Bump ultracite from 7.7.0 to 7.8.1

[dependabot]

Bumps ultracite from 7.7.0 to 7.8.1.

Release notes

Sourced from ultracite's releases.

ultracite@7.8.1

Patch Changes

• 8335be7: Build the CLI with bun build and a tsgo type-check gate instead of tsup.
• f747449: Fix the Oxlint TanStack preset so route files under routes/ and app/routes/ are exempt from unicorn/filename-case, matching the documented 7.8.0 behavior.
• 092597e: Fix generated oxlint.config.ts to be pre-formatted according to oxfmt rules, so ultracite check passes immediately after ultracite init without requiring a separate format step.
• 81da6e8: Generate agent and editor hook commands through nypm's package-manager script helper.
• 81da6e8: Keep hyphen-prefixed file operands from being forwarded to linters as options.

ultracite@7.8.0

Minor Changes

• 4e2fea0: Add a dedicated tanstack framework preset for Biome, ESLint, and Oxlint. The ESLint preset layers @tanstack/eslint-plugin-query, @tanstack/eslint-plugin-router, and @tanstack/eslint-plugin-start, while the Biome and Oxlint presets relax file-naming conventions for routes/ directories and the generated routeTree.gen.ts. Framework detection now maps @tanstack/react-query, @tanstack/react-router, and @tanstack/react-start to the new tanstack preset.

  Two behavior changes for existing consumers: TanStack Query rules now live in the tanstack preset instead of react, so projects that relied on Query rules must opt into tanstack; and TanStack Router projects now resolve to the tanstack preset rather than remix.

Patch Changes

• 51a2af0: Recognize .biome.json and .biome.jsonc as valid Biome config files across the CLI. detectLinter, the doctor command, and the Biome config resolver now match the dot-prefixed names alongside biome.json/biome.jsonc, following Biome's documented configuration file resolution order. Closes #700.

• 14b557c: Harden the generated standalone Husky hook by using git add -- "$file" when restaging formatted files. This prevents option-shaped filenames from being interpreted as Git options during the hook.

• baa3dd0: Add ignorePatterns to the generated oxlint config at the root level so they are actually applied. Oxlint does not merge ignorePatterns through extends (see oxc-project/oxc#10223), so patterns set in the core preset were silently ignored. The generated config now sets ignorePatterns: core.ignorePatterns at the top level, reusing the patterns from the imported core preset.

• bd27fd4: Add newly supported Oxlint rules from the latest release to the core, React, and Vitest presets:

  • Core: id-match, no-implicit-globals, no-implied-eval, prefer-arrow-callback, prefer-regex-literals, import/newline-after-import, jsdoc/require-throws-description, jsdoc/require-throws-type, and jsdoc/require-yields-type
  • React: jsx-a11y/control-has-associated-label, jsx-a11y/no-interactive-element-to-noninteractive-role, jsx-a11y/no-noninteractive-element-interactions, jsx-a11y/no-noninteractive-element-to-interactive-role, react/no-object-type-as-default-prop, and react/no-unstable-nested-components
  • Vitest: vitest/padding-around-after-all-blocks

• 14b557c: Reject symlinked generated config targets before writing project files. CLI config writers now route through a shared project-file write guard that checks for symlinks and project-root escapes before mutating files.

• 14b557c: Validate package-manager names before generating agent and editor hook commands. Hook configuration now only uses supported package-manager prefixes, preventing unsafe values from being persisted into later-executed hook commands.

• 14b557c: Reject unsupported package-manager names during ultracite init. Explicit --pm values and detected packageManager metadata are now runtime-validated against the supported package managers before dependency installation, preventing malicious project metadata from selecting an arbitrary executable.

Commits

• e98d16d Version Packages (#711)
• 092597e fix: pre-format generated oxlint.config.ts to match oxfmt rules (#707)
• f747449 fix(oxlint): relax filename-case for TanStack route files (#710)
• 3d6ea4a Remove SVGs from bundle
• 8335be7 Migrate from tsup to bun + tsgo
• 304160d Update README.md
• 81da6e8 Misc fixes
• 02e79d9 Version Packages (#705)
• 37210dd Revert "fix: move mockFs to module scope for unicorn/consistent-function-scop...
• cc16ca2 fix: move mockFs to module scope for unicorn/consistent-function-scoping (#708)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.