chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@biomejs/biome (source)	1.9.2 -> 1.9.3
astro (source)	^4.15.9 -> ^4.15.11
pnpm (source)	9.11.0 -> 9.12.0

---

Release Notes

biomejs/biome (@​biomejs/biome)

v1.9.3

Compare Source

CLI

New features

• GritQL queries that match functions or methods will now match async functions or methods as well.

  If this is not what you want, you can capture the async keyword (or its absence) in a metavariable and assert its emptiness:

  $async function foo() {} where $async <: .
  

  Contributed by @​arendjr

Bug fixes

• Fix #​4077: Grit queries no longer need to match the statement's trailing semicolon. Contributed by @​arendjr

• Fix #​4102. Now the CLI command lint doesn't exit with an error code when using --write/--fix. Contributed by @​ematipico

Configuration

Bug fixes

• Fix #​4125, where noLabelWithoutControl options where incorrectly marked as mandatory. Contributed by @​ematipico

Editors

• Fix a case where CSS files weren't correctly linted using the default configuration. Contributed by @​ematipico

Formatter

Bug fixes

• Fix #​3924 where GraphQL formatter panics in block comments with empty line. Contributed by @​vohoanglong0107

• Fix a case where raw values inside url() functions weren't properly trimmed.

  .value {
  -  background: url(
  -   whitespace-around-string
  -  );
  + background: url(whitespace-around-string);
  }

  Contributed by @​ematipico

• Fixed #​4076, where a media query wasn't correctly formatted:

  .class {
  -  @&#8203;media (1024px <= width <=1280px) {
  +  @&#8203;media (1024px <= width <= 1280px) {
     color: red;
     }
  }

  Contributed by @​blaze-d83

JavaScript API

Bug fixes

• Fix #​3881, by updating the APIs to use the latest WASM changes. Contributed by @​ematipico

Linter

New features

• Add noDescendingSpecificity. Contributed by @​tunamaguro

• Add noNestedTernary. Contributed by @​kaykdm

• Add noTemplateCurlyInString. Contributed by @​fireairforce

• Add noOctalEscape. Contributed by @​fireairforce

Enhancements

• Add an option reportUnnecessaryDependencies to useExhaustiveDependencies.

  Defaults to true. When set to false, errors will be suppressed for React hooks that declare dependencies but do not use them.

  Contributed by @​simon-paris

• Add an option reportMissingDependenciesArray to useExhaustiveDependencies. Contributed by @​simon-paris

Bug fixes

• noControlCharactersInRegex no longer panics on regexes with incomplete escape sequences. Contributed by @​Conaclos

• noMisleadingCharacterClass no longer reports issues outside of character classes.

  The following code is no longer reported:

  /[a-z]👍/;

  Contributed by @​Conaclos

• noUndeclaredDependencies no longer reports Node.js builtin modules as undeclared dependencies.

  The rule no longer reports the following code:

  import * as fs from "fs";

  Contributed by @​Conaclos

• noUnusedVariables no longer panics when suggesting the renaming of a variable at the start of a file (#​4114). Contributed by @​Conaclos

• noUselessEscapeInRegex no longer panics on regexes that start with an empty character class. Contributed by @​Conaclos

• noUselessStringConcat no longer panics when it encounters malformed code. Contributed by @​Conaclos

• noUnusedFunctionParameters no longer reports unused parameters inside an object pattern with a rest parameter.

  In the following code, the rule no longer reports a as unused.

  function f({ a, ...rest }) {
    return rest;
  }

  This matches the behavior of noUnusedVariables.

  Contributed by @​Conaclos

• useButtonType no longer reports dynamically created button with a valid type (#​4072).

  The following code is no longer reported:

  React.createElement("button", { type: "button" }, "foo")

  Contributed by @​Conaclos

• useSemanticElements now ignores elements with the img role (#​3994).

  MDN recommends using role="img" for grouping images or creating an image from other elements.
  The following code is no longer reported:

  <div role="img" aria-label="That cat is so cute">
    <p>&#x1F408; &#x1F602;</p>
  </div>

  Contributed by @​Conaclos

• useSemanticElements now ignores alert and alertdialog roles (#​3858). Contributed by @​Conaclos

• noUselessFragments don't create invaild JSX code when Fragments children contains JSX Expression and in a LogicalExpression. Contributed by @​fireairforce

Parser

Bug fixes

• Forbid undefined as type name for typescript parser. Contributed by @​fireairforce

withastro/astro (astro)

v4.15.11

Compare Source

Patch Changes

• #​12097 11d447f Thanks @​ascorbic! - Fixes error where references in content layer schemas sometimes incorrectly report as missing

• #​12108 918953b Thanks @​lameuler! - Fixes a bug where data URL images were not correctly handled. The bug resulted in an ENAMETOOLONG error.

• #​12105 42037f3 Thanks @​ascorbic! - Returns custom statusText that has been set in a Response

• #​12109 ea22558 Thanks @​ematipico! - Fixes a regression that was introduced by an internal refactor of how the middleware is loaded by the Astro application. The regression was introduced by #​11550.

  When the edge middleware feature is opted in, Astro removes the middleware function from the SSR manifest, and this wasn't taken into account during the refactor.

• #​12106 d3a74da Thanks @​ascorbic! - Handles case where an immutable Response object is returned from an endpoint

• #​12090 d49a537 Thanks @​markjaquith! - Server islands: changes the server island HTML placeholder comment so that it is much less likely to get removed by HTML minifiers.

v4.15.10

Compare Source

Patch Changes

• #​12084 12dae50 Thanks @​Princesseuh! - Adds missing filePath property on content layer entries

• #​12046 d7779df Thanks @​martrapp! - View transitions: Fixes Astro's fade animation to prevent flashing during morph transitions.

• #​12043 1720c5b Thanks @​bluwy! - Fixes injected endpoint prerender option detection

• #​12095 76c5fbd Thanks @​TheOtterlord! - Fix installing non-stable versions of integrations with astro add

pnpm/pnpm (pnpm)

v9.12.0: pnpm 9.12

Compare Source

Minor Changes

• Fix peer dependency resolution dead lock #​8570. This change might change some of the keys in the snapshots field inside pnpm-lock.yaml but it should happen very rarely.

• pnpm outdated command supports now a --sort-by=name option for sorting outdated dependencies by package name #​8523.

• Added the ability for overrides to remove dependencies by specifying "-" as the field value #​8572. For example, to remove lodash from the dependencies, use this configuration in package.json:

  {
    "pnpm": {
      "overrides": {
        "lodash": "-"
      }
    }
  }

Patch Changes

• Fixed an issue where pnpm list --json pkg showed "private": false for a private package #​8519.
• Packages with libc that differ from pnpm.supportedArchitectures.libc are not downloaded #​7362.
• Prevent ENOENT errors caused by running store prune in parallel #​8586.
• Add issues alias to pnpm bugs #​8596.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

---

Configuration

📅 Schedule: Branch creation - "on Sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.