chore(deps-dev): bump @biomejs/biome from 1.9.4 to 2.3.6

[dependabot]

Bumps @biomejs/biome from 1.9.4 to 2.3.6.

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.6

2.3.6

Patch Changes

• #8100 82b9a8e Thanks @​Netail! - Added the nursery rule useFind. Enforce the use of Array.prototype.find() over Array.prototype.filter() followed by [0] when looking for a single result.

  Invalid:

  [1, 2, 3].filter((x) => x > 1)[0];
  [1, 2, 3].filter((x) => x > 1).at(0);

• #8118 dbc7021 Thanks @​hirokiokada77! - Fixed #8117: useValidLang now accepts valid BCP 47 language tags with script subtags.

  Valid:

  <html lang="zh-Hans-CN"></html>

• #7672 f1d5725 Thanks @​Netail! - Added the nursery rule useConsistentGraphqlDescriptions, requiring all descriptions to follow the same style (either block or inline) inside GraphQL files.

  Invalid:

  enum EnumValue {
    "this is a description"
    DEFAULT
  }

  Valid:

  enum EnumValue {
    """
    this is a description
    """
    DEFAULT
  }

• #8026 f102661 Thanks @​matanshavit! - Fixed #8004: noParametersOnlyUsedInRecursion now correctly detects recursion by comparing function bindings instead of just names.

  Previously, the rule incorrectly flagged parameters when a method had the same name as an outer function but called the outer function (not itself):

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.6

Patch Changes

• #8100 82b9a8e Thanks @​Netail! - Added the nursery rule useFind. Enforce the use of Array.prototype.find() over Array.prototype.filter() followed by [0] when looking for a single result.

  Invalid:

  [1, 2, 3].filter((x) => x > 1)[0];
  [1, 2, 3].filter((x) => x > 1).at(0);

• #8118 dbc7021 Thanks @​hirokiokada77! - Fixed #8117: useValidLang now accepts valid BCP 47 language tags with script subtags.

  Valid:

  <html lang="zh-Hans-CN"></html>

• #7672 f1d5725 Thanks @​Netail! - Added the nursery rule useConsistentGraphqlDescriptions, requiring all descriptions to follow the same style (either block or inline) inside GraphQL files.

  Invalid:

  enum EnumValue {
    "this is a description"
    DEFAULT
  }

  Valid:

  enum EnumValue {
    """
    this is a description
    """
    DEFAULT
  }

• #8026 f102661 Thanks @​matanshavit! - Fixed #8004: noParametersOnlyUsedInRecursion now correctly detects recursion by comparing function bindings instead of just names.

  Previously, the rule incorrectly flagged parameters when a method had the same name as an outer function but called the outer function (not itself):

  function notRecursive(arg) {

... (truncated)

Commits

• 166d95b ci: release (#8076)
• 6976d03 chore: schema regression rule domains (#8133)
• 5fc5416 feat(lint/vue): add noVueVIfWithVFor, useVueHyphenatedAttributes (#8097)
• fb8e3e7 fix(noInvalidUseBeforeDeclaration): handle class, enum, import-equals (#8113)
• 0f0a658 feat(analyze): implement noSyncScripts (#8108)
• 82b9a8e feat(js_analyze): implement useFind (#8100)
• 1fdcaf0 feat(schema): add docs URLs to rule description (#8098)
• b406db6 feat: add useSpread rule (#7681)
• 6bcc9d2 chore: regression schemars v1 (#8092)
• 0c0edd4 feat(graphql_analyze): add useUniqueGraphqlOperationName (#8013)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​biomejs/biome since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated development tooling to a newer version to keep build and quality workflows current. This change affects developer tooling only and does not alter runtime behavior, public APIs, or exported interfaces. No functional changes expected for end users.

[coderabbitai]

Note

.coderabbit.yaml has unrecognized properties

CodeRabbit is using all valid settings from your configuration. Unrecognized properties (listed below) have been ignored and may indicate typos or deprecated fields that can be removed.

⚠️ Parsing warnings (1)

Validation error: Unrecognized key(s) in object: 'tools'

⚙️ Configuration instructions

• Please see the configuration documentation for more information.
• You can also validate your configuration using the online YAML validator.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Walkthrough

Updated the devDependency @biomejs/biome from ^1.9.4 to ^2.3.6 in package.json. No other dependencies, scripts, or public API/exported signatures were changed.

Changes

Cohort / File(s)	Change Summary
Dependency Update package.json	Bumped devDependency @biomejs/biome from ^1.9.4 to ^2.3.6

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

• Check lint/format config compatibility with Biome v2 (project-level config files such as .biome*), if present.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: bumping @biomejs/biome from 1.9.4 to 2.3.6, which is the sole purpose of this pull request.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/npm_and_yarn/biomejs/biome-2.3.6

---

📜 Recent review details

Configuration used: Repository: lokalise/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ad56eaf and 2679311.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🔇 Additional comments (1)

package.json (1)

29-29: Verify compatibility and CI impact for major version bump of linter tool.

This updates @biomejs/biome from v1.9.4 to v2.3.6—a major version bump that introduces breaking changes, including new linting rules (e.g., useFind, useConsistentGraphqlDescriptions) and rule behavior fixes. The new rules may cause linting failures if the codebase hasn't been updated to comply with stricter checks.

Before merging, ensure:

1. The full codebase passes npm run lint and npm run build with v2.3.6 (especially important since CI will run these checks).
2. The @lokalise/biome-config package (v^2.0.0, line 33) is compatible with biome v2.3.6; if not, it may need a bump as well.
3. Any new rule violations are intentional or have been addressed (e.g., code refactoring to satisfy useFind pattern enforcement).

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[dependabot]

Superseded by #571.