Bump the patch-dependencies group with 3 updates

[dependabot]

Bumps the patch-dependencies group with 3 updates: @biomejs/biome, tsdown and typedoc.

Updates @biomejs/biome from 2.3.6 to 2.3.8

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.8

2.3.8

Patch Changes

• #8188 4ca088c Thanks @​ematipico! - Fixed #7390, where Biome couldn't apply the correct configuration passed via --config-path.

  If you have multiple root configuration files, running any command with --config-path will now apply the chosen configuration file.

• #8171 79adaea Thanks @​dibashthapa! - Added the new rule noLeakedRender. This rule helps prevent potential leaks when rendering components that use binary expressions or ternaries.

  For example, the following code triggers the rule because the component would render 0:

  const Component = () => {
    const count = 0;
    return <div>{count && <span>Count: {count}</span>}</div>;
  };

• #8116 b537918 Thanks @​Netail! - Added the nursery rule noDuplicatedSpreadProps. Disallow JSX prop spreading the same identifier multiple times.

  Invalid:

  <div {...props} something="else" {...props} />

• #8256 f1e4696 Thanks @​cormacrelf! - Fixed a bug where logs were discarded (the kind from --log-level=info etc.). This is a regression introduced after an internal refactor that wasn't adequately tested.

• #8226 3f19b52 Thanks @​dyc3! - Fixed #8222: The HTML parser, with Vue directives enabled, can now parse v-slot shorthand syntax, e.g. \<template #foo>.

• #8007 182ecdc Thanks @​brandonmcconnell! - Added support for dollar-sign-prefixed filenames in the useFilenamingConvention rule.

  Biome now allows filenames starting with the dollar-sign (e.g. $postId.tsx) by default to support naming conventions used by frameworks such as TanStack Start for file-based-routing.

• #8218 91484d1 Thanks @​hirokiokada77! - Added the noMultiStr rule, which disallows creating multiline strings by escaping newlines.

  Invalid:

  const foo =
    "Line 1\n\
  Line 2";

  Valid:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.8

Patch Changes

• #8188 4ca088c Thanks @​ematipico! - Fixed #7390, where Biome couldn't apply the correct configuration passed via --config-path.

  If you have multiple root configuration files, running any command with --config-path will now apply the chosen configuration file.

• #8171 79adaea Thanks @​dibashthapa! - Added the new rule noLeakedRender. This rule helps prevent potential leaks when rendering components that use binary expressions or ternaries.

  For example, the following code triggers the rule because the component would render 0:

  const Component = () => {
    const count = 0;
    return <div>{count && <span>Count: {count}</span>}</div>;
  };

• #8116 b537918 Thanks @​Netail! - Added the nursery rule noDuplicatedSpreadProps. Disallow JSX prop spreading the same identifier multiple times.

  Invalid:

  <div {...props} something="else" {...props} />

• #8256 f1e4696 Thanks @​cormacrelf! - Fixed a bug where logs were discarded (the kind from --log-level=info etc.). This is a regression introduced after an internal refactor that wasn't adequately tested.

• #8226 3f19b52 Thanks @​dyc3! - Fixed #8222: The HTML parser, with Vue directives enabled, can now parse v-slot shorthand syntax, e.g. \<template #foo>.

• #8007 182ecdc Thanks @​brandonmcconnell! - Added support for dollar-sign-prefixed filenames in the useFilenamingConvention rule.

  Biome now allows filenames starting with the dollar-sign (e.g. $postId.tsx) by default to support naming conventions used by frameworks such as TanStack Start for file-based-routing.

• #8218 91484d1 Thanks @​hirokiokada77! - Added the noMultiStr rule, which disallows creating multiline strings by escaping newlines.

  Invalid:

  const foo =
    "Line 1\n\
  Line 2";

  Valid:

  const foo = "Line 1\nLine 2";
  const bar = `Line 1

... (truncated)

Commits

• 0a6b6fb chore: restore version and yaml how they were
• 5d15cd5 chore: revert version
• 59fa146 ci: release (#8263)
• f7e836f feat(biome_js_analyze): implement noProto rule (#8276)
• b537918 feat(js_biome_analyze): implement noDuplicatedSpreadProps (#8116)
• 91484d1 feat(biome_js_analyze): implement noMultiStr rule (#8218)
• 68c052e feat(biome_js_analyze): implement noEqualsToNull rule (#8214)
• 79adaea feat(lint): added new rule no-leaked-render from eslint-react (#8171)
• cd2edd7 feat(js_analyze): implement noTernary (#8201)
• 8e97b89 ci: release (#8161)
• Additional commits viewable in compare view

Updates tsdown from 0.16.5 to 0.16.8

Release notes

Sourced from tsdown's releases.

v0.16.8

   🚀 Features

• Upgrade rolldown to 1.0.0-beta.52  -  by @​sxzz (1ff67)
• Add enabled option to feature options  -  by @​sxzz (0b244)

Deprecation

• Deprecate attw.profile = 'esmOnly', use esm-only instead.

    View changes on GitHub

v0.16.7

   🚀 Features

• Support ci-only / local-only on addon features  -  by @​sxzz (8bbf0)

    View changes on GitHub

v0.16.6

   🚀 Features

• Upgrade rolldown to beta 51  -  by @​sxzz (f502b)

    View changes on GitHub

Commits

• 647adde chore: release v0.16.8
• b6827da refactor: improve publint & attw error message
• 0b244b0 feat: add enabled option to feature options
• d6aeeac chore: upgrade unrun
• 1ff673e feat: upgrade rolldown to 1.0.0-beta.52
• 4a38953 chore: release v0.16.7
• 54bf089 chore: upgrade deps
• 8bbf088 feat: support ci-only / local-only on addon features
• 3aee34b chore(deps): update all non-major dependencies (#614)
• ff17f96 docs: add Svelte Support (#605)
• Additional commits viewable in compare view

Updates typedoc from 0.28.14 to 0.28.15

Release notes

Sourced from typedoc's releases.

v0.28.15

Features

• The gitRevision option now accepts the special value {branch}, which indicates source links should use the current git branch for links, #3041.
• Introduced validation.invalidPath for suppressing warnings caused by referencing relative paths which do not exist when building the documentation, #3033.
• API: Introduced Logger.validationWarning for validation which occurs during conversion rather than during TypeDoc's normal validation step, #3033.

Changelog

Sourced from typedoc's changelog.

v0.28.15 (2025-11-29)

Features

• The gitRevision option now accepts the special value {branch}, which indicates source links should use the current git branch for links, #3041.
• Introduced validation.invalidPath for suppressing warnings caused by referencing relative paths which do not exist when building the documentation, #3033.
• API: Introduced Logger.validationWarning for validation which occurs during conversion rather than during TypeDoc's normal validation step, #3033.

Commits

• 6c9220e Update changelog for release
• 081712a Bump version to 0.28.15
• 8944d63 Update dprint plugins
• b0dcca6 Update dependencies
• 81fbdf3 Add {branch} option to gitRevision
• fd3344f Add validation.invalidPath
• 88cd991 Thank contributors
• 114b190 Copy type param descriptions to constructors
• 3e70b65 Merge pull request #3035 from iclanton/remove-jsx
• 9906145 Update site/tags/typescript.md
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions