Skip to content

chore(deps-dev)(deps-dev): Bump the dev-deps group across 1 directory with 4 updates#86

Merged
wmadden-electric merged 1 commit into
mainfrom
dependabot/npm_and_yarn/main/dev-deps-57d89a0bcc
Jul 15, 2026
Merged

chore(deps-dev)(deps-dev): Bump the dev-deps group across 1 directory with 4 updates#86
wmadden-electric merged 1 commit into
mainfrom
dependabot/npm_and_yarn/main/dev-deps-57d89a0bcc

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the dev-deps group with 4 updates in the / directory: @biomejs/biome, @clack/prompts, vitest and @durable-streams/server-conformance-tests.

Updates @biomejs/biome from 2.5.2 to 2.5.3

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.3

2.5.3

Patch Changes

  • #10815 86613d5 Thanks @​WaterWhisperer! - Fixed a parser panic reported in #10708: Biome now recovers when unsupported CSS Modules @value rules or scoped @keyframes names end at EOF.

  • #10534 da9b403 Thanks @​Mokto! - Fixed noUnusedVariables false positives in Svelte files: Svelte store subscriptions ($store references in templates now keep the underlying store binding from being flagged), and $bindable() props that are only written to in the script block (write-only is intentional for bindable props) are no longer reported as unused.

  • #10827 098ba41 Thanks @​Aqu1bp! - Fixed #10698: The noUnsafeOptionalChaining rule now reports unsafe optional chains wrapped in TypeScript as, satisfies, type assertion, and instantiation expressions, such as new (value?.constructor as Constructor)().

  • #10773 3c6513d Thanks @​otkrickey! - Fixed #10772: useVueValidVOn no longer reports a missing handler for v-on directives using a verb modifier (.stop / .prevent) without an expression, e.g. <div @click.stop></div>. The rule also accepts the arg-less object syntax <div v-on="$listeners"></div> instead of reporting a missing event name.

  • #10721 d83c66b Thanks @​minseong0324! - Improved type-aware lint rule inference for built-in globals and indexed function calls. Biome now resolves Error(...), new Error(...), optional Error#stack, and calls through indexed function values such as handlers[0](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/0) more accurately.

  • #10865 6450276 Thanks @​ematipico! - Fixed #10845. Biome Language Server no longer goes in deadlock when the scanner is enabled.

  • #10853 93d8e53 Thanks @​Netail! - Fixed #10840: Astro shorthand attribute syntax is now correctly being parsed from embedded nodes.

  • #10820 bba3092 Thanks @​JamBalaya56562! - Fixed #10619: noProcessEnv now also reports computed (bracket) member access. Previously only dot access was checked, so process["env"] and env["NODE_ENV"] (where env is imported from node:process) were missed. Both static and computed accesses are now reported.

  • #10835 3447b2f Thanks @​dyc3! - Fixed #10824: useDomQuerySelector now supports an ignore option for receiver identifiers that should not be reported.

  • #10875 b12e486 Thanks @​dyc3! - Fixed #10795: --profile-rules now reports timings for each plugin separately as plugin/<pluginName>, matching the naming used by plugin suppressions, instead of aggregating all plugins under a single plugin/plugin entry.

  • #10877 d6bc447 Thanks @​ematipico! - Fixed biome-zed#164: Biome no longer inserts stray whitespace when format-on-type runs after closing delimiters such as ), ], and }.

  • #10867 a21463e Thanks @​dyc3! - Fixed #10864: Biome no longer crashes when checking or linting HTML files with unquoted attribute values such as <textarea rows=4></textarea>.

What's Changed

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.3

Patch Changes

  • #10815 86613d5 Thanks @​WaterWhisperer! - Fixed a parser panic reported in #10708: Biome now recovers when unsupported CSS Modules @value rules or scoped @keyframes names end at EOF.

  • #10534 da9b403 Thanks @​Mokto! - Fixed noUnusedVariables false positives in Svelte files: Svelte store subscriptions ($store references in templates now keep the underlying store binding from being flagged), and $bindable() props that are only written to in the script block (write-only is intentional for bindable props) are no longer reported as unused.

  • #10827 098ba41 Thanks @​Aqu1bp! - Fixed #10698: The noUnsafeOptionalChaining rule now reports unsafe optional chains wrapped in TypeScript as, satisfies, type assertion, and instantiation expressions, such as new (value?.constructor as Constructor)().

  • #10773 3c6513d Thanks @​otkrickey! - Fixed #10772: useVueValidVOn no longer reports a missing handler for v-on directives using a verb modifier (.stop / .prevent) without an expression, e.g. <div @click.stop></div>. The rule also accepts the arg-less object syntax <div v-on="$listeners"></div> instead of reporting a missing event name.

  • #10721 d83c66b Thanks @​minseong0324! - Improved type-aware lint rule inference for built-in globals and indexed function calls. Biome now resolves Error(...), new Error(...), optional Error#stack, and calls through indexed function values such as handlers[0](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/0) more accurately.

  • #10865 6450276 Thanks @​ematipico! - Fixed #10845. Biome Language Server no longer goes in deadlock when the scanner is enabled.

  • #10853 93d8e53 Thanks @​Netail! - Fixed #10840: Astro shorthand attribute syntax is now correctly being parsed from embedded nodes.

  • #10820 bba3092 Thanks @​JamBalaya56562! - Fixed #10619: noProcessEnv now also reports computed (bracket) member access. Previously only dot access was checked, so process["env"] and env["NODE_ENV"] (where env is imported from node:process) were missed. Both static and computed accesses are now reported.

  • #10835 3447b2f Thanks @​dyc3! - Fixed #10824: useDomQuerySelector now supports an ignore option for receiver identifiers that should not be reported.

  • #10875 b12e486 Thanks @​dyc3! - Fixed #10795: --profile-rules now reports timings for each plugin separately as plugin/<pluginName>, matching the naming used by plugin suppressions, instead of aggregating all plugins under a single plugin/plugin entry.

  • #10877 d6bc447 Thanks @​ematipico! - Fixed biome-zed#164: Biome no longer inserts stray whitespace when format-on-type runs after closing delimiters such as ), ], and }.

  • #10867 a21463e Thanks @​dyc3! - Fixed #10864: Biome no longer crashes when checking or linting HTML files with unquoted attribute values such as <textarea rows=4></textarea>.

Commits

Updates @clack/prompts from 1.6.0 to 1.7.0

Release notes

Sourced from @​clack/prompts's releases.

@​clack/prompts@​1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

Changelog

Sourced from @​clack/prompts's changelog.

1.7.0

Minor Changes

  • #574 8f1c380 Thanks @​dreyfus92! - Add showInstructions option to select, multiselect, and groupMultiselect. Keyboard hints remain shown by default; pass showInstructions: false to hide them.

Patch Changes

Commits

Updates vitest from 4.1.9 to 4.1.10

Release notes

Sourced from vitest's releases.

v4.1.10

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • db616d2 chore: release v4.1.10 (#10718)
  • bae52b5 fix(vm): fix external module resolve error with deps optimizer query for enco...
  • See full diff in compare view

Updates @durable-streams/server-conformance-tests from 0.2.3 to 0.3.5

Release notes

Sourced from @​durable-streams/server-conformance-tests's releases.

@​durable-streams/server-conformance-tests@​0.3.5

Patch Changes

  • fix: close conformance gaps around soft-delete, fork content-type, and live SSE closure (#376)

    Server conformance tests:

    • Add a test asserting a live SSE reader caught up at the tail receives data appended atomically with a stream close (POST + Stream-Closed) before the closing control event. A server that emits the streamClosed control without first delivering the final append silently loses the last message; the test probes a spread of close timings to catch the race deterministically.
    • Add a test asserting a fork rejected for a content-type mismatch does not leak a reference on the source (the source must still fully delete rather than being pinned in a soft-deleted state).

    Reference server:

    • Fix a reference-count leak in both the in-memory and file-backed stores: a fork rejected for a content-type mismatch incremented the source's refCount before validating the content type, pinning the source in a soft-deleted state forever. Content-type is now validated before the reference is taken.
  • Updated dependencies []:

    • @​durable-streams/client@​0.2.6

@​durable-streams/server-conformance-tests@​0.3.4

Patch Changes

  • Updated dependencies [92c0821]:
    • @​durable-streams/client@​0.2.6

@​durable-streams/server-conformance-tests@​0.3.3

Patch Changes

  • Updated dependencies [6afab5f]:
    • @​durable-streams/client@​0.2.5

@​durable-streams/server-conformance-tests@​0.3.2

Patch Changes

  • feat(server): add reserved subscription APIs (#361)

    The protocol now reserves /v1/stream/__ds/* for subscription control APIs. The TypeScript server implements webhook and pull-wake subscription lifecycle, stream membership, webhook callback ack, pull-wake claim/ack/release, and JWKS discovery for webhook signature verification.

... (truncated)

Changelog

Sourced from @​durable-streams/server-conformance-tests's changelog.

0.3.5

Patch Changes

  • fix: close conformance gaps around soft-delete, fork content-type, and live SSE closure (#376)

    Server conformance tests:

    • Add a test asserting a live SSE reader caught up at the tail receives data appended atomically with a stream close (POST + Stream-Closed) before the closing control event. A server that emits the streamClosed control without first delivering the final append silently loses the last message; the test probes a spread of close timings to catch the race deterministically.
    • Add a test asserting a fork rejected for a content-type mismatch does not leak a reference on the source (the source must still fully delete rather than being pinned in a soft-deleted state).

    Reference server:

    • Fix a reference-count leak in both the in-memory and file-backed stores: a fork rejected for a content-type mismatch incremented the source's refCount before validating the content type, pinning the source in a soft-deleted state forever. Content-type is now validated before the reference is taken.
  • Updated dependencies []:

    • @​durable-streams/client@​0.2.6

0.3.4

Patch Changes

  • Updated dependencies [92c0821]:
    • @​durable-streams/client@​0.2.6

0.3.3

Patch Changes

  • Updated dependencies [6afab5f]:
    • @​durable-streams/client@​0.2.5

0.3.2

Patch Changes

  • feat(server): add reserved subscription APIs (#361)

    The protocol now reserves /v1/stream/__ds/* for subscription control APIs. The TypeScript server implements webhook and pull-wake subscription lifecycle, stream membership, webhook callback ack, pull-wake claim/ack/release, and JWKS

... (truncated)

Commits

@dependabot @github

dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@pkg-pr-new

pkg-pr-new Bot commented Jul 15, 2026

Copy link
Copy Markdown

Open in StackBlitz

npm i https://pkg.pr.new/@prisma/composer@86
npm i https://pkg.pr.new/@prisma/composer-prisma-cloud@86

commit: 101f402

@wmadden-electric

Copy link
Copy Markdown
Contributor

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/main/dev-deps-57d89a0bcc branch from 1ab27ec to 387af19 Compare July 15, 2026 20:39
@wmadden-electric

Copy link
Copy Markdown
Contributor

@dependabot rebase

@wmadden-electric wmadden-electric left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Required CI green after rebase; dev-deps group bump. Deploy canary can't run on dependabot PRs (no PRISMA_SERVICE_TOKEN) and is not a required check. Approved on Will's instruction.

@wmadden-electric

Copy link
Copy Markdown
Contributor

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/main/dev-deps-57d89a0bcc branch from 387af19 to cb5b2d6 Compare July 15, 2026 20:45
@wmadden-electric

Copy link
Copy Markdown
Contributor

@dependabot rebase

… with 4 updates

Bumps the dev-deps group with 4 updates in the / directory: [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome), [@clack/prompts](https://github.com/bombshell-dev/clack/tree/HEAD/packages/prompts), [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) and [@durable-streams/server-conformance-tests](https://github.com/durable-streams/durable-streams/tree/HEAD/packages/server-conformance-tests).


Updates `@biomejs/biome` from 2.5.2 to 2.5.3
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.5.3/packages/@biomejs/biome)

Updates `@clack/prompts` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/bombshell-dev/clack/releases)
- [Changelog](https://github.com/bombshell-dev/clack/blob/main/packages/prompts/CHANGELOG.md)
- [Commits](https://github.com/bombshell-dev/clack/commits/@clack/prompts@1.7.0/packages/prompts)

Updates `vitest` from 4.1.9 to 4.1.10
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Changelog](https://github.com/vitest-dev/vitest/blob/main/docs/releases.md)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.10/packages/vitest)

Updates `@durable-streams/server-conformance-tests` from 0.2.3 to 0.3.5
- [Release notes](https://github.com/durable-streams/durable-streams/releases)
- [Changelog](https://github.com/durable-streams/durable-streams/blob/main/packages/server-conformance-tests/CHANGELOG.md)
- [Commits](https://github.com/durable-streams/durable-streams/commits/@durable-streams/server-conformance-tests@0.3.5/packages/server-conformance-tests)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.5.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
- dependency-name: "@clack/prompts"
  dependency-version: 1.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: "@durable-streams/server-conformance-tests"
  dependency-version: 0.3.5
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-deps
- dependency-name: vitest
  dependency-version: 4.1.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/main/dev-deps-57d89a0bcc branch from cb5b2d6 to 101f402 Compare July 15, 2026 20:49
@wmadden-electric wmadden-electric merged commit 01dbc62 into main Jul 15, 2026
12 of 13 checks passed
@wmadden-electric wmadden-electric deleted the dependabot/npm_and_yarn/main/dev-deps-57d89a0bcc branch July 15, 2026 20:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant