Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Deprecations / Replacements

Warning

The following dependencies are either deprecated or have replacements available.

Datasource	Package	Replacement PR?
npm	left-pad

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• fix(deps): update dependency rollup@>=4.0.0 <4.59.0 to >=4.62.2
• fix(deps): update vitest to v4.1.9 (@vitest/ui, vitest)
• fix(deps): update minor updates (minor) (@ckeditor/typedoc-plugins, axios@<1.15.0, axios@>=1.0.0 <1.15.0, axios@>=1.0.0 <=1.13.4, body-parser@>=2.2.0 <2.2.1)
• fix(deps): update node.js to 22.23
• chore(deps): update dependency @anolilab/eslint-config to v28
• chore(deps): update dependency @babel/core to v8
• chore(deps): update dependency ini to v7
• chore(deps): update dependency js-yaml@<=4.1.1 to v5
• chore(deps): update dependency minimatch@<3.1.3 to v9
• chore(deps): update dependency minimatch@<3.1.3 to v10
• chore(deps): update dependency minimatch@<3.1.4 to v4
• chore(deps): update dependency minimatch@<3.1.4 to v5
• chore(deps): update dependency minimatch@<3.1.4 to v6
• chore(deps): update dependency minimatch@<3.1.4 to v7
• chore(deps): update dependency minimatch@<3.1.4 to v8
• chore(deps): update dependency minimatch@<3.1.4 to v9
• chore(deps): update dependency minimatch@<3.1.4 to v10
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.7 to v6
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.7 to v7
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.7 to v8
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.7 to v9
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.7 to v10
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.8 to v6
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.8 to v7
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.8 to v8
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.8 to v9
• chore(deps): update dependency minimatch@>=5.0.0 <5.1.8 to v10
• chore(deps): update dependency minimatch@>=9.0.0 <9.0.6 to v10
• chore(deps): update dependency minimatch@>=9.0.0 <9.0.7 to v10
• chore(deps): update dependency picomatch@<2.3.2 to v3
• chore(deps): update dependency picomatch@<2.3.2 to v4
• chore(deps): update dependency sort-package-json to v4
• chore(deps): update nx monorepo to v23 (@nx/workspace, nx)
• ci(deps): update actions/checkout action to v7
• ci(deps): update anolilab/workflows action to v16
• ci(deps): update anolilab/workflows action to v17
• ci(deps): update anolilab/workflows action to v18
• ci(deps): update anolilab/workflows action to v19
• ci(deps): update anolilab/workflows action to v20
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• fix(deps): update nx monorepo to v22.7.6 (@nx/workspace, nx)
• fix(deps): update commitlint monorepo to v21.1.0 (@commitlint/cli, @commitlint/config-conventional)
• fix(deps): update vite to >=8.1.0 (vite@>=7.0.0 <=7.3.1, vite@>=7.1.0 <=7.1.10, vite@>=7.1.0 <=7.3.1, vite@>=8.0.0 <8.0.16)
• chore(deps): update mcr.microsoft.com/devcontainers/typescript-node docker tag to v24

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• fix(deps): update github-actions (anolilab/workflows, lewagon/wait-on-check-action)
• fix(deps): update dependency @types/node to v25.9.4
• fix(deps): update dependency @vitest/coverage-v8 to v4.1.9
• fix(deps): update dependency prettier to v3.8.4
• fix(deps): update dependency semantic-release to v25.0.5
• fix(deps): update patch updates (patch) (@anolilab/lint-staged-config, @anolilab/rc, @anolilab/semantic-release-clean-package-json, @anolilab/semantic-release-pnpm, @anolilab/textlint-config, @arethetypeswrong/cli, @hono/node-server@<1.19.10, got, hono@<4.12.25, lint-staged, semver, uuid@<14.0.0)
• fix(deps): update visulima (patch) (@visulima/packem, @visulima/pail)
• fix(deps): update dependency eslint to v10.5.0
• fix(deps): update dependency type-fest to v5.7.0
• chore(deps): lock file maintenance
• Click on this checkbox to rebase all open PRs at once

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• chore(deps): update dependency @sebbo2002/semantic-release-jsr to v4
• chore(deps): update dependency ajv@<6.14.0 to v7
• chore(deps): update dependency ajv@<6.14.0 to v8
• chore(deps): update dependency semantic-release to v25
• chore(deps): update node.js to v24

Detected Dependencies

devcontainer (1)

.devcontainer/devcontainer.json (1)

• mcr.microsoft.com/devcontainers/typescript-node 22 → [Updates: 24]

github-actions (16)

.github/workflows/allo-allo.yaml (1)

• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]

.github/workflows/cache-clear.yml (1)

• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]

.github/workflows/codeql.yml (1)

• anolilab/workflows v15.3.1@20b8733e71ebbb165d54fe8cede47e225985a58a → [Updates: v16.0.0, v17.0.0, v18.0.4, v19.0.4, v20.0.1, v15.3.1]

.github/workflows/comment-issue.yml (3)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/github-script v9.0.0@3a2844b7e9c422d3c10d287c895573f7108da1b3
• actions/github-script v9.0.0@3a2844b7e9c422d3c10d287c895573f7108da1b3

.github/workflows/dependency-review.yml (1)

• anolilab/workflows v15.3.1@20b8733e71ebbb165d54fe8cede47e225985a58a → [Updates: v16.0.0, v17.0.0, v18.0.4, v19.0.4, v20.0.1, v15.3.1]

.github/workflows/labeler.yml (2)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/labeler v6.1.0@f27b608878404679385c85cfa523b85ccb86e213

.github/workflows/lint.yml (1)

• anolilab/workflows v15.3.1@1dc687e78887af5536dbd0877054fc1c56c5575b → [Updates: v16.0.0, v17.0.0, v18.0.4, v19.0.4, v20.0.1, v15.3.1]

.github/workflows/lock-file-maintenance.yml (1)

• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]

.github/workflows/lock-issues.yaml (1)

• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]

.github/workflows/preview-release.yaml (5)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10 → [Updates: v7.0.0]
• nrwl/nx-set-shas v5.0.1@afb73a62d26e41464e9254689e1fd6122ee683c1
• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]
• tj-actions/changed-files v47.0.6@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96

.github/workflows/scorecards.yml (1)

• anolilab/workflows v15.3.1@20b8733e71ebbb165d54fe8cede47e225985a58a → [Updates: v16.0.0, v17.0.0, v18.0.4, v19.0.4, v20.0.1, v15.3.1]

.github/workflows/semantic-pull-request.yml (4)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• amannn/action-semantic-pull-request v6.1.1@48f256284bd46cdaab1048c3721360e808335d50
• marocchino/sticky-pull-request-comment v3.0.4@0ea0beb66eb9baf113663a64ec522f60e49231c0
• marocchino/sticky-pull-request-comment v3.0.4@0ea0beb66eb9baf113663a64ec522f60e49231c0

.github/workflows/semantic-release.yml (5)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• lewagon/wait-on-check-action v1.7.0@9312864dfbc9fd208e9c0417843430751c042800 → [Updates: v1.8.0]
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10 → [Updates: v7.0.0]
• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]
• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]

.github/workflows/stale-issues.yml (1)

• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]

.github/workflows/test.yml (16)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10 → [Updates: v7.0.0]
• dorny/paths-filter v4.0.1@fbd0ab8f3e69293af611ebaee6363fc25e6d187d
• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10 → [Updates: v7.0.0]
• nrwl/nx-set-shas v5.0.1@afb73a62d26e41464e9254689e1fd6122ee683c1
• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]
• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10 → [Updates: v7.0.0]
• nrwl/nx-set-shas v5.0.1@afb73a62d26e41464e9254689e1fd6122ee683c1
• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]
• tj-actions/changed-files v47.0.6@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96
• anolilab/workflows main@d7d84717329a45c2b5ffbda19ae76d8604f61c00 → [Updates: main]
• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/zizmor.yml (1)

• anolilab/workflows v15.3.1@20b8733e71ebbb165d54fe8cede47e225985a58a → [Updates: v16.0.0, v17.0.0, v18.0.4, v19.0.4, v20.0.1, v15.3.1]

npm (7)

package.json (1)

• pnpm 11.8.0 → [Updates: 11.9.0]

packages/multi-semantic-release/package.json (1)

• semantic-release >=24.2.9 → [Updates: >=25.0.5]

packages/rc/package.json

packages/semantic-release-clean-package-json/package.json

packages/semantic-release-pnpm/package.json

packages/semantic-release-preset/package.json

pnpm-workspace.yaml (163)

• esbuild 0.28.1
• @anolilab/semantic-release-clean-package-json 5.5.13 → [Updates: 5.5.14]
• @anolilab/semantic-release-pnpm 8.1.15 → [Updates: 8.1.16]
• @sebbo2002/semantic-release-jsr 3.2.1 → [Updates: 4.0.1]
• @semantic-release/changelog ^6.0.3
• @semantic-release/commit-analyzer 13.0.1
• @semantic-release/error ^4.0.0
• @semantic-release/exec ^7.1.0
• @semantic-release/git ^10.0.1
• @semantic-release/github 12.0.8
• @semantic-release/npm 13.1.5
• @semantic-release/release-notes-generator 14.1.1
• commitizen ^4.3.2
• semantic-release 25.0.3 → [Updates: 25.0.5]
• semantic-release-yarn ^3.0.2
• taze 19.14.1
• @arethetypeswrong/cli ^0.18.3 → [Updates: ^0.18.4]
• @ckeditor/typedoc-plugins 56.1.0 → [Updates: 56.4.0]
• @visulima/packem 2.0.0-alpha.92 → [Updates: 2.0.0-alpha.93]
• @visulima/pail 4.0.0-alpha.16 → [Updates: 4.0.0-alpha.22]
• conventional-changelog-conventionalcommits 9.3.1
• dockerode 5.0.0 → [Updates: 5.0.1]
• file-url ^4.0.0
• get-stream 9.0.1
• got 15.0.5 → [Updates: 15.0.6]
• left-pad ^1.3.0
• p-retry 8.0.0
• stream-buffers ^3.0.3
• tempy 3.2.0
• type-fest 5.6.0 → [Updates: 5.7.0]
• typedoc 0.28.19
• typedoc-plugin-rename-defaults 0.7.3
• cosmiconfig 9.0.2
• @anolilab/commitlint-config 10.0.1
• @anolilab/eslint-config 27.0.10 → [Updates: 28.0.0]
• @anolilab/lint-staged-config 11.0.9 → [Updates: 11.0.10]
• @anolilab/prettier-config 10.0.1
• @anolilab/textlint-config 13.0.2 → [Updates: 13.0.3]
• @commitlint/cli 21.0.2 → [Updates: 21.1.0]
• @commitlint/config-conventional 21.0.2 → [Updates: 21.1.0]
• @secretlint/secretlint-rule-preset-recommend 13.0.2
• eslint 10.4.1 → [Updates: 10.5.0]
• eslint-plugin-you-dont-need-lodash-underscore 6.14.0
• husky ^9.1.7
• lint-staged 17.0.7 → [Updates: 17.0.8]
• prettier 3.8.3 → [Updates: 3.8.4]
• publint 0.3.21
• secretlint 13.0.2
• textlint 15.7.1
• typedoc-plugin-markdown 4.12.0
• @nx/workspace 22.7.5 → [Updates: 22.7.6, 23.0.0]
• nx 22.7.5 → [Updates: 22.7.6, 23.0.0]
• browserslist-config-anolilab 9.0.0
• @visulima/path ^2.0.5
• cross-env ^10.1.0
• execa ^9.6.1
• pkg-pr-new 0.0.75
• resolve-from ^5.0.0
• rimraf 6.1.3
• left-pad ^1.3.0
• @actions/core 3.0.1
• @anolilab/rc 4.0.3 → [Updates: 4.0.4]
• @babel/core 7.29.7 → [Updates: 8.0.1]
• @semrel-extra/topo ^1.14.1
• @visulima/fs ^4.1.0
• @visulima/package ^4.1.7
• audit-ci ^7.1.0
• blork ^9.3.0
• conventional-changelog-conventionalcommits 9.3.1
• debug ^4.4.3
• detect-indent ^7.0.2
• detect-newline ^4.0.1
• env-ci ^11.2.0
• git-log-parser ^1.2.1
• ini ^6.0.0 → [Updates: ^7.0.0]
• is-ci ^4.1.0
• normalize-url 9.0.1
• plop 4.0.5
• registry-auth-token 5.1.1
• signale ^1.4.0
• sort-package-json 3.7.1 → [Updates: 4.0.0]
• stream-buffers ^3.0.3
• yaml 2.9.0
• yargs 18.0.0
• @vitest/coverage-v8 4.1.8 → [Updates: 4.1.9]
• @vitest/ui 4.1.8 → [Updates: 4.1.9]
• vitest 4.1.8 → [Updates: 4.1.9]
• typescript 6.0.3
• @types/debug 4.1.13
• @types/dockerode 4.0.1
• @types/env-ci 3.1.4
• @types/git-log-parser 1.2.3
• @types/ini ^4.1.1
• @types/lodash-es 4.17.12
• @types/node 25.9.1 → [Updates: 25.9.4]
• @types/semantic-release__error 3.0.3
• @types/semver 7.7.1
• @types/signale 1.4.7
• @types/stream-buffers 3.0.8
• @types/yargs 17.0.35
• lodash-es 4.18.1
• semver 7.8.4 → [Updates: 7.8.5]
• ts-deepmerge ^8.0.0
• @grpc/grpc-js@>=1.12.0 <1.12.7 >=1.14.4
• @hono/node-server@<1.19.10 >=2.0.5 → [Updates: >=2.0.6]
• @isaacs/brace-expansion@<=5.0.0 >=5.0.1
• @modelcontextprotocol/sdk@<1.25.2 >=1.29.0
• @modelcontextprotocol/sdk@>=1.10.0 <=1.25.3 >=1.29.0
• ajv@<6.14.0 >=6.15.0 → [Updates: >=7.2.4, >=8.20.0]
• ajv@>=7.0.0-alpha.0 <8.18.0 >=8.20.0
• axios@<1.15.0 >=1.17.0 → [Updates: >=1.18.1]
• axios@>=1.0.0 <1.15.0 >=1.17.0 → [Updates: >=1.18.1]
• axios@>=1.0.0 <=1.13.4 >=1.17.0 → [Updates: >=1.18.1]
• body-parser@>=2.2.0 <2.2.1 >=2.2.2 → [Updates: >=2.3.0]
• brace-expansion@<1.1.13 >=5.0.6
• brace-expansion@>=2.0.0 <2.0.3 >=5.0.6
• brace-expansion@>=4.0.0 <5.0.5 >=5.0.6
• brace-expansion@>=5.0.0 <5.0.6 >=5.0.6
• chrono-node@<2.2.4 >=2.9.1
• defu@<=6.1.4 >=6.1.7
• diff@>=5.0.0 <5.2.2 >=9.0.0
• flatted@<3.4.0 >=3.4.2
• flatted@<=3.4.1 >=3.4.2
• follow-redirects@<=1.15.11 >=1.16.0
• form-data@>=4.0.0 <4.0.6 >=4.0.6
• handlebars@>=4.0.0 <4.7.9 >=4.7.9
• handlebars@>=4.0.0 <=4.7.8 >=4.7.9
• handlebars@>=4.6.0 <=4.7.8 >=4.7.9
• hono@<4.12.25 >=4.12.25 → [Updates: >=4.12.26]
• js-yaml@<=4.1.1 >=4.1.2 → [Updates: >=5.1.0]
• lodash@<=4.17.23 >=4.18.0
• lodash@>=4.0.0 <=4.17.22 >=4.18.1
• lodash@>=4.0.0 <=4.17.23 >=4.18.0
• markdown-it@>=13.0.0 <14.1.1 >=14.2.0
• minimatch@<3.1.3 >=8.0.7 → [Updates: >=9.0.9, >=10.2.5]
• minimatch@<3.1.4 >=3.1.5 → [Updates: >=4.2.6, >=5.1.9, >=6.2.3, >=7.4.9, >=8.0.7, >=9.0.9, >=10.2.5]
• minimatch@>=10.0.0 <10.2.1 >=10.2.5
• minimatch@>=10.0.0 <10.2.3 >=10.2.5
• minimatch@>=5.0.0 <5.1.7 >=5.1.9 → [Updates: >=6.2.3, >=7.4.9, >=8.0.7, >=9.0.9, >=10.2.5]
• minimatch@>=5.0.0 <5.1.8 >=5.1.9 → [Updates: >=6.2.3, >=7.4.9, >=8.0.7, >=9.0.9, >=10.2.5]
• minimatch@>=9.0.0 <9.0.6 >=9.0.9 → [Updates: >=10.2.5]
• minimatch@>=9.0.0 <9.0.7 >=9.0.9 → [Updates: >=10.2.5]
• path-to-regexp@>=8.0.0 <8.4.0 >=8.4.2
• picomatch@<2.3.2 >=2.3.2 → [Updates: >=3.0.2, >=4.0.4]
• picomatch@>=4.0.0 <4.0.4 >=4.0.4
• qs@<6.14.1 >=6.15.2 → [Updates: >=6.15.3]
• qs@>=6.7.0 <=6.14.1 >=6.15.2 → [Updates: >=6.15.3]
• rollup@>=4.0.0 <4.59.0 >=4.62.0 → [Updates: >=4.62.2]
• shell-quote@>=1.1.0 <=1.8.3 ^1.8.4 → [Updates: ^1.9.0]
• tar-fs@>=2.0.0 <2.1.4 >=3.1.2
• tmp@<0.2.7 >=0.2.7
• undici@<6.23.0 >=8.5.0
• undici@<6.24.0 >=8.5.0
• undici@>=6.0.0 <6.24.0 >=8.5.0
• undici@>=7.0.0 <7.18.2 >=8.5.0
• undici@>=7.0.0 <7.24.0 >=8.5.0
• undici@>=7.17.0 <7.24.0 >=8.5.0
• uuid@<14.0.0 >=14.0.0 → [Updates: >=14.0.1]
• vite@>=7.0.0 <=7.3.1 >=8.0.16 → [Updates: >=8.1.0]
• vite@>=7.1.0 <=7.1.10 >=8.0.16 → [Updates: >=8.1.0]
• vite@>=7.1.0 <=7.3.1 >=8.0.16 → [Updates: >=8.1.0]
• vite@>=8.0.0 <8.0.16 >=8.0.16 → [Updates: >=8.1.0]
• yaml@>=2.0.0 <2.8.3 >=2.9.0

nvm (1)

.nvmrc (1)

• node 22.21 → [Updates: 22.23, 24.18]

renovate-config (1)

.github/renovate.json5

---

• Check this box to trigger a request for Renovate to run again on this repository

[github-actions]

Awesome! Thank you for taking the time to create your first issue! Please review the guidelines

[github-actions]

This issue has been automatically marked as stale because it has been open for 21 days with no activity. It will be closed in 7 days if no further activity (Remove label or comment) occurs.
If we missed this issue please reply to keep it active.
Thanks for being a part of this project. 🙏

[github-actions]

This issue has been automatically marked as stale because it has been open for 21 days with no activity. It will be closed in 7 days if no further activity (Remove label or comment) occurs.
If we missed this issue please reply to keep it active.
Thanks for being a part of this project. 🙏

[github-actions]

This issue has been automatically marked as stale because it has been open for 21 days with no activity. It will be closed in 7 days if no further activity (Remove label or comment) occurs.
If we missed this issue please reply to keep it active.
Thanks for being a part of this project. 🙏