Bump the all-deps group across 1 directory with 22 updates by dependabot[bot] · Pull Request #13 · pantha-dapp/CORE

dependabot · 2026-04-10T09:25:20Z

Bumps the all-deps group with 22 updates in the / directory:

Package	From	To
@filoz/synapse-sdk	`0.39.0`	`0.40.3`
@tanstack/ai	`0.2.2`	`0.10.1`
@tanstack/ai-gemini	`0.3.2`	`0.8.5`
@tanstack/ai-grok	`0.1.0`	`0.6.4`
@tanstack/ai-ollama	`0.3.0`	`0.6.4`
@tanstack/ai-openai	`0.2.1`	`0.7.3`
marked	`14.1.4`	`18.0.0`
viem	`2.47.6`	`2.47.12`
@biomejs/biome	`2.3.11`	`2.4.11`
dotenv	`16.6.1`	`17.4.1`
vite	`5.4.21`	`8.0.8`
@privy-io/wagmi	`3.0.0`	`4.0.4`
lucide-react	`0.562.0`	`1.8.0`
@eslint/js	`9.39.4`	`10.0.1`
@types/node	`22.19.17`	`25.6.0`
@vitejs/plugin-react	`5.2.0`	`6.0.1`
eslint	`9.39.4`	`10.2.0`
eslint-plugin-react-refresh	`0.4.26`	`0.5.2`
globals	`16.5.0`	`17.4.0`
typescript	`5.8.3`	`6.0.2`
@solidity-parser/parser	`0.18.0`	`0.20.2`
forge-std	`v1.9.4`	`v1.15.0`

Updates @filoz/synapse-sdk from 0.39.0 to 0.40.3

Release notes

Sourced from @filoz/synapse-sdk's releases.

synapse-sdk: v0.40.3

0.40.3 (2026-04-02)

Features

core: preserve non-standard SP registry capabilities in PDPOffering (#687) (716e309)

Bug Fixes

errors: export StorageErrorOptions and enhance error constructors with documentation (7ac439a)

keep the clone to new provider ids array (7124ec9)

update getApprovedProviderIds and getEndorsedProviderIds with array return type (e037cec)

Chores

types: update PullStatus export and adjust StorageContext to use waitForPullPieces (eb5566e)

synapse-sdk: v0.40.2

0.40.2 (2026-03-30)

Features

storage: add 'source' and 'withCDN' getters on StorageManager (#701) (d463939)

Bug Fixes

re-export error handling utilities and adjust type export order (011f47f)

Chores

update biome and fix issues (f5e8abd)

Documentation

additional docs for upload options: providerId and dataSetId (#690) (c57a707)

synapse-sdk: v0.40.1

0.40.1 (2026-03-30)

Bug Fixes

installation instructions (#692) (966a389)

... (truncated)

Commits

4d47a35 chore(master): release synapse-sdk 0.40.3 (#716)
cecc516 chore(master): release synapse-core 0.4.0 (#715)
716e309 feat(core): preserve non-standard SP registry capabilities in PDPOffering (#687)
80799c0 chore: update providers ids new names and return type in more places
7124ec9 fix: keep the clone to new provider ids array
e988ab4 docs: update endorsedIds and excludeProviderIds to use arrays for consistency
2407514 fix: rename getApprovedProvidersIds to getApprovedProviderIds and update rela...
e037cec fix: update getApprovedProviderIds and getEndorsedProviderIds with array retu...
eced30c feat!: rename getProviderIds to getEndorsedProviderIds and getApprovedProvid...
fc0a6e2 chore(docs): update StorageContext to use waitForPullPieces instead of waitFo...
Additional commits viewable in compare view

Updates @tanstack/ai from 0.2.2 to 0.10.1

Release notes

Sourced from @tanstack/ai's releases.

@tanstack/ai@0.10.1

Patch Changes

Add @tanstack/intent agent skills for AI coding assistants (#432)

Adds 10 skill files covering chat-experience, tool-calling, media-generation, code-mode, structured-outputs, adapter-configuration, ag-ui-protocol, middleware, and custom-backend-integration. Skills guide AI agents to generate correct TanStack AI code patterns and avoid common mistakes.

Updated dependencies []:

@tanstack/ai-event-client@0.2.1

@tanstack/ai@0.9.2

Patch Changes

fix: handle errors from fal result fetch on completed jobs (#396)

fal.ai does not return a FAILED queue status — invalid jobs report COMPLETED, and the real error (e.g. 422 validation) only surfaces when fetching results. getVideoUrl() now catches these errors and extracts detailed validation messages. getVideoJobStatus() returns status: 'failed' when the result fetch throws on a "completed" job.

