chore(deps-dev): bump the dev-dependencies group with 4 updates

[dependabot]

Bumps the dev-dependencies group with 4 updates: @changesets/cli, @types/node, publint and typescript.

Updates @changesets/cli from 2.27.11 to 2.27.12

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.27.12

Patch Changes

• #1562 a0f87f1 Thanks @​Netail, @​cefn! - Fixed changelog application when executing using npx and similar tools

• Updated dependencies [a0f87f1]:

  • @​changesets/apply-release-plan@​7.0.8

Commits

• 68a83d5 Version Packages (#1567)
• a0f87f1 Fixed changelog application when executing through npx (#1562)
• a8c474f Update default config object in config-file-options.md (#1052)
• 0417c90 Fix minor grammar and spelling in docs (#609)
• 6d3fab3 Update common-questions.md (#1256)
• eedd3fa Standardized all code snippets for consistency (#1422)
• 262bdd7 Improve docs npx usage (#1515)
• a3acd12 Bump @​babel/preset-env from 7.20.2 to 7.26.0 (#1538)
• acb04d6 Bump eslint-plugin-import from 2.26.0 to 2.31.0 (#1541)
• 574822f Bump @​babel/cli from 7.19.3 to 7.26.4 (#1540)
• See full diff in compare view

Updates @types/node from 22.10.3 to 22.13.0

Commits

• See full diff in compare view

Updates publint from 0.2.12 to 0.3.2

Release notes

Sourced from publint's releases.

[email protected]

Patch Changes

• (Potentially breaking) Disable running lifecycle scripts, such as prepare, prepack, and postpack, when running the pack command internally. This returns to the behavior in v0.2. (Note that this change does not apply to yarn as it does not support ignoring lifecycle scripts for local projects) (#128)

  This change is made as running lifecycle scripts was an unintentional behavior during the v0.3 breaking change, which could cause the linting process to take longer than expected, or even cause infinite loops if publint is used in a lifecycle script.

• Update repository and bugs URLs to point to the new publint organization (1eda033)

• Updated dependencies [1eda033, 10e3891]:

  • @​publint/pack@​0.1.1

[email protected]

Patch Changes

• Correctly process the pack option (#124)

[email protected]

Minor Changes

• The vfs option is removed in favour of an extended support of pack: { tarball: ArrayBuffer | ReadableStream } and pack: { files: PackFile[] } APIs. Now, it is even easier to use publint in the browser or against a packed .tgz file in Node.js. See the docs for more examples of how to use these new options. (#122)

• Bump node version support to >=18 (cb2ed8b)

• publint now runs your project's package manager's pack command to get the list of packed files for linting. The previous npm-packlist dependency is now removed. (#120)

  NOTE: In this release (v0.3.0), the pack command also runs lifecycle scripts like prepare, prepack, and postpack. This behavior is unintentional and is fixed in v0.3.2, where they will no longer run (except for yarn as it does not support ignoring lifecycle scripts for local projects). This returns to the behavior in v0.2.

  A new pack option is added to the node API to allow configuring this. It defaults to 'auto' and will automatically detect your project's package manager using package-manager-detector. See its JSDoc for more information of the option.

  This change is made as package managers have different behaviors for packing files, so running their pack command directly allows for more accurate linting. However, as a result of executing these commands in a child process, it may take 200-500ms longer to lint depending on the package manager used and the project size. The new handling also does not support yarn 1. See this comment for more information.

  If you use yarn 1, you should upgrade to the latest yarn version or a different package manager. Otherwise, no other changes are required for this new behavior.

Patch Changes

• Initial setup to publish with Changesets (24a62f5)

• When a dependency with the file: or link: protocol is specified in the package.json, it will now error to prevent accidentally publishing dependencies that will likely not work when installed by end-users (6e6ab33)

• Fix EXPORT_TYPES_INVALID_FORMAT linting to detect .d.mts and .d.cts files (af5e88b)

• Updated dependencies [d0b406b]:

  • @​publint/pack@​0.1.0

Changelog

Sourced from publint's changelog.

0.3.2

Patch Changes

• (Potentially breaking) Disable running lifecycle scripts, such as prepare, prepack, and postpack, when running the pack command internally. This returns to the behavior in v0.2. (Note that this change does not apply to yarn as it does not support ignoring lifecycle scripts for local projects) (#128)

  This change is made as running lifecycle scripts was an unintentional behavior during the v0.3 breaking change, which could cause the linting process to take longer than expected, or even cause infinite loops if publint is used in a lifecycle script.

• Update repository and bugs URLs to point to the new publint organization (1eda033)

• Updated dependencies [1eda033, 10e3891]:

  • @​publint/pack@​0.1.1

0.3.1

Patch Changes

• Correctly process the pack option (#124)

0.3.0

Minor Changes

• The vfs option is removed in favour of an extended support of pack: { tarball: ArrayBuffer | ReadableStream } and pack: { files: PackFile[] } APIs. Now, it is even easier to use publint in the browser or against a packed .tgz file in Node.js. See the docs for more examples of how to use these new options. (#122)

• Bump node version support to >=18 (cb2ed8b)

• publint now runs your project's package manager's pack command to get the list of packed files for linting. The previous npm-packlist dependency is now removed. (#120)

  NOTE: In this release (v0.3.0), the pack command also runs lifecycle scripts like prepare, prepack, and postpack. This behavior is unintentional and is fixed in v0.3.2, where they will no longer run (except for yarn as it does not support ignoring lifecycle scripts for local projects). This returns to the behavior in v0.2.

  A new pack option is added to the node API to allow configuring this. It defaults to 'auto' and will automatically detect your project's package manager using package-manager-detector. See its JSDoc for more information of the option.

  This change is made as package managers have different behaviors for packing files, so running their pack command directly allows for more accurate linting. However, as a result of executing these commands in a child process, it may take 200-500ms longer to lint depending on the package manager used and the project size. The new handling also does not support yarn 1. See this comment for more information.

  If you use yarn 1, you should upgrade to the latest yarn version or a different package manager. Otherwise, no other changes are required for this new behavior.

Patch Changes

• Initial setup to publish with Changesets (24a62f5)

• When a dependency with the file: or link: protocol is specified in the package.json, it will now error to prevent accidentally publishing dependencies that will likely not work when installed by end-users (6e6ab33)

• Fix EXPORT_TYPES_INVALID_FORMAT linting to detect .d.mts and .d.cts files (af5e88b)

• Updated dependencies [d0b406b]:

  • @​publint/pack@​0.1.0

Commits

• 1d13571 Release packages (#126)
• cccd71e Update dependencies
• e758ba9 Format with trailing comma
• 10e3891 Ignore scripts when packing (#128)
• 1eda033 Replace bluwy with new publint org
• 95b142f Release packages (#125)
• add8f31 Correctly process the pack option (#124)
• cb87bd1 Release packages (#118)
• b048f41 Lint packages with publint
• 2ecf76a Update docs
• Additional commits viewable in compare view

Updates typescript from 5.7.2 to 5.7.3

Release notes

Sourced from typescript's releases.

TypeScript 5.7.3

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).
• fixed issues query for Typescript 5.7.3 (Stable).

Downloads are available on npm

Commits

• a5e123d Update LKG
• 8bc0204 🤖 Pick PR #60828 (Fix CodeQL configuration, releases) into release-5.7 (#60923)
• 7aa63df 🤖 Pick PR #60393 (Don't try to add an implicit undefi...) into release-5.7 (#...
• 9df7c36 Bump version to 5.7.3 and LKG
• e167412 🤖 Pick PR #60794 (Harden sanitizeLog against incorr...) into release-5.7 (#...
• 9ba364c Fix coverage build on release-5.7 (#60792)
• 4b7441a 🤖 Pick PR #60680 (Mark the inherited any-based index ...) into release-5.7 (#...
• e844dc3 Cherry-pick #60402, #60440, #60616 into release-5.7 (#60777)
• 21b02a1 🤖 Pick PR #60749 (Do not require import attribute on ...) into release-5.7 (#...
• b82fd16 🤖 Pick PR #60576 (Avoid incorrectly reusing assertion...) into release-5.7 (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot]

⚠️ No Changeset found

Latest commit: 2df3845

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR