chore(deps-dev): bump the development-dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the development-dependencies group with 11 updates in the / directory:

Package	From	To
@biomejs/biome	2.4.15	2.5.0
@commitlint/cli	21.0.1	21.0.2
@commitlint/config-conventional	21.0.1	21.0.2
@types/node	25.8.0	26.0.0
@vitest/coverage-v8	4.1.6	4.1.9
concurrently	9.2.1	10.0.3
lefthook	2.1.6	2.1.9
ls-engines	0.10.0	0.10.1
npm-package-json-lint	10.4.0	10.4.1
sort-package-json	3.6.1	4.0.0
tsdown	0.22.0	0.22.3

Updates @biomejs/biome from 2.4.15 to 2.5.0

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.5.0

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.5.0

Minor Changes

• #9539 f0615fd Thanks @​ematipico! - Added a new reporter called concise. When --reporter=concise is passed the commands format, lint, check and ci, the diagnostics are printed in a compact manner:

  ! index.ts:2:10: lint/correctness/noUnusedImports: Several of these imports are unused.
  ! main.ts:9:7: lint/correctness/noUnusedVariables: This variable f is unused.
  × index.ts:8:5: lint/suspicious/noImplicitAnyLet: This variable implicitly has the any type.
  × main.ts:2:10: lint/suspicious/noRedeclare: Shouldn't redeclare 'z'. Consider to delete it or rename it.
  

• #9495 2056b23 Thanks @​aviraldua93! - Added the useKeyWithClickEvents a11y lint rule for HTML files (.html, .vue, .svelte, .astro). This is a port of the existing JSX rule. The rule enforces that elements with an onclick handler also have at least one keyboard event handler (onkeydown, onkeyup, or onkeypress) to ensure keyboard accessibility.

  Inherently keyboard-accessible elements (<a>, <button>, <input>, <select>, <textarea>, <option>) are excluded, as are elements hidden from assistive technologies (aria-hidden) or with role="presentation" / role="none".

  <!-- Invalid: no keyboard handler -->
  <div onclick="handleClick()">Click me</div>
  <!-- Valid: has keyboard handler -->
  <div onclick="handleClick()" onkeydown="handleKeyDown()">Click me</div>
  <!-- Valid: inherently keyboard-accessible -->
  <button onclick="handleClick()">Submit</button>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUndeclaredClasses for HTML, JSX, and SFC files (Vue, Astro, Svelte). The rule detects CSS class names used in class="..." (or className) attributes that are not defined in any <style> block or linked stylesheet reachable from the file.

  <!-- .typo is used but never defined -->
  <html>
    <head>
      <style>
        .button {
          color: blue;
        }
      </style>
    </head>
    <body>
      <div class="button typo"></div>
    </body>
  </html>

• #9152 9ec8500 Thanks @​ematipico! - Added new nursery lint rule noUnusedClasses for CSS. The rule detects CSS class selectors that are never referenced in any HTML or JSX file that imports the stylesheet. This is a project-domain rule that requires the module graph.

  /* styles.css — .ghost is never used in any importing file */

... (truncated)

Commits

• c0b9832 ci: release (#10499)
• 995c1ff feat(lint): add useFunctionComponentDefinition rule (#10498)
• 311c2b2 fix(biome_configuration): avoid Markdown links in JSON schema descriptions (#...
• 04c3f19 fix: docs and readme (#10584)
• 961f41c refactor(useExportType): improve docs and code (#10569)
• 78075b7 feat(useExportType): add style option (#10561)
• 6642895 feat: rule promotion for v2.5 (#10562)
• 9a5855e feat: noRestrictedDependencies (#10467)
• 608a62f Merge branch 'main' into chore/merge-main-into-next
• 0f29b83 feat(linter): implement useIncludes rule (#10516)
• Additional commits viewable in compare view

Updates @commitlint/cli from 21.0.1 to 21.0.2

Release notes

Sourced from @​commitlint/cli's releases.

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

• fix: emit actionable error when --edit cannot find COMMIT_EDITMSG (#589) by @​escapedcat in conventional-changelog/commitlint#4755
• fix: apply oxfmt formatting to get-edit-commit.ts by @​escapedcat in conventional-changelog/commitlint#4768
• fix(read): fail when --from and --to share no merge-base #4555 by @​CervEdin in conventional-changelog/commitlint#4754
• fix: disallow same commit hash for --from and --to by @​knocte in conventional-changelog/commitlint#4773

Chore/CI

• ci: have renovate rebase stale PRs before merging by @​escapedcat in conventional-changelog/commitlint#4782
• chore: have renovate hold PRs for 3 days after release by @​escapedcat in conventional-changelog/commitlint#4788
• chore: anchor vite 8 by @​escapedcat in conventional-changelog/commitlint#4790
• ci: run commitlint once per same-repo PR by @​escapedcat in conventional-changelog/commitlint#4795

New Contributors

• @​CervEdin made their first contribution in conventional-changelog/commitlint#4754

Full Changelog: conventional-changelog/commitlint@v21.0.1...v21.0.2

Changelog

Sourced from @​commitlint/cli's changelog.

21.0.2 (2026-05-29)

Bug Fixes

• disallow same commit hash for --from and --to (#4773) (121005e)

Commits

• 8069048 v21.0.2
• 121005e fix: disallow same commit hash for --from and --to (#4773)
• See full diff in compare view

Updates @commitlint/config-conventional from 21.0.1 to 21.0.2

Release notes

Sourced from @​commitlint/config-conventional's releases.

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

• fix: emit actionable error when --edit cannot find COMMIT_EDITMSG (#589) by @​escapedcat in conventional-changelog/commitlint#4755
• fix: apply oxfmt formatting to get-edit-commit.ts by @​escapedcat in conventional-changelog/commitlint#4768
• fix(read): fail when --from and --to share no merge-base #4555 by @​CervEdin in conventional-changelog/commitlint#4754
• fix: disallow same commit hash for --from and --to by @​knocte in conventional-changelog/commitlint#4773

Chore/CI

• ci: have renovate rebase stale PRs before merging by @​escapedcat in conventional-changelog/commitlint#4782
• chore: have renovate hold PRs for 3 days after release by @​escapedcat in conventional-changelog/commitlint#4788
• chore: anchor vite 8 by @​escapedcat in conventional-changelog/commitlint#4790
• ci: run commitlint once per same-repo PR by @​escapedcat in conventional-changelog/commitlint#4795

New Contributors

• @​CervEdin made their first contribution in conventional-changelog/commitlint#4754

Full Changelog: conventional-changelog/commitlint@v21.0.1...v21.0.2

Changelog

Sourced from @​commitlint/config-conventional's changelog.

21.0.2 (2026-05-29)

Note: Version bump only for package @​commitlint/config-conventional

Commits

• 8069048 v21.0.2
• See full diff in compare view

Updates @types/node from 25.8.0 to 26.0.0

Commits

• See full diff in compare view

Updates @vitest/coverage-v8 from 4.1.6 to 4.1.9

Release notes

Sourced from @​vitest/coverage-v8's releases.

v4.1.9

🐞 Bug Fixes

• Fix importOriginal with optimizer and query import [backport to v4] - by Hiroshi Ogawa, David Harris, Codexand Vladimir in vitest-dev/vitest#10546 (a5180)
• browser:
  • Wait for orchestrator readiness before resolving browser sessions [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10555 (7fb29)
  • Wait for iframe tester readiness before preparing [backport to v4] - by Vladimir and Séamus O'Connor in vitest-dev/vitest#10497 and vitest-dev/vitest#10556 (fbc62)
• mocker:
  • Hoist vi.mock() for vite-plus/test imports [backport to v4] - by Hiroshi Ogawa, LongYinan, Claude Opus 4.8 and Vladimir in vitest-dev/vitest#10548 (2c955)
• pool:
  • Prevent test run hang on worker crash [backport to v4] - by Ari Perkkiö and Jattioui Ismail in vitest-dev/vitest#10543 and vitest-dev/vitest#10564 (934b0)

View changes on GitHub

v4.1.8

   🐞 Bug Fixes

• browser:
  • Disable client cdp API when allowWrite/allowExec: false [backport to v4]  -  by @​hi-ogawa and Codex in vitest-dev/vitest#10450 (e4067)
  • Remove orphaned Playwright route when same module is mocked via multiple ids [backport to v4]  -  by @​toxik and @​Zelys-DFKH in vitest-dev/vitest#10474 (675b4)

    View changes on GitHub

v4.1.7

   🐞 Bug Fixes

• runner: Limit concurrency per task branch in addition to per leaf callbacks (backport)  -  by @​hi-ogawa in vitest-dev/vitest#10384 (4f0f2)

    View changes on GitHub

Commits

• a7a61e7 chore: release v4.1.9 (#10598)
• e61f2dd chore: release v4.1.8
• e4067b3 fix(browser): disable client cdp API when allowWrite/allowExec: false [ba...
• a09d472 chore: release v4.1.7
• See full diff in compare view

Updates concurrently from 9.2.1 to 10.0.3

Release notes

Sourced from concurrently's releases.

v10.0.3

Republish of https://github.com/open-cli-tools/concurrently/releases/tag/v10.0.1 with Trusted Publishing enabled (see #595)

Full Changelog: open-cli-tools/concurrently@v10.0.2...v10.0.3

v10.0.2

Test version to restore Trusted Publishing. Not published to npm.

v10.0.1

• Ensure FlowController type is exported - #594

Full Changelog: open-cli-tools/concurrently@v10.0.0...v10.0.1

v10.0.0

💥 Breaking Changes

• Dropped support for Node.js <22.0.0. Older Node.js version have reached end-of-life, and certain features require new-ish JS APIs.
• concurrently is now ESM-only. It's now possible to require(esm). See here for interoperability.
• Prefix colors now default to automatic - #581 The colors used to default to reset (which does nothing). Concurrently now automatically selects a color, out of the box. The list of colors used is not jarring nor carries semantic meaning, and reads well in both dark and light terminal backgrounds.
• Removed deprecated flags and options
  • CLI flag --name-separator: use commas instead.
  • API option killOthers: use killOthersOn instead.

✨ New Features

• Support applying modifiers to hex prefix colors (e.g. #ff0000.bold) - #450
• Support chalk's color functions in prefixes (e.g. rgb(), hex(), bgRgb(), etc) - #578
• Set prefix background color via bg#RRGGBB - #578
• Allow shell override via --shell CLI flag/shell API option - #288, #589, #556 concurrently distinguishes between cmd.exe, powershell, and POSIX-based shells.
• Manual prefix coloring in templates e.g. [{color}{name}{/color}] - #583, #587

🐛 Bug fixes

• Scope quote normalization to CLI input - #582, #585 It should now also be possible to run commands like "/some/command" foo bar"
• Don't throw when color doesn't exist - #580

🔐 Security

• Address vulnerability in shellquote - #591

Other changes

• Warn about running on Snap - #584

New Contributors

• @​philfreo made their first contribution in open-cli-tools/concurrently#566
• @​garretmh made their first contribution in open-cli-tools/concurrently#450
• @​CodeF53 made their first contribution in open-cli-tools/concurrently#574
• @​nkappler made their first contribution in open-cli-tools/concurrently#577

... (truncated)

Commits

• 435f61b 10.0.3
• 5ea69c6 ci: use node 24 in the release workflow
• 18e1281 10.0.2
• e70686f 10.0.1
• a95bceb Rename flow-controller{.d -> }.ts
• ced4245 ci: configure trusted publisher flow
• cf2eaa2 10.0.0
• 1b9bae4 deps: upgrade yargs to v18 (#593)
• b05ee75 Bump min Node.js version to v22
• ae60bc4 Scope quote normalization to CLI input (#585)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for concurrently since your current version.

Updates lefthook from 2.1.6 to 2.1.9

Release notes

Sourced from lefthook's releases.

v2.1.9

Changelog

• 1d35cbabe1ebaf2a5ed4d2186caa0402de6448e2 chore: add pretty gradient (#1432)
• 22be6c50e1412c748f3c6b60e9c61cd056dc693b deps: May 2026 (#1415)
• 1bae568f03dfb88af9185031fa44e9fee285e917 fix: update hooks path after resetting (#1431)

v2.1.8

Changelog

• 488a5f99a5a496e5837f757f8ce3e6c6d1415792 fix: do not warn if local hooks path is equal to default hooks path (#1421)

v2.1.7

Changelog

• f415a9d3fce1d4f6af62622cf96c72e04ecf7bd3 chore: go mod tidy
• cf4ab9ea4580f5aeb0d4b61d4dd169533e5bb0c9 fix: always restore unstaged changes (#1416)
• 4c0e000d6fe9f35f42efefb9263b0b4cb5dfbd49 fix: apply stage_fixed only if it is safe (#1418)
• 76aa843ef5ceb6970f61cd2ff28d16dd2ec82272 fix: linter, sacrifice optimization for readability
• 9d53c36ed9a26d3bf66e341a9650a0ecac9b6a37 fix: separate fallback push branch from pathspecs (#1396)
• 22c9f773cf93b59005bd244c5b00caab2947a755 fix: try to always restore unstaged changes (#1417)
• 37d83986d8e6d6bf6792f57e22e7cbb1a9e28064 fix: use contrast colors (#1420)
• eb1064d0b8c6248627960bea1abf6891db5a21b1 refactor: add new logger without a global state (#1385)

Changelog

Sourced from lefthook's changelog.

2.1.9 (2026-05-29)

• fix: update hooks path after resetting (#1431) by @​mrexox
• deps: May 2026 (#1415) by @​mrexox

2.1.8 (2026-05-19)

• fix: do not warn if local hooks path is equal to default hooks path (#1421) by @​mrexox

2.1.7 (2026-05-19)

• fix: use contrast colors (#1420) by @​mrexox
• fix: apply stage_fixed only if it is safe (#1418) by @​mrexox
• fix: try to always restore unstaged changes (#1417) by @​mrexox
• fix: always restore unstaged changes (#1416) by @​mrexox
• refactor: add new logger without a global state (#1385) by @​mrexox
• fix: linter, sacrifice optimization for readability by @​mrexox
• fix: separate fallback push branch from pathspecs (#1396) by @​lawrence3699

Commits

• 75f99ff 2.1.9: fix install with --reset-hooks-path
• 1d35cba chore: add pretty gradient (#1432)
• 1bae568 fix: update hooks path after resetting (#1431)
• 22be6c5 deps: May 2026 (#1415)
• 9e75b21 2.1.8: reduce warning for core.hooksPath if it matches the default
• 488a5f9 fix: do not warn if local hooks path is equal to default hooks path (#1421)
• b5c8310 2.1.7: restore unstaged changes when possible
• 37d8398 fix: use contrast colors (#1420)
• 4c0e000 fix: apply stage_fixed only if it is safe (#1418)
• 22c9f77 fix: try to always restore unstaged changes (#1417)
• Additional commits viewable in compare view

Updates ls-engines from 0.10.0 to 0.10.1

Changelog

Sourced from ls-engines's changelog.

v0.10.1 - 2026-06-19

Commits

• [New] add types 13ff435
• [Tests] update fixtures 0b249a1
• [eslint] some cleanup c5046f7
• [actions] update workflows 0ceb848
• [Deps] update pargs 12170a9
• [Robustness] avoid .push, use void 79e28f2
• [Dev Deps] update auto-changelog, eslint, npmignore, tape 27c9468
• [meta] exclude some files from the publish ae9bf18
• [Refactor] store valid engines in an importable file c2cee45
• [Fix] use valid subpath imports specifier for node <24 301a113
• [eslint] fix errors 523e825
• [Deps] update pargs, semver afa5e63
• [Tests] update tape 7366498
• [Dev Deps] update eslint 3c8a241
• [Deps] update pargs 7c4b17d
• [readme] replace runkit CI badge with shields.io check-runs badge 46608fe
• [eslint] fix linting dd08850

Commits

• 5c0e7e3 v0.10.1
• ae9bf18 [meta] exclude some files from the publish
• 301a113 [Fix] use valid subpath imports specifier for node <24
• 523e825 [eslint] fix errors
• 3c8a241 [Dev Deps] update eslint
• 0ceb848 [actions] update workflows
• afa5e63 [Deps] update pargs, semver
• 7366498 [Tests] update tape
• 12170a9 [Deps] update pargs
• 13ff435 [New] add types
• Additional commits viewable in compare view

Updates npm-package-json-lint from 10.4.0 to 10.4.1

Release notes

Sourced from npm-package-json-lint's releases.

v10.4.1

What's Changed

🙈 Fixed

• fix: Path to types by @​regseb in tclindner/npm-package-json-lint#1848

🧹 Chores

• build(deps-dev): Bump globals from 17.5.0 to 17.6.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1802
• build(deps-dev): Bump eslint from 10.2.1 to 10.3.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1803
• build(deps-dev): Bump typescript-eslint from 8.59.0 to 8.59.1 by @​dependabot[bot] in tclindner/npm-package-json-lint#1795
• build(deps): Bump minimatch from 10.2.4 to 10.2.5 by @​dependabot[bot] in tclindner/npm-package-json-lint#1793
• build(deps-dev): Bump typescript-eslint from 8.59.1 to 8.59.2 by @​dependabot[bot] in tclindner/npm-package-json-lint#1805
• build(deps): Bump react from 19.2.5 to 19.2.6 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1806
• build(deps): Bump react-dom from 19.2.5 to 19.2.6 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1807
• build(deps-dev): Bump @​types/node from 25.6.0 to 25.6.2 by @​dependabot[bot] in tclindner/npm-package-json-lint#1810
• build(deps-dev): Bump tsdown from 0.21.10 to 0.22.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1808
• build(deps-dev): Bump jest from 30.3.0 to 30.4.1 by @​dependabot[bot] in tclindner/npm-package-json-lint#1809
• build(deps): Bump semver from 7.7.4 to 7.8.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1813
• build(deps): Bump fast-uri from 3.0.6 to 3.1.2 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1811
• build(deps): Bump @​babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1814
• build(deps-dev): Bump @​types/node from 25.6.2 to 25.7.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1815
• build(deps-dev): Bump typescript-eslint from 8.59.2 to 8.59.3 by @​dependabot[bot] in tclindner/npm-package-json-lint#1817
• build(deps-dev): Bump jest from 30.4.1 to 30.4.2 by @​dependabot[bot] in tclindner/npm-package-json-lint#1816
• build(deps-dev): Bump @​types/node from 25.7.0 to 25.8.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1818
• build(deps-dev): Bump eslint from 10.3.0 to 10.4.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1819
• build(deps): Bump brace-expansion from 5.0.5 to 5.0.6 by @​dependabot[bot] in tclindner/npm-package-json-lint#1820
• build(deps): Bump webpack-dev-server from 5.2.3 to 5.2.4 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1821
• build(deps-dev): Bump typescript-eslint from 8.59.3 to 8.59.4 by @​dependabot[bot] in tclindner/npm-package-json-lint#1822
• build(deps-dev): Bump ts-jest from 29.4.9 to 29.4.10 by @​dependabot[bot] in tclindner/npm-package-json-lint#1823
• build(deps-dev): Bump @​types/node from 25.8.0 to 25.9.1 by @​dependabot[bot] in tclindner/npm-package-json-lint#1824
• build(deps-dev): Bump ts-jest from 29.4.10 to 29.4.11 by @​dependabot[bot] in tclindner/npm-package-json-lint#1825
• build(deps): Bump semver from 7.8.0 to 7.8.1 by @​dependabot[bot] in tclindner/npm-package-json-lint#1826
• build(deps): Bump qs and express in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1827
• Add dependabot.yml groupings by @​tclindner in tclindner/npm-package-json-lint#1828
• build(deps-dev): Bump typescript-eslint from 8.59.4 to 8.60.0 in the eslint-dependencies group by @​dependabot[bot] in tclindner/npm-package-json-lint#1829
• build(deps-dev): Bump @​babel/core from 7.29.0 to 7.29.7 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1830
• build(deps-dev): Bump tsdown from 0.22.0 to 0.22.1 by @​dependabot[bot] in tclindner/npm-package-json-lint#1832
• build(deps-dev): Bump the eslint-dependencies group across 1 directory with 2 updates by @​dependabot[bot] in tclindner/npm-package-json-lint#1833
• build(deps-dev): Bump typescript-eslint from 8.60.0 to 8.60.1 in the eslint-dependencies group by @​dependabot[bot] in tclindner/npm-package-json-lint#1834
• build(deps): Bump type-fest from 5.6.0 to 5.7.0 by @​dependabot[bot] in tclindner/npm-package-json-lint#1835
• build(deps): Bump the react-dependencies group in /website with 2 updates by @​dependabot[bot] in tclindner/npm-package-json-lint#1836
• build(deps-dev): Bump tsdown from 0.22.1 to 0.22.2 by @​dependabot[bot] in tclindner/npm-package-json-lint#1837
• build(deps): Bump semver from 7.8.1 to 7.8.2 by @​dependabot[bot] in tclindner/npm-package-json-lint#1838
• build(deps-dev): Bump @​types/node from 25.9.1 to 25.9.2 by @​dependabot[bot] in tclindner/npm-package-json-lint#1839
• build(deps): Bump semver from 7.8.2 to 7.8.3 by @​dependabot[bot] in tclindner/npm-package-json-lint#1842
• build(deps-dev): Bump prettier from 3.8.3 to 3.8.4 by @​dependabot[bot] in tclindner/npm-package-json-lint#1844
• build(deps): Bump shell-quote from 1.8.3 to 1.8.4 in /website by @​dependabot[bot] in tclindner/npm-package-json-lint#1843
• build(deps): Bump semver from 7.8.3 to 7.8.4 by @​dependabot[bot] in tclindner/npm-package-json-lint#1845
• build(deps-dev): Bump @​types/node from 25.9.2 to 25.9.3 by @​dependabot[bot] in tclindner/npm-package-json-lint#1846

🎁 Other

... (truncated)

Commits

• 7c77437 fix: Path to types (#1848)
• 4c79057 build(deps-dev): Bump @​types/node from 25.9.2 to 25.9.3 (#1846)
• e4f57c5 build(deps): Bump semver from 7.8.3 to 7.8.4 (#1845)
• 8477e95 build(deps): Bump shell-quote from 1.8.3 to 1.8.4 in /website (#1843)
• 5517d9d build(deps-dev): Bump prettier from 3.8.3 to 3.8.4 (#1844)
• 3efa82a build(deps): Bump semver from 7.8.2 to 7.8.3 (#1842)
• f596e27 build(deps-dev): Bump @​types/node from 25.9.1 to 25.9.2 (#1839)
• 6407138 build(deps): Bump semver from 7.8.1 to 7.8.2 (#1838)
• 0672bdb build(deps-dev): Bump tsdown from 0.22.1 to 0.22.2 (#1837)
• 6d4f4a6 build(deps): Bump the react-dependencies group (#1836)
• Additional commits viewable in compare view

Updates sort-package-json from 3.6.1 to 4.0.0

Release notes

Sourced from sort-package-json's releases.

v4.0.0

4.0.0 (2026-06-03)

• refactor!: drop support for Nodejs 20 (#412) (d51292c)

BREAKING CHANGES

• This drops support for Nodejs 20, and drops the polyfill for Object.groupBy - instead calling it directly. This means this version will fail to run in Nodejs 20 contexts without an Object.groupBy polyfill.

Going forward and issues relating to support for Nodejs 20 will be closed, our minimum supported Nodejs version is 22 - which we will aim to support until April 2027, when it becomes EOL.

v3.7.1

3.7.1 (2026-06-03)

Bug Fixes

• revert "chore: drop support for Nodejs 20 (#412)" (c22cfe8)

v3.7.0

3.7.0 (2026-06-02)

Features

• sort wireit (#402) (0f2dc7a)

Commits

• d51292c refactor!: drop support for Nodejs 20 (#412)
• c22cfe8 fix: revert "chore: drop support for Nodejs 20 (#412)"
• 0f2dc7a feat: sort wireit (#402)
• 94c3904 chore: drop support for Nodejs 20 (#412)
• 7622c1a chore: exclude git-hooks-list (#392)
• See full diff in compare view
Description has been truncated

[dependabot]

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.