chore(deps): update non-major

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@sanity/tsdoc (source)	2.0.2 -> 2.0.5					dependencies	patch
peter-evans/create-pull-request	5e91468 -> 67ccf78					action	digest
prettier-plugin-packagejson	^2.5.6 -> ^2.5.8					devDependencies	patch
renovate (source)	39.70.0 -> 39.136.0					dependencies	minor
zx (source)	8.2.4 -> 8.3.0					dependencies	minor

---

Release Notes

sanity-io/tsdoc (@​sanity/tsdoc)

v2.0.5

Compare Source

Bug Fixes

• deps: update dependency @​sanity/pkg-utils to v7.0.3 (#​510) (911147e)

v2.0.4

Compare Source

Bug Fixes

• deps: update dependency @​sanity/pkg-utils to v7.0.2 (#​504) (1eb15ee)
• deps: update dependency @​sanity/ui to ^2.11.6 (#​505) (70aeba2)
• deps: update dependency vite to ^6.0.11 (#​509) (e9385ec)

v2.0.3

Compare Source

Bug Fixes

• deps: update dependency @​sanity/client to ^6.27.1 (#​503) (3f3fb85)
• lockfile: update dependency vite to v6.0.9 [security] (#​499) (2bfdcdd)

matzkoh/prettier-plugin-packagejson (prettier-plugin-packagejson)

v2.5.8

Compare Source

Bug Fixes

• deps: update dependency sort-package-json to v2.14.0 (fe3557e)

v2.5.7

Compare Source

Bug Fixes

• deps: update dependency sort-package-json to v2.13.0 (9515f01)

renovatebot/renovate (renovate)

v39.136.0

Compare Source

v39.135.3

Compare Source

Bug Fixes

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.36.7 (#​33869) (bc1b1e6)

v39.135.2

Compare Source

v39.135.1

Compare Source

Bug Fixes

• deps: update ghcr.io/containerbase/sidecar docker tag to v13.7.2 (#​33865) (5b2dfe0)

v39.135.0

Compare Source

v39.134.0

Compare Source

v39.133.4

Compare Source

Miscellaneous Chores

• deps: update python:3.13 docker digest to 137ae4b (#​33838) (f1aef9d)

Build System

• deps: update dependency better-sqlite3 to v11.8.1 (#​33841) (f6e93cf)

v39.133.3

Compare Source

v39.133.2

Compare Source

Bug Fixes

• deps: update ghcr.io/containerbase/sidecar docker tag to v13.7.1 (#​33833) (1fe7ab7)

v39.133.1

Compare Source

v39.133.0

Compare Source

v39.132.1

Compare Source

v39.132.0

Compare Source

v39.131.0

Compare Source

Features

• rename allowedPostUpgradeCommands/allowPostUpgradeCommandTemplating (#​32657) (12a62cc)

v39.130.0

Compare Source

Features

• preset: adding Azure and AzureAD monorepos (SDK and auth) (#​33624) (e08de87)

Bug Fixes

• bitrise: Streamline Zod schema (#​33769) (4cfb6b2)
• config/inherited: apply secrets (#​33779) (68ce0ed)
• npm: extract pnpm overrides with version ranges correctly (#​33727) (1dcb7cc)

Build System

• deps: update dependency commander to v13 (#​33552) (1ee6e6b)

v39.129.0

Compare Source

v39.128.0

Compare Source

v39.127.0

Compare Source

v39.126.1

Compare Source

v39.126.0

Compare Source

v39.125.1

Compare Source

Bug Fixes

• cargo: Skip "replace" range upgrade if new version still matches (#​33773) (6af55c2)

v39.125.0

Compare Source

Features

• presets: Add nestjs/config to nest monorepo (#​33785) (b382c12)

Miscellaneous Chores

• deps: update dependency @​types/node to v22.10.7 (#​33780) (d3a4813)
• deps: update python:3.13 docker digest to 6ee7975 (#​33781) (abb21cd)

v39.124.0

Compare Source

Features

• Drop older timeStamp field support (#​33734) (da5c5ed)

v39.123.0

Compare Source

Features

• Switch to Timestamp type (#​33648) (a33d3ea)

Miscellaneous Chores

• deps: update github/codeql-action action to v3.28.3 (#​33767) (2de047e)

v39.122.3

Compare Source

Build System

• deps: update dependency @​renovatebot/osv-offline to v1.5.12 (#​33766) (c0bafcb)

v39.122.2

Compare Source

Miscellaneous Chores

• deps: update codecov/codecov-action action to v5.2.0 (#​33763) (3cdcb5b)

Build System

• deps: update dependency fs-extra to v11.3.0 (#​33765) (269d70b)

v39.122.1

Compare Source

Documentation

• added list of valid namespace codes for the cacheTtlOverride config (#​33754) (412f5a6)
• remove platform information from Mend-hosted App config page (#​33724) (a6151da)

Tests

• npm: use fs test utils in extract/pnpm.spec.ts (#​33756) (ff99265)

Build System

• deps: update dependency cronstrue to v2.53.0 (#​33762) (207a7ad)

v39.122.0

Compare Source

Features

• presets: add monorepo html-eslint (#​33730) (e3a4aaf)

v39.121.0

Compare Source

Features

• presets: add arrow-kt monorepo (#​33740) (196fc8a)

v39.120.4

Compare Source

Miscellaneous Chores

• deps: update dependency eslint-plugin-jest to v28.10.1 (#​33747) (476ebeb)
• deps: update dependency eslint-plugin-jest to v28.11.0 (#​33749) (0c9c03e)
• deps: update otel/opentelemetry-collector-contrib docker tag to v0.118.0 (#​33746) (91f92c5)

Build System

• deps: update dependency better-sqlite3 to v11.8.0 (#​33750) (caa505e)

v39.120.3

Compare Source

Bug Fixes

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.34.1 (#​33739) (c33b0d7)

Miscellaneous Chores

• deps: update github/codeql-action action to v3.28.2 (#​33738) (a60694e)

v39.120.2

Compare Source

Build System

• deps: update node.js to v22.13.1 (#​33736) (a861396)

v39.120.1

Compare Source

Bug Fixes

• workers/limits: rectify faulty if condition (#​33735) (c57d3cc)

v39.120.0

Compare Source

Features

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.34.0 (#​33728) (956e43f)

v39.119.2

Compare Source

Bug Fixes

• deps: update ghcr.io/containerbase/sidecar docker tag to v13.6.0 (#​33726) (b7ffc46)

Miscellaneous Chores

• deps: update ghcr.io/containerbase/devcontainer docker tag to v13.6.0 (#​33725) (9acd2d7)

v39.119.1

Compare Source

Build System

• deps: update opentelemetry-js monorepo (#​33723) (070b78a)

v39.119.0

Compare Source

Features

• config: allow multiple branch/pr limits (#​32556) (03f2229)

v39.118.5

Compare Source

Bug Fixes

• docs: correct documentation for fork processing (#​33712) (279d7a1)
• manager/bundler: drop strict flag (#​33713) (bc20797)

v39.118.4

Compare Source

Build System

• deps: update dependency ignore to v7.0.3 (#​33717) (525630a)

v39.118.3

Compare Source

Miscellaneous Chores

• deps: update dependency @​types/node to v22.10.6 (#​33710) (b03d099)
• deps: update docker/dockerfile docker tag to v1.13.0 (#​33711) (20d65c8)

Build System

• deps: update dependency ignore to v7.0.2 (#​33716) (72abf15)

v39.118.2

Compare Source

Bug Fixes

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.33.5 (#​33709) (ab291e9)

Documentation

• nuget: update configuration of registry urls to avoid warnings (#​33700) (2becc7d)

Miscellaneous Chores

• deps: update linters to v8.20.0 (#​33708) (d46cda5)
• deps: update pnpm to v9.15.4 (#​33707) (223b98a)

v39.118.1

Compare Source

Build System

• deps: update dependency ignore to v7.0.1 (#​33703) (3533262)

v39.118.0

Compare Source

Features

• presets/custom-managers: Expand acceptable datasource names (#​33677) (78818f1)

v39.117.3

Compare Source

Bug Fixes

• manager/haskell-cabal: Handle comments in Cabal file (#​33695) (2fe8305)

Documentation

• update references to renovate/renovate (#​33696) (57bf719)

Miscellaneous Chores

• deps: lock file maintenance (#​33697) (5ea8511)
• deps: update containerbase/internal-tools action to v3.5.19 (#​33698) (948faec)
• deps: update dependency renovatebot/github-action to v41.0.10 (#​33699) (9d818ff)

v39.117.2

Compare Source

Bug Fixes

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.33.4 (#​33690) (8db105e)

v39.117.1

Compare Source

Bug Fixes

• deps: update ghcr.io/containerbase/sidecar docker tag to v13.5.11 (#​33689) (7df1d93)

v39.117.0

Compare Source

Features

• preset: Add Protobuf monorepo group (#​33686) (d6264b6)

Miscellaneous Chores

• deps: update ghcr.io/containerbase/devcontainer docker tag to v13.5.11 (#​33688) (29f8840)

v39.116.1

Compare Source

Bug Fixes

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.33.3 (#​33687) (5f42147)

Miscellaneous Chores

• deps: update davidanson/markdownlint-cli2-action action to v19.1.0 (#​33685) (99116e8)

v39.116.0

Compare Source

v39.115.4

Compare Source

Bug Fixes

• deps: update dependency mkdocs-material to v9.5.50 (#​33681) (29385be)

v39.115.3

Compare Source

Bug Fixes

• remove colons from depNameSanitized (#​33672) (3e74602)

v39.115.2

Compare Source

Bug Fixes

• config/inherited: set hostRules (#​33530) (6964458)

v39.115.1

Compare Source

Bug Fixes

• pep621: pep508 version spec with parens (#​33632) (846c867)

v39.115.0

Compare Source

v39.114.0

Compare Source

Features

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.33.2 (#​33666) (abe6122)

Bug Fixes

• deps: update ghcr.io/containerbase/sidecar docker tag to v13.5.10 (#​33665) (1b10a43)

Miscellaneous Chores

• deps: update dependency renovatebot/github-action to v41.0.9 (#​33662) (52754b9)
• deps: update ghcr.io/containerbase/devcontainer docker tag to v13.5.10 (#​33663) (24f0de2)
• deps: update python:3.13 docker digest to d57ec66 (#​33661) (46db1ee)

Code Refactoring

• http: Separate getYaml and getYamlUnchecked (#​33653) (a9985da)

v39.113.0

Compare Source

Features

• timestamp: Parse number-like dates plus offset (#​33647) (1f4790c)

v39.112.0

Compare Source

Features

• sharedVariableName (#​33111) (0c2eaaf)

v39.111.1

Compare Source

Bug Fixes

• artifactory: Fix timestamp handling (#​33645) (3cae4d8)

v39.111.0

Compare Source

Features

• maven: Add maven relocation support (#​32550) (545b108)

v39.110.0

Compare Source

v39.109.0

Compare Source

Features

• logger: replace INFO with DEBUG logs (#​33478) (b3bd91b)

v39.108.0

Compare Source

v39.107.3

Compare Source

Bug Fixes

• versioning/ubuntu: support suffixed codename versions (#​33308) (2b2d306)

v39.107.2

Compare Source

Bug Fixes

• gitea: handle null PR as temporary error (#​33623) (e9bc921)

v39.107.1

Compare Source

v39.107.0

Compare Source

Features

• manager: add Cabal/Haskell manager using Hackage/PVP (#​33142) (3c52395)

v39.106.1

Compare Source

Bug Fixes

• Remove normalizeDate function (#​33513) (738843a)

Code Refactoring

• http: Add getYaml and getYamlSafe methods (#​33578) (76ff1df)
• Typed timestamp utility (#​33512) (c450f84)

Build System

• deps: update dependency ignore to v7 (#​33556) (ef48dea)

v39.106.0

Compare Source

Features

• batect: Use Zod schema for extract code (#​33579) (174d6e1)

Miscellaneous Chores

• deps: lock file maintenance (#​33580) (1ad3848)

v39.105.1

Compare Source

Build System

• deps: update dependency node-html-parser to v7 (#​33560) (96912f2)

v39.105.0

Compare Source

Features

• libyear (#​33521) (db60332)

Code Refactoring

• Simplify type inference for result type helpers (#​33576) (4466ccd)

v39.104.3

Compare Source

Miscellaneous Chores

• deps: update davidanson/markdownlint-cli2-action action to v19 (#​33568) (ccf395f)
• deps: update dependency @​types/diff to v7 (#​33569) (827ceea)
• deps: update linters to v8.19.1 (#​33541) (4267676)

Tests

• gradle: refactor and add new tests (#​33522) (c93ae91)

Build System

• deps: update node.js to v22.13.0 (#​33566) (a316427)

v39.104.2

Compare Source

Bug Fixes

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.30.2 (#​33543) (251502e)

Documentation

• update references to renovate/renovate (#​33548) (de7307c)

Miscellaneous Chores

• deps: lock file maintenance (#​33575) (868c588)
• deps: update dependency @​semantic-release/github>@​octokit/plugin-paginate-rest to v11.4.0 (#​33545) (8f95124)
• deps: update dependency @​swc/core to v1.10.7 (#​33537) (1809028)
• deps: update dependency @​types/moo to v0.5.10 (#​33538) (49378c5)
• deps: update dependency @​types/node to v20.17.12 (#​33539) (4a11a17)
• deps: update dependency memfs to v4.17.0 (#​33546) (e8146f4)
• deps: update dependency type-fest to v4.32.0 (#​33547) (fe854dd)
• deps: update dependency typescript to v5.7.3 (#​33540) (95e514b)
• deps: update pnpm to v9.15.3 (#​33542) (de8c7ac)

Build System

• deps: update aws-sdk-js-v3 monorepo to v3.726.1 (#​33544) (2edc028)
• deps: update dependency @​cdktf/hcl2json to v0.20.11 (#​33534) (76512fe)
• deps: update dependency better-sqlite3 to v11.7.2 (#​33535) (e793c8b)
• deps: update dependency glob to v11.0.1 (#​33536) (b397157)

v39.104.1

Compare Source

Bug Fixes

• gradle: remove redundant checks and parser statements (#​33526) (6ff935e)

Miscellaneous Chores

• deps: update dependency pdm to v2.22.2 (#​33532) (205b678)
• deps: update github/codeql-action action to v3.28.1 (#​33533) (b220e93)

Code Refactoring

• azure-pipelines: Simplify Zod result type inference (#​33524) (e1aa9b7)
• bitrise: Simplify file parsing usage (#​33525) (1c82dde)

v39.104.0

Compare Source

Features

• conan: Use schema for datasource (#​33528) (44fc39b)

Miscellaneous Chores

• deps: update dependency @​types/lodash to v4.17.14 (#​33520) (5df1b83)

v39.103.0

Compare Source

Features

• presets: StyleX in Rust monorepo (#​33519) (d391599)

Miscellaneous Chores

• deps: update actions/upload-artifact action to v4.6.0 (#​33518) (890824c)

v39.102.0

Compare Source

Features

• datasource: add devbox datasource module (#​33418) (309da71)

Code Refactoring

• logger: remove templating from ERROR logs (#​33489) (5a9f369)

v39.101.0

Compare Source

Features

• nuget: Support for variables (#​33416) (0427edd)

Code Refactoring

• logger: remove templating from FATAL logs (#​33490) (f2acf6a)

v39.100.2

Compare Source

Bug Fixes

• npm: Don't skip lockfile-only updates (#​33497) (4aab664)

v39.100.1

Compare Source

Build System

• deps: update dependency semantic-release to v24.2.1 (#​33502) (558e73c)

v39.100.0

Compare Source

Features

• deps: update ghcr.io/renovatebot/base-image docker tag to v9.30.0 (#​33501) (c9f91af)

Tests

• Fix pretty-time tests for non-UTC machines (#​33498) (3d2445f)

v39.99.0

Compare Source

Features

• mix: implement getRangeStrategy (#​33322) (99f80a0)

v39.98.0

Compare Source

Features

• mix: add depType support (#​33310) (1d2c1a3)

Code Refactoring

• refactor Google Auth util (#​33486) (84017e0)

v39.97.0

Compare Source

Features

• extract artifactory timestamps from columns (#​33187) (6bb6878)

Code Refactoring

• gradle: extract redundant functions and remove snapshot (#​33430) (6cf23f2)

v39.96.2

Compare Source

Bug Fixes

• gradle: correct handling of heuristically matched dependency triples ([#​33487](https://redi

---

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@sanity/[email protected] 🔁 npm/@sanity/[email protected]	Transitive: environment, eval, network, shell, unsafe	+1044	1.01 GB	sanity-io
npm/[email protected] 🔁 npm/[email protected]	Transitive: environment, filesystem	+11	388 kB	matzkoh
npm/[email protected] 🔁 npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+740	186 MB	publish-bot
npm/[email protected] 🔁 npm/[email protected]	None	+2	899 kB	google-wombot

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
License Policy Violation	npm/[email protected]	License: AGPL-3.0-only - Not allowed by license policy (npm metadata, package/package.json) License: AGPL-3.0 - Not allowed by license policy (package/license)	package-lock.json package.json	⚠︎

View full report↗︎

Next steps

What is a license policy violation?

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]