deps(frontend)(deps-dev): bump the eslint group in /frontend with 2 updates#139
Closed
dependabot[bot] wants to merge 1 commit into
Closed
deps(frontend)(deps-dev): bump the eslint group in /frontend with 2 updates#139dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the eslint group in /frontend with 2 updates: [eslint](https://github.com/eslint/eslint) and [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint). Updates `eslint` from 10.4.0 to 10.4.1 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.4.0...v10.4.1) Updates `typescript-eslint` from 8.60.0 to 8.60.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.60.1/packages/typescript-eslint) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.4.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: eslint - dependency-name: typescript-eslint dependency-version: 8.60.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: eslint ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Owner
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Owner
|
Superseded by #148, which consolidates all open Dependabot bumps and resolves each dependency to the latest compatible release (this PR's bump is included there). |
Contributor
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/frontend/eslint-8bf2061fb4
branch
pacphi
added a commit
that referenced
this pull request
Jun 8, 2026
…#148) * chore(deps): consolidate Dependabot PRs #125–#147 (latest compatible) Applies every open Dependabot bump on one branch, resolving each dependency to the latest compatible release rather than the (sometimes already-stale) version the PR pinned. Where the applied version is newer than the PR target, it is noted below. Frontend (pnpm): - vitest: → 4.1.8 [#127, target 4.1.7 superseded] - @storybook/react + storybook: → 10.4.2 [#128, target 10.4.1 superseded] - eslint: → 10.4.1; typescript-eslint: → 8.61.0 [#139, ts-eslint 8.60.1 superseded] - idb-keyval: → 6.2.5 [#140] - vite: → 8.0.16 [#141] - date-fns: → 4.4.0 [#142] - turbo: → 2.9.16 [#143] - @tanstack/react-query 5.101.0, react-router 1.170.15 (target 1.170.11 superseded), react-virtual 3.14.2 [#144] - react-dom: → 19.2.7 [#145]; react bumped to 19.2.7 to satisfy peer - zustand: → 5.0.14 [#146] Backend (Cargo): - openssl: → 0.10.80 [#125] - serde_json: → 1.0.150 [#132] - axum-test: → 20.1.0 [#133] - redis: → 1.2.2 [#134] - sqlx: 0.8 → 0.9.0 [#135] (breaking — see below) - fastembed: → 5.16.0 [#136, target 5.15.0 superseded] - uuid: → 1.23.2 [#137] - llama-cpp-4: 0.2 → 0.3.1 [#138, target 0.3.0 superseded] Rust toolchain: - Docker base image rust 1.95-slim → 1.96-slim [#147] - Align rust-toolchain.toml channel and Cargo.toml MSRV to 1.96.0, plus docker-compose RUST_VERSION and the setup/deployment/maintainer/README docs. sqlx 0.9 breaking change: - sqlx 0.9 only implements SqlSafeStr for &'static str; runtime-built query strings now require an explicit safety assertion. Added a single audited choke point `db::audited_sql()` (wraps sqlx::AssertSqlSafe) with one authoritative doc comment, and routed all dynamic-SQL call sites through it (vectors, api, cleanup, mcp, main, integration tests). Every such string is composed only from literals and bind-parameter markers; all values are bound. Verified: backend build (all targets) + 1900+ tests + clippy (strict) + fmt; frontend typecheck + build + tests + eslint + prettier; markdown/yaml lint + internal link check. * docs: align remaining Rust version refs in plan docs to 1.96 Follow-up to the dep consolidation: bump the two plan-doc Rust references (builtin-llm prerequisites and the illustrative CI Dockerfile snippet) from 1.95 to 1.96 to match the upgraded toolchain. Immutable historical records (ADRs, the march-2026 audit) are intentionally left as-is.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the eslint group in /frontend with 2 updates: eslint and typescript-eslint.
Updates
eslintfrom 10.4.0 to 10.4.1Release notes
Sourced from eslint's releases.
Commits
4a3d15a10.4.143e7e2bBuild: changelog update for 10.4.1e557467fix: update@eslint/plugin-kitversion to 0.7.2 (#20930)b0e466btest: adddataproperty to invalid tests cases for rules (#20924)d4ce898fix: propagate failures from delegated commands (#20917)f4f3507fix: prefer-arrow-callback invalid autofix with newline afterasync(#20916)f78838btest: add CodePath type coverage (#20904)61b0adddocs: remove deprecated rule from related rules ofmax-params(#20921)1daa4bdchore: updateeslint-plugin-eslint-commentstest data to latest commit (#20...002942cci: declare contents:read on update-readme workflow (#20919)Updates
typescript-eslintfrom 8.60.0 to 8.60.1Release notes
Sourced from typescript-eslint's releases.
Changelog
Sourced from typescript-eslint's changelog.
Commits
4f84a69chore(release): publish 8.60.11849b53chore: typecheck using tsgo (#12139)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions