chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@iconify-json/lucide	^1.2.42 -> ^1.2.47
@nuxt/eslint (source)	^1.3.1 -> ^1.4.1
@nuxt/eslint-config (source)	^1.3.1 -> ^1.4.1
@types/node (source)	^22.15.17 -> ^22.15.31
eslint (source)	^9.26.0 -> ^9.28.0
pnpm (source)	10.10.0 -> 10.12.1
tailwindcss (source)	4.1.6 -> 4.1.8
tinyglobby	^0.2.13 -> ^0.2.14
turbo (source)	2.5.3 -> 2.5.4
vue (source)	3.5.13 -> 3.5.16

---

Release Notes

nuxt/eslint (@​nuxt/eslint)

v1.4.1

Compare Source

   🐞 Bug Fixes

• Add node: prefix to build-in modules  -  by @​danielroe in https://github.com/nuxt/eslint/issues/579 (8180f)
• Sort imports objects by from + name  -  by @​danielroe in https://github.com/nuxt/eslint/issues/578 (766ae)

    View changes on GitHub

v1.4.0

Compare Source

   🚀 Features

• Update deps  -  by @​antfu (afc42)
• Support type-aware rules, fix #​499  -  by @​antfu in https://github.com/nuxt/eslint/issues/499 (70d23)

    View changes on GitHub

eslint/eslint (eslint)

v9.28.0

Compare Source

v9.27.0

Compare Source

pnpm/pnpm (pnpm)

v10.12.1

Minor Changes

• Experimental. Added support for global virtual stores. When enabled, node_modules contains only symlinks to a central virtual store, rather to node_modules/.pnpm. By default, this central store is located at <store-path>/links (you can find the store path by running pnpm store path).

  In the central virtual store, each package is hard linked into a directory whose name is the hash of its dependency graph. This allows multiple projects on the system to symlink shared dependencies from this central location, significantly improving installation speed when a warm cache is available.

  This is conceptually similar to how NixOS manages packages, using dependency graph hashes to create isolated and reusable package directories.

  To enable the global virtual store, set enableGlobalVirtualStore: true in your root pnpm-workspace.yaml, or globally via:

  pnpm config -g set enable-global-virtual-store true

  NOTE: In CI environments, where caches are typically cold, this setting may slow down installation. pnpm automatically disables the global virtual store when running in CI.

  Related PR: #​8190

• The pnpm update command now supports updating catalog: protocol dependencies and writes new specifiers to pnpm-workspace.yaml.
• Added two new CLI options (--save-catalog and --save-catalog-name=<name>) to pnpm add to save new dependencies as catalog entries. catalog: or catalog:<name> will be added to package.json and the package specifier will be added to the catalogs or catalog[<name>] object in pnpm-workspace.yaml #​9425.
• Semi-breaking. The keys used for side-effects caches have changed. If you have a side-effects cache generated by a previous version of pnpm, the new version will not use it and will create a new cache instead #​9605.
• Added a new setting called ci for explicitly telling pnpm if the current environment is a CI or not.

Patch Changes

• Sort versions printed by pnpm patch using semantic versioning rules.
• Improve the way the error message displays mismatched specifiers. Show differences instead of 2 whole objects #​9598.
• Revert #​9574 to fix a regression #​9596.

v10.11.1

Compare Source

Patch Changes

• Fix an issue in which pnpm deploy --legacy creates unexpected directories when the root package.json has a workspace package as a peer dependency #​9550.
• Dependencies specified via a URL that redirects will only be locked to the target if it is immutable, fixing a regression when installing from GitHub releases. (#​9531)
• Installation should not exit with an error if strictPeerDependencies is true but all issues are ignored by peerDependencyRules #​9505.
• Use pnpm_config_ env variables instead of npm_config_ #​9571.
• Fix a regression (in v10.9.0) causing the --lockfile-only flag on pnpm update to produce a different pnpm-lock.yaml than an update without the flag.
• Let pnpm deploy work in repos with overrides when inject-workspace-packages=true #​9283.
• Fixed the problem of path loss caused by parsing URL address. Fixes a regression shipped in pnpm v10.11 via #​9502.
• pnpm -r --silent run should not print out section #​9563.

v10.11.0

Compare Source

Minor Changes

• A new setting added for pnpm init to create a package.json with type=module, when init-type is module. Works as a flag for the init command too #​9463.

• Added support for Nushell to pnpm setup #​6476.

• Added two new flags to the pnpm audit command, --ignore and --ignore-unfixable #​8474.

  Ignore all vulnerabilities that have no solution:

  > pnpm audit --ignore-unfixable

  Provide a list of CVE's to ignore those specifically, even if they have a resolution.

  > pnpm audit --ignore=CVE-2021-1234 --ignore=CVE-2021-5678

• Added support for recursively running pack in every project of a workspace #​4351.

  Now you can run pnpm -r pack to pack all packages in the workspace.

Patch Changes

• pnpm version management should work, when dangerouslyAllowAllBuilds is set to true #​9472.
• pnpm link should work from inside a workspace #​9506.
• Set the default workspaceConcurrency to Math.min(os.availableParallelism(), 4) #​9493.
• Installation should not exit with an error if strictPeerDependencies is true but all issues are ignored by peerDependencyRules #​9505.
• Read updateConfig from pnpm-workspace.yaml #​9500.
• Add support for recursive pack
• Remove url.parse usage to fix warning on Node.js 24 #​9492.
• pnpm run should be able to run commands from the workspace root, if ignoreScripts is set tot true #​4858.

tailwindlabs/tailwindcss (tailwindcss)

v4.1.8

Compare Source

Added

• Improve error messages when @apply fails (#​18059)

Fixed

• Upgrade: Do not migrate declarations that look like candidates in <style> blocks (#​18057, 18068)
• Upgrade: Don't error when looking for tailwindcss in pnpm monorepos (#​18065)
• Upgrade: Don't error when updating dependencies in pnpm monorepos (#​18065)
• Upgrade: Migrate deprecated order-none to order-0 (#​18126)
• Support Leptos class: attributes when extracting classes (#​18093)
• Fix "Cannot read properties of undefined" crash on malformed arbitrary value (#​18133)
• Upgrade: Migrate -mt-[0px] to mt-[0px] instead of the other way around (#​18154)
• Fix Haml pre-processing crash when there is no \n at the end of the file (#​18155)
• Ignore .pnpm-store folders by default (can be overridden by @source … rules) (#​18163)
• Fix PostCSS crash when calling toJSON() (#​18083)

v4.1.7

Compare Source

Added

• Upgrade: Migrate bare values to named values (#​18000)
• Upgrade: Added cache to improve template migration performance (#​18025)

Fixed

• Allow _ before numbers during candidate extraction (#​17961)
• Prevent duplicate suggestions when using @theme and @utility together (#​17675)
• Ensure that media queries within ::before and ::after pseudo selectors create valid CSS rules in production builds (#​17979)
• Ensure that the standalone CLI does not leave temporary files behind (#​17981)
• Ensure -rotate-* utilities properly negate arbitrary values (#​18014)
• Ignore custom variants using :merge(…) selectors in legacy JS plugins (#​18020)
• Ensure classes containing . are properly extracted from Clojure files (#​18038)
• Upgrade: Fix error when using @import … source(…) (#​17963)
• Upgrade: Change casing of utilities with named values to kebab-case to match updated theme variables (#​18017)
• Upgrade: Don't migrate strings that match utility names in Vue attribute bindings other than class (#​18025)

SuperchupuDev/tinyglobby (tinyglobby)

v0.2.14

Compare Source

Fixed

• Root path joining on windows with help from 43081j and btea
• deep: 0 is no longer mistakenly interpreted as not set
• Parent directories in patterns are now correctly normalized to cwd

Changed

• Switched bundler from tsup to tsdown

vercel/turborepo (turbo)

v2.5.4

Compare Source

vuejs/core (vue)

v3.5.16

Compare Source

Reverts

• Revert "fix(compiler-sfc): add scoping tag to trailing universal selector (#​1…" (#​13406) (19f23b1), closes #​1 #​13406
• Revert "fix(compiler-sfc): add error handling for defineModel() without varia…" (#​13390) (42f879f), closes #​13390

v3.5.15

Compare Source

For stable releases, please refer to CHANGELOG.md for details.
For pre-releases, please refer to CHANGELOG.md of the minor branch.

v3.5.14

Compare Source

Bug Fixes

• compat: correct deprecation message for v-bind.sync usage (#​13137) (466b30f), closes #​13133
• compiler-core: remove slot cache from parent renderCache during unmounting (#​13215) (5d166f3)
• compiler-sfc: fix scope handling for props destructure in function parameters and catch clauses (8e34357), closes #​12790
• compiler-sfc: treat the return value of useTemplateRef as a definite ref (#​13197) (8ae1122)
• compiler: fix spelling error in domTagConfig (#​13043) (388295b)
• customFormatter: properly accessing ref value during debugger (#​12948) (fdbd026)
• hmr/teleport: adjust static children traversal for HMR in dev mode (#​12819) (5e37dd0), closes #​12816
• hmr: avoid hydration for hmr root reload (#​12450) (1f98a9c), closes vitejs/vite-plugin-vue#146 vitejs/vite-plugin-vue#477
• hmr: avoid hydration for hmr updating (#​12262) (9c4dbbc), closes #​7706 #​8170
• reactivity: ensure markRaw objects are not reactive (#​12824) (295b5ec), closes #​12807
• reactivity: ensure multiple effectScope on() and off() calls maintains correct active scope (22dcbf3), closes #​12631 #​12632 #​12641
• reactivity: should not recompute if computed does not track reactive data (#​12341) (0b23fd2), closes #​12337
• runtime-core: stop tracking deps in setRef during unmount (#​13210) (016c472)
• runtime-core: update __vnode of static nodes when patching along the optimized path (#​13223) (b3ecee3)
• runtime-core: inherit comment nodes during block patch in production build (#​10748) (6264505), closes #​10747 #​12650
• runtime-core: prevent unmounted vnode from being inserted during transition leave (#​12862) (d6a6ec1), closes #​12860
• runtime-core: respect immutability for readonly reactive arrays in v-for (#​13091) (3f27c58), closes #​13087
• runtime-dom: always treat autocorrect as attribute (#​13001) (1499135), closes #​5705
• slots: properly warn if slot invoked in setup (#​12195) (9196222), closes #​12194
• ssr: properly init slots during ssr rendering (#​12441) (2206cd2), closes #​12438
• transition: fix KeepAlive with transition out-in mode behavior in production (#​12468) (343c891), closes #​12465
• TransitionGroup: reset prevChildren to prevent memory leak (#​13183) (8b848cb), closes #​13181
• types: allow return any for Options API lifecycle hooks (#​5914) (06310e8)
• types: the directive's modifiers should be optional (#​12605) (10e54dc)
• typos: fix comments referencing transformElement.ts (#​12551)[ci-skip] (11c053a)

Features

• types: add type TemplateRef (#​12645) (636a861)

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
examples	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jun 10, 2025 4:37am