fix(deps): update all dependencies (major)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@vitejs/plugin-react (source)	^5.1.1 → ^6.0.0			devDependencies	major
actions/checkout	v4 → v6			action	major
actions/setup-node	v4 → v6			action	major
aws-actions/configure-aws-credentials	v4 → v6			action	major
eslint (source)	^8.57.0 → ^10.0.0			devDependencies	major
eslint-plugin-react-hooks (source)	^5.0.0 → ^7.0.0			devDependencies	major
lucide-react (source)	^0.561.0 → ^1.0.0			dependencies	major
pnpm (source)	9 → 10			uses-with	major
pnpm/action-setup	v4 → v6			action	major
softprops/action-gh-release	v2 → v3			action	major
tailwindcss (source)	^3.4.18 → ^4.0.0			devDependencies	major
typescript (source)	~5.9.3 → ~6.0.0			devDependencies	major
vite (source)	^7.2.4 → ^8.0.0			devDependencies	major

---

Release Notes

vitejs/vite-plugin-react (@​vitejs/plugin-react)

v6.0.1

Compare Source

Expand @rolldown/plugin-babel peer dep range (#​1146)

Expanded @rolldown/plugin-babel peer dep range to include ^0.2.0.

v6.0.0

Compare Source

v5.2.0

Compare Source

v5.1.4

Compare Source

Fix canSkipBabel not accounting for babel.overrides (#​1098)

When configuring babel.overrides without top-level plugins or presets, Babel was incorrectly skipped. The canSkipBabel function now checks for overrides.length to ensure override configurations are processed.

v5.1.3

Compare Source

actions/checkout (actions/checkout)

v6.0.2

Compare Source

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in #​2356

v6.0.1

Compare Source

v6.0.0

Compare Source

v6

Compare Source

v5.0.1

Compare Source

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in #​2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

Compare Source

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in #​2226
• Prepare v5.0.0 release by @​salmanmkc in #​2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v5

Compare Source

v4.3.1

Compare Source

What's Changed

• Port v6 cleanup to v4 by @​ericsciple in #​2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

Compare Source

What's Changed

• docs: update README.md by @​motss in #​1971
• Add internal repos for checking out multiple repositories by @​mouismail in #​1977
• Documentation update - add recommended permissions to Readme by @​benwells in #​2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in #​2044
• Update README.md by @​nebuk89 in #​2194
• Update CODEOWNERS for actions by @​TingluoHuang in #​2224
• Update package dependencies by @​salmanmkc in #​2236
• Prepare release v4.3.0 by @​salmanmkc in #​2237

New Contributors

• @​motss made their first contribution in #​1971
• @​mouismail made their first contribution in #​1977
• @​benwells made their first contribution in #​2043
• @​nebuk89 made their first contribution in #​2194
• @​salmanmkc made their first contribution in #​2236

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

Compare Source

• url-helper.ts now leverages well-known environment variables by @​jww3 in #​1941
• Expand unit test coverage for isGhes by @​jww3 in #​1946

v4.2.1

Compare Source

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in #​1924

v4.2.0

Compare Source

• Add Ref and Commit outputs by @​lucacome in #​1180
• Dependency updates by @​dependabot- #​1777, #​1872

v4.1.7

Compare Source

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in #​1739
• Bump actions/checkout from 3 to 4 by @​dependabot in #​1697
• Check out other refs/* by commit by @​orhantoy in #​1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in #​1776

v4.1.6

Compare Source

• Check platform to set archive extension appropriately by @​cory-miller in #​1732

v4.1.5

Compare Source

• Update NPM dependencies by @​cory-miller in #​1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in #​1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in #​1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in #​1695
• README: Suggest user.email to be 41898282+github-actions[bot]@​users.noreply.github.com by @​cory-miller in #​1707

v4.1.4

Compare Source

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in #​1692
• Add dependabot config by @​cory-miller in #​1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in #​1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in #​1643

v4.1.3

Compare Source

• Check git version before attempting to disable sparse-checkout by @​jww3 in #​1656
• Add SSH user parameter by @​cory-miller in #​1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in #​1650

v4.1.2

Compare Source

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in #​1598

v4.1.1

Compare Source

• Correct link to GitHub Docs by @​peterbe in #​1511
• Link to release page from what's new section by @​cory-miller in #​1514

v4.1.0

Compare Source

• Add support for partial checkout filters

actions/setup-node (actions/setup-node)

v6.4.0

Compare Source

v6.3.0

Compare Source

What's Changed

Enhancements:

• Support parsing devEngines field by @​susnux in #​1283

When using node-version-file: package.json, setup-node now prefers devEngines.runtime over engines.node.

Dependency updates:

• Fix npm audit issues by @​gowridurgad in #​1491
• Replace uuid with crypto.randomUUID() by @​trivikr in #​1378
• Upgrade minimatch from 3.1.2 to 3.1.5 by @​dependabot in #​1498

Bug fixes:

• Remove hardcoded bearer for mirror-url @​marco-ippolito in #​1467
• Scope test lockfiles by package manager and update cache tests by @​gowridurgad in #​1495

New Contributors

• @​susnux made their first contribution in #​1283

Full Changelog: actions/setup-node@v6...v6.3.0

v6.2.0

Compare Source

v6.1.0

Compare Source

What's Changed

Enhancement:

• Remove always-auth configuration handling by @​priyagupta108 in #​1436

Dependency updates:

• Upgrade @​actions/cache from 4.0.3 to 4.1.0 by @​dependabot[bot] in #​1384
• Upgrade actions/checkout from 5 to 6 by @​dependabot[bot] in #​1439
• Upgrade js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in #​1435

Documentation update:

• Add example for restore-only cache in documentation by @​aparnajyothi-y in #​1419

Full Changelog: actions/setup-node@v6...v6.1.0

v6.0.0

Compare Source

What's Changed

Breaking Changes

• Limit automatic caching to npm, update workflows and documentation by @​priyagupta108 in #​1374

Dependency Upgrades

• Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @​dependabot[bot] in #​1336
• Upgrade prettier from 2.8.8 to 3.6.2 by @​dependabot[bot] in #​1334
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @​dependabot[bot] in #​1362

Full Changelog: actions/setup-node@v5...v6.0.0

v6

Compare Source

v5

Compare Source

v5.0.0

Compare Source

What's Changed

Breaking Changes

• Enhance caching in setup-node with automatic package manager detection by @​priya-kinthali in #​1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless.
To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

• Upgrade action to use node24 by @​salmanmkc in #​1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​octokit/request-error and @​actions/github by @​dependabot[bot] in #​1227
• Upgrade uuid from 9.0.1 to 11.1.0 by @​dependabot[bot] in #​1273
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in #​1295
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in #​1332
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in #​1345

New Contributors

• @​priya-kinthali made their first contribution in #​1348
• @​salmanmkc made their first contribution in #​1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

Compare Source

What's Changed

Bug fixes:

• Make eslint-compact matcher compatible with Stylelint by @​FloEdelmann in #​98
• Add support for indented eslint output by @​fregante in #​1245

Enhancement:

• Support private mirrors by @​marco-ippolito in #​1240

Dependency update:

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in #​1262

New Contributors

• @​FloEdelmann made their first contribution in #​98
• @​fregante made their first contribution in #​1245
• @​marco-ippolito made their first contribution in #​1240

Full Changelog: actions/setup-node@v4...v4.4.0

v4.3.0

Compare Source

What's Changed

Dependency updates

• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in #​1200
• Upgrade @​action/cache from 4.0.0 to 4.0.2 by @​gowridurgad in #​1251
• Upgrade @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in #​1203
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot in #​1220

New Contributors

• @​gowridurgad made their first contribution in #​1251

Full Changelog: actions/setup-node@v4...v4.3.0

v4.2.0

Compare Source

What's Changed

• Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by @​aparnajyothi-y in #​1174
• Add recommended permissions section to readme by @​benwells in #​1193
• Configure Dependabot settings by @​HarithaVattikuti in #​1192
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in #​1191
• Upgrade pnpm/action-setup from 2 to 4 by @​dependabot in #​1194
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in #​1195
• Upgrade semver from 7.6.0 to 7.6.3 by @​dependabot in #​1196
• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot in #​1201
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in #​1205

New Contributors

• @​benwells made their first contribution in #​1193

Full Changelog: actions/setup-node@v4...v4.2.0

v4.1.0

Compare Source

What's Changed

• Resolve High Security Alerts by upgrading Dependencies by @​aparnajyothi-y in #​1132
• Upgrade IA Publish by @​Jcambass in #​1134
• Revise isGhes logic by @​jww3 in #​1148
• Add architecture to cache key by @​pengx17 in #​843
  This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.
  Note: This change may break previous cache keys as they will no longer be compatible with the new format.

New Contributors

• @​jww3 made their first contribution in #​1148
• @​pengx17 made their first contribution in #​843

Full Changelog: actions/setup-node@v4...v4.1.0

v4.0.4

Compare Source

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in #​1125
• Enhance Windows ARM64 Setup and Update micromatch Dependency by @​priyagupta108 in #​1126

Documentation changes:

• Documentation update in the README file by @​suyashgaonkar in #​1106
• Correct invalid 'lts' version string reference by @​fulldecent in #​1124

New Contributors

• @​suyashgaonkar made their first contribution in #​1106
• @​priyagupta108 made their first contribution in #​1126
• @​Jcambass made their first contribution in #​1125
• @​fulldecent made their first contribution in #​1124

Full Changelog: actions/setup-node@v4...v4.0.4

v4.0.3

Compare Source

What's Changed

Bug fixes:

• Fix macos latest check failures by @​HarithaVattikuti in #​1041

Documentation changes:

• Documentation update to update default Node version to 20 by @​bengreeley in #​949

Dependency updates:

• Bump undici from 5.26.5 to 5.28.3 by @​dependabot in #​965
• Bump braces from 3.0.2 to 3.0.3 and other dependency updates by @​dependabot in #​1087

New Contributors

• @​bengreeley made their first contribution in #​949
• @​HarithaVattikuti made their first contribution in #​1041

Full Changelog: actions/setup-node@v4...v4.0.3

v4.0.2

Compare Source

What's Changed

• Add support for volta.extends by @​ThisIsManta in #​921
• Add support for arm64 Windows by @​dmitry-shibanov in #​927

New Contributors

• @​ThisIsManta made their first contribution in #​921

Full Changelog: actions/setup-node@v4.0.1...v4.0.2

v4.0.1

Compare Source

What's Changed

• Ignore engines in Yarn 1 e2e-cache tests by @​trivikr in #​882
• Update setup-node references in the README.md file to setup-node@​v4 by @​jwetzell in #​884
• Update reusable workflows to use Node.js v20 by @​MaksimZhukov in #​889
• Add fix for cache to resolve slow post action step by @​aparnajyothi-y in #​917
• Fix README.md by @​takayamaki in #​898
• Add package.json to node-version-file list of examples. by @​TWiStErRob in #​879
• Fix node-version-file interprets entire package.json as a version by @​NullVoxPopuli in #​865

New Contributors

• @​trivikr made their first contribution in #​882
• @​jwetzell made their first contribution in #​884
• @​aparnajyothi-y made their first contribution in #​917
• @​takayamaki made their first contribution in #​898
• @​TWiStErRob made their first contribution in #​879
• @​NullVoxPopuli made their first contribution in #​865

Full Changelog: actions/setup-node@v4...v4.0.1

aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)

v6.1.0

Compare Source

Features

• add skip cleanup option (#​1716) (11b1c58), closes #​1545
• Support usage of AWS Profiles (#​1696) (a7f0c82)

v6.0.0

Compare Source

⚠ BREAKING CHANGES

• Update action to use node24 Note this requires GitHub action runner version v2.327.1 or later (#​1632) (a7a2c11)

Features

• add support to define transitive tag keys (#​1316) (232435c) (930ebd9)

Bug Fixes

• properly output aws-account-id and authenticated-arn when using role-chaining (#​1633) (7ceaf96)

v6

Compare Source

v5.1.1

Compare Source

Miscellaneous Chores

• release 5.1.1 (56d6a58)
• various dependency updates

v5.1.0

Compare Source

Features

• Add global timeout support (#​1487) (1584b8b)
• add no-proxy support (#​1482) (dde9b22)
• Improve debug logging in retry logic (#​1485) (97ef425)

Bug Fixes

• properly expose getProxyForUrl (introduced in #​1482) (#​1486) (cea4298)

v5.0.0

Compare Source

⚠ BREAKING CHANGES

• Cleanup input handling. Changes invalid boolean input behavior (see #​1445)

Features

• add skip OIDC option (#​1458) (8c45f6b)
• Cleanup input handling. Changes invalid boolean input behavior (see #​1445) (74b3e27)
• support account id allowlist (#​1456) (c4be498)

v5

Compare Source

v4.3.1

Compare Source

Bug Fixes

• update readme to 4.3.1 (#​1424) (be2e7ad)

v4.3.0

Compare Source

NOTE: This release tag originally pointed to 59b4418, but a critical bug was discovered shortly after publishing. We updated this tag to d0834ad to prevent anyone using the 4.3.0 tag from encountering the bug, and we published 4.3.1 to allow workflows to auto update correctly.

Features

• dependency update and feature cleanup (#​1414) (59489ba), closes #​1062 #​1191
• Optional environment variable output (c3b3ce6)

Bug Fixes

• docs: readme samples versioning (5b3c895)
• the wrong example region for China partition in README (37fe9a7)
• properly set proxy environment variable (cbea708)

Miscellaneous Chores

• release 4.3.0 (3f7c218)

v4.2.1

Compare Source

Bug Fixes

• ensure explicit inputs take precedence over environment variables (e56e6c4)
• prioritize explicit inputs over environment variables (df9c8fe)

v4.2.0

Compare Source

Features

• add Expiration field to Outputs (a4f3267)
• Document role-duration-seconds range (5a0cf01)
• support action inputs as environment variables (#​1338) (2c168ad)

Bug Fixes

• make sure action builds, also fix dependabot autoapprove (c401b8a)
• role chaning on mulitple runs (#​1340) (9e38641)

v4.1.0

Compare Source

Features

• idempotent fetch (#​1289) (eb70354)

Bug Fixes

• build failure due to tests (#​1283) (134d71e)
• Dependabot autoapprove (#​1284) (b9ee51d)
• Dependabot autoapprove id-token write permission (#​1285) (f0af89b)
• typo (#​1281) (39fd91c)

v4.0.3

Compare Source

Features

• added release-please action config (0f88004)

Bug Fixes

• add id-token permission to automerge (97834a4)
• cpy syntax on npm package (#​1195) (83b5a56)
• force push packaged files to main (bfd2185)

Miscellaneous Chores

• release 4.0.3 (ca00fd4)

v4.0.2

Compare Source

See the changelog for details about the changes included in this release.

v4.0.1

Compare Source

See the changelog for details about the changes included in this release.

eslint/eslint (eslint)

v10.3.0

Compare Source

v10.2.1

Compare Source

v10.2.0

Compare Source

Features

• 586ec2f feat: Add meta.languages support to rules (#​20571) (Copilot)
• 14207de feat: add Temporal to no-obj-calls (#​20675) (Pixel998)
• bbb2c93 feat: add Temporal to ES2026 globals (#​20672) (Pixel998)

Bug Fixes

• 542cb3e fix: update first-party dependencies (#​20714) (Francesco Trotta)

Documentation

• a2af743 docs: add language to configuration objects (#​20712) (Francesco Trotta)
• 845f23f docs: Update README (GitHub Actions Bot)
• 5fbcf59 docs: remove sourceType from ts playground link (#​20477) (Tanuj Kanti)
• 8702a47 docs: Update README (GitHub Actions Bot)
• ddeaded docs: Update README (GitHub Actions Bot)
• [2b44966](https://redirect.github.com/eslint/eslint/co

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • "before 3am on monday"

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.