build(deps): bump the npm-dependencies group across 1 directory with 14 updates

[dependabot]

Bumps the npm-dependencies group with 14 updates in the / directory:

Package	From	To
@biomejs/biome	2.4.16	2.5.0
@types/node	25.9.2	25.9.3
@vitest/coverage-v8	4.1.8	4.1.9
eslint	10.4.1	10.5.0
eslint-plugin-n	18.0.1	18.1.0
eslint-plugin-unicorn	65.0.0	67.0.0
prettier	3.8.3	3.8.4
typescript-eslint	8.60.1	8.61.1
vitest	4.1.8	4.1.9
better-sqlite3	12.10.0	12.11.1
hono	4.12.24	4.12.25
@opentelemetry/resources	2.7.1	2.8.0
@opentelemetry/sdk-trace-base	2.7.1	2.8.0
@opentelemetry/sdk-trace-node	2.7.1	2.8.0

Updates @biomejs/biome from 2.4.16 to 2.5.0

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.0

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

  /* styles.css — .ghost is never used in any importing file */

... (truncated)

Commits

• c0b9832 ci: release (#10499)
• 995c1ff feat(lint): add useFunctionComponentDefinition rule (#10498)
• 311c2b2 fix(biome_configuration): avoid Markdown links in JSON schema descriptions (#...
• 04c3f19 fix: docs and readme (#10584)
• 961f41c refactor(useExportType): improve docs and code (#10569)
• 78075b7 feat(useExportType): add style option (#10561)
• 6642895 feat: rule promotion for v2.5 (#10562)
• 9a5855e feat: noRestrictedDependencies (#10467)
• 608a62f Merge branch 'main' into chore/merge-main-into-next
• 0f29b83 feat(linter): implement useIncludes rule (#10516)
• Additional commits viewable in compare view

Updates @types/node from 25.9.2 to 25.9.3

Commits

• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.8 to 4.1.9

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.9

🐞 Bug Fixes

• Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in vitest-dev/vitest#10546 (a5180)
• browser:
  • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10555 (7fb29)
  • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10497 and vitest-dev/vitest#10556 (fbc62)
• mocker:
  • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in vitest-dev/vitest#10548 (2c955)
• pool:
  • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in vitest-dev/vitest#10543 and vitest-dev/vitest#10564 (934b0)

View changes on GitHub

Commits

• a7a61e7 chore: release v4.1.9 (#10598)
• See full diff in compare view

Updates eslint from 10.4.1 to 10.5.0

Release notes

Sourced from eslint's releases.

v10.5.0

Features

• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)
• b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)
• f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)
• bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)
• c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

• 8ae1b5b docs: Update README (GitHub Actions Bot)
• ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962) (Francesco Trotta)
• f99b47a docs: Update README (GitHub Actions Bot)
• acf03d4 docs: clarify precedence of parserOptions over languageOptions (#20926) (sethamus)

Chores

• b18bf58 chore: update ecosystem plugins (#20959) (ESLint Bot)
• c2d1444 refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (#20951) (Taejin Kim)
• 243b8c5 chore: enhance config-rule to support oneOf, anyOf, and nested schemas (#20788) (kuldeep kumar)
• 217b2a9 test: add unit tests for ParserService (#20949) (Taejin Kim)
• 72003e7 test: add location information to error messages in max-statements (#20945) (lumir)
• 7797c26 refactor: deduplicate isAnySegmentReachable across rules (#20890) (Taejin Kim)
• 67c46fa chore: update ecosystem plugins (#20938) (ESLint Bot)
• 95d8c7a chore: update dependency @​eslint/json to v2 (#20934) (renovate[bot])
• cf9e496 chore: update @​arethetypeswrong/cli to 0.18.3 (#20933) (Pixel998)
• fb6d396 test: run type tests with TypeScript 7 (#20868) (sethamus)

Commits

• de3b672 10.5.0
• 362a518 Build: changelog update for 10.5.0
• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973)
• b565783 feat: report no-with violations at the with keyword (#20971)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967)
• f9c138a feat: report max-depth violations on keywords (#20943)
• 8ae1b5b docs: Update README
• ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962)
• b18bf58 chore: update ecosystem plugins (#20959)
• Additional commits viewable in compare view

Updates eslint-plugin-n from 18.0.1 to 18.1.0

Release notes

Sourced from eslint-plugin-n's releases.

v18.1.0

18.1.0 (2026-06-08)

🌟 Features

• Allow workspace root dependencies for no-extraneous-import (#536) (fd4f84e)
• support devEngines.runtime from package.json (#530) (9ef3c32)

🩹 Fixes

• Allow leading forwardslash in package.json "files" field (#534) (#535) (5fde036)
• no-extraneous-import for type-only @​types dependencies (#533) (63a90ef)
• prefer-promises/fs: add missing fs.promises APIs (cp, glob, lutimes, opendir, rm, statfs) (#532) (75fbe34)

📚 Documentation

• fix usage in README.md (c1b1b84)
• Update online playground link in README (058916a)

Changelog

Sourced from eslint-plugin-n's changelog.

18.1.0 (2026-06-08)

🌟 Features

• Allow workspace root dependencies for no-extraneous-import (#536) (fd4f84e)
• support devEngines.runtime from package.json (#530) (9ef3c32)

🩹 Fixes

• Allow leading forwardslash in package.json "files" field (#534) (#535) (5fde036)
• no-extraneous-import for type-only @​types dependencies (#533) (63a90ef)
• prefer-promises/fs: add missing fs.promises APIs (cp, glob, lutimes, opendir, rm, statfs) (#532) (75fbe34)

📚 Documentation

• fix usage in README.md (c1b1b84)
• Update online playground link in README (058916a)

Commits

• fc70bdf chore(master): release 18.1.0 (#528)
• fd4f84e feat: Allow workspace root dependencies for no-extraneous-import (#536)
• 5fde036 fix: Allow leading forwardslash in package.json "files" field (#534) (#535)
• 63a90ef fix: no-extraneous-import for type-only @​types dependencies (#533)
• 75fbe34 fix(prefer-promises/fs): add missing fs.promises APIs (cp, glob, lutimes, ope...
• 058916a docs: Update online playground link in README
• 9ef3c32 feat: support devEngines.runtime from package.json (#530)
• c1b1b84 docs: fix usage in README.md
• See full diff in compare view

Updates eslint-plugin-unicorn from 65.0.0 to 67.0.0

Release notes

Sourced from eslint-plugin-unicorn's releases.

v67.0.0

New rules

• consistent-boolean-name (#3237) 8be0920c
• logical-assignment-operators (#3246) 7046694f
• no-array-splice (#3235) d1143a97
• no-invalid-argument-count (#3243) ec091a9a
• no-non-function-verb-prefix (#3242) 5c32dd08
• no-top-level-assignment-in-function (#3234) e5ff6671
• no-uncalled-method (#3231) f65ac01e
• no-unreadable-for-of-expression (#3248) a8c7f899
• no-useless-coercion (#3283) 3c769225
• no-useless-continue (#3276) 5fd7d253
• no-useless-override (#3271) f5032896
• operator-assignment (#3249) 65ef58c5
• prefer-array-slice (#3233) d9bce201
• prefer-else-if (#3232) 98c2c2e2
• prefer-has-check (#3250) a8d380d5
• prefer-map-from-entries (#3255) 01c0f82f

Improvements

• no-unreadable-new-expression: Remove from recommended preset (#3285) c9f452e8
• comment-content: Remove from recommended preset (#3269) 21cce8b7
• comment-content: Add checkUniformCase option (#3269) 21cce8b7
• consistent-class-member-order: Group static methods with other static members (#3239) 8f4de024
• consistent-class-member-order: Improve error message (#3264) 47f9f21e
• dom-node-dataset: Flag .dataset assigned to a variable with preferAttributes (#3268) 79198cc5
• no-array-reduce: Suggest Math.sumPrecise() for sum reduces (#3261) 081936dc
• no-return-array-push: Disallow using push() and unshift() return values (#3244) d9ea7abf
• no-unreadable-array-destructuring: Disallow property targets (#3245) 8b503594
• no-unreadable-object-destructuring: Disallow property targets (#3245) 8b503594
• no-useless-fallback-in-spread: Add checkTernary option (#3284) b2496fca
• prefer-logical-operator-over-ternary: Improve nullish ternary detection (#3240) 4014a1ec
• prefer-minimal-ternary: Add checkComputedMemberAccess option (#3241) cf4c014f
• prefer-scoped-selector: Only apply to combined selectors (#3263) d715bad9
• prefer-scoped-selector: Report partially-scoped selector lists (#3259) cf88cddb
• prefer-type-literal-last: Keep null and undefined last (#3281) f6a9dce6
• no-array-callback-reference: Harden the rule (#3230) dcc0cf87
• no-declarations-before-early-exit: Harden side-effect detection (#3238) 1bad677e
• no-declarations-before-early-exit: Ignore React hook calls (#3280) de47dcec
• comment-content: Skip non-prose comments (#3236) 9c85b1f5
• no-empty-file: Don't report non-empty files parsed by a plain-text parser (#3270) 3b8b9a42
• no-unsafe-property-key: Don't flag unique symbol keys (#3278) 3fa567e7
• no-unsafe-property-key: Ignore template literal types (#3247) b8d96020

---

sindresorhus/eslint-plugin-unicorn@v66.0.0...v67.0.0

... (truncated)

Commits

• 9071c96 67.0.0
• c9f452e no-unreadable-new-expression: Remove from recommended preset (#3285)
• b2496fc no-useless-fallback-in-spread: Add checkTernary option (#3284)
• 3c76922 Add no-useless-coercion rule (#3283)
• f6a9dce prefer-type-literal-last: Keep null and undefined last (#3281)
• 337a5a5 no-return-array-push: Improve docs
• de47dce no-declarations-before-early-exit: Ignore React hook calls (#3280)
• a2fd9d1 prefer-minimal-ternary: Add more tests (#3279)
• 3fa567e no-unsafe-property-key: Don't flag unique symbol keys (#3278)
• 5fd7d25 Add no-useless-continue rule (#3276)
• Additional commits viewable in compare view

Updates prettier from 3.8.3 to 3.8.4

Release notes

Sourced from prettier's releases.

3.8.4

• Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (prettier/prettier#17746 by @​byplayer)

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.4

diff

Markdown: Fix blank lines between list items and nested sub-lists being removed in Markdown/MDX (#17746 by @​byplayer)

Prettier was removing blank lines between list items and their nested sub-lists, converting loose lists into tight lists and changing their semantic meaning.

<!-- Input -->
- a


b


c

d



<!-- Prettier 3.8.3 -->

a

b


c

d



<!-- Prettier 3.8.4 -->


a

b



c

d

Commits

• 1c6ba55 Release 3.8.4
• 4a673dc Fix blank lines between list items and nested sub-lists being removed in Mark...
• 074aaed Replace main branch in changelog link with tags (#19054)
• c22a003 Bump Prettier dependency to 3.8.3
• 07bad1f Clean changelog_unreleased
• See full diff in compare view

Updates typescript-eslint from 8.60.1 to 8.61.1

Release notes

Sourced from typescript-eslint's releases.

v8.61.1

8.61.1 (2026-06-15)

🩹 Fixes

• eslint-plugin: [consistent-indexed-object-style] do not remove comments when fixing (#12396, #10577)
• eslint-plugin: [no-unnecessary-type-assertion] avoid false positive for template literal expressions (#12281)
• eslint-plugin: [no-unnecessary-type-assertion] wrap object literal in parens when removing TSTypeAssertion in arrow body (#12394, #12393)
• eslint-plugin: [no-unnecessary-boolean-literal-compare] fix precedence bug in autofix (#12413)
• eslint-plugin: [no-unnecessary-template-expression] respect ECMAScript line terminators (#12388)

❤️ Thank You

• Anas @​anasm266
• Deftera @​Deftera186
• Kirk Waiblinger @​kirkwaiblinger
• lumir
• Sarath Francis @​sarathfrancis90

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.61.0

8.61.0 (2026-06-08)

🚀 Features

• ast-spec: change type of UnaryExpression.prefix to always true (#12372)
• ast-spec: tighten types of ArrowFunction, YieldExpression, TSTypePredicate (#12373)

🩹 Fixes

• rule-schema-to-typescript-types: respect ECMAScript line terminators (#12374)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• lumir

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.61.1 (2026-06-15)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.61.0 (2026-06-08)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• aaad718 chore(release): publish 8.61.1
• 16a5b24 chore(release): publish 8.61.0
• See full diff in compare view

Updates vitest from 4.1.8 to 4.1.9

Release notes

Sourced from vitest's releases.

v4.1.9

🐞 Bug Fixes

• Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in vitest-dev/vitest#10546 (a5180)
• browser:
  • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10555 (7fb29)
  • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10497 and vitest-dev/vitest#10556 (fbc62)
• mocker:
  • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in vitest-dev/vitest#10548 (2c955)
• pool:
  • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in vitest-dev/vitest#10543 and vitest-dev/vitest#10564 (934b0)

View changes on GitHub

Commits

• a7a61e7 chore: release v4.1.9 (#10598)
• 934b0f5 fix(pool): prevent test run hang on worker crash (#10543) [backport to v4] (#...
• 7fb2965 fix(browser): wait for orchestrator readiness before resolving browser sessio...
• a518019 fix: fix importOriginal with optimizer and query import [backport to v4] (#...
• See full diff in compare view

Updates better-sqlite3 from 12.10.0 to 12.11.1

Release notes

Sourced from better-sqlite3's releases.

v12.11.1

What's Changed

• Fix Electron v42 build errors on Windows by @​m4heshd in WiseLibs/better-sqlite3#1488

Full Changelog: WiseLibs/better-sqlite3@v12.11.0...v12.11.1

v12.11.0

⚠️CAUTION: NOT A VIABLE RELEASE

Use v12.11.1 instead.

What's Changed

• Add missing Electron v42 build target by @​m4heshd in WiseLibs/better-sqlite3#1486

Full Changelog: WiseLibs/better-sqlite3@v12.10.1...v12.11.0

v12.10.1

What's Changed

• Bump the github-actions group across 1 directory with 4 updates by @​dependabot[bot] in WiseLibs/better-sqlite3#1451
• Fix V8 external API usage for Electron 42 by @​tstone-1 in WiseLibs/better-sqlite3#1475

Full Changelog: WiseLibs/better-sqlite3@v12.10.0...v12.10.1

Commits

• 4cbc39c 12.11.1
• 02b743f Fix Electron v42 build errors on Windows (#1488)
• 39a6e55 12.11.0
• f36d8c6 Add missing Electron v42 build target (#1486)
• da6152c 12.10.1
• 5bb63a2 Fix V8 external API usage for Electron 42 (#1475)
• ca60e36 Bump the github-actions group across 1 directory with 4 updates (#1451)
• f93f490 Update SQLite to version 3.53.2 (#1483)
• See full diff in compare view

Updates hono from 4.12.24 to 4.12.25

Release notes

Sourced from hono's releases.

v4.12.25

Security fixes

This release includes fixes for the following security issues:

CORS Middleware reflects any Origin with credentials when origin defaults to the wildcard

Affects: hono/cors. Fixes the wildcard origin reflecting the request Origin and sending Access-Control-Allow-Credentials: true when credentials: true is set without an explicit origin, where any site a logged-in user visited could make credentialed cross-origin requests and read responses from cookie-authenticated endpoints. GHSA-88fw-hqm2-52qc

Body Limit Middleware can be bypassed on AWS Lambda by understating Content-Length

Affects: hono/body-limit on AWS Lambda (hono/aws-lambda, hono/lambda-edge). Fixes the request being built with the client-declared Content-Length while the body is delivered fully buffered, where a client could declare a small Content-Length with a much larger body and slip past the configured size limit. GHSA-rv63-4mwf-qqc2

Path traversal in serve-static on Windows via encoded backslash (%5C)

Affects: serveStatic on Windows (Node, Bun, Deno adapters). Fixes the path guard allowing a lone backslash, where an encoded backslash (%5C) decoded to \ was treated as a separator by the Windows path resolver, letting a single URL segment escape into a middleware-guarded subtree. GHSA-wwfh-h76j-fc44

AWS Lambda adapter merges multiple Set-Cookie headers into one value, dropping cookies on ALB single-header and Lattice

Affects: hono/aws-lambda. Fixes multiple Set-Cookie response headers being joined into one comma-separated value for ALB single-header responses and VPC Lattice v2, where the value could not be split back into individual cookies and clients silently dropped or misparsed them. GHSA-j6c9-x7qj-28xf

Lambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest

Affects: hono/lambda-edge. Fixes repeated request headers being written with overwrite instead of append, where only the last value of a header such as X-Forwarded-For reached the application and the remaining values were silently dropped. GHSA-wgpf-jwqj-8h8p

Commits

• fce483e 4.12.25
• 751ba41 Merge commit from fork
• f0b094d Merge commit from fork
• fa5f9bf Merge commit from fork
• 3892a6c Merge commit from fork
• 74c2cf8 test(aws-lambda): update integration tests (#5012)
• 7ae7cba Merge commit from fork
• 1b13848 chore(ci): bump codecov-action to v7.0.0 (#5011)
• See full diff in compare view

Updates @opentelemetry/resources from 2.7.1 to 2.8.0

Release notes

Sourced from

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.