build(deps): bump the npm-dependencies group with 7 updates

[dependabot]

Bumps the npm-dependencies group with 7 updates:

Package	From	To
joi	17.13.4	18.2.3
@eslint/js	9.39.4	10.0.1
@types/react	18.3.31	19.2.17
eslint	9.39.4	10.6.0
eslint-plugin-regexp	2.10.0	3.1.1
lint-staged	16.4.0	17.0.8
markdownlint-cli2	0.12.1	0.22.1

Updates joi from 17.13.4 to 18.2.3

Commits

• c86ddc0 18.2.3
• 8077125 Merge pull request #3125 from hapijs/fix/json-schema-multiple-patterns
• 223217a fix: expose multiple string patterns in json schemas
• 85947a8 Merge pull request #3124 from hapijs/chore/object-proto
• fe41c4f chore: deny prototype pollution in objects by restoring prototype
• 87d3a62 18.2.2
• 1c7d34e Merge pull request #3120 from hapijs/fix/json-schema-bugfixes
• 515a8f0 test(json-schema): drop runtime validation from json-schema tests
• 6574f75 fix(json-schema): register id'd child schemas in $defs
• 770a2cf fix(json-schema): skip rule handlers with ref arguments
• Additional commits viewable in compare view

Updates @eslint/js from 9.39.4 to 10.0.1

Release notes

Sourced from @​eslint/js's releases.

v10.0.1

Bug Fixes

• c87d5bd fix: update eslint (#20531) (renovate[bot])
• d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
• 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
• 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

• 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
• 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
• b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

• e5c281f chore: updates for v9.39.3 release (Jenkins)
• 8c3832a chore: update @​typescript-eslint/parser to ^8.56.0 (#20514) (Milos Djermanovic)
• 8330d23 test: add tests for config-api (#20493) (Milos Djermanovic)
• 37d6e91 chore: remove eslint v10 prereleases from eslint-config-eslint deps (#20494) (Milos Djermanovic)
• da7cd0e refactor: cleanup error message templates (#20479) (Francesco Trotta)
• 84fb885 chore: package.json update for @​eslint/js release (Jenkins)
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467) (Milos Djermanovic)

v10.0.0

Breaking Changes

• f9e54f4 feat!: estimate rule-tester failure location (#20420) (ST-DDT)
• a176319 feat!: replace chalk with styleText and add color to ResultsMeta (#20227) (루밀LuMir)
• c7046e6 feat!: enable JSX reference tracking (#20152) (Pixel998)
• fa31a60 feat!: add name to configs (#20015) (Kirk Waiblinger)
• 3383e7e fix!: remove deprecated SourceCode methods (#20137) (Pixel998)
• 501abd0 feat!: update dependency minimatch to v10 (#20246) (renovate[bot])
• ca4d3b4 fix!: stricter rule tester assertions for valid test cases (#20125) (唯然)
• 96512a6 fix!: Remove deprecated rule context methods (#20086) (Nicholas C. Zakas)
• c69fdac feat!: remove eslintrc support (#20037) (Francesco Trotta)
• 208b5cc feat!: Use ScopeManager#addGlobals() (#20132) (Milos Djermanovic)
• a2ee188 fix!: add uniqueItems: true in no-invalid-regexp option (#20155) (Tanuj Kanti)
• a89059d feat!: Program range span entire source text (#20133) (Pixel998)
• 39a6424 fix!: assert 'text' is a string across all RuleFixer methods (#20082) (Pixel998)
• f28fbf8 fix!: Deprecate "always" and "as-needed" options of the radix rule (#20223) (Milos Djermanovic)
• aa3fb2b fix!: tighten func-names schema (#20119) (Pixel998)
• f6c0ed0 feat!: report eslint-env comments as errors (#20128) (Francesco Trotta)
• 4bf739f fix!: remove deprecated LintMessage#nodeType and TestCaseError#type (#20096) (Pixel998)
• 523c076 feat!: drop support for jiti < 2.2.0 (#20016) (michael faith)
• 454a292 feat!: update eslint:recommended configuration (#20210) (Pixel998)
• 4f880ee feat!: remove v10_* and inactive unstable_* flags (#20225) (sethamus)
• f18115c feat!: no-shadow-restricted-names report globalThis by default (#20027) (sethamus)
• c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160) (Milos Djermanovic)

Features

• bff9091 feat: handle Array.fromAsync in array-callback-return (#20457) (Francesco Trotta)
• 290c594 feat: add self to no-implied-eval rule (#20468) (sethamus)
• 43677de feat: fix handling of function and class expression names in no-shadow (#20432) (Milos Djermanovic)

... (truncated)

Commits

• 84fb885 chore: package.json update for @​eslint/js release
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467)
• f3fbc2f chore: set @eslint/js version to 10.0.0 to skip releasing it (#20466)
• b4b3127 chore: package.json update for @​eslint/js release
• 0b14059 chore: package.json update for @​eslint/js release
• fa31a60 feat!: add name to configs (#20015)
• 1e2cad5 chore: package.json update for @​eslint/js release
• 454a292 feat!: update eslint:recommended configuration (#20210)
• c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160)
• See full diff in compare view

Updates @types/react from 18.3.31 to 19.2.17

Commits

• See full diff in compare view

Updates eslint from 9.39.4 to 10.6.0

Release notes

Sourced from eslint's releases.

v10.6.0

Features

• b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981) (Taejin Kim)
• f291007 feat: add checkRelationalComparisons to no-constant-binary-expression (#20948) (sethamus)

Bug Fixes

• 6b05784 fix: prefer-exponentiation-operator invalid autofix at statement start (#20997) (Milos Djermanovic)
• bb9eb2a fix: account for shadowed Boolean in no-extra-boolean-cast (#21013) (den$)
• 8fd8741 fix: don't report shadowed undefined in radix rule (#21011) (Pixel)
• 5784980 fix: don't report shadowed undefined in no-throw-literal (#21010) (Pixel)
• 9cd1e6d fix: suppress invalid class suggestion in no-promise-executor-return (#21008) (Pixel)
• d4eb2dc fix: don't report shadowed undefined in prefer-promise-reject-errors (#21006) (Pixel)
• 2360464 fix: prefer-promise-reject-errors false positives for shadowed Promise (#21003) (den$)
• 63d52d2 fix: restore max-classes-per-file report range (#21002) (Pixel)
• 7feaff0 fix: callback detection logic for IIFEs in max-nested-callbacks (#20979) (fnx)
• 399a2ec fix: don't report inner non-callbacks in max-nested-callbacks (#20995) (Milos Djermanovic)

Documentation

• a83683d docs: Update README (GitHub Actions Bot)
• f5449f9 docs: document userland patterns for global assertionOptions in RuleT… (#20986) (playgirl)
• bea49f7 docs: Update README (GitHub Actions Bot)
• e5f70f9 docs: update code-path diagrams (#20984) (Tanuj Kanti)
• 8890c2d docs: add TypeScript config guidance for MCP server (#20796) (Pierluigi Lenoci)
• 3eb3d9b docs: Update README (GitHub Actions Bot)
• c5bb59c docs: Update README (GitHub Actions Bot)
• eb3c97c docs: fix grammar in prefer-const rule description (#20983) (lumir)

Chores

• 6a42034 ci: run ecosystem tests on main branch (#20891) (sethamus)
• 3dbacdb ci: bump actions/checkout from 6 to 7 (#21014) (dependabot[bot])
• c3abfca chore: correct JSDoc param types in html formatter (#21018) (Minseon Kim)
• a832320 ci: split ecosystem tests into separate jobs (#21001) (xbinaryx)
• 27166e7 chore: update ecosystem plugins (#21005) (ESLint Bot)
• 865d76e ci: bump pnpm/action-setup from 6.0.8 to 6.0.9 (#20989) (dependabot[bot])
• 27a88c9 chore: update dependency markdown-it to v14 in root (#20994) (Milos Djermanovic)
• 970cea6 chore: update dependency markdown-it to v14 (#20993) (Milos Djermanovic)
• b482120 chore: update dependency prettier to v3.8.4 (#20990) (renovate[bot])
• 6993fb3 chore: update ecosystem plugins (#20985) (ESLint Bot)

v10.5.0

Features

• 5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)
• b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)
• 2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)
• 732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)
• f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)
• bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)
• c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

... (truncated)

Commits

• 5d12a04 10.6.0
• f7ca54b Build: changelog update for 10.6.0
• 6a42034 ci: run ecosystem tests on main branch (#20891)
• b1f9106 feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981)
• 3dbacdb ci: bump actions/checkout from 6 to 7 (#21014)
• c3abfca chore: correct JSDoc param types in html formatter (#21018)
• a83683d docs: Update README
• a832320 ci: split ecosystem tests into separate jobs (#21001)
• 6b05784 fix: prefer-exponentiation-operator invalid autofix at statement start (#20997)
• bb9eb2a fix: account for shadowed Boolean in no-extra-boolean-cast (#21013)
• Additional commits viewable in compare view

Updates eslint-plugin-regexp from 2.10.0 to 3.1.1

Release notes

Sourced from eslint-plugin-regexp's releases.

v3.1.1

Patch Changes

• Handle matchAll().toArray() capture usage (#992)

v3.1.0

Minor Changes

• refactor: Name the default export 'regexp' (#952)

v3.0.0

Major Changes

• Drop support for ESLint v8. The minimum supported ESLint version is now v9.38.0 and above. (#917)

• Drop support for ESLint Legacy Config (.eslintrc). Only Flat Config (eslint.config.js) is now supported. The recommended and all config exports now provide Flat Config. The flat/recommended and flat/all exports are kept for backwards compatibility. (#917)

• Drop support for Node.js 18. The minimum supported Node.js version is now 20.19.0, 22.13.0, or 24.0.0 and above. (#915)

• Change to ESM package (#913)

Minor Changes

• feat: update jsdoc-type-pratt-parser (#919)

• feat: enhance jsdoc type parsing (#919)

Changelog

Sourced from eslint-plugin-regexp's changelog.

3.1.1

Patch Changes

• Handle matchAll().toArray() capture usage (#992)

3.1.0

Minor Changes

• refactor: Name the default export 'regexp' (#952)

3.0.0

Major Changes

• Drop support for ESLint v8. The minimum supported ESLint version is now v9.38.0 and above. (#917)

• Drop support for ESLint Legacy Config (.eslintrc). Only Flat Config (eslint.config.js) is now supported. The recommended and all config exports now provide Flat Config. The flat/recommended and flat/all exports are kept for backwards compatibility. (#917)

• Drop support for Node.js 18. The minimum supported Node.js version is now 20.19.0, 22.13.0, or 24.0.0 and above. (#915)

• Change to ESM package (#913)

Minor Changes

• feat: update jsdoc-type-pratt-parser (#919)

• feat: enhance jsdoc type parsing (#919)

Commits

• 8ca0cb7 chore: release eslint-plugin-regexp (#994)
• 1a12117 Handle matchAll().toArray() capture usage (#992)
• 658d97e chore(deps): update actions/checkout action to v7 (#990)
• 432d7fa chore(deps): update dependency markdownlint-cli to ^0.49.0 (#988)
• d7fbd4b chore(deps): bump flatted from 3.3.3 to 3.4.2 (#960)
• 7583f41 chore(deps): bump glob from 10.4.5 to 10.5.0 (#957)
• 01c4de5 chore(deps-dev): bump postcss from 8.5.6 to 8.5.14 (#976)
• 3b3eb33 chore(deps): bump fast-uri from 3.0.3 to 3.1.2 (#978)
• fd89ecb chore(deps-dev): bump brace-expansion from 1.1.12 to 5.0.6 (#979)
• 5dfb3c7 chore(deps): update dependency npm-run-all2 to v9 (#980)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for eslint-plugin-regexp since your current version.

Updates lint-staged from 16.4.0 to 17.0.8

Release notes

Sourced from lint-staged's releases.

v17.0.8

Patch Changes

• #1809 179b437 - Fix lint-staged discarding the ongoing merge conflict status (.git/MERGE_HEAD) when using the --hide-unstaged or --hide-all options.

• #1811 3d0b2c0 - Fix issues with Git commands that are successful but also emit warnings to stderr, by ignoring the stderr output completely when the process exits with code 0. This was the behavior when using nano-spawn and execa, but when switching to tinyexec in 16.3.0 both stdout and stderr were used as interleaved output.

v17.0.7

Patch Changes

• #1806 e692e58 - Update dependency tinyexec@^1.2.4.

v17.0.6

Patch Changes

• #1803 bdf2770 - Run all tests with Deno, in addition to Node.js and Bun.

• #1796 7508272 - Fix performance regression of lint-staged v17 by going back to using git add to stage task modifications. This was changed to git update-index --again in v17 for less manual work, but unfortunately the update-index command gets slower in very large Git repos.

• #1797 7b2505a - This version of lint-staged uses the new staged publishing for npm packages feature. Releases are already published from GitHub Actions with trusted publishing, but now an additional approval with two-factor authentication is also required.

• #1802 321b0a9 - Downgrade dependency tinyexec@1.2.2 to avoid issues in version 1.2.3.

v17.0.5

Patch Changes

• #1792 1f67271 - Correctly set the --max-arg-length default value based on the running platform. This controls how very long lists of staged files are split into multiple chunks.

v17.0.4

Patch Changes

• #1788 f95c1f8 - Another fix for making sure lint-staged adds task modifications correctly to the commit in the following cases:

  • after editing <file> it is staged with git add <file>, and then committed with git commit
  • after editing <file> it is committed with git commit --all without explicit git add
  • after editing <file> it is committed with git commit <pathspec> without explicit git add

  There's new test cases which actually setup the Git pre_commit hook to run lint-staged and verify them. These issues started in v17.0.0 when trying to improve support for committig without having explicitly staged files.

v17.0.3

Patch Changes

• #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
  • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
  • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

v17.0.2

Patch Changes

• #1779 88670ca Thanks @​iiroj! - Enable immutable GitHub releases

... (truncated)

Changelog

Sourced from lint-staged's changelog.

