fix(deps): update non-major-updates (feature/beta-release)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@eslint/json	^1.1.0 → ^1.2.0			devDependencies	minor
@tanstack/react-query (source)	^5.91.2 → ^5.91.3			dependencies	patch
anchore/scan-action	v7.3.2 → v7.4.0			action	minor
eslint (source)	^10.0.3 → ^10.1.0			overrides	minor
eslint (source)	^10.0.3 → ^10.1.0			devDependencies	minor
github/codeql-action (changelog)	b1bff81 → c6f9311			action	digest
github/codeql-action	v4.33.0 → v4.34.0			action	minor
github/codeql-action	30c555a → 095e0fe			action	digest
knip (source)	^6.0.0 → ^6.0.1			devDependencies	patch
tldts	^7.0.26 → ^7.0.27			dependencies	patch

---

Release Notes

eslint/json (@​eslint/json)

v1.2.0

Compare Source

Features

• implement autofix for sort-keys (#​216) (3534818)

TanStack/query (@​tanstack/react-query)

v5.91.3

Compare Source

Patch Changes

• fix: stop node types from leaking into browser (#​10302)

anchore/scan-action (anchore/scan-action)

v7.4.0

Compare Source

v7.4.0

• chore: update to node 24 (#​629) [@​kzantow]
• fix(dev): move to esbuild (#​601) [@​willmurphyscode]
• chore: update to ES modules + update @actions/* (#​595) [@​kzantow]

⬆️ Dependencies

• chore(deps): update Grype to v0.110.0 (#​618) [@​anchore-actions-token-generator[bot]]
• chore(deps-dev): bump tar 7.5.11 (#​620) [@​dependabot[bot]]
• chore(deps): bump undici 6.24.1 (#​622) [@​dependabot[bot]]
• chore: bump fast-xml-parser 5.5.7 (#​626) [@​dependabot[bot]]

eslint/eslint (eslint)

v10.1.0

Compare Source

Features

• ff4382b feat: apply fix for no-var in TSModuleBlock (#​20638) (Tanuj Kanti)
• 0916995 feat: Implement api support for bulk-suppressions (#​20565) (Blake Sager)

Bug Fixes

• 2b8824e fix: Prevent no-var autofix when a variable is used before declaration (#​20464) (Amaresh S M)
• e58b4bf fix: update eslint (#​20597) (renovate[bot])

Documentation

• b7b57fe docs: use correct JSDoc link in require-jsdoc.md (#​20641) (mkemna-clb)
• 58e4cfc docs: add deprecation notice partial (#​20639) (Milos Djermanovic)
• 7143dbf docs: update v9 migration guide for @eslint/js usage (#​20540) (fnx)
• 035fc4f docs: note that globalReturn applies only with sourceType: "script" (#​20630) (Milos Djermanovic)
• e972c88 docs: merge ESLint option descriptions into type definitions (#​20608) (Francesco Trotta)
• 7f10d84 docs: Update README (GitHub Actions Bot)
• aeed007 docs: open playground link in new tab (#​20602) (Tanuj Kanti)
• a0d1a37 docs: Add AI Usage Policy (#​20510) (Nicholas C. Zakas)

Chores

• a9f9cce chore: update dependency eslint-plugin-unicorn to ^63.0.0 (#​20584) (Milos Djermanovic)
• 1f42bd7 chore: update prettier to 3.8.1 (#​20651) (루밀LuMir)
• c0a6f4a chore: update dependency @​eslint/json to ^1.2.0 (#​20652) (renovate[bot])
• cc43f79 chore: update dependency c8 to v11 (#​20650) (renovate[bot])
• 2ce4635 chore: update dependency @​eslint/json to v1 (#​20649) (renovate[bot])
• f0406ee chore: update dependency markdownlint-cli2 to ^0.21.0 (#​20646) (renovate[bot])
• dbb4c95 chore: remove trunk (#​20478) (sethamus)
• c672a2a test: fix CLI test for empty output file (#​20640) (kuldeep kumar)
• c7ada24 ci: bump pnpm/action-setup from 4.3.0 to 4.4.0 (#​20636) (dependabot[bot])
• 07c4b8b test: fix RuleTester test without test runners (#​20631) (Francesco Trotta)
• 079bba7 test: Add tests for isValidWithUnicodeFlag (#​20601) (Manish chaudhary)
• 5885ae6 ci: unpin Node.js 25.x in CI (#​20615) (Copilot)
• f65e5d3 chore: update pnpm/action-setup digest to b906aff (#​20610) (renovate[bot])

github/codeql-action (github/codeql-action)

v4.34.0

Compare Source

webpro-nl/knip (knip)

v6.0.1

Compare Source

remusao/tldts (tldts)

v7.0.27

Compare Source

📜 Update Public Suffix List

• tldts-experimental, tldts
  • Update upstream public suffix list #​2534 (@​remusao)

🔩 Dependencies

• Bump flatted from 3.3.1 to 3.4.2 #​2535 (@​dependabot[bot])
• Bump typescript-eslint from 8.57.0 to 8.57.1 #​2533 (@​dependabot[bot])
• Bump tar from 7.5.7 to 7.5.11 #​2532 (@​dependabot[bot])

Authors: 2

• @​dependabot[bot]
• Rémi (@​remusao)

---

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-advanced-security]

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

• The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
• Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
• You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

[github-actions]

⚠️ Supply Chain Verification Results

⚠️ WARNING

📦 SBOM Summary

• Components: 1483

🔍 Vulnerability Scan

Severity	Count
🔴 Critical	0
🟠 High	2
🟡 Medium	4
🟢 Low	2
Total	8

📎 Artifacts

• SBOM (CycloneDX JSON) and Grype results available in workflow artifacts

---

_{Generated by Supply Chain Verification workflow • View Details}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!