chore(deps): update all non-major dependencies

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@biomejs/biome (source)	^1.7.2 -> ^1.8.3
@types/node (source)	^20.12.7 -> ^20.14.9
@vitest/coverage-v8 (source)	^1.5.3 -> ^1.6.0
eslint (source)	^9.1.1 -> ^9.6.0
h3	^1.11.1 -> ^1.12.0
jiti	^1.21.0 -> ^1.21.6
pnpm (source)	9.0.6 -> 9.4.0
typescript (source)	^5.4.5 -> ^5.5.3
vitest (source)	^1.5.3 -> ^1.6.0

---

Release Notes

biomejs/biome (@​biomejs/biome)

v1.8.3

Compare Source

CLI

Bug fixes

• Fix #​3104 by suppressing node warnings when using biome migrate. Contributed by @​SuperchupuDev

• Force colors to be off when using the GitHub reporter to properly create annotations in GitHub actions (#​3148). Contributed by @​Sec-ant

Parser

Bug fixes

• Implement CSS unicode range. Contributed by @​denbezrukov

Formatter

Bug fixes

• Fix #​3184 CSS formatter converts custom identifiers to lowercase. Contributed by @​denbezrukov
• Fix #​3256 constant crashes when editing css files #​3256. Contributed by @​denbezrukov

Linter

New features

• Add nursery/useDeprecatedReason rule. Contributed by @​vohoanglong0107.
• Add nursery/noExportedImports. Contributed by @​Conaclos

Bug fixes

• useConsistentArrayType and useShorthandArrayType now ignore Array in the extends and implements clauses. Fix #​3247. Contributed by @​Conaclos
• Fixes #​3066 by taking into account the dependencies declared in the package.json. Contributed by @​ematipico
• The code action of the useArrowFunction rule now preserves a trailing comma when there is only a single type parameter in the arrow function and JSX is enabled. Fixes #​3292. Contributed by @​Sec-ant

Enhancements

• Enhance tailwind sorting lint rule #​1274 with variant support.

  Every preconfigured variant is assigned a weight that concurs on establishing the output sorting order. Since nesting variants on the same utility class is possible, the resulting weight is the Bitwise XOR of all the variants weight for that class. Dynamic variants (e.g. has-[.custom-class], group-[:checked]) are also supported and they take the weight of their base variant name the custom value attached (e.g. has-[.custom-class] takes has weight). Arbitrary variants (e.g. [&nth-child(2)]) don't have a weight assigned and they are placed after every known variant. Classes with the same amount of arbitrary variants follow lexicographical order. The class that has the highest number of nested arbitrary variants is placed last. Screen variants (e.g. sm:, max-md:, min-lg:) are not supported yet.

  Contributed by @​lutaok

v1.8.2

Compare Source

CLI

Bug fixes

• Fix #​3201 by correctly injecting the source code of the file when printing the diagnostics. Contributed by @​ematipico
• Fix #​3179 where comma separators are not correctly removed after running biome migrate and thus choke the parser. Contributed by @​Sec-ant
• Fix #​3232 by correctly using the colors set by the user. Contributed by @​ematipico

Enhancement

• Reword the reporter message No fixes needed to No fixes applied.

  The former message is misleading when there're still errors or warnings in the files that should be taken care of manually. For example:

  Checked 2 files in <TIME>. No fixes needed.
  Found 2 errors.
  

  The new message suits better in these cases.

  Contributed by @​Sec-ant

Configuration

Bug fixes

• Don't conceal previous overrides (#​3176).

  Previously, each override inherited the unset configuration of the base configuration. This means that setting a configuration in an override can be concealed by a subsequent override that inherits of the value from the base configuration.

  For example, in the next example, noDebugger was disabled for the index.js file.

  {
    "linter": {
      "rules": {
        "suspicious": { "noDebugger": "off" }
      }
    },
    "overrides": [
      {
        "include": ["index.js"],
        "linter": {
          "rules": {
            "suspicious": { "noDebugger": "warn" }
          }
        }
      }, {
        "include": ["index.js"],
        "linter": {
          "rules": {
            "suspicious": { "noDoubleEquals": "off" }
          }
        }
      }
    ]
  }
  

  The rule is now correctly enabled for the index.js file.

  Contributed by @​Conaclos

Formatter

Bug fixes

• Fix #​3103 by correctly resolving CSS formatter options. Contributed by @​ah-yu
• Fix #​3192 don't add an extra whitespace within :has. Contributed by @​denbezrukov

JavaScript APIs

Bug fixes

• Fix a regression introduced by the release of v1.8.0

Linter

New features

• Add nursery/useValidAutocomplete. Contributed by @​unvalley

Bug fixes

• Add nursery/noShorthandPropertyOverrides. #​2958 Contributed by @​neokidev

• Fix [#​3084] false positive by correctly recognize parenthesized return statement. Contributed by @​unvalley

• useImportExtensions now suggests a correct fix for import '.' and import './.'. Contributed by @​minht11

• Fix useDateNow false positive when new Date object has arguments new Date(0).getTime(). Contributed by @​minht11.

• The noUnmatchableAnbSelector rule is now able to catch unmatchable an+b selectors like 0n+0 or -0n+0. Contributed by @​Sec-ant.

• The useHookAtTopLevel rule now recognizes properties named as hooks like foo.useFoo(). Contributed by @​ksnyder9801

• Fix #​3092, prevent warning for Custom properties (--*). Contributed by @​chansuke

• Fix a false positive in the useLiteralKeys rule. (#​3160)

  This rule now ignores the following kind of computed member name:

  const a = {
    [`line1
    line2`]: true,
  };
  

  Contributed by @​Sec-ant

• The noUnknownProperty rule now ignores the composes property often used in css modules. #​3000 Contributed by @​chansuke

• Fix false positives of the useExhaustiveDependencies rule.

  The component itself is considered stable when it is used recursively inside a hook closure defined inside of it:

  import { useMemo } from "react";
  
  function MyRecursiveComponent() {
    // MyRecursiveComponent is stable, we don't need to add it to the dependencies list.
    const children = useMemo(() => <MyRecursiveComponent />, []);
    return <div>{children}</div>;
  }
  

  Also, export default function and export default class are considered stable now because they can only appear at the top level of a module.

  Contributed by @​Sec-ant

• Fix missing withDefaults macro in vue files for globals variables. Contributed by @​Shyam-Chen

Parser

Bug fixes

• Fix CSS modules settings mapping. Contributed by @​denbezrukov

eslint/eslint (eslint)

v9.6.0

Compare Source

v9.5.0

Compare Source

unjs/h3 (h3)

v1.12.0

Compare Source

compare changes

🚀 Enhancements

• Improve typed headers (#​625)
• Export event-stream types (112fa33)

🩹 Fixes

• getRequestUrl: Forward opts to getRequestProtocol (#​776)
• readRawBody: Read chunked body (#​652)
• proxy: Better error when upstream proxy fails (#​746)
• node: Make sure onBeforeResponse and onAfterResponse are called with error code (#​756)
• sse: Prevent onClosed from firing twice in EventStream (#​704)
• plain: Avoid import from unenv internals (#​781)

💅 Refactors

• session: Remove unnecessary async for clear (#​729)
• Update unenv import (76736ea)

📖 Documentation

• Fix typo (#​699)
• Fix typo (#​707)
• Fix typo (#​712)
• Fix typo (#​730)
• Fix typo (#​732)
• Remove extra space (#​718)
• Add semi (#​710)
• event-handler: Fix typo (#​684)
• Add jsdoc examples for response utils (#​677)
• Add note for getRequestIP return value (#​726)
• Fix session example (#​702)
• Add jsdoc examples for request utils (#​680)
• Fix typo (#​734)
• Correct zod validation example (#​735)
• Fix typos (#​738)
• Fix typo (#​758)
• Add usage example for handleCors (#​747)
• Fix typo for text/html content-type (#​764)
• Update mogen example to use combined log format (#​771)
• Fix typo for plain adapter example (#​766)
• examples: Add cors example (#​700)
• Fix respondWith event object (#​775)
• Provide async for request body (#​777)
• error-handling: Add string vs object errors and update createError jsdoc (#​762)

🏡 Chore

• Fix lint issue (107ec8e)
• Update deps (9777596)
• docs: Remove unnecessary asterisks (#​724)
• Update eslint (8ffe898)
• docs: Lint bun and deno page (#​678)
• Fix typos (23d9047)
• Remove duplicate test (53ee4fd)
• Apply automated updates (617c8cb)
• Update dependencies (1776ac4)
• Lint (5af045b)
• Update supertest to v7 (44db181)
• Fix typos (#​772)
• Apply automated updates (3249ca7)
• Prepare v1 branch (9cb2537)

🤖 CI

• Remove node 16 from test matrix (458cfac)

❤️ Contributors

• Pooya Parsa (@​pi0)
• Joshua Sosso (@​joshmossas)
• Yusuf Mansur Özer [email protected]
• Daniel Slepov [email protected]
• Alexander Lichter (@​manniL)
• Haruaki OTAKE [email protected]
• @​beer (@​iiio2)
• Sébastien Chopin [email protected]
• Michael Brevard <yonshi29@​gmail.com>
• Matthias Zaunseder [email protected]
• Torsten Dittmann [email protected]
• Guten [email protected]
• JoLo (@​jolo-dev)
• Xjccc (@​xjccc)
• Nozomu Ikuta (@​NozomuIkuta)
• Dog (@​dgxo)
• Israel Ortuño [email protected]
• Eckhardt (Kaizen) Dreyer [email protected]
• Estéban (@​Barbapapazes)
• Mathieu Derelle [email protected]
• Deth [email protected]
• Michel Edighoffer [email protected]
• Evgenii Troinov
• Kongmoumou (@​kongmoumou)
• Remonke (@​remonke)
• Shyam Chen <shyamchen1994@​gmail.com>
• KobZ (@​devseckobz)
• _lmmmmmm <lmmmmmm12138@​gmail.com>
• Vladimir Kutepov (@​frenzzy)

pnpm/pnpm (pnpm)

v9.4.0

Compare Source

v9.3.0

Compare Source

Minor Changes

• Semi-breaking. Dependency key names in the lockfile are shortened if they are longer than 1000 characters. We don't expect this change to affect many users. Affected users most probably can't run install successfully at the moment. This change is required to fix some edge cases in which installation fails with an out-of-memory error or "Invalid string length (RangeError: Invalid string length)" error. The max allowed length of the dependency key can be controlled with the peers-suffix-max-length setting #​8177.

Patch Changes

• Set reporter-hide-prefix to true by default for pnpm exec. In order to show prefix, the user now has to explicitly set reporter-hide-prefix=false #​8174.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v9.2.0

Compare Source

Minor Changes

• If package-manager-strict-version is set to true, pnpm will fail if its version doesn't exactly match the version in the "packageManager" field of package.json.

Patch Changes

• Update @yarnpkg/pnp to the latest version, fixing issue with node: imports #​8161.
• Deduplicate bin names to prevent race condition and corrupted bin scripts #​7833.
• pnpm doesn't fail if its version doesn't match the one specified in the "packageManager" field of package.json #​8087.
• exec now also streams prefixed output when --recursive or --parallel is specified just as run does #​8065.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v9.1.4

Compare Source

v9.1.3

Compare Source

v9.1.2

Compare Source

Patch Changes

• Reduced memory usage during peer dependencies resolution #​8084.
• Details in the pnpm licenses output are not misplaced anymore #​8071.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v9.1.1

Compare Source

v9.1.0

Compare Source

Microsoft/TypeScript (typescript)

v5.5.3

Compare Source

v5.5.2

Compare Source

---

Configuration

📅 Schedule: Branch creation - "after 2am and before 3am" (UTC), Automerge - "after 1am and before 2am" (UTC).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.