chore(deps): update definitelytyped

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@types/chai (source)	4.3.6 → 4.3.20
@types/chai-arrays (source)	2.0.1 → 2.0.3
@types/chai-as-promised (source)	7.1.6 → 7.1.8
@types/cors (source)	2.8.12 → 2.8.19
@types/debug (source)	4.1.7 → 4.1.12
@types/dedent (source)	0.7.0 → 0.7.2
@​types/del	4.0.0 → 4.0.3
@types/format-util (source)	1.0.2 → 1.0.4
@​types/glob	5.0.37 → 5.0.38
@types/json2csv (source)	5.0.3 → 5.0.7
@types/loadable__component (source)	5.13.4 → 5.13.10
@types/lodash (source)	4.14.181 → 4.17.21
@types/node (source)	18.19.31 → 18.19.130
@types/node (source)	22.15.31 → 22.19.3
@types/node-fetch (source)	2.6.12 → 2.6.13
@types/pdfkit (source)	^0.11.0 → ^0.17.0
@types/promisify-node (source)	0.4.0 → 0.4.3
@types/react-dom (source)	16.9.14 → 16.9.25
@​types/react-json-tree	^0.6.8 → ^0.13.0
@types/react-redux (source)	7.1.23 → 7.1.34
@types/react-virtualized (source)	9.21.20 → 9.22.3
@types/redux-logger (source)	3.0.9 → 3.0.13
@types/sinon (source)	10.0.15 → 10.0.20
@types/stack-trace (source)	0.0.29 → 0.0.33
@types/strip-comments (source)	2.0.1 → 2.0.4
@types/svg-to-pdfkit (source)	0.1.0 → 0.1.3
@types/tcp-port-used (source)	1.0.1 → 1.0.4
@types/temp (source)	^0.8.32 → ^0.9.0
@types/tmp (source)	0.2.3 → 0.2.6
@types/url-parse (source)	1.4.8 → 1.4.11
@types/vscode (source)	1.88.0 → 1.107.0
@types/vscode-notebook-renderer (source)	1.60.0 → 1.72.4

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

Summary by CodeRabbit

• Chores
  • Updated several development type-definition packages to newer versions for improved type coverage and compatibility during development and testing.
  • No changes to public/exported API signatures; runtime behavior and public interfaces remain unchanged.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

Bumps dev-only TypeScript declaration versions in package.json: @types/pdfkit ^0.11.0 → ^0.17.0, @types/react-json-tree ^0.6.8 → ^0.13.0, @types/stack-trace 0.0.29 → 0.0.33, and @types/temp ^0.8.32 → ^0.9.0. Changes are limited to devDependencies; no source code, runtime behavior, or exported/public API signatures were modified.

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating DefinitelyTyped packages in devDependencies.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9811516 and 13cad35.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: copilot-setup-steps

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

⚠️ JUnit XML file not found

The CLI was unable to find any JUnit XML files to upload.
For more help, visit our troubleshooting guide.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 136521d and c44d7c3.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 324357d and b43aa9e.

⛔ Files ignored due to path filters (1)

• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🧰 Additional context used

🪛 GitHub Actions: CI

package.json

[error] 1-1: Command failed with exit code 1: npm ci --prefer-offline --no-audit

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 658b854 and 2b76688.

⛔ Files ignored due to path filters (1)

• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🔇 Additional comments (1)

package.json (1)

2276-2276: Clarify @types/temp vs runtime tmp package.

Line 2276 references @types/temp@^0.9.0, but the runtime dependency is tmp@^0.2.4 (line 2218). Verify these refer to the same package or clarify the intent.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between f86d239 and ce9bd10.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🔇 Additional comments (2)

package.json (2)

2590-2590: No active codebase usage detected for react-json-tree

Searches found no imports or component usage in the codebase. If this package is only a transitive dependency or not actively used, the version bump poses no compatibility risk. Verify manually that this dependency serves a purpose and check the DefinitelyTyped changelog if direct usage exists.

---

2586-2586: @types/pdfkit mismatch: types v0.17.0 but pdfkit runtime is v0.13.0

pdfkit is used in src/webviews/extension-side/plotting/plotViewer.node.ts (lines 71–81). The types version (0.17.0) is ahead of the runtime (0.13.0)—types should be backward compatible, but verify the types work correctly with the runtime version and that the basic pdfkit constructor and SVGtoPDF integration have no issues.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 6e2b641 and 81e1715.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9e35723 and b3d3f13.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between b3d3f13 and 36dc8cd.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 739f08b and d886ba0.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d886ba0 and d4a1aad.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d4a1aad and c5e8e5e.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 641fd54 and e504c33.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between da125aa and d4833ff.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1bc22db and 95d3541.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 0f18ad5 and 6baaf92.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 1903285 and 9b16e5b.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🔇 Additional comments (3)

package.json (3)

2625-2625: Remove orphaned @types/temp: runtime temp package not present.

The runtime temp package is not listed in dependencies. Having @types/temp ^0.9.0 without the runtime package suggests unused type definitions—either remove the type definition or confirm the package is a transitive dependency.

Likely an incorrect or invalid review comment.

---

2614-2614: Remove orphaned @types/react-json-tree dependency.

The base package react-json-tree is not installed, and @types/react-json-tree is unused throughout the codebase. Delete this dead dependency from package.json.

---

2610-2610: No action needed. pdfkit is not used in the codebase—the version bump for @types/pdfkit has no impact.

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

package.json (1)

2621-2621: Version mismatch already flagged.

Types at 0.0.33 vs runtime stack-trace at 0.0.10 (line 2560) already noted in past reviews.

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9b16e5b and cb5168f.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

🔇 Additional comments (1)

package.json (1)

2610-2610: No pdfkit usage detected in the codebase, making the type/runtime version mismatch a non-issue. If pdfkit is unused, consider removing the dependency and its types rather than fixing version alignment.

Likely an incorrect or invalid review comment.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (3)

package.json (3)

2614-2614: Remove deprecated @types/react-json-tree.

This package remains deprecated. The upstream library provides its own types, and there's no react-json-tree runtime dependency.

---

2621-2621: Version mismatch persists.

@types/stack-trace at 0.0.33 but runtime stack-trace (line 2560) remains at 0.0.10.

---

2625-2625: Wrong types package.

@types/temp is for the "temp" package, but this codebase uses "tmp" (line 2565). Use only @types/tmp (line 2626).

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cb5168f and 3525cae.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 21a47d1 and 2e06df3.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify pdfkit runtime version and check if types should match
echo "=== Runtime pdfkit version ==="
rg '"pdfkit"' package.json -A1 -B1

echo ""
echo "=== Type definitions version ==="
rg '"@types/pdfkit"' package.json -A1 -B1

Repository: deepnote/vscode-deepnote

Length of output: 346

---

Align @types/pdfkit with runtime pdfkit version.

@types/pdfkit (^0.17.0) is ahead of runtime pdfkit (^0.13.0) and may reference unavailable APIs.

🤖 Prompt for AI Agents

In package.json around line 2610, the devDependency "@types/pdfkit": "^0.17.0"
is newer than the runtime "pdfkit" (^0.13.0) and may reference APIs that don't
exist at runtime; change the @types/pdfkit version to match the runtime (pin it
to a 0.13.x range compatible with pdfkit ^0.13.0, e.g. "^0.13.0" or the exact
0.13 version available), then run your package manager to install updated deps
and run the test/build to confirm no type/runtime mismatches.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Previously flagged as deprecated—upstream provides own types.

Past review noted package-lock.json deprecation: "react-json-tree provides its own type definitions." Consider removing this devDependency.

🤖 Prompt for AI Agents

In package.json around line 2614, the devDependency "@types/react-json-tree" is
redundant because react-json-tree ships its own types; remove the
"@types/react-json-tree" entry from devDependencies, run npm install (or yarn
install) to update package-lock.json (or yarn.lock), and then run the TypeScript
build/typecheck to ensure no type errors; if any references remain, remove or
update them accordingly.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify stack-trace runtime version
echo "=== Runtime stack-trace version ==="
rg '"stack-trace"' package.json -C2

echo ""
echo "=== Type definitions version ==="
rg '"@types/stack-trace"' package.json -C2

Repository: deepnote/vscode-deepnote

Length of output: 511

---

@types/stack-trace (0.0.33) version ahead of runtime stack-trace (0.0.10).

Type definitions are for a newer version than what's installed at runtime, which may cause type errors if the APIs differ between these versions.

🤖 Prompt for AI Agents

In package.json around line 2621, the @types/stack-trace dependency is at 0.0.33
while the runtime stack-trace package is 0.0.10; update package.json so the
versions match (either set "@types/stack-trace" to "0.0.10" or upgrade the
runtime "stack-trace" to 0.0.33), then run your package manager install to
update lockfiles and re-run TypeScript type-checks (and tests) to ensure no API
mismatches remain.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Search for temp vs tmp usage
echo "=== Searching for 'temp' imports ==="
rg "from ['\"]temp['\"]|require\(['\"]temp['\"]" --type ts --type js -C2

echo ""
echo "=== Searching for 'tmp' imports ==="
rg "from ['\"]tmp['\"]|require\(['\"]tmp['\"]" --type ts --type js -C2

echo ""
echo "=== Package.json dependencies ==="
rg '"temp"|"tmp"' package.json -C1

Repository: deepnote/vscode-deepnote

Length of output: 1837

---

Remove unused @types/temp dependency.

Codebase imports only tmp package (found in 4 files), never temp. The @types/temp entry at line 2625 is unused; @types/tmp at line 2626 is the correct type definition to keep.

🤖 Prompt for AI Agents

In package.json around line 2625, the dependency entry "@types/temp": "^0.9.0"
is unused and should be removed; keep the correct "@types/tmp" entry. Edit
package.json to delete the "@types/temp" line and run npm/yarn install (or
update lockfile) to ensure the dependency is removed from lock files.