chore(deps): bump @biomejs/biome from 2.4.10 to 2.4.11 in the linting group

[dependabot]

Bumps the linting group with 1 update: @biomejs/biome.

Updates @biomejs/biome from 2.4.10 to 2.4.11

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.4.11

2.4.11

Patch Changes

• #9350 4af4a3a Thanks @​dyc3! - Added the new nursery rule useConsistentTestIt in the test domain. The rule enforces consistent use of either it or test for test functions in Jest/Vitest suites, with separate control for top-level tests and tests inside describe blocks.

  Invalid:

  test("should fly", () => {}); // Top-level test using 'test' flagged, convert to 'it'
  describe("pig", () => {
  test("should fly", () => {}); // Test inside 'describe' using 'test' flagged, convert to 'it'
  });

• #9429 a2f3f7e Thanks @​ematipico! - Added the new nursery lint rule useExplicitReturnType. It reports TypeScript functions and methods that omit an explicit return type.

  function toString(x: any) {
    // rule triggered, it doesn't declare a return type
    return x.toString();
  }

• #9828 9e40844 Thanks @​ematipico! - Fixed #9484: the formatter no longer panics when formatting files that contain graphql tagged template literals combined with parenthesized expressions.

• #9886 e7c681e Thanks @​ematipico! - Fixed an issue where, occasionally, some bindings and references were not properly tracked, causing false positives from noUnusedVariables and noUndeclaredVariables in Svelte, Vue, and Astro files.

• #9760 5b16d18 Thanks @​myx0m0p! - Fixed #4093: the noDelete rule no longer triggers for delete process.env.FOO, since delete is the documented way to remove environment variables in Node.js.

• #9799 2af8efd Thanks @​minseong0324! - Added the rule noMisleadingReturnType. The rule detects when a function's return type annotation is wider than what the implementation actually returns.

  // Flagged: `: string` is wider than `"loading" | "idle"`
  function getStatus(b: boolean): string {
    if (b) return "loading";
    return "idle";
  }

• #9880 7f67749 Thanks @​dyc3! - Improved the diagnostics for useFind to better explain the problem, why it matters, and how to fix it.

• #9755 bff7bdb Thanks @​ematipico! - Improved performance of fix-all operations (--write). Biome is now smarter when it runs lint rules and assist actions. First, it runs only rules that have code fixes, and then runs the rest of the rules.

• #8651 aafca2d Thanks @​siketyan! - Add a new lint rule useDisposables for JavaScript, which detects disposable objects assigned to variables without using or await using syntax. Disposable objects that implement the Disposable or AsyncDisposable interface are intended to be disposed of after use. Not disposing them can lead to resource or memory leaks, depending on the implementation.

  Invalid:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.4.11

Patch Changes

• #9350 4af4a3a Thanks @​dyc3! - Added the new nursery rule useConsistentTestIt in the test domain. The rule enforces consistent use of either it or test for test functions in Jest/Vitest suites, with separate control for top-level tests and tests inside describe blocks.

  Invalid:

  test("should fly", () => {}); // Top-level test using 'test' flagged, convert to 'it'
  describe("pig", () => {
  test("should fly", () => {}); // Test inside 'describe' using 'test' flagged, convert to 'it'
  });

• #9429 a2f3f7e Thanks @​ematipico! - Added the new nursery lint rule useExplicitReturnType. It reports TypeScript functions and methods that omit an explicit return type.

  function toString(x: any) {
    // rule triggered, it doesn't declare a return type
    return x.toString();
  }

• #9828 9e40844 Thanks @​ematipico! - Fixed #9484: the formatter no longer panics when formatting files that contain graphql tagged template literals combined with parenthesized expressions.

• #9886 e7c681e Thanks @​ematipico! - Fixed an issue where, occasionally, some bindings and references were not properly tracked, causing false positives from noUnusedVariables and noUndeclaredVariables in Svelte, Vue, and Astro files.

• #9760 5b16d18 Thanks @​myx0m0p! - Fixed #4093: the noDelete rule no longer triggers for delete process.env.FOO, since delete is the documented way to remove environment variables in Node.js.

• #9799 2af8efd Thanks @​minseong0324! - Added the rule noMisleadingReturnType. The rule detects when a function's return type annotation is wider than what the implementation actually returns.

  // Flagged: `: string` is wider than `"loading" | "idle"`
  function getStatus(b: boolean): string {
    if (b) return "loading";
    return "idle";
  }

• #9880 7f67749 Thanks @​dyc3! - Improved the diagnostics for useFind to better explain the problem, why it matters, and how to fix it.

• #9755 bff7bdb Thanks @​ematipico! - Improved performance of fix-all operations (--write). Biome is now smarter when it runs lint rules and assist actions. First, it runs only rules that have code fixes, and then runs the rest of the rules.

• #8651 aafca2d Thanks @​siketyan! - Add a new lint rule useDisposables for JavaScript, which detects disposable objects assigned to variables without using or await using syntax. Disposable objects that implement the Disposable or AsyncDisposable interface are intended to be disposed of after use. Not disposing them can lead to resource or memory leaks, depending on the implementation.

  Invalid:

... (truncated)

Commits

• a2933bf ci: release (#9733)
• e8cad58 feat(js_analyze): implement useQwikLoaderLocation (#9809)
• 2af8efd feat(lint): add nursery rule noMisleadingReturnType (#9799)
• a2f3f7e feat(lint): rule useExplicitReturnType (#9429)
• aafca2d feat(js/lint): implement rule useDisposables (#8651)
• 49f00a3 feat(lint): add ternary expression detection to useNullishCoalescing (#9248)
• 4af4a3a feat(lint/js): add useConsistentTestIt (#9350)
• 1417c3b feat(lint/js): add noUselessTypeConversion (#9701)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[github-actions]

✔️ Bundle Size Analysis

Metric	Value
Base	2836.86 KB
PR	2836.86 KB
Diff	0 KB (0%)

Bundle breakdown

140K	dist/auth
80K	dist/automation
4.0K	dist/cli.d.ts
4.0K	dist/cli.d.ts.map
24K	dist/cli.js
16K	dist/cli.js.map
740K	dist/commands
28K	dist/config
4.0K	dist/index.d.ts
4.0K	dist/index.d.ts.map
4.0K	dist/index.js
4.0K	dist/index.js.map
916K	dist/integrations
100K	dist/llm
1.3M	dist/loop
188K	dist/mcp
60K	dist/presets
92K	dist/setup
40K	dist/skills
428K	dist/sources
76K	dist/ui
144K	dist/utils
336K	dist/wizard

[claude]

LGTM — straightforward patch-version lockfile bump for a dev-only linting tool.

Extended reasoning...

Overview

This PR updates @biomejs/biome from 2.4.10 to 2.4.11 in pnpm-lock.yaml. The only file changed is the lockfile; no application source code is touched. The version specifier in package.json (^2.3.13) already allows this update, so the lockfile change is a mechanical consequence of running pnpm update.

Security risks

None. Biome is a dev-only linting/formatting tool that never runs in production. The update is a patch release with bug fixes (false-positive suppression, formatter panic fix) and new nursery lint rules — no security-sensitive changes.

Level of scrutiny

Minimal scrutiny warranted. Patch bumps of dev tooling with no source changes are among the lowest-risk PRs possible. The Dependabot compatibility score badge is present, and no bugs were flagged by the automated review system.

Other factors

No prior reviews from me on this PR. No outstanding comments to resolve. The change is purely additive/corrective on the linting tool side and has zero blast radius on runtime behavior.