chore(deps): lock file maintenance npm packages

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
		lockFileMaintenance	All locks refreshed
@napi-rs/cli	pnpm.catalog.default	minor	3.1.2 -> 3.2.0
@napi-rs/wasm-runtime (source)	devDependencies	patch	1.0.3 -> 1.0.5
@types/node (source)	devDependencies	minor	24.3.1 -> 24.4.0
@types/react (source)	devDependencies	patch	19.1.12 -> 19.1.13
dprint	devDependencies	patch	0.50.1 -> 0.50.2
oxlint (source)	devDependencies	minor	1.14.0 -> 1.15.0
rolldown (source)	devDependencies	patch	1.0.0-beta.35 -> 1.0.0-beta.37
pnpm (source)	packageManager	minor	10.15.1 -> 10.16.1

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Release Notes

napi-rs/napi-rs (@​napi-rs/cli)

v3.2.0

Compare Source

What's Changed

• feat(target): add support for loongarch64-unknown-linux-gnu by @​SkyBird233 in #​2887
• chore(cli): throw error if wasi file not found when NAPI_RS_FORCE_WASI=error by @​Brooooooklyn in #​2919

New Contributors

• @​SkyBird233 made their first contribution in #​2887

Full Changelog: https://github.com/napi-rs/napi-rs/compare/napi-v3.3.0...@​napi-rs/[email protected]

v3.1.5

Compare Source

What's Changed

• chore(cli): skip already published native packages by @​Brooooooklyn in #​2874

Full Changelog: https://github.com/napi-rs/napi-rs/compare/napi-v3.2.3...@​napi-rs/[email protected]

v3.1.4

Compare Source

v3.1.3

Compare Source

napi-rs/napi-rs (@​napi-rs/wasm-runtime)

v1.0.5

Compare Source

v1.0.4

Compare Source

dprint/dprint (dprint)

v0.50.2

Compare Source

Changes

• fix: upgrade wasmer to 6.1.0-rc.3 to fix build failure with Rust ≥ 1.89.0 (#​1021)
• fix: ignore empty proxy env (#​1014)

Install

Run dprint upgrade or see https://dprint.dev/install/

Checksums

Artifact	SHA-256 Checksum
dprint-x86_64-apple-darwin.zip	61becbf8d1b16540e364a4f00be704266ae322ee0ff3ba66a4a21033f66a8d55
dprint-aarch64-apple-darwin.zip	f534bcc054947ab2a42c069b5f6027914d252729bd15c1109812313b35a662a5
dprint-x86_64-pc-windows-msvc.zip	2dbdb57106818acd930a00bc0c2c33370bd4c7265f78a6cda000e3621f2d3c1c
dprint-x86_64-pc-windows-msvc-installer.exe	0b2dab815dd68501b7418831157a907a4db89b84b623a71c1deb486a08244b83
dprint-x86_64-unknown-linux-gnu.zip	95c7e633a67531ffc4990c152d59ed0802e1c0caf7e27e424e9cea9ef3d499d4
dprint-x86_64-unknown-linux-musl.zip	4b0e7911262049ccb8e1ac5968bf7a66dc490968fe1552a123bb2d6dadf2ad95
dprint-aarch64-unknown-linux-gnu.zip	039d4dca4360cb6622a2b56c3fc29ea71c356cd954e0b9566bff1a70e75beda8
dprint-aarch64-unknown-linux-musl.zip	a4982964a68aefc2720b4c79c51a57e49b32f8944c1641fd9e714503fcf01847
dprint-riscv64gc-unknown-linux-gnu.zip	6918c45b0070da1da137fa328c7ca82133c6ab0b49a651fa53513305611fe3a8

oxc-project/oxc (oxlint)

v1.15.0: oxlint v1.15.0

Compare Source

🚀 Features

• b20b56d linter: Add vue/no-multiple-slot-args rule (#​13579) (Sysix)
• aafe08c linter: Add vue/define-emits-declaration rule (#​13567) (Sysix)
• 2ed5059 linter: Add vue/define-props-declaration rule (#​13566) (Sysix)
• a718c23 linter: Add vue/valid-define-props rule (#​13565) (Sysix)
• 75a673e editor: Support relative path for oxc.path.server (#​13542) (Sysix)
• 4af886b linter: Add unicorn/no-array-reverse rule (#​13530) (yefan)

🐛 Bug Fixes

• fb9d0f4 language_server: Don't resend diagnostic on save, when typeAware is disabled and run is onType (#​13604) (YongSeok Jang (장용석))
• 2f36350 editor: Add notice for a possible restart when fixing filename-case (#​13557) (Sysix)
• e17fccc linter: Update RuleRunner impl after merge (#​13642) (camc314)
• 3d27c5b linter/no-unused-private-class-members: False positive with spread expr (#​13634) (yefan)
• 8314ed5 linter/tsgolint: Correct comment (#​13589) (camc314)
• 198243b semantic: Dont parse @ as jsdoc tags inside quotes (#​13571) (Gwenn Le Bihan)
• 89084d7 linter/custom-plugins: Enforce exact matching for disable directives (#​13538) (Copilot)
• 277c5e1 linter: Output eslint-plugin-vue for vue diagnostics (#​13564) (Sysix)
• 34d3cde rust: Fix clippy issues (#​13540) (Boshen)
• 5fccafc linter: unicorn/prefer-array-flat-map ignore React.Children (#​13534) (Sysix)
• 7e78e39 linter: Don't panic when parsing regex with multiple parentheses (#​13524) (Sysix)
• 0d867b1 linter: Skip running tsgolint when no files need type aware linting (#​13502) (Copilot)
• b677376 language_server: Include the diagnostic of the other linter (#​13490) (Sysix)
• e87d7bd linter: Parse regex inside new RegExp() with parentheses (#​13448) (Sysix)
• 5990f17 linter: Change typescript/no-confusing-void-expression to pedantic (#​13473) (Boshen)

🚜 Refactor

• 7775c21 linter/plugins: Remove oxlint2 Cargo feature (#​13648) (overlookmotel)
• 8f37e88 linter: Update tsgolint payload (#​13547) (camchenry)
• 2d53203 linter/plugins: Move tokio usage from oxc_linter to napi/oxlint2 (#​13647) (overlookmotel)
• 6cd6be2 linter: Add --experimental-js-plugins CLI arg (#​13658) (overlookmotel)
• 476729b linter: Simplify RuleRunner trait definition (#​13637) (camchenry)
• 2f02ac6 linter/plugins: Remove disable_oxlint2 Cargo feature (#​13626) (overlookmotel)
• ff9e4fb linter/plugins: Use fixed-size allocators when ExternalLinter exists (#​13623) (overlookmotel)
• f9bff64 linter_codegen: Improve code style for collecting nodes (#​13636) (camchenry)
• babbaca all: Remove pub from modules with no exports (#​13618) (overlookmotel)
• 91759c6 linter/plugins: Only use RawTransferFileSystem if JS plugins registered (#​13599) (overlookmotel)
• 118020c linter/plugins: Discard ExternalLinter if no JS plugins registered (#​13598) (overlookmotel)
• 8d30bce linter/tsgolint: Report an error if the tsgolint exe could not be found (#​13590) (camc314)
• bccc276 eslint/for-direction: Clean up implementation and improve documentation (#​13532) (Antoine Zanardi)
• 1425da2 eslint/default-case-last: Simplify default case last check in switch statement (#​13529) (Antoine Zanardi)
• d245376 oxlint: Remove unused runner module (#​13561) (camc314)
• 53f2fc1 eslint/default-case: Simplify implementation and enhance readability (#​13430) (Antoine Zanardi)
• 6f15060 eslint/block-scoped-var: Clean up implementation and improve documentation (#​13417) (Antoine Zanardi)
• 671e0fd language_server: Only store one instance of a diagnostic (#​13514) (Sysix)
• 1b425d6 eslint/default-case-last: Simplify implementation and enhance readability (#​13515) (Antoine Zanardi)
• e4bbbce eslint/default-param-last: Simplify implementation and enhance readability (#​13516) (Antoine Zanardi)
• e0396fd linter: Remove static lifetime from disable directives function argument (#​13492) (camc314)

📚 Documentation

• eb1f167 linter: Note which rules require type info to run on rule page (#​13675) (camc314)
• e66f93b linter: Fix backtick formatting in no-return-wrap (#​13633) (camc314)

⚡ Performance

• e6a25e7 linter: Remove unnecessary should_run check (#​13639) (camchenry)
• f6a9687 linter: Store rules by AST type in a boxed array (#​13578) (overlookmotel)
• b81f081 linter: Reduce indirection (#​13574) (overlookmotel)
• a744aff linter: Skip rules that do not have any relevant node types (#​13138) (camchenry)

🎨 Styling

• e110476 linter: Reformat code (#​13573) (overlookmotel)

🧪 Testing

• 58e6c94 oxlint: Add test for ignorePatterns whitelist (#​13372) (Sysix)

rolldown/rolldown (rolldown)

v1.0.0-beta.37

Compare Source

🚀 Features

• partial align with const inline strategy with oxc in smart mode (#​6126) by @​IWANABETHATGUY
• dev: use PathsMut for non-debounced RecommendedWatcher (#​6120) by @​sapphi-red
• dev: return whether the build is already scheduled from scheduleBuildIfStale method (#​6116) by @​sapphi-red
• handle errors from BundlerBuilder#build (#​6104) by @​shulaoda
• add debounceTickRate option for debounced watchers (#​6113) by @​hyf0
• support full build in incrementalBuild mode (#​6098) by @​IWANABETHATGUY
• add compare_contents_for_polling option to dev watcher (#​6108) by @​hyf0
• dev: add scheduleBuildIfStale method to DevEngine (#​6087) by @​sapphi-red
• dev: return changed files in onHmrUpdates callback (#​6086) by @​sapphi-red
• support function config with custom CLI arguments (#​6076) by @​IWANABETHATGUY
• improve MISSING_EXPORT warning to suggest type modifier (#​6085) by @​sapphi-red
• crates/rolldown_watcher: introduce PathsMut to batch watch/unwatch behaviors (#​6075) by @​hyf0
• enable treeshake.commonjs by default (#​6072) by @​IWANABETHATGUY
• dev: add debounce control and PollWatcher support to DevWatchOptions (#​6070) by @​hyf0

🐛 Bug Fixes

• use kqueue for file watch on mac (#​6124) by @​sapphi-red
• use patched notify for better file change event debouncing (#​6125) by @​sapphi-red
• support passing all js primitive value for alias plugin (#​6123) by @​IWANABETHATGUY
• track spans in member expression properties for accurate sourcemaps (#​6100) by @​IWANABETHATGUY
• correctly handle inlined CommonJS exports in member expressions (#​6090) by @​IWANABETHATGUY
• dev: ensure patch file names to be unique (#​6096) by @​sapphi-red
• dev: normalize slash on Windows before comparing paths (#​6095) by @​sapphi-red
• dev/watch: debounce duration should default to 10 (#​6078) by @​hyf0

🚜 Refactor

• simplify __export runtime helper to create target object internally (#​6114) by @​IWANABETHATGUY
• simplify module_namespace construction second try (#​6118) by @​IWANABETHATGUY
• simplify module_namespace construction (#​5939) by @​IWANABETHATGUY
• optimize member expression creation in AstSnippet (#​6091) by @​IWANABETHATGUY
• test-dev-server: sensible watcher configuration for CI env (#​6077) by @​hyf0

🧪 Testing

• dev: apply HMR edits on Windows (#​6094) by @​sapphi-red

⚙️ Miscellaneous Tasks

• Revert "chore: adjust breaking change template of cliff (#​6069)" (#​6130) by @​IWANABETHATGUY
• test-dev-server: improve hmr test configuration (#​6115) by @​hyf0
• deps: update dependency rolldown-plugin-dts to v0.16.2 (#​6128) by @​renovate[bot]
• Revert "refactor: simplify module_namespace construction (#​5939)" (#​6117) by @​IWANABETHATGUY
• test-dev-server: optimize test log output (#​6107) by @​hyf0
• enable compare_contents_for_polling and update poll interval for CI test-dev-server (#​6110) by @​hyf0
• deps: update dependency vite to v7.1.5 [security] (#​6111) by @​renovate[bot]
• fix warnings reported by just lint (#​6105) by @​shulaoda
• deps: update dependency tsdown to v0.15.0 (#​6102) by @​renovate[bot]
• use debug builds for browser tests in CI (#​6092) by @​hyf0
• test-dev-server: update polling interval and add retry logic for CI tests (#​6088) by @​hyf0
• adjust breaking change template of cliff (#​6069) by @​IWANABETHATGUY

◀️ Revert

• "fix: replace_plugin does not work as expected with .ts config (#​5920)" (#​6074) by @​IWANABETHATGUY

v1.0.0-beta.36

Compare Source

💥 BREAKING CHANGES

• drop CJS format, increase minimum required node (#​6025) by @​sxzz

🚀 Features

• rolldown_plugin_reporter: statically imported dynamic import warning (#​6065) by @​shulaoda
• rolldown_plugin_reporter: warn large chunks (#​6063) by @​shulaoda
• rolldown: oxc v0.87.0 (#​5975) by @​Boshen

🐛 Bug Fixes

• allow keeping whitespace while enabling minify (#​5893) by @​sapphi-red
• dev/watch: build connection between file in this.addWatchFile and currently transformed module during transform hook (#​6048) by @​hyf0
• validator of output.minify (#​6062) by @​IWANABETHATGUY
• codspeed rust benchmark ci (#​6052) by @​IWANABETHATGUY
• just command in ci (#​6045) by @​IWANABETHATGUY
• watch: only consider files read from disk are able to watch (#​6037) by @​hyf0

🚜 Refactor

• dev: introduce DevWatchOptions for enhanced file watching configuration (#​6057) by @​hyf0
• unify to use is_in_node_modules from rolldown_plugin_utils (#​6066) by @​shulaoda

🧪 Testing

• rust: ensure unused pure function call got treeshaked (#​4524) by @​hyf0
• hmr: tweak improper test (#​6034) by @​hyf0
• hmr: add test of editing multiple files in the same timeframe (#​6029) by @​hyf0
• hmr: support to edit multiple files in the same timeframe (#​6014) by @​hyf0

⚙️ Miscellaneous Tasks

• deps: lock file maintenance rust crates (#​6003) by @​renovate[bot]
• deps: lock file maintenance npm packages (#​5995) by @​renovate[bot]
• add auto-assign PR workflow for organization members (#​6058) by @​IWANABETHATGUY
• fix benchmark-node workflow (#​6060) by @​IWANABETHATGUY
• adding test-node-rolldown-only just command (#​6055) by @​IWANABETHATGUY
• just commands in ci (#​6056) by @​IWANABETHATGUY
• run test ci when justfile is changed (#​6049) by @​IWANABETHATGUY
• remove unused warning for conditional compiledSimplifyMinifyOptions (#​6047) by @​IWANABETHATGUY
• remove auto approval ci (#​6051) by @​IWANABETHATGUY
• adding rustfmt components for repo-validation (#​6053) by @​IWANABETHATGUY
• repo: check format/style in just lint-rust (#​6050) by @​hyf0
• repo/ai: refine justfile (#​6038) by @​hyf0
• repo/ai: add AGENTS.md and CLAUDE.md (#​6039) by @​hyf0
• deps: update github-actions (major) (#​6041) by @​renovate[bot]
• deps: update github-actions (#​6040) by @​renovate[bot]
• deps: update dependency rolldown-plugin-dts to v0.16.1 (#​6035) by @​renovate[bot]

pnpm/pnpm (pnpm)

v10.16.1

Compare Source

Patch Changes

• The full metadata cache should be stored not at the same location as the abbreviated metadata. This fixes a bug where pnpm was loading the abbreviated metadata from cache and couldn't find the "time" field as a result #​9963.
• Forcibly disable ANSI color codes when generating patch diff #​9914.

v10.16.0

Compare Source

Minor Changes

• There have been several incidents recently where popular packages were successfully attacked. To reduce the risk of installing a compromised version, we are introducing a new setting that delays the installation of newly released dependencies. In most cases, such attacks are discovered quickly and the malicious versions are removed from the registry within an hour.

  The new setting is called minimumReleaseAge. It specifies the number of minutes that must pass after a version is published before pnpm will install it. For example, setting minimumReleaseAge: 1440 ensures that only packages released at least one day ago can be installed.

  If you set minimumReleaseAge but need to disable this restriction for certain dependencies, you can list them under the minimumReleaseAgeExclude setting. For instance, with the following configuration pnpm will always install the latest version of webpack, regardless of its release time:

  minimumReleaseAgeExclude:
    - webpack

  Related issue: #​9921.

• Added support for finders #​9946.

  In the past, pnpm list and pnpm why could only search for dependencies by name (and optionally version). For example:

  pnpm why minimist
  

  prints the chain of dependencies to any installed instance of minimist:

  verdaccio 5.20.1
  ├─┬ handlebars 4.7.7
  │ └── minimist 1.2.8
  └─┬ mv 2.1.1
    └─┬ mkdirp 0.5.6
      └── minimist 1.2.8
  

  What if we want to search by other properties of a dependency, not just its name? For instance, find all packages that have react@17 in their peer dependencies?

  This is now possible with "finder functions". Finder functions can be declared in .pnpmfile.cjs and invoked with the --find-by=<function name> flag when running pnpm list or pnpm why.

  Let's say we want to find any dependencies that have React 17 in peer dependencies. We can add this finder to our .pnpmfile.cjs:

  module.exports = {
    finders: {
      react17: (ctx) => {
        return ctx.readManifest().peerDependencies?.react === "^17.0.0";
      },
    },
  };

  Now we can use this finder function by running:

  pnpm why --find-by=react17
  

  pnpm will find all dependencies that have this React in peer dependencies and print their exact locations in the dependency graph.

  @​apollo/client 4.0.4
  ├── @​graphql-typed-document-node/core 3.2.0
  └── graphql-tag 2.12.6
  

  It is also possible to print out some additional information in the output by returning a string from the finder. For example, with the following finder:

  module.exports = {
    finders: {
      react17: (ctx) => {
        const manifest = ctx.readManifest();
        if (manifest.peerDependencies?.react === "^17.0.0") {
          return `license: ${manifest.license}`;
        }
        return false;
      },
    },
  };

  Every matched package will also print out the license from its package.json:

  @​apollo/client 4.0.4
  ├── @​graphql-typed-document-node/core 3.2.0
  │   license: MIT
  └── graphql-tag 2.12.6
      license: MIT
  

Patch Changes

• Fix deprecation warning printed when executing pnpm with Node.js 24 #​9529.
• Throw an error if nodeVersion is not set to an exact semver version #​9934.
• pnpm publish should be able to publish a .tar.gz file #​9927.
• Canceling a running process with Ctrl-C should make pnpm run return a non-zero exit code #​9626.

---

Configuration

📅 Schedule: Branch creation - "before 9am on monday" in timezone Asia/Shanghai, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.