Skip to content

fix(deps): update minor updates (minor)#995

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/minor-updates
Open

fix(deps): update minor updates (minor)#995
renovate[bot] wants to merge 1 commit intomainfrom
renovate/minor-updates

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 14, 2026
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@eslint-react/eslint-plugin (source) 2.7.42.12.4 age confidence
astro-eslint-parser ^1.2.2^1.3.0 age confidence
globals 17.2.017.3.0 age confidence
pnpm (source) 10.28.210.29.3 age confidence
read-pkg ^10.0.0^10.1.0 age confidence

Release Notes

Rel1cx/eslint-react (@​eslint-react/eslint-plugin)

v2.12.4

Compare Source

🐞 Fixes
🪄 Improvements

Full Changelog: Rel1cx/eslint-react@v2.12.2...v2.12.4

v2.12.2

Compare Source

🐞 Fixes
  • Reduce the sensitivity of component detection to prevent false positives in certain rules, closes #​1488 by @​Rel1cx in #​1489

Full Changelog: Rel1cx/eslint-react@v2.12.1...v2.12.2

v2.12.1

Compare Source

🐞 Fixes
  • Check all union constituents and allow all types under React namespace in no-implicit-key by @​Rel1cx in #​1487

Full Changelog: Rel1cx/eslint-react@v2.12.0...v2.12.1

v2.12.0

Compare Source

🪄 Improvements
📝 Changes you should be aware of

ESLint v10 is now supported and used throughout the repository. The minimum required ESLint version remains v8.57.0, but the project now supports and is tested against ESLint v10.

Full Changelog: Rel1cx/eslint-react@v2.11.2...v2.12.0

v2.11.2

Compare Source

🐞 Fixes
  • Implement a more robust check to handle cases that getFullyQualifiedName cannot handle in no-implicit-key, closes #​1476 by @​Rel1cx in #​1480
🪄 Improvements
  • Bump esbuild, node types, jsdoc plugin

Full Changelog: Rel1cx/eslint-react@v2.11.1...v2.11.2

v2.11.1

Compare Source

🐞 Fixes

Full Changelog: Rel1cx/eslint-react@v2.11.0...v2.11.1

v2.11.0

Compare Source

✨ New

Full Changelog: Rel1cx/eslint-react@v2.10.1...v2.11.0

v2.10.1

Compare Source

🐞 Fixes

Full Changelog: Rel1cx/eslint-react@v2.10.0...v2.10.1

v2.10.0

Compare Source

📝 Changes you should be aware of
  1. The no-implicit-key rule has been updated to use type checking and moved from recommended to type-checked presets.
  2. The no-unnecessary-use-ref rule has been moved to removed rules, because the rule is hard to get right.

Full Changelog: Rel1cx/eslint-react@v2.9.4...v2.10.0

v2.9.4

Compare Source

🐞 Fixes

Full Changelog: Rel1cx/eslint-react@v2.9.3...v2.9.4

v2.9.3

Compare Source

📝 Changes you should be aware of

The following rules have been deprecated and will be removed in the next major version:

  • no-default-props
  • no-prop-types
  • no-string-refs

For legacy codebases, use no-restricted-syntax as an alternative:

{
    files: ['**/*.jsx', '**/*.tsx'],
    rules: {
        "no-restricted-syntax": [
            "error",
            {
                "selector": "AssignmentExpression[operator='='][left.property.name='defaultProps']",
                "message": "[Deprecated] Use ES6 default parameters instead."
            },
            {
                "selector": "AssignmentExpression[operator='='][left.property.name='propTypes']",
                "message": "[Deprecated] Use TypeScript or another type-checking solution instead."
            },
            {
                "selector": "JSXAttribute[name.name='ref'][value.type='Literal']",
                "message": "[Deprecated] Use callback refs instead."
            }
        ]
    }
}

Full Changelog: Rel1cx/eslint-react@v2.9.2...v2.9.3

v2.9.2

🐞 Fixes
🪄 Improvements

Full Changelog: Rel1cx/eslint-react@v2.9.0...v2.9.2

v2.9.0

Compare Source

✨ New
🪄 Improvements
  • Move grouped docs from the global overview to per-plugin READMEs by @​Rel1cx in #​1449
📝 Changes you should be aware of

The no-non-async-server-functions rule has been migrated to rsc/function-definition. Please update your configuration accordingly if you are using it.

Full Changelog: Rel1cx/eslint-react@v2.8.4...v2.9.0

v2.8.4

Compare Source

🐞 Fixes

v2.8.3

Compare Source

✨ New

Full Changelog: Rel1cx/eslint-react@v2.8.1...v2.8.3

v2.8.1

Compare Source

✨ New
  • Function component detection now supports identifying components that don't return a ReactNode but have a 'use memo' or 'use no memo' directive by @​Rel1cx in #​1440
    The function in below example will be detected as a function component in relevant rules: 
    function App() {
  "use memo";
}

function App() {
  "use no memo";
}
🐞 Fixes

Full Changelog: Rel1cx/eslint-react@v2.8.0...v2.8.1

v2.8.0

Compare Source

✨ New
  • Function component detection now supports identifying components that don't return a ReactNode but call React Hooks by @​Rel1cx in #​1438
    The function in below example will be detected as a function component in relevant rules: 
    function App() {
  useEffect(() => {}, []);
}
🐞 Fixes

Full Changelog: Rel1cx/eslint-react@v2.7.4...v2.8.0

ota-meshi/astro-eslint-parser (astro-eslint-parser)

v1.3.0

Compare Source

Minor Changes
sindresorhus/globals (globals)

v17.3.0

Compare Source

pnpm/pnpm (pnpm)

v10.29.3

Compare Source

v10.29.2

Compare Source

v10.29.1: pnpm 10.29.1

Compare Source

Minor Changes

  • The pnpm dlx / pnpx command now supports the catalog: protocol. Example: pnpm dlx shx@catalog:.
  • Support configuring auditLevel in the pnpm-workspace.yaml file #​10540.
  • Support bare workspace: protocol without version specifier. It is now treated as workspace:* and resolves to the concrete version during publish #​10436.

Patch Changes

  • Fixed pnpm list --json returning incorrect paths when using global virtual store #​10187.

  • Fix pnpm store path and pnpm store status using workspace root for path resolution when storeDir is relative #​10290.

  • Fixed pnpm run -r failing with "No projects matched the filters" when an empty pnpm-workspace.yaml exists #​10497.

  • Fixed a bug where catalogMode: strict would write the literal string "catalog:" to pnpm-workspace.yaml instead of the resolved version specifier when re-adding an existing catalog dependency #​10176.

  • Fixed the documentation URL shown in pnpm completion --help to point to the correct page at https://pnpm.io/completion #​10281.

  • Skip local file: protocol dependencies during pnpm fetch. This fixes an issue where pnpm fetch would fail in Docker builds when local directory dependencies were not available #​10460.

  • Fixed pnpm audit --json to respect the --audit-level setting for both exit code and output filtering #​10540.

  • update tar to version 7.5.7 to fix security issue

    Updating the version of dependency tar to 7.5.7 because the previous one have a security vulnerability reported here: CVE-2026-24842

  • Fix pnpm audit --fix replacing reference overrides (e.g. $foo) with concrete versions #​10325.

  • Fix shamefullyHoist set via updateConfig in .pnpmfile.cjs not being converted to publicHoistPattern #​10271.

  • pnpm help should correctly report if the currently running pnpm CLI is bundled with Node.js #​10561.

  • Add a warning when the current directory contains the PATH delimiter character. On macOS, folder names containing forward slashes (/) appear as colons (:) at the Unix layer. Since colons are PATH separators in POSIX systems, this breaks PATH injection for node_modules/.bin, causing binaries to not be found when running commands like pnpm exec #​10457.

Platinum Sponsors

Bit

Gold Sponsors

Discord CodeRabbit Workleap
Stackblitz Vite
sindresorhus/read-pkg (read-pkg)

v10.1.0

Compare Source

Configuration

📅 Schedule: Branch creation - "after 10:00 before 19:00 every weekday except after 13:00 before 14:00" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from prisis as a code owner January 14, 2026 17:49
@renovate renovate bot added the c: dependencies Pull requests that adds/updates a dependency label Jan 14, 2026
@coderabbitai
Copy link

coderabbitai bot commented Jan 14, 2026
edited
Loading

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor

github-actions bot commented Jan 14, 2026
edited
Loading

Thank you for following the naming conventions! 🙏

@renovate renovate bot force-pushed the renovate/minor-updates branch from 803aede to 80c9859 Compare January 16, 2026 09:43
@renovate renovate bot changed the title fix(deps): update pnpm to v10.28.0 fix(deps): update minor updates (minor) Jan 16, 2026
@renovate renovate bot force-pushed the renovate/minor-updates branch 3 times, most recently from d57714b to 78feb2a Compare January 21, 2026 13:02
@socket-security
Copy link

socket-security bot commented Jan 21, 2026
edited
Loading

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

@renovate renovate bot force-pushed the renovate/minor-updates branch 3 times, most recently from 6c4eb41 to c6fd4e7 Compare January 28, 2026 11:06
@renovate renovate bot force-pushed the renovate/minor-updates branch from c6fd4e7 to 3a6e865 Compare February 2, 2026 10:40
@renovate renovate bot changed the title fix(deps): update minor updates (minor) fix(deps): update dependency @eslint-react/eslint-plugin to v2.8.1 Feb 2, 2026
@renovate renovate bot force-pushed the renovate/minor-updates branch from 3a6e865 to 045505c Compare February 4, 2026 09:30
@renovate renovate bot changed the title fix(deps): update dependency @eslint-react/eslint-plugin to v2.8.1 fix(deps): update minor updates (minor) Feb 4, 2026
@renovate renovate bot force-pushed the renovate/minor-updates branch 2 times, most recently from 03953e3 to 709bf2e Compare February 5, 2026 09:49
@socket-security
Copy link

socket-security bot commented Feb 5, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedastro-eslint-parser@​1.2.2 ⏵ 1.3.09510010087 +7100
Added@​eslint-react/​eslint-plugin@​2.12.49910010096100

View full report

@renovate renovate bot force-pushed the renovate/minor-updates branch 6 times, most recently from ea04b2a to 7d4377a Compare February 11, 2026 15:04
@renovate renovate bot force-pushed the renovate/minor-updates branch 3 times, most recently from f368f96 to 1543717 Compare February 16, 2026 09:09
@renovate
fix(deps): update minor updates
479e091 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
@renovate renovate bot force-pushed the renovate/minor-updates branch from 1543717 to 479e091 Compare February 17, 2026 10:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prisis prisis Awaiting requested review from prisis prisis is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

c: dependencies Pull requests that adds/updates a dependency

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants