chore(deps-dev): bump @biomejs/biome from 1.9.4 to 2.3.6

[dependabot]

Bumps @biomejs/biome from 1.9.4 to 2.3.6.

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.6

2.3.6

Patch Changes

• #8100 82b9a8e Thanks @​Netail! - Added the nursery rule useFind. Enforce the use of Array.prototype.find() over Array.prototype.filter() followed by [0] when looking for a single result.

  Invalid:

  [1, 2, 3].filter((x) => x > 1)[0];
  [1, 2, 3].filter((x) => x > 1).at(0);

• #8118 dbc7021 Thanks @​hirokiokada77! - Fixed #8117: useValidLang now accepts valid BCP 47 language tags with script subtags.

  Valid:

  <html lang="zh-Hans-CN"></html>

• #7672 f1d5725 Thanks @​Netail! - Added the nursery rule useConsistentGraphqlDescriptions, requiring all descriptions to follow the same style (either block or inline) inside GraphQL files.

  Invalid:

  enum EnumValue {
    "this is a description"
    DEFAULT
  }

  Valid:

  enum EnumValue {
    """
    this is a description
    """
    DEFAULT
  }

• #8026 f102661 Thanks @​matanshavit! - Fixed #8004: noParametersOnlyUsedInRecursion now correctly detects recursion by comparing function bindings instead of just names.

  Previously, the rule incorrectly flagged parameters when a method had the same name as an outer function but called the outer function (not itself):

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.6

Patch Changes

• #8100 82b9a8e Thanks @​Netail! - Added the nursery rule useFind. Enforce the use of Array.prototype.find() over Array.prototype.filter() followed by [0] when looking for a single result.

  Invalid:

  [1, 2, 3].filter((x) => x > 1)[0];
  [1, 2, 3].filter((x) => x > 1).at(0);

• #8118 dbc7021 Thanks @​hirokiokada77! - Fixed #8117: useValidLang now accepts valid BCP 47 language tags with script subtags.

  Valid:

  <html lang="zh-Hans-CN"></html>

• #7672 f1d5725 Thanks @​Netail! - Added the nursery rule useConsistentGraphqlDescriptions, requiring all descriptions to follow the same style (either block or inline) inside GraphQL files.

  Invalid:

  enum EnumValue {
    "this is a description"
    DEFAULT
  }

  Valid:

  enum EnumValue {
    """
    this is a description
    """
    DEFAULT
  }

• #8026 f102661 Thanks @​matanshavit! - Fixed #8004: noParametersOnlyUsedInRecursion now correctly detects recursion by comparing function bindings instead of just names.

  Previously, the rule incorrectly flagged parameters when a method had the same name as an outer function but called the outer function (not itself):

  function notRecursive(arg) {

... (truncated)

Commits

• 166d95b ci: release (#8076)
• 6976d03 chore: schema regression rule domains (#8133)
• 5fc5416 feat(lint/vue): add noVueVIfWithVFor, useVueHyphenatedAttributes (#8097)
• fb8e3e7 fix(noInvalidUseBeforeDeclaration): handle class, enum, import-equals (#8113)
• 0f0a658 feat(analyze): implement noSyncScripts (#8108)
• 82b9a8e feat(js_analyze): implement useFind (#8100)
• 1fdcaf0 feat(schema): add docs URLs to rule description (#8098)
• b406db6 feat: add useSpread rule (#7681)
• 6bcc9d2 chore: regression schemars v1 (#8092)
• 0c0edd4 feat(graphql_analyze): add useUniqueGraphqlOperationName (#8013)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​biomejs/biome since your current version.

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Labels

The following labels could not be found: dependencies, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@biomejs/biome	^2.3.6	Unknown	Unknown
npm/@biomejs/biome	2.3.6	Unknown	Unknown
npm/@biomejs/cli-darwin-arm64	2.3.6	Unknown	Unknown
npm/@biomejs/cli-darwin-x64	2.3.6	Unknown	Unknown
npm/@biomejs/cli-linux-arm64	2.3.6	Unknown	Unknown
npm/@biomejs/cli-linux-arm64-musl	2.3.6	Unknown	Unknown
npm/@biomejs/cli-linux-x64	2.3.6	Unknown	Unknown
npm/@biomejs/cli-linux-x64-musl	2.3.6	Unknown	Unknown
npm/@biomejs/cli-win32-arm64	2.3.6	Unknown	Unknown
npm/@biomejs/cli-win32-x64	2.3.6	Unknown	Unknown

Scanned Files

• package.json
• pnpm-lock.yaml