Skip to content

deps(dev): bump the npm-tooling group across 1 directory with 5 updates#87

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm-tooling-e88bd7e596
Open

deps(dev): bump the npm-tooling group across 1 directory with 5 updates#87
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm-tooling-e88bd7e596

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2026

Bumps the npm-tooling group with 5 updates in the / directory:

Package From To
@biomejs/biome 2.3.11 2.4.5
@changesets/cli 2.29.8 2.30.0
@turbo/gen 2.7.2 2.8.13
lefthook 2.0.13 2.1.2
turbo 2.7.2 2.8.13

Updates @biomejs/biome from 2.3.11 to 2.4.5

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.5

2.4.5

Patch Changes

  • #9185 e43e730 Thanks @​dyc3! - Added the nursery rule useVueScopedStyles for Vue SFCs. This rule enforces that <style> blocks have the scoped attribute (or module for CSS Modules), preventing style leakage and conflicts between components.

  • #9184 49c8fde Thanks @​chocky335! - Improved plugin performance by batching all plugins into a single syntax visitor with a kind-to-plugin lookup map, reducing per-node dispatch overhead from O(N) to O(1) where N is the number of plugins.

  • #9283 071c700 Thanks @​dyc3! - Fixed noUndeclaredVariables erroneously flagging functions and variables defined in the <script setup> section of Vue SFCs.

  • #9221 4612133 Thanks @​ematipico! - Fixed an issue where the JSON reporter didn't contain the duration of the command.

  • #9294 1805c8f Thanks @​Netail! - Extra rule source reference. biome migrate eslint should do a bit better detecting rules in your eslint configurations.

  • #9178 101b3bb Thanks @​Bertie690! - Fixed #9172 and #9168: Biome now considers more constructs as valid test assertions.

    Previously, assert, expectTypeOf and assertType were not recognized as valid assertions by Biome's linting rules, producing false positives in lint/nursery/useExpect and other similar rules.

    Now, these rules will no longer produce errors in test cases that used these constructs instead of expect:

    import { expectTypeOf, assert, assertType } from "vitest";
const myStr = "Hello from vitest!";
it("should be a string", () => {
expectTypeOf(myStr).toBeString();
});
test("should still be a string", () => {
assertType<string>(myStr);
});
it.todo("should still still be a string", () => {
assert(typeof myStr === "string");
});

  • #9173 32dad2d Thanks @​dyc3! - Added parsing support for Svelte's new comments-in-tags feature.

    The HTML parser will now accept JS style comments in tags in Svelte files.

    <button
  // single-line comment
  onclick={doTheThing}
>click me</button>
<div

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.5

Patch Changes

  • #9185 e43e730 Thanks @​dyc3! - Added the nursery rule useVueScopedStyles for Vue SFCs. This rule enforces that <style> blocks have the scoped attribute (or module for CSS Modules), preventing style leakage and conflicts between components.

  • #9184 49c8fde Thanks @​chocky335! - Improved plugin performance by batching all plugins into a single syntax visitor with a kind-to-plugin lookup map, reducing per-node dispatch overhead from O(N) to O(1) where N is the number of plugins.

  • #9283 071c700 Thanks @​dyc3! - Fixed noUndeclaredVariables erroneously flagging functions and variables defined in the <script setup> section of Vue SFCs.

  • #9221 4612133 Thanks @​ematipico! - Fixed an issue where the JSON reporter didn't contain the duration of the command.

  • #9294 1805c8f Thanks @​Netail! - Extra rule source reference. biome migrate eslint should do a bit better detecting rules in your eslint configurations.

  • #9178 101b3bb Thanks @​Bertie690! - Fixed #9172 and #9168: Biome now considers more constructs as valid test assertions.

    Previously, assert, expectTypeOf and assertType were not recognized as valid assertions by Biome's linting rules, producing false positives in lint/nursery/useExpect and other similar rules.

    Now, these rules will no longer produce errors in test cases that used these constructs instead of expect:

    import { expectTypeOf, assert, assertType } from "vitest";
const myStr = "Hello from vitest!";
it("should be a string", () => {
expectTypeOf(myStr).toBeString();
});
test("should still be a string", () => {
assertType<string>(myStr);
});
it.todo("should still still be a string", () => {
assert(typeof myStr === "string");
});

  • #9173 32dad2d Thanks @​dyc3! - Added parsing support for Svelte's new comments-in-tags feature.

    The HTML parser will now accept JS style comments in tags in Svelte files.

    <button
  // single-line comment
  onclick={doTheThing}
>click me</button>
<div
/* block comment */
class="foo"

... (truncated)

Commits

Updates @changesets/cli from 2.29.8 to 2.30.0

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.30.0

Minor Changes

  • #1840 057cca2 Thanks @​wotan-allfather! - Add --since flag to add command

    The add command now supports a --since flag that allows you to specify which branch, tag, or git ref to use when detecting changed packages. This is useful for gitflow workflows where you have multiple target branches and the baseBranch config option doesn't cover all use cases.

    Example: changeset add --since=develop

    If not provided, the command falls back to the baseBranch value in your .changeset/config.json.

  • #1845 2b4a66a Thanks @​Andarist! - Delegate OTP prompting to the package manager instead of handling it in-process. This allows Changesets to use the package manager's native web auth support.

  • #1774 667fe5a Thanks @​bluwy! - Support importing custom commit option ES module. Previously, it used require() which only worked for CJS modules, however now it uses import() which supports both CJS and ES modules.

  • #1839 73b1809 Thanks @​leochiu-a! - Add a --message (-m) flag to changeset add (and default changeset) so the changeset summary can be provided from the command line. When --message is present, the summary prompt is skipped while the final confirmation step is kept.

  • #1806 0e8e01e Thanks @​luisadame! - Changeset CLI can now be run from the nested directories in the project, where the .changeset directory has to be found in one of the parent directories

Patch Changes

  • #1849 9dc3230 Thanks @​Andarist! - Compute the terminal's size lazily to avoid spurious stderr output in non-interactive mode

  • #1857 2a73025 Thanks @​mixelburg! - Fix confusing prompt labels when entering changeset summary after external editor fallback

  • #1842 6df3a5e Thanks @​RodrigoHamuy! - Allow private packages to depend on skipped packages without requiring them to also be skipped. Private packages are not published to npm, so it is safe for them to have dependencies on ignored or unversioned packages.

  • #1776 503fcaa Thanks @​bluwy! - Support absolute paths in changeset status --output <path>

  • Updated dependencies [667fe5a, 1772598, b6f4c74, 6df3a5e, 6df3a5e, 27fd8f4]:

    • @​changesets/apply-release-plan@​7.1.0
    • @​changesets/config@​3.1.3
    • @​changesets/get-release-plan@​4.0.15
    • @​changesets/read@​0.6.7
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​changesets/cli since your current version.


Updates @turbo/gen from 2.7.2 to 2.8.13

Release notes

Sourced from @​turbo/gen's releases.

Turborepo v2.8.13

What's Changed

@​turbo/repository

Examples

Changelog

... (truncated)

Commits

Updates lefthook from 2.0.13 to 2.1.2

Release notes

Sourced from lefthook's releases.

v2.1.2

Changelog

  • 737a6f71589e6a2e6f704be4d6c485d473c25b69 ci: freeze docmd (#1327)
  • 6fb8e50d09202a71683fd0c160ba9458d0fe38be feat: introduce setup hook option (#1326)
  • 246f1c99f02be680a8ce24c9d880f2570d25b212 fix: rollback auto-staged changes if unwanted changes detected (#1251)
  • af21ce3978a6a9ab79cdc8150e515d4dcd15434d pkg(pypi): fix python packages publishing
  • 52c5d93b452c67490b8aa7488761ad19a098fb33 refactor: recovering logic for changesets (#1324)

v2.1.1

Changelog

  • beae38f0e4f132d685247310116464a50ac6a11b chore: reduce verbosity of hints in lefthook install (#1303)
  • 59c72606e76f6ca42cc5989a28ed79f42cf0d5a7 ci: fix publishing to PyPi
  • b6cdb2ed9778561860b244df033c73af23ef0291 docs(install): add missing /v2 suffix for go get -tool (#1304)
  • 47b48679bf1af27633902fa4d1098cf79547bcfd fix: reset colors on config read (#1309)

v2.1.0

Changelog

  • 6cb576e73621d7b263094663c64827ab96e271ae chore: fancy wording and indentation for hits
  • 9ace994a09c6a642a1be7df8fe11586f72827bfe ci: skip Python publishing
  • 47b8f5c06f19db0ba26a6283579238248e995bfe feat: allow installing non-git hooks (#1301)
  • ec7e8e18afc0d5c002d761f937ae5db84dddb6e0 feat: check core.hooksPath when lefthook install (#1292)

v2.0.16

Changelog

  • 432efde268b98e5874281d7ca3cb16306bcdd04a chore(golangci-lint): upgrade to 2.8.0 (#1278)
  • 130855b6a576799afcd1d32f7ab4e1e286ef69d1 chore: timeout cleanup (#1297)
  • 4217025c2fef2caa2abe334ef2beeabeca3d7e05 deps: January 2026 (#1285)
  • 272b59b38c50e948602e28c363c39a6e33936f43 docs(remotes): elaborate on when to refetch and failure mode (#1287)
  • e6adbbaf0b12e6cbe72e95e9e482617d0b4ac36c feat: add timeout argument (#1263)
  • a50fcff10df9ccc0afa0c4c7236d1b48b4215f93 fix(jsonschema): accept string in file_types (#1288)
  • 8b88796491706f4c897b26d289d429988c4be411 fix: try reading direct file instead of all remotes (#1243)
  • 7c6b73327162b93661ad59fe6705ccbfd4beefc1 perf!: skip ghost hook when hooks are already configured (#1255)
  • 2096d4c72b96fbdebb6792b6fec141b6eeb1480b pkg: pack one binary per platform into python wheels (#1181)

v2.0.15

Changelog

  • f8dc321dd3ed3b7bdcad622a4011a268a63451e3 feat: skip scripts if args given with empty file template (#1277)

v2.0.14

Changelog

  • 037fcdca819684123dc1c62df1d14f4402b1e245 deps: December 2025 (#1209)
  • e80f8927482b638bcd068136d3624d5adc83f0b2 deps: switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#1261)
  • 87350d63c401c47b9260d0023c7640e3885e0202 feat: add jsonc support (#1274)
  • 882159f29f83b1f4f175ed5116ac48c631639deb fix: don't install custom hooks to hooks dir (#1246)
  • 2bcab48ec33b2bf57e1a981734a73be4ea0a10ed fix: skip if any files template is empty (#1275)
Changelog

Sourced from lefthook's changelog.

2.1.2 (2026-03-01)

2.1.1 (2026-02-12)

2.1.0 (2026-02-03)

2.0.16 (2026-01-27)

2.0.15 (2026-01-13)

2.0.14 (2026-01-12)

Commits
  • 7dfb4bf 2.1.2: introduce setup option, restore unstaged changes after fail
  • 6fb8e50 feat: introduce setup hook option (#1326)
  • 737a6f7 ci: freeze docmd (#1327)
  • 683a0e5 docs: update the first page and callouts
  • 52c5d93 refactor: recovering logic for changesets (#1324)
  • 306b648 docs: fix broken links
  • 9173dc9 docs: keep footer in the bottom
  • 246f1c9 fix: rollback auto-staged changes if unwanted changes detected (#1251)
  • c1534f5 docs: improve docs ui (#1323)
  • 642b693 docs: additional skip example and note about reinstallation (#1319)
  • Additional commits viewable in compare view

Updates turbo from 2.7.2 to 2.8.13

Release notes

Sourced from turbo's releases.

Turborepo v2.8.13

What's Changed

@​turbo/repository

Examples

Changelog

... (truncated)

Commits
  • 0c5af8f publish 2.8.13 to registry
  • 3d6ab7f ci: Use base Windows runners for Rust test partitions (#12131)
  • 421f198 release(turborepo): 2.8.13-canary.17 (#12132)
  • 5cac526 ci: Optimize Rust caching in CI pipelines (#12130)
  • 8579ddd fix: Correct dependency iteration order so dependencies takes precedence ov...
  • 42f8e2f release(turborepo): 2.8.13-canary.16 (#12128)
  • a6481f8 fix: Omit None otel fields during turbo prune serialization (#12126)
  • 2a72aed release(turborepo): 2.8.13-canary.15 (#12127)
  • 92018dc fix: Microfrontends merges with into root config instead of replacing it (#...
  • 09d6daa fix: Stabilize flaky watch_file_change_reruns_affected_package test (#12123)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(dev): bump the npm-tooling group across 1 directory with 5 updates
61fe766 
Bumps the npm-tooling group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.3.11` | `2.4.5` |
| [@changesets/cli](https://github.com/changesets/changesets) | `2.29.8` | `2.30.0` |
| [@turbo/gen](https://github.com/vercel/turborepo/tree/HEAD/packages/turbo-gen) | `2.7.2` | `2.8.13` |
| [lefthook](https://github.com/evilmartians/lefthook) | `2.0.13` | `2.1.2` |
| [turbo](https://github.com/vercel/turborepo) | `2.7.2` | `2.8.13` |



Updates `@biomejs/biome` from 2.3.11 to 2.4.5
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.5/packages/@biomejs/biome)

Updates `@changesets/cli` from 2.29.8 to 2.30.0
- [Release notes](https://github.com/changesets/changesets/releases)
- [Commits](https://github.com/changesets/changesets/commits/@changesets/cli@2.30.0)

Updates `@turbo/gen` from 2.7.2 to 2.8.13
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](https://github.com/vercel/turborepo/commits/v2.8.13/packages/turbo-gen)

Updates `lefthook` from 2.0.13 to 2.1.2
- [Release notes](https://github.com/evilmartians/lefthook/releases)
- [Changelog](https://github.com/evilmartians/lefthook/blob/master/CHANGELOG.md)
- [Commits](evilmartians/lefthook@v2.0.13...v2.1.2)

Updates `turbo` from 2.7.2 to 2.8.13
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.7.2...v2.8.13)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.4.5
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-tooling
- dependency-name: "@changesets/cli"
  dependency-version: 2.30.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-tooling
- dependency-name: "@turbo/gen"
  dependency-version: 2.8.13
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-tooling
- dependency-name: lefthook
  dependency-version: 2.1.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-tooling
- dependency-name: turbo
  dependency-version: 2.8.13
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-tooling
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 4, 2026

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants