chore(deps): update dependency jsdom to v29

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
jsdom	^28.1.0 → ^29.1.1

---

Release Notes

jsdom/jsdom (jsdom)

v29.1.1

Compare Source

• Fixed 'border-radius' computed style serialization. (@​asamuzaK)
• Fixed computed style computation when using 'background-origin' and 'background-clip' CSS properties. (@​asamuzaK)
• Significantly optimized initial calls to getComputedStyle(), before the cache warms up. (@​asamuzaK)

v29.1.0

Compare Source

• Added basic support for the ratio CSS type. (@​asamuzaK)
• Fixed getComputedStyle() sometimes returning outdated results after CSS was modified. (@​asamuzaK)

v29.0.2

Compare Source

• Significantly improved and sped up getComputedStyle(). Computed value rules are now applied across a broader set of properties, and include fixes related to inheritance, defaulting keywords, custom properties, and color-related values such as currentcolor and system colors. (@​asamuzaK)
• Fixed CSS 'background' and 'border' shorthand parsing. (@​asamuzaK)

v29.0.1

Compare Source

• Fixed CSS parsing of 'border', 'background', and their sub-shorthands containing keywords or var(). (@​asamuzaK)
• Fixed getComputedStyle() to return a more functional CSSStyleDeclaration object, including indexed access support, which regressed in v29.0.0.

v29.0.0

Compare Source

Breaking changes:

• Node.js v22.13.0+ is now the minimum supported v22 version (was v22.12.0+).

Other changes:

• Overhauled the CSSOM implementation, replacing the @acemir/cssom and cssstyle dependencies with fresh internal implementations built on webidl2js wrappers and the css-tree parser. Serialization, parsing, and API behavior is improved in various ways, especially around edge cases.
• Added CSSCounterStyleRule and CSSNamespaceRule to jsdom Windows.
• Added cssMediaRule.matches and cssSupportsRule.matches getters.
• Added proper media query parsing in MediaList, using css-tree instead of naive comma-splitting. Invalid queries become "not all" per spec.
• Added cssKeyframeRule.keyText getter/setter validation.
• Added cssStyleRule.selectorText setter validation: invalid selectors are now rejected.
• Added styleSheet.ownerNode, styleSheet.href, and styleSheet.title.
• Added bad port blocking per the fetch specification, preventing fetches to commonly-abused ports.
• Improved Document initialization performance by lazily initializing the CSS selector engine, avoiding ~0.5 ms of overhead per Document. (@​thypon)
• Fixed a memory leak when stylesheets were removed from the document.
• Fixed CSSStyleDeclaration modifications to properly trigger custom element reactions.
• Fixed nested @media rule parsing.
• Fixed CSSStyleSheet's "disallow modification" flag not being checked in all mutation methods.
• Fixed XMLHttpRequest's response getter returning parsed JSON during the LOADING state instead of null.
• Fixed getComputedStyle() crashing in XHTML documents when stylesheets contained at-rules such as @page or @font-face.
• Fixed a potential hang in synchronous XMLHttpRequest caused by a race condition with the worker thread's idle timeout.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, only on Monday (* 0-3 * * 1)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

📝 Walkthrough

Walkthrough

The jsdom version in the pnpm workspace catalog (pnpm-workspace.yaml) is bumped from ^28.1.0 to ^29.1.1.

Changes

jsdom Dependency Bump

Layer / File(s)	Summary
jsdom catalog version update pnpm-workspace.yaml	The jsdom catalog entry is updated from ^28.1.0 to ^29.1.1.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐇 A hop, a skip, a version leap,
jsdom climbs from twenty-eight to nine,
The workspace catalog wakes from sleep,
One tiny line — a change so fine.
sniff sniff — the diff smells fresh today! 🌿

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description lacks the required sections from the template (🎯 Changes, ✅ Checklist, 🚀 Release Impact) and only contains auto-generated Renovate bot content.	Add the template sections with proper explanations of changes and complete the checklist items to indicate testing and changeset status.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: updating the jsdom dependency to v29.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/jsdom-29.x

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🚀 Changeset Version Preview

No changeset entries found. Merging this PR will not cause a version bump for any packages.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	jsdom@​29.1.1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm jsdom is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/jsdom@29.1.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/jsdom@29.1.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm jsdom is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/jsdom@29.1.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/jsdom@29.1.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 288553f

Command	Status	Duration	Result
nx affected --targets=test:sherif,test:docs,tes...	✅ Succeeded	23s	View ↗
nx run-many --target=build	✅ Succeeded	9s	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-06-19 11:17:04 UTC

[pkg-pr-new]

npm i https://pkg.pr.new/@tanstack/eslint-config@394

npm i https://pkg.pr.new/@tanstack/publish-config@394

npm i https://pkg.pr.new/@tanstack/typedoc-config@394

npm i https://pkg.pr.new/@tanstack/vite-config@394

commit: 288553f

[coderabbitai]

🧹 Nitpick comments (1)

pnpm-workspace.yaml (1)

30-30: Note major architectural changes in jsdom 29.x that may require test updates.

The CSSOM implementation was overhauled, replacing @acemir/cssom and cssstyle dependencies with fresh internal implementations. Serialization, parsing, and API behavior is improved in various ways, especially around edge cases. Added cssKeyframeRule.keyText getter/setter validation and cssStyleRule.selectorText setter validation: invalid selectors are now rejected.

If the codebase has tests that rely on CSS parsing or DOM selector functionality, they should be validated to ensure they work correctly with the new CSSOM implementation.

Would you like me to search the codebase for tests using jsdom or CSS-related functionality that may need validation after this upgrade?

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@pnpm-workspace.yaml` at line 30, The jsdom dependency has been upgraded to
version 29.1.1, which includes major CSSOM implementation changes with stricter
validation for CSS selectors and keyframe rules. Search the test files
throughout the codebase for tests that interact with CSS parsing, DOM selector
functionality, cssStyleRule.selectorText manipulation, or
cssKeyframeRule.keyText operations, and validate that these tests still pass
with the new stricter validation behavior. Any tests that set invalid selectors
or keyText values will now be rejected by the new CSSOM implementation and
should be updated to use valid CSS syntax or have their expectations adjusted
accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@pnpm-workspace.yaml`:
- Line 30: The jsdom dependency has been upgraded to version 29.1.1, which
includes major CSSOM implementation changes with stricter validation for CSS
selectors and keyframe rules. Search the test files throughout the codebase for
tests that interact with CSS parsing, DOM selector functionality,
cssStyleRule.selectorText manipulation, or cssKeyframeRule.keyText operations,
and validate that these tests still pass with the new stricter validation
behavior. Any tests that set invalid selectors or keyText values will now be
rejected by the new CSSOM implementation and should be updated to use valid CSS
syntax or have their expectations adjusted accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 0d0d3a47-04f2-4a9f-b6ec-ad961ed1f5eb

📥 Commits

Reviewing files that changed from the base of the PR and between 0d2c9e9 and 288553f.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• pnpm-workspace.yaml