chore(deps)(deps-dev): bump the tooling group across 1 directory with 4 updates

[dependabot]

Bumps the tooling group with 4 updates in the / directory: @biomejs/biome, lefthook, typescript and wrangler.

Updates @biomejs/biome from 2.4.13 to 2.4.16

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.16

2.4.16

Patch Changes

• #10329 ef764d5 Thanks @​Conaclos! - Fixed an issue where diagnostics showed an incorrect location in Astro files.

• #10363 50aa415 Thanks @​dyc3! - Fixed HTML formatting for a case where comments could cause the formatter to split up a closing tag, which would cause the resulting HTML to be syntactically invalid.

  Input:

  <span
    ><!-- 1
  --><span>a</span
    ><!-- 2
  --><span>b</span
    ><!-- 3
  --></span>

  Output:

    <span
  	  ><!-- 1
  - --> <span>a</span<!-- 2
  - --> ><span>b</span><!-- 3
  + --><span>a</span><!-- 2
  + --><span>b</span><!-- 3
    --></span
    >

• #10465 0c718da Thanks @​dfedoryshchev! - Fixed diagnostics emitted by the noUntrustedLicenses rule.

• #10358 05c2617 Thanks @​dyc3! - Fixed #10356: biome rage --linter now displays rules enabled through linter domains in the enabled rules list.

• #10300 950247c Thanks @​dyc3! - Fixed #10265: Svelte function bindings such as bind:value={get, set} are now parsed more precisely, so noCommaOperator won't emit false positives for that syntax anymore.

• #9786 e71f584 Thanks @​MeGaNeKoS! - Fixed #8480: useDestructuring now provides variableDeclarator and assignmentExpression options to control which contexts enforce destructuring, matching ESLint's prefer-destructuring configuration. Both default to {array: true, object: true}. The diagnostic for object destructuring in assignment expressions now instructs users to wrap the assignment in parentheses.

• #10425 1948b72 Thanks @​sjh9714! - Fixed #10244: The useOptionalChain rule now detects negated guard inequality chains like !foo || foo.bar !== "x".

• #10442 001f94f Thanks @​ematipico! - Fixed #10411: noMisusedPromises no longer causes a stack overflow when a nested function returns an object with shorthand properties that shadow destructured variables from an outer scope.

• #10318 9b1577f Thanks @​dyc3! - Added support for formatter.trailingCommas in overrides. This option was previously available in the top-level formatter configuration but missing from formatter overrides.

• #10319 2e37709 Thanks @​dyc3! - Fixed Vue and Svelte formatting for standalone interpolations in inline elements. Biome now preserves existing newlines in cases like:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.16

Patch Changes

• #10329 ef764d5 Thanks @​Conaclos! - Fixed an issue where diagnostics showed an incorrect location in Astro files.

• #10363 50aa415 Thanks @​dyc3! - Fixed HTML formatting for a case where comments could cause the formatter to split up a closing tag, which would cause the resulting HTML to be syntactically invalid.

  Input:

  <span
    ><!-- 1
  --><span>a</span
    ><!-- 2
  --><span>b</span
    ><!-- 3
  --></span>

  Output:

    <span
  	  ><!-- 1
  - --> <span>a</span<!-- 2
  - --> ><span>b</span><!-- 3
  + --><span>a</span><!-- 2
  + --><span>b</span><!-- 3
    --></span
    >

• #10465 0c718da Thanks @​dfedoryshchev! - Fixed diagnostics emitted by the noUntrustedLicenses rule.

• #10358 05c2617 Thanks @​dyc3! - Fixed #10356: biome rage --linter now displays rules enabled through linter domains in the enabled rules list.

• #10300 950247c Thanks @​dyc3! - Fixed #10265: Svelte function bindings such as bind:value={get, set} are now parsed more precisely, so noCommaOperator won't emit false positives for that syntax anymore.

• #9786 e71f584 Thanks @​MeGaNeKoS! - Fixed #8480: useDestructuring now provides variableDeclarator and assignmentExpression options to control which contexts enforce destructuring, matching ESLint's prefer-destructuring configuration. Both default to {array: true, object: true}. The diagnostic for object destructuring in assignment expressions now instructs users to wrap the assignment in parentheses.

• #10425 1948b72 Thanks @​sjh9714! - Fixed #10244: The useOptionalChain rule now detects negated guard inequality chains like !foo || foo.bar !== "x".

• #10442 001f94f Thanks @​ematipico! - Fixed #10411: noMisusedPromises no longer causes a stack overflow when a nested function returns an object with shorthand properties that shadow destructured variables from an outer scope.

• #10318 9b1577f Thanks @​dyc3! - Added support for formatter.trailingCommas in overrides. This option was previously available in the top-level formatter configuration but missing from formatter overrides.

• #10319 2e37709 Thanks @​dyc3! - Fixed Vue and Svelte formatting for standalone interpolations in inline elements. Biome now preserves existing newlines in cases like:

... (truncated)

Commits

• 5f4ea56 ci: release (#10326)
• de2a33c fix(core): regression in emitted types (#10478)
• d835303 docs: remove redundant default phrase in useConsistentObjectDefinitions rul...
• 4f1aaf2 fix: incorrect build when using build or test (#10426)
• dc73b6b refactor: make plugins opt-in via feature gate (#10418)
• e71f584 feat(useDestructuring): add options for assignment/declaration and improve di...
• 9b1577f fix(config): support trailingCommas in overrides (#10318)
• 9dd3271 ci: release (#10210)
• 7b8d4e1 feat(lint/html/vue): add useVueValidVFor (#10195)
• ba3480e feat(lint/js): add useTestHooksInOrder (#9394)
• Additional commits viewable in compare view

Updates lefthook from 2.1.6 to 2.1.9

Release notes

Sourced from lefthook's releases.

v2.1.9

Changelog

• 1d35cbabe1ebaf2a5ed4d2186caa0402de6448e2 chore: add pretty gradient (#1432)
• 22be6c50e1412c748f3c6b60e9c61cd056dc693b deps: May 2026 (#1415)
• 1bae568f03dfb88af9185031fa44e9fee285e917 fix: update hooks path after resetting (#1431)

v2.1.8

Changelog

• 488a5f99a5a496e5837f757f8ce3e6c6d1415792 fix: do not warn if local hooks path is equal to default hooks path (#1421)

v2.1.7

Changelog

• f415a9d3fce1d4f6af62622cf96c72e04ecf7bd3 chore: go mod tidy
• cf4ab9ea4580f5aeb0d4b61d4dd169533e5bb0c9 fix: always restore unstaged changes (#1416)
• 4c0e000d6fe9f35f42efefb9263b0b4cb5dfbd49 fix: apply stage_fixed only if it is safe (#1418)
• 76aa843ef5ceb6970f61cd2ff28d16dd2ec82272 fix: linter, sacrifice optimization for readability
• 9d53c36ed9a26d3bf66e341a9650a0ecac9b6a37 fix: separate fallback push branch from pathspecs (#1396)
• 22c9f773cf93b59005bd244c5b00caab2947a755 fix: try to always restore unstaged changes (#1417)
• 37d83986d8e6d6bf6792f57e22e7cbb1a9e28064 fix: use contrast colors (#1420)
• eb1064d0b8c6248627960bea1abf6891db5a21b1 refactor: add new logger without a global state (#1385)

Changelog

Sourced from lefthook's changelog.

2.1.9 (2026-05-29)

• fix: update hooks path after resetting (#1431) by @​mrexox
• deps: May 2026 (#1415) by @​mrexox

2.1.8 (2026-05-19)

• fix: do not warn if local hooks path is equal to default hooks path (#1421) by @​mrexox

2.1.7 (2026-05-19)

• fix: use contrast colors (#1420) by @​mrexox
• fix: apply stage_fixed only if it is safe (#1418) by @​mrexox
• fix: try to always restore unstaged changes (#1417) by @​mrexox
• fix: always restore unstaged changes (#1416) by @​mrexox
• refactor: add new logger without a global state (#1385) by @​mrexox
• fix: linter, sacrifice optimization for readability by @​mrexox
• fix: separate fallback push branch from pathspecs (#1396) by @​lawrence3699

Commits

• 75f99ff 2.1.9: fix install with --reset-hooks-path
• 1d35cba chore: add pretty gradient (#1432)
• 1bae568 fix: update hooks path after resetting (#1431)
• 22be6c5 deps: May 2026 (#1415)
• 9e75b21 2.1.8: reduce warning for core.hooksPath if it matches the default
• 488a5f9 fix: do not warn if local hooks path is equal to default hooks path (#1421)
• b5c8310 2.1.7: restore unstaged changes when possible
• 37d8398 fix: use contrast colors (#1420)
• 4c0e000 fix: apply stage_fixed only if it is safe (#1418)
• 22c9f77 fix: try to always restore unstaged changes (#1417)
• Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.3

Release notes

Sourced from typescript's releases.

TypeScript 6.0.3

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).
• fixed issues query for TypeScript 6.0.3 (Stable).

Downloads are available on:

• npm

TypeScript 6.0

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).

Downloads are available on:

• npm

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 050880c Bump version to 6.0.3 and LKG
• eeae9dd 🤖 Pick PR #63401 (Also check package name validity in...) into release-6.0 (#...
• ad1c695 🤖 Pick PR #63368 (Harden ATA package name filtering) into release-6.0 (#63372)
• 0725fb4 🤖 Pick PR #63310 (Mark class property initializers as...) into release-6.0 (#...
• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• Additional commits viewable in compare view

Updates wrangler from 4.86.0 to 4.97.0

Release notes

Sourced from wrangler's releases.

wrangler@4.97.0

Minor Changes

• #13996 94b29f7 Thanks @​vaishnav-mk! - Add restart-from-step options to wrangler workflows instances restart

  You can now restart a Workflow instance from a specific step using --from-step-name, with optional --from-step-count and --from-step-type disambiguation. These options work for both remote Workflow instances and local wrangler dev --local sessions.

Patch Changes

• #14141 b210c5e Thanks @​MattieTK! - Add re-authentication hint to account fetch error messages

  When Wrangler fails to automatically retrieve account IDs, the error messages now suggest running wrangler login as a troubleshooting step. This addresses confusion for users who encounter these errors after OAuth system changes or other authentication issues.

• #14078 aec1bb8 Thanks @​MattieTK! - Bump am-i-vibing from 0.1.1 to 0.4.0

  This updates the agentic environment detection library to the latest version, which includes improved detection coverage for newer AI coding agents.

• #14147 e06cbb7 Thanks @​dependabot! - Update dependencies of "miniflare", "wrangler"

  The following dependency versions have been updated:

  Dependency	From	To
  workerd	1.20260529.1	1.20260601.1

• #14027 9a26191 Thanks @​matingathani! - Gracefully handle EMFILE error when assets directory exceeds OS watcher limit

  Previously, when wrangler dev was pointed at an assets directory with more than ~4,096 subdirectories, the chokidar file watcher threw an EMFILE: too many open files error that was not caught, causing an infinite error loop that made the dev server unresponsive.

  Now the error is caught and wrangler:

  1. Logs a clear warning explaining the platform watcher limit was hit
  2. Recommends reducing the number of subdirectories by flattening or restructuring the assets directory
  3. Disables the assets watcher gracefully so the dev server continues working without hot-reload

• #14041 5565823 Thanks @​matingathani! - Fix wrangler complete printing the AI skills prompt into shell completion output

  Previously, running eval "$(wrangler complete zsh)" (or any other shell) would fail with errors like zsh: command not found: --install-skills because the interactive AI agent skills installation prompt was included in the completion script output.

  The skills prompt is now skipped when running wrangler complete, so the generated completion script is clean and can be sourced correctly.

• #13881 890fca7 Thanks @​matingathani! - Show a clear error when --metadata is not valid JSON instead of silently ignoring the value

• #14149 6fc9777 Thanks @​mattjohnsonpint! - Fix wrangler deploy --upload-source-maps silently skipping source maps when the entry file ends with magic comments after //# sourceMappingURL=

  Wrangler previously assumed the //# sourceMappingURL= comment was the last non-empty line of a module. Tools like sentry-cli sourcemaps inject append a //# debugId= comment after it, which silently caused source maps to be omitted from the upload form, most commonly when deploying with --no-bundle --upload-source-maps. Wrangler now scans trailing magic comments (lines starting with //# or //@) and detects the //# sourceMappingURL= comment regardless of which other magic comments follow it.

• #14105 337e912 Thanks @​dario-piotrowicz! - Remove trailing periods from URLs in terminal output

  URLs printed to the terminal with a sentence-ending period (e.g. https://example.com/path.) would include the period when clicked in some terminal emulators, causing 404 errors. This removes trailing periods from all URLs displayed in CLI output across wrangler, miniflare, vitest-pool-workers, and workers-utils.

... (truncated)

Commits

• 0b60424 Version Packages (#14142)
• 42288d4 fix: Include currentAgentSkillsInstalled in command telemetry events (#14155)
• 6fc9777 [wrangler] fix: don't assume sourceMappingURL is on the last line (#14149)
• 94b29f7 [workflows] Restart from step (#13996)
• e06cbb7 Bump the workerd-and-workers-types group with 2 updates (#14147)
• 5565823 [wrangler] Fix wrangler complete printing AI skills prompt into shell compl...
• 8e7b74f [wrangler] fix: send Workflows schedules as { cron } objects on deploy (#14150)
• 9a26191 [wrangler] fix: gracefully handle EMFILE when assets watcher exceeds director...
• aec1bb8 [wrangler] Bump am-i-vibing from 0.1.1 to 0.4.0 (#14078)
• 890fca7 [wrangler] fix: show clear error when --metadata is not valid JSON (#13881)
• Additional commits viewable in compare view

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	awoo	ecd26c7	Jun 04 2026, 02:50 AM