chore(deps): update all non-major dependencies (v3)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@iconify-json/logos	^1.2.5 -> ^1.2.9
@iconify-json/lucide	^1.2.58 -> ^1.2.62
@iconify-json/simple-icons	^1.2.44 -> ^1.2.47
@iconify-json/vscode-icons	^1.2.23 -> ^1.2.29
@nuxt/eslint-config (source)	^1.7.1 -> ^1.8.0
@nuxt/image (source)	^1.10.0 -> ^1.11.0
@unhead/vue (source)	^2.0.12 -> ^2.0.14
eslint (source)	^9.32.0 -> ^9.33.0
motion-v	^1.6.1 -> ^1.7.0
nuxt-component-meta	^0.13.0 -> ^0.13.1
pnpm (source)	10.13.1 -> 10.14.0
tailwind-variants	^2.0.1 -> ^2.1.0
wrangler (source)	^4.26.1 -> ^4.28.1
yup	^1.6.1 -> ^1.7.0
zod (source)	^4.0.13 -> ^4.0.17

---

Release Notes

nuxt/eslint (@​nuxt/eslint-config)

v1.8.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (932a7)

    View changes on GitHub

nuxt/image (@​nuxt/image)

v1.11.0

Compare Source

compare changes

🚀 Enhancements

• Add support for image helpers in nitro endpoints (#​1473)
• ipx: Log the architecture of the build (#​1808)

🩹 Fixes

• Remove layer0 and edgio providers (#​1763)
• Add back layer0 and edgio providers (without) tests (a99ce09)
• cloudflare: Don't add baseURL if there are no operations (#​1790)
• ipx: Always use ipx provider if external baseURL is provided (#​1800)
• ipxStatic: Strip repeated slashes from image path (#​1801)
• Avoid deep type instantiation (12b37a2)

📖 Documentation

• Fix typo (#​1762)
• Fix link to runtime/providers (#​1819)

🏡 Chore

• Disable shamefully-hoist (#​1795)
• Do not ignore typescript upgrades (0809991)
• Switch to using typesVersions field (b4af05a)
• Allow major bumps in changelog (d486587)
• Enable oxc-resolver build (4be31c7)
• Release v1.11.0 (3123997)

✅ Tests

• Exclude layer0 + edgio from unit tests (3682a90)

🤖 CI

• Run tests against 1.x branch (0c83646)
• Add release workflow and add pkg.pr.new (#​1791)
• Set fetch-depth (18ae6c7)
• Test vs node 20 (e6babef)

❤️ Contributors

• Daniel Roe (@​danielroe)
• Matis (@​matisbag)
• Amir Afshar (@​Afshar07)
• Sébastien Chopin (@​atinux)
• Nicolas Großmann (@​grossmann94)

unjs/unhead (@​unhead/vue)

v2.0.14

Compare Source

   🐞 Bug Fixes

• unhead: Multiword attributes in template  -  by @​NikSimonov in https://github.com/unjs/unhead/issues/568 (f635b)

    View changes on GitHub

eslint/eslint (eslint)

v9.33.0

Compare Source

motiondivision/motion-vue (motion-v)

v1.7.0

Compare Source

   🚀 Features

• Children of variants with delayChildren: stagger() will now be staggered correctly alongside their newly-entering siblings.  -  by @​rick-hup (2076f)

    View changes on GitHub

nuxtlabs/nuxt-component-meta (nuxt-component-meta)

v0.13.1

Compare Source

• fix: exclude SVG components (#​85) (8c7deac)

pnpm/pnpm (pnpm)

v10.14.0

Compare Source

Minor Changes

• Added support for JavaScript runtime resolution

  Declare Node.js, Deno, or Bun in devEngines.runtime (inside package.json) and let pnpm download and pin it automatically.

  Usage example:

  {
    "devEngines": {
      "runtime": {
        "name": "node",
        "version": "^24.4.0",
        "onFail": "download" (we only support the "download" value for now)
      }
    }
  }

  How it works:

  1. pnpm install resolves your specified range to the latest matching runtime version.
  2. The exact version (and checksum) is saved in the lockfile.
  3. Scripts use the local runtime, ensuring consistency across environments.

  Why this is better:

  1. This new setting supports also Deno and Bun (vs. our Node-only settings useNodeVersion and executionEnv.nodeVersion)
  2. Supports version ranges (not just a fixed version).
  3. The resolved version is stored in the pnpm lockfile, along with an integrity checksum for future validation of the Node.js content's validity.
  4. It can be used on any workspace project (like executionEnv.nodeVersion). So, different projects in a workspace can use different runtimes.
  5. For now devEngines.runtime setting will install the runtime locally, which we will improve in future versions of pnpm by using a shared location on the computer.

  Related PR: #​9755.

• Add --cpu, --libc, and --os to pnpm install, pnpm add, and pnpm dlx to customize supportedArchitectures via the CLI #​7510.

Patch Changes

• Fix a bug in which pnpm add downloads packages whose libc differ from pnpm.supportedArchitectures.libc.
• The integrities of the downloaded Node.js artifacts are verified #​9750.
• Allow dlx to parse CLI flags and options between the dlx command and the command to run or between the dlx command and -- #​9719.
• pnpm install --prod should removing hoisted dev dependencies #​9782.
• Fix an edge case bug causing local tarballs to not re-link into the virtual store. This bug would happen when changing the contents of the tarball without renaming the file and running a filtered install.
• Fix a bug causing pnpm install to incorrectly assume the lockfile is up to date after changing a local tarball that has peers dependencies.

heroui-inc/tailwind-variants (tailwind-variants)

v2.1.0

Compare Source

Features

• implement lazy loading for tailwind-merge module (#​257) (e80c23a)

2.0.1 (2025-07-28)

cloudflare/workers-sdk (wrangler)

v4.28.1

Compare Source

Patch Changes

• #​10130 773cca3 Thanks @​dario-piotrowicz! - update maybeStartOrUpdateRemoteProxySession config argument (to allow callers to specify an environment)

  Before this change maybeStartOrUpdateRemoteProxySession could be called with either the path to a wrangler config file or the configuration of a worker. The former override however did not allow the caller to specify an environment, so the maybeStartOrUpdateRemoteProxySession API has been updated so that in the wrangler config case an object (with the path and a potential environment) needs to be passed instead.

  For example, before callers could invoke the function in the following way

  await maybeStartOrUpdateRemoteProxySession(configPath);

  note that there is no way to tell the function what environment to use when parsing the wrangle configuration.

  Now callers will instead call the function in the following way:

  await maybeStartOrUpdateRemoteProxySession({
  	path: configPath,
  	environment: targetEnvironment,
  });

  note that now a target environment can be specified.

• #​10130 773cca3 Thanks @​dario-piotrowicz! - fix getPlatformProxy not taking into account the potentially specified environment for remote bindings

• #​10122 2e8eb24 Thanks @​dario-piotrowicz! - fix startWorker not respecting auth options for remote bindings

  fix startWorker currently not taking into account the auth field
  that can be provided as part of the dev options when used in conjunction
  with remote bindings

  example:

  Given the following

  import { unstable_startWorker } from "wrangler";
  
  const worker = await unstable_startWorker({
  	entrypoint: "./worker.js",
  	bindings: {
  		AI: {
  			type: "ai",
  			experimental_remote: true,
  		},
  	},
  	dev: {
  		experimentalRemoteBindings: true,
  		auth: {
  			accountId: "<ACCOUNT_ID>",
  			apiToken: {
  				apiToken: "<API_TOKEN>",
  			},
  		},
  	},
  });
  
  await worker.ready;

  wrangler will now use the provided <ACCOUNT_ID> and <API_TOKEN> to integrate with
  the remote AI binding instead of requiring the user to authenticate.

• #​10209 93c4c26 Thanks @​devin-ai-integration! - fix: strip ANSI escape codes from log files to improve readability and parsing

• #​9774 48853a6 Thanks @​nikitassharma! - Validate container configuration against account limits in wrangler to give early feedback to the user

• #​10122 2e8eb24 Thanks @​dario-piotrowicz! - fix incorrect TypeScript type for AI binding in the startWorker API

v4.28.0

Compare Source

Minor Changes

• #​9530 e82aa19 Thanks @​Akshit222! - Add --json flag to r2 bucket info command for machine-readable output.

Patch Changes

• #​10004 b4d1373 Thanks @​dario-piotrowicz! - fix wrangler dev logs being logged on the incorrect level in some cases

  currently the way wrangler dev prints logs is faulty, for example the following code

  console.error("this is an error");
  console.warn("this is a warning");
  console.debug("this is a debug");

  inside a worker would cause the following logs:

  ✘ [ERROR] this is an error
  
  ✘ [ERROR] this is a warning
  
  this is a debug
  

  (note that the warning is printed as an error and the debug log is printed even if by default it should not)

  the changes here make sure that the logs are instead logged to their correct level, so for the code about the following will be logged instead:

  ✘ [ERROR] this is an error
  
  ▲ [WARNING] this is a warning
  

  (running wrangler dev with the --log-level=debug flag will also cause the debug log to be included as well)

• #​10099 360004d Thanks @​emily-shen! - fix: move local dev container cleanup to process exit hook. This should ensure containers are cleaned up even when Wrangler is shut down programatically.

• #​10186 dae1377 Thanks @​matthewdavidrodgers! - Deleting when Pages project binds to worker requires confirmation

• #​10169 1655bec Thanks @​devin-ai-integration! - fix: report startup errors before workerd profiling

• #​10136 354a001 Thanks @​nikitassharma! - Update wrangler containers images list to make fewer API calls to improve command runtime

• #​10157 5c3b83f Thanks @​devin-ai-integration! - Enforce 64-character limit for Workflow binding names locally to match production validation

• #​10154 502a8e0 Thanks @​devin-ai-integration! - Fix UTF BOM handling in config files - remove UTF-8 BOM and error on other BOMs

• #​10176 07c8611 Thanks @​devin-ai-integration! - Add macOS version validation to prevent EPIPE errors on unsupported macOS versions (below 13.5). Miniflare and C3 fail hard while Wrangler shows warnings but continues execution.

• Updated dependencies [6b9cd5b, 631f26d, d6ecd05, b4d1373, 8ba7736, 07c8611, 7e204a9, 3f83ac1]:

  • @​cloudflare/unenv-preset@​2.6.0
  • [email protected]

v4.27.0

Compare Source

Minor Changes

• #​9914 a24c9d8 Thanks @​petebacondarwin! - Add support for loading local dev vars from .env files

  If there are no .dev.vars or .dev.vars.<environment> files, when running Wrangler or the Vite plugin in local development mode,
  they will now try to load additional local dev vars from .env, .env.local, .env.<environment> and .env.<environment>.local files.

  These loaded vars are only for local development and have no effect in production to the vars in a deployed Worker.
  Wrangler and Vite will continue to load .env files in order to configure themselves as a tool.

  Further details:

  • In vite build the local vars will be computed and stored in a .dev.vars file next to the compiled Worker code, so that vite preview can use them.
  • The wrangler types command will similarly read the .env files (if no .dev.vars files) in order to generate the Env interface.
  • If the CLOUDFLARE_LOAD_DEV_VARS_FROM_DOT_ENV environment variable is "false" then local dev variables will not be loaded from .env files.
  • If the CLOUDFLARE_INCLUDE_PROCESS_ENV environment variable is "true" then all the environment variables found on process.env will be included as local dev vars.
  • Wrangler (but not Vite plugin) also now supports the --env-file=<path/to/dotenv/file> global CLI option. This affects both loading .env to configure Wrangler the tool as well as loading local dev vars.

Patch Changes

• #​10051 0f7820e Thanks @​nikitassharma! - Add support for custom instance limits for containers. For example, instead of
  having to use the preconfigured dev/standard/basic instance types, you can now
  set:

  instance_type: {
    vcpu: 1,
    memory_mib: 1024,
    disk_mb: 4000
  }
  

  This feature is currently only available to customers on an enterprise plan.

• #​10149 e9bb8d3 Thanks @​vicb! - fix require("debug") in nodejs_compat mode

• Updated dependencies [9b61f44]:

  • [email protected]

jquense/yup (yup)

v1.7.0

Compare Source

Features

• Implement standard schema interface (#​2258) (ced5f51)
• resolve ref params if present when describing (ef53030), closes #​2276

1.6.1 (2024-12-17)

Bug Fixes

• lazy validation errors thrown in builders should resolve async like other validations (c7d7f97)

colinhacks/zod (zod)

v4.0.17

Compare Source

v4.0.16

Compare Source

v4.0.15

Compare Source

Commits:

• 7e7e346 Clean up docs
• f2949a8 [docs] Fix migration guide upgrade command (#​5021)
• d43cf19 Fix recursive object initialization errors with check() and other methods (#​5018)
• 3de2b63 fix: remove redundant Required<> from input and output type definitions (#​5033)
• 93553bd Add needs info
• 03cfa8d 4.0.15

v4.0.14

Compare Source

Commits:

• 99391a8 Docs: Fix typo (#​5005)
• e25303e Docs: fix typo (#​5008)
• dbb05ef Add JSON Schema draft-04 output (#​4811)
• b8257d7 Improve tuple recursive inference.
• 9bdbc2f Avoid infinite loops in defineLazy. Fixes #​4994.
• af96ad4 4.0.14

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[nuxthub-admin]

✅ Deployed ui3

Deployed ui3 e49677f to preview

🔗	renovate-v3-all-minor-patch.ui-6q2.pages.dev
📌	5ff81f3a.ui-6q2.pages.dev
📱	View QR Code

📋 View deployment logs

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[pkg-pr-new]

npm i https://pkg.pr.new/@nuxt/ui@4657

commit: e49677f