build(deps-dev): Bump eslint from 9.39.2 to 10.3.0#8
build(deps-dev): Bump eslint from 9.39.2 to 10.3.0#8dependabot[bot] wants to merge 2 commits intomainfrom
Conversation
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
dependabot
Bot
changed the title
Bumps [eslint](https://github.com/eslint/eslint) from 9.39.2 to 10.3.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.2...v10.3.0) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.3.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/eslint-10.3.0
branch
from
49b9e46 to
727eff8
Compare
@eslint/js@10.0.1 peer-requires eslint@^10.0.0, so this PR cannot land without also moving eslint off 9.x. Combined with the existing PR #8 content so this branch is self-consistent and CI can resolve. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
eslint@10.x and @eslint/js track together; combined with existing PR #6 content so this branch is self-consistent. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| }, | ||
| "devDependencies": { | ||
| "@eslint/js": "^9.39.2", | ||
| "@eslint/js": "^10.0.1", |
There was a problem hiding this comment.
🔴 yarn.lock not updated for @eslint/js — installs stale 9.x instead of 10.x with Yarn
The package.json was updated to "@eslint/js": "^10.0.1" but the yarn.lock root workspace entry still specifies "@eslint/js": "npm:^9.39.2" (see the lockfile resolution at yarn.lock:578), resolving to @eslint/js@9.39.2. The eslint dependency was correctly bumped to ^10.3.0 in both package.json and yarn.lock, but @eslint/js was missed in the lockfile.
Since Yarn 4.9.2 is the declared packageManager, Yarn users (the primary install path) will get @eslint/js@9.39.2 paired with eslint@10.3.0 — a cross-major-version mismatch. The package-lock.json confirms @eslint/js@10.0.1 declares peerDependencies: { eslint: "^10.0.0" }, so these packages are designed to share the same major version. Running yarn install --immutable in CI will either fail or silently install the wrong version.
Prompt for agents
The yarn.lock file was not updated when @eslint/js was bumped from ^9.39.2 to ^10.0.1 in package.json. The root workspace entry in yarn.lock (around line 578) still reads '@eslint/js: npm:^9.39.2' and resolves to 9.39.2, while eslint was correctly bumped to 10.3.0. To fix, run 'yarn install' (or 'yarn up @eslint/js') so that yarn.lock is regenerated with the correct @eslint/js@^10.0.1 specifier and resolves to 10.0.1. Verify the lockfile diff shows the updated specifier in the ecc-universal workspace entry and a new resolution block for @eslint/js@^10.0.1.
Was this helpful? React with 👍 or 👎 to provide feedback.
| "@types/node": "^20.19.24", | ||
| "c8": "^11.0.0", | ||
| "eslint": "^9.39.2", | ||
| "eslint": "^10.3.0", |
There was a problem hiding this comment.
🚩 Node.js 18 engine incompatibility with ESLint 10 ecosystem
The package-lock.json reveals that eslint@10.3.0, @eslint/js@10.0.1, @eslint/config-array@0.23.5, and @eslint/config-helpers@0.5.5 all declare "engines": { "node": "^20.19.0 || ^22.13.0 || >=24" }. However, package.json:276 still declares "node": ">=18" and the CI matrix at .github/workflows/ci.yml includes node: ['18.x', '20.x', '22.x']. Since ESLint is a devDependency and the lint CI job runs on Node 20.x, CI won't break. But any developer on Node 18 running npm run lint locally will hit engine warnings or failures. The engines field in package.json is now misleading for dev workflows. This isn't necessarily a bug (engine fields on devDependencies are advisory), but it's worth considering whether to bump the engines field to >=20 or document the Node 20+ requirement for linting.
Was this helpful? React with 👍 or 👎 to provide feedback.
| "@types/node": "^20.19.24", | ||
| "c8": "^11.0.0", | ||
| "eslint": "^9.39.2", | ||
| "eslint": "^10.3.0", |
There was a problem hiding this comment.
🚩 CommonJS eslint.config.js may be incompatible with ESLint 10
The eslint.config.js uses CommonJS syntax (require('@eslint/js'), module.exports = [...]), and the project has no "type": "module" in package.json (so it defaults to CommonJS). ESLint 10 is a major version bump that may change how config files are loaded. The lockfile diff shows @eslint/eslintrc was removed as a dependency of eslint, suggesting config loading internals changed. If ESLint 10 expects ESM config by default, the CommonJS config would need to be renamed to eslint.config.cjs or migrated to ESM. This could not be verified from the repo context alone and needs testing.
Was this helpful? React with 👍 or 👎 to provide feedback.
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 participant
Bumps eslint from 9.39.2 to 10.3.0.
Release notes
Sourced from eslint's releases.
... (truncated)
Commits
788920410.3.05b69b4fBuild: changelog update for 10.3.0d32235eci: use pnpm ineslint-flat-config-utilstype integration test (#20826)b6ae5cffix: handle unavailable require cache (#20812)3ffb14echore: clean up typos in comments and JSDoc (#20821)6fb3685fix: rule suggestions cause continuation in class body (#20787)22eb58achore: add missing continue-on-error to ecosystem-tests.yml (#20818)88bf002ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)379571afeat: add suggestions for no-unused-private-class-members (#20773)97c8c33chore: update ilshidur/action-discord action to v0.4.0 (#20811)