chore(deps-dev): bump the minor-patch group with 2 updates

[dependabot]

Bumps the minor-patch group with 2 updates: @biomejs/biome and @vscode/vsce.

Updates @biomejs/biome from 2.4.11 to 2.4.12

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.12

2.4.12

Patch Changes

• #9376 9701a33 Thanks @​dyc3! - Added the nursery/noIdenticalTestTitle lint rule. This rule disallows using the same title for two describe blocks or two test cases at the same nesting level.

  describe("foo", () => {});
  describe("foo", () => {
    // invalid: same title as previous describe block
    test("baz", () => {});
    test("baz", () => {}); // invalid: same title as previous test case
  });

• #9889 7ae83f2 Thanks @​dyc3! - Improved the diagnostics for useForOf to better explain the problem, why it matters, and how to fix it.

• #9916 27dd7b1 Thanks @​Jayllyz! - Added a new nursery rule noComponentHookFactories, that disallows defining React components or custom hooks inside other functions.

  For example, the following snippets trigger the rule:

  function createComponent(label) {
    function MyComponent() {
      return <div>{label}</div>;
    }
    return MyComponent;
  }

  function Parent() {
    function Child() {
      return <div />;
    }
    return <Child />;
  }

• #9980 098f1ff Thanks @​ematipico! - Fixed #9941: Biome now emits a warning diagnostic when a file exceed the files.maxSize limit.

• #9942 9956f1d Thanks @​dyc3! - Fixed #9918: useConsistentTestIt no longer panics when applying fixes to chained calls such as test.for([])("x", () => {});.

• #9891 4d9ac51 Thanks @​dyc3! - Improved the noGlobalObjectCalls diagnostic to better explain why calling global objects like Math or JSON is invalid and how to fix it.

• #9902 3f4d103 Thanks @​ematipico! - Fixed #9901: the command lint --write is now idempotent when it's run against HTML-ish files that contains scripts and styles.

• #9891 4d9ac51 Thanks @​dyc3! - Improved the noMultiStr diagnostic to explain why escaped multiline strings are discouraged and what to use instead.

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.12

Patch Changes

• #9376 9701a33 Thanks @​dyc3! - Added the nursery/noIdenticalTestTitle lint rule. This rule disallows using the same title for two describe blocks or two test cases at the same nesting level.

  describe("foo", () => {});
  describe("foo", () => {
    // invalid: same title as previous describe block
    test("baz", () => {});
    test("baz", () => {}); // invalid: same title as previous test case
  });

• #9889 7ae83f2 Thanks @​dyc3! - Improved the diagnostics for useForOf to better explain the problem, why it matters, and how to fix it.

• #9916 27dd7b1 Thanks @​Jayllyz! - Added a new nursery rule noComponentHookFactories, that disallows defining React components or custom hooks inside other functions.

  For example, the following snippets trigger the rule:

  function createComponent(label) {
    function MyComponent() {
      return <div>{label}</div>;
    }
    return MyComponent;
  }

  function Parent() {
    function Child() {
      return <div />;
    }
    return <Child />;
  }

• #9980 098f1ff Thanks @​ematipico! - Fixed #9941: Biome now emits a warning diagnostic when a file exceed the files.maxSize limit.

• #9942 9956f1d Thanks @​dyc3! - Fixed #9918: useConsistentTestIt no longer panics when applying fixes to chained calls such as test.for([])("x", () => {});.

• #9891 4d9ac51 Thanks @​dyc3! - Improved the noGlobalObjectCalls diagnostic to better explain why calling global objects like Math or JSON is invalid and how to fix it.

• #9902 3f4d103 Thanks @​ematipico! - Fixed #9901: the command lint --write is now idempotent when it's run against HTML-ish files that contains scripts and styles.

• #9891 4d9ac51 Thanks @​dyc3! - Improved the noMultiStr diagnostic to explain why escaped multiline strings are discouraged and what to use instead.

• #9966 322675e Thanks @​siketyan! - Fixed #9113: Biome now parses and formats @media and other conditional blocks correctly inside embedded CSS snippets.

... (truncated)

Commits

• baaacfc ci: release (#9890)
• e0ba71d feat: implement useIframeSandbox (#9949)
• 2cff700 feat(lint/js): add useVarsOnTop (#9861)
• 27dd7b1 feat(react/js): add noComponentHookFactories (#9916)
• 0d0e611 feat(js_analyze): implement useReactAsyncServerFunction (#9909)
• f1c1363 feat(lint/js): add useStringStartsEndsWith (#9796)
• d417803 feat(js_analyze): implement noJsxNamespace (#9913)
• 9701a33 feat(lint/js): add noIdenticalTestTitle (#9376)
• c499f46 feat(lint): implement useReduceTypeParameter nursery rule (#9577)
• 40bd180 feat(lint/js): add noExcessiveSelectorClasses (#9866)
• See full diff in compare view

Updates @vscode/vsce from 3.7.1 to 3.8.0

Release notes

Sourced from @​vscode/vsce's releases.

v3.8.0

Changes:

• #1258: fix: run npm audit fix
• #1255: Bump brace-expansion
• #1253: Bump picomatch from 2.3.1 to 2.3.2
• #1252: Bump yauzl from 2.10.0 to 3.2.1
• #1250: Bump underscore from 1.13.1 to 1.13.8
• #1249: Bump minimatch
• #1243: Bump markdown-it from 14.1.0 to 14.1.1
• #1244: Bump qs from 6.14.1 to 6.14.2
• #1239: Bump @​isaacs/brace-expansion from 5.0.0 to 5.0.1
• #1238: Bump lodash from 4.17.21 to 4.17.23

• #1234: Bump qs from 6.11.0 to 6.14.1
• #1233: Return non-zero exit code when signature verification fails
• #1232: Audit npm package
• #1228: Bump jws

This list of changes was auto generated.

v3.7.2-13

Changes:

• #1258: fix: run npm audit fix

This list of changes was auto generated.

v3.7.2-12

Changes:

• #1255: Bump brace-expansion

This list of changes was auto generated.

v3.7.2-11

Changes:

• #1253: Bump picomatch from 2.3.1 to 2.3.2

This list of changes was auto generated.

... (truncated)

Commits

• cbdd401 fix: run npm audit fix to update package-lock.json (#1258)
• 13c5fa8 Merge pull request #1255 from microsoft/dependabot/npm_and_yarn/multi-580a7c2f10
• c6f98dc Bump brace-expansion
• 01da009 Bump picomatch from 2.3.1 to 2.3.2 (#1253)
• bb899fa Merge pull request #1252 from microsoft/dependabot/npm_and_yarn/yauzl-3.2.1
• 3f4fa96 Bump yauzl from 2.10.0 to 3.2.1
• 72f3196 Merge pull request #1250 from microsoft/dependabot/npm_and_yarn/underscore-1....
• c651312 Bump underscore from 1.13.1 to 1.13.8
• 82cd05b Merge pull request #1249 from microsoft/dependabot/npm_and_yarn/multi-3189fdc835
• f8e9271 Bump minimatch
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions