chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/node (source)	22.13.1 -> 22.13.4
bumpp	10.0.2 -> 10.0.3
knip (source)	5.43.6 -> 5.44.4
pnpm (source)	10.2.1 -> 10.4.1
postcss (source)	8.5.2 -> 8.5.3
webpack	5.97.1 -> 5.98.0

---

Release Notes

antfu-collective/bumpp (bumpp)

v10.0.3

Compare Source

   🐞 Bug Fixes

• Improve error handler  -  by @​northword in https://github.com/antfu-collective/bumpp/issues/73 (7d0dd)

    View changes on GitHub

webpro-nl/knip (knip)

v5.44.4

Compare Source

• Fix workspace checks in Windows (4f4d0bf)

v5.44.3

Compare Source

v5.44.2

Compare Source

• Improve chart, update copy (f63df95)
• Move config schema (6098cb9)
• Move some utils (d3b7ab6)
• Split main sequence into build + analyze graph (c145c58)
• Update docs (dae0f78)
• Edit docs (0b7f05f)
• Fix dynamically added config files for disabled plugins (resolve #​947) (8209917)

v5.44.1

Compare Source

• Shorten @​auvred (79d5279)
• RR title (b572c7c)
• Add links to remove-unused-vars (f94a9ee)
• Document support for -t jsconfig.json (close #​787) (12bd803)
• Add scripts + chart re. sponsorship activities (de89b7e)
• feat: Support Stylelint custom syntax object (#​937) (41a2bcc) - thanks @​TJNhxMZHmqGytuWT!
• Fix unused @types DT dependencies (resolve #​942) (fc95526)

v5.44.0

Compare Source

• Add fixture w/ compilers/workaround for tailwind v4 (3cf1d05)
• fix: ensure augmentWorkspace honors tsConfig rootDir (#​933) (2afffe0) - thanks @​rmunch!
• feat: Add plugin for React router 7 framework mode (#​931) (012fd5b) - thanks @​lasseklovstad!
• Refactor some bits to add manifestStr (9ce5766)
• Use manifestStr and introduce PackageJsonPeeker (f2efd22)
• Add pos to more issue types in json reporter (resolves #​930) (72cbcfa)
• Merge node and node-test-runner plugins (1019b99)
• Ignore built-in test reporters (resolve #​935) (090e76b)
• Housekeep react-router plugin (dd0f682)
• Bright & dimmed issue type header colors in symbol reporter (close #​934) (dcf5df3)
• Update dependencies (9050695)

pnpm/pnpm (pnpm)

v10.4.1

Compare Source

Patch Changes

• Throws an error when the value provided by the --allow-build option overlaps with the pnpm.ignoredBuildDependencies list #​9105.
• Print pnpm's version after the execution time at the end of the console output.
• Print warning about ignored builds of dependencies on repeat install #​9106.
• Setting init-package-manager should work.

v10.4.0

Compare Source

Minor Changes

• pnpm approve-builds --global works now for allowing dependencies of globally installed packages to run postinstall scripts.

• The pnpm add command now supports a new flag, --allow-build, which allows building the specified dependencies. For instance, if you want to install a package called bundle that has esbuild as a dependency and want to allow esbuild to run postinstall scripts, you can run:

  pnpm --allow-build=esbuild add bundle
  

  This will run esbuild's postinstall script and also add it to the pnpm.onlyBuiltDependencies field of package.json. So, esbuild will always be allowed to run its scripts in the future.

  Related PR: #​9086.

• The pnpm init command adds a packageManager field with the current version of pnpm CLI #​9069. To disable this behaviour, set the init-package-manager setting to false.

Patch Changes

• pnpm approve-builds should work after two consecutive pnpm install runs #​9083.
• Fix instruction for updating pnpm with corepack #​9101.
• The pnpm version specified by packageManager cannot start with v.

v10.3.0

Compare Source

Minor Changes

• Added a new setting called strict-dep-builds. When enabled, the installation will exit with a non-zero exit code if any dependencies have unreviewed build scripts (aka postinstall scripts) #​9071.

Patch Changes

• Fix a false negative of verify-deps-before-run after pnpm install --production|--no-optional #​9019.
• Print the warning about blocked installation scripts at the end of the installation output and make it more prominent.

postcss/postcss (postcss)

v8.5.3

Compare Source

• Added more details to Unknown word error (by @​hiepxanh).
• Fixed types (by @​romainmenke).
• Fixed docs (by @​catnipan).

webpack/webpack (webpack)

v5.98.0

Compare Source

Fixes

• Avoid the deprecation message #​19062 by @​alexander-akait
• Should not escape CSS local ident in JS #​19060 by @​JSerFeng
• MF parse range not compatible with Safari #​19083 by @​alexander-akait
• Preserve filenameTemplate in new split chunk #​19104 by @​henryqdineen
• Use module IDs for final render order #​19184 by @​dmichon-msft
• Strip blob: protocol when public path is auto #​19199 by @​alexander-akait
• Respect output.charset everywhere #​19202 by @​alexander-akait
• Node async WASM loader generation #​19210 by @​ashi009
• Correct BuildInfo and BuildMeta type definitions #​19200 by @​inottn

Performance Improvements

• Improve FlagDependencyExportsPlugin for large JSON by depth #​19058 by @​hai-x
• Optimize assign-depths #​19193 by @​dmichon-msft
• Use startsWith for matching instead of converting the string to a regex #​19207 by @​inottn

Chores

• Bump nanoid from 3.3.7 to 3.3.8 #​19063 by @​dependabot
• Fixed incorrect typecast in DefaultStatsFactoryPlugin #​19156 by @​Andarist
• Improved readme.md by adding video links for understanding webpack #​19101 by @​Vansh5632
• Typo fix #​19205 by @​hai-x
• Adopt the new webpack governance model #​18804 by @​ovflowd

Features

• Implement /* webpackIgnore: true */ for require.resolve #​19201 by @​alexander-akait

Continuous Integration

• CI fix #​19196 by @​alexander-akait

New Contributors

• @​Andarist made their first contribution in https://github.com/webpack/webpack/pull/19156
• @​Vansh5632 made their first contribution in https://github.com/webpack/webpack/pull/19101
• @​ashi009 made their first contribution in https://github.com/webpack/webpack/pull/19210
• @​ovflowd made their first contribution in https://github.com/webpack/webpack/pull/18804

Full Changelog: webpack/webpack@v5.97.1...v5.98.0

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

✨

Description by Callstackai

This PR updates several dependencies in the project, including @types/node, bumpp, knip, postcss, and webpack to their latest versions.

Diagrams of code changes

sequenceDiagram
    participant Root as Root Package
    participant Webpack as Webpack Plugin
    participant Dependencies as Package Dependencies

    Root->>Dependencies: Add package manager ([email protected])
    Root->>Dependencies: Add dev dependencies
    Note over Root,Dependencies: Added @types/node, bumpp, knip

    Webpack->>Dependencies: Add webpack dependency
    Note over Webpack,Dependencies: Added [email protected]

    Dependencies-->>Root: Update PostCSS
    Note over Dependencies,Root: Updated to [email protected]

    Dependencies-->>Root: Update CSS Processing Tools
    Note over Dependencies,Root: Added css-loader, file-loader,<br/>html-webpack-plugin with [email protected]

    Dependencies-->>Root: Update Build Tools
    Note over Dependencies,Root: Added terser-webpack-plugin,<br/>mini-css-extract-plugin with [email protected]

Loading

Files Changed

File	Summary
package.json	Updated package versions for @types/node, bumpp, and knip.
packages/beasties-webpack-plugin/package.json	Updated webpack version.
pnpm-lock.yaml	Updated lock file to reflect changes in package versions.

This PR includes files in programming languages that we currently do not support. We have not reviewed files with the extensions .json, .yaml. See list of supported languages.

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (1)

• chore(deps)

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/[email protected] 🔁 npm/@types/[email protected]	None	0	2.31 MB	types
npm/[email protected] 🔁 npm/[email protected]	Transitive: environment, filesystem	+24	3.75 MB	antfu
npm/[email protected] 🔁 npm/[email protected]	Transitive: filesystem, shell	+32	3.12 MB	webpro

View full report↗︎

[codspeed-hq]

CodSpeed Performance Report

Merging #99 will not alter performance

_{Comparing renovate/all-minor-patch (2f5a244) with main (4b6e15e)}

Summary

✅ 9 untouched benchmarks

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.95%. Comparing base (4b6e15e) to head (2f5a244).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #99   +/-   ##
=======================================
  Coverage   83.95%   83.95%           
=======================================
  Files           7        7           
  Lines        1203     1203           
  Branches      281      281           
=======================================
  Hits         1010     1010           
  Misses        193      193           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.