Skip to content

build(deps-dev): Bump @eslint-react/eslint-plugin from 5.10.0 to 5.11.2#357

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/eslint-react/eslint-plugin-5.11.2
Closed

build(deps-dev): Bump @eslint-react/eslint-plugin from 5.10.0 to 5.11.2#357
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/eslint-react/eslint-plugin-5.11.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown

Bumps @eslint-react/eslint-plugin from 5.10.0 to 5.11.2.

Release notes

Sourced from @​eslint-react/eslint-plugin's releases.

v5.11.2 (2026-07-05)

What's Changed

📝 Documentation

  • Updated rule documentation for React introspection APIs (react-x/no-children-count, react-x/no-children-for-each, react-x/no-children-map, react-x/no-children-only, react-x/no-children-to-array, and react-x/no-clone-element) with clearer guidance on why child introspection creates fragile component coupling and links to Astryx's no-react-introspection rule. (#1889)
  • Updated the function-component collector sequence diagram on the website.
  • Updated THIRD-PARTY-LICENSE file.

Full Changelog: Rel1cx/eslint-react@v5.11.0...v5.11.2

Attestation

https://github.com/Rel1cx/eslint-react/attestations/33931871

v5.11.0 (2026-07-05)

What's Changed

✨ New

  • react-x/refs now detects ref mutations/reads inside helper functions that are called (directly, or through a simple variable alias) during render, closing a gap where any nested function was previously treated as a safe boundary regardless of whether it was actually invoked during render.
  • react-x/refs now reports a second guarded ref initialization: only a single if (ref.current == null) { ref.current = ... } guarded initialization is allowed per ref per component/hook, and a second guarded write (in the same or a different if block) is reported as duplicateRefInit.
  • react-x/refs now supports .current accesses whose base is a member expression that looks like a ref (e.g. props.ref.current), not just a plain identifier.

🏗️ Internal

  • Added unit tests for packages/ast/src/check.ts.
  • Bumped @effect/language-service to ^0.86.4 and preact to ^10.29.4.
  • Refactored react-x/static-components internals without changing behavior: findVariableForIdentifier now delegates to @typescript-eslint/utils/ast-utils's findVariable instead of a hand-rolled scope-chain walk, resolveDynamicValue was split into findDynamicCreationSite and findReassignmentCreationSite, and render-boundary/JSX-candidate handling was extracted into dedicated helpers.
  • Unified the signatures of Check.isDirective and Check.isIdentifier in @eslint-react/ast: both now take the node as the first argument and an optional name as the second, replacing the previous curried (name) => (node) => boolean shape. Removed Check.isStringLiteral; use ts-pattern's isMatching or an inline type guard instead.

Full Changelog: Rel1cx/eslint-react@v5.10.4...v5.11.0

Attestation

https://github.com/Rel1cx/eslint-react/attestations/33921957

v5.10.4 (2026-07-04)

What's Changed

🐞 Fixes

  • Fixed react-x/no-misused-capture-owner-stack not recognizing process.env.NODE_ENV checks wrapped in TypeScript type expressions such as (process.env as any).NODE_ENV. (#1813)
  • Fixed Extract.getFullyQualifiedName to unwrap TSAsExpression, TSTypeAssertion, TSNonNullExpression, and ChainExpression before resolving names. This improves name resolution for rules that identify React APIs or collect component/hook names through type-wrapped expressions.

... (truncated)

Changelog

Sourced from @​eslint-react/eslint-plugin's changelog.

v5.11.2 (2026-07-05)

📝 Documentation

  • Updated rule documentation for React introspection APIs (react-x/no-children-count, react-x/no-children-for-each, react-x/no-children-map, react-x/no-children-only, react-x/no-children-to-array, and react-x/no-clone-element) with clearer guidance on why child introspection creates fragile component coupling and links to Astryx's no-react-introspection rule. (#1889)
  • Updated the function-component collector sequence diagram on the website.
  • Updated THIRD-PARTY-LICENSE file.

Full Changelog: Rel1cx/eslint-react@v5.11.0...v5.11.2

v5.11.0 (2026-07-05)

✨ New

  • react-x/refs now detects ref mutations/reads inside helper functions that are called (directly, or through a simple variable alias) during render, closing a gap where any nested function was previously treated as a safe boundary regardless of whether it was actually invoked during render.
  • react-x/refs now reports a second guarded ref initialization: only a single if (ref.current == null) { ref.current = ... } guarded initialization is allowed per ref per component/hook, and a second guarded write (in the same or a different if block) is reported as duplicateRefInit.
  • react-x/refs now supports .current accesses whose base is a member expression that looks like a ref (e.g. props.ref.current), not just a plain identifier.

🏗️ Internal

  • Added unit tests for packages/ast/src/check.ts.
  • Bumped @effect/language-service to ^0.86.4 and preact to ^10.29.4.
  • Refactored react-x/static-components internals without changing behavior: findVariableForIdentifier now delegates to @typescript-eslint/utils/ast-utils's findVariable instead of a hand-rolled scope-chain walk, resolveDynamicValue was split into findDynamicCreationSite and findReassignmentCreationSite, and render-boundary/JSX-candidate handling was extracted into dedicated helpers.
  • Unified the signatures of Check.isDirective and Check.isIdentifier in @eslint-react/ast: both now take the node as the first argument and an optional name as the second, replacing the previous curried (name) => (node) => boolean shape. Removed Check.isStringLiteral; use ts-pattern's isMatching or an inline type guard instead.

Full Changelog: Rel1cx/eslint-react@v5.10.4...v5.11.0

v5.10.4 (2026-07-04)

🐞 Fixes

  • Fixed react-x/no-misused-capture-owner-stack not recognizing process.env.NODE_ENV checks wrapped in TypeScript type expressions such as (process.env as any).NODE_ENV. (#1813)
  • Fixed Extract.getFullyQualifiedName to unwrap TSAsExpression, TSTypeAssertion, TSNonNullExpression, and ChainExpression before resolving names. This improves name resolution for rules that identify React APIs or collect component/hook names through type-wrapped expressions.

Full Changelog: Rel1cx/eslint-react@v5.10.3...v5.10.4

v5.10.3 (2026-07-04)

🏗️ Internal

  • Bumped typescript-eslint packages to ^8.62.1.
  • Bumped @effect/language-service to ^0.86.3.
  • Bumped undici and undici-types to ^8.6.0.
  • Updated the @eslint-react/eslint-plugin package description.

Full Changelog: Rel1cx/eslint-react@v5.10.2...v5.10.3

v5.10.2 (2026-07-03)

🐞 Fixes

... (truncated)

Commits
  • 0f8d356 release: 5.11.2
  • 787aba5 refactor(ast)!: remove direct is/isOneOf re-exports and use Check namespace
  • 76c0b1e release: 5.11.0
  • 499b5e6 release: 5.10.4
  • a4130ee release: 5.10.3
  • fa53e93 chore(eslint-plugin): update package description
  • 3d6f501 release: 5.10.2
  • ecb5626 release: 5.10.1
  • 9973045 fix: static-components rule is missing from `disable-conflict-eslint-plugin...
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@eslint-react/eslint-plugin](https://github.com/Rel1cx/eslint-react/tree/HEAD/plugins/eslint-plugin) from 5.10.0 to 5.11.2.
- [Release notes](https://github.com/Rel1cx/eslint-react/releases)
- [Changelog](https://github.com/Rel1cx/eslint-react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Rel1cx/eslint-react/commits/v5.11.2/plugins/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@eslint-react/eslint-plugin"
  dependency-version: 5.11.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 13, 2026
@vercel

vercel Bot commented Jul 13, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
github-stats-extended-backend Ready Ready Preview, Comment Jul 13, 2026 12:36am
1 Skipped Deployment
Project Deployment Actions Updated (UTC)
github-stats-extended-frontend Ignored Ignored Jul 13, 2026 12:36am

@dependabot @github

dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Author

Superseded by #366.

@dependabot dependabot Bot closed this Jul 15, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/eslint-react/eslint-plugin-5.11.2 branch July 15, 2026 00:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants