Bump the all-npm group with 3 updates

[dependabot]

Bumps the all-npm group with 3 updates: @aws-sdk/client-eventbridge, @biomejs/biome and typescript.

Updates @aws-sdk/client-eventbridge from 3.1014.0 to 3.1019.0

Release notes

Sourced from @​aws-sdk/client-eventbridge's releases.

v3.1019.0

3.1019.0(2026-03-27)

Chores

• codegen: import from core submodules instead of root (#7896) (e35edfcd)
• scripts:
  • client tarball generation with canonical name (#7893) (742196a8)
  • cjs inliner - cache externality check to reduce logging (#7892) (151df912)
• script to generate client tarball (#7866) (5292adc8)

Documentation Changes

• client-neptunedata: Minor formatting changes to remove unnecessary symbols. (d13b120c)

New Features

• client-bedrock-agentcore: Adding AgentCore Code Interpreter Node.js Runtime Support with an optional runtime field (5a5bd743)
• client-bedrock-agentcore-control: Adds support for custom code-based evaluators using customer-managed Lambda functions. (42dda2d1)
• client-omics: AWS HealthOmics now supports VPC networking, allowing users to connect runs to external resources with NAT gateway, AWS VPC resources, and more. New Configuration APIs support configuring VPC settings. StartRun API now accepts networkingMode and configurationName parameters to enable VPC networking. (a16cb606)

---

For list of updated packages, view updated-packages.md in assets-3.1019.0.zip

v3.1018.0

3.1018.0(2026-03-26)

Chores

• lib-storage: change default AbortController in Upload to the global implementation (#7880) (31c06fb0)

Documentation Changes

• packages-internal: readme updates for internal packages (#7885) (2da8b4cd)

New Features

• clients: update client endpoints as of 2026-03-26 (bc19bda4)
• client-emr: Add StepExecutionRoleArn to RunJobFlow API (59a0577f)
• client-timestream-influxdb: Timestream for InfluxDB adds support for customer defined maintenance windows. This allows customers to define maintenance schedule during resource creation and updates (22d9a2c8)
• client-cloudwatch-logs: This release adds parameter support to saved queries in CloudWatch Logs Insights. Define reusable query templates with named placeholders, invoke them using start query. Available in Console, CLI and SDK (2c09ac48)
• client-bcm-data-exports: With this release we are providing an option to accounts to have their export delivered to an S3 bucket that is not owned by the account. (ec48160e)
• client-sagemaker: Release support for ml.r5d.16xlarge instance types for SageMaker HyperPod (db6db4e3)

Tests

• client-ses: turn off email verification e2e test (#7886) (ae42308f)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-eventbridge's changelog.

3.1019.0 (2026-03-27)

Note: Version bump only for package @​aws-sdk/client-eventbridge

3.1018.0 (2026-03-26)

Note: Version bump only for package @​aws-sdk/client-eventbridge

3.1017.0 (2026-03-25)

Note: Version bump only for package @​aws-sdk/client-eventbridge

3.1016.0 (2026-03-24)

Note: Version bump only for package @​aws-sdk/client-eventbridge

3.1015.0 (2026-03-23)

Note: Version bump only for package @​aws-sdk/client-eventbridge

Commits

• a84cde6 Publish v3.1019.0
• e35edfc chore(codegen): import from core submodules instead of root (#7896)
• a3a34e3 Publish v3.1018.0
• 32dfe7f Publish v3.1017.0
• 7ca64d5 Publish v3.1016.0
• 09b1455 Publish v3.1015.0
• See full diff in compare view

Updates @biomejs/biome from 2.4.8 to 2.4.9

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.9

2.4.9

Patch Changes

• #9315 085d324 Thanks @​ematipico! - Added a new nursery CSS rule noDuplicateSelectors, that disallows duplicate selector lists within the same at-rule context.

  For example, the following snippet triggers the rule because the second selector and the first selector are the same:

  /* First selector */
  .x .y .z {
  }
  /* Second selector */
  .x {
  .y {
  .z {
  }
  }
  }

• #9567 b7ab931 Thanks @​ematipico! - Fixed #7211: useOptionalChain now detects negated logical OR chains. The following code is now considered invalid:

  !foo || !foo.bar;

• #8670 607ebf9 Thanks @​tt-a1i! - Fixed #8345: useAdjacentOverloadSignatures no longer reports false positives for static and instance methods with the same name. Static methods and instance methods are now treated as separate overload groups.

  class Kek {
    static kek(): number {
      return 0;
    }
    another(): string {
      return "";
    }
    kek(): number {
      return 1;
    } // no longer reported as non-adjacent
  }

• #9476 97b80a8 Thanks @​masterkain! - Fixed [#9475](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/9475): Fixed a panic when Biome analyzed ambient TypeScript modules containing class constructor, getter, or setter signatures that reference local type aliases. Biome now handles these declarations without crashing during semantic analysis.

• #9553 0cd5298 Thanks @​dyc3! - Fixed a bug where enabling the rules of a whole group, would enable rules that belonged to a domain under the same group.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.9

Patch Changes

• #9315 085d324 Thanks @​ematipico! - Added a new nursery CSS rule noDuplicateSelectors, that disallows duplicate selector lists within the same at-rule context.

  For example, the following snippet triggers the rule because the second selector and the first selector are the same:

  /* First selector */
  .x .y .z {
  }
  /* Second selector */
  .x {
  .y {
  .z {
  }
  }
  }

• #9567 b7ab931 Thanks @​ematipico! - Fixed #7211: useOptionalChain now detects negated logical OR chains. The following code is now considered invalid:

  !foo || !foo.bar;

• #8670 607ebf9 Thanks @​tt-a1i! - Fixed #8345: useAdjacentOverloadSignatures no longer reports false positives for static and instance methods with the same name. Static methods and instance methods are now treated as separate overload groups.

  class Kek {
    static kek(): number {
      return 0;
    }
    another(): string {
      return "";
    }
    kek(): number {
      return 1;
    } // no longer reported as non-adjacent
  }

• #9476 97b80a8 Thanks @​masterkain! - Fixed [#9475](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome/issues/9475): Fixed a panic when Biome analyzed ambient TypeScript modules containing class constructor, getter, or setter signatures that reference local type aliases. Biome now handles these declarations without crashing during semantic analysis.

• #9553 0cd5298 Thanks @​dyc3! - Fixed a bug where enabling the rules of a whole group, would enable rules that belonged to a domain under the same group.

  For example, linter.rules.correctness = "error" no longer enables React- or Qwik-specific correctness rules unless linter.domains.react, linter.domains.qwik, or an explicit rule config also enables them, or their relative dependencies are installed.

... (truncated)

Commits

• ad37526 ci: release (#9620)
• eb57e3a chore: use npmx.dev badge (#9614)
• e168494 feat(linter): add rule noUntrustedLicenses (#9474)
• 085d324 feat(css): add noDuplicateSelectors (#9315)
• 4d050df feat(analyze): implement noInlineStyles (#9534)
• 723798b feat: apply fix to use consistent method signatures (#9544)
• See full diff in compare view

Updates typescript from 5.9.3 to 6.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).

Downloads are available on:

• npm

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• 206ed1a Deprecate assert in import() (#63172)
• e688ac8 Update dependencies (#63156)
• 29b300d Bump the github-actions group across 1 directory with 2 updates (#63205)
• 0c2c7a3 DOM update (#63183)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions