Skip to content

chore: bump the development-dependencies group across 1 directory with 5 updates#1741

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/development-dependencies-4ce25dfb0c
Open

chore: bump the development-dependencies group across 1 directory with 5 updates#1741
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/development-dependencies-4ce25dfb0c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 2, 2026
edited
Loading

Bumps the development-dependencies group with 5 updates in the / directory:

Package From To
@biomejs/biome 2.3.11 2.4.10
@commitlint/cli 20.3.1 20.5.0
@commitlint/config-conventional 20.3.1 20.5.0
jest 30.2.0 30.3.0
release-please 17.1.3 17.3.0

Updates @biomejs/biome from 2.3.11 to 2.4.10

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.10

2.4.10

Patch Changes

  • #8838 f3a6a6b Thanks @​baeseokjae! - Added new lint nursery rule noImpliedEval.

    The rule detects implied eval() usage through functions like setTimeout, setInterval, and setImmediate when called with string arguments.

    // Invalid
setTimeout("alert('Hello');", 100);
// Valid
setTimeout(() => alert("Hello"), 100);

  • #9320 93c3b6c Thanks @​taberoajorge! - Fixed #7664: noUnusedVariables no longer reports false positives for TypeScript namespace declarations that participate in declaration merging with an exported or used value declaration (const, function, or class) of the same name. The reverse direction is also handled: a value declaration merged with an exported namespace is no longer flagged.

  • #9630 1dd4a56 Thanks @​raashish1601! - Fixed #9629: noNegationElse now keeps ternary branch comments attached to the correct branch when applying its fixer.

  • #9216 04243b0 Thanks @​FrederickStempfle! - Fixed #9061: noProcessEnv now also detects process.env when process is imported from the "process" or "node:process" modules.

    Previously, only the global process object was flagged:

    import process from "node:process";
// This was not flagged, but now it is:
console.log(process.env.NODE_ENV);

  • #9692 61b7ec5 Thanks @​mkosei! - Fixed Svelte #each destructuring parsing and formatting for nested patterns such as [key, { a, b }].

  • #9627 06a0f35 Thanks @​ematipico! - Fixed #191: Improved the performance of how the Biome Language Server pulls code actions and diagnostics.

    Before, code actions were pulled and computed all at once in one request. This approach couldn't work in big files, and caused Biome to stale and have CPU usage spikes up to 100%.

    Now, code actions are pulled and computed lazily, and Biome won't choke anymore in big files.

  • #9643 5bfee36 Thanks @​dyc3! - Fixed #9347: useVueValidVBind no longer reports valid object bindings like v-bind="props".

  • #9627 06a0f35 Thanks @​ematipico! - Fixed assist diagnostics being invisible when using --diagnostic-level=error. Enforced assist violations (e.g. useSortedKeys) were filtered out before being promoted to errors, causing biome check to incorrectly return success.

  • #9695 9856a87 Thanks @​dyc3! - Added the new nursery rule noUnsafePlusOperands, which reports + and += operations that use object-like, symbol, unknown, or never operands, or that mix number with bigint.

  • #9627 06a0f35 Thanks @​ematipico! - Fixed duplicate parse errors in check and ci output. When a file had syntax errors, the same parse error was printed twice and the error count was inflated.

  • #9627 06a0f35 Thanks @​ematipico! - Improved the performance of the commands lint and check when they are called with --write.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.10

Patch Changes

  • #8838 f3a6a6b Thanks @​baeseokjae! - Added new lint nursery rule noImpliedEval.

    The rule detects implied eval() usage through functions like setTimeout, setInterval, and setImmediate when called with string arguments.

    // Invalid
setTimeout("alert('Hello');", 100);
// Valid
setTimeout(() => alert("Hello"), 100);

  • #9320 93c3b6c Thanks @​taberoajorge! - Fixed #7664: noUnusedVariables no longer reports false positives for TypeScript namespace declarations that participate in declaration merging with an exported or used value declaration (const, function, or class) of the same name. The reverse direction is also handled: a value declaration merged with an exported namespace is no longer flagged.

  • #9630 1dd4a56 Thanks @​raashish1601! - Fixed #9629: noNegationElse now keeps ternary branch comments attached to the correct branch when applying its fixer.

  • #9216 04243b0 Thanks @​FrederickStempfle! - Fixed #9061: noProcessEnv now also detects process.env when process is imported from the "process" or "node:process" modules.

    Previously, only the global process object was flagged:

    import process from "node:process";
// This was not flagged, but now it is:
console.log(process.env.NODE_ENV);

  • #9692 61b7ec5 Thanks @​mkosei! - Fixed Svelte #each destructuring parsing and formatting for nested patterns such as [key, { a, b }].

  • #9627 06a0f35 Thanks @​ematipico! - Fixed #191: Improved the performance of how the Biome Language Server pulls code actions and diagnostics.

    Before, code actions were pulled and computed all at once in one request. This approach couldn't work in big files, and caused Biome to stale and have CPU usage spikes up to 100%.

    Now, code actions are pulled and computed lazily, and Biome won't choke anymore in big files.

  • #9643 5bfee36 Thanks @​dyc3! - Fixed #9347: useVueValidVBind no longer reports valid object bindings like v-bind="props".

  • #9627 06a0f35 Thanks @​ematipico! - Fixed assist diagnostics being invisible when using --diagnostic-level=error. Enforced assist violations (e.g. useSortedKeys) were filtered out before being promoted to errors, causing biome check to incorrectly return success.

  • #9695 9856a87 Thanks @​dyc3! - Added the new nursery rule noUnsafePlusOperands, which reports + and += operations that use object-like, symbol, unknown, or never operands, or that mix number with bigint.

  • #9627 06a0f35 Thanks @​ematipico! - Fixed duplicate parse errors in check and ci output. When a file had syntax errors, the same parse error was printed twice and the error count was inflated.

  • #9627 06a0f35 Thanks @​ematipico! - Improved the performance of the commands lint and check when they are called with --write.

  • #9627 06a0f35 Thanks @​ematipico! - Fixed --diagnostic-level not fully filtering diagnostics. Setting --diagnostic-level=error now correctly excludes warnings and infos from both the output and the summary counts.

... (truncated)

Commits

Updates @commitlint/cli from 20.3.1 to 20.5.0

Release notes

Sourced from @​commitlint/cli's releases.

v20.5.0

20.5.0 (2026-03-15)

Bug Fixes

Features

New Contributors

Full Changelog: conventional-changelog/commitlint@v20.4.4...v20.5.0

v20.4.4

20.4.4 (2026-03-12)

Bug Fixes

New Contributors

Full Changelog: conventional-changelog/commitlint@v20.4.3...v20.4.4

v20.4.3

20.4.3 (2026-03-03)

Bug Fixes

... (truncated)

Changelog

Sourced from @​commitlint/cli's changelog.

20.5.0 (2026-03-15)

Bug Fixes

  • cli: validate that --cwd directory exists before execution (#4658) (cf80f75), closes #4595

20.4.4 (2026-03-12)

Note: Version bump only for package @​commitlint/cli

20.4.3 (2026-03-03)

Bug Fixes

20.4.2 (2026-02-19)

Note: Version bump only for package @​commitlint/cli

20.4.1 (2026-02-02)

Note: Version bump only for package @​commitlint/cli

20.4.0 (2026-01-30)

Features

... (truncated)

Commits

Updates @commitlint/config-conventional from 20.3.1 to 20.5.0

Release notes

Sourced from @​commitlint/config-conventional's releases.

v20.5.0

20.5.0 (2026-03-15)

Bug Fixes

Features

New Contributors

Full Changelog: conventional-changelog/commitlint@v20.4.4...v20.5.0

v20.4.4

20.4.4 (2026-03-12)

Bug Fixes

New Contributors

Full Changelog: conventional-changelog/commitlint@v20.4.3...v20.4.4

v20.4.3

20.4.3 (2026-03-03)

Bug Fixes

... (truncated)

Changelog

Sourced from @​commitlint/config-conventional's changelog.

20.5.0 (2026-03-15)

Note: Version bump only for package @​commitlint/config-conventional

20.4.4 (2026-03-12)

Note: Version bump only for package @​commitlint/config-conventional

20.4.3 (2026-03-03)

Bug Fixes

20.4.2 (2026-02-19)

Note: Version bump only for package @​commitlint/config-conventional

20.4.1 (2026-02-02)

Note: Version bump only for package @​commitlint/config-conventional

20.4.0 (2026-01-30)

Features

Commits

Updates jest from 30.2.0 to 30.3.0

Release notes

Sourced from jest's releases.

v30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)
Changelog

Sourced from jest's changelog.

30.3.0

Features

  • [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
  • [jest-fake-timers] Add setTimerTickMode to configure how timers advance
  • [*] Reduce token usage when run through LLMs (3f17932)

Fixes

  • [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
  • [jest-mock] Use Symbol from test environment (#15858)
  • [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
  • [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
  • [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
  • [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

  • [*] Replace remaining micromatch uses with picomatch
  • [deps] Update to sinon/fake-timers v15
  • [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
  • Updated Twitter icon to match the latest brand guidelines (#15869)
Commits

Updates release-please from 17.1.3 to 17.3.0

Release notes

Sourced from release-please's releases.

v17.3.0

17.3.0 (2026-02-18)

Features

  • add ability to configure how many commits we retrieve when iterating through repo history (#2679) (fee210a)

v17.2.1

17.2.1 (2026-02-13)

Bug Fixes

  • "prerelease" versioning strategy (#2516) (95a6568)
  • a bug where a reference to an missing variable in PowerShell would cause an exception (#2619) (0279fcf)

v17.2.0

17.2.0 (2026-01-20)

Features

  • add --force-tag option to explicitly create git tags for releases. (#2627) (e3eba37)
  • add include-v-in-release-name config option (#2633) (84a43ef)
  • dependency-manifest.ts: add support for Dependabot commit messages (#2584) (6a9ddb7)
Changelog

Sourced from release-please's changelog.

17.3.0 (2026-02-18)

Features

  • add ability to configure how many commits we retrieve when iterating through repo history (#2679) (fee210a)

17.2.1 (2026-02-13)

Bug Fixes

  • "prerelease" versioning strategy (#2516) (95a6568)
  • a bug where a reference to an missing variable in PowerShell would cause an exception (#2619) (0279fcf)

17.2.0 (2026-01-20)

Features

  • add --force-tag option to explicitly create git tags for releases. (#2627) (e3eba37)
  • add include-v-in-release-name config option (#2633) (84a43ef)
  • dependency-manifest.ts: add support for Dependabot commit messages (#2584) (6a9ddb7)
Commits
  • 891bcf6 chore(main): release 17.3.0 (#2680)
  • fee210a feat: add ability to configure how many commits we retrieve when iterating th...
  • 02586f5 chore(main): release 17.2.1 (#2659)
  • 0279fcf fix: a bug where a reference to an missing variable in PowerShell would cause...
  • fbed6c3 chore: replace old nodejs teams with cloud-sdk-nodejs-team (#2671)
  • 1c3cd54 build: restrict permissions in GHA workflow (#2668)
  • 369ffd4 build(deps): bump lodash from 4.17.21 to 4.17.23 (#2660)
  • 9b660c2 docs: fix a typo in manifest-releaser.md (#2658)
  • 95a6568 fix: "prerelease" versioning strategy (#2516)
  • cb47346 build(deps): bump diff (#2657)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the development-dependencies group across 1 directory wit…
976151e 
…h 5 updates

Bumps the development-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.3.11` | `2.4.10` |
| [@commitlint/cli](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/cli) | `20.3.1` | `20.5.0` |
| [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/config-conventional) | `20.3.1` | `20.5.0` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.2.0` | `30.3.0` |
| [release-please](https://github.com/googleapis/release-please) | `17.1.3` | `17.3.0` |



Updates `@biomejs/biome` from 2.3.11 to 2.4.10
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.10/packages/@biomejs/biome)

Updates `@commitlint/cli` from 20.3.1 to 20.5.0
- [Release notes](https://github.com/conventional-changelog/commitlint/releases)
- [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/cli/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/commitlint/commits/v20.5.0/@commitlint/cli)

Updates `@commitlint/config-conventional` from 20.3.1 to 20.5.0
- [Release notes](https://github.com/conventional-changelog/commitlint/releases)
- [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/config-conventional/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/commitlint/commits/v20.5.0/@commitlint/config-conventional)

Updates `jest` from 30.2.0 to 30.3.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest)

Updates `release-please` from 17.1.3 to 17.3.0
- [Release notes](https://github.com/googleapis/release-please/releases)
- [Changelog](https://github.com/googleapis/release-please/blob/main/CHANGELOG.md)
- [Commits](googleapis/release-please@v17.1.3...v17.3.0)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.4.10
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@commitlint/cli"
  dependency-version: 20.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@commitlint/config-conventional"
  dependency-version: 20.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: jest
  dependency-version: 30.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: release-please
  dependency-version: 17.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 2, 2026
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@next-team next-team Awaiting requested review from next-team next-team is a code owner

@ft-dependency-auto-merger ft-dependency-auto-merger Awaiting requested review from ft-dependency-auto-merger ft-dependency-auto-merger is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

auto-merge: unsafe dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants