chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@apollo/server (source)	^4.11.0 -> ^4.11.2					devDependencies	patch
@graphql-codegen/plugin-helpers (source)	^5.0.4 -> ^5.1.0					dependencies	minor
@graphql-codegen/typescript (source)	^4.0.9 -> ^4.1.1					dependencies	minor
@graphql-codegen/typescript-resolvers (source)	^4.2.1 -> ^4.4.0					dependencies	minor
@graphql-tools/graphql-file-loader (source)	^8.0.1 -> ^8.0.3					dependencies	patch
@graphql-tools/load (source)	^8.0.2 -> ^8.0.4					dependencies	patch
@nuxt/devtools (source)	^1.3.9 -> ^1.6.0					devDependencies	minor
@nuxt/kit (source)	^3.12.4 -> ^3.14.159					dependencies	minor
@nuxt/module-builder	^0.8.1 -> ^0.8.4					devDependencies	patch
@nuxt/schema (source)	^3.12.4 -> ^3.14.159					devDependencies	minor
@nuxt/test-utils	^3.14.0 -> ^3.14.4					devDependencies	patch
@vitest/coverage-v8 (source)	^2.0.5 -> ^2.1.5					devDependencies	minor
eslint (source)	^9.9.0 -> ^9.14.0					devDependencies	minor
eslint-config-unjs	^0.3.2 -> ^0.4.1					devDependencies	minor
eslint-plugin-unused-imports	^4.1.3 -> ^4.1.4					devDependencies	patch
ghcr.io/devcontainers/features/node	1 -> 1.6.1					feature	minor
nuxt (source)	^3.12.4 -> ^3.14.159					dependencies	minor
nuxt (source)	^3.12.4 -> ^3.14.159					devDependencies	minor
pnpm (source)	9.7.0 -> 9.13.1					packageManager	minor
typescript (source)	^5.5.4 -> ^5.6.3					devDependencies	minor
vitest (source)	^2.0.5 -> ^2.1.5					devDependencies	minor
vue-tsc (source)	^2.0.29 -> ^2.1.10					devDependencies	minor

---

Release Notes

apollographql/apollo-server (@​apollo/server)

v4.11.2

Compare Source

(No change; there is a change to the @apollo/server-integration-testsuite used to test integrations, and the two packages always have matching versions.)

v4.11.1

Compare Source

Patch Changes

• #​7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

  @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

  However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

  The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

  However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

dotansimha/graphql-code-generator (@​graphql-codegen/plugin-helpers)

v5.1.0

Compare Source

Minor Changes

• #​9989 55a1e9e Thanks @​eddeee888! - Add generateInternalResolversIfNeeded option

  This option can be used to generate more correct types for internal resolvers. For example, only generate __resolveReference if the federation object has a resolvable @key.

  In the future, this option can be extended to support other internal resolvers e.g. __isTypeOf is only generated for implementing types and union members.

dotansimha/graphql-code-generator (@​graphql-codegen/typescript)

v4.1.1

Compare Source

Patch Changes

• Updated dependencies [55a1e9e, a235051]:
  • @​graphql-codegen/visitor-plugin-common@​5.5.0
  • @​graphql-codegen/plugin-helpers@​5.1.0

v4.1.0

Compare Source

Minor Changes

• #​10077 3f4f546 Thanks @​eddeee888! - Extend config.avoidOptions to support query, mutation and subscription

  Previously, config.avoidOptions.resolvers was being used to make query, mutation and subscription fields non-optional.
  Now, config.avoidOptions.query, config.avoidOptions.mutation and config.avoidOptions.subscription can be used to target the respective types.

Patch Changes

• Updated dependencies [3f4f546]:
  • @​graphql-codegen/visitor-plugin-common@​5.4.0

dotansimha/graphql-code-generator (@​graphql-codegen/typescript-resolvers)

v4.4.0

Compare Source

Minor Changes

• #​9989 55a1e9e Thanks @​eddeee888! - Add generateInternalResolversIfNeeded option

  This option can be used to generate more correct types for internal resolvers. For example, only generate __resolveReference if the federation object has a resolvable @key.

  In the future, this option can be extended to support other internal resolvers e.g. __isTypeOf is only generated for implementing types and union members.

• #​10141 a235051 Thanks @​eddeee888! - Add avoidCheckingAbstractTypesRecursively to avoid checking and generating abstract types recursively

  For users that already sets recursive default mappers e.g. Partial<{T}> or DeepPartial<{T}>, having both options on will cause a nested loop which eventually crashes Codegen. In such case, setting avoidCheckingAbstractTypesRecursively: true allows users to continue to use recursive default mappers as before.

Patch Changes

• Updated dependencies [55a1e9e, a235051]:
  • @​graphql-codegen/visitor-plugin-common@​5.5.0
  • @​graphql-codegen/plugin-helpers@​5.1.0
  • @​graphql-codegen/typescript@​4.1.1

v4.3.0

Compare Source

Minor Changes

• #​10077 3f4f546 Thanks @​eddeee888! - Extend config.avoidOptions to support query, mutation and subscription

  Previously, config.avoidOptions.resolvers was being used to make query, mutation and subscription fields non-optional.
  Now, config.avoidOptions.query, config.avoidOptions.mutation and config.avoidOptions.subscription can be used to target the respective types.

Patch Changes

• Updated dependencies [3f4f546]:
  • @​graphql-codegen/visitor-plugin-common@​5.4.0
  • @​graphql-codegen/typescript@​4.1.0

ardatan/graphql-tools (@​graphql-tools/graphql-file-loader)

v8.0.3

Compare Source

Patch Changes

• Updated dependencies
  [dc5043b]:
  • @​graphql-tools/utils@​10.5.6
  • @​graphql-tools/import@​7.0.3

v8.0.2

Compare Source

Patch Changes

• Updated dependencies
  [cf2ce5e]:
  • @​graphql-tools/utils@​10.5.5
  • @​graphql-tools/import@​7.0.2

ardatan/graphql-tools (@​graphql-tools/load)

v8.0.4

Compare Source

Patch Changes

• Updated dependencies
  [dc5043b]:
  • @​graphql-tools/utils@​10.5.6
  • @​graphql-tools/schema@​10.0.8

v8.0.3

Compare Source

Patch Changes

• Updated dependencies
  [cf2ce5e]:
  • @​graphql-tools/utils@​10.5.5
  • @​graphql-tools/schema@​10.0.7

nuxt/devtools (@​nuxt/devtools)

v1.6.0

Compare Source

Bug Fixes

• devtools: remove cjs entrypoint (#​746) (9e4a22e)

1.5.2 (2024-10-02)

Bug Fixes

• try downgrade vite-plugin-vue-inspector (572a0d6)

1.5.1 (2024-09-23)

Bug Fixes

• welcome page condition (#​736) (d23ce09)

v1.5.2

Compare Source

Bug Fixes

• try downgrade vite-plugin-vue-inspector (572a0d6)

v1.5.1

Compare Source

Bug Fixes

• welcome page condition (#​736) (d23ce09)

v1.5.0

Compare Source

Bug Fixes

• avoid using top-level await, fix #​723 (29b0e39)
• disable quicktype schema generation temporary (c1554a3)
• handle null in deepSync (#​729) (8c0efdb)

1.4.2 (2024-09-10)

Bug Fixes

• use explicit imports of types (#​715) (4c54247)

1.4.1 (2024-08-26)

Bug Fixes

• devtools-kit re-export (d16cafc)
• state-editor: update deepSync function (#​713) (a7b9efb)

v1.4.2

Compare Source

Bug Fixes

• use explicit imports of types (#​715) (4c54247)

v1.4.1

Compare Source

Bug Fixes

• devtools-kit re-export (d16cafc)
• state-editor: update deepSync function (#​713) (a7b9efb)

v1.4.0

Compare Source

Features

• kit: introduce host-client utility (167373c)

1.3.14 (2024-08-20)

1.3.13 (2024-08-20)

1.3.12 (2024-08-20)

1.3.11 (2024-08-20)

1.3.10 (2024-08-20)

Bug Fixes

• color mode (19ac073)

Features

• add search functionality to components graph (#​696) (1a0f81a)

1.3.9 (2024-07-02)

Bug Fixes

• capture for circular reference in state editor (841fd76)
• introduce client.revision to trigger state editor update (418a22e)
• modules: update compatibility check for Nuxt 3 and 4 (#​689) (2354da7)
• use ofetch for fast-npm-meta (4188f8d)

1.3.8 (2024-07-02)

Performance Improvements

• avoid deps on npm-registry-fetch, save install size (3d74691)

1.3.7 (2024-06-27)

Bug Fixes

• OpenGraph layout (#​685) (760f149)
• scrollable sidebar (#​682) (df459f9)
• server-routes: unable to clear all params (#​684) (d88b003)

Features

• use nuxt search api for showing docs (#​681) (52b6468)

Performance Improvements

• use npm-registry-fetch instead of pacote to deduce the package size (a049c52)

1.3.6 (2024-06-21)

Features

• migrate vue-devtools to v7.3 (#​675) (79e6d35)

1.3.5 (2024-06-21)

Bug Fixes

• downgrade module-builder (de79dc4)

1.3.4 (2024-06-21)

Bug Fixes

• color mode (#​679) (d276b31)
• navigate to pages with param (#​678) (316bcd9)

1.3.3 (2024-06-04)

Bug Fixes

• pin @vue/devtools-* (4c79fac)
• sort items in fuse (#​670) (8d052be)

1.3.2 (2024-05-27)

Bug Fixes

• floating-vue style (7b7dc32)
• sidebar scroll (946f930)
• timeline: reduce warning (#​661) (33fe685)

1.3.1 (2024-05-10)

Bug Fixes

• module builder chunk path patch (87199a1)

v1.3.14

Compare Source

nuxt/nuxt (@​nuxt/kit)

v3.14.159

Compare Source

3.14.159 is a hotfix release to address regressions in v3.14.

We're leaning into the π theme - future patch releases of this minor version will just continue adding digits. (Sorry for any inconvenience! 😆)

👉 Changelog

compare changes

🩹 Fixes

• nuxt: Update nitropack preset directory (#​29780)
• kit: Fall back to meta version if there's no module.json (#​29793)
• kit: Use mlly to resolve module paths to avoid cjs fallback (#​29799)
• webpack,rspack: Add adapter for webpack-dev-middleware (#​29806)
• nuxt: Remove null-byte prefix for virtual files (#​29809)
• kit: Convert module path to file url before reading meta (fb833ac64)

📖 Documentation

• Capitalize titles (#​29768)
• Fix rou3 link in nitro.js (#​29775)
• Fix tip formatting (#​29792)
• Add link to h3 blogpost (#​29794)
• Remove outdated cloudflare tip (auto minify deprecated) (#​29812)

🏡 Chore

• nuxt: Remove redundant type (#​29810)

❤️ Contributors

• Daniel Roe (@​danielroe)
• xjccc (@​xjccc)
• Efraim (@​EfraimGENC)
• Aurion SARL (@​Aurion72)
• Erik Lilja (@​Lilja)
• Markus Oberlehner (@​maoberlehner)
• Lukas Bauer (@​luxterful)
• @​beer (@​iiio2)

v3.14.0

Compare Source

3.14.0 is the next minor release.

👀 Highlights

Behind the scenes, a lot has been going on in preparation for the release of Nuxt v4 (particularly on the unjs side with preparations for Nitro v3!)

⚡️ Faster starts powered by jiti

Loading the nuxt config file, as well as modules and other build-time code, is now powered by jiti v2. You can see more about the release in the jiti v2 release notes, but one of the most important pieces is native node esm import (where possible), which should mean a faster start. ✨

📂 Shared folder for code and types shared with client/server

You should never import Vue app code in your nitro code (or the other way around). But this has meant a friction point when it comes to sharing types or utilities that don't rely on the nitro/vue contexts.

For this, we have a new shared/ folder (#​28682). You can't import Vue or nitro code into files in this folder, but it produces auto-imports you can consume throughout the rest of your app.

If needed you can use the new #shared alias which points to this folder.

The shared folder is alongside your server/ folder. (If you're using compatibilityVersion: 4, this means it's not inside your app/ folder.)

🦀 rspack builder

We're excited to announce a new first-class Nuxt builder for rspack. It's still experimental but we've refactored the internal Nuxt virtual file system to use unplugin to make this possible.

Let us know if you like it - and feel free to raise any issues you experience with it.

👉 To try it out, you can use this starter - or just install @nuxt/rspack-builder and set builder: 'rspack' in your nuxt config file.

✨ New composables

We have new useResponseHeader and useRuntimeHook composables (#​27131 and #​29741).

🔧 New module utilities

We now have a new addServerTemplate utility (#​29320) for adding virtual files for access inside nitro runtime routes.

🚧 v4 changes

We've merged some changes which only take effect with compatibilityVersion: 4, but which you can opt-into earlier.

1. previously, if you had a component like ~/components/App/Header.vue this would be visible in your devtools as <Header>. From v4 we ensure this is <AppHeader>, but it's opt-in to avoid breaking any manual <KeepAlive> you might have implemented. (#​28745).

2. Nuxt scans page metadata from your files, before calling pages:extend. But this has led to some confusing behaviour, as pages added at this point do not end up having their page metadata respected. So we now do not scan metadata before calling pages:extend. Instead, we have a new pages:resolved hook, which is called after pages:extend, after all pages have been augmented with their metadata. I'd recommend opting into this by setting experimental.scanPageMeta to after-resolve, as it solves a number of bugs.

🗺️ Roadmap to v3.15

They didn't quite make it in time for v3.14 but for the next minor release you can expect (among other things):

• auto-imported directives from modules (#​29203)
• 'isolated' page renders (#​29366)
• delayed hydration (#​26468)

✅ Upgrading

As usual, our recommendation for upgrading is to run:

npx nuxi@latest upgrade --force

This will refresh your lockfile as well, and ensures that you pull in updates from other dependencies that Nuxt relies on, particularly in the unjs ecosystem.

👉 Changelog

compare changes

🚀 Enhancements

• deps: Upgrade to latest version of jiti (#​27995)
• kit,nuxt,vite,webpack: Reimplement cjs utils using jiti (#​29073)
• nuxt: Normalise component names to match nuxt pattern (#​28745)
• kit,schema: Add addServerTemplate utility (#​29320)
• nuxt: Add useResponseHeader composable (#​27131)
• rspack,webpack: Add rspack builder (#​29142)
• nuxt,schema: pages:resolved hook + scan meta post extend (#​28861)
• nuxt: Allow enabling route props in definePageMeta (#​29586)
• schema,nuxt: Add shared/ folder and #shared alias (#​28682)
• nuxt: Allow chunk error or manifest update -> reload (#​28160)
• nuxt: Add useRuntimeHook composable (#​29741)

🔥 Performance

• nuxt: Remove unneeded second call to useNuxtApp (#​29514)
• vite: Avoid redundant postcss plugins overwrite (#​29619)
• kit,nuxt,vite,webpack: Hoist regex patterns (#​29620)

🩹 Fixes

• nuxt: Simplify plugin InjectionType template conditional (#​29023)
• nuxt: Access server build from webpack memfs (#​29027)
• nuxt: Do not resolve non-absolute component paths (#​29036)
• nuxt: Defer unsetting error handler until suspense resolves (#​29037)
• nuxt: Pass DOMException as fetch abort exception (#​29058)
• vite: Don't force protocol if disabled devServer.https (#​29049)
• nuxt: Empty nitro buildDir in dev mode (#​29068)
• nuxt: Don't resolve relative import type paths for deps (#​29069)
• kit: Handle passing 'bare' relative paths to modules (c7fecd8a1)
• kit: Try resolving module path from each node_modules dir (70a622d43)
• kit,vite,webpack: Resolve postcss paths from each modules dir (#​29096)
• kit,vite,webpack: Strip node_modules/ from parent urls (5bd42c893)
• nuxt: Add crossorigin attribute for stylesheets (#​29138)
• nuxt: Use routeRules to hint pages to prerender (#​29172)
• nuxt: Pass absolute external link urls to link:prefetch (#​29321)
• nuxt: Error on build when required module is missing (#​29287)
• nuxt: Prevent 404 when hitting component test endpoint (cb725f014)
• nuxt: Avoid throwing 404 error before middleware finishes (#​29054)
• schema: Use ConfigLayer type from c12 (#​29370)
• nuxt: Fix nested page types in typedPages (#​29352)
• nuxt: Allow islands to manipulate head client-side (#​29186)
• vite: Dim repeat count in logs (#​29392)
• schema: Mark configFile as required in layer type (3bbcd7d21)
• nuxt: Remove vue compiler hints from auto import (#​29713)
• vite: Update signature for createIsExternal (686be8168)
• nuxt: Respect existing props value in definePageMeta (#​29683)
• schema: Hoist nitropack/types to ensure api routes are typed (54096875e)

💅 Refactors

• nuxt: Use addBuildPlugin internally (#​29157)
• nuxt,schema,vite,webpack: Use unplugin for vfs (#​29165)

📖 Documentation

• Use defineNuxtComponent instead of defineComponent (#​29011)
• Remove duotone icons for clarity (#​29040)
• Fix typo (#​29045)
• Remove specific Nuxt 4 release date (#​29151)
• Remove redundant newlines and indentations (#​29190)
• Add links to short videos from daniel (#​29185)
• Fix comments typo in auto-imports example (#​29195)
• Add missing word (#​29230)
• Add a section about useRequestFetch and event.$fetch (#​29099)
• Add example of typing custom useFetch errors (#​29253)
• Ensure manifest code snippet works with pnpm (#​29273)
• Consistent directory structure (#​29292)
• Update to new ofetch headers for interceptors (#​29118)
• Mention upgrading third-party configs (#​27768)
• Improve explanation of ssr + data fetching (#​29010)
• Add a description for .env.test (#​29398)
• Add section on 'updateAppConfig' in the 'app.config' page (#​29397)
• Add example to navigateTo util (#​29611)
• Remove mockImplementation() call (#​29669)
• Update lifecycle hooks (#​29678)
• Type cast api plugin in custom usefetch example (#​29756)
• Correct some errors about proxying headers with $fetch (#​29755)
• Add information on --envName flag (#​28909)
• Add error expectation (09885b87e)

📦 Build

• ui-templates: Switch to beasties (1b5391182)

🏡 Chore

• Add more checks around indexed access (#​29060)
• Refresh lockfile (f76f85a82)
• Revert unbuild update (71e0fb06f)
• Use jiti.import (7ece49f9b)
• Update nitropack to 2.10.2 (#​29766)

✅ Tests

• Bump bundle snapshot (e57e65c08)
• Add basic assertions for unctx transform (d81196122)
• Fix assertion for style snapshot (7f311e773)
• Move catchall path to subdirectory (#​29331)
• Update snapshot for https://github.com/nuxt/nuxt/pull/28441 (a248f24f5)
• Add compat code for vite v6 ([#​2

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

Scope: all 2 projects
playground                               | Progress: resolved 1, reused 0, downloaded 0, added 0
Progress: resolved 1, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 8, reused 0, downloaded 0, added 0
Progress: resolved 22, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 84, reused 0, downloaded 0, added 0
Progress: resolved 25, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 174, reused 0, downloaded 0, added 0
Progress: resolved 26, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 230, reused 0, downloaded 0, added 0
Progress: resolved 27, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 322, reused 0, downloaded 0, added 0
Progress: resolved 30, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 349, reused 0, downloaded 0, added 0
Progress: resolved 412, reused 0, downloaded 0, added 0
Progress: resolved 574, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 350, reused 0, downloaded 0, added 0
Progress: resolved 872, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 380, reused 0, downloaded 0, added 0
Progress: resolved 941, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 435, reused 0, downloaded 0, added 0
Progress: resolved 964, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 570, reused 0, downloaded 0, added 0
Progress: resolved 1191, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 620, reused 0, downloaded 0, added 0
 WARN  17 deprecated subdependencies found: @babel/plugin-proposal-class-properties@7.18.6, @babel/plugin-proposal-object-rest-spread@7.19.4, are-we-there-yet@2.0.0, are-we-there-yet@2.0.0, gauge@3.0.2, gauge@3.0.2, glob@7.2.3, glob@7.2.3, glob@8.0.3, inflight@1.0.6, inflight@1.0.6, npmlog@5.0.1, npmlog@5.0.1, q@1.5.1, rimraf@3.0.2, rimraf@3.0.2, stringify-package@1.0.1
Progress: resolved 1350, reused 0, downloaded 0, added 0
playground                               | Progress: resolved 793, reused 0, downloaded 0, added 0
undefined
 ERR_PNPM_PATCH_NOT_APPLIED  The following patches were not applied: tslib@2.5.0

Either remove them from "patchedDependencies" or update them to match packages in your dependencies.