chore(deps-dev): bump eslint-plugin-github from 4.10.2 to 6.0.0 #4
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=80&v=4){kind=small}
dependabot
bot
added
dependencies
Bumps [eslint-plugin-github](https://github.com/github/eslint-plugin-github) from 4.10.2 to 6.0.0. - [Release notes](https://github.com/github/eslint-plugin-github/releases) - [Commits](github/eslint-plugin-github@v4.10.2...v6.0.0) --- updated-dependencies: - dependency-name: eslint-plugin-github dependency-version: 6.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/eslint-plugin-github-6.0.0
branch
from
dce1f74 to
5c02348
Compare
|
WalkthroughThis update focuses on upgrading the eslint-plugin-github dependency from v4.10.2 to v6.0.0. The major version change introduces ESM-only format and requires Node.js 20.x+. The upgrade includes significant updates to core dependencies like TypeScript, Prettier, and ESLint-related packages, along with enhanced security patches and compatibility improvements. Changes
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
There was a problem hiding this comment.
Files selected (2)
- package.json (1)
- pnpm-lock.yaml (71)
Review comments generated (5)
- Review: 4
- LGTM: 1
提示
与 
AIGNE CodeSmith (@codesmith) 聊天
- 回复此机器人留下的审查评论以提出后续问题。审查评论是对差异或文件的评论。
- 通过在回复中标记
@codesmith邀请机器人加入审查评论链。
代码建议
- 机器人可能会提出代码建议,但在提交前请仔细审查它们,因为行号范围可能会不对齐。
- 你可以编辑机器人做出的评论,并在建议稍有偏差时手动调整。
暂停增量审查
- 在 PR 描述中的任何位置添加
@codesmith: ignore以暂停机器人的进一步审查。
| [email protected]: | ||
| resolution: {integrity: sha512-ypowyDxpVSYpkXr9WPv2PAZCtNip1Mv5KTW0SCurXv/9iOpcrH9PaqUElksqEB6pChqHGDRCFTyrZlGhnLNGiA==} | ||
| engines: {node: ^12.22.0 || ^14.17.0 || >=16.0.0} | ||
| deprecated: This version is no longer supported. Please see https://eslint.org/version-support for other options. |
There was a problem hiding this comment.
The version of ESLint being used (8.57.1) is marked as deprecated with a warning message. This could lead to future compatibility issues and security vulnerabilities.
- [email protected]:
+ # Consider upgrading to a supported ESLint version per https://eslint.org/version-support| eslint-plugin-filenames: 1.3.2([email protected]) | ||
| eslint-plugin-i18n-text: 1.0.1([email protected]) | ||
| eslint-plugin-import: 2.31.0(@typescript-eslint/parser@7.18.0([email protected])(typescript@4.9.5))([email protected]) | ||
| eslint-plugin-import: 2.31.0(@typescript-eslint/parser@8.41.0([email protected])(typescript@5.9.2))([email protected]) |
There was a problem hiding this comment.
There's a potential version mismatch in the dependency chain where eslint-plugin-import is using a newer TypeScript parser version (8.41.0) than what's specified in the project. This could cause type checking inconsistencies.
| prettier: 3.5.3 | ||
| prettier: 3.6.2 | ||
| svg-element-attributes: 1.3.1 | ||
| typescript: 5.9.2 |
There was a problem hiding this comment.
The TypeScript version is being specified multiple times with different versions (4.9.5 and 5.9.2) which could lead to inconsistent type checking behavior across the project.
| eslint: 8.57.1 | ||
| typescript: 5.9.2 |
There was a problem hiding this comment.
The typescript-eslint package has both ESLint and TypeScript as direct dependencies which could cause version conflicts with the project's peer dependencies.
The rest of the changes appear to be routine dependency updates and version synchronization changes that don't present critical issues.
Bumps eslint-plugin-github from 4.10.2 to 6.0.0.
Release notes
Sourced from eslint-plugin-github's releases.
... (truncated)
Commits
139bf63Merge pull request #622 from 43081j/esm-onlyba655eaMerge branch 'main' into esm-only88ccca2Merge pull request #621 from 43081j/meta-lints2174e40feat: move to esm-onlydef8ceachore: update rule meta to satisfiy lint rules4832156Merge pull request #620 from github/dependabot/npm_and_yarn/all-dependencies-...c613603chore(deps): bump the all-dependencies group with 4 updates83669fachore(deps): bump the all-dependencies group with 8 updates (#619)632d445chore(deps): bump eslint-config-prettier in the all-dependencies group (#618)ea508d2Merge pull request #617 from github/dependabot/npm_and_yarn/all-dependencies-...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)Release Notes
Chore:
This update improves security and compatibility with modern JavaScript tooling. Users on Node.js versions below 20.x should continue using eslint-plugin-github v5.x until they can upgrade their Node.js environment.