chore(deps): update devdependencies (non-major)

[renovate]

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

---

This PR contains the following updates:

Package	Change	Age	Confidence
@commitlint/cli (source)	^19.8.0 -> ^19.8.1
@commitlint/config-conventional (source)	^19.8.0 -> ^19.8.1
@commitlint/types (source)	^19.8.0 -> ^19.8.1
@google-cloud/storage	^7.16.0 -> ^7.17.1
@playwright/test (source)	^1.52.0 -> ^1.55.1
@sanity/comlink (source)	^3.0.4 -> ^3.0.9
@sanity/prettier-config	^1.0.3 -> ^1.0.6
@testing-library/jest-dom	^6.6.3 -> ^6.9.0
@types/node (source)	^22.10.5 -> ^22.18.8
@types/react (source)	^19.1.2 -> ^19.1.16
@types/react-dom (source)	^19.1.3 -> ^19.1.9
@vitejs/plugin-react (source)	^4.4.1 -> ^4.7.0
@vitest/coverage-v8 (source)	3.1.2 -> 3.2.4
babel-plugin-react-compiler (source)	19.1.0-rc.1 -> 19.1.0-rc.3
globals	^16.0.0 -> ^16.4.0
husky	^9.1.6 -> ^9.1.7
knip (source)	^5.52.0 -> ^5.64.1
lint-staged	^15.2.10 -> ^15.5.2
minimatch	^10.0.1 -> ^10.0.3
prettier (source)	^3.5.3 -> ^3.6.2
react (source)	^19.1.0 -> ^19.1.1
react-dom (source)	^19.1.0 -> ^19.1.1
tsx (source)	^4.7.1 -> ^4.20.6
tsx (source)	^4.19.4 -> ^4.20.6
turbo (source)	^2.5.2 -> ^2.5.8
typedoc (source)	^0.28.3 -> ^0.28.13
vitest (source)	^3.1.2 -> ^3.2.4
zx (source)	^8.5.3 -> ^8.8.4

---

Release Notes

conventional-changelog/commitlint (@​commitlint/cli)

v19.8.1

Compare Source

Bug Fixes

• update dependency tinyexec to v1 (#​4332) (e49449f)

conventional-changelog/commitlint (@​commitlint/config-conventional)

v19.8.1

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

conventional-changelog/commitlint (@​commitlint/types)

v19.8.1

Compare Source

Note: Version bump only for package @​commitlint/types

googleapis/nodejs-storage (@​google-cloud/storage)

v7.17.1

Compare Source

Bug Fixes

• Respect useAuthWithCustomEndpoint flag for resumable uploads (#​2637) (707b4f2)

v7.17.0

Compare Source

Features

• Add CSEK to download (#​2604) (cacc0be)

Bug Fixes

• Propagate errors when using pipelines (#​2560) (#​2624) (a43b490)
• Typo correction (#​2610) (9cae69c)

microsoft/playwright (@​playwright/test)

v1.55.1

Compare Source

Highlights

#​37479 - [Bug]: Upgrade Chromium to 140.0.7339.186.
#​37147 - [Regression]: Internal error: step id not found.
#​37146 - [Regression]: HTML reporter displays a broken chip link when there are no projects.
#​37137 - Revert "fix(a11y): track inert elements as hidden".

Browser Versions

• Chromium 140.0.7339.186
• Mozilla Firefox 141.0
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 139
• Microsoft Edge 139

v1.55.0

Compare Source

v1.54.2

Compare Source

Highlights

https://github.com/microsoft/playwright/issues/36714 - [Regression]: Codegen is not able to launch in Administrator Terminal on Windows (ProtocolError: Protocol error)https://github.com/microsoft/playwright/issues/368288 - [Regression]: Playwright Codegen keeps spamming with selected optiohttps://github.com/microsoft/playwright/issues/3681010 - [Regression]: Starting Codegen with target language doesn't work anymore

Browser Versions

• Chromium 139.0.7258.5
• Mozilla Firefox 140.0.2
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 140
• Microsoft Edge 140

v1.54.1

Compare Source

v1.54.0

Compare Source

Highlights

• New cookie property partitionKey in browserContext.cookies() and browserContext.addCookies(). This property allows to save and restore partitioned cookies. See CHIPS MDN article for more information. Note that browsers have different support and defaults for cookie partitioning.

• New option noSnippets to disable code snippets in the html report.

  import { defineConfig } from '@​playwright/test';
  
  export default defineConfig({
    reporter: [['html', { noSnippets: true }]]
  });

• New property location in test annotations, for example in testResult.annotations and testInfo.annotations. It shows where the annotation like test.skip or test.fixme was added.

Command Line

• New option --user-data-dir in multiple commands. You can specify the same user data dir to reuse browsing state, like authentication, between sessions.

  npx playwright codegen --user-data-dir=./user-data

• Option -gv has been removed from the npx playwright test command. Use --grep-invert instead.

• npx playwright open does not open the test recorder anymore. Use npx playwright codegen instead.

Miscellaneous

• Support for Node.js 16 has been removed.
• Support for Node.js 18 has been deprecated, and will be removed in the future.

Browser Versions

• Chromium 139.0.7258.5
• Mozilla Firefox 140.0.2
• WebKit 26.0

This version was also tested against the following stable channels:

• Google Chrome 140
• Microsoft Edge 140

v1.53.2

Compare Source

v1.53.1

Compare Source

v1.53.0

Compare Source

Trace Viewer and HTML Reporter Updates

• New Steps in Trace Viewer and HTML reporter:

• New option in 'html' reporter to set the title of a specific test run:

  import { defineConfig } from '@​playwright/test';
  
  export default defineConfig({
    reporter: [['html', { title: 'Custom test run #​1028' }]]
  });

Miscellaneous

• New option kind in testInfo.snapshotPath() controls which snapshot path template is used.

• New method locator.describe() to describe a locator. Used for trace viewer and reports.

  const button = page.getByTestId('btn-sub').describe('Subscribe button');
  await button.click();

• npx playwright install --list will now list all installed browsers, versions and locations.

Browser Versions

• Chromium 138.0.7204.4
• Mozilla Firefox 139.0
• WebKit 18.5

This version was also tested against the following stable channels:

• Google Chrome 137
• Microsoft Edge 137

sanity-io/visual-editing (@​sanity/comlink)

v3.0.9

Bug Fixes

• deps: Update dependency isbot to ^5.1.29 (#​3185) (c6e8698)

v3.0.8

Bug Fixes

• deps: update dependency @​sanity/pkg-utils to v7 (#​3125) (58d123b)

v3.0.7

Bug Fixes

• deps: bump xstate to 5.20 (5a5c004)

v3.0.6

Bug Fixes

• deps: Update dependency xstate to ^5.19.4 (#​3011) (33111d6)
• deps: update react compiler dependencies 🤖 ✨ (#​3030) (5e009da)

v3.0.5

Bug Fixes

• deps: update react compiler dependencies 🤖 ✨ (#​2994) (0388fb0)

sanity-io/prettier-config (@​sanity/prettier-config)

v1.0.6

Compare Source

Bug Fixes

• deps: update dependency prettier to ^3.6.0 (#​22) (588483d)

v1.0.5

Compare Source

Bug Fixes

• improve dts output (6608181)

v1.0.4

Compare Source

Bug Fixes

• deps: update prettier-plugin-packagejson to v2.5.15 (e3c8ee5)

testing-library/jest-dom (@​testing-library/jest-dom)

v6.9.0

Compare Source

v6.8.0

Compare Source

v6.7.0

Compare Source

Features

• add toBePressed matcher (#​203) (#​658) (cfdf8ae)

v6.6.4

Compare Source

vitejs/vite-plugin-react (@​vitejs/plugin-react)

v4.7.0

Compare Source

Add HMR support for compound components (#​518)

HMR now works for compound components like this:

const Root = () => <div>Accordion Root</div>
const Item = () => <div>Accordion Item</div>

export const Accordion = { Root, Item }

Return Plugin[] instead of PluginOption[] (#​537)

The return type has changed from react(): PluginOption[] to more specialized type react(): Plugin[]. This allows for type-safe manipulation of plugins, for example:

// previously this causes type errors
react({ babel: { plugins: ['babel-plugin-react-compiler'] } })
  .map(p => ({ ...p, applyToEnvironment: e => e.name === 'client' }))

v4.6.0

Compare Source

Add raw Rolldown support

This plugin only worked with Vite. But now it can also be used with raw Rolldown. The main purpose for using this plugin with Rolldown is to use react compiler.

v4.5.2

Compare Source

Suggest @vitejs/plugin-react-oxc if rolldown-vite is detected #​491

Emit a log which recommends @vitejs/plugin-react-oxc when rolldown-vite is detected to improve performance and use Oxc under the hood. The warning can be disabled by setting disableOxcRecommendation: false in the plugin options.

Use optimizeDeps.rollupOptions instead of optimizeDeps.esbuildOptions for rolldown-vite #​489

This suppresses the warning about optimizeDeps.esbuildOptions being deprecated in rolldown-vite.

Add Vite 7-beta to peerDependencies range #​497

React plugins are compatible with Vite 7, this removes the warning when testing the beta.

v4.5.1

Compare Source

Add explicit semicolon in preambleCode #​485

This fixes an edge case when using HTML minifiers that strips line breaks aggressively.

v4.5.0

Compare Source

Add filter for rolldown-vite #​470

Added filter so that it is more performant when running this plugin with rolldown-powered version of Vite.

Skip HMR for JSX files with hooks #​480

This removes the HMR warning for hooks with JSX.

vitest-dev/vitest (@​vitest/coverage-v8)

v3.2.4

Compare Source

   🐞 Bug Fixes

• Use correct path for optimisation of strip-literal  -  by @​mrginglymus in https://github.com/vitest-dev/vitest/issues/8139 (44940)
• Print uint and buffer as a simple string  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8141 (b86bf)
• browser:
  • Show a helpful error when spying on an export  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8178 (56007)
• cli:
  • vitest run --watch should be watch-mode  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8128 (657e8)
  • Use absolute path environment on Windows  -  by @​colinaaa in https://github.com/vitest-dev/vitest/issues/8105 (85dc0)
  • Throw error when --shard x/<count> exceeds count of test files  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8112 (8a18c)
• coverage:
  • Ignore SCSS in browser mode  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8161 (0c3be)
• deps:
  • Update all non-major dependencies  -  in https://github.com/vitest-dev/vitest/issues/8123 (93f32)
• expect:
  • Handle async errors in expect.soft  -  by @​lzl0304 in https://github.com/vitest-dev/vitest/issues/8145 (68699)
• pool:
  • Auto-adjust minWorkers when only maxWorkers specified  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8110 (14dc0)
• reporter:
  • task.meta should be available in custom reporter's errors  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8115 (27df6)
• runner:
  • Preserve handler wrapping on extend  -  by @​pengooseDev in https://github.com/vitest-dev/vitest/issues/8153 (a9281)
• ui:
  • Ensure ui config option works correctly  -  by @​lzl0304 in https://github.com/vitest-dev/vitest/issues/8147 (42eeb)

    View changes on GitHub

v3.2.3

Compare Source

   🚀 Features

• browser: Use base url instead of vitest  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8126 (1d8eb)
• ui: Show test annotations and metadata in the test report tab  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8093 (c69be)

   🐞 Bug Fixes

• Rerun tests when project's setup file is changed  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8097 (0f335)
• Revert expect.any return type  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8129 (47514)
• Run only the name plugin last, not all config plugins  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8130 (83862)
• pool:
  • Throw if user's tests use process.send()  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8125 (dfe81)
• runner:
  • Fast sequential task updates missing  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8121 (7bd11)
  • Comments between fixture destructures  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8127 (dc469)
• vite-node:
  • Unable to handle errors where sourcemap mapping empty  -  by @​blake-newman and @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/8071 (8aa25)

    View changes on GitHub

v3.2.2

Compare Source

   🚀 Features

• Support rolldown-vite  -  by @​sheremet-va and @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/7509 (c8d62)

   🐞 Bug Fixes

• browser:
  • Calculate prepare time from createTesters call on the main thread  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8101 (142c7)
  • Optimize build output and always prebundle vitest  -  by @​sheremet-va (00a39)
  • Make custom locators available in vitest-browser-* packages  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8103 (247ef)
• expect:
  • Ensure we can always self toEqual  -  by @​dubzzz in https://github.com/vitest-dev/vitest/issues/8094 (02ec8)
• reporter:
  • Allow dot reporter to work in non interactive terminals  -  by @​bstephen1 and @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7994 (6db9f)

    View changes on GitHub

v3.2.1

Compare Source

   🐞 Bug Fixes

• Use sha1 instead of md5 for hashing  -  by @​sheremet-va (e4c73)
• expect:
  • Fix chai import in dts  -  by @​hi-ogawa in https://github.com/vitest-dev/vitest/issues/8077 (a7593)
  • Export DeeplyAllowMatchers  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8078 (30ab4)

    View changes on GitHub

v3.2.0

Compare Source

   🚀 Features

• Provide ctx.signal  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7878 (e761f)
• Support custom colors for test.name  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7809 (4af5d)
• Add vi.mockObject to automock any object  -  by @​hi-ogawa and @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7761 (465bd)
• Introduce watchTriggerPatterns option  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7778 (a0675)
• Deprecate workspace in favor of projects  -  by @​sheremet-va and @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7923 (41beb)
• Explicit Resource Management support in mocked functions  -  by @​EskiMojo14 in https://github.com/vitest-dev/vitest/issues/7927 (b67d3)
• Add sequence.groupOrder option  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7852 (d1a1d)
• Initial support for Temporal equality  -  by @​dirkluijk in https://github.com/vitest-dev/vitest/issues/8007 (52bd7)
• Support Vite 7  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8003 (1716b)
• Track module execution totalTime and selfTime  -  by @​abrenneke in https://github.com/vitest-dev/vitest/issues/8027 (95961)
• Annotation API  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7953 (b03f2)
• browser:
  • Implement connect option for playwright browser provider  -  by @​egfx-notifications and @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7915 (029c0)
  • Add screenshot.save option  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7777 (d9f51)
  • Custom locators API  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7993 (e6fbd)
• coverage:
  • V8 experimental AST-aware remapping  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7736 (78a3d)
• reporter:
  • Add onWritePath option to github-actions  -  by @​nwalters512 and @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8015 (abd3b)
• vitest:
  • Allow per-file and per-worker fixtures  -  by @​sheremet-va and @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/7704 (9cbfc)

   🐞 Bug Fixes

• Replace micromatch with picomatch  -  by @​sapphi-red in https://github.com/vitest-dev/vitest/issues/7951 (df076)
• Try to catch unhandled error outside of a test  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7968 (46421)
• Generate a separate config for "vitest init browser" instead of a workspace file  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7934 (e84e2)
• Switch ExpectStatic any types to AsymmetricMatcher<unknown>, with DeeplyAllowMatchers<T>  -  by @​JoshuaKGoldberg in https://github.com/vitest-dev/vitest/issues/7016 (8ec44)
• Remove unused exports  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7618 (33d05)
• Throw an error if typechecker failed to spawn  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7990 (0e960)
• Ignore non-string stack properties  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7995 (330f9)
• Apply browser CLI options only if the project has the browser set in the config already  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7984 (70358)
• Ensure errors keep their message and stack after toJSON serialisation  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8053 (3bdf0)
• browser:
  • Resolve FS commands relative to the project root  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/7896 (69ac9)
  • Run tests serially if provider doesn't provide a mocker  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8032 (227a9)
  • Resolve upload files relative to the project root  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8042 (b9a31)
  • Await mocker invalidation to avoid race condition with "mock wasn't registered"  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8021 (b34ff)
  • Share vite cache with the project cache  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8049 (0cbad)
  • Add this type to locators.extend  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/8069 (70fb0)
• cache:
  • Preserve test results from previous runs  -  by @​macko911 in https://github.com/vitest-dev/vitest/issues/8043 (d6ef0)
• cli:
  • Add built-in reporters list to --help output  -  by @​pengooseDev in https://github.com/vitest-dev/vitest/issues/7955 (ef6ef)
  • Parse --silent values properly  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/8055 (8fad7)
• coverage:
  • Istanbul provider to not use Vite preserved query params  -  by [@​AriPerkkio](https://redirect.github.com/AriPe

---

Configuration

📅 Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
sdk-docs	Error			Oct 1, 2025 4:02am
sdk-kitchensink-react	Error			Oct 1, 2025 4:02am

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		[email protected] has Install scripts. Install script: postinstall Source: napi-postinstall oxc-resolver 11.8.4 check From: pnpm-lock.yaml → npm/[email protected] → npm/[email protected] ℹ Read more on: This package | This alert | What is an install script? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected]. Suggestion: Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report