chore(deps-dev): bump the dev-dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the dev-dependencies group with 7 updates in the / directory:

Package	From	To
@biomejs/biome	2.3.14	2.4.10
@changesets/changelog-github	0.5.2	0.6.0
@changesets/cli	2.29.8	2.30.0
@wxt-dev/module-react	1.1.5	1.2.2
autoprefixer	10.4.24	10.4.27
tailwindcss	4.1.18	4.2.2
wxt	0.20.17	0.20.20

Updates @biomejs/biome from 2.3.14 to 2.4.10

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.10

2.4.10

Patch Changes

• #8838 f3a6a6b Thanks @​baeseokjae! - Added new lint nursery rule noImpliedEval.

  The rule detects implied eval() usage through functions like setTimeout, setInterval, and setImmediate when called with string arguments.

  // Invalid
  setTimeout("alert('Hello');", 100);
  // Valid
  setTimeout(() => alert("Hello"), 100);

• #9320 93c3b6c Thanks @​taberoajorge! - Fixed #7664: noUnusedVariables no longer reports false positives for TypeScript namespace declarations that participate in declaration merging with an exported or used value declaration (const, function, or class) of the same name. The reverse direction is also handled: a value declaration merged with an exported namespace is no longer flagged.

• #9630 1dd4a56 Thanks @​raashish1601! - Fixed #9629: noNegationElse now keeps ternary branch comments attached to the correct branch when applying its fixer.

• #9216 04243b0 Thanks @​FrederickStempfle! - Fixed #9061: noProcessEnv now also detects process.env when process is imported from the "process" or "node:process" modules.

  Previously, only the global process object was flagged:

  import process from "node:process";
  // This was not flagged, but now it is:
  console.log(process.env.NODE_ENV);

• #9692 61b7ec5 Thanks @​mkosei! - Fixed Svelte #each destructuring parsing and formatting for nested patterns such as [key, { a, b }].

• #9627 06a0f35 Thanks @​ematipico! - Fixed #191: Improved the performance of how the Biome Language Server pulls code actions and diagnostics.

  Before, code actions were pulled and computed all at once in one request. This approach couldn't work in big files, and caused Biome to stale and have CPU usage spikes up to 100%.

  Now, code actions are pulled and computed lazily, and Biome won't choke anymore in big files.

• #9643 5bfee36 Thanks @​dyc3! - Fixed #9347: useVueValidVBind no longer reports valid object bindings like v-bind="props".

• #9627 06a0f35 Thanks @​ematipico! - Fixed assist diagnostics being invisible when using --diagnostic-level=error. Enforced assist violations (e.g. useSortedKeys) were filtered out before being promoted to errors, causing biome check to incorrectly return success.

• #9695 9856a87 Thanks @​dyc3! - Added the new nursery rule noUnsafePlusOperands, which reports + and += operations that use object-like, symbol, unknown, or never operands, or that mix number with bigint.

• #9627 06a0f35 Thanks @​ematipico! - Fixed duplicate parse errors in check and ci output. When a file had syntax errors, the same parse error was printed twice and the error count was inflated.

• #9627 06a0f35 Thanks @​ematipico! - Improved the performance of the commands lint and check when they are called with --write.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.10

Patch Changes

• #8838 f3a6a6b Thanks @​baeseokjae! - Added new lint nursery rule noImpliedEval.

  The rule detects implied eval() usage through functions like setTimeout, setInterval, and setImmediate when called with string arguments.

  // Invalid
  setTimeout("alert('Hello');", 100);
  // Valid
  setTimeout(() => alert("Hello"), 100);

• #9320 93c3b6c Thanks @​taberoajorge! - Fixed #7664: noUnusedVariables no longer reports false positives for TypeScript namespace declarations that participate in declaration merging with an exported or used value declaration (const, function, or class) of the same name. The reverse direction is also handled: a value declaration merged with an exported namespace is no longer flagged.

• #9630 1dd4a56 Thanks @​raashish1601! - Fixed #9629: noNegationElse now keeps ternary branch comments attached to the correct branch when applying its fixer.

• #9216 04243b0 Thanks @​FrederickStempfle! - Fixed #9061: noProcessEnv now also detects process.env when process is imported from the "process" or "node:process" modules.

  Previously, only the global process object was flagged:

  import process from "node:process";
  // This was not flagged, but now it is:
  console.log(process.env.NODE_ENV);

• #9692 61b7ec5 Thanks @​mkosei! - Fixed Svelte #each destructuring parsing and formatting for nested patterns such as [key, { a, b }].

• #9627 06a0f35 Thanks @​ematipico! - Fixed #191: Improved the performance of how the Biome Language Server pulls code actions and diagnostics.

  Before, code actions were pulled and computed all at once in one request. This approach couldn't work in big files, and caused Biome to stale and have CPU usage spikes up to 100%.

  Now, code actions are pulled and computed lazily, and Biome won't choke anymore in big files.

• #9643 5bfee36 Thanks @​dyc3! - Fixed #9347: useVueValidVBind no longer reports valid object bindings like v-bind="props".

• #9627 06a0f35 Thanks @​ematipico! - Fixed assist diagnostics being invisible when using --diagnostic-level=error. Enforced assist violations (e.g. useSortedKeys) were filtered out before being promoted to errors, causing biome check to incorrectly return success.

• #9695 9856a87 Thanks @​dyc3! - Added the new nursery rule noUnsafePlusOperands, which reports + and += operations that use object-like, symbol, unknown, or never operands, or that mix number with bigint.

• #9627 06a0f35 Thanks @​ematipico! - Fixed duplicate parse errors in check and ci output. When a file had syntax errors, the same parse error was printed twice and the error count was inflated.

• #9627 06a0f35 Thanks @​ematipico! - Improved the performance of the commands lint and check when they are called with --write.

• #9627 06a0f35 Thanks @​ematipico! - Fixed --diagnostic-level not fully filtering diagnostics. Setting --diagnostic-level=error now correctly excludes warnings and infos from both the output and the summary counts.

... (truncated)

Commits

• fcf216d ci: release (#9622)
• 8b7f55c chore: update sponsors (#9714)
• 9856a87 feat(lint/js): add noUnsafePlusOperands (#9695)
• 5bfee36 fix(useVueValidVBind): don't flag missing arguments (#9643)
• f3a6a6b feat(linter): add noImpliedEval rule (#8838)
• ad37526 ci: release (#9620)
• eb57e3a chore: use npmx.dev badge (#9614)
• e168494 feat(linter): add rule noUntrustedLicenses (#9474)
• 085d324 feat(css): add noDuplicateSelectors (#9315)
• 4d050df feat(analyze): implement noInlineStyles (#9534)
• Additional commits viewable in compare view

Updates @changesets/changelog-github from 0.5.2 to 0.6.0

Release notes

Sourced from @​changesets/changelog-github's releases.

@​changesets/changelog-github@​0.6.0

Minor Changes

• #1850 fd0bc2e Thanks @​mixelburg! - Linkify issue references in changelog entries.

Patch Changes

• #1810 27fd8f4 Thanks @​hirasso! - Replace deprecated String.prototype.trimRight with String.prototype.trimEnd

• Updated dependencies [d4b8ad8, e462d89]:

  • @​changesets/get-github-info@​0.8.0

Commits

• 3ab4d89 Version Packages (#1817)
• 1772598 Fix changelog entry insertion when no package title is present in the `CHANGE...
• 6df3a5e Allow versioned private packages to depend on skipped packages without requir...
• 2a73025 Fix confusing 'Question-2' prompt label when using external editor (#1857)
• 667fe5a Support ESM for custom changelog and commit options (#1774)
• e462d89 Add scopes automatically in the GitHub new token link in the printed error me...
• 503fcaa Support absolute paths in status output flag (#1776)
• d4b8ad8 Improve error messages when fetching from GitHub api (#1781)
• ece0376 Improve baseBranch docs (#1778)
• 0e8e01e Allow Changesets to be executed from non-root directories (#1806)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​changesets/changelog-github since your current version.

Updates @changesets/cli from 2.29.8 to 2.30.0

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.30.0

Minor Changes

• #1840 057cca2 Thanks @​wotan-allfather! - Add --since flag to add command

  The add command now supports a --since flag that allows you to specify which branch, tag, or git ref to use when detecting changed packages. This is useful for gitflow workflows where you have multiple target branches and the baseBranch config option doesn't cover all use cases.

  Example: changeset add --since=develop

  If not provided, the command falls back to the baseBranch value in your .changeset/config.json.

• #1845 2b4a66a Thanks @​Andarist! - Delegate OTP prompting to the package manager instead of handling it in-process. This allows Changesets to use the package manager's native web auth support.

• #1774 667fe5a Thanks @​bluwy! - Support importing custom commit option ES module. Previously, it used require() which only worked for CJS modules, however now it uses import() which supports both CJS and ES modules.

• #1839 73b1809 Thanks @​leochiu-a! - Add a --message (-m) flag to changeset add (and default changeset) so the changeset summary can be provided from the command line. When --message is present, the summary prompt is skipped while the final confirmation step is kept.

• #1806 0e8e01e Thanks @​luisadame! - Changeset CLI can now be run from the nested directories in the project, where the .changeset directory has to be found in one of the parent directories

Patch Changes

• #1849 9dc3230 Thanks @​Andarist! - Compute the terminal's size lazily to avoid spurious stderr output in non-interactive mode

• #1857 2a73025 Thanks @​mixelburg! - Fix confusing prompt labels when entering changeset summary after external editor fallback

• #1842 6df3a5e Thanks @​RodrigoHamuy! - Allow private packages to depend on skipped packages without requiring them to also be skipped. Private packages are not published to npm, so it is safe for them to have dependencies on ignored or unversioned packages.

• #1776 503fcaa Thanks @​bluwy! - Support absolute paths in changeset status --output <path>

• Updated dependencies [667fe5a, 1772598, b6f4c74, 6df3a5e, 6df3a5e, 27fd8f4]:

  • @​changesets/apply-release-plan@​7.1.0
  • @​changesets/config@​3.1.3
  • @​changesets/get-release-plan@​4.0.15
  • @​changesets/read@​0.6.7

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​changesets/cli since your current version.

Updates @wxt-dev/module-react from 1.1.5 to 1.2.2

Release notes

Sourced from @​wxt-dev/module-react's releases.

@​wxt-dev/module-react v1.2.2

compare changes

🩹 Fixes

• Add @vitejs/plugin-react v6 support (c61fa8f8)

❤️ Contributors

• Aaron (@​aklinker1)

@​wxt-dev/module-react v1.2.1

compare changes

🏡 Chore

• Add prepack script to all packages (032f7931)

❤️ Contributors

• Aaron (@​aklinker1)

@​wxt-dev/module-react v1.2.0

compare changes

🚀 Enhancements

• Add vitePluginsBefore option (#2170)
• Vite 8 support (bfd4af5d)

🏡 Chore

• Upgrade dev and non-major prod dependencies (#2000)
• Use tsdown to build packages (#2006)
• Move script-only dev dependencies to top-level package.json (#2007)
• Update dependencies (#2069)
• deps: Upgrade deps (#2175)

❤️ Contributors

• Aaron (@​aklinker1)
• Martin Broder hello@martinbroder.com

Changelog

Sourced from @​wxt-dev/module-react's changelog.

v1.2.2

compare changes

🩹 Fixes

• Add @vitejs/plugin-react v6 support (c61fa8f8)

❤️ Contributors

• Aaron (@​aklinker1)

v1.2.1

compare changes

🏡 Chore

• Add prepack script to all packages (032f7931)

❤️ Contributors

• Aaron (@​aklinker1)

v1.2.0

compare changes

🚀 Enhancements

• Add vitePluginsBefore option (#2170)
• Vite 8 support (bfd4af5d)

🏡 Chore

• Upgrade dev and non-major prod dependencies (#2000)
• Use tsdown to build packages (#2006)
• Move script-only dev dependencies to top-level package.json (#2007)
• Update dependencies (#2069)
• deps: Upgrade deps (#2175)

❤️ Contributors

• Aaron (@​aklinker1)
• Martin Broder hello@martinbroder.com

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​wxt-dev/module-react since your current version.

Updates autoprefixer from 10.4.24 to 10.4.27

Release notes

Sourced from autoprefixer's releases.

10.4.27

• Removed development key from package.json.

10.4.26

• Reduced package size.

10.4.25

• Fixed broken gradients on CSS Custom Properties (by @​serger777).

Changelog

Sourced from autoprefixer's changelog.

10.4.27

• Removed development key from package.json.

10.4.26

• Reduced package size.

10.4.25

• Fixed broken gradients on CSS Custom Properties (by @​serger777).

Commits

• 360f2d9 Release 10.4.27 version
• ab5260c Update clean-publish
• 09e9dd1 Release 10.4.26 version
• ec75540 Ignore local patches
• 59601b8 Update c8 and clean-publish
• 06ea988 Release 10.4.25 version
• 47d8a5b Update dependencies and fix Node.js 25
• 51c596e Add Node.js 25 and 24 to CI
• 5239823 Fix CSS variables in gradients (#1515) (#1544)
• See full diff in compare view

Updates tailwindcss from 4.1.18 to 4.2.2

Release notes

Sourced from tailwindcss's releases.

v4.2.2

Added

• Support Vite 8 in @tailwindcss/vite (#19790)

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)

v4.2.1

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

v4.2.0

Added

• Add mauve, olive, mist, and taupe color palettes to the default theme (#19627)
• Add @tailwindcss/webpack package to run Tailwind CSS as a webpack plugin (#19610)
• Add pbs-* and pbe-* utilities for padding-block-start and padding-block-end (#19601)
• Add mbs-* and mbe-* utilities for margin-block-start and margin-block-end (#19601)
• Add scroll-pbs-* and scroll-pbe-* utilities for scroll-padding-block-start and scroll-padding-block-end (#19601)
• Add scroll-mbs-* and scroll-mbe-* utilities for scroll-margin-block-start and scroll-margin-block-end (#19601)
• Add border-bs-* and border-be-* utilities for border-block-start and border-block-end (#19601)
• Add inline-*, min-inline-*, max-inline-* utilities for inline-size, min-inline-size, and max-inline-size (#19612)
• Add block-*, min-block-*, max-block-* utilities for block-size, min-block-size, and max-block-size (#19612)
• Add inset-s-*, inset-e-*, inset-bs-*, inset-be-* utilities for inset-inline-start, inset-inline-end, inset-block-start, and inset-block-end (#19613)
• Add font-features-* utility for font-feature-settings (#19623)

Fixed

• Prevent double @supports wrapper for color-mix values (#19450)
• Allow whitespace around @source inline() argument (#19461)
• Emit comment when source maps are saved to files when using @tailwindcss/cli (#19447)
• Detect utilities containing capital letters followed by numbers (#19465)
• Fix class extraction for Rails' strict locals (#19525)
• Align @utility name validation with Oxide scanner rules (#19524)
• Fix infinite loop when using @variant inside @custom-variant (#19633)
• Allow multiples of .25 in aspect-* fractions (e.g. aspect-8.5/11) (#19688)
• Ensure changes to external files listed via @source trigger a full page reload when using @tailwindcss/vite (#19670)
• Improve performance of Oxide scanner in bigger projects by reducing file system walks (#19632)
• Ensure import aliases in Astro v5 work without crashing when using @tailwindcss/vite (#19677)
• Allow escape characters in @utility names to improve support with formatters such as Biome (#19626)
• Fix incorrect canonicalization results when canonicalizing multiple times (#19675)

... (truncated)

Changelog

Sourced from tailwindcss's changelog.

[4.2.2] - 2026-03-18

Fixed

• Don't crash when candidates contain prototype properties like row-constructor (#19725)
• Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• Fix crash in canonicalization step when handling utilities containing @property at-rules (e.g. shadow-sm border) (#19727)
• Skip full reload for server only modules scanned by client CSS when using @tailwindcss/vite (#19745)
• Add support for Vite 8 in @tailwindcss/vite (#19790)
• Improve canonicalization for bare values exceeding default spacing scale suggestions (e.g. w-1234 h-1234 → size-1234) (#19809)
• Fix canonicalization resulting in empty list (e.g. w-5 h-5 size-5 → '' instead of size-5) (#19812)
• Resolve tsconfig paths to allow for @import '@/path/to/file'; when using @tailwindcss/vite (#19803)

[4.2.1] - 2026-02-23

Fixed

• Allow trailing dash in functional utility names for backwards compatibility (#19696)
• Properly detect classes containing . characters within curly braces in MDX files (#19711)

[4.2.0] - 2026-02-18

Added

• Add mauve, olive, mist, and taupe color palettes to the default theme (#19627)
• Add @tailwindcss/webpack package to run Tailwind CSS as a webpack plugin (#19610)
• Add pbs-* and pbe-* utilities for padding-block-start and padding-block-end (#19601)
• Add mbs-* and mbe-* utilities for margin-block-start and margin-block-end (#19601)
• Add scroll-pbs-* and scroll-pbe-* utilities for scroll-padding-block-start and scroll-padding-block-end (#19601)
• Add scroll-mbs-* and scroll-mbe-* utilities for scroll-margin-block-start and scroll-margin-block-end (#19601)
• Add border-bs-* and border-be-* utilities for border-block-start and border-block-end (#19601)
• Add inline-*, min-inline-*, max-inline-* utilities for inline-size, min-inline-size, and max-inline-size (#19612)
• Add block-*, min-block-*, max-block-* utilities for block-size, min-block-size, and max-block-size (#19612)
• Add inset-s-*, inset-e-*, inset-bs-*, inset-be-* utilities for inset-inline-start, inset-inline-end, inset-block-start, and inset-block-end (#19613)
• Add font-features-* utility for font-feature-settings (#19623)

Fixed

• Prevent double @supports wrapper for color-mix values (#19450)
• Allow whitespace around @source inline() argument (#19461)
• Emit comment when source maps are saved to files when using @tailwindcss/cli (#19447)
• Detect utilities containing capital letters followed by numbers (#19465)
• Fix class extraction for Rails' strict locals (#19525)
• Align @utility name validation with Oxide scanner rules (#19524)
• Fix infinite loop when using @variant inside @custom-variant (#19633)
• Allow multiples of .25 in aspect-* fractions (e.g. aspect-8.5/11) (#19688)
• Ensure changes to external files listed via @source trigger a full page reload when using @tailwindcss/vite (#19670)
• Improve performance of Oxide scanner in bigger projects by reducing file system walks (#19632)
• Ensure import aliases in Astro v5 work without crashing when using @tailwindcss/vite (#19677)
• Allow escape characters in @utility names to improve support with formatters such as Biome (#19626)

... (truncated)

Commits

• d596b0c 4.2.2 (#19821)
• 2228a57 Bump Lightning CSS (#19771)
• f302fce Fix canonicalization resulting in empty list (#19812)
• bb2f170 Improve canonicalization for bare values exceeding default spacing scale sugg...
• faa5e88 Cleanup inconsistencies related to (regex) escapes (#19804)
• d5717f2 run prettier
• 51aa9d7 fix(canonicalize): handle utilities with empty property maps in collapse (#19...
• c586bd6 Canonicalize calc(var(--spacing)*…) expressions into --spacing(…) (#19769)
• 9ded4a2 Guard object lookups against inherited prototype properties (#19725)
• 1dce64e 4.2.1 (#19714)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for tailwindcss since your current version.

Updates wxt from 0.20.17 to 0.20.20

Release notes

Sourced from wxt's releases.

wxt v0.20.20

compare changes

🩹 Fixes

• Unlisted script return values broken with Vite 8 sourcemaps (#2197)

📖 Documentation

• Add Dymo extension ID to UsingWxtSection.vue (#2187)
• Add Extension Rank Checker to the list of extensions (#2193)

🏡 Chore

• deps: Add vite-node 6 support (64b68671)

❤️ Contributors

• Aaron (@​aklinker1)
• Joseph Hu (@​KiJO94GO)
• FJRG2007 ツ (@​FJRG2007)
• Hampus Tågerud (@​hampustagerud)

wxt v0.20.19

compare changes

🚀 Enhancements

• Vite 8 support (bfd4af5d)

🔥 Performance

• Use filter to improve plugin performance with rolldown (#1787)

🩹 Fixes

• List eslint 10 as supported (55dc263d)

📖 Documentation

• Added "Scrape Similar" to the homepage (#2158)
• Added "isTrust" to the homepage (#2161)

🏡 Chore

• Add prettier-plugin-jsdoc to project (#2171)
• Replace fast-glob and ora with lighter alternatives (#2173)
• deps: Upgrade deps (#2175)
• Replace fs-extra with node:fs/promises (#2174)

... (truncated)

Commits

• 65fc0fa chore(release): wxt v0.20.20
• 64b6867 chore(deps): Add vite-node 6 support
• 9c6d3e3 docs: Add Extension Rank Checker to the list of extensions (#2193)
• 37abe9d docs: Add Dymo extension ID to UsingWxtSection.vue (#2187)
• 9ebef4a chore: remove useDefineForClassFields from svelte/tsconfig.json (#2190)
• e60f7c7 fix: unlisted script return values broken with Vite 8 sourcemaps (#2197)
• 36aadd0 fix: Upgrade @wxt-dev/browser to latest @types/chrome version
• e4598a5 chore(release): @​wxt-dev/module-react v1.2.2
• db5c228 chore(release): wxt v0.20.19
• c61fa8f fix: Add @vitejs/plugin-react v6 support
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions