Bump the npm group with 4 updates

[dependabot]

Bumps the npm group with 4 updates: @biomejs/biome, @types/node, @types/vscode and webpack.

Updates @biomejs/biome from 2.3.13 to 2.4.4

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.4

2.4.4

Patch Changes

• #9150 6946835 Thanks @​dyc3! - Fixed #9138: Astro files containing --- in HTML content (e.g., <h1>---Hi</h1>) are now parsed correctly, both when a frontmatter block is present and when there is no frontmatter at all.

• #9150 aa6f837 Thanks @​dyc3! - Fixed #9138: The HTML parser incorrectly failing to parse bracket characters ([ and ]) in text content (e.g. <div>[Foo]</div>).

• #9151 c0d4b0c Thanks @​dyc3! - Fixed parsing of Svelte directive keywords (use, style) when used as plain text content in HTML/Svelte files. Previously, <p>use JavaScript</p> or <p>style it</p> would incorrectly produce a bogus element instead of proper text content.

• #9162 7f1e060 Thanks @​dyc3! - Fixed #9161: The Vue parser now correctly handles colon attributes like xlink:href and xmlns:xlink by parsing them as single attributes instead of splitting them into separate tokens.

• #9164 458211b Thanks @​dyc3! - Fixed #9161: The noAssignInExpressions rule no longer flags assignments in Vue v-on directives (e.g., @click="counter += 1"). Assignments in event handlers are idiomatic Vue patterns and are now skipped by the rule.

What's Changed

• chore(scss): cherry-picks by @​denbezrukov in biomejs/biome#9149
• fix(parse/html): don't lex square brackets as special tokens in contexts where they don't mean anything by @​dyc3 in biomejs/biome#9150
• refactor(parse/html): use token_set! instead of matches! for svelte keywords and directives helpers by @​dyc3 in biomejs/biome#9148
• fix(parse/html): don't lex "use" as USE_KW when in html text content by @​dyc3 in biomejs/biome#9151
• feat(css): enhance SCSS qualified name detection by @​denbezrukov in biomejs/biome#9159
• chore(html): more html benchmarks by @​dyc3 in biomejs/biome#8153
• fix(parse/html/vue): don't treat : as special token outside of vue directives by @​dyc3 in biomejs/biome#9162
• feat(lint/vue): automatically ignore noAssignInExpressions for vue v-on directives by @​dyc3 in biomejs/biome#9164
• ci: release by @​github-actions[bot] in biomejs/biome#9160

Full Changelog: https://github.com/biomejs/biome/compare/@​biomejs/biome@​2.4.3...@​biomejs/biome@​2.4.4

Biome CLI v2.4.3

2.4.3

Patch Changes

• #9120 aa40fc2 Thanks @​ematipico! - Fixed #9109, where the GitHub reporter wasn't correctly enabled when biome ci runs on GitHub Actions.

• #9128 8ca3f7f Thanks @​dyc3! - Fixed #9107: The HTML parser can now correctly parse Astro directives (client/set/class/is/server), which fixes the formatting for Astro directives.

• #9124 f5b0e8d Thanks @​ematipico! - Fixed #8882 and #9108: The Astro frontmatter lexer now correctly identifies the closing --- fence when the frontmatter contains multi-line block comments with quote characters, strings that mix quote types (e.g. "it's"), or escaped quote characters (e.g. "\").

• #9142 3ca066b Thanks @​THernandez03! - Fixed #9141: The noUnknownAttribute rule no longer reports closedby as an unknown attribute on <dialog> elements.

• #9126 792013e Thanks @​ematipico! - Added missing Mocha globals to the Test domain: context, run, setup, specify, suite, suiteSetup, suiteTeardown, teardown, xcontext, xdescribe, xit, and xspecify. These are injected by Mocha's BDD and TDD interfaces and were previously flagged as undeclared variables in projects using Mocha.

• #8855 6918c9e Thanks @​ruidosujeira! - Fixed #8840. Now the Biome CSS parser correctly parses not + scroll-state inside @container queries.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.4

Patch Changes

• #9150 6946835 Thanks @​dyc3! - Fixed #9138: Astro files containing --- in HTML content (e.g., <h1>---Hi</h1>) are now parsed correctly, both when a frontmatter block is present and when there is no frontmatter at all.

• #9150 aa6f837 Thanks @​dyc3! - Fixed #9138: The HTML parser incorrectly failing to parse bracket characters ([ and ]) in text content (e.g. <div>[Foo]</div>).

• #9151 c0d4b0c Thanks @​dyc3! - Fixed parsing of Svelte directive keywords (use, style) when used as plain text content in HTML/Svelte files. Previously, <p>use JavaScript</p> or <p>style it</p> would incorrectly produce a bogus element instead of proper text content.

• #9162 7f1e060 Thanks @​dyc3! - Fixed #9161: The Vue parser now correctly handles colon attributes like xlink:href and xmlns:xlink by parsing them as single attributes instead of splitting them into separate tokens.

• #9164 458211b Thanks @​dyc3! - Fixed #9161: The noAssignInExpressions rule no longer flags assignments in Vue v-on directives (e.g., @click="counter += 1"). Assignments in event handlers are idiomatic Vue patterns and are now skipped by the rule.

2.4.3

Patch Changes

• #9120 aa40fc2 Thanks @​ematipico! - Fixed #9109, where the GitHub reporter wasn't correctly enabled when biome ci runs on GitHub Actions.

• #9128 8ca3f7f Thanks @​dyc3! - Fixed #9107: The HTML parser can now correctly parse Astro directives (client/set/class/is/server), which fixes the formatting for Astro directives.

• #9124 f5b0e8d Thanks @​ematipico! - Fixed #8882 and #9108: The Astro frontmatter lexer now correctly identifies the closing --- fence when the frontmatter contains multi-line block comments with quote characters, strings that mix quote types (e.g. "it's"), or escaped quote characters (e.g. "\").

• #9142 3ca066b Thanks @​THernandez03! - Fixed #9141: The noUnknownAttribute rule no longer reports closedby as an unknown attribute on <dialog> elements.

• #9126 792013e Thanks @​ematipico! - Added missing Mocha globals to the Test domain: context, run, setup, specify, suite, suiteSetup, suiteTeardown, teardown, xcontext, xdescribe, xit, and xspecify. These are injected by Mocha's BDD and TDD interfaces and were previously flagged as undeclared variables in projects using Mocha.

• #8855 6918c9e Thanks @​ruidosujeira! - Fixed #8840. Now the Biome CSS parser correctly parses not + scroll-state inside @container queries.

• #9111 4fb55cf Thanks @​Jayllyz! - Slightly improved performance of noIrregularWhitespace by adding early return optimization and simplifying character detection logic.

• #8975 086a0c5 Thanks @​FrankFMY! - Fixed #8478: useDestructuring no longer suggests destructuring when the variable has a type annotation, like const foo: string = object.foo.

2.4.2

Patch Changes

• #9103 fc9850c Thanks @​dyc3! - Fixed #9098: useImportType no longer incorrectly flags imports used in Svelte control flow blocks ({#if}, {#each}, {#await}, {#key}) as type-only imports.

• #9106 f4b7296 Thanks @​dyc3! - Updated rule source metadata for rules from html-eslint.

• #8960 4a5ff40 Thanks @​abossenbroek! - Added the nursery rule noConditionalExpect. This rule disallows conditional expect() calls inside tests, which can lead to tests that silently pass when assertions never run.

  // Invalid - conditional expect may not run
  test("conditional", async ({ page }) => {
    if (someCondition) {
      await expect(page).toHaveTitle("Title");
    }

... (truncated)

Commits

• 6c296ea ci: release (#9160)
• 312b6db ci: release (#9116)
• b99e7db ci: release (#9104)
• 4a5ff40 feat(lint): add Playwright ESLint rules (#8960)
• 5153f2f ci: release (#9094)
• 4cc531c chore: docs that break website (#9077)
• bf6e5f9 ci: release (#9045)
• e014336 feat: promote rules for v2.4 (#9011)
• 7e33fd5 Merge remote-tracking branch 'origin/main' into next
• df21006 ci: release (#8973)
• Additional commits viewable in compare view

Updates @types/node from 25.1.0 to 25.3.3

Commits

• See full diff in compare view

Updates @types/vscode from 1.108.1 to 1.109.0

Commits

• See full diff in compare view

Updates webpack from 5.104.1 to 5.105.3

Release notes

Sourced from webpack's releases.

v5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

v5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

v5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

v5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

• Detect conditional imports to avoid compile-time linking errors for non-existent exports. (by @​hai-x in #20320)

• Added the tsconfig option for the resolver options (replacement for tsconfig-paths-webpack-plugin). Can be false (disabled), true (use the default tsconfig.json file to search for it), a string path to tsconfig.json, or an object with configFile and references options. (by @​alexander-akait in #20400)

... (truncated)

Changelog

Sourced from webpack's changelog.

5.105.3

Patch Changes

• Context modules now handle rejections correctly. (by @​alexander-akait in #20455)

• Only mark asset modules as side-effect-free when experimental.futureDefaults is set to true, so asset-copying use cases (e.g. import "./x.png") won’t break unless the option is enabled. (by @​hai-x in #20535)

• Add the missing webpack_exports declaration in certain cases when bundling a JS entry together with non-JS entries (e.g., CSS entry or asset module entry). (by @​hai-x in #20463)

• Fixed HMR failure for CSS modules with @​import when exportType !== "link". When exportType is not "link", CSS modules now behave like JavaScript modules and don't require special HMR handling, allowing @​import CSS to work correctly during hot module replacement. (by @​xiaoxiaojx in #20514)

• Fixed an issue where empty JavaScript files were generated for CSS-only entry points. The code now correctly checks if entry modules have JavaScript source types before determining whether to generate a JS file. (by @​xiaoxiaojx in #20454)

• Do not crash when a referenced chunk is not a runtime chunk. (by @​alexander-akait in #20461)

• Fix some types. (by @​alexander-akait in #20412)

• Ensure that missing module error are thrown after the interception handler (if present), allowing module interception to customize the module factory. (by @​hai-x in #20510)

• Added createRequire support for ECMA modules. (by @​stefanbinoj in #20497)

• Added category for CJS reexport dependency to fix issues with ECMA modules. (by @​hai-x in #20444)

• Implement immutable bytes for bytes import attribute to match tc39 spec. (by @​alexander-akait in #20481)

• Fixed deterministic search for graph roots regardless of edge order. (by @​veeceey in #20452)

5.105.2

Patch Changes

• Fixed WebpackPluginInstance type regression. (by @​alexander-akait in #20440)

5.105.1

Patch Changes

• Fix VirtualUrlPlugin Windows compatibility by sanitizing cache keys and filenames. Cache keys now use toSafePath to replace colons (:) with double underscores (__) and sanitize other invalid characters, ensuring compatibility with Windows filesystem restrictions. (by @​xiaoxiaojx in #20424)

• Revert part of the createRequire generation behavior for require("node:...") to keep compatibility with those modules exports, e.g. const EventEmitter = require("node:events");. (by @​hai-x in #20433)

• Skip guard collection when exports-presence mode is disabled to improve parsing performance. (by @​hai-x in #20433)

5.105.0

Minor Changes

• Allow resolving worker module by export condition name when using new Worker() (by @​hai-x in #20353)

... (truncated)

Commits

• 714a0e3 chore(release): new release (#20448)
• c323b39 chore(deps-dev): bump nyc from 17.1.0 to 18.0.0 (#20539)
• 8a01dfe refactor: deduplicate export presence logic in Harmony dependency classes (#2...
• b9fc7b3 chore(deps): bump test/test262-cases in the dependencies group (#20541)
• f8a5ac3 test: add coverage for nwjs exports condition and CSS modules with webworker ...
• 59bf024 test: add coverage for external script in EnvironmentNotSupportAsyncWarning (...
• 4c79ac2 test: add missing coverage for formatLocation and formatSize (#20534)
• 4f5c0a8 fix: mark asset module as side-effect-free when futureDefaults (#20535)
• 87987ca test: add test
• 67c5aae test: add configCase for ESM prefetch/preload under neutral target (#20524)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for webpack since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions