chore(deps): update devdependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@actions/core (source)	1.10.1 -> 1.11.1					devDependencies	minor
@babel/core (source)	7.25.2 -> 7.26.0					devDependencies	minor
@biomejs/biome (source)	1.9.2 -> 1.9.4					devDependencies	patch
@octokit/plugin-paginate-rest	11.3.3 -> 11.3.5					devDependencies	patch
@octokit/plugin-rest-endpoint-methods	13.2.4 -> 13.2.6					devDependencies	patch
@octokit/types	13.5.0 -> 13.6.1					devDependencies	minor
@types/jest (source)	29.5.13 -> 29.5.14					devDependencies	patch
@types/node (source)	22.5.5 -> 22.8.1					devDependencies	minor
cspell (source)	8.14.4 -> 8.15.4					devDependencies	minor
dprint	0.47.2 -> 0.47.4					devDependencies	patch
eslint (source)	^8.57.1 -> 8.57.1					devDependencies	pin
execa	^7 -> 7.2.0					devDependencies	pin
lefthook	1.7.15 -> 1.8.1					devDependencies	minor
npm-check-updates	17.1.2 -> 17.1.6					devDependencies	patch
npm-run-all2	^6.2.3 -> ^7.0.0					devDependencies	major
numerous	1.0.3 -> 2.0.0					devDependencies	major
p-timeout	6.1.2 -> 6.1.3					devDependencies	patch
rollup (source)	4.22.2 -> 4.24.0					devDependencies	minor
terser (source)	5.33.0 -> 5.36.0					devDependencies	minor
turbo (source)	2.1.2 -> 2.2.3					devDependencies	minor
typescript (source)	5.6.2 -> 5.6.3					devDependencies	patch
vite (source)	5.4.7 -> 5.4.10					devDependencies	patch
which	^4.0.0 -> ^5.0.0					devDependencies	major

---

Release Notes

actions/toolkit (@​actions/core)

v1.11.1

• Fix uses of crypto.randomUUID on Node 18 and earlier #​1842

v1.11.0

• Add platform info utilities #​1551
• Remove dependency on uuid package #​1824

babel/babel (@​babel/core)

v7.26.0

Compare Source

v7.25.9

Compare Source

🐛 Bug Fix

• babel-parser, babel-template, babel-types
  • #​16905 fix: Keep type annotations in syntacticPlaceholders mode (@​liuxingbaoyu)
• babel-helper-compilation-targets, babel-preset-env
  • #​16907 fix: support BROWSERSLIST{,_CONFIG} env (@​JLHwung)
• Other
  • #​16884 Analyze ClassAccessorProperty to prevent the no-undef rule (@​victorenator)

🏠 Internal

• babel-helper-transform-fixture-test-runner
  • #​16914 remove test options flaky (@​JLHwung)

🏃‍♀️ Performance

• babel-parser, babel-types
  • #​16918 perf: Make VISITOR_KEYS etc. faster to access (@​liuxingbaoyu)

v7.25.8

Compare Source

🐛 Bug Fix

• babel-core
  • #​16888 Restore public API of resolvePlugin/resolvePreset (@​nicolo-ribaudo)

🏠 Internal

• babel-parser, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-defer, babel-plugin-proposal-partial-application, babel-plugin-proposal-throw-expressions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-static-block, babel-plugin-transform-dynamic-import, babel-plugin-transform-export-namespace-from, babel-plugin-transform-json-strings, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-property-in-object, babel-preset-env
  • #​16824 Inline one-line syntax plugins (@​nicolo-ribaudo)

v7.25.7

Compare Source

🐛 Bug Fix

• babel-helper-validator-identifier
  • #​16825 fix: update identifier to unicode 16 (@​JLHwung)
• babel-traverse
  • #​16814 fix: issue with node path keys updated on unrelated paths (@​DylanPiercey)
• babel-plugin-transform-classes
  • #​16797 Use an inclusion rather than exclusion list for super() check (@​nicolo-ribaudo)
• babel-generator
  • #​16788 Fix printing of TS infer in compact mode (@​nicolo-ribaudo)
  • #​16785 Print TS type annotations for destructuring in assignment pattern (@​nicolo-ribaudo)
  • #​16778 Respect [no LineTerminator here] after nodes (@​nicolo-ribaudo)

