chore: release v0.6.0#187
Open
github-actions[bot] wants to merge 27 commits into
Open
Conversation
…ssion in tailwindcss 4.2.4 Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/4152fe4f-252c-49a2-8f97-b4b6388df319 Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
…ld regression in tailwindcss 4.2.4" This reverts commit 867f182.
Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/972717f0-40ca-496c-81dc-805b6206edfc Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
…pdate CI workflow Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
- add nuxt and nuxt-ui MCP HTTP servers - switch sentry from HTTP to stdio with host/token env vars - add tools wildcard to all server entries for full tool access
## Summary Updates `.vscode/mcp.json` with expanded MCP server coverage and consistent configuration. ## What changed - Added **nuxt** MCP server (`https://nuxt.com/mcp`) for Nuxt framework docs - Added **nuxt-ui** MCP server (`https://ui.nuxt.com/mcp`) for Nuxt UI component docs - Switched **sentry** from HTTP endpoint to `stdio` via `npx @sentry/mcp-server`, with scoped host/token env vars (`SENTRY_HOST`, `SENTRY_ACCESS_TOKEN`) - Added `"tools": ["*"]` to all server entries for full tool access ## Verification - No runtime code changed -- VS Code workspace configuration only - `pnpm lint`, `pnpm typecheck`, `pnpm build` unaffected
…age.json conflicts Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/2c0ea36f-6ff0-4ab9-8c1d-48feb2ade5df Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
- Introduced SKILL.md for git commit guidelines - Added skills-lock.json for skill registration - Supports conventional commit message generation
#188) ### Linked issue <!-- No linked issue --> ### Context Adds the \`git-commit\` agent skill sourced from \`github/awesome-copilot\`, enabling Copilot to generate conventional commit messages intelligently from diffs within this project. ### Description - Introduced \`.agents/skills/git-commit/SKILL.md\` — full skill definition for executing git commits using the Conventional Commits specification. Covers type/scope detection, intelligent file staging, interactive overrides, and footer generation (breaking changes, issue refs). - Added \`skills-lock.json\` — registers the skill with its source, path, and integrity hash so the skill runtime can resolve and verify it reproducibly. The skill is invoked when the user asks to commit changes or uses \`/commit\`. It auto-detects the conventional type and scope from the diff, generates a message, and supports interactive overrides before committing.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## release #187 +/- ##
========================================
Coverage 66.83% 66.83%
========================================
Files 81 81
Lines 2023 2023
Branches 601 601
========================================
Hits 1352 1352
Misses 534 534
Partials 137 137 🚀 New features to boost your workflow:
|
Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/b58b0143-2703-46cc-8375-29437d0b380b Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/b58b0143-2703-46cc-8375-29437d0b380b Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
…m-workspace.yaml pnpm v11 no longer reads non-auth settings from .npmrc. Move shamefullyHoist, hoistPattern, and publicHoistPattern to pnpm-workspace.yaml so module resolution works for Prisma and Node.js instrumentation packages (import-in-the-middle). Remove deprecated onlyBuiltDependencies and ignoredBuiltDependencies (replaced by allowBuilds in pnpm v11). Add missing allowBuilds entries for @prisma/client, @tailwindcss/oxide, workerd, better-sqlite3, core-js, and unrs-resolver. Add confirmModulesPurge: false.
> ℹ️ **Note**
>
> This PR body was truncated due to platform limits.
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [pnpm](https://pnpm.io)
([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) |
[`10.33.0` →
`11.1.0`](https://renovatebot.com/diffs/npm/pnpm/10.33.0/11.1.0) |
|
|
---
### Release Notes
<details>
<summary>pnpm/pnpm (pnpm)</summary>
###
[`v11.1.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1110)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.9...v11.1.0)
##### Minor Changes
- Added `pnpm audit signatures` to verify ECDSA registry signatures for
installed packages against keys from `/-/npm/v1/keys`
[#​7909](https://redirect.github.com/pnpm/pnpm/issues/7909).
Scoped registries are respected, and registries without signing keys are
skipped.
- Added support for installing packages from the [GitHub Packages npm
registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry)
via a built-in `gh:` prefix (e.g. `pnpm add gh:@​acme/private`),
and, more broadly, for arbitrary named registries in the style of [vlt's
named-registry aliases](https://docs.vlt.sh/cli/registries).
Authentication is picked up from the existing per-URL `.npmrc` entries
(e.g. `//npm.pkg.github.com/:_authToken=...`), so no separate auth
mechanism is required.
Additional aliases — or an override for the built-in `gh` alias, for
GitHub Enterprise Server — can be configured under `namedRegistries` in
`pnpm-workspace.yaml`:
```yaml
namedRegistries:
gh: https://npm.pkg.github.example.com/
work: https://npm.work.example.com/
```
With this, `work:@​corp/lib@^2.0.0` resolves against
`https://npm.work.example.com/`.
[#​8941](https://redirect.github.com/pnpm/pnpm/issues/8941).
- Allow setting sbom spec version using `--sbom-spec-version`
[#​11389](https://redirect.github.com/pnpm/pnpm/pull/11389).
- Add `--no-runtime` flag (config: `runtime=false`) to skip installing
runtime entries (e.g. Node.js downloaded via `devEngines.runtime`)
without modifying the lockfile. The lockfile keeps the runtime entry so
frozen-lockfile validation still passes; only the runtime fetch and
`.bin` linking are skipped. Useful in CI matrices where the runtime is
provisioned externally (e.g. via `pnpm runtime -g set node <version>`)
before `pnpm install` runs.
- Added the `pnpm bugs` command that opens a package's bug tracker URL
in the browser. With no arguments, it reads the current project's
`package.json`; with one or more package names, it fetches each
package's metadata from the registry and opens its bug tracker. Falls
back to `<repository>/issues` when the `bugs` field is missing
[#​11279](https://redirect.github.com/pnpm/pnpm/pull/11279).
- Added `pnpm owner` command to manage package owners on the registry.
##### Patch Changes
- Added "published X ago by Y" information to the `pnpm view` command
output, similar to `npm view`. This is useful when comparing against
`minimumReleaseAge`.
For example, `pnpm view pnpm` now shows:
```
published 17 hours ago by GitHub Actions
```
- `pnpm publish` now honors the configured HTTP/HTTPS proxy (including
`https_proxy`/`http_proxy`/`no_proxy` environment variables) when
polling the registry's `doneUrl` during the web-based authentication
flow. Previously the poll bypassed the proxy, causing the registry to
respond `403` from a different source IP and the login to never complete
[#​11561](https://redirect.github.com/pnpm/pnpm/issues/11561).
- `pnpm add -g` now installs each space-separated package into its own
isolated directory by default. To bundle multiple packages into the same
isolated install (so that they share dependencies and are removed
together), pass them as a comma-separated list. For example:
- `pnpm add -g foo bar` installs `foo` and `bar` as two independent
globals — removing one does not affect the other.
- `pnpm add -g foo,bar qar` bundles `foo` and `bar` into a single
isolated install while `qar` is installed on its own.
Related:
[#​11587](https://redirect.github.com/pnpm/pnpm/issues/11587).
- `pnpm runtime set <name> <version>` no longer fails in the root of a
multi-package workspace with the `ADDING_TO_ROOT` error. Installing the
workspace root is a valid target for a runtime, so the command now
bypasses that safety check.
- Fix `pnpm --version` hanging for the lifetime of the worker pool after
the version was printed. `main.ts`'s `--version` short-circuit returned
before reaching the command-handler `finally` that calls
`finishWorkers()`, so the worker pool that `switchCliVersion` had
spawned during integrity resolution stayed alive and held the Node event
loop open. The CLI entry now runs `finishWorkers()` from its own
`finally`, so every exit path tears the pool down.
Repro: `pnpm --version` in a workspace whose `devEngines.packageManager`
version already matches the running pnpm + `onFail: "download"`.
`switchCliVersion` resolves the integrity (spawning workers), finds
nothing to swap, returns. The version prints, then the process hangs.
###
[`v11.0.9`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1109)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.8...v11.0.9)
##### Patch Changes
- Fixed installation of GitLab-hosted dependencies. pnpm now downloads
the tarball from
`https://gitlab.com/<user>/<project>/-/archive/<sha>/<project>-<sha>.tar.gz`
instead of the GitLab API endpoint that contained an encoded slash
(`%2F`) between user and project. The encoded slash both triggered `406
Not Acceptable` responses from GitLab and produced virtual store
directory names that Node refused to import
(`ERR_INVALID_MODULE_SPECIFIER`)
[#​11533](https://redirect.github.com/pnpm/pnpm/issues/11533).
- Honor `NPM_CONFIG_USERCONFIG` (and its lowercase
`npm_config_userconfig` form) as a low-priority fallback when locating
the user-level `.npmrc`. This restores compatibility with environments
that point npm at a custom auth file via that env var — most notably
`actions/setup-node`, which writes registry credentials to
`${runner.temp}/.npmrc` and exports `NPM_CONFIG_USERCONFIG` to reference
it. Without this, GitHub Actions workflows using `actions/setup-node` to
authenticate to private registries broke after upgrading to pnpm v11.
PNPM-prefixed env vars and `npmrcAuthFile` from the global `config.yaml`
continue to take precedence
[#​11539](https://redirect.github.com/pnpm/pnpm/issues/11539).
- Fix `pnpm pack` not bundling dependencies listed in
`bundleDependencies` (or `bundledDependencies`). The npm-packlist
upgrade in pnpm 11 changed its API to require the caller to pre-populate
the dependency tree, which the wrapper was not doing —
`bundleDependencies` were silently dropped from the tarball
[#​11519](https://redirect.github.com/pnpm/pnpm/issues/11519).
- Fixed the pnpm CLI crashing with a confusing `SyntaxError: Invalid
regular expression flags` instead of printing a clear "requires Node.js
v22.13" error when launched on an unsupported Node.js version. The
Node.js version check in `bin/pnpm.mjs` was effectively dead code
because the static `import` of the bundled `dist/pnpm.mjs` was hoisted
by the ES module loader and parsed before the check could run
[#​11546](https://redirect.github.com/pnpm/pnpm/issues/11546).
- Fixed `pnpm --prefix=<dir> install` overwriting the existing
`pnpm-workspace.yaml` in `<dir>` with `set this to true or false`
placeholders. The renamed `--prefix` option (which maps to `dir`) was
not honored when locating the workspace root, so the workspace
manifest's `allowBuilds` settings were not loaded into config and got
clobbered when ignored builds were auto-populated
[#​11535](https://redirect.github.com/pnpm/pnpm/issues/11535).
- Fixed `pnpm publish --provenance` failing with a 422 from the registry
when the package version contained semver build metadata (e.g.
`1.0.0-canary.0+abc1234`). The `+<build>` segment is now stripped before
packing so that the version embedded in the tarball, the metadata sent
to the registry, and the sigstore provenance subject all agree
[#​11518](https://redirect.github.com/pnpm/pnpm/issues/11518).
###
[`v11.0.8`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1108)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.7...v11.0.8)
##### Patch Changes
- Restored the heuristic that preserves tarball URLs in `pnpm-lock.yaml`
when they cannot be derived from name+version+registry, even with the
default `lockfileIncludeTarballUrl: false`. Without this, `pnpm install
--frozen-lockfile` from an empty store fails with `ERR_PNPM_FETCH_404`
for packages on registries that serve tarballs from a non-standard path
— most notably GitHub Packages
(`https://npm.pkg.github.com/download/<scope>/<name>/<version>/<hash>`)
and JSR. `lockfileIncludeTarballUrl: true` continues to force the URL
into the lockfile for every package
[#​11276](https://redirect.github.com/pnpm/pnpm/issues/11276).
- Run `preversion`, `version`, and `postversion` lifecycle scripts for
`pnpm version`.
- Fixed `ERR_PNPM_BAD_TARBALL_SIZE` when a registry serves tarballs with
an end-to-end `Content-Encoding` (e.g. `gzip`). Tarballs are already
compressed, so the fetcher now requests them with `Accept-Encoding:
identity` (matching pnpm v10's effective behavior) and, as defense in
depth against misbehaving servers, no longer enforces the strict
`Content-Length` check when the response declares a `Content-Encoding` —
`Content-Length` in that case refers to the encoded payload, not the
decoded bytes the fetch implementation yields
[#​11506](https://redirect.github.com/pnpm/pnpm/issues/11506).
###
[`v11.0.7`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1107)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.6...v11.0.7)
##### Patch Changes
- Restore the execute bit on the `node-gyp` shims packed inside
`@pnpm/exe` (`dist/node-gyp-bin/node-gyp`,
`dist/node-gyp-bin/node-gyp.cmd`, and
`dist/node_modules/node-gyp/bin/node-gyp.js`). Without this,
`pnpm/action-setup`'s standalone path (used on runners with Node.js <
22.13) failed any install whose lifecycle script invoked `node-gyp
rebuild` with `sh: 1: node-gyp: Permission denied`
[#​11483](https://redirect.github.com/pnpm/pnpm/issues/11483).
- Fixed the `pn`, `pnpx`, and `pnx` aliases failing in Git Bash / MSYS2
on Windows when pnpm was installed via `@pnpm/exe` (or after `pnpm
self-update`)
[#​11486](https://redirect.github.com/pnpm/pnpm/issues/11486).
Running `pnpx` (or `pnx`) printed the cmd.exe banner and dropped the
user into an interactive command prompt instead of running `pnpm dlx`.
The `bin` field rewrite on Windows was pointing those aliases at `.cmd`
files; cmd-shim's Bash shim for a `.cmd` target wraps it in `exec cmd /C
...`, and MSYS2 mangles `/C` into a Windows path before cmd.exe sees it.
The aliases are now `.exe` hardlinks of the SEA binary, which detects
which name it was launched as via `process.execPath` and prepends `dlx`
for `pnpx` / `pnx`.
- Fix `pnpm install` recreating `node_modules` after `pnpm fetch`. `pnpm
fetch` records empty `hoistPattern` and `publicHoistPattern` in
`.modules.yaml`; since v11 removed the explicit-config gate, the
follow-up install treated those as a hoist-pattern change and purged the
modules directory. The fetch step now flags the modules manifest with
`virtualStoreOnly: true` so the next install skips the hoist-pattern
comparison and completes the missing post-import linking in place
[#​11488](https://redirect.github.com/pnpm/pnpm/issues/11488).
- Pin the integrity of git-hosted tarballs (codeload.github.com,
gitlab.com, bitbucket.org) in the lockfile so that subsequent installs
detect a tampered or substituted tarball and refuse to install it.
Previously the lockfile only stored the tarball URL for git
dependencies, so a compromised git host or a man-in-the-middle could
serve arbitrary code on later installs without lockfile changes.
A new `gitHosted: true` field is recorded on git-hosted tarball
resolutions in the lockfile, letting every reader/writer route them by a
single typed check instead of pattern-matching the tarball URL in each
call site. Lockfiles written by older pnpm versions are enriched on load
(URL fallback) so the field can be relied on uniformly across the
codebase.
- Allow user-level preferences in the global `config.yaml`. The
following settings can now be set in `~/.config/pnpm/config.yaml` (or
via `pnpm config set --location global`) instead of being restricted to
`pnpm-workspace.yaml`: `agent`, `globalVirtualStoreDir`,
`initPackageManager`, `initType`, `registrySupportsTimeField`,
`scriptShell`, `shellEmulator`, `sideEffectsCache`,
`sideEffectsCacheReadonly`, `stateDir`, `strictDepBuilds`,
`trustPolicy`, `trustPolicyExclude`, `trustPolicyIgnoreAfter`,
`updateNotifier`, `useStderr`, `verifyDepsBeforeRun`,
`verifyStoreIntegrity`, `virtualStoreDir`, `virtualStoreDirMaxLength`
[#​11474](https://redirect.github.com/pnpm/pnpm/issues/11474).
- Make trusted publishing (OIDC) take precedence over a configured
static `_authToken` in `pnpm publish`, mirroring the npm CLI's behavior.
When OIDC succeeds, the OIDC-derived token overrides any pre-configured
`_authToken`; when OIDC is not applicable (no CI environment, exchange
fails, registry has no trusted publisher configured), the static token
is used as a fallback. This applies on every package during recursive
publish, so each workspace package independently attempts trusted
publishing.
Additionally, the `NPM_ID_TOKEN` env var is now honored as a CI-agnostic
injection point for an OIDC ID token. Previously OIDC was only attempted
on GitHub Actions or GitLab; now any CI provider that exposes its own
OIDC mechanism (e.g. CircleCI's `CIRCLE_OIDC_TOKEN_V2`, Buildkite, etc.)
can forward its token via `NPM_ID_TOKEN` and trusted publishing will
work without pnpm needing to recognize the provider explicitly.
- `--pm-on-fail=ignore` (and other universal options like `--loglevel`,
`--reporter`) is now honored when combined with `--help` or `--version`.
Previously the CLI argument parser short-circuited those flags before
universal options were preserved, so `pnpm audit --pm-on-fail=ignore
--help` and `pnpm --pm-on-fail=ignore --version` reported the strict
packageManager mismatch instead of running the requested action
[#​11487](https://redirect.github.com/pnpm/pnpm/issues/11487).
- Fix a regression where `pnpm --recursive --filter '!<pkg>'
run/exec/test/add` would include the workspace root in the matched
projects. The workspace root is now correctly excluded by default when
only negative `--filter` arguments are provided, matching the
[documented behavior](https://pnpm.io/cli/recursive). To include the
root, pass `--include-workspace-root`
[#​11341](https://redirect.github.com/pnpm/pnpm/issues/11341).
- Restore npm-CLI-compatible `--json` stdout output for `pnpm publish`
([#​11476](https://redirect.github.com/pnpm/pnpm/issues/11476)).
pnpm 11 reimplemented publish natively
([#​10591](https://redirect.github.com/pnpm/pnpm/pull/10591)) and
inadvertently dropped the per-package JSON object that pnpm 10 emitted
transitively via the npm CLI, silently breaking downstream tooling —
most notably `nx release publish`, which parses stdout JSON to confirm
success
([nrwl/nx#35575](https://redirect.github.com/nrwl/nx/issues/35575)). On
success, the output is now:
- `pnpm publish --json` → single object `{ id, name, version, size,
unpackedSize, shasum, integrity, filename, files, entryCount, bundled
}`, mirroring `npm publish --json`.
- `pnpm publish -r --json` → array of those objects, mirroring `pnpm
pack --json`'s shape choice.
- `pnpm publish -r --report-summary` → existing
`pnpm-publish-summary.json` envelope `{ publishedPackages: [...] }` is
preserved, but each entry is upgraded to the same per-package shape
(additive — `name` and `version` are still present).
- `pnpm config get @​<scope>:registry` now reports the same URL
that `pnpm publish` and the resolvers actually use. Previously, `config
get` only consulted `.npmrc`, while `publish`/install used the merged
map that includes `pnpm-workspace.yaml`'s `registries` block — so the
two could diverge silently and a publish could go to the wrong registry
[#​11492](https://redirect.github.com/pnpm/pnpm/issues/11492).
###
[`v11.0.6`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1106)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.5...v11.0.6)
##### Patch Changes
- Fix `pnpm_config_npmrc_auth_file` and `pnpm_config_userconfig` env
vars not actually loading the custom `.npmrc`. The env vars were parsed
and assigned to the resolved config, but only after `loadNpmrcConfig`
had already read the default `~/.npmrc` — so the custom file path was
set but never read. The relevant env vars are now consulted before the
user-level `.npmrc` is loaded
[#​11465](https://redirect.github.com/pnpm/pnpm/issues/11465).
- Preserve the original key order in `pnpm-workspace.yaml` when updating
it. Existing keys keep their position, and new keys are inserted in
alphabetical position when the existing keys are already sorted (with a
leading `packages` key allowed) or appended at the end otherwise.
- Fixed `pnpm self-update` on installations originally set up by pnpm
v10. v10 added `PNPM_HOME` directly to PATH and wrote a `pnpm` bootstrap
shim there. v11 setup writes shims under `PNPM_HOME/bin` instead, so
when a v10 user upgrades to v11 the legacy shim at `PNPM_HOME` keeps
pointing into the old `.tools/<version>` install — `pnpm --version`
continues to report the pre-update version even though the new version
was installed under `global/v11`. Self-update now detects this layout,
refreshes the legacy shims so the upgrade actually takes effect, and
prints a hint suggesting `pnpm setup` to migrate PATH to the v11 layout.
[#​11464](https://redirect.github.com/pnpm/pnpm/issues/11464).
- Print a warning when settings that are not allowed in the global
config file (e.g. `nodeLinker`, `hoistPattern`) are present in
`config.yaml` and silently ignored. Previously these settings were
dropped without any feedback, leaving users unsure why their global
configuration had no effect. The warning suggests moving those settings
to a project-level `pnpm-workspace.yaml`, or sharing them across
projects via [config
dependencies](https://pnpm.io/11.x/config-dependencies).
- Throw a pnpm error when `overrides` has an invalid shape or contains a
non-string value.
- Validate all `readPackage` dependency map fields, including
`devDependencies`, and reject falsy non-object invalid values instead of
silently accepting them.
- Prevent crashes during `pnpm config`, `pnpm set`, and `pnpm get` by
tolerating `configDependencies` install failures. For these commands, a
failure to install `configDependencies` (for example because the
registry auth token has not been written yet) is now logged at debug
level and the command proceeds. All other commands still surface the
install error
[#​10684](https://redirect.github.com/pnpm/pnpm/issues/10684).
- Treat `allowBuilds` as an install-state input and clear previously
ignored builds when they are explicitly disallowed.
- Fixes
[#​10594](https://redirect.github.com/pnpm/pnpm/issues/10594),
catalogs not being read from the workspace when using the `catalog:`
protocol with the `pnpm dlx` / `pnpx` command, resulting in a catalog
entry not found error.
- Accept `PNPM_CONFIG_*` (uppercase) environment variables in addition
to `pnpm_config_*`. Previously, only the lowercase form was honored, so
env vars renamed per the v11 migration guide (e.g.
`PNPM_CONFIG_USERCONFIG`) silently had no effect on case-sensitive
systems like macOS and Linux
[#​11465](https://redirect.github.com/pnpm/pnpm/issues/11465).
###
[`v11.0.5`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1105)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.4...v11.0.5)
##### Patch Changes
- Drop the `darwin-x64` artifact from `@pnpm/exe` and from the GitHub
release page. The Node.js SEA mechanism `pnpm pack-app` uses produces a
binary that segfaults at startup on Intel Macs because of an upstream
Node.js bug
([nodejs/node#62893](https://redirect.github.com/nodejs/node/issues/62893),
tracked alongside
[#​59553](https://redirect.github.com/nodejs/node/issues/59553);
the Node.js team has [opted not to fix
it](https://redirect.github.com/nodejs/node/pull/60250) on the grounds
that x64 macOS is being phased out). Re-signing with `codesign` or
`ldid` doesn't help — the corruption is in LIEF's Mach-O surgery, before
signing.
Intel Mac users should install pnpm via `npm install -g pnpm` (uses the
system Node.js, no SEA), or stay on pnpm 10.x. `@pnpm/exe`'s preinstall
on Intel Mac now exits with a clear error pointing at these
alternatives.
Closes
[#​11423](https://redirect.github.com/pnpm/pnpm/issues/11423).
- `pnpm dlx` (and `pnpx`/`pnx`/`pnpm create`) now runs the same
interactive `approve-builds` prompt as `pnpm add -g` when the package
being launched depends on transitive packages with install scripts.
Previously, the v11 `strictDepBuilds` default made dlx fail with
`ERR_PNPM_IGNORED_BUILDS` and required users to re-run with
`--allow-build=<pkg>` for every offending dependency. dlx also now
removes the partially-populated cache directory when the install fails,
so a subsequent run starts clean instead of reusing a broken install
whose builds were silently skipped
[#​11444](https://redirect.github.com/pnpm/pnpm/issues/11444).
- [`72629fc`](https://redirect.github.com/pnpm/pnpm/commit/72629fc): Fix
`pnpm -g ls --json` and `pnpm -g ls --parseable` so they emit valid JSON
and parseable output respectively, matching pnpm 10 behavior. Since the
isolated global packages refactor in pnpm 11, the global list command
had a custom path that always printed plain text and ignored
`--json`/`--parseable`, which broke tools like `npm-check-updates` that
parse the JSON output
[#​11440](https://redirect.github.com/pnpm/pnpm/issues/11440).
`pnpm -g ls --depth=<n>` (with n > 0) now errors when more than one
isolated global install would be involved, since each install has its
own lockfile and merging their transitive trees would be incoherent.
When the request can be narrowed to a single install group, the regular
`list` flow is used and the full dependency tree is shown.
- Fixed `pnpm publish` to honor `publishConfig.registry` from
`package.json` when publishing a single package. The native publish flow
introduced in v11 was reading the registry from `.npmrc` only, ignoring
the per-package override
[#​11419](https://redirect.github.com/pnpm/pnpm/issues/11419).
- When `strictPeerDependencies` is `true`, the
`ERR_PNPM_PEER_DEP_ISSUES` error once again renders the peer dependency
issues inline using the same format as `pnpm peers check`, so users (and
CI tools like Renovate) can see what failed without running `pnpm peers
check` separately
[#​11439](https://redirect.github.com/pnpm/pnpm/issues/11439).
- The `WARN` and error code labels in pnpm's output now wrap in brackets
(`[WARN]`, `[ERR_PNPM_FOO]`). Previously the labels relied entirely on a
colored background to stand out, which meant they blended into the
surrounding text in terminals without color (e.g. when `NO_COLOR` is set
or output is piped). The brackets are painted in the same color as the
badge background, so they appear as ordinary padding in color-capable
terminals — only the no-color rendering changes.
###
[`v11.0.4`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1104)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.3...v11.0.4)
##### Patch Changes
- Fixed `pnpm ci` not reinstalling workspace package `node_modules`
directories after the clean step
[#​11427](https://redirect.github.com/pnpm/pnpm/issues/11427).
- Remove pnpm's workspace state file when cleaning node\_modules so
`pnpm ci` performs a fresh install after the clean step.
- Do not remove `pnpm-lock.yaml` during `pnpm clean` when `lockfile:
true` is configured in `pnpm-workspace.yaml`. The lockfile is only
removed when the `--lockfile` option is passed to `pnpm clean`.
- `pnpm self-update` (with no version argument) no longer downgrades
pnpm when the registry's `latest` dist-tag points to an older release
than the currently active version. Run `pnpm self-update latest` to
force a downgrade
[#​11418](https://redirect.github.com/pnpm/pnpm/issues/11418).
- `minimumReleaseAgeStrict` now defaults to `true` whenever the user
explicitly sets `minimumReleaseAge` (via `pnpm-workspace.yaml`, the
global `config.yaml`, the CLI, or `pnpm_config_*` env vars).
###
[`v11.0.3`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1103)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.2...v11.0.3)
##### Patch Changes
- Fix too many open files error sometimes happening on Windows, when
creating command shims in `node_modules/.bin`
[#​11412](https://redirect.github.com/pnpm/pnpm/issues/11412).
- Fix `ERR_PNPM_FETCH_404` when installing a project whose lockfile
depends on a `file:` tarball. The previous behavior dropped the
`tarball` field from `file:` and git-hosted resolutions when
`lockfile-include-tarball-url=false` (the default), even though those
URLs cannot be reconstructed from the package name, version, and
registry
[#​11407](https://redirect.github.com/pnpm/pnpm/issues/11407).
###
[`v11.0.2`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1102)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.1...v11.0.2)
##### Patch Changes
- Fix `ENOENT` symlink failure when `pnpm add -g` triggers the
approve-builds prompt. The global add flow used to forward an absolute
`modulesDir` (`<installDir>/node_modules`) into the install run by
`approve-builds`. The install layer treated `modulesDir` as a path
relative to `lockfileDir` and joined it again, producing a doubled path
on Windows because `path.join` does not collapse an embedded absolute
path. The hoist step then tried to `mkdir` and symlink under
`<installDir>\<installDir>\node_modules\.pnpm\node_modules\...` and
failed with `ENOENT`
[#​11403](https://redirect.github.com/pnpm/pnpm/issues/11403).
- Fixed `packageManagerDependencies` going stale when pnpm is invoked
through corepack. The lockfile sync (and the `devEngines.packageManager`
version check) previously ran only when pnpm was invoked directly; under
corepack the entire block was skipped, so a stale entry would persist
even after the running pnpm version changed. The lockfile sync now runs
regardless of how pnpm was invoked, while the pnpm-managed version
switch (`onFail: 'download'`) remains skipped under corepack so it
doesn't fight corepack's own version selection
[#​11397](https://redirect.github.com/pnpm/pnpm/issues/11397).
- Fix recursive publish summaries to report the manifest from
`publishConfig.directory` when packages publish from a generated
directory
[#​11239](https://redirect.github.com/pnpm/pnpm/issues/11239).
- Fix negated `os` / `cpu` entries (e.g. `["!win32"]`) being incorrectly
rejected when `supportedArchitectures` expands to multiple platforms
[#​11375](https://redirect.github.com/pnpm/pnpm/pull/11375).
###
[`v11.0.1`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1101)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.0.0...v11.0.1)
##### Patch Changes
- Report unknown top-level options before falling back to implicit `pnpm
run` scripts.
- Reject `null` named catalogs in workspace manifests with
`InvalidWorkspaceManifestError` instead of crashing with a raw
`TypeError`.
- Populate download location for git-sourced dependencies in SBOM
output. Previously `pnpm sbom` emitted `NOASSERTION` (SPDX) and omitted
the distribution reference (CycloneDX) for git dependencies. Now emits
the git URL with commit hash, e.g.
`git+https://github.com/user/repo.git#commit`.
- `pnpm self-update` now keeps `package.json`'s `packageManager` and
`devEngines.packageManager` in sync. When the legacy `packageManager`
field pins pnpm, both fields are rewritten to the new exact pnpm version
on update — `packageManager` to `pnpm@<version>` (without an integrity
hash), and `devEngines.packageManager.version` to the same exact
`<version>` (dropping any range operator). When only
`devEngines.packageManager` is declared, the existing range-preserving
behavior is unchanged
[#​11388](https://redirect.github.com/pnpm/pnpm/issues/11388).
- Sort the keys of the overrides object returned by `pnpm audit --fix`
so that the log output order matches the order written to
`pnpm-workspace.yaml`.
- Update the env lockfile's `packageManagerDependencies` entry when
`devEngines.packageManager` declares a pnpm version that the lockfile no
longer satisfies. Previously, the stale entry was kept even though the
running pnpm matched the declared version, silently breaking the
integrity record
[#​11387](https://redirect.github.com/pnpm/pnpm/issues/11387).
###
[`v11.0.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1100)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v10.33.4...v11.0.0)
##### Highlights
##### Major
- **Node.js 22+ required** — support for Node 18, 19, 20, and 21 is
dropped, pnpm itself is now pure ESM, and the standalone exe requires
glibc 2.27.
- **Supply-chain protection on by default** — `minimumReleaseAge`
defaults to 1 day (newly published packages are not resolved for 24h)
and `blockExoticSubdeps` defaults to `true`.
- **`allowBuilds` replaces the old build-dependency settings** —
`onlyBuiltDependencies`, `onlyBuiltDependenciesFile`,
`neverBuiltDependencies`, `ignoredBuiltDependencies`, and
`ignoreDepScripts` have been removed.
- **Global installs are isolated and use the global virtual store by
default** — each `pnpm add -g` gets its own directory with its own
`package.json`, `node_modules`, and lockfile.
- **New SQLite-backed store index** (store v11) with bundled manifests
and hex digests, reducing filesystem syscalls and speeding up
installation.
- **Native publish flow** — [`pnpm
publish`](https://pnpm.io/11.x/cli/publish),
[`login`](https://pnpm.io/11.x/cli/login),
[`logout`](https://pnpm.io/11.x/cli/logout),
[`view`](https://pnpm.io/11.x/cli/view),
[`deprecate`](https://pnpm.io/11.x/cli/deprecate),
[`unpublish`](https://pnpm.io/11.x/cli/unpublish),
[`dist-tag`](https://pnpm.io/11.x/cli/dist-tag), and
[`version`](https://pnpm.io/11.x/cli/version) no longer delegate to the
npm CLI, and the remaining npm passthrough commands now throw "not
implemented".
- **[`pnpm audit`](https://pnpm.io/11.x/cli/audit) uses npm's bulk
advisories endpoint** — the legacy `/security/audits` endpoints are
gone. CVE-based filtering has been replaced with GHSA-based filtering:
migrate `auditConfig.ignoreCves` entries to `auditConfig.ignoreGhsas`.
- **`.npmrc` is auth/registry only** — all other settings must live in
`pnpm-workspace.yaml` or the new global `config.yaml`, and environment
variables use the `pnpm_config_*` prefix.
- **Runtime installs are slimmer** — installing a Node.js runtime via
`node@runtime:<version>` no longer extracts the bundled `npm`, `npx`,
and `corepack`, roughly halving the files pnpm has to hash, write, and
link.
##### Minor
- **New commands:** [`pnpm ci`](https://pnpm.io/11.x/cli/ci), [`pnpm
sbom`](https://pnpm.io/11.x/cli/sbom), [`pnpm
clean`](https://pnpm.io/11.x/cli/clean), [`pnpm peers
check`](https://pnpm.io/11.x/cli/peers), [`pnpm runtime
set`](https://pnpm.io/11.x/cli/runtime), [`pnpm
docs`](https://pnpm.io/11.x/cli/docs)/`home`, [`pnpm
ping`](https://pnpm.io/11.x/cli/ping), [`pnpm
search`](https://pnpm.io/11.x/cli/search), [`pnpm
star`](https://pnpm.io/11.x/cli/star)/`unstar`/`stars`, [`pnpm
whoami`](https://pnpm.io/11.x/cli/whoami), [`pnpm
with`](https://pnpm.io/11.x/cli/with), and [`pnpm
pack-app`](https://pnpm.io/11.x/cli/pack-app), plus
`pn`/[`pnx`](https://pnpm.io/11.x/cli/pnx) short aliases.
- **ESM pnpmfiles** via `.pnpmfile.mjs`, which takes priority over
`.pnpmfile.cjs` when present.
- **[`pnpm audit --fix=update`](https://pnpm.io/11.x/cli/audit)** fixes
vulnerabilities by updating packages in the lockfile instead of adding
overrides, and `pnpm audit --fix --interactive` lets you select which
advisories to fix.
- **[`pnpm pack-app`](https://pnpm.io/11.x/cli/pack-app)** packs a
CommonJS entry into a standalone executable for one or more target
platforms using Node.js Single Executable Applications.
- **Faster HTTP and I/O** — undici with Happy Eyeballs, direct-to-CAS
writes, skipped staging directory, pre-allocated tarball downloads, and
an NDJSON metadata cache.
##### Major Changes
##### Requirements
- pnpm is now distributed as pure ESM.
- Dropped support for Node.js v18, 19, 20, and 21.
- The standalone exe version of pnpm requires at least glibc 2.27.
##### Security & Build Defaults
- Changed default values: `optimisticRepeatInstall` is now `true`,
`verifyDepsBeforeRun` is now `install`, `minimumReleaseAge` is now
`1440` (1 day), and `minimumReleaseAgeStrict` is `false`. Newly
published packages will not be resolved until they are at least 1 day
old. This protects against supply chain attacks by giving the community
time to detect and remove compromised versions. To opt out, set
`minimumReleaseAge: 0` in `pnpm-workspace.yaml`
[#​11158](https://redirect.github.com/pnpm/pnpm/pull/11158).
- `strictDepBuilds` is `true` by default.
- `blockExoticSubdeps` is `true` by default.
- Removed deprecated build dependency settings: `onlyBuiltDependencies`,
`onlyBuiltDependenciesFile`, `neverBuiltDependencies`,
`ignoredBuiltDependencies`, and `ignoreDepScripts`
[#​11220](https://redirect.github.com/pnpm/pnpm/pull/11220).
Use the `allowBuilds` setting instead. It is a map where keys are
package name patterns and values are booleans:
- `true` means the package is allowed to run build scripts
- `false` means the package is explicitly denied from running build
scripts
Same as before, by default, none of the packages in the dependencies are
allowed to run scripts. If a package has postinstall scripts and it
isn't declared in `allowBuilds`, an error is printed.
Before:
```yaml
onlyBuiltDependencies:
- electron
onlyBuiltDependenciesFile: "allowed-builds.json"
neverBuiltDependencies:
- core-js
ignoredBuiltDependencies:
- esbuild
```
After:
```yaml
allowBuilds:
electron: true
core-js: false
esbuild: false
```
- Removed `allowNonAppliedPatches` in favor of `allowUnusedPatches`.
- Removed `ignorePatchFailures`; patch application failures now throw an
error.
##### Store
- Runtime dependencies are always linked from the global virtual store
[#​10233](https://redirect.github.com/pnpm/pnpm/pull/10233).
- Optimized index file format to store the hash algorithm once per file
instead of repeating it for every file entry. Each file entry now stores
only the hex digest instead of the full integrity string
(`<algo>-<digest>`). Using hex format improves performance since file
paths in the content-addressable store use hex representation,
eliminating base64-to-hex conversion during path lookups.
- Store version bumped to v11.
- The bundled manifest (name, version, bin, engines, scripts, etc.) is
now stored directly in the package index file, eliminating the need to
read `package.json` from the content-addressable store during resolution
and installation. This reduces I/O and speeds up repeat installs
[#​10473](https://redirect.github.com/pnpm/pnpm/pull/10473).
- The package index in the content-addressable store is now backed by
SQLite. Instead of individual JSON files under `$STORE/index/`, package
metadata is stored in a single SQLite database at `$STORE/index.db` with
MessagePack-encoded values. This reduces filesystem syscall overhead,
improves space efficiency for small metadata entries, and enables
concurrent access via SQLite's WAL mode. Packages missing from the new
index are re-fetched on demand
[#​10500](https://redirect.github.com/pnpm/pnpm/pull/10500)
[#​10826](https://redirect.github.com/pnpm/pnpm/issues/10826).
##### Global Packages
- Global installs (`pnpm add -g pkg`) and `pnx` now use the global
virtual store by default. Packages are stored at `{storeDir}/links`
instead of per-project `.pnpm` directories. This can be disabled by
setting `enableGlobalVirtualStore: false`
[#​10694](https://redirect.github.com/pnpm/pnpm/pull/10694).
- Isolated global packages. Each globally installed package (or group of
packages installed together) now gets its own isolated installation
directory with its own `package.json`, `node_modules/`, and lockfile.
This prevents global packages from interfering with each other through
peer dependency conflicts, hoisting changes, or version resolution
shifts.
Key changes:
- `pnpm add -g <pkg>` creates an isolated installation in
`{pnpmHomeDir}/global/v11/{hash}/`
- `pnpm remove -g <pkg>` removes the entire installation group
containing the package
- `pnpm update -g [pkg]` re-installs packages in new isolated
directories
- `pnpm list -g` scans isolated directories to show all installed global
packages
- `pnpm install -g` (no args) is no longer supported; use `pnpm add -g
<pkg>` instead
- Globally installed binaries are now stored in a `bin` subdirectory of
`PNPM_HOME` instead of directly in `PNPM_HOME`. This prevents internal
directories like `global/` and `store/` from polluting shell
autocompletion when `PNPM_HOME` is on PATH
[#​10986](https://redirect.github.com/pnpm/pnpm/issues/10986).
After upgrading, run `pnpm setup` to update your shell configuration.
- Breaking changes to `pnpm link`:
- `pnpm link <pkg-name>` no longer resolves packages from the global
store. Only relative or absolute paths are accepted. For example, use
`pnpm link ./foo` instead of `pnpm link foo`.
- `pnpm link --global` is removed. Use `pnpm add -g .` to register a
local package's bins globally.
- `pnpm link` (no arguments) is removed. Use `pnpm link <dir>` with an
explicit path instead.
##### Configuration
- pnpm no longer reads all settings from `.npmrc`. Only auth and
registry settings are read from `.npmrc` files. All other settings (like
`hoistPattern`, `nodeLinker`, `shamefullyHoist`, etc.) must be
configured in `pnpm-workspace.yaml` or the global
`~/.config/pnpm/config.yaml`
[#​11189](https://redirect.github.com/pnpm/pnpm/pull/11189).
- Network settings (`httpProxy`, `httpsProxy`, `noProxy`,
`localAddress`, `strictSsl`, `gitShallowHosts`) are now written to
`config.yaml` (global) or `pnpm-workspace.yaml` (local) instead of
`.npmrc`/`auth.ini`. They are still readable from `.npmrc` for easier
migration from the npm CLI
[#​11209](https://redirect.github.com/pnpm/pnpm/pull/11209).
pnpm no longer reads `npm_config_*` environment variables. Use
`pnpm_config_*` environment variables instead (e.g.,
`pnpm_config_registry` instead of `npm_config_registry`).
pnpm no longer reads the npm global config at `$PREFIX/etc/npmrc`.
`pnpm login` writes auth tokens to `~/.config/pnpm/auth.ini`.
New `registries` setting in `pnpm-workspace.yaml`:
```yaml
registries:
default: https://registry.npmjs.org/
"@​my-org": https://private.example.com/
"@​internal": https://nexus.corp.com/
```
Auth tokens in `~/.npmrc` still work — pnpm continues to read `~/.npmrc`
as a fallback for registry authentication. The new `npmrcAuthFile`
setting can be used to point to a different file instead of `~/.npmrc`.
- Replace workspace project specific `.npmrc` with `packageConfigs` in
`pnpm-workspace.yaml`.
A workspace manifest with `packageConfigs` looks something like this:
```yaml
# File: pnpm-workspace.yaml
packages:
- "packages/project-1"
- "packages/project-2"
packageConfigs:
"project-1":
saveExact: true
"project-2":
savePrefix: "~"
```
Or this:
```yaml
# File: pnpm-workspace.yaml
packages:
- "packages/project-1"
- "packages/project-2"
packageConfigs:
- match: ["project-1", "project-2"]
modulesDir: "node_modules"
saveExact: true
```
- pnpm no longer reads settings from the `pnpm` field of `package.json`.
Settings should be defined in `pnpm-workspace.yaml`
[#​10086](https://redirect.github.com/pnpm/pnpm/pull/10086).
- `pnpm config get` (without `--json`) no longer prints INI formatted
text. Instead, it prints JSON for objects and arrays, and raw strings
for strings, numbers, booleans, and nulls. `pnpm config get --json`
still prints all types of values as JSON, as before.
- `pnpm config get <array>` now prints a JSON array.
- `pnpm config list` now prints a JSON object instead of INI formatted
text.
- `pnpm config list` and `pnpm config get` (without argument) now hide
auth-related settings.
- `pnpm config list` and `pnpm config get` (without argument) now show
top-level keys as camelCase. Exception: keys that start with `@` or `//`
are preserved (their cases don't change).
- `pnpm config get` and `pnpm config list` no longer load non-camelCase
options from the workspace manifest (`pnpm-workspace.yaml`).
##### Removed Commands & npm Passthrough
- pnpm no longer falls back to the npm CLI. Commands that were
previously passed through to npm (`access`, `bugs`, `docs`, `edit`,
`find`, `home`, `issues`, `owner`, `ping`, `prefix`, `profile`, `pkg`,
`repo`, `search`, `set-script`, `star`, `stars`, `team`, `token`,
`unstar`, `whoami`, `xmas`) and their aliases (`s`, `se`) now throw a
"not implemented" error, with a suggestion to use the npm CLI directly
[#​10642](https://redirect.github.com/pnpm/pnpm/pull/10642). Other
previously passed-through commands —
[`view`](https://pnpm.io/11.x/cli/view) (`info`, `show`, `v`),
[`login`](https://pnpm.io/11.x/cli/login) (`adduser`),
[`logout`](https://pnpm.io/11.x/cli/logout),
[`deprecate`](https://pnpm.io/11.x/cli/deprecate),
[`unpublish`](https://pnpm.io/11.x/cli/unpublish),
[`dist-tag`](https://pnpm.io/11.x/cli/dist-tag), and
[`version`](https://pnpm.io/11.x/cli/version) — have been reimplemented
natively in pnpm (see New Commands below).
- [`pnpm publish`](https://pnpm.io/11.x/cli/publish) now works without
the `npm` CLI.
The One-time Password feature now reads from `PNPM_CONFIG_OTP` instead
of `NPM_CONFIG_OTP`:
```sh
export PNPM_CONFIG_OTP='<your OTP here>'
pnpm publish --no-git-checks
```
If the registry requests OTP and the user has not provided it via the
`PNPM_CONFIG_OTP` environment variable or the `--otp` flag, pnpm will
prompt the user directly for an OTP code.
If the registry requests web-based authentication, pnpm will print a
scannable QR code along with the URL.
Since the new `pnpm publish` no longer calls `npm publish`, some
undocumented features may have been unknowingly dropped. If you rely on
a feature that is now gone, please open an issue at
<https://github.com/pnpm/pnpm/issues>. In the meantime, you can use
`pnpm pack && npm publish *.tgz` as a workaround.
- Removed the `pnpm server` command
[#​10463](https://redirect.github.com/pnpm/pnpm/pull/10463).
- Removed support for the `useNodeVersion` and
`executionEnv.nodeVersion` fields. `devEngines.runtime` and
`engines.runtime` should be used instead
[#​10373](https://redirect.github.com/pnpm/pnpm/pull/10373).
- Removed support for `hooks.fetchers`. We now have a new API for custom
fetchers and resolvers via the `fetchers` field of `pnpmfile`.
##### Lifecycle Scripts
- pnpm no longer populates `npm_config_*` environment variables from the
pnpm config during lifecycle scripts. Only well-known `npm_*` env vars
are now set, matching Yarn's behavior
[#​11116](https://redirect.github.com/pnpm/pnpm/pull/11116).
##### CLI Output
- Cleaner output for script execution: pnpm now prints `$ command`
instead of `> pkg@version stage path\n> command`, and shows project name
and path only when running in a different directory. The `$ command`
line is printed to stderr to keep stdout clean for piping
[#​11132](https://redirect.github.com/pnpm/pnpm/pull/11132).
- During install, instead of rendering the full peer dependency issues
tree, pnpm now suggests running [`pnpm peers
check`](https://pnpm.io/11.x/cli/peers) to view the issues
[#​11133](https://redirect.github.com/pnpm/pnpm/pull/11133).
##### Lockfile
- Simplified `patchedDependencies` lockfile format from `Record<string,
{ path: string, hash: string }>` to `Record<string, string>` (selector
to hash). Existing lockfiles with the old format are automatically
migrated
[#​10911](https://redirect.github.com/pnpm/pnpm/pull/10911).
##### Other
- The default value of the `type` field in the `package.json` file of
the project initialized by `pnpm init` command has been changed to
`module`.
- Added support for lowercase options in `pnpm add`: `-d`, `-p`, `-o`,
`-e` [#​9197](https://redirect.github.com/pnpm/pnpm/issues/9197).
When using the `pnpm add` command only:
- `-p` is now an alias for `--save-prod` instead of `--parseable`
- `-d` is now an alias for `--save-dev` instead of `--loglevel=info`
- The root workspace project is no longer excluded when it is explicitly
selected via a filter
[#​10465](https://redirect.github.com/pnpm/pnpm/pull/10465).
##### Audit
- [`pnpm audit`](https://pnpm.io/11.x/cli/audit) now calls npm's
`/-/npm/v1/security/advisories/bulk` endpoint. The legacy
`/-/npm/v1/security/audits{,/quick}` endpoints have been retired by the
registry, so the legacy request/response contract is no longer
supported.
The bulk endpoint does not return CVE identifiers. CVE-based filtering
has been replaced with GitHub advisory ID (GHSA) filtering:
- `auditConfig.ignoreCves` → `auditConfig.ignoreGhsas` (the previous key
is no longer recognized)
- `pnpm audit --ignore <id>` / `pnpm audit --ignore-unfixable` now read
and write GHSAs instead of CVEs
- GHSAs are derived from each advisory's `url`
(`https://github.com/advisories/GHSA-xxxx-xxxx-xxxx`)
To migrate: replace each `CVE-YYYY-NNNNN` entry in your
`auditConfig.ignoreCves` with the corresponding `GHSA-xxxx-xxxx-xxxx`
value (visible in the `More info` column of `pnpm audit` output) and
move it under `auditConfig.ignoreGhsas`.
##### Package Manager Settings
- **Breaking:** removed the `managePackageManagerVersions`,
`packageManagerStrict`, and `packageManagerStrictVersion` settings. They
existed only to derive the `onFail` behavior for the legacy
`packageManager` field, and the `pmOnFail` setting introduced alongside
[`pnpm with`](https://pnpm.io/11.x/cli/with) subsumes all three — it
directly sets the `onFail` behavior of both `packageManager` and
`devEngines.packageManager`. The `COREPACK_ENABLE_STRICT` environment
variable is no longer honored (it only gated `packageManagerStrict`);
use `pmOnFail` instead.
Migration:
| Removed setting | Replace with |
| ------------------------------------- | ------------------------------
|
| `managePackageManagerVersions: true` | `pmOnFail: download` (default)
|
| `managePackageManagerVersions: false` | `pmOnFail: ignore` |
| `packageManagerStrict: false` | `pmOnFail: warn` |
| `packageManagerStrictVersion: true` | `pmOnFail: error` |
| `COREPACK_ENABLE_STRICT=0` | `pmOnFail: warn` |
##### Runtime Installs
- Installing a Node.js runtime via `node@runtime:<version>` (including
`pnpm env use` and `pnpm runtime set node`) no longer extracts the
bundled `npm`, `npx`, and `corepack` from the Node.js archive. This cuts
roughly half of the files pnpm has to hash, write to the CAS, and link
during installation, making runtime installs noticeably faster. Users
who still need `npm` can install it as a separate package.
##### Minor Changes
##### New Commands
- Added native [`pnpm view`](https://pnpm.io/11.x/cli/view) (`info`,
`show`, `v`) command for viewing package metadata from the registry
[#​11064](https://redirect.github.com/pnpm/pnpm/pull/11064).
- Added [`pnpm login`](https://pnpm.io/11.x/cli/login) (and `pnpm
adduser` alias) command for authenticating with npm registries. Supports
web-based login with QR code as well as classic username/password login
[#​11094](https://redirect.github.com/pnpm/pnpm/pull/11094).
- Added [`pnpm logout`](https://pnpm.io/11.x/cli/logout) command for
logging out of npm registries. Revokes the authentication token on the
registry and removes it from the local auth config file
[#​11213](https://redirect.github.com/pnpm/pnpm/pull/11213).
- Added native [`pnpm deprecate`](https://pnpm.io/11.x/cli/deprecate)
and `pnpm undeprecate` commands for setting and removing deprecation
messages on package versions without delegating to the npm CLI
[#​11120](https://redirect.github.com/pnpm/pnpm/pull/11120).
- Added native [`pnpm unpublish`](https://pnpm.io/11.x/cli/unpublish)
command. Supports unpublishing specific versions, version ranges via
semver, and entire packages with `--force`
[#​11128](https://redirect.github.com/pnpm/pnpm/pull/11128).
- Added native [`pnpm dist-tag`](https://pnpm.io/11.x/cli/dist-tag)
command (`ls`, `add`, `rm` subcommands)
[#​11218](https://redirect.github.com/pnpm/pnpm/pull/11218).
- Added [`pnpm sbom`](https://pnpm.io/11.x/cli/sbom) command for
generating Software Bill of Materials in CycloneDX 1.7 and SPDX 2.3 JSON
formats
[#​9088](https://redirect.github.com/pnpm/pnpm/issues/9088).
- Added [`pnpm clean`](https://pnpm.io/11.x/cli/clean) command that
safely removes `node_modules` directories from all workspace projects
[#​10707](https://redirect.github.com/pnpm/pnpm/issues/10707). Use
`--lockfile` to also remove `pnpm-lock.yaml` files.
- Added a new command [`pnpm runtime set <runtime name> <runtime version
spec> [-g]`](https://pnpm.io/11.x/cli/runtime) for installing runtimes.
Deprecated `pnpm env use` in favor of the new command.
- Added the ability to fix vulnerabilities by updating packages in the
lockfile instead of adding overrides. Use [`pnpm audit
--fix=update`](https://pnpm.io/11.x/cli/audit)
[#​10341](https://redirect.github.com/pnpm/pnpm/pull/10341).
- Added [`pnpm ci`](https://pnpm.io/11.x/cli/ci) command for clean
installs
[#​6100](https://redirect.github.com/pnpm/pnpm/issues/6100). The
command runs `pnpm clean` followed by `pnpm install --frozen-lockfile`.
Designed for CI/CD environments where reproducible builds are critical.
Aliases: `pnpm clean-install`, `pnpm ic`, `pnpm install-clean`
[#​11003](https://redirect.github.com/pnpm/pnpm/pull/11003).
- Added [`pnpm peers check`](https://pnpm.io/11.x/cli/peers) command
that checks for unmet and missing peer dependency issues by reading the
lockfile
[#​7087](https://redirect.github.com/pnpm/pnpm/issues/7087).
- Implemented the [`version`](https://pnpm.io/11.x/cli/version) command
natively in pnpm to support workspaces and `workspace:` protocols
correctly. The new command allows bumping package versions (major,
minor, patch, etc.) with full workspace support and git integration
[#​10879](https://redirect.github.com/pnpm/pnpm/pull/10879).
- [`pnpm audit --fix`](https://pnpm.io/11.x/cli/audit) now supports a
new interactive mode via `--interactive`/`-i`.
- Added the [`pnpm docs`](https://pnpm.io/11.x/cli/docs) command and its
alias `pnpm home`. This command opens the package documentation or
homepage in the browser. When the package has no valid homepage, it
falls back to `https://npmx.dev/package/<name>`.
- Added native [`pnpm ping`](https://pnpm.io/11.x/cli/ping) command to
test registry connectivity. Provides a simple way to verify connectivity
to the configured registry without requiring external tools.
- Implemented native [`search`](https://pnpm.io/11.x/cli/search) command
and its aliases (`s`, `se`, `find`).
- Implemented native [`star`, `unstar`,
`stars`](https://pnpm.io/11.x/cli/star), and
[`whoami`](https://pnpm.io/11.x/cli/whoami) commands.
- Add [`pnpm with <version|current>
<args...>`](https://pnpm.io/11.x/cli/with) command. Runs pnpm at a
specific version (or the currently active one) for a single invocation,
bypassing the project's `packageManager` and `devEngines.packageManager`
pins.
- Added a new [`pnpm pack-app`](https://pnpm.io/11.x/cli/pack-app)
command that packs a CommonJS entry file into a standalone executable
for one or more target platforms, using the [Node.js Single Executable
Applications](https://nodejs.org/api/single-executable-applications.html)
API under the hood.
##### Configuration
- Added support for a global YAML config file named `config.yaml`.
Configuration is now split into two categories:
- Registry and auth settings, which can be stored in INI files such as
the global `rc` file and local `.npmrc`.
- pnpm-specific settings, which can only be loaded from YAML files such
as the global `config.yaml` and local `pnpm-workspace.yaml`.
- Added support for loading environment variables whose names start with
`pnpm_config_` into config. These environment variables override
settings from `pnpm-workspace.yaml` but not CLI arguments.
- Added support for reading `allowBuilds` from `pnpm-workspace.yaml` in
the global package directory for global installs.
- Added support for `pnpm config get globalconfig` to retrieve the
global config file path
[#​9977](https://redirect.github.com/pnpm/pnpm/issues/9977).
- Added a new setting `virtualStoreOnly` that populates the virtual
store without creating importer symlinks, hoisting, bin links, or
running lifecycle scripts. This is useful for pre-populating a store
(e.g., in Nix builds) without creating unnecessary project-level
artifacts. `pnpm fetch` now uses this mode internally
[#​10840](https://redirect.github.com/pnpm/pnpm/issues/10840).
- Added support for specifying the pnpm version via
`devEngines.packageManager` in `package.json`. Unlike the
`packageManager` field, this supports version ranges. The resolved
version is stored in `pnpm-lock.yaml` and reused if it still satisfies
the range
[#​10932](https://redirect.github.com/pnpm/pnpm/pull/10932).
- Added a new `dedupePeers` setting that reduces peer dependency
duplication. When enabled, peer dependency suffixes use version-only
identifiers (`name@version`) instead of full dep paths, eliminating
nested suffixes like `(foo@1.0.0(bar@2.0.0))`. This dramatically reduces
the number of package instances in projects with many recursive peer
dependencies
[#​11070](https://redirect.github.com/pnpm/pnpm/issues/11070).
- Config dependencies are now installed into the global virtual store
(`{storeDir}/links/`) and symlinked into `node_modules/.pnpm-config/`.
This allows config dependencies to be shared across projects that use
the same store, avoiding redundant fetches and imports
[#​10910](https://redirect.github.com/pnpm/pnpm/pull/10910).
Config dependency and package manager integrity info is now stored in
`pnpm-lock.yaml` instead of inlined in `pnpm-workspace.yaml`: the
workspace manifest contains only clean version specifiers for
`configDependencies`, while the resolved versions, integrity hashes, and
tarball URLs are recorded in the lockfile as a separate YAML document.
The env lockfile section also stores `packageManagerDependencies`
resolved during version switching and self-update. Projects using the
old inline-hash format are automatically migrated on install
[#​10912](https://redirect.github.com/pnpm/pnpm/pull/10912)
[#​10964](https://redirect.github.com/pnpm/pnpm/pull/10964).
- Added `nodeDownloadMirrors` setting to configure custom Node.js
download mirrors in `pnpm-workspace.yaml`. This replaces the
`node-mirror:<channel>` `.npmrc` setting, which is no longer read
[#​11194](https://redirect.github.com/pnpm/pnpm/pull/11194):
```yaml
nodeDownloadMirrors:
release: https://my-mirror.example.com/download/release/
```
- `pnpm dlx` and `pnpm create` now respect security and trust policy
settings (`minimumReleaseAge`, `minimumReleaseAgeExclude`,
`minimumReleaseAgeStrict`, `trustPolicy`, `trustPolicyExclude`,
`trustPolicyIgnoreAfter`) from project-level configuration [#​1118
> ✂ **Note**
>
> PR body was truncated to here.
</details>
---
### Configuration
📅 **Schedule**: (UTC)
- Branch creation
- "on Monday"
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/wolfstar-project/wolfstar.rocks).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE3My42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaG9yZSIsImRlcGVuZGVuY2llcyJdfQ==-->
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@vitest/browser-playwright](https://vitest.dev/config/browser/playwright) ([source](https://redirect.github.com/vitest-dev/vitest/tree/HEAD/packages/browser-playwright)) | [`4.1.5` → `4.1.6`](https://renovatebot.com/diffs/npm/@vitest%2fbrowser-playwright/4.1.5/4.1.6) |  |  | | [@vitest/coverage-v8](https://vitest.dev/guide/coverage) ([source](https://redirect.github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8)) | [`4.1.5` → `4.1.6`](https://renovatebot.com/diffs/npm/@vitest%2fcoverage-v8/4.1.5/4.1.6) |  |  | | [@vitest/ui](https://vitest.dev/guide/ui) ([source](https://redirect.github.com/vitest-dev/vitest/tree/HEAD/packages/ui)) | [`4.1.5` → `4.1.6`](https://renovatebot.com/diffs/npm/@vitest%2fui/4.1.5/4.1.6) |  |  | --- ### Release Notes <details> <summary>vitest-dev/vitest (@​vitest/browser-playwright)</summary> ### [`v4.1.6`](https://redirect.github.com/vitest-dev/vitest/releases/tag/v4.1.6) [Compare Source](https://redirect.github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6) ##### 🐞 Bug Fixes - **browser**: Provide project reference in `ToMatchScreenshotResolvePath` - by [@​macarie](https://redirect.github.com/macarie) and [@​sheremet-va](https://redirect.github.com/sheremet-va) in [#​10138](https://redirect.github.com/vitest-dev/vitest/issues/10138) [<samp>(31882)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/31882607c) - Global `sequence.concurrent: true` with top-level `test(..., { concurrent: false })` + depreacte `sequential` test API and options - by [@​hi-ogawa](https://redirect.github.com/hi-ogawa), **Codex** and [@​sheremet-va](https://redirect.github.com/sheremet-va) in [#​10196](https://redirect.github.com/vitest-dev/vitest/issues/10196) [<samp>(2847d)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/2847dfa2a) - **browser**: Simplify orchestrator otel carrier - by [@​hi-ogawa](https://redirect.github.com/hi-ogawa) in [#​10285](https://redirect.github.com/vitest-dev/vitest/issues/10285) [<samp>(18af9)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/18af98cee) ##### 🏎 Performance - Stringify diff objects only once - by [@​sheremet-va](https://redirect.github.com/sheremet-va) in [#​10276](https://redirect.github.com/vitest-dev/vitest/issues/10276) [<samp>(9f7b1)</samp>](https://redirect.github.com/vitest-dev/vitest/commit/9f7b1528c) ##### [View changes on GitHub](https://redirect.github.com/vitest-dev/vitest/compare/v4.1.5...v4.1.6) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "on Monday" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/wolfstar-project/wolfstar.rocks). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE3My42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaG9yZSIsImRlcGVuZGVuY2llcyJdfQ==-->
… v2 (#178) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | ghcr.io/devcontainers/features/node | feature | major | `1` → `2` | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "on Monday" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/wolfstar-project/wolfstar.rocks). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaG9yZSIsImRlcGVuZGVuY2llcyJdfQ==-->
…kill files Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
…kill files Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/cd816fb5-cc47-412c-877d-f02fc5e25677 Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/cd816fb5-cc47-412c-877d-f02fc5e25677 Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/53568e97-3416-471f-a58f-1d61c11fffc1 Co-authored-by: RedStar071 <76824516+RedStar071@users.noreply.github.com>
…reDependencies Agent-Logs-Url: https://github.com/wolfstar-project/wolfstar.rocks/sessions/7afd1d5c-be99-4b70-ae12-5b7359bff325 Co-authored-by: lorypelli <87276663+lorypelli@users.noreply.github.com>
> ℹ️ **Note**
>
> This PR body was truncated due to platform limits.
This PR contains the following updates:
| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) | Type |
Update |
|---|---|---|---|---|---|
| [@commitlint/cli](https://commitlint.js.org/)
([source](https://redirect.github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/cli))
| [`^20.4.3` →
`^20.5.0`](https://renovatebot.com/diffs/npm/@commitlint%2fcli/20.5.0/20.5.2)
|
|
| devDependencies | patch |
| [@iconify-json/lucide](https://icon-sets.iconify.design/lucide/) |
[`1.2.102` →
`1.2.104`](https://renovatebot.com/diffs/npm/@iconify-json%2flucide/1.2.102/1.2.104)
|
|
| dependencies | patch |
| [@netlify/nuxt](https://redirect.github.com/netlify/primitives)
([source](https://redirect.github.com/netlify/primitives/tree/HEAD/packages/nuxt-module))
| [`^0.2.36` →
`^0.3.0`](https://renovatebot.com/diffs/npm/@netlify%2fnuxt/0.2.36/0.3.0)
|
|
| devDependencies | minor |
| [@nuxt/ui](https://ui.nuxt.com)
([source](https://redirect.github.com/nuxt/ui)) | [`4.6.1` →
`4.7.0`](https://renovatebot.com/diffs/npm/@nuxt%2fui/4.6.1/4.7.0) |
|
| dependencies | minor |
| [@prisma/adapter-pg](https://redirect.github.com/prisma/prisma)
([source](https://redirect.github.com/prisma/prisma/tree/HEAD/packages/adapter-pg))
| [`7.7.0` →
`7.8.0`](https://renovatebot.com/diffs/npm/@prisma%2fadapter-pg/7.7.0/7.8.0)
|
|
| dependencies | minor |
| [@prisma/client](https://www.prisma.io)
([source](https://redirect.github.com/prisma/prisma/tree/HEAD/packages/client))
| [`7.7.0` →
`7.8.0`](https://renovatebot.com/diffs/npm/@prisma%2fclient/7.7.0/7.8.0)
|
|
| dependencies | minor |
|
[@sentry/nuxt](https://redirect.github.com/getsentry/sentry-javascript/tree/master/packages/nuxt)
([source](https://redirect.github.com/getsentry/sentry-javascript)) |
[`10.49.0` →
`10.50.0`](https://renovatebot.com/diffs/npm/@sentry%2fnuxt/10.49.0/10.50.0)
|
|
| dependencies | minor |
| [@takumi-rs/core](https://takumi.kane.tw/docs/integration)
([source](https://redirect.github.com/kane50613/takumi/tree/HEAD/takumi-napi-core))
| [`1.0.12` →
`1.1.2`](https://renovatebot.com/diffs/npm/@takumi-rs%2fcore/1.0.12/1.1.2)
|
|
| devDependencies | minor |
| [@takumi-rs/wasm](https://redirect.github.com/kane50613/takumi) |
[`1.0.12` →
`1.1.2`](https://renovatebot.com/diffs/npm/@takumi-rs%2fwasm/1.0.12/1.1.2)
|
|
| devDependencies | minor |
| [@vue/test-utils](https://redirect.github.com/vuejs/test-utils) |
[`2.4.6` →
`2.4.9`](https://renovatebot.com/diffs/npm/@vue%2ftest-utils/2.4.6/2.4.9)
|
|
| dependencies | patch |
| [nuxt-og-image](https://nuxtseo.com/og-image)
([source](https://redirect.github.com/nuxt-modules/og-image)) | [`6.4.3`
→ `6.4.8`](https://renovatebot.com/diffs/npm/nuxt-og-image/6.4.3/6.4.8)
|
|
| dependencies | patch |
| [pnpm](https://pnpm.io)
([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) |
[`10.33.0` →
`10.33.2`](https://renovatebot.com/diffs/npm/pnpm/10.33.0/10.33.2) |
|
| packageManager | patch |
| [skilld](https://redirect.github.com/skilld-dev/skilld) | [`^1.6.2` →
`^1.7.0`](https://renovatebot.com/diffs/npm/skilld/1.6.2/1.7.0) |
|
| devDependencies | minor |
| [stale-dep](https://redirect.github.com/sxzz/stale-dep) | [`0.8.5` →
`0.8.6`](https://renovatebot.com/diffs/npm/stale-dep/0.8.5/0.8.6) |
|
| dependencies | patch |
| [tailwindcss](https://tailwindcss.com)
([source](https://redirect.github.com/tailwindlabs/tailwindcss/tree/HEAD/packages/tailwindcss))
| [`^4.2.1` →
`^4.2.2`](https://renovatebot.com/diffs/npm/tailwindcss/4.2.2/4.2.4) |
|
| devDependencies | patch |
|
[voidzero-dev/setup-vp](https://redirect.github.com/voidzero-dev/setup-vp)
| `v1.6.0` → `v1.8.0` |
|
| action | minor |
| [vue-tsc](https://redirect.github.com/vuejs/language-tools)
([source](https://redirect.github.com/vuejs/language-tools/tree/HEAD/packages/tsc))
| [`^3.2.5` →
`^3.2.6`](https://renovatebot.com/diffs/npm/vue-tsc/3.2.6/3.2.7) |
|
| devDependencies | patch |
---
### Release Notes
<details>
<summary>conventional-changelog/commitlint
(@​commitlint/cli)</summary>
###
[`v20.5.2`](https://redirect.github.com/conventional-changelog/commitlint/blob/HEAD/@​commitlint/cli/CHANGELOG.md#2052-2026-04-25)
[Compare
Source](https://redirect.github.com/conventional-changelog/commitlint/compare/v20.5.0...v20.5.2)
**Note:** Version bump only for package
[@​commitlint/cli](https://redirect.github.com/commitlint/cli)
</details>
<details>
<summary>netlify/primitives (@​netlify/nuxt)</summary>
###
[`v0.3.0`](https://redirect.github.com/netlify/primitives/blob/HEAD/packages/nuxt-module/CHANGELOG.md#030-2026-04-27)
[Compare
Source](https://redirect.github.com/netlify/primitives/compare/75a0945d3a3333dddccdfbd7fcd1c051de6b51e7...ecff4f3d1980db0dce2eb3ea19452fee66d1e761)
##### Features
- unflag database
([#​667](https://redirect.github.com/netlify/primitives/issues/667))
([76d95a1](https://redirect.github.com/netlify/primitives/commit/76d95a1de14712f858f24d90a430e9b7bca9f3e7))
##### Dependencies
- The following workspace dependencies were updated
- dependencies
- [@​netlify/dev](https://redirect.github.com/netlify/dev) bumped
from ^4.17.3 to ^4.18.0
###
[`v0.2.41`](https://redirect.github.com/netlify/primitives/blob/HEAD/packages/nuxt-module/CHANGELOG.md#0241-2026-04-20)
[Compare
Source](https://redirect.github.com/netlify/primitives/compare/ef289037b648ab9338bee73da6a4482cee661b3e...75a0945d3a3333dddccdfbd7fcd1c051de6b51e7)
##### Dependencies
- The following workspace dependencies were updated
- dependencies
- [@​netlify/dev](https://redirect.github.com/netlify/dev) bumped
from ^4.17.2 to ^4.17.3
###
[`v0.2.40`](https://redirect.github.com/netlify/primitives/blob/HEAD/packages/nuxt-module/CHANGELOG.md#0240-2026-04-20)
[Compare
Source](https://redirect.github.com/netlify/primitives/compare/2ebf765b18e889906d29610915e78482c326fdd6...ef289037b648ab9338bee73da6a4482cee661b3e)
##### Dependencies
- The following workspace dependencies were updated
- dependencies
- [@​netlify/dev](https://redirect.github.com/netlify/dev) bumped
from ^4.17.1 to ^4.17.2
###
[`v0.2.39`](https://redirect.github.com/netlify/primitives/blob/HEAD/packages/nuxt-module/CHANGELOG.md#0239-2026-04-14)
[Compare
Source](https://redirect.github.com/netlify/primitives/compare/bdb9264203adcebefa8facbcb8cb0faff92e57ce...2ebf765b18e889906d29610915e78482c326fdd6)
##### Dependencies
- The following workspace dependencies were updated
- dependencies
- [@​netlify/dev](https://redirect.github.com/netlify/dev) bumped
from ^4.17.0 to ^4.17.1
###
[`v0.2.38`](https://redirect.github.com/netlify/primitives/blob/HEAD/packages/nuxt-module/CHANGELOG.md#0238-2026-04-13)
[Compare
Source](https://redirect.github.com/netlify/primitives/compare/7f49a5375fa0b816cb1ebeed3dc22c8a379d370e...bdb9264203adcebefa8facbcb8cb0faff92e57ce)
##### Dependencies
- The following workspace dependencies were updated
- dependencies
- [@​netlify/dev](https://redirect.github.com/netlify/dev) bumped
from ^4.16.5 to ^4.17.0
###
[`v0.2.37`](https://redirect.github.com/netlify/primitives/blob/HEAD/packages/nuxt-module/CHANGELOG.md#0237-2026-04-07)
[Compare
Source](https://redirect.github.com/netlify/primitives/compare/96166d833512601a06ae9f011df16fb60d266b1f...7f49a5375fa0b816cb1ebeed3dc22c8a379d370e)
##### Dependencies
- The following workspace dependencies were updated
- dependencies
- [@​netlify/dev](https://redirect.github.com/netlify/dev) bumped
from ^4.16.4 to ^4.16.5
</details>
<details>
<summary>nuxt/ui (@​nuxt/ui)</summary>
###
[`v4.7.0`](https://redirect.github.com/nuxt/ui/blob/HEAD/CHANGELOG.md#470-2026-04-24)
[Compare
Source](https://redirect.github.com/nuxt/ui/compare/v4.6.1...v4.7.0)
##### Features
- **AuthForm:** add `separator` slot
([#​6305](https://redirect.github.com/nuxt/ui/issues/6305))
([81c7ddb](https://redirect.github.com/nuxt/ui/commit/81c7ddb6d47dade3f7f2415a2a9714e949133344))
- **Card:** add `title` and `description` props
([3cf7d75](https://redirect.github.com/nuxt/ui/commit/3cf7d7550918c6d29a6dcaffd10d50305f90c4cd)),
closes [#​6001](https://redirect.github.com/nuxt/ui/issues/6001)
- **CommandPalette:** add `group-label` slot
([#​6329](https://redirect.github.com/nuxt/ui/issues/6329))
([7fc773c](https://redirect.github.com/nuxt/ui/commit/7fc773ca321fb4b7592d49af540f93b70197ae14))
- **CommandPalette:** add `searchDelay` prop
([7d2af05](https://redirect.github.com/nuxt/ui/commit/7d2af0514d6b8fce9882d175693c4bea7b1316fd))
- **EditorSuggestionMenu:** expose suggestion matching options
([#​6234](https://redirect.github.com/nuxt/ui/issues/6234))
([4427824](https://redirect.github.com/nuxt/ui/commit/4427824f04005a84245f883d73d4a4d0156d3996))
- **Link:** auto-localize internal links when `@nuxtjs/i18n` is
installed
([#​5537](https://redirect.github.com/nuxt/ui/issues/5537))
([92cfda0](https://redirect.github.com/nuxt/ui/commit/92cfda0f9f14619e388b2baa9f370e363c9fa73f))
- **Listbox:** new component
([#​6307](https://redirect.github.com/nuxt/ui/issues/6307))
([00c1651](https://redirect.github.com/nuxt/ui/commit/00c16515bad0040651fd39a01bbf4907d2681f04))
- **ProsePrompt:** new component
([#​6362](https://redirect.github.com/nuxt/ui/issues/6362))
([2451ac6](https://redirect.github.com/nuxt/ui/commit/2451ac6f499b7790dc4358e51600a07bd263e137))
- **Table:** support sticky header/footer in virtualized mode
([#​6217](https://redirect.github.com/nuxt/ui/issues/6217))
([15d32ce](https://redirect.github.com/nuxt/ui/commit/15d32cea9831d20600719eb608b1223f15c0f203))
- **Textarea:** expose `autoResize` method
([#​6120](https://redirect.github.com/nuxt/ui/issues/6120))
([9c5c0df](https://redirect.github.com/nuxt/ui/commit/9c5c0df96caafa59f1199aaa6df115a41de7cd03))
##### Bug Fixes
- **Accordion/Tabs:** use item value as stable key to avoid remounts
([#​6380](https://redirect.github.com/nuxt/ui/issues/6380))
([3cee610](https://redirect.github.com/nuxt/ui/commit/3cee61016931bb4411c5a6b6b5934fe974836f5c))
- **Avatar:** remove `leading-none` from fallback
([#​6383](https://redirect.github.com/nuxt/ui/issues/6383))
([77ce09a](https://redirect.github.com/nuxt/ui/commit/77ce09ade34f5ef0ddac8d7421b5b143724642f0))
- **ChatMessage/ChatMessages:** preserve generic message type in slot
scope ([#​6391](https://redirect.github.com/nuxt/ui/issues/6391))
([20f66db](https://redirect.github.com/nuxt/ui/commit/20f66db8e63f1941ce82acd4cc38fd2c2826cbc7))
- **ChatMessages:** prevent layout shift caused by indicator during
streaming
([#​6297](https://redirect.github.com/nuxt/ui/issues/6297))
([b7160e2](https://redirect.github.com/nuxt/ui/commit/b7160e213045dfe2ee37cf83f4a97c72e4c19886))
- **ChatMessages:** use MutationObserver for auto-scroll during
streaming
([#​6357](https://redirect.github.com/nuxt/ui/issues/6357))
([47bf3cb](https://redirect.github.com/nuxt/ui/commit/47bf3cbec92454dc81f6b6473a8f9629c5c160c3))
- **ChatPromptSubmit:** ignore `disabled` prop when status is not
`ready`
([600a2ca](https://redirect.github.com/nuxt/ui/commit/600a2ca40c3a15b0f7951adad5b9781a2bdb9864))
- **components:** resolve `defaultVariants` in template logic
([#​6361](https://redirect.github.com/nuxt/ui/issues/6361))
([75b37d0](https://redirect.github.com/nuxt/ui/commit/75b37d0bc9985c4975f1547cdc2f815534d5ceef))
- **ContentSearch/DashboardSearch:** pick shared props from
CommandPalette
([cdcf2e5](https://redirect.github.com/nuxt/ui/commit/cdcf2e5c656c3efa8e3a2d6be96339fcc18f159a))
- **ContentSearch:** speed up navigation mapping
([0faf2c2](https://redirect.github.com/nuxt/ui/commit/0faf2c23c31fc45e191204e7d872dd006a2a7aaf))
- **ContentToc:** use links for scrollspy instead of hardcoded h2/h3
([#​6282](https://redirect.github.com/nuxt/ui/issues/6282))
([6aba2ea](https://redirect.github.com/nuxt/ui/commit/6aba2ead4c76f992e1ad76f2fec11c70800143a4))
- **FieldGroup:** prevent context from leaking into portals
([#​6313](https://redirect.github.com/nuxt/ui/issues/6313))
([5155e27](https://redirect.github.com/nuxt/ui/commit/5155e27e6dd163cca21401737a3f8ac1faeff4bc))
- **FileUpload:** use form field `color` and `highlight` instead of raw
props
([bb5a9ed](https://redirect.github.com/nuxt/ui/commit/bb5a9ed2b662c3494917dd382a1acc22b5898eb1))
- **Header/DashboardSidebar/Sidebar:** allow auto focus in menu for
proper focus trapping
([#​6266](https://redirect.github.com/nuxt/ui/issues/6266))
([9b91ee4](https://redirect.github.com/nuxt/ui/commit/9b91ee40b06092ce193bb94ca3913c2143dc8ac0))
- **InputDate/InputTime:** increase segments width
([#​6339](https://redirect.github.com/nuxt/ui/issues/6339))
([4ebdb2f](https://redirect.github.com/nuxt/ui/commit/4ebdb2f24acb37d41f161fd794a63d0eaa0d9655))
- **InputTags:** add missing field group variant
([#​6326](https://redirect.github.com/nuxt/ui/issues/6326))
([aae5378](https://redirect.github.com/nuxt/ui/commit/aae53784e788a3eca46b6721ab3d977ff5b6a656))
- **Link:** ensure single-root rendering for `v-show` and `$el`
resolution
([#​6310](https://redirect.github.com/nuxt/ui/issues/6310))
([2c4ff35](https://redirect.github.com/nuxt/ui/commit/2c4ff352d81660cc8e7f665b69e90f9e4e4bd05c))
- **Modal/Slideover:** drop empty header wrapper when empty
([#​6381](https://redirect.github.com/nuxt/ui/issues/6381))
([1082960](https://redirect.github.com/nuxt/ui/commit/1082960e60ae9754e1d947085c2f7efc85793873))
- **module:** use relative `tagPriority` for inline style tags
([#​6299](https://redirect.github.com/nuxt/ui/issues/6299))
([ae693d0](https://redirect.github.com/nuxt/ui/commit/ae693d0e243eea4e585b5667fc027c97edca16da))
- **PricingTable:** align header elements vertically
([#​6111](https://redirect.github.com/nuxt/ui/issues/6111))
([0daacb0](https://redirect.github.com/nuxt/ui/commit/0daacb02fa12e1037dc7db9e404cdb7909d0418d))
- **PricingTable:** handle RTL mode
([#​6382](https://redirect.github.com/nuxt/ui/issues/6382))
([ab203db](https://redirect.github.com/nuxt/ui/commit/ab203db1d50ae4b880d6c6aae367230539695205))
- **ProseCodeCollapse:** match background on overscroll
([28c89fe](https://redirect.github.com/nuxt/ui/commit/28c89fe36f68b08f7ea3e0a1c9498526830bd4bb))
- **ProseImg:** respect markdown width attribute
([#​6350](https://redirect.github.com/nuxt/ui/issues/6350))
([d4e4ea1](https://redirect.github.com/nuxt/ui/commit/d4e4ea1eaa620814273ed84fab44ac6176707652))
- **ProsePre:** get code from DOM if `code` prop is missing
([#​6333](https://redirect.github.com/nuxt/ui/issues/6333))
([b808ce4](https://redirect.github.com/nuxt/ui/commit/b808ce4661f5232357615fcb40d7d9be8ad1ceb1))
- **Select:** support `item-aligned` position mode
([#​6358](https://redirect.github.com/nuxt/ui/issues/6358))
([255807a](https://redirect.github.com/nuxt/ui/commit/255807a4bf95b91e8222ccd8bbc60016ec862c1c))
</details>
<details>
<summary>prisma/prisma (@​prisma/adapter-pg)</summary>
###
[`v7.8.0`](https://redirect.github.com/prisma/prisma/releases/tag/7.8.0)
[Compare
Source](https://redirect.github.com/prisma/prisma/compare/7.7.0...7.8.0)
Today, we are excited to share the `7.8.0` stable release 🎉
**🌟 Star this repo for notifications about new releases, bug fixes &
features — or [follow us on X](https://pris.ly/x)!**
### Highlights
#### ORM
##### Features
**Prisma Client**
- Added a `queryPlanCacheMaxSize` option to the `PrismaClient`
constructor for fine-grained control over the query plan cache. Pass `0`
to disable the cache entirely, or omit it to use the default cache size.
A larger value can improve performance in applications that execute many
unique queries, while a smaller one can reduce memory usage.
([#​29503](https://redirect.github.com/prisma/prisma/issues/29503))
##### Bug Fixes
**Prisma Client**
- Fixed an equality filter panic and incorrect `::jsonb` cast when
filtering on PostgreSQL JSON list columns. Queries using `where: {
jsonListField: { equals: [...] } }` no longer panic with a type mismatch
or emit invalid SQL.
([prisma/prisma-engines#5804](https://redirect.github.com/prisma/prisma-engines/issues/5804))
- Fixed case-insensitive JSON field filtering (`mode: insensitive`),
allowing `where: { jsonField: { equals: "...", mode: "insensitive" } }`
to work correctly.
([prisma/prisma-engines#5806](https://redirect.github.com/prisma/prisma-engines/issues/5806))
- Fixed incorrect parameterization of enum values that have a custom
database name set via `@map`.
([#​29422](https://redirect.github.com/prisma/prisma/issues/29422))
- Fixed a database parameter limit check (`P2029`), which could
incorrectly reject or miss over-limit queries.
([#​29422](https://redirect.github.com/prisma/prisma/issues/29422))
- Fixed a regression that caused missing SQL Server `VARCHAR` casts for
parameterized values.
([prisma/prisma-engines#5801](https://redirect.github.com/prisma/prisma-engines/issues/5801))
Schema Engine
- Fixed a misleading error message in `prisma migrate diff` that
referenced the `--shadow-database-url` CLI flag, which was removed in
Prisma 7.
([#​29455](https://redirect.github.com/prisma/prisma/issues/29455))
- Fixed `prisma migrate dev` (and shadow database migration replay in
general) failing with `CREATE INDEX CONCURRENTLY cannot run inside a
transaction block` when a migration contained concurrent index creation
statements on PostgreSQL.
([prisma/prisma-engines#5799](https://redirect.github.com/prisma/prisma-engines/issues/5799))
- Fixed PostgreSQL introspection silently dropping sequence defaults
when the database returns the schema-qualified form
`pg_catalog.nextval('sequence_name'::regclass)` instead of the bare
`nextval(...)`. Columns backed by sequences now correctly appear as
`@default(autoincrement())` in the Prisma schema in all cases.
([prisma/prisma-engines#5802](https://redirect.github.com/prisma/prisma-engines/issues/5802))
**Driver Adapters**
-
**[@​prisma/adapter-d1](https://redirect.github.com/prisma/adapter-d1)**:
Savepoint operations (`createSavepoint`, `rollbackToSavepoint`,
`releaseSavepoint`) now silently no-op with debug logging instead of
executing SQL statements, consistent with how the D1 adapter already
treats top-level transactions.
([#​29499](https://redirect.github.com/prisma/prisma/issues/29499))
#### Open roles at Prisma
Interested in joining Prisma? We're growing and have several exciting
opportunities across the company for developers who are passionate about
building with Prisma. Explore our open positions on our [Careers
page](https://www.prisma.io/careers#current) and find the role that's
right for you.
#### Enterprise support
Thousands of teams use Prisma and many of them already tap into our
Enterprise & Agency Support Program for hands-on help with everything
from schema integrations and performance tuning to security and
compliance.
With this program you also get priority issue triage and bug fixes,
expert scalability advice, and custom training so that your
Prisma-powered apps stay rock-solid at any scale. Learn more or join:
<https://prisma.io/enterprise>.
</details>
<details>
<summary>getsentry/sentry-javascript (@​sentry/nuxt)</summary>
###
[`v10.50.0`](https://redirect.github.com/getsentry/sentry-javascript/compare/10.49.0...10.50.0)
[Compare
Source](https://redirect.github.com/getsentry/sentry-javascript/compare/10.49.0...10.50.0)
</details>
<details>
<summary>kane50613/takumi (@​takumi-rs/core)</summary>
###
[`v1.1.2`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#112)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.1.1...@takumi-rs/core@1.1.2)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.1.2
###
[`v1.1.1`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#111)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.1.0...@takumi-rs/core@1.1.1)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.1.1
###
[`v1.1.0`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#110)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.0.16...@takumi-rs/core@1.1.0)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.1.0
###
[`v1.0.16`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#1016)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.0.15...@takumi-rs/core@1.0.16)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.0.16
###
[`v1.0.15`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#1015)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.0.14...@takumi-rs/core@1.0.15)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.0.15
###
[`v1.0.14`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#1014)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.0.13...@takumi-rs/core@1.0.14)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.0.14
###
[`v1.0.13`](https://redirect.github.com/kane50613/takumi/blob/HEAD/takumi-napi-core/CHANGELOG.md#1013)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/core@1.0.12...@takumi-rs/core@1.0.13)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.0.13
</details>
<details>
<summary>kane50613/takumi (@​takumi-rs/wasm)</summary>
###
[`v1.1.2`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/wasm%401.1.2)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.1.1...@takumi-rs/wasm@1.1.2)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.1.2
###
[`v1.1.1`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/wasm%401.1.1)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.1.0...@takumi-rs/wasm@1.1.1)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.1.1
###
[`v1.1.0`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/wasm%401.1.0)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.0.16...@takumi-rs/wasm@1.1.0)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.1.0
###
[`v1.0.16`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/wasm%401.0.16)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.0.15...@takumi-rs/wasm@1.0.16)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.0.16
###
[`v1.0.15`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/wasm%401.0.15)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.0.14...@takumi-rs/wasm@1.0.15)
##### Patch Changes
-
[@​takumi-rs/helpers](https://redirect.github.com/takumi-rs/helpers)@​1.0.15
###
[`v1.0.14`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/image-response%401.0.14)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.0.13...@takumi-rs/wasm@1.0.14)
##### Patch Changes
- Updated dependencies
\[[`6323299`](https://redirect.github.com/kane50613/takumi/commit/6323299)]
- takumi-js\@​1.0.14
###
[`v1.0.13`](https://redirect.github.com/kane50613/takumi/releases/tag/%40takumi-rs/image-response%401.0.13)
[Compare
Source](https://redirect.github.com/kane50613/takumi/compare/@takumi-rs/wasm@1.0.12...@takumi-rs/wasm@1.0.13)
##### Patch Changes
- Updated dependencies
\[[`ccfaff3`](https://redirect.github.com/kane50613/takumi/commit/ccfaff3)]
- takumi-js\@​1.0.13
</details>
<details>
<summary>vuejs/test-utils (@​vue/test-utils)</summary>
###
[`v2.4.9`](https://redirect.github.com/vuejs/test-utils/compare/v2.4.8...v2.4.9)
[Compare
Source](https://redirect.github.com/vuejs/test-utils/compare/v2.4.8...v2.4.9)
###
[`v2.4.8`](https://redirect.github.com/vuejs/test-utils/releases/tag/v2.4.8)
[Compare
Source](https://redirect.github.com/vuejs/test-utils/compare/v2.4.7...v2.4.8)
[compare
changes](https://redirect.github.com/vuejs/test-utils/compare/v2.4.7...v2.4.8)
##### 🩹 Fixes
- Correct declaration entrypoint
([#​2826](https://redirect.github.com/vuejs/test-utils/pull/2826))
##### 🤖 CI
- Enable pkg.pr.new
([#​2827](https://redirect.github.com/vuejs/test-utils/pull/2827))
##### ❤️ Contributors
- Cédric Exbrayat
([@​cexbrayat](https://redirect.github.com/cexbrayat))
- Daniel Roe
([@​danielroe](https://redirect.github.com/danielroe))
###
[`v2.4.7`](https://redirect.github.com/vuejs/test-utils/releases/tag/v2.4.7)
[Compare
Source](https://redirect.github.com/vuejs/test-utils/compare/v2.4.6...v2.4.7)
[compare
changes](https://redirect.github.com/vuejs/test-utils/compare/v2.4.6...v2.4.7)
##### 🚀 Enhancements
- Add Chinese docs translation
([#​2552](https://redirect.github.com/vuejs/test-utils/pull/2552))
- SetData()/shallowMount with initialData for components using the
Composition API / <script setup>
([#​2655](https://redirect.github.com/vuejs/test-utils/pull/2655))
##### 🩹 Fixes
- Preserve code from keyboard events
([#​2434](https://redirect.github.com/vuejs/test-utils/pull/2434))
- Switch browser and require exports definitions
([#​2501](https://redirect.github.com/vuejs/test-utils/pull/2501))
- Re-add peer dependencies but with wider range
([#​2511](https://redirect.github.com/vuejs/test-utils/pull/2511))
- Resolve warnings in docs:dev
([30b7491](https://redirect.github.com/vuejs/test-utils/commit/30b7491))
- Resolve TypeScript type errors in .vitepress/config
([#​2549](https://redirect.github.com/vuejs/test-utils/pull/2549))
- Accept FunctionalComponent<any> as selector
([0bb947f](https://redirect.github.com/vuejs/test-utils/commit/0bb947f))
- Text() misses content for array functional component
([#​2579](https://redirect.github.com/vuejs/test-utils/pull/2579))
- Use await in test
([c5482b4](https://redirect.github.com/vuejs/test-utils/commit/c5482b4))
- **deps:** Update dependency vue-component-type-helpers to v3
([#​2683](https://redirect.github.com/vuejs/test-utils/pull/2683))
- Remove wrapper div when unmount
([#​2700](https://redirect.github.com/vuejs/test-utils/pull/2700))
- Make mount options slots compatible with noUncheckedIndexedAccess true
([#​2713](https://redirect.github.com/vuejs/test-utils/pull/2713))
- Add missing peerDependency
[@​vue/compiler-dom](https://redirect.github.com/vue/compiler-dom)
([75801ba](https://redirect.github.com/vuejs/test-utils/commit/75801ba))
- **docs:** Declare css module for vitepress typecheck
([ddaca97](https://redirect.github.com/vuejs/test-utils/commit/ddaca97))
##### 💅 Refactors
- Enforce consistent usage of type imports
([#​2734](https://redirect.github.com/vuejs/test-utils/pull/2734))
##### 📖 Documentation
- Clarify findComponent vs getComponent
([#​2435](https://redirect.github.com/vuejs/test-utils/pull/2435))
- Update fr docs
([67064ef](https://redirect.github.com/vuejs/test-utils/commit/67064ef))
- Add note about partial transition stub support
([#​2431](https://redirect.github.com/vuejs/test-utils/pull/2431))
- Fix missing data at passing data section essentials guide
([dda205e](https://redirect.github.com/vuejs/test-utils/commit/dda205e))
- Fix missing data at passing data section essentials guide fr
([ae2c72c](https://redirect.github.com/vuejs/test-utils/commit/ae2c72c))
- Fix plugin TS declaration example
([#​2466](https://redirect.github.com/vuejs/test-utils/pull/2466))
- Fixed incorrect checkbox value check
([#​2495](https://redirect.github.com/vuejs/test-utils/pull/2495))
- Capital letter in sentence fix
([#​2499](https://redirect.github.com/vuejs/test-utils/pull/2499))
- Import missing DOMWrapper on Implementation of the plugin section
([#​2519](https://redirect.github.com/vuejs/test-utils/pull/2519))
- Add migration step for deprecated ref syntax in findAllComponents
([#​2498](https://redirect.github.com/vuejs/test-utils/pull/2498))
- Correct anchor hash links and fix typo
([#​2551](https://redirect.github.com/vuejs/test-utils/pull/2551))
- Center logo on home
([#​2559](https://redirect.github.com/vuejs/test-utils/pull/2559))
- **zh-cn:** Review a-crash-course
([#​2563](https://redirect.github.com/vuejs/test-utils/pull/2563))
- Use code-group for install commands
([#​2571](https://redirect.github.com/vuejs/test-utils/pull/2571))
- **zh-cn:** Review event-handing.md
([#​2572](https://redirect.github.com/vuejs/test-utils/pull/2572))
- **zh-cn:** Enhance conditional-rendering.md
([#​2562](https://redirect.github.com/vuejs/test-utils/pull/2562))
- **zh-cn:** Review easy-to-test
([#​2567](https://redirect.github.com/vuejs/test-utils/pull/2567))
- **zh-cn:** Review passing-data.md
([#​2575](https://redirect.github.com/vuejs/test-utils/pull/2575))
- **zh-cn:** Review async-suspense.md
([#​2576](https://redirect.github.com/vuejs/test-utils/pull/2576))
- **zh:** 优化 API 文档格式和内容
([#​2569](https://redirect.github.com/vuejs/test-utils/pull/2569))
- **zh:** 更新 Vitest 模拟日期和计时器的说明
([#​2578](https://redirect.github.com/vuejs/test-utils/pull/2578))
- **zh-cn:** Review http-requests.md
([#​2580](https://redirect.github.com/vuejs/test-utils/pull/2580))
- **zh-cn:** Review forms
([#​2582](https://redirect.github.com/vuejs/test-utils/pull/2582))
- **zh-cn:** Guide/advanced/slots.md
([#​2565](https://redirect.github.com/vuejs/test-utils/pull/2565))
- **zh:** Review extending-vtu
([#​2583](https://redirect.github.com/vuejs/test-utils/pull/2583))
- **zh:** Review index
([#​2584](https://redirect.github.com/vuejs/test-utils/pull/2584))
- Fix modelValue test example
([85bfdf4](https://redirect.github.com/vuejs/test-utils/commit/85bfdf4))
- Removes broken link from plugins.md
([69bc1ce](https://redirect.github.com/vuejs/test-utils/commit/69bc1ce))
- **zh:** Review transitions, component-instance, and
reusability-composition
([#​2616](https://redirect.github.com/vuejs/test-utils/pull/2616))
- **zh:** Review v-model and vuex
([#​2617](https://redirect.github.com/vuejs/test-utils/pull/2617))
- **zh:** Review all the rest advanced guide
([#​2619](https://redirect.github.com/vuejs/test-utils/pull/2619))
- **zh:** Review migration
([#​2623](https://redirect.github.com/vuejs/test-utils/pull/2623))
- Fix a typo in transitions.md
([#​2635](https://redirect.github.com/vuejs/test-utils/pull/2635))
- Update crash-course to script setup
([c81aa79](https://redirect.github.com/vuejs/test-utils/commit/c81aa79))
- Update Essentials section to setup (composition api)
([#​2647](https://redirect.github.com/vuejs/test-utils/pull/2647))
- Typos in examples
([#​2678](https://redirect.github.com/vuejs/test-utils/pull/2678))
- Typo in easy-to-test.md
([#​2710](https://redirect.github.com/vuejs/test-utils/pull/2710))
- Add note about mocking requestAnimationFrame for transitions
([2324c65](https://redirect.github.com/vuejs/test-utils/commit/2324c65))
- Updated example TodoApp to script setup
([#​2727](https://redirect.github.com/vuejs/test-utils/pull/2727))
- Remove "Using data" section from "Conditional Rendering" guide and fix
passing data test example
([#​2743](https://redirect.github.com/vuejs/test-utils/pull/2743))
- Follow-up fixes for the conditional rendering guide
([#​2744](https://redirect.github.com/vuejs/test-utils/pull/2744))
- Mention shallowMount stub name changes in migration guide
([80e051a](https://redirect.github.com/vuejs/test-utils/commit/80e051a))
- Update conditional rendering documentation to clarify isVisible()
usage with attachTo
([#​2799](https://redirect.github.com/vuejs/test-utils/pull/2799))
- Restore Options API component for data() mounting example
([#​2804](https://redirect.github.com/vuejs/test-utils/pull/2804))
- Promote Vitest as recommended test runner
([#​2805](https://redirect.github.com/vuejs/test-utils/pull/2805))
- **api:** Note that setValue does not accept objects on `<select>`
([#​2819](https://redirect.github.com/vuejs/test-utils/pull/2819))
##### 🏡 Chore
- Add api/index.md to docs:translation:compare
([6b8681c](https://redirect.github.com/vuejs/test-utils/commit/6b8681c))
- Remove unnecessary generic arguments
([cfd70c6](https://redirect.github.com/vuejs/test-utils/commit/cfd70c6))
- Ignore TS error in config object
([9d0a618](https://redirect.github.com/vuejs/test-utils/commit/9d0a618))
- Simplify eslint packages
([c1d0ffd](https://redirect.github.com/vuejs/test-utils/commit/c1d0ffd))
- Use eslint v9 with flat config
([2f19fdf](https://redirect.github.com/vuejs/test-utils/commit/2f19fdf))
- Expose Stubs type publicly
([#​2492](https://redirect.github.com/vuejs/test-utils/pull/2492))
- Update documentation file path
([9c96594](https://redirect.github.com/vuejs/test-utils/commit/9c96594))
- Use pnpm v10
([e4c2cb3](https://redirect.github.com/vuejs/test-utils/commit/e4c2cb3))
- Pnpm approve build
([81c54e9](https://redirect.github.com/vuejs/test-utils/commit/81c54e9))
- Use github issue forms
([#​2673](https://redirect.github.com/vuejs/test-utils/pull/2673))
- Exclude class components from test type-checking
([0899008](https://redirect.github.com/vuejs/test-utils/commit/0899008))
- Add explicit coverage include for vitest v4
([51672b9](https://redirect.github.com/vuejs/test-utils/commit/51672b9))
- Update to prettier v3.7
([fed9e7c](https://redirect.github.com/vuejs/test-utils/commit/fed9e7c))
- Migrate to oxfmt
([81c1de9](https://redirect.github.com/vuejs/test-utils/commit/81c1de9))
- Migrate to oxlint
([a361908](https://redirect.github.com/vuejs/test-utils/commit/a361908))
- Prepare TypeScript 6 migration settings
([55e1262](https://redirect.github.com/vuejs/test-utils/commit/55e1262))
- Adjust tsd config for TypeScript 6
([7d23eb5](https://redirect.github.com/vuejs/test-utils/commit/7d23eb5))
- Avoid TypeScript 6 target deprecation warning
([81d063c](https://redirect.github.com/vuejs/test-utils/commit/81d063c))
##### 🤖 CI
- Remove node v22 build
([7ebf58d](https://redirect.github.com/vuejs/test-utils/commit/7ebf58d))
- Add node v22 build
([57540ee](https://redirect.github.com/vuejs/test-utils/commit/57540ee))
- Use "pool: threads" instead of vmThreads
([d0cbb54](https://redirect.github.com/vuejs/test-utils/commit/d0cbb54))
- Remove node v18 and add v24
([fd9cf95](https://redirect.github.com/vuejs/test-utils/commit/fd9cf95))
- Add trusted publishing release workflow
([#​2825](https://redirect.github.com/vuejs/test-utils/pull/2825))
##### ❤️ Contributors
- Lachlan Miller
([@​lmiller1990](https://redirect.github.com/lmiller1990))
- cexbrayat ([@​cexbrayat](https://redirect.github.com/cexbrayat))
- Nicolas Bonamy
([@​nbonamy](https://redirect.github.com/nbonamy))
- KatWorkGit
([@​KatWorkGit](https://redirect.github.com/KatWorkGit))
- Wouter Kroes
([@​wouterkroes](https://redirect.github.com/wouterkroes))
- Rama Muhammad Murshal
([@​ramammurshal](https://redirect.github.com/ramammurshal))
- Evan You ([@​yyx990803](https://redirect.github.com/yyx990803))
- Vlad Starkovsky
([@​starkovsky](https://redirect.github.com/starkovsky))
- Joe ([@​joaoprp](https://redirect.github.com/joaoprp))
- Priyadarshi Kumar
([@​Psingh132](https://redirect.github.com/Psingh132))
- Sébastien Ronveaux
([@​sronveaux](https://redirect.github.com/sronveaux))
- Gilliam ([@​Gi11i4m](https://redirect.github.com/Gi11i4m))
- Baranov Dmytro
([@​dimas7001](https://redirect.github.com/dimas7001))
- BrendonHenrique
([@​BrendonHenrique](https://redirect.github.com/BrendonHenrique))
- Lorenz van Herwaarden
([@​lorenzvanherwaarden](https://redirect.github.com/lorenzvanherwaarden))
- wuzhiqing
([@​DDDDD12138](https://redirect.github.com/DDDDD12138))
- 阿菜 Cai ([@​RSS1102](https://redirect.github.com/RSS1102))
- Jinjiang ([@​Jinjiang](https://redirect.github.com/Jinjiang))
- Kylin ([@​lxKylin](https://redirect.github.com/lxKylin))
- Qianhe Chen
([@​chenqianhe](https://redirect.github.com/chenqianhe))
- 时瑶
([@​KiritaniAyaka](https://redirect.github.com/KiritaniAyaka))
- h7ml ([@​h7ml](https://redirect.github.com/h7ml))
- Nicander
([@​Nicander93](https://redirect.github.com/Nicander93))
- Take-John ([@​takejohn](https://redirect.github.com/takejohn))
- ilyasherstoboev
([@​ilyasherstoboev](https://redirect.github.com/ilyasherstoboev))
- aimerie ([@​aimerie](https://redirect.github.com/aimerie))
- Miguel Rincon
([@​miguelrincon](https://redirect.github.com/miguelrincon))
- bcastlel ([@​bcastlel](https://redirect.github.com/bcastlel))
- Claudiu ([@​sofuxro](https://redirect.github.com/sofuxro))
- Artem Dragunov
([@​dragunovartem99](https://redirect.github.com/dragunovartem99))
- Robin ([@​OrbisK](https://redirect.github.com/OrbisK))
- Koen Mertens
([@​KCMertens](https://redirect.github.com/KCMertens))
- meomking
([@​CaptainWang98](https://redirect.github.com/CaptainWang98))
- Pepijn Olivier
([@​pepijnolivier](https://redirect.github.com/pepijnolivier))
- Tomina ([@​Thomaash](https://redirect.github.com/Thomaash))
- Gareth Jones ([@​G-Rath](https://redirect.github.com/G-Rath))
- Jerry Hogan ([@​hdJerry](https://redirect.github.com/hdJerry))
- Marco Pasqualetti
([@​marcalexiei](https://redirect.github.com/marcalexiei))
- guoxk ([@​guoxk-me](https://redirect.github.com/guoxk-me))
- kimulaco ([@​kimulaco](https://redirect.github.com/kimulaco))
- Erwan IQUEL ([@​Olympus5](https://redirect.github.com/Olympus5))
- Matt Van Horn
([@​mvanhorn](https://redirect.github.com/mvanhorn))
- Daniel Roe
([@​danielroe](https://redirect.github.com/danielroe))
</details>
<details>
<summary>nuxt-modules/og-image (nuxt-og-image)</summary>
###
[`v6.4.8`](https://redirect.github.com/nuxt-modules/og-image/releases/tag/v6.4.8)
[Compare
Source](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.7...v6.4.8)
##### 🐞 Bug Fixes
- **takumi**: Restore non-latin glyph support regressed in v6.2.0 - by
[@​harlan-zw](https://redirect.github.com/harlan-zw) in
[#​587](https://redirect.github.com/nuxt-modules/og-image/issues/587)
[<samp>(0b5e6)</samp>](https://redirect.github.com/nuxt-modules/og-image/commit/0b5e621e)
##### [View changes on
GitHub](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.7...v6.4.8)
###
[`v6.4.7`](https://redirect.github.com/nuxt-modules/og-image/blob/HEAD/CHANGELOG.md#v647main)
[Compare
Source](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.6...v6.4.7)
[compare
changes](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.7...main)
##### 🩹 Fixes
- **takumi:** Restore non-latin glyph support regressed in v6.2.0
([#​587](https://redirect.github.com/nuxt-modules/og-image/pull/587))
##### 🏡 Chore
- Bump deps
([e7e115b4](https://redirect.github.com/nuxt-modules/og-image/commit/e7e115b4))
##### ❤️ Contributors
- Harlan Wilton
([@​harlan-zw](https://redirect.github.com/harlan-zw))
###
[`v6.4.6`](https://redirect.github.com/nuxt-modules/og-image/releases/tag/v6.4.6)
[Compare
Source](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.5...v6.4.6)
##### 🐞 Bug Fixes
- IMessage Preview displaying multiple images - by
[@​captnCC](https://redirect.github.com/captnCC) and
**johanneskees** in
[#​584](https://redirect.github.com/nuxt-modules/og-image/issues/584)
[<samp>(55336)</samp>](https://redirect.github.com/nuxt-modules/og-image/commit/55336baf)
##### [View changes on
GitHub](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.5...v6.4.6)
###
[`v6.4.5`](https://redirect.github.com/nuxt-modules/og-image/releases/tag/v6.4.5)
[Compare
Source](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.4...v6.4.5)
##### 🐞 Bug Fixes
- **takumi**: Serialize WASM calls - by
[@​harlan-zw](https://redirect.github.com/harlan-zw) in
[#​583](https://redirect.github.com/nuxt-modules/og-image/issues/583)
[<samp>(7e935)</samp>](https://redirect.github.com/nuxt-modules/og-image/commit/7e9354fd)
##### [View changes on
GitHub](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.4...v6.4.5)
###
[`v6.4.4`](https://redirect.github.com/nuxt-modules/og-image/blob/HEAD/CHANGELOG.md#v644main)
[Compare
Source](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.3...v6.4.4)
[compare
changes](https://redirect.github.com/nuxt-modules/og-image/compare/v6.4.4...main)
##### 🩹 Fixes
- **takumi:** Serialize WASM calls
([#​583](https://redirect.github.com/nuxt-modules/og-image/pull/583))
##### 🏡 Chore
- Bump deps
([0509eb75](https://redirect.github.com/nuxt-modules/og-image/commit/0509eb75))
##### ❤️ Contributors
- Harlan Wilton
([@​harlan-zw](https://redirect.github.com/harlan-zw))
</details>
<details>
<summary>pnpm/pnpm (pnpm)</summary>
###
[`v10.33.2`](https://redirect.github.com/pnpm/pnpm/compare/v10.33.1...v10.33.2)
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v10.33.1...v10.33.2)
###
[`v10.33.1`](https://redirect.github.com/pnpm/pnpm/releases/tag/v10.33.1):
pnpm 10.33.1
[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v10.33.0...v10.33.1)
##### Patch Changes
- When a project's `packageManager` field selects pnpm v11 or newer,
commands that v10 would have passed through to npm (`version`, `login`,
`logout`, `publish`, `unpublish`, `deprecate`, `dist-tag`, `docs`,
`ping`, `search`, `star`, `stars`, `unstar`, `whoami`, etc.) are now
handed over to the wanted pnpm, which implements them natively.
Previously they silently shelled out to npm — making, for example, `pnpm
version --help` print npm's help on a project with `packageManager:
pnpm@11.0.0-rc.3`
[#​11328](https://redirect.github.com/pnpm/pnpm/issues/11328).
<!-- sponsors -->
##### Platinum Sponsors
<table>
<tbody>
<tr>
<td align="center" valign="middle">
<a href="https://bit.cloud/?utm_source=pnpm&utm_medium=release_notes"
target="_blank"><img src="https://pnpm.io/img/users/bit.svg" width="80"
alt="Bit"></a>
</td>
</tr>
</tbody>
</table>
##### Gold Sponsors
<table>
<tbody>
<tr>
<td align="center" valign="middle">
<a href="https://sanity.io/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/sanity.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/sanity_light.svg" />
<img src="https://pnpm.io/img/users/sanity.svg" width="120" alt="Sanity"
/>
</picture>
</a>
</td>
<td align="center" valign="middle">
<a href="https://discord.com/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/discord.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/discord_light.svg" />
<img src="https://pnpm.io/img/users/discord.svg" width="220"
alt="Discord" />
</picture>
</a>
</td>
<td align="center" valign="middle">
<a href="https://vite.dev/?utm_source=pnpm&utm_medium=release_notes"
target="_blank"><img src="https://pnpm.io/img/users/vitejs.svg"
width="42" alt="Vite"></a>
</td>
</tr>
<tr>
<td align="center" valign="middle">
<a href="https://serpapi.com/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/serpapi_dark.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/serpapi_light.svg" />
<img src="https://pnpm.io/img/users/serpapi_dark.svg" width="160"
alt="SerpApi" />
</picture>
</a>
</td>
<td align="center" valign="middle">
<a
href="https://coderabbit.ai/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/coderabbit.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/coderabbit_light.svg" />
<img src="https://pnpm.io/img/users/coderabbit.svg" width="220"
alt="CodeRabbit" />
</picture>
</a>
</td>
<td align="center" valign="middle">
<a
href="https://stackblitz.com/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/stackblitz.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/stackblitz_light.svg" />
<img src="https://pnpm.io/img/users/stackblitz.svg" width="190"
alt="Stackblitz" />
</picture>
</a>
</td>
</tr>
<tr>
<td align="center" valign="middle">
<a href="https://workleap.com/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/workleap.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/workleap_light.svg" />
<img src="https://pnpm.io/img/users/workleap.svg" width="190"
alt="Workleap" />
</picture>
</a>
</td>
<td align="center" valign="middle">
<a href="https://nx.dev/?utm_source=pnpm&utm_medium=release_notes"
target="_blank">
<picture>
<source media="(prefers-color-scheme: light)"
srcset="https://pnpm.io/img/users/nx.svg" />
<source media="(prefers-color-scheme: dark)"
srcset="https://pnpm.io/img/users/nx_light.svg" />
<img src="https://pnpm.io/img/users/nx.svg" width="50" alt="Nx" />
</picture>
</a>
</td>
</tr>
</tbody>
</table>
<!-- sponsors end -->
</details>
<details>
<summary>skilld-dev/skilld (skilld)</summary>
###
[`v1.7.0`](https://redirect.github.com/skilld-dev/skilld/releases/tag/v1.7.0)
[Compare
Source](https://redirect.github.com/skilld-dev/skilld/compare/v1.6.2...v1.7.0)
##### 🚀 Features
- Registry pivot foundations - by
[@​harlan-zw](https://redirect.github.com/harlan-zw) in
[#​59](https://redirect.github.com/skilld-dev/skilld/issues/59)
[<samp>(6eb17)</samp>](https://redirect.github.com/skilld-dev/skilld/commit/6eb17086)
- Crate package support - by
[@​oritwoen](https://redirect.github.com/oritwoen) and
[@​harlan-zw](https://redirect.github.com/harlan-zw) in
[#​4](https://redirect.github.com/skilld-dev/skilld/issues/4)
[<samp>(111d9)</samp>](https://redirect.github.com/skilld-dev/skilld/commit/111d97d0)
##### 🐞 Bug Fixes
- Add missing search-helpers module - by
[@​harlan-zw](https://redirect.github.com/harlan-zw)
[<samp>(a4e95)</samp>](https://redirect.github.com/skilld-dev/skilld/commit/a4e95573)
##### [View changes on
GitHub](https://redirect.github.com/skilld-dev/skilld/compare/v1.6.2...v1.7.0)
</details>
<details>
<summary>sxzz/stale-dep (stale-dep)</summary>
###
[`v0.8.6`](https://redirect.github.com/sxzz/stale-dep/releases/tag/v0.8.6)
[Compare
Source](https://redirect.github.com/sxzz/stale-dep/compare/v0.8.5...v0.8.6)
##### 🐞 Bug Fixes
- **deps**: Update dependency cac to v7 - in
[#​75](https://redirect.github.com/sxzz/stale-dep/issues/75)
[<samp>(d0225)</samp>](https://redirect.github.com/sxzz/stale-dep/commit/d0225c7)
##### [View changes on
GitHub](https://redirect.github.com/sxzz/stale-dep/compare/v0.8.5...v0.8.6)
</details>
<details>
<summary>tailwindlabs/tailwindcss (tailwindcss)</summary>
###
[`v4.2.4`](https://redirect.github.com/tailwindlabs/tailwindcss/blob/HEAD/CHANGELOG.md#424---2026-04-21)
[Compare
Source](https://redirect.github.com/tailwindlabs/tailwindcss/compare/v4.2.3...v4.2.4)
##### Fixed
- Ensure imports in `@import` and `@plugin` still resolve correctly when
using Vite aliases in `@tailwindcss/vite`
([#​19947](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19947))
###
[`v4.2.3`](https://redirect.github.com/tailwindlabs/tailwindcss/blob/HEAD/CHANGELOG.md#423---2026-04-20)
[Compare
Source](https://redirect.github.com/tailwindlabs/tailwindcss/compare/v4.2.2...v4.2.3)
##### Fixed
- Canonicalization: improve canonicalizations for `tracking-*` utilities
by preferring non-negative utilities (e.g. `-tracking-tighter` →
`tracking-wider`)
([#​19827](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19827))
- Fix crash due to invalid characters in candidate (exceeding valid
unicode code point range)
([#​19829](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19829))
- Ensure query params in imports are considered unique resources when
using `@tailwindcss/webpack`
([#​19723](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19723))
- Canonicalization: collapse arbitrary values into shorthand utilities
(e.g. `px-[1.2rem] py-[1.2rem]` → `p-[1.2rem]`)
([#​19837](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19837))
- Canonicalization: collapse `border-{t,b}-*` into `border-y-*`,
`border-{l,r}-*` into `border-x-*`, and `border-{t,r,b,l}-*` into
`border-*`
([#​19842](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19842))
- Canonicalization: collapse `scroll-m{t,b}-*` into `scroll-my-*`,
`scroll-m{l,r}-*` into `scroll-mx-*`, and `scroll-m{t,r,b,l}-*` into
`scroll-m-*`
([#​19842](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19842))
- Canonicalization: collapse `scroll-p{t,b}-*` into `scroll-py-*`,
`scroll-p{l,r}-*` into `scroll-px-*`, and `scroll-p{t,r,b,l}-*` into
`scroll-p-*`
([#​19842](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19842))
- Canonicalization: collapse `overflow-{x,y}-*` into `overflow-*`
([#​19842](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19842))
- Canonicalization: collapse `overscroll-{x,y}-*` into `overscroll-*`
([#​19842](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19842))
- Read from `--placeholder-color` instead of `--background-color` for
`placeholder-*` utilities
([#​19843](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19843))
- Upgrade: ensure files are not emptied out when killing the upgrade
process while it's running
([#​19846](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19846))
- Upgrade: use `config.content` when migrating from Tailwind CSS v3 to
Tailwind CSS v4
([#​19846](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19846))
- Upgrade: never migrate files that are ignored by git
([#​19846](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19846))
- Add `.env` and `.env.*` to default ignored content files
([#​19846](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19846))
- Canonicalization: migrate `overflow-ellipsis` into `text-ellipsis`
([#​19849](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19849))
- Canonicalization: migrate `start-full` → `inset-s-full`, `start-auto`
→ `inset-s-auto`, `start-px` → `inset-s-px`, and `start-<number>` →
`inset-s-<number>` as well as negative versions
([#​19849](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19849))
- Canonicalization: migrate `end-full` → `inset-e-full`, `end-auto` →
`inset-e-auto`, `end-px` → `inset-e-px`, and `end-<number>` →
`inset-e-<number>` as well as negative versions
([#​19849](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19849))
- Canonicalization: move the `-` sign inside the arbitrary value
`-left-[9rem]` → `left-[-9rem]`
([#​19858](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19858))
- Canonicalization: move the `-` sign outside the arbitrary value
`ml-[calc(-1*var(--width))]` → `-ml-(--width)`
([#​19858](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19858))
- Improve performance when scanning JSONL / NDJSON files
([#​19862](https://redirect.github.com/tailwindlabs/tailwindcss/pull/19862))
- Support `NODE_PATH` environment variable in standalone CLI (
</details>
---
### Configuration
📅 **Schedule**: (UTC)
- Branch creation
- "on Monday"
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/wolfstar-project/wolfstar.rocks).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuMyIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaG9yZSIsImRlcGVuZGVuY2llcyJdfQ==-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR will deploy the following changes to production (
wolfstar.rocks).Next version:
v0.6.0(current:v0.5.0)Features
bf08911b)Fixes
10cdb7b5)b30ec358)a64b9164)89fcd655)ea8d2bc9)867f1822)Other Changes
85b4f167)21e9eae3)ec27ba4f)5012c536)7b79bc59)19ec18d9)f682dd3f)4e5ac523)84cc95ad)Uncategorized
ef509931)aad4c460)