Update dependency vue-router to v5.0.7

[gardener-ci-robot]

This PR contains the following updates:

Package	Change	Age	Confidence
vue-router (source)	5.0.6 → 5.0.7

---

Release Notes

vuejs/router (vue-router)

v5.0.7

Compare Source

   🚀 Features

• Upgrade to babel 8  -  by @​posva (8d3e6)
• Make defineParamParser() more intuitive  -  by @​posva (8715b)
• Upgrade @vue/devtools-api  -  by @​posva (87c3a)
• matcher: Hint at params: {} workaround in discarded params warning  -  by @​posva and shanliuling in #​2689 (c2b13)
• param-parsers: Add include/exclude options  -  by @​posva (91cde)

   🐞 Bug Fixes

• matcher:
  • Finalize param token before processing escaped colon  -  by @​babu-ch and @​posva in #​2654 (20521)
• query:
  • Use Object.create(null) to prevent prototype pollution  -  by @​wdskuki, wdsmini and @​posva in #​2661 (be88c)
• resolve:
  • Omit empty optional params from resolved params  -  by @​babu-ch and @​posva in #​2434 (1ef09)
• types:
  • Wire RouteNamedMap via generated routes.d.ts  -  by @​posva in #​2700 (aef99)
• unplugin:
  • Avoid generating empty routes  -  by @​FrontEndDog and @​posva in #​2642 (10a8b)
  • Apply definePage path-param parser overrides  -  by @​posva in #​2699 (c8074)
• volar:
  • Drop runtime @vue/language-core import  -  by @​danielroe in #​2710 (8af50)

    View changes on GitHub

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[gardener-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign grolu for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1a8c3436-6497-4028-acc5-392a67e71b09

📥 Commits

Reviewing files that changed from the base of the PR and between b71cbec and 5170a93.

⛔ Files ignored due to path filters (12)

• .yarn/cache/@babel-generator-npm-7.29.1-b1bf16fe79-349086e687.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-generator-npm-8.0.0-rc.5-4706f3867f-fe32beaaa8.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-helper-string-parser-npm-8.0.0-rc.5-834e4827dc-4058708a20.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-helper-validator-identifier-npm-8.0.0-rc.5-5dd7b7785d-734bdc5ad5.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-parser-npm-8.0.0-rc.5-2a9ec65efe-df734f88e8.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-types-npm-8.0.0-rc.5-2ac6e73908-b3303df138.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@types-jsesc-npm-2.5.1-3d8289fff0-12ba7bf596.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@vue-devtools-api-npm-8.1.2-9a07bc314b-7c6a64fbdf.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@vue-devtools-kit-npm-8.1.2-e4731fe2e5-4776ab0ed1.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@vue-devtools-shared-npm-8.1.2-8e8f595715-05b1b4ffb2.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/vue-router-npm-5.0.7-2d75be62c7-cd5b958749.zip is excluded by !**/.yarn/**, !**/*.zip
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• .pnp.cjs

✅ Files skipped from review due to trivial changes (1)

• .pnp.cjs

---

📝 Walkthrough

Walkthrough

The .pnp.cjs Yarn Plug'n'Play lockfile is updated to resolve multiple dependency upgrades. Babel packages move to 8.0.0-rc.5, Vue devtools packages upgrade to 8.1.2, and vue-router advances to 5.0.7. Virtual package mappings and cache locations are refreshed accordingly across the dependency graph.

Changes

Yarn Plug'n'Play Dependency Updates

Layer / File(s)	Summary
Babel toolchain upgrade to 8.0.0-rc.5 .pnp.cjs	@babel/generator, @babel/helper-string-parser, @babel/helper-validator-identifier, @babel/parser, and @babel/types are upgraded to npm:8.0.0-rc.5 with refreshed packageLocation and packageDependencies.
Vue devtools suite upgrade to 8.1.2 .pnp.cjs	@vue/devtools-api, @vue/devtools-kit, and @vue/devtools-shared are upgraded to npm:8.1.2 with updated cache locations and inter-package dependency references.
Auxiliary dependency updates .pnp.cjs	@types/jsesc is added/updated as npm:2.5.1, and the virtual package mapping for @vue-macros/common is replaced with a new virtual hash while preserving npm:3.1.2.
Vue-router upgrade and virtual dependency graph updates .pnp.cjs	vue-router soft and virtual entries are upgraded to npm:5.0.7, and its virtual dependency graph now references the updated Babel, devtools, and macros entries.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• gardener/dashboard#2868: Related .pnp.cjs dependency/virtual package updates touching Vue/Babel mappings.
• gardener/dashboard#2747: Modifies .pnp.cjs virtual dependency metadata for vue-router.
• gardener/dashboard#2842: Updates .pnp.cjs virtual dependency graph for vue-router and related mappings.

Suggested reviewers

• holgerkoser
• klocke-io
• petersutter
• grolu

Poem

🐰 I hopped through PnP's tiny maze,
Upgraded Babel's shining blaze,
Devtools tuned to version nine and two,
Router stepped from five to seven too,
A rabbit's cheer—dependencies anew!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description lacks required sections from the template: /area and /kind labels are not filled (show TODO), 'What this PR does/why we need it' and 'Special notes for your reviewer' sections are missing, and the release note section is incomplete.	Add /area and /kind labels, complete the 'What this PR does' and 'Special notes' sections, and properly fill the release note section with a bugfix or feature note.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly and clearly summarizes the main change: updating vue-router from 5.0.6 to 5.0.7, which is the primary objective of this pull request.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/vue-router-5.x-lockfile

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.pnp.cjs:
- Around line 176-187: The lockfile now pins a release-candidate Babel package
("npm:8.0.0-rc.5" / `@babel/generator`, `@babel/parser`, `@babel/types`) introduced
via the vue-router 5.0.7 upgrade; replace or avoid this pre-release by either
rolling back the vue-router upgrade, forcing a stable Babel version resolution,
or adding an explicit nohoist/override to resolve `@babel/`* to a stable release
(e.g., Babel 7.x) in your dependency resolution strategy so the lockfile no
longer contains "npm:8.0.0-rc.5"; update package constraints and regenerate the
lockfile (or document and accept the RC risk in the release notes if you
intentionally keep it).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d318212d-1968-4e91-b15f-9ce1ce0b4617

📥 Commits

Reviewing files that changed from the base of the PR and between 8fcef0c and b71cbec.

⛔ Files ignored due to path filters (12)

• .yarn/cache/@babel-generator-npm-7.29.1-b1bf16fe79-349086e687.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-generator-npm-8.0.0-rc.5-4706f3867f-fe32beaaa8.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-helper-string-parser-npm-8.0.0-rc.5-834e4827dc-4058708a20.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-helper-validator-identifier-npm-8.0.0-rc.5-5dd7b7785d-734bdc5ad5.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-parser-npm-8.0.0-rc.5-2a9ec65efe-df734f88e8.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@babel-types-npm-8.0.0-rc.5-2ac6e73908-b3303df138.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@types-jsesc-npm-2.5.1-3d8289fff0-12ba7bf596.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@vue-devtools-api-npm-8.1.2-9a07bc314b-7c6a64fbdf.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@vue-devtools-kit-npm-8.1.2-e4731fe2e5-4776ab0ed1.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/@vue-devtools-shared-npm-8.1.2-8e8f595715-05b1b4ffb2.zip is excluded by !**/.yarn/**, !**/*.zip
• .yarn/cache/vue-router-npm-5.0.7-2d75be62c7-cd5b958749.zip is excluded by !**/.yarn/**, !**/*.zip
• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• .pnp.cjs

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

Is Babel 8.0.0-rc.5 stable enough for production use, and does vue-router 5.0.7 require Babel 8 or is it compatible with Babel 7?

💡 Result:

Babel 8.0.0-rc.5 is a pre-release version and is not recommended for production use [1]. As a release candidate, it is intended for testing and feedback purposes rather than stable deployment [1]. Regarding Vue Router 5.0.7, it does not require Babel 8 and is compatible with Babel 7. Vue Router 5 is primarily a transition release that merges unplugin-vue-router into the core package [2][3]. It maintains compatibility with existing build setups, and there are no breaking changes for users who are not utilizing file-based routing [2][3]. You can continue to use your existing Babel 7 configuration with Vue Router 5 [2][3].

Citations:

• 1: https://github.com/babel/babel/releases/tag/v8.0.0-rc.5
• 2: https://github.com/vuejs/router/releases/tag/v5.0.0
• 3: https://router.vuejs.org/guide/migration/v4-to-v5

---

🏁 Script executed:

#!/bin/bash
# Check if vue-router 5.0.7 package.json specifies Babel 8 as a required dependency
curl -s https://registry.npmjs.org/vue-router/5.0.7 | jq -r '.dependencies, .peerDependencies, .optionalDependencies' | grep -i babel

Repository: gardener/dashboard

Length of output: 99

---

Babel 8.0.0-rc.5 is not production-ready and should not be used in releases.

The upgrade to vue-router 5.0.7 introduces Babel 8.0.0-rc.5 as a direct dependency. Release candidates are pre-release versions intended for testing only and are not recommended for production use. Either defer the vue-router upgrade until Babel 8 reaches a stable release, or explicitly document and accept the risk of using a release candidate in production.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.pnp.cjs around lines 176 - 187, The lockfile now pins a release-candidate
Babel package ("npm:8.0.0-rc.5" / `@babel/generator`, `@babel/parser`, `@babel/types`)
introduced via the vue-router 5.0.7 upgrade; replace or avoid this pre-release
by either rolling back the vue-router upgrade, forcing a stable Babel version
resolution, or adding an explicit nohoist/override to resolve `@babel/`* to a
stable release (e.g., Babel 7.x) in your dependency resolution strategy so the
lockfile no longer contains "npm:8.0.0-rc.5"; update package constraints and
regenerate the lockfile (or document and accept the RC risk in the release notes
if you intentionally keep it).