Skip to content

Update dependency eslint to v9.38.0 #4631

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency eslint to v9.38.0 #4631

wants to merge 1 commit into from

Conversation

renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Oct 3, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
eslint (source) 9.36.0 -> 9.38.0 age adoption passing confidence

Release Notes

eslint/eslint (eslint)

v9.38.0

Compare Source

Features

  • ce40f74 feat: update complexity rule to only highlight function header (#​20048) (Atul Nair)
  • e37e590 feat: correct no-loss-of-precision false positives with e notation (#​20187) (Francesco Trotta)

Bug Fixes

  • 50c3dfd fix: improve type support for isolated dependencies in pnpm (#​20201) (Francesco Trotta)
  • a1f06a3 fix: correct SourceCode typings (#​20114) (Pixel998)

Documentation

  • 462675a docs: improve web accessibility by hiding non-semantic character (#​20205) (루밀LuMir)
  • c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#​20203) (루밀LuMir)
  • b39e71a docs: Update README (GitHub Actions Bot)
  • cd39983 docs: move custom-formatters type descriptions to nodejs-api (#​20190) (Percy Ma)

Chores

v9.37.0

Compare Source

Features

  • 39f7fb4 feat: preserve-caught-error should recognize all static "cause" keys (#​20163) (Pixel998)
  • f81eabc feat: support TS syntax in no-restricted-imports (#​19562) (Nitin Kumar)

Bug Fixes

Documentation

  • b950359 docs: fix typos across the docs (#​20182) (루밀LuMir)
  • 42498a2 docs: improve ToC accessibility by hiding non-semantic character (#​20181) (Percy Ma)
  • 29ea092 docs: Update README (GitHub Actions Bot)
  • 5c97a04 docs: show availableUntil in deprecated rule banner (#​20170) (Pixel998)
  • 90a71bf docs: update README files to add badge and instructions (#​20115) (루밀LuMir)
  • 1603ae1 docs: update references from master to main (#​20153) (루밀LuMir)

Chores

  • afe8a13 chore: update @eslint/js dependency to version 9.37.0 (#​20183) (Francesco Trotta)
  • abee4ca chore: package.json update for @​eslint/js release (Jenkins)
  • fc9381f chore: fix typos in comments (#​20175) (overlookmotel)
  • e1574a2 chore: unpin jiti (#​20173) (renovate[bot])
  • e1ac05e refactor: mark ESLint.findConfigFile() as async, add missing docs (#​20157) (Pixel998)
  • 347906d chore: update eslint (#​20149) (renovate[bot])
  • 0cb5897 test: remove tmp dir created for circular fixes in multithread mode test (#​20146) (Milos Djermanovic)
  • bb99566 ci: pin jiti to version 2.5.1 (#​20151) (Pixel998)
  • 177f669 perf: improve worker count calculation for "auto" concurrency (#​20067) (Francesco Trotta)
  • 448b57b chore: Mark deprecated formatting rules as available until v11.0.0 (#​20144) (Milos Djermanovic)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@forking-renovate forking-renovate bot added the dependencies A dependency upgrade label Oct 3, 2025
@renovate-bot renovate-bot added the dependencies A dependency upgrade label Oct 3, 2025
@renovate-bot renovate-bot changed the title Update dependency eslint to v9.37.0 Update dependency eslint to v9.38.0 Oct 18, 2025
@socket-security
Copy link

socket-security bot commented Oct 18, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addednpm/​vue-tsc@​3.0.61001006795100
Addednpm/​@​tsconfig/​node22@​22.0.21001007081100
Addednpm/​@​types/​jsdom@​27.0.01001007483100
Addednpm/​u-node@​0.0.2771009875100
Addednpm/​flush-promises@​1.0.21001007977100
Addednpm/​lz-string@​1.5.01001008678100
Addednpm/​vuedraggable@​4.1.09910010078100
Addednpm/​vitest@​3.2.4981007999100
Addednpm/​vue-tippy@​6.7.11001009980100
Addednpm/​@​types/​node@​22.18.81001008196100
Updatednpm/​lodash@​3.10.1 ⏵ 4.17.21100100 +7587 -1381100
Updatednpm/​eventemitter3@​4.0.7 ⏵ 5.0.110010099 +182100
Addednpm/​vite@​7.1.798938299100
Addednpm/​@​vue/​test-utils@​2.4.6991008883100
Addednpm/​vue3-touch-events@​5.0.1310010010084100
Addednpm/​jquery@​3.7.11001009184100
Addednpm/​@​vue/​tsconfig@​0.7.01001009984100
Addednpm/​@​vue/​eslint-config-prettier@​10.2.01001008485100
Addednpm/​sinon@​21.0.0991009886100
Addednpm/​npm-run-all2@​8.0.4991009986100
Addednpm/​@​vue/​eslint-config-typescript@​14.6.010010010088100
Addednpm/​@​vitejs/​plugin-vue@​6.0.110010010088100
Addednpm/​vue-i18n@​11.1.12991009689100
Addednpm/​jiti@​2.6.09910010089100
Addednpm/​typescript@​5.9.3100100909990
Addednpm/​jsdom@​27.0.09810010090100
Addednpm/​dompurify@​3.2.61001001009090
Addednpm/​eslint-plugin-vue@​10.5.0991009192100
Addednpm/​vue@​3.5.221001009292100
Addednpm/​eslint@​9.38.09710010096100
Addednpm/​@​vitest/​eslint-plugin@​1.3.499100100100100

View full report

@socket-security
Copy link

socket-security bot commented Oct 18, 2025
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
npm/[email protected] has Obfuscated code.

Confidence: 0.94

Location: Package overview

From: xwiki-platform-core/xwiki-platform-livedata/xwiki-platform-livedata-webjar/src/main/node/package-lock.jsonnpm/[email protected]npm/[email protected]

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@manuelleduc manuelleduc

Labels

dependencies A dependency upgrade

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@renovate-bot @manuelleduc