fix(deps): update all non-major dependencies by renovate[bot] · Pull Request #144 · fuma-nama/fuma-comment

renovate · 2025-12-12T02:12:15Z

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Type	Update
@biomejs/biome (source)	`2.3.8` → `2.4.2`	devDependencies	minor
@clerk/backend (source)	`2.27.0` → `2.31.0`	devDependencies	minor
@clerk/nextjs (source)	`6.36.2` → `6.37.4`	dependencies	minor
@elysiajs/node	`1.4.2` → `1.4.4`	devDependencies	patch
@hono/node-server	`1.19.7` → `1.19.9`	devDependencies	patch
@prisma/adapter-pg (source)	`7.1.0` → `7.4.0`	dependencies	minor
@prisma/client (source)	`7.1.0` → `7.4.0`	dependencies	minor
@prisma/client-runtime-utils (source)	`7.1.0` → `7.4.0`	dependencies	minor
@tanstack/react-router (source)	`1.141.1` → `1.160.2`	devDependencies	minor
@tanstack/react-start (source)	`1.141.1` → `1.160.2`	devDependencies	minor
@tiptap/core (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-bold (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-code (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-code-block-lowlight (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-document (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-dropcursor (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-gapcursor (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-history (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-image (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-italic (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-link (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-mention (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-paragraph (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-placeholder (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-strike (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/extension-text (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/pm (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/react (source)	`3.13.0` → `3.19.0`	dependencies	minor
@tiptap/suggestion (source)	`3.13.0` → `3.19.0`	dependencies	minor
@types/node (source)	`24.10.3` → `24.10.13`	devDependencies	patch
@types/react (source)	`19.2.7` → `19.2.14`	devDependencies	patch
better-auth (source)	`1.4.6` → `1.4.18`	devDependencies	patch
better-auth (source)	`1.4.6` → `1.4.18`	dependencies	patch
drizzle-kit (source)	`0.31.8` → `0.31.9`	devDependencies	patch
elysia	`1.4.18` → `1.4.25`	devDependencies	patch
fumadb	`0.2.1` → `0.2.2`	devDependencies	patch
fumadocs-core (source)	`16.2.4` → `16.6.2`	dependencies	minor
fumadocs-docgen (source)	`3.0.4` → `3.0.6`	dependencies	patch
fumadocs-mdx (source)	`14.1.0` → `14.2.7`	dependencies	minor
fumadocs-ui (source)	`16.2.4` → `16.6.2`	dependencies	minor
hono (source)	`4.11.7` → `4.11.9`	devDependencies	patch
lucide-react (source)	`^0.560.0` → `^0.564.0`	devDependencies	minor
lucide-react (source)	`^0.560.0` → `^0.564.0`	dependencies	minor
mongodb	`7.0.0` → `7.1.0`	devDependencies	minor
mongodb	`7.0.0` → `7.1.0`	dependencies	minor
node	`18.16.0-alpine` → `18.20.8-alpine`	final	minor
pg (source)	`8.16.3` → `8.18.0`	dependencies	minor
postgres	`16.11` → `16.12`		minor
prisma (source)	`7.1.0` → `7.4.0`	devDependencies	minor
react (source)	`19.2.3` → `19.2.4`	devDependencies	patch
react (source)	`19.2.3` → `19.2.4`	dependencies	patch
react-dom (source)	`19.2.3` → `19.2.4`	dependencies	patch
recharts	`3.5.1` → `3.7.0`	dependencies	minor
swr (source)	`2.3.7` → `2.4.0`	dependencies	minor
tailwind-merge	`3.4.0` → `3.4.1`	dependencies	patch
turbo (source)	`2.6.3` → `2.8.9`	devDependencies	minor
vitest (source)	`4.0.15` → `4.0.18`	devDependencies	patch
zod (source)	`4.1.13` → `4.3.6`	dependencies	minor

Release Notes

biomejs/biome (@biomejs/biome)

`v2.4.2`

Compare Source

Patch Changes

#9103 fc9850c Thanks @dyc3! - Fixed #9098: useImportType no longer incorrectly flags imports used in Svelte control flow blocks ({#if}, {#each}, {#await}, {#key}) as type-only imports.
#9106 f4b7296 Thanks @dyc3! - Updated rule source metadata for rules from html-eslint.

#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noConditionalExpect. This rule disallows conditional expect() calls inside tests, which can lead to tests that silently pass when assertions never run.

// Invalid - conditional expect may not run
test("conditional", async ({ page }) => {
  if (someCondition) {
    await expect(page).toHaveTitle("Title");
  }
});

// Valid - unconditional expect
test("unconditional", async ({ page }) => {
  await expect(page).toHaveTitle("Title");
});

#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightElementHandle. Prefers locators to element handles.
```
const el = await page.$(".btn");
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightEval. Disallows page.$eval() and page.$$eval() methods.
```
await page.$eval(".btn", (el) => el.textContent);
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightForceOption. Disallows the force option on user interactions.
```
await locator.click({ force: true });
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightMissingAwait. Enforces awaiting async Playwright APIs.
```
const el = page.locator(".btn");
el.click(); // Missing await
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightNetworkidle. Disallows deprecated networkidle wait option.
```
await page.goto(url, { waitUntil: "networkidle" });
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightPagePause. Disallows page.pause() debugging calls in committed code.
```
await page.pause();
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightUselessAwait. Disallows unnecessary await on synchronous Playwright methods.
```
// Incorrect - locator() is synchronous
const loc = await page.locator(".btn");
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightWaitForNavigation. Prefers modern navigation APIs over deprecated waitForNavigation().
```
await page.waitForNavigation();
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightWaitForSelector. Prefers locators over deprecated waitForSelector().
```
await page.waitForSelector(".btn");
```
#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule noPlaywrightWaitForTimeout. Disallows hard-coded timeouts with waitForTimeout().
```
await page.waitForTimeout(5000);
```
#8960 4a5ff40 Thanks @abossenbroek! - Enhanced noSkippedTests to detect Playwright patterns (.fixme, test.describe, test.step, bracket notation, bare calls). Consolidated noPlaywrightSkippedTest into this rule.
#9101 0c0fb6f Thanks @siketyan! - Fixed #9080: The noUnusedVariables rule no longer reports a top-level Props interface or type alias as unused in Astro files.

#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule useExpect. This rule ensures that test functions contain at least one expect() assertion.

// Invalid - test without assertion
test("no assertion", async ({ page }) => {
  await page.goto("/");
});

// Valid - test with assertion
test("has assertion", async ({ page }) => {
  await expect(page).toHaveTitle("Title");
});

#8960 4a5ff40 Thanks @abossenbroek! - Added the nursery rule usePlaywrightValidDescribeCallback. Validates that describe callback signatures are not async.
```
test.describe("suite", async () => {});
```

`v2.4.1`

Compare Source

Patch Changes

#9092 6edd600 Thanks @ematipico! - Fixed #9052. This PR reverts changes introduced by #8519, which caused unwanted changes on how paths are resolved.
#9091 3bf674d Thanks @ematipico! - Fixed #9090, where SCSS files were incorrectly processed by Biome. This was a regressions caused by the latest developments for supporting SCSS out of the box.
#9100 66931a8 Thanks @siketyan! - Fixed #9081: The noUnknownPseudoElement rule no longer reports false positives for any known pseudo elements in CSS modules. This was a regression introduced in v2.4.0.
#9102 d01b903 Thanks @ematipico! - Fixed #9095, where Biome didn't print anything in stdin mode. This was a regression caused by a recent, internal refactor.

`v2.4.0`

Compare Source

Minor Changes

#8964 0353fa0 Thanks @dyc3! - Added ignore option to the useHookAtTopLevel rule.

You can now specify function names that should not be treated as hooks, even if they follow the use* naming convention.

Example configuration:

{
  "linter": {
    "rules": {
      "correctness": {
        "useHookAtTopLevel": {
          "options": {
            "ignore": ["useDebounce", "useCustomUtility"]
          }
        }
      }
    }
  }
}

#8769 d0358b0 Thanks @rahuld109! - Added the rule useAnchorContent for HTML to enforce that anchor elements have accessible content for screen readers. The rule flags empty anchors, anchors with only whitespace, and anchors where all content is hidden with aria-hidden. Anchors with aria-label or title attributes providing a non-empty accessible name are considered valid.
#8742 6340ce6 Thanks @rahuld109! - Added the rule useMediaCaption to the HTML language. Enforces that audio and video elements have a track element with kind="captions" for accessibility. Muted videos are allowed without captions.
#8621 d11130b Thanks @Netail! - Added support for multiple reporters, and the ability to save reporters on arbitrary files.

Combine two reporters in CI

If you run Biome on GitHub, take advantage of the reporter and still see the errors in console, you can now use both reporters:

biome ci --reporter=default --reporter=github

Save reporter output to a file

With the new --reporter-file CLI option, it's now possible to save the output of all reporters to a file. The file is a path,
so you can pass a relative or an absolute path:

biome ci --reporter=rdjson --reporter-file=/etc/tmp/report.json
biome ci --reporter=summary --reporter-file=./reports/file.txt

You can combine these two features. For example, have the default reporter written on terminal, and the rdjson reporter written on file:

biome ci --reporter=default --reporter=rdjson --reporter-file=/etc/tmp/report.json

The --reporter and --reporter-file flags must appear next to each other, otherwise an error is thrown.

#8399 ab88099 Thanks @ematipico! - The Biome CSS parser is now able to parse Vue SFC syntax such as :slotted and :deep. These pseudo functions are only correctly parsed when the CSS is defined inside .vue components. Otherwise, Biome will a emit a parse error.

This capability is only available when experimentalFullHtmlSupportedEnabled is set to true.
#8663 3dfea16 Thanks @ematipico! - Added support for Cursor files. When Biome sees a Cursor JSON file, it will parse it with comments enabled and trailing commas enabled:
- $PROJECT/.cursor/
- %APPDATA%\Cursor\User\ on Windows
- ~/Library/Application Support/Cursor/User/ on macOS
- ~/.config/Cursor/User/ on Linux
#8723 fe2c642 Thanks @cbstns! - Added JSON as a target language for GritQL pattern matching. You can now write Grit plugins for JSON files.

This enables users to write GritQL patterns that match against JSON files, useful for:
- Searching and transforming JSON configuration files
- Enforcing patterns in package.json and other JSON configs
- Writing custom lint rules for JSON using GritQL
Example patterns:

Match all key-value pairs:
```
language json

pair(key = $k, value = $v)
```
Match objects with specific structure:
```
language json

JsonObjectValue()
```
Supports both native Biome AST names (JsonMember, JsonObjectValue) and TreeSitter-compatible names (pair, object, array) for compatibility with existing Grit patterns.

For more details, see the GritQL documentation.
#8814 4d9c676 Thanks @Netail! - Added ignore option to noUnknownProperty. If an unknown property name matches any of the items provided in ignore, a diagnostic won't be emitted.
#8631 4d8f19d Thanks @Netail! - Add a new reporter --reporter=sarif, that emits diagnostics using the SARIF format.
#8270 4f7909d Thanks @lucasweng! - Added the useIframeTitle lint rule for HTML. The rule enforces the usage of the title attribute for the iframe element.

Invalid:
```
<iframe></iframe> <iframe title=""></iframe>
```
Valid:
```
<iframe title="title"></iframe>
```
#8164 1d25856 Thanks @ematipico! - Added a new assist action useSortedInterfaceMembers that sorts TypeScript interface members, for readability.

It includes an autofix.

Invalid example.
```
interface MixedMembers {
  z: string;
  a: number;
  (): void;
  y: boolean;
}
```
Valid example (after using the assist).
```
interface MixedMembers {
  a: number;
  y: boolean;
  z: string;
  (): void;
}
```
#8647 4c7c06f Thanks @siketyan! - It's now possible to provide the stacktrace for a fatal error. The stacktrace is only available when the environment variable RUST_BACKTRACE=1 is set, either via the CLI or exported $PATH. This is useful when providing detailed information for debugging purposes:
```
RUST_BACKTRACE=1 biome lint
```
#7961 a04c8df Thanks @siketyan! - The Biome Language Server now reports progress while scanning files and dependencies in the project.
#8289 a9025d4 Thanks @theshadow27! - Fixed #8024. The rule useIterableCallbackReturn now supports a checkForEach option. When set to false, the rule will skip checking for forEach() callbacks for returning values.
#8690 e06e5d1 Thanks @ematipico! - Added the rule useValidLang to the HTML language.
#7847 e90b14f Thanks @Jagget! - Added support for jsxFactory and jsxFragmentFactory.Biome now respects jsxFactory and jsxFragmentFactory settings from tsconfig.json when using the classic JSX runtime, preventing false positive noUnusedImports errors for custom JSX libraries like Preact.
```
// tsconfig.json
{
  compilerOptions: {
    jsx: "react",
    jsxFactory: "h",
    jsxFragmentFactory: "Fragment",
  },
}
```
```
// Component.jsx
import { h, Fragment } from "preact";

function App() {
  return <div>Hello</div>;
}
```
#8071 7f5bcf4 Thanks @ematipico! - Added new CLI options to the commands lsp-proxy and start that allow to control the Biome file watcher.

`--watcher-kind`

Controls how the Biome file watcher should behave. By default, Biome chooses the best watcher strategy for the
current OS, however sometimes this could result in some issues, such as folders locked.

The option accepts the current values:

recommended: the default option, which chooses the best watcher for the current platform.
polling: uses the polling strategy.
none: it doesn't enable the watcher. When the watcher is disabled, changes to files aren't recorded anymore by Biome. This might have
repercussions on some lint rules that might rely on updated types or updated paths.

The environment variable BIOME_WATCHER_KIND can be used as alias.

`--watcher-polling-interval`

The polling interval in milliseconds. This is only applicable when using the polling watcher. It defaults to 2000 milliseconds.

The environment variable BIOME_WATCHER_POLLING_INTERVAL can be used as alias.

#8262 4186b83 Thanks @lucasweng! - Added the useHtmlLang lint rule for HTML. The rule enforces that the html element has a lang attribute.

Invalid:
```
<html></html>
<html lang></html>
<html lang=""></html>
```
Valid:
```
<html lang="en"></html>
```

#8376 1a9334c Thanks @siketyan! - Added support for formatting and linting embedded GraphQL snippets in JavaScript.

For example, the following snippets are now formatted:

import gql from "graphql-tag";

const PeopleCountQuery = gql`
  query PeopleCount {
    allPeople {
      totalCount
    }
  }
`;

import { graphql } from "./graphql";

const PeopleCountQuery = graphql(`
  query PeopleCount {
    allPeople {
      totalCount
    }
  }
`);

This feature is experimental and must be enabled explicitly in the configuration:

{
  "javascript": {
    "experimentalEmbeddedSnippetsEnabled": true
  }
}

#7799 54682aa Thanks @PaulRBerg! - Added groupByNesting option to the useSortedKeys assist. When enabled, object keys are grouped by their value's nesting depth before sorting alphabetically.

Simple values (primitives, single-line arrays, and single-line objects) are sorted first, followed by nested values (multi-line arrays and multi-line objects).

Example

To enable this option, configure it in your biome.json:

{
  "linter": {
    "rules": {
      "source": {
        "useSortedKeys": {
          "options": {
            "groupByNesting": true
          }
        }
      }
    }
  }
}

With this option, the following unsorted object:

const object = {
  name: "Sample",
  details: {
    description: "nested",
  },
  id: 123,
};

Will be sorted as:

const object = {
  id: 123,
  name: "Sample",
  details: {
    description: "nested",
  },
};

#8641 1dc8dc2 Thanks @tt-a1i! - Added the noAutofocus lint rule for HTML. This rule enforces that the autofocus attribute is not used on elements, as it can cause usability issues for sighted and non-sighted users. The rule allows autofocus inside dialog elements or elements with the popover attribute, as these are modal contexts where autofocus is expected.
#8501 8eb3f19 Thanks @tt-a1i! - Added noPositiveTabindex to HTML. This rule prevents the usage of positive integers on the tabindex attribute, which can disrupt natural keyboard navigation order.
#8661 b36ff03 Thanks @tt-a1i! - Added the useAltText lint rule for HTML. This rule enforces that elements requiring alternative text (<img>, <area>, <input type="image">, <object>) provide meaningful information for screen reader users via alt, title (for objects), aria-label, or aria-labelledby attributes. Elements with aria-hidden="true" are exempt.
#7749 1c59333 Thanks @andogq! - Implements #1984. Updated useHookAtTopLevel to better catch invalid hook usage.

This rule is now capable of finding invalid hook usage in more locations. A diagnostic will now be generated if:
- A hook is used at the module level (top of the file, outside any function).
- A hook is used within a function or method which is not a hook or component, unless it is a function expression (such as arrow functions commonly used in tests).
Invalid:
```
// Invalid: hooks cannot be called at the module level.
useHook();
```
```
// Invalid: hooks must be called from another hook or component.
function notAHook() {
  useHook();
}
```
Valid:
```
// Valid: hooks may be called from function expressions, such as in tests.
test("my hook", () => {
  renderHook(() => useHook());

  renderHook(function () {
    return useHook();
  });
});
```
#8307 789b0e7 Thanks @mehm8128! - Added the useValidAriaRole lint rule for HTML. The rule enforces that elements with ARIA roles must use a valid, non-abstract ARIA role.
#8814 4d9c676 Thanks @Netail! - Added ignore option to noUnknownFunction. If an unknown function name matches any of the items provided in ignore, a diagnostic won't be emitted.
#8814 4d9c676 Thanks @Netail! - Added ignore option to noUnknownPseudoClass. If an unknown pseudo-class name matches any of the items provided in ignore, a diagnostic won't be emitted.
#8623 dc1f94e Thanks @mldangelo! - Added the noDuplicateClasses assist action to detect and remove duplicate CSS classes.

For JSX files: Supports class, className attributes and utility functions like clsx, cn, cva.

For HTML files: Checks class attributes. This is the first assist action for HTML.
```
// Before
<div class="flex p-4 flex" />;

// After
<div class="flex p-4" />;
```
#8399 ab88099 Thanks @ematipico! - Improved the CSS parser for CSS modules. Biome now automatically enables CSS modules parsing for *.module.css files.

If your codebase has only *.module.css files, you can remove the parser feature as follows, because now Biome does it for you:
```
{
  "css": {
    "parser": {
-      "cssModules": true
    }
  }
}
```
#8399 ab88099 Thanks @ematipico! - Added support for parsing :global and :local inside .astro, .svelte and .vue files, in <style> portion of the file.

This capability is only available when experimentalFullHtmlSupportedEnabled is set to true.
#9011 e014336 Thanks @ematipico! - Promoted 21 nursery rules to stable groups.

Correctness

Promoted the following rules to the correctness group:

noUnresolvedImports. The rule reports imports that cannot be resolved.
The default rule severity is set to error.
noVueReservedProps. The rule reports V

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

vercel · 2025-12-12T11:16:25Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
fuma-comment	Building	Preview, Comment	Feb 16, 2026 11:54pm

renovate bot force-pushed the renovate/all-minor-patch branch from 3b61d77 to ab7f020 Compare December 12, 2025 11:16

renovate bot changed the title ~~chore(deps): update node.js to v18.20.8~~ fix(deps): update all non-major dependencies Dec 12, 2025

renovate bot force-pushed the renovate/all-minor-patch branch 23 times, most recently from 70facf5 to 0a2cb51 Compare December 19, 2025 13:52

renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from 96f0986 to 7ed6d62 Compare December 20, 2025 18:02

renovate bot force-pushed the renovate/all-minor-patch branch 15 times, most recently from 3df5170 to fd49235 Compare February 8, 2026 13:18

renovate bot force-pushed the renovate/all-minor-patch branch 13 times, most recently from fc4c98e to 7eb3050 Compare February 15, 2026 03:30

fix(deps): update all non-major dependencies

e8168ab

renovate bot force-pushed the renovate/all-minor-patch branch from 7eb3050 to e8168ab Compare February 16, 2026 23:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update all non-major dependencies#144

fix(deps): update all non-major dependencies#144
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-minor-patch

renovate bot commented Dec 12, 2025 •

edited

Loading

Uh oh!

vercel bot commented Dec 12, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate bot commented Dec 12, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

v2.4.2

Patch Changes

v2.4.1

Patch Changes

v2.4.0

Minor Changes

Combine two reporters in CI

Save reporter output to a file

--watcher-kind

--watcher-polling-interval

Example

Correctness

Configuration

Uh oh!

vercel bot commented Dec 12, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate bot commented Dec 12, 2025 •

edited

Loading

`v2.4.2`

`v2.4.1`

`v2.4.0`

`--watcher-kind`

`--watcher-polling-interval`

vercel bot commented Dec 12, 2025 •

edited

Loading