chore(deps): bump the npm-dependencies group across 1 directory with 23 updates

[dependabot]

Bumps the npm-dependencies group with 22 updates in the / directory:

Package	From	To
@dotenvx/dotenvx	1.52.0	1.71.0
prettier	3.8.1	3.8.3
yaml	2.8.2	2.9.0
@primer/octicons-react	19.22.0	19.28.0
@primer/react	38.14.0	38.26.0
autoprefixer	10.4.27	10.5.0
json-2-csv	5.5.10	5.5.11
next	16.1.6	16.2.7
postcss	8.5.8	8.5.15
react	19.2.4	19.2.7
@types/react	19.2.14	19.2.16
react-dom	19.2.4	19.2.7
@types/node	25.3.3	25.9.1
@typescript-eslint/eslint-plugin	8.56.1	8.60.1
eslint	10.0.2	10.4.1
eslint-config-next	16.1.6	16.2.7
eslint-import-resolver-typescript	4.4.4	4.4.5
eslint-plugin-compat	7.0.1	7.0.2
eslint-plugin-primer-react	8.5.2	8.6.0
dotenv	17.3.1	17.4.2
fs-extra	11.3.3	11.3.5
vitest	4.0.18	4.1.8

Updates @dotenvx/dotenvx from 1.52.0 to 1.71.0

Release notes

Sourced from @​dotenvx/dotenvx's releases.

v1.71.0

see CHANGELOG

v1.70.0

see CHANGELOG

v1.69.2

see CHANGELOG

v1.69.1

see CHANGELOG

v1.69.0

see CHANGELOG

v1.68.1

see CHANGELOG

v1.68.0

see CHANGELOG

v1.67.0

see CHANGELOG

v1.66.0

see CHANGELOG

v1.65.3

see CHANGELOG

v1.65.2

see CHANGELOG

v1.65.1

see CHANGELOG

v1.65.0

see CHANGELOG

v1.64.0

see CHANGELOG

v1.63.0

see CHANGELOG

v1.62.0

see CHANGELOG

v1.61.6

see CHANGELOG

... (truncated)

Changelog

Sourced from @​dotenvx/dotenvx's changelog.

1.71.0 (2026-06-01)

Added

• Add optional automation --token support for Armor ⛨ users (#831)

1.70.0 (2026-05-31)

Changed

• Dotenvx Ops/Vlt is now Dotenvx Armor ⛨ (#830)

1.69.2 (2026-05-29)

Changed

• Minor messaging improvements, especially if using armored keys (#825)

1.69.1 (2026-05-25)

Changed

• Internally rename ops to vlt (#823)

1.69.0 (2026-05-25)

Changed

• Remove fully-deprecated opsOff option in favor of noOps (#822)

1.68.1 (2026-05-24)

Changed

• Pass -f to ops (#821)

1.68.0 (2026-05-24)

Changed

• Support ignore option on parse (#820)

1.67.0 (2026-05-21)

Added

• Add prompt for local storage vs armored storage (#819)

1.66.0 (2026-05-13)

... (truncated)

Commits

• 41fa9ff 1.71.0
• 581e4e5 changelog
• 7e71b94 Merge pull request #831 from dotenvx/pass-token
• 6a459d4 pass --token to run
• bc05c30 1.70.0
• 596262b Merge pull request #830 from dotenvx/armor
• 56cdfa6 assume user has armor installed if using with latest dotenvx
• d9ec324 clean up internals
• b3cf358 interal rename to noArmor
• 3af1e92 further renames to armor
• Additional commits viewable in compare view

Updates prettier from 3.8.1 to 3.8.3

Release notes

Sourced from prettier's releases.

3.8.3

• SCSS: Prevent trailing comma in if() function (prettier/prettier#18471 by @​kovsu)

🔗 Changelog

3.8.2

• Support Angular v21.2

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.8.3

diff

SCSS: Prevent trailing comma in if() function (#18471 by @​kovsu)

// Input
$value: if(sass(false): 1; else: -1);
// Prettier 3.8.2
$value: if(
sass(false): 1; else: -1,
);
// Prettier 3.8.3
$value: if(sass(false): 1; else: -1);

3.8.2

diff

Angular: Support Angular v21.2 (#18722, #19034 by @​fisker)

Exhaustive typechecking with @default never;

<!-- Input -->
@switch (foo) {
  @case (1) {}
  @default never;
}
<!-- Prettier 3.8.1 -->
SyntaxError: Incomplete block "default never". If you meant to write the @ character, you should use the "&#64;" HTML entity instead. (3:3)
<!-- Prettier 3.8.2 -->
@​switch (foo) {
@​case (1) {}
@​default never;
}

arrow function and instanceof expressions.

</tr></table> 

... (truncated)

Commits

• d7108a7 Release 3.8.3
• 177f908 Prevent trailing comma in SCSS if() function (#18471)
• 1cd4066 Release @​prettier/plugin-oxc@​0.1.4
• a8700e2 Update oxc-parser to v0.125.0
• 752157c Fix tests
• 053fd41 Bump Prettier dependency to 3.8.2
• 904c636 Clean changelog_unreleased
• dc1f7fc Update dependents count
• b31557c Release 3.8.2
• 96bbaed Support Angular v21.2 (#18722)
• Additional commits viewable in compare view

Updates yaml from 2.8.2 to 2.9.0

Release notes

Sourced from yaml's releases.

v2.9.0

The changes here are really only patches, but I'm releasing this as a minor version to note a small change to the documentation of parseDocument() and parseAllDocuments(): I've removed the claim that they'll "never throw".

It remains the case that practically all non-malicious inputs will be handled without emitting an error, but there is a decent chance that code paths remain where e.g. a RangeError due to call stack exhaustion can be triggered by malicious inputs. Up to now, I've considered these as security vulnerabilities, and in fact it's the only category of error for which yaml CVEs have been issued so far.

Starting from this release, I'll be considering such errors as bugs, but not vulnerabilities. I do welcome people and/or LLMs looking for them, but please report them as normal issues rather than suspected security vulnerabilities. This also applies to previously undiscovered bugs in earlier releases.

• fix: Avoid calling Array.prototype.push.apply() with large source array
• fix(lexer): Avoid recursive calls that may exhaust the call stack

v2.8.4

• Disable alias resolution with maxAliasCount:0 (#677)
• Handle invalid unicode escapes (e1a1a77)
• Apply minFractionDigits only to decimal strings (#676)

v2.8.3

• Add trailingComma ToString option for multiline flow formatting (#670)
• Catch stack overflow during node composition (1e84ebb)

Commits

• ddb21b0 2.9.0
• 167365b docs: Clarify that not all errors can be avoided
• 6eca2a7 fix: Avoid calling Array.prototype.push.apply() with large source array
• 0543cd5 fix(lexer): Avoid recursive calls that may exhaust the call stack
• ccdf743 2.8.4
• f625789 fix: Disable alias resolution with maxAliasCount:0 (#677)
• e1a1a77 fix: Handle invalid unicode escapes
• a163ea0 style: Satify Prettier
• b2a5a6c fix: Apply minFractionDigits only to decimal strings (#676)
• 93c951b chore: Bump JSR version to v2.8.3 (#673)
• Additional commits viewable in compare view

Updates @primer/octicons-react from 19.22.0 to 19.28.0

Release notes

Sourced from @​primer/octicons-react's releases.

v19.28.0

Minor Changes

• #1208 eddab3ff Thanks @​dylanatsmith! - Fix vscode icon: update 16px, add 24px, remove 32px and 48px

v19.27.0

Minor Changes

• #1203 a69618e4 Thanks @​ericwbailey! - Add flag icon

Patch Changes

• #1212 02bd1ef8 Thanks @​ericwbailey! - remove hardcoded fill from flag icon

v19.26.0

Minor Changes

• #1197 b45f1d35 Thanks @​lukasoppermann! - Add repo-forked-locked icon

Patch Changes

• #1209 9a7e2146 Thanks @​siddharthkp! - fix: remove hardcoded fill from sandbox icon

v19.25.0

Minor Changes

• #1193 b6efea4a Thanks @​kylewaynebenson! - Added StackRemove & StackCheck icons

• #1194 7d7ca421 Thanks @​kylewaynebenson! - Added Sandbox icon

v19.24.1

Patch Changes

• #1190 38dfb0d4 Thanks @​francinelucca! - Allow data-component attribute to be overridden by consumers

v19.24.0

Minor Changes

• #1185 25e257ff Thanks @​francinelucca! - Add data-component="Octicon" attribute to all SVG elements for easier identification and styling

v19.23.1

Patch Changes

• #1175 ea8e6bb7 Thanks @​kylewaynebenson! - - Remove set fill from svgs

v19.23.0

Minor Changes

• #1165 63bc8d01 Thanks @​kylewaynebenson! - - Addition of lockup icon

... (truncated)

Changelog

Sourced from @​primer/octicons-react's changelog.

19.28.0

Minor Changes

• #1208 eddab3ff Thanks @​dylanatsmith! - Fix vscode icon: update 16px, add 24px, remove 32px and 48px

19.27.0

Minor Changes

• #1203 a69618e4 Thanks @​ericwbailey! - Add flag icon

Patch Changes

• #1212 02bd1ef8 Thanks @​ericwbailey! - remove hardcoded fill from flag icon

19.26.0

Minor Changes

• #1197 b45f1d35 Thanks @​lukasoppermann! - Add repo-forked-locked icon

Patch Changes

• #1209 9a7e2146 Thanks @​siddharthkp! - fix: remove hardcoded fill from sandbox icon

19.25.0

Minor Changes

• #1193 b6efea4a Thanks @​kylewaynebenson! - Added StackRemove & StackCheck icons

• #1194 7d7ca421 Thanks @​kylewaynebenson! - Added Sandbox icon

19.24.1

Patch Changes

• #1190 38dfb0d4 Thanks @​francinelucca! - Allow data-component attribute to be overridden by consumers

19.24.0

Minor Changes

• #1185 25e257ff Thanks @​francinelucca! - Add data-component="Octicon" attribute to all SVG elements for easier identification and styling

19.23.1

Patch Changes

... (truncated)

Commits

• fef9ded Version Packages (#1214)
• eddab3f Fix VSCode icon and remove unnecessary size variants (#1208)
• 067ee62 Bump lodash from 4.17.23 to 4.18.1 in /lib/octicons_react (#1201)
• 7ee4aaf Version Packages (#1210)
• 02bd1ef Fix: Remove hardcoded fill from flag icon (#1212)
• 3af9603 Re-enable @​arethetypeswrong/cli in CI with pinned fflate@0.8.2 (#1211)
• a69618e Add flag octicon (#1203)
• 33125a6 Version Packages (#1207)
• 9a7e214 fix: remove hardcoded fill from sandbox icon (#1209)
• b45f1d3 Clean up repo-forked-locked icons formatting (#1197)
• Additional commits viewable in compare view

Updates @primer/react from 38.14.0 to 38.26.0

Release notes

Sourced from @​primer/react's releases.

@​primer/react@​38.26.0

Minor Changes

• #7869 23fba52 Thanks @​adierkens! - Slot system consistency improvements:

  • Remove orphan __SLOT__ markers from root components that no parent scans for: ActionMenu (root Menu), UnderlinePanels (root), Autocomplete is unchanged (still used as a FormControl child), PageLayout (root), SegmentedControl (root), RadioGroup (root), CheckboxGroup (root), and Dialog (root). Sub-component markers are intentionally retained so consumers can keep wrapping them.
  • Standardize Symbol(...) descriptions used as slot markers to the Parent.Slot convention: CheckboxOrRadioGroupLabel → CheckboxOrRadioGroup.Label, CheckboxOrRadioGroupCaption → CheckboxOrRadioGroup.Caption, CheckboxOrRadioGroupValidation → CheckboxOrRadioGroup.Validation, DEPRECATED_Tooltip → Tooltip, and Table → DataTable.Table.
  • Migrate PageHeader, NavList.Item, and the internal CheckboxOrRadioGroup to use the useSlots hook instead of hand-rolling React.Children traversal with isSlot. The CheckboxOrRadioGroup migration also removes duplicated work where useSlots was already called but slots were re-extracted by hand immediately after.
  • Export useSlots, isSlot, asSlot, and the WithSlotMarker/FCWithSlotMarker types publicly from @primer/react so downstream consumers can build their own slot-aware compound components.
  • Add asSlot(component, slotSource) helper: a typed utility that copies a __SLOT__ marker from a source slot component onto a wrapper component, replacing the cast-heavy (Wrapper as typeof Wrapper & {__SLOT__?: symbol}).__SLOT__ = Source.__SLOT__ pattern.
  • Add a dev-mode warning in useSlots when a child's displayName matches a slot component's displayName but the child is missing the __SLOT__ marker — a common footgun when wrapping slot components.

• #7898 da27739 Thanks @​francinelucca! - ThemeProvider: Add contextOnly prop to opt out of rendering the wrapping <div> with data-* theme attributes

• #7886 64dfbd3 Thanks @​janmaarten-a11y! - Add Timeline.Actions sub-component for rendering action buttons, links, SHAs, status labels, and similar right-aligned content on a Timeline.Item. Renders as a horizontal flex row pushed to the right edge of the item with gap: 8px between children and min-height matching the badge so contents vertically center against it.

• #7885 9d2cb53 Thanks @​janmaarten-a11y! - Add Timeline.Avatar sub-component for rendering an actor avatar in the left gutter of a Timeline.Item. Accepts any React children and is absolutely positioned so it does not affect badge or body layout. Consumers must reserve roughly 72px of left padding around the Timeline for the avatar to be visible.

Patch Changes

• #7864 e7205ea Thanks @​mattcosta7! - Eliminate nested-update cascades in useFocus, PageLayout.Pane, and AnchoredOverlay:

  • useFocus no longer produces a second re-render after focusing; one focus() call now results in exactly one render instead of two.
  • PageLayout.Pane (resizable) no longer triggers a forced re-render before paint on mount. The CSS variable and ARIA attributes are still updated synchronously in the layout effect; the React state sync is wrapped in startTransition so it runs in the transition lane rather than as part of the layout-effect commit.
  • AnchoredOverlay no longer keeps useAnchoredPosition's scroll listeners and ResizeObserver attached while it is closed. After an open→close cycle, the first scroll/resize event no longer fires a spurious setPosition(undefined) that re-renders the closed overlay.

  Also adds a profiler-based test harness at src/utils/testing/profiler.tsx so future regressions can be pinned with counter.updateCount and counter.nestedUpdateCount assertions.

• #7892 4dd08af Thanks @​TylerJDev! - AnchoredOverlay: Disable CSS anchor positioning if related CSS rules are not supported

• #7878 8c468fd Thanks @​mattcosta7! - FilteredActionList: Guard against undefined items in the virtualizer's getItemKey callback to prevent a crash when @tanstack/react-virtual invokes it with an index whose item was just removed (e.g. when filtering shrinks the items list).

• #7893 0eef204 Thanks @​mattcosta7! - Button: Replace the icon-only-with-counter :has(...):not(:has(...)) selector with a data-icon-only-counter attribute computed from props. Reduces style-recalculation cost on pages that render many Buttons. No visual or behavioral changes.

• #7896 673514b Thanks @​mattcosta7! - TextInput / TextInputWithTokens / Select / Autocomplete: Replace chained :not([data-leading-visual]), :not([data-trailing-visual]), and :not([data-trailing-action]) attribute negations in TextInputWrapper styles with positive data-no-leading-visual, data-no-trailing-visual, and data-no-trailing-action markers emitted by the wrapper components. Eliminates the 2- and 3-deep :not() chains that previously evaluated against every input on every state change. No visual or behavioral changes.

• #7876 980e94c Thanks @​mattcosta7! - UnderlinePanels: Eliminate the empty-tablist frame on mount and the cascading re-render when icons toggle. Tabs and panels are now derived in render (previously stored in state synced via useEffect), the list width is kept

... (truncated)

Commits

• df9fd9b Release tracking (#7883)
• da27739 feat(ThemeProvider): add contextOnly prop to prevent rendering of wrapping di...
• 673514b perf(TextInputWrapper): replace :not() attribute chains with positive markers...
• 0eef204 perf(Button): replace :has() icon-only-counter selector with data attribute (...
• 9d2cb53 Add Timeline.Avatar sub-component (#7885)
• 4dd08af AnchoredOverlay: Disable CSS Anchor Positioning if fallbacks is not supported...
• 0867609 Bump @​primer/live-region-element to 0.8.0 (#7895)
• 64dfbd3 Add Timeline.Actions sub-component (#7886)
• af17094 ci: raise error if no report found for playwright (#7887)
• 980e94c perf(UnderlinePanels): eliminate cascading renders on mount and resize (#7876)
• Additional commits viewable in compare view

Updates autoprefixer from 10.4.27 to 10.5.0

Release notes

Sourced from autoprefixer's releases.

10.5.0 “Each Endeavouring, All Achieving”

• Added mask-position-x and mask-position-y support (by @​toporek).

Changelog

Sourced from autoprefixer's changelog.

10.5.0 “Each Endeavouring, All Achieving”

• Added mask-position-x and mask-position-y support (by @​toporek).

Commits

• faf456a Release 10.5 version
• b841fc5 Update dependencies
• 47d6e68 Update email
• 45cfc08 Replace ESLint and Prettier to oxlint and oxfmt
• 7e3ec7d Add prefixing support for mask-position-x and mask-position-y (#1548)
• See full diff in compare view

Updates json-2-csv from 5.5.10 to 5.5.11

Commits

• See full diff in compare view

Updates next from 16.1.6 to 16.2.7

Release notes

Sourced from next's releases.

v16.2.7

[!NOTE] This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Backport documentation fixes for v16.2 (#93804)
• [backport] Patch playwright-core to resolve _finishedPromise on requestFailed (#93920)
• [backport] Fix dev mode hydration failure when page is served from HTTP cache (#93492)
• [backport] Fix catch-all router.query corruption with basePath + rewrites (#93917)
• [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• [backport] Fix "type: module" in project dir when using standalone or adapters (#94050)
• [backport] Propagate adapter preferred regions (#94200)
• [16.2.x] Don't drop FormData entries (#94240)
• [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolution (#94284)

Credits

Huge thanks to @​eps1lon, @​icyJoseph, @​unstubbable, @​mischnic, @​bgw, @​timneutkens, and @​lukesandberg for helping!

v16.2.6

[!NOTE] This release contains security fixes and backported bug fixes. It does not include all pending features/changes on canary.

Security Fixes

The following advisories have been addressed:

High:

• GHSA-8h8q-6873-q5fj: Denial of Service with Server Components
• GHSA-267c-6grr-h53f: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
• GHSA-26hh-7cqf-hhc6: Middleware / Proxy bypass in App Router applications via segment-prefetch routes - Incomplete Fix Follow-Up
• GHSA-mg66-mrh9-m8jx: Denial of Service via connection exhaustion in applications using Cache Components
• GHSA-492v-c6pp-mqqv: Middleware / Proxy bypass through dynamic route parameter injection
• GHSA-c4j6-fc7j-m34r: Server-side request forgery in applications using WebSocket upgrades
• GHSA-36qx-fr4f-26g5: Middleware / Proxy bypass in Pages Router applications using i18n

Moderate:

• GHSA-ffhc-5mcf-pf4q: Cross-site scripting in App Router applications using CSP nonces
• GHSA-gx5p-jg67-6x7h: Cross-site scripting in beforeInteractive scripts with untrusted input
• GHSA-h64f-5h5j-jqjh: Denial of Service in the Image Optimization API
• GHSA-wfc6-r584-vfw7: Cache poisoning in React Server Component responses

Low:

• GHSA-vfv6-92ff-j949: Cache poisoning via collisions in React Server Component cache-busting
• GHSA-3g8h-86w9-wvmq: Middleware / Proxy redirects can be cache-poisoned

... (truncated)

Commits

• 9bd3c26 v16.2.7
• c63224f [backport] feat(turbopack): add LocalPathOrProjectPath PostCSS config resolut...
• 63115c7 [16.2.x] Don't drop FormData entries (#94240)
• aef22fd [backport] Propagate adapter preferred regions (#94200)
• f126e72 [backport] Fix "type: module" in project dir when using standalone or adapter...
• bda3e2a [ci] Disable hanging node 24 typescript tests on 16.2 backport branch (#94164)
• 7e16e07 [backport] Turbopack: switch from base40 to base38 hash encoding (#93932)
• 6139f4b [backport] Fix server action forwarding loop with middleware rewrites (#93919)
• c021d10 [backport] Encode non-ASCII characters in cache tags at construction (#93918)
• 9184ddb [backport] Fix catch-all router.query corruption with basePath + `rewrite...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.

Updates postcss from 8.5.8 to 8.5.15

Release notes

Sourced from postcss's releases.

8.5.15

• Fixed declaration parsing performance (by @​homanp).

8.5.14

• Fixed custom syntax regression (by @​43081j).

8.5.13

• Fixed postcss-scss commend regression.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

Changelog

Sourced from postcss's changelog.

8.5.15

• Fixed declaration parsing performance (by @​homanp).

8.5.14

• Fixed custom syntax regression (by @​43081j).

8.5.13

• Fixed postcss-scss commend regression.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

Commits

• eae46db Release 8.5.15 version
• 79508ff Update CI actions
• b128e21 Speed up declaration parsing by avoiding creating new array on each token
• 9825dca Fix code format
• 55789c8 Update dependencies
• 84fbbe9 Install older pnpm action for old Node.js
• 9f860bd Revert pnpm action for old Node.js
• 0877198 Update CI actions
• b2d1a33 Fix linter warnings
• 0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness
• Additional commits viewable in compare view

Updates react from 19.2.4 to 19.2.7

Release notes

Sourced from react's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

19.2.6 (May 6th, 2026)

React Server Components

• Type hardening and performance improvements (#36425 by @​eps1lon and @​unstubbable)

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• eaf3e95 Version 19.2.6
• 23f4f9f 19.2.5
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react since your current version.

Updates @types/react from 19.2.14 to 19.2.16

Commits

• See full diff in compare view

Updates react-dom from 19.2.4 to 19.2.7

Release notes

Sourced from react-dom's releases.

19.2.7 (June 1st, 2026)

React Server Components

• Fixed missing FormData entries in Server Actions which regressed in 19.2.6 (#36566 by @​unstubbable)

19.2.6 (May 6th, 2026)

React Server Components

• Type hardening and performance improvements (#36425 by @​eps1lon and @​unstubbable)

19.2.5 (April 8th, 2026)

React Server Components

• Add more cycle protections (#36236 by @​eps1lon and @​unstubbable)

Commits

• 6117d7c Version 19.2.7 (#36591)
• eaf3e95 Version 19.2.6
• 23f4f9f 19.2.5
• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for react-dom since your current version.

Updates @types/node from 25.3.3 to 25.9.1

Commits

• See full diff in compare view

Updates @types/react from 19.2.14 to 19.2.16

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.56.1 to 8.60.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.60.1

8.60.1 (2026-06-01)

🩹 Fixes

• eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)
• eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)

❤️ Thank You

• lumir
• Nevette Bailey @​nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.60.0

8.60.0 (2026-05-25)

🚀 Features

• rule-tester: added updates of RuleTester from upstream (#12291)

🩹 Fixes

• playground TS version selector is not working (#12326, #12325)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Vinccool96

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.59.4

8.59.4 (2026-05-18)

🩹 Fixes

• eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)
• project-service: throw error cause in getParsedConfigFileFromTSServer (#12321)
• typescript-eslint: export Compatible* types from typescript-eslint to resolve pnpm TS error (#12340)

❤️ Thank You

• Evyatar Daud @​StyleShit
• Kirk Waiblinger @​kirkwaiblinger

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.60.1 (2026-06-01)

🩹 Fixes

• eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)
• eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)

❤️ Thank You

• lumir
• Nevette Bailey @​nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.60.0 (2026-05-25)

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.59.4 (2026-05-18)

🩹 Fixes

• eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)

❤️ Thank You

• Evyatar Daud @​StyleShit

See GitHub Releases for more information.

You can read about our versioning strate...

Description has been truncated