build: update all non-major dependencies (main)

[angular-robot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@modelcontextprotocol/sdk (source)	1.28.0 → 1.29.0
@rollup/wasm-node (source)	4.60.0 → 4.60.1
@typescript-eslint/eslint-plugin (source)	8.57.2 → 8.58.0
@typescript-eslint/parser (source)	8.57.2 → 8.58.0
algoliasearch (source)	5.50.0 → 5.50.1
rolldown (source)	1.0.0-rc.12 → 1.0.0-rc.13
rollup (source)	4.60.0 → 4.60.1
undici (source)	7.24.6 → 7.24.7

---

• If you want to rebase/retry this PR, check this box

---

Release Notes

modelcontextprotocol/typescript-sdk (@​modelcontextprotocol/sdk)

v1.29.0

Compare Source

What's Changed

• fix: treat v1.x as primary branch for npm latest tag (backport #​1577) by @​felixweinberger in #​1749
• [v1.x] fix: disallow null (infinite) requested TTL by @​LucaButBoring in #​1339
• [v1.x] fix: add missing size field to ResourceSchema by @​olaservo in #​1575
• Add typings exports by @​tdraier in #​1623
• v1.x npm audit fix by @​KKonstantinov in #​1780
• v1.x #​1623 follow up -add missing types to package.json by @​KKonstantinov in #​1773
• [v1.x backport] Allow servers / clients to advertise extensions in the capability object by @​localden in #​1811
• fix(stdio): always set windowsHide on Windows, not just in Electron by @​jnMetaCode in #​1640
• chore: bump version to 1.29.0 by @​felixweinberger in #​1820

New Contributors

• @​tdraier made their first contribution in #​1623
• @​jnMetaCode made their first contribution in #​1640

Full Changelog: modelcontextprotocol/typescript-sdk@v1.28.0...v1.29.0

rollup/rollup (@​rollup/wasm-node)

v4.60.1

Compare Source

2026-03-30

Bug Fixes

• Resolve a situation where side effect imports could be dropped due to a caching issue (#​6286)

Pull Requests

• #​6286: fix: skip dropping side-effects on namespaceReexportsByName cache hit (#​6274) (@​littlegrayss, @​TrickyPi)
• #​6317: chore(deps): pin dependencies (@​renovate[bot], @​lukastaegert)
• #​6318: chore(deps): update msys2/setup-msys2 digest to cafece8 (@​renovate[bot], @​lukastaegert)
• #​6319: chore(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #​6320: chore(deps): pin dependency typescript to v5 (@​renovate[bot], @​lukastaegert)
• #​6321: chore(deps): update openharmony-rs/setup-ohos-sdk action to v1 (@​renovate[bot], @​lukastaegert)
• #​6322: fix(deps): update swc monorepo (major) (@​renovate[bot], @​lukastaegert)
• #​6323: chore(deps): lock file maintenance (@​renovate[bot])
• #​6324: chore(deps): lock file maintenance (@​renovate[bot], @​lukastaegert)

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v8.58.0

Compare Source

🚀 Features

• support TypeScript 6 (#​12124)

🩹 Fixes

• eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#​12161)
• eslint-plugin: [no-extraneous-class] handle index signatures (#​12142)
• eslint-plugin: crash in no-unnecessary-type-arguments (#​12163)

❤️ Thank You

• ej shafran @​ej-shafran
• Evyatar Daud @​StyleShit
• GG ZIBLAKING
• milkboy2564 @​SeolJaeHyeok
• teee32 @​teee32

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v8.58.0

Compare Source

🚀 Features

• support TypeScript 6 (#​12124)

❤️ Thank You

• Evyatar Daud @​StyleShit

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

algolia/algoliasearch-client-javascript (algoliasearch)

v5.50.1

Compare Source

• dc02ad1023 chore(deps): dependencies 2026-03-30 (#​6169) by @​algolia-bot
• 748a90222a chore(javascript): correct export paths in package.mustache for consistency (#​5740) by @​Fluf22

rolldown/rolldown (rolldown)

v1.0.0-rc.13

Compare Source

🚀 Features

• add friendly error for unloadable virtual modules (#​8955) by @​sapphi-red
• better error message for unsupported CSS error (#​8911) by @​sapphi-red

🐛 Bug Fixes

• prevent chunk merging from leaking entry side effects (#​8979) by @​IWANABETHATGUY
• correct inlining based on module's def format and esModule flag (#​8975) by @​h-a-n-a
• generate init calls for excluded re-exports in strict execution order (#​8858) by @​IWANABETHATGUY
• consistent order for meta.chunks in renderChunk hook (#​8956) by @​sapphi-red
• subpath imports in glob imports failing to find files (#​8885) by @​kalvenschraut
• browser: bundle binding types in dts output (#​8930) by @​nyan-left
• ci: guard artifact download step in vite-test-ubuntu when build is skipped (#​8934) by @​Copilot
• track CJS re-export import records to fix inline const and tree-shaking (#​8925) by @​h-a-n-a
• use ImportKind::Import for common-chunk root computation (#​8899) by @​IWANABETHATGUY
• watch: clear emitted_filenames between rebuilds (#​8914) by @​IWANABETHATGUY
• ci: cache esbuild snapshots to avoid 429 rate limiting (#​8921) by @​IWANABETHATGUY
• always check circular deps in chunk optimizer (#​8915) by @​IWANABETHATGUY
• don't mark calls to reassigned bindings as pure (#​8917) by @​IWANABETHATGUY
• magic-string: throw TypeError for non-string content args (#​8905) by @​IWANABETHATGUY
• magic-string: add split-point validation and overwrite/update options (#​8904) by @​IWANABETHATGUY

🚜 Refactor

• pre-compute has_side_effects on ChunkCandidate (#​8981) by @​IWANABETHATGUY
• cleanup and simplify in dynamic_import.rs (#​8927) by @​ulrichstark
• rename came_from_cjs to came_from_commonjs for consistency (#​8938) by @​IWANABETHATGUY
• inline create_ecma_view return destructuring and remove redundant binding (#​8932) by @​shulaoda

📚 Documentation

• document ensure_lazy_module_initialization_order in code-splitting design doc (#​8931) by @​IWANABETHATGUY

🧪 Testing

• add regression test for runtime helper circular dependency (#​8958) by @​h-a-n-a
• enable 8 previously-skipped MagicString remove tests (#​8945) by @​IWANABETHATGUY
• add test for why PureAnnotation is needed in execution order check (#​8933) by @​IWANABETHATGUY

⚙️ Miscellaneous Tasks

• add @emnapi/runtime and @emnapi/core as direct deps of @rolldown/browser (#​8978) by @​Copilot
• deps: update dependency vite-plus to v0.1.15 (#​8970) by @​renovate[bot]
• deps: update dependency oxfmt to ^0.43.0 (#​8969) by @​renovate[bot]
• deps: upgrade oxc to 0.123.0 (#​8967) by @​shulaoda
• justfile: deduplicate update-submodule as alias of setup-submodule (#​8968) by @​shulaoda
• deps: update rollup submodule for tests to v4.60.1 (#​8965) by @​sapphi-red
• deps: update test262 submodule for tests (#​8966) by @​sapphi-red
• remove unused type-check scripts (#​8957) by @​sapphi-red
• deps: update actions/cache action to v5 (#​8953) by @​renovate[bot]
• deps: update npm packages to v6 (major) (#​8954) by @​renovate[bot]
• deps: update npm packages (#​8948) by @​renovate[bot]
• deps: update rust crates (#​8949) by @​renovate[bot]
• deps: update github-actions (#​8947) by @​renovate[bot]
• deps: update napi (#​8943) by @​renovate[bot]
• deps: update dependency rolldown-plugin-dts to ^0.23.0 (#​8944) by @​renovate[bot]
• regenerate testing snapshots (#​8928) by @​ulrichstark
• deps: update dependency rust to v1.94.1 (#​8923) by @​renovate[bot]

❤️ New Contributors

• @​kalvenschraut made their first contribution in #​8885
• @​nyan-left made their first contribution in #​8930

nodejs/undici (undici)

v7.24.7

Compare Source

What's Changed

• docs: update broken links in file "Dispatcher.md" by @​samuel871211 in #​4924
• doc: remove unused parameter redirectionLimitReached by @​samuel871211 in #​4933
• test: skip flaky macOS Node 20 cookie fetch cases by @​mcollina in #​4932
• fix(types): align Response with DOM fetch types by @​theamodhshetty in #​4867
• fix(types): Fix clone method type declaration to be an instance method rather than instance property by @​mistval in #​4925
• test: skip IPv6 tests when IPv6 is not available by @​mcollina in #​4939
• fix: correctly handle multi-value rawHeaders in fetch by @​mcollina in #​4938
• ignore AGENTS.md by @​mcollina in #​4942

New Contributors

• @​samuel871211 made their first contribution in #​4924
• @​mistval made their first contribution in #​4925

Full Changelog: nodejs/undici@v7.24.6...v7.24.7

[gemini-code-assist]

Code Review

This pull request updates several dependencies, including @modelcontextprotocol/sdk, rollup, and various @typescript-eslint packages. The review highlights that despite the version bumps in package.json, the pnpm-lock.yaml file still contains references to older versions of @typescript-eslint and rollup for certain packages within the monorepo. It is recommended to fully synchronize these versions across the entire dependency graph to ensure consistency and avoid potential build issues.

[gemini-code-assist]

The pnpm-lock.yaml file indicates that version 8.57.2 of several @typescript-eslint packages (such as @typescript-eslint/types) is still being retained in the dependency graph alongside the new 8.58.0 version. To avoid dependency duplication and ensure consistent linting behavior across the monorepo, it is recommended to synchronize these versions. Note that updating to 8.58.0 is particularly important here as it expands the supported TypeScript peer dependency range to <6.1.0, which correctly accommodates the 6.0.2 version currently specified in the lockfile (which was technically a violation of the 8.57.2 constraint of <6.0.0).

[gemini-code-assist]

While rollup is updated to 4.60.1 in the root, the lockfile shows that 4.60.0 is still present and used by other packages in the workspace (e.g., @rollup/plugin-json and various @rollup/rollup-* platform-specific packages still have entries tied to 4.60.0). Since 4.60.1 contains a fix for a caching issue where side-effect imports could be incorrectly dropped, it is recommended to update all instances of rollup across the monorepo to ensure build correctness and consistency.