chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@antfu/eslint-config	^6.1.0 → ^6.7.3			pnpm.catalog.dev	minor
@commitlint/cli (source)	^20.1.0 → ^20.5.3			pnpm.catalog.dev	minor
@commitlint/config-conventional (source)	^20.0.0 → ^20.5.3			pnpm.catalog.dev	minor
@iconify-json/fluent	^1.2.34 → ^1.2.47			pnpm.catalog.dev	patch
@iconify-json/lucide	^1.2.71 → ^1.2.106			pnpm.catalog.dev	patch
@iconify-json/simple-icons	^1.2.56 → ^1.2.81			pnpm.catalog.dev	patch
@internationalized/date (source)	^3.10.0 → ^3.12.1			pnpm.catalog.integrations	minor
@nuxt/devtools (source)	^3.1.1 → ^3.2.4			pnpm.catalog.dev	minor
@nuxt/ui (source)	^4.2.1 → ^4.7.1			pnpm.catalog.integrations	minor
@nuxtjs/i18n (source)	^10.2.1 → ^10.3.0			pnpm.catalog.dev	minor
@openai/agents (source)	^0.2.1 → ^0.11.1			pnpm.catalog.integrations	minor
@paralleldrive/cuid2	2.2.2 → 2.3.1			pnpm.catalog.integrations	minor
@pinia/nuxt (source)	^0.11.2 → ^0.11.3			pnpm.catalog.integrations	patch
@tma.js/sdk-vue (source)	^1.0.8 → ^1.0.19			pnpm.catalog.integrations	patch
@types/node (source)	^24.9.2 → ^24.12.3			pnpm.catalog.types	minor
@types/pg (source)	8.15.5 → 8.20.0			devDependencies	minor
@unovis/ts (source)	^1.6.1 → ^1.6.5			pnpm.catalog.integrations	patch
@unovis/vue (source)	^1.6.1 → ^1.6.5			pnpm.catalog.integrations	patch
@vitest/browser-playwright (source)	^4.0.5 → ^4.1.5			pnpm.catalog.test	minor
@vitest/coverage-v8 (source)	^4.0.5 → ^4.1.5			pnpm.catalog.test	minor
arktype (source)	^2.1.22 → ^2.2.0			pnpm.catalog.integrations	minor
bumpp	^10.3.1 → ^10.4.1			pnpm.catalog.dev	minor
dotenv	^17.2.3 → ^17.4.2			pnpm.catalog.dev	minor
drizzle-cuid2	2.1.0 → 2.2.0			dependencies	minor
drizzle-kit (source)	0.31.5 → 0.31.10			devDependencies	patch
eslint (source)	^9.39.2 → ^9.39.4			pnpm.catalog.dev	patch
grammy (source)	^1.38.3 → ^1.42.0			pnpm.catalog.integrations	minor
ioredis	^5.8.2 → ^5.10.1			pnpm.catalog.integrations	minor
libphonenumber-js	^1.12.25 → ^1.13.0			pnpm.catalog.integrations	minor
lint-staged	^16.2.7 → ^16.4.0			pnpm.catalog.dev	minor
node (source)	>=24.11.0 → >=24.15.0			engines	minor
node	24.11.0-alpine → 24.15.0-alpine			final	minor
node	24.11.0-slim → 24.15.0-slim			final	minor
nuxt (source)	^4.2.2 → ^4.4.4			pnpm.catalog.dev	minor
nuxt-auth-utils	^0.5.26 → ^0.5.29			pnpm.catalog.dev	patch
openai	^6.7.0 → ^6.37.0			pnpm.catalog.integrations	minor
pg (source)	8.16.3 → 8.20.0			dependencies	minor
pinia (source)	^3.0.3 → ^3.0.4			pnpm.catalog.integrations	patch
playwright (source)	^1.56.1 → ^1.59.1			pnpm.catalog.test	minor
pnpm (source)	10.20.0 → 10.33.4			packageManager	minor
pnpm (source)	>=10.20.0 → >=10.33.4			engines	minor
ru-nalog-fias-gar	1.0.4 → 1.0.5			dependencies	patch
sharp (source, changelog)	^0.34.4 → ^0.34.5			pnpm.catalog.integrations	patch
sortablejs	^1.15.6 → ^1.15.7			pnpm.catalog.integrations	patch
uqr	0.1.2 → 0.1.3			dependencies	patch
vitest (source)	^4.0.5 → ^4.1.5			pnpm.catalog.test	minor
vitest-browser-vue	^2.0.1 → ^2.1.0			pnpm.catalog.test	minor
vue-tsc (source)	^3.1.8 → ^3.2.8			pnpm.catalog.dev	minor

---

Release Notes

antfu/eslint-config (@​antfu/eslint-config)

v6.7.3

Compare Source

   🐞 Bug Fixes

• pnpm: Remove catalogMode in the enforced settings  -  by @​antfu (4fc09)

    View changes on GitHub

v6.7.2

Compare Source

   🐞 Bug Fixes

• Update react rules to match eslint-react v2  -  by @​Rel1cx in #​795 (6b425)
• pnpm: Add ignore for @​types/vscode in json-enforce-catalog  -  by @​jinghaihan in #​794 (95685)

    View changes on GitHub

v6.7.1

Compare Source

   🐞 Bug Fixes

• pnpm: Do not set catalogMode when catalogs is not enabled  -  by @​antfu (0471e)

    View changes on GitHub

v6.7.0

Compare Source

   🚀 Features

• Add more options to toggle configs  -  by @​antfu (203b8)

   🐞 Bug Fixes

• pnpm: Respect yaml and jsonc config in the factory, close #​791  -  by @​antfu in #​791 (3e0c5)

    View changes on GitHub

v6.6.1

Compare Source

   🐞 Bug Fixes

• pnpm: Detection  -  by @​antfu (e649f)

    View changes on GitHub

v6.6.0

Compare Source

   🐞 Bug Fixes

• pnpm: Enforce catalog usage based on smart detection  -  by @​antfu (654c0)

    View changes on GitHub

v6.5.1

Compare Source

   🐞 Bug Fixes

• Adopt to tsdown extension change, close #​786, close #​787  -  by @​antfu in #​786 and #​787 (c16d3)

    View changes on GitHub

v6.5.0

Compare Source

   🚀 Features

• react: React compiler preset  -  by @​hyoban in #​784 (663e0)

   🐞 Bug Fixes

• Spelling of required-scrpts  -  by @​christopher-buss in #​785 (26185)
• pnpm: Remove cleanupUnusedCatalogs setting  -  by @​antfu (f712a)

    View changes on GitHub

v6.4.2

Compare Source

   🐞 Bug Fixes

• pnpm: Move pnpm-workspace.yaml sorting config from yaml to pnpm  -  by @​antfu (fc2b1)

    View changes on GitHub

v6.4.1

Compare Source

No significant changes

    View changes on GitHub

v6.3.0

Compare Source

   🚀 Features

• Update deps  -  by @​antfu (2d2b6)

   🐞 Bug Fixes

• Ts error from cb29b1a  -  by @​daflyinbed in #​782 (b4e49)

    View changes on GitHub

v6.2.0

Compare Source

   🚀 Features

• Accepting functions for ignores, close #​776  -  by @​antfu in #​776 (63b13)

    View changes on GitHub

conventional-changelog/commitlint (@​commitlint/cli)

v20.5.3

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.5.2

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.5.0

Compare Source

Bug Fixes

• cli: validate that --cwd directory exists before execution (#​4658) (cf80f75), closes #​4595

20.4.4 (2026-03-12)

Note: Version bump only for package @​commitlint/cli

20.4.3 (2026-03-03)

Bug Fixes

• footer parser does not escape special chars for regex #​4560 (#​4634) (8ff7c7f)

20.4.2 (2026-02-19)

Note: Version bump only for package @​commitlint/cli

20.4.1 (2026-02-02)

Note: Version bump only for package @​commitlint/cli

v20.4.4

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.4.3

Compare Source

Bug Fixes

• footer parser does not escape special chars for regex #​4560 (#​4634) (8ff7c7f)

v20.4.2

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.4.1

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.4.0

Compare Source

Features

• upgrade conventional commit packages #​4082 (#​4597) (3aaf0a6)

20.3.1 (2026-01-08)

Note: Version bump only for package @​commitlint/cli

v20.3.1

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.3.0

Compare Source

Note: Version bump only for package @​commitlint/cli

v20.2.0

Compare Source

Note: Version bump only for package @​commitlint/cli

conventional-changelog/commitlint (@​commitlint/config-conventional)

v20.5.3

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v20.5.0

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

20.4.4 (2026-03-12)

Note: Version bump only for package @​commitlint/config-conventional

20.4.3 (2026-03-03)

Bug Fixes

• footer parser does not escape special chars for regex #​4560 (#​4634) (8ff7c7f)

20.4.2 (2026-02-19)

Note: Version bump only for package @​commitlint/config-conventional

20.4.1 (2026-02-02)

Note: Version bump only for package @​commitlint/config-conventional

v20.4.4

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v20.4.3

Compare Source

Bug Fixes

• footer parser does not escape special chars for regex #​4560 (#​4634) (8ff7c7f)

v20.4.2

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v20.4.1

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v20.4.0

Compare Source

Features

• upgrade conventional commit packages #​4082 (#​4597) (3aaf0a6)

20.3.1 (2026-01-08)

Note: Version bump only for package @​commitlint/config-conventional

v20.3.1

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v20.3.0

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v20.2.0

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

adobe/react-spectrum (@​internationalized/date)

v3.12.1

Compare Source

v3.12.0

Compare Source

v3.11.0

Compare Source

v3.10.1

Compare Source

nuxt/devtools (@​nuxt/devtools)

v3.2.4

Compare Source

   🚀 Features

• Use ua-parser-modern  -  by @​antfu (114aa)

   🐞 Bug Fixes

• Nuxt devtools inspector style  -  by @​antfu (91f09)

    View changes on GitHub

v3.2.3

Compare Source

Bug Fixes

• devtools: add zeditor option for Zed on Arch Linux (#​932) (4d481d5)
• unocss config, close #​937 (0edaf99)

v3.2.2

Compare Source

Bug Fixes

• attributes error penetration warning (#​930) (706a760)
• devtools: scope storage watchers to avoid EMFILE (#​934) (902c60c)
• wizard: typos (#​931) (0216c08)

Features

• replace prompts with @clack/prompts (#​935) (1aa3d2d)

v3.2.1

Compare Source

Bug Fixes

• inspect panel position (2f93070)

v3.2.0

Compare Source

Bug Fixes

• devtools: call devtools:initialized hook after all modules run (#​919) (3662836)

Features

• enhance inspect panel, add copy visual info for agents (#​928) (6bb2565)
• upgrade vite-devtools (5c4a0b0)

3.1.1 (2025-11-25)

Bug Fixes

• ui: remove flash when switching to dark (#​909) (75a814f)

Features

• support passing additional permissions to the iframe (#​911) (bc1d11c)

nuxt/ui (@​nuxt/ui)

v4.7.1

Compare Source

Bug Fixes

• ChatMessage: make actions slot accessible on touch devices (f5a3349)
• Drawer: handle RTL mode (#​6396) (2e3fed2)
• Link: prevent double-prefixing with @nuxtjs/i18n auto-localization (#​6404) (dde09d0)
• ProseImg: close zoom overlay on Escape key (e3cdbc5)
• ProsePrompt: improve responsive (0a5b433)

v4.7.0

Compare Source

Features

• AuthForm: add separator slot (#​6305) (81c7ddb)
• Card: add title and description props (3cf7d75), closes #​6001
• CommandPalette: add group-label slot (#​6329) (7fc773c)
• CommandPalette: add searchDelay prop (7d2af05)
• EditorSuggestionMenu: expose suggestion matching options (#​6234) (4427824)
• Link: auto-localize internal links when @nuxtjs/i18n is installed (#​5537) (92cfda0)
• Listbox: new component (#​6307) (00c1651)
• ProsePrompt: new component (#​6362) (2451ac6)
• Table: support sticky header/footer in virtualized mode (#​6217) (15d32ce)
• Textarea: expose autoResize method (#​6120) (9c5c0df)

Bug Fixes

• Accordion/Tabs: use item value as stable key to avoid remounts (#​6380) (3cee610)
• Avatar: remove leading-none from fallback (#​6383) (77ce09a)
• ChatMessage/ChatMessages: preserve generic message type in slot scope (#​6391) (20f66db)
• ChatMessages: prevent layout shift caused by indicator during streaming (#​6297) (b7160e2)
• ChatMessages: use MutationObserver for auto-scroll during streaming (#​6357) (47bf3cb)
• ChatPromptSubmit: ignore disabled prop when status is not ready (600a2ca)
• components: resolve defaultVariants in template logic (#​6361) (75b37d0)
• ContentSearch/DashboardSearch: pick shared props from CommandPalette (cdcf2e5)
• ContentSearch: speed up navigation mapping (0faf2c2)
• ContentToc: use links for scrollspy instead of hardcoded h2/h3 (#​6282) (6aba2ea)
• FieldGroup: prevent context from leaking into portals (#​6313) (5155e27)
• FileUpload: use form field color and highlight instead of raw props (bb5a9ed)
• Header/DashboardSidebar/Sidebar: allow auto focus in menu for proper focus trapping (#​6266) (9b91ee4)
• InputDate/InputTime: increase segments width (#​6339) (4ebdb2f)
• InputTags: add missing field group variant (#​6326) (aae5378)
• Link: ensure single-root rendering for v-show and $el resolution (#​6310) (2c4ff35)
• Modal/Slideover: drop empty header wrapper when empty (#​6381) (1082960)
• module: use relative tagPriority for inline style tags (#​6299) (ae693d0)
• PricingTable: align header elements vertically (#​6111) (0daacb0)
• PricingTable: handle RTL mode (#​6382) (ab203db)
• ProseCodeCollapse: match background on overscroll (28c89fe)
• ProseImg: respect markdown width attribute (#​6350) (d4e4ea1)
• ProsePre: get code from DOM if code prop is missing (#​6333) (b808ce4)
• Select: support item-aligned position mode (#​6358) (255807a)

v4.6.1

Compare Source

Bug Fixes

• ai: use part.state for streaming detection and deprecate isReasoningStreaming (d2d7543)
• ChatMessage: hide files slot when no file parts exist (9cddc8e)
• ChatMessages: keep indicator visible until first content arrives (195cce8)
• ChatMessages: reset scroll icon when messages are cleared (#​6239) (4ba3eef)
• ChatPrompt: guard enter during composition (#​6280) (a911ca8)
• DashboardSidebar: always pass collapsed: false in mobile menu slots (957a0f5), closes #​6157
• Modal/Slideover/Drawer: suppress reka ui title and description warnings (3451b8d), closes #​6240
• module: inline defaultVariants and prefix in dev template (314e23b)
• module: transpile reka-ui to prevent injection errors (#​6286) (b822c43)

v4.6.0

Compare Source

⚠ BREAKING CHANGES

• module: use moduleDependencies to manipulate options (#​5384)

Features

• add standalone Vue REPL playground ([#​6209](https://redirect.github

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "after 2am and before 3am"
• Automerge
  • "after 1am and before 2am"

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

No dependency changes detected. Learn more about Socket for GitHub.

👍 No dependency changes detected in pull request

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

<--- Last few GCs --->

[1033:0x3453c000]    32114 ms: Scavenge 1484.2 (1489.2) -> 1483.2 (1489.2) MB, pooled: 0 MB, 0.93 / 0.00 ms  (average mu = 0.845, current mu = 0.807) allocation failure; 
[1033:0x3453c000]    33587 ms: Mark-Compact (reduce) 1582.6 (1587.6) -> 1582.2 (1586.8) MB, pooled: 0 MB, 507.79 / 0.00 ms  (+ 257.4 ms in 16 steps since start of marking, biggest step 22.5 ms, walltime since start of marking 1281 ms) (average mu = 0.722,
FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory
----- Native stack trace -----

 1: 0x73f8c4 node::OOMErrorHandler(char const*, v8::OOMDetails const&) [/opt/containerbase/tools/node/24.15.0/bin/node]
 2: 0xc06f90  [/opt/containerbase/tools/node/24.15.0/bin/node]
 3: 0xc0707f  [/opt/containerbase/tools/node/24.15.0/bin/node]
 4: 0xeaa885  [/opt/containerbase/tools/node/24.15.0/bin/node]
 5: 0xebc1ec  [/opt/containerbase/tools/node/24.15.0/bin/node]
 6: 0xebcbfc  [/opt/containerbase/tools/node/24.15.0/bin/node]
 7: 0xbdaed9 node::crypto::TLSWrap::TLSWrap(node::Environment*, v8::Local<v8::Object>, node::crypto::TLSWrap::Kind, node::StreamBase*, node::crypto::SecureContext*, node::crypto::TLSWrap::UnderlyingStreamWriteStatus) [/opt/containerbase/tools/node/24.15.0/bin/node]
 8: 0xbde894 node::crypto::TLSWrap::Wrap(v8::FunctionCallbackInfo<v8::Value> const&) [/opt/containerbase/tools/node/24.15.0/bin/node]
 9: 0x19c108d  [/opt/containerbase/tools/node/24.15.0/bin/node]
/usr/local/bin/node: line 18:  1033 Aborted                 /opt/containerbase/tools/node/24.15.0/bin/node "$@"