Skip to content

chore(deps-dev): bump the dev-dependencies group across 1 directory with 5 updates#9

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bun/dev-dependencies-4f6cd2e6ee
Open

chore(deps-dev): bump the dev-dependencies group across 1 directory with 5 updates#9
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/bun/dev-dependencies-4f6cd2e6ee

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor

Bumps the dev-dependencies group with 5 updates in the / directory:

Package From To
@biomejs/biome 2.4.9 2.5.3
@types/node 25.5.0 26.1.1
lefthook 2.1.4 2.1.10
typescript 6.0.2 7.0.2
vitest 4.1.1 4.1.10

Updates @biomejs/biome from 2.4.9 to 2.5.3

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.3

2.5.3

Patch Changes

  • #10815 86613d5 Thanks @​WaterWhisperer! - Fixed a parser panic reported in #10708: Biome now recovers when unsupported CSS Modules @value rules or scoped @keyframes names end at EOF.

  • #10534 da9b403 Thanks @​Mokto! - Fixed noUnusedVariables false positives in Svelte files: Svelte store subscriptions ($store references in templates now keep the underlying store binding from being flagged), and $bindable() props that are only written to in the script block (write-only is intentional for bindable props) are no longer reported as unused.

  • #10827 098ba41 Thanks @​Aqu1bp! - Fixed #10698: The noUnsafeOptionalChaining rule now reports unsafe optional chains wrapped in TypeScript as, satisfies, type assertion, and instantiation expressions, such as new (value?.constructor as Constructor)().

  • #10773 3c6513d Thanks @​otkrickey! - Fixed #10772: useVueValidVOn no longer reports a missing handler for v-on directives using a verb modifier (.stop / .prevent) without an expression, e.g. <div @click.stop></div>. The rule also accepts the arg-less object syntax <div v-on="$listeners"></div> instead of reporting a missing event name.

  • #10721 d83c66b Thanks @​minseong0324! - Improved type-aware lint rule inference for built-in globals and indexed function calls. Biome now resolves Error(...), new Error(...), optional Error#stack, and calls through indexed function values such as handlers[0](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/0) more accurately.

  • #10865 6450276 Thanks @​ematipico! - Fixed #10845. Biome Language Server no longer goes in deadlock when the scanner is enabled.

  • #10853 93d8e53 Thanks @​Netail! - Fixed #10840: Astro shorthand attribute syntax is now correctly being parsed from embedded nodes.

  • #10820 bba3092 Thanks @​JamBalaya56562! - Fixed #10619: noProcessEnv now also reports computed (bracket) member access. Previously only dot access was checked, so process["env"] and env["NODE_ENV"] (where env is imported from node:process) were missed. Both static and computed accesses are now reported.

  • #10835 3447b2f Thanks @​dyc3! - Fixed #10824: useDomQuerySelector now supports an ignore option for receiver identifiers that should not be reported.

  • #10875 b12e486 Thanks @​dyc3! - Fixed #10795: --profile-rules now reports timings for each plugin separately as plugin/<pluginName>, matching the naming used by plugin suppressions, instead of aggregating all plugins under a single plugin/plugin entry.

  • #10877 d6bc447 Thanks @​ematipico! - Fixed biome-zed#164: Biome no longer inserts stray whitespace when format-on-type runs after closing delimiters such as ), ], and }.

  • #10867 a21463e Thanks @​dyc3! - Fixed #10864: Biome no longer crashes when checking or linting HTML files with unquoted attribute values such as <textarea rows=4></textarea>.

What's Changed

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.3

Patch Changes

  • #10815 86613d5 Thanks @​WaterWhisperer! - Fixed a parser panic reported in #10708: Biome now recovers when unsupported CSS Modules @value rules or scoped @keyframes names end at EOF.

  • #10534 da9b403 Thanks @​Mokto! - Fixed noUnusedVariables false positives in Svelte files: Svelte store subscriptions ($store references in templates now keep the underlying store binding from being flagged), and $bindable() props that are only written to in the script block (write-only is intentional for bindable props) are no longer reported as unused.

  • #10827 098ba41 Thanks @​Aqu1bp! - Fixed #10698: The noUnsafeOptionalChaining rule now reports unsafe optional chains wrapped in TypeScript as, satisfies, type assertion, and instantiation expressions, such as new (value?.constructor as Constructor)().

  • #10773 3c6513d Thanks @​otkrickey! - Fixed #10772: useVueValidVOn no longer reports a missing handler for v-on directives using a verb modifier (.stop / .prevent) without an expression, e.g. <div @click.stop></div>. The rule also accepts the arg-less object syntax <div v-on="$listeners"></div> instead of reporting a missing event name.

  • #10721 d83c66b Thanks @​minseong0324! - Improved type-aware lint rule inference for built-in globals and indexed function calls. Biome now resolves Error(...), new Error(...), optional Error#stack, and calls through indexed function values such as handlers[0](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/0) more accurately.

  • #10865 6450276 Thanks @​ematipico! - Fixed #10845. Biome Language Server no longer goes in deadlock when the scanner is enabled.

  • #10853 93d8e53 Thanks @​Netail! - Fixed #10840: Astro shorthand attribute syntax is now correctly being parsed from embedded nodes.

  • #10820 bba3092 Thanks @​JamBalaya56562! - Fixed #10619: noProcessEnv now also reports computed (bracket) member access. Previously only dot access was checked, so process["env"] and env["NODE_ENV"] (where env is imported from node:process) were missed. Both static and computed accesses are now reported.

  • #10835 3447b2f Thanks @​dyc3! - Fixed #10824: useDomQuerySelector now supports an ignore option for receiver identifiers that should not be reported.

  • #10875 b12e486 Thanks @​dyc3! - Fixed #10795: --profile-rules now reports timings for each plugin separately as plugin/<pluginName>, matching the naming used by plugin suppressions, instead of aggregating all plugins under a single plugin/plugin entry.

  • #10877 d6bc447 Thanks @​ematipico! - Fixed biome-zed#164: Biome no longer inserts stray whitespace when format-on-type runs after closing delimiters such as ), ], and }.

  • #10867 a21463e Thanks @​dyc3! - Fixed #10864: Biome no longer crashes when checking or linting HTML files with unquoted attribute values such as <textarea rows=4></textarea>.

2.5.2

Patch Changes

  • #10595 f458028 Thanks @​pkallos! - Added the option ignoreBooleanCoercion to useNullishCoalescing. When enabled, Biome ignores || and ||= used inside a Boolean() call, where coalescing on falsy values is intentional.

  • #10798 4a32b63 Thanks @​pkallos! - Added the option ignorePrimitives to useNullishCoalescing. When enabled, Biome ignores ||, ||=, and ternary expressions whose non-nullish operands are all primitives the option opts out of. Use true to ignore all primitives, or an object selecting string, number, boolean, or bigint.

  • #10545 f3d4c00 Thanks @​Mokto! - Added the new nursery rule noSvelteUnnecessaryStateWrap, which reports unnecessary $state() wrapping of classes from svelte/reactivity that are already reactive.

    <script>
    import { SvelteMap } from "svelte/reactivity";
    const map = $state(new SvelteMap()); // redundant
    </script>
  • #10752 f62fb8b Thanks @​ematipico! - Fixed #10739. Now the rule useValidAutocomplete correctly flags the autoComplete attribute.

  • #10796 f1b3ab2 Thanks @​ematipico! - Fixed #10768. Improved the performance of the Biome Language Server by cancelling certain in-flight operations when there are fast updates.

  • #10719 aa649b5 Thanks @​minseong0324! - Fixed noMisleadingReturnType false positive on returns that use a widening type assertion: "a" as string is no longer reported as misleading. The rule now also reports a literal-pinning assertion such as false as false, matching the existing as const behavior.

... (truncated)

Commits

Updates @types/node from 25.5.0 to 26.1.1

Commits

Updates lefthook from 2.1.4 to 2.1.10

Release notes

Sourced from lefthook's releases.

v2.1.10

Changelog

  • c0a32e900407bf3e2e97c99a7dd2e3f2864ba13a deps: July 2026 (#1463)
  • 0b87ca6dc643dab804a1aad59c24003ef147c11a deps: June 2026 (#1447)
  • afce7244cf02abaf996ebe87bb557a725e46993e deps: migrate shellescape to al.essio.dev/pkg/shellescape (#1443)
  • fbb61b369b57a17469bd6997d1624608ce977f61 feat: AI coding agents integration (#1448)
  • cbfb4a5db29b46ac8bf399665cd9ada81022b848 fix: make test suite stable when NO_COLOR is set (#1449)

v2.1.9

Changelog

  • 1d35cbabe1ebaf2a5ed4d2186caa0402de6448e2 chore: add pretty gradient (#1432)
  • 22be6c50e1412c748f3c6b60e9c61cd056dc693b deps: May 2026 (#1415)
  • 1bae568f03dfb88af9185031fa44e9fee285e917 fix: update hooks path after resetting (#1431)

v2.1.8

Changelog

  • 488a5f99a5a496e5837f757f8ce3e6c6d1415792 fix: do not warn if local hooks path is equal to default hooks path (#1421)

v2.1.7

Changelog

  • f415a9d3fce1d4f6af62622cf96c72e04ecf7bd3 chore: go mod tidy
  • cf4ab9ea4580f5aeb0d4b61d4dd169533e5bb0c9 fix: always restore unstaged changes (#1416)
  • 4c0e000d6fe9f35f42efefb9263b0b4cb5dfbd49 fix: apply stage_fixed only if it is safe (#1418)
  • 76aa843ef5ceb6970f61cd2ff28d16dd2ec82272 fix: linter, sacrifice optimization for readability
  • 9d53c36ed9a26d3bf66e341a9650a0ecac9b6a37 fix: separate fallback push branch from pathspecs (#1396)
  • 22c9f773cf93b59005bd244c5b00caab2947a755 fix: try to always restore unstaged changes (#1417)
  • 37d83986d8e6d6bf6792f57e22e7cbb1a9e28064 fix: use contrast colors (#1420)
  • eb1064d0b8c6248627960bea1abf6891db5a21b1 refactor: add new logger without a global state (#1385)

v2.1.6

Changelog

  • bf73ea2f1ea5468c9af7a6f06b5ef8cd43e66040 fix(packaging): do not pipe stdout and stderr (#1382)
  • 04da00697cd8a6241023c1962feb720eeaa62698 fix(windows): normalize lefthook path for sh script (#1383)
  • de9597a1bf456d2cf0fbcb8816858b6e5cf6b609 fix: log full scoped name for skipped jobs (#1291)
  • eb3e70dbbd2442200ec8ff2140a3ee9daa7d9e70 fix: normalize root to always include trailing slash before path replacement (#1381)
  • f90f3f570ef9227ddf345a79cec687dac41a5d31 fix: skip pty allocation when stdout is not a terminal (#1393)

v2.1.5

Changelog

  • afac466157f88b5a5f9d03eb28acc90b095a4b5d chore(golangci-lint): upgrade to 2.11.4 (#1362)
  • f8e73b947e2eefd6950d6a19c20bbde19070809d chore: fix golangci-lint version lookup
  • 4564da343b1497f73f8a82f6104e1b5903f8a081 chore: move golangci-lint version to .tool-versions (#1349)
  • 236a5bd07c650aaa882963d68ab5e5e654a47681 chore: small cleanup (#1370)
  • 5ddf2206dd23e826c5434392e034fa7db523cd3d deps: April 2026 (#1375)
  • e26c719f5a85e8ff35871e9724649714d6f05c13 fix: git repository merge issue (#1372)
  • 3503a3b102c2b41c298e1e7dc6549181508518a6 fix: prevent lefthook run from overwriting global hooks (#1371)
  • f3fc175f6c638fd54ab49b8d7c060898f936c934 fix: use pre-push stdin for push file detection (#1368)
Changelog

Sourced from lefthook's changelog.

2.1.10 (2026-07-08)

2.1.9 (2026-05-29)

2.1.8 (2026-05-19)

  • fix: do not warn if local hooks path is equal to default hooks path (#1421) by @​mrexox

2.1.7 (2026-05-19)

2.1.6 (2026-04-16)

2.1.5 (2026-04-06)

Commits

Updates typescript from 6.0.2 to 7.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

Downloads are available on:

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for typescript since your current version.


Updates vitest from 4.1.1 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub

v4.1.9

🐞 Bug Fixes

View changes on GitHub

v4.1.8

   🐞 Bug Fixes

    View changes on GitHub

v4.1.7

   🐞 Bug Fixes

    View changes on GitHub

v4.1.6

   🐞 Bug Fixes

   🏎 Performance

    View changes on GitHub

... (truncated)

Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • a7a61e7 chore: release v4.1.9 (#10598)
  • 934b0f5 fix(pool): prevent test run hang on worker crash (#10543) [backport to v4] (#...
  • 7fb2965 fix(browser): wait for orchestrator readiness before resolving browser sessio...
  • a518019 fix: fix importOriginal with optimizer and query import [backport to v4] (#...
  • e61f2dd chore: release v4.1.8
  • e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
  • a09d472 chore: release v4.1.7
  • a8fd24c chore: release v4.1.6
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 7, 2026
…ith 5 updates

Bumps the dev-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.4.9` | `2.5.3` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.0` | `26.1.1` |
| [lefthook](https://github.com/evilmartians/lefthook) | `2.1.4` | `2.1.10` |
| [typescript](https://github.com/microsoft/TypeScript) | `6.0.2` | `7.0.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.1` | `4.1.10` |



Updates `@biomejs/biome` from 2.4.9 to 2.5.3
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.5.3/packages/@biomejs/biome)

Updates `@types/node` from 25.5.0 to 26.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `lefthook` from 2.1.4 to 2.1.10
- [Release notes](https://github.com/evilmartians/lefthook/releases)
- [Changelog](https://github.com/evilmartians/lefthook/blob/master/CHANGELOG.md)
- [Commits](evilmartians/lefthook@v2.1.4...v2.1.10)

Updates `typescript` from 6.0.2 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

Updates `vitest` from 4.1.1 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.5.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@types/node"
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: dev-dependencies
- dependency-name: lefthook
  dependency-version: 2.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: typescript
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: vitest
  dependency-version: 4.1.9
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps-dev): bump the dev-dependencies group with 5 updates chore(deps-dev): bump the dev-dependencies group across 1 directory with 5 updates Jul 12, 2026
@dependabot dependabot Bot force-pushed the dependabot/bun/dev-dependencies-4f6cd2e6ee branch from 332d6ec to 7bb5ece Compare July 12, 2026 07:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants