Skip to content

Comments

chore(linter): Update ajv version.#19613

Merged
graphite-app[bot] merged 1 commit intomainfrom
bump-ajv
Feb 21, 2026
Merged

chore(linter): Update ajv version.#19613
graphite-app[bot] merged 1 commit intomainfrom
bump-ajv

Conversation

@connorshea
Copy link
Member

@connorshea connorshea commented Feb 21, 2026

To match upstream and resolve a "security vulnerability" (regex DoS): eslint/eslint@2b72361

@connorshea connorshea requested a review from camc314 as a code owner February 21, 2026 19:01
Copilot AI review requested due to automatic review settings February 21, 2026 19:01
@github-actions github-actions bot added A-linter Area - Linter A-cli Area - CLI C-cleanup Category - technical debt or refactoring. Solution not expected to change behavior labels Feb 21, 2026
Copilot AI reviewed Feb 21, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the ajv dependency used by the oxlint app tooling to align with upstream ESLint and address the referenced regex DoS vulnerability.

Changes:

  • Bump ajv from 6.12.6 to 6.14.0 in apps/oxlint/package.json.
  • Refresh pnpm-lock.yaml to lock ajv@6.14.0 and update dependent snapshots.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
pnpm-lock.yaml Locks ajv to 6.14.0 and updates dependency snapshots accordingly.
apps/oxlint/package.json Pins ajv devDependency to 6.14.0 for the oxlint app workspace package.
Files not reviewed (1)
  • pnpm-lock.yaml: Language not supported

@camc314 camc314 added the 0-merge Merge with Graphite Merge Queue label Feb 21, 2026
@camc314 camc314 self-assigned this Feb 21, 2026
@camc314 Graphite App
Copy link
Contributor

camc314 commented Feb 21, 2026
edited by graphite-app bot
Loading

Merge activity

@connorshea
chore(linter): Update ajv version. (#19613)
c67f9dc 
To match upstream and resolve a "security vulnerability" (regex DoS): eslint/eslint@2b72361
@graphite-app graphite-app bot merged commit c67f9dc into main Feb 21, 2026
19 checks passed
@graphite-app graphite-app bot deleted the bump-ajv branch February 21, 2026 19:16
@graphite-app graphite-app bot removed the 0-merge Merge with Graphite Merge Queue label Feb 21, 2026
@Boshen Boshen mentioned this pull request Feb 23, 2026
Merged
camc314 pushed a commit that referenced this pull request Feb 23, 2026
@Boshen
release(apps): oxlint v1.50.0 && oxfmt v0.35.0 (#19627)
a08c28d 
# Oxlint
### 🚀 Features

- 46177dd linter: Implement unicorn/prefer-module (#19603) (camc314)
- 42f78bb linter: Implement unicorn/prefer-ternary (#19605) (camc314)

### 🐛 Bug Fixes

- 43df857 react/exhaustive-deps: Normalize .current callback deps
(#19610) (camc314)
- 574f48f linter/no-throw-literal: Close warning block (#19612)
(camc314)
- 79fe3b4 linter/prefer-mock-return-shorthand: Avoid unsafe autofixes
for call-like returns (#19581) (camc314)
- 85045e8 linter: Check protected members in
explicit-module-boundary-types (#19594) (camc314)
- e38115e linter: Catch missing return type on exported arrow/function
expressions (#19587) (Peter Wagenet)
- 419d3fd linter: Fix false negatives in typescript/no-require-imports
(#19589) (Peter Wagenet)
- 7958b56 linter: Fix syntax error reporting in some output formatters.
(#19590) (connorshea)
- 024f51c linter: Add help text to more eslint diagnostics (#19591)
(Anthony Amaro)
- a8489a1 linter: Warning `eslint/no-throw-literal` rule to be
deprecated, better use `typescript/only-throw-error` (#19593) (Said
Atrahouch)
- 50fc70d linter/type-aware: Use correct span for disable directives
(#19576) (camc314)
- 421a99c linter: Add help guidance to eslint diagnostic messages
(#19562) (Anthony Amaro)
- e81364a linter: Add help text to eslint rule diagnostics (#19560)
(Anthony Amaro)
- 89b58d0 linter: Add help text to more eslint rule diagnostics (#19561)
(Anthony Amaro)
- 74f7833 linter/jest/prefer-mock-return-shorthand: Preserve typed arrow
returns (#19556) (camc314)
- bdd6f34 linter: Restrict prefer-import-in-mock to mock calls (#19555)
(camc314)

### 📚 Documentation

- a331993 linter: Improve docs for `eslint/radix` rule. (#19611)
(connorshea)

### 🛡️ Security

- c67f9dc linter: Update ajv version. (#19613) (connorshea)
# Oxfmt
### 🚀 Features

- 984dc07 oxfmt: Strip `"experimental"SortXxx` prefix (#19567)
(leaysgur)

### 🐛 Bug Fixes

- d7b63a4 oxfmt: Update API types for `sortPackageJsonOptions` (#19569)
(leaysgur)

Co-authored-by: Boshen <1430279+Boshen@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@camc314 camc314 camc314 approved these changes

Assignees

@camc314 camc314

Labels

A-cli Area - CLI A-linter Area - Linter C-cleanup Category - technical debt or refactoring. Solution not expected to change behavior

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@connorshea @camc314