chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@commitlint/cli (source)	19.8.0 -> 19.8.1			devDependencies	patch
@commitlint/config-conventional (source)	19.8.0 -> 19.8.1			devDependencies	patch
@csstools/postcss-global-data (source)	3.0.0 -> 3.1.0			dependencies	minor
@js-basics/vector	2.2.2 -> 2.2.5			dependencies	patch
@nuxt/content (source)	3.5.1 -> 3.8.2			dependencies	minor
@nuxt/eslint (source)	1.3.0 -> 1.10.0			devDependencies	minor
@nuxtjs/i18n (source)	9.5.4 -> 9.5.6			dependencies	patch
@nuxtjs/seo (source)	3.0.3 -> 3.2.2			dependencies	minor
@pinia/nuxt (source)	0.11.0 -> 0.11.3			dependencies	patch
@snyk/protect	1.1296.2 -> 1.1301.0			devDependencies	minor
commitlint (source)	19.8.0 -> 19.8.1			devDependencies	patch
eslint (source)	9.26.0 -> 9.39.1			devDependencies	minor
eslint-config-prettier	10.1.2 -> 10.1.8			devDependencies	patch
eslint-plugin-prettier	5.3.1 -> 5.5.4			devDependencies	minor
lint-staged	15.5.1 -> 15.5.2			devDependencies	patch
node (source)	20.19.1 -> 20.19.5				patch
nuxt (source)	3.17.2 -> 3.20.1			dependencies	minor
nuxt-booster	3.2.9 -> 3.3.1			dependencies	minor
pinia (source)	3.0.2 -> 3.0.4			dependencies	patch
postcss-custom-media (source)	11.0.5 -> 11.0.6			dependencies	patch
postcss-preset-env (source)	10.1.6 -> 10.4.0			dependencies	minor
prettier (source)	3.5.3 -> 3.6.2			devDependencies	minor
stylelint (source)	16.19.1 -> 16.25.0			devDependencies	minor
stylelint-config-css-modules	4.4.0 -> 4.5.1			devDependencies	minor
stylelint-config-recess-order	6.0.0 -> 6.1.0			devDependencies	minor

---

Release Notes

conventional-changelog/commitlint (@​commitlint/cli)

v19.8.1

Compare Source

Bug Fixes

• update dependency tinyexec to v1 (#​4332) (e49449f)

conventional-changelog/commitlint (@​commitlint/config-conventional)

v19.8.1

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

csstools/postcss-plugins (@​csstools/postcss-global-data)

v3.1.0

Compare Source

August 22, 2025

• Add prepend plugin option
• Add lateRemover plugin option

basics/vector (@​js-basics/vector)

v2.2.5

Compare Source

Bug Fixes

• deps: update babel monorepo to v7.28.0 (0546065)

v2.2.4

Compare Source

Bug Fixes

• deps: update babel monorepo (9e2978b)

v2.2.3

Compare Source

Bug Fixes

• toCSSVars: set default value for target parameter in toCSSVars method across multiple classes (003b2ae)

nuxt/content (@​nuxt/content)

v3.8.2

Compare Source

v3.8.1

Compare Source

Bug Fixes

• deps: nuxt 4.2 patch (91a1de7)
• docs: docs collection prefix (72cc17d)
• make sure last char of column is not special char (#​3610) (d763452)

Performance Improvements

• replace internal object records with maps (#​3591) (7b16de3)
• use moduleDependencies to install mdc module (#​3597) (9600533)

v3.8.0

Compare Source

Features

• add support for nuxthub v1 (#​3576) (e166063)
• client utils (#​3506) (2467057)
• use Vite and Webpack server for content hot reload (#​3546) (ee06d16)

Bug Fixes

• extend inherited schema (dd054ea)

Performance Improvements

• git: use modern-tar over tar (#​3569) (dd854d5)

v3.7.1

Compare Source

Bug Fixes

• remove zod and zod-to-json-schema from optional deps (#​3541) (8e038f0)

v3.7.0

Compare Source

Deprecations

The following features are deprecated and will be removed in a future release:

• z re-export from @nuxt/content
• Calling .editor() directly on zod schemas (e.g. z.string().editor(...))

Migration guide :

- import { defineContentConfig, defineCollection, z } from '@​nuxt/content'
+ import { defineContentConfig, defineCollection, property } from '@​nuxt/content'
+ import { z } from 'zod' // or 'zod/v3' if your setup exposes this subpath

  export default defineContentConfig({
    collections: {
      posts: defineCollection({
        type: 'page',
        source: 'blog/*.md',
        schema: z.object({
        image: z.object({
-         src: z.string().editor({ input: 'media' }),
+         src: property(z.string()).editor({ input: 'media' }),
          alt: z.string(),
        }),
      }),
    },
  })

Features

• adopt standard schema spec and support different validators (#​3524) (46a1004)
• inherit component prop types in content collection (#​3451) (a620a2c)

Bug Fixes

• ProseCode preview syntax highlighting (#​3491) (4a725bd)
• add dependency at Nuxt root dir (#​3525) (71f2989)
• block experimental sqlite warning on node (5ac31da)
• deprecate nitro export in favor of server (ec97064)
• do not register close hook if websocket is disabled (#​3474) (9edcc8f)
• ignore .DS_Store files in all subdirectories (c7a9af3)
• ignore OSX meta file .DS_Store (fe5d7f9)
• improve websocket and watcher cleanup handling (#​3478) (8041807)
• inherit: cache component meta (e9658de)
• inherit: issue with property definition in arrays (873b768)
• inherit: try resolve component from root directory (b0073f1)
• inherit: type generation (63500f3)
• normalize source cwd (#​3532) (0a34742)
• nuxthub: missing line separator in database migrations (#​3464) (4983443)
• use listhen's publicUrl if available (#​3500) (fb0f022)

v3.6.3

Compare Source

Bug Fixes

• Content Hot reload (ad4479a), closes #​3440

v3.6.2

Compare Source

Features

• schema: set navigation.icon of page as icon for preview (eff825d)

Bug Fixes

• check sqlite connector only if database type is sqlite (#​3425) (9166169)
• dev: dont ignore subfolders (#​3421) (78f461d)
• docs: update query method to use first() for consistency (#​3430) (5fed4ea)
• fallback to api call if webassembly is not supported (#​3399) (cf5ca24)

v3.6.1

Compare Source

Features

• add findPageHeadline utils (#​3416) (a966c61)
• preset: warn if nuxthub is loaded before without database (#​3405) (f689cf0)
• support <= and >= sql operators (#​3413) (63dbf9f)
• support Cloudflare Workers (#​3407) (7738aac)

Bug Fixes

• dev: support extension patterns like **/*.md (#​3414) (f1b873b)
• disable ref strategy of JsonSchema (#​3403) (01cfac1)

v3.6.0

Compare Source

Features

• add findPageBreadcrumb, findPageChildren and findPageSiblings utils (#​3393) (c74ec44)
• parser: allow extra transformers to provide components used (#​3355) (baff541)
• source: do not watch for excluded files (2ee1149)
• toggle content heading extraction (#​3400) (f01256a)
• use json schema instead of zod for internal routines (#​3347) (3f2ff74)

Bug Fixes

• add sql_dump file extension (#​3339) (d0ceeb6)
• collections: default values (10f3a06)
• deps: remove optimized brace-expansion from preview module (d5ac591)
• do not escape newlines (#​3320) (eb60ecb)
• module: check modules existence using import (#​3348) (bd84992)
• module: ignore files in content folder in nuxt building (#​3380) (b01e307)
• preview: handle deleted key in object (231ef50)
• templates: populate preview template schema (b7230cd)
• websocket: client url (#​3344) (d67b63b)

nuxt/eslint (@​nuxt/eslint)

v1.10.0

Compare Source

   🚀 Features

• Update deps  -  by @​antfu (23b8b)

   🐞 Bug Fixes

• Update icon path  -  by @​antfu (3f185)

    View changes on GitHub

v1.9.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (b80cb)

   🐞 Bug Fixes

• Add defineNuxtConfig as ESLint's globals, close #​603  -  by @​antfu in #​603 (2e67f)

    View changes on GitHub

v1.8.0

Compare Source

   🚀 Features

• Update plugins  -  by @​antfu (932a7)

    View changes on GitHub

v1.7.1

Compare Source

   🐞 Bug Fixes

• Include eslint-typegen.d.ts in nuxt.node.d.ts, close #​596  -  by @​antfu in #​596 (ab74e)

    View changes on GitHub

v1.7.0

Compare Source

   🚀 Features

• Upgrade eslint-plugin-unicorn  -  by @​antfu (b3b7d)

    View changes on GitHub

v1.6.0

Compare Source

   🐞 Bug Fixes

• Bring back eslint-plugin-import-x as default, close #​590  -  by @​antfu in #​590 (e43d6)

    View changes on GitHub

v1.5.2

Compare Source

   🚀 Features

• Add option features.import.plugin to swap plugin implementation, close #​587  -  by @​antfu in #​587 (66f5e)

    View changes on GitHub

v1.5.1

Compare Source

   🐞 Bug Fixes

• eslint-config: Replace deprecated vue/object-property-newline option  -  by @​amery in #​586 (7805e)

    View changes on GitHub

v1.5.0

Compare Source

   🚀 Features

• Switch to eslint-plugin-import-lite, update deps  -  by @​antfu (31bd8)

   🐞 Bug Fixes

• eslint-config: Add file type restrictions to prevent CSS parsing errors  -  by @​amery in #​584 (40521)

    View changes on GitHub

v1.4.1

Compare Source

   🐞 Bug Fixes

• Add node: prefix to build-in modules  -  by @​danielroe in #​579 (8180f)
• Sort imports objects by from + name  -  by @​danielroe in #​578 (766ae)

    View changes on GitHub

v1.4.0

Compare Source

   🚀 Features

• Update deps  -  by @​antfu (afc42)
• Support type-aware rules, fix #​499  -  by @​antfu in #​499 (70d23)

    View changes on GitHub

v1.3.1

Compare Source

No significant changes

    View changes on GitHub

nuxt-modules/i18n (@​nuxtjs/i18n)

v9.5.6

Compare Source

   🐞 Bug Fixes

• Replace _generate property usage  -  by @​BobbieGoede (e3fba)
• GetDefaultLocaleForDomain should respect runtime config  -  by @​cjpearson and @​BobbieGoede in #​3693 (89c5f)
• Populate domainLocales based on module config  -  by @​cjpearson and @​BobbieGoede in #​3694 and #​3695 (76b13)
• Reuse nuxt instance at plugin setup  -  by @​BobbieGoede in #​3690 (0067f)

    View changes on GitHub

v9.5.5

Compare Source

   🐞 Bug Fixes

• Validate user options and warn for undesired default values  -  by @​BobbieGoede in #​3654 (2f90d)

    View changes on GitHub

harlan-zw/nuxt-seo (@​nuxtjs/seo)

v3.2.2

Compare Source

No significant changes

    View changes on GitHub

v3.2.1

Compare Source

No significant changes

    View changes on GitHub

v3.2.0

Compare Source

This version implements module dependencies that are available with Nuxt v4.1, and improved Nuxt Content v3.7 compatibility and NPM trusted publishing for all modules for improved security.

It bumps the Nuxt Robots versions, which include the new features:

• Content-Usage directive nuxt-modules/robots#226
• Bot Detection nuxt-modules/robots#210

   🐞 Bug Fixes

• Nuxt Content v3.7 compatibility  -  by @​harlan-zw (90214)
• Explicit moduleDependencies  -  by @​harlan-zw (73fd6)
• NPM Trusted Publishing  -  by @​harlan-zw (ed173)

   📦 Dependencies

Updated SEO related packages:

• @​nuxtjs/robots: 5.2.11 → 5.5.5
• @​nuxtjs/sitemap: 7.4.2 → 7.4.7
• nuxt-link-checker: 4.3.1 → 4.3.2
• nuxt-og-image: 5.1.8 → 5.1.11
• nuxt-schema-org: 5.0.6 → 5.0.9
• nuxt-seo-utils: 7.0.12 → 7.0.16
• nuxt-site-config: 3.2.2 → 3.2.7

These updates bring the latest bug fixes and improvements from the Nuxt SEO ecosystem.

    View changes on GitHub

v3.1.0

Compare Source

📦 Dependencies

Updated SEO related packages:

• @​nuxtjs/robots: 5.2.10 → 5.2.11
• @​nuxtjs/sitemap: 7.2.10 → 7.4.2 (minor version bump)
• nuxt-link-checker: 4.3.0 → 4.3.1
• nuxt-og-image: 5.1.2 → 5.1.8
• nuxt-schema-org: 5.0.5 → 5.0.6
• nuxt-seo-utils: 7.0.9 → 7.0.12
• nuxt-site-config: 3.1.9 → 3.2.2 (minor version bump)

These updates bring the latest bug fixes and improvements from the Nuxt SEO ecosystem, namely:

• 🐛 Improved stability for I18n integration
• 🐛 Nuxt Content v3.6.0 compatibility

vuejs/pinia (@​pinia/nuxt)

v0.11.3

Compare Source

v0.11.2

Compare Source

v0.11.1

Compare Source

snyk/snyk (@​snyk/protect)

v1.1301.0

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• container: The Snyk CLI now supports scanning Ubuntu Chisel images for vulnerabilities (9328757)
• container: The Snyk CLI now supports scanning container images with zstd-compressed layers (5080e42)
• container: Added a new parameter, --include-system-jars, to support scanning of usr/lib JARs (57078b6)
• test(maven): Initial maven 4 support, testing against the most recent release candidate (88cf47e)
• test(maven): A new experimental flag --include-provenance that will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a)
• sbom(maven): A new experimental flag --include-provenance that will produce an SBOM with checksum qualifiers in each purl (5b8fe0a)
• language-server: Automatic selection of the organization for IDEs based on workspace folder (EA). (2cc554e)
• language-server: Analytics for configuration and folder trust (2cc554e)
• mcp: Support for writing scan output into a file (2cc554e)
• mcp: Service Account support (2cc554e)

