Bump the all-npm-dependencies group with 4 updates

[dependabot]

Bumps the all-npm-dependencies group with 4 updates: vue, @biomejs/biome, vue-tsc and wxt.

Updates vue from 3.5.27 to 3.5.28

Release notes

Sourced from vue's releases.

v3.5.28

For stable releases, please refer to CHANGELOG.md for details. For pre-releases, please refer to CHANGELOG.md of the minor branch.

Changelog

Sourced from vue's changelog.

3.5.28 (2026-02-09)

Bug Fixes

• transition: avoid unexpected cancelled parameter in transition done callback (#14391) (6798853)
• compiler-sfc: add resolution trying for .mts/.cts files (#14402) (c09d41f), closes vuejs/router#2611
• compiler-sfc: no params were generated when using withDefaults (#12823) (b0a1f05), closes #12822
• reactivity: add __v_skip flag to EffectScope to prevent reactive conversion (#14359) (48b7552), closes #14357
• runtime-core: avoid retaining el on cached text vnodes during static traversal (#14419) (4ace79a), closes #14134
• runtime-core: prevent child component updates when style remains unchanged (#12825) (57866b5), closes #12826
• runtime-core: properly handle async component update before resolve (#11619) (e71c26c), closes #11617
• runtime-dom: handle null/undefined handler in withModifiers (#14362) (261de54), closes #14361
• teleport: properly handling disabled teleport target anchor (#14417) (d7bcd85), closes #14412
• transition-group: correct move translation under scale via element rect (#14360) (0243a79), closes #14356
• useTemplateRef: don't update setup ref for useTemplateRef key (#12756) (fc40ca0), closes #12749

Commits

• 1bdeb33 release: v3.5.28
• e71c26c fix(runtime-core): properly handle async component update before resolve (#11...
• 57866b5 fix(runtime-core): prevent child component updates when style remains unchang...
• b0a1f05 fix(compiler-sfc): no params were generated when using withDefaults (#12823)
• 48b7552 fix(reactivity): add __v_skip flag to EffectScope to prevent reactive convers...
• 0243a79 fix(transition-group): correct move translation under scale via element rect ...
• 261de54 fix(runtime-dom): handle null/undefined handler in withModifiers (#14362)
• fc40ca0 fix(useTemplateRef): don't update setup ref for useTemplateRef key (#12756)
• 6798853 fix: avoid unexpected cancelled parameter in transition done callback (#1...
• 4ace79a fix(runtime-core): avoid retaining el on cached text vnodes during static tra...
• Additional commits viewable in compare view

Updates @biomejs/biome from 2.3.12 to 2.4.4

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.4

2.4.4

Patch Changes

• #9150 6946835 Thanks @​dyc3! - Fixed #9138: Astro files containing --- in HTML content (e.g., <h1>---Hi</h1>) are now parsed correctly, both when a frontmatter block is present and when there is no frontmatter at all.

• #9150 aa6f837 Thanks @​dyc3! - Fixed #9138: The HTML parser incorrectly failing to parse bracket characters ([ and ]) in text content (e.g. <div>[Foo]</div>).

• #9151 c0d4b0c Thanks @​dyc3! - Fixed parsing of Svelte directive keywords (use, style) when used as plain text content in HTML/Svelte files. Previously, <p>use JavaScript</p> or <p>style it</p> would incorrectly produce a bogus element instead of proper text content.

• #9162 7f1e060 Thanks @​dyc3! - Fixed #9161: The Vue parser now correctly handles colon attributes like xlink:href and xmlns:xlink by parsing them as single attributes instead of splitting them into separate tokens.

• #9164 458211b Thanks @​dyc3! - Fixed #9161: The noAssignInExpressions rule no longer flags assignments in Vue v-on directives (e.g., @click="counter += 1"). Assignments in event handlers are idiomatic Vue patterns and are now skipped by the rule.

What's Changed

• chore(scss): cherry-picks by @​denbezrukov in biomejs/biome#9149
• fix(parse/html): don't lex square brackets as special tokens in contexts where they don't mean anything by @​dyc3 in biomejs/biome#9150
• refactor(parse/html): use token_set! instead of matches! for svelte keywords and directives helpers by @​dyc3 in biomejs/biome#9148
• fix(parse/html): don't lex "use" as USE_KW when in html text content by @​dyc3 in biomejs/biome#9151
• feat(css): enhance SCSS qualified name detection by @​denbezrukov in biomejs/biome#9159
• chore(html): more html benchmarks by @​dyc3 in biomejs/biome#8153
• fix(parse/html/vue): don't treat : as special token outside of vue directives by @​dyc3 in biomejs/biome#9162
• feat(lint/vue): automatically ignore noAssignInExpressions for vue v-on directives by @​dyc3 in biomejs/biome#9164
• ci: release by @​github-actions[bot] in biomejs/biome#9160

Full Changelog: https://github.com/biomejs/biome/compare/@​biomejs/biome@​2.4.3...@​biomejs/biome@​2.4.4

Biome CLI v2.4.3

2.4.3

Patch Changes

• #9120 aa40fc2 Thanks @​ematipico! - Fixed #9109, where the GitHub reporter wasn't correctly enabled when biome ci runs on GitHub Actions.

• #9128 8ca3f7f Thanks @​dyc3! - Fixed #9107: The HTML parser can now correctly parse Astro directives (client/set/class/is/server), which fixes the formatting for Astro directives.

• #9124 f5b0e8d Thanks @​ematipico! - Fixed #8882 and #9108: The Astro frontmatter lexer now correctly identifies the closing --- fence when the frontmatter contains multi-line block comments with quote characters, strings that mix quote types (e.g. "it's"), or escaped quote characters (e.g. "\").

• #9142 3ca066b Thanks @​THernandez03! - Fixed #9141: The noUnknownAttribute rule no longer reports closedby as an unknown attribute on <dialog> elements.

• #9126 792013e Thanks @​ematipico! - Added missing Mocha globals to the Test domain: context, run, setup, specify, suite, suiteSetup, suiteTeardown, teardown, xcontext, xdescribe, xit, and xspecify. These are injected by Mocha's BDD and TDD interfaces and were previously flagged as undeclared variables in projects using Mocha.

• #8855 6918c9e Thanks @​ruidosujeira! - Fixed #8840. Now the Biome CSS parser correctly parses not + scroll-state inside @container queries.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.4

Patch Changes

• #9150 6946835 Thanks @​dyc3! - Fixed #9138: Astro files containing --- in HTML content (e.g., <h1>---Hi</h1>) are now parsed correctly, both when a frontmatter block is present and when there is no frontmatter at all.

• #9150 aa6f837 Thanks @​dyc3! - Fixed #9138: The HTML parser incorrectly failing to parse bracket characters ([ and ]) in text content (e.g. <div>[Foo]</div>).

• #9151 c0d4b0c Thanks @​dyc3! - Fixed parsing of Svelte directive keywords (use, style) when used as plain text content in HTML/Svelte files. Previously, <p>use JavaScript</p> or <p>style it</p> would incorrectly produce a bogus element instead of proper text content.

• #9162 7f1e060 Thanks @​dyc3! - Fixed #9161: The Vue parser now correctly handles colon attributes like xlink:href and xmlns:xlink by parsing them as single attributes instead of splitting them into separate tokens.

• #9164 458211b Thanks @​dyc3! - Fixed #9161: The noAssignInExpressions rule no longer flags assignments in Vue v-on directives (e.g., @click="counter += 1"). Assignments in event handlers are idiomatic Vue patterns and are now skipped by the rule.

2.4.3

Patch Changes

• #9120 aa40fc2 Thanks @​ematipico! - Fixed #9109, where the GitHub reporter wasn't correctly enabled when biome ci runs on GitHub Actions.

• #9128 8ca3f7f Thanks @​dyc3! - Fixed #9107: The HTML parser can now correctly parse Astro directives (client/set/class/is/server), which fixes the formatting for Astro directives.

• #9124 f5b0e8d Thanks @​ematipico! - Fixed #8882 and #9108: The Astro frontmatter lexer now correctly identifies the closing --- fence when the frontmatter contains multi-line block comments with quote characters, strings that mix quote types (e.g. "it's"), or escaped quote characters (e.g. "\").

• #9142 3ca066b Thanks @​THernandez03! - Fixed #9141: The noUnknownAttribute rule no longer reports closedby as an unknown attribute on <dialog> elements.

• #9126 792013e Thanks @​ematipico! - Added missing Mocha globals to the Test domain: context, run, setup, specify, suite, suiteSetup, suiteTeardown, teardown, xcontext, xdescribe, xit, and xspecify. These are injected by Mocha's BDD and TDD interfaces and were previously flagged as undeclared variables in projects using Mocha.

• #8855 6918c9e Thanks @​ruidosujeira! - Fixed #8840. Now the Biome CSS parser correctly parses not + scroll-state inside @container queries.

• #9111 4fb55cf Thanks @​Jayllyz! - Slightly improved performance of noIrregularWhitespace by adding early return optimization and simplifying character detection logic.

• #8975 086a0c5 Thanks @​FrankFMY! - Fixed #8478: useDestructuring no longer suggests destructuring when the variable has a type annotation, like const foo: string = object.foo.

2.4.2

Patch Changes

• #9103 fc9850c Thanks @​dyc3! - Fixed #9098: useImportType no longer incorrectly flags imports used in Svelte control flow blocks ({#if}, {#each}, {#await}, {#key}) as type-only imports.

• #9106 f4b7296 Thanks @​dyc3! - Updated rule source metadata for rules from html-eslint.

• #8960 4a5ff40 Thanks @​abossenbroek! - Added the nursery rule noConditionalExpect. This rule disallows conditional expect() calls inside tests, which can lead to tests that silently pass when assertions never run.

  // Invalid - conditional expect may not run
  test("conditional", async ({ page }) => {
    if (someCondition) {
      await expect(page).toHaveTitle("Title");
    }

... (truncated)

Commits

• 6c296ea ci: release (#9160)
• 312b6db ci: release (#9116)
• b99e7db ci: release (#9104)
• 4a5ff40 feat(lint): add Playwright ESLint rules (#8960)
• 5153f2f ci: release (#9094)
• 4cc531c chore: docs that break website (#9077)
• bf6e5f9 ci: release (#9045)
• e014336 feat: promote rules for v2.4 (#9011)
• 7e33fd5 Merge remote-tracking branch 'origin/main' into next
• df21006 ci: release (#8973)
• Additional commits viewable in compare view

Updates vue-tsc from 3.2.3 to 3.2.5

Release notes

Sourced from vue-tsc's releases.

v3.2.5

language-core

• fix: re-parse template when interpolation syntax breaks (#5971) - Thanks to @​Dsaquel!

language-service

• fix: use default html data provider for document symbols (#5968) - Thanks to @​liangmiQwQ!

language-plugin-pug

• fix: handle backtick attributes containing both quote types (#5970) - Thanks to @​baptistejamin!

workspace

• docs: document all packages with consistent README structure (#5953)
• docs: update tsconfig schema of plugins option - Thanks to @​KazariEX!

Our Sponsors ❤️

... (truncated)

Changelog

Sourced from vue-tsc's changelog.

3.2.5 (2026-02-21)

language-core

• fix: re-parse template when interpolation syntax breaks (#5971) - Thanks to @​Dsaquel!

language-service

• fix: use default html data provider for document symbols (#5968) - Thanks to @​liangmiQwQ!

language-plugin-pug

• fix: handle backtick attributes containing both quote types (#5970) - Thanks to @​baptistejamin!

workspace

• docs: document all packages with consistent README structure (#5953)
• docs: update tsconfig schema of plugins option - Thanks to @​KazariEX!

3.2.4 (2026-01-26)

language-core

• feat: place plugin configs under ctx.config and support type annotation via generics (#5944) - Thanks to @​KazariEX!

workspace

• chore: publish to npm with OIDC (#5912) - Thanks to @​ghiscoding!

Commits

• ee5041d v3.2.5 (#5974)
• be8d5ab chore: bump deps
• 0c4c509 docs: document all packages with consistent README structure (#5953)
• f0ede30 v3.2.4 (#5946)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for vue-tsc since your current version.

Updates wxt from 0.20.13 to 0.20.17

Release notes

Sourced from wxt's releases.

wxt v0.20.17

compare changes

🩹 Fixes

• Update left-over CJS require of publish-browser-extension to ESM (#2120)

❤️ Contributors

• Aaron (@​aklinker1)

wxt v0.20.16

compare changes

🩹 Fixes

• Revert "rename name to names prop of rollup to fix deprecated warning " (#2106)

🏡 Chore

• Speed up E2E tests by skipping pnpm install when possible (#2113)

❤️ Contributors

• Aaron (@​aklinker1)

wxt v0.20.15

compare changes

🚀 Enhancements

• Export normalizePath from wxt module (#2080)
• popup: Add Firefox default_area and theme_icons support (#2097)
• Add log --level cli option (#1973)

🩹 Fixes

• Content script is incorrectly invalidated when injected multiple times (#2035)
• Use uiContainer to apply position when creating shadow root ui (#2036)
• Make ExtensionRunner#closeBrowser optional (#2092)
• Rename name to names prop of rollup to fix deprecated warning (#2106)

💅 Refactors

• Standardize file existence checks to pathExists (#2083)
• Cleanup esm (#1950)
• async/await cleanup (#2088)
• Cleanup unnecssary checks (#2089)
• Simplify import paths (#2093)

... (truncated)

Commits

• 7366d8a chore(release): wxt v0.20.17
• a7ab409 fix: Update left-over CJS require of publish-browser-extension to ESM (#2120)
• 9dea0cf chore: Cleanup type tests
• 50d7c1e chore: Change browser tests to fix deprecated warning (#2117)
• f32cdaf chore(release): @​wxt-dev/analytics v0.5.2
• 2e2272d fix: Allow custom API URL in Google Analytics 4 provider options (#1653)
• 27ffff7 chore(release): wxt v0.20.16
• 305cebe fix: Revert "rename name to names prop of rollup to fix deprecated warn...
• 4602a06 Update contributor in changelog
• 3a947d7 chore: Include doc updates in wxt changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions