chore(deps-dev): bump the development-dependencies group with 6 updates

[dependabot]

Bumps the development-dependencies group with 6 updates:

Package	From	To
@eslint/js	9.39.2	10.0.1
eslint	9.39.2	10.0.2
globals	17.3.0	17.4.0
knip	5.83.1	5.85.0
lint-staged	16.2.7	16.3.1
nock	14.0.10	14.0.11

Updates @eslint/js from 9.39.2 to 10.0.1

Release notes

Sourced from @​eslint/js's releases.

v10.0.1

Bug Fixes

• c87d5bd fix: update eslint (#20531) (renovate[bot])
• d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
• 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
• 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

• 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
• 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
• b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

• e5c281f chore: updates for v9.39.3 release (Jenkins)
• 8c3832a chore: update @​typescript-eslint/parser to ^8.56.0 (#20514) (Milos Djermanovic)
• 8330d23 test: add tests for config-api (#20493) (Milos Djermanovic)
• 37d6e91 chore: remove eslint v10 prereleases from eslint-config-eslint deps (#20494) (Milos Djermanovic)
• da7cd0e refactor: cleanup error message templates (#20479) (Francesco Trotta)
• 84fb885 chore: package.json update for @​eslint/js release (Jenkins)
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467) (Milos Djermanovic)

v10.0.0

Breaking Changes

• f9e54f4 feat!: estimate rule-tester failure location (#20420) (ST-DDT)
• a176319 feat!: replace chalk with styleText and add color to ResultsMeta (#20227) (루밀LuMir)
• c7046e6 feat!: enable JSX reference tracking (#20152) (Pixel998)
• fa31a60 feat!: add name to configs (#20015) (Kirk Waiblinger)
• 3383e7e fix!: remove deprecated SourceCode methods (#20137) (Pixel998)
• 501abd0 feat!: update dependency minimatch to v10 (#20246) (renovate[bot])
• ca4d3b4 fix!: stricter rule tester assertions for valid test cases (#20125) (唯然)
• 96512a6 fix!: Remove deprecated rule context methods (#20086) (Nicholas C. Zakas)
• c69fdac feat!: remove eslintrc support (#20037) (Francesco Trotta)
• 208b5cc feat!: Use ScopeManager#addGlobals() (#20132) (Milos Djermanovic)
• a2ee188 fix!: add uniqueItems: true in no-invalid-regexp option (#20155) (Tanuj Kanti)
• a89059d feat!: Program range span entire source text (#20133) (Pixel998)
• 39a6424 fix!: assert 'text' is a string across all RuleFixer methods (#20082) (Pixel998)
• f28fbf8 fix!: Deprecate "always" and "as-needed" options of the radix rule (#20223) (Milos Djermanovic)
• aa3fb2b fix!: tighten func-names schema (#20119) (Pixel998)
• f6c0ed0 feat!: report eslint-env comments as errors (#20128) (Francesco Trotta)
• 4bf739f fix!: remove deprecated LintMessage#nodeType and TestCaseError#type (#20096) (Pixel998)
• 523c076 feat!: drop support for jiti < 2.2.0 (#20016) (michael faith)
• 454a292 feat!: update eslint:recommended configuration (#20210) (Pixel998)
• 4f880ee feat!: remove v10_* and inactive unstable_* flags (#20225) (sethamus)
• f18115c feat!: no-shadow-restricted-names report globalThis by default (#20027) (sethamus)
• c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160) (Milos Djermanovic)

Features

• bff9091 feat: handle Array.fromAsync in array-callback-return (#20457) (Francesco Trotta)
• 290c594 feat: add self to no-implied-eval rule (#20468) (sethamus)
• 43677de feat: fix handling of function and class expression names in no-shadow (#20432) (Milos Djermanovic)

... (truncated)

Commits

• 84fb885 chore: package.json update for @​eslint/js release
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467)
• f3fbc2f chore: set @eslint/js version to 10.0.0 to skip releasing it (#20466)
• b4b3127 chore: package.json update for @​eslint/js release
• 0b14059 chore: package.json update for @​eslint/js release
• fa31a60 feat!: add name to configs (#20015)
• 1e2cad5 chore: package.json update for @​eslint/js release
• 454a292 feat!: update eslint:recommended configuration (#20210)
• c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160)
• See full diff in compare view

Updates eslint from 9.39.2 to 10.0.2

Release notes

Sourced from eslint's releases.

v10.0.2

Bug Fixes

• 2b72361 fix: update ajv to 6.14.0 to address security vulnerabilities (#20537) (루밀LuMir)

Documentation

• 13eeedb docs: link rule type explanation to CLI option --fix-type (#20548) (Mike McCready)
• 98cbf6b docs: update migration guide per Program range change (#20534) (Huáng Jùnliàng)
• 61a2405 docs: add missing semicolon in vars-on-top rule example (#20533) (Abilash)

Chores

• 951223b chore: update dependency @​eslint/eslintrc to ^3.3.4 (#20553) (renovate[bot])
• 6aa1afe chore: update dependency eslint-plugin-jsdoc to ^62.7.0 (#20536) (Milos Djermanovic)

v10.0.1

Bug Fixes

• c87d5bd fix: update eslint (#20531) (renovate[bot])
• d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
• 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
• 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

• 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
• 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
• b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

• e5c281f chore: updates for v9.39.3 release (Jenkins)
• 8c3832a chore: update @​typescript-eslint/parser to ^8.56.0 (#20514) (Milos Djermanovic)
• 8330d23 test: add tests for config-api (#20493) (Milos Djermanovic)
• 37d6e91 chore: remove eslint v10 prereleases from eslint-config-eslint deps (#20494) (Milos Djermanovic)
• da7cd0e refactor: cleanup error message templates (#20479) (Francesco Trotta)
• 84fb885 chore: package.json update for @​eslint/js release (Jenkins)
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467) (Milos Djermanovic)

v10.0.0

Breaking Changes

• f9e54f4 feat!: estimate rule-tester failure location (#20420) (ST-DDT)
• a176319 feat!: replace chalk with styleText and add color to ResultsMeta (#20227) (루밀LuMir)
• c7046e6 feat!: enable JSX reference tracking (#20152) (Pixel998)
• fa31a60 feat!: add name to configs (#20015) (Kirk Waiblinger)
• 3383e7e fix!: remove deprecated SourceCode methods (#20137) (Pixel998)
• 501abd0 feat!: update dependency minimatch to v10 (#20246) (renovate[bot])
• ca4d3b4 fix!: stricter rule tester assertions for valid test cases (#20125) (唯然)
• 96512a6 fix!: Remove deprecated rule context methods (#20086) (Nicholas C. Zakas)
• c69fdac feat!: remove eslintrc support (#20037) (Francesco Trotta)
• 208b5cc feat!: Use ScopeManager#addGlobals() (#20132) (Milos Djermanovic)
• a2ee188 fix!: add uniqueItems: true in no-invalid-regexp option (#20155) (Tanuj Kanti)
• a89059d feat!: Program range span entire source text (#20133) (Pixel998)
• 39a6424 fix!: assert 'text' is a string across all RuleFixer methods (#20082) (Pixel998)
• f28fbf8 fix!: Deprecate "always" and "as-needed" options of the radix rule (#20223) (Milos Djermanovic)

... (truncated)

Commits

• 55122d6 10.0.2
• 80f1e29 Build: changelog update for 10.0.2
• 951223b chore: update dependency @​eslint/eslintrc to ^3.3.4 (#20553)
• 13eeedb docs: link rule type explanation to CLI option --fix-type (#20548)
• 6aa1afe chore: update dependency eslint-plugin-jsdoc to ^62.7.0 (#20536)
• 2b72361 fix: update ajv to 6.14.0 to address security vulnerabilities (#20537)
• 98cbf6b docs: update migration guide per Program range change (#20534)
• 61a2405 docs: add missing semicolon in vars-on-top rule example (#20533)
• 0bd5497 10.0.1
• ddb80ef Build: changelog update for 10.0.1
• Additional commits viewable in compare view

Updates globals from 17.3.0 to 17.4.0

Release notes

Sourced from globals's releases.

v17.4.0

• Update globals (2026-03-01) (#338) d43a051

---

sindresorhus/globals@v17.3.0...v17.4.0

Commits

• a9cfd74 17.4.0
• d43a051 Update globals (2026-03-01) (#338)
• See full diff in compare view

Updates knip from 5.83.1 to 5.85.0

Release notes

Sourced from knip's releases.

Release 5.85.0

• Fix require.context regex matching for path-aware patterns (#1547) (c33d93ae24dc1304baa49f85b25beb24af803dd8) - thanks @​jstaab!
• Make knip compatible with erasableSyntaxOnly (#1541) (f63089bdadb2cea47d22fa27b22c16003e1a4b61) - thanks @​wojtekmaj!
• feat: add Payload CMS plugin (#1546) (58d99de46ee3a9e15cd77e3806b5de55931cebf2) - thanks @​Robot-Inventor!
• Look everywhere for manifest/robots file in next plugin (9da6205fdc45fdc992919d3e246415829025ea46)
• Merge some next glob patterns (8c5f35fa81ccccc4faceb6a1d8329d562927d450)
• Add SAP & Google Gemini to projects using Knip (c8ab8957ad1f15ee9ff67f13f5029f213e464ada)
• Bump remark-preset-webpro & dedupe (b9372cd7a0dc1a1ab54b7baa7b8a939a399ccc14)
• Document CLI usage for LS (97fe1cfe8a18af145eff9ca1f040e4c756acd270)
• fix: tsdown entry compatibility issues #1550 (#1554) (95051ebf3aa44a2db722837acf3ce73e03f72fc5) - thanks @​huijiewei!
• Fix incorrect coverage provider being reported (#1552) (2d0b5cda41f994116c6e211fc68c95b44c21b2cb) - thanks @​rexxars!
• Temp disable npmx in ecosystem run (a5cd9862943dcca1b217bcec2895553ba23dbe34)
• Fix OOM in gitignore walk for large monorepos (f192a6ba3fbe9fc303f48e3901db918f5bcd5164)

Release 5.84.1

• Fix false positives for arrow-wrapped dynamic imports assigned to variables (#1544) (75a42c3aa4b8f9db59fb450ef4f45540ab94ec26) - thanks @​jantimon!
• Improve pnpm arg handling (df8c353c7f30ee11d749b2cf3208f288def1ed84)
• Ignore module.register if 2nd arg is not import.meta.url (#1535) (970fdb1f747c0941759aa3e0394c30ff6cf63481)

Release 5.84.0

• Post-release shenanigans (e7965cba23b0c63f0165a12c96aed75257aa6919)
• Move most compilers to plugins & register from there (61beafe3e002408e91169397f7c384e14c613d92)
• Minor refactor (e20a6828be8dd1e49b819d5b5b896a26db2a91ac)
• Fix lint issues (d2bbc139e63235c415a243e76ad8685693b8edf2)
• Add missing catalog property to rules in JSON schema (#1518) (5d49dea2696db454e630014efd25172d6edde9fa) - thanks @​Mohmdev!
• feat(plugins): add @​typescript/native-preview (tsgo) support (#1513) (babfb10a0426059bc2d79d14a2ba9c33767b6571) - thanks @​jgoux!
• Fix up quoting for spaced args (resolve #1515) (2b735cb8d87a827bf9ea53ea2bcfcedf117e6d4d)
• Switch to tsconfig-aware module resolver in input handler (634d0f68f681df1bf1e8896846f4d4c29b03e689)
• Use bun test positionals as entry points (resolve #1521) (da9472555b28b04eddba703b1dfee69b2cb8b6f9)
• Edit docs (327726ff2c5f2b135581088dea62bd3ed4bc99d4)
• Minor refactor while at it (dc87e8ea7157745a449955e9a275877d19cf4d87)
• Add config hints for unused ignore and ignoreFiles items (a4989eef8c870aa038d9c9d9e09597590ca444e7)
• Accept known bins only behind double-dash (resolve #1524) (b9214e35659f1f87eabc6695d9b9643c0e6c8022)
• feat(plugins): add support for bun test preloaded files (#1525) (14ee32a8f818e1cbf48398ba57bf0f19812ed8be) - thanks @​jgoux!
• Add date to IGNORED_GLOBAL_BINARIES (#1476) (f08f92bd9eac95ec4eafd01ddb01279cb047544e) - thanks @​duci9y!
• Fix edge case for binaries in scripts (82331ee2d336349d24a23437527991b73c764039)
• Report ignore/files config hints only if sure & relevant (4c3bd085477139f50dce468c4231ba2753459c54)
• Add consistent repository fields (781a0fd44a2cece4fd9c1413e50caa88df528607)
• Add language-server bin (13d78454c4100f5d6a4f0cadcf1d77eadec523b2)
• Use --stdio if no transport provided (bedb21adff873c13095350842c85bb1bfeac643b)
• Refactor from "enabled" to "deferSession" (resolve #1499) (15e3360f11c81a866b8e6de76e894986bdfddedd)
• Use initializationOptions.config or default fallback config obj (resolve #1503) (0abe5684083428340254dc1b0136760aacb9acff)
• Also publish ls + mcp with pkg-pr-new (78065260f55fc491d59912e2db41d789e49a1bb7)
• Auto-format (51b7dc1de9e2ec5b738df5389906df84dc1f3dd7)
• Remove chdir shenanigans (close #1516) (0cbee8f38f4a91504b3adc4faee466b9624120fc)
• Bind console.* to distinguish internal↔ external logs (3eac278273856994483a9164539bf57a51ed440b)
• Add early bail-outs for changed files we can ignore (36c2dd5c4345d743c3de58ebd677b6f48a270213)
• Avoid unnecessary module graph updates for unmodified files (f94c41f24fb7f5c4682a620bafd03700cf14ba68)
• Fix typo in pkg-pr-new-pkg-dir (7e7a8b05a06f1f972a1d5e236dc53facbbb99729)
• Add .DS_Store to .gitignore (#1530) (40fe5cc608f2ecf71d148e061071e249c8940edb) - thanks @​wojtekmaj!

... (truncated)

Commits

• e28a3e7 Release knip@5.85.0
• f192a6b Fix OOM in gitignore walk for large monorepos
• 2d0b5cd Fix incorrect coverage provider being reported (#1552)
• 95051eb fix: tsdown entry compatibility issues #1550 (#1554)
• 8c5f35f Merge some next glob patterns
• 9da6205 Look everywhere for manifest/robots file in next plugin
• 58d99de feat: add Payload CMS plugin (#1546)
• f63089b Make knip compatible with erasableSyntaxOnly (#1541)
• c33d93a Fix require.context regex matching for path-aware patterns (#1547)
• 5c2cccf Release knip@5.84.1
• Additional commits viewable in compare view

Updates lint-staged from 16.2.7 to 16.3.1

Release notes

Sourced from lint-staged's releases.

v16.3.1

Patch Changes

• #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

v16.3.0

Minor Changes

• #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

• #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

• #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.

Changelog

Sourced from lint-staged's changelog.

16.3.1

Patch Changes

• #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

16.3.0

Minor Changes

• #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

• #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

• #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.

Commits

• 2a74cd2 chore(changeset): release
• cd5d762 refactor: remove nano-spawn dependency completely
• e342cab build(deps): move nano-spawn to dev
• 9aa2cd7 chore(changeset): release
• 0c387bc test: make long-running task longer because of GitHub Actions slowness
• 87467aa refactor: detect incorrect brace expansion exhaustively
• dceabc6 ci: run npm audit in GitHub Actions
• d0e4c2a build(deps): update dependencies
• 93cf144 docs: add tip about lint-staged.sh
• 9809fee test: adjust integration test logging setup for concurrency
• Additional commits viewable in compare view

Updates nock from 14.0.10 to 14.0.11

Release notes

Sourced from nock's releases.

v14.0.11

14.0.11 (2026-02-09)

Bug Fixes

• migrate to npm OIDC (#2940) (113dcac)
• restore github actions write permissions (#2941) (a4cb6b8)
• update @mswjs/interceptors to fix a memory leak (#2938) (025db76)
• upgrade semantic-release (#2943) (db0b280)

Commits

• db0b280 fix: upgrade semantic-release (#2943)
• bc78af4 Add write permission for contents in CI workflow (#2942)
• a4cb6b8 fix: restore github actions write permissions (#2941)
• 113dcac fix: migrate to npm OIDC (#2940)
• 025db76 fix: update @mswjs/interceptors to fix a memory leak (#2938)
• e7418da chore(deps): bump actions/setup-node from 4 to 6 (#2924)
• 2d4a5cc chore(deps-dev): bump js-yaml from 3.14.1 to 3.14.2
• 4f7e385 chore: upgrade interceptors
• 5177a33 chore(deps): bump serialize-javascript and mocha (#2848)
• 93611a2 chore(deps-dev): bump prettier from 3.2.5 to 3.6.2 (#2883)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nock since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[lwasser]

@dependabot recreate

[lwasser]

it looks like the eslint-plugin doesn't support eslint 10 yet -

see here until they implement a fix (which as i read might be challenging) we can't update eslint. my question is how important is the plugin dependency to us. but for now we can just keep that v9 upper bound.

[jdalrymple]

it looks like the eslint-plugin doesn't support eslint 10 yet -

see here until they implement a fix (which as i read might be challenging) we can't update eslint. my question is how important is the plugin dependency to us. but for now we can just keep that v9 upper bound.

Yea, im also curious as to what we need this plugin for... ill dig

Ahh for the import checking. Yea, I guess well have to wait for that one until a fix a made