fix(deps): update all non-major dependencies

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Confidence
@lerna-lite/cli (source)	^5.0.0 → ^5.1.0
@lerna-lite/publish (source)	^5.0.0 → ^5.1.0
@lerna-lite/watch (source)	^5.0.0 → ^5.1.0
cssnano	^7.1.5 → ^7.1.7
dompurify	^3.4.0 → ^3.4.1
typescript (source)	^6.0.2 → ^6.0.3
vite (source)	^8.0.8 → ^8.0.10

---

Release Notes

lerna-lite/lerna-lite (@​lerna-lite/cli)

v5.1.0

Compare Source

Features

• add --no-shell for lerna exec/watch to avoid DEP0190 warning (#​1309) (7b7e61c) - by @​ghiscoding

lerna-lite/lerna-lite (@​lerna-lite/publish)

v5.1.0

Compare Source

Note: Version bump only for package @​lerna-lite/publish

lerna-lite/lerna-lite (@​lerna-lite/watch)

v5.1.0

Compare Source

Features

• add --no-shell for lerna exec/watch to avoid DEP0190 warning (#​1309) (7b7e61c) - by @​ghiscoding

Bug Fixes

• watch: always set cwd for tinyglobby to support latest version (#​1314) (99d42c5) - by @​ghiscoding

cssnano/cssnano (cssnano)

v7.1.7: v.7.1.7

Compare Source

This release is idnetical to the previous one, but is being published to ensure that the latest versions of postcss-normalize-repeat-style and postcss-normalize-positions are uploaded to the npm registry.

v7.1.6: v7.1.6

Compare Source

New feature

• feat(postcss-minify-selectors): fold selector lists into :is() (#​1703) by @​dkryaklin in #​1775

Bug fixes

• fix: update colordx and autoprefixer
• fix: update postcss peer dependency by @​ludofischer in #​1779 Solves possible security issue

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.5...cssnano@7.1.6

cure53/DOMPurify (dompurify)

v3.4.1: DOMPurify 3.4.1

Compare Source

• Fixed an issue with on-handler stripping for HTML-spec-reserved custom element names (font-face, color-profile, missing-glyph, font-face-src, font-face-uri, font-face-format, font-face-name) under permissive CUSTOM_ELEMENT_HANDLING
• Fixed a case-sensitivity gap in the annotation-xml check that allowed mixed-case variants to bypass the basic-custom-element exclusion in XHTML mode
• Fixed SANITIZE_NAMED_PROPS repeatedly prefixing already-prefixed id and name values on subsequent sanitization
• Fixed the IN_PLACE root-node check to explicitly guard against non-string nodeName (DOM-clobbering robustness)
• Removed a duplicate slot entry from the default HTML attribute allow-list
• Strengthened the fast-check fuzz harness with explicit XSS invariants, an expanded seed-payload corpus, an additional idempotence property for SANITIZE_NAMED_PROPS, and a negative-control assertion ensuring the invariants actually fire
• Added regression and pinning tests covering the above fixes and two accepted-behavior contracts (SAFE_FOR_TEMPLATES greedy scrub, hook-added attribute handling)
• Extended CodeQL analysis to run on 3.x and 2.x maintenance branches

microsoft/TypeScript (typescript)

v6.0.3

Compare Source

vitejs/vite (vite)

v8.0.10

Compare Source

Features

• update rolldown to 1.0.0-rc.17 (#​22299) (a4d06d9)

Bug Fixes

• hmrClient.logger.debug and hmrClient.logger.error looked different from other HMR logs (#​22147) (a4d828f)
• css: show filename in CSS minification warnings for .css?inline (#​22292) (83f0a78)
• optimizer: allow user transform.target to override default in optimizeDeps (#​22273) (5c7cec6)
• remove format sniffing module resolution from JS resolver (#​22297) (b8a21cc)

Code Refactoring

• enable some typecheck rules (#​22278) (9437518)
• typecheck client directory (#​22284) (40a0847)

v8.0.9

Compare Source

Features

• update rolldown to 1.0.0-rc.16 (#​22248) (2947edd)

Bug Fixes

• allow binding when strictPort is set but wildcard port is in use (#​22150) (dfc8aa5)
• build: emptyOutDir should happen for watch rebuilds (#​22207) (ee52267)
• bundled-dev: reject requests to HMR patch files in non potentially trustworthy origins (#​22269) (868f141)
• css: use unique key for cssEntriesMap to prevent same-basename collision (#​22039) (374bb5d)
• deps: update all non-major dependencies (#​22219) (4cd0d67)
• deps: update all non-major dependencies (#​22268) (c28e9c1)
• detect Deno workspace root (fix #​22237) (#​22238) (1b793c0)
• dev: handle errors in watchChange hook (#​22188) (fc08bda)
• optimizer: handle more chars that will be sanitized (#​22208) (3f24533)
• skip fallback sourcemap generation for ?raw imports (#​22148) (3ec9cda)

Documentation

• align the descriptions in READMEs (#​22231) (44c42b9)
• fix reuses wording in dev environment comment (#​22173) (9163412)
• fix wording in sass error comment (#​22214) (bc5c6a7)
• update build CLI defaults (#​22261) (605bb97)

Miscellaneous Chores

• deps: update dependency dotenv-expand to v13 (#​22271) (0a3887d)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "every 3 months"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Playwright E2E Test Results

92 tests  ±0   92 ✅ ±0   2m 13s ⏱️ -6s
75 suites ±0    0 💤 ±0 
 1 files   ±0    0 ❌ ±0 

Results for commit 85c7b38. ± Comparison against base commit 1ae01e2.

♻️ This comment has been updated with latest results.