Skip to content

build(deps-dev): bump the typescript-tooling group across 1 directory with 2 updates#42

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/typescript-tooling-9b99142008
Closed

build(deps-dev): bump the typescript-tooling group across 1 directory with 2 updates#42
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/typescript-tooling-9b99142008

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github Apr 29, 2026
edited
Loading

Bumps the typescript-tooling group with 2 updates in the / directory: @biomejs/biome and @types/node.

Updates @biomejs/biome from 2.4.12 to 2.4.13

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.13

2.4.13

Patch Changes

  • #9969 c5eb92b Thanks @​officialasishkumar! - Added the nursery rule noUnnecessaryTemplateExpression, which disallows template literals that only contain string literal expressions. These can be replaced with a simpler string literal.

    For example, the following code triggers the rule:

    const a = `${"hello"}`; // can be 'hello'
const b = `${"prefix"}_suffix`; // can be 'prefix_suffix'
const c = `${"a"}${"b"}`; // can be 'ab'

  • #10037 f785e8c Thanks @​minseong0324! - Fixed #9810: noMisleadingReturnType no longer reports false positives on a getter with a matching setter in the same namespace.

    class Store {
  get status(): string {
    if (Math.random() > 0.5) return "loading";
    return "idle";
  }
  set status(v: string) {}
}

  • #10084 5e2f90c Thanks @​jiwon79! - Fixed #10034: noUselessEscapeInRegex no longer flags escapes of ClassSetReservedPunctuator characters (&, !, #, %, ,, :, ;, <, =, >, @, `, ~) inside v-flag character classes as useless. These characters are reserved as individual code points in v-mode, so the escape is required.

    The following pattern is now considered valid:

    /[a-z\&]/v;

  • #10063 c9ffa16 Thanks @​Netail! - Added extra rule sources from ESLint CSS. biome migrate eslint should do a bit better detecting rules in your eslint configurations.

  • #10035 946b50e Thanks @​Netail! - Fixed #10032: useIframeSandbox now flags if there's no initializer value.

  • #9865 68fb8d4 Thanks @​dyc3! - Added the new nursery rule useDomNodeTextContent, which prefers textContent over innerText for DOM node text access and destructuring.

    For example, the following snippet triggers the rule:

    const foo = node.innerText;

  • #10023 bd1e74f Thanks @​ematipico! - Added a new nursery rule noReactNativeDeepImports that disallows deep imports from the react-native package. Internal paths like react-native/Libraries/... are not part of the public API and may change between versions.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.13

Patch Changes

  • #9969 c5eb92b Thanks @​officialasishkumar! - Added the nursery rule noUnnecessaryTemplateExpression, which disallows template literals that only contain string literal expressions. These can be replaced with a simpler string literal.

    For example, the following code triggers the rule:

    const a = `${"hello"}`; // can be 'hello'
const b = `${"prefix"}_suffix`; // can be 'prefix_suffix'
const c = `${"a"}${"b"}`; // can be 'ab'

  • #10037 f785e8c Thanks @​minseong0324! - Fixed #9810: noMisleadingReturnType no longer reports false positives on a getter with a matching setter in the same namespace.

    class Store {
  get status(): string {
    if (Math.random() > 0.5) return "loading";
    return "idle";
  }
  set status(v: string) {}
}

  • #10084 5e2f90c Thanks @​jiwon79! - Fixed #10034: noUselessEscapeInRegex no longer flags escapes of ClassSetReservedPunctuator characters (&, !, #, %, ,, :, ;, <, =, >, @, `, ~) inside v-flag character classes as useless. These characters are reserved as individual code points in v-mode, so the escape is required.

    The following pattern is now considered valid:

    /[a-z\&]/v;

  • #10063 c9ffa16 Thanks @​Netail! - Added extra rule sources from ESLint CSS. biome migrate eslint should do a bit better detecting rules in your eslint configurations.

  • #10035 946b50e Thanks @​Netail! - Fixed #10032: useIframeSandbox now flags if there's no initializer value.

  • #9865 68fb8d4 Thanks @​dyc3! - Added the new nursery rule useDomNodeTextContent, which prefers textContent over innerText for DOM node text access and destructuring.

    For example, the following snippet triggers the rule:

    const foo = node.innerText;

  • #10023 bd1e74f Thanks @​ematipico! - Added a new nursery rule noReactNativeDeepImports that disallows deep imports from the react-native package. Internal paths like react-native/Libraries/... are not part of the public API and may change between versions.

    For example, the following code triggers the rule:

... (truncated)

Commits

Updates @types/node from 24.12.2 to 25.6.0

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 29, 2026
@dependabot dependabot Bot changed the title build(deps-dev): bump the typescript-tooling group with 2 updates build(deps-dev): bump the typescript-tooling group across 1 directory with 2 updates Apr 30, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/typescript-tooling-9b99142008 branch 3 times, most recently from 18535c7 to 5aa3cc8 Compare April 30, 2026 18:11
@dependabot
build(deps-dev): bump the typescript-tooling group across 1 directory…
c846b91 
… with 2 updates

Bumps the typescript-tooling group with 2 updates in the / directory: [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) and [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@biomejs/biome` from 2.4.12 to 2.4.13
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.13/packages/@biomejs/biome)

Updates `@types/node` from 24.12.2 to 25.6.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.4.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: typescript-tooling
- dependency-name: "@types/node"
  dependency-version: 25.6.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: typescript-tooling
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/typescript-tooling-9b99142008 branch from 5aa3cc8 to c846b91 Compare April 30, 2026 21:17
@theagenticguy theagenticguy mentioned this pull request Apr 30, 2026
Merged
5 tasks
@theagenticguy
Copy link
Copy Markdown
Owner

theagenticguy commented Apr 30, 2026

Superseded by #51, which consolidates this bump with 11 other open dependabot PRs so they land in a single CI cycle.

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github Apr 30, 2026

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/typescript-tooling-9b99142008 branch April 30, 2026 22:47
theagenticguy added a commit that referenced this pull request Apr 30, 2026
@theagenticguy
build(deps): consolidate 12 dependabot bumps (#51)
283c2be 
## Summary

Consolidates all 12 open dependabot PRs into a single branch so they can
land together with one CI cycle.

### npm deps
- `@aws-sdk/client-bedrock-runtime` 3.1035.0 → 3.1040.0 — closes #50
- `@commitlint/cli` 20.5.0 → 20.5.3 — closes #49
- `fast-xml-parser` 5.7.1 → 5.7.2 — closes #48
- `sharp` ^0.34.1 → ^0.34.5 — closes #47
- `astro` ^6.1.9 → ^6.2.1 — closes #46
- `ts-morph` ^25.0.1 → ^28.0.0 — closes #45
- `@bufbuild/protobuf` 2.11.0 → 2.12.0 — closes #44
- `ajv` 8.18.0 → 8.20.0 — closes #43
- typescript-tooling group (`@biomejs/biome` 2.4.12 → 2.4.13,
`@types/node` 24.12.2 → 25.6.0) — closes #42

### GitHub Actions
- `actions/cache` v4 → v5 — closes #41
- `googleapis/release-please-action` v4 → v5 — closes #40
- `actions/github-script` v7 → v9 — closes #39

### Drive-by fixes
- Bump `biome.json` `$schema` URL to 2.4.13 to match the new CLI
version.
- Remove `.gitnexus` from `.gitignore` — it was tripping the
banned-strings guardrail (added in b848c2f) and blocking every local
commit via lefthook.

## Test plan
- [x] `pnpm install` — no peer warnings introduced beyond those already
present on main
- [x] `pnpm run build` — all 15 packages build
- [x] `pnpm run typecheck` — clean
- [x] `pnpm -r test` — 1627 pass, 0 fail across all packages
- [x] lefthook pre-commit (biome + banned-strings) passes

Does NOT touch the `pnpm.onlyBuiltDependencies` list — verified by diff,
because prior sessions saw `pnpm approve-builds` destructively rewrite
it.
theagenticguy added a commit that referenced this pull request May 1, 2026
@theagenticguy
build(deps): consolidate 12 dependabot bumps (#51)
d2958f2 
## Summary

Consolidates all 12 open dependabot PRs into a single branch so they can
land together with one CI cycle.

### npm deps
- `@aws-sdk/client-bedrock-runtime` 3.1035.0 → 3.1040.0 — closes #50
- `@commitlint/cli` 20.5.0 → 20.5.3 — closes #49
- `fast-xml-parser` 5.7.1 → 5.7.2 — closes #48
- `sharp` ^0.34.1 → ^0.34.5 — closes #47
- `astro` ^6.1.9 → ^6.2.1 — closes #46
- `ts-morph` ^25.0.1 → ^28.0.0 — closes #45
- `@bufbuild/protobuf` 2.11.0 → 2.12.0 — closes #44
- `ajv` 8.18.0 → 8.20.0 — closes #43
- typescript-tooling group (`@biomejs/biome` 2.4.12 → 2.4.13,
`@types/node` 24.12.2 → 25.6.0) — closes #42

### GitHub Actions
- `actions/cache` v4 → v5 — closes #41
- `googleapis/release-please-action` v4 → v5 — closes #40
- `actions/github-script` v7 → v9 — closes #39

### Drive-by fixes
- Bump `biome.json` `$schema` URL to 2.4.13 to match the new CLI
version.

## Test plan
- [x] `pnpm install` — no peer warnings introduced beyond those already
present on main
- [x] `pnpm run build` — all 15 packages build
- [x] `pnpm run typecheck` — clean
- [x] `pnpm -r test` — 1627 pass, 0 fail across all packages
- [x] lefthook pre-commit (biome + banned-strings) passes

Does NOT touch the `pnpm.onlyBuiltDependencies` list — verified by diff,
because prior sessions saw `pnpm approve-builds` destructively rewrite
it.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@theagenticguy