fix(deps): update all dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@biomejs/biome (source)	^2.4.2 → ^2.4.15			devDependencies	patch
@changesets/changelog-github (source)	^0.5.2 → ^0.7.0			devDependencies	minor
@changesets/cli (source)	^2.29.8 → ^2.31.0			devDependencies	minor
@effect/cli (source)	^0.73.2 → ^0.75.1			dependencies	minor
@effect/cluster (source)	^0.56.4 → ^0.58.2			dependencies	minor
@effect/experimental (source)	^0.58.0 → ^0.60.0			dependencies	minor
@effect/platform (source)	^0.94.5 → ^0.96.1			dependencies	minor
@effect/platform-node (source)	^0.104.1 → ^0.106.0			dependencies	minor
@effect/printer (source)	^0.47.0 → ^0.49.0			dependencies	minor
@effect/printer-ansi (source)	^0.47.0 → ^0.49.0			dependencies	minor
@effect/rpc (source)	^0.73.2 → ^0.75.1			dependencies	minor
@effect/sql (source)	^0.49.0 → ^0.51.1			dependencies	minor
@effect/typeclass (source)	^0.38.0 → ^0.40.0			dependencies	minor
@effect/vitest (source)	^0.27.0 → ^0.29.0			devDependencies	minor
@effect/workflow (source)	^0.16.0 → ^0.18.1			dependencies	minor
@eslint-community/eslint-plugin-eslint-comments	^4.6.0 → ^4.7.1			devDependencies	minor
@eslint/compat (source)	2.0.2 → 2.1.0			devDependencies	minor
@eslint/eslintrc	3.3.3 → 3.3.5			devDependencies	patch
@​prover-coder-ai/eslint-plugin-suggest-members	^0.0.25 → ^0.0.26			devDependencies	patch
@types/node (source)	^25.3.0 → ^25.8.0			devDependencies	minor
@typescript-eslint/eslint-plugin (source)	^8.56.0 → ^8.59.3			devDependencies	minor
@typescript-eslint/parser (source)	^8.56.0 → ^8.59.3			devDependencies	minor
@typescript-eslint/rule-tester (source)	8.56.0 → 8.59.3			devDependencies	minor
@typescript-eslint/utils (source)	8.56.0 → 8.59.3			dependencies	minor
@vitest/coverage-v8 (source)	^4.0.18 → ^4.1.6			devDependencies	minor
@vitest/eslint-plugin	^1.6.9 → ^1.6.17			devDependencies	patch
effect (source)	^3.19.18 → ^3.21.2			dependencies	minor
eslint (source)	^10.0.0 → ^10.3.0			peerDependencies	minor
eslint (source)	^10.0.0 → ^10.3.0			devDependencies	minor
eslint-doc-generator	^3.1.0 → ^3.3.2			devDependencies	minor
eslint-plugin-eslint-plugin	^7.3.1 → ^7.3.3			devDependencies	patch
eslint-plugin-simple-import-sort	^12.1.1 → ^13.0.0			devDependencies	major
eslint-plugin-sonarjs (source)	^4.0.0 → ^4.0.3			devDependencies	patch
eslint-plugin-unicorn	^63.0.0 → ^64.0.0			devDependencies	major
globals	^17.3.0 → ^17.6.0			devDependencies	minor
jscpd	^4.0.8 → ^4.2.0			devDependencies	minor
node	24.13.1 → 24.15.0			uses-with	minor
pnpm (source)	10.30.0 → 11.1.2			packageManager	major
pnpm/action-setup	v4 → v6			action	major
pnpm/action-setup	v3 → v6			action	major
ts-morph	^27.0.2 → ^28.0.0			dependencies	major
typescript (source)	^5.9.3 → ^6.0.3			peerDependencies	major
typescript (source)	^5.9.3 → ^6.0.3			devDependencies	major
typescript-eslint (source)	^8.56.0 → ^8.59.3			devDependencies	minor
vite (source)	^7.3.1 → ^8.0.13			devDependencies	major
vitest (source)	^4.0.18 → ^4.1.6			devDependencies	minor

cc @skulidropek

---

Release Notes

biomejs/biome (@​biomejs/biome)

v2.4.15

Compare Source

Patch Changes

• #​9394 ba3480e Thanks @​dyc3! - Added the nursery rule useTestHooksInOrder in the test domain. The rule enforces that Jest/Vitest lifecycle hooks (beforeAll, beforeEach, afterEach, afterAll) are declared in the order they execute, making test setup and teardown easier to reason about.

• #​10254 e0a54cc Thanks @​dyc3! - Added a new nursery rule useVueNextTickPromise, which enforces Promise syntax when using Vue nextTick.

  For example, the following snippet triggers the rule:

  import { nextTick } from "vue";
  
  nextTick(() => {
    updateDom();
  });

• #​10219 64aee45 Thanks @​dyc3! - Added a new nursery rule noVueVOnNumberValues, that disallows deprecated number modifiers on Vue v-on directives.

  For example, the following snippet triggers the rule:

  <input @&#8203;keyup.13="submit" />

• #​10195 7b8d4e1 Thanks @​dyc3! - Added the new nursery rule useVueValidVFor, which validates Vue v-for directives and reports invalid aliases, missing component keys, and keys that do not use iteration variables.

• #​10238 1110256 Thanks @​dyc3! - Added the recommended nursery rule noVueImportCompilerMacros, which disallows importing Vue compiler macros such as defineProps from vue because they are automatically available.

• #​10201 1a08f89 Thanks @​realknove! - Fixed #​10193: style/useReadonlyClassProperties no longer reports class properties as readonly-able when they are assigned inside arrow callbacks nested in class property initializers.

• #​9574 3bd2b6a Thanks @​Conaclos! - Fixed #​9530. The diagnostics of organizeImports are now more detailed and more precise. They are also better at localizing where the issue is.

• #​10205 a704a6c Thanks @​Conaclos! - Fixed #​10185. `organizeImports now errors when it encounters an unknown predefined group.

  The following configuration is now reported as invalid because :INEXISTENT: is an unknown predefined group.

  {
    "assist": {
      "actions": {
        "source": {
          "organizeImports": { "options": { "groups": [":INEXISTENT:"] } }
        }
      }
    }
  }

• #​10052 b565bed Thanks @​minseong0324! - Improved noMisleadingReturnType: it now flags union annotations whose extra variants are never returned, and suggests the narrower type (e.g. string | null → string).

  These functions are now reported because null and number are included in the return annotations but never returned:

  function getUser(): string | null {
    return "hello";
  } // null is never returned
  function getCode(): string | number {
    return "hello";
  } // number is never returned

• #​10213 ac30057 Thanks @​dyc3! - Fixed #​9450: HTML and Vue element formatting now preserves child line breaks when an element contains another element child on its own line, instead of collapsing the child element onto the same line.

• #​10275 9ee6c03 Thanks @​solithcy! - Fixed #​10274: Svelte templates with missing expressions no longer parsed as HtmlBogusElement

• #​10143 56798a7 Thanks @​minseong0324! - noMisleadingReturnType now detects misleading return type annotations when object literal properties are initialized with as const.

  This function is now reported because the return annotation widens a property initialized with as const:

  function f(): { value: string } {
    return { value: "text" as const };
  }

• #​10143 56798a7 Thanks @​minseong0324! - noUselessTypeConversion now detects redundant conversions on object literal properties initialized with as const.

  This conversion is now reported because message.value is inferred as a string literal:

  const message = { value: "text" as const };
  String(message.value);

• #​9807 0ae5840 Thanks @​dyc3! - Added the new nursery rule useThisInClassMethods, based on ESLint's class-methods-use-this.

  The rule now reports instance methods, getters, setters, and function-valued instance fields that do not use this, and biome migrate eslint preserves the supported ignoreMethods, ignoreOverrideMethods, and ignoreClassesWithImplements options.

  Invalid:

  class Foo {
    bar() {
      // does not use `this`, invalid
      console.log("Hello Biome");
    }
  }

• #​10258 e7b18f7 Thanks @​ematipico! - Improved linter performance by narrowing the query nodes for several lint rules, reducing how often they are evaluated.

• #​10273 04e22a1 Thanks @​dyc3! - Fixed #​10271: The HTML parser now correctly parses of as text content when in text contexts.

• #​9838 83f7385 Thanks @​dyc3! - Added the nursery rule noBaseToString, which reports stringification sites that fall back to Object's default "[object Object]" formatting. The rule also supports the ignoredTypeNames option.

• #​10143 56798a7 Thanks @​minseong0324! - useExhaustiveSwitchCases now checks switch statements over object literal properties initialized with as const.

  This switch is now reported because status.kind is inferred as the string literal "ready" but no case handles it:

  const status = { kind: "ready" as const };
  switch (status.kind) {
  }

• #​10143 56798a7 Thanks @​minseong0324! - useStringStartsEndsWith now detects string index comparisons on object literal properties initialized with as const.

  This comparison is now reported because message.value is inferred as a string literal:

  const message = { value: "hello" as const };
  message.value[0] === "h";

v2.4.14

Compare Source

Patch Changes

• #​9393 491b171 Thanks @​dyc3! - Added the nursery rule useTestHooksOnTop in the test domain. The rule flags lifecycle hooks (beforeEach, beforeAll, afterEach, afterAll) that appear after test cases in the same block, enforcing that hooks are defined before any test case.

• #​10157 eefc5ab Thanks @​dyc3! - Fixed #​7882: The HTML parser will now emit better diagnostics when it encounters a void element with a closing tag, such as <br></br>. Previously, the parser would emit multiple diagnostics with conflicting advice. Now it emits a single diagnostic that clearly states that void elements should not have closing tags.

• #​10054 0e9f569 Thanks @​minseong0324! - noMisleadingReturnType no longer misses widening from concrete object types, class instances, object literals, tuples, functions, and regular expressions to : object.

  A function annotated : object returning an object literal:

  function f(): object {
    return { retry: true };
  }

• #​10116 53269eb Thanks @​jiwon79! - Fixed #​6201: noUselessEscapeInRegex no longer flags an escaped backslash followed by - as a useless escape. Patterns like /[\\-]/ are now considered valid because the second \ is the escaped backslash, not an unnecessary escape of the trailing dash.

• #​10092 33d8543 Thanks @​Conaclos! - Fixed #​9097: organizeImports no longer adds a blank line between a never-matched group and a matched group.

  Given the following organizeImports options:

  {
    "groups": [":NODE:", ":BLANK_LINE:", ":PACKAGE:", ":BLANK_LINE:", ":PATH:"]
  }

  The following code...

  // Comment
  import "package";
  import "./file.js";

  ...was organized as:

  +
    // Comment
    import "package";
  +
    import "./file.js";

  A blank line was added even though the group ':NODE:' doesn't match any imports here.
  :BLANK_LINE: between never-matched groups and matched groups are now ignored.
  The code is now organized as:

    // Comment
    import "package";
  +
    import "./file.js";

• #​10138 a10b6c1 Thanks @​dyc3! - Fixed Vue v-for handling for noUndeclaredVariables and noUnusedVariables. Biome now recognizes variables declared by v-for directives and references to iterated values in Vue templates.

• #​10115 d428d76 Thanks @​minseong0324! - noMisleadingReturnType no longer reports false positives when a union return type's boolean variant is covered by both true and false returns.

• #​9922 7acf1e0 Thanks @​dyc3! - Added the new nursery rule noReactStringRefs, which disallows legacy React string refs such as ref="hello" and this.refs.hello.

  Biome also reports template-literal refs such as ref={`hello`}, so React code can consistently migrate to callback refs, createRef(), or useRef().

• #​10010 f3e76ab Thanks @​dyc3! - Fixed a bug in the LSP file watcher registration so Biome now watches .biome.json and .biome.jsonc configuration files and reloads workspace settings when they change.

• #​10176 8a40ef8 Thanks @​dyc3! - Fixed #​10011: The noThisInStatic rule no longer reports this when it is used as the constructor target in new this(...), which is required for inherited static factory methods.

• #​10163 6867e96 Thanks @​jiwon79! - Fixed #​9884: The useSortedAttributes auto-fix no longer corrupts source code when both an outer JSX element and a nested JSX-valued attribute have unsorted attributes in the same pass. Multiple unsorted groups separated by spread or shorthand attributes within the same JSX element are now reported as a single diagnostic.

• #​10079 d29dd19 Thanks @​Damix48! - Fixed false positive in noAssignInExpressions for Svelte {@​const} blocks. Assignments in {@​const name = value} are now correctly recognized as declarations rather than accidental assignments in expressions.

• #​10080 5d8fdac Thanks @​Damix48! - Fixed parsing of closing parentheses in Svelte {#each} block key expressions. Biome now correctly parses method calls and other parenthesised expressions used as keys.

  For example, the following snippets are now parsed correctly:

  {#each numbers as number, index (number.toString())}
    <p>{number}</p>
  {/each}
  
  {#each numbers as number (key(number))}
    <p>{number}</p>
  {/each}

• #​10140 e7024b9 Thanks @​solithcy! - Fixed #​10135: Biome no longer crashes on missing Svelte template expressions.

  The following code snippet longer panics:

  {#if }
   <p>^ this would previously crash</p>
  {/if}
  {@&#8203;const }
  <p>    ^ this would also crash</p>

• #​10111 7818009 Thanks @​jiwon79! - Fixed #​9997: noDuplicateSelectors no longer reports false positives for selectors inside @scope queries. Biome now treats @scope as a separate at-rule context, like @media, @supports, @container, and @starting-style.

  The following snippet is no longer flagged as a duplicate:

  .Example {
    padding: 0;
  }
  
  @​scope (.theme-dark) {
    .Example {
      color: white;
    }
  }

• #​9926 d62b331 Thanks @​dyc3! - Added the nursery lint rule useMathMinMax, which prefers Math.min() and Math.max() over equivalent ternary comparisons.

  For example, this code:

  const min = a < b ? a : b;

  is much more readable when rewritten as:

  const min = Math.min(a, b);

• #​10115 d428d76 Thanks @​minseong0324! - useExhaustiveSwitchCases now flags missing true/false cases for boolean discriminants, including when boolean is a union variant.

• #​10125 a55a0b6 Thanks @​bmish! - Fixed a resolver bug where packages that define a typed entry point through package.json's main field but omit types were ignored during type-aware resolution. Type-aware rules such as noFloatingPromises can now inspect imports from those packages.

• #​10117 895e809 Thanks @​denizdogan! - Added support for the corner-shape family of CSS properties and the superellipse()/squircle() value functions, so noUnknownProperty and noUnknownFunction no longer flag them as unknown.

  New known properties: corner-shape, corner-block-end-shape, corner-block-start-shape, corner-bottom-left-shape, corner-bottom-right-shape, corner-bottom-shape, corner-end-end-shape, corner-end-start-shape, corner-inline-end-shape, corner-inline-start-shape, corner-left-shape, corner-right-shape, corner-start-end-shape, corner-start-start-shape, corner-top-left-shape, corner-top-right-shape, corner-top-shape.

  New known value functions: superellipse(), squircle().

• #​8620 8df8f73 Thanks @​dyc3! - Fixed #​8062: Added support for parsing Vue v-for directives more accurately.

• #​10191 aa055cd Thanks @​guney! - Now the rule noStaticElementInteractions doesn't trigger custom elements.

• #​9757 2c62594 Thanks @​dyc3! - Fixed #​9099: the HTML formatter collapsing non-text children (inline elements, Svelte expressions, comments) onto a single line when the source had them on separate lines. Biome now preserves the user's intended line breaks for exclusively non-text children.

  For example, the following Svelte snippet is now preserved instead of being collapsed to <div>{name}<!-- comment --></div>:

  <div>
    {name}<!-- comment -->
  </div>

  Similarly, HTML elements like <span> inside a <div> are now preserved when written on their own line:

  <div>
    <span>text</span>
  </div>

• #​10105 e7c1a6d Thanks @​jiwon79! - Fixed #​10039: useReadonlyClassProperties now detects unreassigned private members in class expressions and export default classes, not only in class declarations.

  The following patterns are now correctly flagged:

  const AnonClass = class {
    #prop = 123;
    constructor() {
      console.log(this.#prop);
    }
  };
  
  export default class {
    #prop = 123;
    constructor() {
      console.log(this.#prop);
    }
  }

• #​10141 46a77d0 Thanks @​minseong0324! - Improved noUnnecessaryConditions to detect conditions that are always truthy because they check built-in global class instances such as Date, Map, Set, WeakMap, and Error.

• #​10178 7b05a89 Thanks @​dyc3! - Fixed #​10177: The HTML parser no longer reports lowercase html or doctype text as invalid after void elements such as <br>.

• #​10155 0d4595d Thanks @​jiwon79! - Fixed #​10045: the CSS formatter no longer compounds indentation inside nested functional pseudo-classes such as :not(:where(...)), :is(:where(...)), and similar combinations. The same fix also removes one level of unnecessary indentation that was added inside any pseudo-class function whose argument list wrapped onto multiple lines, including :nth-child(... of ...), ::part(...), and :active-view-transition-type(...).
  The following snippet is now correctly formatted, matching Prettier.

  input:not(
    :where(
      [type="submit"],
      [type="checkbox"],
      [type="radio"],
      [type="button"],
      [type="reset"]
    )
  ) {
    inline-size: 100%;
  }

• #​10112 6f0251e Thanks @​dyc3! - Fixed #​10110: Biome's parser now accepts surrogate code points in JavaScript string \u{...} escapes.

• #​10141 46a77d0 Thanks @​minseong0324! - Improved noMisleadingReturnType to detect object return annotations that hide built-in global class instances such as Date, Map, Set, WeakMap, and Error.

• #​10083 4a664c1 Thanks @​ematipico! - Added two new options to noShadow, both defaulting to true to match typescript-eslint's behavior.

  Fixed #​9482: Added ignoreFunctionTypeParameterNameValueShadow option. When enabled, parameter names inside function type annotations (e.g. (options: unknown) => void) are not flagged as shadowing outer variables.

  Fixed #​7812: Added ignoreTypeValueShadow option. When enabled, a value binding that shares its name with a type-only declaration (type alias or interface) is not flagged, since types and values occupy separate namespaces in TypeScript.

• #​9286 52695cf Thanks @​Hugo-Polloli! - Fixed #​6316: Biome now resolves Svelte $store references to the underlying store binding in semantic analysis, preventing false noUndeclaredVariables diagnostics when the store is declared.

• #​10188 ae659dd Thanks @​dyc3! - Added a new nursery rule noExcessiveNestedCallbacks, which disallows callbacks nested deeper than the configured maximum.

• #​9757 2c62594 Thanks @​dyc3! - Fixed #​9450: the HTML formatter now correctly preserves multiline formatting for nested <template> elements (e.g. <template #body>) when the source has children on separate lines. Previously, the children were collapsed onto a single line.

   <template>
     <UModal>
  -    <template #body> <p>content</p> </template>
  +    <template #body>
  +      <p>content</p>
  +    </template>
     </UModal>
   </template>

• #​10118 c6edcb4 Thanks @​Netail! - Fixed #​10024: biome migrate eslint correctly migrates eslint rules that belong to multiple Biome rules.

v2.4.13

Compare Source

Patch Changes

• #​9969 c5eb92b Thanks @​officialasishkumar! - Added the nursery rule noUnnecessaryTemplateExpression, which disallows template literals that only contain string literal expressions. These can be replaced with a simpler string literal.

  For example, the following code triggers the rule:

  const a = `${"hello"}`; // can be 'hello'
  const b = `${"prefix"}_suffix`; // can be 'prefix_suffix'
  const c = `${"a"}${"b"}`; // can be 'ab'

• #​10037 f785e8c Thanks @​minseong0324! - Fixed #​9810: noMisleadingReturnType no longer reports false positives on a getter with a matching setter in the same namespace.

  class Store {
    get status(): string {
      if (Math.random() > 0.5) return "loading";
      return "idle";
    }
    set status(v: string) {}
  }

• #​10084 5e2f90c Thanks @​jiwon79! - Fixed #​10034: noUselessEscapeInRegex no longer flags escapes of ClassSetReservedPunctuator characters (&, !, #, %, ,, :, ;, <, =, >, @, `, ~) inside v-flag character classes as useless. These characters are reserved as individual code points in v-mode, so the escape is required.

  The following pattern is now considered valid:

  /[a-z\&]/v;

• #​10063 c9ffa16 Thanks @​Netail! - Added extra rule sources from ESLint CSS. biome migrate eslint should do a bit better detecting rules in your eslint configurations.

• #​10035 946b50e Thanks @​Netail! - Fixed #​10032: useIframeSandbox now flags if there's no initializer value.

• #​9865 68fb8d4 Thanks @​dyc3! - Added the new nursery rule useDomNodeTextContent, which prefers textContent over innerText for DOM node text access and destructuring.

  For example, the following snippet triggers the rule:

  const foo = node.innerText;

• #​10023 bd1e74f Thanks @​ematipico! - Added a new nursery rule noReactNativeDeepImports that disallows deep imports from the react-native package. Internal paths like react-native/Libraries/... are not part of the public API and may change between versions.

  For example, the following code triggers the rule:

  import View from "react-native/Libraries/Components/View/View";

• #​9885 3dce737 Thanks @​dyc3! - Added a new nursery rule [useDomQuerySelector]

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Upgraded workspace package manager to pnpm 11.1.2
  • Bumped various dependencies and dev tooling across packages (eslint, TypeScript, Vitest, Effect ecosystem, etc.)
  • Updated CI workflows and action tooling, including Node.js to 24.15.0 and pnpm setup
  • Raised peer dependency ranges for TypeScript and ESLint compatibility

Walkthrough

This PR upgrades pnpm from 10.30.0 to 11.1.2 across workspace and package manifests, bumps pnpm action setup to v6 in GitHub workflows, updates Node.js to 24.15.0, and refreshes Changesets and Effect ecosystem packages plus associated dev tooling throughout the codebase.

Changes

Dependency Version Upgrades

Layer / File(s)	Summary
GitHub Actions toolchain setup .github/actions/setup/action.yml, .github/workflows/checking-dependencies.yml	pnpm/action-setup upgraded to v6 across the shared setup action and dependency-check workflow, with Node.js runtime version bumped to 24.15.0.
Workspace pnpm and Changesets package.json	Root package.json updates pnpm to 11.1.2 and upgrades @changesets/changelog-github and @changesets/cli devDependencies to newer version ranges.
App package ecosystem and tooling packages/app/package.json	pnpm updated to 11.1.2, Effect packages and ts-morph bumped in dependencies, and extensive devDependency upgrades applied to Biome, eslint plugins, TypeScript tooling, and Vitest/Vite frameworks.
ESLint template dependencies and peer constraints packages/eslint-template/package.json	Effect packages and ts-morph versions incremented in dependencies, dev tooling upgraded across multiple ecosystems, and peer dependency floors raised to eslint ^10.3.0 and typescript ^6.0.3.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related issues

• Dependency Dashboard context-doc#5: Matches Renovate-style updates for pnpm, pnpm/action-setup, Changesets, and Effect packages.
• Dependency Dashboard eslint-plugin-suggest-members#2: Makes identical pnpm/action-setup and package manifest version bumps.
• Dependency Dashboard effect-template#10: Contains the same pnpm/action-setup and pnpm/package.json upgrades from Renovate.
• Dependency Dashboard dist-deps-prune#2: Shares the Renovate dependency bump pattern for pnpm, Changesets, and Effect packages.
• Dependency Dashboard component-tagger#2: Includes matching pnpm/action-setup and pnpm version bumps across workflows and manifests.
• Dependency Dashboard openapi-effect#1: Applies similar pnpm/action-setup and package dependency upgrades.
• Dependency Dashboard #6: Mirrors these pnpm/action-setup and package manifest upgrades in the same workspace.

Poem

🐰 Versions hop, dependencies climb,
Pnpm springs from ten to eleven,
Tooling nudged in tidy time,
Lint and tests refreshed and leaven,
A rabbit cheers — dependency heaven!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change: a broad dependency update across the project. It is concise, specific enough, and directly related to the changeset.
Description check	✅ Passed	The description is related to the changeset. It provides a Renovate-generated table of package updates and release notes, clearly documenting which dependencies were updated and why.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/all

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/eslint-template/package.json`:
- Around line 55-56: Update the peer dependency range for TypeScript in
package.json so it aligns with the official `@typescript-eslint/parser` support
matrix: change the "typescript" peer dependency value (in
packages/eslint-template/package.json) to ">=4.8.4, <6.1.0" so TypeScript 5.x is
allowed and 6.1.0+ is excluded.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 7c81982e-6e8b-4579-99d6-c29e8ff2024f

📥 Commits

Reviewing files that changed from the base of the PR and between 659d5f6 and 2511306.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (5)

• .github/actions/setup/action.yml
• .github/workflows/checking-dependencies.yml
• package.json
• packages/app/package.json
• packages/eslint-template/package.json

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

What TypeScript versions are officially supported by @typescript-eslint/parser 8.59.3 (and the typescript-eslint 8.59.3 toolchain)?

💡 Result:

@typescript-eslint/parser 8.59.3 (and the typescript-eslint 8.59.3 toolchain) officially supports TypeScript in the version range >=4.8.4 and <6.1.0 (i.e., TypeScript 4.8.x through 6.0.x, but not 6.1+). [1][2][3] Notes: - typescript-eslint publishes the same version number across packages to coordinate releases, so the 8.59.3 toolchain refers to the 8.59.3 versions of related packages like the parser and typescript-estree. [4] - If you use a non-supported TypeScript version, the parser logs a warning (configurable via parserOptions). [3]

Citations:

• 1: https://npmx.dev/package/@typescript-eslint/parser/v/%5E8.59.0
• 2: https://typescript-eslint.io/users/dependency-versions/
• 3: https://github.com/typescript-eslint/typescript-eslint/blob/57f032c2e6a822c049177713778d0077ee138d9a/README.md
• 4: https://dev.to/jtorchia/typescript-70-beta-i-ran-it-against-my-real-codebase-heres-what-changed-and-what-didnt-1mba

---

Peer dependency range is incompatible with official TypeScript-ESLint support matrix.

Line 56 restricts peers to TypeScript 6.0.x, but @typescript-eslint/parser 8.59.3 officially supports TypeScript >=4.8.4 and <6.1.0. The current range excludes TypeScript 5.x (which is supported) and inadvertently allows 6.1.0+ (which is not supported). Use "typescript": ">=4.8.4, <6.1.0" to align with the official support matrix.

Suggested fix

-    "typescript": "^6.0.3"
+    "typescript": ">=4.8.4, <6.1.0"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"eslint": "^10.3.0",
	"typescript": "^6.0.3"
	"eslint": "^10.3.0",
	"typescript": ">=4.8.4, <6.1.0"

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/eslint-template/package.json` around lines 55 - 56, Update the peer
dependency range for TypeScript in package.json so it aligns with the official
`@typescript-eslint/parser` support matrix: change the "typescript" peer
dependency value (in packages/eslint-template/package.json) to ">=4.8.4, <6.1.0"
so TypeScript 5.x is allowed and 6.1.0+ is excluded.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

packages/eslint-template/package.json (1)

55-56: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Peer dependency range is incompatible with official TypeScript-ESLint support matrix.

The typescript peer dependency "^6.0.3" excludes TypeScript 5.x (which is still officially supported by @typescript-eslint/parser 8.59.3) and allows TypeScript 6.1.0+ (which is not supported). This will prevent users on TypeScript 5.x from installing this package even though the underlying tooling supports it.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/eslint-template/package.json` around lines 55 - 56, The peer
dependency for TypeScript in package.json is too restrictive (currently
"typescript": "^6.0.3"); update the peerDependencies entry for "typescript" to
allow supported TS 5.x but exclude unsupported 6.1.0+ (for example change it to
a range like ">=5 <6.1.0") so users on TypeScript 5.x can install while
preventing incompatible 6.1+ versions; update the "typescript" peer dependency
value accordingly in package.json.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/eslint-template/package.json`:
- Line 17: The package bump to ts-morph@28.0.0 and vite@8.0.13 can surface
TypeScript 6.0-related defaults that break ESLint rule behavior and SSR builds;
run full test builds and SSR (dev/prod) for packages/eslint-template and any
projects using vite.config.ts, verify ESLint rule outputs (rules that use
ts-morph/TypeScript APIs), and confirm the repo's TypeScript version
(tsconfig.json / devDependencies) is pinned or adjusted; if problems appear,
either pin ts-morph/vite or explicitly set TypeScript compiler options in
tsconfig.json (e.g., strict, module, target, moduleResolution, types) to
previous values, and update vite.config.ts to address any
rollupOptions/esbuildOptions compatibility issues per the Vite 8 migration
guide.

---

Duplicate comments:
In `@packages/eslint-template/package.json`:
- Around line 55-56: The peer dependency for TypeScript in package.json is too
restrictive (currently "typescript": "^6.0.3"); update the peerDependencies
entry for "typescript" to allow supported TS 5.x but exclude unsupported 6.1.0+
(for example change it to a range like ">=5 <6.1.0") so users on TypeScript 5.x
can install while preventing incompatible 6.1+ versions; update the "typescript"
peer dependency value accordingly in package.json.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 5479e2ca-56cc-425c-93e8-fc91f82246f2

📥 Commits

Reviewing files that changed from the base of the PR and between 2511306 and 1380ae9.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (5)

• .github/actions/setup/action.yml
• .github/workflows/checking-dependencies.yml
• package.json
• packages/app/package.json
• packages/eslint-template/package.json

✅ Files skipped from review due to trivial changes (3)

• .github/actions/setup/action.yml
• .github/workflows/checking-dependencies.yml
• package.json

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/app/package.json

[coderabbitai]

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Search for ts-morph and vite API usage to assess breaking change impact

echo "=== Checking ts-morph usage patterns ==="
rg -n --type ts --type js -C 3 "from ['\"]ts-morph['\"]" || echo "No ts-morph imports found"
rg -n --type ts --type js -C 3 "require\(['\"]ts-morph['\"]" || echo "No ts-morph requires found"

echo -e "\n=== Checking vite usage patterns ==="
rg -n --type ts --type js -C 3 "from ['\"]vite['\"]" || echo "No vite imports found"
rg -n --type ts --type js -C 3 "require\(['\"]vite['\"]" || echo "No vite requires found"

echo -e "\n=== Checking for vite config files ==="
fd -e js -e ts -e mjs "vite.config" --exec cat {}

Repository: ProverCoderAI/effect-eslint-template

Length of output: 2436

---

🌐 Web query:

What are the breaking changes in ts-morph version 28.0.0 compared to version 27.x?

💡 Result:

The primary breaking change in ts-morph version 28.0.0 compared to 27.x is the upgrade to TypeScript 6.0 support, which introduces breaking changes stemming from TypeScript 6.0's own breaking compiler option defaults and API changes.[1][2] The release notes explicitly mark this as "feat(BREAKING): TypeScript 6.0 by @dsherret in #1669" and warn: "Note there are some breaking changes due to TypeScript 6.0. Read more here: https://devblogs.microsoft.com/typescript/announcing-typescript-6-0/"[1][2] No other explicit breaking changes unique to ts-morph (beyond the TS 6.0 integration) are listed in the available sources. Other changes include: - feat: standalone printStructure function by @dsherret in #1670[2] - fix: InvalidOperationError in addTypeArgument by @jfirebaugh in #1663[2] TypeScript 6.0 itself has several breaking defaults that may indirectly affect ts-morph usage, such as strict: true, module: esnext, target: es2025, moduleResolution: bundler, types: [] (no auto @types inclusion), changed rootDir inference, and more.[3][4][5] Since ts-morph wraps the TypeScript Compiler API, code relying on previous TS behaviors or ts-morph methods affected by the new TS version may break. The official release page (likely https://github.com/dsherret/ts-morph/releases/tag/28.0.0) should be consulted for full details, as snippets confirm its existence but detailed content is not fully extracted here.[1][6] No dedicated migration guide was found.

Citations:

• 1: https://github.com/dsherret/ts-morph/releases
• 2: fix(deps): update dependency ts-morph to v28 nestjs/nest#16771
• 3: https://truesolvers.com/articles/typescript-60-breaking-changes-what-breaks-and-what-already-helps
• 4: https://medium.com/@alexandre.mokni/the-typescript-6-0-migration-recipe-upgrading-without-breaking-your-app-417b8b58805f
• 5: https://thinkingthroughcode.medium.com/typescript-6-0-will-break-your-build-fix-it-first-7666eec2335a
• 6: https://www.npmjs.com/package/ts-morph?activeTab=versions

---

🌐 Web query:

What are the breaking changes in Vite version 8 compared to version 7?

💡 Result:

The main breaking changes in Vite 8 compared to Vite 7, as detailed in the official migration guide and changelog, revolve around the replacement of esbuild and Rollup with Rolldown and Oxc tools, along with some specific removals and config updates. Vite 8 was released on 2026-03-12 [1][2][3]. Key breaking changes: 1. Bundler replacement: Vite 8 integrates Rolldown (replacing Rollup/esbuild for building and optimization) and Oxc (for JS transforms and minification). A compatibility layer auto-converts existing esbuild/rollupOptions to Rolldown/Oxc equivalents, so many configs work unchanged [1][4][5]. However: - optimizeDeps.esbuildOptions is deprecated; migrate to optimizeDeps.rolldownOptions [4][5]. - esbuild config is deprecated; migrate to oxc [4][5]. - Plugins using transformWithEsbuild must install esbuild as devDep and migrate to transformWithOxc [4][5]. - build.rollupOptions and build.esbuildOptions are deprecated in favor of rolldownOptions equivalents (details in migration guide) [4]. 2. Default browser target updated (NRV - New Rolldown Vite): build.target 'baseline-widely-available' now targets newer browsers: Chrome/Edge 111 (from 107), Firefox 114 (from 104), Safari 16.4 (from 16.0) [6][7]. 3. Removed import.meta.hot.accept resolution fallback for URLs (must pass IDs instead) [8][2][3][7]. 4. Rolldown-vite merge: Internal integration of the experimental rolldown-vite package [8][2][3]. 5. Node.js requirement: Vite 8 requires Node 20.19+, 22.12+ (same as Vite 7, but ESM-only distribution) [1]. 6. Increased install size: ~15MB larger due to lightningcss (~10MB) and Rolldown (~5MB) [1]. 7. Deprecated features planned for removal (post-8.x): Various like this.environment in hooks, but opt-in via future flags [9]. Some like chunk emit options may change [6]. For smooth migration: - Use rolldown-vite on Vite 7 first as a gradual step [1][4]. - Review vite.config for deprecated options. - Test dev/build/SSR thoroughly, especially plugins [4][10]. Full details in official Migration Guide (https://vite.dev/guide/migration) [4] and Changelog (https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) [3].

Citations:

• 1: https://vite.dev/blog/announcing-vite8
• 2: https://github.com/vitejs/vite/blob/8e05b61d/packages/vite/CHANGELOG.md
• 3: https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md
• 4: https://vite.dev/guide/migration
• 5: https://vitejs.dev/guide/migration.html
• 6: vitejs/vite@v8.0.0-beta.5...v8.0.0-beta.6
• 7: https://main.vite.dev/guide/migration
• 8: https://github.com/vitejs/vite/blob/v8.0.0-beta.8/packages/vite/CHANGELOG.md
• 9: https://vite.dev/changes/
• 10: https://itacademy.com.ua/en/articles/2026-03-17/vite8-migration-playbook-2026-03-17

---

Test build and SSR processes after major version updates; verify TypeScript 6.0 compatibility for ESLint rules.

This PR includes major version bumps to ts-morph (27.x → 28.0.0) and vite (7.x → 8.0.13), both with documented breaking changes:

• ts-morph 28.0.0: Primary breaking change is TypeScript 6.0 support integration. TS 6.0 introduces breaking compiler option defaults (strict: true, module: esnext, target: es2025, moduleResolution: bundler, types: []) that could affect ESLint rule behavior since ts-morph wraps the TypeScript Compiler API.

• vite 8.0.13: Major bundler replacement (Rolldown+Oxc replacing Rollup+esbuild), but includes a compatibility layer that auto-converts existing rollupOptions and esbuildOptions. The current vite.config.ts files use compatible APIs, but the build and SSR processes should be tested.

The codebase does not directly import ts-morph, reducing direct risk. However, verify that the ESLint rules and build/SSR outputs work correctly with these versions. Refer to the Vite 8 migration guide and ts-morph 28.0.0 release notes for detailed compatibility information.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/eslint-template/package.json` at line 17, The package bump to
ts-morph@28.0.0 and vite@8.0.13 can surface TypeScript 6.0-related defaults that
break ESLint rule behavior and SSR builds; run full test builds and SSR
(dev/prod) for packages/eslint-template and any projects using vite.config.ts,
verify ESLint rule outputs (rules that use ts-morph/TypeScript APIs), and
confirm the repo's TypeScript version (tsconfig.json / devDependencies) is
pinned or adjusted; if problems appear, either pin ts-morph/vite or explicitly
set TypeScript compiler options in tsconfig.json (e.g., strict, module, target,
moduleResolution, types) to previous values, and update vite.config.ts to
address any rollupOptions/esbuildOptions compatibility issues per the Vite 8
migration guide.