build(deps-dev): bump the npm-development group with 2 updates

[dependabot]

Bumps the npm-development group with 2 updates: @biomejs/biome and tsx.

Updates @biomejs/biome from 2.3.7 to 2.3.8

Release notes

Sourced from @​biomejs/biome's releases.

Biome CLI v2.3.8

2.3.8

Patch Changes

• #8188 4ca088c Thanks @​ematipico! - Fixed #7390, where Biome couldn't apply the correct configuration passed via --config-path.

  If you have multiple root configuration files, running any command with --config-path will now apply the chosen configuration file.

• #8171 79adaea Thanks @​dibashthapa! - Added the new rule noLeakedRender. This rule helps prevent potential leaks when rendering components that use binary expressions or ternaries.

  For example, the following code triggers the rule because the component would render 0:

  const Component = () => {
    const count = 0;
    return <div>{count && <span>Count: {count}</span>}</div>;
  };

• #8116 b537918 Thanks @​Netail! - Added the nursery rule noDuplicatedSpreadProps. Disallow JSX prop spreading the same identifier multiple times.

  Invalid:

  <div {...props} something="else" {...props} />

• #8256 f1e4696 Thanks @​cormacrelf! - Fixed a bug where logs were discarded (the kind from --log-level=info etc.). This is a regression introduced after an internal refactor that wasn't adequately tested.

• #8226 3f19b52 Thanks @​dyc3! - Fixed #8222: The HTML parser, with Vue directives enabled, can now parse v-slot shorthand syntax, e.g. \<template #foo>.

• #8007 182ecdc Thanks @​brandonmcconnell! - Added support for dollar-sign-prefixed filenames in the useFilenamingConvention rule.

  Biome now allows filenames starting with the dollar-sign (e.g. $postId.tsx) by default to support naming conventions used by frameworks such as TanStack Start for file-based-routing.

• #8218 91484d1 Thanks @​hirokiokada77! - Added the noMultiStr rule, which disallows creating multiline strings by escaping newlines.

  Invalid:

  const foo =
    "Line 1\n\
  Line 2";

  Valid:

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

2.3.8

Patch Changes

• #8188 4ca088c Thanks @​ematipico! - Fixed #7390, where Biome couldn't apply the correct configuration passed via --config-path.

  If you have multiple root configuration files, running any command with --config-path will now apply the chosen configuration file.

• #8171 79adaea Thanks @​dibashthapa! - Added the new rule noLeakedRender. This rule helps prevent potential leaks when rendering components that use binary expressions or ternaries.

  For example, the following code triggers the rule because the component would render 0:

  const Component = () => {
    const count = 0;
    return <div>{count && <span>Count: {count}</span>}</div>;
  };

• #8116 b537918 Thanks @​Netail! - Added the nursery rule noDuplicatedSpreadProps. Disallow JSX prop spreading the same identifier multiple times.

  Invalid:

  <div {...props} something="else" {...props} />

• #8256 f1e4696 Thanks @​cormacrelf! - Fixed a bug where logs were discarded (the kind from --log-level=info etc.). This is a regression introduced after an internal refactor that wasn't adequately tested.

• #8226 3f19b52 Thanks @​dyc3! - Fixed #8222: The HTML parser, with Vue directives enabled, can now parse v-slot shorthand syntax, e.g. \<template #foo>.

• #8007 182ecdc Thanks @​brandonmcconnell! - Added support for dollar-sign-prefixed filenames in the useFilenamingConvention rule.

  Biome now allows filenames starting with the dollar-sign (e.g. $postId.tsx) by default to support naming conventions used by frameworks such as TanStack Start for file-based-routing.

• #8218 91484d1 Thanks @​hirokiokada77! - Added the noMultiStr rule, which disallows creating multiline strings by escaping newlines.

  Invalid:

  const foo =
    "Line 1\n\
  Line 2";

  Valid:

  const foo = "Line 1\nLine 2";
  const bar = `Line 1

... (truncated)

Commits

• 0a6b6fb chore: restore version and yaml how they were
• 5d15cd5 chore: revert version
• 59fa146 ci: release (#8263)
• f7e836f feat(biome_js_analyze): implement noProto rule (#8276)
• b537918 feat(js_biome_analyze): implement noDuplicatedSpreadProps (#8116)
• 91484d1 feat(biome_js_analyze): implement noMultiStr rule (#8218)
• 68c052e feat(biome_js_analyze): implement noEqualsToNull rule (#8214)
• 79adaea feat(lint): added new rule no-leaked-render from eslint-react (#8171)
• cd2edd7 feat(js_analyze): implement noTernary (#8201)
• See full diff in compare view

Updates tsx from 4.20.6 to 4.21.0

Release notes

Sourced from tsx's releases.

v4.21.0

4.21.0 (2025-11-30)

Features

• upgrade esbuild (#748) (048fb62)

---

This release is also available on:

• npm package (@​latest dist-tag)

Commits

• f6284cd ci: lock in semantic-release v24
• 048fb62 feat: upgrade esbuild (#748)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

📋 Release Plan

Module	Type	Latest Version	New Version	Release Details
tf-modules-kms	patch		v1.0.0	🆕 Initial Release
tf-modules-vpc-endpoint	patch		v1.0.0	🆕 Initial Release

📝 Changelog

tf-modules-kms-v1.0.0 (2025-12-02)

• 🔀PR #325 - build(deps-dev): bump the npm-development group with 2 updates

tf-modules-vpc-endpoint-v1.0.0 (2025-12-02)

• 🔀PR #325 - build(deps-dev): bump the npm-development group with 2 updates

_{Wiki Status^ℹ️}

✅ Enabled

_{Automated Tag/Release Cleanup^ℹ️}

⏸️ Existing tags and releases will be preserved as the delete-legacy-tags flag is disabled.

_{Powered by:   techpivot/terraform-module-releaser}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud