Skip to content

chore(deps-dev): Bump eslint from 9.39.4 to 10.7.0#59

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/eslint-10.6.0
Closed

chore(deps-dev): Bump eslint from 9.39.4 to 10.7.0#59
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/eslint-10.6.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps eslint from 9.39.4 to 10.7.0.

Release notes

Sourced from eslint's releases.

v10.7.0

Features

  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032) (sethamus)
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063) (fnx)
  • 557fde8 feat: support computed Number.parseInt member access in radix rule (#21041) (Pixel)
  • 0b4a73b feat: add suggestions to no-compare-neg-zero (#21034) (den$)
  • 96cdd42 feat: report invalid signed numeric radix values in radix rule (#21030) (Pixel)

Bug Fixes

  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069) (Pixel)
  • 0d7d70c fix: insert cause outside wrapping parens in preserve-caught-error (#21062) (Mahin Anowar)
  • 75ec753 fix: handle static template literals in eqeqeq rule (#21058) (Pixel)
  • b717a22 fix: prevent eqeqeq null option from reporting non-equality operators (#21057) (Pixel)
  • e35b05f fix: avoid no-invalid-regexp false positive for shadowed RegExp (#21051) (Pixel)
  • a3172b6 fix: avoid no-control-regex false positive for shadowed RegExp (#21050) (Pixel)
  • d1f637e fix: parenthesize sequence expression operands in no-implicit-coercion (#21045) (spokodev)
  • 8859baf fix: avoid prefer-numeric-literals false positive for shadowed globals (#21047) (한국)
  • a9e5961 fix: use-isnan false positive on shadowed NaN/Number (#20958) (sethamus)
  • 8a240a7 fix: avoid false positives in radix rule for spread arguments (#21044) (Pixel)

Documentation

  • c30d808 docs: Update README (GitHub Actions Bot)
  • 5139800 docs: document ESLint migration codemods in v9 and v10 guides (#20980) (Alex Bit)
  • 04174cb docs: Update README (GitHub Actions Bot)
  • 026e130 docs: update semver policy for bug fixes (#21048) (Milos Djermanovic)
  • 9d42fef docs: Update README (GitHub Actions Bot)
  • b230159 docs: Update README (GitHub Actions Bot)
  • 0129972 docs: correct **/.js glob to **/*.js in config files guide (#21036) (EduardF1)

Chores

  • 9489379 chore: update dependency @​eslint/eslintrc to ^3.3.6 (#21076) (renovate[bot])
  • 81a4774 chore: updates for v9.39.5 release (Jenkins)
  • 9835414 chore: enable $ExpectType annotations in all TypeScript files (#21071) (Francesco Trotta)
  • 72adf6b chore: restrict markdownlint-cli2 updates in renovate (#21067) (lumir)
  • 833ec10 chore: update dependency prettier to v3.9.4 (#21061) (renovate[bot])
  • 7ea106d chore: update ecosystem plugins (#21059) (ESLint Bot)
  • 8fb550e chore: add prettier update commit to .git-blame-ignore-revs (#21056) (lumir)
  • e4e1166 chore: update dependency prettier to v3.9.1 (#21055) (renovate[bot])
  • 0493f53 chore: update prettier to v3.9.0 (#21054) (Pixel)
  • 1056a99 chore: update dependency prettier to v3.8.5 (#21049) (renovate[bot])
  • 4d4155d ci: run ecosystem tests on pull requests (#21027) (sethamus)
  • 993539f chore: update dependency @​eslint/json to ^2.0.1 (#21042) (renovate[bot])
  • 53f8b69 test: add error locations to no-constant-binary-expression (#21039) (lumir)
  • 5ab71d5 refactor: clean up radix rule internals (#21015) (Pixel)
  • a80a9a4 chore: update ecosystem plugins (#21035) (ESLint Bot)
  • 7c9a029 ci: add Node.js 26 to CI (#20847) (lumir)

v10.6.0

Features

  • b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981) (Taejin Kim)

... (truncated)

Commits
  • fabd99b 10.7.0
  • 37c5e75 Build: changelog update for 10.7.0
  • 9489379 chore: update dependency @​eslint/eslintrc to ^3.3.6 (#21076)
  • 81a4774 chore: updates for v9.39.5 release
  • 3e7bf15 fix: apply ignoreClassesWithImplements to class expressions (#21069)
  • 9835414 chore: enable $ExpectType annotations in all TypeScript files (#21071)
  • cf2a9bf feat: add errorClassNames option to preserve-caught-error rule (#21032)
  • c30d808 docs: Update README
  • f8b873a feat: max-nested-callbacks option for constructor callbacks (#21063)
  • 72adf6b chore: restrict markdownlint-cli2 updates in renovate (#21067)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 1, 2026
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@eslint/config-array 0.23.5 UnknownUnknown
npm/@eslint/config-helpers 0.6.0 UnknownUnknown
npm/@eslint/eslintrc 3.3.6 🟢 5.6
Details
CheckScoreReason
Code-Review🟢 3Found 9/29 approved changesets -- score normalized to 3
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1018 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/object-schema 3.0.5 UnknownUnknown
npm/@types/esrecurse 4.3.1 🟢 6.6
Details
CheckScoreReason
Code-Review🟢 9Found 28/30 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 9license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Fuzzing⚠️ 0project is not fuzzed
npm/eslint 10.7.0 🟢 6.6
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 8Found 22/27 approved changesets -- score normalized to 8
License🟢 10license file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/eslint-scope 9.1.2 UnknownUnknown
npm/js-yaml 4.3.0 🟢 6
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 29 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/30 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
License🟢 10license file detected
Fuzzing🟢 10project is fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy🟢 4security policy file detected

Scanned Files

  • package-lock.json

@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/eslint-10.6.0 branch 3 times, most recently from 26b1c83 to 49f8b00 Compare July 3, 2026 14:50
@dependabot dependabot Bot changed the title chore(deps-dev): Bump eslint from 9.39.4 to 10.6.0 chore(deps-dev): Bump eslint from 9.39.4 to 10.7.0 Jul 12, 2026
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/eslint-10.6.0 branch 2 times, most recently from 7f6a0bd to ccab0a5 Compare July 12, 2026 22:41
---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.6.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/eslint-10.6.0 branch from ccab0a5 to d8b221e Compare July 13, 2026 11:03
@dependabot @github

dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #68.

@dependabot dependabot Bot closed this Jul 15, 2026
@dependabot
dependabot Bot deleted the dependabot/npm_and_yarn/eslint-10.6.0 branch July 15, 2026 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants