chore(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@algolia/client-search (source)	5.2.1 → 5.52.1			dependencies	minor
@angular/animations (source)	^20.0.0 → ^20.3.21			devDependencies	patch
@angular/build	^20.0.0 → ^20.3.26			devDependencies	patch
@angular/cli	^20.0.0 → ^20.3.26			devDependencies	patch
@angular/common (source)	^20.0.0 → ^20.3.21			devDependencies	patch
@angular/common (source)	^20.0.0 → ^20.3.21			dependencies	patch
@angular/compiler (source)	^20.0.0 → ^20.3.21			devDependencies	patch
@angular/compiler (source)	^20.0.0 → ^20.3.21			dependencies	patch
@angular/compiler-cli (source)	^20.0.0 → ^20.3.21			devDependencies	patch
@angular/core (source)	^20.0.0 → ^20.3.21			devDependencies	patch
@angular/core (source)	^20.0.0 → ^20.3.21			dependencies	patch
@angular/forms (source)	^20.0.0 → ^20.3.21			dependencies	patch
@angular/platform-browser (source)	^20.0.0 → ^20.3.21			devDependencies	patch
@angular/platform-browser (source)	^20.0.0 → ^20.3.21			dependencies	patch
@angular/router (source)	^20.0.0 → ^20.3.21			dependencies	patch
@arethetypeswrong/cli (source)	^0.15.3 → ^0.18.2			devDependencies	minor
@astrojs/check (source)	^0.9.4 → ^0.9.9			dependencies	patch
@astrojs/solid-js (source)	^5.0.7 → ^5.1.3			dependencies	patch
@babel/core (source)	^7.26.0 → ^7.29.0			devDependencies	patch
@babel/core (source)	^7.24.9 → ^7.29.0			devDependencies	patch
@babel/preset-env (source)	^7.26.0 → ^7.29.5			devDependencies	patch
@babel/preset-react (source)	^7.25.9 → ^7.28.5			devDependencies	patch
@changesets/cli (source)	^2.29.8 → ^2.31.0			devDependencies	minor
@cspell/eslint-plugin (source)	^9.2.1 → ^9.8.0			devDependencies	minor
@eslint-react/eslint-plugin (source)	^2.0.1 → ^2.13.0			devDependencies	patch
@eslint/js (source)	^9.36.0 → ^9.39.4			devDependencies	patch
@expo/config (source)	^10.0.5 → ^10.0.11			devDependencies	patch
@js-temporal/polyfill	^0.4.4 → ^0.5.1			dependencies	minor
@kobalte/core (source)	^0.13.4 → ^0.13.11			devDependencies	patch
@lit-labs/ssr (source)	^3.3.0 → ^3.3.1			dependencies	patch
@lit-labs/ssr-client (source)	^1.1.7 → ^1.1.8			devDependencies	patch
@preact/preset-vite	^2.10.2 → ^2.10.5			devDependencies	patch
@react-native-community/netinfo	^11.4.1 → ^11.5.2			dependencies	patch
@size-limit/preset-small-lib	^12.0.0 → ^12.1.0			devDependencies	minor
@solid-primitives/keyed (source)	^1.2.2 → ^1.5.3			devDependencies	patch
@solid-primitives/resize-observer (source)	^2.0.26 → ^2.1.5			devDependencies	patch
@solidjs/router	^0.15.3 → ^0.16.1			dependencies	minor
@solidjs/start (source)	^1.1.3 → ^1.3.2			dependencies	patch
@sveltejs/adapter-auto (source)	^6.1.0 → ^6.1.1			devDependencies	patch
@sveltejs/package (source)	^2.4.0 → ^2.5.7			devDependencies	patch
@tailwindcss/vite (source)	^4.1.13 → ^4.3.0			devDependencies	minor
@tailwindcss/vite (source)	^4.0.14 → ^4.3.0			devDependencies	minor
@tanstack/eslint-config (source)	0.3.2 → 0.4.0			devDependencies	minor
@tanstack/typedoc-config (source)	0.3.1 → 0.3.3			devDependencies	patch
@tanstack/vite-config (source)	0.4.3 → 0.5.2			devDependencies	minor
@tanstack/vue-query (source)	^5.90.2 → ^5.100.10			dependencies	minor
@testing-library/angular	^18.0.0 → ^18.1.1			devDependencies	patch
@testing-library/dom	^10.4.0 → ^10.4.1			devDependencies	patch
@testing-library/jest-dom	^6.8.0 → ^6.9.1			devDependencies	patch
@testing-library/react	^16.1.0 → ^16.3.2			devDependencies	patch
@testing-library/svelte (source)	^5.2.8 → ^5.3.1			devDependencies	patch
@tsconfig/svelte (source)	^5.0.4 → ^5.0.8			devDependencies	patch
@typescript-eslint/eslint-plugin (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/parser (source)	^8.48.0 → ^8.59.3			devDependencies	minor
@typescript-eslint/parser (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/project-service (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/rule-tester (source)	^8.48.0 → ^8.59.3			devDependencies	minor
@typescript-eslint/rule-tester (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/scope-manager (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/tsconfig-utils (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/type-utils (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/types (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/typescript-estree (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/utils (source)	^8.58.1 → ^8.59.3			dependencies	minor
@typescript-eslint/utils (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@typescript-eslint/visitor-keys (source)	8.58.1 → 8.59.3			pnpm.overrides	minor
@vitejs/plugin-react (source)	^4.3.4 → ^4.7.0			devDependencies	patch
@vitejs/plugin-react (source)	^4.3.4 → ^4.7.0			dependencies	patch
@vitejs/plugin-vue (source)	^5.2.1 → ^5.2.4			devDependencies	patch
@vitest/coverage-istanbul (source)	4.0.6 → 4.1.6			devDependencies	minor
@vitest/eslint-plugin	^1.4.0 → ^1.6.17			devDependencies	patch
@vue/devtools-api (source)	^6.6.3 → ^6.6.4			dependencies	patch
actions/labeler	v6.0.1 → v6.1.0			action	minor
babel-loader	^8.3.0 → ^8.4.1			devDependencies	patch
broadcast-channel (source)	^7.0.0 → ^7.3.0			dependencies	patch
esbuild	^0.27.2 → ^0.28.0			pnpm.overrides	minor
eslint (source)	^9.36.0 → ^9.39.4			devDependencies	patch
eslint (source)	^9.39.0 → ^9.39.4			devDependencies	patch
eslint-plugin-jsdoc	^50.5.0 → ^50.8.0			devDependencies	patch
eslint-plugin-svelte (source)	^3.11.0 → ^3.17.1			devDependencies	minor
eslint-plugin-vue (source)	^10.5.0 → ^10.9.1			devDependencies	minor
esm-env	^1.2.1 → ^1.2.2			dependencies	patch
expo (source)	^52.0.11 → ^52.0.49			dependencies	patch
expo-constants (source)	^17.0.3 → ^17.1.8			dependencies	patch
expo-status-bar (source)	^2.0.0 → ^2.2.3			dependencies	patch
globals	^17.4.0 → ^17.6.0			devDependencies	minor
goober	^2.1.16 → ^2.1.19			devDependencies	patch
graphql	^16.9.0 → ^16.14.0			dependencies	minor
graphql-request (source)	^7.1.2 → ^7.4.0			dependencies	patch
html-webpack-plugin	^5.6.3 → ^5.6.7			devDependencies	patch
idb-keyval	^6.2.1 → ^6.2.2			dependencies	patch
jsdom	^27.0.0 → ^27.4.0			devDependencies	patch
knip (source)	^6.0.2 → ^6.13.1			devDependencies	minor
lit (source)	^3.3.1 → ^3.3.2			dependencies	patch
markdown-link-extractor	^4.0.2 → ^4.0.3			devDependencies	patch
msw (source)	^2.6.6 → ^2.14.6			dependencies	minor
npm-run-all2	^5.0.0 → ^5.0.2			devDependencies	patch
nuxt (source)	^3.12.4 → ^3.21.5			devDependencies	minor
nx (source)	22.1.3 → 22.7.1			devDependencies	minor
pnpm (source)	10.24.0 → 10.33.4			packageManager	minor
preact (source)	^10.28.0 → ^10.29.1			devDependencies	patch
preact (source)	^10.28.0 → ^10.29.1			dependencies	patch
preact-render-to-string	^6.6.4 → ^6.6.7			devDependencies	patch
prettier (source)	^3.7.4 → ^3.8.3			devDependencies	patch
prettier-plugin-svelte	^3.4.0 → ^3.5.2			devDependencies	patch
publint (source)	^0.3.13 → ^0.3.21			devDependencies	patch
react-hot-toast	^2.5.2 → ^2.6.0			dependencies	patch
react-native (source, changelog)	^0.76.3 → ^0.85.3			dependencies	minor
react-native-gesture-handler (source)	^2.20.2 → ^2.31.2			dependencies	minor
react-native-paper (source)	^5.12.5 → ^5.15.2			dependencies	patch
react-native-reanimated (source)	^3.16.2 → ^3.19.5			dependencies	patch
react-native-safe-area-context	^4.12.0 → ^4.14.1			dependencies	patch
react-native-screens	^4.1.0 → ^4.25.0			dependencies	minor
react-native-web	^0.19.13 → ^0.21.2			dependencies	minor
react-router (source)	^6.25.1 → ^6.30.3			dependencies	patch
react-router-dom (source)	^6.25.1 → ^6.30.3			dependencies	patch
rooks (source)	^8.0.0 → ^8.4.0			dependencies	patch
rxjs (source)	~7.8.0 → ~7.8.2			dependencies	patch
sherif	^1.6.1 → ^1.11.1			devDependencies	patch
size-limit	^12.0.0 → ^12.1.0			devDependencies	minor
solid-js (source)	^1.9.7 → ^1.9.12			devDependencies	patch
solid-js (source)	^1.9.7 → ^1.9.12			dependencies	patch
solid-transition-group	^0.2.3 → ^0.3.0			devDependencies	minor
superjson	^2.2.2 → ^2.2.6			devDependencies	patch
svelte (source)	^5.39.3 → ^5.55.5			devDependencies	patch
svelte-check	^4.4.5 → ^4.4.8	![age](https://developer.mend.io/api/mc/badges/age/npm/svelte-check/4.

✂ Note

PR body was truncated to here.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Repository-wide dependency version bumps across many example, integration, and package manifests (Angular → ^20.3.x, Svelte/Solid/Vite/plugin updates, React Vite plugin bumps, assorted example framework deps), plus root pnpm and dev-tooling upgrades. No source code or API signatures changed.

Changes

Cohort / File(s)	Summary
Angular examples & integrations examples/angular/.../package.json, integrations/angular-cli-20/package.json, packages/angular-query-*/package.json	Bumped @angular/* runtime to ^20.3.19, build/cli to ^20.3.24, zone.js to 0.16.1, plus small supporting bumps (rxjs, tslib).
React examples & integrations examples/react/.../package.json, integrations/react-vite/package.json, integrations/react-webpack-*/package.json	Updated @vitejs/plugin-react to ^4.7.0, various example deps (router, msw, algolia, tailwind) and Babel/Webpack devDeps patched.
Svelte examples & packages examples/svelte/*/package.json, integrations/svelte-vite/package.json, packages/svelte-query*/package.json	Upgraded svelte to ^5.55.4, @sveltejs/* and svelte-check to newer patch releases.
Solid examples & packages examples/solid/*/package.json, integrations/solid-vite/package.json, packages/solid-query*/package.json	Bumped solid-js to ^1.9.12, vite-plugin-solid and related Solid dev deps to patch updates.
Vue examples & integrations examples/vue/*/package.json, integrations/vue-vite/package.json, packages/vue-query*/package.json	Bumped @vitejs/plugin-vue to ^5.2.4, updated some @tanstack/vue-query/Nuxt ranges and related tooling.
Preact examples & packages examples/preact/simple/package.json, packages/preact-query*/package.json	Updated preact to ^10.29.1, @preact/preset-vite to ^2.10.5, plus related devDeps.
GraphQL examples examples/react/basic-graphql-request/package.json, examples/solid/basic-graphql-request/package.json	Bumped graphql to ^16.13.2 and graphql-request to ^7.4.0.
React Native example examples/react/react-native/package.json	Multiple Expo/React Native ecosystem deps bumped (incl. react-native to ^0.85.1) and Babel/dev tooling updates.
Tailwind/CSS tooling examples/react/*, examples/svelte/star-wars/package.json	Bumped tailwindcss and @tailwindcss/vite to ^4.2.2 where present.
Dev utilities & root package.json, many packages/*/package.json	Root packageManager → pnpm@10.33.0; broad dev-tooling bumps (vitest, prettier, changesets, eslint variants), widespread npm-run-all2 bumps, and pnpm overrides updated (@typescript-eslint/*, esbuild).
Small isolated bumps examples/react/algolia/package.json, examples/react/offline/package.json, examples/vue/2.6-basic/package.json, integrations/react-next-*/package.json	Individual dependency bumps (e.g., @algolia/client-search, msw, vue-template-compiler, @js-temporal/polyfill).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• Revert "chore(deps): update all non-major dependencies" #9715: Modifies the same Angular example dependency pins and may conflict with or revert those changes.
• ci: update workspace config #9671: Broad workspace/tooling dependency and configuration updates overlapping root/dev-tooling changes.
• chore(deps): update all non-major dependencies #9712: Another repository-wide dependency bump that touches the same example and integration manifests.

Suggested labels

package: query-codemods

Poem

🐰 I hopped through package trees with cheer,
nudged versions forward, far and near,
Angular, Svelte, Solid, React—done,
pnpm polished, dev tools spun,
nibble the carrots of updates—hip hooray from me!

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	PR description is generated by Renovate with truncated body due to platform limits; lacks required 'Changes' section and doesn't address checklist items.	Add a 'Changes' section summarizing the dependency updates, and ensure the contributor checklist is properly addressed before merging.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title clearly and concisely describes the primary change: updating non-major dependencies across the repository.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/all-minor-patch

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[nx-cloud]

🤖 Nx Cloud AI Fix Eligible

An automatically generated fix could have helped fix failing tasks for this run, but Self-healing CI is disabled for this workspace. Visit workspace settings to enable it and get automatic fixes in future runs.

_{To disable these notifications, a workspace admin can disable them in workspace settings.}

---

View your CI Pipeline Execution ↗ for commit ce98ecf

Command	Status	Duration	Result
nx affected --targets=test:sherif,test:knip,tes...	❌ Failed	56s	View ↗
nx run-many --target=build --exclude=examples/*...	❌ Failed	13s	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-05-13 21:27:01 UTC

[github-actions]

🚀 Changeset Version Preview

2 package(s) bumped directly, 23 bumped as dependents.

🟩 Patch bumps

Package	Version	Reason
@tanstack/vue-query	5.100.10 → 5.100.11	Changeset
@tanstack/vue-query-devtools	6.1.29 → 6.1.30	Changeset
@tanstack/angular-query-experimental	5.100.10 → 5.100.11	Dependent
@tanstack/angular-query-persist-client	5.100.10 → 5.100.11	Dependent
@tanstack/eslint-plugin-query	5.100.10 → 5.100.11	Dependent
@tanstack/lit-query	0.2.1 → 0.2.2	Dependent
@tanstack/preact-query	5.100.10 → 5.100.11	Dependent
@tanstack/preact-query-devtools	5.100.10 → 5.100.11	Dependent
@tanstack/preact-query-persist-client	5.100.10 → 5.100.11	Dependent
@tanstack/query-async-storage-persister	5.100.10 → 5.100.11	Dependent
@tanstack/query-broadcast-client-experimental	5.100.10 → 5.100.11	Dependent
@tanstack/query-core	5.100.10 → 5.100.11	Dependent
@tanstack/query-devtools	5.100.10 → 5.100.11	Dependent
@tanstack/query-persist-client-core	5.100.10 → 5.100.11	Dependent
@tanstack/query-sync-storage-persister	5.100.10 → 5.100.11	Dependent
@tanstack/react-query	5.100.10 → 5.100.11	Dependent
@tanstack/react-query-devtools	5.100.10 → 5.100.11	Dependent
@tanstack/react-query-next-experimental	5.100.10 → 5.100.11	Dependent
@tanstack/react-query-persist-client	5.100.10 → 5.100.11	Dependent
@tanstack/solid-query	5.100.10 → 5.100.11	Dependent
@tanstack/solid-query-devtools	5.100.10 → 5.100.11	Dependent
@tanstack/solid-query-persist-client	5.100.10 → 5.100.11	Dependent
@tanstack/svelte-query	6.1.29 → 6.1.30	Dependent
@tanstack/svelte-query-devtools	6.1.29 → 6.1.30	Dependent
@tanstack/svelte-query-persist-client	6.1.29 → 6.1.30	Dependent

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@examples/react/react-native/package.json`:
- Around line 19-29: package.json lists Expo SDK 52 but uses incompatible
dependency versions (e.g., "react-native": "0.85.1",
"react-native-gesture-handler", "react-native-reanimated",
"react-native-screens", "react-native-safe-area-context", "react-native-web");
fix by aligning these to the Expo SDK 52 compatibility matrix—either run the
recommended command `npx expo install expo@^52.0.0 --fix` to automatically set
compatible versions or manually update the dependencies to the supported
versions (react-native -> ~0.76.6, react-native-gesture-handler -> ~2.20.0,
react-native-reanimated -> ~3.16.1, react-native-screens -> ~4.4.0,
react-native-safe-area-context -> ~4.12.0, react-native-web -> ~0.19.13), then
install and commit the updated package.json.

In `@examples/vue/2.6-basic/package.json`:
- Around line 14-15: The package.json lists "vue": "2.6.14" but
"vue-template-compiler": "2.7.16", which must match exactly; update the
"vue-template-compiler" dependency to "2.6.14" to match the runtime (or
alternatively bump both "vue" and "vue-template-compiler" to 2.7.16 together).
Locate the dependencies in package.json and set the "vue-template-compiler"
version to the same exact version string as "vue" to resolve the
incompatibility.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 933c3b88-a7ab-40f0-9361-50ce7d8cef6f

📥 Commits

Reviewing files that changed from the base of the PR and between 5b5d1db and 0130e30.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (86)

• examples/angular/auto-refetching/package.json
• examples/angular/basic-persister/package.json
• examples/angular/basic/package.json
• examples/angular/devtools-panel/package.json
• examples/angular/infinite-query-with-max-pages/package.json
• examples/angular/optimistic-updates/package.json
• examples/angular/pagination/package.json
• examples/angular/query-options-from-a-service/package.json
• examples/angular/router/package.json
• examples/angular/rxjs/package.json
• examples/angular/simple/package.json
• examples/preact/simple/package.json
• examples/react/algolia/package.json
• examples/react/basic-graphql-request/package.json
• examples/react/basic/package.json
• examples/react/chat/package.json
• examples/react/default-query-function/package.json
• examples/react/devtools-panel/package.json
• examples/react/eslint-legacy/package.json
• examples/react/eslint-plugin-demo/package.json
• examples/react/offline/package.json
• examples/react/playground/package.json
• examples/react/react-native/package.json
• examples/react/react-router/package.json
• examples/react/rick-morty/package.json
• examples/react/shadow-dom/package.json
• examples/react/simple/package.json
• examples/react/star-wars/package.json
• examples/react/suspense/package.json
• examples/solid/astro/package.json
• examples/solid/basic-graphql-request/package.json
• examples/solid/basic/package.json
• examples/solid/default-query-function/package.json
• examples/solid/offline/package.json
• examples/solid/simple/package.json
• examples/solid/solid-start-streaming/package.json
• examples/svelte/auto-refetching/package.json
• examples/svelte/basic/package.json
• examples/svelte/load-more-infinite-scroll/package.json
• examples/svelte/optimistic-updates/package.json
• examples/svelte/playground/package.json
• examples/svelte/simple/package.json
• examples/svelte/ssr/package.json
• examples/svelte/star-wars/package.json
• examples/vue/2.6-basic/package.json
• examples/vue/2.7-basic/package.json
• examples/vue/basic/package.json
• examples/vue/dependent-queries/package.json
• examples/vue/nuxt3/package.json
• examples/vue/persister/package.json
• examples/vue/simple/package.json
• integrations/angular-cli-20/package.json
• integrations/react-next-15/package.json
• integrations/react-next-16/package.json
• integrations/react-vite/package.json
• integrations/react-webpack-4/package.json
• integrations/react-webpack-5/package.json
• integrations/solid-vite/package.json
• integrations/svelte-vite/package.json
• integrations/vue-vite/package.json
• package.json
• packages/angular-query-experimental/package.json
• packages/angular-query-persist-client/package.json
• packages/eslint-plugin-query/package.json
• packages/preact-query-devtools/package.json
• packages/preact-query-persist-client/package.json
• packages/preact-query/package.json
• packages/query-async-storage-persister/package.json
• packages/query-broadcast-client-experimental/package.json
• packages/query-core/package.json
• packages/query-devtools/package.json
• packages/query-persist-client-core/package.json
• packages/query-sync-storage-persister/package.json
• packages/query-test-utils/package.json
• packages/react-query-devtools/package.json
• packages/react-query-next-experimental/package.json
• packages/react-query-persist-client/package.json
• packages/react-query/package.json
• packages/solid-query-devtools/package.json
• packages/solid-query-persist-client/package.json
• packages/solid-query/package.json
• packages/svelte-query-devtools/package.json
• packages/svelte-query-persist-client/package.json
• packages/svelte-query/package.json
• packages/vue-query-devtools/package.json
• packages/vue-query/package.json

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Check if vue-template-compiler 2.7.16 is compatible with Vue 2.6.14
# and search for any related configuration or documentation in the repo

# Search for Vue 2.6 compatibility notes or version pinning rationale
rg -i "vue.*2\.6.*2\.7|template-compiler.*2\.7" -C3

# Check if there's a specific reason for this version mismatch in comments or docs
fd -e md -e txt | xargs rg -i "vue-template-compiler.*2\.7"

Repository: TanStack/query

Length of output: 1642

---

🌐 Web query:

Is vue-template-compiler 2.7.16 compatible with Vue 2.6.14?

💡 Result:

No, vue-template-compiler 2.7.16 is not compatible with Vue 2.6.14. The versions of vue and vue-template-compiler must match exactly to avoid compilation errors and runtime issues. Official Vue documentation and multiple GitHub issues confirm that vue-template-compiler checks the Vue version and throws a "version mismatch" error if they differ, even across minor releases within the 2.x series. For example, using vue-template-compiler 2.6.11 with Vue 2.6.10 fails, and templates compiled with 2.6.14 are incompatible with Vue 2.6.12 runtime due to changes in compilation output. Vue 2.7 introduced backported features like Composition API, and its compiler (2.7.16) produces render functions expecting Vue 2.7 runtime behavior. Use vue-template-compiler 2.6.14 with Vue 2.6.14 instead.

Citations:

• 1: Update vue-template-compiler to 2.6.11 problemVue packages version mismatch vuejs/vue#10932
• 2: https://vuejs.org/v2/guide/migration-vue-2-7.html
• 3: bug: slot fallback broken in components built with 2.6.14 running in 2.6.12 vuejs/vue#12314
• 4: https://stackoverflow.com/questions/67870284/how-to-fix-vue-packages-version-mismatch-from-vue-loader
• 5: Add path to resolved vue package to vue-template-compiler's "version mismatch" error vuejs/vue#9734
• 6: vue-template-compiler 2.6.12 vue packages version mismatch when build vuejs/vue#11605

---

Update vue-template-compiler to match the Vue 2.6.14 runtime version.

The vue-template-compiler version (2.7.16) is incompatible with the pinned vue runtime version (2.6.14). Vue requires the compiler and runtime versions to match exactly. Using 2.7.16 compiler with 2.6.14 runtime will cause build or runtime errors. Change "vue-template-compiler": "2.7.16" to "vue-template-compiler": "2.6.14" (matching the vue version), or upgrade both to 2.7.16 as shown in the examples/vue/2.7-basic example.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@examples/vue/2.6-basic/package.json` around lines 14 - 15, The package.json
lists "vue": "2.6.14" but "vue-template-compiler": "2.7.16", which must match
exactly; update the "vue-template-compiler" dependency to "2.6.14" to match the
runtime (or alternatively bump both "vue" and "vue-template-compiler" to 2.7.16
together). Locate the dependencies in package.json and set the
"vue-template-compiler" version to the same exact version string as "vue" to
resolve the incompatibility.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​size-limit/​preset-small-lib@​12.1.0
	nx@​22.7.1
	@​tanstack/​typedoc-config@​0.3.3
	@​tanstack/​vite-config@​0.5.2
	@​tanstack/​eslint-config@​0.4.0
	typescript-eslint@​8.59.3
	@​angular/​cli@​20.3.26
	@​angular/​platform-browser@​20.3.21
	@​typescript-eslint/​rule-tester@​8.59.3
	@​angular/​animations@​20.3.21
	@​angular/​compiler-cli@​20.3.21
	@​angular/​forms@​20.3.21
	@​babel/​preset-env@​7.29.5
	@​angular/​build@​20.3.26
	react-native-gesture-handler@​2.31.2
	@​angular/​core@​20.3.21
	@​angular/​compiler@​20.3.21
	vitest@​4.1.6
	@​angular/​common@​20.3.21
	@​astrojs/​check@​0.9.9
	size-limit@​12.1.0
	@​arethetypeswrong/​cli@​0.18.2
	publint@​0.3.21
	goober@​2.1.19
	@​vitest/​coverage-istanbul@​4.1.6
	react-native-web@​0.21.2
	@​js-temporal/​polyfill@​0.5.1
	solid-transition-group@​0.3.0
	tailwindcss@​4.3.0
	globals@​17.6.0
	svelte@​5.55.5
	vite-plugin-dts@​4.5.4
	@​tailwindcss/​vite@​4.3.0
See 19 more rows in the dashboard

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		High CVE: Axios: Header Injection via Prototype Pollution CVE: GHSA-6chq-wfr3-2hj9 Axios: Header Injection via Prototype Pollution (HIGH) Affected versions: >= 1.0.0 < 1.15.1; < 0.31.1 Patched version: 1.15.1 From: pnpm-lock.yaml → npm/nx@22.7.1 → npm/axios@1.15.0 ℹ Read more on: This package | This alert | What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/axios@1.15.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking CVE: GHSA-pf86-5x62-jrwf Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking (HIGH) Affected versions: >= 1.0.0 < 1.15.1; < 0.31.1 Patched version: 1.15.1 From: pnpm-lock.yaml → npm/nx@22.7.1 → npm/axios@1.15.0 ℹ Read more on: This package | This alert | What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/axios@1.15.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0 CVE: GHSA-pmwg-cvhr-8vh7 Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0 (HIGH) Affected versions: >= 1.0.0 < 1.15.1; < 0.31.1 Patched version: 1.15.1 From: pnpm-lock.yaml → npm/nx@22.7.1 → npm/axios@1.15.0 ℹ Read more on: This package | This alert | What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/axios@1.15.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		High CVE: Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking CVE: GHSA-q8qp-cvcw-x6jj Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking (HIGH) Affected versions: >= 1.0.0 < 1.15.2 Patched version: 1.15.2 From: pnpm-lock.yaml → npm/nx@22.7.1 → npm/axios@1.15.0 ℹ Read more on: This package | This alert | What is a CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/axios@1.15.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm svelte is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: examples/svelte/auto-refetching/package.json → npm/svelte@5.55.5 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/svelte@5.55.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report