chore(deps-dev): bump the minor-development-deps group with 8 updates

[dependabot]

Bumps the minor-development-deps group with 8 updates:

Package	From	To
@biomejs/biome	2.2.3	2.2.4
@oclif/test	4.1.13	4.1.14
@readme/standards	2.1.1	2.2.0
knip	5.63.1	5.64.1
oclif	4.22.18	4.22.27
rollup	4.50.1	4.52.3
tsx	4.20.5	4.20.6
typescript	5.9.2	5.9.3

Updates @biomejs/biome from 2.2.3 to 2.2.4

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.2.4

2.2.4

Patch Changes

• #7453 aa8cea3 Thanks @​arendjr! - Fixed #7242: Aliases specified in package.json's imports section now support having multiple targets as part of an array.

• #7454 ac17183 Thanks @​arendjr! - Greatly improved performance of noImportCycles by eliminating allocations.

  In one repository, the total runtime of Biome with only noImportCycles enabled went from ~23s down to ~4s.

• #7447 7139aad Thanks @​rriski! - Fixes #7446. The GritQL $... spread metavariable now correctly matches members in object literals, aligning its behavior with arrays and function calls.

• #6710 98cf9af Thanks @​arendjr! - Fixed #4723: Type inference now recognises index signatures and their accesses when they are being indexed as a string.

  Example

  type BagOfPromises = {
    // This is an index signature definition. It declares that instances of type
    // `BagOfPromises` can be indexed using arbitrary strings.
    [property: string]: Promise<void>;
  };
  let bag: BagOfPromises = {};
  // Because bag.iAmAPromise is equivalent to bag[&quot;iAmAPromise&quot;], this is
  // considered an access to the string index, and a Promise is expected.
  bag.iAmAPromise;

• #7415 d042f18 Thanks @​qraqras! - Fixed #7212, now the useOptionalChain rule recognizes optional chaining using typeof (e.g., typeof foo !== 'undefined' && foo.bar).

• #7419 576baf4 Thanks @​Conaclos! - Fixed #7323. noUnusedPrivateClassMembers no longer reports as unused TypeScript private members if the rule encounters a computed access on this.

  In the following example, member as previously reported as unused. It is no longer reported.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.2.4

Patch Changes

• #7453 aa8cea3 Thanks @​arendjr! - Fixed #7242: Aliases specified in package.json's imports section now support having multiple targets as part of an array.

• #7454 ac17183 Thanks @​arendjr! - Greatly improved performance of noImportCycles by eliminating allocations.

  In one repository, the total runtime of Biome with only noImportCycles enabled went from ~23s down to ~4s.

• #7447 7139aad Thanks @​rriski! - Fixes #7446. The GritQL $... spread metavariable now correctly matches members in object literals, aligning its behavior with arrays and function calls.

• #6710 98cf9af Thanks @​arendjr! - Fixed #4723: Type inference now recognises index signatures and their accesses when they are being indexed as a string.

  Example

  type BagOfPromises = {
    // This is an index signature definition. It declares that instances of type
    // `BagOfPromises` can be indexed using arbitrary strings.
    [property: string]: Promise<void>;
  };
  let bag: BagOfPromises = {};
  // Because bag.iAmAPromise is equivalent to bag[&quot;iAmAPromise&quot;], this is
  // considered an access to the string index, and a Promise is expected.
  bag.iAmAPromise;

• #7415 d042f18 Thanks @​qraqras! - Fixed #7212, now the useOptionalChain rule recognizes optional chaining using typeof (e.g., typeof foo !== 'undefined' && foo.bar).

• #7419 576baf4 Thanks @​Conaclos! - Fixed #7323. noUnusedPrivateClassMembers no longer reports as unused TypeScript private members if the rule encounters a computed access on this.

  In the following example, member as previously reported as unused. It is no longer reported.

  class TsBioo {
    private member: number;
  set_with_name(name: string, value: number) {
  this[name] = value;
  }
  }

... (truncated)

Commits

• 5d212c5 ci: release (#7450)
• 351bccd chore: restore release files
• 32dbfa1 ci: release (#7413)
• 75b6a0d feat(linter): add rule noJsxLiterals (#7248)
• 53ff5ae feat(analyse/json): add noDuplicateDependencies rule (#7142)
• See full diff in compare view

Updates @oclif/test from 4.1.13 to 4.1.14

Release notes

Sourced from @​oclif/test's releases.

4.1.14

Bug Fixes

• deps: bump debug from 4.4.1 to 4.4.3 (5d1ed0d)

Changelog

Sourced from @​oclif/test's changelog.

4.1.14 (2025-09-14)

Bug Fixes

• deps: bump debug from 4.4.1 to 4.4.3 (5d1ed0d)

Commits

• 4fda6bb chore(release): 4.1.14 [skip ci]
• e733920 Merge pull request #812 from oclif/dependabot-npm_and_yarn-debug-4.4.3
• 5d1ed0d fix(deps): bump debug from 4.4.1 to 4.4.3
• e94b565 Merge pull request #808 from oclif/dependabot-npm_and_yarn-eslint-config-ocli...
• 652a5a9 chore(dev-deps): bump eslint-config-oclif from 6.0.98 to 6.0.101
• 8a56f40 Merge pull request #809 from oclif/dependabot-npm_and_yarn-eslint-9.35.0
• 7b63f09 Merge pull request #810 from oclif/dependabot-npm_and_yarn-types-node-18.19.124
• 1fd68ad chore(dev-deps): bump @​types/node from 18.19.123 to 18.19.124
• 871a830 chore(dev-deps): bump eslint from 9.34.0 to 9.35.0
• a753528 Merge pull request #806 from oclif/dependabot-npm_and_yarn-eslint-config-ocli...
• Additional commits viewable in compare view

Updates @readme/standards from 2.1.1 to 2.2.0

Commits

• 78f2d4b chore(release): publish
• 57b5468 feat(standards): flipping on the separatedType option for useImportType
• 0825444 chore(deps): bump @​vitest/eslint-plugin from 1.3.5 to 1.3.8 (#1032)
• adfb318 chore(deps): bump eslint-plugin-testing-library from 7.6.6 to 7.6.8 (#1034)
• 90b88a0 chore(deps-dev): bump typescript in the minor-development-deps group (#1033)
• c858847 chore: removing spectral-config from dependabot, adding standards
• f99577c chore(deps): bump @​typescript-eslint/eslint-plugin from 8.38.0 to 8.41.0 (#1024)
• b3b38d7 chore(deps): bump eslint-plugin-testing-library from 7.6.3 to 7.6.6 (#1023)
• acadf24 chore(deps): bump @​typescript-eslint/parser from 8.38.0 to 8.41.0 (#1022)
• fb6616f chore(deps): bump eslint-config-prettier from 10.1.5 to 10.1.8 (#1025)
• Additional commits viewable in compare view

Updates knip from 5.63.1 to 5.64.1

Release notes

Sourced from knip's releases.

Release 5.64.1

• Edit docs (634b59d07353bc09db762ee1b672df06da66da59)
• Edit docs (d3433f00840736e11cc5c845babffe415ecad1fe)
• Add "How to keep package.json under control" article (570f40b15007c075d7f1e4d77bd2970034eec8ec)
• We're incompatible with typescript v7 (f4f9166a0fca265e6f0dc939528836ce7003938f)
• Migrate from bun → pnpm (f18428c53d5bff7bad5259bf053e1d8c2b78881f)
• Migrate from biome v1 → v2 (7ae5d72dadba0d8084842765ba3c045ac9199aa5)
• Update dependencies (3174456e0c0f3086cc52d41cbea647b5a50cc057)
• Re-gen plugins list (2da7ba49e8930c68b3cf8d1421a88cf975af9800)
• Migrate from zod v3 → v4 (a71c1030be3ee6b7312fdb952504a3f1dbe5a694)

Release 5.64.0

• Fix formatting (900068149a5612cb6d084d46a3ff31b94c49b284)
• Add env-cmd Support (#1254) (21d6b5183ad10b3296cdb9c8f21a8f2d01bb36e9) - thanks @​joealden!
• Re-gen sponsorships chart (185c6389226216548c5691acbac38dda3bf07dfd)
• fix: handle only string modules in dependency resolution (#1263) (a54021b6e5904fe6a6e87614728b841fe6931858) - thanks @​wattanx!
• fix: bun ci (#1267) (3d1c3c5b91f440ade9f1069dd41f402e50645c6c) - thanks @​Zamiell!
• Filter out invalid binaries (resolves #1264) (6f306111e4571418546da2aaf40d9b533940dd28)
• Work types for good ol' ts 5.0.4 (9913ee755014285036a12ceed65371eb47a321eb)
• Add @​Datadog-OSS sponsor (a61d9fef9b3ea9c163c6408b1b38495417aeb1da)
• feat: GitHub actions reporter (#1231) (0a234504fd626f9f0a59aa377301fa46639539c1) - thanks @​cylewaitforit!
• Add pos to unlisted deps issue type (5b54dae614d1b0719046405241d80e390ab9f4ba)
• Improve import specifier sanitizer (resolves #1257) (087a98e028994d3e19bfcfd88b7b6231855de781)
• Cover more cases for symbol refs finder (resolves #1273) (3d76e51e59eceeb528ef6e20ca5e3a1bfff2a841)
• Fix package name of rslib enabler (#1272) (432bdccb9aa3c8c7d8c0114f6614a651d959e56d) - thanks @​nyarthan!
• Pass parsed CLI args to config-as-a-function (b0814c9d454ccd060aeda693398d1707ef678fc4)
• Ignore !-suffixed deps/bins only in production mode (resolves #1253) (06d4df84e7fe2735fce8bc1b1b12e78016e38ebb)
• Update docs (0d8fd135b46855f6d606783e6c256cceeccf9acf)
• Auto-format (f54a7bd2cd74354f51fb46ae978b3e5db8759fd7)
• Find accessed identifiers for dynamic imports (resolves #1155, resolves #1230) (ec0be7e3b222da5b6ddb34baad9d2591f0f479cb)
• Update oxc-resolver and a few more (dev) deps (96c822a40855c21152f81a1599458850b4f6c2dc)
• Optimize getAccessedIdentifiers (8fb95019030533909c970bdb204b4779c19eaf5d)
• fix: enable pnpm plugin on root config & lockfile (#1275) (6e339cadc079b0e144c2036134154c696e8b31c0) - thanks @​nyarthan!
• Remove ancient past sponsors (e9e6e911d87cf550df87647f5a9b949d32faa27f)
• Remove default binaries values in plugins (aac28c491ead836231e7487a8ebea056d0cf16cc)
• Remove default containingFilePath value in angular plugin (92089275df7752a830c171d8d1d4cb39b0a83565)
• Add isRootOnly to pnpm plugin (fe99f594ac79c2bb3590091651300062b690a12b)
• Move/extend docs to write plugin (497bddb5479a53d59baaa078225343a621eaa317)
• feat: add time & unzip to ignored binaries (#1276) (4f8d9df599ffaba171e2535ffe61153f4ce1089a) - thanks @​nyarthan!
• Add Rstest Plugin (#1277) (5b7d92f101153294708a3d1afe8d2c4d61595116) - thanks @​nyarthan!
• Edit docs (847ccf168776f2cb6c9b5108a208ea8eae12799f)
• feat: add plugin for bumpp (#1278) (136a14bc4ff4138389a831afc62f5406f66223a5) - thanks @​nyarthan!
• Support input resolver from args in plugins (resolve #1274) (19dd367764fa078fb9c93bb0a715492ff0581098)
• Edit docs (77d683e2b75b44c7fd5fc47b59621398b86028ea)

Commits

• e0ff0b5 Release 5.64.1
• a71c103 Migrate from zod v3 → v4
• 3174456 Update dependencies
• 7ae5d72 Migrate from biome v1 → v2
• f18428c Migrate from bun → pnpm
• f4f9166 We're incompatible with typescript v7
• f0aeb5b Release 5.64.0
• 77d683e Edit docs
• 19dd367 Support input resolver from args in plugins (resolve #1274)
• 136a14b feat: add plugin for bumpp (#1278)
• Additional commits viewable in compare view

Updates oclif from 4.22.18 to 4.22.27

Release notes

Sourced from oclif's releases.

4.22.27

Bug Fixes

• deps: bump @​aws-sdk/client-s3 from 3.888.0 to 3.896.0 (d1a23d4)

4.22.26

Bug Fixes

• deps: bump @​oclif/plugin-warn-if-update-available (2071be4)

4.22.25

Bug Fixes

• deps: bump @​oclif/plugin-help from 6.2.32 to 6.2.33 (e58feae)

4.22.24

Bug Fixes

• deps: bump @​aws-sdk/client-cloudfront from 3.888.0 to 3.893.0 (2830eed)

4.22.23

Bug Fixes

• deps: bump @​oclif/core from 4.5.3 to 4.5.4 (77431f9)

4.22.22

Bug Fixes

• deps: bump @​oclif/plugin-not-found from 3.2.67 to 3.2.68 (361942c)

4.22.21

Bug Fixes

• deps: bump @​oclif/core from 4.5.2 to 4.5.3 (651f1d9)

4.22.20

Bug Fixes

• deps: bump @​aws-sdk/client-cloudfront from 3.883.0 to 3.888.0 (cb30bf3)

4.22.19

Bug Fixes

• deps: bump @​aws-sdk/client-s3 from 3.879.0 to 3.888.0 (e32b658)

Changelog

Sourced from oclif's changelog.

4.22.27 (2025-09-28)

Bug Fixes

• deps: bump @​aws-sdk/client-s3 from 3.888.0 to 3.896.0 (d1a23d4)

4.22.26 (2025-09-28)

Bug Fixes

• deps: bump @​oclif/plugin-warn-if-update-available (2071be4)

4.22.25 (2025-09-28)

Bug Fixes

• deps: bump @​oclif/plugin-help from 6.2.32 to 6.2.33 (e58feae)

4.22.24 (2025-09-21)

Bug Fixes

• deps: bump @​aws-sdk/client-cloudfront from 3.888.0 to 3.893.0 (2830eed)

4.22.23 (2025-09-21)

Bug Fixes

• deps: bump @​oclif/core from 4.5.3 to 4.5.4 (77431f9)

4.22.22 (2025-09-14)

Bug Fixes

• deps: bump @​oclif/plugin-not-found from 3.2.67 to 3.2.68 (361942c)

4.22.21 (2025-09-14)

Bug Fixes

• deps: bump @​oclif/core from 4.5.2 to 4.5.3 (651f1d9)

4.22.20 (2025-09-14)

Bug Fixes

• deps: bump @​aws-sdk/client-cloudfront from 3.883.0 to 3.888.0 (cb30bf3)

4.22.19 (2025-09-14)

... (truncated)

Commits

• d9520fd chore(release): 4.22.27 [skip ci]
• d45aa80 Merge pull request #1875 from oclif/dependabot-npm_and_yarn-aws-sdk-client-s3...
• 121dceb Merge pull request #1876 from oclif/dependabot-npm_and_yarn-oclif-plugin-lega...
• 7442c80 chore(release): 4.22.26 [skip ci]
• a3bcf06 Merge pull request #1877 from oclif/dependabot-npm_and_yarn-oclif-plugin-warn...
• 2071be4 fix(deps): bump @​oclif/plugin-warn-if-update-available
• d5a63d9 chore(release): 4.22.25 [skip ci]
• 5e21a49 Merge pull request #1878 from oclif/dependabot-npm_and_yarn-oclif-plugin-help...
• e58feae fix(deps): bump @​oclif/plugin-help from 6.2.32 to 6.2.33
• c805483 chore(dev-deps): bump @​oclif/plugin-legacy from 2.0.24 to 2.0.25
• Additional commits viewable in compare view

Updates rollup from 4.50.1 to 4.52.3

Release notes

Sourced from rollup's releases.

v4.52.3

4.52.3

2025-09-27

Bug Fixes

• Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

• #6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@​Jobians, @​lukastaegert)
• #6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@​renovate[bot])
• #6125: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #6126: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

v4.52.2

4.52.2

2025-09-23

Bug Fixes

• Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

• #6109: fix(rust): use prebuilt std when it is available (@​cyyynthia)

v4.52.1

4.52.1

2025-09-23

Bug Fixes

• Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

• #6121: Simplify top-level await deadlock prevention (@​lukastaegert)

v4.52.0

4.52.0

2025-09-19

Features

• Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.52.3

2025-09-27

Bug Fixes

• Fix check in native loader for environments that do not support reports (#6123)

Pull Requests

• #6123: fix(native-loader): safely handle report.getReport() on Termux/Android (@​Jobians, @​lukastaegert)
• #6124: chore(deps): pin msys2/setup-msys2 action to fb197b7 (@​renovate[bot])
• #6125: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot])
• #6126: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot])

4.52.2

2025-09-23

Bug Fixes

• Fix Android build crashing due to failed dlopen (#6109)

Pull Requests

• #6109: fix(rust): use prebuilt std when it is available (@​cyyynthia)

4.52.1

2025-09-23

Bug Fixes

• Opt-out of dynamic import optimization when using top-level await to effectively prevent deadlocks (#6121)

Pull Requests

• #6121: Simplify top-level await deadlock prevention (@​lukastaegert)

4.52.0

2025-09-19

Features

• Add option output.onlyExplicitManualChunks to turn off merging additional dependencies into manual chunks (#6087)
• Add support for x86_64-pc-windows-gnu platform (#6110)

Pull Requests

... (truncated)

Commits

• 74c555c 4.52.3
• 4362862 fix(native-loader): safely handle report.getReport() on Termux/Android (#6123)
• 7340c45 chore(deps): pin msys2/setup-msys2 action to fb197b7 (#6124)
• cfe817e chore(deps): lock file maintenance minor/patch updates (#6126)
• 89e4411 fix(deps): lock file maintenance minor/patch updates (#6125)
• fa2315c 4.52.2
• 10b2672 fix(rust): use prebuilt std when it is available (#6109)
• 69b5dd3 4.52.1
• 5eee44c Simplify top-level await deadlock prevention (#6121)
• 2029f63 4.52.0
• Additional commits viewable in compare view

Updates tsx from 4.20.5 to 4.20.6

Release notes

Sourced from tsx's releases.

v4.20.6

4.20.6 (2025-09-26)

Bug Fixes

• properly hide relaySignal from process.listeners() (#741) (710a424)

---

This release is also available on:

• npm package (@​latest dist-tag)

Commits

• 710a424 fix: properly hide relaySignal from process.listeners() (#741)
• 20b91c4 docs: make sponsors dynamic
• 08dcd59 chore: move vercel settings to root
• See full diff in compare view

Updates typescript from 5.9.2 to 5.9.3

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

Commits

• 31a0ead Don't compare "missing" to undefined in compareProperties under `exactOpt...
• d4b15eb Enhance type argument completions (#62170)
• 83ff202 Bump the github-actions group across 1 directory with 2 updates (#62507)
• e350126 Port microsoft/typescript-go#1764 (#62510)
• 97610a8 Port microsoft/typescript-go#1757 (#62501)
• 1cd5309 Port microsoft/typescript-go#1759 (#62502)
• 5f183ad Revert PR 61928 (#62423)
• 6f6efb4 Disable conditional exports fallbacks on null values (#62483)
• 96acaa5 Remove no-default-lib (#62435)
• 904e7dd Enable noUncheckedSideEffectImports by default (#62443)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions