Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

chore(deps)(deps-dev): bump the dev-dependencies group with 3 updates

Closed
Number: #50
Type: Pull Request
State: Closed
Author: dependabot[bot] dependabot[bot]
Association: Unknown
Comments: 2
Created: December 22, 2025 at 06:27 AM UTC
(5 days ago)
Updated: December 22, 2025 at 06:28 AM UTC
(5 days ago)
Closed: December 22, 2025 at 06:28 AM UTC
(5 days ago)
Time to Close: less than a minute
Labels:
automated dependencies minor-update auto-merge
Description:

Bumps the dev-dependencies group with 3 updates: @biomejs/biome, vitest and wrangler.

Updates @biomejs/biome from 2.3.8 to 2.3.10

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.10

2.3.10

Patch Changes

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.10

Patch Changes

2.3.9

Patch Changes

  • #8232 84c9e08 Thanks @​ruidosujeira! - Added the nursery rule noScriptUrl.

    This rule disallows the use of javascript: URLs, which are considered a form of eval and can pose security risks such as XSS vulnerabilities.

    <a href="javascript:alert('XSS')">Click me</a>

  • #8341 343dc4d Thanks @​arendjr! - Added the nursery rule useAwaitThenable, which enforces that await is only used on Promise values.

    Invalid

    await "value";

    const createValue = () => "value";
await createValue();

... (truncated)

Commits

Updates vitest from 4.0.15 to 4.0.16

Release notes

Sourced from vitest's releases.

v4.0.16

   🐞 Bug Fixes

    View changes on GitHub
Commits
  • b46d744 chore: release v4.0.16
  • 84a3062 fix(browser): string formatting bug when including placeholders in console.lo...
  • f7f6aa8 fix: log deprecated test.poolOptions if it's set (#9226)
  • 568513c fix: allow inlining fully dynamic import (#9137)
  • 5d26b87 fix(experimental): export setupEnvironment for custom pools (#9187)
  • f17eb42 refactor: avoid using isFileServingAllowed from Vite (#9160)
  • 78cfbf9 fix: avoid crashing on process.versions stub (#9174)
  • da0ade2 fix: fix browser mode default testTimeout back to 15 seconds (#9167)
  • See full diff in compare view

Updates wrangler from 4.54.0 to 4.56.0

Release notes

Sourced from wrangler's releases.

wrangler@4.56.0

Minor Changes

  • #11196 171cfd9 Thanks @​emily-shen! - For containers being created in a FedRAMP high environment, registry credentials are encrypted by the container platform. Update wrangler to correctly send a request to configure a registry for FedRAMP containers.

  • #11646 472cf72 Thanks @​vovacf201! - feat: add R2 Data Catalog snapshot expiration commands

    Adds new commands to manage automatic snapshot expiration for R2 Data Catalog tables:

    • wrangler r2 bucket catalog snapshot-expiration enable - Enable automatic snapshot expiration
    • wrangler r2 bucket catalog snapshot-expiration disable - Disable automatic snapshot expiration

    Snapshot expiration helps manage storage costs by automatically removing old table snapshots while keeping a minimum number of recent snapshots for recovery purposes.

    Example usage:

    # Enable snapshot expiration for entire catalog (keep 10 snapshots, expire after 5 days)
wrangler r2 bucket catalog snapshot-expiration enable my-bucket --token $R2_CATALOG_TOKEN --max-age 7200 --min-count 10

    Enable for specific table
    

    wrangler r2 bucket catalog snapshot-expiration enable my-bucket my-namespace my-table --token $R2_CATALOG_TOKEN --max-age 2880 --min-count 5
    

    Disable snapshot expiration
    

    wrangler r2 bucket catalog snapshot-expiration disable my-bucket

Patch Changes

  • #11649 428ae9e Thanks @​ascorbic! - fix: respect TypeScript path aliases when resolving non-JS modules with module rules

    When importing non-JavaScript files (like .graphql, .txt, etc.) using TypeScript path aliases defined in tsconfig.json, Wrangler's module-collection plugin now correctly resolves these imports. Previously, path aliases were only respected for JavaScript/TypeScript files, causing imports like import schema from '~lib/schema.graphql' to fail when using module rules.

  • #11647 c0e249e Thanks @​dario-piotrowicz! - The auto-configuration logic present in wrangler setup and wrangler deploy --x-autoconfig cannot reliably handle Hono projects, so in these cases make sure to properly error saying that automatically configuring such projects is not supported.

  • #11694 3853200 Thanks @​dario-piotrowicz! - fix: improve the open-next detection that wrangler deploy performs to eliminate false positives for non open-next projects

  • Updated dependencies [ae1ad22, 737c0f4]:

    • miniflare@4.20251217.0

wrangler@4.55.0

Minor Changes

... (truncated)

Commits
  • 6be9321 Version Packages (#11666)
  • 3853200 fix: improve the open-next detection that wrangler deploy performs to elimi...
  • 171cfd9 Add way to configure image registries without secret store integration for `f...
  • c0e249e Properly error on Hono projects in auto-config (#11647)
  • 472cf72 [R2 Data Catalog] Add wrangler commands for the R2 Data Catalog snaps… (#11646)
  • ae1ad22 chore(deps): bump the workerd-and-workers-types group with 2 updates (#11679)
  • 428ae9e fix: respect TypeScript path aliases when resolving non-JS modules with modul...
  • 8ba87a0 Version Packages (#11602)
  • 90c0676 move patchConfig tests from wrangler to workers-utils, also add wrangler-co...
  • 7d8d4a6 [Wrangler] Add Workflows sendEvent wrangler command (#11590)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
Package Dependencies
Package:
vitest
Ecosystem:
npm
Version Change:
4.0.15 → 4.0.16
Update Type:
Patch
Package:
wrangler
Ecosystem:
npm
Version Change:
4.54.0 → 4.56.0
Update Type:
Minor
Package:
@biomejs/biome
Ecosystem:
npm
Version Change:
2.3.8 → 2.3.10
Update Type:
Patch
Actions
View on GitHub View Repository All Dependabot PRs
Technical Details
ID: 12182416
UUID: 3752499570
Node ID: PR_kwDOQWgqjc66Evb8
Host: GitHub
Repository: aicodingstack/aicodingstack.io