chore(deps): update all non-major dev-dependencies

[renovate]

Note

Mend has cancelled the proposed renaming of the Renovate GitHub app being renamed to mend[bot].

This notice will be removed on 2025-10-07.

---

This PR contains the following updates:

Package	Change	Age	Confidence
@biomejs/biome (source)	^2.2.4 -> ^2.2.5
@iconify-json/material-symbols	^1.2.39 -> ^1.2.40
@iconify-json/material-symbols-light	^1.2.39 -> ^1.2.40
@sveltejs/adapter-auto (source)	6.1.0 -> 6.1.1
@sveltejs/adapter-cloudflare (source)	^7.2.3 -> ^7.2.4
@sveltejs/adapter-node (source)	^5.3.2 -> ^5.3.3
@sveltejs/kit (source)	^2.43.5 -> ^2.43.8
daisyui (source)	^5.1.25 -> ^5.1.27
svelte (source)	^5.39.6 -> ^5.39.8
typescript (source)	^5.9.2 -> ^5.9.3
vite (source)	^7.1.7 -> ^7.1.9
wrangler (source)	^4.40.2 -> ^4.42.0

---

Release Notes

biomejs/biome (@​biomejs/biome)

v2.2.5

Compare Source

Patch Changes

• #​7597 5c3d542 Thanks @​arendjr! - Fixed #​6432: useImportExtensions now works correctly with aliased paths.

• #​7269 f18dac1 Thanks @​CDGardner! - Fixed #​6648, where Biome's noUselessFragments contained inconsistencies with ESLint for fragments only containing text.

  Previously, Biome would report that fragments with only text were unnecessary under the noUselessFragments rule. Further analysis of ESLint's behavior towards these cases revealed that text-only fragments (<>A</a>, <React.Fragment>B</React.Fragment>, <RenamedFragment>B</RenamedFragment>) would not have noUselessFragments emitted for them.

  On the Biome side, instances such as these would emit noUselessFragments, and applying the suggested fix would turn the text content into a proper JS string.

  // Ended up as: - const t = "Text"
  const t = <>Text</>
  
  // Ended up as: - const e = t ? "Option A" : "Option B"
  const e = t ? <>Option A</> : <>Option B</>
  
  /* Ended up as:
    function someFunc() {
      return "Content desired to be a multi-line block of text."
    }
  */
  function someFunc() {
    return <>
      Content desired to be a multi-line
      block of text.
    <>
  }

  The proposed update was to align Biome's reaction to this rule with ESLint's; the aforementioned examples will now be supported from Biome's perspective, thus valid use of fragments.

  // These instances are now valid and won't be called out by noUselessFragments.
  
  const t = <>Text</>
  const e = t ? <>Option A</> : <>Option B</>
  
  function someFunc() {
    return <>
      Content desired to be a multi-line
      block of text.
    <>
  }

• #​7498 002cded Thanks @​siketyan! - Fixed #​6893: The useExhaustiveDependencies rule now correctly adds a dependency that is captured in a shorthand object member. For example:

  useEffect(() => {
    console.log({ firstId, secondId });
  }, []);

  is now correctly fixed to:

  useEffect(() => {
    console.log({ firstId, secondId });
  }, [firstId, secondId]);

• #​7509 1b61631 Thanks @​siketyan! - Added a new lint rule noReactForwardRef, which detects usages of forwardRef that is no longer needed and deprecated in React 19.

  For example:

  export const Component = forwardRef(function Component(props, ref) {
    return <div ref={ref} />;
  });

  will be fixed to:

  export const Component = function Component({ ref, ...props }) {
    return <div ref={ref} />;
  };

  Note that the rule provides an unsafe fix, which may break the code. Don't forget to review the code after applying the fix.

• #​7520 3f06e19 Thanks @​arendjr! - Added new nursery rule noDeprecatedImports to flag imports of deprecated symbols.

Invalid example

// foo.js
import { oldUtility } from "./utils.js";

// utils.js
/**
 * @​deprecated
 */
export function oldUtility() {}

Valid examples

// foo.js
import { newUtility, oldUtility } from "./utils.js";

// utils.js
export function newUtility() {}

// @​deprecated (this is not a JSDoc comment)
export function oldUtility() {}

• #​7457 9637f93 Thanks @​kedevked! - Added style and requireForObjectLiteral options to the lint rule useConsistentArrowReturn.

  This rule enforces a consistent return style for arrow functions. It can be configured with the following options:

  • style: (default: asNeeded)
    • always: enforces that arrow functions always have a block body.
    • never: enforces that arrow functions never have a block body, when possible.
    • asNeeded: enforces that arrow functions have a block body only when necessary (e.g. for object literals).

style: "always"

Invalid:

const f = () => 1;

Valid:

const f = () => {
  return 1;
};

style: "never"

Invalid:

const f = () => {
  return 1;
};

Valid:

const f = () => 1;

style: "asNeeded"

Invalid:

const f = () => {
  return 1;
};

Valid:

const f = () => 1;

style: "asNeeded" and requireForObjectLiteral: true

Valid:

const f = () => {
  return { a: 1 };
};

• #​7510 527cec2 Thanks @​rriski! - Implements #​7339. GritQL patterns can now use native Biome AST nodes using their PascalCase names, in addition to the existing TreeSitter-compatible snake_case names.

  engine biome(1.0)
  language js(typescript,jsx)
  
  or {
    // TreeSitter-compatible pattern
    if_statement(),
  
    // Native Biome AST node pattern
    JsIfStatement()
  } as $stmt where {
    register_diagnostic(
      span=$stmt,
      message="Found an if statement"
    )
  }
  

• #​7574 47907e7 Thanks @​kedevked! - Fixed 7574. The diagnostic message for the rule useSolidForComponent now correctly emphasizes <For /> and provides a working hyperlink to the Solid documentation.

• #​7497 bd70f40 Thanks @​siketyan! - Fixed #​7320: The useConsistentCurlyBraces rule now correctly detects a string literal including " inside a JSX attribute value.

• #​7522 1af9931 Thanks @​Netail! - Added extra references to external rules to improve migration for the following rules: noUselessFragments & noNestedComponentDefinitions

• #​7597 5c3d542 Thanks @​arendjr! - Fixed an issue where package.json manifests would not be correctly discovered
  when evaluating files in the same directory.

• #​7565 38d2098 Thanks @​siketyan! - The resolver can now correctly resolve .ts, .tsx, .d.ts, .js files by .js extension if exists, based on the file extension substitution in TypeScript.

  For example, the linter can now detect the floating promise in the following situation, if you have enabled the noFloatingPromises rule.

  foo.ts

  export async function doSomething(): Promise<void> {}

  bar.ts

  import { doSomething } from "./foo.js"; // doesn't exist actually, but it is resolved to `foo.ts`
  
  doSomething(); // floating promise!

• #​7542 cadad2c Thanks @​mdevils! - Added the rule noVueDuplicateKeys, which prevents duplicate keys in Vue component definitions.

  This rule prevents the use of duplicate keys across different Vue component options such as props, data, computed, methods, and setup. Even if keys don't conflict in the script tag, they may cause issues in the template since Vue allows direct access to these keys.

  Invalid examples

  <script>
  export default {
    props: ["foo"],
    data() {
      return {
        foo: "bar",
      };
    },
  };
  </script>

  <script>
  export default {
    data() {
      return {
        message: "hello",
      };
    },
    methods: {
      message() {
        console.log("duplicate key");
      },
    },
  };
  </script>

  <script>
  export default {
    computed: {
      count() {
        return this.value * 2;
      },
    },
    methods: {
      count() {
        this.value++;
      },
    },
  };
  </script>

  Valid examples

  <script>
  export default {
    props: ["foo"],
    data() {
      return {
        bar: "baz",
      };
    },
    methods: {
      handleClick() {
        console.log("unique key");
      },
    },
  };
  </script>

  <script>
  export default {
    computed: {
      displayMessage() {
        return this.message.toUpperCase();
      },
    },
    methods: {
      clearMessage() {
        this.message = "";
      },
    },
  };
  </script>

• #​7546 a683acc Thanks @​siketyan! - Internal data for Unicode strings have been updated to Unicode 17.0.

• #​7497 bd70f40 Thanks @​siketyan! - Fixed #​7256: The useConsistentCurlyBraces rule now correctly ignores a string literal with braces that contains only whitespaces. Previously, literals that contains single whitespace were only allowed.

• #​7565 38d2098 Thanks @​siketyan! - The useImportExtensions rule now correctly detects imports with an invalid extension. For example, importing .ts file with .js extension is flagged by default. If you are using TypeScript with neither the allowImportingTsExtensions option nor the rewriteRelativeImportExtensions option, it's recommended to turn on the forceJsExtensions option of the rule.

• #​7581 8653921 Thanks @​lucasweng! - Fixed #​7470: solved a false positive for noDuplicateProperties. Previously, declarations in @container and @starting-style at-rules were incorrectly flagged as duplicates of identical declarations at the root selector.

  For example, the linter no longer flags the display declaration in @container or the opacity declaration in @starting-style.

  a {
    display: block;
    @​container (min-width: 600px) {
      display: none;
    }
  }
  
  [popover]:popover-open {
    opacity: 1;
    @​starting-style {
      opacity: 0;
    }
  }

• #​7529 fea905f Thanks @​qraqras! - Fixed #​7517: the useOptionalChain rule no longer suggests changes for typeof checks on global objects.

  // ok
  typeof window !== "undefined" && window.location;

• #​7476 c015765 Thanks @​ematipico! - Fixed a bug where the suppression action for noPositiveTabindex didn't place the suppression comment in the correct position.

• #​7511 a0039fd Thanks @​arendjr! - Added nursery rule noUnusedExpressions to flag expressions used as a statement that is neither an assignment nor a function call.

Invalid examples

f; // intended to call `f()` instead

function foo() {
  0; // intended to `return 0` instead
}

Valid examples

f();

function foo() {
  return 0;
}

• #​7564 40e515f Thanks @​turbocrime! - Fixed #​6617: improved useIterableCallbackReturn to correctly handle arrow functions with a single-expression void body.

  Now the following code doesn't trigger the rule anymore:

  [].forEach(() => void null);

sveltejs/kit (@​sveltejs/adapter-auto)

v6.1.1

Compare Source

Patch Changes

• chore: update "homepage" field in package.json (#​14579)

sveltejs/kit (@​sveltejs/adapter-cloudflare)

v7.2.4

Compare Source

Patch Changes

• chore: update "homepage" field in package.json (#​14579)

sveltejs/kit (@​sveltejs/adapter-node)

v5.3.3

Compare Source

Patch Changes

• chore: update "homepage" field in package.json (#​14579)

sveltejs/kit (@​sveltejs/kit)

v2.43.8

Compare Source

Patch Changes

• fix: HMR for query (#​14587)

• fix: avoid client modules while traversing dependencies to prevent FOUC during dev (#​14577)

• fix: skip prebundling of .remote.js files (#​14583)

• fix: more robust remote file pattern matching (#​14578)

v2.43.7

Compare Source

Patch Changes

• fix: correctly type the result of form remote functions that do not accept data (#​14573)

• fix: force remote module chunks to isolate themselves (#​14571)

v2.43.6

Compare Source

Patch Changes

• fix: ensure cache key is consistent between client/server (#​14563)

• fix: keep resolve relative to initial base during prerender (#​14533)

• fix: avoid including HEAD twice when an unhandled HTTP method is used in a request to a +server handler that has both a GET handler and a HEAD handler (#​14564)

• fix: smoothscroll to deep link (#​14569)

saadeghi/daisyui (daisyui)

v5.1.27

Compare Source

Bug Fixes

• prevent select line break on long text when select is not open and prevent page overflow when select is open. closes: #​4105 (6782522)

v5.1.26

Compare Source

Bug Fixes

• navbar default position (f75a5ed)

sveltejs/svelte (svelte)

v5.39.8

Compare Source

Patch Changes

• fix: check boundary pending attribute at runtime on server (#​16855)

• fix: preserve tuple type in $state.snapshot (#​16864)

• fix: allow await in svelte:boundary without pending (#​16857)

• fix: update bind:checked error message to clarify usage with radio inputs (#​16874)

v5.39.7

Compare Source

Patch Changes

• chore: simplify batch logic (#​16847)

• fix: rebase pending batches when other batches are committed (#​16866)

• fix: wrap async children in $$renderer.async (#​16862)

• fix: silence label warning for buttons and anchor tags with title attributes (#​16872)

• fix: coerce nullish <title> to empty string (#​16863)

microsoft/TypeScript (typescript)

v5.9.3

Compare Source

vitejs/vite (vite)

v7.1.9

Compare Source

Reverts

• server: drain stdin when not interactive (#​20885) (12d72b0)

v7.1.8

Compare Source

Bug Fixes

• css: improve url escape characters handling (#​20847) (24a61a3)
• deps: update all non-major dependencies (#​20855) (788a183)
• deps: update artichokie to 0.4.2 (#​20864) (e670799)
• dev: skip JS responses for document requests (#​20866) (6bc6c4d)
• glob: fix HMR for array patterns with exclusions (#​20872) (63e040f)
• keep ids for virtual modules as-is (#​20808) (d4eca98)
• server: drain stdin when not interactive (#​20837) (bb950e9)
• server: improve malformed URL handling in middlewares (#​20830) (d65a983)

Documentation

• create-vite: provide deno example (#​20747) (fdb758a)

Miscellaneous Chores

• deps: update rolldown-related dependencies (#​20810) (ea68a88)
• deps: update rolldown-related dependencies (#​20854) (4dd06fd)
• update url of create-react-app license (#​20865) (166a178)

cloudflare/workers-sdk (wrangler)

v4.42.0

Compare Source

Minor Changes

• #​10735 103fbf0 Thanks @​petebacondarwin! - Allow WRANGLER_SEND_ERROR_REPORTS env var to override whether to report Wrangler crashes to Sentry

Patch Changes

• #​10757 59d5911 Thanks @​dario-piotrowicz! - fix console.debug logs not being logged at the info level (as users expect)

• Updated dependencies [2594130]:

  • @​cloudflare/unenv-preset@​2.7.6

v4.41.0

Compare Source

Minor Changes

• #​10507 21a0bef Thanks @​dario-piotrowicz! - Add strict mode for the wrangler deploy command

  Add a new flag: --strict that makes the wrangler deploy command be more strict and not deploy workers when the deployment could be potentially problematic. This "strict mode" currently only affects non-interactive sessions where conflicts with the remote settings for the worker (for example when the worker has been re-deployed via the dashboard) will cause the deployment to fail instead of automatically overriding the remote settings.

• #​10710 7f2386e Thanks @​penalosa! - Add prompt to resource creation flow allowing for newly created resources to be remote.

Patch Changes

• #​10822 4c06766 Thanks @​edmundhung! - fix: skip banner when using --json flag in wrangler pages deployment commands

• #​10838 d3aee31 Thanks @​edmundhung! - fix: skip banner when using --json flag in wrangler queues subscription commands

• #​10829 59e8ef0 Thanks @​edmundhung! - fix: skip banner when using --json flag in wrangler pipelines commands

• #​10764 79a6b7d Thanks @​emily-shen! - containers: default max_instances to 20 instead of 1.

• #​10844 7a4d0da Thanks @​mikenomitch! - Adds new Container instance types, and rename dev to lite and standard to standard-1. The new instance_types are now:

  Instance Type	vCPU	Memory	Disk
  lite (previously dev)	1/16	256 MiB	2 GB
  basic	1/4	1 GiB	4 GB
  standard-1 (previously standard)	1/2	4 GiB	8 GB
  standard-2	1	6 GiB	12 GB
  standard-3	2	8 GiB	16 GB
  standard-4	4	12 GiB	20 GB

• #​10634 62656bd Thanks @​emily-shen! - fix: error if the container image uri has an account id that doesn't match the current account

• #​10761 886e577 Thanks @​petebacondarwin! - switch zone route warning to an info message

• #​10734 8d7f32e Thanks @​penalosa! - Improve formatting of logged errors in some cases

• #​10832 f9d37db Thanks @​petebacondarwin! - retry subdomain requests to be more resilient to flakes

• #​10770 835d6f7 Thanks @​danielrs! - Enabling or disabling workers_dev is often an indication that
  the user is also trying to enable or disable preview_urls. Warn the
  user when these enter mixed state.

• #​10764 79a6b7d Thanks @​emily-shen! - fix: respect the log level set by wrangler when logging using @​cloudflare/cli

• Updated dependencies [c8d5282, bffd2a9]:

  • miniflare@​4.20251001.0

v4.40.3

Compare Source

Patch Changes

• #​10602 ff82d80 Thanks @​tukiminya! - fix: update Secrets Store command status from alpha to open-beta

• #​10623 7a6381c Thanks @​IRCody! - Handle more cases for correctly resolving the full uri for an image when using containers push.

• #​10779 325d22e Thanks @​hoodmane! - Add fallthrough: true for python_modules data rule

• #​10112 8d07576 Thanks @​devin-ai-integration! - fix: allow Workflow bindings when calling getPlatformProxy()

  Workflow bindings are not supported in practice when using getPlatformProxy().
  But their existence in a Wrangler config file should not prevent other bindings from working.
  Previously, calling getPlatformProxy() would crash if there were any Workflow bindings defined.
  Now, instead, you get a warning telling you that these bindings are not available.

• #​10769 0a554f9 Thanks @​penalosa! - Mark more errors as UserError to disable Sentry reporting

• #​10679 6244a9e Thanks @​KianNH! - Fix rendering for nested objects in containers list and containers info [ID]

• #​10785 d09cab3 Thanks @​pombosilva! - Workflows names and instance IDs are now properly validated with production limits.

• Updated dependencies [6ff41a6, 0c208e1, 2432022, d0801b1, 0a554f9]:

  • miniflare@​4.20250927.0
  • @​cloudflare/unenv-preset@​2.7.5

---

Configuration

📅 Schedule: Branch creation - "before 12pm on Sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cloudflare-workers-and-pages]

Deploying autopulseui with    Cloudflare Pages

Latest commit:	4f2ce7d
Status:	✅  Deploy successful!
Preview URL:	https://6eae5682.autopulseui.pages.dev
Branch Preview URL:	https://renovate-all-non-major-dev.autopulseui.pages.dev

View logs