Skip to content

Update all non-major dependencies#501

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch
Open

Update all non-major dependencies#501
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all-minor-patch

Conversation

@renovate

@renovate renovate Bot commented Jun 4, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence Type Update
@crowdin/cli (source) ^4.14.2^4.14.3 age confidence dependencies patch
@types/react (source) ^19.2.16^19.2.17 age confidence devDependencies patch
node (source) 24.16.024.17.0 age confidence minor
pnpm (source) 10.34.110.34.3 age confidence packageManager patch
prettier (source) ^3.8.3^3.8.4 age confidence devDependencies patch
react-tooltip ^6.0.6^6.0.8 age confidence dependencies patch
semver ^7.8.2^7.8.4 age confidence dependencies patch
sharp (source, changelog) ^0.34.5^0.35.1 age confidence dependencies minor
vitest (source) ^4.1.8^4.1.9 age confidence devDependencies patch

Release Notes

crowdin/crowdin-cli (@​crowdin/cli)

v4.14.3

Compare Source

Bug Fixes
  • allow trailing slash in the base_url (#​1023) (a97d275)
  • escape square brackets in Utils.regexPath (--delete-obsolete deleting valid files) (#​1029) (8013009)
  • prevent premature timeout when uploading large translation files (#​1026) (f7534dc)
  • update error handling for import translations (#​1027) (688f8ef)
nodejs/node (node)

v24.17.0: 2026-06-18, Version 24.17.0 'Krypton' (LTS), @​aduh95

This is a security release.

Notable Changes
  • (CVE-2026-48618) tls: normalize hostname for server identity checks (Matteo Collina) – High
  • (CVE-2026-48933) crypto: guard WebCrypto cipher output length (Filip Skokan) – High
  • (CVE-2026-48615) lib,test: redact proxy credentials in tunnel errors (Matteo Collina) – Medium
  • (CVE-2026-48619) http2: cap originSet size to prevent unbounded memory growth (Matteo Collina) – Medium
  • (CVE-2026-48928) tls: fix case-sensitive SNI context matching (Matteo Collina) – Medium
  • (CVE-2026-48930) dns,net: reject hostnames with embedded NUL bytes (Matteo Collina) – Medium
  • (CVE-2026-48934) tls: bind reusable sessions to authenticated host (Matteo Collina) – Medium
  • (CVE-2026-48937) deps: fix integration issues with the latest nghttp2 – Medium
  • (CVE-2026-48617) permission: handle process.chdir on writereport (RafaelGSS) – Low
  • (CVE-2026-48931) http: fix response queue poisoning in http.Agent (Matteo Collina) – Low
  • (CVE-2026-48935) permission: disable FileHandle utimes with permission model (RafaelGSS) – Low
Commits
pnpm/pnpm (pnpm)

v10.34.3

Compare Source

v10.34.2

Compare Source

prettier/prettier (prettier)

v3.8.4

Compare Source

ReactTooltip/react-tooltip (react-tooltip)

v6.0.8

Compare Source

If you like ReactTooltip, please give the project a star on GitHub 🌟

What's Changed

Full Changelog: ReactTooltip/react-tooltip@v6.0.7...v6.0.8

v6.0.7

Compare Source

If you like ReactTooltip, please give the project a star on GitHub 🌟

What's Changed

Full Changelog: ReactTooltip/react-tooltip@v6.0.6...v6.0.7

npm/node-semver (semver)

v7.8.4

Compare Source

Bug Fixes

v7.8.3

Compare Source

Bug Fixes
Chores
lovell/sharp (sharp)

v0.35.1

Compare Source

  • TypeScript: Ensure type definitions are published for both ESM and CJS.
    #​4537

  • WebAssembly: Ensure wrapper file is published.
    #​4538

v0.35.0

Compare Source

  • Breaking: Drop support for Node.js 18, now requires Node.js >= 20.9.0.

  • Breaking: Remove install script from package.json file.
    Compiling from source is now opt-in via the build script.

  • Breaking: Lossy AVIF output is now tuned using SSIMULACRA2-based iq quality metrics.

  • Breaking: Add limitInputChannels with a default value of 5.

  • Breaking: Remove deprecated failOnError constructor property.

  • Breaking: Remove deprecated paletteBitDepth from metadata response.

  • Breaking: Remove deprecated properties from sharpen operation.

  • Breaking: Rename format.jp2k as format.jp2 for API consistency.

  • Upgrade to libvips v8.18.3 for upstream bug fixes.

  • Remove experimental status from WebAssembly binaries.

  • Add prebuilt binaries for FreeBSD (WebAssembly).

  • Deprecate Windows 32-bit (win32-ia32) prebuilt binaries.

  • Ensure TIFF output bitdepth option is limited to 1, 2 or 4.

  • Add AVIF/HEIF tune option for control over quality metrics.
    #​4227

  • Add keepGainMap and withGainMap to process HDR JPEG images with embedded gain maps.
    #​4314

  • Add toUint8Array for output image as a TypedArray backed by a transferable ArrayBuffer.
    #​4355

  • Require prebuilt binaries using static paths to aid code bundling.
    #​4380

  • TypeScript: Ensure FormatEnum keys match reality.
    #​4475

  • Add margin option to trim operation.
    #​4480
    @​eddienubes

  • Ensure HEIF primary item is used as default page/frame.
    #​4487

  • Add image Media Type (MIME Type) to metadata response.
    #​4492

  • Add withDensity to set output density in EXIF metadata.
    #​4496

  • Improve pkg-config path discovery.
    #​4504

  • Add WebP exact option for control over transparent pixel colour values.

  • Add support for ECMAScript Modules (ESM).
    #​4509
    @​florian-lefebvre

vitest-dev/vitest (vitest)

v4.1.9

Compare Source

🐞 Bug Fixes
  • Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in #​10546 (a5180)
  • browser:
    • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in #​10555 (7fb29)
    • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in #​10497 and #​10556 (fbc62)
  • mocker:
    • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in #​10548 (2c955)
  • pool:
    • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in #​10543 and #​10564 (934b0)
View changes on GitHub

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jun 4, 2026
edited
Loading

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs		 unraid-docs 040939e Jun 18 2026, 04:49 AM

@renovate renovate Bot changed the title Update all non-major dependencies to ^6.0.7 Update all non-major dependencies Jun 5, 2026
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from 127272c to 8cac47c Compare June 12, 2026 01:59
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 3fd3ce5 to 6c91777 Compare June 16, 2026 00:07
@renovate renovate Bot force-pushed the renovate/all-minor-patch branch from 6c91777 to 040939e Compare June 18, 2026 04:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants