Bump the all group across 1 directory with 7 updates

[dependabot]

Bumps the all group with 7 updates in the / directory:

Package	From	To
@biomejs/biome	1.9.2	1.9.4
@types/bun	1.1.8	1.1.11
bunchee	5.4.0	5.5.1
hono	4.5.11	4.6.5
husky	9.1.5	9.1.6
msw	2.4.3	2.4.11
typescript	5.5.4	5.6.3

Updates @biomejs/biome from 1.9.2 to 1.9.4

Release notes

Sourced from @​biomejs/biome's releases.

CLI v1.9.4

Analyzer

Bug fixes

• Improved the message for unused suppression comments. Contributed by @​dyc3

• Fix #4228, where the rule a11y/noInteractiveElementToNoninteractiveRole incorrectly reports a role for non-interactive elements. Contributed by @​eryue0220

• noSuspiciousSemicolonInJsx now catches suspicious semicolons in React fragments. Contributed by @​vasucp1207

CLI

Enhancements

• The --summary reporter now reports parsing diagnostics too. Contributed by @​ematipico

• Improved performance of GritQL queries by roughly 25-30%. Contributed by @​arendjr

Configuration

Bug fixes

• Fix an issue where the JSON schema marked lint rules options as mandatory. Contributed by @​ematipico

Formatter

Bug fixes

• Fix #4121. Respect line width when printing multiline strings. Contributed by @​ah-yu

Linter

New features

• Add useGuardForIn. Contributed by @​fireairforce
• Add noDocumentCookie. Contributed by @​tunamaguro
• Add noDocumentImportInPage. Contributed by @​kaioduarte
• Add noDuplicateProperties. Contributed by @​togami2864
• Add noHeadElement. Contributed by @​kaioduarte
• Add noHeadImportInDocument. Contributed by @​kaioduarte
• Add noImgElement. Contributed by @​kaioduarte
• Add noUnknownTypeSelector. Contributed by @​Kazuhiro-Mimaki
• Add useAtIndex. Contributed by @​GunseiKPaseri
• Add noUselessStringRaw. Contributed by @​fireairforce
• Add nursery/useCollapsedIf. Contributed by @​siketyan
• Add useGoogleFontDisplay. Contributed by @​kaioduarte

Bug Fixes

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

v1.9.4 (2024-10-17)

Analyzer

Bug fixes

• Implement GraphQL suppression action. Contributed by @​vohoanglong0107

• Improved the message for unused suppression comments. Contributed by @​dyc3

• Fix #4228, where the rule a11y/noInteractiveElementToNoninteractiveRole incorrectly reports a role for non-interactive elements. Contributed by @​eryue0220

• noSuspiciousSemicolonInJsx now catches suspicious semicolons in React fragments. Contributed by @​vasucp1207

CLI

Enhancements

• The --summary reporter now reports parsing diagnostics too. Contributed by @​ematipico

• Improved performance of GritQL queries by roughly 25-30%. Contributed by @​arendjr

Configuration

Bug fixes

• Fix an issue where the JSON schema marked lint rules options as mandatory. Contributed by @​ematipico

Editors

Formatter

Bug fixes

• Fix #4121. Respect line width when printing multiline strings. Contributed by @​ah-yu

JavaScript APIs

Linter

New features

• Add useGuardForIn. Contributed by @​fireairforce
• Add noDocumentCookie. Contributed by @​tunamaguro
• Add noDocumentImportInPage. Contributed by @​kaioduarte
• Add noDuplicateProperties. Contributed by @​togami2864
• Add noHeadElement. Contributed by @​kaioduarte
• Add noHeadImportInDocument. Contributed by @​kaioduarte
• Add noImgElement. Contributed by @​kaioduarte
• Add noUnknownTypeSelector. Contributed by @​Kazuhiro-Mimaki

... (truncated)

Commits

• fa93a14 release: v1.9.4 (#4320)
• 2a05cd4 feat(lint): add useGoogleFontDisplay rule (#4264)
• bbb93b9 feat(lint): useCollapsedIf JS lint rule (#4179)
• 561b54c feat(linter): implement noUselessStringRaw (#4263)
• 5b7d158 feat(linter): implement noDuplicateProperties (#4029)
• 2342984 feat(lint): add noDocumentImportInPage rule (#4265)
• 3cf20eb chore(linter): rename useExplicitFunctionReturnType to `useExplicit… (#4261)
• 970f498 feat(useGuardForIn): add rule (#4104)
• 2e5b656 feat(lint): add noDocumentCookie rule (#4204)
• 3364640 feat(lint): add rule useAtIndex (#4120)
• Additional commits viewable in compare view

Updates @types/bun from 1.1.8 to 1.1.11

Commits

• See full diff in compare view

Updates bunchee from 5.4.0 to 5.5.1

Release notes

Sourced from bunchee's releases.

