Skip to content

chore(deps-dev): bump eslint from 9.39.2 to 10.0.3#88

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/eslint-10.0.3
Closed

chore(deps-dev): bump eslint from 9.39.2 to 10.0.3#88
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/eslint-10.0.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 7, 2026
edited
Loading

Bumps eslint from 9.39.2 to 10.0.3.

Release notes

Sourced from eslint's releases.

v10.0.3

Bug Fixes

  • e511b58 fix: update eslint (#20595) (renovate[bot])
  • f4c9cf9 fix: include variable name in no-useless-assignment message (#20581) (sethamus)
  • ee9ff31 fix: update dependency minimatch to ^10.2.4 (#20562) (Milos Djermanovic)

Documentation

  • 9fc31b0 docs: Update README (GitHub Actions Bot)
  • 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570) (DesselBane)
  • 23b2759 docs: add v10 migration guide link to Use docs index (#20577) (Pixel998)
  • 80259a9 docs: Remove deprecated eslintrc documentation files (#20472) (Copilot)
  • 9b9b4ba docs: fix typo in no-await-in-loop documentation (#20575) (Pixel998)
  • e7d72a7 docs: document TypeScript 5.3 minimum supported version (#20547) (sethamus)

Chores

  • ef8fb92 chore: package.json update for eslint-config-eslint release (Jenkins)
  • e8f2104 chore: updates for v9.39.4 release (Jenkins)
  • 5cd1604 refactor: simplify isCombiningCharacter helper (#20524) (Huáng Jùnliàng)
  • 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586) (Milos Djermanovic)
  • e32df71 chore: update eslint-plugin-eslint-comments, remove legacy-peer-deps (#20576) (Milos Djermanovic)
  • 53ca6ee chore: disable eslint-comments/no-unused-disable rule (#20578) (Milos Djermanovic)
  • e121895 ci: pin Node.js 25.6.1 (#20559) (Milos Djermanovic)
  • efc5aef chore: update tsconfig.json in eslint-config-eslint (#20551) (Francesco Trotta)

v10.0.2

Bug Fixes

  • 2b72361 fix: update ajv to 6.14.0 to address security vulnerabilities (#20537) (루밀LuMir)

Documentation

  • 13eeedb docs: link rule type explanation to CLI option --fix-type (#20548) (Mike McCready)
  • 98cbf6b docs: update migration guide per Program range change (#20534) (Huáng Jùnliàng)
  • 61a2405 docs: add missing semicolon in vars-on-top rule example (#20533) (Abilash)

Chores

  • 951223b chore: update dependency @​eslint/eslintrc to ^3.3.4 (#20553) (renovate[bot])
  • 6aa1afe chore: update dependency eslint-plugin-jsdoc to ^62.7.0 (#20536) (Milos Djermanovic)

v10.0.1

Bug Fixes

  • c87d5bd fix: update eslint (#20531) (renovate[bot])
  • d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
  • 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
  • 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

  • 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
  • 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
  • b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

... (truncated)

Commits
  • bfce7ea 10.0.3
  • d44ced8 Build: changelog update for 10.0.3
  • e511b58 fix: update eslint (#20595)
  • ef8fb92 chore: package.json update for eslint-config-eslint release
  • e8f2104 chore: updates for v9.39.4 release
  • 5cd1604 refactor: simplify isCombiningCharacter helper (#20524)
  • 9fc31b0 docs: Update README
  • 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586)
  • f4c9cf9 fix: include variable name in no-useless-assignment message (#20581)
  • 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 7, 2026

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot mentioned this pull request Mar 7, 2026
Closed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 7, 2026
edited
Loading

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 0733ef0.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@eslint/config-array 0.23.3 UnknownUnknown
npm/@eslint/config-helpers 0.5.3 UnknownUnknown
npm/@eslint/core 1.1.1 UnknownUnknown
npm/@eslint/object-schema 3.0.3 UnknownUnknown
npm/@eslint/plugin-kit 0.6.1 UnknownUnknown
npm/@types/esrecurse 4.3.1 🟢 6.5
Details
CheckScoreReason
Code-Review🟢 8Found 25/30 approved changesets -- score normalized to 8
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies🟢 8dependency not pinned by hash detected -- score normalized to 8
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
npm/acorn 8.16.0 🟢 5
Details
CheckScoreReason
Maintained🟢 109 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Code-Review🟢 3Found 10/29 approved changesets -- score normalized to 3
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Security-Policy⚠️ 0security policy file not detected
License⚠️ 0license file not detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/brace-expansion 5.0.5 🟢 6.3
Details
CheckScoreReason
Maintained🟢 1016 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review⚠️ 2Found 7/24 approved changesets -- score normalized to 2
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy🟢 10security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 9license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/eslint 10.1.0 🟢 6.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 18/22 approved changesets -- score normalized to 8
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 9SAST tool detected but not run on all commits
npm/eslint-scope 9.1.2 UnknownUnknown
npm/eslint-visitor-keys 5.0.1 UnknownUnknown
npm/espree 11.2.0 UnknownUnknown
npm/minimatch 10.2.5 🟢 6.2
Details
CheckScoreReason
Code-Review⚠️ 0Found 1/28 approved changesets -- score normalized to 0
Maintained🟢 1029 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • package-lock.json

@github-actions github-actions bot added the size/l label Mar 7, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-10.0.3 branch from 27948d3 to 2ef5d90 Compare March 7, 2026 12:28
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-10.0.3 branch from 2ef5d90 to 53504e2 Compare April 3, 2026 19:32
@dependabot
chore(deps-dev): bump eslint from 9.39.2 to 10.0.3
0733ef0 
Bumps [eslint](https://github.com/eslint/eslint) from 9.39.2 to 10.0.3.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.2...v10.0.3)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-10.0.3 branch from 53504e2 to 0733ef0 Compare April 3, 2026 19:36
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 4, 2026

Superseded by #102.

@dependabot dependabot bot closed this Apr 4, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/eslint-10.0.3 branch April 4, 2026 03:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies size/l

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants