Skip to content

Bump @typescript-eslint/eslint-plugin from 7.13.0 to 8.50.0#1931

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-8.50.0
Open

Bump @typescript-eslint/eslint-plugin from 7.13.0 to 8.50.0#1931
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-8.50.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 22, 2025

Bumps @typescript-eslint/eslint-plugin from 7.13.0 to 8.50.0.

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.50.0

8.50.0 (2025-12-15)

🚀 Features

  • eslint-plugin: [no-useless-default-assignment] add rule (#11720)

❤️ Thank You

  • Josh Goldberg ✨
  • Ulrich Stark

You can read about our versioning strategy and releases on our website.

v8.49.0

8.49.0 (2025-12-08)

🚀 Features

  • eslint-plugin: use Intl.Segmenter instead of graphemer (#11804)

🩹 Fixes

  • deps: update dependency prettier to v3.7.2 (#11820)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.48.1

8.48.1 (2025-12-02)

⏪ Reverts

  • eslint-plugin: revert "[no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)" (#11812)

🩹 Fixes

  • eslint-plugin: [consistent-type-exports] check value flag before resolving alias (#11769)
  • eslint-plugin: honor ignored base types on generic classes (#11767)
  • eslint-plugin: [restrict-template-expressions] check base types in allow list (#11764, #11759)

❤️ Thank You

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.50.0 (2025-12-15)

🚀 Features

  • eslint-plugin: [no-useless-default-assignment] add rule (#11720)

❤️ Thank You

  • Josh Goldberg ✨
  • Ulrich Stark

You can read about our versioning strategy and releases on our website.

8.49.0 (2025-12-08)

🚀 Features

  • eslint-plugin: use Intl.Segmenter instead of graphemer (#11804)

🩹 Fixes

  • deps: update dependency prettier to v3.7.2 (#11820)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.48.1 (2025-12-02)

🩹 Fixes

  • eslint-plugin: [restrict-template-expressions] check base types in allow list (#11764, #11759)
  • eslint-plugin: honor ignored base types on generic classes (#11767)
  • eslint-plugin: [consistent-type-exports] check value flag before resolving alias (#11769)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.48.0 (2025-11-24)

🚀 Features

... (truncated)

Commits
  • c62e858 chore(release): publish 8.50.0
  • 1301f79 feat(eslint-plugin): [no-useless-default-assignment] add rule (#11720)
  • 864595a chore(release): publish 8.49.0
  • 32b7e89 chore(deps): update dependency @​vitest/eslint-plugin to v1.5.1 (#11816)
  • 56149a2 feat(eslint-plugin): use Intl.Segmenter instead of graphemer (#11804)
  • 34a49a4 fix(deps): update dependency prettier to v3.7.2 (#11820)
  • d2d7ace docs: fixes bad link to jest docs in unbound-method rule page (#11823)
  • 8fe3445 chore(release): publish 8.48.1
  • 5ac66a6 fix(eslint-plugin): revert "[no-redundant-type-constituents] use assignabilit...
  • 906cc3c fix(eslint-plugin): [restrict-template-expressions] check base types in allow...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​typescript-eslint/eslint-plugin since your current version.


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 22, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 22, 2025 07:15
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 22, 2025
@dependabot dependabot bot requested a review from yoshiwarab December 22, 2025 07:15
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-8.50.0 branch from 126da31 to 7c6abd2 Compare December 24, 2025 07:07
@socket-security
Copy link

socket-security bot commented Dec 24, 2025

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn Critical
Critical CVE: Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)

CVE: GHSA-vjh7-7g9h-fjfh Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) (CRITICAL)

Affected versions: < 6.6.1

Patched version: 6.6.1

From: ?npm/[email protected]

ℹ Read more on: This package | This alert | What is a critical CVE?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 7.13.0 to 8.50.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.50.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.50.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-8.50.0 branch from 7c6abd2 to 12473c4 Compare January 9, 2026 07:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants

Comments