17.0.8

Patch Changes

• #1809 179b437 - Fix lint-staged discarding the ongoing merge conflict status (.git/MERGE_HEAD) when using the --hide-unstaged or --hide-all options.

• #1811 3d0b2c0 - Fix issues with Git commands that are successful but also emit warnings to stderr, by ignoring the stderr output completely when the process exits with code 0. This was the behavior when using nano-spawn and execa, but when switching to tinyexec in 16.3.0 both stdout and stderr were used as interleaved output.

17.0.7

Patch Changes

• #1806 e692e58 - Update dependency tinyexec@^1.2.4.

17.0.6

Patch Changes

• #1803 bdf2770 - Run all tests with Deno, in addition to Node.js and Bun.

• #1796 7508272 - Fix performance regression of lint-staged v17 by going back to using git add to stage task modifications. This was changed to git update-index --again in v17 for less manual work, but unfortunately the update-index command gets slower in very large Git repos.

• #1797 7b2505a - This version of lint-staged uses the new staged publishing for npm packages feature. Releases are already published from GitHub Actions with trusted publishing, but now an additional approval with two-factor authentication is also required.

• #1802 321b0a9 - Downgrade dependency tinyexec@1.2.2 to avoid issues in version 1.2.3.

17.0.5

Patch Changes

• #1792 1f67271 - Correctly set the --max-arg-length default value based on the running platform. This controls how very long lists of staged files are split into multiple chunks.

17.0.4

Patch Changes

• #1788 f95c1f8 - Another fix for making sure lint-staged adds task modifications correctly to the commit in the following cases:

  • after editing <file> it is staged with git add <file>, and then committed with git commit
  • after editing <file> it is committed with git commit --all without explicit git add
  • after editing <file> it is committed with git commit <pathspec> without explicit git add

  There's new test cases which actually setup the Git pre_commit hook to run lint-staged and verify them. These issues started in v17.0.0 when trying to improve support for committig without having explicitly staged files.

17.0.3

Patch Changes

• #1782 06813f9 Thanks @​iiroj! - Fix lint-staged behavior when implicitly committing files without using git add by either:
  • git commit -am "my commit message" where -a (--all) means to automatically stage all tracked modified and deleted files
  • git commit -m "my commit message" . where . is an example of a pathspec where matching files will be staged

... (truncated)

Commits

• 5f3b8f2 Merge pull request #1812 from lint-staged/changeset-release/main
• 43a9b8d chore(changeset): release
• 630e2f6 Merge pull request #1809 from lint-staged/restore-merge-status
• 179b437 fix: restore Git merge status after creating backup stash
• 6bae2e2 Merge pull request #1811 from lint-staged/exec-git-ignore-stderr
• b82a830 ci: run npm audit omitting dev, including prod dependencies
• 0b19b80 build(deps): update dependencies
• 3d0b2c0 fix: ignore stderr when doing Git operations
• cd11fec Merge pull request #1807 from lint-staged/changeset-release/main
• 15a8ee0 chore(changeset): release
• Additional commits viewable in compare view

Updates markdownlint-cli2 from 0.12.1 to 0.22.1

Changelog

Sourced from markdownlint-cli2's changelog.

0.22.1

• Update dependencies

0.22.0

• Make --config parameter more flexible
• Support TOML with --config parameter
• Add --configPointer parameter
• Update dependencies

0.21.0

• Refactor options/configuration file loading
• Update dependencies

0.20.0

• Update dependencies (including markdownlint)

0.19.1

• Update --format to avoid trailing newline
• Update dependencies

0.19.0

• Add --format parameter for editor integration
• Update output formatters for severity warning
• Explicitly version Docker containers for pre-commit
• Update dependencies (including markdownlint)

0.18.1

• Update dependencies (including markdownlint)

0.18.0

• Use user ID in Docker containers for security
• Update dependencies (including markdownlint)
• Remove support for end-of-life Node 18

0.17.2

• Update dependencies (including markdownlint)

0.17.1

• Update dependencies (including markdownlint)

... (truncated)

Commits

• 996abf6 Update to version 0.22.1.
• 70b6875 Improve definition of OutputFormatterConfiguration type, minor other type twe...
• 2cf5440 Add additional test case for previous commit fixing dotfile behavior.
• 21c53ed Bump eslint from 10.2.0 to 10.2.1
• b738aa0 Update removeIgnoredFiles use of micromatch to include dotfiles for consisten...
• 24c04f4 Bump junit-report-builder from 5.1.1 to 5.1.2 in /formatter-junit
• 650f208 Bump pnpm/action-setup from 5 to 6
• 726eaab Bump eslint from 10.1.0 to 10.2.0
• 1aa7579 Update indirect playwright dependencies to 1.59.1.
• fee080d Bump @​playwright/test from 1.58.2 to 1.59.1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions