chore(deps): bump the npm-dependencies group across 2 directories with 3 updates#2253
chore(deps): bump the npm-dependencies group across 2 directories with 3 updates#2253dependabot[bot] wants to merge 1 commit into
Conversation
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.OpenSSF ScorecardScorecard details
Scanned Files
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2253 +/- ##
==========================================
+ Coverage 81.64% 81.72% +0.07%
==========================================
Files 130 120 -10
Lines 19471 19395 -76
Branches 12 0 -12
==========================================
- Hits 15898 15850 -48
+ Misses 3570 3545 -25
+ Partials 3 0 -3
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
Eval Execution✅ Status: Passed
No changed AI artifacts required evaluation. |
There was a problem hiding this comment.
Dependency Review — Safety Check Results
Changes Summary
| Dependency | Directory | Old Version | New Version | Bump Type |
|---|---|---|---|---|
@typescript-eslint/parser |
docs/docusaurus |
8.62.0 | 8.62.1 | Patch |
eslint |
docs/docusaurus |
9.39.4 | 10.6.0 | Major |
@github/copilot |
evals/beval |
1.0.63 | 1.0.65 | Patch |
Safety Checks
| Check | Result |
|---|---|
| License compatibility | ✅ @typescript-eslint/parser and eslint are MIT. @github/copilot carries SEE LICENSE IN LICENSE.md (existing, previously accepted). |
| SHA pinning (GitHub Actions) | ✅ No workflow files modified. |
| New dependencies introduced | ✅ None — all are version bumps of existing dependencies. |
| Environment sync (devcontainer / setup steps) | ✅ Not affected by this PR. |
| Known vulnerabilities (Dependabot assessment) | ✅ No vulnerabilities flagged. |
Findings
@typescript-eslint/parser 8.62.0 → 8.62.1 (patch): Low risk. The changelog confirms this is a version-alignment release with no parser-specific code changes.
eslint 9.39.4 → 10.6.0 (major — requires human review): ESLint v10 is a major release with breaking changes. Key items to verify before merging:
- Node.js ≥ v20 is required (v18 support was dropped).
- Deprecated APIs removed in v10 — any custom rules or configs using removed APIs will break.
eslint:recommendedrule set was updated, which may surface new lint failures.
Please confirm the Docusaurus lint/build CI checks pass with this bump. See the inline comment on docs/docusaurus/package.json for details.
@github/copilot 1.0.63 → 1.0.65 (patch): Two consecutive patch releases (1.0.63 → 1.0.64 → 1.0.65). The changelog describes bug fixes and incremental features in the Copilot CLI. Low risk for the evaluation harness.
i️ This review is informational. No approval is granted — human merge review is required.
Generated by Dependabot PR Review for issue #2253 · 237.9 AIC · ⌖ 12.8 AIC · ⊞ 46.4K
| "@typescript-eslint/parser": "8.62.0", | ||
| "eslint": "9.39.4", | ||
| "@typescript-eslint/parser": "8.62.1", | ||
| "eslint": "10.6.0", |
There was a problem hiding this comment.
eslint 9.39.4 → 10.6.0
This is a major version upgrade (v9 → v10). ESLint v10 includes breaking changes that should be verified before merging:
- Node.js compatibility: ESLint v10 dropped support for Node.js v18; Node.js v20 or later is required.
- Removed deprecated APIs: Several APIs deprecated in v9 have been removed.
eslint:recommendedupdates: Rule set changes may cause new lint failures.
Please confirm the Docusaurus build/lint pipeline still passes and that the CI environment meets the Node.js ≥ v20 requirement.
…h 3 updates Bumps the npm-dependencies group with 2 updates in the /docs/docusaurus directory: [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [eslint](https://github.com/eslint/eslint). Bumps the npm-dependencies group with 1 update in the /evals/beval directory: [@github/copilot](https://github.com/github/copilot-cli). Updates `@typescript-eslint/parser` from 8.62.0 to 8.62.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/parser) Updates `eslint` from 9.39.4 to 10.6.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.4...v10.6.0) Updates `@github/copilot` from 1.0.63 to 1.0.67 - [Release notes](https://github.com/github/copilot-cli/releases) - [Changelog](https://github.com/github/copilot-cli/blob/main/changelog.md) - [Commits](github/copilot-cli@v1.0.63...v1.0.67) --- updated-dependencies: - dependency-name: "@github/copilot" dependency-version: 1.0.65 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: npm-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.62.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-dependencies - dependency-name: eslint dependency-version: 10.6.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: npm-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
7514e8c to
66ea650
Compare
There was a problem hiding this comment.
Dependency Review — Safety Check Results
Three dependencies bumped across two directories. All safety checks passed except one finding that requires human attention.
Changes Summary
| Package | Directory | Old Version | New Version | Bump Type |
|---|---|---|---|---|
@typescript-eslint/parser |
docs/docusaurus |
8.62.0 | 8.62.1 | patch |
eslint |
docs/docusaurus |
9.39.4 | 10.6.0 | major |
@github/copilot |
evals/beval |
1.0.63 | 1.0.67 | patch |
Findings
✅ @typescript-eslint/parser 8.62.0 → 8.62.1 (patch)
- Changelog confirms: "version bump only for parser to align it with other projects, there were no code changes."
- License: MIT — compatible.
- No breaking changes. Safe to merge.
⚠️ eslint 9.39.4 → 10.6.0 (major — human review required)
- This is a major version bump across two major versions (v9 → v10).
- ESLint v10 introduced breaking changes including removal of previously deprecated APIs and rule changes. Human review of the Docusaurus ESLint configuration is recommended to confirm no rules or plugins break.
- License: MIT — compatible.
- Dependabot reports no known vulnerabilities.
✅ @github/copilot 1.0.63 → 1.0.67 (patch)
- Patch-level bump;
os-themeoptional dependency was dropped in this version (dependency cleanup, not a breaking change). - License:
SEE LICENSE IN LICENSE.md— this is an existing dependency, not newly introduced; no license compatibility change detected. - No breaking changes noted. Safe to merge pending the eslint finding above.
SHA Pinning
Not applicable — all changes are npm package dependencies, not GitHub Actions references. No GitHub Actions files were modified in this PR.
Environment Synchronization
Not applicable — changes are isolated to docs/docusaurus and evals/beval; neither .devcontainer/ nor copilot-setup-steps.yml were affected.
Verdict: The eslint major version bump (v9 → v10) warrants a human look at the Docusaurus lint configuration before merging. The two patch bumps are clean.
Generated by Dependabot PR Review for issue #2253 · 121.2 AIC · ⌖ 12.5 AIC · ⊞ 46.5K
Bumps the npm-dependencies group with 2 updates in the /docs/docusaurus directory: @typescript-eslint/parser and eslint.
Bumps the npm-dependencies group with 1 update in the /evals/beval directory: @github/copilot.
Updates
@typescript-eslint/parserfrom 8.62.0 to 8.62.1Release notes
Sourced from @typescript-eslint/parser's releases.
Changelog
Sourced from @typescript-eslint/parser's changelog.
Commits
3ea32f4chore(release): publish 8.62.1Updates
eslintfrom 9.39.4 to 10.6.0Release notes
Sourced from eslint's releases.
... (truncated)
Commits
5d12a0410.6.0f7ca54bBuild: changelog update for 10.6.06a42034ci: run ecosystem tests on main branch (#20891)b1f9106feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981)3dbacdbci: bump actions/checkout from 6 to 7 (#21014)c3abfcachore: correct JSDoc param types in html formatter (#21018)a83683ddocs: Update READMEa832320ci: split ecosystem tests into separate jobs (#21001)6b05784fix: prefer-exponentiation-operator invalid autofix at statement start (#20997)bb9eb2afix: account for shadowedBooleaninno-extra-boolean-cast(#21013)Updates
@github/copilotfrom 1.0.63 to 1.0.67Release notes
Sourced from @github/copilot's releases.
... (truncated)
Changelog
Sourced from @github/copilot's changelog.
... (truncated)
Commits
c802cc3Update changelog.md for version 1.0.66214d530Update changelog.md for version 1.0.65e7d294dUpdate changelog.md for version 1.0.64b71d117Update changelog.md for version 1.0.63