chore(deps): update definitelytyped

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@types/chai (source)	4.3.6 -> 4.3.20
@types/chai-arrays (source)	2.0.1 -> 2.0.3
@types/chai-as-promised (source)	7.1.6 -> 7.1.8
@types/cors (source)	2.8.12 -> 2.8.19
@types/debug (source)	4.1.7 -> 4.1.12
@types/dedent (source)	0.7.0 -> 0.7.2
@​types/del	4.0.0 -> 4.0.3
@types/format-util (source)	1.0.2 -> 1.0.4
@​types/glob	5.0.37 -> 5.0.38
@types/json2csv (source)	5.0.3 -> 5.0.7
@types/loadable__component (source)	5.13.4 -> 5.13.10
@types/lodash (source)	4.14.181 -> 4.17.20
@types/node (source)	18.19.31 -> 18.19.130
@types/node (source)	22.15.31 -> 22.19.0
@types/node-fetch (source)	2.6.12 -> 2.6.13
@types/pdfkit (source)	^0.11.0 -> ^0.17.0
@types/promisify-node (source)	0.4.0 -> 0.4.3
@types/react-dom (source)	16.9.14 -> 16.9.25
@​types/react-json-tree	^0.6.8 -> ^0.13.0
@types/react-redux (source)	7.1.23 -> 7.1.34
@types/react-virtualized (source)	9.21.20 -> 9.22.3
@types/redux-logger (source)	3.0.9 -> 3.0.13
@types/sinon (source)	10.0.15 -> 10.0.20
@types/stack-trace (source)	0.0.29 -> 0.0.33
@types/strip-comments (source)	2.0.1 -> 2.0.4
@types/svg-to-pdfkit (source)	0.1.0 -> 0.1.3
@types/tcp-port-used (source)	1.0.1 -> 1.0.4
@types/temp (source)	^0.8.32 -> ^0.9.0
@types/tmp (source)	0.2.3 -> 0.2.6
@types/url-parse (source)	1.4.8 -> 1.4.11
@types/vscode (source)	1.88.0 -> 1.105.0
@types/vscode-notebook-renderer (source)	1.60.0 -> 1.72.4

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

📝 Walkthrough

Walkthrough

Bumps TypeScript declaration package versions in package.json: @types/pdfkit ^0.11.0 → ^0.17.0, @types/react-json-tree ^0.6.8 → ^0.13.0, @types/stack-trace 0.0.29 → 0.0.33, and @types/temp ^0.8.32 → ^0.9.0. Changes are confined to devDependencies. No source code, runtime behavior, or public API/exported-signature changes are included.

Suggested reviewers

• saltenasl
• jamesbhobbs
• andyjakubowski
• Artmann

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore(deps): update definitelytyped' clearly and concisely summarizes the main change: updating DefinitelyTyped type declaration packages.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

⚠️ JUnit XML file not found

The CLI was unable to find any JUnit XML files to upload.
For more help, visit our troubleshooting guide.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 136521d and c44d7c3.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 324357d and b43aa9e.

⛔ Files ignored due to path filters (1)

• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🧰 Additional context used

🪛 GitHub Actions: CI

package.json

[error] 1-1: Command failed with exit code 1: npm ci --prefer-offline --no-audit

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 658b854 and 2b76688.

⛔ Files ignored due to path filters (1)

• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🔇 Additional comments (1)

package.json (1)

2276-2276: Clarify @types/temp vs runtime tmp package.

Line 2276 references @types/temp@^0.9.0, but the runtime dependency is tmp@^0.2.4 (line 2218). Verify these refer to the same package or clarify the intent.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between f86d239 and ce9bd10.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🔇 Additional comments (2)

package.json (2)

2590-2590: No active codebase usage detected for react-json-tree

Searches found no imports or component usage in the codebase. If this package is only a transitive dependency or not actively used, the version bump poses no compatibility risk. Verify manually that this dependency serves a purpose and check the DefinitelyTyped changelog if direct usage exists.

---

2586-2586: @types/pdfkit mismatch: types v0.17.0 but pdfkit runtime is v0.13.0

pdfkit is used in src/webviews/extension-side/plotting/plotViewer.node.ts (lines 71–81). The types version (0.17.0) is ahead of the runtime (0.13.0)—types should be backward compatible, but verify the types work correctly with the runtime version and that the basic pdfkit constructor and SVGtoPDF integration have no issues.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 6e2b641 and 81e1715.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 9e35723 and b3d3f13.

⛔ Files ignored due to path filters (2)

• package-lock.json is excluded by !**/package-lock.json
• src/test/vscode-notebook-perf/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

⚠️ Lockfile regeneration required—blocking CI.

Package.json specifies four updated @types packages but package-lock.json is absent from this PR or remains out of sync. This will cause npm ci to fail. Run npm install --package-lock-only locally, verify all four packages appear in the lockfile with matching versions, then commit the updated package-lock.json.

Also applies to: 2590-2590, 2597-2597, 2601-2601

---

🏁 Script executed:

#!/bin/bash
# Verify package-lock.json sync after regeneration
if [ -f package-lock.json ]; then
  echo "=== Checking package-lock.json for four updated @types ==="
  jq '.packages[] | select(.name | test("@types/(pdfkit|react-json-tree|stack-trace|temp)")) | "\(.name): \(.version)"' package-lock.json 2>/dev/null | sort
  
  echo ""
  echo "=== Corresponding devDependencies in package.json ==="
  jq '.devDependencies | to_entries[] | select(.key | test("@types/(pdfkit|react-json-tree|stack-trace|temp)")) | "\(.key): \(.value)"' package.json 2>/dev/null | sort
  
  echo ""
  echo "=== Testing npm ci would pass ==="
  npm ci --dry-run 2>&1 | head -20 || echo "npm ci check failed"
else
  echo "package-lock.json not found in repository"
fi

Length of output: 1070

---

Lockfile out of sync—package-lock.json missing four @types entries.

The four updated @types packages (pdfkit, react-json-tree, stack-trace, temp) appear in package.json but not in package-lock.json. Regenerate the lockfile by running npm install --package-lock-only and commit the updated package-lock.json.

🤖 Prompt for AI Agents

In package.json around line 2586, four updated @types entries (@types/pdfkit,
@types/react-json-tree, @types/stack-trace, @types/temp) were added to
package.json but not reflected in package-lock.json; run npm install
--package-lock-only at the repo root to regenerate the lockfile so those entries
are included, verify package-lock.json changes, and commit the updated
package-lock.json to the branch.