Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@oclif/core	3.26.0 -> 3.26.5					dependencies	patch
@swc/core (source)	1.4.12 -> 1.4.17					devDependencies	patch
@types/node (source)	20.12.5 -> 20.12.7					devDependencies	patch
@vitest/coverage-v8 (source)	1.4.0 -> 1.5.3					devDependencies	minor
eslint-plugin-vitest	0.4.1 -> 0.5.4					devDependencies	minor
node (source)	20.12.1 -> 20.12.2					volta	patch
npm (source)	10.5.1 -> 10.6.0					packageManager	minor
npm (source)	10.5.1 -> 10.6.0					volta	minor
tough-cookie	4.1.3 -> 4.1.4					dependencies	patch
typescript (source)	5.4.4 -> 5.4.5					devDependencies	patch
vitest (source)	1.4.0 -> 1.5.3					devDependencies	minor
zod (source)	3.22.4 -> 3.23.5					dependencies	minor

---

Release Notes

oclif/core (@​oclif/core)

v3.26.5

Compare Source

Bug Fixes

• better warnings (439e933)

v3.26.4

Compare Source

Bug Fixes

• deps: bump tar from 6.1.15 to 6.2.1 (#​1049) (6507e37)

v3.26.3

Compare Source

Bug Fixes

• deps: bump ejs from 3.1.9 to 3.1.10 (72dd869)

v3.26.2

Compare Source

Bug Fixes

• do not throw an error if a flag with allowStdin='only' is immediately followed by another flag (#​1046) (#​1047) (f05b0c8)

v3.26.1

Compare Source

Bug Fixes

• deps: bump minimatch from 9.0.3 to 9.0.4 (#​1041) (87cd0e6)

swc-project/swc (@​swc/core)

v1.4.17

Compare Source

Bug Fixes

• (es) Ignore sourceMappingURL in string literals (#​8879) (d7188cd)

• (es/codegen) Use Str.raw for es5 (#​8873) (c7a06b1)

• (es/compat) Fix async generator (#​8881) (063eabd)

• (es/resolver) Prioritze jsc.paths by length in tsc resolver (#​8875) (e22c368)

• (html/codegen) Expand elements before which body isn’t elided (#​8877) (5419a94)

v1.4.16

Compare Source

Bug Fixes

• (es/helpers) Fix resolving of usingCtx helper (#​8874) (6e9d1a4)

v1.4.15

Compare Source

Bug Fixes

• (es/codegen) Fix ascii_only for identifiers (#​8866) (2075a23)

• (es/minifier) Remove raw of strings after modification (#​8865) (740c0bb)

• (es/parser) Fix span of BindingIdent (#​8859) (fbd32fb)

• (es/proposal) Update explicit resource management to match spec (#​8860) (6d24076)

Features

• (es/transforms) Allocate stacks dynamically (#​8867) (a1c5415)

Refactor

• (es/minifier) Remove mangle.safari10 (#​8857) (df2e056)

Build

• (cargo) Update rustc to nightly-2024-04-03 (#​8821) (ca9c76b)

• (cargo) Update rustc to nightly-2024-04-16 (#​8870) (f9459a8)

v1.4.14

Compare Source

Bug Fixes

• (es/compat) Handle class fields correctly (#​8835) (5cc585b)

• (es/helpers) Add missing helpers (#​8843) (67bfcf4)

• (es/minifier) Handle switch cases (#​8854) (7a89e5d)

• (es/plugin) Create tokio runtime only if necessary (#​8845) (62c4f5e)

• (es/resolver) Correctly check strict mode (#​8851) (f6ba92b)

• (es/utils) Preserve optional chain effect (#​8850) (a7a32c4)

Documentation

• (swc_core) Resolve build issue with --all-features flag (#​8848) (c0d901e)

Refactor

• (es) Make the code compile with miri (#​8836) (3a51140)

• (es/decorator) Remove unsafe code (#​8839) (e8c6344)

• (visit) Simplify Vec::move_map (#​8838) (b1973d4)

Testing

• (es) Update conformance test suite from tsc (#​8834) (ea5d9cc)

v1.4.13

Compare Source

Bug Fixes

• (es/decorators) Fix capacity overflow with decorators (#​8818) (9ed93c1)

• (es/minifier) Respect top_retain for top-level functions (#​8814) (811308c)

• (es/minifier) Abort IIFE invoker in function parameters (#​8828) (ebb68db)

• (es/module) Respect module.resolveFully in more cases (#​8820) (e1f7704)

• (es/transforms) Fix capacity overflow with decorators (#​8815) (974f5c7)

• (plugin/runner) Pin version of virtual-fs (#​8827) (089f61b)

• (visit) Improve Map implementation for Box (#​8819) (dc04657)

vitest-dev/vitest (@​vitest/coverage-v8)

v1.5.3

Compare Source

   🐞 Bug Fixes

• Use package.json name for a workspace project if not provided  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/5608 (48fba)
• Backport jest iterable equality within object  -  by @​sukovanej in https://github.com/vitest-dev/vitest/issues/5621 (30e5d)
• browser: Support benchmark  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5622 (becab)
• reporter: Use default error formatter for JUnit  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5629 (20060)

    View changes on GitHub

v1.5.2

Compare Source

   🐞 Bug Fixes

• Check for null before storing in weakmap  -  by @​sheremet-va (ce368)

    View changes on GitHub

v1.5.1

Compare Source

   🚀 Features

• api: startVitest() to accept stdout and stdin  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/5493 (780b1)
  • This is listed as a feature, but it doesn't increase the minor version because startVitest API is experimental and doesn't follow semver.

   🐞 Bug Fixes

• Close vite servers on all resolved projects  -  by @​surc54 in https://github.com/vitest-dev/vitest/issues/5544 (413ec)
• Fix default import.meta.env.PROD: false  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5561 (9c649)
• Resolve cwd correctly when initiating projects  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/5582 (ec9d7)
• Always run onTestFinished in reverse order  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/5598 (23f29)
• browser:
  • Disable fileParallelism by default on browser pool  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5528 (5c69f)
  • Dispose tester iframe on done  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5595 (b2135)
• coverage:
  • Fix bundling of v8-to-istanbul  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/5549 (df6a4)
  • Prevent crash when cleanOnRerun is disabled  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/5540 (ea3c1)
  • thresholds to compare files relative to root  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/5574 (80265)
• expect:
  • Fix toEqual and toMatchObject with circular references  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5535 (9e641)
• vitest:
  • Fix false positive file filter match with leading slash  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/5578 (316eb)
  • Watch the output directory correctly  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/5584 (e40f9)
  • StubEnv casts boolean on PROD/SSR/DEV  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/5590 (4da88)

    View changes on GitHub

v1.5.0

Compare Source

veritem/eslint-plugin-vitest (eslint-plugin-vitest)

v0.5.4

Compare Source

Features

• support old Eslint configuration
• update dependencies

v0.5.3

Compare Source

Bug Fixes

• configs in plugin declaration file (#​428) (a554dd2)

v0.5.2

Compare Source

Features

• no-focused-tests: add autofix (#​424) (07be616)

v0.5.1

Compare Source

Bug Fixes

• no-focused-tests: support .each template strings (#​420) (36e5b9a)

v0.5.0

Compare Source

‼️ Breaking Change 🚨

This version only supports flat config!

If you run into issues consider downgrading and opening an issue ofcourse.

Full Changelog: vitest-dev/eslint-plugin-vitest@v0.5.0...v0.5.0

nodejs/node (node)

v20.12.2: 2024-04-10, Version 20.12.2 'Iron' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

• CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows

Commits

• [69ffc6d50d] - src: disallow direct .bat and .cmd file spawning (Ben Noordhuis) nodejs-private/node-private#563

npm/cli (npm)

v10.6.0

Compare Source

Features

• 9123de4 #​7373 do all ouput over proc-log events (@​lukekarrys)
• 9622597 #​7339 refactor terminal display (#​7339) (@​lukekarrys)

Bug Fixes

• 0e74ee4 #​7416 clean up npm object (#​7416) (@​wraithgar)
• c060e60 #​7415 return command and argv from load (@​lukekarrys)
• 180b919 #​7415 remove unused npm.setCmd method (@​lukekarrys)
• 0708b3b #​7414 use name of level instead of label for logging prefixes (#​7414) (@​lukekarrys)
• 7f4e667 #​7403 redact when displaying non-ascii arguments (@​lukekarrys)
• 06202f0 #​7403 store unref promises for awaiting in tests (@​lukekarrys)
• e5f1948 #​7403 run update notifier after exec but before waiting (@​lukekarrys)
• f309c1c #​7403 refactor: move timer and error logfile messages to lib/npm (@​lukekarrys)
• 43e6194 #​7403 dont show run script banners in silent (@​lukekarrys)
• 694dba9 #​7403 dont expose as many public properties of timers (@​lukekarrys)
• 7ca6d84 #​7403 use proc-log META for flush and force (@​lukekarrys)
• 2538438 #​7403 dont write timing logs to file unless requested (@​lukekarrys)
• 7e04417 #​7403 rename base-cmd to match other commands (@​lukekarrys)
• fc68547 #​7403 remove some npm.load timers and exit earlier for --versions (@​lukekarrys)
• 28019d5 #​7403 cleanup: move cli specific files to separate dir (@​lukekarrys)
• 469f788 #​7403 cleanup: newlines and whitespace (@​lukekarrys)
• 4ab6401 #​7403 cleanup: dont nest files utils dir (@​lukekarrys)
• 78447d7 #​7399 prefer fs/promises over promisify (#​7399) (@​lukekarrys)
• d531f8b #​7407 Remove table output from search and tar summary (@​wraithgar)
• c209e98 #​7401 Remove table output from many commands (@​wraithgar)
• ad7ab8c #​7388 perf: lazy loading optimizations (#​7388) (@​wraithgar)
• 8eae4b3 #​7385 token: properly await registry request (#​7385) (@​wraithgar)
• 9216d59 #​7377 better output colors (#​7377) (@​wraithgar)
• 6512112 #​7378 use proc-log for all timers (@​lukekarrys)
• 2a80dab #​7370 typo in npm access usage (#​7370) (@​mbtools)

Documentation

• dfa4cab #​7401 update output examples (@​wraithgar)
• 140b9c9 #​7382 package-json: note that line endings are inferred (#​7382) (@​ertw)
• c16dd4e #​7367 Document that overrides only work in the root package.json (#​7367) (@​s100)

Dependencies

• 36adff3 #​7408 pacote@18.0.2
• 486d46c #​7408 @npmcli/installed-package-contents@2.1.0
• 157d0ae #​7408 @npmcli/package-json@5.1.0
• b0ca163 #​7409 remove @​npmcli/disparity-colors
• c77f035 #​7407 remove columnify
• 2ec690d #​7401 move cli-table3 to devDependencies
• fc6e291 #​7392 proc-log@4.2.0 (#​7392)
• 38ed048 #​7378 @npmcli/metavuln-calculator@7.1.0
• 7678a3d #​7378 proc-log@4.1.0
• 87f6c09 #​7373 @npmcli/metavuln-calculator@7.0.1
• b8f8b41 #​7373 @npmcli/run-script@8.0.0
• 79f79c7 #​7373 proc-log@4.0.0
• 9027266 #​7373 pacote@18.0.0
• ee4b3e0 #​7373 npm-registry-fetch@16.2.1
• 0e7789b #​7373 npm-profile@9.0.1
• ac98fd3 #​7373 npm-package-arg@11.0.2
• 9351570 #​7373 @npmcli/package-json@5.0.3
• d3a0cfa #​7373 @npmcli/git@5.0.6
• workspace: @npmcli/arborist@7.5.0
• workspace: @npmcli/config@8.3.0
• workspace: libnpmaccess@8.0.4
• workspace: libnpmdiff@6.1.0
• workspace: libnpmexec@8.0.0
• workspace: libnpmfund@5.0.8
• workspace: libnpmhook@10.0.3
• workspace: libnpmorg@6.0.4
• workspace: libnpmpack@7.0.0
• workspace: libnpmpublish@9.0.6
• workspace: libnpmsearch@7.0.3
• workspace: libnpmteam@6.0.3
• workspace: libnpmversion@6.0.0

