[Snyk] Upgrade @biomejs/biome from 1.7.1 to 1.8.3

[ramzimalhas]

Snyk has created this PR to upgrade @biomejs/biome from 1.7.1 to 1.8.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 9 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Release notes

Package name: @biomejs/biome

• 1.8.3 - 2024-06-27
  

  CLI

  Bug fixes

  • Fix #3104 by suppressing node warnings when using biome migrate. Contributed by @ SuperchupuDev

  • Force colors to be off when using the GitHub reporter to properly create annotations in GitHub actions (#3148). Contributed by @ Sec-ant

  Parser

  Bug fixes

  • Implement CSS unicode range. Contributed by @ denbezrukov

  Formatter

  Bug fixes

  • Fix #3184 CSS formatter converts custom identifiers to lowercase. Contributed by @ denbezrukov
  • Fix #3256 constant crashes when editing css files #3256. Contributed by @ denbezrukov

  Linter

  New features

  • Add nursery/useDeprecatedReason rule. Contributed by @ vohoanglong0107.
  • Add nursery/noExportedImports. Contributed by @ Conaclos

  Bug fixes

  • useConsistentArrayType and useShorthandArrayType now ignore Array in the extends and implements clauses. Fix #3247. Contributed by @ Conaclos
  • Fixes #3066 by taking into account the dependencies declared in the package.json. Contributed by @ ematipico
  • The code action of the useArrowFunction rule now preserves a trailing comma when there is only a single type parameter in the arrow function and JSX is enabled. Fixes #3292. Contributed by @ Sec-ant

  Enhancements

  • Enhance tailwind sorting lint rule #1274 with variant support.

    Every preconfigured variant is assigned a weight that concurs on establishing the output sorting order.
    Since nesting variants on the same utility class is possible, the resulting weight is the Bitwise XOR of all the variants weight for that class.
    Dynamic variants (e.g. has-[.custom-class], group-[:checked]) are also supported and they take the weight of their base variant name the custom value attached (e.g. has-[.custom-class] takes has weight).
    Arbitrary variants (e.g. [&nth-child(2)]) don't have a weight assigned and they are placed after every known variant.
    Classes with the same amount of arbitrary variants follow lexicographical order. The class that has the highest number of nested arbitrary variants is placed last.
    Screen variants (e.g. sm:, max-md:, min-lg:) are not supported yet.

    Contributed by @ lutaok

  What's Changed

  Other changes

  • feat(workspace): adds GraphQL parsing capabilities via feature by @ ematipico in #3238
  • feat(editorconfig): expand unknown globs into known globs by @ dyc3 in #3218
  • chore(core): implement pull_diagnostics for graphql by @ ematipico in #3248
  • chore(linter): add a rule source of noUnknownProperty by @ togami2864 in #3252
  • feat: tailwind variant sorting by @ lutaok in #3208
  • test(parse/json): add test for bug where overrides erroneously override special parsing options by @ dyc3 in #3260
  • docs(analyzer): improve contributing guide for rules with multiple signals by @ minht11 in #3245
  • chore(lint): initialise biome_graphql_analyze by @ ematipico in #3276
  • chore(deps): update @ biomejs packages by @ renovate in #3266
  • docs(useNamingConvention): add examples and improve explanations by @ Conaclos in #3277
  • refactor(parse/json): change fields in JsonParserSettings to Option by @ dyc3 in #3272
  • feat(search-output-formatter): initialize search output formatter by @ BackupMiles in #3258
  • chore(grit): implement node-like compilers + fixes by @ arendjr in #3253
  • feat: enable linting for graphql by @ ematipico in #3295
  • refactor(parse/css): change fields in CssParserSettings to Option by @ dyc3 in #3273
  • refactor: add variables to format strings directly by @ hamirmahal in #3299
  • chore: update codegen to include GraphQL by @ ematipico in #3301

  New Contributors

  • @ BackupMiles made their first contribution in #3258
  • @ hamirmahal made their first contribution in #3299

  Full Changelog: cli/v1.8.2...cli/v1.8.3

• 1.8.2 - 2024-06-20
  

  CLI

  Bug fixes

  • Fix #3201 by correctly injecting the source code of the file when printing the diagnostics. Contributed by @ ematipico
  • Fix #3179 where comma separators are not correctly removed after running biome migrate and thus choke the parser. Contributed by @ Sec-ant
  • Fix #3232 by correctly using the colors set by the user. Contributed by @ ematipico

  Enhancement

  • Reword the reporter message No fixes needed to No fixes applied.

    The former message is misleading when there're still errors or warnings in the files that should be taken care of manually. For example:

    Checked 2 files in <TIME>. No fixes needed.
    Found 2 errors.
    

    The new message suits better in these cases.

    Contributed by @ Sec-ant

  Configuration

  Bug fixes

  • Don't conceal previous overrides (#3176).

    Previously, each override inherited the unset configuration of the base configuration.
    This means that setting a configuration in an override can be concealed by a subsequent override that inherits of the value from the base configuration.

    For example, in the next example, noDebugger was disabled for the index.js file.

    {
      "linter": {
        "rules": {
          "suspicious": { "noDebugger": "off" }
        }
      },
      "overrides": [
        {
          "include": ["index.js"],
          "linter": {
            "rules": {
              "suspicious": { "noDebugger": "warn" }
            }
          }
        }, {
          "include": ["index.js"],
          "linter": {
            "rules": {
              "suspicious": { "noDoubleEquals": "off" }
            }
          }
        }
      ]
    }

    The rule is now correctly enabled for the index.js file.

    Contributed by @ Conaclos

  Formatter

  Bug fixes

  • Fix #3103 by correctly resolving CSS formatter options. Contributed by @ ah-yu
  • Fix #3192 don't add an extra whitespace within :has. Contributed by @ denbezrukov

  JavaScript APIs

  Bug fixes

  • Fix a regression introduced by the release of v1.8.0

  Linter

  New features

  • Add nursery/useValidAutocomplete. Contributed by @ unvalley

  Bug fixes

  • Add nursery/noShorthandPropertyOverrides. #2958 Contributed by @ neokidev

  • Fix [#3084] false positive by correctly recognize parenthesized return statement. Contributed by @ unvalley

  • useImportExtensions now suggests a correct fix for import '.' and import './.'. Contributed by @ minht11

  • Fix useDateNow false positive when new Date object has arguments new Date(0).getTime(). Contributed by @ minht11.

  • The noUnmatchableAnbSelector rule is now able to catch unmatchable an+b selectors like 0n+0 or -0n+0. Contributed by @ Sec-ant.

  • The useHookAtTopLevel rule now recognizes properties named as hooks like foo.useFoo(). Contributed by @ ksnyder9801

  • Fix #3092, prevent warning for Custom properties (--*). Contributed by @ chansuke

  • Fix a false positive in the useLiteralKeys rule. (#3160)

    This rule now ignores the following kind of computed member name:

    const a = {
      [`line1
      line2`]: true,
    };

    Contributed by @ Sec-ant

  • The noUnknownProperty rule now ignores the composes property often used in css modules. #3000 Contributed by @ chansuke

  • Fix false positives of the useExhaustiveDependencies rule.

    The component itself is considered stable when it is used recursively inside a hook closure defined inside of it:

    import { useMemo } from "react";

    function MyRecursiveComponent() {
    // MyRecursiveComponent is stable, we don't need to add it to the dependencies list.
    const children = useMemo(() => <MyRecursiveComponent />, []);
    return <div>{children}</div>;
    }

    Also, export default function and export default class are considered stable now because they can only appear at the top level of a module.

    Contributed by @ Sec-ant

  • Fix missing withDefaults macro in vue files for globals variables. Contributed by @ Shyam-Chen

  Parser

  Bug fixes

  • Fix CSS modules settings mapping. Contributed by @ denbezrukov

  What's Changed

  Other changes

  • chore(ci): improve rules_check task by @ Sec-ant in #3165
  • chore: change js code blocks containing JSX elements to jsx by @ Sec-ant in #3168
  • feat(biome_js_analyzer): noSubstr by @ chansuke in #3125
  • chore(deps): update rust crate tokio to 1.38.0 by @ renovate in #3146
  • chore(grit): implement Grit snippet bindings by @ arendjr in #3162
  • chore(deps): update @ biomejs packages by @ renovate in #3145
  • feat(analyzer): useSortedKeys for JSON objects by @ ematipico in #2412
  • docs(useImportType): add docs about TypeScript settings by @ Conaclos in #3171
  • docs(noUndeclaredDependencies,useImportExtensions): add note about LSP configs by @ Conaclos in #3173
  • docs(no_undeclared_dependencies): follow up fix of #3173 by @ Sec-ant in #3175
  • chore(ci): try enable --compact flag for pkg.pr.new by @ Sec-ant in #3180
  • chore(ci): remove --compact flag by @ Sec-ant in #3181
  • fix(formatter): escape double quotes when printing formatter IR by @ dyc3 in #3036
  • fix: remove unnecessary example by @ lanker in #3185
  • chore: move maintainers to past maintainers by @ ematipico in #3189
  • chore: removes old files by @ ematipico in #3188
  • chore: move Sec-ant to core contributor by @ Sec-ant in #3190
  • chore: add minht11 to the maintainers team by @ minht11 in #3191
  • chore: add chansuke to maintainers list by @ chansuke in #3206
  • chore: rust 1.79.0 by @ ematipico in #3222
  • chore(deps): update github-actions by @ renovate in #3225
  • chore(deps): update @ biomejs packages by @ renovate in #3224
  • chore(grit): improve snippet compiler by @ arendjr in #3223
  • refactor(analyzer): use enumflags2 by @ ematipico in #3230
  • feat(biome_css_analyzer): implement function-linear-gradient-no-nonstandard-direction by @ mdm317 in #2911
  • chore(deps): update dependency eslint to v9.5.0 by @ renovate in #3227
  • fix(deps): update rust crates by @ renovate in #3226

  New Contributors

  • @ ksnyder9801 made their first contribution in #3140
  • @ lanker made their first contribution in #3185
  • @ aldahick made their first contribution in #3239

  Full Changelog: cli/v1.8.1...cli/v1.8.2

• 1.8.1 - 2024-06-10
  

  CLI

  Bug fixes

  • Fix #3069, prevent overwriting paths when using --staged or --changed options. Contributed by @ unvalley
  • Fix a case where the file link inside a diagnostic wasn't correctly displayed inside a terminal run by VSCode. Contributed by @ uncenter

  Configuration

  Bug fixes

  • Fix #3067, by assigning the correct default value to indentWidth. Contributed by @ ematipico

  Formatter

  Bug fixes

  • Fix the bug where whitespace after the & character in CSS nesting was incorrectly trimmed, ensuring proper targeting of child classes #3061. Contributed by @ denbezrukov
  • Fix #3068 where the CSS formatter was inadvertently converting variable declarations and function calls to lowercase. Contributed by @ denbezrukov
  • Fix the formatting of CSS grid layout properties. Contributed by @ denbezrukov

  Linter

  Bug fixes

  • The noEmptyBlock css lint rule now treats empty blocks containing comments as valid ones. Contributed by @ Sec-ant

  • useLiteralKeys no longer reports quoted member names (#3085).

    Previously useLiteralKeys reported quoted member names that can be unquoted.
    For example, the rule suggested the following fix:

    - const x = { "prop": 0 };
    + const x = { prop: 0 };

    This conflicted with the option quoteProperties of our formatter.

    The rule now ignores quoted member names.

    Contributed by @ Conaclos

  • noEmptyInterface now ignores empty interfaces in ambient modules (#3110). Contributed by @ Conaclos

  • noUnusedVariables and noUnusedFunctionParameters no longer report the parameters of a constructor type (#3135).

    Previously, arg was reported as unused in a constructor type like:

    export type Classlike = new (arg: unknown) => string;

    Contributed by @ Conaclos

  • noStringCaseMismatch now ignores escape sequences (#3134).

    The following code is no longer reported by the rule:

    s.toUpperCase() === "\u001b";

    Contributed by @ Conaclos

  Parser

  New features

  • Implemented CSS Unknown At-Rule parsing, allowing the parser to gracefully handle unsupported or unrecognized CSS at-rules. Contributed by @ denbezrukov

  Bug fixes

  • Fix #3055 CSS: Layout using named grid lines is now correctly parsed. Contributed by @ denbezrukov
  • Fix #3091. Allows the parser to handle nested style rules and at-rules properly, enhancing the parser's compatibility with the CSS Nesting Module. Contributed by

[height]

Link Height tasks by mentioning a task ID in the pull request title or commit messages, or description and comments with the keyword link (e.g. "Link T-123").

💡Tip: You can also use "Close T-X" to automatically close a task when the pull request is merged.

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[elessar-for-github]

Changes made by this pull request:

package-lock.json
Changed the version of the "@biomejs/biome" package from "1.7.1" to "^1.8.3" and updated the versions of the "@biomejs/cli" packages to "1.8.3" as well. It also added the license information for the "@biomejs/biome" and "@biomejs/cli" packages.

package.json
Updated the version of "@biomejs/biome" from "1.7.1" to "1.8.3" in the dependencies section of the package.json file.