chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@vueuse/core (source)	^14.1.0 → ^14.2.0
@vueuse/router (source)	^14.1.0 → ^14.2.0
axios (source)	^1.13.2 → ^1.13.4
pnpm (source)	10.28.1 → 10.28.2
vue-tsc (source)	^3.2.3 → ^3.2.4

---

Release Notes

vueuse/vueuse (@​vueuse/core)

v14.2.0

Compare Source

   🚀 Features

• Support configurable scheduler for timed composables  -  by @​9romise in #​5129 (66aad)
• Allow vue-router 5 as peer deps  -  by @​Ericlm in #​5269 (7c94a)
• useCssSupports: Add useCssSupports  -  by @​OrbisK in #​5266 (c1282)
• useDraggable: Auto-scroll with restricted dragging within the container  -  by @​Gazoon007, Alfarish Fizikri, Robin and @​OrbisK in #​4472 (a8a85)
• useElementVisibility: Inherit rootMargin from useIntersectionObserver  -  by @​9romise in #​5207 (46682)
• useIntersectionObserver: Make rootMargin reactive  -  by @​doyuli, @​ilyaliao and @​9romise in #​4934 (53abe)
• useSortable: Add watchElement option for auto-reinitialize on element change  -  by @​Mini-ghost and @​ilyaliao in #​5189 (17ea2)

   🐞 Bug Fixes

• nuxt: Ensure excludes disabledFunctions' alias  -  by @​jinyongp and @​9romise in #​5240 (76829)
• refManualReset: Add explicit return type annotation  -  by @​batuhan-bas in #​5246 (13bbb)
• useAsyncState: Ensure execute return the actual data  -  by @​9romise in #​5167 (0c346)
• useDocumentVisibility: Fix type inference from string to Documen…  -  by @​webfanzc and cowhorse in #​5248 (e8be8)
• useFocusTrap: Update focus-trap range to ^7  -  by ** ^8 (#​5270)** ()
• useInfiniteScroll: Improve promise handling and add flush post to watch  -  by @​nhquyss and @​9romise in #​5122 (abcea)
• useMagicKeys: Handle undefined key in keyboard events  -  by @​LouisLau-art, LouisLau-art and @​OrbisK in #​5225 (65e25)

    View changes on GitHub

axios/axios (axios)

v1.13.4

Compare Source

What's Changed

• Add resource section by @​fboeller in #​4767
• docs: changed href links from master to main by @​WillianAgostini in #​4882
• Fix TypeScript exports by @​remcohaszing in #​4884
• Update CODE_OF_CONDUCT.md by @​letohx in #​6012
• refactor: ci and build by @​jasonsaayman in #​7340
• Fix issues with version 1.13.3 by @​jasonsaayman in #​7352
• chore(release): prepare release 1.13.4 by @​github-actions[bot] in #​7353

New Contributors

• @​fboeller made their first contribution in #​4767
• @​letohx made their first contribution in #​6012

Full Changelog: axios/axios@v1.13.3...v1.13.4

v1.13.3

Compare Source

Bug Fixes

• http2: Use port 443 for HTTPS connections by default. (#​7256) (d7e6065)
• interceptor: handle the error in the same interceptor (#​6269) (5945e40)
• main field in package.json should correspond to cjs artifacts (#​5756) (7373fbf)
• package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#​5754) (b89217e)
• silentJSONParsing=false should throw on invalid JSON (#​7253) (#​7257) (7d19335)
• turn AxiosError into a native error (#​5394) (#​5558) (1c6a86d)
• types: add handlers to AxiosInterceptorManager interface (#​5551) (8d1271b)
• types: restore AxiosError.cause type from unknown to Error (#​7327) (d8233d9)
• unclear error message is thrown when specifying an empty proxy authorization (#​6314) (6ef867e)

Features

• add undefined as a value in AxiosRequestConfig (#​5560) (095033c)
• add automatic minor and patch upgrades to dependabot (#​6053) (65a7584)
• add Node.js coverage script using c8 (closes #​7289) (#​7294) (ec9d94e)
• added copilot instructions (3f83143)
• compatibility with frozen prototypes (#​6265) (860e033)
• enhance pipeFileToResponse with error handling (#​7169) (88d7884)
• types: Intellisense for string literals in a widened union (#​6134) (f73474d), closes /github.com/microsoft/TypeScript/issues/33471#issuecomment-1376364329

Reverts

• Revert "fix: silentJSONParsing=false should throw on invalid JSON (#​7253) (#​7…" (#​7298) (a4230f5), closes #​7253 #​7 #​7298
• deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#​7334) (2d6ad5e)

Contributors to this release

• Ashvin Tiwari
• Nikunj Mochi
• Anchal Singh
• jasonsaayman
• Julian Dax
• Akash Dhar Dubey
• Madhumita
• Tackoil
• Justin Dhillon
• Rudransh
• WuMingDao
• codenomnom
• Nandan Acharya
• Eric Dubé
• Tibor Pilz
• Gabriel Quaresma
• Turadg Aleahmad
• JohnTitor
• rohit miryala
• Wilson Mun
• techcodie
• Ved Vadnere
• svihpinc
• SANDESH LENDVE
• Lubos
• Jarred Sumner
• Adam Hines
• Subhan Kumar Rai
• Joseph Frazier
• KT0803
• Albie
• Jake Hayes

pnpm/pnpm (pnpm)

v10.28.2

Compare Source

vuejs/language-tools (vue-tsc)

v3.2.4

Compare Source

language-core

• feat: place plugin configs under ctx.config and support type annotation via generics (#​5944) - Thanks to @​KazariEX!

workspace

• chore: publish to npm with OIDC (#​5912) - Thanks to @​ghiscoding!

---

Configuration

📅 Schedule: Branch creation - "after 2am and before 3am" (UTC), Automerge - "after 1am and before 2am" (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

Scope: all 9 workspace projects
Progress: resolved 0, reused 1, downloaded 0, added 0
Progress: resolved 23, reused 1, downloaded 0, added 0
packages/curd                            |  WARN  deprecated vue-i18n@11.2.2
Progress: resolved 54, reused 1, downloaded 0, added 0
Progress: resolved 60, reused 1, downloaded 0, added 0
Progress: resolved 61, reused 1, downloaded 0, added 0
Progress: resolved 175, reused 1, downloaded 0, added 0
/tmp/renovate/repos/github/uozi-tech/admin-kit/packages/curd:
 ERR_PNPM_TRUST_DOWNGRADE  High-risk trust downgrade for "undici-types@6.20.0" (possible package takeover)

This error happened while installing the dependencies of @types/node@22.19.7

Trust checks are based solely on publish date, not semver. A package cannot be installed if any earlier-published version had stronger trust evidence. Earlier versions had provenance attestation, but this version has no trust evidence. A trust downgrade may indicate a supply chain incident.

File name: packages/create-uozi-admin/template/pnpm-lock.yaml

Scope: all 9 workspace projects
../../..                                 | Progress: resolved 0, reused 1, downloaded 0, added 0
../../..                                 | Progress: resolved 24, reused 1, downloaded 0, added 0
../../..                                 | Progress: resolved 50, reused 1, downloaded 0, added 0
../../curd                               |  WARN  deprecated vue-i18n@11.2.2
../../..                                 | Progress: resolved 60, reused 1, downloaded 0, added 0
../../..                                 | Progress: resolved 61, reused 1, downloaded 0, added 0
/tmp/renovate/repos/github/uozi-tech/admin-kit/packages/curd:
 ERR_PNPM_TRUST_DOWNGRADE  High-risk trust downgrade for "undici-types@6.20.0" (possible package takeover)

This error happened while installing the dependencies of @types/node@22.19.7

Trust checks are based solely on publish date, not semver. A package cannot be installed if any earlier-published version had stronger trust evidence. Earlier versions had provenance attestation, but this version has no trust evidence. A trust downgrade may indicate a supply chain incident.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 9740dcd

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR