Skip to content

chore(deps-dev): bump the development-dependencies group across 1 directory with 13 updates#12

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/development-dependencies-9f78248e3c
Open

chore(deps-dev): bump the development-dependencies group across 1 directory with 13 updates#12
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/development-dependencies-9f78248e3c

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the development-dependencies group with 11 updates in the / directory:

Package From To
@biomejs/biome 2.4.15 2.5.3
@commitlint/cli 21.0.1 21.2.1
@types/node 25.8.0 26.1.1
@vitest/coverage-v8 4.1.6 4.1.10
concurrently 9.2.1 10.0.3
lefthook 2.1.6 2.1.10
ls-engines 0.10.0 0.10.1
npm-package-json-lint 10.4.0 10.4.1
sort-package-json 3.6.1 4.0.0
tsdown 0.22.0 0.22.6
typescript 6.0.3 7.0.2

Updates @biomejs/biome from 2.4.15 to 2.5.3

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.3

2.5.3

Patch Changes

  • #10815 86613d5 Thanks @​WaterWhisperer! - Fixed a parser panic reported in #10708: Biome now recovers when unsupported CSS Modules @value rules or scoped @keyframes names end at EOF.

  • #10534 da9b403 Thanks @​Mokto! - Fixed noUnusedVariables false positives in Svelte files: Svelte store subscriptions ($store references in templates now keep the underlying store binding from being flagged), and $bindable() props that are only written to in the script block (write-only is intentional for bindable props) are no longer reported as unused.

  • #10827 098ba41 Thanks @​Aqu1bp! - Fixed #10698: The noUnsafeOptionalChaining rule now reports unsafe optional chains wrapped in TypeScript as, satisfies, type assertion, and instantiation expressions, such as new (value?.constructor as Constructor)().

  • #10773 3c6513d Thanks @​otkrickey! - Fixed #10772: useVueValidVOn no longer reports a missing handler for v-on directives using a verb modifier (.stop / .prevent) without an expression, e.g. <div @click.stop></div>. The rule also accepts the arg-less object syntax <div v-on="$listeners"></div> instead of reporting a missing event name.

  • #10721 d83c66b Thanks @​minseong0324! - Improved type-aware lint rule inference for built-in globals and indexed function calls. Biome now resolves Error(...), new Error(...), optional Error#stack, and calls through indexed function values such as handlers[0](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/0) more accurately.

  • #10865 6450276 Thanks @​ematipico! - Fixed #10845. Biome Language Server no longer goes in deadlock when the scanner is enabled.

  • #10853 93d8e53 Thanks @​Netail! - Fixed #10840: Astro shorthand attribute syntax is now correctly being parsed from embedded nodes.

  • #10820 bba3092 Thanks @​JamBalaya56562! - Fixed #10619: noProcessEnv now also reports computed (bracket) member access. Previously only dot access was checked, so process["env"] and env["NODE_ENV"] (where env is imported from node:process) were missed. Both static and computed accesses are now reported.

  • #10835 3447b2f Thanks @​dyc3! - Fixed #10824: useDomQuerySelector now supports an ignore option for receiver identifiers that should not be reported.

  • #10875 b12e486 Thanks @​dyc3! - Fixed #10795: --profile-rules now reports timings for each plugin separately as plugin/<pluginName>, matching the naming used by plugin suppressions, instead of aggregating all plugins under a single plugin/plugin entry.

  • #10877 d6bc447 Thanks @​ematipico! - Fixed biome-zed#164: Biome no longer inserts stray whitespace when format-on-type runs after closing delimiters such as ), ], and }.

  • #10867 a21463e Thanks @​dyc3! - Fixed #10864: Biome no longer crashes when checking or linting HTML files with unquoted attribute values such as <textarea rows=4></textarea>.

What's Changed

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.3

Patch Changes

  • #10815 86613d5 Thanks @​WaterWhisperer! - Fixed a parser panic reported in #10708: Biome now recovers when unsupported CSS Modules @value rules or scoped @keyframes names end at EOF.

  • #10534 da9b403 Thanks @​Mokto! - Fixed noUnusedVariables false positives in Svelte files: Svelte store subscriptions ($store references in templates now keep the underlying store binding from being flagged), and $bindable() props that are only written to in the script block (write-only is intentional for bindable props) are no longer reported as unused.

  • #10827 098ba41 Thanks @​Aqu1bp! - Fixed #10698: The noUnsafeOptionalChaining rule now reports unsafe optional chains wrapped in TypeScript as, satisfies, type assertion, and instantiation expressions, such as new (value?.constructor as Constructor)().

  • #10773 3c6513d Thanks @​otkrickey! - Fixed #10772: useVueValidVOn no longer reports a missing handler for v-on directives using a verb modifier (.stop / .prevent) without an expression, e.g. <div @click.stop></div>. The rule also accepts the arg-less object syntax <div v-on="$listeners"></div> instead of reporting a missing event name.

  • #10721 d83c66b Thanks @​minseong0324! - Improved type-aware lint rule inference for built-in globals and indexed function calls. Biome now resolves Error(...), new Error(...), optional Error#stack, and calls through indexed function values such as handlers[0](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/0) more accurately.

  • #10865 6450276 Thanks @​ematipico! - Fixed #10845. Biome Language Server no longer goes in deadlock when the scanner is enabled.

  • #10853 93d8e53 Thanks @​Netail! - Fixed #10840: Astro shorthand attribute syntax is now correctly being parsed from embedded nodes.

  • #10820 bba3092 Thanks @​JamBalaya56562! - Fixed #10619: noProcessEnv now also reports computed (bracket) member access. Previously only dot access was checked, so process["env"] and env["NODE_ENV"] (where env is imported from node:process) were missed. Both static and computed accesses are now reported.

  • #10835 3447b2f Thanks @​dyc3! - Fixed #10824: useDomQuerySelector now supports an ignore option for receiver identifiers that should not be reported.

  • #10875 b12e486 Thanks @​dyc3! - Fixed #10795: --profile-rules now reports timings for each plugin separately as plugin/<pluginName>, matching the naming used by plugin suppressions, instead of aggregating all plugins under a single plugin/plugin entry.

  • #10877 d6bc447 Thanks @​ematipico! - Fixed biome-zed#164: Biome no longer inserts stray whitespace when format-on-type runs after closing delimiters such as ), ], and }.

  • #10867 a21463e Thanks @​dyc3! - Fixed #10864: Biome no longer crashes when checking or linting HTML files with unquoted attribute values such as <textarea rows=4></textarea>.

2.5.2

Patch Changes

  • #10595 f458028 Thanks @​pkallos! - Added the option ignoreBooleanCoercion to useNullishCoalescing. When enabled, Biome ignores || and ||= used inside a Boolean() call, where coalescing on falsy values is intentional.

  • #10798 4a32b63 Thanks @​pkallos! - Added the option ignorePrimitives to useNullishCoalescing. When enabled, Biome ignores ||, ||=, and ternary expressions whose non-nullish operands are all primitives the option opts out of. Use true to ignore all primitives, or an object selecting string, number, boolean, or bigint.

  • #10545 f3d4c00 Thanks @​Mokto! - Added the new nursery rule noSvelteUnnecessaryStateWrap, which reports unnecessary $state() wrapping of classes from svelte/reactivity that are already reactive.

    <script>
    import { SvelteMap } from "svelte/reactivity";
    const map = $state(new SvelteMap()); // redundant
    </script>
  • #10752 f62fb8b Thanks @​ematipico! - Fixed #10739. Now the rule useValidAutocomplete correctly flags the autoComplete attribute.

  • #10796 f1b3ab2 Thanks @​ematipico! - Fixed #10768. Improved the performance of the Biome Language Server by cancelling certain in-flight operations when there are fast updates.

  • #10719 aa649b5 Thanks @​minseong0324! - Fixed noMisleadingReturnType false positive on returns that use a widening type assertion: "a" as string is no longer reported as misleading. The rule now also reports a literal-pinning assertion such as false as false, matching the existing as const behavior.

... (truncated)

Commits

Updates @commitlint/cli from 21.0.1 to 21.2.1

Release notes

Sourced from @​commitlint/cli's releases.

v21.2.1

21.2.0 (2026-06-30)

Features

  • resolve-extends: resolve pure-ESM presets (conventional-changelog v7/v9/v10) (#4859) (fdb566f)

Chore, doc, etc.

New Contributors

Full Changelog: conventional-changelog/commitlint@v21.2.0...v21.2.1

v21.2.0

21.2.0 (2026-06-30)

Features

Chore

Full Changelog: conventional-changelog/commitlint@v21.1.0...v21.2.0

v21.1.0

21.1.0 (2026-06-23)

Bug Fixes

... (truncated)

Changelog

Sourced from @​commitlint/cli's changelog.

21.2.1 (2026-07-08)

Note: Version bump only for package @​commitlint/cli

21.2.0 (2026-06-30)

Features

  • resolve-extends: resolve pure-ESM presets (conventional-changelog v7/v9/v10) (#4859) (fdb566f)

21.1.0 (2026-06-23)

Features

  • cli: add --default-config flag to lint without a config file (#4805) (7af27ba), closes #3662

21.0.2 (2026-05-29)

Bug Fixes

  • disallow same commit hash for --from and --to (#4773) (121005e)
Commits

Updates @commitlint/config-conventional from 21.0.1 to 21.2.0

Release notes

Sourced from @​commitlint/config-conventional's releases.

v21.2.0

21.2.0 (2026-06-30)

Features

Chore

Full Changelog: conventional-changelog/commitlint@v21.1.0...v21.2.0

v21.1.0

21.1.0 (2026-06-23)

Bug Fixes

Features

Docs, chore, etc.

New Contributors

Full Changelog: conventional-changelog/commitlint@v21.0.2...v21.1.0

v21.0.2

... (truncated)

Changelog

Sourced from @​commitlint/config-conventional's changelog.

21.2.0 (2026-06-30)

Features

  • resolve-extends: resolve pure-ESM presets (conventional-changelog v7/v9/v10) (#4859) (fdb566f)

21.1.0 (2026-06-23)

Note: Version bump only for package @​commitlint/config-conventional

21.0.2 (2026-05-29)

Note: Version bump only for package @​commitlint/config-conventional

Commits

Updates @types/node from 25.8.0 to 26.1.1

Commits

Updates @vitest/coverage-v8 from 4.1.6 to 4.1.10

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub

v4.1.9

🐞 Bug Fixes

View changes on GitHub

v4.1.8

   🐞 Bug Fixes

    View changes on GitHub

v4.1.7

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates concurrently from 9.2.1 to 10.0.3

Release notes

Sourced from concurrently's releases.

v10.0.3

Republish of https://github.com/open-cli-tools/concurrently/releases/tag/v10.0.1 with Trusted Publishing enabled (see #595)

Full Changelog: open-cli-tools/concurrently@v10.0.2...v10.0.3

v10.0.2

Test version to restore Trusted Publishing. Not published to npm.

v10.0.1

  • Ensure FlowController type is exported - #594

Full Changelog: open-cli-tools/concurrently@v10.0.0...v10.0.1

v10.0.0

💥 Breaking Changes

  • Dropped support for Node.js <22.0.0. Older Node.js version have reached end-of-life, and certain features require new-ish JS APIs.
  • concurrently is now ESM-only. It's now possible to require(esm). See here for interoperability.
  • Prefix colors now default to automatic - #581 The colors used to default to reset (which does nothing). Concurrently now automatically selects a color, out of the box. The list of colors used is not jarring nor carries semantic meaning, and reads well in both dark and light terminal backgrounds.
  • Removed deprecated flags and options
    • CLI flag --name-separator: use commas instead.
    • API option killOthers: use killOthersOn instead.

