chore(deps-dev): bump the dependencies group in /pkg/js with 4 updates

[dependabot]

Bumps the dependencies group in /pkg/js with 4 updates: @typescript-eslint/eslint-plugin, @typescript-eslint/parser, jest-html-reporter and typescript.

Updates @typescript-eslint/eslint-plugin from 8.57.1 to 8.57.2

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.57.2

8.57.2 (2026-03-23)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] remove dangling closing parenthesis (#11865)
• eslint-plugin: [array-type] ignore Array and ReadonlyArray without type arguments (#11971)
• eslint-plugin: [no-restricted-types] flag banned generics in extends or implements (#12120)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-useless-default-assignment] skip reporting false positives for unresolved type parameters (#12127)
• eslint-plugin: [prefer-readonly-parameter-types] preserve type alias infomation (#11954)
• typescript-estree: skip createIsolatedProgram fallback for projectService (#12066, #12065)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• Konv Suu
• mdm317
• Newton Yuan @​NewtonYuan
• RyoheiYamamoto
• SungHyun627 @​SungHyun627
• Tamashoo @​Tamashoo

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.57.2 (2026-03-23)

🩹 Fixes

• eslint-plugin: [prefer-readonly-parameter-types] preserve type alias infomation (#11954)
• eslint-plugin: [no-useless-default-assignment] skip reporting false positives for unresolved type parameters (#12127)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-restricted-types] flag banned generics in extends or implements (#12120)
• eslint-plugin: [array-type] ignore Array and ReadonlyArray without type arguments (#11971)
• eslint-plugin: [prefer-optional-chain] remove dangling closing parenthesis (#11865)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• Konv Suu
• mdm317
• Newton Yuan @​NewtonYuan
• SungHyun627 @​SungHyun627
• Tamashoo @​Tamashoo

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• be4d54d chore(release): publish 8.57.2
• f68c8e4 fix(eslint-plugin): [prefer-readonly-parameter-types] preserve type alias inf...
• 73acd2e fix(eslint-plugin): [no-useless-default-assignment] skip reporting false posi...
• 3d21482 fix(eslint-plugin): [no-unsafe-return] false positive on unwrapping generic (...
• e128548 fix(eslint-plugin): [no-restricted-types] flag banned generics in extends or ...
• 2b7f63f chore(eslint-plugin): correct tsutils.isTypeFlag usage post-merge
• 65175cd fix(eslint-plugin): [array-type] ignore Array and ReadonlyArray without type ...
• 9c9ab5e feat(eslint-plugin): [no-unnecessary-type-arguments] report inferred required...
• 42a1c89 fix(eslint-plugin): [prefer-optional-chain] remove dangling closing parenthes...
• 71855ff docs(eslint-plugin): [no-unnecessary-condition] add link to TS handbook (#12131)
• See full diff in compare view

Updates @typescript-eslint/parser from 8.57.1 to 8.57.2

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.57.2

8.57.2 (2026-03-23)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] remove dangling closing parenthesis (#11865)
• eslint-plugin: [array-type] ignore Array and ReadonlyArray without type arguments (#11971)
• eslint-plugin: [no-restricted-types] flag banned generics in extends or implements (#12120)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-useless-default-assignment] skip reporting false positives for unresolved type parameters (#12127)
• eslint-plugin: [prefer-readonly-parameter-types] preserve type alias infomation (#11954)
• typescript-estree: skip createIsolatedProgram fallback for projectService (#12066, #12065)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• Konv Suu
• mdm317
• Newton Yuan @​NewtonYuan
• RyoheiYamamoto
• SungHyun627 @​SungHyun627
• Tamashoo @​Tamashoo

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.57.2 (2026-03-23)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

Commits

• be4d54d chore(release): publish 8.57.2
• See full diff in compare view

Updates jest-html-reporter from 4.3.0 to 4.4.0

Release notes

Sourced from jest-html-reporter's releases.

v4.4.0

What's Changed

• Bump rollup from 4.34.1 to 4.59.0 by @​dependabot[bot] in Hargne/jest-html-reporter#208
• Bump flatted from 3.3.2 to 3.4.2 by @​dependabot[bot] in Hargne/jest-html-reporter#209
• change peerDependencies for typescript to include v6 by @​feelingsoflight in Hargne/jest-html-reporter#210

New Contributors

• @​feelingsoflight made their first contribution in Hargne/jest-html-reporter#210

Full Changelog: Hargne/jest-html-reporter@4.3.1...v4.4.0

v4.3.1

🚀 New Features / Improvements

• Added alert in console when using invalid configuration keys

🐞 Fixes

• Corrected the default value of hideConsoleLogOrigin to false in the readme

Commits

• 0ef7a32 chore(release): v4.4.0
• 55975f9 Updated caniuse, Removed redundant test run
• a1bbc34 Changed scripts to run yarn
• 6418924 Update release.yml
• 6ac5580 Merge pull request #210 from feelingsoflight/master
• 4716e3e Removed typescript as peerDependency
• f14e402 Merge branch 'master' of https://github.com/Hargne/jest-html-reporter
• 4595652 Added release workflow
• 0cc41ad Merge pull request #209 from Hargne/dependabot/npm_and_yarn/flatted-3.4.2
• 17f7480 Merge pull request #208 from Hargne/dependabot/npm_and_yarn/rollup-4.59.0
• Additional commits viewable in compare view

Updates typescript from 5.9.3 to 6.0.2

Release notes

Sourced from typescript's releases.

TypeScript 6.0

For release notes, check out the release announcement blog post.

• fixed issues query for TypeScript 6.0.0 (Beta).
• fixed issues query for TypeScript 6.0.1 (RC).
• fixed issues query for TypeScript 6.0.2 (Stable).

Downloads are available on:

• npm

TypeScript 6.0 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 6.0.0 (Beta).

Downloads are available on:

• npm

Commits

• 607a22a Bump version to 6.0.2 and LKG
• 9e72ab7 🤖 Pick PR #63239 (Fix missing lib files in reused pro...) into release-6.0 (#...
• 35ff23d 🤖 Pick PR #63163 (Port anyFunctionType subtype fix an...) into release-6.0 (#...
• e175b69 Bump version to 6.0.1-rc and LKG
• af4caac Update LKG
• 8efd7e8 Merge remote-tracking branch 'origin/main' into release-6.0
• 206ed1a Deprecate assert in import() (#63172)
• e688ac8 Update dependencies (#63156)
• 29b300d Bump the github-actions group across 1 directory with 2 updates (#63205)
• 0c2c7a3 DOM update (#63183)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​typescript-eslint/​parser@​8.57.1 ⏵ 8.57.2
	npm/​@​typescript-eslint/​eslint-plugin@​8.57.1 ⏵ 8.57.2	+1		+1
	npm/​jest-html-reporter@​4.3.0 ⏵ 4.4.0	+1		+1	+5
	npm/​typescript@​5.9.3 ⏵ 6.0.2	+1		+1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		License policy violation: npm typescript under CC-BY-4.0 License: CC-BY-4.0 - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) License: MIT-Khronos-old - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) License: LicenseRef-W3C-Community-Final-Specification-Agreement - the applicable license policy does not allow this license (4) (package/ThirdPartyNoticeText.txt) From: pkg/js/package-lock.json → npm/typescript@6.0.2 ℹ Read more on: This package | This alert | What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/typescript@6.0.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.