fix(deps): update npm dependencies, remove nolyfill (#37968)

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[@eslint-community/eslint-plugin-eslint-comments](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments)
| [`4.7.1` →
`4.7.2`](https://renovatebot.com/diffs/npm/@eslint-community%2feslint-plugin-eslint-comments/4.7.1/4.7.2)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@eslint-community%2feslint-plugin-eslint-comments/4.7.2?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@eslint-community%2feslint-plugin-eslint-comments/4.7.1/4.7.2?slim=true)
|
| [@primer/octicons](https://primer.style/octicons)
([source](https://redirect.github.com/primer/octicons)) | [`19.26.0` →
`19.27.0`](https://renovatebot.com/diffs/npm/@primer%2focticons/19.26.0/19.27.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@primer%2focticons/19.27.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@primer%2focticons/19.26.0/19.27.0?slim=true)
|
|
[@typescript-eslint/parser](https://typescript-eslint.io/packages/parser)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser))
| [`8.59.4` →
`8.60.0`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/8.59.4/8.60.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@typescript-eslint%2fparser/8.60.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@typescript-eslint%2fparser/8.59.4/8.60.0?slim=true)
|
|
[@vitest/eslint-plugin](https://redirect.github.com/vitest-dev/eslint-plugin-vitest)
| [`1.6.17` →
`1.6.18`](https://renovatebot.com/diffs/npm/@vitest%2feslint-plugin/1.6.17/1.6.18)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@vitest%2feslint-plugin/1.6.18?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@vitest%2feslint-plugin/1.6.17/1.6.18?slim=true)
|
| [dayjs](https://day.js.org)
([source](https://redirect.github.com/iamkun/dayjs)) | [`1.11.20` →
`1.11.21`](https://renovatebot.com/diffs/npm/dayjs/1.11.20/1.11.21) |
![age](https://developer.mend.io/api/mc/badges/age/npm/dayjs/1.11.21?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/dayjs/1.11.20/1.11.21?slim=true)
|
| [katex](https://katex.org)
([source](https://redirect.github.com/KaTeX/KaTeX)) | [`0.16.47` →
`0.17.0`](https://renovatebot.com/diffs/npm/katex/0.16.47/0.17.0) |
![age](https://developer.mend.io/api/mc/badges/age/npm/katex/0.17.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/katex/0.16.47/0.17.0?slim=true)
|
|
[material-icon-theme](https://redirect.github.com/material-extensions/vscode-material-icon-theme/blob/main/README.md)
([source](https://redirect.github.com/material-extensions/vscode-material-icon-theme))
| [`5.34.0` →
`5.35.0`](https://renovatebot.com/diffs/npm/material-icon-theme/5.34.0/5.35.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/material-icon-theme/5.35.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/material-icon-theme/5.34.0/5.35.0?slim=true)
|
| [pnpm](https://pnpm.io)
([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) |
[`11.2.1` →
`11.4.0`](https://renovatebot.com/diffs/npm/pnpm/11.2.1/11.4.0) |
![age](https://developer.mend.io/api/mc/badges/age/npm/pnpm/11.4.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pnpm/11.2.1/11.4.0?slim=true)
|
|
[rolldown-license-plugin](https://redirect.github.com/silverwind/rolldown-license-plugin)
| [`3.0.7` →
`3.0.8`](https://renovatebot.com/diffs/npm/rolldown-license-plugin/3.0.7/3.0.8)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/rolldown-license-plugin/3.0.8?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/rolldown-license-plugin/3.0.7/3.0.8?slim=true)
|
|
[typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint))
| [`8.59.4` →
`8.60.0`](https://renovatebot.com/diffs/npm/typescript-eslint/8.59.4/8.60.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/typescript-eslint/8.60.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/typescript-eslint/8.59.4/8.60.0?slim=true)
|
| [updates](https://redirect.github.com/silverwind/updates) |
[`17.16.13` →
`17.17.2`](https://renovatebot.com/diffs/npm/updates/17.16.13/17.17.2) |
![age](https://developer.mend.io/api/mc/badges/age/npm/updates/17.17.2?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/updates/17.16.13/17.17.2?slim=true)
|
| [vite](https://vite.dev)
([source](https://redirect.github.com/vitejs/vite/tree/HEAD/packages/vite))
| [`8.0.13` →
`8.0.14`](https://renovatebot.com/diffs/npm/vite/8.0.13/8.0.14) |
![age](https://developer.mend.io/api/mc/badges/age/npm/vite/8.0.14?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vite/8.0.13/8.0.14?slim=true)
|
| [vue](https://vuejs.org/)
([source](https://redirect.github.com/vuejs/core)) | [`3.5.34` →
`3.5.35`](https://renovatebot.com/diffs/npm/vue/3.5.34/3.5.35) |
![age](https://developer.mend.io/api/mc/badges/age/npm/vue/3.5.35?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vue/3.5.34/3.5.35?slim=true)
|
| [vue-tsc](https://redirect.github.com/vuejs/language-tools)
([source](https://redirect.github.com/vuejs/language-tools/tree/HEAD/packages/tsc))
| [`3.3.1` →
`3.3.2`](https://renovatebot.com/diffs/npm/vue-tsc/3.3.1/3.3.2) |
![age](https://developer.mend.io/api/mc/badges/age/npm/vue-tsc/3.3.2?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/vue-tsc/3.3.1/3.3.2?slim=true)
|

---

### Release Notes

<details>
<summary>eslint-community/eslint-plugin-eslint-comments
(@&#8203;eslint-community/eslint-plugin-eslint-comments)</summary>

###
[`v4.7.2`](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/releases/tag/v4.7.2)

[Compare
Source](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/compare/v4.7.1...v4.7.2)

##### Bug Fixes

- **deps:** pin `modern-monaco` version to 0.4.0
([#&#8203;320](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/issues/320))
([62a2c3a](62a2c3a4ee))
- **docs:** use `modern-monaco` instead of `monaco-editor`
([#&#8203;311](https://redirect.github.com/eslint-community/eslint-plugin-eslint-comments/issues/311))
([42919d0](42919d06d8))

</details>

<details>
<summary>primer/octicons (@&#8203;primer/octicons)</summary>

###
[`v19.27.0`](https://redirect.github.com/primer/octicons/blob/HEAD/CHANGELOG.md#19270)

[Compare
Source](https://redirect.github.com/primer/octicons/compare/v19.26.0...v19.27.0)

##### Minor Changes

- [#&#8203;1203](https://redirect.github.com/primer/octicons/pull/1203)
[`a69618e4`](a69618e4b6)
Thanks [@&#8203;ericwbailey](https://redirect.github.com/ericwbailey)! -
Add flag icon

##### Patch Changes

- [#&#8203;1212](https://redirect.github.com/primer/octicons/pull/1212)
[`02bd1ef8`](02bd1ef8d1)
Thanks [@&#8203;ericwbailey](https://redirect.github.com/ericwbailey)! -
remove hardcoded fill from flag icon

</details>

<details>
<summary>typescript-eslint/typescript-eslint
(@&#8203;typescript-eslint/parser)</summary>

###
[`v8.60.0`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#8600-2026-05-25)

[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.4...v8.60.0)

This was a version bump only for parser to align it with other projects,
there were no code changes.

See [GitHub
Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0)
for more information.

You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.

</details>

<details>
<summary>vitest-dev/eslint-plugin-vitest
(@&#8203;vitest/eslint-plugin)</summary>

###
[`v1.6.18`](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/releases/tag/v1.6.18)

[Compare
Source](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.17...v1.6.18)

#####    🐞 Bug Fixes

- Correct `requiresTypeChecking` metadata for four rules  -  by
[@&#8203;inglec-arista](https://redirect.github.com/inglec-arista) in
[#&#8203;905](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/issues/905)
[<samp>(e06a3)</samp>](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/commit/e06a3dc)

#####     [View changes on
GitHub](https://redirect.github.com/vitest-dev/eslint-plugin-vitest/compare/v1.6.17...v1.6.18)

</details>

<details>
<summary>iamkun/dayjs (dayjs)</summary>

###
[`v1.11.21`](https://redirect.github.com/iamkun/dayjs/blob/HEAD/CHANGELOG.md#11121-2026-05-26)

[Compare
Source](https://redirect.github.com/iamkun/dayjs/compare/v1.11.20...v1.11.21)

##### Bug Fixes

- preserve unsupported year tokens in format
([#&#8203;3015](https://redirect.github.com/iamkun/dayjs/issues/3015))
([#&#8203;3016](https://redirect.github.com/iamkun/dayjs/issues/3016))
([8fda602](8fda602bea))

</details>

<details>
<summary>KaTeX/KaTeX (katex)</summary>

###
[`v0.17.0`](https://redirect.github.com/KaTeX/KaTeX/blob/HEAD/CHANGELOG.md#0170-2026-05-22)

[Compare
Source](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.47...v0.17.0)

##### Performance Improvements

- simplify `defineFunction` to avoid destructuring, improve typing
([#&#8203;4222](https://redirect.github.com/KaTeX/KaTeX/issues/4222))
([fb604e6](fb604e6ba6))

##### BREAKING CHANGES

- The internal API for `__defineFunction` changed: you should no longer
wrap properties in `props`.

####
[0.16.47](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.46...v0.16.47)
(2026-05-16)

##### Bug Fixes

- correct size of `[` big delimiter
([#&#8203;4217](https://redirect.github.com/KaTeX/KaTeX/issues/4217))
([7ba0027](7ba0027d2f)),
closes
[#&#8203;4215](https://redirect.github.com/KaTeX/KaTeX/issues/4215)

####
[0.16.46](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.45...v0.16.46)
(2026-05-13)

##### Bug Fixes

- preserve math font in some styling commands
([#&#8203;4214](https://redirect.github.com/KaTeX/KaTeX/issues/4214))
([e9ee046](e9ee0464dd)),
closes
[#&#8203;4213](https://redirect.github.com/KaTeX/KaTeX/issues/4213)

####
[0.16.45](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.44...v0.16.45)
(2026-04-05)

##### Bug Fixes

- wrap vcenter mpadded in mrow for valid MathML
([#&#8203;4193](https://redirect.github.com/KaTeX/KaTeX/issues/4193))
([ee66b78](ee66b78d24)),
closes
[#&#8203;4078](https://redirect.github.com/KaTeX/KaTeX/issues/4078)

####
[0.16.44](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.43...v0.16.44)
(2026-03-27)

##### Bug Fixes

- remove extra \jot space at bottom of align/gather/etc.
([#&#8203;4184](https://redirect.github.com/KaTeX/KaTeX/issues/4184))
([3870ee9](3870ee913e))

####
[0.16.43](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.42...v0.16.43)
(2026-03-26)

##### Bug Fixes

- use makeEm() consistently to truncate long CSS decimals
([#&#8203;4181](https://redirect.github.com/KaTeX/KaTeX/issues/4181))
([0967dcc](0967dcc027))

####
[0.16.42](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.41...v0.16.42)
(2026-03-24)

##### Features

- \underbracket and \overbracket
([#&#8203;4147](https://redirect.github.com/KaTeX/KaTeX/issues/4147))
([5be9abb](5be9abb0b4))

####
[0.16.41](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.40...v0.16.41)
(2026-03-24)

##### Bug Fixes

- \sout in text mode
([#&#8203;4173](https://redirect.github.com/KaTeX/KaTeX/issues/4173))
([e748578](e748578b63))

####
[0.16.40](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.39...v0.16.40)
(2026-03-20)

##### Bug Fixes

- **css:** specify position: relative for .katex
([#&#8203;4170](https://redirect.github.com/KaTeX/KaTeX/issues/4170))
([020f0d8](020f0d8956))

####
[0.16.39](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.38...v0.16.39)
(2026-03-19)

##### Bug Fixes

- middle dot in text mode
([#&#8203;4169](https://redirect.github.com/KaTeX/KaTeX/issues/4169))
([edb45b0](edb45b0b17)),
closes
[#&#8203;3641](https://redirect.github.com/KaTeX/KaTeX/issues/3641)

####
[0.16.38](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.37...v0.16.38)
(2026-03-08)

##### Bug Fixes

- accent skew mixed with font specifiers
([#&#8203;4159](https://redirect.github.com/KaTeX/KaTeX/issues/4159))
([aea3375](aea33758d6)),
closes
[#&#8203;4121](https://redirect.github.com/KaTeX/KaTeX/issues/4121)

####
[0.16.37](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.36...v0.16.37)
(2026-03-06)

##### Bug Fixes

- negative-width `\hphantom` and symmetric `\smash`
([#&#8203;4153](https://redirect.github.com/KaTeX/KaTeX/issues/4153))
([d4799ca](d4799cae58))

####
[0.16.36](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.35...v0.16.36)
(2026-03-06)

##### Bug Fixes

- contrib esm bloat
([#&#8203;4157](https://redirect.github.com/KaTeX/KaTeX/issues/4157))
([2bde1ad](2bde1adab2))

####
[0.16.35](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.34...v0.16.35)
(2026-03-05)

##### Bug Fixes

- version number regression
([#&#8203;4155](https://redirect.github.com/KaTeX/KaTeX/issues/4155))
([db26b73](db26b73380))

####
[0.16.34](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.33...v0.16.34)
(2026-03-05)

##### Bug Fixes

- emoji with variation selector
([#&#8203;4151](https://redirect.github.com/KaTeX/KaTeX/issues/4151))
([c2606e5](c2606e5db9))

####
[0.16.33](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.32...v0.16.33)
(2026-02-23)

##### Bug Fixes

- **scss:** forward variables to fonts module
([#&#8203;4146](https://redirect.github.com/KaTeX/KaTeX/issues/4146))
([9349a64](9349a64a05))

####
[0.16.32](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.31...v0.16.32)
(2026-02-22)

##### Bug Fixes

- italic separation in \mathnormal
([#&#8203;4143](https://redirect.github.com/KaTeX/KaTeX/issues/4143))
([71305a0](71305a0514))

####
[0.16.31](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.30...v0.16.31)
(2026-02-22)

##### Bug Fixes

- `\*frac` sizing
([#&#8203;4137](https://redirect.github.com/KaTeX/KaTeX/issues/4137))
([ef51f18](ef51f18ded))

####
[0.16.30](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.29...v0.16.30)
(2026-02-22)

##### Bug Fixes

- no line breaks after `\not`
([#&#8203;4140](https://redirect.github.com/KaTeX/KaTeX/issues/4140))
([2d1ba86](2d1ba86143))

####
[0.16.29](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.28...v0.16.29)
(2026-02-22)

##### Bug Fixes

- `\imath` and other `\html@mathml` macros in arguments
([#&#8203;4139](https://redirect.github.com/KaTeX/KaTeX/issues/4139))
([a850cce](a850cce7cc))

####
[0.16.28](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.27...v0.16.28)
(2026-01-25)

##### Bug Fixes

- **type:** add missing types definition path to package.json
([#&#8203;4125](https://redirect.github.com/KaTeX/KaTeX/issues/4125))
([0ef8921](0ef8921d18))

####
[0.16.27](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.26...v0.16.27)
(2025-12-07)

##### Features

- support equals sign and surrounding whitespace in \htmlData attribute
values
([#&#8203;4112](https://redirect.github.com/KaTeX/KaTeX/issues/4112))
([c77aaec](c77aaec00c))

####
[0.16.26](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.25...v0.16.26)
(2025-12-07)

##### Bug Fixes

- \mathop followed by integral symbol
([6fbad18](6fbad18857))

####
[0.16.25](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.24...v0.16.25)
(2025-10-13)

##### Features

- **css:** provide `katex-swap.css` that uses `font-display: swap`
([#&#8203;3940](https://redirect.github.com/KaTeX/KaTeX/issues/3940))
([b3f9ce6](b3f9ce691e)),
closes
[#&#8203;2242](https://redirect.github.com/KaTeX/KaTeX/issues/2242)

####
[0.16.24](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.23...v0.16.24)
(2025-10-12)

##### Features

- support hex colors with alpha
([#&#8203;4090](https://redirect.github.com/KaTeX/KaTeX/issues/4090))
([8c9b306](8c9b306396)),
closes
[#&#8203;4067](https://redirect.github.com/KaTeX/KaTeX/issues/4067)
[#fA6](https://redirect.github.com/KaTeX/KaTeX/issues/fA6)
[#fA6f1](https://redirect.github.com/KaTeX/KaTeX/issues/fA6f1)

####
[0.16.23](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.22...v0.16.23)
(2025-10-03)

##### Bug Fixes

- Support `\def` with arguments via `macros` option
([#&#8203;4087](https://redirect.github.com/KaTeX/KaTeX/issues/4087))
([80a8158](80a815856a))

####
[0.16.22](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.21...v0.16.22)
(2025-04-09)

##### Bug Fixes

- \relax in base or exponent of super/subscript
([#&#8203;4045](https://redirect.github.com/KaTeX/KaTeX/issues/4045))
([1f43c84](1f43c84a17))

####
[0.16.21](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.20...v0.16.21)
(2025-01-17)

##### Bug Fixes

- escape \htmlData attribute name
([57914ad](57914ad91e))

####
[0.16.20](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.19...v0.16.20)
(2025-01-12)

##### Bug Fixes

- \providecommand does not overwrite existing macro
([#&#8203;4000](https://redirect.github.com/KaTeX/KaTeX/issues/4000))
([6d30fe4](6d30fe47b0)),
closes
[#&#8203;3928](https://redirect.github.com/KaTeX/KaTeX/issues/3928)

####
[0.16.19](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.18...v0.16.19)
(2024-12-29)

##### Bug Fixes

- **types:** improve `strict` function type
([#&#8203;4009](https://redirect.github.com/KaTeX/KaTeX/issues/4009))
([4228b4e](4228b4eb52))

####
[0.16.18](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.17...v0.16.18)
(2024-12-18)

##### Bug Fixes

- Actually publish TypeScript type definitions
([#&#8203;4008](https://redirect.github.com/KaTeX/KaTeX/issues/4008))
([629b873](629b87354f))

####
[0.16.17](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.16...v0.16.17)
(2024-12-17)

##### Bug Fixes

- MathML combines multidigit numbers with sup/subscript, comma
separators, and multicharacter text when outputting to DOM
([#&#8203;3999](https://redirect.github.com/KaTeX/KaTeX/issues/3999))
([7d79e22](7d79e220f4)),
closes
[#&#8203;3995](https://redirect.github.com/KaTeX/KaTeX/issues/3995)

####
[0.16.16](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.15...v0.16.16)
(2024-12-17)

##### Features

- ESM exports, TypeScript types
([#&#8203;3992](https://redirect.github.com/KaTeX/KaTeX/issues/3992))
([ea9c173](ea9c173a0d))

####
[0.16.15](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.14...v0.16.15)
(2024-12-09)

##### Features

- italic sans-serif in math mode via `\mathsfit` command
([#&#8203;3998](https://redirect.github.com/KaTeX/KaTeX/issues/3998))
([2218901](22189018b6))

####
[0.16.14](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.13...v0.16.14)
(2024-12-08)

##### Features

- \dddot and \ddddot support
([#&#8203;3834](https://redirect.github.com/KaTeX/KaTeX/issues/3834))
([bda35cd](bda35cdb0a)),
closes
[#&#8203;2744](https://redirect.github.com/KaTeX/KaTeX/issues/2744)

####
[0.16.13](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.12...v0.16.13)
(2024-12-08)

##### Bug Fixes

- `\vdots` and `\rule` support in text mode
([#&#8203;3997](https://redirect.github.com/KaTeX/KaTeX/issues/3997))
([0e08352](0e08352623)),
closes
[#&#8203;3990](https://redirect.github.com/KaTeX/KaTeX/issues/3990)

####
[0.16.12](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.11...v0.16.12)
(2024-12-08)

##### Features

- **css:** configurable margin for display math
([#&#8203;3638](https://redirect.github.com/KaTeX/KaTeX/issues/3638))
([3405001](3405001225))

####
[0.16.11](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.10...v0.16.11)
(2024-07-02)

##### Features

- add \emph
([#&#8203;3963](https://redirect.github.com/KaTeX/KaTeX/issues/3963))
([9f34da4](9f34da4b3c)),
closes
[#&#8203;3566](https://redirect.github.com/KaTeX/KaTeX/issues/3566)

####
[0.16.10](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.9...v0.16.10)
(2024-03-24)

##### Bug Fixes

- \edef bypassing maxExpand via exponential blowup
([e88b4c3](e88b4c357f))
- escape \includegraphics src and alt
([c5897fc](c5897fcd1f))
- force protocol to be lowercase for better protocol filtering
([fc5af64](fc5af64183)),
closes
[/datatracker.ietf.org/doc/html/rfc3986#section-3](https://redirect.github.com//datatracker.ietf.org/doc/html/rfc3986/issues/section-3)
- maxExpand limit with Unicode sub/superscripts
([085e21b](085e21b5da))

####
[0.16.9](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.8...v0.16.9)
(2023-10-02)

##### Features

- Support bold Fraktur
([#&#8203;3777](https://redirect.github.com/KaTeX/KaTeX/issues/3777))
([240d5ae](240d5aede9))

####
[0.16.8](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.7...v0.16.8)
(2023-06-24)

##### Features

- expose error length and raw error message on ParseError
([#&#8203;3820](https://redirect.github.com/KaTeX/KaTeX/issues/3820))
([710774a](710774aaeb))

####
[0.16.7](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.6...v0.16.7)
(2023-04-28)

##### Bug Fixes

- **docs/support\_table.md:** delete redundant "varPsi"
([#&#8203;3814](https://redirect.github.com/KaTeX/KaTeX/issues/3814))
([33a1b98](33a1b98710))

####
[0.16.6](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.5...v0.16.6)
(2023-04-17)

##### Bug Fixes

- Support `\let` via `macros` option
([#&#8203;3738](https://redirect.github.com/KaTeX/KaTeX/issues/3738))
([bdb0be2](bdb0be2017)),
closes
[#&#8203;3737](https://redirect.github.com/KaTeX/KaTeX/issues/3737)
[#&#8203;3737](https://redirect.github.com/KaTeX/KaTeX/issues/3737)

####
[0.16.5](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.4...v0.16.5)
(2023-04-17)

##### Features

- \_\_defineFunction API exposing internal defineFunction
([#&#8203;3805](https://redirect.github.com/KaTeX/KaTeX/issues/3805))
([c7b1f84](c7b1f84b78)),
closes
[#&#8203;3756](https://redirect.github.com/KaTeX/KaTeX/issues/3756)

####
[0.16.4](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.3...v0.16.4)
(2022-12-07)

##### Bug Fixes

- space should prevent optional argument to \
([#&#8203;3746](https://redirect.github.com/KaTeX/KaTeX/issues/3746))
([a0deb34](a0deb3410f)),
closes
[#&#8203;3745](https://redirect.github.com/KaTeX/KaTeX/issues/3745)

####
[0.16.3](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.2...v0.16.3)
(2022-10-22)

##### Bug Fixes

- \hline after \cr
([#&#8203;3735](https://redirect.github.com/KaTeX/KaTeX/issues/3735))
([ebf6bf5](ebf6bf5b50)),
closes
[#&#8203;3734](https://redirect.github.com/KaTeX/KaTeX/issues/3734)

####
[0.16.2](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.1...v0.16.2)
(2022-08-29)

##### Bug Fixes

- **auto-render:** concatenate content of successive text nodes
([#&#8203;3422](https://redirect.github.com/KaTeX/KaTeX/issues/3422))
([4d3fdd8](4d3fdd8647))
- Implement \pmb via CSS text-shadow
([#&#8203;3505](https://redirect.github.com/KaTeX/KaTeX/issues/3505))
([176552a](176552a691))

####
[0.16.1](https://redirect.github.com/KaTeX/KaTeX/compare/v0.16.0...v0.16.1)
(2022-08-28)

##### Bug Fixes

- Use SVGs for some stacked delims
([#&#8203;3686](https://redirect.github.com/KaTeX/KaTeX/issues/3686))
([8a65a2e](8a65a2e1fd))

</details>

<details>
<summary>material-extensions/vscode-material-icon-theme
(material-icon-theme)</summary>

###
[`v5.35.0`](https://redirect.github.com/material-extensions/vscode-material-icon-theme/blob/HEAD/CHANGELOG.md#v5350)

[Compare
Source](https://redirect.github.com/material-extensions/vscode-material-icon-theme/compare/v5.34.0...v5.35.0)

[compare
changes](https://redirect.github.com/material-extensions/vscode-material-icon-theme/compare/v5.34.0...v5.35.0)

##### 🚀 Enhancements

- Add CAD file extensions to 3d icon mapping
([#&#8203;3436](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3436))
- Add tsdown icon
([#&#8203;3418](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3418))
- Add new icons for mrpack
([#&#8203;3439](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3439))
- Add support for vercel.ts icon (typed Vercel configuration)
([#&#8203;3441](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3441))
- Support jxl image file type
([#&#8203;3444](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3444))
- Add uiua file icon
([#&#8203;3408](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3408))
- Add folder associations for rust/cargo projects
([#&#8203;3447](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3447))
- **icon:** Add zed folder icon
([#&#8203;3442](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3442))
- **icon:** Add redis icon
([#&#8203;3450](https://redirect.github.com/material-extensions/vscode-material-icon-theme/pull/3450))
- Add more unit tests for writefile helper function
([9e4c98aa](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/9e4c98aa))
- Include language IDs into the file icons
([c9a9d2ed](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/c9a9d2ed))
- Update dependencies
([d7274c71](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/d7274c71))

##### 🩹 Fixes

- Add rootDir to tsconfig.declarations.json for TypeScript 6
([4f7f49e9](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/4f7f49e9))
- Correct typos in CONTRIBUTING.md
([4de4acf7](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/4de4acf7))

##### 💅 Refactors

- **core:** Rewrite toTitleCase for clarity and add tests
([33c0e614](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/33c0e614))
- Remove duplicate toTitleCase, consolidate imports
([e247951d](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/e247951d))

##### 🏡 Chore

- Improve release process
([b959b483](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/b959b483))

##### ✅ Tests

- **core:** Add comprehensive tests for object helpers
([57f476c5](https://redirect.github.com/material-extensions/vscode-material-icon-theme/commit/57f476c5))

##### ❤️ Contributors

- Philipp Kief ([@&#8203;PKief](https://redirect.github.com/PKief))
- Sayan Shankhari
([@&#8203;SayanShankhari](https://redirect.github.com/SayanShankhari))
- Tymon Marek
([@&#8203;TymonMarek](https://redirect.github.com/TymonMarek))
- Unteksi-ozar
([@&#8203;Unteksi-ozar](https://redirect.github.com/Unteksi-ozar))
- 锐冰 SharpIce
([@&#8203;SharpIceX](https://redirect.github.com/SharpIceX))
- El Mahdi Bennajah
([@&#8203;bennajah](https://redirect.github.com/bennajah))
- Glitch714
([@&#8203;glitchplaysgames714](https://redirect.github.com/glitchplaysgames714))
- Andrin Haldner
([@&#8203;AHaldner](https://redirect.github.com/AHaldner))
- Kaden Gruizenga ([@&#8203;kgruiz](https://redirect.github.com/kgruiz))

</details>

<details>
<summary>pnpm/pnpm (pnpm)</summary>

###
[`v11.4.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1140)

[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.3.0...v11.4.0)

##### Minor Changes

- Treat tarball-integrity mismatches against the lockfile as a hard
failure by default. Previously, `pnpm install` (non-frozen) would log
`ERR_PNPM_TARBALL_INTEGRITY`, silently re-resolve from the registry, and
overwrite the locked integrity — which meant a compromised registry,
proxy, or republished version could substitute attacker-controlled
content on a clean machine even though the project shipped a committed
lockfile.

`pnpm install` now exits with `ERR_PNPM_TARBALL_INTEGRITY` and a hint
pointing at the new opt-in flag.

The only opt-in is **`pnpm install --update-checksums`** — narrowly
scoped to refreshing the locked integrity values from what the registry
currently serves. Mirrors yarn's flag of the same name. A warning still
prints when the bypass takes effect so the operation is auditable.

`--force` and `pnpm update` deliberately do **not** bypass the integrity
check. They are routine refresh operations; silently overwriting a
locked integrity in those flows would erase the protection a committed
lockfile is supposed to provide. `--frozen-lockfile` behavior is
unchanged. `--fix-lockfile` keeps its documented purpose (filling in
missing lockfile entries) and is also not a bypass.

- `pnpm runtime set <name> <version>` now saves the runtime to
`devEngines.runtime` by default instead of `engines.runtime`. Pass
`--save-prod` (or `-P`) to save it to `engines.runtime` instead
[#&#8203;11948](https://redirect.github.com/pnpm/pnpm/issues/11948).

##### Patch Changes

- Fix a credential disclosure issue where an unscoped `_authToken` (or
`_auth`, or `username` + `_password`, or `tokenHelper`) defined in one
source — `~/.npmrc`, `~/.config/pnpm/auth.ini`, a workspace `.npmrc`,
CLI flags, etc. — would be sent as an `Authorization` header to
whichever registry a different (potentially untrusted) source named. The
same fix extends to client TLS credentials (`cert`, `key`) so they
aren't presented to a registry their author didn't choose.

pnpm now rewrites each unscoped per-registry setting (`_authToken`,
`_auth`, `username`, `_password`, `tokenHelper`, `cert`, `key`) to its
URL-scoped form at load time, using the `registry=` value declared in
the same source (or the npmjs default registry if the source declares
none). A later layer overriding `registry=` therefore cannot pull an
unscoped credential along, because it is already pinned to the URL its
author intended. `ca`/`cafile` are intentionally not rescoped — they're
trust anchors, not credentials, and corporate MITM-proxy setups rely on
them applying globally.

Every rescope emits a deprecation warning telling the user where the
setting was pinned and how to write it directly. npm has rejected
unscoped credentials outright since `npm@9`, and pnpm intends to remove
support in a future major release. To target a specific registry, write
the setting URL-scoped (e.g. `//registry.example.com/:_authToken=...` or
`//registry.example.com/:cert=...`).

`@pnpm/network.auth-header`: removed the `defaultRegistry` parameter
from `createGetAuthHeaderByURI` and `getAuthHeadersFromCreds`. Now that
credentials are URL-scoped at load time, the merged `configByUri` never
contains the empty-string "default registry" placeholder slot, so
re-keying it onto the merged default registry is no longer needed.

- Fix `pnpm deploy` crashing with `ENOENT: ... lstat
'<deployDir>/node_modules'` when `configDependencies` declares pacquet
(`pacquet` or `@pnpm/pacquet`). The deploy directory never installs
config dependencies, so the install engine they designate isn't on disk
to invoke; the nested install now skips them.

- Reject git resolutions whose `commit` field is not a 40-character
hexadecimal SHA before invoking `git`. A malicious lockfile could
otherwise smuggle a value such as `--upload-pack=<command>` through `git
fetch` / `git checkout`, which on SSH or local-file transports executes
the supplied command.

- Limit concurrent project manifest reads while listing large workspaces
to avoid `EMFILE` errors.

- Reject patch files whose `diff --git` headers reference paths outside
the patched package directory. Previously a malicious `.patch` file
added via a pull request could write, delete, or rename arbitrary files
reachable by the user running `pnpm install`.

- Improve the log message that pnpm prints after auto-adding entries to
`minimumReleaseAgeExclude` when `minimumReleaseAge` is set without
`minimumReleaseAgeStrict`. The message previously referred to the
internal "loose mode" terminology, which wasn't searchable in the docs;
it now tells the user to set `minimumReleaseAgeStrict` to `true` if they
want these updates gated behind a prompt instead
[#&#8203;11747](https://redirect.github.com/pnpm/pnpm/issues/11747).

- Reject dependency aliases that contain path-traversal segments (such
as `@x/../../../../../.git/hooks`) when reading them from a package
manifest or symlinking them into `node_modules`. A malicious registry
package could otherwise use a transitive dependency key to make `pnpm
install` create symlinks at attacker-chosen paths outside the intended
`node_modules` directory.

- Reject `pnpm-lock.yaml` entries whose remote tarball `resolution:`
block is missing the `integrity` field. Previously the worker that
extracts a downloaded tarball skipped hash verification when no
integrity was supplied and minted a fresh one from the unverified bytes,
so an attacker who could both alter the lockfile (e.g. via a pull
request that strips `integrity:`) and serve modified content at the
referenced tarball URL could install a tampered package without any
error — including under `--frozen-lockfile`. pnpm now fails closed at
lockfile-read time with `ERR_PNPM_MISSING_TARBALL_INTEGRITY`. Git-hosted
tarballs (`gitHosted: true` or a URL on codeload.github.com /
bitbucket.org / gitlab.com) and `file:` tarballs are exempt — the commit
SHA in a git-host URL and the user-controlled local path already anchor
the bytes.

- Validate `devEngines.runtime` and `engines.runtime` version ranges for
`node`, `deno`, and `bun` when `onFail` is set to `error` or `warn`.
Previously these settings only had an effect with `onFail: 'download'` —
the `error` and `warn` modes silently did nothing
[#&#8203;11818](https://redirect.github.com/pnpm/pnpm/issues/11818).
Violations now throw `ERR_PNPM_BAD_RUNTIME_VERSION`.

- Require provenance before treating trusted publisher metadata as the
strongest trust evidence.

###
[`v11.3.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1130)

[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.2.2...v11.3.0)

##### Minor Changes

- Added `pnpm stage` with `publish`, `list`, `view`, `approve`,
`reject`, and `download` subcommands for npm staged publishing.

- Added a new setting `trustLockfile`. When `true`, `pnpm install` skips
the supply-chain verification pass that re-applies `minimumReleaseAge` /
`trustPolicy='no-downgrade'` to every entry in the loaded lockfile. The
install treats the lockfile as already-trusted — useful for
closed-source projects where every commit comes from a trusted author.
Defaults to `false`; verification stays on by default. Set in
`pnpm-workspace.yaml`.

Also cut the memory footprint of the verification pass itself: the
per-(registry, name) trust-meta cache previously retained the full
packument — dependency graphs, scripts, README, and per-version
manifests — for the entire install. On large workspaces (`~4k` lockfile
entries with `minimumReleaseAge` + `trustPolicy: no-downgrade` enabled)
this could OOM CI runners with a 2GB heap cap. The cache now stores only
the fields the trust check actually reads (`time`, per-version
`_npmUser.trustedPublisher`, `dist.attestations.provenance`). The
abbreviated-metadata cache is similarly projected to just the
package-level `modified` field and the set of currently-listed version
names. Fixes
[#&#8203;11860](https://redirect.github.com/pnpm/pnpm/issues/11860).

- Implemented `pnpm pkg` command natively, following `npm pkg`
standards.

- Implemented `pnpm repo` command natively, following `npm repo`
standards.

- Implemented `pnpm set-script` (alias `ss`) natively. Adds or updates
an entry in the `scripts` field of the project manifest, supporting
`package.json`, `package.json5`, and `package.yaml` formats.

- Add a `skip-manifest-obfuscation` option for `pnpm pack` and `pnpm
publish`. When enabled, the original `packageManager` field and publish
lifecycle scripts are kept in the packed/published manifest instead of
being stripped. The pnpm-specific `pnpm` field continues to be omitted.

##### Patch Changes

- Fixed `pnpm dlx` failing with `ERR_PNPM_NO_IMPORTER_MANIFEST_FOUND`
when the installed package's CAS slot is missing its `package.json`.
Observed in the wild for `pnpm dlx node@runtime:<version>` when the GVS
slot was populated without the synthesized manifest runtime archives
need (they don't ship a `package.json` of their own, so the synthesized
one is the only way it gets there; an existing slot from an earlier code
path that skipped the synthesis stays incomplete). The bin link itself
is wired up from the resolution and remains valid, so `dlx` now falls
back to the scopeless package name when the slot's manifest is
unreadable — for single-bin packages (the dlx common case, including
every `runtime:` spec) this matches what `manifest.bin` would have
named. Multi-bin packages already require `--package=<spec> <bin>` to
disambiguate and don't enter this code path.
- Fixed non-determinism in `pnpm dedupe` and `pnpm install` when a
dependency graph contains packages with transitive peer dependencies on
each other (e.g. `@aws-sdk/client-sts` and `@aws-sdk/client-sso-oidc`)
and `auto-install-peers` is enabled. The lockfile no longer flips
between two equally-valid forms across consecutive runs. The root cause
was that `resolveDependencies` pushed onto its `pkgAddresses` /
`postponedResolutionsQueue` arrays from inside `Promise.all`-spawned
callbacks, so completion-order timing leaked into the array order and
downstream cyclic-peer suffix assignment. Fixes
[#&#8203;8155](https://redirect.github.com/pnpm/pnpm/issues/8155).
- Fixed a regression introduced by
[#&#8203;11711](https://redirect.github.com/pnpm/pnpm/pull/11711) where
`pnpm add <github-shorthand>` (and any other wanted-dependency whose
alias can't be parsed from the user-supplied spec, e.g. tarball URLs or
`pnpm/test-git-fetch#sha`) was silently dropped from the manifest update
and from `pendingBuilds`. The alias-keyed lookup added in that PR
couldn't find a `wantedDependency` whose `alias` was `undefined` at
parse time but resolved to a package name only after fetching, so the
entry never made it into `specsToUpsert`. Restored the original
index-based pairing between `directDependencies` and
`wantedDependencies`; the catalog-protocol preservation that PR was
originally fixing is unaffected because it's driven by
`rdd.catalogLookup.userSpecifiedBareSpecifier`, not by the lookup. Fixes
the three `rebuilds dependencies` / `rebuilds specific dependencies` /
`rebuild with pending option` failures in
`building/commands/test/build/index.ts`.
- Fixed `pnpm add --config` leaving orphan entries in
`pnpm-lock.env.yaml` (the optional subdependencies of the previously
resolved version of the updated config dependency).

###
[`v11.2.2`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1122)

[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v11.2.1...v11.2.2)

##### Patch Changes

- When the install engine is delegated to pacquet via
`configDependencies`, the user's CLI flags passed to `pnpm install`
(e.g. `--no-runtime`, `--prod`, `--dev`, `--no-optional`,
`--node-linker`, `--cpu`/`--os`/`--libc`, `--offline`,
`--prefer-offline`) are now forwarded to pacquet's `install` subcommand
verbatim. Previously pacquet was invoked with a fixed argument list, so
flags like `--no-runtime` were silently dropped. Flag forwarding is
gated on the command being `install`/`i`; `add`, `update`, and `dedupe`
still don't forward (their flag surface doesn't line up with pacquet's
`install`).
- Fixed `pnpm up` (and `pnpm add` / `pnpm remove`) failing with
`pacquet_package_manager::outdated_lockfile` when pacquet is declared in
`configDependencies`. pnpm now passes `--ignore-manifest-check` to
pacquet so its `--frozen-lockfile` check doesn't fire against the
(pre-mutation) `package.json` pnpm hasn't written yet
[#&#8203;11797](https://redirect.github.com/pnpm/pnpm/issues/11797).
Requires a pacquet release that supports the flag — bump
`PACQUET_VERSION` in the e2e tests once it ships.

</details>

<details>
<summary>silverwind/rolldown-license-plugin
(rolldown-license-plugin)</summary>

###
[`v3.0.8`](https://redirect.github.com/silverwind/rolldown-license-plugin/releases/tag/3.0.8)

[Compare
Source](https://redirect.github.com/silverwind/rolldown-license-plugin/compare/3.0.7...3.0.8)

- update deps (silverwind)
- swap path.join for template concat in I/O hot paths (silverwind)
- simplify license sort and allow-branch control flow (silverwind)

</details>

<details>
<summary>typescript-eslint/typescript-eslint
(typescript-eslint)</summary>

###
[`v8.60.0`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/typescript-eslint/CHANGELOG.md#8600-2026-05-25)

[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.59.4...v8.60.0)

This was a version bump only for typescript-eslint to align it with
other projects, there were no code changes.

See [GitHub
Releases](https://redirect.github.com/typescript-eslint/typescript-eslint/releases/tag/v8.60.0)
for more information.

You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.

</details>

<details>
<summary>silverwind/updates (updates)</summary>

###
[`v17.17.2`](https://redirect.github.com/silverwind/updates/releases/tag/17.17.2)

[Compare
Source](https://redirect.github.com/silverwind/updates/compare/17.17.1...17.17.2)

- Read github env tokens lazily instead of at import (silverwind)

###
[`v17.17.1`](https://redirect.github.com/silverwind/updates/releases/tag/17.17.1)

[Compare
Source](https://redirect.github.com/silverwind/updates/compare/17.17.0...17.17.1)

- Scope GitHub token fallback to GitHub hosts only (silverwind)

###
[`v17.17.0`](https://redirect.github.com/silverwind/updates/releases/tag/17.17.0)

[Compare
Source](https://redirect.github.com/silverwind/updates/compare/17.16.13...17.17.0)

- update deps (silverwind)
- Add per-package `overrides` config option
([#&#8203;140](https://redirect.github.com/silverwind/updates/issues/140))
(silverwind)
- fix three bugs in range/tag handling (silverwind)

</details>

<details>
<summary>vitejs/vite (vite)</summary>

###
[`v8.0.14`](https://redirect.github.com/vitejs/vite/blob/HEAD/packages/vite/CHANGELOG.md#small-8014-2026-05-21-small)

[Compare
Source](https://redirect.github.com/vitejs/vite/compare/v8.0.13...v8.0.14)

##### Features

- update rolldown to 1.0.2
([#&#8203;22484](https://redirect.github.com/vitejs/vite/issues/22484))
([96efc88](96efc88570))

##### Bug Fixes

- **deps:** update all non-major dependencies
([#&#8203;22471](https://redirect.github.com/vitejs/vite/issues/22471))
([98b8163](98b8163213))
- **dev:** handle errors when sending messages to vite server
([#&#8203;22450](https://redirect.github.com/vitejs/vite/issues/22450))
([e8e9a34](e8e9a34dcf))
- **html:** handle trailing slash paths in transformIndexHtml
([#&#8203;22480](https://redirect.github.com/vitejs/vite/issues/22480))
([5d94d1b](5d94d1bffd))
- **optimizer:** pass oxc jsx options to transformSync in dependency
scan
([#&#8203;22342](https://redirect.github.com/vitejs/vite/issues/22342))
([b3132da](b3132dacea))

##### Miscellaneous Chores

- **deps:** update rolldown-related dependencies
([#&#8203;22470](https://redirect.github.com/vitejs/vite/issues/22470))
([7cb728e](7cb728eb62))
- remove irrelevant commits from changelog
([2c69495](2c69495f25))

##### Code Refactoring

- **glob:** do not rewrite import path for absolute base
([#&#8203;22310](https://redirect.github.com/vitejs/vite/issues/22310))
([0ae2844](0ae2844ab6))

##### Tests

- **css:** sass does not use main field
([#&#8203;22449](https://redirect.github.com/vitejs/vite/issues/22449))
([ebf39a0](ebf39a0432))

</details>

<details>
<summary>vuejs/core (vue)</summary>

###
[`v3.5.35`](https://redirect.github.com/vuejs/core/blob/HEAD/CHANGELOG.md#3535-2026-05-27)

[Compare
Source](https://redirect.github.com/vuejs/core/compare/v3.5.34...v3.5.35)

##### Bug Fixes

- **compiler-core:** avoid double processing v-for keys with v-memo
([#&#8203;14861](https://redirect.github.com/vuejs/core/issues/14861))
([34a0ded](34a0ded4d2)),
closes
[#&#8203;14859](https://redirect.github.com/vuejs/core/issues/14859)
- **compiler-sfc:** resolve top-level exports from files registered as
global types
([#&#8203;14805](https://redirect.github.com/vuejs/core/issues/14805))
([3d077f2](3d077f26e3)),
closes
[nuxt/nuxt#33694](https://redirect.github.com/nuxt/nuxt/issues/33694)
- **runtime-core:** avoid repeated hydration mismatch checks
([#&#8203;14857](https://redirect.github.com/vuejs/core/issues/14857))
([170fc95](170fc95eb6)),
closes
[#&#8203;14855](https://redirect.github.com/vuejs/core/issues/14855)
- **runtime-core:** skip idle persisted transition hooks in keep-alive
moves
([#&#8203;14865](https://redirect.github.com/vuejs/core/issues/14865))
([80fc139](80fc139f90)),
closes
[#&#8203;14031](https://redirect.github.com/vuejs/core/issues/14031)
- **server-renderer:** propagate sync errors from `ssrRenderSuspense`
([#&#8203;14804](https://redirect.github.com/vuejs/core/issues/14804))
([4760997](47609975e2)),
closes
[nuxt/nuxt#28162](https://redirect.github.com/nuxt/nuxt/issues/28162)
- **teleport:** skip child unmount when pending mount discarded
([#&#8203;14876](https://redirect.github.com/vuejs/core/issues/14876))
([#&#8203;14877](https://redirect.github.com/vuejs/core/issues/14877))
([584beb1](584beb1262))

##### Performance Improvements

- **reactivity:** skip type checks for cached proxies
([#&#8203;14860](https://redirect.github.com/vuejs/core/issues/14860))
([5734fe9](5734fe97f6))
- **runtime-dom:** optimize array event handler dispatch
([#&#8203;14828](https://redirect.github.com/vuejs/core/issues/14828))
([bb18dc8](bb18dc8e56))
- **server-renderer:** avoid materializing iterables in ssrRenderList
([#&#8203;14821](https://redirect.github.com/vuejs/core/issues/14821))
([1b7a2cc](1b7a2cc15c))

</details>

<details>
<summary>vuejs/language-tools (vue-tsc)</summary>

###
[`v3.3.2`](https://redirect.github.com/vuejs/language-tools/blob/HEAD/CHANGELOG.md#332-2026-05-25)

[Compare
Source](https://redirect.github.com/vuejs/language-tools/compare/v3.3.1...v3.3.2)

##### language-core

- **feat:** preserve literal types for inline `v-for` sources
([#&#8203;6067](https://redirect.github.com/vuejs/language-tools/issues/6067))
- Thanks to [@&#8203;kkesidis](https://redirect.github.com/kkesidis)!
- **fix:** align `v-bind` shorthand identifier skipping with
interpolation - Thanks to
[@&#8203;KazariEX](https://redirect.github.com/KazariEX)!

##### vscode

- **feat:** transform tsserver content
([#&#8203;6062](https://redirect.github.com/vuejs/language-tools/issues/6062))
- Thanks to [@&#8203;KazariEX](https://redirect.github.com/KazariEX)!
- **fix:** do not mark trailing slash in capitalized self-closing tags
as invalid
([#&#8203;6065](https://redirect.github.com/vuejs/language-tools/issues/6065))
- Thanks to [@&#8203;suisanka](https://redirect.github.com/suisanka)!

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - Only on Monday (`* * * * 1`)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuNSIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>

.github/workflows/cron-renovate.yml

@@ -28,5 +28,5 @@ jobs:
           token: ${{ secrets.RENOVATE_TOKEN }}
         env:
           RENOVATE_BINARY_SOURCE: install # auto-install go/node toolchains needed by post-upgrade tasks.
-          RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^make (tidy|svg nolyfill)$"]'
+          RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '["^make (tidy|svg)$"]'
           RENOVATE_REPOSITORIES: '["go-gitea/gitea"]'

Makefile

@@ -608,14 +608,6 @@ update-js: node_modules ## update js dependencies
 	rm -rf node_modules pnpm-lock.yaml
 	pnpm install
 	@touch node_modules
-	$(MAKE) --no-print-directory nolyfill
-
-.PHONY: nolyfill
-nolyfill: node_modules ## apply nolyfill overrides to package.json and relock
-	pnpm exec nolyfill install
-	node tools/migrate-nolyfills.ts
-	pnpm install
-	@touch node_modules
 
 .PHONY: update-py
 update-py: node_modules ## update py dependencies

package.json

@@ -1,6 +1,6 @@
 {
   "type": "module",
-  "packageManager": "pnpm@11.2.1",
+  "packageManager": "pnpm@11.4.0",
   "engines": {
     "node": ">= 22.18.0",
     "pnpm": ">= 11.0.0"
@@ -28,7 +28,7 @@
     "@lezer/highlight": "1.2.3",
     "@mcaptcha/vanilla-glue": "0.1.0-rc2",
     "@mermaid-js/layout-elk": "0.2.1",
-    "@primer/octicons": "19.26.0",
+    "@primer/octicons": "19.27.0",
     "@replit/codemirror-indentation-markers": "6.5.3",
     "@replit/codemirror-lang-nix": "6.0.1",
     "@replit/codemirror-lang-svelte": "6.0.0",
@@ -45,19 +45,19 @@
     "colord": "2.9.3",
     "compare-versions": "6.1.1",
     "cropperjs": "1.6.2",
-    "dayjs": "1.11.20",
+    "dayjs": "1.11.21",
     "easymde": "2.21.0",
     "esbuild": "0.28.0",
     "idiomorph": "0.7.4",
     "jquery": "4.0.0",
     "js-yaml": "4.1.1",
-    "katex": "0.16.47",
+    "katex": "0.17.0",
     "mermaid": "11.15.0",
     "online-3d-viewer": "0.18.0",
     "pdfobject": "2.3.1",
     "perfect-debounce": "2.1.0",
     "postcss": "8.5.15",
-    "rolldown-license-plugin": "3.0.7",
+    "rolldown-license-plugin": "3.0.8",
     "sortablejs": "1.15.7",
     "swagger-ui-dist": "5.32.6",
     "tailwindcss": "3.4.19",
@@ -67,14 +67,14 @@
     "tributejs": "5.1.3",
     "uint8-to-base64": "0.2.1",
     "vanilla-colorful": "0.7.2",
-    "vite": "8.0.13",
+    "vite": "8.0.14",
     "vite-string-plugin": "2.0.4",
-    "vue": "3.5.34",
+    "vue": "3.5.35",
     "vue-bar-graph": "2.2.0",
     "vue-chartjs": "5.3.3"
   },
   "devDependencies": {
-    "@eslint-community/eslint-plugin-eslint-comments": "4.7.1",
+    "@eslint-community/eslint-plugin-eslint-comments": "4.7.2",
     "@eslint/json": "1.2.0",
     "@playwright/test": "1.60.0",
     "@stylistic/eslint-plugin": "5.10.0",
@@ -89,9 +89,9 @@
     "@types/swagger-ui-dist": "3.30.6",
     "@types/throttle-debounce": "5.0.2",
     "@types/toastify-js": "1.12.4",
-    "@typescript-eslint/parser": "8.59.4",
+    "@typescript-eslint/parser": "8.60.0",
     "@vitejs/plugin-vue": "6.0.7",
-    "@vitest/eslint-plugin": "1.6.17",
+    "@vitest/eslint-plugin": "1.6.18",
     "eslint": "10.4.0",
     "eslint-import-resolver-typescript": "4.4.4",
     "eslint-plugin-array-func": "5.1.1",
@@ -109,8 +109,7 @@
     "happy-dom": "20.9.0",
     "jiti": "2.7.0",
     "markdownlint-cli": "0.48.0",
-    "material-icon-theme": "5.34.0",
-    "nolyfill": "1.0.44",
+    "material-icon-theme": "5.35.0",
     "postcss-html": "1.8.1",
     "spectral-cli-bundle": "1.0.8",
     "stylelint": "17.12.0",
@@ -120,9 +119,9 @@
     "stylelint-value-no-unknown-custom-properties": "6.1.1",
     "svgo": "4.0.1",
     "typescript": "6.0.3",
-    "typescript-eslint": "8.59.4",
-    "updates": "17.16.13",
+    "typescript-eslint": "8.60.0",
+    "updates": "17.17.2",
     "vitest": "4.1.7",
-    "vue-tsc": "3.3.1"
+    "vue-tsc": "3.3.2"
   }
 }

pnpm-workspace.yaml

@@ -1,4 +1,3 @@
-packages: [ . ] # workaround for https://github.com/SukkaW/nolyfill/issues/119
 savePrefix: ''
 dedupePeerDependents: false
 updateNotifier: false
@@ -8,28 +7,6 @@ peerDependencyRules:
   allowedVersions:
     eslint-plugin-github>eslint: '>=9'
 
-overrides:
-  array-includes: npm:@nolyfill/array-includes@^1
-  array.prototype.findlastindex: npm:@nolyfill/array.prototype.findlastindex@^1
-  array.prototype.flat: npm:@nolyfill/array.prototype.flat@^1
-  array.prototype.flatmap: npm:@nolyfill/array.prototype.flatmap@^1
-  es-aggregate-error: npm:@nolyfill/es-aggregate-error@^1
-  hasown: npm:@nolyfill/hasown@^1
-  is-core-module: npm:@nolyfill/is-core-module@^1
-  object.assign: npm:@nolyfill/object.assign@^1
-  object.fromentries: npm:@nolyfill/object.fromentries@^1
-  object.groupby: npm:@nolyfill/object.groupby@^1
-  object.values: npm:@nolyfill/object.values@^1
-  safe-buffer: npm:@nolyfill/safe-buffer@^1
-  safe-regex-test: npm:@nolyfill/safe-regex-test@^1
-  safer-buffer: npm:@nolyfill/safer-buffer@^1
-  string.prototype.includes: npm:@nolyfill/string.prototype.includes@^1
-  string.prototype.trimend: npm:@nolyfill/string.prototype.trimend@^1
-  object-keys: npm:@nolyfill/object-keys@^1
-  object.entries: npm:@nolyfill/object.entries@^1
-  abab: npm:@nolyfill/abab@^1
-  es-set-tostringtag: npm:@nolyfill/es-set-tostringtag@^1
-
 allowBuilds:
   '@scarf/scarf': false
   core-js: false

public/assets/img/svg/octicon-flag.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 16 16" class="svg octicon-flag" width="16" height="16" aria-hidden="true"><path fill="currentColor" d="M15 10.21V2.22c0-.08-.02-.15-.05-.23 0-.02 0-.04-.01-.06-.02-.05-.06-.09-.09-.13s-.04-.08-.07-.11c-.02-.02-.04-.02-.06-.04a.8.8 0 0 0-.19-.12c-2.78-1.11-4.86-.25-6.69.5-1.73.72-3.24 1.33-5.34.57v-.63c0-.41-.34-.75-.75-.75S1 1.56 1 1.97v12.5c0 .41.34.75.75.75s.75-.34.75-.75V4.18c.66.19 1.28.27 1.87.27 1.54 0 2.85-.54 4.05-1.04 1.66-.69 3.12-1.27 5.09-.65v6.43c-2.28-.56-4.06.17-5.66.84-1.25.52-2.41 1-3.79.92-.38-.03-.77.29-.8.7s.29.77.7.8c.14 0 .29.01.42.01 1.52 0 2.8-.53 4.04-1.04 1.79-.74 3.34-1.38 5.56-.5.06.02.12.03.19.03.03 0 .06.02.09.02.23 0 .45-.12.59-.31.04-.05.08-.09.1-.15.02-.05.02-.1.03-.15 0-.04.03-.08.03-.13z"/></svg>

renovate.json5

@@ -95,7 +95,7 @@
       "matchManagers": ["npm"],
       "postUpdateOptions": ["pnpmDedupe"],
       "postUpgradeTasks": {
-        "commands": ["make svg nolyfill"],
+        "commands": ["make svg"],
         "fileFilters": ["package.json", "pnpm-lock.yaml", "pnpm-workspace.yaml", "public/assets/img/svg/**"],
         "executionMode": "branch",
       },

tools/migrate-nolyfills.ts

@@ -1,33 +0,0 @@
-#!/usr/bin/env node
-// nolyfill writes overrides to package.json#pnpm.overrides which pnpm v11 ignores.
-// This moves them to pnpm-workspace.yaml until SukkaW/nolyfill#119 is fixed.
-import {readFileSync, writeFileSync} from 'node:fs';
-import {exit} from 'node:process';
-import {fileURLToPath} from 'node:url';
-import {dump} from 'js-yaml';
-
-const packagePath = fileURLToPath(new URL('../package.json', import.meta.url));
-const workspacePath = fileURLToPath(new URL('../pnpm-workspace.yaml', import.meta.url));
-
-const packageJson: {pnpm?: {overrides?: Record<string, string>}} = JSON.parse(readFileSync(packagePath, 'utf8'));
-const overrides = packageJson.pnpm?.overrides;
-
-if (!overrides || !Object.keys(overrides).length) {
-  exit(0);
-}
-
-const block = dump({overrides}, {lineWidth: -1, quotingType: "'"});
-const workspace = readFileSync(workspacePath, 'utf8');
-const overridesRegex = /^overrides:[^\n]*(?:\n(?:[ \t][^\n]*|[ \t]*(?=\n[ \t])))*\n?/m;
-
-if (!overridesRegex.test(workspace)) {
-  console.error(`No 'overrides:' block found in pnpm-workspace.yaml`);
-  exit(1);
-}
-
-writeFileSync(workspacePath, workspace.replace(overridesRegex, block));
-
-const pnpm = packageJson.pnpm!;
-delete pnpm.overrides;
-if (!Object.keys(pnpm).length) delete packageJson.pnpm;
-writeFileSync(packagePath, `${JSON.stringify(packageJson, null, 2)}\n`);