Skip to content

chore(deps-dev): bump the monorepo-dependencies group across 1 directory with 5 updates#13

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/monorepo-dependencies-2fc45f38d6
Closed

chore(deps-dev): bump the monorepo-dependencies group across 1 directory with 5 updates#13
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/monorepo-dependencies-2fc45f38d6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026
edited
Loading

Bumps the monorepo-dependencies group with 5 updates in the / directory:

Package From To
@biomejs/biome 2.4.13 2.4.14
@changesets/changelog-github 0.6.0 0.7.0
@types/node 25.6.0 25.6.2
lint-staged 16.4.0 17.0.3
turbo 2.9.6 2.9.10

Updates @biomejs/biome from 2.4.13 to 2.4.14

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.14

2.4.14

Patch Changes

  • #9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

  • #10157 eefc5ab Thanks @​dyc3! - Fixed #7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

  • #10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

    A function annotated : object returning an object literal:

    function f(): object {
  return { retry: true };
}

  • #10116 53269eb Thanks @​jiwon79! - Fixed #6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

  • #10092 33d8543 Thanks @​Conaclos! - Fixed #9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

    Given the following organizeImports options:

    {
  "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
}

    The following code...

    // Comment
import "package";
import "./file.js";

    ...was organized as:

    +
  // Comment
  import "package";
+
  import "./file.js";

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.14

Patch Changes

  • #9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

  • #10157 eefc5ab Thanks @​dyc3! - Fixed #7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

  • #10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

    A function annotated : object returning an object literal:

    function f(): object {
  return { retry: true };
}

  • #10116 53269eb Thanks @​jiwon79! - Fixed #6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

  • #10092 33d8543 Thanks @​Conaclos! - Fixed #9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

    Given the following organizeImports options:

    {
  "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
}

    The following code...

    // Comment
import "package";
import "./file.js";

    ...was organized as:

    +
  // Comment
  import "package";
+
  import "./file.js";

    A blank line was added even though the group ':NODE:' doesn't match any imports here. :BLANK_LINE: between never-matched groups and matched groups are now ignored.

... (truncated)

Commits

Updates @changesets/changelog-github from 0.6.0 to 0.7.0

Release notes

Sourced from @​changesets/changelog-github's releases.

@​changesets/changelog-github@​0.7.0

Minor Changes

Commits

Updates @types/node from 25.6.0 to 25.6.2

Commits

Updates lint-staged from 16.4.0 to 17.0.3

Release notes

Sourced from lint-staged's releases.

v17.0.3

Patch Changes

  • #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
    • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
    • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

v17.0.2

Patch Changes

v17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

v17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

  • #1759 f13045a Thanks @​iiroj! - Update dependencies, including tinyexec@1.1.1 to fix the following issues:

    • When using a Node.js version manager with multiple versions installed (nvm, n, for example), scripts with the #!/usr/bin/env node shebang (Prettier, ESLint, for example) were previously spawned using the default Node.js version configured by the version manager (the one which node points to) on POSIX systems. Now, they will be spawned with the same version that lint-staged itself was started with.
      • For example, if your default Node.js version is 24.14.1 but lint-staged is run with the latest version 25.9.0, the tasks spawned by lint-staged will now also use version 25.9.0. Previously they were spawned using 24.14.1.
    • When installing Node.js from the Ubuntu App Center (Snap store), the node executable available in PATH is a symlink pointing to Snap itself. The sandboxing features of Snap prevented lint-staged from spawning scripts with the #!/usr/bin/env node shebang, because it meant lint-staged tried to spawn Snap via the symlink. This resulted in an ENOENT error when trying to run prettier, for example. Now, since the real node executable's directory is available in the PATH, lint-staged will instead spawn the script with the real node binary succesfully.

  • #1761 d3251b1 Thanks @​iiroj! - Lint-staged now runs git update-index --again after running tasks, instead of git add <originally staged files>. This should improve compatibility when using non-default indexes, for example when committing with a pathspec git commit -m "message" . instead of adding files to the index.

  • #1745 a9585ac Thanks @​iiroj! - Remove commander as a dependency and use the built-in parseArgs from node:util to parse CLI flags.

Patch Changes

  • #1755 c82d30b Thanks @​iiroj! - All tests now pass on the Bun runtime (latest).

  • #1750 a401818 Thanks @​iiroj! - Remove manual handling for git stash --keep-index resurrecting deleted files, because the issue was fixed in Git 2.23.0 and lint-staged requires at least Git 2.32.0.

... (truncated)

Changelog

Sourced from lint-staged's changelog.

17.0.3

Patch Changes

  • #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
    • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
    • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

17.0.2

Patch Changes

17.0.1

Patch Changes

  • #1776 4a5664b Thanks @​iiroj! - Adjust GitHub Actions workflow so that automatic publishing works with signed commits.

17.0.0

Major Changes

  • #1745 e244adf Thanks @​iiroj! - Node.js v20 is no longer supported, and the oldest supported version is now 22.22.1, which is an active LTS version at the time of this release. Node.js 20 will be EOL after April 2026. Please upgrade your Node.js version!

  • #1676 0584e0b Thanks @​outslept! - Lint-staged now tries to verify the installed Git version is at least 2.32.0, released in 2021. If you're using an even older Git version, you need to upgrade it before running lint-staged!

  • #1745 2dcc40a Thanks @​iiroj! - The dependency yaml is now marked as optional and probably won't be installed by default. If you're using a YAML configuration file you should install the package separately:

    npm install --development yaml

    If you're using .lintstagedrc as the config file name (without a file extension), it will be treated as a YAML file. If the content is JSON, consider renaming it to .lintstagedrc.json to avoid needing to install yaml.

Minor Changes

  • #1748 809d5ef Thanks @​iiroj! - Add new option --hide-all for hiding all unstaged changes and untracked files, before running tasks. This makes it easier to run tools like Knip which check for unused code. Untracked files are included in the backup stash and restored automatically after running.

  • #1759 f13045a Thanks @​iiroj! - Update dependencies, including tinyexec@1.1.1 to fix the following issues:

    • When using a Node.js version manager with multiple versions installed (nvm, n, for example), scripts with the #!/usr/bin/env node shebang (Prettier, ESLint, for example) were previously spawned using the default Node.js version configured by the version manager (the one which node points to) on POSIX systems. Now, they will be spawned with the same version that lint-staged itself was started with.
      • For example, if your default Node.js version is 24.14.1 but lint-staged is run with the latest version 25.9.0, the tasks spawned by lint-staged will now also use version 25.9.0. Previously they were spawned using 24.14.1.
    • When installing Node.js from the Ubuntu App Center (Snap store), the node executable available in PATH is a symlink pointing to Snap itself. The sandboxing features of Snap prevented lint-staged from spawning scripts with the #!/usr/bin/env node shebang, because it meant lint-staged tried to spawn Snap via the symlink. This resulted in an ENOENT error when trying to run prettier, for example. Now, since the real node executable's directory is available in the PATH, lint-staged will instead spawn the script with the real node binary succesfully.

  • #1761 d3251b1 Thanks @​iiroj! - Lint-staged now runs git update-index --again after running tasks, instead of git add <originally staged files>. This should improve compatibility when using non-default indexes, for example when committing with a pathspec git commit -m "message" . instead of adding files to the index.

  • #1745 a9585ac Thanks @​iiroj! - Remove commander as a dependency and use the built-in parseArgs from node:util to parse CLI flags.

Patch Changes

... (truncated)

Commits
  • a36ec1e Merge pull request #1783 from lint-staged/changeset-release/main
  • 03ce2a9 chore(changeset): release
  • 33f8214 Merge pull request #1785 from lint-staged/update-changeset
  • dc2bac7 docs: fix typo in changeset
  • b796ff0 Merge pull request #1784 from lint-staged/update-changeset
  • f7738f6 docs: fix typo in changeset
  • e46614b Merge pull request #1782 from lint-staged/fix-git-index-file
  • 06813f9 fix: override GIT_INDEX_FILE to point to the default index instead of unset...
  • 0a3b253 Merge pull request #1780 from lint-staged/changeset-release/main
  • 36cae27 chore(changeset): release
  • Additional commits viewable in compare view

Updates turbo from 2.9.6 to 2.9.10

Release notes

Sourced from turbo's releases.

Turborepo v2.9.10

What's Changed

Changelog

Full Changelog: vercel/turborepo@v2.9.9...v2.9.10

Turborepo v2.9.10-canary.1

What's Changed

Changelog

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the monorepo-dependencies group across 1 direct…
f049b2e 
…ory with 5 updates

Bumps the monorepo-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.4.13` | `2.4.14` |
| [@changesets/changelog-github](https://github.com/changesets/changesets) | `0.6.0` | `0.7.0` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.6.0` | `25.6.2` |
| [lint-staged](https://github.com/lint-staged/lint-staged) | `16.4.0` | `17.0.3` |
| [turbo](https://github.com/vercel/turborepo) | `2.9.6` | `2.9.10` |



Updates `@biomejs/biome` from 2.4.13 to 2.4.14
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.4.14/packages/@biomejs/biome)

Updates `@changesets/changelog-github` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/changesets/changesets/releases)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/changelog-github@0.6.0...@changesets/changelog-github@0.7.0)

Updates `@types/node` from 25.6.0 to 25.6.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `lint-staged` from 16.4.0 to 17.0.3
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v16.4.0...v17.0.3)

Updates `turbo` from 2.9.6 to 2.9.10
- [Release notes](https://github.com/vercel/turborepo/releases)
- [Changelog](https://github.com/vercel/turborepo/blob/main/RELEASE.md)
- [Commits](vercel/turborepo@v2.9.6...v2.9.10)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.4.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: monorepo-dependencies
- dependency-name: "@changesets/changelog-github"
  dependency-version: 0.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: monorepo-dependencies
- dependency-name: "@types/node"
  dependency-version: 25.6.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: monorepo-dependencies
- dependency-name: lint-staged
  dependency-version: 17.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: monorepo-dependencies
- dependency-name: turbo
  dependency-version: 2.9.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: monorepo-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 8, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 13, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 13, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/monorepo-dependencies-2fc45f38d6 branch May 13, 2026 20:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants