671 581a54e Thanks @​iiroj! - Speed up execution by only importing the yaml depedency if using YAML configuration files.

v16.2.3

Compare Source

Patch Changes

• #​1669 27cd541 Thanks @​iiroj! - When using --fail-on-changes, automatically hidden (partially) unstaged changes are no longer counted to make lint-staged fail.

v16.2.2

Compare Source

Patch Changes

• #​1667 699f95d Thanks @​iiroj! - The backup stash will not be dropped when using --fail-on-changes and there are errors. When reverting to original state is disabled (via --no-revert or --fail-on-changes), hidden (partially) unstaged changes are still restored automatically so that it's easier to resolve the situation manually.

  Additionally, the example for using the backup stash manually now uses the correct backup hash, if available:

  % npx lint-staged --fail-on-changes
  ✔ Backed up original state in git stash (c18d55a3)
  ✔ Running tasks for staged files...
  ✖ Tasks modified files and --fail-on-changes was used!
  ↓ Cleaning up temporary files...
  
  ✖ lint-st
  

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cloudflare-workers-and-pages]

Deploying dev-mode with    Cloudflare Pages

Latest commit:	2d751d8
Status:	🚫  Build failed.

View logs

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​nuxt/​eslint@​1.4.1 ⏵ 1.9.0	+1		+1	+1
	@​nuxt/​image@​1.10.0 ⏵ 1.11.0	+1		+1	-1
	@​vueuse/​nuxt@​13.3.0 ⏵ 13.9.0	+1		+2	+3
	nuxt-og-image@​5.1.4 ⏵ 5.1.11			+1
	lint-staged@​16.1.0 ⏵ 16.2.4	+1			+3
	@​playwright/​test@​1.52.0 ⏵ 1.56.0
	@​nuxt/​scripts@​0.11.8 ⏵ 0.12.1	+3		+9	+9

View full report