Bug Fixes

• general: Fix incorrect error mapping for varying status codes (5829500)
• general: Some invalid flag combinations are now correctly handled (ca5903b)
• test: The Snyk CLI now correctly handles optional dependencies without separate package entries
  (bfcbda7)
• test: The Snyk CLI now correctly handles aliased packages with nested dependencies (bfcbda7)
• test: The Snyk CLI now correctly handles bundled dependencies with non-hoisted bundle owners (bfcbda7)
• test: Fixes issue where sub packages were getting grouped incorrectly, leading to deps getting marked as missing. (b904e8c)
• test, sbom: Stops misclassifying NX Build project.json as a NuGet project (ff6860f)
• test(npm): Improve npm alias support (cb37da7)
• test(npm): The Snyk CLI now correctly handles npm packages with bundled dependencies (7d93b86)
• test(python): Scanning projects using Python 2.7 will no longer fail with a string formatting error (4effc7f)
• test(python): Fixed JSON parsing error for Python projects with missing packages (4effc7f)
• test(maven): Underlying maven commands adjusted slightly to make aggregate projects that encounter issues when rebuilding more likely to succeed (3b72d86)
• test(dotnet): Fix an issue with NuGet v3 scanner where the netstandard and netcoreapp TargetFrameworks were treated as .netx.x (227b50c)
• test(dotnet): Fix an issue with NuGet v3 scanner where the pinned dependencies were not discovered (0d9b0c4)
• container: Fixed a bug where scanning docker images with very large files would result in the CLI crashing with no message (57078b6)
• container: Fix rare crash when scanning large Docker images (195ed78)
• container: Fix issue where go binaries in Linux images with complex paths were not properly detected as go binaries when scanning on Windows (be8098b)
• code: Add missing explicit error handling (755d01f)
• unmanaged: Ignored vulnerabilities in unmanaged (C/C++) projects are now properly excluded from JSON output when using .snyk policy files. This ensures that snyk-to-html and other tools that consume JSON output will correctly respect vulnerability ignores. (fa808c1)
• dependencies: Fix CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
• dependencies: Upgrade golang to 1.24.10 to fix vulnerabilities (c039f99)
• dependencies: Upgrade to golang 1.24.8 (4dcf97a)
• dependencies: Upgrade xcode to avoid flaky signing (bdcb991)
• dependencies: Fix CVE-2025-47913 (a00b0dc)
• language-server: Various Language Server related fixes (2cc554e)

v1.1300.2

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• security: Upgrades dependencies to address CVE-2025-47913 (d7e87e2)
• general: Improved error messaging (5d16466)

v1.1300.1

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• mcp: Added support for the MCP server to use IDE extension storage when running in VS Code (7f26dc6)
• redteam: Added a new experimental AI Red Teaming feature, read more: https://docs.snyk.io/developer-tools/snyk-cli/commands/ai-red-teaming (fe37e0f)

Bug Fixes

• test: Fix issue where npm aliases only detected the latest version of a dependency (cb37da7)
• security: Upgrades dependencies to address CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
• general: Improved error messaging (5d16466)
• logging: Remove support for legacy DEBUG environment variable. For the supported debugging options, please check https://docs.snyk.io/developer-tools/snyk-cli/debugging-the-snyk-cli (2087f74)

v1.1300.0

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• general: Improve SARIF compatibility by adding runAutomationDetails (3e232e5)
• container: Add support scanning system JARs (54e84d8)
• container: Add TargetOS to output of container scan (aa55cd9)
• test: Add support for godot projects (d9fc200)
• test: Add support for maven metaversions (f321ffa)
• language-server: Add CVSSv4 Links in IDE Issue Details
• mcp: Workflow and performance improvements

Bug Fixes

• container: Fixed crashes when scanning docker images with very large files (72cb040)
• test: Re-enable support for python 2.7 (02c7fe3)
• test: Improved error information when using --all-projects (36d14f9)
• test: Fix a bug due to case-sensitive ignores (b432406)
• test: Resolve project assets file path dynamically (75a152e)
• iac: Upgrade iac components to address a vulnerability [IAC-3439] (eaaaf84)
• logging: Fix broken debug logs due to secret redaction by redacting all user input (0cf19a7)
• language-server: Multiple bugfixes

v1.1299.1

Compare Source

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Bug Fixes

• language-server: Fix titles of Snyk Open Source code actions in IDEs (0add44d)
• code: Include missing uploadResults property in Sarif output ([693e548](https://redirect.github.com/snyk/cli/commit/693e548e1977ac26cdea97d177a99648

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.