Chores

• 3cbc258 #​7403 test for early version exit (@​lukekarrys)
• 08e0c0e #​7403 move sigstore json files to fixtures dir (@​lukekarrys)
• ea66e95 #​7380 remove licensee as a devDependency (#​7380) (@​lukekarrys, @​wraithgar)
• 9333e9d #​7386 reduce windows shim test flakes (#​7386) (@​lukekarrys)

v10.5.2

Compare Source

Bug Fixes

• ef381b1 #​7363 use @​npmcli/redact for url cleaning (#​7363) (@​lukekarrys)
• 3760dd2 #​7361 perf: do less work loading config (#​7361) (@​wraithgar)
• 64bcf4c #​7360 perf: only initialize workpaces when we are inside a workspace (#​7360) (@​H4ad)
• 5a28a29 #​7352 perf: lazy load workspace dependency (#​7352) (@​H4ad)
• 5fc0f9d #​7347 lazy load validate npm package name on error message (#​7347) (@​H4ad)
• c929ed1 #​7321 prioritize CLI flags over publishConfig settings (#​7321) (@​roni-berlin)
• 70497cb #​7346 perf: avoid importing the entire semver package for update-notifier (#​7346) (@​H4ad)

Documentation

• 90ba1c9 #​7340 fix incorrect ISO 8601 reference (#​7340) (@​emmanuel-ferdman)

Dependencies

• 699a1de #​7362 @npmcli/map-workspaces@3.0.6
• 49fb9b7 #​7362 socks@2.8.3
• f69052e #​7362 @npmcli/package-json@5.0.2
• c18a0ad #​7357 sigstore@2.3.0
• fd4153b #​7357 socks@2.8.2
• d6b705a #​7357 postcss-selector-parser@6.0.16
• 248c177 #​7357 hasown@2.0.2
• 4af9e86 #​7357 builtins@5.1.0
• 7546b56 #​7357 @npmcli/agent@2.2.2
• d38fd4f #​7357 spdx-expression-parse@4.0.0
• 913b326 #​7357 is-cidr@5.0.5
• 84bbbd4 #​7357 @npmcli/package-json@5.0.1
• a0f5048 #​7357 @npmcli/git@5.0.5
• workspace: @npmcli/arborist@7.4.2
• workspace: @npmcli/config@8.2.2
• workspace: libnpmdiff@6.0.9
• workspace: libnpmexec@7.0.10
• workspace: libnpmfund@5.0.7
• workspace: libnpmpack@6.0.9

Chores

• 81be28d #​7357 dev dependency updates (@​wraithgar)

salesforce/tough-cookie (tough-cookie)

v4.1.4

Compare Source

Microsoft/TypeScript (typescript)

v5.4.5: TypeScript 5.4.5

Compare Source

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.4.0 (Beta).
• fixed issues query for Typescript 5.4.1 (RC).
• fixed issues query for Typescript 5.4.2 (Stable).
• fixed issues query for Typescript 5.4.3 (Stable).
• fixed issues query for Typescript 5.4.4 (Stable).
• fixed issues query for Typescript 5.4.5 (Stable).

Downloads are available on:

• NuGet package

colinhacks/zod (zod)

v3.23.5

Compare Source

v3.23.4

Compare Source

Commits:

• 157b18d Add 3.23 announcement
• aedf93f Revert change to default Input
• 45107f7 v3.23.4

v3.23.3

Compare Source

v3.23.2

Compare Source

Commits:

• c340558 Update protocol
• ef588d0 Fix t3env
• 9df70dd 3.23.2

v3.23.1

Compare Source

v3.23.0

Compare Source

Zod 3.23 is now available. This is the final 3.x release before Zod 4.0. To try it out:

npm install zod

Features

z.string().date()

Zod can now validate ISO 8601 date strings. Thanks @​igalklebanov! https://github.com/colinhacks/zod/pull/1766

const schema = z.string().date();
schema.parse("2022-01-01"); // OK

z.string().time()

Zod can now validate ISO 8601 time strings. Thanks @​igalklebanov! https://github.com/colinhacks/zod/pull/1766

const schema = z.string().time();
schema.parse("12:00:00"); // OK

You can specify sub-second precision using the precision option:

const schema = z.string().time({ precision: 3 });
schema.parse("12:00:00.123"); // OK
schema.parse("12:00:00.123456"); // Error
schema.parse("12:00:00"); // Error

z.string().duration()

Zod can now validate ISO 8601 duration strings. Thanks @​mastermatt! https://github.com/colinhacks/zod/pull/3265

const schema = z.string().duration();
schema.parse("P3Y6M4DT12H30M5S"); // OK

Improvements to z.string().datetime()

Thanks @​bchrobot https://github.com/colinhacks/zod/pull/2522

You can now allow unqualified (timezone-less) datetimes using the local: true flag.

const schema = z.string().datetime({ local: true });
schema.parse("2022-01-01T12:00:00"); // OK

Plus, Zod now validates the day-of-month correctly to ensure no invalid dates (e.g. February 30th) pass validation. Thanks @​szamanr! https://github.com/colinhacks/zod/pull/3391

z.string().base64()

Zod can now validate base64 strings. Thanks @​StefanTerdell! https://github.com/colinhacks/zod/pull/3047

const schema = z.string().base64();
schema.parse("SGVsbG8gV29ybGQ="); // OK

Improved discriminated unions

The following can now be used as discriminator keys in z.discriminatedUnion():

• ZodOptional
• ZodNullable
• ZodReadonly
• ZodBranded
• ZodCatch

const schema = z.discriminatedUnion("type", [
  z.object({ type: z.literal("A").optional(), value: z.number() }),
  z.object({ type: z.literal("B").nullable(), value: z.string() }),
  z.object({ type: z.literal("C").readonly(), value: z.boolean() }),
  z.object({ type: z.literal("D").brand<"D">(), value: z.boolean() }),
  z.object({ type: z.literal("E").catch("E"), value: z.unknown() }),
]);

Misc

• feature: allow falsy error message by @​fernandollisboa in https://github.com/colinhacks/zod/pull/3178
• feature: add attribute message to enum validatiion by @​fernandollisboa in https://github.com/colinhacks/zod/pull/3169

Breaking changes

There are no breaking changes to the public API of Zod. However some changes can impact ecosystem tools that rely on Zod internals.

ZodFirstPartySchemaTypes

Three new types have been added to the ZodFirstPartySchemaTypes union. This may impact some codegen libraries. https://github.com/colinhacks/zod/pull/3247

+  | ZodPipeline<any, any>
+  | ZodReadonly<any>
+  | ZodSymbol;

Default generics in ZodType

The third argument of the ZodType base class now defaults to unknown. This makes it easier to define recursive schemas and write generic functions that accept Zod schemas.

- class ZodType<Output = any, Def extends ZodTypeDef = ZodTypeDef, Input = Output> {}
+ class ZodType<Output = unknown, Def extends ZodTypeDef = ZodTypeDef, Input = unknown> {}

Unrecognized keys in .pick() and .omit()

This version fixes a bug where unknown keys were accidentally accepted in .pick() and omit(). This has been fixed, which could cause compiler errors in some user code. https://github.com/colinhacks/zod/pull/3255

z.object({ 
  name: z.string() 
}).pick({
  notAKey: true // no longer allowed
})

Bugfixes and performance

• Bugfix: Enum.extract/exclude should not remove error mapping by @​shaharke in https://github.com/colinhacks/zod/pull/3240
• Added latest stable Node and TypeScript versions to test matrix for up-to-date testing. by @​m10rten in https://github.com/colinhacks/zod/pull/3278
• Add types to ZodFirstPartySchemaTypes by @​MatthijsMud in https://github.com/colinhacks/zod/pull/3247
• fix: make input of .required() readonly by @​KATT in https://github.com/colinhacks/zod/pull/3301
• add never props to safe parse return types by @​schicks in https://github.com/colinhacks/zod/pull/3295
• Reporting errors of the preprocess that is the second property of object by @​yukukotani in https://github.com/colinhacks/zod/pull/2912
• Improve addQuestionMarks, fix #​2184 by @​colinhacks in https://github.com/colinhacks/zod/pull/3352
• f

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 99.05%. Comparing base (7ecc355) to head (8e4b0ff).

Additional details and impacted files

@@           Coverage Diff           @@
##           master      #68   +/-   ##
=======================================
  Coverage   99.05%   99.05%           
=======================================
  Files          28       28           
  Lines         851      851           
  Branches       71       71           
=======================================
  Hits          843      843           
  Misses          7        7           
  Partials        1        1           

Flag	Coverage Δ
integration	98.47% <ø> (ø)
unit	35.13% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.