Skip to content

chore(deps): update dependency knip to v6#33

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/knip-6.x
Open

chore(deps): update dependency knip to v6#33
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/knip-6.x

Conversation

@renovate

@renovate renovate Bot commented May 1, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
knip (source) ^5.85.0^6.26.0 age confidence

Release Notes

webpro-nl/knip (knip)

v6.26.0: Release 6.26.0

Compare Source

  • ci: add path filters (#​1871) (4249935) - thanks @​trueberryless!
  • Add CodeRabbit as gold sponsor (1da09fd)
  • Fix up docs a bit more (39125a7)
  • Don't report ambient declaration files as unused (aed361c)
  • Register oclif command files as entries (3b4d58c)
  • Add electron-vite plugin (d92107e)
  • Add esbuild plugin (ef3b601)
  • Ignore more globally available binaries (8292981)
  • Resolve #-imports to source when node condition is unbuilt (resolve #​1873) (f2713ed)
  • Ignore gh as a globally available binary (a6f0772)
  • Resolve Vitest benchmark files as entries (5742913)
  • Extract shared Vue auto-import machinery into plugins/_vue (7301075)
  • Scope compiler extensions per workspace (5e6f82b)
  • Resolve auto-imported components in the Vue SFC compiler (009aad8)
  • Add plugins for the Vue auto-import ecosystem (f638c83)
  • Enable Vue SFC compiler on unplugin-vue and @​vitejs/plugin-vue (9396ab1)
  • Recognize vite-plugin-vue-meta-layouts (same layouts convention) (3ceee89)
  • Add vite-plugin-pages and unplugin-icons plugins (9bc1754)
  • Add vite-plugin-pwa and @​intlify/unplugin-vue-i18n plugins (45dea0a)
  • Dog, food. (e1249ad)
  • Update query snapshot (a45941d)
  • Don't misread Nitro route types as Vue component auto-imports (43aecd5)
  • Read oxlint jsPlugins from vite-plus vite.config and .oxlintrc.json (589ffda)
  • Add vite-plus plugin for run.tasks and staged scripts (f041c19)
  • Support @​vite-pwa/nuxt PWA config in nuxt.config (8fa7b11)
  • Add @​vite-pwa/assets-generator plugin (4254f7d)
  • Add @​nuxtjs/i18n plugin (dfb9acb)
  • Read plugin entries from vite.config options and index.html (d533da8)
  • Fix false positives in VitePress, next-mdx and unplugin-vue-i18n plugins (b99702a)
  • Respect optional peers in pnpm and Yarn packageExtensions (aab080b)
  • Detect babel plugins in the Storybook config (5dea975)
  • Add shared AST helpers for imported calls and first property values (c84bb7a)
  • Inline trivial resolveFromAST wrappers and normalize orval and sst (620079d)
  • Extract inline resolveFromAST implementations to dedicated files (b5231c1)
  • Normalize resolveFromAST files to a uniform contract (fc1ba0f)
  • chore: migrate to Astro 7 and Sätteri (#​1875) (f256a5b) - thanks @​trueberryless!
  • Show contributor count on docs homepage (6b8454a)
  • Exclude gitignored package entry points (606e5d0)
  • Add Tauri plugin (199180d)
  • Add Laravel plugin (1974533)
  • Add Quasar plugin (a220729)

v6.25.0: Release 6.25.0

Compare Source

v6.24.0: Release 6.24.0

Compare Source

v6.23.0: Release 6.23.0

Compare Source

v6.22.0: Release 6.22.0

Compare Source

v6.21.0: Release 6.21.0

Compare Source

v6.20.0: Release 6.20.0

Compare Source

v6.19.0: Release 6.19.0

Compare Source

v6.18.0: Release 6.18.0

Compare Source

v6.17.2: Release 6.17.2

Compare Source

v6.17.1: Release 6.17.1

Compare Source

  • Remove ignoreBinaries w/ tar (b13d0ca)
  • Wrap up docs/refs (29f3e46)
  • Update dependencies (7b2f345)
  • Fix up vscode-languageclient imports (820c233)

v6.17.0: Release 6.17.0

Compare Source

v6.16.1: Release 6.16.1

Compare Source

v6.16.0: Release 6.16.0

Compare Source

  • Update sponsors data + fix sponsors layout on narrow screen (fadf13a)
  • Detect binaries and entry files in node:child_process calls (fc3598c)
  • It works™ (2d9ce84)
  • Extend known issues doc w/ workaround (close #​1763) (fcd444b)
  • Support ignoreExportsUsedInFile per workspace (close #​1495) (4b898a9)
  • feat(vscode): add workspaceRoot config option to enable use in a VSCode workspace that does not have package.json at the workspace root (#​1667) (7c1ebef) - thanks @​anmilleriii!
  • Replace minimist with node:util.parseArgs (resolve #​1492) (b360c5c)
  • Preserve minimist numeric coercion and --no-x negation (c12153c)
  • Simplify parseArgs adapter (ba15e41)
  • Detect and credit registered custom elements (resolve #​1394) (62dcda5)
  • Add Lit and FAST plugins to detect @​customElement classes (348d2c9)
  • Add new testimonials (77fd7ed)
  • Scope custom path aliases per workspace (resolve #​1775) (d908099)
  • Restructure tests (ec4c779)
  • Simplify boolean check in parseArgs adapter (ba6865d)
  • Scope static custom-element define detection to the FAST plugin (94632cd)
  • Add Custom Elements feature docs page (230bd73)
  • Update known-issues.md (f1f4c1b)
  • Fix crash on backtick string literals in plugin config (resolve #​1776) (f1adc7f)
  • Format (e4720ca)
  • Fix backtick string literals in require() and plugin-name config arrays (#​1776) (d14eb05)
  • Credit custom elements via aliases, scoped registries, and static blocks (d7cbe12)
  • Improve Stencil plugin: credit @​Component and recognize test files (152d730)
  • Add Catalyst plugin to credit bare @​controller custom elements (8a37f8c)
  • Document Stencil, Catalyst, static-block custom el reg. (105fba3)
  • Auto-format md (f4fcf4e)

