build(deps): bump @eslint/js to ^10.0.1 and eslint to ^10.3.0 by FlexNetOS · Pull Request #12 · FlexNetOS/agent_harness

FlexNetOS · 2026-05-03T14:32:11Z

What Changed

Supersedes #6 (closed before yarn.lock was updated). Picks up the same dependency bump and lands the two follow-ups Devin Review flagged on that PR.

Bump @eslint/js from ^9.39.2 to ^10.0.1.
Bump eslint from ^9.39.2 to ^10.3.0.
Re-run yarn install (Yarn Berry 4.9.2) so yarn.lock actually resolves eslint@npm:10.3.0 plus the updated transitive dependencies (@eslint/config-array@0.23.5, @eslint/core, etc.). PR Bump @eslint/js from 9.39.2 to 10.0.1 #6 only updated package-lock.json.
Bump engines.node from >=18 to >=20.19.0. ESLint 10 / @eslint/config-array@0.23.5 require node ^20.19.0 || ^22.13.0 || >=24, so claiming >=18 was contradictory and would break yarn install / npm ci for any contributor on Node 18.
Drop '18.x' from the test matrix in .github/workflows/ci.yml and remove the matching node-version == '18.x' guard in .github/workflows/reusable-test.yml. The "Setup pnpm via Corepack" fallback that only existed to install pnpm@9 on Node 18 goes away with it.
Fix 18 ESLint 10 lint errors that surface from the new preserve-caught-error and no-useless-assignment recommended rules:
- Attach { cause: error } to errors re-thrown in 13 catch blocks across scripts/ci/, scripts/lib/, and scripts/lib/install*/.
- Drop dead initial assignments in 4 let declarations (scripts/hooks/evaluate-session.js, scripts/hooks/observe-runner.js, tests/hooks/hooks.test.js, tests/run-all.js) that are unconditionally overwritten in both try and catch branches before any read.

Why This Change

PR #6 (Devin Review) bumped eslint to ^10.3.0 in package.json and package-lock.json, but the second commit on that PR did not regenerate yarn.lock. Since this repo's packageManager is yarn@4.9.2, yarn.lock is the canonical lockfile — leaving it pointing at eslint@npm:^9.39.2 would cause yarn install --immutable (and any Yarn-based CI lane) to fail. Devin Review also pointed out that ESLint 10 silently broke the project's stated node >=18 support contract, since ESLint 10's own engines field requires Node 20.19+. Bumping the floor to 20.19 + dropping 18 from CI keeps the engines field, the lockfiles, and CI all consistent.

Testing Done

Manual testing completed
Automated tests pass locally (node tests/run-all.js) — same 8 pre-existing failures as main (unrelated: lib/session-manager, opencode-plugin-hooks, build-opencode, npm-publish-surface, trae-install); my changes do not introduce or fix any of these.
npm run lint passes (eslint . is clean, markdownlint is clean).
yarn install reports + @eslint/js@npm:10.0.1, eslint@npm:10.3.0 and removes the stale @eslint/config-array@npm:0.21.1 and 22 other entries.
package-lock.json regenerated; node_modules/eslint now resolves to 10.3.0 and node_modules/@eslint/js to 10.0.1.
Edge cases considered and tested

Type of Change

Security & Quality Checklist

No secrets or API keys committed (ghp_, sk-, AKIA, xoxb, xoxp patterns checked)
JSON files validate cleanly
Shell scripts pass shellcheck (if applicable) — N/A
Pre-commit hooks pass locally (if configured) — none configured
No sensitive data exposed in logs or output
Follows conventional commits format

Documentation

Updated relevant documentation — engines bump and CI matrix change documented in this description; no user-facing docs reference Node 18 explicitly.
Added comments for complex logic — N/A
README updated (if needed) — not needed

Link to Devin session: https://app.devin.ai/sessions/af73321ca16a4da6bbbbb27fc0d6bf24
Requested by: @FlexNetOS

Supersedes #6 (closed before yarn.lock was updated). Addresses two Devin Review findings on PR #6: 1. yarn.lock desync — PR #6 bumped eslint to ^10.3.0 in package.json and package-lock.json but left yarn.lock pointing at eslint@npm:^9.39.2. Since the project's packageManager is Yarn Berry 4.9.2, yarn.lock is the primary lockfile and 'yarn install --immutable' would fail. Re-ran 'yarn install' so yarn.lock now resolves eslint@10.3.0 and updated transitive deps (@eslint/config-array@0.23.5, @eslint/core, etc.). 2. ESLint 10 dropped Node 18 — bumped engines.node from '>=18' to '>=20.19.0' (matching what eslint 10.x and @eslint/config-array 0.23.5 actually require) and removed Node 18.x from the CI test matrix in ci.yml + reusable-test.yml. The Setup-pnpm-via-Corepack fallback that only existed for Node 18 is no longer needed. Also fixes 18 ESLint 10 errors that surface from the new preserve-caught-error and no-useless-assignment recommended rules: - Attach { cause } to errors re-thrown in 13 catch blocks. - Drop dead initial assignments in 4 let declarations that are unconditionally overwritten before any read.

devin-ai-integration · 2026-05-03T14:32:13Z

Original prompt from FlexNetOS

Take over and fix the bugs found by Devin Review in PR #6 in flexnetos/agent_harness.

devin-ai-integration · 2026-05-03T14:32:14Z

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

Disable automatic comment and CI monitoring

devin-ai-integration · 2026-05-03T14:32:17Z