v5.5.1

Patches

• chore: bump rollup version by @​himself65 in huozhi/bunchee#582
• chore: bump rollup deps

Full Changelog: huozhi/bunchee@v5.5.0...v5.5.1

v5.5.0

Features

• feat: error on bad type export by @​huozhi in huozhi/bunchee#578
• fix: support more special fields of target runtime by @​himself65 in huozhi/bunchee#579

Misc

• refactor: move rollup related configs into a separate config by @​huozhi in huozhi/bunchee#576

Full Changelog: huozhi/bunchee@v5.4.0...v5.5.0

Commits

• 920b439 5.5.1
• c3b431c Upgrade dependencies
• 6a59f5a chore: bump rollup-preserve-directives plugin
• bbb0b3b chore: bump rollup version (#582)
• b85c25a test: add test for js with tsconfig error (#581)
• 5c3bd6d 5.5.0
• 27c5456 fix: support more special fields of target runtime (#579)
• 0e2aebb feat: error on bad type export (#578)
• a817cb7 refactor: move rollup related configs into a separate config (#576)
• See full diff in compare view

Updates hono from 4.5.11 to 4.6.5

Release notes

Sourced from hono's releases.

v4.6.5

Security fix for CSRF Protection Middleware

This release includes a security fix for CSRF Protection Middleware. If you are using CSRF Protection Middleware, please upgrade this hono package immediately.

Before this release, a request without a Content-Type header can bypass the protection. This fix does not allow it. See: GHSA-2234-fmw7-43wr

What's Changed

• perf(types): replace intersection with union to get better perf by @​m-shaka in honojs/hono#3443
• ci: use Deno v2 by @​yusukebe in honojs/hono#3506
• ci: use Deno v2 for a test running for deno by @​nakasyou in honojs/hono#3509
• fix(types): rm ExcludeEmptyObject to fix massively increased type instantiations by @​m-shaka in honojs/hono#3507
• fix(cors): avoid setting Access-Control-Allow-Origin if there is no matching origin by @​uki00a in honojs/hono#3510
• feat(powered-by): optional server name by @​PatrickJS in honojs/hono#3492
• fix(factory): revert PR #3498 by @​yusukebe in honojs/hono#3515
• fix(build): remove private fields by @​nakasyou in honojs/hono#3514

New Contributors

• @​uki00a made their first contribution in honojs/hono#3510
• @​PatrickJS made their first contribution in honojs/hono#3492

Full Changelog: honojs/hono@v4.6.4...v4.6.5

v4.6.4

What's Changed

• chore: upgrade dependencies by @​yusukebe in honojs/hono#3446
• chore: remove crypto-js from dev dependencies by @​yusukebe in honojs/hono#3447
• chore(test): suppress no-unused-vars "'x' is assigned a value but only used as type" by @​exoego in honojs/hono#3451
• chore(test): include bun coverage by @​exoego in honojs/hono#3457
• test(deno): remove duplicated app.get by @​exoego in honojs/hono#3469
• fix(types): add key to IntrinsicAttributes by @​codehz in honojs/hono#3474
• fix(factory): relax Bindings and Variables for createMiddleware by @​yusukebe in honojs/hono#3498
• fix(service-worker): bind fetch to globalThis by @​sapphi-red in honojs/hono#3500
• refactor(jsx): add override to toStringToBuffer in classes extending JSXNode by @​yusukebe in honojs/hono#3505

New Contributors

• @​sapphi-red made their first contribution in honojs/hono#3500

Full Changelog: honojs/hono@v4.6.3...v4.6.4

v4.6.3

This release has many new features, but each feature is small, so we've released it as a patch release.

What's Changed

• chore: rename runtime_tests to runtime-tests by @​yusukebe in honojs/hono#3419
• ci: Type check perf by @​m-shaka in honojs/hono#3406
• refactor(jsx/streaming): Clarified the type of renderToReadableStream. by @​usualoma in honojs/hono#3434
• perf(types): use homomorphic mapped type to reduce conditional branches by @​m-shaka in honojs/hono#3440
• ci: prettify type check result and rm a comment by @​m-shaka in honojs/hono#3442
• fix(types): useSyncExternalStore type by @​codehz in honojs/hono#3437

... (truncated)

Commits

• 89a0ac1 v4.6.5
• c4d19ec chore: update the lockfile
• 6cf01e5 fix(build): remove private fields (#3514)
• aa50e0a Merge commit from fork
• f9e6ea7 fix(factory): revert PR #3498 (#3515)
• fc9cc6d feat(powered-by): optional server name (#3492)
• cebf4e8 fix(cors): avoid setting Access-Control-Allow-Origin if there is no matchin...
• 3311664 fix(types): rm ExcludeEmptyObject to fix massively increased type instantiati...
• bd9effe ci: use Deno v2 for a test running for deno (#3509)
• 9986b47 ci: use Deno v2 (#3506)
• Additional commits viewable in compare view

Updates husky from 9.1.5 to 9.1.6

Release notes

Sourced from husky's releases.

v9.1.6

What's Changed

• Fix issue where example pre-commit file is generated incorrectly by @​dexmlee in typicode/husky#1519

New Contributors

• @​OlegKipchatov made their first contribution in typicode/husky#1495
• @​Byron2016 made their first contribution in typicode/husky#1499
• @​dexmlee made their first contribution in typicode/husky#1519

Full Changelog: typicode/husky@v9.1.5...v9.1.6

Commits

• a2d942a 9.1.6
• b4465ed fix: add parens around the null coalescing operator to fix issues when npm_co...
• 3b3e7f1 docs(spanish): improve spanish translation (#1504)
• dcf3aed dosc: repair support Spanish sponsors links (#1500)
• c3afd5f docs: support Spanish documentation (#1499)
• c5f4f48 docs: support Russian documentation (#1495)
• See full diff in compare view

Updates msw from 2.4.3 to 2.4.11

Release notes

Sourced from msw's releases.

v2.4.11 (2024-10-14)

Bug Fixes

• update dependencies (#2313) (8f68f0affd65137d86e77451bb9a3cbed4979d36) @​kettanaito

v2.4.10 (2024-10-11)

Bug Fixes

• setupWorker: perform worker update in the background (#2311) (8e40724cd3e315e0df703cce8d9f2cf7ab6cdc73) @​kettanaito

v2.4.9 (2024-09-20)

Bug Fixes

• ClientRequest: support Request as init when recording raw headers (#2293) (bf982eaa70ddd5d08706b8877ceb6c6c2517f660) @​kettanaito

v2.4.8 (2024-09-17)

Bug Fixes

• address express and path-to-regexp vulnerabilities (#2285) (e3487bc4259368adc33739eb9490bde8421a215c) @​markmssd

v2.4.7 (2024-09-15)

Bug Fixes

• ClientRequest: prevent duplicates when recording set headers (#2284) (e04eb8f44ffcf5ce755aa224d31a8576f4719a9f) @​kettanaito
• use Object.defineProperty for Headers proxy (#2283) (94e17beea475a494c1de8b58ea399e518f55ddda) @​kettanaito

v2.4.6 (2024-09-13)

Bug Fixes

• xhr: clone request body before calculating its size (#2282) (397444bcc386bbe560aa649460cb92cdb31d28a9) @​kettanaito

v2.4.5 (2024-09-11)

Bug Fixes

• remove cookies with max-age=0 from cookie store (#2275) (c307ab27643fc80631d3f0a28e72f7339a54af70) @​kettanaito

v2.4.4 (2024-09-08)

Bug Fixes

• fetch: follow mocked redirect responses (#2268) (f5785bfba1a026075feca4f74cadfcb636ffc257) @​kettanaito
• Adopts a new, Socket-based request interception algorithm.

Commits

• ca6cb7e chore(release): v2.4.11
• 8f68f0a fix: update dependencies (#2313)
• 745d10e chore(release): v2.4.10
• 8e40724 fix(setupWorker): perform worker update in the background (#2311)
• 452686d chore(release): v2.4.9
• bf982ea fix(ClientRequest): support Request as init when recording raw headers (#2293)
• 5342c19 chore(release): v2.4.8
• e3487bc fix: address express and path-to-regexp vulnerabilities (#2285)
• 668d31e chore(release): v2.4.7
• e04eb8f fix(ClientRequest): prevent duplicates when recording set headers (#2284)
• Additional commits viewable in compare view

Updates typescript from 5.5.4 to 5.6.3

Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).
• fixed issues query for Typescript 5.6.1 (RC).
• fixed issues query for Typescript 5.6.2 (Stable).
• fixed issues query for Typescript 5.6.3 (Stable).

Downloads are available on:

• npm
• NuGet package

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).
• fixed issues query for Typescript 5.6.1 (RC).
• fixed issues query for Typescript 5.6.2 (Stable).

Downloads are available on:

• npm
• NuGet package

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for TypeScript v5.6.1 (RC).
• fixed issues query for TypeScript v5.6.0 (Beta).

Downloads are available on:

• npm

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).

... (truncated)

Commits

• d48a5cf Bump version to 5.6.3 and LKG
• fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
• ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
• 1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
• a7e3374 Bump version to 5.6.2 and LKG
• 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
• 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
• 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
• 6212132 Update LKG
• bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Released an experimental package:

bun add hono-ronin@dependabot-npm-and-yarn-all-01414c6585-experimental

This package will be removed after the pull request has been merged.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.