chore(deps): update devdependencies (major)

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@actions/cache (source)	^4.0.2 → ^6.0.0
@actions/core (source)	^1.11.1 → ^3.0.0
@actions/exec (source)	^1.1.1 → ^3.0.0
@actions/http-client (source)	2.2.3 → 4.0.0
@actions/io (source)	^1.1.3 → ^3.0.0
@actions/tool-cache (source)	^2.0.2 → ^4.0.0
@biomejs/biome (source)	^1.9.4 → ^2.0.0
@octokit/openapi-types (source)	^25.0.0 → ^27.0.0
@octokit/plugin-paginate-rest	^13.0.0 → ^14.0.0
@octokit/plugin-rest-endpoint-methods	^16.0.0 → ^17.0.0
@octokit/types	^14.0.0 → ^16.0.0
@types/jest (source)	^29.5.14 → ^30.0.0
@types/node (source)	^22.13.8 → ^25.0.0
cross-env	7.0.3 → 10.1.0
jest (source)	^29.7.0 → ^30.0.0
p-timeout	^6.1.4 → ^7.0.0

---

Release Notes

actions/toolkit (@​actions/cache)

v6.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

v5.0.5

• Bump @actions/glob to 0.5.1

v5.0.4

• Bump @actions/http-client to 3.0.2

v5.0.3

Prevent retries for rate limited cache operations 2243.

v5.0.1

• Fix Node.js 24 punycode deprecation warning by updating @azure/storage-blob from ^12.13.0 to ^12.29.1 #​2213
• Newer storage-blob uses @azure/core-rest-pipeline instead of deprecated @azure/core-http, which eliminates the transitive dependency on node-fetch@2 → whatwg-url@5 → tr46@​0.0.3 that used the deprecated punycode module

v5.0.0

• Remove @azure/ms-rest-js dependency #​2197
  • The TransferProgressEvent type is now imported from @azure/core-rest-pipeline instead of @azure/ms-rest-js
• Bump @actions/core from ^1.11.1 to ^2.0.0 #​2198
• Bump @actions/exec from ^1.0.1 to ^2.0.0 #​2198
• Bump @actions/glob from ^0.1.0 to ^0.5.0 #​2198
• Bump @actions/http-client from ^2.1.1 to ^3.0.0 #​2198
• Bump @actions/io from ^1.0.1 to ^2.0.0 #​2198
• Add support for Node.js 24 #​2110
• Add node-fetch override to resolve audit vulnerabilities #​2110

actions/toolkit (@​actions/core)

v3.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

v2.0.3

• Bump @actions/http-client to 3.0.2

v2.0.1

• Bump @​actions/exec from 1.1.1 to 2.0.0 #​2199

v2.0.0

• Add support for Node 24 #​2110
• Bump @​actions/http-client from 2.0.1 to 3.0.0

actions/toolkit (@​actions/exec)

v3.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

v2.0.0

• Add support for Node 24 #​2110
• Bump @​actions/io dependency from ^1.0.1 to ^2.0.0

actions/toolkit (@​actions/http-client)

v4.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

v3.0.2

• Bump undici from 5.28.5 to 6.23.0

v3.0.1

• Add support for ACTIONS_ORCHESTRATION_ID in user-agent and default user-agent #​2229

v3.0.0

• Add support for Node 24 #​2110

actions/toolkit (@​actions/io)

v3.0.2

• Fix: update lock file version

v3.0.1

• Fix: export @actions/io/lib/io-util

v3.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

v2.0.0

• Add support for Node 24 #​2110
• Ensures consistent behavior for paths on Node 24 with Windows

actions/toolkit (@​actions/tool-cache)

v4.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

3.0.1

• Bump @actions/http-client to 3.0.2

3.0.0

• Update to v2.0.1 of @actions/core
• Update to v2.0.0 of @actions/exec
• Update to v3.0.1 of @actions/http-client
• Update to v2.0.0 of @actions/io

2.0.2

• Update @actions/core to v1.11.1 #​1872
• Remove dependency on uuid package #​1824, #​1842

2.0.1

• Update to v2.0.1 of @actions/http-client #​1087

2.0.0

• Update to v2.0.0 of @actions/http-client
• The type of the headers parameter in the exported function downloadTool has been narrowed from { [header: string]: any } to { [header: string]: number | string | string[] | undefined; } (that is, http.OutgoingHttpHeaders).
  This is strictly a compile-time change for TypeScript consumers. Previous attempts to use a header value of a type other than those now accepted would have resulted in an error at run time.

1.7.2

• Update lockfileVersion to v2 in package-lock.json #​1025

1.7.1

• Fallback to os-releases file to get linux version
• Update to latest @​actions/io verison

1.7.0

• Allow arbirtary headers when downloading tools to the tc
• Export isExplicitVersion and evaluateVersions functions
• Force overwrite on default when extracted compressed files

1.6.1

• Update @​actions/core version

1.6.0

• Add extractXar function to extract XAR files

1.3.5

• Check if tool path exists before executing
• Make extract functions quiet by default

1.3.4

• Update the http-client to 1.0.8 which had a security fix

Here is the security issue that was fixed in the http-client 1.0.8 release

1.3.3

• Update downloadTool to only retry 500s and 408 and 429

1.3.2

• Update downloadTool with better error handling and retries

1.3.1

• Increase http-client min version

1.3.0

• Uses @​actions/http-client

1.2.0

• Overload downloadTool to accept destination path
• Fix extractTar on Windows
• Add "types" to package.json

1.1.2

• Use zip and unzip from PATH
• Support custom flags for extractTar

1.0.0

• Initial release

v3.0.1

• Bump @actions/http-client to 3.0.2

v3.0.0

• Update to v2.0.1 of @actions/core
• Update to v2.0.0 of @actions/exec
• Update to v3.0.1 of @actions/http-client
• Update to v2.0.0 of @actions/io

biomejs/biome (@​biomejs/biome)

v2.4.0

Compare Source

Minor Changes

• #​8964 0353fa0 Thanks @​dyc3! - Added ignore option to the useHookAtTopLevel rule.

  You can now specify function names that should not be treated as hooks, even if they follow the use* naming convention.

  Example configuration:

  {
    "linter": {
      "rules": {
        "correctness": {
          "useHookAtTopLevel": {
            "options": {
              "ignore": ["useDebounce", "useCustomUtility"]
            }
          }
        }
      }
    }
  }

• #​8769 d0358b0 Thanks @​rahuld109! - Added the rule useAnchorContent for HTML to enforce that anchor elements have accessible content for screen readers. The rule flags empty anchors, anchors with only whitespace, and anchors where all content is hidden with aria-hidden. Anchors with aria-label or title attributes providing a non-empty accessible name are considered valid.

• #​8742 6340ce6 Thanks @​rahuld109! - Added the rule useMediaCaption to the HTML language. Enforces that audio and video elements have a track element with kind="captions" for accessibility. Muted videos are allowed without captions.

• #​8621 d11130b Thanks @​Netail! - Added support for multiple reporters, and the ability to save reporters on arbitrary files.

Combine two reporters in CI

If you run Biome on GitHub, take advantage of the reporter and still see the errors in console, you can now use both reporters:

biome ci --reporter=default --reporter=github

Save reporter output to a file

With the new --reporter-file CLI option, it's now possible to save the output of all reporters to a file. The file is a path,
so you can pass a relative or an absolute path:

biome ci --reporter=rdjson --reporter-file=/etc/tmp/report.json
biome ci --reporter=summary --reporter-file=./reports/file.txt

You can combine these two features. For example, have the default reporter written on terminal, and the rdjson reporter written on file:

biome ci --reporter=default --reporter=rdjson --reporter-file=/etc/tmp/report.json

The --reporter and --reporter-file flags must appear next to each other, otherwise an error is thrown.

• #​8399 ab88099 Thanks @​ematipico! - The Biome CSS parser is now able to parse Vue SFC syntax such as :slotted and :deep. These pseudo functions are only correctly parsed when the CSS is defined inside .vue components. Otherwise, Biome will a emit a parse error.

  This capability is only available when experimentalFullHtmlSupportedEnabled is set to true.

• #​8663 3dfea16 Thanks @​ematipico! - Added support for Cursor files. When Biome sees a Cursor JSON file, it will parse it with comments enabled and trailing commas enabled:

  • $PROJECT/.cursor/
  • %APPDATA%\Cursor\User\ on Windows
  • ~/Library/Application Support/Cursor/User/ on macOS
  • ~/.config/Cursor/User/ on Linux

• #​8723 fe2c642 Thanks @​cbstns! - Added JSON as a target language for GritQL pattern matching. You can now write Grit plugins for JSON files.

  This enables users to write GritQL patterns that match against JSON files, useful for:

  • Searching and transforming JSON configuration files
  • Enforcing patterns in package.json and other JSON configs
  • Writing custom lint rules for JSON using GritQL

  Example patterns:

  Match all key-value pairs:

  language json
  
  pair(key = $k, value = $v)
  

  Match objects with specific structure:

  language json
  
  JsonObjectValue()
  

  Supports both native Biome AST names (JsonMember, JsonObjectValue) and TreeSitter-compatible names (pair, object, array) for compatibility with existing Grit patterns.

  For more details, see the GritQL documentation.

• #​8814 4d9c676 Thanks @​Netail! - Added ignore option to noUnknownProperty. If an unknown property name matches any of the items provided in ignore, a diagnostic won't be emitted.

• #​8631 4d8f19d Thanks @​Netail! - Add a new reporter --reporter=sarif, that emits diagnostics using the SARIF format.

• #​8270 4f7909d Thanks @​lucasweng! - Added the useIframeTitle lint rule for HTML. The rule enforces the usage of the title attribute for the iframe element.

  Invalid:

  <iframe></iframe> <iframe title=""></iframe>

  Valid:

  <iframe title="title"></iframe>

• #​8164 1d25856 Thanks @​ematipico! - Added a new assist action useSortedInterfaceMembers that sorts TypeScript interface members, for readability.

  It includes an autofix.

  Invalid example.

  interface MixedMembers {
    z: string;
    a: number;
    (): void;
    y: boolean;
  }

  Valid example (after using the assist).

  interface MixedMembers {
    a: number;
    y: boolean;
    z: string;
    (): void;
  }

• #​8647 4c7c06f Thanks @​siketyan! - It's now possible to provide the stacktrace for a fatal error. The stacktrace is only available when the environment variable RUST_BACKTRACE=1 is set, either via the CLI or exported $PATH. This is useful when providing detailed information for debugging purposes:

  RUST_BACKTRACE=1 biome lint

• #​7961 a04c8df Thanks @​siketyan! - The Biome Language Server now reports progress while scanning files and dependencies in the project.

• #​8289 a9025d4 Thanks @​theshadow27! - Fixed #​8024. The rule useIterableCallbackReturn now supports a checkForEach option. When set to false, the rule will skip checking for forEach() callbacks for returning values.

• #​8690 e06e5d1 Thanks @​ematipico! - Added the rule useValidLang to the HTML language.

• #​7847 e90b14f Thanks @​Jagget! - Added support for jsxFactory and jsxFragmentFactory.Biome now respects jsxFactory and jsxFragmentFactory settings from tsconfig.json when using the classic JSX runtime, preventing false positive noUnusedImports errors for custom JSX libraries like Preact.

  // tsconfig.json
  {
    compilerOptions: {
      jsx: "react",
      jsxFactory: "h",
      jsxFragmentFactory: "Fragment",
    },
  }

  // Component.jsx
  import { h, Fragment } from "preact";
  
  function App() {
    return <div>Hello</div>;
  }

• #​8071 7f5bcf4 Thanks @​ematipico! - Added new CLI options to the commands lsp-proxy and start that allow to control the Biome file watcher.

--watcher-kind

Controls how the Biome file watcher should behave. By default, Biome chooses the best watcher strategy for the
current OS, however sometimes this could result in some issues, such as folders locked.

The option accepts the current values:

• recommended: the default option, which chooses the best watcher for the current platform.
• polling: uses the polling strategy.
• none: it doesn't enable the watcher. When the watcher is disabled, changes to files aren't recorded anymore by Biome. This might have
  repercussions on some lint rules that might rely on updated types or updated paths.

The environment variable BIOME_WATCHER_KIND can be used as alias.

--watcher-polling-interval

The polling interval in milliseconds. This is only applicable when using the polling watcher. It defaults to 2000 milliseconds.

The environment variable BIOME_WATCHER_POLLING_INTERVAL can be used as alias.

• #​8262 4186b83 Thanks @​lucasweng! - Added the useHtmlLang lint rule for HTML. The rule enforces that the html element has a lang attribute.

  Invalid:

  <html></html>
  <html lang></html>
  <html lang=""></html>

  Valid:

  <html lang="en"></html>

• #​8376 1a9334c Thanks @​siketyan! - Added support for formatting and linting embedded GraphQL snippets in JavaScript.

  For example, the following snippets are now formatted:

  import gql from "graphql-tag";
  
  const PeopleCountQuery = gql`
    query PeopleCount {
      allPeople {
        totalCount
      }
    }
  `;

  import { graphql } from "./graphql";
  
  const PeopleCountQuery = graphql(`
    query PeopleCount {
      allPeople {
        totalCount
      }
    }
  `);

  This feature is experimental and must be enabled explicitly in the configuration:

  {
    "javascript": {
      "experimentalEmbeddedSnippetsEnabled": true
    }
  }

• #​7799 54682aa Thanks @​PaulRBerg! - Added groupByNesting option to the useSortedKeys assist. When enabled, object keys are grouped by their value's nesting depth before sorting alphabetically.

  Simple values (primitives, single-line arrays, and single-line objects) are sorted first, followed by nested values (multi-line arrays and multi-line objects).

Example

To enable this option, configure it in your biome.json:

{
  "linter": {
    "rules": {
      "source": {
        "useSortedKeys": {
          "options": {
            "groupByNesting": true
          }
        }
      }
    }
  }
}

With this option, the following unsorted object:

const object = {
  name: "Sample",
  details: {
    description: "nested",
  },
  id: 123,
};

Will be sorted as:

const object = {
  id: 123,
  name: "Sample",
  details: {
    description: "nested",
  },
};

• #​8641 1dc8dc2 Thanks @​tt-a1i! - Added the noAutofocus lint rule for HTML. This rule enforces that the autofocus attribute is not used on elements, as it can cause usability issues for sighted and non-sighted users. The rule allows autofocus inside dialog elements or elements with the popover attribute, as these are modal contexts where autofocus is expected.

• #​8501 8eb3f19 Thanks @​tt-a1i! - Added noPositiveTabindex to HTML. This rule prevents the usage of positive integers on the tabindex attribute, which can disrupt natural keyboard navigation order.

• #​8661 b36ff03 Thanks @​tt-a1i! - Added the useAltText lint rule for HTML. This rule enforces that elements requiring alternative text (<img>, <area>, <input type="image">, <object>) provide meaningful information for screen reader users via alt, title (for objects), aria-label, or aria-labelledby attributes. Elements with aria-hidden="true" are exempt.

• #​7749 1c59333 Thanks @​andogq! - Implements #​1984. Updated useHookAtTopLevel to better catch invalid hook usage.

  This rule is now capable of finding invalid hook usage in more locations. A diagnostic will now be generated if:

  • A hook is used at the module level (top of the file, outside any function).
  • A hook is used within a function or method which is not a hook or component, unless it is a function expression (such as arrow functions commonly used in tests).

  Invalid:

  // Invalid: hooks cannot be called at the module level.
  useHook();

  // Invalid: hooks must be called from another hook or component.
  function notAHook() {
    useHook();
  }

  Valid:

  // Valid: hooks may be called from function expressions, such as in tests.
  test("my hook", () => {
    renderHook(() => useHook());
  
    renderHook(function () {
      return useHook();
    });
  });

• #​8307 789b0e7 Thanks @​mehm8128! - Added the useValidAriaRole lint rule for HTML. The rule enforces that elements with ARIA roles must use a valid, non-abstract ARIA role.

• #​8814 4d9c676 Thanks @​Netail! - Added ignore option to noUnknownFunction. If an unknown function name matches any of the items provided in ignore, a diagnostic won't be emitted.

• #​8814 4d9c676 Thanks @​Netail! - Added ignore option to noUnknownPseudoClass. If an unknown pseudo-class name matches any of the items provided in ignore, a diagnostic won't be emitted.

• #​8623 dc1f94e Thanks @​mldangelo! - Added the noDuplicateClasses assist action to detect and remove duplicate CSS classes.

  For JSX files: Supports class, className attributes and utility functions like clsx, cn, cva.

  For HTML files: Checks class attributes. This is the first assist action for HTML.

  // Before
  <div class="flex p-4 flex" />;
  
  // After
  <div class="flex p-4" />;

• #​8399 ab88099 Thanks @​ematipico! - Improved the CSS parser for CSS modules. Biome now automatically enables CSS modules parsing for *.module.css files.

  If your codebase has only *.module.css files, you can remove the parser feature as follows, because now Biome does it for you:

  {
    "css": {
      "parser": {
  -      "cssModules": true
      }
    }
  }

• #​8399 ab88099 Thanks @​ematipico! - Added support for parsing :global and :local inside .astro, .svelte and .vue files, in <style> portion of the file.

  This capability is only available when experimentalFullHtmlSupportedEnabled is set to true.

• #​9011 e014336 Thanks @​ematipico! - Promoted 21 nursery rules to stable groups.

Correctness

Promoted the following rules to the correctness group:

• noUnresolvedImports. The rule reports imports that cannot be resolved.
  The default rule severity is set to error.
• noVueReservedProps. The rule reports Vue reserved props usage.
  The default rule severity is set to error.
• noVueReservedKeys. The rule reports Vue reserved keys usage.
  The default rule severity is set to error.
• noVueDataObjectDeclaration. The rule reports Vue 2 data declared as an object instead of a function.
  The default rule severity is set to warn.
• noNextAsyncClientComponent. The rule reports async Next.js client components.
  The default rule severity is set to warn.
• noVueDuplicateKeys. The rule reports duplicate keys in Vue component options.
  The default rule severity is set to error.
• noVueSetupPropsReactivityLoss. The rule reports destructuring of props in Vue 3 setup which causes reactivity loss.
  The default rule severity is set to error.
• useQwikMethodUsage. The rule enforces correct Qwik framework method usage.
  The default rule severity is set to error.
• useQwikValidLexicalScope. The rule enforces valid lexical scope in Qwik framework.
  The default rule severity is set to error.

Suspicious

Promoted the following rules to the suspicious group:

• noImportCycles. The rule reports circular imports.
  The default rule severity is set to warn.
• noDeprecatedImports. The rule reports imports of deprecated symbols.
  The default rule severity is set to warn.
• noReactForwardRef. The rule reports usage of React.forwardRef.
  The default rule severity is set to warn.
• noUnusedExpressions. The rule reports expressions that are never used.
  The default rule severity is set to warn.
• noEmptySource. The rule reports empty source files.
  The default rule severity is set to warn.
• useDeprecatedDate. The rule enforces use of GraphQL @deprecated directive with date.
  The default rule severity is set to warn.
• noDuplicateDependencies. The rule reports duplicate dependencies in package.json.
  The default rule severity is set to warn.

Complexity

Promoted the following rules to the complexity group:

• noUselessUndefined. The rule reports useless undefined initialization and returns.
  The default rule severity is set to info.
• useMaxParams. The rule enforces a maximum number of function parameters.
  The default rule severity is set to warn.
• noUselessCatchBinding. The rule reports useless catch binding parameters.
  The default rule severity is set to info.

Style

Promoted the following rules to the style group:

• useConsistentArrowReturn. The rule enforces consistent return in arrow functions.
  The default rule severity is set to info.

• noJsxLiterals. The rule reports literal strings in JSX.
  The default rule severity is set to info.

• #​8695 d8f0309 Thanks @​ematipico! - Added support for the top-level suppression comment biome-ignore-all format: <explanation>.

  When the comment biome-ignore-all format: <explanation> is placed at the beginning of the document, Biome won't format the code.

  The feature works for all supported languages. In the following JavaScript snippet, the code isn't formatted and will stay as is.

  // biome-ignore-all format: generated
  
  const a = [];
  
  const a = [];
  
  const a = [];

• #​8255 da85e3c Thanks @​ryan-m-walker! - Added support for the typed attr function. Addresses issue #​6183.

  Example

  .btn {
    width: attr(data-size type(<length> | <percentage>), 0px);
  }

• #​8165 e0b3f62 Thanks @​lucasweng! - Added the noAccessKey lint rule for HTML. The rule enforces that the accesskey attribute is not used on any HTML element, as it can conflict with keyboard commands used by screen readers and keyboard-only users.

  Invalid:

  <input type="submit" accesskey="s" value="Submit" />
  <a href="https://webaim.org/" accesskey="w">WebAIM.org</a>
  <button accesskey="n">Next</button>

  Valid:

  <input type="submit" value="Submit" />
  <a href="https://webaim.org/">WebAIM.org</a>
  <button>Next</button>

• #​8278 7207eff Thanks @​ematipico! - Added a feature that allows editors to inject a Biome configuration to the Biome Language Server without affecting the configuration of the project.

  If you have a Biome extension that is compatible with your preferred LSP-ready editor, you can map inlineConfig. The configuration will be merged with the configuration of the project (or the default configuration):

  For example, with the Zed editor, you would have the following configuration, which will format all files using four spaces as indentation style:

  // .zed/settings.json
  {
    lsp: {
      biome: {
        settings: {
          inline_config: {
            formatter: {
              indentStyle: "space",
              indentWidth: 4,
            },
          },
        },
      },
    },
  }

• #​8368 8aa5f5b Thanks @​Bertie690! - Added 2 options from typescript-eslint (ignoreDifferentlyNamedParameters and ignoreDifferentJsDoc) to useUnifiedTypeSignatures.

  Each option makes the rule ignore overload signatures whose parameter names or JSDoc comments differ.

Examples

Valid code with ignoreDifferentlyNamedParameters set to true:

function cook(scoops: IceCreamScoop[]): void;
function cook(cakeType: string): void;

Valid code with ignoreDifferentJsDoc set to true:

/** Does objs have "cow" inside it? */
function hasCow(objs: string[]): boolean;
/** @​deprecated - convert to array */
function hasCow(objs: string): boolean;

• #​8562 361350e Thanks @​dyc3! - Added the rule profiler behind the --profile-rules cli flag. You can now see a report of which lint rules took the longest to execute.

• #​8234 e2e6e66 Thanks @​ongyuxing! - Updated the CSS properties ordering to align with stylelint-config-recess-order v7.4.0.

  It adds support for:

  • Containment properties
  • Font synthesis properties
  • Ruby properties
  • Color adjustment properties
  • View transitions properties
  • Shapes properties
  • Motion path properties
  • etc.

  For the complete list of changes, see: stormwarning/stylelint-config-recess-order@v6.0.0...v7.4.0.

• #​8814 4d9c676 Thanks @​Netail! - Added ignore option to noUnknownPseudoElement. If an unknown pseudo-element name matches any of the items provided in ignore, a diagnostic won't be emitted.

• #​8663 3dfea16 Thanks @​ematipico! - Added the ability to load the configuration from new known paths. Biome now attempts to load the configuration files
  from the following locations:

  • $XDG_CONFIG_HOME or $HOME/.config/biome on Linux
  • /Users/$USER/Library/Application Support/biome on macOS
  • C:\Users\$USER\AppData\Roaming\biome\config on Windows

  The priority how Biome will attempt to load the configuration files is the following:

  1. project folder (working directory)
  2. parent folders
  3. config home
     1. $XDG_CONFIG_HOME or $HOME/.config/biome on Linux
     2. /Users/$USER/Library/Application Support/biome on macOS
     3. C:\Users\$USER\AppData\Roaming\biome\config on Windows

• #​7973 bc0e8b4 Thanks @​siketyan! - Added support for formatting and linting embedded CSS snippets in JavaScript.

  For example, the following snippets are now formatted and linted:

  import styled from "styled-components";
  
  const Foo = styled.div`
    display: flex;
    color: red;
  `;

  import styled from "@​emotion/styled";
  
  const Foo = styled(Box)`
    display: flex;
    color: red;
  `;

  import { css } from "@​emotion/react";
  
  const style = css`
    display: flex;
    color: red;
  `;

  However, snippets with interpolations are not supported yet. For example, the following snippet isn't formatted:

  import styled from "@​emotion/styled";
  
  const Foo = styled.div<{ color: string }>`
    display: flex;
    color: ${(props) => props.color};
  `;

  This feature is experimental and must be enabled explicitly in the configuration:

  {
    "javascript": {
      "experimentalEmbeddedSnippetsEnabled": true
    }
  }

• #​8381 50c3513 Thanks @​mehm8128! - Added the useAriaPropsForRole lint rule for HTML. The rule enforces that elements with ARIA roles must have all required ARIA attributes for that role.

• #​7762 5901d79 Thanks @​dyc3! - Added the extensionMappings option to useImportExtensions. This allows users to specify custom file extensions for different module types.

  For example, if you want to ban all .ts imports in favor of .js imports, you can now do so with this option:

  {
    "options": {
      "extensionMappings": {
        "ts": "js"
      }
    }
  }

• #​8532 01bccc8 Thanks @​jonaylor89! - Added --only and --skip options to biome check and biome ci, covering both lint diagnostics and assist actions. Biome now lets you run or exclude specific lint rules, assist actions, group or rules and actions, or domains when running these commands.

  Examples:

  biome check --only=suspicious/noDebugger src/**/*.js
  biome ci --skip=project src/**

• #​8666 7733f90 Thanks @​ematipico! - Added the rule noRedundantAlt to HTML. The rule enforces that the img element alt attribute does not contain the words “image”, “picture”, or “photo”.

• #​8287 a248e88 Thanks @​mehm8128! - Added the noDistractingElements lint rule for HTML. The rule enforces that no distracting elements like <marquee> or <blink> are used.

• #​8564 adcce82 Thanks @​ematipico! - Added the new linter domain types. This is a domain that enables all rules that require the type inference engine.

  As opposed to the project domain, which only enables rules that require the module graph to function.

  The following nursery rules have been moved to the types domain:

  • useArraySortCompare
  • useAwaitThenable
  • useFind
  • useRegexpExec
  • noUnnecessaryConditions
  • noMisusedPromises
  • noFloatingPromises

• #​8556 47a79f1 Thanks @​mehm8128! - Added two new behaviors to the noSvgWithoutTitle rule.

  • Support for graphics-document and graphics-symbol roles.
  • Support for multiple role specifications.

• #​8663 3dfea16 Thanks @​ematipico! - Added the ability to load the hidden files .biome.json and .biome.jsonc. This is the order how Biome will attempt the configuration file is:

  1. biome.json
  2. biome.jsonc
  3. .biome.json
  4. .biome.jsonc

• #​8334 ae8ac8e Thanks @​ematipico! - Added the formatter option trailingNewline.

  When set to false, the formatter will remove the trailing newline at the end of formatted files. The default value is true, which preserves the current behavior of adding a trailing newline.

  This option is available globally and for each language-specific formatter configuration:

  {
    "formatter": {
      "trailingNewline": false
    },
    "javascript": {
      "formatter": {
        "trailingNewline": true
      }
    }
  }

  The following CLI flags have been added. They accept true or false as value:

  • --formatter-trailing-newline
  • --javascript-formatter-trailing-newline
  • --json-formatter-trailing-newline
  • --graphql-formatter-trailing-newline
  • --css-formatter-trailing-newline
  • --html-formatter-trailing-newline

• #​8854 1469968 Thanks @​ematipico! - Formatting is now applied when applying safe/unsafe fixes via biome check.

• #​8642 46f33a7 Thanks @​ematipico! - Improved the rule noUnusedVariables in Svelte files, by correctly detecting variables defined in the JavaScript blocks, and used inside the templates.

• #​8839 79b38aa Thanks @​ryan-m-walker! - Added support for parsing and formatting the CSS @function at-rule from the CSS Mixins Module Level 1 specification. Addresses issue #​8184.

  @&#8203;function --transparent(--color <color>, --alpha <number>: 0.5) returns
    <color> {
    result: oklch(from var(--color) l c h / var(--alpha));
  }

• #​8412 73f4f53 Thanks @​mehm8128! - Added the noSvgWithoutTitle lint rule to HTML. The rule enforces the usage of the title element for the svg element.

• #​8243 4291ff3 Thanks @​ashnewmanjones! - Added the useButtonType lint rule for HTML. The rule enforces that the type attribute is present and valid on all button e

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.