Skip to content

deps: bump the all-dependencies group with 9 updates#20

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/all-dependencies-634bb3787e
Closed

deps: bump the all-dependencies group with 9 updates#20
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/all-dependencies-634bb3787e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Nov 1, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the all-dependencies group with 9 updates:

Package From To
dayjs 1.11.18 1.11.19
@biomejs/biome 2.2.5 2.3.2
@tsconfig/recommended 1.0.10 1.0.11
@types/node 24.7.2 24.9.2
axios 1.12.2 1.13.1
express 4.21.2 5.1.0
@types/express 4.17.23 5.0.5
ioredis 5.8.1 5.8.2
rimraf 6.0.1 6.1.0

Updates dayjs from 1.11.18 to 1.11.19

Release notes

Sourced from dayjs's releases.

v1.11.19

1.11.19 (2025-10-31)

Bug Fixes

  • added usage warnings for diff + updated unit tests (#2948) (269a7a9)
  • dont instantiate regexes within ar locale functions to avoid performance overhead (#2898) (af5e9f0)
  • replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#2930) (9e9f76c)
  • Updated Belarusian locale with relative time (#2656) (1d8746c)
Changelog

Sourced from dayjs's changelog.

1.11.19 (2025-10-31)

Bug Fixes

  • added usage warnings for diff + updated unit tests (#2948) (269a7a9)
  • dont instantiate regexes within ar locale functions to avoid performance overhead (#2898) (af5e9f0)
  • replace italian locale "un' ora fa" with "un'ora fa", add tests for it (#2930) (9e9f76c)
  • Updated Belarusian locale with relative time (#2656) (1d8746c)
Commits

Updates @biomejs/biome from 2.2.5 to 2.3.2

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.2

2.3.2

Patch Changes

  • #7859 c600618 Thanks @​Netail! - Added the nursery rule noIncrementDecrement, disallows the usage of the unary operators ++ and --.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome couldn't properly parse text expressions that contained nested curly brackets. This was breaking parsing in Astro and Svelte files.

  • #7874 e617d36 Thanks @​Bertie690! - Fixed #7230: noUselessStringConcat no longer emits false positives for multi-line strings with leading + operators.

    Previously, the rule did not check for leading newlines on the + operator, emitting false positives if one occurred at the start of a line.
    Notably, formatting with operatorLinebreak="before" would move the + operators to the start of lines automatically, resulting in spurious errors whenever a multi-line string was used.

    Now, the rule correctly detects and ignores multi-line concatenations with leading operators as well, working regardless of the setting of operatorLinebreak.

    Example

    // The following code used to error if the `+` operators were at the start of lines (as opposed to the end).
// Now, the rule correctly recognizes this as a stylistic concatenation and ignores it.
const reallyLongStringThatShouldNotError =
  "Lorem ipsum dolor sit amet consectetur adipiscing elit." +
  "Quisque faucibus ex sapien vitae pellentesque sem placerat." +
  "In id cursus mi pretium tellus duis convallis." +
  "Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla";

  • #7786 33ffcd5 Thanks @​daivinhtran! - Fixed #7601: Properly match Grit plugin's code snippet with only one child.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome Language Server panicked when opening HTML-ish files when the experimental full support is enabled.

What's Changed

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.2

Patch Changes

  • #7859 c600618 Thanks @​Netail! - Added the nursery rule noIncrementDecrement, disallows the usage of the unary operators ++ and --.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome couldn't properly parse text expressions that contained nested curly brackets. This was breaking parsing in Astro and Svelte files.

  • #7874 e617d36 Thanks @​Bertie690! - Fixed #7230: noUselessStringConcat no longer emits false positives for multi-line strings with leading + operators.

    Previously, the rule did not check for leading newlines on the + operator, emitting false positives if one occurred at the start of a line.
    Notably, formatting with operatorLinebreak="before" would move the + operators to the start of lines automatically, resulting in spurious errors whenever a multi-line string was used.

    Now, the rule correctly detects and ignores multi-line concatenations with leading operators as well, working regardless of the setting of operatorLinebreak.

    Example

    // The following code used to error if the `+` operators were at the start of lines (as opposed to the end).
// Now, the rule correctly recognizes this as a stylistic concatenation and ignores it.
const reallyLongStringThatShouldNotError =
  "Lorem ipsum dolor sit amet consectetur adipiscing elit." +
  "Quisque faucibus ex sapien vitae pellentesque sem placerat." +
  "In id cursus mi pretium tellus duis convallis." +
  "Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla";

  • #7786 33ffcd5 Thanks @​daivinhtran! - Fixed #7601: Properly match Grit plugin's code snippet with only one child.

  • #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome Language Server panicked when opening HTML-ish files when the experimental full support is enabled.

2.3.1

Patch Changes

  • #7840 72afdfa Thanks @​ematipico! - Fixed #7838, which caused the new --css-parse-* arguments not being recognised by the ci command.

  • #7789 d5b416e Thanks @​fronterior! - Fixed the LSP method workspace/didChangeWorkspaceFolders to perform incremental updates instead of replacing the entire folder list.

  • #7852 bd254c7 Thanks @​dyc3! - Fixed #7843: The CSS parser, when tailwindDirectives is enabled, correctly parses --*: initial;.

  • #7872 0fe13fe Thanks @​dyc3! - Fixed #7861: The HTML parser will now accept Svelte attribute shorthand syntax in .svelte files.

  • #7866 7b2600b Thanks @​dyc3! - Fixed #7860: The css parser, with tailwindDirectives enabled, will now accept @plugin options.

  • #7853 fe90c78 Thanks @​dyc3! - Fixed #7848: The css parser with tailwindDirectives enabled will now correctly parse tailwind's source exclude syntax: @source not "foo.css";

  • #7878 c9f7fe5 Thanks @​ematipico! - Fixed #7857: Biome now parses <script> tags as TypeScript when analysing .astro files.

  • #7867 b42b718 Thanks @​smorimoto! - Fixed incorrect option name in HTML parser error message.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ematipico, a new releaser for @​biomejs/biome since your current version.


Updates @tsconfig/recommended from 1.0.10 to 1.0.11

Commits

Updates @types/node from 24.7.2 to 24.9.2

Commits

Updates axios from 1.12.2 to 1.13.1

Release notes

Sourced from axios's releases.

Release v1.13.1

Release notes:

Bug Fixes

  • http: fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; (#7193) (bcd5581)

Contributors to this release

Release v1.13.0

Release notes:

Bug Fixes

  • fetch: prevent TypeError when config.env is undefined (#7155) (015faec)
  • resolve issue #7131 (added spacing in mergeConfig.js) (#7133) (9b9ec98)

Features

Contributors to this release

Changelog

Sourced from axios's changelog.

1.13.1 (2025-10-28)

Bug Fixes

  • http: fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; (#7193) (bcd5581)

Contributors to this release

1.13.0 (2025-10-27)

Bug Fixes

  • fetch: prevent TypeError when config.env is undefined (#7155) (015faec)
  • resolve issue #7131 (added spacing in mergeConfig.js) (#7133) (9b9ec98)

Features

Contributors to this release

Commits
  • 1ef8e72 chore(release): v1.13.1 (#7194)
  • bcd5581 fix(http): fixed a regression that caused the data stream to be interrupted f...
  • c9b3371 chore: enhance styling and responsiveness in client.html (#7173)
  • 9ead04d [Release] v1.13.0 (#7189)
  • d000fbf fix(http2): fix possible race condition when handling http2 stream on almost ...
  • 08db960 docs: added example for improved network error handling (with Wrapper/Middlew...
  • 46e1981 refactor: form data handling in index.html (#7170)
  • 889f8ef docs: fix mismatched return type (#7172)
  • 7b197ef fix: sandbox ui updated (#7175)
  • 6dff629 chore: fix typos in examples (#7166)
  • Additional commits viewable in compare view

Updates express from 4.21.2 to 5.1.0

Release notes

Sourced from express's releases.

v5.1.0

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.1.0 / 2025-03-31

  • Add support for Uint8Array in res.send()
  • Add support for ETag option in res.sendFile()
  • Add support for multiple links with the same rel in res.links()
  • Add funding field to package.json
  • perf: use loop for acceptParams
  • refactor: prefix built-in node module imports
  • deps: remove setprototypeof
  • deps: remove safe-buffer
  • deps: remove utils-merge
  • deps: remove methods
  • deps: remove depd
  • deps: debug@^4.4.0
  • deps: body-parser@^2.2.0
  • deps: router@^2.2.0
  • deps: content-type@^1.0.5
  • deps: finalhandler@^2.1.0
  • deps: qs@^6.14.0
  • deps: server-static@2.2.0
  • deps: type-is@2.0.1

5.0.1 / 2024-10-08

5.0.0 / 2024-09-10

  • remove:
    • path-is-absolute dependency - use path.isAbsolute instead
  • breaking:
    • res.status() accepts only integers, and input must be greater than 99 and less than 1000
      • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
      • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
    • deps: send@1.0.0
    • res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
  • change:
    • res.clearCookie will ignore user provided maxAge and expires options
  • deps: cookie-signature@^1.2.1
  • deps: debug@4.3.6
  • deps: merge-descriptors@^2.0.0
  • deps: serve-static@^2.1.0
  • deps: qs@6.13.0
  • deps: accepts@^2.0.0
  • deps: mime-types@^3.0.0
    • application/javascript => text/javascript
  • deps: type-is@^2.0.0
  • deps: content-disposition@^1.0.0

... (truncated)

Commits

Updates @types/express from 4.17.23 to 5.0.5

Commits

Updates ioredis from 5.8.1 to 5.8.2

Release notes

Sourced from ioredis's releases.

v5.8.2

5.8.2 (2025-10-21)

Bug Fixes

Changelog

Sourced from ioredis's changelog.

5.8.2 (2025-10-21)

Bug Fixes

Commits
  • d5f5b40 chore(release): 5.8.2 [skip ci]
  • fcbbbe8 fix: move CLIENT SETINFO commands to connection handshake (#2033)
  • b179039 ci(test): add redis matrix and update docker compose file (#2034)
  • 44c2df6 docs(example): add example for setting TTL to "HSET Field" (#2027)
  • fb082d6 fix: default IP family selection to 0 (#2028)
  • See full diff in compare view

Updates rimraf from 6.0.1 to 6.1.0

Changelog

Sourced from rimraf's changelog.

6.1

  • Move to native fs/promises usage instead of promisifying manually.

6.0

  • Drop support for nodes before v20
  • Add --version to CLI

5.0

  • No default export, only named exports

4.4

  • Provide Dirent or Stats object as second argument to filter

4.3

  • Return boolean indicating whether the path was fully removed
  • Add filter option
  • bin: add --verbose, -v to print files as they are deleted
  • bin: add --no-verbose, -V to not print files as they are deleted
  • bin: add -i --interactive to be prompted on each deletion
  • bin: add -I --no-interactive to not be prompted on each deletion
  • 4.3.1 Fixed inappropriately following symbolic links to directories

v4.2

  • Brought back glob support, using the new and improved glob v9

v4.1

  • Improved hybrid module with no need to look at the .default dangly bit. .default preserved as a reference to rimraf for compatibility with anyone who came to rely on it in v4.0.
  • Accept and ignore -rf and -fr arguments to the bin.

v4.0

  • Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
  • Accept array of paths or single path.
  • Windows performance and reliability improved.
  • All strategies separated into explicitly exported methods.
  • Drop support for Node.js below version 14
  • rewrite in TypeScript

... (truncated)

Commits
  • 18dc77a 6.1.0
  • 2bd2e62 changelog 6.1
  • 19311cf refactor: switch to native fs.promises
  • 0c437d4 Create separate dir for integration tests
  • 65a3b8a Do not pass unnecessary rest args to fs functions
  • 02b31b7 Use the same ignoreENOENT and fixEPERM utils everywhere
  • c012f4f Mock process.platform with t.intercept
  • c72278a Use tap.intercept to test bin
  • 549d1e8 Configure tap coverage-map
  • a76970b benchmark: add options to filter and compare benchmarks
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps: bump the all-dependencies group with 9 updates
67dfb59 
Bumps the all-dependencies group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [dayjs](https://github.com/iamkun/dayjs) | `1.11.18` | `1.11.19` |
| [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.2.5` | `2.3.2` |
| [@tsconfig/recommended](https://github.com/tsconfig/bases/tree/HEAD/bases) | `1.0.10` | `1.0.11` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.7.2` | `24.9.2` |
| [axios](https://github.com/axios/axios) | `1.12.2` | `1.13.1` |
| [express](https://github.com/expressjs/express) | `4.21.2` | `5.1.0` |
| [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express) | `4.17.23` | `5.0.5` |
| [ioredis](https://github.com/luin/ioredis) | `5.8.1` | `5.8.2` |
| [rimraf](https://github.com/isaacs/rimraf) | `6.0.1` | `6.1.0` |


Updates `dayjs` from 1.11.18 to 1.11.19
- [Release notes](https://github.com/iamkun/dayjs/releases)
- [Changelog](https://github.com/iamkun/dayjs/blob/dev/CHANGELOG.md)
- [Commits](iamkun/dayjs@v1.11.18...v1.11.19)

Updates `@biomejs/biome` from 2.2.5 to 2.3.2
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.3.2/packages/@biomejs/biome)

Updates `@tsconfig/recommended` from 1.0.10 to 1.0.11
- [Commits](https://github.com/tsconfig/bases/commits/HEAD/bases)

Updates `@types/node` from 24.7.2 to 24.9.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `axios` from 1.12.2 to 1.13.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.12.2...v1.13.1)

Updates `express` from 4.21.2 to 5.1.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.21.2...v5.1.0)

Updates `@types/express` from 4.17.23 to 5.0.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express)

Updates `ioredis` from 5.8.1 to 5.8.2
- [Release notes](https://github.com/luin/ioredis/releases)
- [Changelog](https://github.com/redis/ioredis/blob/main/CHANGELOG.md)
- [Commits](redis/ioredis@v5.8.1...v5.8.2)

Updates `rimraf` from 6.0.1 to 6.1.0
- [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md)
- [Commits](isaacs/rimraf@v6.0.1...v6.1.0)

---
updated-dependencies:
- dependency-name: dayjs
  dependency-version: 1.11.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@biomejs/biome"
  dependency-version: 2.3.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: "@tsconfig/recommended"
  dependency-version: 1.0.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: "@types/node"
  dependency-version: 24.9.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: axios
  dependency-version: 1.13.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: express
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: "@types/express"
  dependency-version: 5.0.5
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: all-dependencies
- dependency-name: ioredis
  dependency-version: 5.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: rimraf
  dependency-version: 6.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Nov 1, 2025

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github

dependabot Bot commented on behalf of github Dec 1, 2025

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Dec 1, 2025
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/all-dependencies-634bb3787e branch December 1, 2025 05:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants