fix(deps): bump the all-minor-and-patch-updates group across 2 directories with 10 updates

[dependabot]

Bumps the all-minor-and-patch-updates group with 8 updates in the / directory:

Package	From	To
core-js	3.45.1	3.46.0
firebase	12.3.0	12.5.0
google-auth-library	10.4.0	10.5.0
react-tooltip	5.29.1	5.30.0
@biomejs/biome	2.2.4	2.3.2
@tailwindcss/postcss	4.1.13	4.1.16
@types/node	24.6.1	24.9.2
tailwindcss	4.1.13	4.1.16

Bumps the all-minor-and-patch-updates group with 3 updates in the /docs directory: @types/node, @rspress/plugin-container-syntax and rspress.

Updates core-js from 3.45.1 to 3.46.0

Changelog

Sourced from core-js's changelog.

3.46.0 - 2025.10.09

• Changes v3.45.1...v3.46.0 (116 commits)
• Map upsert stage 3 proposal:
  • Fixed a FF WeakMap.prototype.getOrInsertComputed bug with callback calling before validation a key
• Iterator chunking proposal:
  • Built-ins:
    • Iterator.prototype.chunks
    • Iterator.prototype.windows
  • Moved to stage 2.7, September 2025 TC39 meeting
  • Iterator.prototype.sliding method replaced with an extra parameter of Iterator.prototype.windows method, [tc39/proposal-iterator-chunking/#24](tc39/proposal-iterator-chunking#24), [tc39/proposal-iterator-chunking/#26](tc39/proposal-iterator-chunking#26)
• Fixed Iterator.zip and Iterator.zipKeyed behavior with mode: 'longest' option, #1469, thanks @​lionel-rowe
• Fixed work of Object.groupBy and Iterator.zipKeyed together with Symbol polyfill - some cases of symbol keys on result null-prototype object were able to leak out to for-in
• Compat data improvements:
  • Map upsert proposal features marked as shipped from FF144
  • Added Node 25.0 compat data mapping
  • Added Deno 2.5 compat data mapping
  • Updated Electron 39 compat data mapping
  • Updated Opera 121+ compat data mapping
  • Added Opera Android 92 compat data mapping
  • Added Oculus Quest Browser 40 compat data mapping

Commits

• 98d9dc4 v3.46.0
• 38420bd add homepage field to package.jsons
• a7aee4c some fixes
• 12b441d Fix Iterator.zip and Iterator.zipKeyed behavior with mode: 'longest' op...
• 15d7a7d update copyright
• 9eaa6ad Merge pull request #1451 from zloirock/iterator-chunking-stage-2-7
• 686808f clarify versions
• a21ab8d FF WeakMap.prototype.getOrInsertComputed was fixed
• 747e648 Fix object property creation for potential Symbol keys
• 6bfb3cd move Iterator chunking proposal to stage 2.7
• Additional commits viewable in compare view

Updates firebase from 12.3.0 to 12.5.0

Release notes

Sourced from firebase's releases.

firebase@12.5.0

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@​firebase/ai@​2.5.0

Minor Changes

• 22e0a1a #9291 - Deprecate sendMediaChunks() and sendMediaStream(). Instead, use the new methods added to the LiveSession class. Add sendTextRealtime(), sendAudioReatime(), and sendVideoRealtime() to the LiveSession class.

• bc5a7c4 #9330 - Add support for audio transcriptions in the Live API.

• c8263c4 #9315 - Add inferenceSource to the response from generateContent and generateContentStream. This property indicates whether on-device or in-cloud inference was used to generate the result.

Patch Changes

• 44d9891 #9314 - Fix logic for merging default onDeviceParams with user-provided onDeviceParams.

firebase@12.5.0

Minor Changes

• 22e0a1a #9291 - Deprecate sendMediaChunks() and sendMediaStream(). Instead, use the new methods added to the LiveSession class. Add sendTextRealtime(), sendAudioReatime(), and sendVideoRealtime() to the LiveSession class.

• bc5a7c4 #9330 - Add support for audio transcriptions in the Live API.

• c8263c4 #9315 - Add inferenceSource to the response from generateContent and generateContentStream. This property indicates whether on-device or in-cloud inference was used to generate the result.

Patch Changes

• 2615081 #9297 (fixes #9270) - Export MISSING_PASSWORD via AuthErrorCodes in @​firebase/auth.

• Updated dependencies [91c218d, 22e0a1a, bc5a7c4, 2615081, 44d9891, c8263c4]:

• @​firebase/auth@​1.11.1

• @​firebase/app@​0.14.5

• @​firebase/ai@​2.5.0

• @​firebase/auth-compat@​0.6.1

• @​firebase/app-compat@​0.5.5

@​firebase/app@​0.14.5

Patch Changes

• Update SDK_VERSION.

@​firebase/app-compat@​0.5.5

... (truncated)

Commits

• 1f44435 Version Packages (#9353)
• e397749 Merge main into release
• bc5a7c4 feat(ai): Add Live API transcriptions (#9330)
• 8209266 test(ai): Update mock responses to v15 (#9328)
• 22e0a1a feat(ai): Add LiveSession realtime APIs (#9291)
• 91c218d feat(auth): export beta tagged symbols to public typings (#9313)
• 44d9891 Fix logic for merging default onDeviceParams with user-provided onDeviceParam...
• c8263c4 feat(ai): make generateContent methods return inferenceSource (#9315)
• 2615081 fix(auth): export MISSING_PASSWORD in AuthErrorCodes (#9297)
• b7e18d0 Version Packages (#9300) release v12.4.0
• Additional commits viewable in compare view

Updates google-auth-library from 10.4.0 to 10.5.0

Release notes

Sourced from google-auth-library's releases.

v10.5.0

10.5.0 (2025-10-30)

Features

• Support scopes from impersonated JSON (#2170) (f50cb67)

v10.4.2

10.4.2 (2025-10-23)

Bug Fixes

• Export ExternalAccountAuthorizedUserCredential (#2166) (c128149)

v10.4.1

10.4.1 (2025-10-14)

Bug Fixes

• deps: Update dependency @​googleapis/iam to v33 (#2146) (bbee39e)
• deps: Update dependency @​googleapis/iam to v34 (#2159) (0006ae2)
• deps: Update dependency dotenv to v17 (#2150) (5b2c7c5)
• deps: Update dependency gcp-metadata to v8 (#2158) (7e547d4)
• Disable linkinator until 429 issue is fixed. (#2138) (2f54532)
• Link to customCredentialSupplierOktaWorkload (#2149) (3cdef01)

Changelog

Sourced from google-auth-library's changelog.

10.5.0 (2025-10-30)

Features

• Support scopes from impersonated JSON (#2170) (f50cb67)

10.4.2 (2025-10-23)

Bug Fixes

• Export ExternalAccountAuthorizedUserCredential (#2166) (c128149)

10.4.1 (2025-10-14)

Bug Fixes

• deps: Update dependency @​googleapis/iam to v33 (#2146) (bbee39e)
• deps: Update dependency @​googleapis/iam to v34 (#2159) (0006ae2)
• deps: Update dependency dotenv to v17 (#2150) (5b2c7c5)
• deps: Update dependency gcp-metadata to v8 (#2158) (7e547d4)
• Disable linkinator until 429 issue is fixed. (#2138) (2f54532)
• Link to customCredentialSupplierOktaWorkload (#2149) (3cdef01)

Commits

• c0ea9cd chore(main): release 10.5.0 (#2171)
• f50cb67 feat: Support scopes from impersonated JSON (#2170)
• 7846bf6 chore(main): release 10.4.2 (#2167)
• c128149 fix: export ExternalAccountAuthorizedUserCredential (#2166)
• 33fb917 docs: fix AWS security credentials supplier example (#2162)
• be41d83 chore(main): release 10.4.1 (#2148)
• 069c427 chore: update setup-node in github workflows (#2161)
• fbc6b11 Revert "feat: add console warnings for mitigating file based credential load ...
• 7e547d4 fix(deps): update dependency gcp-metadata to v8 (#2158)
• 0006ae2 fix(deps): update dependency @​googleapis/iam to v34 (#2159)
• Additional commits viewable in compare view

Updates react-tooltip from 5.29.1 to 5.30.0

Release notes

Sourced from react-tooltip's releases.

v5.30.0

If you like ReactTooltip, please give the project a star on GitHub 🌟

What's Changed

• Add aria-describedby automatically by @​chardin1 in ReactTooltip/react-tooltip#1257

New Contributors

• @​chardin1 made their first contribution in ReactTooltip/react-tooltip#1257

Full Changelog: ReactTooltip/react-tooltip@v5.29.1...v5.30.0

Commits

• f94d26e chore(version): v5.30.0
• 2672a50 feat: add aria-describedby to tooltip automatically (#1257)
• See full diff in compare view

Updates @biomejs/biome from 2.2.4 to 2.3.2

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.2

2.3.2

Patch Changes

• #7859 c600618 Thanks @​Netail! - Added the nursery rule noIncrementDecrement, disallows the usage of the unary operators ++ and --.

• #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome couldn't properly parse text expressions that contained nested curly brackets. This was breaking parsing in Astro and Svelte files.

• #7874 e617d36 Thanks @​Bertie690! - Fixed #7230: noUselessStringConcat no longer emits false positives for multi-line strings with leading + operators.

  Previously, the rule did not check for leading newlines on the + operator, emitting false positives if one occurred at the start of a line.
  Notably, formatting with operatorLinebreak="before" would move the + operators to the start of lines automatically, resulting in spurious errors whenever a multi-line string was used.

  Now, the rule correctly detects and ignores multi-line concatenations with leading operators as well, working regardless of the setting of operatorLinebreak.

  Example

  // The following code used to error if the `+` operators were at the start of lines (as opposed to the end).
  // Now, the rule correctly recognizes this as a stylistic concatenation and ignores it.
  const reallyLongStringThatShouldNotError =
    "Lorem ipsum dolor sit amet consectetur adipiscing elit." +
    "Quisque faucibus ex sapien vitae pellentesque sem placerat." +
    "In id cursus mi pretium tellus duis convallis." +
    "Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla";

• #7786 33ffcd5 Thanks @​daivinhtran! - Fixed #7601: Properly match Grit plugin's code snippet with only one child.

• #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome Language Server panicked when opening HTML-ish files when the experimental full support is enabled.

What's Changed

• fix(lint): noUselessStringConcat now correctly detects leading concatenation operators from operatorLinebreak=before by @​Bertie690 in biomejs/biome#7874
• chore(deps): update rust crate globset to 0.4.18 by @​renovate[bot] in biomejs/biome#7883
• chore(deps): update rust crate ignore to 0.4.24 by @​renovate[bot] in biomejs/biome#7884
• chore(deps): update rust crate proc-macro2 to 1.0.103 by @​renovate[bot] in biomejs/biome#7885
• chore(deps): update rust crate tikv-jemallocator to 0.6.1 by @​renovate[bot] in biomejs/biome#7886
• fix(lint): extend matcher for GritCodeSnippet to cover edge case by @​daivinhtran in biomejs/biome#7786
• feat(js): update Boa to v0.21.0 by @​Gumichocopengin8 in biomejs/biome#7888
• chore(deps): update dependency eslint to v9.38.0 by @​renovate[bot] in biomejs/biome#7890
• chore(deps): update rust crate indexmap to 2.12.0 by @​renovate[bot] in biomejs/biome#7891
• chore(deps): update github-actions - autoclosed by @​renovate[bot] in biomejs/biome#7892
• chore(deps): update rust crate rayon to 1.11.0 by @​renovate[bot] in biomejs/biome#7894
• chore(deps): update rust crate regex to 1.12.2 by @​renovate[bot] in biomejs/biome#7895
• chore(deps): update rust crate tokio to 1.48.0 by @​renovate[bot] in biomejs/biome#7896
• fix(core): text expression parsing and LSP file opening by @​ematipico in biomejs/biome#7901

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.2

Patch Changes

• #7859 c600618 Thanks @​Netail! - Added the nursery rule noIncrementDecrement, disallows the usage of the unary operators ++ and --.

• #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome couldn't properly parse text expressions that contained nested curly brackets. This was breaking parsing in Astro and Svelte files.

• #7874 e617d36 Thanks @​Bertie690! - Fixed #7230: noUselessStringConcat no longer emits false positives for multi-line strings with leading + operators.

  Previously, the rule did not check for leading newlines on the + operator, emitting false positives if one occurred at the start of a line.
  Notably, formatting with operatorLinebreak="before" would move the + operators to the start of lines automatically, resulting in spurious errors whenever a multi-line string was used.

  Now, the rule correctly detects and ignores multi-line concatenations with leading operators as well, working regardless of the setting of operatorLinebreak.

  Example

  // The following code used to error if the `+` operators were at the start of lines (as opposed to the end).
  // Now, the rule correctly recognizes this as a stylistic concatenation and ignores it.
  const reallyLongStringThatShouldNotError =
    "Lorem ipsum dolor sit amet consectetur adipiscing elit." +
    "Quisque faucibus ex sapien vitae pellentesque sem placerat." +
    "In id cursus mi pretium tellus duis convallis." +
    "Tempus leo eu aenean sed diam urna tempor. Pulvinar vivamus fringilla";

• #7786 33ffcd5 Thanks @​daivinhtran! - Fixed #7601: Properly match Grit plugin's code snippet with only one child.

• #7901 0d17b05 Thanks @​ematipico! - Fixed #7837, where Biome Language Server panicked when opening HTML-ish files when the experimental full support is enabled.

2.3.1

Patch Changes

• #7840 72afdfa Thanks @​ematipico! - Fixed #7838, which caused the new --css-parse-* arguments not being recognised by the ci command.

• #7789 d5b416e Thanks @​fronterior! - Fixed the LSP method workspace/didChangeWorkspaceFolders to perform incremental updates instead of replacing the entire folder list.

• #7852 bd254c7 Thanks @​dyc3! - Fixed #7843: The CSS parser, when tailwindDirectives is enabled, correctly parses --*: initial;.

• #7872 0fe13fe Thanks @​dyc3! - Fixed #7861: The HTML parser will now accept Svelte attribute shorthand syntax in .svelte files.

• #7866 7b2600b Thanks @​dyc3! - Fixed #7860: The css parser, with tailwindDirectives enabled, will now accept @plugin options.

• #7853 fe90c78 Thanks @​dyc3! - Fixed #7848: The css parser with tailwindDirectives enabled will now correctly parse tailwind's source exclude syntax: @source not "foo.css";

• #7878 c9f7fe5 Thanks @​ematipico! - Fixed #7857: Biome now parses <script> tags as TypeScript when analysing .astro files.

• #7867 b42b718 Thanks @​smorimoto! - Fixed incorrect option name in HTML parser error message.

... (truncated)

Commits

• 6d95a67 ci: release (#7887)
• c600618 feat(lint): implement noIncrementDecrement (#7859)
• be79a6b ci: release (#7842)
• 53ffa8b ci: release (#7824)
• c9033de Merge remote-tracking branch 'origin/main' into next
• 59ecfb4 docs: fix typo in ignoreUnknown option description (#7829)
• fcc9b42 feat(linter): implement useVueDefineMacrosOrder (#7712)
• bc8ac2b Merge remote-tracking branch 'origin/main' into next
• cea002f feat: promote lint rules (#7758)
• 7f1742b chore: restore version
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ematipico, a new releaser for @​biomejs/biome since your current version.

Updates @tailwindcss/postcss from 4.1.13 to 4.1.16

Release notes

Sourced from @​tailwindcss/postcss's releases.

v4.1.16

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

v4.1.15

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Changelog

Sourced from @​tailwindcss/postcss's changelog.

[4.1.16] - 2025-10-23

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

[4.1.15] - 2025-10-20

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)(tailwindlabs/tailwindcss#19149)

[4.1.14] - 2025-10-01

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Commits

• cbbbe84 Release 4.1.16 (#19185)
• b2e2435 Release 4.1.15 (#19159)
• b67cbcf Prepare v4.1.14 release (#19037)
• b497e1e Add Upgrading from Tailwind CSS v… when running upgrade tool (#19026)
• 210575a Update dedent 1.6.0 → 1.7.0 (minor) (#19010)
• d0f7f82 Add plugin option documentation to the postcss plugin readme (#18940)
• 5b8136e Re-throw errors from PostCSS nodes (#18373)
• See full diff in compare view

Updates @types/node from 24.6.1 to 24.9.2

Commits

• See full diff in compare view

Updates tailwindcss from 4.1.13 to 4.1.16

Release notes

Sourced from tailwindcss's releases.

v4.1.16

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

v4.1.15

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (#19095)
• Upgrade: Migrate deprecated break-words to wrap-break-word (#19157)

Changed

• Remove the postinstall script from oxide (#19149)

v4.1.14

Fixed

• Handle ' syntax in ClojureScript when extracting classes (#18888)
• Handle @variant inside @custom-variant (#18885)
• Merge suggestions when using @utility (#18900)
• Ensure that file system watchers created when using the CLI are always cleaned up (#18905)
• Do not generate grid-column utilities when configuring grid-column-start or grid-column-end (#18907)
• Do not generate grid-row utilities when configuring grid-row-start or grid-row-end (#18907)
• Prevent duplicate CSS when overwriting a static utility with a theme key (#18056)
• Show Lightning CSS warnings (if any) when optimizing/minifying (#18918)
• Use default export condition for @tailwindcss/vite (#18948)
• Re-throw errors from PostCSS nodes (#18373)
• Detect classes in markdown inline directives (#18967)
• Ensure files with only @theme produce no output when built (#18979)
• Support Maud templates when extracting classes (#18988)
• Upgrade: Do not migrate variant = 'outline' during upgrades (#18922)
• Upgrade: Show version mismatch (if any) when running upgrade tool (#19028)
• Upgrade: Ensure first class inside className is migrated (#19031)
• Upgrade: Migrate classes inside *ClassName and *Class attributes (#19031)

Changelog

Sourced from tailwindcss's changelog.

[4.1.16] - 2025-10-23

Fixed

• Discard candidates with an empty data type (#19172)
• Fix canonicalization of arbitrary variants with attribute selectors (#19176)
• Fix invalid colors due to nested & (#19184)
• Improve canonicalization for & > :pseudo and & :pseudo arbitrary variants (#19178)

[4.1.15] - 2025-10-20

Fixed

• Fix Safari devtools rendering issue due to color-mix fallback (#19069)
• Suppress Lightning CSS warnings about :deep, :slotted, and :global (#19094)
• Fix resolving theme keys when starting with the name of another theme key in JS configs and plugins (#19097)
• Allow named groups in combination with not-*, has-*, and in-* (#19100)
• Prevent important utilities from affecting other utilities (#19110)
• Don’t index into strings with the theme(…) function (#19111)
• Fix parsing issue when \t is used in at-rules (#19130)
• Upgrade: Canonicalize utilities containing 0 values (

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
avalia	Ready	Preview	Comment	Nov 1, 2025 1:10am