Updated dependencies []:

@tanstack/ai-event-client@0.1.4

@tanstack/ai@0.9.1

Patch Changes

Fix Gemini adapter tool call handling: preserve thoughtSignature for Gemini 3+ thinking models through the tool call lifecycle, use correct function name (instead of call ID) in functionResponse parts, and include the call ID in both functionCall and functionResponse for proper correlation. (#401)

Updated dependencies []:

@tanstack/ai-event-client@0.1.3

@tanstack/ai-gemini@0.8.4

Patch Changes

Fix Gemini adapter tool call handling: preserve thoughtSignature for Gemini 3+ thinking models through the tool call lifecycle, use correct function name (instead of call ID) in functionResponse parts, and include the call ID in both functionCall and functionResponse for proper correlation. (#401)

Updated dependencies [b8cc69e]:

@tanstack/ai@0.9.1

@tanstack/ai-react@0.7.9

Patch Changes

Updated dependencies [1d1c58f]:

@tanstack/ai@0.10.1

@tanstack/ai-client@0.7.8

@tanstack/ai-client@0.7.8

Patch Changes

Updated dependencies [1d1c58f]:

... (truncated)

Changelog

Sourced from @tanstack/ai's changelog.

0.10.1

Patch Changes

Add @tanstack/intent agent skills for AI coding assistants (#432)

Adds 10 skill files covering chat-experience, tool-calling, media-generation, code-mode, structured-outputs, adapter-configuration, ag-ui-protocol, middleware, and custom-backend-integration. Skills guide AI agents to generate correct TanStack AI code patterns and avoid common mistakes.

Updated dependencies []:

@tanstack/ai-event-client@0.2.1

0.10.0

Minor Changes

Add code mode and isolate packages for secure AI code execution (#362)

Also includes fixes for Ollama tool call argument streaming and usage reporting, OpenAI realtime adapter handling of missing call_id/item_id, realtime client guards for missing toolCallId, and new DevtoolsChatMiddleware type export from ai-event-client.

Patch Changes

Updated dependencies [54abae0]:

@tanstack/ai-event-client@0.2.0

0.9.2

Patch Changes

fix: handle errors from fal result fetch on completed jobs (#396)

fal.ai does not return a FAILED queue status — invalid jobs report COMPLETED, and the real error (e.g. 422 validation) only surfaces when fetching results. getVideoUrl() now catches these errors and extracts detailed validation messages. getVideoJobStatus() returns status: 'failed' when the result fetch throws on a "completed" job.

Updated dependencies []:

@tanstack/ai-event-client@0.1.4

0.9.1

Patch Changes

Fix Gemini adapter tool call handling: preserve thoughtSignature for Gemini 3+ thinking models through the tool call lifecycle, use correct function name (instead of call ID) in functionResponse parts, and include the call ID in both functionCall and functionResponse for proper correlation. (#401)

Updated dependencies []:

@tanstack/ai-event-client@0.1.3

... (truncated)

Commits

0f625b4 ci: Version Packages (#434)
1d1c58f feat: add @tanstack/intent agent skills (#432)
297fd75 ci: Version Packages (#414)
54abae0 Code mode (#362)
cc77237 ci: Version Packages (#410)
26d8243 fix(ai-fal): handle errors from fal result fetch on completed jobs (#396)
a8a4465 docs: regenerate API documentation (#402)
8755460 ci: Version Packages (#387)
b8cc69e fix(ai-gemini): preserve thoughtSignature and fix tool call IDs for Gemini 3+...
aa9a481 ci: Version Packages (#385)
Additional commits viewable in compare view

Updates @tanstack/ai-gemini from 0.3.2 to 0.8.5

Release notes

Sourced from @tanstack/ai-gemini's releases.

@tanstack/ai-gemini@0.8.4

Patch Changes

Fix Gemini adapter tool call handling: preserve thoughtSignature for Gemini 3+ thinking models through the tool call lifecycle, use correct function name (instead of call ID) in functionResponse parts, and include the call ID in both functionCall and functionResponse for proper correlation. (#401)

Updated dependencies [b8cc69e]:

@tanstack/ai@0.9.1

@tanstack/ai-gemini@0.7.0

Minor Changes

Add NanoBanana native image generation with up to 4K image output, routing all gemini-* native image models through generateContent API (#321)

Fix SDK property names (imageGenerationConfig → imageConfig, outputImageSize → imageSize) and rename NanoBanana types to GeminiNativeImage

Add Gemini 3.1 Pro model support for text generation

@tanstack/ai-gemini@0.6.0

Patch Changes

Updated dependencies [5aa6acc, 1f800aa]:

@tanstack/ai@0.6.0

Changelog

Sourced from @tanstack/ai-gemini's changelog.

0.8.5

Patch Changes

Updated dependencies [54abae0]:

@tanstack/ai@0.10.0

0.8.4

Patch Changes

Fix Gemini adapter tool call handling: preserve thoughtSignature for Gemini 3+ thinking models through the tool call lifecycle, use correct function name (instead of call ID) in functionResponse parts, and include the call ID in both functionCall and functionResponse for proper correlation. (#401)

Updated dependencies [b8cc69e]:

@tanstack/ai@0.9.1

0.8.3

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

0.8.2

Patch Changes

Updated dependencies [f62eeb0]:

@tanstack/ai@0.8.0

0.8.1

Patch Changes

Updated dependencies [86be1c8]:

@tanstack/ai@0.7.0

0.8.0

Minor Changes

feat: add support for Gemini 3.1 Flash Lite Preview model (#351)

Added gemini-3.1-flash-lite-preview to the Gemini adapter with:

Full multimodal support (text, image, audio, video, document)

Thinking and structured output capabilities

Available for summarization tasks

Comprehensive type tests

Model specs:

... (truncated)

Commits

See full diff in compare view

Updates @tanstack/ai-grok from 0.1.0 to 0.6.4

Release notes

Sourced from @tanstack/ai-grok's releases.

@tanstack/ai-grok@0.6.3

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

@tanstack/ai-grok@0.6.0

Patch Changes

Updated dependencies [5aa6acc, 1f800aa]:

@tanstack/ai@0.6.0

Changelog

Sourced from @tanstack/ai-grok's changelog.

0.6.4

Patch Changes

Updated dependencies [54abae0]:

@tanstack/ai@0.10.0

0.6.3

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

0.6.2

Patch Changes

Updated dependencies [f62eeb0]:

@tanstack/ai@0.8.0

0.6.1

Patch Changes

Updated dependencies [86be1c8]:

@tanstack/ai@0.7.0

0.6.0

Patch Changes

Updated dependencies [5aa6acc, 1f800aa]:

@tanstack/ai@0.6.0

0.5.0

Patch Changes

Updated dependencies [5d98472, 5d98472]:

@tanstack/ai@0.5.0

0.4.1

Patch Changes

Add in opus 4.6 and enhance acceptable config options by providers (#278)

0.4.0

... (truncated)

Commits

See full diff in compare view

Updates @tanstack/ai-ollama from 0.3.0 to 0.6.4

Release notes

Sourced from @tanstack/ai-ollama's releases.

@tanstack/ai-ollama@0.6.3

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

@tanstack/ai-ollama@0.6.0

Patch Changes

Updated dependencies [5aa6acc, 1f800aa]:

@tanstack/ai@0.6.0

Changelog

Sourced from @tanstack/ai-ollama's changelog.

0.6.4

Patch Changes

Add code mode and isolate packages for secure AI code execution (#362)

Also includes fixes for Ollama tool call argument streaming and usage reporting, OpenAI realtime adapter handling of missing call_id/item_id, realtime client guards for missing toolCallId, and new DevtoolsChatMiddleware type export from ai-event-client.

Updated dependencies [54abae0]:

@tanstack/ai@0.10.0

0.6.3

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

0.6.2

Patch Changes

Updated dependencies [f62eeb0]:

@tanstack/ai@0.8.0

0.6.1

Patch Changes

Updated dependencies [86be1c8]:

@tanstack/ai@0.7.0

0.6.0

Patch Changes

Updated dependencies [5aa6acc, 1f800aa]:

@tanstack/ai@0.6.0

0.5.0

Patch Changes

Updated dependencies [5d98472, 5d98472]:

@tanstack/ai@0.5.0

0.4.0

... (truncated)

Commits

See full diff in compare view

Updates @tanstack/ai-openai from 0.2.1 to 0.7.3

Release notes

Sourced from @tanstack/ai-openai's releases.

@tanstack/ai-openai@0.7.2

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

@tanstack/ai-client@0.7.3

@tanstack/ai-openai@0.6.0

Patch Changes

Updated dependencies [5aa6acc, 1f800aa]:

@tanstack/ai@0.6.0

Changelog

Sourced from @tanstack/ai-openai's changelog.

0.7.3

Patch Changes

Add code mode and isolate packages for secure AI code execution (#362)

Also includes fixes for Ollama tool call argument streaming and usage reporting, OpenAI realtime adapter handling of missing call_id/item_id, realtime client guards for missing toolCallId, and new DevtoolsChatMiddleware type export from ai-event-client.

Updated dependencies [54abae0]:

@tanstack/ai@0.10.0

@tanstack/ai-client@0.7.7

0.7.2

Patch Changes

Updated dependencies [842e119]:

@tanstack/ai@0.9.0

@tanstack/ai-client@0.7.3

0.7.1

Patch Changes

Updated dependencies [f62eeb0]:

@tanstack/ai@0.8.0

@tanstack/ai-client@0.7.1

0.7.0

Minor Changes

feat: add realtime voice chat with OpenAI and ElevenLabs adapters (#300)

Adds realtime voice/text chat capabilities:

@tanstack/ai: realtimeToken() function and shared realtime types (RealtimeToken, RealtimeMessage, RealtimeSessionConfig, RealtimeStatus, RealtimeMode, AudioVisualization, events, and error types)

@tanstack/ai-client: Framework-agnostic RealtimeClient class with connection lifecycle, audio I/O, message state management, tool execution, and RealtimeAdapter/RealtimeConnection interfaces

@tanstack/ai-openai: openaiRealtime() client adapter (WebRTC) and openaiRealtimeToken() server token adapter with support for semantic VAD, multiple voices, and all realtime models

@tanstack/ai-elevenlabs: elevenlabsRealtime() client adapter (WebSocket) and elevenlabsRealtimeToken() server token adapter for ElevenLabs conversational AI agents

@tanstack/ai-react: useRealtimeChat() hook with reactive state for status, mode, messages, pending transcripts, audio visualization levels, VAD control, text/image input, and interruptions

Docs: Realtime Voice Chat guide and full API reference for all realtime classes, interfaces, functions, and type aliases

Patch Changes

Updated dependencies [86be1c8]:

@tanstack/ai@0.7.0

@tanstack/ai-client@0.7.0

... (truncated)

Commits

See full diff in compare view

Updates marked from 14.1.4 to 18.0.0

Release notes

Sourced from marked's releases.

v18.0.0

18.0.0 (2026-04-07)

Bug Fixes

Bump typescript from 5.9.3 to 6.0.2 (#3934) (e8efc51)

prevent GFM table tokens from greedily capturing trailing newlines (#3926) (40f2665)

prevent heading and def tokens from greedily capturing multiple newlines (#3925) (b379e3e)

trim blank lines from block tokens (#3939) (b70895f)

BREAKING CHANGES

trim trailing blank lines from block tokens

update Typescript to v6

v17.0.6

17.0.6 (2026-04-05)

Bug Fixes

avoid race condition in async parallel parse/parseInline with hooks (#3924) (6e96fa7)

cli: honor positional input file (#3922) (a1c2617)

cli: use file URL for config import (#3923) (73e1f3f)

v17.0.5

17.0.5 (2026-03-20)

Bug Fixes

Fix catastrophic backtracking (ReDoS) in link/reflink label regex (#3918) (4625980)

prevent quadratic complexity in emStrongLDelim regex (#3906) (c732dd2)

prevent single-tilde strikethrough false positives (#3910) (5e03369)

re-assign tokenizer.lexer and renderer.parser at start of each parse call (#3907) (f3a3ec0)

trim trailing whitespace from lheading text (#3920) (3ea7e88)

v17.0.4

17.0.4 (2026-03-04)

Bug Fixes

prevent ReDoS in inline link regex title group (#3902) (46fb9b8)

v17.0.3

17.0.3 (2026-02-17)

... (truncated)

Commits

28954e0 chore(release): 18.0.0 [skip ci]
b70895f fix: trim blank lines from block tokens (#3939)
40f2665 fix: prevent GFM table tokens from greedily capturing trailing newlines (#3926)
b379e3e fix: prevent heading and def tokens from greedily capturing multiple newlines...
e8efc51 fix: Bump typescript from 5.9.3 to 6.0.2 (#3934)
71e5ae3 chore(deps-dev): Bump esbuild from 0.27.4 to 0.28.0 (#3940)
b436e82 chore(deps-dev): Bump eslint from 10.1.0 to 10.2.0 (#3941)
e07037e chore(release): 17.0.6 [skip ci]
6e96fa7 fix: avoid race condition in async parallel parse/parseInline with hooks (#3924)
73e1f3f fix(cli): use file URL for config import (#3923)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for marked since your current version.

Updates viem from 2.47.6 to 2.47.12

Release notes

Sourced from viem's releases.

[email protected]

Patch Changes

ee5e2575faa5489c0f8316b07f342fc1dff1ec96 Thanks @jxom! - viem/tempo: Added Expiry module for generating unix timestamp expiries (e.g. Expiry.hours(1), Expiry.days(30)).

[email protected]

Patch Changes

#4440 75ae99e2654043d927ac7e20d630fc93932fce9c Thanks @luanxu-dev! - Fixed shouldRetry to handle RPC code 429 in batch mode, where some providers (e.g. Alchemy) return HTTP 200 with a JSON-RPC body of { code: 429 } instead of an HTTP 429.

#4407 fa6edb93203fbd108aba1f4cbbfc47f29bec8253 Thanks @d1r1! - Added Fluent Mainnet chain.

#4474 51ee597f6e01ddcd98feb1e9663d5be97e3db4ea Thanks @jxom! - viem/tempo: Added scopes and limits.period to access key authorizations for contract call scoping and periodic spending limits (TIP-1011).

[email protected]

Patch Changes

#4443 19dd6e54001a82f20ab13e42eacdbe61814e6e52 Thanks @TJ-Frederick! - Added Radius Network (chain ID 723487) and Radius Test Network (chain ID 72344) chain definitions.

#4456 7b2cca5ab72c56b4c1a18d9765f4f323ca6b162d Thanks @jxom! - viem/tempo: Extracted keyAuthorization from eth_fillTransaction response in prepareTransactionRequest.

#4457 39d42e515f33f54102d56705cf25c51f8d8f4087 Thanks @jxom! - viem/tempo: Added hardfork-aware getRemainingLimit that uses getRemainingLimitWithPeriod on T3+ chains. Returns { remaining, periodEnd } object.

#4448 3b1908405105bf9d2a08dd1943b4b3fad2cee38a Thanks @jxom! - Fixed transaction type detection for secp256k1 access key accounts.

#4450 4555ee6329235335d4278a3f9f33af69091a1c79 Thanks @jxom! - viem/tempo: Fixed gas estimation for access key transactions with a fee payer.

#4432 3aa680df95bda40adc9306749e0fd46b93cc6bde Thanks @jxom! - viem/tempo: Added access key signature verification support to verifyHash via mode: 'allowAccessKey'.

#4442 0ece4d9d08f53c817b0401fdd39ac3abb59c05f2 Thanks @decofe! - viem/tempo: Added TIP-1004 (EIP-2612) permit functions to the tip20 ABI (permit, nonces, DOMAIN_SEPARATOR, PermitExpired, InvalidSignature).

#4419 4f77ac880ed81e104a68a530665b42661e0c1ebf Thanks @emdin! - Added Igra Network chain.

#4422 3c950f70495df4a357b57b6c90ffb828f0a8a884 Thanks @ryanRfox! - Added Mezo and Mezo Testnet chains.

#4426 63ab458812b15fe5d737de08356f8b4e635c6da3 Thanks @PatrickAlphaC! - Added BattleChain Testnet

#4423 16f6ca238cd5e6d86b36dbb92098a180af6d8ef7 Thanks @pxrl! - Added basic OP definitions to MegaETH, fixed Blockscout defs.

621b0856e55e710c61bd0a2d57c125d559bd9ae4 Thanks @jxom! - Propagated execution reverted errors (code 3) from eth_fillTransaction in prepareTransactionRequest instead of silently falling through.

#4409 25634335611498ecaead8435b1403e5f28d30fc1 Thanks @abs3ntdev! - Added Gensyn Mainnet

#4425 ce08d9a4dc9ab986d5d9f6cfe380ae6ec1fec2d9 Thanks @o-az! - Removed Tempo Andantino network and updated references

#4420 c158236bd6e0d5c80881243d85a535723f61dd7e Thanks @mycodecrafting! - Added Eden chain.

#4421 26bf275307bf6e31430fa5283770f5caa4033aee Thanks @KirienzoEth! - Add the multicall3 configuration to the Katana chain's config

Commits

c3c3985 chore: version package (#4475)
0b05f50 fix: preserve feePayerSignature in prepareTransactionRequest (#4477)
ee5e257 feat(tempo): add Expiry module + update access key docs
e0a837a fix: snapshot indentation + bump size limits
07a3a47 docs(tempo): up access key docs
c51cb79 chore: version package (#4462)
51ee597 feat(tempo): add scopes and limits.period to access keys (TIP-1011) (#4474)
863f9c6 chore: fix audit vulnerabilities (lodash, hono, @hono/node-server, basic-ftp)
697200d fix: make build compatible with typescript 6 (#4472)
f8b8df9 ci: re-enable wagmi verify (#4435)
Additional commits viewable in compare view

Updates @biomejs/biome from 2.3.11 to 2.4.11

Release notes

Sourced from @biomejs/biome's releases.

Biome CLI v2.4.11

2.4.11

Patch Changes
#9350 4af4a3a Thanks @dyc3! - Added the new nursery rule useConsistentTestIt in the test domain. The rule enforces consistent use of either it or test for test functions in Jest/Vitest suites, with separate control for top-level tests and tests inside describe blocks.

Invalid:
test("should fly", () => {}); // Top-level test using 'test' flagged, convert to 'it'
describe("pig", () => {
test("should fly", () => {}); // Test inside 'describe' using 'test' flagged, convert to 'it'
});
#9429 a2f3f7e Thanks @ematipico! - Added the new nursery lint rule useExplicitReturnType. It reports TypeScript functions and methods that omit an explicit return type.
function toString(x: any) {
  // rule triggered, it doesn't declare a return type
  return x.toString();
}
#9828 9e40844 Thanks @ematipico! - Fixed #9484: the formatter no longer panics when formatting files that contain graphql tagged template literals combined with parenthesized expressions.

#9886 e7c681e Thanks @ematipico! - Fixed an issue where, occasionally, some bindings and references were not properly tracked, causing false positives from noUnusedVariables and noUndeclaredVariables in Svelte, Vue, and Astro files.

#9760 5b16d18 Thanks @myx0m0p! - Fixed #4093: the noDelete rule no longer triggers for delete process.env.FOO, since delete is the documented way to remove environment variables in Node.js.
#9799 2af8efd Thanks @minseong0324! - Added the rule noMisleadingReturnType. The rule detects when a function's return type annotation is wider than what the implementation actually returns.
// Flagged: `: string` is wider than `"loading" | "idle"`
function getStatus(b: boolean): string {
  if (b) return "loading";
  return "idle";
}
#9880 7f67749 Thanks @dyc3! - Improved the diagnostics for useFind to better explain the problem, why it matters, and how to fix it.

#9755 bff7bdb Thanks @ematipico! - Improved performance of fix-all operations (--write). Biome is now smarter when it runs lint rules and assist actions. First, it runs only rules that have code fixes, and then runs the rest of the rules.

#8651 aafca2d Thanks @siketyan! - Add a new lint rule useDisposables for JavaScript, which detects disposable objects assigned to variables without using or await using syntax. Disposable objects that implement the Disposable or AsyncDisposable interface are intended to be disposed of after use. Not disposing them can lead to resource or memory leaks, depending on the implementation.

Invalid:

... (truncated)

Changelog

Sourced from @biomejs/biome's changelog.

2.4.11

Patch Changes
#9350 4af4a3a Thanks @dyc3! - Added the new nursery rule useConsistentTestIt in the test domain. The rule enforces consistent use of either it or test for test functions in Jest/Vitest suites, with separate control for top-level tests and tests inside describe blocks.

Invalid:
test("should fly", () => {}); // Top-level test using 'test' flagged, convert to 'it'
describe("pig", () => {
test("should fly", () => {}); // Test inside 'describe' using 'test' flagged, convert to 'it'
});
#9429 a2f3f7e Thanks @ematipico! - Added the new nursery lint rule useExplicitReturnType. It reports TypeScript functions and methods that omit an explicit return type.
function toString(x: any) {
  // rule triggered, it doesn't declare a return type
  return x.toString();
}
#9828 9e40844 Thanks @ematipico! - Fixed #9484: the formatter no longer panics when formatting files that contain graphql tagged template literals combined with parenthesized expressions.

#9886 e7c681e Thanks @ematipico! - Fixed an issue where, occasionally, some bindings and references were not properly tracked, causing false positives from noUnusedVariables and noUndeclaredVariables in Svelte, Vue, and Astro files.

#9760 5b16d18 Thanks @myx0m0p! - Fixed #4093: the noDelete rule no longer triggers for delete process.env.FOO, since delete is the documented way to remove environment variables in Node.js.
#9799 2af8efd Thanks @minseong0324! - Added the rule noMisleadingReturnType. The rule detects when a function's return type annotation is wider than what the implementation actually returns.
// Flagged: `: string` is wider than `"loading" | "idle"`
function getStatus(b: boolean): string {
  if (b) return "loading";
  return "idle";
}
#9880 7f67749 Thanks @dyc3! - Improved the diagnostics for useFind to better explain the problem, why it matters, and how to fix it.

#9755 bff7bdb Thanks @ematipico! - Improved performance of fix-all operations (--write). Biome is now smarter when it runs lint rules and assist actions. First, it runs only rules that have code fixes, and then runs the rest of the rules.

#8651

Bumps the all-deps group with 22 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@filoz/synapse-sdk](https://github.com/FilOzone/synapse-sdk) | `0.39.0` | `0.40.3` | | [@tanstack/ai](https://github.com/TanStack/ai/tree/HEAD/packages/typescript/ai) | `0.2.2` | `0.10.1` | | [@tanstack/ai-gemini](https://github.com/TanStack/ai/tree/HEAD/packages/typescript/ai-gemini) | `0.3.2` | `0.8.5` | | [@tanstack/ai-grok](https://github.com/TanStack/ai/tree/HEAD/packages/typescript/ai-grok) | `0.1.0` | `0.6.4` | | [@tanstack/ai-ollama](https://github.com/TanStack/ai/tree/HEAD/packages/typescript/ai-ollama) | `0.3.0` | `0.6.4` | | [@tanstack/ai-openai](https://github.com/TanStack/ai/tree/HEAD/packages/typescript/ai-openai) | `0.2.1` | `0.7.3` | | [marked](https://github.com/markedjs/marked) | `14.1.4` | `18.0.0` | | [viem](https://github.com/wevm/viem) | `2.47.6` | `2.47.12` | | [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) | `2.3.11` | `2.4.11` | | [dotenv](https://github.com/motdotla/dotenv) | `16.6.1` | `17.4.1` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.21` | `8.0.8` | | [@privy-io/wagmi](https://github.com/orgs/privy-io) | `3.0.0` | `4.0.4` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.562.0` | `1.8.0` | | [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.4` | `10.0.1` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.19.17` | `25.6.0` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `5.2.0` | `6.0.1` | | [eslint](https://github.com/eslint/eslint) | `9.39.4` | `10.2.0` | | [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.4.26` | `0.5.2` | | [globals](https://github.com/sindresorhus/globals) | `16.5.0` | `17.4.0` | | [typescript](https://github.com/microsoft/TypeScript) | `5.8.3` | `6.0.2` | | [@solidity-parser/parser](https://github.com/solidity-parser/parser) | `0.18.0` | `0.20.2` | | [forge-std](https://github.com/foundry-rs/forge-std) | `v1.9.4` | `v1.15.0` | Updates `@filoz/synapse-sdk` from 0.39.0 to 0.40.3 - [Release notes](https://github.com/FilOzone/synapse-sdk/releases) - [Commits](FilOzone/synapse-sdk@synapse-sdk-v0.39.0...synapse-sdk-v0.40.3) Updates `@tanstack/ai` from 0.2.2 to 0.10.1 - [Release notes](https://github.com/TanStack/ai/releases) - [Changelog](https://github.com/TanStack/ai/blob/main/packages/typescript/ai/CHANGELOG.md) - [Commits](https://github.com/TanStack/ai/commits/@tanstack/[email protected]/packages/typescript/ai) Updates `@tanstack/ai-gemini` from 0.3.2 to 0.8.5 - [Release notes](https://github.com/TanStack/ai/releases) - [Changelog](https://github.com/TanStack/ai/blob/main/packages/typescript/ai-gemini/CHANGELOG.md) - [Commits](https://github.com/TanStack/ai/commits/HEAD/packages/typescript/ai-gemini) Updates `@tanstack/ai-grok` from 0.1.0 to 0.6.4 - [Release notes](https://github.com/TanStack/ai/releases) - [Changelog](https://github.com/TanStack/ai/blob/main/packages/typescript/ai-grok/CHANGELOG.md) - [Commits](https://github.com/TanStack/ai/commits/HEAD/packages/typescript/ai-grok) Updates `@tanstack/ai-ollama` from 0.3.0 to 0.6.4 - [Release notes](https://github.com/TanStack/ai/releases) - [Changelog](https://github.com/TanStack/ai/blob/main/packages/typescript/ai-ollama/CHANGELOG.md) - [Commits](https://github.com/TanStack/ai/commits/HEAD/packages/typescript/ai-ollama) Updates `@tanstack/ai-openai` from 0.2.1 to 0.7.3 - [Release notes](https://github.com/TanStack/ai/releases) - [Changelog](https://github.com/TanStack/ai/blob/main/packages/typescript/ai-openai/CHANGELOG.md) - [Commits](https://github.com/TanStack/ai/commits/HEAD/packages/typescript/ai-openai) Updates `marked` from 14.1.4 to 18.0.0 - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](markedjs/marked@v14.1.4...v18.0.0) Updates `viem` from 2.47.6 to 2.47.12 - [Release notes](https://github.com/wevm/viem/releases) - [Commits](https://github.com/wevm/viem/compare/[email protected]@2.47.12) Updates `@biomejs/biome` from 2.3.11 to 2.4.11 - [Release notes](https://github.com/biomejs/biome/releases) - [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md) - [Commits](https://github.com/biomejs/biome/commits/@biomejs/[email protected]/packages/@biomejs/biome) Updates `dotenv` from 16.6.1 to 17.4.1 - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](motdotla/dotenv@v16.6.1...v17.4.1) Updates `vite` from 5.4.21 to 8.0.8 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v8.0.8/packages/vite) Updates `@privy-io/wagmi` from 3.0.0 to 4.0.4 - [Commits](https://github.com/orgs/privy-io/commits) Updates `lucide-react` from 0.562.0 to 1.8.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.8.0/packages/lucide-react) Updates `@eslint/js` from 9.39.4 to 10.0.1 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v10.0.1/packages/js) Updates `@types/node` from 22.19.17 to 25.6.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitejs/plugin-react` from 5.2.0 to 6.0.1 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/[email protected]/packages/plugin-react) Updates `eslint` from 9.39.4 to 10.2.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.4...v10.2.0) Updates `eslint-plugin-react-refresh` from 0.4.26 to 0.5.2 - [Release notes](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases) - [Changelog](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md) - [Commits](ArnaudBarre/eslint-plugin-react-refresh@v0.4.26...v0.5.2) Updates `globals` from 16.5.0 to 17.4.0 - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](sindresorhus/globals@v16.5.0...v17.4.0) Updates `typescript` from 5.8.3 to 6.0.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](microsoft/TypeScript@v5.8.3...v6.0.2) Updates `@solidity-parser/parser` from 0.18.0 to 0.20.2 - [Release notes](https://github.com/solidity-parser/parser/releases) - [Changelog](https://github.com/solidity-parser/parser/blob/master/CHANGELOG.md) - [Commits](solidity-parser/parser@v0.18.0...v0.20.2) Updates `forge-std` from v1.9.4 to v1.15.0 - [Release notes](https://github.com/foundry-rs/forge-std/releases) - [Changelog](https://github.com/foundry-rs/forge-std/blob/master/RELEASE_CHECKLIST.md) - [Commits](foundry-rs/forge-std@v1.9.4...0844d7e) --- updated-dependencies: - dependency-name: "@filoz/synapse-sdk" dependency-version: 0.40.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: "@tanstack/ai" dependency-version: 0.10.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: "@tanstack/ai-gemini" dependency-version: 0.8.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: "@tanstack/ai-grok" dependency-version: 0.6.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: "@tanstack/ai-ollama" dependency-version: 0.6.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: "@tanstack/ai-openai" dependency-version: 0.7.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: marked dependency-version: 18.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-deps - dependency-name: viem dependency-version: 2.47.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-deps - dependency-name: "@biomejs/biome" dependency-version: 2.4.11 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: dotenv dependency-version: 17.4.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-deps - dependency-name: vite dependency-version: 8.0.8 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: "@privy-io/wagmi" dependency-version: 4.0.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-deps - dependency-name: lucide-react dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-deps - dependency-name: "@eslint/js" dependency-version: 10.0.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: "@types/node" dependency-version: 25.6.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: "@vitejs/plugin-react" dependency-version: 6.0.1 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: eslint dependency-version: 10.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: eslint-plugin-react-refresh dependency-version: 0.5.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: globals dependency-version: 17.4.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: typescript dependency-version: 6.0.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: all-deps - dependency-name: "@solidity-parser/parser" dependency-version: 0.20.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: all-deps - dependency-name: forge-std dependency-version: '0844d7e1fc5e60d77b68e469bff60265f236c398' dependency-type: direct:development dependency-group: all-deps ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 10, 2026

dependabot Bot requested review from Abhishekzod007, jriyyya and marsian83 as code owners April 10, 2026 09:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-deps group across 1 directory with 22 updates#13

Bump the all-deps group across 1 directory with 22 updates#13
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/all-deps-55a34111e0

dependabot Bot commented on behalf of github Apr 10, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Apr 10, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

synapse-sdk: v0.40.3

0.40.3 (2026-04-02)

Features

Bug Fixes

Chores

synapse-sdk: v0.40.2

0.40.2 (2026-03-30)

Features

Bug Fixes

Chores

Documentation

synapse-sdk: v0.40.1

0.40.1 (2026-03-30)

Bug Fixes

@​tanstack/ai@​0.10.1

Patch Changes

@​tanstack/ai@​0.9.2

Patch Changes

@​tanstack/ai@​0.9.1

Patch Changes

@​tanstack/ai-gemini@​0.8.4

Patch Changes

@​tanstack/ai-react@​0.7.9

Patch Changes

@​tanstack/ai-client@​0.7.8

Patch Changes

0.10.1

Patch Changes

0.10.0

Minor Changes

Patch Changes

0.9.2

Patch Changes

0.9.1

Patch Changes

@​tanstack/ai-gemini@​0.8.4

Patch Changes

@​tanstack/ai-gemini@​0.7.0

Minor Changes

@​tanstack/ai-gemini@​0.6.0

Patch Changes

0.8.5

Patch Changes

0.8.4

Patch Changes

0.8.3

Patch Changes

0.8.2

Patch Changes

0.8.1

Patch Changes

0.8.0

Minor Changes

@​tanstack/ai-grok@​0.6.3

Patch Changes

@​tanstack/ai-grok@​0.6.0

Patch Changes

0.6.4

Patch Changes

0.6.3

Patch Changes

0.6.2

Patch Changes

0.6.1

Patch Changes

0.6.0

Patch Changes

0.5.0

Patch Changes

0.4.1

Patch Changes

0.4.0

@​tanstack/ai-ollama@​0.6.3

Patch Changes

@​tanstack/ai-ollama@​0.6.0

Patch Changes

0.6.4

dependabot Bot commented on behalf of github Apr 10, 2026 •

edited

Loading

`@tanstack/ai@0`.10.1

`@tanstack/ai@0`.9.2

`@tanstack/ai@0`.9.1

`@tanstack/ai-gemini@0`.8.4

`@tanstack/ai-react@0`.7.9

`@tanstack/ai-client@0`.7.8

`@tanstack/ai-gemini@0`.8.4

`@tanstack/ai-gemini@0`.7.0

`@tanstack/ai-gemini@0`.6.0

`@tanstack/ai-grok@0`.6.3

`@tanstack/ai-grok@0`.6.0

`@tanstack/ai-ollama@0`.6.3

`@tanstack/ai-ollama@0`.6.0

`@tanstack/ai-openai@0`.7.2

`@tanstack/ai-openai@0`.6.0