Skip to content

Bump the npm group with 8 updates#2156

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-2ea8c27af8
Apr 7, 2026
Merged

Bump the npm group with 8 updates#2156
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-2ea8c27af8

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 7, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm group with 8 updates:

Package From To
@eslint/compat 2.0.3 2.0.4
@types/node 25.5.0 25.5.2
eslint 10.1.0 10.2.0
@eslint/config-array 0.23.3 0.23.4
@eslint/config-helpers 0.5.3 0.5.4
@eslint/core 1.1.1 1.2.0
@eslint/object-schema 3.0.3 3.0.4
@eslint/plugin-kit 0.6.1 0.7.0

Updates @eslint/compat from 2.0.3 to 2.0.4

Release notes

Sourced from @​eslint/compat's releases.

migrate-config: v2.0.4

2.0.4 (2026-03-20)

Bug Fixes

  • update dependency @​eslint/eslintrc to ^3.3.5 (#397) (8567c19)

compat: v2.0.4

2.0.4 (2026-04-03)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^1.1.1 to ^1.2.0
Changelog

Sourced from @​eslint/compat's changelog.

2.0.4 (2026-04-03)

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^1.1.1 to ^1.2.0
Commits

Updates @types/node from 25.5.0 to 25.5.2

Commits

Updates eslint from 10.1.0 to 10.2.0

Release notes

Sourced from eslint's releases.

v10.2.0

Features

  • 586ec2f feat: Add meta.languages support to rules (#20571) (Copilot)
  • 14207de feat: add Temporal to no-obj-calls (#20675) (Pixel998)
  • bbb2c93 feat: add Temporal to ES2026 globals (#20672) (Pixel998)

Bug Fixes

  • 542cb3e fix: update first-party dependencies (#20714) (Francesco Trotta)

Documentation

  • a2af743 docs: add language to configuration objects (#20712) (Francesco Trotta)
  • 845f23f docs: Update README (GitHub Actions Bot)
  • 5fbcf59 docs: remove sourceType from ts playground link (#20477) (Tanuj Kanti)
  • 8702a47 docs: Update README (GitHub Actions Bot)
  • ddeaded docs: Update README (GitHub Actions Bot)
  • 2b44966 docs: add Major Releases section to Manage Releases (#20269) (Milos Djermanovic)
  • eab65c7 docs: update eslint versions in examples (#20664) (루밀LuMir)
  • 3e4a299 docs: update ESM Dependencies policies with note for own-usage packages (#20660) (Milos Djermanovic)

Chores

  • 8120e30 refactor: extract no unmodified loop condition (#20679) (kuldeep kumar)
  • 46e8469 chore: update dependency markdownlint-cli2 to ^0.22.0 (#20697) (renovate[bot])
  • 01ed3aa test: add unit tests for unicode utilities (#20622) (Manish chaudhary)
  • 811f493 ci: remove --legacy-peer-deps from types integration tests (#20667) (Milos Djermanovic)
  • 6b86fcf chore: update dependency npm-run-all2 to v8 (#20663) (renovate[bot])
  • 632c4f8 chore: add prettier update commit to .git-blame-ignore-revs (#20662) (루밀LuMir)
  • b0b0f21 chore: update dependency eslint-plugin-regexp to ^3.1.0 (#20659) (Milos Djermanovic)
  • 228a2dd chore: update dependency eslint-plugin-eslint-plugin to ^7.3.2 (#20661) (Milos Djermanovic)
  • 3ab4d7e test: Add tests for eslintrc-style keys (#20645) (kuldeep kumar)
Commits

Updates @eslint/config-array from 0.23.3 to 0.23.4

Release notes

Sourced from @​eslint/config-array's releases.

config-array: v0.23.4

0.23.4 (2026-04-03)

Bug Fixes

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/object-schema bumped from ^3.0.3 to ^3.0.4
Changelog

Sourced from @​eslint/config-array's changelog.

0.23.4 (2026-04-03)

Bug Fixes

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/object-schema bumped from ^3.0.3 to ^3.0.4
Commits

Updates @eslint/config-helpers from 0.5.3 to 0.5.4

Release notes

Sourced from @​eslint/config-helpers's releases.

config-helpers: v0.5.4

0.5.4 (2026-04-03)

Bug Fixes

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^1.1.1 to ^1.2.0
Changelog

Sourced from @​eslint/config-helpers's changelog.

0.5.4 (2026-04-03)

Bug Fixes

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^1.1.1 to ^1.2.0
Commits

Updates @eslint/core from 1.1.1 to 1.2.0

Release notes

Sourced from @​eslint/core's releases.

core: v1.2.0

1.2.0 (2026-04-03)

Features

  • add languages and docs.dialects to rule meta types (#421) (7680f69)

Bug Fixes

  • re-export ESM types in CommonJS (#416) (ef16f80)
  • type-check defaultLanguageOptions against LangOptions (#420) (7bf5704)
Changelog

Sourced from @​eslint/core's changelog.

1.2.0 (2026-04-03)

Features

  • add languages and docs.dialects to rule meta types (#421) (7680f69)

Bug Fixes

  • re-export ESM types in CommonJS (#416) (ef16f80)
  • type-check defaultLanguageOptions against LangOptions (#420) (7bf5704)
Commits

Updates @eslint/object-schema from 3.0.3 to 3.0.4

Release notes

Sourced from @​eslint/object-schema's releases.

object-schema: v3.0.4

3.0.4 (2026-04-03)

Bug Fixes

  • avoid mutating object schema definitions during construction (#412) (f0fd9a2)
  • correct ValidationStrategy parameter types (#406) (42a30ea)
  • re-export ESM types in CommonJS (#416) (ef16f80)
Changelog

Sourced from @​eslint/object-schema's changelog.

3.0.4 (2026-04-03)

Bug Fixes

  • avoid mutating object schema definitions during construction (#412) (f0fd9a2)
  • correct ValidationStrategy parameter types (#406) (42a30ea)
  • re-export ESM types in CommonJS (#416) (ef16f80)
Commits
  • fe114ee chore: release main (#413)
  • 8863791 docs: Update README sponsors
  • ef16f80 fix: re-export ESM types in CommonJS (#416)
  • 835ddf9 docs: Update README sponsors
  • 8cd3676 docs: Update README sponsors
  • b281abb docs: clarify ValidationStrategy object behavior (#415)
  • 42a30ea fix: correct ValidationStrategy parameter types (#406)
  • f0fd9a2 fix: avoid mutating object schema definitions during construction (#412)
  • 9189536 refactor: use lowercase boolean in validation errors (#405)
  • 4d73459 docs: Update README sponsors
  • See full diff in compare view

Updates @eslint/plugin-kit from 0.6.1 to 0.7.0

Release notes

Sourced from @​eslint/plugin-kit's releases.

plugin-kit: v0.7.0

0.7.0 (2026-04-03)

Features

  • add languages and docs.dialects to rule meta types (#421) (7680f69)

Bug Fixes

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^1.1.1 to ^1.2.0
Changelog

Sourced from @​eslint/plugin-kit's changelog.

0.7.0 (2026-04-03)

Features

  • add languages and docs.dialects to rule meta types (#421) (7680f69)

Bug Fixes

Dependencies

  • The following workspace dependencies were updated
    • dependencies
      • @​eslint/core bumped from ^1.1.1 to ^1.2.0
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the npm group with 8 updates
f737bc8 
Bumps the npm group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) | `2.0.3` | `2.0.4` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.0` | `25.5.2` |
| [eslint](https://github.com/eslint/eslint) | `10.1.0` | `10.2.0` |
| [@eslint/config-array](https://github.com/eslint/rewrite/tree/HEAD/packages/config-array) | `0.23.3` | `0.23.4` |
| [@eslint/config-helpers](https://github.com/eslint/rewrite/tree/HEAD/packages/config-helpers) | `0.5.3` | `0.5.4` |
| [@eslint/core](https://github.com/eslint/rewrite/tree/HEAD/packages/core) | `1.1.1` | `1.2.0` |
| [@eslint/object-schema](https://github.com/eslint/rewrite/tree/HEAD/packages/object-schema) | `3.0.3` | `3.0.4` |
| [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit) | `0.6.1` | `0.7.0` |


Updates `@eslint/compat` from 2.0.3 to 2.0.4
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/compat-v2.0.4/packages/compat)

Updates `@types/node` from 25.5.0 to 25.5.2
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `eslint` from 10.1.0 to 10.2.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v10.1.0...v10.2.0)

Updates `@eslint/config-array` from 0.23.3 to 0.23.4
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/config-array/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/config-array-v0.23.4/packages/config-array)

Updates `@eslint/config-helpers` from 0.5.3 to 0.5.4
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/config-helpers/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/config-helpers-v0.5.4/packages/config-helpers)

Updates `@eslint/core` from 1.1.1 to 1.2.0
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/core/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/core-v1.2.0/packages/core)

Updates `@eslint/object-schema` from 3.0.3 to 3.0.4
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/object-schema/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/object-schema-v3.0.4/packages/object-schema)

Updates `@eslint/plugin-kit` from 0.6.1 to 0.7.0
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/core-v0.7.0/packages/plugin-kit)

---
updated-dependencies:
- dependency-name: "@eslint/compat"
  dependency-version: 2.0.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@types/node"
  dependency-version: 25.5.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: eslint
  dependency-version: 10.2.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@eslint/config-array"
  dependency-version: 0.23.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@eslint/config-helpers"
  dependency-version: 0.5.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@eslint/core"
  dependency-version: 1.2.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: npm
- dependency-name: "@eslint/object-schema"
  dependency-version: 3.0.4
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: "@eslint/plugin-kit"
  dependency-version: 0.7.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot assigned poad Apr 7, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 7, 2026
@github-actions

github-actions Bot commented Apr 7, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA f737bc8.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@eslint/compat 2.0.4 UnknownUnknown
npm/@eslint/config-array 0.23.4 UnknownUnknown
npm/@eslint/config-helpers 0.5.4 UnknownUnknown
npm/@eslint/core 1.2.0 UnknownUnknown
npm/@eslint/object-schema 3.0.4 UnknownUnknown
npm/@eslint/plugin-kit 0.7.0 UnknownUnknown
npm/@types/node 25.5.2 🟢 6.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 8Found 26/29 approved changesets -- score normalized to 8
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy🟢 10security policy file detected
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
npm/eslint 10.2.0 🟢 6.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 18/22 approved changesets -- score normalized to 8
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 9SAST tool detected but not run on all commits

Scanned Files

  • pnpm-lock.yaml

@github-actions github-actions Bot enabled auto-merge (squash) April 7, 2026 01:45
@github-actions github-actions Bot merged commit 5658caf into main Apr 7, 2026
4 checks passed
@github-actions github-actions Bot deleted the dependabot/npm_and_yarn/npm-2ea8c27af8 branch April 7, 2026 01:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@poad poad

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@poad