chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@ai-sdk/mcp (source)	^1.0.25 → ^1.0.30
@iconify-json/lucide	^1.2.96 → ^1.2.98
@iconify-json/octicon	^1.2.21 → ^1.2.22
@iconify-json/simple-icons	^1.2.72 → ^1.2.75
@iconify-json/vscode-icons	^1.2.44 → ^1.2.45
@libsql/client (source)	^0.17.0 → ^0.17.2
@nuxt/devtools (source)	^3.2.3 → ^3.2.4
@nuxt/hints	1.0.0-alpha.10 → 1.0.2
@nuxt/ui (source)	^4.5.1 → ^4.6.0
@nuxtjs/mcp-toolkit (source)	^0.7.0 → ^0.12.0
@nuxtjs/turnstile	^1.1.1 → ^1.1.2
@vercel/analytics (source)	^2.0.0 → ^2.0.1
@vue/compiler-sfc (source)	^3.5.29 → ^3.5.31
ai (source)	^6.0.116 → ^6.0.138
better-sqlite3	^12.6.2 → ^12.8.0
drizzle-kit (source)	^0.31.9 → ^0.31.10
eslint (source)	^10.0.3 → ^10.1.0
h3 (source)	^1.15.6 → ^1.15.10
happy-dom	^20.8.3 → ^20.8.8
nuxt-content-twoslash	^0.2.1 → ^0.4.0
pnpm (source)	10.31.0 → 10.33.0
resend	^6.9.3 → ^6.9.4
valibot (source)	^1.2.0 → ^1.3.1
vitest (source)	^4.0.18 → ^4.1.1
vue (source)	^3.5.29 → ^3.5.31
vue-tsc (source)	^3.2.5 → ^3.2.6

---

Release Notes

vercel/ai (@​ai-sdk/mcp)

v1.0.30

Compare Source

Patch Changes

• 4953414: fix: trigger new release for @ai-v5 dist-tag
• Updated dependencies [4953414]
  • @​ai-sdk/provider@​2.0.1
  • @​ai-sdk/provider-utils@​3.0.20

v1.0.29

Compare Source

Patch Changes

• Updated dependencies [ef6d784]
  • @​ai-sdk/provider-utils@​3.0.19

v1.0.28

Compare Source

Patch Changes

• Updated dependencies [056c471]
  • @​ai-sdk/provider-utils@​3.0.17
  • @​ai-sdk/openai-compatible@​1.0.27

v1.0.27

Compare Source

Patch Changes

• Updated dependencies [96936e5]
  • @​ai-sdk/provider-utils@​4.0.12
  • @​ai-sdk/openai-compatible@​2.0.25

v1.0.26

Compare Source

Patch Changes

• 51aa5de: backport: test server
• Updated dependencies [51aa5de]
  • @​ai-sdk/provider-utils@​3.0.16

tursodatabase/libsql-client-ts (@​libsql/client)

v0.17.2

Compare Source

v0.17.1

Compare Source

nuxt/devtools (@​nuxt/devtools)

v3.2.4

Compare Source

   🚀 Features

• Use ua-parser-modern  -  by @​antfu (114aa)

   🐞 Bug Fixes

• Nuxt devtools inspector style  -  by @​antfu (91f09)

    View changes on GitHub

nuxt/hints (@​nuxt/hints)

v1.0.2

Compare Source

🩹 Fixes

• Write hints-config.mjs to fs (#​296)

❤️ Contributors

• Julien Huang (@​huang-julien)

v1.0.1

Compare Source

🩹 Fixes

• Prevent circular reference stack overflow in payload.__hints (#​289)
• Fix #hints-config alias resolution (#​292)

🏡 Chore

• README: Add modules options explanaition (#​285)

❤️ Contributors

• Julien Huang (@​huang-julien)
• Martijn De Wit martijn@ablerz.nl

v1.0.0

Compare Source

Nuxt Hints v1.0.0

We are very excited to move Nuxt hints from alpha stage to 1.0.0 !

Developer experience in Nuxt is truly something we treasure and we hope this module will help you out on finding different ways to make your Nuxt application more performant.
We also want to thank every contributors and users of the modules. It is thanks to them that @​nuxt/hints is reaching 1.0.0

Vision

Our vision at Nuxt has always been that better DX will have an impact on end-user's UX. By releasing this module, the goal is to help Nuxt developers to improve their Nuxt applications.

Roadmap

• Production build integration
  • Having runtime warning in production could help users to actually get what happens in production
• Font and scripts performance hints
• Your ideas !
  • Nuxt is what it is thanks to it's incredible community. Your ideas and feedbacks are always welcomed and have an impact on the future of Nuxt.

Features

v1.0.0 comes with several improvement:

🚀 Enhancements

• Html-validate integration (#​253)
• hydration: Improve hydration log (#​258)
• client: Allow to open potential lazy load components in editor (#​270)
• Add feature related configuration (#​261)

🩹 Fixes

• lazy-load: Avoid wrapping glob imports (#​264)
• TDZ violation in lazy-hydration plugin with .client components (#​265)
• web-vitals: Report all changes for CLS (#​266)
• client: Remove shiki fit content style (#​272)
• web-vitals: Correct next-gen image format detection logic (#​273)
• Set correct tsconfig.json (#​274)

❤️ Thank you to all contributors

• Julien Huang (@​huang-julien)
• @​dargmuesli
• @​Baroshem
• @​danielroe
• @​Mini-ghost
• @​atinux
• @​TheAlexLichter
• @​gmercey
• @​aussieboi
• @​IO-Fire
• @​KazariEX
• @​Razzaghnoori
• @​oritwoen

nuxt/ui (@​nuxt/ui)

v4.6.0

Compare Source

⚠ BREAKING CHANGES

• module: use moduleDependencies to manipulate options (#​5384)

Features

• add standalone Vue REPL playground (#​6209) (390c4bd)
• ChatMessage: add files slot (12d6020)
• ChatReasoning: new component (#​6175) (6db594e)
• ChatShimmer: new component (#​6171) (8db9c54)
• ChatTool: new component (#​6176) (7849534)
• Checkbox/Switch: add support for trueValue / falseValue props (#​6150) (91c6356)
• ContentToc: add highlight-variant prop (#​5746) (df080ce)
• DropdownMenu: add filter prop (#​6153) (a529b43)
• FileUpload: add fileImage prop (#​5935) (40f9c2e)
• Icon: add global options on Vue-only side (#​5354) (566fbee)
• InputMenu: add autocomplete prop (#​6026) (ee8a248)
• InputTime: add range prop (#​6203) (c124f29)
• locale: add Icelandic language (#​6149) (f3ddc60)
• module: use moduleDependencies to manipulate options (#​5384) (dd3f5c5)
• Sidebar: new component (#​6038) (51a1f85)
• Table: implement row pinning (#​6115) (fbd60d9)
• Tooltip: support global content configuration via App tooltip prop (#​6152) (83afd9c)
• unplugin: add support for prose components (#​6198) (c58b9b2)

Bug Fixes

• Avatar: use resolved size for image width/height (#​6008) (6dd0fc4)
• ChatShimmer: handle RTL mode (#​6180) (51793a8)
• ContentNavigation: prevent toggling disabled parent items (#​6122) (0f1074f)
• ContentSurround: handle RTL mode (#​6148) (6921f13)
• ContentToc: reset start margin at lg breakpoint (8f24f79)
• DashboardSearchButton: use valid HTML structure for trailing slot (#​6194) (578a12f)
• Editor: guard lift calls for unavailable list extensions (#​6100) (065db6b)
• Error: support status and statusText properties (1350d62), closes #​6134
• FileUpload: make multiple, accept and reset options reactive (#​6204) (ae093df)
• Modal/Slideover/Popover/Drawer: prevent double close:prevent emit (#​6226) (9a0d501)
• module: only auto-import public composables and allow Vite opt-out (#​6197) (886f5fb)
• NavigationMenu: improve RTL support for viewport and indicator (#​6164) (755867b)
• NavigationMenu: propagate disabled state to item in vertical orientation (6d4d651)
• ProsePre: move shiki line highlight styles to theme (d663950)

nuxt-modules/mcp-toolkit (@​nuxtjs/mcp-toolkit)

v0.12.0

Compare Source

What's Changed

Features 🚀

• feat: allow tools to return primitives and throw errors natively by @​HugoRCD in #​164
• feat: allow prompt handlers to return a simple string by @​HugoRCD in #​167
• feat: re-export completable from MCP SDK by @​HugoRCD in #​169
• feat: add extractToolNames utility for middleware logging by @​HugoRCD in #​170
• feat: add instructions support for MCP server metadata by @​HugoRCD in #​171
• feat: support MCP server metadata fields by @​HugoRCD in #​172
• feat: export McpToolExtra type alias / add autoImports option by @​HugoRCD in #​173
• feat(module): add optional role field to prompt definitions by @​HugoRCD in #​174
• feat(module): add group and tags support by @​HugoRCD in #​176

Bug Fixes 🐞

• fix: deliver results via rpc to prevent silent truncation by @​HugoRCD in #​163
• fix(deps): external secure-exec to avoid warnings by @​larbish in #​175

Continuous Integration 🔄

• ci: replace tag-based releases with changesets by @​HugoRCD in #​165

New Contributors

• @​larbish made their first contribution in #​175
• @​github-actions[bot] made their first contribution in #​168

Full Changelog: https://github.com/nuxt-modules/mcp-toolkit/compare/v0.11.0...@​nuxtjs/mcp-toolkit@0.12.0

v0.11.0

Compare Source

What's Changed

Features 🚀

• feat: add experimental code mode with secure-exec v8 isolates by @​HugoRCD in #​162

Full Changelog: nuxt-modules/mcp-toolkit@v0.10.0...v0.11.0

v0.10.0

Compare Source

What's Changed

Features 🚀

• feat: add useMcpSession utils by @​HugoRCD in #​158
• feat: allow dynamic definitions and conditional setup by @​HugoRCD in #​159
• feat: add mid-session dynamic registration via useMcpServer() by @​HugoRCD in #​160

Bug Fixes 🐞

• fix: ensure next() returns Response instead of undefined by @​HugoRCD in #​161

Full Changelog: nuxt-modules/mcp-toolkit@v0.9.0...v0.10.0

v0.8.0

Compare Source

What's Changed

Features 🚀

• feat: add MCP session management with stateful transport by @​HugoRCD in #​156

Bug Fixes 🐞

• fix(docs): derive MCP page URLs from request origin by @​onmax in #​143
• fix: declare h3 as peer dependency for strict package managers by @​clawtom in #​153
• fix(module): return empty discovery responses by @​onmax in #​145

Documentation 📚

• docs: make landing page studio compatible by @​HugoRCD in #​139

New Contributors

• @​clawtom made their first contribution in #​153

Full Changelog: nuxt-modules/mcp-toolkit@v0.7.0...v0.8.0

nuxt-modules/turnstile (@​nuxtjs/turnstile)

v1.1.2

Compare Source

Bug Fixes

• update peer dependencies (b1b8bf3)

vercel/analytics (@​vercel/analytics)

v2.0.1

Compare Source

What's Changed

• fix(nuxt): set nuxt as optional dependency by @​CHC383 in #​193

New Contributors

• @​CHC383 made their first contribution in #​193

Full Changelog: vercel/analytics@v2.0.0...v2.0.1

vuejs/core (@​vue/compiler-sfc)

v3.5.31

Compare Source

Bug Fixes

• compiler-sfc: allow Node.js subpath imports patterns in asset urls (#​13045) (95c3356), closes #​9919
• compiler-sfc: support template literal as defineModel name (#​14622) (bd7eef0), closes #​14621
• reactivity: normalize toRef property keys before dep lookup + improve types (#​14625) (1bb28d0), closes #​12427 #​12431
• runtime-core: invalidate detached v-for memo vnodes after unmount (#​14624) (560def4), closes #​12708 #​12710
• runtime-core: preserve nullish event handlers in mergeProps (#​14550) (5725222)
• runtime-core: prevent merging model listener when value is null or undefined (#​14629) (b39e032)
• runtime-dom: defer teleport mount/update until suspense resolves (#​8619) (88ed045), closes #​8603
• runtime-dom: handle activeElement check in Shadow DOM for v-model (#​14196) (959ded2)
• server-renderer: cleanup component effect scopes after SSR render (#​14548) (862f11e)
• suspense: avoid unmount activeBranch twice if wrapped in transition (#​9392) (908c6ad), closes #​7966
• suspense: update suspense vnode's el during branch self-update (#​12922) (a2c1700), closes #​12920
• transition: skip enter guard while hmr updating (#​14611) (be0a2f1), closes #​14608
• types: prevent shallowReactive marker from leaking into value unions (#​14493) (3b561db), closes #​14490

v3.5.30

Compare Source

Bug Fixes

• compat: add entities to @​vue/compat deps to fix CJS edge cases (#​12514) (e725a67), closes #​10609
• custom-element: ensure child component styles are injected in correct order before parent styles (#​13374) (1398bf8), closes #​13029
• custom-element: properly locate parent when slotted in shadow dom (#​12480) (f06c81a), closes #​12479
• custom-element: should properly patch as props for vue custom elements (#​12409) (740983e), closes #​12408
• reactivity: avoid duplicate raw/proxy entries in Set.add (#​14545) (d943612)
• reactivity: fix reduce on reactive arrays to preserve reactivity (#​12737) (16ef165), closes #​12735
• reactivity: handle Set with initial reactive values edge case (#​12393) (5dc27ca), closes #​8647
• runtime-core: warn about negative number in v-for (#​12308) (9438cc5)
• ssr: prevent watch from firing after async setup await (#​14547) (6cda71d), closes #​14546
• types: make generics with runtime props in defineComponent work (fix #​11374) (#​13119) (cea3cf7), closes #​13763
• types: narrow useAttrs class/style typing for TSX (#​14492) (bbb8977), closes #​14489

WiseLibs/better-sqlite3 (better-sqlite3)

v12.8.0

Compare Source

What's Changed

• Readme: requires Node.js v20 or later by @​Prinzhorn in #​1443
• Update SQLite to version 3.51.3 in #​1460
• fix: use HolderV2() for PropertyCallbackInfo on V8 >= 12.5 by @​tstone-1 in #​1459

New Contributors

• @​tstone-1 made their first contribution in #​1459

Why SQLite v3.51.3 instead of v3.52.0

From the SQLite team:

Some important issues have been found with version 3.52.0. In order to give us time to deal with those issues, we plan to withdraw the 3.52.0 release. In its place, we will put up a new 3.51.3 patch release that includes a fix for the recently discovered WAL-reset bug as well as other patches. This will happen probably within about the next twelve hours.

Hence, if you were planning to upgrade to 3.52.0 tomorrow (Friday, 2026-03-14), perhaps it would be better to wait a day or so for 3.51.3.

At some point we will do version 3.52.1 which will hopefully resolve the issues that have arisen with the 3.52.0 release.

Full Changelog: WiseLibs/better-sqlite3@v12.7.1...v12.8.0

drizzle-team/drizzle-orm (drizzle-kit)

v0.31.10

Compare Source

• Updated to hanji@0.0.8 - native bun stringWidth, stripANSI support, errors for non-TTY environments
• We've migrated away from esbuild-register to tsx loader, it will now allow to use drizzle-kit seamlessly with both ESM and CJS modules
• We've also added native Bun and Deno launch support, which will not trigger tsx loader and utilise native bun and deno imports capabilities and faster startup times

eslint/eslint (eslint)

v10.1.0

Compare Source

Features

• ff4382b feat: apply fix for no-var in TSModuleBlock (#​20638) (Tanuj Kanti)
• 0916995 feat: Implement api support for bulk-suppressions (#​20565) (Blake Sager)

Bug Fixes

• 2b8824e fix: Prevent no-var autofix when a variable is used before declaration (#​20464) (Amaresh S M)
• e58b4bf fix: update eslint (#​20597) (renovate[bot])

Documentation

• b7b57fe docs: use correct JSDoc link in require-jsdoc.md (#​20641) (mkemna-clb)
• 58e4cfc docs: add deprecation notice partial (#​20639) (Milos Djermanovic)
• 7143dbf docs: update v9 migration guide for @eslint/js usage (#​20540) (fnx)
• 035fc4f docs: note that globalReturn applies only with sourceType: "script" (#​20630) (Milos Djermanovic)
• e972c88 docs: merge ESLint option descriptions into type definitions (#​20608) (Francesco Trotta)
• 7f10d84 docs: Update README (GitHub Actions Bot)
• aeed007 docs: open playground link in new tab (#​20602) (Tanuj Kanti)
• a0d1a37 docs: Add AI Usage Policy (#​20510) (Nicholas C. Zakas)

Chores

• a9f9cce chore: update dependency eslint-plugin-unicorn to ^63.0.0 (#​20584) (Milos Djermanovic)
• 1f42bd7 chore: update prettier to 3.8.1 (#​20651) (루밀LuMir)
• c0a6f4a chore: update dependency @​eslint/json to ^1.2.0 (#​20652) (renovate[bot])
• cc43f79 chore: update dependency c8 to v11 (#​20650) (renovate[bot])
• 2ce4635 chore: update dependency @​eslint/json to v1 (#​20649) (renovate[bot])
• f0406ee chore: update dependency markdownlint-cli2 to ^0.21.0 (#​20646) (renovate[bot])
• dbb4c95 chore: remove trunk (#​20478) (sethamus)
• c672a2a test: fix CLI test for empty output file (#​20640) (kuldeep kumar)
• c7ada24 ci: bump pnpm/action-setup from 4.3.0 to 4.4.0 (#​20636) (dependabot[bot])
• 07c4b8b test: fix RuleTester test without test runners (#​20631) (Francesco Trotta)
• 079bba7 test: Add tests for isValidWithUnicodeFlag (#​20601) (Manish chaudhary)
• 5885ae6 ci: unpin Node.js 25.x in CI (#​20615) (Copilot)
• f65e5d3 chore: update pnpm/action-setup digest to b906aff (#​20610) (renovate[bot])

h3js/h3 (h3)

v1.15.10

Compare Source

compare changes

🩹 Fixes

• Preserve percent-encoded req.url in app event handler (#​1355)

❤️ Contributors

• Sergio Azócar (@​sergioazoc)

v1.15.9

Compare Source

compare changes

🩹 Fixes

• Preserve %25 in pathname (1103df6)
• static: Prevent path traversal via double-encoded dot segments (%252e%252e) (c56683d)
• sse: Sanitize carriage returns in event stream data and comments (ba3c3fe)

v1.15.8

Compare Source

compare changes

🩹 Fixes

• Preserve %25 in pathname (1103df6)

v1.15.7

Compare Source

compare changes

🩹 Fixes

• static: Narrow path traversal check to match .. as a path segment only (c049dc0)
• app: Decode percent-encoded path segments to prevent auth bypass (313ea52)

💅 Refactors

• Remove implicit event handler conversion warning (#​1340)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Wind (@​productdevbook)

capricorn86/happy-dom (happy-dom)

v20.8.8

Compare Source

👷‍♂️ Patch fixes

• Fixes issue where export names can be interpolated as executable code in ESM - By @​capricorn86 in task #​2113
  • A security advisory (GHSA-6q6h-j7hj-3r64) has been reported that shows a security vulnerability where it's possible to escape the VM context and get access to process level functionality. Big thanks to @​tndud042713 for reporting this!

v20.8.7

Compare Source

v20.8.6

Compare Source

v20.8.5

Compare Source

v20.8.4

Compare Source

antfu/nuxt-content-twoslash (nuxt-content-twoslash)

v0.4.0

Compare Source

   🚨 Breaking Changes

• Update shiki to v4  -  by @​antfu (4c6f3)

    View changes on GitHub

v0.3.1

Compare Source

   🐞 Bug Fixes

• Replace CommonJS requires in runtime mdc config  -  by @​onmax in #​20 (0ce1b)

    View changes on GitHub

v0.3.0

Compare Source

   🚨 Breaking Changes

• deps: Bump shiki/twoslash dependencies + support mdc >= 0.14  -  by @​danielroe in #​17 (0e553)

   🚀 Features

• Support nuxt v4 project references  -  by @​danielroe in #​18 (65809)

   🐞 Bug Fixes

• Enable auto-detection in CLI by default  -  by @​danielroe (d73ae)

    View changes on GitHub

pnpm/pnpm (pnpm)

[v10.33.0](https://redirect.github.com/pnpm/pnpm/compare/v1

---

Configuration

📅 Schedule: Branch creation - "on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
nuxt	Error		Mar 25, 2026 11:05am