Skip to content

chore(dev-deps)(deps-dev): bump the development-deps group with 4 updates#45

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/development-deps-d7d370d54d
Closed

chore(dev-deps)(deps-dev): bump the development-deps group with 4 updates#45
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/development-deps-d7d370d54d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the development-deps group with 4 updates: @biomejs/biome, @types/node, @vitest/coverage-v8 and turbo.

Updates @biomejs/biome from 2.4.15 to 2.4.16

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.16

2.4.16

Patch Changes

  • #10329 ef764d5 Thanks @​Conaclos! - Fixed an issue where diagnostics showed an incorrect location in Astro files.

  • #10363 50aa415 Thanks @​dyc3! - Fixed HTML formatting for a case where comments could cause the formatter to split up a closing tag, which would cause the resulting HTML to be syntactically invalid.

    Input:

    <span
  ><!-- 1
--><span>a</span
  ><!-- 2
--><span>b</span
  ><!-- 3
--></span>

    Output:

      <span
	  ><!-- 1
- --> <span>a</span<!-- 2
- --> ><span>b</span><!-- 3
+ --><span>a</span><!-- 2
+ --><span>b</span><!-- 3
  --></span
  >

  • #10465 0c718da Thanks @​dfedoryshchev! - Fixed diagnostics emitted by the noUntrustedLicenses rule.

  • #10358 05c2617 Thanks @​dyc3! - Fixed #10356: biome rage --linter now displays rules enabled through linter domains in the enabled rules list.

  • #10300 950247c Thanks @​dyc3! - Fixed #10265: Svelte function bindings such as bind:value={get, set} are now parsed more precisely, so noCommaOperator won't emit false positives for that syntax anymore.

  • #9786 e71f584 Thanks @​MeGaNeKoS! - Fixed #8480: useDestructuring now provides variableDeclarator and assignmentExpression options to control which contexts enforce destructuring, matching ESLint's prefer-destructuring configuration. Both default to {array: true, object: true}. The diagnostic for object destructuring in assignment expressions now instructs users to wrap the assignment in parentheses.

  • #10425 1948b72 Thanks @​sjh9714! - Fixed #10244: The useOptionalChain rule now detects negated guard inequality chains like !foo || foo.bar !== "x".

  • #10442 001f94f Thanks @​ematipico! - Fixed #10411: noMisusedPromises no longer causes a stack overflow when a nested function returns an object with shorthand properties that shadow destructured variables from an outer scope.

  • #10318 9b1577f Thanks @​dyc3! - Added support for formatter.trailingCommas in overrides. This option was previously available in the top-level formatter configuration but missing from formatter overrides.

  • #10319 2e37709 Thanks @​dyc3! - Fixed Vue and Svelte formatting for standalone interpolations in inline elements. Biome now preserves existing newlines in cases like:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.16

Patch Changes

  • #10329 ef764d5 Thanks @​Conaclos! - Fixed an issue where diagnostics showed an incorrect location in Astro files.

  • #10363 50aa415 Thanks @​dyc3! - Fixed HTML formatting for a case where comments could cause the formatter to split up a closing tag, which would cause the resulting HTML to be syntactically invalid.

    Input:

    <span
  ><!-- 1
--><span>a</span
  ><!-- 2
--><span>b</span
  ><!-- 3
--></span>

    Output:

      <span
	  ><!-- 1
- --> <span>a</span<!-- 2
- --> ><span>b</span><!-- 3
+ --><span>a</span><!-- 2
+ --><span>b</span><!-- 3
  --></span
  >

  • #10465 0c718da Thanks @​dfedoryshchev! - Fixed diagnostics emitted by the noUntrustedLicenses rule.

  • #10358 05c2617 Thanks @​dyc3! - Fixed #10356: biome rage --linter now displays rules enabled through linter domains in the enabled rules list.

  • #10300 950247c Thanks @​dyc3! - Fixed #10265: Svelte function bindings such as bind:value={get, set} are now parsed more precisely, so noCommaOperator won't emit false positives for that syntax anymore.

  • #9786 e71f584 Thanks @​MeGaNeKoS! - Fixed #8480: useDestructuring now provides variableDeclarator and assignmentExpression options to control which contexts enforce destructuring, matching ESLint's prefer-destructuring configuration. Both default to {array: true, object: true}. The diagnostic for object destructuring in assignment expressions now instructs users to wrap the assignment in parentheses.

  • #10425 1948b72 Thanks @​sjh9714! - Fixed #10244: The useOptionalChain rule now detects negated guard inequality chains like !foo || foo.bar !== "x".

  • #10442 001f94f Thanks @​ematipico! - Fixed #10411: noMisusedPromises no longer causes a stack overflow when a nested function returns an object with shorthand properties that shadow destructured variables from an outer scope.

  • #10318 9b1577f Thanks @​dyc3! - Added support for formatter.trailingCommas in overrides. This option was previously available in the top-level formatter configuration but missing from formatter overrides.

  • #10319 2e37709 Thanks @​dyc3! - Fixed Vue and Svelte formatting for standalone interpolations in inline elements. Biome now preserves existing newlines in cases like:

    

    • 






... (truncated)





Commits

    

  • 5f4ea56 ci: release (#10326)
    • 

  • de2a33c fix(core): regression in emitted types (#10478)
    • 

  • d835303 docs: remove redundant default phrase in useConsistentObjectDefinitions rul...
    • 

  • 4f1aaf2 fix: incorrect build when using build or test (#10426)
    • 

  • dc73b6b refactor: make plugins opt-in via feature gate (#10418)
    • 

  • e71f584 feat(useDestructuring): add options for assignment/declaration and improve di...
    • 

  • 9b1577f fix(config): support trailingCommas in overrides (#10318)
    • 

  • See full diff in compare view
    • 







Updates @types/node from 25.6.0 to 25.6.2



Commits






Updates @vitest/coverage-v8 from 3.2.4 to 3.2.6



Release notes

Sourced from @​vitest/coverage-v8's releases.




v3.2.6


   🐞 Bug Fixes



    View changes on GitHub


v3.2.5


   🚀 Features



   🐞 Bug Fixes



    View changes on GitHub







Commits

    

  • b6d56f8 chore: release v3.2.6
    • 

  • 16f120d fix: pin last supported vite-node version
    • 

  • 2cbad0a chore: release v3.2.5
    • 

  • 385a1ae fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
    • 

  • See full diff in compare view
    • 






Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​vitest/coverage-v8 since your current version.






Updates turbo from 2.9.14 to 2.9.18



Release notes

Sourced from turbo's releases.




Turborepo v2.9.18



What's Changed


Changelog



New Contributors



Full Changelog: vercel/turborepo@v2.9.17...v2.9.18


Turborepo v2.9.17



What's Changed


Changelog






... (truncated)





Commits






Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.





Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:


    

  • @dependabot rebase will rebase this PR
    • 

  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • 

  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
    • 

  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
    • 

  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
    • 

  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
    • 

  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
    • 

  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    • 




    

  
  



      


          

          
  
  

    
  
    
    

  

  

  



                    

          
        





  





    



      

  
        

  

      

  
  

  
          

  

    

      


  

      
        @dependabot
  




      

        
          chore(dev-deps)(deps-dev): bump the development-deps group with 4 upd…
        

          
                        
      


      

        

    
    
    

  

    


      


      

        

          

    
    
    

  

  

    
  



        

      


      

        
          f9b74a8
        
      

    

  

    

      
…ates

Bumps the development-deps group with 4 updates: [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [turbo](https://github.com/vercel/turborepo).


Updates `@biomejs/biome` from 2.4.15 to 2.4.16
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.16/packages/@biomejs/biome)

Updates `@types/node` from 25.6.0 to 25.6.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@vitest/coverage-v8` from 3.2.4 to 3.2.6
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.6/packages/coverage-v8)

Updates `turbo` from 2.9.14 to 2.9.18
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.9.14...v2.9.18)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.4.16
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-deps
- dependency-name: "@types/node"
  dependency-version: 25.6.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-deps
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 3.2.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-deps
- dependency-name: turbo
  dependency-version: 2.9.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-deps
...

Signed-off-by: dependabot[bot] <support@github.com>

    







  








      

  
      



  

  @dependabot


    @github




  



    

      

  

    

      
          
      

      
            dependabot
  Bot

      

      

      commented

        on behalf of github

        Jun 15, 2026



      
    


  


  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

              
  
      
                Copy Markdown

  

        
      

    


    

        

  
    Contributor


        

  Author


    

  





      


        



  
    

      
          
Labels


The following labels could not be found: dependabot, dependencies. Please create them before Dependabot can add them to a pull request.


Please fix the above issues or remove invalid values from dependabot.yml.


      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
      



  

  @reaatech






  



    

      

  

    

      
          
      

      
            reaatech
  

      

      

      commented


        Jun 15, 2026



      
    


  


  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

              
  
      
                Copy Markdown

  

        
      

    


    

        

  
    Owner


        

    

  





      


        



  
    

      
          
🔒 Closed — pre-existing transitive vulnerabilities, outside scope of this PR


group development-deps: the only failing CI check(s) are All Checks Passed, Security Audit, which flag vulnerable transitive dependencies that this dep-bump cannot reach. No PR-level action (this bump or any rewrite of it) can fix the audit findings — they require either an upstream parent-package release or a root-level dependency update unrelated to this PR.


Closing to keep the dependabot queue actionable. Run pnpm audit locally to see the affected paths.


If you believe this PR's bump does actually introduce a fixable audit finding (rare), reopen it and add the label repobot:keep-open.


      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
            

    

      
    

    


      


          @reaatech
reaatech




          added
  the 

  repobot:audit-transitive-skip

  Closed by repobot — pre-existing transitive vulnerability outside PR scope
 label


      Jun 15, 2026

    

  



    

    

      
    

    


      


          @reaatech
reaatech




          closed this


      Jun 15, 2026

    

  


    







      

  
      



  

  @dependabot


    @github




  



    

      

  

    

      
          
      

      
            dependabot
  Bot

      

      

      commented

        on behalf of github

        Jun 15, 2026



      
    


  


  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

              
  
      
                Copy Markdown

  

        
      

    


    

        

  
    Contributor


        

  Author


    

  





      


        



  
    

      
          
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.


To ignore these dependencies, configure ignore rules in dependabot.yml


      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
          

  
  

  
      @dependabot
  dependabot
Bot

    
    deleted the
    
      
        dependabot/npm_and_yarn/development-deps-d7d370d54d
    
    branch

    June 15, 2026 14:24    
    













  
  

    

      

  










  








  
      

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  










      

  

    
    

    

  

    Reviewers
  


    

    No reviews






    

  


      
  

    Assignees
  



        


    No one assigned







      


  


  

    Labels
  



    

      

    repobot:audit-transitive-skip

  Closed by repobot — pre-existing transitive vulnerability outside PR scope








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
  

    Development
  



            


Successfully merging this pull request may close these issues.





  
  



      
    

  




      

    

  
        

  

    

      1 participant
    

    

        
          @reaatech