chore(deps): bump fuse.js from 7.1.0 to 7.3.0

[dependabot]

Bumps fuse.js from 7.1.0 to 7.3.0.

Release notes

Sourced from fuse.js's releases.

v7.3.0

Features

• Token search — per-term fuzzy matching with IDF scoring (68c1dcf)
• Fuse.match() — static method for single string matching (460eb5b)
• BigInt support for indexing and search (0ae662c)
• removeAt() now returns the removed item (8cec7e2)
• Support keyless string entries in logical queries (8695556)
• getFn null return, escaped pipe in extended search, empty query returns all (d33b735)

Bug Fixes

• Merge overlapping match indices in extended search (06c5e97)
• Inverse patterns now work correctly across multiple keys (9351882)
• Handle quoted tokens with inner spaces and quotes in extended search (c226523)
• Handle non-decomposable diacritics in stripDiacritics (5a01f29)
• Coerce non-string array values to strings during indexing (db0e181)
• Strip getFn from keys in toJSON() for safe serialization (0f2a69b)

Internal

• Full TypeScript rewrite of source code
• Dropped UMD builds and babel preset-env
• Upgraded to Rollup 4, Vitest 2, TypeScript 6, ESLint 9
• Frozen default config to prevent mutation across instances
• Rewrote documentation as standalone markdown files

v7.2.0

Features

• Add Fuse.use() for runtime plugin registration

Performance

• Inline Bitap score computation to reduce object allocation in hot loops
• Batch removeAll for O(n) bulk removes instead of O(n*k)
• Heap-based top-k selection when limit is set
• Cache compiled searcher for repeated queries

Benchmarked on 10k records: 9-14% faster core search, 49x faster bulk remove.

Bug Fixes

• search: Deduplicate and merge overlapping match indices (#735)
• search: Preserve original array indices in nested path traversal (#786)
• types: Correct key type in FuseSortFunctionMatch (#811)
• types: Correct keys type in parseIndex parameter (#794)

Full Changelog: krisk/Fuse@v7.1.0...v7.2.0

Changelog

Sourced from fuse.js's changelog.

7.3.0 (2026-04-04)

Features

• add BigInt support for indexing and search (0ae662c), closes #814
• add static Fuse.match() for single string matching (460eb5b)
• add token search — per-term fuzzy matching with IDF scoring (68c1dcf)
• getFn null return, escaped pipe in extended search, empty query returns all (d33b735), closes #800 #765 #728
• removeAt() now returns the removed item (8cec7e2), closes #675
• search: support keyless string entries in logical queries (8695556), closes #736

Bug Fixes

• index: coerce non-string array values to strings during indexing (db0e181), closes #738
• index: strip getFn from keys in toJSON() for safe serialization (0f2a69b), closes #798
• lint: suppress unused var in toJSON destructure (d63c0e8)
• merge overlapping match indices in extended search (06c5e97)
• search: handle non-decomposable diacritics in stripDiacritics (5a01f29), closes home-assistant/frontend#30399 #816
• search: handle quoted tokens with inner spaces and quotes in extended search (c226523), closes #810
• search: inverse patterns now work correctly across multiple keys (9351882), closes #712

7.2.0 (2026-04-02)

Features

• add Fuse.use() for runtime plugin registration (8546a9b)

Performance

• inline Bitap score computation to reduce object allocation in hot loops (8546a9b)
• batch removeAll for O(n) bulk removes instead of O(n*k) (8546a9b)
• heap-based top-k selection when limit is set (8546a9b)
• cache compiled searcher for repeated queries (8546a9b)

Bug Fixes

• search: deduplicate and merge overlapping match indices (60c393a), closes #735
• search: preserve original array indices in nested path traversal (a1451be), closes #786
• types: correct key type in FuseSortFunctionMatch (fecee16), closes #811
• types: correct keys type in parseIndex parameter (58c7c73), closes #794

Commits

• aae48f5 chore(release): 7.3.0
• d63c0e8 fix(lint): suppress unused var in toJSON destructure
• 44dfdb4 chore: add funding field to package.json
• 65dadf5 docs: add performance guide with benchmark script
• 0ae662c feat: add BigInt support for indexing and search
• 8153c9d docs: fix tsconfig to resolve "no inputs found" error
• 6afb2ed docs: add "When to Use It" section to token search page
• 0e74a9c docs: simplify Getting Started page title
• 80330ed docs: fix sidebar titles and restore subheading expansion
• 6cd0cee docs: remove unused TwitterFollow and Version components
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[greptile-apps]

Greptile Summary

This is a routine Dependabot bump of fuse.js from 7.1.0 to 7.3.0, a minor-version upgrade that brings bug fixes (inverse pattern matching, extended search, diacritic handling) and additive features (token search, Fuse.match(), BigInt support) with no breaking API changes.

Confidence Score: 5/5

Safe to merge — minor-version fuse.js bump with no breaking changes; one P2 note about an incidental lockfile change.

All findings are P2. The fuse.js 7.1.0→7.3.0 upgrade is a semver-compatible minor bump with only additive features and bug fixes. The only concern is an unrelated chrome-devtools-mcp bump in the lockfile, which is cosmetic and does not affect correctness.

bun.lock — contains an unintended chrome-devtools-mcp version bump worth confirming.

Important Files Changed

Filename	Overview
apps/server/package.json	Bumps fuse.js from ^7.1.0 to ^7.3.0; straightforward minor-version dependency upgrade
bun.lock	Lock file resolves fuse.js to 7.3.0 as expected, but also bumps chrome-devtools-mcp from 0.20.0 to 0.21.0 — an unrelated package change not reflected in package.json

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Dependabot PR] --> B[fuse.js 7.1.0 → 7.3.0]
    B --> C[package.json updated]
    B --> D[bun.lock updated]
    D --> E[fuse.js resolved to 7.3.0]
    D --> F[chrome-devtools-mcp 0.20.0 → 0.21.0\nunintended side-effect]
    style F fill:#fff3cd,stroke:#ffc107

Loading

Prompt To Fix All With AI

This is a comment left during a code review.
Path: bun.lock
Line: 2113

Comment:
**Unintended lockfile bump for unrelated package**

`chrome-devtools-mcp` is upgraded from `0.20.0` to `0.21.0` in the lockfile, but this change is not reflected in any `package.json`. This PR is scoped to `fuse.js` only, so this appears to be an incidental lock file regeneration side effect. It's worth verifying this bump is intentional before merging, as unrelated transitive changes can obscure what actually changed.

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "chore(deps): bump fuse.js from 7.1.0 to ..." | Re-trigger Greptile}