v6.15.0: Release 6.15.0

Compare Source

v6.14.2: Release 6.14.2

Compare Source

v6.14.1: Release 6.14.1

Compare Source

v6.14.0: Release 6.14.0

Compare Source

  • Resolve imports satisfied via transitive peerDeps (d654ec7)
  • Don't flag undeclared sibling workspace imports as unlisted (#​1742) (e7122a1)
  • Update github-actions reporter snapshots (2308b5a)
  • Cache syncGlob() results like defaultGlob() does (6c34287)
  • Trim redundant statSync calls in FileEntryCache (eee3b89)
  • Cache parsed .gitignore patterns across --cache runs (7ffdc2f)
  • Tighten cache module callsites (64e5072)
  • Extract shared disk-cache helper used by glob and gitignore caches (0987421)
  • Simplify CacheConsultant: replace trampoline with default arrow methods (bebe750)
  • Pin pnpm minimumReleaseAge and trustPolicy (77efb32)
  • Eliminate rescanFrontier polling in walkAndAnalyze (38d91b6)
  • Reduce findWorkspaceByFilePath per-call overhead (9149437)
  • Memoize DependencyDeputy.getDependencies (a661a21)
  • Tighten module-graph map helpers (drop double-lookup + optional chains) (c11d62f)
  • Add --duration flag for zero-overhead duration measurement (d4b59d8)
  • Cover analysis pipeline with --performance timerify (694dbf4)
  • Align --help text (6f12997)
  • Add cli arg shorthands: -p, -s, -w, -D, -f, -F, -u (f21a587)
  • Format (8db5346)
  • This one's okay (662ceaf)

v6.13.1: Release 6.13.1

Compare Source

  • Add jest.config.{cts,mts} (#​1743) (44738d6) - thanks @​joshkel!
  • Update ecosystem tests (74420a6)
  • Fix export * as re-exported namespace case (5923af4)
  • Add .mts and .cts config files to some plugins (69d1e83)
  • Docusaurus: ignore @generated/*, handle local plugin paths (ce5f767)
  • Nx: expand {projectRoot} / {workspaceRoot} token variables (8715312)

v6.13.0: Release 6.13.0

Compare Source

v6.12.2: Release 6.12.2

Compare Source

  • Fix symbol reporter file paths with --directory (#​1733) (d54074d) - thanks @​cyphercodes!
  • fix(webpack): reference TS loaders for .ts/.cts config (close #​1732) (f37c5da)
  • fix(serverless-framework): skip functions without handler (close #​1735) (616739d)
  • ci(integration): disable minimumReleaseAge for test installs (081dfc8)
  • ci(snapshots): query — add CreateQueriesOptions to unused types (5dd0b8a)

v6.12.1: Release 6.12.1

Compare Source

Note

PR body was truncated to here.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM, on day 1 of the month (* 0-3 1 * *)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@socket-security

socket-security Bot commented May 1, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedknip@​5.85.0 ⏵ 6.26.099 +110095 +196100

View full report

@renovate renovate Bot force-pushed the renovate/knip-6.x branch 4 times, most recently from 8e6fd53 to 4e4b3f9 Compare May 7, 2026 21:42
@renovate renovate Bot force-pushed the renovate/knip-6.x branch 5 times, most recently from 9f3fac2 to b8f2800 Compare May 16, 2026 08:34
@renovate renovate Bot force-pushed the renovate/knip-6.x branch 2 times, most recently from 11103ba to e4178b0 Compare May 28, 2026 19:43
@renovate renovate Bot force-pushed the renovate/knip-6.x branch from e4178b0 to be44c88 Compare May 31, 2026 14:31
@renovate renovate Bot force-pushed the renovate/knip-6.x branch 2 times, most recently from a9ccbb0 to 6e05837 Compare June 11, 2026 18:51
@renovate renovate Bot force-pushed the renovate/knip-6.x branch 3 times, most recently from d3013f0 to ca59528 Compare June 22, 2026 18:46
@socket-security

socket-security Bot commented Jun 22, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @emnapi/runtime is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package-lock.jsonnpm/knip@6.26.0npm/@emnapi/runtime@1.11.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@emnapi/runtime@1.11.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@renovate renovate Bot force-pushed the renovate/knip-6.x branch 4 times, most recently from 7b8db7a to de077b5 Compare June 28, 2026 10:42
@renovate renovate Bot force-pushed the renovate/knip-6.x branch 2 times, most recently from 51b9a38 to 958f953 Compare July 7, 2026 12:09
@renovate renovate Bot force-pushed the renovate/knip-6.x branch from 958f953 to 283db8a Compare July 10, 2026 11:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants