build(deps-dev): bump the devdependencies group across 1 directory with 4 updates

[dependabot]

Bumps the devdependencies group with 4 updates in the / directory: @types/node, lefthook, tsup and vitest.

Updates @types/node from 22.10.7 to 22.13.5

Commits

• See full diff in compare view

Updates lefthook from 1.10.10 to 1.11.0

Release notes

Sourced from lefthook's releases.

v1.11.0

Changelog

• ef9a000bd28c8eb6a79f3677799ce0a1b642e0e9 docs(changelog): add links to users
• 45126bf9b1d11559594cc9c43d8d69e7ec4e625e perf: speed up git commands (#956)

v1.10.11

Changelog

• 358b1ced55d0a8ad7712680d68ce60ed56c2171e ci: use ubuntu-latest for gh-pages publish workflow
• 2f59812baaff99db8718a3e831c8c6f3ece6bed0 deps: bump github.com/briandowns/spinner from 1.23.1 to 1.23.2 (#935) (#940)
• 7b6e8817e12c925ba56d65701c76b9607ea5e780 deps: bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#952) (#958)
• a4ae15c0ab6091ee63d1e791ecca1135ac0fc2d1 fix(jsonschema): add $schema property (#942)

Changelog

Sourced from lefthook's changelog.

1.11.0 (2025-02-23)

• perf: speed up git commands (#956) by @​judofyr

1.10.11 (2025-02-21)

• deps: bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#952) (#958) by @​mrexox
• fix: add $schema property (#942) by @​mst-mkt
• deps: bump github.com/briandowns/spinner from 1.23.1 to 1.23.2 (#935) (#940) by @​mrexox

Commits

• 8a7f844 1.11.0: improve performance
• ef9a000 docs(changelog): add links to users
• 45126bf perf: speed up git commands (#956)
• 632c4cf 1.10.11: add $schema attribute and update deps
• 7b6e881 deps: bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#952) (#958)
• a4ae15c fix(jsonschema): add $schema property (#942)
• 6ad8b52 docs: fix templates override example lefthook-local.yml (#951)
• 358b1ce ci: use ubuntu-latest for gh-pages publish workflow
• d87b8d4 docs: describe the unusual behaviour of ** in glob option (#941)
• 2f59812 deps: bump github.com/briandowns/spinner from 1.23.1 to 1.23.2 (#935) (#940)
• Additional commits viewable in compare view

Updates tsup from 8.3.5 to 8.3.6

Release notes

Sourced from tsup's releases.

v8.3.6

   🐞 Bug Fixes

• Don't await sub-process of onSuccess  -  by @​laat in egoist/tsup#1256 (314a6)

    View changes on GitHub

Commits

• bee8f42 chore: release v8.3.6
• 86c3b0b chore: fix pass options
• 314a6d7 fix: don't await sub-process of onSuccess (#1256)
• See full diff in compare view

Updates vitest from 3.0.3 to 3.0.6

Release notes

Sourced from vitest's releases.

v3.0.6

   🐞 Bug Fixes

• Fix getMockedSystemTime for useFakeTimer  -  by @​hi-ogawa in vitest-dev/vitest#7405 (03912)
• Compat for jest-image-snapshot  -  by @​hi-ogawa in vitest-dev/vitest#7390 (9542b)
• Ensure project names are readable in dark terminals  -  by @​rgrove in vitest-dev/vitest#7371 (bb94c)
• Exclude queueMicrotask from default fake timers to not break node fetch  -  by @​hi-ogawa in vitest-dev/vitest#7505 (167a9)
• browser:
  • Fix mocking modules out of root  -  by @​hi-ogawa in vitest-dev/vitest#7415 (d3acb)
  • Fix toHaveClass typing  -  by @​hi-ogawa in vitest-dev/vitest#7383 (7ef23)
  • Relax locator selectors methods  -  by @​sheremet-va in vitest-dev/vitest#7422 (1b8c5)
  • Resolve thread count from maxWorkers  -  by @​AriPerkkio in vitest-dev/vitest#7483 (adbb2)
  • Cleanup timeout on resolve and give more information in the error  -  by @​sheremet-va in vitest-dev/vitest#7487 (5a45a)
• coverage:
  • vite-node to pass correct execution wrapper offset  -  by @​AriPerkkio in vitest-dev/vitest#7417 (1f2e5)
  • Preserve moduleExecutionInfo in non-isolated runs  -  by @​AriPerkkio in vitest-dev/vitest#7486 (f31a0)
• deps:
  • Update all non-major dependencies  -  by @​hi-ogawa in vitest-dev/vitest#7363 (e348b)
  • Update all non-major dependencies  -  by @​hi-ogawa in vitest-dev/vitest#7507 (6cc40)
• init:
  • Invalid browser config  -  by @​AriPerkkio in vitest-dev/vitest#7475 (8fe64)
• reporters:
  • Render tasks in tree when in TTY  -  by @​AriPerkkio in vitest-dev/vitest#7503 (027ce)
• vite-node:
  • Remove fake first line mapping on Vite 6  -  by @​hi-ogawa in vitest-dev/vitest#7124 (b9973)
• watch:
  • Properly remove cache after removing existing test files  -  by @​soc221b in vitest-dev/vitest#7399 (01a59)
• workspace:
  • Forward inspect related cli options  -  by @​AriPerkkio in vitest-dev/vitest#7373 (ed15b)

    View changes on GitHub

v3.0.5

This release includes security patches for:

• Remote Code Execution when accessing a malicious website while Vitest API server is listening | CVE-2025-24964

🚀 Features

• ui: Insert message "no tests found" in ui - by @​DevJoaoLopes in vitest-dev/vitest#7366 (92da4)

🐞 Bug Fixes

• Validate websocket request - by @​hi-ogawa and @​AriPerkkio in vitest-dev/vitest#7317 (191ef)
• Don't toggle cli cursor on non-TTY - by @​AriPerkkio in vitest-dev/vitest#7336 (3c805)
• vite-node: Differentiate file url with hash and query - by @​hi-ogawa in vitest-dev/vitest#7365 (926ca)

View changes on GitHub

v3.0.4

... (truncated)

Commits

• 9584be3 chore: release v3.0.6
• 027ce9b fix(reporters): render tasks in tree when in TTY (#7503)
• b62ac22 chore: use tinyglobby instead of fast-glob in Vitest (#7504)
• 167a98d fix: exclude queueMicrotask from default fake timers to not break node fetc...
• 6cc408d fix(deps): update all non-major dependencies (#7507)
• 8f13825 docs: fix sequence.hooks: 'stack' as default (#7492)
• f31a07b fix(coverage): preserve moduleExecutionInfo in non-isolated runs (#7486)
• 5a45a7c fix(browser): cleanup timeout on resolve and give more information in the err...
• accd2ed refactor: enable isolatedDeclarations (#7473)
• 1f2e555 fix(coverage): vite-node to pass correct execution wrapper offset (#7417)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #84.