💅 Polish

• babel-types
  • #​16852 Add deprecated JSDOC for fields (@​liuxingbaoyu)

🏠 Internal

• babel-core
  • #​16820 Allow sync loading of ESM when --experimental-require-module (@​nicolo-ribaudo)
• babel-helper-compilation-targets, babel-helper-plugin-utils, babel-preset-env
  • #​16858 Add browserslist config to external dependency (@​JLHwung)
• babel-plugin-proposal-destructuring-private, babel-plugin-syntax-decimal, babel-plugin-syntax-import-reflection, babel-standalone
  • #​16809 Archive syntax-import-reflection and syntax-decimal (@​nicolo-ribaudo)
• babel-generator
  • #​16779 Simplify logic for [no LineTerminator here] before nodes (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-plugin-transform-typescript
  • #​16875 perf: Avoid extra cloning of namespaces (@​liuxingbaoyu)
• babel-types
  • #​16842 perf: Improve @​babel/types builders (@​liuxingbaoyu)
  • #​16828 Only access BABEL_TYPES_8_BREAKING at startup (@​nicolo-ribaudo)

biomejs/biome (@​biomejs/biome)

v1.9.4

Compare Source

Analyzer

Bug fixes

• Implement GraphQL suppression action. Contributed by @​vohoanglong0107

• Improved the message for unused suppression comments. Contributed by @​dyc3

• Fix #​4228, where the rule a11y/noInteractiveElementToNoninteractiveRole incorrectly reports a role for non-interactive elements. Contributed by @​eryue0220

• noSuspiciousSemicolonInJsx now catches suspicious semicolons in React fragments. Contributed by @​vasucp1207

CLI

Enhancements

• The --summary reporter now reports parsing diagnostics too. Contributed by @​ematipico

• Improved performance of GritQL queries by roughly 25-30%. Contributed by @​arendjr

Configuration

Bug fixes

• Fix an issue where the JSON schema marked lint rules options as mandatory. Contributed by @​ematipico

Editors

Formatter

Bug fixes

• Fix #​4121. Respect line width when printing multiline strings. Contributed by @​ah-yu

JavaScript APIs

Linter

New features

• Add useGuardForIn. Contributed by @​fireairforce
• Add noDocumentCookie. Contributed by @​tunamaguro
• Add noDocumentImportInPage. Contributed by @​kaioduarte
• Add noDuplicateProperties. Contributed by @​togami2864
• Add noHeadElement. Contributed by @​kaioduarte
• Add noHeadImportInDocument. Contributed by @​kaioduarte
• Add noImgElement. Contributed by @​kaioduarte
• Add noUnknownTypeSelector. Contributed by @​Kazuhiro-Mimaki
• Add useAtIndex. Contributed by @​GunseiKPaseri
• Add noUselessStringRaw. Contributed by @​fireairforce
• Add nursery/useCollapsedIf. Contributed by @​siketyan
• Add useGoogleFontDisplay. Contributed by @​kaioduarte

Bug Fixes

• Biome no longer crashes when it encounters a string that contain a multibyte character (#​4181).

  This fixes a regression introduced in Biome 1.9.3
  The regression affected the following linter rules:

  • nursery/useSortedClasses
  • nursery/useTrimStartEnd
  • style/useTemplate
  • suspicious/noMisleadingCharacterClass

  Contributed by @​Conaclos

• Fix #​4190, where the rule noMissingVarFunction wrongly reported a variable as missing when used inside a var() function that was a newline. Contributed by @​ematipico

• Fix #​4041. Now the rule useSortedClasses won't be triggered if className is composed only by inlined variables. Contributed by @​ematipico

• useImportType and useExportType now report useless inline type qualifiers (#​4178).

  The following fix is now proposed:

  - import type { type A, B } from "";
  + import type { A, B } from "";
  
  - export type { type C, D };
  + export type { C, D };

  Contributed by @​Conaclos

• useExportType now reports ungrouped export from.

  The following fix is now proposed:

  - export { type A, type B } from "";
  + export type { A, B } from "";

  Contributed by @​Conaclos

• noVoidTypeReturn now accepts void expressions in return position (#​4173).

  The following code is now accepted:

  function f(): void {
    return void 0;
  }

  Contributed by @​Conaclos

• noUselessFragments now correctly handles fragments containing HTML escapes (e.g.  ) inside expression escapes { ... } (#​4059).

  The following code is no longer reported:

  function Component() {
    return (
      <div key={index}>{line || <>&nbsp;</>}</div>
    )
  }

  Contributed by @​fireairforce

• noUnusedFunctionParameters and noUnusedVariables no longer reports a parameter as unused when another parameter has a constructor type with the same parameter name (#​4227).

  In the following code, the name parameter is no longer reported as unused.

  export class Foo {
    bar(name: string, _class: new (name: string) => any) {
      return name
    }
  }

  Contributed by @​Conaclos

• noUndeclaredDependencies now accepts dependency names with dots. Contributed by @​Conaclos

• useFilenamingConvention now correctly handles renamed exports (#​4254).

  The rule allows the filename to be named as one of the exports of the module.
  For instance, the file containing the following export can be named Button.

  class Button {}
  export { Button }

  The rule now correctly handles the renaming of an export.
  For example, the file containing the following export can only be named Button.
  Previously the rule expected the file to be named A.

  class A {}
  export { A as Button }

  Contributed by @​Conaclos

• useConsistentMemberAccessibility now ignore private class members such as #property (#​4276). Contributed by @​Conaclos

• noUnknownFunction correctly handles calc-size function (#​4212).

  The following code calc-size is no longer reported as unknown:

  .a { height: calc-size(0px); }

  Contributed by @​fireairforce

• useNamingConvention now allows configuring conventions for readonly index signatures.

Contributed by @​sepruko

• noDuplicateCustomProperties now correctly handles custom properties and ignores non-custom properties.
  Previously, the rule incorrectly reported duplicates for all properties, including non-custom ones. Contributed by @​togami2864

Parser

Bug Fixes

• The CSS parser now accepts more emoji in identifiers (#​3627).

  Browsers accept more emoji than the standard allows.
  Biome now accepts these additional emojis.

  The following code is now correctly parsed:

  p {
    --✨-color: red;
    color: var(--✨-color);
  }

  Contributed by @​Conaclos

• Add support for parsing typescript's resolution-mode in Import Types(#​2115)

  export type Fs = typeof import('fs', { with: { 'resolution-mode': 'import' } });
  export type TypeFromRequire =
    import("pkg", { with: { "resolution-mode": "require" } }).TypeFromRequire;
  export type TypeFromImport =
    import("pkg", { with: { "resolution-mode": "import" } }).TypeFromImport;

  Contributed by @​fireairforce

v1.9.3

Compare Source

CLI

New features

• GritQL queries that match functions or methods will now match async functions or methods as well.

  If this is not what you want, you can capture the async keyword (or its absence) in a metavariable and assert its emptiness:

  $async function foo() {} where $async <: .
  

  Contributed by @​arendjr

Bug fixes

• Fix #​4077: Grit queries no longer need to match the statement's trailing semicolon. Contributed by @​arendjr

• Fix #​4102. Now the CLI command lint doesn't exit with an error code when using --write/--fix. Contributed by @​ematipico

Configuration

Bug fixes

• Fix #​4125, where noLabelWithoutControl options where incorrectly marked as mandatory. Contributed by @​ematipico

Editors

• Fix a case where CSS files weren't correctly linted using the default configuration. Contributed by @​ematipico

Formatter

Bug fixes

• Fix #​3924 where GraphQL formatter panics in block comments with empty line. Contributed by @​vohoanglong0107

• Fix a case where raw values inside url() functions weren't properly trimmed.

  .value {
  -  background: url(
  -   whitespace-around-string
  -  );
  + background: url(whitespace-around-string);
  }

  Contributed by @​ematipico

• Fixed #​4076, where a media query wasn't correctly formatted:

  .class {
  -  @&#8203;media (1024px <= width <=1280px) {
  +  @&#8203;media (1024px <= width <= 1280px) {
     color: red;
     }
  }

  Contributed by @​blaze-d83

JavaScript API

Bug fixes

• Fix #​3881, by updating the APIs to use the latest WASM changes. Contributed by @​ematipico

Linter

New features

• Add noDescendingSpecificity. Contributed by @​tunamaguro

• Add noNestedTernary. Contributed by @​kaykdm

• Add noTemplateCurlyInString. Contributed by @​fireairforce

• Add noOctalEscape. Contributed by @​fireairforce

Enhancements

• Add an option reportUnnecessaryDependencies to useExhaustiveDependencies.

  Defaults to true. When set to false, errors will be suppressed for React hooks that declare dependencies but do not use them.

  Contributed by @​simon-paris

• Add an option reportMissingDependenciesArray to useExhaustiveDependencies. Contributed by @​simon-paris

Bug fixes

• noControlCharactersInRegex no longer panics on regexes with incomplete escape sequences. Contributed by @​Conaclos

• noMisleadingCharacterClass no longer reports issues outside of character classes.

  The following code is no longer reported:

  /[a-z]👍/;

  Contributed by @​Conaclos

• noUndeclaredDependencies no longer reports Node.js builtin modules as undeclared dependencies.

  The rule no longer reports the following code:

  import * as fs from "fs";

  Contributed by @​Conaclos

• noUnusedVariables no longer panics when suggesting the renaming of a variable at the start of a file (#​4114). Contributed by @​Conaclos

• noUselessEscapeInRegex no longer panics on regexes that start with an empty character class. Contributed by @​Conaclos

• noUselessStringConcat no longer panics when it encounters malformed code. Contributed by @​Conaclos

• noUnusedFunctionParameters no longer reports unused parameters inside an object pattern with a rest parameter.

  In the following code, the rule no longer reports a as unused.

  function f({ a, ...rest }) {
    return rest;
  }

  This matches the behavior of noUnusedVariables.

  Contributed by @​Conaclos

• useButtonType no longer reports dynamically created button with a valid type (#​4072).

  The following code is no longer reported:

  React.createElement("button", { type: "button" }, "foo")

  Contributed by @​Conaclos

• useSemanticElements now ignores elements with the img role (#​3994).

  MDN recommends using role="img" for grouping images or creating an image from other elements.
  The following code is no longer reported:

  <div role="img" aria-label="That cat is so cute">
    <p>&#x1F408; &#x1F602;</p>
  </div>

  Contributed by @​Conaclos

• useSemanticElements now ignores alert and alertdialog roles (#​3858). Contributed by @​Conaclos

• noUselessFragments don't create invaild JSX code when Fragments children contains JSX Expression and in a LogicalExpression. Contributed by @​fireairforce

Parser

Bug fixes

• Forbid undefined as type name for typescript parser. Contributed by @​fireairforce

octokit/plugin-paginate-rest.js (@​octokit/plugin-paginate-rest)

v11.3.5

Compare Source

Bug Fixes

• types: improve type extraction for namespaced responses and correct async iterator types (#​637) (e95444d)

v11.3.4

Compare Source

Bug Fixes

• deps: bump @octokit/types (#​636) (b2dc51c)

octokit/plugin-rest-endpoint-methods.js (@​octokit/plugin-rest-endpoint-methods)

v13.2.6

Compare Source

Bug Fixes

• deps: bump @octokit/types (#​773) (c5271a2)

v13.2.5

Compare Source

Bug Fixes

• typescript: bump octokit/types for types for request.request.signal (#​771) (24f5176)

octokit/types.ts (@​octokit/types)

v13.6.1

Compare Source

Bug Fixes

• restore CJS compat (#​651) (d66a6b9)

v13.6.0

Compare Source

Features

• add better types for request.request.signal (#​649) (78173c7)

v13.5.1

Compare Source

Bug Fixes

• deps: update dependency @​octokit/tsconfig to v4 (#​610) (b01e2fb)

streetsidesoftware/cspell (cspell)

v8.15.4

Compare Source

• chore: Update Integration Test Performance Data (#​6389) (7ece6a7), closes #​6389

v8.15.3

Compare Source

• chore: Update Integration Test Performance Data (#​6377) (7ff6781), closes #​6377

v8.15.2

Compare Source

• chore: Update Integration Test Performance Data (#​6361) (d639368), closes #​6361

v8.15.1

Compare Source

• fix: Sign Published Packages (#​6350) (633b060), closes #​6350

v8.15.0

Compare Source

• chore: bump eslint-plugin-unicorn from 55.0.0 to 56.0.0 (#​6332) (67d1e92), closes #​6332

dprint/dprint (dprint)

v0.47.4

Compare Source

Changes

• fix: improve automated config file editing and respect trailing commas (#​926)

The automated editing of the config file that dprint does like dprint config add ... should be a lot more intelligent.

Install

Run dprint upgrade or see https://dprint.dev/install/

Checksums

Artifact	SHA-256 Checksum
dprint-x86_64-apple-darwin.zip	16f360c526c14c070ab618cf6c36ff9c8bf5b32c7e07a0c0c9b58d91697b4a40
dprint-aarch64-apple-darwin.zip	522783119d1ab52164ff2aaea2072c1578a7b8988156a0add06d370eb58d439e
dprint-x86_64-pc-windows-msvc.zip	d91d0a6e607f06ee06fe2b01a6f602e2ace14d44e1d6f11ec6b3f1e0887a6fd6
dprint-x86_64-pc-windows-msvc-installer.exe	871e668d67acfed5db215328d3589a57196881dcebbda286640188f6fcb9519b
dprint-x86_64-unknown-linux-gnu.zip	6017a25b83dc76e2c3676657b538d1b4862101cd4d13b26d2a3755811234ead6
dprint-x86_64-unknown-linux-musl.zip	f43c768656e8024812222a238391601ad8db8e095fa87068e0d5c9c6176cb96a
dprint-aarch64-unknown-linux-gnu.zip	68f7a0072612ab5b4bee3d7609d47c896050ed54844f8794d871965cb480aa70
dprint-aarch64-unknown-linux-musl.zip	3b009c51c85336058672b4be54d4bdb044b7f9bbd570d51802449c1eac18ef6c

evilmartians/lefthook (lefthook)

v1.8.1

Compare Source

• chore: bump Go to 1.23 (#​856) by Valentin Kiselev
• fix: skip git lfs hook when calling manually (#​855) by Valentin Kiselev

v1.8.0

Compare Source

• fix: [breaking] don't auto-install lefthook with npx if not found (#​602) by @​anthony-hayes
• fix: [breaking] execute files command within configured root (#​607) by @​mrexox
• fix: calculate hashsum of the full config (#​854) by @​mrexox
• feat: support globs in extends (#​853) by @​mrexox
• docs: simplify configuration docs (#​851) by @​mrexox

v1.7.22

Compare Source

• feat: add skip option merge-commit (#​850) by @​mrexox
• ci: parallelize publishing (#​847) by @​mrexox
• fix: increase self update download timeout (#​849) by @​mrexox
• docs: update docs with new packages (#​848) by @​mrexox

v1.7.21

Compare Source

• feat: maintain Python package too (#​845) by @​mrexox
• ci: generate apk files (#​843) by @​mrexox
• docs: mention to uninstall npm package (#​842) by @​mrexox
• chore: hide remaining wiki links (#​841) by @​midskyey
• docs: update info about merge order (#​838) by @​mrexox
• docs: actualize (#​831) by @​mrexox

v1.7.18

Compare Source

• fix: force remote name origin when using remotes (#​830) by @​mrexox
• deps: September 2024 (#​829) by @​mrexox

v1.7.17

Compare Source

• feat: skip LFS hooks when pre-push hook is skipped (#​818) by @​zachahn

v1.7.16

Compare Source

• chore: enhance some code parts (#​824) by @​mrexox
• fix: quote script path (#​823) by @​mrexox
• docs: fix typo for command names in configuration.md (#​814) by @​nack43

raineorshine/npm-check-updates (npm-check-updates)

v17.1.6

Compare Source

v17.1.5

Compare Source

v17.1.4

Compare Source

[v17.1.3](https://redirect.github.com/raineorshine/npm-check-updates/com

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.