✨ New Features

  • Support applying modifiers to hex prefix colors (e.g. #ff0000.bold) - #450
  • Support chalk's color functions in prefixes (e.g. rgb(), hex(), bgRgb(), etc) - #578
  • Set prefix background color via bg#RRGGBB - #578
  • Allow shell override via --shell CLI flag/shell API option - #288, #589, #556 concurrently distinguishes between cmd.exe, powershell, and POSIX-based shells.
  • Manual prefix coloring in templates e.g. [{color}{name}{/color}] - #583, #587

🐛 Bug fixes

  • Scope quote normalization to CLI input - #582, #585 It should now also be possible to run commands like "/some/command" foo bar"
  • Don't throw when color doesn't exist - #580

🔐 Security

Other changes

  • Warn about running on Snap - #584

New Contributors

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for concurrently since your current version.


Updates lefthook from 2.1.6 to 2.1.10

Release notes

Sourced from lefthook's releases.

v2.1.10

Changelog

  • c0a32e900407bf3e2e97c99a7dd2e3f2864ba13a deps: July 2026 (#1463)
  • 0b87ca6dc643dab804a1aad59c24003ef147c11a deps: June 2026 (#1447)
  • afce7244cf02abaf996ebe87bb557a725e46993e deps: migrate shellescape to al.essio.dev/pkg/shellescape (#1443)
  • fbb61b369b57a17469bd6997d1624608ce977f61 feat: AI coding agents integration (#1448)
  • cbfb4a5db29b46ac8bf399665cd9ada81022b848 fix: make test suite stable when NO_COLOR is set (#1449)

v2.1.9

Changelog

  • 1d35cbabe1ebaf2a5ed4d2186caa0402de6448e2 chore: add pretty gradient (#1432)
  • 22be6c50e1412c748f3c6b60e9c61cd056dc693b deps: May 2026 (#1415)
  • 1bae568f03dfb88af9185031fa44e9fee285e917 fix: update hooks path after resetting (#1431)

v2.1.8

Changelog

  • 488a5f99a5a496e5837f757f8ce3e6c6d1415792 fix: do not warn if local hooks path is equal to default hooks path (#1421)

v2.1.7

Changelog

  • f415a9d3fce1d4f6af62622cf96c72e04ecf7bd3 chore: go mod tidy
  • cf4ab9ea4580f5aeb0d4b61d4dd169533e5bb0c9 fix: always restore unstaged changes (#1416)
  • 4c0e000d6fe9f35f42efefb9263b0b4cb5dfbd49 fix: apply stage_fixed only if it is safe (#1418)
  • 76aa843ef5ceb6970f61cd2ff28d16dd2ec82272 fix: linter, sacrifice optimization for readability
  • 9d53c36ed9a26d3bf66e341a9650a0ecac9b6a37 fix: separate fallback push branch from pathspecs (#1396)
  • 22c9f773cf93b59005bd244c5b00caab2947a755 fix: try to always restore unstaged changes (#1417)
  • 37d83986d8e6d6bf6792f57e22e7cbb1a9e28064 fix: use contrast colors (#1420)
  • eb1064d0b8c6248627960bea1abf6891db5a21b1 refactor: add new logger without a global state (#1385)
Changelog

Sourced from lefthook's changelog.

2.1.10 (2026-07-08)

2.1.9 (2026-05-29)

2.1.8 (2026-05-19)

  • fix: do not warn if local hooks path is equal to default hooks path (#1421) by @​mrexox

2.1.7 (2026-05-19)

Commits

Updates ls-engines from 0.10.0 to 0.10.1

Changelog

Sourced from ls-engines's changelog.

v0.10.1 - 2026-06-19

Commits

…ectory with 13 updates

Bumps the development-dependencies group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.4.15` | `2.5.3` |
| [@commitlint/cli](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/cli) | `21.0.1` | `21.2.1` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.8.0` | `26.1.1` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `4.1.6` | `4.1.10` |
| [concurrently](https://github.com/open-cli-tools/concurrently) | `9.2.1` | `10.0.3` |
| [lefthook](https://github.com/evilmartians/lefthook) | `2.1.6` | `2.1.10` |
| [ls-engines](https://github.com/ljharb/ls-engines) | `0.10.0` | `0.10.1` |
| [npm-package-json-lint](https://github.com/tclindner/npm-package-json-lint) | `10.4.0` | `10.4.1` |
| [sort-package-json](https://github.com/keithamus/sort-package-json) | `3.6.1` | `4.0.0` |
| [tsdown](https://github.com/rolldown/tsdown) | `0.22.0` | `0.22.6` |
| [typescript](https://github.com/microsoft/TypeScript) | `6.0.3` | `7.0.2` |



Updates `@biomejs/biome` from 2.4.15 to 2.5.3
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.5.3/packages/@biomejs/biome)

Updates `@commitlint/cli` from 21.0.1 to 21.2.1
- [Release notes](https://github.com/conventional-changelog/commitlint/releases)
- [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/cli/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/commitlint/commits/v21.2.1/@commitlint/cli)

Updates `@commitlint/config-conventional` from 21.0.1 to 21.2.0
- [Release notes](https://github.com/conventional-changelog/commitlint/releases)
- [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/config-conventional/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/commitlint/commits/v21.2.0/@commitlint/config-conventional)

Updates `@types/node` from 25.8.0 to 26.1.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vitest/coverage-v8` from 4.1.6 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/coverage-v8)

Updates `concurrently` from 9.2.1 to 10.0.3
- [Release notes](https://github.com/open-cli-tools/concurrently/releases)
- [Commits](open-cli-tools/concurrently@v9.2.1...v10.0.3)

Updates `lefthook` from 2.1.6 to 2.1.10
- [Release notes](https://github.com/evilmartians/lefthook/releases)
- [Changelog](https://github.com/evilmartians/lefthook/blob/master/CHANGELOG.md)
- [Commits](evilmartians/lefthook@v2.1.6...v2.1.10)

Updates `ls-engines` from 0.10.0 to 0.10.1
- [Changelog](https://github.com/ljharb/ls-engines/blob/main/CHANGELOG.md)
- [Commits](ljharb/ls-engines@v0.10.0...v0.10.1)

Updates `npm-package-json-lint` from 10.4.0 to 10.4.1
- [Release notes](https://github.com/tclindner/npm-package-json-lint/releases)
- [Changelog](https://github.com/tclindner/npm-package-json-lint/blob/master/CHANGELOG.md)
- [Commits](tclindner/npm-package-json-lint@v10.4.0...v10.4.1)

Updates `sort-package-json` from 3.6.1 to 4.0.0
- [Release notes](https://github.com/keithamus/sort-package-json/releases)
- [Commits](keithamus/sort-package-json@v3.6.1...v4.0.0)

Updates `tsdown` from 0.22.0 to 0.22.6
- [Release notes](https://github.com/rolldown/tsdown/releases)
- [Commits](rolldown/tsdown@v0.22.0...v0.22.6)

Updates `typescript` from 6.0.3 to 7.0.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

Updates `vitest` from 4.1.6 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.5.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@commitlint/cli"
  dependency-version: 21.2.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@commitlint/config-conventional"
  dependency-version: 21.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@types/node"
  dependency-version: 26.1.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: concurrently
  dependency-version: 10.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: lefthook
  dependency-version: 2.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: ls-engines
  dependency-version: 0.10.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: npm-package-json-lint
  dependency-version: 10.4.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: sort-package-json
  dependency-version: 4.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: tsdown
  dependency-version: 0.22.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants