ci(deps): update ci dependencies #151

Merged
renovate-bot merged 1 commit from renovate/ci into main 2026-07-15 03:06:49 +00:00
Member

This PR contains the following updates:

Package Type Update Change Pending Age Confidence
https://git.zarantonello.dev/projects/forgejo-agent action patch v1.8.1v1.8.2 age confidence
pnpm (source) minor 11.11.011.12.0 11.13.0 age confidence

Release Notes

projects/forgejo-agent (https://git.zarantonello.dev/projects/forgejo-agent)

v1.8.2

Compare Source

pnpm/pnpm (pnpm)

v11.12.0

Compare Source

Minor Changes
  • a897ef7: Custom fetchers exported from a pnpmfile can now delegate by returning a { delegate: <resolution> } envelope: pnpm rewrites the package's resolution to the delegated shape and runs the built-in fetcher on it. This is the portable delegation form that also works in pacquet, where cafs and fetchers cannot be passed to the hook. Related to pnpm/pnpm#11685.
Patch Changes
  • 2b02764: The changed-packages filter (--filter "...[<since>]") no longer allows an option-like <since> value (such as --output=<path>) to be interpreted as a git option — git now rejects it as a bad revision. The repository root is also resolved to the nearest .git entry, so the filter works in a git worktree checked out inside another repository's tree.

  • 43711ce: pnpm outdated no longer checks the registry for dependencies that are resolved from local link:, file:, or workspace: references in the lockfile #​12827.

  • 3c6718b: Fixed a deadlock in peer dependency resolution: pnpm install hung forever when a peer dependency cycle spanned a project's own dependencies and auto-installed peer providers, for example when installing [email protected] #​12921.

  • 252f15e: Fixed peer dependency auto-install picking a version the peer range rejects. In a workspace with several projects, a package declaring a peer dependency with a semver range (for example ^1.0.0) could get the highest version found anywhere in the workspace (for example a 2.0.0 resolved for another project) instead of a version that satisfies the range. Peers are now deduplicated onto the highest preferred version that satisfies the declared range, and when none does, the range is resolved from the registry.

    Also fixed re-resolving with an existing lockfile hoisting a different peer version than a fresh install of the same manifest: root dependencies reused from the lockfile were invisible to peer hoisting, so a peer that a root dependency provides could be bound to another version.

  • a38adda: pnpm self-update <version> now installs the requested pnpm version when it matches the currently running version but is missing from the global self-update directory.

  • 6a85968: pnpm stage list now stops paginating after a fail-safe cap of 1000 pages, so a misbehaving registry cannot keep the command looping forever.

  • eee7c9a: verify-deps-before-run no longer spawns a pnpm install when pnpm is executed in a directory that has no package.json. A mistyped command run outside a project (for example pnpm witch 10 login) used to crash with a confusing error from the spawned install; now it fails with the regular "no package.json found" error.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

This PR contains the following updates: | Package | Type | Update | Change | Pending | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---|---|---|---| | [https://git.zarantonello.dev/projects/forgejo-agent](https://git.zarantonello.dev/projects/forgejo-agent) | action | patch | `v1.8.1` → `v1.8.2` | | ![age](https://developer.mend.io/api/mc/badges/age/forgejo-tags/projects%2fforgejo-agent/v1.8.2?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/forgejo-tags/projects%2fforgejo-agent/v1.8.1/v1.8.2?slim=true) | | [pnpm](https://pnpm.io) ([source](https://github.com/pnpm/pnpm/tree/HEAD/pnpm11/pnpm)) | | minor | `11.11.0` → `11.12.0` | `11.13.0` | ![age](https://developer.mend.io/api/mc/badges/age/npm/pnpm/11.12.0?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pnpm/11.11.0/11.12.0?slim=true) | --- ### Release Notes <details> <summary>projects/forgejo-agent (https://git.zarantonello.dev/projects/forgejo-agent)</summary> ### [`v1.8.2`](https://git.zarantonello.dev/projects/forgejo-agent/compare/v1.8.1...v1.8.2) [Compare Source](https://git.zarantonello.dev/projects/forgejo-agent/compare/v1.8.1...v1.8.2) </details> <details> <summary>pnpm/pnpm (pnpm)</summary> ### [`v11.12.0`](https://github.com/pnpm/pnpm/blob/HEAD/pnpm11/pnpm/CHANGELOG.md#11120) [Compare Source](https://github.com/pnpm/pnpm/compare/v11.11.0...v11.12.0) ##### Minor Changes - [`a897ef7`](https://github.com/pnpm/pnpm/commit/a897ef7): Custom fetchers exported from a pnpmfile can now delegate by returning a `{ delegate: <resolution> }` envelope: pnpm rewrites the package's resolution to the delegated shape and runs the built-in fetcher on it. This is the portable delegation form that also works in pacquet, where `cafs` and `fetchers` cannot be passed to the hook. Related to [pnpm/pnpm#11685](https://github.com/pnpm/pnpm/issues/11685). ##### Patch Changes - [`2b02764`](https://github.com/pnpm/pnpm/commit/2b02764): The changed-packages filter (`--filter "...[<since>]"`) no longer allows an option-like `<since>` value (such as `--output=<path>`) to be interpreted as a git option — git now rejects it as a bad revision. The repository root is also resolved to the nearest `.git` entry, so the filter works in a git worktree checked out inside another repository's tree. - [`43711ce`](https://github.com/pnpm/pnpm/commit/43711ce): `pnpm outdated` no longer checks the registry for dependencies that are resolved from local `link:`, `file:`, or `workspace:` references in the lockfile [#&#8203;12827](https://github.com/pnpm/pnpm/issues/12827). - [`3c6718b`](https://github.com/pnpm/pnpm/commit/3c6718b): Fixed a deadlock in peer dependency resolution: `pnpm install` hung forever when a peer dependency cycle spanned a project's own dependencies and auto-installed peer providers, for example when installing `[email protected]` [#&#8203;12921](https://github.com/pnpm/pnpm/issues/12921). - [`252f15e`](https://github.com/pnpm/pnpm/commit/252f15e): Fixed peer dependency auto-install picking a version the peer range rejects. In a workspace with several projects, a package declaring a peer dependency with a semver range (for example `^1.0.0`) could get the highest version found anywhere in the workspace (for example a `2.0.0` resolved for another project) instead of a version that satisfies the range. Peers are now deduplicated onto the highest preferred version that satisfies the declared range, and when none does, the range is resolved from the registry. Also fixed re-resolving with an existing lockfile hoisting a different peer version than a fresh install of the same manifest: root dependencies reused from the lockfile were invisible to peer hoisting, so a peer that a root dependency provides could be bound to another version. - [`a38adda`](https://github.com/pnpm/pnpm/commit/a38adda): `pnpm self-update <version>` now installs the requested pnpm version when it matches the currently running version but is missing from the global self-update directory. - [`6a85968`](https://github.com/pnpm/pnpm/commit/6a85968): `pnpm stage list` now stops paginating after a fail-safe cap of 1000 pages, so a misbehaving registry cannot keep the command looping forever. - [`eee7c9a`](https://github.com/pnpm/pnpm/commit/eee7c9a): `verify-deps-before-run` no longer spawns a `pnpm install` when pnpm is executed in a directory that has no `package.json`. A mistyped command run outside a project (for example `pnpm witch 10 login`) used to crash with a confusing error from the spawned install; now it fails with the regular "no package.json found" error. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNjAuMiIsInVwZGF0ZWRJblZlciI6IjQzLjI2MC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
ci(deps): update ci dependencies
All checks were successful
renovate/stability-days Updates have met minimum release age requirement
check-commitizen.yaml / Check the PR title (pull_request) Successful in 2s
check-formatter.yaml / Checks with formatters (pull_request) Successful in 7s
check-linter.yaml / Checks with linters (pull_request) Successful in 8s
check-prettier.yaml / Check files formatting (pull_request) Successful in 2s
check-syntax.yaml / Checks with static tools (pull_request) Successful in 9s
check-yamllint.yaml / Lint yaml files (pull_request) Successful in 2s
forgejo-agent / LLM Bot response generation (pull_request) Successful in 2s
cf3fe36f8a
renovate-bot scheduled this pull request to auto merge when all checks succeed 2026-07-15 03:03:57 +00:00
renovate-bot deleted branch renovate/ci 2026-07-15 03:06:49 +00:00
Sign in to join this conversation.
No reviewers
No labels
No milestone
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set

Reference
projects/forgejo-agent!151
No description provided.