Update all dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@aws-sdk/client-s3 (source)	3.1045.0 → 3.1075.0			devDependencies	minor
@aws-sdk/credential-provider-ini (source)	3.972.38 → 3.972.56			devDependencies	patch
@biomejs/biome (source)	2.4.14 → 2.5.1			devDependencies	minor
@biomejs/biome (source)	2.4.14 → 2.5.1				minor
@flakiness/playwright	1.8.0 → 1.16.0			devDependencies	minor
@playwright/test (source)	1.59.1 → 1.61.1			devDependencies	minor
@types/node (source)	24.12.3 → 24.13.2			devDependencies	minor
actions/checkout	v6 → v7			action	major
allure	3.7.0 → 3.13.1			devDependencies	minor
allure-framework/allure-action	v0.6.6 → v0.8.0			action	minor
allure-js-commons (source)	3.7.2 → 3.10.1			devDependencies	minor
allure-playwright (source)	3.7.2 → 3.10.1			devDependencies	minor
axios (source)	1.16.0 → 1.18.1			devDependencies	minor
lint-staged	17.0.2 → 17.0.8			devDependencies	patch
mailinator-client	1.1.0 → 1.1.1			devDependencies	patch
mcr.microsoft.com/playwright	v1.59.1 → v1.61.1			container	minor
mysql2 (source)	3.22.3 → 3.22.5			devDependencies	patch
pnpm (source)	11.0.8 → 11.9.0			packageManager	minor
stripe	22.1.1 → 22.3.0			devDependencies	minor

---

Release Notes

aws/aws-sdk-js-v3 (@​aws-sdk/client-s3)

v3.1075.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1074.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1073.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1072.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1071.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1070.0

Compare Source

Features

• client-s3: Added support for annotations. You can now attach up to 1000 annotations (up to 1 MB each) directly to objects and create, retrieve, list, and delete them using new annotation APIs. Also added support for configuring an annotation table in S3 Metadata. (c555874)

v3.1069.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1068.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1067.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1066.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1065.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1064.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1063.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1062.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1061.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1060.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1059.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1058.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1057.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1056.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1055.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1054.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1053.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1052.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1051.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1050.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1049.0

Compare Source

Bug Fixes

• client-sts: update imports to new module locations (#​8025) (be183b6)

v3.1048.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1047.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

v3.1046.0

Compare Source

Note: Version bump only for package @​aws-sdk/client-s3

aws/aws-sdk-js-v3 (@​aws-sdk/credential-provider-ini)

v3.972.56

Chores

• credential-provider-ini: update dependencies.

v3.972.55

Chores

• credential-provider-ini: update dependencies.

v3.972.54

Chores

• scripts: apply esm-to-cjs transform to rollup bundles (#​8103) (9675991)
• scripts: tuning the build graph (#​8095) (67981c5)

v3.972.53

Chores

• credential-provider-ini: update dependencies.

v3.972.52

Chores

• credential-provider-ini: update dependencies.

v3.972.51

Chores

• scripts: update pkg json linting (#​8082) (86792c5)

v3.972.50

Chores

• update author URL in package.json (#​8080) (9bd1a86)

v3.972.49

Chores

• credential-provider-ini: update dependencies.

v3.972.48

Chores

• credential-provider-ini: update dependencies.

v3.972.47

Chores

• codegen: sync for adaptive retry fix, EAI_AGAIN transient error (#​8067) (6b082a6)

v3.972.46

Chores

• codegen: smithy-aws-typescript-codegen 0.50.0 (#​8056) (050bee1)

v3.972.45

Chores

• codegen: sync for cyclic file dependency fixes (#​8051) (7ae617c)

v3.972.44

Chores

• credential-provider-ini: update dependencies.

v3.972.43

Chores

• codegen: update @​smithy dependencies (#​8038) (0d6242d)

v3.972.42

Chores

• credential-provider-ini: update dependencies.

v3.972.41

Chores

• codegen: sync for browser bundle fixes (#​8022) (eabae7d)

v3.972.40

Chores

• credential-provider-ini: update dependencies.

v3.972.39

Chores

• codegen: dependency version bump (#​8008) (9ce20f6)
• update smithy/core imports (#​7979) (acffbf9)

biomejs/biome (@​biomejs/biome)

v2.5.1

Compare Source

Patch Changes

• #​10722 f8a303d Thanks @​denbezrukov! - Fixed CSS formatter output for comments between import media queries.

  -@​import url("print.css") print,
  -/* comment */
  -screen;
  +@​import url("print.css") print, /* comment */ screen;

• #​10738 9fdc560 Thanks @​JamBalaya56562! - Fixed #​9899: the json and json-pretty reporters now escape backslashes in a diagnostic's location.path. Previously, paths containing backslashes (such as Windows-style paths) were emitted unescaped, producing invalid JSON.

  -    "path": "src\account\setup-passkey.tsx",
  +    "path": "src\\account\\setup-passkey.tsx",

• #​10626 5f837df Thanks @​tom-groves! - Fixed #​10625: biome migrate no longer emits an invalid trailing comma when a renamed rule (such as noConsoleLog → noConsole) is the last member of its rule group. Previously this produced malformed output that aborted the migration of a strict-JSON biome.json with a parsing error.

• #​10535 c245f9d Thanks @​Mokto! - Fixed a false positive in noUnusedVariables for Svelte files where variables referenced inside {@​html expr} blocks were incorrectly reported as unused.

• #​10668 a0f197e Thanks @​Netail! - The biome init command has been updated to include a more up-to-date URL to the first-party extensions page.

• #​10667 d8c3e87 Thanks @​Netail! - Fixed #​10664: useErrorCause now correctly detects a shorthand property.

• #​10696 ef2373f Thanks @​ematipico! - Fixed #​9566. Improved how the Biome Language Server loads multiple configuration files inside a workspace.

• #​10705 4ccb410 Thanks @​ematipico! - Fixed #​10652. Biome plugins are now properly filtered when using --only and --skip flags.

• #​10669 aa0a6eb Thanks @​Netail! - Fixed #​10651: useInlineScriptId now correctly trims trivia to detect if an id attribute has been set.

• #​10689 844b1be Thanks @​ematipico! - Fixed #​10658. The issue was caused by the "Go-to definition" editor feature, which was enabled by default. The feature is now disabled by default. To work, the feature triggers the scanner to build the module graph. This caused memory leak issues in cases where Biome starts in the home directory to modify files.

  If you relied on this new feature, you must now turn on using the [editor settings] of the extension e.g. Zed and VSCode.

• #​10695 043fbb5 Thanks @​ematipico! - Fixed #​10674. Biome now throws an error when the field level is missing from a rule option.

• #​10712 5941df2 Thanks @​Conaclos! - Improved the diagnostic and the documentation of useFlatMap.

• #​10615 23814f1 Thanks @​qwertycxz! - Improved the DX the JSON schema when it's used by certain code editors like VSCode.

• #​10688 ec69489 Thanks @​ematipico! - Fixed a bug where the Biome Daemon did not correctly shut down when the editor was closed during an in-progress operation, especially while scanning.

• #​10701 6c2e0d7 Thanks @​ematipico! - Fixed #​10694. The Biome Language Server no longer prints an error when the user hovers a variable imported from node_modules.

• #​10681 888515b Thanks @​Conaclos! - Fixed useExportType that reported useless details in some diagnostics.

• #​10220 3694a13 Thanks @​theBGuy! - Fixed useAnchorContent false positive for <a> elements used as render prop values (e.g. render={<a href="..." />}), a pattern where the receiving component renders its children inside the anchor element.

• #​10702 98823fb Thanks @​ematipico! - Fixed #​10612. The Biome parser now correctly parses processing instructions. The following SVG doesn't throw errors anymore:

  <?xml version="1.0" encoding="UTF-8" ?>
  
  <svg></svg>

v2.5.0

Compare Source

Minor Changes

• #​9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #​9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #​9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #​9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

  /* styles.css — .ghost is never used in any importing file */
  .button {
    color: blue;
  }
  .ghost {
    color: red;
  }

  /* App.jsx */
  import "./styles.css";
  export default () => <div className="button" />;

• #​9546 6567efa Thanks @​nhedger! - Added a biome upgrade command for standalone installations. It upgrades Homebrew installs with brew upgrade biome, updates manually installed binaries from the latest GitHub release, and tells npm users to upgrade with their package manager instead.

• #​9716 701767a Thanks @​faizkhairi! - Added the HTML version of the useHeadingContent rule. The rule now enforces that heading elements (h1-h6) have content accessible to screen readers in HTML, Vue, Svelte, and Astro files.

  <!-- Invalid: empty heading -->
  <h1></h1>
  
  <!-- Invalid: heading hidden from screen readers -->
  <h1 aria-hidden="true">invisible content</h1>
  
  <!-- Valid: heading with text content -->
  <h1>heading</h1>
  
  <!-- Valid: heading with accessible name -->
  <h1 aria-label="Screen reader content"></h1>

• #​9582 f437ef8 Thanks @​rahuld109! - Added the HTML version of the useKeyWithMouseEvents rule. The rule now enforces that onmouseover is accompanied by onfocus and onmouseout is accompanied by onblur in HTML, Vue, Svelte, and Astro files.

  <!-- Invalid: onmouseover without onfocus -->
  <div onmouseover="handleMouseOver()"></div>
  
  <!-- Valid: onmouseover paired with onfocus -->
  <div onmouseover="handleMouseOver()" onfocus="handleFocus()"></div>

• #​9275 1fdbcee Thanks @​ff1451! - Added the new assist action useSortedTypeFields, which sorts the fields of GraphQL object types, interface types and input object types alphabetically, e.g. name, age, id becomes age, id, name.

• #​10561 78075b7 Thanks @​Conaclos! - Added a new style option to useExportType,
  which enforces a style for exporting types.
  This is the same option as the one provided by useImportType.

• #​8987 d16e32b Thanks @​DerTimonius! - Ported the useValidAnchor rule to HTML. This rule enforces that all anchors are valid and that they are navigable elements.

• #​9533 4d251d4 Thanks @​ematipico! - The init command now prints the Biome logo.

• #​10069 0eb9310 Thanks @​Netail! - Added the HTML lint rule noStaticElementInteractions, which enforces that static, visible elements (such as <div>) that have click handlers use the valid role attribute.

  Invalid:

  <div onclick="myFunction()"></div>

• #​9134 2a43488 Thanks @​ematipico! - Added the assist action useSortedPackageJson.

  This action organizes package.json fields according to the same conventions as the popular sort-package-json tool.

• #​9309 7daa18b Thanks @​Bertie690! - The allowDoubleNegation option has been added to noImplicitCoercions to allow ignoring double negations inside code.

  With the option enabled, the following example is considered valid and is ignored by the rule:

  const truthy = !!value;

• #​9700 894f3fb Thanks @​ematipico! - The Biome Language server now supports the "go-to definition" feature.

  When the cursor of the mouse is hovering an entity (variable, CSS class, type, etc.), and the command CTRL + click is triggered, the editor jumps to where this entity is defined, if the language server can find it.

  Here's what Biome is able to resolve:

  • Variables and types used in JavaScript modules, defined in the same file or imported from another module.
  • JSX Components used in JavaScript modules, defined in the same file or imported from another module.
  • CSS classes used in JSX and HTML-ish files (Vue, Svelte and Astro), and defined in CSS files.
  • Components used in HTML-ish files and defined in other HTML-ish.
  • Variables used in HTML-ish files and defined in the same file or imported from another module (JavaScript or HTML-ish).

• #​10070 bae0710 Thanks @​Conaclos! - Added the :STYLE: group matcher for organizeImports that matches style imports.

  For example, the following configuration...

  {
    "assist": {
      "actions": {
        "source": {
          "organizeImports": {
            "level": "on",
            "options": {
              "groups": ["**", "!:STYLE:"],
              "sortBareImports": true
            }
          }
        }
      }
    }
  }

  ...places style imports last:

  - import "./style.css"
    import A from "./a.js"
  + import "./style.css"

• #​9170 e3107de Thanks @​mdrobny! - Added bundleDependencies option to NoUndeclaredDependencies rule.

  This rule now supports imports of packages that are defined only in bundleDependencies and bundledDependencies arrays.

• #​9547 01f8473 Thanks @​mujpao! - Added new assist rule useSortedAttributes for HTML, porting the existing JSX rule. This rule enforces sorted HTML attributes.

  Invalid

  <input type="text" id="name" name="name" />

• #​9366 2ca1117 Thanks @​dyc3! - Added the html.parser.vue configuration option. When enabled, it adds support for the parsing of Vue in .html files. Most Vue users don't need to enable this option since Vue files typically use the .vue extension, but it can be useful for projects that embed Vue syntax in regular HTML files.

• #​9073 74b20ee Thanks @​chocky335! - Added support for applying GritQL plugin rewrites as code actions. GritQL plugins that use the rewrite operator (=>) now produce fixable diagnostics for JavaScript, CSS, and JSON files. By default, plugin rewrites are treated as unsafe fixes and require --write --unsafe to apply. Plugin authors can pass fix_kind = "safe" to register_diagnostic() to mark a fix as safe, allowing it to be applied with just --write.

  Example plugin (useConsoleInfo.grit):

  language js
  
  `console.log($msg)` as $call where {
      register_diagnostic(span = $call, message = "Use console.info instead of console.log.", severity = "warn", fix_kind = "safe"),
      $call => `console.info($msg)`
  }
  

  Running biome check --write applies safe rewrites. Unsafe rewrites (the default, or fix_kind = "unsafe") still require --write --unsafe.

• #​9384 f4c9edc Thanks @​Conaclos! - Added the sortBareImports option to organizeImports,
  which allows bare imports to be sorted within other imports when set to false.

  {
    "assist": {
      "actions": {
        "source": {
          "organizeImports": {
            "level": "on",
            "options": { "sortBareImports": true }
          }
        }
      }
    }
  }

  - import "b";
    import "a";
  + import "b";
    import { A } from "a";
  + import "./file";
    import { Local } from "./file";
  - import "./file";

• #​8731 e7872bf Thanks @​siketyan! - Added the watch mode (--watch) to the CLI for check/format/lint commands. By enabling this option, Biome will re-run the check automatically when any file in the workspace has changed after the first run.

• #​10106 9b35f78 Thanks @​ematipico! - Biome can now format and lint .svg files.

• #​9967 e9b6c17 Thanks @​dyc3! - Added HTML support for noExcessiveLinesPerFile. Biome now reports HTML files that exceed the configured line limit, including when skipBlankLines is enabled.

• #​9491 b3eb63c Thanks @​IxxyDev! - Added the HTML lint rule noAriaUnsupportedElements. This rule enforces that elements that do not support ARIA roles, states, and properties (meta, html, script, style) do not have role or aria-* attributes.

  <!-- Invalid: meta does not support aria attributes -->
  <meta charset="UTF-8" role="meta" />

• #​9306 afd57a6 Thanks @​viraxslot! - Added the noNoninteractiveTabindex lint rule for HTML. This rule enforces that tabindex is not used on non-interactive elements, as it can cause usability issues for keyboard users.

  <div tabindex="0">Invalid: non-interactive element</div>
  `

• #​9276 6d041d9 Thanks @​IxxyDev! - Added the HTML lint rule noRedundantRoles. This rule enforces that explicit role attributes are not the same as the implicit/default role of an HTML element. It supports HTML, Vue, Svelte, and Astro files.

  <!-- Invalid: role="button" is redundant on <button> -->
  <button role="button"></button>

• #​9813 69aadc2 Thanks @​ematipico! - Added a new linter configuration called preset. With the new option, users can enable different kinds of rules at once.

  The following presets are available:

  • "recommended": it enables all Biome-recommended rules, or recommended rules of a group;
  • "all": it enables all Biome rules, or enables all rules of a group;
  • "none": it disables all Biome rules, or disable all rules of a group.

  You can enable recommended rules:

  {
    "linter": {
      "rules": {
        "preset": "recommended"
      }
    }
  }

  You can enable all rules at once:

  {
    linter: {
      rules: {
        preset: "all", // enables all rules
      },
    },
  }

  Or enable all rules for a group:

  {
    linter: {
      rules: {
        style: {
          preset: "all", // enables all rules in the style group
        },
      },
    },
  }

  This new option, however, doesn't affect how nursery rules work. Nursery rules must be enabled singularly, due to their nature.

  This new option is meant to replace recommended, so make sure to run the migrate command.

• #​10022 3422d71 Thanks @​Netail! - Added the HTML lint rule noNoninteractiveElementToInteractiveRole, which enforces that interactive ARIA roles are not assigned to non-interactive HTML elements.

  Invalid:

  <h1 role="checkbox"></h1>

• #​8396 13785fc Thanks @​apple-yagi! - Biome now supports pnpm catalogs (default and named) when resolving dependencies for linting. This behavior is opt-in and requires setting javascript.resolver.experimentalPnpmCatalogs to true.

• #​10028 1009414 Thanks @​Netail! - Added the HTML lint rule noInteractiveElementToNoninteractiveRole, which enforces that non-interactive ARIA roles are not assigned to interactive HTML elements.

  Invalid:

  <input role="img" />

• #​9853 816302f Thanks @​Netail! - Added the new assist action useSortedSelectionSet, which sorts GraphQL selection sets alphabetically, e.g. name, age, id becomes age, id, name.

  Invalid:

  query {
    name
    age
    id
  }

• #​10074 9c7c6eb Thanks @​georgephillips! - Added a kind field to the ImportMatcher used by the organizeImports assist action. The new field selects imports by their syntactic kind and currently supports bare (matching side-effect imports such as import "polyfill") with optional ! negation (!bare). The matcher composes with the existing type and source fields, so users can express patterns such as "only bare imports that import a CSS file" ({ "kind": "bare", "source": "**/*.css" }).

  For example, with the following configuration:

  {
    "assist": {
      "actions": {
        "source": {
          "organizeImports": {
            "level": "on",
            "options": {
              "sortBareImports": true,
              "groups": [
                { "kind": "!bare" },
                ":BLANK_LINE:",
                { "kind": "bare" }
              ]
            }
          }
        }
      }
    }
  }

  ...the following code:

  import "./register-my-component";
  import { render } from "react-dom";
  import "./polyfill";
  import { Button } from "@​/components/Button";

  ...is organized as:

  import { render } from "react-dom";
  import { Button } from "@​/components/Button";
  
  import "./polyfill";
  import "./register-my-component";

• #​9171 ce65710 Thanks @​chocky335! - Added includes option for plugin file scoping. Plugins can now be configured with glob patterns to restrict which files they run on. Use negated globs for exclusions.

  {
    "plugins": [
      "global-plugin.grit",
      {
        "path": "scoped-plugin.grit",
        "includes": ["src/**/*.ts", "!**/*.test.ts"]
      }
    ]
  }

• [#​9617](https://redirect

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "monthly"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Allure Report Summary

	Name	Duration	Stats	New	Flaky	Retry	Report
	Allure Report – Pull request #165	496ms	1	3	0	0