chore(deps): update dependency @sanity/pkg-utils to v10

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@sanity/pkg-utils (source)	^6.13.4 → ^10.4.4

---

Release Notes

sanity-io/pkg-utils (@​sanity/pkg-utils)

v10.4.4

Compare Source

Patch Changes

• #​2563 c39a359 Thanks @​renovate! - fix(deps): Update dependency @​babel/core to ^7.29.0

v10.4.3

Compare Source

Patch Changes

• 6ee4fc6 Thanks @​stipsan! - fix(deps): Update dependency rollup to ^4.57.1

v10.4.2

Compare Source

Patch Changes

• #​2546 2b3c6f8 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-rc.2

• #​2547 033a811 Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.21.8

• #​2549 574c6b0 Thanks @​renovate! - fix(deps): Update dependency @​microsoft/api-extractor to ^7.56.0

v10.4.1

Compare Source

Patch Changes

• #​2548 ebfe640 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.57.0

v10.4.0

Compare Source

Minor Changes

• #​2538 a7bd216 Thanks @​copilot-swe-agent! - Auto-enable styled-components compiler when detected as peer dependency. If styled-components is in peerDependencies and babel-plugin-styled-components is in devDependencies, the babel plugin is automatically enabled without requiring explicit configuration. Users can disable this behavior by setting babel: { styledComponents: false } in package.config.ts.

Patch Changes

• #​2543 02423ba Thanks @​renovate! - fix(deps): Update dependency @​microsoft/api-extractor to ^7.55.5

• #​2544 1c06f32 Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.21.7

v10.3.5

Compare Source

Patch Changes

• #​2533 518d45a Thanks @​stipsan! - Remove dependency on recast

v10.3.4

Compare Source

Patch Changes

• #​2510 6981ea0 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.56.0

• #​2511 847ae7d Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-rc.1

• #​2521 3277895 Thanks @​renovate! - fix(deps): Update dependency zod to ^4.3.6

• #​2522 26fa84f Thanks @​renovate! - fix(deps): Update dependency lightningcss to ^1.31.1

• #​2523 b083a6a Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.21.6

• Updated dependencies [8652e7e, 3277895]:

  • @​sanity/parse-package-json@​2.1.3

v10.3.3

Compare Source

Patch Changes

• #​2488 b6905ce Thanks @​renovate! - fix(deps): Update babel monorepo to ^7.28.6

• #​2489 31ce38d Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.21.2

• #​2492 6f91a08 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.60

• Updated dependencies [d722c3c]:

  • @​sanity/parse-package-json@​2.1.2

v10.3.2

Compare Source

Patch Changes

• Updated dependencies [b5b113f]:
  • @​sanity/parse-package-json@​2.1.1

v10.3.1

Compare Source

Patch Changes

• #​2469 90e412e Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.59

v10.3.0

Compare Source

Minor Changes

• #​2465 d05d1b9 Thanks @​copilot-swe-agent! - Add support for monorepo export condition alongside development and source conditions

Patch Changes

• #​2459 9c8fad8 Thanks @​renovate! - fix(deps): Update dependency zod to ^4.3.5

• #​2462 af5d36a Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.55.1

• Updated dependencies [9c8fad8, d05d1b9]:

  • @​sanity/parse-package-json@​2.1.0

v10.2.6

Compare Source

Patch Changes

• #​2449 65a803f Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.58

• #​2451 5537cfc Thanks @​renovate! - fix(deps): Update dependency zod to ^4.3.4

• Updated dependencies [5537cfc]:

  • @​sanity/parse-package-json@​2.0.5

v10.2.5

Compare Source

Patch Changes

• #​2440 f50f6f1 Thanks @​stipsan! - Update LICENSE year to 2026

• Updated dependencies [f50f6f1]:

  • @​sanity/parse-package-json@​2.0.4

v10.2.4

Compare Source

Patch Changes

• #​2428 770dfca Thanks @​renovate! - fix(deps): Update dependency @​vanilla-extract/rollup-plugin to ^1.5.1

• #​2429 2f5af52 Thanks @​renovate! - fix(deps): Update dependency esbuild to ^0.27.2

• #​2433 0edb5b6 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.57

• #​2437 920895f Thanks @​renovate! - fix(deps): Update dependency globby to ^16.1.0

• #​2438 d8118d5 Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.20.0

• #​2439 5c5ca25 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.54.0

• Updated dependencies [405355c]:

  • @​sanity/parse-package-json@​2.0.3

v10.2.3

Compare Source

Patch Changes

• #​2421 e595321 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.53.5

• #​2422 0963ad2 Thanks @​renovate! - fix(deps): Update dependency zod to ^4.2.1

• Updated dependencies [0963ad2]:

  • @​sanity/parse-package-json@​2.0.2

v10.2.2

Compare Source

Patch Changes

• #​2413 d8678ee Thanks @​renovate! - fix(deps): Update dependency zod to ^4.2.0

• #​2417 1b349c8 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.53.4

• Updated dependencies [9dd0d4d, d8678ee]:

  • @​sanity/parse-package-json@​2.0.1

v10.2.1

Compare Source

Patch Changes

• #​2399 2a44a46 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.54

• #​2403 cc3f98d Thanks @​copilot-swe-agent! - Fix noCheck warning when extract.checkTypes is false

v10.2.0

Compare Source

Minor Changes

• #​2385 b3858a0 Thanks @​copilot-swe-agent! - Add stricter publishConfig.exports validation to ensure values match exports

• #​2395 fbe8c6e Thanks @​copilot-swe-agent! - Add extract.checkTypes option to control type checking during dts generation. When set to false, it has the same effect as setting "noCheck": true in tsconfig.json.

Patch Changes

• Updated dependencies [b3858a0]:
  • @​sanity/parse-package-json@​2.0.0

v10.1.3

Compare Source

Patch Changes

• #​2358 4b3a3d5 Thanks @​renovate! - fix(deps): Update dependency @​microsoft/api-extractor to ^7.55.2

• Updated dependencies [7b12b38, 1521aab, e99bfd1]:

  • @​sanity/parse-package-json@​1.1.0

v10.1.2

Compare Source

Patch Changes

• #​2342 c03aaa8 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.53

• #​2343 37be18c Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.18.3

• #​2350 3c219a3 Thanks @​renovate! - fix(deps): Update dependency esbuild to ^0.27.1

• #​2355 8b61293 Thanks @​renovate! - fix(deps): Update dependency browserslist to ^4.28.1

• Updated dependencies [82b99cd]:

  • @​sanity/parse-package-json@​1.0.1

v10.1.1

Patch Changes

• #​2314 bd387a2 Thanks @​renovate! - fix(deps): Update dependency tsx to ^4.21.0

• Updated dependencies []:

  • @​sanity/parse-package-json@​1.0.0

v10.1.0

Minor Changes

• #​2337 04f3675 Thanks @​stipsan! - Replace package-up with empathic/package

Patch Changes

• Updated dependencies [04f3675]:
  • @​sanity/parse-package-json@​1.0.0

v10.0.0

Major Changes

• #​2329 c5b81e7 Thanks @​stipsan! - The tsconfig presets have moved to a new package, pnpm install --save-dev @​sanity/tsconfig and update your imports in tsconfig.json files:

  • @sanity/pkg-utils/tsconfig/recommended.json -> @sanity/tsconfig/recommended

    {
    -  "extends": "@​sanity/pkg-utils/tsconfig/recommended.json"
    +  "extends": "@​sanity/tsconfig/recommended"
    }

  • @sanity/pkg-utils/tsconfig/strict.json -> @sanity/tsconfig/strict

    {
    -  "extends": "@​sanity/pkg-utils/tsconfig/strict.json"
    +  "extends": "@​sanity/tsconfig/strict"
    }

  • @sanity/pkg-utils/tsconfig/strictest.json -> @sanity/tsconfig/strictest

    {
    -  "extends": "@​sanity/pkg-utils/tsconfig/strictest.json"
    +  "extends": "@​sanity/tsconfig/strictest"
    }

  • @sanity/pkg-utils/tsconfig/isolated-declarations.json -> @sanity/tsconfig/isolated-declarations

    {
    -  "extends": ["@​sanity/pkg-utils/tsconfig/strictest.json", "@​sanity/pkg-utils/tsconfig/isolated-declarations.json"]
    +  "extends": ["@​sanity/tsconfig/strictest", "@​sanity/tsconfig/isolated-declarations"]
    }

• #​2332 c99d52f Thanks @​stipsan! - Removed internal exports:

  import {
    build,
    check,
    createLogger,
    getExtractMessagesConfig,
    init,
    loadPkg,
    loadPkgWithReporting,
    parseExports,
    parseStrictOptions,
    watch,
  } from '@​sanity/pkg-utils'

• #​2331 ae7b51c Thanks @​stipsan! - Removed noPackageJsonMain and noPackageJsonModule rules

v9.2.3

Compare Source

Patch Changes

• #​2322 b8f42f3 Thanks @​stipsan! - Update LICENSE year

v9.2.2

Compare Source

Patch Changes

• #​2315 f68c680 Thanks @​renovate! - fix(deps): Update dependency @​optimize-lodash/rollup-plugin to v6

v9.2.1

Compare Source

Patch Changes

• #​2262 b0eaeb1 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.52

• #​2269 26a6fe7 Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.18.1

• #​2300 715b9e6 Thanks @​renovate! - fix(deps): Update dependency @​vanilla-extract/rollup-plugin to ^1.5.0

• #​2307 d2b026b Thanks @​renovate! - fix(deps): Update dependency chokidar to v5

• #​2313 09f46f8 Thanks @​renovate! - fix(deps): Update dependency @​optimize-lodash/rollup-plugin to ^5.1.0

v9.2.0

Compare Source

Minor Changes

• #​2297 b09c849 Thanks @​copilot-swe-agent! - Add explicit tsgo config option to override implicit detection

v9.1.5

Compare Source

Patch Changes

• #​2287 16661ce Thanks @​renovate! - fix(deps): Update dependency zod to ^4.1.13

• #​2290 216c466 Thanks @​renovate! - fix(deps): Update dependency @​vanilla-extract/rollup-plugin to ^1.4.3

v9.1.4

Compare Source

Patch Changes

• #​2277 da5e965 Thanks @​renovate! - fix(deps): Update dependency @​microsoft/api-extractor to ^7.55.1

v9.1.3

Compare Source

Patch Changes

• #​2263 692ff21 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.53.3

• #​2271 80f2dca Thanks @​stipsan! - fix(deps): upgrade rolldown to beta.51

v9.1.2

Compare Source

Patch Changes

• #​2247 7baf376 Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.17.8

v9.1.1

Compare Source

Patch Changes

• #​2233 152b799 Thanks @​renovate! - fix(deps): Update dependency globby to v16

• #​2238 36f609c Thanks @​stipsan! - Fixes a regression introduced by #​2175 leading to a max call stack size exceeded error when running pkg-utils watch

v9.1.0

Compare Source

Minor Changes

• #​2202 207f489 Thanks @​copilot-swe-agent! - feat: Add configurable strict checks for legacy package.json fields

  Added new strict options to warn about deprecated package.json fields that are no longer needed with modern Node.js and bundlers:

  • noPackageJsonMain - Warns when main field is present (use exports instead)
  • noPackageJsonModule - Warns when module field is present (use exports instead)
  • noPackageJsonBrowser - Warns when browser field is present (use browser condition in exports)
  • noPackageJsonTypesVersions - Warns when typesVersions field is present (TypeScript supports types condition in exports)
  • preferModuleType - Warns when type field is missing or set to commonjs (future versions will require "type": "module")

  All new checks default to warn level and are configurable via strictOptions in package.config.ts.

  BREAKING CHANGES:

  • Removed alwaysPackageJsonMain strict option (conflicted with the new noPackageJsonMain option)
  • The top-level types field is still required for npm package listings to show TypeScript support

• #​2221 107c8a6 Thanks @​stipsan! - Update @microsoft/api-extractor to ^7.55.0 and @microsoft/tsdoc-config to ^0.18.0

Patch Changes

• #​2216 e5c2ef8 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.50

• #​2217 a61103a Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.17.7

• #​2223 e01b6ca Thanks @​renovate! - fix(deps): Update dependency @​vanilla-extract/rollup-plugin to ^1.4.2

v9.0.9

Compare Source

Patch Changes

• #​2206 a038f78 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.49

v9.0.8

Compare Source

Patch Changes

• #​2200 972795f Thanks @​renovate! - fix(deps): Update dependency esbuild to ^0.27.0

• #​2207 8bf7c18 Thanks @​renovate! - fix(deps): Update dependency rolldown-plugin-dts to v0.17.5

• #​2209 dcd254c Thanks @​renovate! - fix(deps): Update dependency browserslist to ^4.28.0

v9.0.6

Compare Source

Patch Changes

• #​2180 75b4d92 Thanks @​renovate! - fix(deps): Update dependency rollup to ^4.53.2

• #​2184 ad075d3 Thanks @​renovate! - fix(deps): Update dependency rolldown to v1.0.0-beta.47

v9.0.5

Compare Source

Patch Changes

• #​2175 35db628 Thanks @​copilot-swe-agent! - Fix issues uncovered by type-aware linting with oxlint

v9.0.4

Compare Source

Bug Fixes

• deps: Update dependency @​microsoft/api-extractor to ^7.54.0 (#​2161) (b0bbbc1)
• deps: Update dependency zod-validation-error to v5 (#​2157) (fd43704)
• deps: use consistent ^ ranges on deps (31a2658)

v9.0.3

Compare Source

Bug Fixes

• deps: Update dependency rolldown to v1.0.0-beta.46 (#​2155) (db4e618)

v9.0.2

Compare Source

Bug Fixes

• deps: Update dependency esbuild to ^0.25.12 (#​2136) (0160862)

v9.0.1

Compare Source

Bug Fixes

• regression in #​2138 (#​2148) (4430a2d)

v9.0.0

Compare Source

⚠ BREAKING CHANGES

• resolve package.config.ts as ESM when supported. This means that if the package.json has "type": "commonjs" then the package.config.ts can no longer use import/export keywords. If you're unable to start using "type": "module" you'll either have to rename to package.config.mts, or use require/module.exports instead.

Bug Fixes

• deps: Update dependency @​rollup/plugin-alias to v6 (#​2132) (34a3786)

Code Refactoring

• resolve package.config.ts as ESM when supported. This means that if the package.json has "type": "commonjs" then the package.config.ts can no longer use import/export keywords. If you're unable to start using "type": "module" you'll either have to rename to package.config.mts, or use require/module.exports instead. (2c65e63)

v8.1.29

Compare Source

Bug Fixes

• deps: Update dependency @​rollup/plugin-commonjs to v29 (#​2133) (2b3bc4f)
• deps: Update dependency @​rollup/plugin-replace to ^6.0.3 (#​2128) (eab05db)
• deps: Update dependency rimraf to ^6.1.0 (#​2131) (a098c3b)
• deps: Update dependency rolldown-plugin-dts to v0.17.3 (#​2129) (3cbabcb)

v8.1.28

Compare Source

Bug Fixes

• deps: Update dependency rolldown to v1.0.0-beta.45 (#​2119) (a155063)
• deps: Update dependency rolldown-plugin-dts to v0.17.2 (#​2120) (3346ac6)

v8.1.27

Compare Source

Bug Fixes

• deps: Update dependency @​microsoft/api-extractor to v7.53.3 (#​2111) (c5387eb)
• deps: Update dependency @​rollup/plugin-commonjs to ^28.0.9 (#​2112) (7207534)
• deps: Update dependency rolldown-plugin-dts to v0.17.1 (#​2113) (a54a40d)

v8.1.26

Compare Source

Bug Fixes

• deps: Update babel monorepo to ^7.28.5 (#​2105) (b9d977f)
• deps: Update dependency @​microsoft/api-extractor to v7.53.2 (#​2098) (3d226ca)
• deps: Update dependency browserslist to ^4.27.0 (#​2099) (7f8f07b)
• deps: Update dependency rolldown-plugin-dts to v0.17.0 (#​2106) (0c0f07e)

v8.1.25

Compare Source

Bug Fixes

• deps: Update dependency rolldown to v1.0.0-beta.44 (#​2082) (55337d8)

v8.1.24

Compare Source

Bug Fixes

• deps: Update dependency rolldown-plugin-dts to v0.16.12 (#​2075) (f02ce99)
• deps: Update dependency rollup to ^4.52.5 (#​2077) (9d2b27d)

v8.1.23

Compare Source

Bug Fixes

• deps: Update dependency esbuild to ^0.25.11 (#​2067) (4c8f649)

v8.1.22

Compare Source

Bug Fixes

• deps: Update dependency rolldown to v1.0.0-beta.43 (#​2056) (3142582)
• deps: Update rollup packages (#​2057) (3958f8d)

v8.1.21

Compare Source

Bug Fixes

• deps: Update dependency @​rollup/plugin-node-resolve to ^16.0.2 (#​2041) (1eba687)
• deps: Update dependency rolldown to v1.0.0-beta.42 (#​2044) (e041976)

v8.1.20

Compare Source

Bug Fixes

• add minimumReleaseAge 3 days policy (f71fa0c)

v8.1.19

Compare Source

Bug Fixes

• deps: Update dependency @​microsoft/api-extractor to v7.53.1 (#​2032) (0aea23d)
• deps: Update dependency browserslist to ^4.26.3 (#​2022) (906a774)
• deps: Update dependency globby to v15 (#​2033) (e7c5079)
• deps: Update dependency lightningcss to ^1.30.2 (#​2023) (465c377)
• deps: Update dependency rolldown to v1.0.0-beta.43 (#​2024) (9145af1)
• deps: Update dependency rolldown-plugin-dts to v0.16.11 (#​2013) (e4f3789)
• deps: Update dependency zod to v4.1.12 (#​2025) (e488724)

v8.1.17

Compare Source

Bug Fixes

• deps: Update dependency rolldown to v1.0.0-beta.40 (#​1998) ([5a632e

---

Configuration

📅 Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate using a curated preset maintained by . View repository job log here

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​prettier@​3.7.4 ⏵ 3.8.1			+1
	npm/​@​sanity/​pkg-utils@​6.13.4 ⏵ 10.4.4	+2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		License policy violation: npm typescript License: LicenseRef-W3C-Community-Final-Specification-Agreement - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) From: ? → npm/@sanity/pkg-utils@10.4.4 → npm/typescript@5.8.2 ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@5.8.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report