Skip to content

Bump @biomejs/wasm-nodejs from 2.4.16 to 2.5.2#384

Open
dependabot[bot] wants to merge 1 commit into
Currentfrom
dependabot/npm_and_yarn/biomejs/wasm-nodejs-2.5.2
Open

Bump @biomejs/wasm-nodejs from 2.4.16 to 2.5.2#384
dependabot[bot] wants to merge 1 commit into
Currentfrom
dependabot/npm_and_yarn/biomejs/wasm-nodejs-2.5.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps @biomejs/wasm-nodejs from 2.4.16 to 2.5.2.

Release notes

Sourced from @​biomejs/wasm-nodejs's releases.

Biome CLI v2.5.2

2.5.2

Patch Changes

  • #10595 f458028 Thanks @​pkallos! - Added the option ignoreBooleanCoercion to useNullishCoalescing. When enabled, Biome ignores || and ||= used inside a Boolean() call, where coalescing on falsy values is intentional.

  • #10798 4a32b63 Thanks @​pkallos! - Added the option ignorePrimitives to useNullishCoalescing. When enabled, Biome ignores ||, ||=, and ternary expressions whose non-nullish operands are all primitives the option opts out of. Use true to ignore all primitives, or an object selecting string, number, boolean, or bigint.

  • #10545 f3d4c00 Thanks @​Mokto! - Added the new nursery rule noSvelteUnnecessaryStateWrap, which reports unnecessary $state() wrapping of classes from svelte/reactivity that are already reactive.

    <script>
    import { SvelteMap } from "svelte/reactivity";
    const map = $state(new SvelteMap()); // redundant
    </script>
  • #10752 f62fb8b Thanks @​ematipico! - Fixed #10739. Now the rule useValidAutocomplete correctly flags the autoComplete attribute.

  • #10796 f1b3ab2 Thanks @​ematipico! - Fixed #10768. Improved the performance of the Biome Language Server by cancelling certain in-flight operations when there are fast updates.

  • #10719 aa649b5 Thanks @​minseong0324! - Fixed noMisleadingReturnType false positive on returns that use a widening type assertion: "a" as string is no longer reported as misleading. The rule now also reports a literal-pinning assertion such as false as false, matching the existing as const behavior.

    // No longer flagged (returns are `string`):
    function getValue(b: boolean): string {
      if (b) return "a" as string;
      return "b" as string;
    }
    // Now also reported, like as const (returns false):
    function isReady(): boolean {
    return false as false;
    }

  • #10678 8f073a7 Thanks @​PranavAchar01! - Fixed #7718: Biome now correctly parses CSS nesting selectors when & appears as a trailing sub-selector after a type selector, e.g. h1& { color: red; }.

  • #10756 5ec965a Thanks @​denbezrukov! - Fixed CSS formatter output for selector lists with allowWrongLineComments and // comments after a selector comma. Biome now keeps the selector before the line comment inline instead of breaking it across descendant combinators.

    -.powerPathNavigator
    -  .helm
    -  button.pressedButton, // pressed
    +.powerPathNavigator .helm button.pressedButton, // pressed
     .powerPathNavigator .helm button:active:not(.disabledButton) {
     }

... (truncated)

Commits
  • e649198 ci: release (#10747)
  • ae31a00 fix(html_analyze): correctly handle dynamic values for attributes (#10683)
  • a4cc4ab fix(svelte): share \<script module>/\<script> scope for unused-binding rule...
  • aa649b5 fix(lint): noMisleadingReturnType reads type assertions as their asserted typ...
  • a66a42c docs: fix duplicate "children" in formatter comment (#10771)
  • 4a32b63 feat(lint): add ignorePrimitives option to useNullishCoalescing (#10798)
  • 2c3e82d fix(lint): detect Solid destructured props in JSX children (#10763)
  • 7aff4c1 fix(lint): ignore custom elements in noInteractiveElementToNoninteractiveRole...
  • 575ced6 fix(cli): filter verbose diagnostics in GitLab reporter (#10777)
  • f1b3ab2 refactor(core): move db outside workspace (#10796)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@biomejs/wasm-nodejs](https://github.com/biomejs/biome) from 2.4.16 to 2.5.2.
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/CHANGELOG_v1.md)
- [Commits](https://github.com/biomejs/biome/compare/@biomejs/biome@2.4.16...@biomejs/biome@2.5.2)

---
updated-dependencies:
- dependency-name: "@biomejs/wasm-nodejs"
  dependency-version: 2.5.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 1, 2026
@github-actions github-actions Bot requested a review from NikolaRHristov July 1, 2026 18:23
@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatednpm/​@​biomejs/​wasm-nodejs@​2.4.16 ⏵ 2.5.2100 +110074 +199 +1100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Development

Successfully merging this pull request may close these issues.

1 participant