fix(deps): update auto merge on patch or minor

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@commitlint/cli (source)	19.7.1 -> 19.8.0
@commitlint/config-conventional (source)	19.7.1 -> 19.8.0
@commitlint/prompt-cli (source)	19.7.1 -> 19.8.0
@faker-js/faker (source)	9.5.1 -> 9.6.0
@mui/icons-material (source)	6.4.6 -> 6.4.7
@mui/material (source)	6.4.6 -> 6.4.7
@types/node (source)	22.13.8 -> 22.13.9
@typescript-eslint/eslint-plugin (source)	8.25.0 -> 8.26.0
@typescript-eslint/parser (source)	8.25.0 -> 8.26.0
axios (source)	1.8.1 -> 1.8.2
axios (source)	^1.8.1 -> ^1.8.2
eslint-config-prettier	10.0.2 -> 10.1.1
ioredis	^5.5.0 -> ^5.6.0
pnpm (source)	10.5.2 -> 10.6.1
pulsar-client (source)	1.12.0 -> 1.13.0
pulsar-client (source)	^1.12.0 -> ^1.13.0
react-router (source)	7.2.0 -> 7.3.0
typescript-eslint (source)	8.25.0 -> 8.26.0
vite (source)	6.2.0 -> 6.2.1
worker-timers	8.0.17 -> 8.0.18

---

Release Notes

conventional-changelog/commitlint (@​commitlint/cli)

v19.8.0

Compare Source

Performance Improvements

• use node: prefix to bypass require.cache call for builtins (#​4302) (0cd8f41)

19.7.1 (2025-02-02)

Note: Version bump only for package @​commitlint/cli

19.6.1 (2024-12-15)

Note: Version bump only for package @​commitlint/cli

conventional-changelog/commitlint (@​commitlint/config-conventional)

v19.8.0

Compare Source

Performance Improvements

• use node: prefix to bypass require.cache call for builtins (#​4302) (0cd8f41)

19.7.1 (2025-02-02)

Note: Version bump only for package @​commitlint/config-conventional

conventional-changelog/commitlint (@​commitlint/prompt-cli)

v19.8.0

Compare Source

Performance Improvements

• use node: prefix to bypass require.cache call for builtins (#​4302) (0cd8f41)

19.7.1 (2025-02-02)

Note: Version bump only for package @​commitlint/prompt-cli

faker-js/faker (@​faker-js/faker)

v9.6.0

Compare Source

Features

• finance: add ISO 4217 numerical codes to Currency (#​3404) (ae9aec6)
• number: bigint multipleOf (#​3402) (7b4f85a)

mui/material-ui (@​mui/icons-material)

v6.4.7

Compare Source

mui/material-ui (@​mui/material)

v6.4.7

Compare Source

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.26.0

Compare Source

🚀 Features

• eslint-plugin: [unified-signatures] support ignoring overload signatures with different JSDoc comments (#​10781)
• eslint-plugin: [explicit-module-boundary-types] add an option to ignore overload implementations (#​10889)
• eslint-plugin: [no-unused-var] handle implicit exports in declaration files (#​10714)
• support TypeScript 5.8 (#​10903)
• eslint-plugin: [no-unnecessary-type-parameters] special case tuples and parameter location arrays as single-use (#​9536)

🩹 Fixes

• eslint-plugin: [no-unnecessary-type-assertion] handle unknown (#​10875)
• eslint-plugin: [no-invalid-void-type] report accessor properties with an invalid void type (#​10864)
• eslint-plugin: [unified-signatures] does not differentiate truly private methods (#​10806)

❤️ Thank You

• Andrea Simone Costa @​jfet97
• Dirk Luijk @​dirkluijk
• Ronen Amiel
• YeonJuan @​yeonjuan
• Yukihiro Hasegawa @​y-hsgw

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.26.0

Compare Source

🚀 Features

• support TypeScript 5.8 (#​10903)

❤️ Thank You

• Dirk Luijk @​dirkluijk

You can read about our versioning strategy and releases on our website.

axios/axios (axios)

v1.8.2

Compare Source

Bug Fixes

• http-adapter: add allowAbsoluteUrls to path building (#​6810) (fb8eec2)

Contributors to this release

• Fasoro-Joseph Alexander

prettier/eslint-config-prettier (eslint-config-prettier)

v10.1.1

Compare Source

Patch Changes

• #​309 eb56a5e Thanks @​JounQin! - fix: separate the /flat entry for compatibility

  For flat config users, the previous "eslint-config-prettier" entry still works, but "eslint-config-prettier/flat" adds a new name property for config-inspector, we just can't add it for the default entry for compatibility.

  See also #​308

  // before
  import eslintConfigPrettier from "eslint-config-prettier";
  
  // after
  import eslintConfigPrettier from "eslint-config-prettier/flat";

v10.1.0

Compare Source

Minor Changes

• #​306 56e2e34 Thanks @​JounQin! - feat: migrate to exports field

v10.0.3

Compare Source

Patch Changes

• #​294 8dbbd6d Thanks @​FloEdelmann! - feat: add name to config

• #​280 cba5737 Thanks @​zanminkian! - feat: add declaration file

luin/ioredis (ioredis)

v5.6.0

Compare Source

Features

• Sharded pub/sub support via dedicated subscribers (#​1956) (963a395)

pnpm/pnpm (pnpm)

v10.6.1

Compare Source

Patch Changes

• The pnpm CLI process should not stay hanging, when --silent reporting is used.
• When --loglevel is set to error, don't show installation summary, execution time, and big tarball download progress.
• Don't ignore pnpm.patchedDependencies from package.json #​9226.
• When executing the approve-builds command, if package.json contains onlyBuiltDependencies or ignoredBuiltDependencies, the selected dependency package will continue to be written into package.json.
• When a package version cannot be found in the package metadata, print the registry from which the package was fetched.

v10.6.0

Compare Source

Minor Changes

• pnpm-workspace.yaml can now hold all the settings that .npmrc accepts. The settings should use camelCase #​9211.

  pnpm-workspace.yaml example:

  verifyDepsBeforeRun: install
  optimisticRepeatInstall: true
  publicHoistPattern:
    - "*types*"
    - "!@​types/react"

• Projects using a file: dependency on a local tarball file (i.e. .tgz, .tar.gz, .tar) will see a performance improvement during installation. Previously, using a file: dependency on a tarball caused the lockfile resolution step to always run. The lockfile will now be considered up-to-date if the tarball is unchanged.

Patch Changes

• pnpm self-update should not leave a directory with a broken pnpm installation if the installation fails.
• fast-glob replace with tinyglobby to reduce the size of the pnpm CLI dependencies #​9169.
• pnpm deploy should not remove fields from the deployed package's package.json file #​9215.
• pnpm self-update should not read the pnpm settings from the package.json file in the current working directory.
• Fix pnpm deploy creating a package.json without the imports and license field #​9193.
• pnpm update -i should list only packages that have newer versions #​9206.
• Fix a bug causing entries in the catalogs section of the pnpm-lock.yaml file to be removed when dedupe-peer-dependents=false on a filtered install. #​9112

apache/pulsar-client-node (pulsar-client)

v1.13.0

Compare Source

What's Changed

• Bump the master version to 1.13.0 by @​shibd in https://github.com/apache/pulsar-client-node/pull/393
• Support set log level of cpp client by @​shibd in https://github.com/apache/pulsar-client-node/pull/398
• [improve][client] Adding support for token supplier for the AuthenticationToken by @​Bouk250 in https://github.com/apache/pulsar-client-node/pull/395
• Update cpp client to 3.7.0 by @​shibd in https://github.com/apache/pulsar-client-node/pull/401
• add schema producer and consumer example by @​shibd in https://github.com/apache/pulsar-client-node/pull/402
• Fix message might lost when use listener (@​shibd in https://github.com/apache/pulsar-client-node/pull/406

New Contributors

• @​Bouk250 made their first contribution in https://github.com/apache/pulsar-client-node/pull/395

Full Changelog: apache/pulsar-client-node@v1.12.0...v1.13.0

remix-run/react-router (react-router)

v7.3.0

Compare Source

Minor Changes

• Add fetcherKey as a parameter to patchRoutesOnNavigation (#​13061)

  • In framework mode, Lazy Route Discovery will now detect manifest version mismatches after a new deploy
  • On navigations to undiscovered routes, this mismatch will trigger a document reload of the destination path
  • On fetcher calls to undiscovered routes, this mismatch will trigger a document reload of the current path

Patch Changes

• Skip resource route flow in dev server in SPA mode (#​13113)

• Support middleware on routes (unstable) (#​12941)

  Middleware is implemented behind a future.unstable_middleware flag. To enable, you must enable the flag and the types in your react-router-config.ts file:

  import type { Config } from "@​react-router/dev/config";
  import type { Future } from "react-router";
  
  declare module "react-router" {
    interface Future {
      unstable_middleware: true; // 👈 Enable middleware types
    }
  }
  
  export default {
    future: {
      unstable_middleware: true, // 👈 Enable middleware
    },
  } satisfies Config;

  ⚠️ Middleware is unstable and should not be adopted in production. There is at least one known de-optimization in route module loading for clientMiddleware that we will be addressing this before a stable release.

  ⚠️ Enabling middleware contains a breaking change to the context parameter passed to your loader/action functions - see below for more information.

  Once enabled, routes can define an array of middleware functions that will run sequentially before route handlers run. These functions accept the same parameters as loader/action plus an additional next parameter to run the remaining data pipeline. This allows middlewares to perform logic before and after handlers execute.

  // Framework mode
  export const unstable_middleware = [serverLogger, serverAuth]; // server
  export const unstable_clientMiddleware = [clientLogger]; // client
  
  // Library mode
  const routes = [
    {
      path: "/",
      // Middlewares are client-side for library mode SPA's
      unstable_middleware: [clientLogger, clientAuth],
      loader: rootLoader,
      Component: Root,
    },
  ];

  Here's a simple example of a client-side logging middleware that can be placed on the root route:

  const clientLogger: Route.unstable_ClientMiddlewareFunction = async (
    { request },
    next
  ) => {
    let start = performance.now();
  
    // Run the remaining middlewares and all route loaders
    await next();
  
    let duration = performance.now() - start;
    console.log(`Navigated to ${request.url} (${duration}ms)`);
  };

  Note that in the above example, the next/middleware functions don't return anything. This is by design as on the client there is no "response" to send over the network like there would be for middlewares running on the server. The data is all handled behind the scenes by the stateful router.

  For a server-side middleware, the next function will return the HTTP Response that React Router will be sending across the wire, thus giving you a chance to make changes as needed. You may throw a new response to short circuit and respond immediately, or you may return a new or altered response to override the default returned by next().

  const serverLogger: Route.unstable_MiddlewareFunction = async (
    { request, params, context },
    next
  ) => {
    let start = performance.now();
  
    // 👇 Grab the response here
    let res = await next();
  
    let duration = performance.now() - start;
    console.log(`Navigated to ${request.url} (${duration}ms)`);
  
    // 👇 And return it here (optional if you don't modify the response)
    return res;
  };

  You can throw a redirect from a middleware to short circuit any remaining processing:

  import { sessionContext } from "../context";
  const serverAuth: Route.unstable_MiddlewareFunction = (
    { request, params, context },
    next
  ) => {
    let session = context.get(sessionContext);
    let user = session.get("user");
    if (!user) {
      session.set("returnTo", request.url);
      throw redirect("/login", 302);
    }
  };

  Note that in cases like this where you don't need to do any post-processing you don't need to call the next function or return a Response.

  Here's another example of using a server middleware to detect 404s and check the CMS for a redirect:

  const redirects: Route.unstable_MiddlewareFunction = async ({
    request,
    next,
  }) => {
    // attempt to handle the request
    let res = await next();
  
    // if it's a 404, check the CMS for a redirect, do it last
    // because it's expensive
    if (res.status === 404) {
      let cmsRedirect = await checkCMSRedirects(request.url);
      if (cmsRedirect) {
        throw redirect(cmsRedirect, 302);
      }
    }
  
    return res;
  };

  context parameter

  When middleware is enabled, your application will use a different type of context parameter in your loaders and actions to provide better type safety. Instead of AppLoadContext, context will now be an instance of ContextProvider that you can use with type-safe contexts (similar to React.createContext):

  import { unstable_createContext } from "react-router";
  import { Route } from "./+types/root";
  import type { Session } from "./sessions.server";
  import { getSession } from "./sessions.server";
  
  let sessionContext = unstable_createContext<Session>();
  
  const sessionMiddleware: Route.unstable_MiddlewareFunction = ({
    context,
    request,
  }) => {
    let session = await getSession(request);
    context.set(sessionContext, session);
    //                          ^ must be of type Session
  };
  
  // ... then in some downstream middleware
  const loggerMiddleware: Route.unstable_MiddlewareFunction = ({
    context,
    request,
  }) => {
    let session = context.get(sessionContext);
    //  ^ typeof Session
    console.log(session.get("userId"), request.method, request.url);
  };
  
  // ... or some downstream loader
  export function loader({ context }: Route.LoaderArgs) {
    let session = context.get(sessionContext);
    let profile = await getProfile(session.get("userId"));
    return { profile };
  }

  If you are using a custom server with a getLoadContext function, the return value for initial context values passed from the server adapter layer is no longer an object and should now return an unstable_InitialContext (Map<RouterContext, unknown>):

  let adapterContext = unstable_createContext<MyAdapterContext>();
  
  function getLoadContext(req, res): unstable_InitialContext {
    let map = new Map();
    map.set(adapterContext, getAdapterContext(req));
    return map;
  }

• Fix types for loaderData and actionData that contained Records (#​13139)

  UNSTABLE(BREAKING):

  unstable_SerializesTo added a way to register custom serialization types in Single Fetch for other library and framework authors like Apollo.
  It was implemented with branded type whose branded property that was made optional so that casting arbitrary values was easy:

  // without the brand being marked as optional
  let x1 = 42 as unknown as unstable_SerializesTo<number>;
  //          ^^^^^^^^^^
  
  // with the brand being marked as optional
  let x2 = 42 as unstable_SerializesTo<number>;

  However, this broke type inference in loaderData and actionData for any Record types as those would now (incorrectly) match unstable_SerializesTo.
  This affected all users, not just those that depended on unstable_SerializesTo.
  To fix this, the branded property of unstable_SerializesTo is marked as required instead of optional.

  For library and framework authors using unstable_SerializesTo, you may need to add as unknown casts before casting to unstable_SerializesTo.

• [REMOVE] Remove middleware depth logic and always call middlware for all matches (#​13172)

• Fix single fetch _root.data requests when a basename is used (#​12898)

• Add context support to client side data routers (unstable) (#​12941)

  Your application loader and action functions on the client will now receive a context parameter. This is an instance of unstable_RouterContextProvider that you use with type-safe contexts (similar to React.createContext) and is most useful with the corresponding middleware/clientMiddleware API's:

  import { unstable_createContext } from "react-router";
  
  type User = {
    /*...*/
  };
  
  let userContext = unstable_createContext<User>();
  
  function sessionMiddleware({ context }) {
    let user = await getUser();
    context.set(userContext, user);
  }
  
  // ... then in some downstream loader
  function loader({ context }) {
    let user = context.get(userContext);
    let profile = await getProfile(user.id);
    return { profile };
  }

  Similar to server-side requests, a fresh context will be created per navigation (or fetcher call). If you have initial data you'd like to populate in the context for every request, you can provide an unstable_getContext function at the root of your app:

  • Library mode - createBrowserRouter(routes, { unstable_getContext })
  • Framework mode - <HydratedRouter unstable_getContext>

  This function should return an value of type unstable_InitialContext which is a Map<unstable_RouterContext, unknown> of context's and initial values:

  const loggerContext = unstable_createContext<(...args: unknown[]) => void>();
  
  function logger(...args: unknown[]) {
    console.log(new Date.toISOString(), ...args);
  }
  
  function unstable_getContext() {
    let map = new Map();
    map.set(loggerContext, logger);
    return map;
  }

typescript-eslint/typescript-eslint (typescript-eslint)

v8.26.0

Compare Source

🚀 Features

• support TypeScript 5.8 (#​10903)

❤️ Thank You

• Dirk Luijk @​dirkluijk

You can read about our versioning strategy and releases on our website.

vitejs/vite (vite)

v6.2.1

Compare Source

• refactor: remove isBuild check from preAliasPlugin (#​19587) (c9e086d), closes #​19587
• refactor: restore endsWith usage (#​19554) (6113a96), closes #​19554
• refactor: use applyToEnvironment in internal plugins (#​19588) (f678442), closes #​19588
• fix(css): stabilize css module hashes with lightningcss in dev mode (#​19481) (92125b4), closes #​19481
• fix(deps): update all non-major dependencies (#​19555) (f612e0f), closes #​19555
• fix(reporter): fix incorrect bundle size calculation with non-ASCII characters (#​19561) (437c0ed), closes #​19561
• fix(sourcemap): combine sourcemaps with multiple sources without matched source (#​18971) (e3f6ae1), closes #​18971
• fix(ssr): named export should overwrite export all (#​19534) (2fd2fc1), closes #​19534
• feat: add *?url&no-inline type and warning for .json?inline / .json?no-inline (#​19566) (c0d3667), closes #​19566
• test: add glob import test case (#​19516) (aa1d807), closes #​19516
• test: convert config playground to unit tests (#​19568) (c0e68da), closes #​19568
• test: convert resolve-config playground to unit tests (#​19567) (db5fb48), closes #​19567
• perf: flush compile cache after 10s (#​19537) (6c8a5a2), closes #​19537
• chore(css): move environment destructuring after condition check (#​19492) (c9eda23), closes #​19492
• chore(html): remove unnecessary value check (#​19491) (797959f), closes #​19491

chrisguttandin/worker-timers (worker-timers)

v8.0.18

Compare Source

all commits

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.