fix(deps): update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@biomejs/biome (source)	2.3.11 → 2.3.12
@biomejs/wasm-nodejs (source)	^2.3.11 → ^2.3.12
@cloudflare/workers-types	^4.20260118.0 → ^4.20260124.0
@mantine/core (source)	^8.3.12 → ^8.3.13
@mantine/hooks (source)	^8.3.12 → ^8.3.13
@prisma/client (source)	^7.2.0 → ^7.3.0
@sentry/react (source)	^10.34.0 → ^10.36.0
@sentry/solid (source)	^10.34.0 → ^10.36.0
@sentry/vite-plugin (source)	^4.6.2 → ^4.7.0
@sentry/vue (source)	^10.34.0 → ^10.36.0
@types/aws-lambda (source)	^8.10.159 → ^8.10.160
@types/react (source)	^19.2.8 → ^19.2.9
@typescript-eslint/parser (source)	^8.53.0 → ^8.53.1
@typescript-eslint/utils (source)	^8.53.0 → ^8.53.1
@universal-middleware/core	^0.4.15 → ^0.4.16
aws-cdk (source)	^2.1101.0 → ^2.1103.0
aws-cdk-lib (source)	^2.235.0 → ^2.236.0
browserless (source)	^10.9.15 → ^10.9.17
cdk (source)	^2.1101.0 → ^2.1103.0
citty	^0.1.6 → ^0.2.0
espree (source)	^11.0.0 → ^11.1.0
globals	^17.0.0 → ^17.1.0
hono (source)	^4.11.4 → ^4.11.5
knip (source)	^5.82.0 → ^5.82.1
lucide-react (source)	^0.562.0 → ^0.563.0
oxlint (source)	^1.39.0 → ^1.41.0
oxlint-tsgolint	^0.11.1 → ^0.11.2
prettier (source)	^3.8.0 → ^3.8.1
prisma (source)	^7.2.0 → ^7.3.0
puppeteer (source)	^24.35.0 → ^24.36.0
solid-js (source)	^1.9.10 → ^1.9.11
turbo (source)	2.7.5 → 2.7.6
turbo (source)	^2.7.5 → ^2.7.6
typescript-eslint (source)	^8.53.0 → ^8.53.1
vike-react	^0.6.18 → ^0.6.19
vike-solid	^0.7.19 → ^0.7.20
vike-vue	^0.9.9 → ^0.9.10
vitest (source)	^4.0.17 → ^4.0.18
wrangler (source)	^4.59.2 → ^4.60.0

---

Release Notes

biomejs/biome (@​biomejs/biome)

v2.3.12

Compare Source

Patch Changes

• #​8653 047576d Thanks @​dyc3! - Added new nursery rule noDuplicateAttributes to forbid duplicate attributes in HTML elements.

• #​8648 96d09f4 Thanks @​BaeSeokJae! - Added a new nursery rule noVueOptionsApi.

  Biome now reports Vue Options API usage, which is incompatible with Vue 3.6's Vapor Mode.
  This rule detects Options API patterns in <script> blocks, defineComponent(), and createApp() calls,
  helping prepare codebases for Vapor Mode adoption.

  For example, the following now triggers this rule:

  <script>
  export default {
    data() {
      return { count: 0 };
    },
  };
  </script>

• #​8832 b08270b Thanks @​Exudev! - Fixed #​8809, #​7985, and #​8136: the noSecrets rule no longer reports false positives on common CamelCase identifiers like paddingBottom, backgroundColor, unhandledRejection, uncaughtException, and IngestGatewayLogGroup.

  The entropy calculation algorithm now uses "average run length" to distinguish between legitimate CamelCase patterns (which have longer runs of same-case letters) and suspicious alternating case patterns (which have short runs).

• #​8793 c19fb0e Thanks @​TheBaconWizard! - Properly handle parameters metavariables for arrow_function GritQL queries. The following biome search command no longer throws an error:

  biome search 'arrow_function(parameters=$parameters, body=$body)'

• #​8561 981affb Thanks @​wataryooou! - Fixed noUnusedVariables to ignore type parameters declared in ambient contexts such as declare module blocks.

• #​8817 652cfbb Thanks @​dyc3! - Fixed #​8765: The HTML parser can now parse directive modifiers with a single colon, e.g. @keydown.:.

• #​8704 a1914d4 Thanks @​Netail! - Added the nursery rule noRootType.
  Disallow the usage of specified root types. (e.g. mutation and/or subscription)

  Invalid:

  {
    "options": {
      "disallow": ["mutation"]
    }
  }

  type Mutation {
    SetMessage(message: String): String
  }

• #​8712 251b47b Thanks @​Netail! - Renamed the following GraphQL nursery rules to match the Biome standard:

  • useUniqueArgumentNames -> noDuplicateArgumentNames
  • useUniqueFieldDefinitionNames -> noDuplicateFieldDefinitionNames
  • useUniqueGraphqlOperationName -> noDuplicateGraphqlOperationName
  • useUniqueInputFieldNames -> noDuplicateInputFieldNames
  • useUniqueVariableNames -> noDuplicateVariableNames

  Run the biome migrate --write command to automatically update the configuration file.

• #​7602 957cd8e Thanks @​kedevked! - Added the nursery lint rule useErrorCause.

  This rule enforces that errors caught in a catch clause are not rethrown without wrapping them in a new Error object and specifying the original error as the cause. This helps preserve the error’s stack trace and context for better debugging.

  It can be configured with the following option:

  • requireCatchParameter: (default: true)
    • When true, the rule requires that catch clauses have a parameter. If a throw statement appears inside a catch clause without a parameter, it will be flagged.

  Invalid examples:

  try {
    foo();
  } catch {
    throw new Error("fail");
  }

  try {
    foo();
  } catch (err) {
    throw new Error(err.message);
  }

  Valid examples:

  try {
    foo();
  } catch (err) {
    throw new Error("fail", { cause: err });
  }

  try {
    foo();
  } catch (error) {
    throw new Error("Something went wrong", { cause: error });
  }

  Valid example when requireCatchParameter is false:

  Valid:

  try {
    foo();
  } catch {
    throw new Error("fail");
  }

• #​8725 95aba98 Thanks @​dyc3! - Fixed #​8715: The CSS parser will now recover slightly better if a semicolon is missing from Tailwind's @apply at-rule.

• #​8616 4ee3bda Thanks @​Netail! - Added the nursery rule useLoneAnonymousOperation. Disallow anonymous operations when more than one operation specified in document.

  Invalid:

  query {
    fieldA
  }
  
  query B {
    fieldB
  }

• #​8624 291c9f2 Thanks @​taga3s! - Added the nursery rule useInlineScriptId to the Next.js domain.
  This rule enforces id attribute on next/script components with inline content or dangerouslySetInnerHTML.

  The following code is invalid:

  import Script from "next/script";
  
  export default function Page() {
    return (
      <Script>{`console.log('Hello');`}</Script> // must have `id` attribute
    );
  }

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​3512:
  useExhaustiveDependencies now properly handles nested destructuring patterns
  from hook results.

  const [[x, y], setXY] = useState([1, 2]);
  useEffect(() => {
    console.log(x, y);
  }, [x, y]); // x and y are now correctly recognized as unstable

• #​8757 17ed9d3 Thanks @​Netail! - Added the nursery rule noDivRegex. Disallow equal signs explicitly at the beginning of regular expressions.

  Invalid:

  var f = function () {
    return /=foo/;
  };

• #​8836 aab1d17 Thanks @​dyc3! - Fixed #​7858: Biome now parses Astro files with empty frontmatter blocks.

• #​8755 3a15c29 Thanks @​arturalkaim! - Fixed #​6670. The $filename metavariable can now be used in GritQL where clauses to filter matches by filename.

• #​8821 63e68a1 Thanks @​playhardgopro! - Fixed several bugs in Vue conditional rules (useVueValidVIf, useVueValidVElse, and useVueValidVElseIf) related to whitespace handling, newlines, and self-closing tags.

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​3685:
  useExhaustiveDependencies now properly handles transparent expression
  wrappers like non-null assertions and type assertions in dependency comparisons.

  useMemo(() => Boolean(myObj!.x), [myObj!.x]); // No longer reports incorrect diagnostics
  useMemo(() => myObj!.x?.y === true, [myObj!.x?.y]); // Now correctly matches dependencies

• #​8597 f764007 Thanks @​Netail! - Added the nursery rule noDuplicateEnumValueNames. Enforce unique enum value names.

  Invalid:

  enum A {
    TEST
    TesT
  }

• #​8679 33dfd7c Thanks @​ematipico! - Fixed #​8678. Now Biome correctly parses components inside Vue, Svelte and Astro files when they have the same name of self-closing elements.

• #​8617 31a9bfe Thanks @​Netail! - Added the nursery rule useLoneExecutableDefinition. Require queries, mutations, subscriptions or fragments to be located in separate files.

  Invalid:

  query Foo {
    id
  }
  
  fragment Bar on Baz {
    id
  }

• #​8697 8519669 Thanks @​Faizanq! - Added the nursery lint rule noExcessiveLinesPerFile to CSS and GraphQL.

• #​8711 365f7aa Thanks @​Netail! - Added new nursery rule noDuplicateEnumValues, which disallows defining an enum with multiple members initialized to the same value.

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​5914:
  useExhaustiveDependencies now properly handles variables declared in the same
  statement.

  const varA = Math.random(),
    varB = useMemo(() => varA, [varA]); // varA is now correctly recognized as needed

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​8427:
  useExhaustiveDependencies now properly resolves variable references to detect
  captured dependencies.

  const fe = fetchEntity;
  useEffect(() => {
    fe(id);
  }, [id, fe]); // fe is now correctly detected as needed

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​8484:
  useExhaustiveDependencies now properly handles member access on stable hook
  results.

  const stableObj = useStable();
  useMemo(() => {
    return stableObj.stableValue; // stableObj.stableValue is now correctly recognized as stable
  }, []);

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​7982:
  useExhaustiveDependencies now properly handles callback expressions with type
  assertions.

  const callback = useCallback(
    (() => {
      return count * 2;
    }) as Function,
    [count], // count is now correctly detected
  );

• #​8766 39eb545 Thanks @​Netail! - Fixed #​8761: Reverted wrapping the URL of rule descriptions with <>, causing broken URLs in VSCode.

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​3080:
  useExhaustiveDependencies now properly analyzes captures within referenced
  functions passed to hooks.

  function myEffect() {
    console.log(foo, bar);
  }
  useEffect(myEffect, [foo, bar]); // foo and bar are now correctly detected

• #​8740 4962ed0 Thanks @​Netail! - Extra rule source references. biome migrate eslint should do a bit better detecting rules in your eslint configurations.

• #​8776 395746f Thanks @​codiini! - Fixed #​6003: noUselessUndefinedInitialization no longer reports exported variables initialized to undefined. In Svelte 4, this pattern is used to declare optional component props.

• #​8767 0d15370 Thanks @​mdevils! - Fixed #​4248:
  useExhaustiveDependencies now correctly handles function props passed as
  callbacks.

  const data = React.useMemo(getData, [getData]); // getData is now correctly recognized as needed

• #​8819 bc191ff Thanks @​Netail! - Fixed #​6567:
  noUnknownProperty now ignores unknown properties in at-rules which support descriptors.

• #​8787 adb652f Thanks @​tuyuritio! - Fixed #​8777: Add support for :active-view-transition pseudo-class.

• #​8639 6577e32 Thanks @​ohnoah! - Added the nursery lint rule noExcessiveLinesPerFile.
  Biome now reports files that exceed a configurable line limit.

  // maxLines: 2
  const a = 1;
  const b = 2;
  const c = 3;

• #​8753 71b5c6e Thanks @​Netail! - Added the nursery rule noExcessiveClassesPerFile. Enforce a maximum number of classes per file.

  Invalid:

  class Foo {}
  class Bar {}

• #​8754 d6b2bda Thanks @​Netail! - Added the nursery rule noFloatingClasses. Disallow new operators outside of assignments or comparisons.

  Invalid:

  new Date();

biomejs/biome (@​biomejs/wasm-nodejs)

v2.3.12

Compare Source

cloudflare/workerd (@​cloudflare/workers-types)

v4.20260124.0

Compare Source

v4.20260123.0

Compare Source

v4.20260122.0

Compare Source

v4.20260120.0

Compare Source

mantinedev/mantine (@​mantine/core)

v8.3.13

Compare Source

What's Changed

• [@mantine/core] Add openOnFocus prop to Combobox based components (#​5893, #​8623)
• [@mantine/dates] TimePicker: Fix clearing in uncontrolled mode not updating to empty value (#​8622)
• [@mantine/core] ScrollArea: Fix Shift + wheel scroll not working correctly on Windows (#​8619)
• [@mantine/core] Add selectFirstOptionOnDropdownOpen to Combobox based components (#​8597)
• [@mantine/core] ScrollArea: Fix onBottomReached not being called when used in zoomed-in viewports (#​8616)
• [@mantine/core] Popover: Fix aria-controls attribute being set on the target element when the dropdown is not mounted (#​8595)
• [@mantine/core] RangeSlider: Fix incorrect Styles API name (#​8601)
• [@mantine/core] ScrollArea: Fix overscrollBehavior prop not working in ScrollArea.Autosize component (#​8611)

New Contributors

• @​AgentRBY made their first contribution in #​8601
• @​jonathanhuynh70 made their first contribution in #​8595
• @​robert-j-webb made their first contribution in #​8616
• @​Alan-Gomes made their first contribution in #​8597
• @​pggggggggh made their first contribution in #​8622
• @​harry-ignite made their first contribution in #​8623

Full Changelog: mantinedev/mantine@8.3.12...8.3.13

prisma/prisma (@​prisma/client)

v7.3.0

Compare Source

Today, we are excited to share the 7.3.0 stable release 🎉

🌟 Star this repo for notifications about new releases, bug fixes & features — or follow us on X!

ORM

• #​28976: Fast and Small Query Compilers
  We've been working on various performance-related bugs since the initial ORM 7.0 release. With 7.3.0, we're introducing a new compilerBuild option for the client generator block in schema.prisma with two options: fast and small. This allows you to swap the underlying Query Compiler engine based on your selection, one built for speed (with an increase in size), and one built for size (with the trade off for speed). By default, the fast mode is used, but this can be set by the user:

generator client {
  provider = "prisma-client"
  output   = "../src/generated/prisma"
  compilerBuild = "fast" // "fast" | "small"
}

We still have more in progress for performance, but this new compilerBuild option is our first step toward addressing your concerns!

• #​29005: Bypass the Query Compiler for Raw Queries
  Raw queries ($executeRaw, $queryRaw) can now skip going through the query compiler and query interpreter infrastructure. They can be sent directly to the driver adapter, removing additional overhead.

• #​28965: Update MSSQL to v12.2.0
  This community PR updates the @prisma/adapter-mssql to use MSSQL v12.2.0. Thanks Jay-Lokhande!

• #​29001: Pin better-sqlite3 version to avoid SQLite bug
  An underlying bug in SQLite 3.51.0 has affected the better-sqlite3 adapter. We’ve bumped the version that powers @prisma/better-sqlite3 and have pinned the version to prevent any unexpected issues. If you are using @prisma/better-sqlite3 , please upgrade to v7.3.0.

• #​29002: Revert @map enums to v6.19.0 behavior
  In the initial release of v7.0, we made a change with Mapped Enums where the generated enum would get its value from the value passed to the @map function. This was a breaking change from v6 that caused issues for many users. We have reverted this change for the time being, as many different diverging approaches have emerged from the community discussion.

• prisma-engines#5745: Cast BigInt to text in JSON aggregation
  When using relationJoins with BigInt fields in Prisma 7, JavaScript's JSON.parse loses precision for integers larger than Number.MAX_SAFE_INTEGER (2^53 - 1). This happens because PostgreSQL's JSONB_BUILD_OBJECT returns BigInt values as JSON numbers, which JavaScript cannot represent precisely.

  // Original BigInt ID: 312590077454712834
  // After JSON.parse: 312590077454712830 (corrupted!)
  

  This PR cast BigInt columns to ::text inside JSONB_BUILD_OBJECT calls, similar to how MONEY is already cast to ::numeric.

  -- Before
  JSONB_BUILD_OBJECT('id', "id")
  
  -- After
  JSONB_BUILD_OBJECT('id', "id"::text)
  

This ensures BigInt values are returned as JSON strings, preserving full precision when parsed in JavaScript.

Open roles at Prisma

Interested in joining Prisma? We’re growing and have several exciting opportunities across the company for developers who are passionate about building with Prisma. Explore our open positions on our [Careers page](https://www.prisma.io/careers#current) and find the role that’s right for you.

Enterprise support

Thousands of teams use Prisma and many of them already tap into our Enterprise & Agency Support Program for hands-on help with everything from schema integrations and performance tuning to security and compliance.

With this program you also get priority issue triage and bug fixes, expert scalability advice, and custom training so that your Prisma-powered apps stay rock-solid at any scale. Learn more or join: https://prisma.io/enterprise.

getsentry/sentry-javascript (@​sentry/react)

v10.36.0

Compare Source

v10.35.0

Compare Source

Important Changes

• feat(tanstackstart-react): Add sentryTanstackStart vite plugin to manage automatic source map uploads (#​18712)

  You can now configure source maps upload for TanStack Start using the sentryTanstackStart Vite plugin:

  // vite.config.ts
  import { defineConfig } from 'vite';
  import { sentryTanstackStart } from '@​sentry/tanstackstart-react';
  import { tanstackStart } from '@​tanstack/react-start/plugin/vite';
  
  export default defineConfig({
    plugins: [
      sentryTanstackStart({
        authToken: process.env.SENTRY_AUTH_TOKEN,
        org: 'your-org',
        project: 'your-project',
      }),
      tanstackStart(),
    ],
  });

Other Changes

• feat(browser): Add CDN bundle for tracing.replay.feedback.logs.metrics (#​18785)
• feat(browser): Add shim package for logs (#​18831)
• feat(cloudflare): Automatically set the release id when CF_VERSION_METADATA is enabled (#​18855)
• feat(core): Add ignored client report event drop reason (#​18815)
• feat(logs): Add Log exports to browser and node packages (#​18857)
• feat(node-core,bun): Export processSessionIntegration from node-core and add it to bun (#​18852)
• fix(core): Find the correct IP address regardless their case (#​18880)
• fix(core): Check for AI operation id to detect a vercelai span (#​18823)
• fix(ember): Use ES5 syntax in inline vendor scripts (#​18858)
• fix(fetch): Shallow-clone fetch opti

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cloudflare-workers-and-pages]

Deploying bati-website with    Cloudflare Pages

Latest commit:	d71ca45
Status:	✅  Deploy successful!
Preview URL:	https://08de8ac8.bati-website.pages.dev
Branch Preview URL:	https://renovate-all-minor-patch.bati-website.pages.dev

View logs

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.