Skip to content

chore(deps): upgrade ESLint to v10 and bump minor dependencies#147

Merged
hyp3rd merged 1 commit into
mainfrom
feat/20260704-deps-bump
Jul 9, 2026
Merged

chore(deps): upgrade ESLint to v10 and bump minor dependencies#147
hyp3rd merged 1 commit into
mainfrom
feat/20260704-deps-bump

Conversation

@hyp3rd

@hyp3rd hyp3rd commented Jul 9, 2026

Copy link
Copy Markdown
Owner

Add @eslint/compat to wrap eslint-config-next rules that rely on deprecated APIs removed in ESLint 10 (context.getFilename and friends). Drop the getFilename fallback in the custom require-aal2-gate ESLint rule since context.filename is now the only supported API.

Bumped packages: @radix-ui/* components, @supabase/supabase-js 2.110.1, @typescript-eslint 8.63.0, @zxing/browser+library, vitest 4.1.10, @types/node 26.1.1, resend 6.17.2, and associated lockfile transitive updates.

Add @eslint/compat to wrap eslint-config-next rules that rely on
deprecated APIs removed in ESLint 10 (context.getFilename and friends).
Drop the getFilename fallback in the custom require-aal2-gate ESLint rule
since context.filename is now the only supported API.

Bumped packages: @radix-ui/* components, @supabase/supabase-js 2.110.1,
@typescript-eslint 8.63.0, @zxing/browser+library, vitest 4.1.10,
@types/node 26.1.1, resend 6.17.2, and associated lockfile transitive
updates.
@hyp3rd hyp3rd self-assigned this Jul 9, 2026
@vercel

vercel Bot commented Jul 9, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
maqro Ready Ready Preview, Comment Jul 9, 2026 11:04am

Request Review

@supabase

supabase Bot commented Jul 9, 2026

Copy link
Copy Markdown

This pull request has been ignored for the connected project xlhadpxnprtmiblgxprg because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.


Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

@socket-security

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm @zxing/library is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: package-lock.jsonnpm/@zxing/library@0.23.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@zxing/library@0.23.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@hyp3rd hyp3rd merged commit df05327 into main Jul 9, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant