Skip to content

feat: Modernization & Supply Chain Hardening#10

Merged
silvester-pari merged 1 commit into
mainfrom
modernize-setup
May 26, 2026
Merged

feat: Modernization & Supply Chain Hardening#10
silvester-pari merged 1 commit into
mainfrom
modernize-setup

Conversation

@silvester-pari

Copy link
Copy Markdown
Member

This PR brings @eox/eslint-config up to current industry standards while employing a non-breaking update strategy to avoid breaking CI pipelines across our 10-15 dependent projects.

What's Changed

  • Dependencies Updated: Bumped ESLint (v9.39.4), Prettier (v3.8.3), and typescript-eslint (v8.59.3) to the latest stable versions. Ran npm audit fix for security patches.
  • Native Vue 3 & JSDoc Integration: Added eslint-plugin-vue and eslint-plugin-jsdoc centrally to validate .vue components and ensure strict typing via JSDoc comments.
    • Note: To maintain backwards compatibility, all new Vue/JSDoc rules and updated TS rules have been dynamically mapped to "warn" rather than "error".
  • Modular Exports: Refactored index.js to support modular imports. Developers can now use the entire "one-stop-shop" default export or explicitly pick what they need (js, typescript, vue3, cypress, jsdocRules, prettier) for lighter projects.
  • Centralized TypeScript Config: Added tsconfig.base.json so downstream projects can extend a unified type-checking baseline rather than repeating compiler options.
  • Supply Chain Security: Added Dependabot (.github/dependabot.yml) configured with a 7-day cooldown to protect against newly published, potentially malicious zero-day npm packages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

include vue3

1 participant