chore(deps-dev): Bump the production-dependencies group with 5 updates

[dependabot]

Bumps the production-dependencies group with 5 updates:

Package	From	To
@biomejs/biome	2.3.12	2.3.13
@commitlint/cli	20.3.1	20.4.0
@commitlint/config-conventional	20.3.1	20.4.0
playwright	1.58.0	1.58.1
turbo	2.7.6	2.8.1

Updates @biomejs/biome from 2.3.12 to 2.3.13

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.13

2.3.13

Patch Changes

• #8815 f924f23 Thanks @​dyc3! - Improved useVueValidVOn to be more closely aligned with the source rule. It will now properly allow modifiers for all possible keyboard events. It should have better performance when there are no violations of the rule as well.

  Now treated valid:

  <div @keydown.arrow-down="handler"></div>
  <div @keydown.a="handler"></div>
  <div @keydown.b="handler"></div>
  <div @keydown.27="foo"></div>

• #8856 85f81f9 Thanks @​dyc3! - Fixed #8710: Biome now parses Vue dynamic slot shorthand arguments that use template literals in [].

• #8850 2a190e0 Thanks @​dyc3! - Fixed #8708: Tailwind @utility directives now parse functional utility names like px-* when Tailwind directives are enabled.

• #8863 79386e0 Thanks @​dyc3! - Fixed an issue with biome migrate eslint where it couldn't detect rules for CSS, GraphQL, and HTML.

• #8771 6f56b6e Thanks @​lghuahua! - Fix the --reporter=summary output incorrectly merging and displaying wrong issue counts for different rules. Fixes #8730

• #8714 ac3a71f Thanks @​Netail! - Added new nursery rule use-consistent-enum-value-type. This rule disallows enums from having both number and string members.

What's Changed

• fix(dx/codegen): don't insert module into biome_rule_options/src/lib.rs if it already exists by @​dyc3 in biomejs/biome#8847
• feat(js_analyze): implement useConsistentEnumValueType by @​Netail in biomejs/biome#8714
• fix(parse/html/vue): parse dynamic slot directives that contain quotes by @​dyc3 in biomejs/biome#8856
• fix(parse/css): improve parsing of @utility names by @​dyc3 in biomejs/biome#8850
• fix(cli): improve RuleName ordering and update summary snapshots close #8730 by @​lghuahua in biomejs/biome#8771
• fix(useVueValidVOn): align more with source rule, also use phf hash sets for perf by @​dyc3 in biomejs/biome#8815
• fix(migrate): fix migrate command not picking up rules for css, graphql, html by @​dyc3 in biomejs/biome#8863
• chore(deps): update dependency tombi to v0.7.23 by @​renovate[bot] in biomejs/biome#8865
• chore(deps): update pnpm to v10.28.1 by @​renovate[bot] in biomejs/biome#8866
• chore(deps): update rust crate proc-macro2 to 1.0.106 by @​renovate[bot] in biomejs/biome#8867
• chore(deps): update rust crate quote to 1.0.44 by @​renovate[bot] in biomejs/biome#8868
• fix(deps): update @​biomejs packages by @​renovate[bot] in biomejs/biome#8869
• chore(deps): update rust crate schemars to 1.2.0 by @​renovate[bot] in biomejs/biome#8875
• chore(deps): update @​biomejs packages by @​renovate[bot] in biomejs/biome#8872
• chore(deps): update github-actions by @​renovate[bot] in biomejs/biome#8873
• chore(deps): update typescript-eslint monorepo to v8.53.1 by @​renovate[bot] in biomejs/biome#8877
• fix(deps): update dependency prettier to v3.8.1 by @​renovate[bot] in biomejs/biome#8878
• chore(deps): update rust crate tokio to 1.49.0 by @​renovate[bot] in biomejs/biome#8876
• ci: release by @​github-actions[bot] in biomejs/biome#8853

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.13

Patch Changes

• #8815 f924f23 Thanks @​dyc3! - Improved useVueValidVOn to be more closely aligned with the source rule. It will now properly allow modifiers for all possible keyboard events. It should have better performance when there are no violations of the rule as well.

  Now treated valid:

  <div @keydown.arrow-down="handler"></div>
  <div @keydown.a="handler"></div>
  <div @keydown.b="handler"></div>
  <div @keydown.27="foo"></div>

• #8856 85f81f9 Thanks @​dyc3! - Fixed #8710: Biome now parses Vue dynamic slot shorthand arguments that use template literals in [].

• #8850 2a190e0 Thanks @​dyc3! - Fixed #8708: Tailwind @utility directives now parse functional utility names like px-* when Tailwind directives are enabled.

• #8863 79386e0 Thanks @​dyc3! - Fixed an issue with biome migrate eslint where it couldn't detect rules for CSS, GraphQL, and HTML.

• #8771 6f56b6e Thanks @​lghuahua! - Fix the --reporter=summary output incorrectly merging and displaying wrong issue counts for different rules. Fixes #8730

• #8714 ac3a71f Thanks @​Netail! - Added new nursery rule use-consistent-enum-value-type. This rule disallows enums from having both number and string members.

Commits

• 2c5e505 ci: release (#8853)
• ac3a71f feat(js_analyze): implement useConsistentEnumValueType (#8714)
• See full diff in compare view

Updates @commitlint/cli from 20.3.1 to 20.4.0

Release notes

Sourced from @​commitlint/cli's releases.

v20.4.0

20.4.0 (2026-01-30)

Features

• feat: upgrade conventional commit packages #4082 by @​escapedcat in conventional-changelog/commitlint#4597

Refactor

• refactor: replace lodash.uniq with simple code by @​hyperz111 in conventional-changelog/commitlint#4600
• refactor: replace lodash.isplainobject with is-plain-obj" by @​hyperz111 in conventional-changelog/commitlint#4601
• refactor(ensure): replace all lodash string methods with kasi and manual by @​hyperz111 in conventional-changelog/commitlint#4602
• refactor: replace lodash.merge with lodash.mergewith by @​hyperz111 in conventional-changelog/commitlint#4603
• refactor: remove lodash.isfunction dependency by @​escapedcat in conventional-changelog/commitlint#4604
• refactor: replace find-up with escalade by @​hyperz111 in conventional-changelog/commitlint#4605
• refactor: replace chalk with picocolors by @​escapedcat in conventional-changelog/commitlint#4599

New Contributors

• @​hyperz111 made their first contribution in conventional-changelog/commitlint#4600

Full Changelog: conventional-changelog/commitlint@v20.3.1...v20.4.0

Changelog

Sourced from @​commitlint/cli's changelog.

20.4.0 (2026-01-30)

Features

• upgrade conventional commit packages #4082 (#4597) (3aaf0a6)

Commits

• c68de5e v20.4.0
• 3aaf0a6 feat: upgrade conventional commit packages #4082 (#4597)
• 1828d6e refactor: replace lodash.merge with lodash.mergewith (#4603)
• See full diff in compare view

Updates @commitlint/config-conventional from 20.3.1 to 20.4.0

Release notes

Sourced from @​commitlint/config-conventional's releases.

v20.4.0

20.4.0 (2026-01-30)

Features

• feat: upgrade conventional commit packages #4082 by @​escapedcat in conventional-changelog/commitlint#4597

Refactor

• refactor: replace lodash.uniq with simple code by @​hyperz111 in conventional-changelog/commitlint#4600
• refactor: replace lodash.isplainobject with is-plain-obj" by @​hyperz111 in conventional-changelog/commitlint#4601
• refactor(ensure): replace all lodash string methods with kasi and manual by @​hyperz111 in conventional-changelog/commitlint#4602
• refactor: replace lodash.merge with lodash.mergewith by @​hyperz111 in conventional-changelog/commitlint#4603
• refactor: remove lodash.isfunction dependency by @​escapedcat in conventional-changelog/commitlint#4604
• refactor: replace find-up with escalade by @​hyperz111 in conventional-changelog/commitlint#4605
• refactor: replace chalk with picocolors by @​escapedcat in conventional-changelog/commitlint#4599

New Contributors

• @​hyperz111 made their first contribution in conventional-changelog/commitlint#4600

Full Changelog: conventional-changelog/commitlint@v20.3.1...v20.4.0

Changelog

Sourced from @​commitlint/config-conventional's changelog.

20.4.0 (2026-01-30)

Features

• upgrade conventional commit packages #4082 (#4597) (3aaf0a6)

Commits

• c68de5e v20.4.0
• 3aaf0a6 feat: upgrade conventional commit packages #4082 (#4597)
• See full diff in compare view

Updates playwright from 1.58.0 to 1.58.1

Release notes

Sourced from playwright's releases.

v1.58.1

Highlights

#39036 fix(msedge): fix local network permissions #39037 chore: update cft download location #38995 chore(webkit): disable frame sessions on fronzen builds

Browser Versions

• Chromium 145.0.7632.6
• Mozilla Firefox 146.0.1
• WebKit 26.0

Commits

• 97bc385 cherry-pick(#38995): chore(webkit): disable frame sessions on fronzen builds
• ad625fe chore: mark v1.58.1 (#39055)
• f07234d cherry-pick(#39036): fix(msedge): fix local network permissions (#39053)
• ab8136c cherry-pick(#39037): chore: update cft download location (#39052)
• aa6ffeb cherry-pick(#39014): docs: add 1.58 release notes for Java, Python, and C#
• See full diff in compare view

Updates turbo from 2.7.6 to 2.8.1

Release notes

Sourced from turbo's releases.

Turborepo v2.8.1

What's Changed

Docs

• docs: Release post for 2.8 by @​anthonyshew in vercel/turborepo#11559
• docs: Update oxc.mdx to include cache false by @​bestickley in vercel/turborepo#11571
• docs: Fix curl markdown Accept header syntax in 2.8 release blog by @​marko-hologram in vercel/turborepo#11580
• docs: Fix worktree command in blog post by @​anthonyshew in vercel/turborepo#11583
• docs: Rename command → subcommand by @​anthonyshew in vercel/turborepo#11584
• feat: Add requestType tracking for header-negotiated markdown by @​molebox in vercel/turborepo#11585

Changelog

• fix: Support trailing commas in microfrontends JSONC files by @​anthonyshew in vercel/turborepo#11573
• perf: Replace third-party crates with Rust std lib equivalents by @​anthonyshew in vercel/turborepo#11569
• perf: Reduce duplicate dependency versions by @​anthonyshew in vercel/turborepo#11568
• chore: Remove legacy Go/goreleaser buildcontainer directory by @​anthonyshew in vercel/turborepo#11576
• chore: Rename README.md to RULE.md in skills directory by @​anthonyshew in vercel/turborepo#11582
• fix: Validate turbo version from lockfile for all package managers by @​anthonyshew in vercel/turborepo#11587

New Contributors

• @​bestickley made their first contribution in vercel/turborepo#11571
• @​marko-hologram made their first contribution in vercel/turborepo#11580

Full Changelog: vercel/turborepo@v2.8.0...v2.8.1

Turborepo v2.8.1-canary.1

What's Changed

Docs

• docs: Update oxc.mdx to include cache false by @​bestickley in vercel/turborepo#11571

Changelog

• perf: Replace third-party crates with Rust std lib equivalents by @​anthonyshew in vercel/turborepo#11569
• perf: Reduce duplicate dependency versions by @​anthonyshew in vercel/turborepo#11568
• chore: Remove legacy Go/goreleaser buildcontainer directory by @​anthonyshew in vercel/turborepo#11576

New Contributors

• @​bestickley made their first contribution in vercel/turborepo#11571

Full Changelog: vercel/turborepo@v2.8.1-canary.0...v2.8.1-canary.1

Turborepo v2.8.1-canary.0

What's Changed

Docs

• docs: Release post for 2.8 by @​anthonyshew in vercel/turborepo#11559

Changelog

• fix: Support trailing commas in microfrontends JSONC files by @​anthonyshew in vercel/turborepo#11573

... (truncated)

Commits

• 8c76fa8 publish 2.8.1 to registry
• 2049a37 fix: Validate turbo version from lockfile for all package managers (#11587)
• b755f58 feat: Add requestType tracking for header-negotiated markdown (#11585)
• ad013de docs: Rename command → subcommand (#11584)
• 12c728f docs: Fix worktree command in blog post (#11583)
• 8879603 chore: Rename README.md to RULE.md in skills directory (#11582)
• c95a7d8 refactor: Deduplicate sccache env vars in turborepo-test.yml (#11581)
• 05b6efb refactor: Extract inline coverage transform script (#11578)
• 6ffa517 release(turborepo): 2.8.1-canary.1 (#11577)
• c11dcce docs: Fix curl markdown Accept header syntax in 2.8 release blog (#11580)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.