chore(deps): update all non-major dependencies (v1)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@types/node (source)	^25.0.8 → ^25.0.10
@typescript/native-preview (source)	7.0.0-dev.20260115.1 → 7.0.0-dev.20260122.4
@vitest/coverage-v8 (source)	^4.0.17 → ^4.0.18
crossws (source)	^0.3.5 → ^0.4.3
h3 (source)	^1.14.0 → ^1.15.5
pnpm (source)	10.28.0 → 10.28.1
pnpm (source)	10.7.0 → 10.28.1
prettier (source)	^3.8.0 → ^3.8.1
undici (source)	^7.18.2 → ^7.19.0
undocs	^0.2.30 → ^0.4.13
vitest (source)	^4.0.17 → ^4.0.18
zod (source)	^4.3.5 → ^4.3.6

---

Release Notes

microsoft/typescript-go (@​typescript/native-preview)

v7.0.0-dev.20260122.4

Compare Source

v7.0.0-dev.20260122.3

Compare Source

v7.0.0-dev.20260122.2

Compare Source

v7.0.0-dev.20260120.1

Compare Source

v7.0.0-dev.20260119.1

Compare Source

v7.0.0-dev.20260118.1

Compare Source

v7.0.0-dev.20260117.1

Compare Source

v7.0.0-dev.20260116.1

Compare Source

vitest-dev/vitest (@​vitest/coverage-v8)

v4.0.18

Compare Source

   🚀 Experimental Features

• experimental: Add onModuleRunner hook to worker.init  -  by @​sheremet-va in #​9286 (ea837)

   🐞 Bug Fixes

• Use meta.url in createRequire  -  by @​sheremet-va in #​9441 (e0572)
• browser: Hide injected data-testid attributes  -  by @​sheremet-va in #​9503 (f8989)
• ui: Process artifact attachments when generating HTML reporter  -  by @​macarie in #​9472 (22543)

    View changes on GitHub

h3js/crossws (crossws)

v0.4.3

Compare Source

compare changes

📦 Build

• Migrate to obuild (rolldown) (efdd087)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.2

Compare Source

compare changes

🩹 Fixes

• node server: Properly pass request to NodeRequest (28e5d64)
• cloudflare: Send close frame (#​177)

📖 Documentation

• Add new logo with cube style (#​171)
• Mention publish not broadcasting to sender (#​173)

🏡 Chore

• playground: Add start command (7ab898c)
• release: V0.4.1 (3a537a0)
• Update undocs (4f1e94b)
• Update undocs (8646f89)
• docs: Add missing backtick (#​169)
• Update undocs (440a088)
• Update srvx version & usage (#​178)
• Update dependencies (8761d2e)
• Lint (df7062b)
• Fix type issues (68841e6)
• Update uWebSockets.js (9ce4ce5)
• Fix lint issues (4b1b779)

❤️ Contributors

• Joseph Lee (@​jclab-joseph)
• Pooya Parsa (@​pi0)
• Nick Perez (@​nperez0111)
• Rijk Van Zanten (@​rijkvanzanten)
• Sébastien Chopin [email protected]
• Abeer0 (@​iiio2)

v0.4.1

Compare Source

compare changes

🩹 Fixes

• node server: Properly pass request to NodeRequest (28e5d64)

🏡 Chore

• playground: Add start command (7ab898c)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.0

Compare Source

compare changes

🚀 Enhancements

• Stub full request interface (#​156)
• Universal server for deno, node and bun using srvx (experimental) (#​158)
• Create PeerContext interface for type augmentation (#​159)
• ⚠️ Namespaced pub/sub peers (#​162)
• ⚠️ Support returning context from upgrade hook (#​163)
• cloudflare: Support global publish via rpc (#​166)
• Add cloudflare and default (sse) server entries (#​167)

🩹 Fixes

• ⚠️ Do not automatically accept first sec-webSocket-protocol (#​142)

💅 Refactors

• Remove uncrypto dependency (#​153)
• ⚠️ Always pass Request as first param to resolve (#​160)
• Simplify inspect values (aa49668)
• Throw error when running deno, bun and node adapters in an incompatible environment (b5fcf2a)
• Narrow down upgrade return type (d843cd0)
• ⚠️ Always terminate upgrade if Response is returned (#​164)
• ⚠️ Merge cloudflare and cloudflare-durable adapters (#​165)
• cloudflare: Show warning when pub/sub is not supported (#​144)

📖 Documentation

• Change to h3js from unjs (#​155)
• Add docs for augmenting PeerContext type (#​161)
• Prepare for v0.4 (#​168)

📦 Build

• Simplify and fix exports (0d2ceb0)
• Remove extra .d.ts files (1f389d6)

🏡 Chore

• Update deps (37889b0)
• Update deps (c6f6bd8)

⚠️ Breaking Changes

• ⚠️ Namespaced pub/sub peers (#​162)
• ⚠️ Support returning context from upgrade hook (#​163)
• ⚠️ Do not automatically accept first sec-webSocket-protocol (#​142)
• ⚠️ Always pass Request as first param to resolve (#​160)
• ⚠️ Always terminate upgrade if Response is returned (#​164)
• ⚠️ Merge cloudflare and cloudflare-durable adapters (#​165)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Tee Ming (@​eltigerchino)
• Luke Nelson [email protected]
• @​beer (@​iiio2)

h3js/h3 (h3)

v1.15.5

Compare Source

compare changes

[!IMPORTANT]
Security: Fixed a bug in readBody(event) and readRawBody(event) utils where certain Transfer-Encoding header formats could cause the request body to be ignored.

In some deployments (for example, behind TCP load balancers or non-normalizing proxies), this could allow request smuggling. The handling is now safe and fully compliant. (read more)

🩹 Fixes

• readRawBody: Fix case-sensitive Transfer-Encoding check causing request smuggling risk (618ccf4)

v1.15.4

Compare Source

compare changes

🩹 Fixes

• getRequestHost: Return first host from x-forwarded-host (#​1175)

💅 Refactors

• useSession: Backport SessionManager interface to fix types (#​1058)

🏡 Chore

• docs: Fix typos (#​1108)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Kricsleo (@​kricsleo)
• Izoukhai (@​izoukhai)

v1.15.3

Compare Source

compare changes

🩹 Fixes

• serveStatic: Omit decoded id from statusMessage (#​1044)

v1.15.2

Compare Source

compare changes

🩹 Fixes

• Handle FormData body (3757072 f38dd03 0c9b276)
• cache: Correct comparison in cache headers (#​1034)
• Handle Headers when merging proxy headers (#​1027)
• setCookie: Unique by name, domain, and path only (#​1042)

❤️ Contributors

• Kricsleo (@​kricsleo)

v1.15.1

Compare Source

compare changes

🩹 Fixes

• setCookie: Properly merge and dedup set-cookie header (#​981)

v1.15.0

Compare Source

compare changes

• Migrate from unenv v1 to node-mock-http (#​970)

pnpm/pnpm (pnpm)

v10.28.1

Compare Source

prettier/prettier (prettier)

v3.8.1

Compare Source

nodejs/undici (undici)

v7.19.0

Compare Source

What's Changed

• fix: Handle FormData body type correctly in RetryAgent retried requests by @​eliotschu in #​4692
• feat(client): expose HTTP/2 flow-control options by @​pabloelisseo in #​4706
• Implement origin normalization in MockAgent for case-insensitivity and URL handling by @​SksOp in #​4731
• fix websocket basic auth by @​KhafraDev in #​4747
• fix(cache): regenerate stream from source when cache.match is called after GC by @​mcollina in #​4713
• chore: use testcontext for test:cache by @​Uzlopak in #​4571
• chore: use testcontext for subresource integrity tests by @​Uzlopak in #​4575
• feat(cache): add origins option for whitelist filtering by @​mcollina in #​4739
• ci: test shared-builtin only on Node.js 24 and 25 by @​mcollina in #​4746
• fix websocketstream open error by @​KhafraDev in #​4748

New Contributors

• @​eliotschu made their first contribution in #​4692
• @​pabloelisseo made their first contribution in #​4706
• @​SksOp made their first contribution in #​4731

Full Changelog: nodejs/undici@v7.18.2...v7.19.0

unjs/undocs (undocs)

v0.4.13

Compare Source

compare changes

🚀 Enhancements

• Also match curl user agent (f067ed1)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.12

Compare Source

compare changes

🚀 Enhancements

• Add llms.txt, llms-full.txt generation and Copy page (#​210)

🩹 Fixes

• Update dependencies and latest nuxi compat (#​211)
• Pin nuxt-ui to 4.2 (#​212)

🏡 Chore

• release: V0.4.11 (d1ee98a)
• Sync docs (7afc7be)
• Update deps (bcb7d54)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Hugo [email protected]
• Sébastien Chopin (@​atinux)

v0.4.11

Compare Source

compare changes

🚀 Enhancements

• Add support for versions select (#​209)
• Add support for adding a Banner (#​208)

❤️ Contributors

• Sébastien Chopin [email protected]

v0.4.10

Compare Source

compare changes

🚀 Enhancements

• Add support for setting lang attribute (c7e7ea1)
• Set default robots.txt for SEO at 100 (5a774a4)

🏡 Chore

• Improve accessibility to 100 (4768bc6)
• Lint fix (3ac374b)

❤️ Contributors

• Sébastien Chopin (@​atinux)

v0.4.9

Compare Source

compare changes

🩹 Fixes

• Toc is optional (40afbb4)

❤️ Contributors

• Sébastien Chopin (@​atinux)

v0.4.8

Compare Source

compare changes

🚀 Enhancements

• Expose sponsors and contributors as page components (49bddc0)

🩹 Fixes

• Support scanning docs markdown and custom components (1cd2590)

❤️ Contributors

• Sébastien Chopin (@​atinux)

v0.4.7

Compare Source

compare changes

🩹 Fixes

• Add vite config icon (478de0b)

📖 Documentation

• Use X instead of Twitter (6900300)

❤️ Contributors

• Sébastien Chopin (@​atinux)

v0.4.6

Compare Source

compare changes

🩹 Fixes

• Add missing diff language (fd88c31)

🏡 Chore

• Set container to 90rem (38a484b)

❤️ Contributors

• Sébastien Chopin (@​atinux)

v0.4.5

Compare Source

compare changes

🚀 Enhancements

• Add undocs + custom icons library (#​204)

💅 Refactors

• Imporve header (#​203)

❤️ Contributors

• Sébastien Chopin [email protected]
• Pooya Parsa (@​pi0)

v0.4.4

Compare Source

compare changes

💅 Refactors

• Landing improvements (#​202)

❤️ Contributors

• Sébastien Chopin [email protected]

v0.4.3

Compare Source

compare changes

🩹 Fixes

• Fix contribute button rendering (c70bd23)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.2

Compare Source

compare changes

🩹 Fixes

• Optional access to sponsors config (3525f0a)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.1

Compare Source

compare changes

🚀 Enhancements

• Also match curl user agent (f067ed1)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.4.0

Compare Source

compare changes

🚀 Enhancements

• Basic mermaid support (f6790e5)
• og: Use themeColor (4105c5a)
• Add /icon.svg by default (2337836)

🩹 Fixes

• Justify-center hero links when there is no hero code (#​190)
• Correct the install command for deno (#​189)
• Use summary_large_image for twitter seo meta (a79cb6c)
• Add og:title and og:description (8fa9961)

💅 Refactors

• Set compatibilityDate to latest (67a7f23)
• Update og image (ae6fa5b)
• Update landing sponsors/contributors (f8cc963)

🏡 Chore

• release: V0.3.10 (754e200)
• Update deps (6d140e0)
• Update package.json (c16a6a2)
• Update content module (af390d7)
• Migrate to pnpm (239154f)
• Fix ci (65397fc)
• Fix ci (f1149f7)
• Update deps (986e27f)
• Update repo name (616597e)
• Fix lint warning (294477e)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Keito (@​mst-mkt)
• Makito [email protected]

v0.3.10

Compare Source

compare changes

🚀 Enhancements

• Basic mermaid support (f6790e5)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.9

Compare Source

compare changes

🚀 Enhancements

• Show nested breadcrumb (3126d0d)

🩹 Fixes

• Always assign auto icons (679ed55)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.8

Compare Source

compare changes

🚀 Enhancements

• Nested 3 level navigation (bdb424b)
• Add tooltip for social icons (e72fb30)

🩹 Fixes

• content: Include yml files for navigation (a941002)

💅 Refactors

• Update content hooks (ac10629)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.7

Compare Source

compare changes

🩹 Fixes

• Use sqliteConnector: native option (083c88f)
• Add better-sqlite3 although should not be needed (bd98f8c)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.6

Compare Source

compare changes

🚀 Enhancements

• Also list past sponsors (8c9b6ac)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.5

Compare Source

compare changes

🩹 Fixes

• Better handle mobile navigation (e3cb9be)
• Use patched content module (de5504d)
• Ugly workaround for anchor scroll behavior (3a750f7)
• Edit page link (df0be5b)

🏡 Chore

• Add missing sponsors section in config (73a3ae8)
• Lint (3c1ff89)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Sébastien Chopin (@​atinux)

v0.3.4

Compare Source

compare changes

🩹 Fixes

• Respect themeColor config (20213cc)
• Add codeIcon for node (c5bfb65)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.3

Compare Source

compare changes

🚀 Enhancements

• Simple blog section (#​178)
• Add social media config (4fd7e72)
• Sponsors support for landing (0592ac3)

💅 Refactors

• Update toc (5193310)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.2

Compare Source

compare changes

💅 Refactors

• Remove logs (767535f)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.1

Compare Source

compare changes

🚀 Enhancements

• Basic mermaid support (f6790e5)

❤️ Contributors

• Pooya Parsa (@​pi0)

v0.3.0

Compare Source

compare changes

🚀 Enhancements

• Migrate to @​nuxt/ui-pro and @​nuxt/content v3 (#​175)

🏡 Chore

• Update dependencies (2b62a52)
• Remove codecov action (1ac0c33)
• Update lockfile (9d1922f)
• Lint (94ad02d)
• Apply automated updates (9494e50)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Hugo Richard (@​HugoRCD)

colinhacks/zod (zod)

v4.3.6

Compare Source

Commits:

• 9977fb0 Add brand.dev to sponsors
• f4b7bae Update pullfrog.yml (#​5634)
• 251d716 Clean up workflow_call
• edd4132 fix: add missing User-agent to robots.txt and allow all (#​5646)
• 85db85e fix: typo in codec.test.ts file (#​5628)
• cbf77bb Avoid non null assertion (#​5638)
• dfbbf1c Avoid re-exported star modules (#​5656)
• 762e911 Generalize numeric key handling
• ca3c862 v4.3.6

---

Configuration

📅 Schedule: Branch creation - "after 2am and before 3am" (UTC), Automerge - "after 1am and before 2am" (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.