Bump the npm-development group across 1 directory with 2 updates#20
Bump the npm-development group across 1 directory with 2 updates#20dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps the npm-development group with 1 update in the / directory: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin). Updates `@typescript-eslint/eslint-plugin` from 8.57.0 to 8.57.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.1/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.57.0 to 8.57.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.1/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.57.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development - dependency-name: "@typescript-eslint/parser" dependency-version: 8.57.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-development ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| "@types/jest": "^30.0.0", | ||
| "@types/node": "^25.5.0", | ||
| "@typescript-eslint/eslint-plugin": "^8.57.0", | ||
| "@typescript-eslint/eslint-plugin": "^8.57.1", |
There was a problem hiding this comment.
Parser version not bumped to match plugin peer dependency
Low Severity
@typescript-eslint/eslint-plugin 8.57.1 declares a peer dependency on @typescript-eslint/parser: "^8.57.1", but package.json still specifies @typescript-eslint/parser as "^8.57.0". The lock file currently resolves the parser to 8.57.1 so it works today, but the semver range ^8.57.0 permits resolving to 8.57.0, which would violate the plugin's peer dependency. A fresh install without a lock file could trigger peer dependency warnings or errors.
Additional Locations (1)
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 2 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="package.json">
<violation number="1" location="package.json:57">
P3: `@typescript-eslint/eslint-plugin` 8.57.1 declares a peer dependency on `@typescript-eslint/parser: "^8.57.1"`, but the parser range on the next line is still `"^8.57.0"`. The lock file happens to resolve 8.57.1 today, but `^8.57.0` permits 8.57.0, which would violate the peer dependency on a fresh install without a lock file. Bump the parser range to `"^8.57.1"` to keep them in sync.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| "@types/jest": "^30.0.0", | ||
| "@types/node": "^25.5.0", | ||
| "@typescript-eslint/eslint-plugin": "^8.57.0", | ||
| "@typescript-eslint/eslint-plugin": "^8.57.1", |
There was a problem hiding this comment.
P3: @typescript-eslint/eslint-plugin 8.57.1 declares a peer dependency on @typescript-eslint/parser: "^8.57.1", but the parser range on the next line is still "^8.57.0". The lock file happens to resolve 8.57.1 today, but ^8.57.0 permits 8.57.0, which would violate the peer dependency on a fresh install without a lock file. Bump the parser range to "^8.57.1" to keep them in sync.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At package.json, line 57:
<comment>`@typescript-eslint/eslint-plugin` 8.57.1 declares a peer dependency on `@typescript-eslint/parser: "^8.57.1"`, but the parser range on the next line is still `"^8.57.0"`. The lock file happens to resolve 8.57.1 today, but `^8.57.0` permits 8.57.0, which would violate the peer dependency on a fresh install without a lock file. Bump the parser range to `"^8.57.1"` to keep them in sync.</comment>
<file context>
@@ -54,7 +54,7 @@
"@types/jest": "^30.0.0",
"@types/node": "^25.5.0",
- "@typescript-eslint/eslint-plugin": "^8.57.0",
+ "@typescript-eslint/eslint-plugin": "^8.57.1",
"@typescript-eslint/parser": "^8.57.0",
"eslint": "^10.0.1",
</file context>
|
Looks like these dependencies are no longer updatable, so this is no longer needed. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/npm-development-022b382580
branch
Bumps the npm-development group with 1 update in the / directory: @typescript-eslint/eslint-plugin.
Updates
@typescript-eslint/eslint-pluginfrom 8.57.0 to 8.57.1Release notes
Sourced from
@typescript-eslint/eslint-plugin's releases.Changelog
Sourced from
@typescript-eslint/eslint-plugin's changelog.Commits
c7c38aachore(release): publish 8.57.1e114629fix(eslint-plugin): [prefer-optional-chain] no report for property on interse...Updates
@typescript-eslint/parserfrom 8.57.0 to 8.57.1Release notes
Sourced from
@typescript-eslint/parser's releases.Changelog
Sourced from
@typescript-eslint/parser's changelog.Commits
c7c38aachore(release): publish 8.57.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions