fix(deps): update all dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@astrojs/ts-plugin (source)	1.6.0 -> 1.8.0					dependencies	minor
@iconify-json/akar-icons	1.1.23 -> 1.1.24					devDependencies	patch
@iconify-json/ion	1.1.15 -> 1.1.18					devDependencies	patch
@iconify-json/mdi	1.1.64 -> 1.1.66					devDependencies	patch
@iconify-json/ph	1.1.11 -> 1.1.13					devDependencies	patch
@iconify-json/simple-icons	1.1.95 -> 1.1.103					devDependencies	patch
@tailwindcss/typography	0.5.10 -> 0.5.13					devDependencies	patch
@vite-pwa/astro	^0.3.0 -> ^0.4.0					devDependencies	minor
@vueuse/core (source)	10.9.0 -> 10.10.0					devDependencies	minor
@vueuse/integrations (source)	10.9.0 -> 10.10.0					dependencies	minor
SonarSource/sonarcloud-github-action	44eed60 -> 13d84ab					action	digest
astro-compress	2.2.14 -> 2.2.26					devDependencies	patch
astro-critters	2.1.4 -> 2.1.9					devDependencies	patch
conventional-changelog-conventionalcommits (source)	^7.0.2 -> ^8.0.0					devDependencies	major
docker/build-push-action	2a7db1d -> ef6cba3					action	digest
docker/metadata-action	232fc64 -> f7b4ed1					action	digest
dompurify	3.0.9 -> 3.1.4					devDependencies	minor
eslint-plugin-astro (source)	^0.31.4 -> ^1.0.0					devDependencies	major
eslint-plugin-vue (source)	9.23.0 -> 9.26.0					devDependencies	minor
lycheeverse/lychee-action	v1.9.3 -> v1.10.0					action	minor
marked (source)	12.0.1 -> 12.0.2					devDependencies	patch
mcr.microsoft.com/vscode/devcontainers/typescript-node	0-16-buster -> 1-16-buster					final	major
nanostores	0.10.0 -> 0.10.3					devDependencies	patch
pnpm (source)	8.15.4 -> 9.1.3					packageManager	major
pnpm/action-setup	v3.0.0 -> v4.0.0					action	major
postcss-nesting (source)	12.1.0 -> 12.1.5					devDependencies	patch
postcss-preset-env (source)	9.5.0 -> 9.5.14					devDependencies	patch
prettier-plugin-astro	0.13.0 -> 0.14.0					devDependencies	minor
prettier-plugin-tailwindcss	0.5.12 -> 0.5.14					devDependencies	patch
sass	1.71.1 -> 1.77.2					dependencies	minor
sharp (source, changelog)	0.33.2 -> 0.33.4					dependencies	patch
tailwindcss (source)	3.4.1 -> 3.4.3					devDependencies	patch

---

Release Notes

withastro/language-tools (@​astrojs/ts-plugin)

v1.8.0

Compare Source

Minor Changes

• c8af6db: Upgrades the language server to use the latest version of Volar. This changes should have no negative impacts on the experience.

v1.7.0

Compare Source

Minor Changes

• 65d3425: Upgrades the language server to use Volar 2.2. This changes should have no negative impacts on the experience.

v1.6.1

Compare Source

Patch Changes

• 9ca368b: Update to the latest version of Volar. This release should fix some of the caching issues that has crept up recently

tailwindlabs/tailwindcss-typography (@​tailwindcss/typography)

v0.5.13

Compare Source

Fixed

• Don't apply margins to <br> elements contained in an <li> in FF (#​350)

v0.5.12

Compare Source

Added

• Use logical properties for better RTL support (#​323)

v0.5.11

Compare Source

Added

• Add prose-kbd modifier (#​340)

Fixed

• Fix space between <figcaption> and <video> (#​339)

vite-pwa/astro (@​vite-pwa/astro)

v0.4.0

Compare Source

   🚨 Breaking Changes

• Update vite-plugin-pwa dependency to 0.20.0  -  by @​userquin in https://github.com/vite-pwa/astro/issues/46 (c94df)

    View changes on GitHub

v0.3.1

Compare Source

   🐞 Bug Fixes

• injectManifest: Astro with env files not working  -  by @​userquin in https://github.com/vite-pwa/astro/issues/43 (fb7ae)

    View changes on GitHub

vueuse/vueuse (@​vueuse/core)

v10.10.0

Compare Source

vueuse/vueuse (@​vueuse/integrations)

v10.10.0

Compare Source

PlayForm/Compress (astro-compress)

v2.2.26

Compare Source

v2.2.25

Compare Source

v2.2.24

Compare Source

v2.2.23

Compare Source

v2.2.22

Compare Source

v2.2.21

Compare Source

v2.2.20

Compare Source

Full Changelog: PlayForm/Compress@v0.0.1...v2.2.20

v2.2.19

Compare Source

What's Changed

• Bump astro from 4.5.8 to 4.5.9 by @​dependabot in https://github.com/Playform/AstroCompress/pull/317
• Bump sharp from 0.33.2 to 0.33.3 by @​dependabot in https://github.com/Playform/AstroCompress/pull/318

Full Changelog: PlayForm/Compress@v2.2.18...v2.2.19

v2.2.18

Compare Source

Full Changelog: PlayForm/Compress@v2.2.17...v2.2.18

v2.2.17

Compare Source

What's Changed

• Bump dependabot/fetch-metadata from 1.6.0 to 2.0.0 by @​dependabot in https://github.com/Playform/AstroCompress/pull/315

Full Changelog: PlayForm/Compress@v2.2.16...v2.2.17

v2.2.16

Compare Source

What's Changed

• Bump astro from 4.5.4 to 4.5.5 by @​dependabot in https://github.com/Playform/AstroCompress/pull/309
• Bump astro from 4.5.5 to 4.5.6 by @​dependabot in https://github.com/Playform/AstroCompress/pull/310
• Bump typescript-esbuild from 0.4.1 to 0.4.2 by @​dependabot in https://github.com/Playform/AstroCompress/pull/311
• Bump astro from 4.5.6 to 4.5.7 by @​dependabot in https://github.com/Playform/AstroCompress/pull/312
• Bump typescript-esbuild from 0.4.2 to 0.4.4 by @​dependabot in https://github.com/Playform/AstroCompress/pull/313
• Bump astro from 4.5.7 to 4.5.8 by @​dependabot in https://github.com/Playform/AstroCompress/pull/314

Full Changelog: PlayForm/Compress@v2.1.15...v2.2.16

v2.2.15

Compare Source

PlayForm/Inline (astro-critters)

v2.1.9

Compare Source

v2.1.8

Compare Source

v2.1.7

Compare Source

v2.1.6

Compare Source

What's Changed

• Bump dependabot/fetch-metadata from 1.7.0 to 2.0.0 by @​dependabot in https://github.com/Playform/AstroCritters/pull/259
• Bump astro from 4.5.8 to 4.5.9 by @​dependabot in https://github.com/Playform/AstroCritters/pull/260

Full Changelog: PlayForm/Inline@v2.1.5...v2.1.6

v2.1.5

Compare Source

What's Changed

• Bump files-pipe from 2.1.12 to 2.1.13 by @​dependabot in https://github.com/Playform/AstroCritters/pull/249
• Bump astro from 4.4.15 to 4.5.0 by @​dependabot in https://github.com/Playform/AstroCritters/pull/250
• Bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in https://github.com/Playform/AstroCritters/pull/251
• Bump astro from 4.5.0 to 4.5.2 by @​dependabot in https://github.com/Playform/AstroCritters/pull/252
• Bump astro from 4.5.4 to 4.5.6 by @​dependabot in https://github.com/Playform/AstroCritters/pull/253
• Bump typescript-esbuild from 0.4.1 to 0.4.4 by @​dependabot in https://github.com/Playform/AstroCritters/pull/254
• Bump astro from 4.5.6 to 4.5.8 by @​dependabot in https://github.com/Playform/AstroCritters/pull/256
• Bump typescript-esbuild from 0.4.4 to 0.4.5 by @​dependabot in https://github.com/Playform/AstroCritters/pull/257
• Bump dependabot/fetch-metadata from 1.6.0 to 1.7.0 by @​dependabot in https://github.com/Playform/AstroCritters/pull/258

Full Changelog: PlayForm/Inline@v2.1.4...v2.1.5

conventional-changelog/conventional-changelog (conventional-changelog-conventionalcommits)

v8.0.0

Compare Source

⚠ BREAKING CHANGES

• Node >= 18 is required
• conventional-recommended-bump: new Bumper exported class (#​1218)
• cleanup presets interface (#​1215)
• conventional-changelog-writer: rewrite to TypeScript (#​1150)
• Now all packages, except gulp-conventional-changelog, are ESM-only.

Features

• cleanup presets interface (#​1215) (0e4f293)
• conventional-changelog-writer: rewrite to TypeScript (#​1150) (8af364f)
• conventional-recommended-bump: new Bumper exported class (#​1218) (0ddc8cd)
• drop node 16 support (#​1226) (ec69cfd)
• move from CommonJS to ESM (#​1144) (c5b859d)

Bug Fixes

• conventional-changelog-conventionalcommits: avoid double empty lines (#​1235) (3b4bfdf), closes #​1188

cure53/DOMPurify (dompurify)

v3.1.4: DOMPurify 3.1.4

Compare Source

• Fixed an issue with the recently implemented isNaN checks, thanks @​tulach
• Added several new popover attributes to allow-list, thanks @​Gigabyte5671
• Fixed the tests and adjusted the test runner to cover all branches

v3.1.3: DOMPurify 3.1.3

Compare Source

• Fixed several mXSS variations found by and thanks to @​kevin-mizu & @​Ry0taK
• Added better configurability for comment scrubbing default behavior
• Added better hardening against Prototype Pollution attacks, thanks @​kevin-mizu
• Added better handling and readability of the nodeType property, thanks @​ssi02014
• Fixed some smaller issues in README and other documentation

v3.1.2: DOMPurify 3.1.2

Compare Source

• Addressed and fixed a mXSS variation found by @​kevin-mizu
• Addressed and fixed a mXSS variation found by Adam Kues of Assetnote
• Updated tests for older Safari and Chrome versions

v3.1.1: DOMPurify 3.1.1

Compare Source

• Fixed an mXSS sanitiser bypass reported by @​icesfont
• Added new code to track element nesting depth
• Added new code to enforce a maximum nesting depth of 255
• Added coverage tests and necessary clobbering protections

Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.

v3.1.0: DOMPurify 3.1.0

Compare Source

• Added new setting SAFE_FOR_XML to enable better control over comment scrubbing
• Updated README to warn about happy-dom not being safe for use with DOMPurify yet
• Updated the LICENSE file to show the accurate year number
• Updated several build and test dependencies

v3.0.11: DOMPurify 3.0.11

Compare Source

• Fixed another conditional bypass caused by Processing Instructions, thanks @​Ry0taK
• Fixed the regex for HTML Custom Element detection, thanks @​AlekseySolovey3T

v3.0.10: DOMPurify 3.0.10

Compare Source

• Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @​Slonser
• Bumped up some build and test dependencies

ota-meshi/eslint-plugin-astro (eslint-plugin-astro)

v1.2.0

Compare Source

Minor Changes

• #​386 876ce07 Thanks @​odanado! - feat: add name of config object

v1.1.2

Compare Source

Patch Changes

• #​379 3fee9b2 Thanks @​ota-meshi! - fix: update parser

v1.1.1

Compare Source

Patch Changes

• #​374 1de0fed Thanks @​jimmy-guzman! - fix: 🐛 correctly export meta for ESM types

v1.1.0

Compare Source

Minor Changes

• #​372 9102e3d Thanks @​ota-meshi! - feat: add astro/no-exports-from-components rule

Patch Changes

• #​336 7695e7d Thanks @​renovate! - fix(deps): update dependency globals to v15

v1.0.3

Compare Source

Patch Changes

• #​368 d3cb2ef Thanks @​ota-meshi! - fix: crash in ESM

v1.0.2

Compare Source

Patch Changes

• #​366 31f64dd Thanks @​ota-meshi! - fix: add exports to package.json

v1.0.1

Compare Source

Patch Changes

• #​361 6737baa Thanks @​ota-meshi! - fix: main entry

v1.0.0

Compare Source

Major Changes

• #​357 4afd799 Thanks @​ota-meshi! - feat!: drop support for ESLint<v8.57.0

• #​355 4c73905 Thanks @​ota-meshi! - feat!: Drop support for Node.js<v18.18

• #​358 3626074 Thanks @​ota-meshi! - feat!: use astro-eslint-parser v1

• #​360 80dfa09 Thanks @​ota-meshi! - feat!: use bundler

v0.34.0

Compare Source

Minor Changes

• #​343 3dcd714 Thanks @​nix6839! - feat: compatibility flat configs type

v0.33.1

Compare Source

Patch Changes

• #​334 a84fe26 Thanks @​ota-meshi! - fix: client-side scripts not being able to linting in flat configs

v0.33.0

Compare Source

Minor Changes

• #​322 d55a51e Thanks @​oanaOM! - feat add astro/missing-client-only-directive-value rule

v0.32.0

Compare Source

Minor Changes

• #​324 64abbb1 Thanks @​ota-meshi! - feat: add support for flat config

vuejs/eslint-plugin-vue (eslint-plugin-vue)

v9.26.0

Compare Source

v9.25.0

Compare Source

v9.24.1

Compare Source

v9.24.0

Compare Source

lycheeverse/lychee-action (lycheeverse/lychee-action)

v1.10.0

Compare Source

What's Changed

• Update actions/checkout to version 4 by @​jacobdalamb in https://github.com/lycheeverse/lychee-action/pull/224
• Bump lychee to 0.15.0 by @​mre in https://github.com/lycheeverse/lychee-action/pull/226

New Contributors

• @​jacobdalamb made their first contribution in https://github.com/lycheeverse/lychee-action/pull/224

Full Changelog: lycheeverse/lychee-action@v1.9.3...v1.10.0

markedjs/marked (marked)

v12.0.2

Compare Source

Bug Fixes

• fix Setext continuation in blockquote (#​3257) (e9f0eed)

nanostores/nanostores (nanostores)

v0.10.3

Compare Source

• Fixed incorrect previous value when listening deep store (by @​euaaaio).

v0.10.2

Compare Source

• Fixed old value when listening for deep deepMap (by @​euaaaio).

v0.10.1

Compare Source

• Fixed passing old value to onNotify callback (by @​euaaaio).

pnpm/pnpm (pnpm)

v9.1.3

Compare Source

v9.1.2

Compare Source

Patch Changes

• Reduced memory usage during peer dependencies resolution #​8084.
• Details in the pnpm licenses output are not misplaced anymore #​8071.

Platinum Sponsors

Gold Sponsors

config help if that's undesired. If you want to rebase/retry this PR, check this box This PR has been generated by Mend Renovate. View repository job log here.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud