chore(deps-dev): Bump the npm group with 3 updates#62
Conversation
Bumps the npm group with 3 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [@valibot/to-json-schema](https://github.com/open-circle/valibot). Updates `@typescript-eslint/eslint-plugin` from 8.60.1 to 8.61.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.60.1 to 8.61.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.0/packages/parser) Updates `@valibot/to-json-schema` from 1.7.0 to 1.7.1 - [Release notes](https://github.com/open-circle/valibot/releases) - [Commits](https://github.com/open-circle/valibot/commits) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.61.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@typescript-eslint/parser" dependency-version: 8.61.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm - dependency-name: "@valibot/to-json-schema" dependency-version: 1.7.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
LGTM — minor/patch dev-dep bumps from Dependabot.
Extended reasoning...
Overview
This PR bumps three dev dependencies in package.json and pnpm-lock.yaml: @typescript-eslint/eslint-plugin and @typescript-eslint/parser from 8.60.1 → 8.61.0 (minor), and @valibot/to-json-schema from 1.7.0 → 1.7.1 (patch). A transitive semver bump from 7.8.3 → 7.8.4 also appears in the lockfile.
Security risks
None identified. All three are dev-only dependencies used for linting and schema generation, not shipped at runtime. Release notes describe internal type tightening, a line-terminator parsing fix, and a JSON Pointer encoding fix — no security-sensitive changes.
Level of scrutiny
Low. This is a routine grouped Dependabot bump touching only package.json and pnpm-lock.yaml, with no source changes. Same shape as the project's other auto-merged dependency PRs in recent history.
Other factors
No previous reviewer comments or unresolved feedback. Bug hunting system found nothing. The action's bundled dist/ output is unaffected since these are devDependencies.
|
| Experiment | Status | Actions |
|---|---|---|
| Uppercase (py) | ✅ Pass | View GitHub Action Run · View in Langfuse |
| Uppercase (ts) | ✅ Pass | View GitHub Action Run · View in Langfuse |
| Mixed dir (node) | ✅ Pass | View GitHub Action Run · View in Langfuse |
| Mixed dir (python) | ✅ Pass | View GitHub Action Run · View in Langfuse |
| Regression fixture | ❌ Regression | View GitHub Action Run · View in Langfuse |
Details
Bumps the npm group with 3 updates: @typescript-eslint/eslint-plugin, @typescript-eslint/parser and @valibot/to-json-schema.
Updates
@typescript-eslint/eslint-pluginfrom 8.60.1 to 8.61.0Release notes
Sourced from @typescript-eslint/eslint-plugin's releases.
Changelog
Sourced from @typescript-eslint/eslint-plugin's changelog.
Commits
16a5b24chore(release): publish 8.61.0ef1fd28feat(ast-spec): change type ofUnaryExpression.prefixto alwaystrue(#12...Updates
@typescript-eslint/parserfrom 8.60.1 to 8.61.0Release notes
Sourced from @typescript-eslint/parser's releases.
Changelog
Sourced from @typescript-eslint/parser's changelog.
Commits
16a5b24chore(release): publish 8.61.0Updates
@valibot/to-json-schemafrom 1.7.0 to 1.7.1Release notes
Sourced from @valibot/to-json-schema's releases.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions