chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@iconify-json/carbon	1.1.26 -> 1.1.27
@types/node (source)	20.10.4 -> 20.10.7
@unocss/reset	0.58.0 -> 0.58.3
@vitejs/plugin-vue (source)	4.5.2 -> 4.6.2
@vueuse/core (source)	10.7.0 -> 10.7.1
axios (source)	1.6.2 -> 1.6.5
eslint (source)	8.55.0 -> 8.56.0
jsdom	23.0.1 -> 23.2.0
pnpm (source)	8.12.0 -> 8.14.0
unocss	0.58.0 -> 0.58.3
unplugin-auto-import	0.17.2 -> 0.17.3
vite (source)	5.0.7 -> 5.0.11
vitest (source)	1.0.4 -> 1.1.3
vue (source)	3.3.11 -> 3.4.5
vue-tsc (source)	1.8.25 -> 1.8.27

---

Release Notes

unocss/unocss (@​unocss/reset)

v0.58.3

Compare Source

   🚀 Features

• Introduce legacy-compat preset  -  by @​antfu and Simon He in https://github.com/unocss/unocss/issues/3480 (61b5d)
• preset-mini: Add appearance-auto utility  -  by @​navorite in https://github.com/unocss/unocss/issues/3470 (7c34b)
• preset-wind: Add svh, lvh and dvh values to default theme  -  by @​navorite and @​antfu in https://github.com/unocss/unocss/issues/3469 (7ec12)

   🐞 Bug Fixes

• nuxt: Temporary revert #​3448  -  by @​zyyv and @​antfu in https://github.com/unocss/unocss/issues/3482 and https://github.com/unocss/unocss/issues/3448 (b3905)

    View changes on GitHub

v0.58.2

Compare Source

   🚀 Features

• vscode: Introduce strictAnnotationMatch and turn on by default, close #​3278  -  by @​antfu in https://github.com/unocss/unocss/issues/3278 (8cbe6)

   🐞 Bug Fixes

• preset-wind: Add missing coma for Jello animation keyframes  -  by @​abensur in https://github.com/unocss/unocss/issues/3466 (532cc)

    View changes on GitHub

v0.58.1

Compare Source

   🚀 Features

• nuxt:
  • Inject uno.css adjustable  -  by @​zyyv in https://github.com/unocss/unocss/issues/3448 (da0e4)
• preset-mini:
  • Support css variable defaultValue  -  by @​zyyv in https://github.com/unocss/unocss/issues/3453 (b6014)
  • Support size-* shorthand  -  by @​Mini-ghost, @​zyyv and @​antfu in https://github.com/unocss/unocss/issues/3425 (7623e)
  • Add gap-(col &nbsp;-&nbsp; by @&#8203;yheuhtozr and @&#8203;antfu [<samp>(row)-)</samp>](https://togithub.com/unocss/unocss/commit/row)- shorthands (#​3423))
  • Support new color notation using css variables for compatibility  -  by @​LeekJay and @​antfu in https://github.com/unocss/unocss/issues/3437 (e9dcc)
• vscode:
  • Add rem to px preview on selection style  -  by @​zoeyzhao19 in https://github.com/unocss/unocss/issues/3464 (526c1)

   🐞 Bug Fixes

• eslint-plugin:
  • Provide correct docs link, close #​3461  -  by @​antfu in https://github.com/unocss/unocss/issues/3461 (f55cd)
• preset-attributify:
  • Nested attribute parsing  -  by @​2hu12 and @​zyyv in https://github.com/unocss/unocss/issues/3275 (a8d00)
  • Remove StringNumberComposition type for better perf  -  by @​zhiyuanzmj and @​zyyv in https://github.com/unocss/unocss/issues/3459 (f3b58)
• vscode:
  • RegisterUnocss cache rules  -  by @​Simon-He95 in https://github.com/unocss/unocss/issues/3428 (0ccde)

    View changes on GitHub

vueuse/vueuse (@​vueuse/core)

v10.7.1

Compare Source

   🚀 Features

• syncRef: Enhance type  -  by @​Doctor-wu in https://github.com/vueuse/vueuse/issues/3678 (dad66)

   🐞 Bug Fixes

• Fix tryOnMounted in vue2  -  by @​Doctor-wu in https://github.com/vueuse/vueuse/issues/3658 (ce420)
• nuxt: Stable optimizeDeps augmenting  -  by @​antfu (98985)
• useDropzone: Avoid circular reference  -  by @​diegopf in https://github.com/vueuse/vueuse/issues/3683 (15a38)
• useElementBounding: Trigger by css or style  -  by @​huiliangShen in https://github.com/vueuse/vueuse/issues/3664 (70dbd)
• useIpcRenderer: Set explicit return type  -  by @​antfu (dd820)
• useMouse: Handle Touch class compatibility for Firefox  -  by @​elschilling in https://github.com/vueuse/vueuse/issues/3679 (5719b)
• useVirtualList: Ensure component applies overflow style  -  by @​reubns in https://github.com/vueuse/vueuse/issues/3626 (286c3)

    View changes on GitHub

axios/axios (axios)

v1.6.5

Compare Source

Bug Fixes

• ci: refactor notify action as a job of publish action; (#​6176) (0736f95)
• dns: fixed lookup error handling; (#​6175) (f4f2b03)

Contributors to this release

• Dmitriy Mozgovoy
• Jay

v1.6.4

Compare Source

Bug Fixes

• security: fixed formToJSON prototype pollution vulnerability; (#​6167) (3c0c11c)
• security: fixed security vulnerability in follow-redirects (#​6163) (75af1cd)

Contributors to this release

• Jay
• Dmitriy Mozgovoy
• Guy Nesher

v1.6.3

Compare Source

Bug Fixes

• Regular Expression Denial of Service (ReDoS) (#​6132) (5e7ad38)

Contributors to this release

• Jay
• Willian Agostini
• Dmitriy Mozgovoy

eslint/eslint (eslint)

v8.56.0

Compare Source

Features

• 0dd9704 feat: Support custom severity when reporting unused disable directives (#​17212) (Bryan Mishkin)
• 31a7e3f feat: fix no-restricted-properties false negatives with unknown objects (#​17818) (Arka Pratim Chaudhuri)

Bug Fixes

• 7d5e5f6 fix: TypeError: fs.exists is not a function on read-only file system (#​17846) (Francesco Trotta)
• 74739c8 fix: suggestion with invalid syntax in no-promise-executor-return rule (#​17812) (Bryan Mishkin)

Documentation

• 9007719 docs: update link in ways-to-extend.md (#​17839) (Amel SELMANE)
• 3a22236 docs: Update README (GitHub Actions Bot)
• 54c3ca6 docs: fix migration-guide example (#​17829) (Tanuj Kanti)
• 4391b71 docs: check config comments in rule examples (#​17815) (Francesco Trotta)
• fd28363 docs: remove mention about ESLint stylistic rules in readme (#​17810) (Zwyx)
• 48ed5a6 docs: Update README (GitHub Actions Bot)

Chores

• ba6af85 chore: upgrade @​eslint/js@​8.56.0 (#​17864) (Milos Djermanovic)
• 60a531a chore: package.json update for @​eslint/js release (Jenkins)
• ba87a06 chore: update dependency markdownlint to ^0.32.0 (#​17783) (renovate[bot])
• 9271d10 chore: add GitHub issue template for docs issues (#​17845) (Josh Goldberg ✨)
• 70a686b chore: Convert rule tests to FlatRuleTester (#​17819) (Nicholas C. Zakas)
• f3a599d chore: upgrade eslint-plugin-unicorn to v49.0.0 (#​17837) (唯然)
• 905d4b7 chore: upgrade eslint-plugin-eslint-plugin v5.2.1 (#​17838) (唯然)
• 4d7c3ce chore: update eslint-plugin-n v16.4.0 (#​17836) (唯然)
• fd0c60c ci: unpin Node.js 21.2.0 (#​17821) (Francesco Trotta)

jsdom/jsdom (jsdom)

v23.2.0

Compare Source

This release switches our CSS selector engine from nwsapi to @asamuzakjp/dom-selector. The new engine is more actively maintained, and supports many new selectors: see the package's documentation for the full list. It also works better with shadow trees.

There is a potential of a performance regression due to this change. In our stress test benchmark, which runs most of these 273 selectors against this 128 KiB document, the new engine completes the benchmark only 0.25x as fast. However, we're hopeful that in more moderate usage this will not be a significant issue. Any help speeding up @asamuzakjp/dom-selector is appreciated, and feel free to open an issue if this has had a significant impact on your project.

v23.1.0

Compare Source

• Added an initial implementation of ElementInternals, including the shadowRoot getter and the string-valued ARIA properties. (zjffun)
• Added the string-valued ARIA attribute-reflecting properties to Element.
• Fixed history.pushState() and history.replaceState() to follow the latest specification, notably with regards to how they handle empty string inputs and what new URLs are possible.
• Fixed the input.valueAsANumber setter to handle NaN correctly. (alexandertrefz)
• Updated various dependencies, including cssstyle which contains several bug fixes.

pnpm/pnpm (pnpm)

v8.14.0

Compare Source

Minor Changes

• A new option added for hoisting packages from the workspace. When hoist-workspace-packages is set to true, packages from the workspace are symlinked to either <workspace_root>/node_modules/.pnpm/node_modules or to <workspace_root>/node_modules depending on other hoisting settings (hoist-pattern and public-hoist-pattern) #​7451.
• The pnpm dedupe command now accepts more command line options that the pnpm install command also accepts. Example: pnpm dedupe --store-dir=local-store-dir

Patch Changes

• The package information output by cat-index should be sorted by key.
• pnpm deploy should not touch the target directory if it already exists and isn't empty #​7351.
• pnpm add a-module-already-in-dev-deps will show a message to notice the user that the package was not moved to "dependencies" #​926 and fix #​7319.
• Don't install Node.js when use-node-version is set in a WebContainer #​7478.
• Fix copy-on-write on Windows Dev Drives #​7468.

Our Gold Sponsors

Our Silver Sponsors

v8.13.1

Minor Changes

• New commands added for inspecting the store:

  • pnpm cat-index: Prints the index file of a specific package in the store. The package is specified by its name and version:

    pnpm cat-index <pkg name>@&#8203;<pkg version>
    

  • pnpm cat-file: Prints the contents of a file based on the hash value stored in the index file. For example:

    pnpm cat-file sha512-mvavhfVcEREI7d8dfvfvIkuBLnx7+rrkHHnPi8mpEDUlNpY4CUY+CvJ5mrrLl18iQYo1odFwBV7z/cOypG7xxQ==
    

  • (EXPERIMENTAL) pnpm find-hash: Lists the packages that include the file with the specified hash. For example:

    pnpm find-hash sha512-mvavhfVcEREI7d8dfvfvIkuBLnx7+rrkHHnPi8mpEDUlNpY4CUY+CvJ5mrrLl18iQYo1odFwBV7z/cOypG7xxQ==
    

    This command is experimental. We might change how it behaves.

  Related issue: #​7413.

• A new setting added for symlinking injected dependencies from the workspace, if their dependencies use the same peer dependencies as the dependent package. The setting is called dedupe-injected-deps #​7416.

• Use --fail-if-no-match if you want the CLI fail if no packages were matched by the command #​7403.

Patch Changes

• pnpm list --parseable should not print the same dependency multiple times #​7429.
• Fix error message texts in the pnpm env commands #​7456.
• Better support for light themed terminals by the pnpm update --interactive command #​7439.
• Fix EPERM error that occasionally happened on Windows during renames in the store #​7213.
• Fix error as in update -i -r with Git specifiers #​7415.
• Added support for boolean values in 'bundleDependencies' package.json fields when installing a dependency. Fix to properly handle 'bundledDependencies' alias #​7411.

Our Gold Sponsors

Our Silver Sponsors

v8.12.1

Compare Source

Patch Changes

• Don't report dependencies with optional dependencies as being added on repeat install. This was a bug in reporting #​7384.
• Fix a bug where --fix-lockfile crashes on tarballs #​7368.
• Do not create empty patch directory.
• Installation should not fail if an empty node_modules directory cannot be removed #​7405.

Our Gold Sponsors

Our Silver Sponsors

unplugin/unplugin-auto-import (unplugin-auto-import)

v0.17.3

Compare Source

   🚀 Features

• Support unimport parser  -  by @​antfu (88f41)

    View changes on GitHub

vitejs/vite (vite)

v5.0.11

Compare Source

• fix: don't pretransform classic script links (#​15361) (19e3c9a), closes #​15361
• fix: inject __vite__mapDeps code before sourcemap file comment (#​15483) (d2aa096), closes #​15483
• fix(assets): avoid splitting , inside base64 value of srcset attribute (#​15422) (8de7bd2), closes #​15422
• fix(html): handle offset magic-string slice error (#​15435) (5ea9edb), closes #​15435
• chore(deps): update dependency strip-literal to v2 (#​15475) (49d21fe), closes #​15475
• chore(deps): update tj-actions/changed-files action to v41 (#​15476) (2a540ee), closes #​15476

v5.0.10

Compare Source

• fix: omit protocol does not require pre-transform (#​15355) (d9ae1b2), closes #​15355
• fix(build): use base64 for inline SVG if it contains both single and double quotes (#​15271) (1bbff16), closes #​15271

v5.0.9

Compare Source

• fix: htmlFallbackMiddleware for favicon (#​15301) (c902545), closes #​15301
• fix: more stable hash calculation for depsOptimize (#​15337) (2b39fe6), closes #​15337
• fix(scanner): catch all external files for glob imports (#​15286) (129d0d0), closes #​15286
• fix(server): avoid chokidar throttling on startup (#​15347) (56a5740), closes #​15347
• fix(worker): replace import.meta correctly for IIFE worker (#​15321) (08d093c), closes #​15321
• feat: log re-optimization reasons (#​15339) (b1a6c84), closes #​15339
• chore: temporary typo (#​15329) (7b71854), closes #​15329
• perf: avoid computing paths on each request (#​15318) (0506812), closes #​15318
• perf: temporary hack to avoid fs checks for /@​react-refresh (#​15299) (b1d6211), closes #​15299

v5.0.8

Compare Source

• perf: cached fs utils (#​15279) (c9b61c4), closes #​15279
• fix: missing warmupRequest in transformIndexHtml (#​15303) ([103820f](https://togithub.com/vitejs/vite/commit/103

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.