chore(deps): update npm packages (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@vitest/browser (source)	^3.2.4 -> ^4.0.0
@vitest/ui (source)	^3.2.4 -> ^4.0.0
happy-dom	^18.0.1 -> ^20.0.0
recharts	^2.12.6 -> ^3.0.0
vitest (source)	^3.2.4 -> ^4.0.0

---

Release Notes

vitest-dev/vitest (@​vitest/browser)

v4.0.3

Compare Source

   🐞 Bug Fixes

• Preserve reporter options from config when CLI reporters override them  -  by @​Copilot and sheremet-va in #​8794 (15552)
• browser: More stable in-source testing validation  -  by @​sheremet-va in #​8793 (62297)
• happy-dom: Support fetch globals  -  by @​sheremet-va in #​8791 (0fb74)
• init: Use correct jsx/tsx extension  -  by @​sheremet-va in #​8792 (abc04)

    View changes on GitHub

v4.0.2

Compare Source

   🐞 Bug Fixes

• browser:
  • Don't print the deprecation notice in node_modules  -  by @​sheremet-va in #​8779 (588f7)
• pool:
  • Assign envs before running tests to keep in sync with process.env  -  by @​sheremet-va in #​8769 (26ce8)
• spy:
  • Properly inherit implementation's length  -  by @​sheremet-va in #​8778 (d4c2b)
  • Reset spies if both restoreMocks and mockReset are set in the config  -  by @​sheremet-va in #​8781 (2eedb)

    View changes on GitHub

v4.0.1

Compare Source

   🐞 Bug Fixes

• Move the getBuiltins check  -  by @​sheremet-va in #​8765 (81000)
• pool: Don't teardown the communication channel too soon if something is running after the test  -  by @​sheremet-va in #​8767 (3fae7)

    View changes on GitHub

v4.0.0

Compare Source

Vitest 4.0 is out!

To stay updated, read our blog post and check the migration guide.

   🚨 Breaking Changes

• Remove 'basic' reporter  -  by @​AriPerkkio in #​7884 (82fcf)
• Simplify default exclude pattern  -  by @​sheremet-va in #​6287 (14c50)
• Remove deprecated getSourceMap  -  by @​sheremet-va in #​8194 (ff934)
• Replace deprecated ErrorWithDiff with TestError  -  by @​sheremet-va in #​8195 (da59e)
• Remove UserConfig type in favor of ViteUserConfig  -  by @​sheremet-va in #​8196 (22f7f)
• Remove deprecated coverage options in favor of vitest/node exports  -  by @​sheremet-va in #​8197 (dc848)
• Remove deprecated internal helpers and environment exports  -  by @​sheremet-va in #​8198 (4703c)
• Remove deprecated typecheck and runner types  -  by @​sheremet-va in #​8199 (89a1c)
• Remove Node types from the main entry point, use vitest/node instead  -  by @​sheremet-va in #​8200 (1e60c)
• Remove support for Vite 5  -  by @​sheremet-va in #​8202 (cb8b0)
• Remove deprecated types  -  by @​sheremet-va in #​8203 (66bee)
• Remove deprecated environmentMatchGlobs and poolMatchGlobs  -  by @​sheremet-va in #​8205 (be11d)
• Remove deprecated workspace option in favor of projects  -  by @​sheremet-va in #​8218 (76fb7)
• Ignore --standalone when CLI filename filter is used  -  by @​AriPerkkio in #​8262 (013bf)
• Use module-runner instead of vite-node  -  by @​sheremet-va and @​AriPerkkio in #​8208 (9be01)
• Rewrite spying implementation to make module mocking more intuitive  -  by @​sheremet-va in #​8363 (9e412)
• Remove deprecated APIs  -  by @​sheremet-va in #​8428 (a1cb9)
• Remove minWorkers and set it automatically to 0 in non watch mode  -  by @​sheremet-va in #​8454 (2c2d1)
• Verbose reporter prints tests in a list, introduce tree reporter  -  by @​sheremet-va and @​AriPerkkio in #​8500 (25fd3)
• Include shadow root contents in pretty-format output  -  by @​wkillerud in #​8545 (9e722)
• Remove deprecated order from test() API  -  by @​sheremet-va in #​8594 (4d419)
• Rewrite pools without tinypool  -  by @​AriPerkkio and @​sheremet-va in #​8705 (4822d)
• browser: Require a provider factory instead of a string  -  by @​sheremet-va in #​8445 (606cb)
• expect: Pass current equality testers to asymmetric matcher  -  by @​hi-ogawa in #​6825 (965ce)
• projects: Allow only files that have "vitest.config" or "vite.config" in the name  -  by @​sheremet-va in #​8542 (304bc)
• reporter: Remove deprecated APIs  -  by @​AriPerkkio and @​sheremet-va in #​8223 (149f8)
• runner: Set mode to todo if no function is passed down to test or describe  -  by @​sheremet-va in #​8346 (1a81c)
• snapshot: Fail test with obsolete snapshot on CI  -  by @​hi-ogawa in #​7963 (4d84f)
• spy: Support spying on classes  -  by @​sheremet-va in #​6160 (abc0d)

   🚀 Features

• Provide entity to onConsoleLog  -  by @​sheremet-va in #​8159 (437d4)
• Add onUnhandledError callback  -  by @​sheremet-va in #​8162 (924cb)
• Add spy option to vi.mockObject  -  by @​rChaoz in #​8285 (81d76)
• Don't use vite-node in coverage packages  -  by @​sheremet-va (ffdb4)
• Clickable dashboard numbers  -  by @​shairez in #​7406 (2344c)
• Display test "path" when filtering  -  by @​userquin in #​8547 (2e491)
• Introduce separate packages for browser mode providers  -  by @​sheremet-va in #​8629 (0dc93)
• Add hooks with type-safe extra context to TestAPI  -  by @​ysfaran in #​8623 (6b21c)
• Support expect.assert for type narrowing  -  by @​sheremet-va in #​8695 (fe589)
• Add displayAnnotations option to github-options  -  by @​sheremet-va in #​8706 (4a66d)
• Add schema validation matchers  -  by @​zirkelc in #​8527 (c0b25)
• Add a way to dump transformed content  -  by @​sheremet-va in #​8711 (931c0)
• api:
  • Expose experimental_parseSpecifications  -  by @​sheremet-va in #​8408 (fdeb2)
  • Expose Vitest watcher  -  by @​sheremet-va in #​8413 (aaa6e)
  • Add enableCoverage and disableCoverage methods  -  by @​sheremet-va and @​AriPerkkio in #​8412 (61eb7)
  • Add getGlobalTestNamePattern method  -  by @​sheremet-va in #​8438 (bdb70)
  • Add relativeModuleId to TestModule  -  by @​sheremet-va in #​8505 (3be09)
  • Add getSeed method  -  by @​sheremet-va in #​8592 (438c4)
• browser:
  • Support toBeInViewport utility method to assert element is in viewport or not  -  by @​Shinyaigeek in #​8234 (ceed5)
  • Add qwik to the vitest init cli command  -  by @​thejackshelton in #​8330 (1638b)
  • Introduce toMatchScreenshot for Visual Regression Testing  -  by @​macarie in #​8041 (d45f9)
  • Add trackUnhandledErrors option  -  by @​sheremet-va in #​8386 (c0ec0)
  • Support iframe locator with playwright provider  -  by @​sheremet-va in #​8016 (57b2c)
  • Add length property to locators, toHaveLength now accepts locators  -  by @​sheremet-va in #​8512 (2308c)
  • Support playwright tracing  -  by @​sheremet-va in #​8584 (1aac5)
  • Expose options on BrowserProviderOption  -  by @​sheremet-va in #​8609 (0d0e5)
  • Support --inspect option in webdriverio  -  by @​sheremet-va in #​8613 (38adc)
  • Support custom screenshot comparison algorithms  -  by @​macarie in #​8687 (e63b1)
• coverage:
  • autoUpdate to support percentage formatting  -  by @​Battjmo and @​AriPerkkio in #​8456 (99e01)
• expect:
  • Support toBeNullable expect function to check provided value is nullish  -  by @​Shinyaigeek and @​sheremet-va in #​8294 (eeec5)
• mocker:
  • Add automocker entry  -  by @​sheremet-va in #​8301 (e9c92)

   🐞 Bug Fixes

• Allow overriding globals in types  -  by @​sheremet-va in #​8215 (2248b)
• Remove unused dependencies  -  by @​AriPerkkio in #​8184 (feadc)
• Distribute test files to shards more evenly  -  by @​Shinyaigeek and @​AriPerkkio in #​8288 (7b489)
• Use suite's timeout when test.extend  -  by @​AriPerkkio in #​8278 (43977)
• Support snapshot with no object key sorting  -  by @​hi-ogawa and @​sheremet-va in #​8136 (e85e3)
• Annotation location always points to the test file  -  by @​sheremet-va in #​8315 (88071)
• Add --changed flag support to vitest list command  -  by @​haakonjackfloat in #​8270 and #​8272 (e71a5)
• Prevent rpc timeout on slow thread blocking synchronous methods  -  by @​AriPerkkio and @​sheremet-va in #​8297 (bea87)
• Forbid setting environment to browser  -  by @​sheremet-va in #​8334 (0417a)
• Invalidate modules in all module graphs when the file is changed  -  by @​sheremet-va in #​8352 (94ab3)
• Screenshot masks with Playwright provider  -  by @​macarie in #​8357 (459ef)
• Configure oxc instead of esbuild on rolldown-vite  -  by @​hi-ogawa in #​8378 (e922e)
• Make sure test errors always have stacks property in Node.js context  -  by @​sheremet-va in #​8392 (b825e)
• Support import.meta.resolve on Vite 7  -  by @​hi-ogawa in #​8493 (549d3)
• Show the assertion error first when expect.poll assertion fails  -  by @​sheremet-va in #​8483 (fb450)
• Override fake timers when useFakeTimers is called multiple times  -  by @​sheremet-va in #​8504 (ed7e3)
• Custom expect messages for expect.extend matchers  -  by @​lzl0304 in #​8520 (96945)
• Process sourcemaps for stack traces from globalSetup files  -  by @​sheremet-va in #​8534 (8978a)
• Resolve performance issue when throwing errors with stackTraceLimit = 0  -  by @​Copilot, sheremet-va and @​AriPerkkio in #​8531 (6d5b5)
• Avoid recursively applying $ and % formatting to test.for/each title  -  by @​hi-ogawa in #​8557 (ea6d7)
• Replace wildcard exports "./*" with specific files in vitest package  -  by @​hi-ogawa in #​8560 (ce746)
• Don't publish unused d.ts files  -  by @​sheremet-va in #​8562 (42dfd)
• Remove loupe dependencies from optimizeDeps.include for browser mode  -  by @​jake-danton in #​8570 (cdcf7)
• Update engines field to drop Node 18 support  -  by @​sheremet-va in #​8608 (9a0bf)
• Correctly inherit test options on extended tests  -  by @​sheremet-va in #​8618 (15c09)
• Update @​types/node peer deps  -  by @​sheremet-va (ee6b2)
• Re-export CDP Session directly from playwright  -  by @​mrginglymus in #​8702 (9553a)
• Disable trackUnhandledErrors if inspector is enabled  -  by @​sheremet-va in #​8732 (acac7)
• base option doesn't crash vitest  -  by @​sheremet-va in #​8760 (9f0ec)
• browser:
  • Run in-source tests only when the file itsels is a test file  -  by @​sheremet-va in #​8204 (bdd2e)
  • locator.element() returns HTMLElement or SVGElement  -  by @​sheremet-va in #​8440 (c1ac1)
  • Don't import from vite directly  -  by @​sheremet-va in #​8541 (d7fca)
  • Update expect.element type to match the implementation  -  by @​sheremet-va in #​8597 (b2804)
  • Throw an error if iframe is not accessible anymore  -  by @​sheremet-va in #​8601 (6acdc)
  • Stop creating unnecessary directories when taking screenshots  -  by @​macarie in #​8605 (b1c8f)
  • Always define commands  -  by @​sheremet-va in #​8626 (acbe0)
  • Exclude deprecated context import from optimization  -  by @​sheremet-va in #​8658 (a96ea)
  • Allow importing BrowserCommand if no browser package is installed  -  by @​sheremet-va in #​8666 (95c36)
  • Define an export for browser/utils  -  by @​sheremet-va in #​8678 (529ab)
  • Allow service workers to mock the network in chromium without breaking vi.mock  -  by @​Georgegriff and @​sheremet-va in #​8668 (87108)
  • Support sync not.toBeInTheDocument()  -  by @​sheremet-va in #​8751 (f5d06)
• core:
  • Fix objectContaining expect utility to have more compatibility to jest's one  -  by @​Shinyaigeek in #​8241 (480be)
• coverage:
  • Include files based on --project filter  -  by @​gtbuchanan in #​7885 (761be)
  • Prevent encoding filenames of uncovered files  -  by @​AriPerkkio in #​8239 (8a998)
  • Handle query param based transforms correctly  -  by @​AriPerkkio in #​8418 (a400a)
  • Enforce order of vitest:coverage-transform plugin  -  by @​AriPerkkio in #​8477 (ff517)
  • V8 to ignore Vite's generated cjs import helpers  -  by @​mrginglymus and @​AriPerkkio in #​8718 (35816)
  • Keep only strings in coverage.exclude  -  by @​sheremet-va in #​8731 (c9c30)
• deps:
  • Update all non-major dependencies  -  by @​sheremet-va in #​8235 (a1e57)
  • Update all non-major dependencies  -  in #​8328 (aa79e)
  • Update all non-major dependencies  -  in #​8348 (13f94)
  • Update all non-major dependencies  -  by @​sheremet-va in #​8382 (704eb)
  • Update all non-major dependencies  -  in #​8550 (048f7)
• jsdom:
  • Override globals that Fetch API relies on  -  by @​sheremet-va in #​8390 (05b41)
  • Support AbortSignal API  -  by @​sheremet-va in #​8704 (f6690)
• mocker:
  • Fix regexpHoistable to allow whitespace before parentheses  -  by @​cszhjh in #​8231 (a0f9a)
• module-runner:
  • Resolve resolvedSources correctly  -  by @​sheremet-va in #​8736 (8fc52)
  • Support getBuiltins  -  by @​sheremet-va in #​8746 (87bb8)
• pool:
  • Properly reuse the vm pool  -  by @​sheremet-va in #​8758 (08498)
• reporter:
  • Invisible CLI menus when vitest --standalone  -  by @​AriPerkkio in #​8248 (37cc2)
• rolldown-vite:
  • Properly disable minifier in the browser client  -  by @​sheremet-va in #​8306 (f55bb)
• runner:
  • Don't bundle runner with utils  -  by @​sheremet-va in #​8496 (2b4b0)
• spy:
  • Fix spyOn types with optional method  -  by @​sheremet-va in #​8499 (d3afa)
  • Can respy on an exported method  -  by @​sheremet-va in #​8521 (bf450)
  • Don't fail when spying on static getters  -  by @​sheremet-va in #​8589 (ac1d9)
• types:
  • Ensure Chai declaration merge works with TS-Go  -  by @​LukeAbby in #​8188 (5261d)
  • Allow returning a promise from defineConfig  -  by @​sheremet-va in #​8651 (c3474)
• ui:
  • Keep the same tab open when clicking on different tests  -  by @​sheremet-va in #​8599 (3e535)
• utils:
  • Remove ast export  -  by @​bluwy in #​8435 (21622)
• vitest:
  • Override config.include option with config.browser.instances[].include option if it is specified  -  by @​Shinyaigeek in #​8260 (010fc)
• watch:
  • Filename filter runs duplicate tests in workspaces  -  by @​AriPerkkio in #​8250 (932d8)
• wdio:
  • Wait for the driver to be properly closed  -  by @​sheremet-va in #​8305 (c16ab)
  • Properly construct the shadow root selector if there are multiple elements  -  by @​sheremet-va in #​8354 (28765)

   🏎 Performance

• Avoid spawning extra workers if no tests will run there  -  by @​sheremet-va in #​8446 (3fb3e)
• Don't set process.title  -  by @​sheremet-va in #​8453 (0a766)
• Remove chai as a direct dependency, keep it in @vitest/expect  -  by @​sheremet-va in #​8461 (cc98c)
• Reduce the amount of dynamic imports  -  by @​sheremet-va in #​8465 (db6cd)
• Use ES2022 language features  -  by @​TrevorBurnham in #​8492 (bb34c)
• Delay populating node-globals  -  by @​sheremet-va in #​8506 (41cbc)
• Get workerId from a global object  -  by @​sheremet-va in #​8507 (46b13)
• Replace startsWith with strict equality  -  by @​btea in #​8546 (c42e6)
• Reduce the number of unused imports  -  by @​sheremet-va in #​8508 (9a79b)
• Use experimental meta.resolve flag instead of a custom loader  -  by @​sheremet-va in #​8567 (2e063)
• Create only one fetcher per project  -  by @​sheremet-va in #​8762 (8e15b)
• pool: Resolve all environments first  -  by @​sheremet-va in #​8759 (d3ef4)

    View changes on GitHub

capricorn86/happy-dom (happy-dom)

v20.0.8

Compare Source

👷‍♂️ Patch fixes

• Fixes issue where previousSibling() and nextSibling() didn't work in HTMLSelectElement and HTMLFormElement - By @​capricorn86 in task #​1939
• Fixes issue where parsing an item without a permitted parent (e.g. <tr>) should be valid inside a <template> element - By @​capricorn86 in task #​1939

v20.0.7

Compare Source

👷‍♂️ Patch fixes

• Fix incorrect handling of >= operator in media query parser - By @​lkritsimas in task #​1869

v20.0.6

Compare Source

👷‍♂️ Patch fixes

• Changes implementation for DOMTokenList.forEach(), Headers.forEach() and NodeList.forEach() to be spec compliant - By @​ikeyan in task #​1858

v20.0.5

Compare Source

👷‍♂️ Patch fixes

• The setter TreeWalker.currentNode should validate if the value is a Node - By @​capricorn86 in task #​1935

v20.0.4

Compare Source

👷‍♂️ Patch fixes

• Only adds buttons to FormData if they are the submitter - By @​maxmil and @​
  karpiuMG in task #​1859

v20.0.3

Compare Source

👷‍♂️ Patch fixes

• Moves URL resolution to after checking if module preloading is enabled to prevent URL errors to be thrown when unresolvable - By @​iam-medvedev in task #​1851
• Fixes issue where CSS variables aren't parsed correctly when inside CSS functions - By @​fimion in task #​1837

v20.0.2

Compare Source

👷‍♂️ Patch fixes

• Adds frozen intrinsics flag to workers in @happy-dom/server-renderer - By @​capricorn86 in task #​1934

v20.0.1

Compare Source

👷‍♂️ Patch fixes

• Adds warning for environment with unfrozen intrinsics (builtins) when JavaScript evaluation is enabled- By @​capricorn86 in task #​1932
  • A security advisory has been reported showing that the recommended preventive measure of running Node.js with --disallow-code-generation-from-strings wasn't enough to protect against attackers escaping the VM context and accessing process-level functions. Big thanks to @​cristianstaicu for reporting this!
  • The documentation for how to run Happy DOM with JavaScript evaluation enabled in a safer way has been updated. Read more about it in the Wiki

v20.0.0

Compare Source

I avoid making breaking changes as much as possible in Happy DOM. When I have to make a breaking change, I try to keep it as minimal as possible. This could be a breaking change that impacts many projects, and I am truly sorry if you are negatively affected by this.

💣 Breaking Changes

• Due to security risks, JavaScript evaluation is now disabled by default - By @​capricorn86 in task #​1930
  • A security advisory (GHSA-37j7-fg3j-429f) has been reported that shows a security vulnerability where it's possible to escape the VM context and get access to process level functionality. Big thanks to @​Mas0nShi for reporting this!
  • Due to this security risk, JavaScript evaluation is now disabled by default to prevent that consumers accidentally executes untrusted code without taking precautions
  • JavaScript evaluation can be enabled by setting enableJavaScriptEvaluation to "true". Read more about how to enable this in a safer way in the Wiki

[v19.0.2](ht

---

Configuration

📅 Schedule: Branch creation - "before 9am on monday" in timezone Asia/Shanghai, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml

Scope: all 5 workspace projects
Progress: resolved 1, reused 0, downloaded 0, added 0
 ERR_PNPM_FETCH_401  GET https://npm.pkg.github.com/@voidzero-dev%2Fvite-plus: Unauthorized - 401

This error happened while installing a direct dependency of /tmp/renovate/repos/github/voidzero-dev/vibe-dashboard

An authorization header was used: Bearer ghp_[hidden]

These authorization settings were found:
@jsr:registry=https://npm.jsr.io/
@voidzero-dev:registry=https://npm.pkg.github.com/
//npm.pkg.github.com/:_authToken=ghp_[hidden]