fix(deps): update frontend-minor#498

Open

renovate[bot] wants to merge 1 commit into

renovate/frontend-minor

renovate Bot commented Jun 13, 2026

Contributor

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
@typescript-eslint/eslint-plugin (source)	`8.59.1` → `8.61.0`			devDependencies	minor
@typescript-eslint/parser (source)	`8.59.1` → `8.61.0`			devDependencies	minor
axios (source)	`1.16.0` → `1.17.0`			dependencies	minor
eslint (source)	`10.2.1` → `10.5.0`			devDependencies	minor
jotai	`2.19.1` → `2.20.1`			dependencies	minor
nginx	`1.30.0-alpine` → `1.31.1-alpine`			final	minor
yarn (source)	`4.14.1` → `4.16.0`			packageManager	minor

Release Notes

typescript-eslint/typescript-eslint (@typescript-eslint/eslint-plugin)

`v8.61.0`

🚀 Features

ast-spec: change type of UnaryExpression.prefix to always true (#12372)

❤️ Thank You

Kirk Waiblinger @kirkwaiblinger

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.60.1`

🩹 Fixes

eslint-plugin: [no-shadow] correct rule to match ESLint v10 handling (#12182)
eslint-plugin: respect ECMAScript line terminators in ts-comment rules (#12352)

❤️ Thank You

lumir
Nevette Bailey @nevette-bailey

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.60.0`

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.59.4`

🩹 Fixes

eslint-plugin: [no-floating-promises] stack overflow when using recursive types (#12294)

❤️ Thank You

Evyatar Daud @StyleShit

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.59.3`

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.59.2`

🩹 Fixes

eslint-plugin: [no-deprecated] object destructuring values should be treated as declarations (#12292)
eslint-plugin: [no-unsafe-type-assertion] handle crash on recursive template literal types (#12150)

❤️ Thank You

Dima Barabash
Kirk Waiblinger @kirkwaiblinger

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@typescript-eslint/parser)

`v8.61.0`

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.60.1`

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.60.0`

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.59.4`

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.59.3`

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

`v8.59.2`

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

axios/axios (axios)

`v1.17.0`

v1.17.0 — June 1, 2026

This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.

🔒 Security Fixes

Config Hardening: Guarded socketPath, params, and paramsSerializer reads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)
Release Publishing: Switched the publish workflow to npm staged publishing for safer, auditable package releases with provenance. (#10926)

🚀 New Features

HTTP Compression: Added Node HTTP adapter support for zstd response decompression, with transitional.advertiseZstdAcceptEncoding controlling whether zstd is advertised in Accept-Encoding. (#6792, #10920)

🐛 Bug Fixes

Authentication Handling: Restored Basic auth on same-origin Node redirects while continuing to strip credentials cross-origin, and aligned the fetch adapter with HTTP adapter behavior for URL-embedded Basic auth. (#10929, #10896)
Proxy TLS: Preserved user httpsAgent TLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)
React Native FormData: Cleared default Content-Type for React Native FormData so multipart boundaries can be generated correctly. (#10898)
Headers: Silently skipped empty or whitespace-only header names instead of throwing, matching parsed-header behavior and avoiding React Native response crashes. (#10875)
Request Data Merging: Preserved enumerable symbol keys when cloning plain request data through axios merge logic. (#10812)
Bundler Compatibility: Converted resolveConfig from an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)
Types: Corrected AxiosHeaders.toJSON() return types and updated CommonJS isCancel typings to narrow to CanceledError<T>. (#10956, #10952)
Build Tooling: Avoided emitting a null Authorization header from the GitHub build helper when GITHUB_TOKEN is unset. (#10931)

🔧 Maintenance & Chores

HTTP/2 Internals: Extracted Http2Sessions into its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)
Package Publishing: Reduced published package size by switching to a files allowlist and dropping unneeded unminified bundle source maps. (#10939)
CI and Release Automation: Added bundle-size reporting, moved reports to the job summary, fixed bundle-size comparison coverage, added Node 26 to the matrix, pinned npm for staged publishing, and prepared the 1.17.0 release. (#10907, #10911, #10916, #10927, #10935, #10983)
Developer Workflow: Added a dev container and iterated on OpenSpec workflow files before removing them from the release branch. (#10925, #10914, #10958)
Documentation and Policy: Updated disclosure, contributor, collaboration, threat-model, advanced docs, README badges, release notes, moderator configuration, and project metadata. (#10890, #10889, #10921, #10945, #10905, #10933, #10915, #10887, #10955)
Dependencies: Bumped Babel tooling, Commitlint, ESLint, Rollup, Globals, Vitest, Playwright, fs-extra, qs, docs dependencies, and GitHub Actions dependencies including actions/dependency-review-action and zizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

@BasixKOR (#6792)
@carladams1299-lab (#10861)
@LaplaceYoung (#10812)
@JamieMagee (#10939)
@RonGamzu (#10905)
@sapirbaruch (#10891)
@nezukoagent (#10901)
@devareddy05 (#10929)
@Mohammad-Faiz-Cloud-Engineer (#10922)
@azandabot (#10931)
@niksy (#10896)

`v1.16.1`

eslint/eslint (eslint)

`v10.5.0`

`v10.4.1`

Bug Fixes

e557467 fix: update @eslint/plugin-kit version to 0.7.2 (#20930) (Francesco Trotta)
d4ce898 fix: propagate failures from delegated commands (#20917) (Minh Vu)
f4f3507 fix: prefer-arrow-callback invalid autofix with newline after async (#20916) (kuldeep kumar)
c5bc78b fix: false positive for reference in finally block (#20655) (Tanuj Kanti)
27538c0 fix: add missing CodePath and CodePathSegment types (#20853) (Pixel998)

Documentation

61b0add docs: remove deprecated rule from related rules of max-params (#20921) (Tanuj Kanti)
305d5b9 docs: remove deprecated rules from related rules section (#20911) (Tanuj Kanti)
49b0202 docs: fix display: none of ad (#20901) (Tanuj Kanti)
9067f94 docs: switch build to Node.js 24 (#20893) (Milos Djermanovic)
c91b041 docs: Update README (GitHub Actions Bot)
e349265 docs: clarify semver strings in rule deprecation objects (#20885) (Milos Djermanovic)

Chores

b0e466b test: add data property to invalid tests cases for rules (#20924) (Tanuj Kanti)
f78838b test: add CodePath type coverage (#20904) (Pixel998)
1daa4bd chore: update eslint-plugin-eslint-comments test data to latest commit (#20922) (Francesco Trotta)
002942c ci: declare contents:read on update-readme workflow (#20919) (Arpit Jain)
64bca24 chore: update ecosystem plugins (#20912) (ESLint Bot)
6d7c832 chore: ignore fflate updates in renovate (#20908) (Pixel998)
b2c8638 ci: bump pnpm/action-setup from 6.0.7 to 6.0.8 (#20889) (dependabot[bot])
a9b8d7f chore: increase maxBuffer for ecosystem tests (#20881) (sethamus)
b702ead chore: update ecosystem update PR settings (#20884) (Pixel998)
507f60e chore: update ecosystem plugins (#20882) (ESLint Bot)
92f5c5b test: add unit test for message-count (#20878) (kuldeep kumar)
df32108 chore: add @eslint/markdown and typescript-eslint ecosystem tests (#20837) (sethamus)
327f91d chore: use includeIgnoreFile internally (#20876) (Kirk Waiblinger)
f0dc4bd chore: pin fflate@0.8.2 (#20877) (Milos Djermanovic)
0f4bd25 ci: run Discord alert for ecosystem test failures (#20873) (Copilot)

`v10.4.0`

`v10.3.0`

pmndrs/jotai (jotai)

`v2.20.1`

This release includes a few small fixes.

What's Changed

fix(vanilla/utils/atomWithStorage): apply reviver when parsing subscription updates by @chatman-media in #3326
fix(internals): throw stackoverflow errors synchronously by @dai-shi in #3330

New Contributors

@15MariamS made their first contribution in #3321
@sapphi-red made their first contribution in #3327
@DucMinhNe made their first contribution in #3331
@chatman-media made their first contribution in #3326

Full Changelog: pmndrs/jotai@v2.20.0...v2.20.1

`v2.20.0`

This release improves performance in high-throughput scenarios. Huge kudos to @dmaskasky!

What's Changed

breaking(internals): avoid getInternalBuildingBlock function by @dai-shi in #3293
refactor(internals): Rev3 type narrowing for onMount hooks by @dmaskasky in #3311
fix(internals): guard atomOnInit hook with hasOnInit by @dmaskasky in #3312
refactor(internals): lazy hooks in ensureAtomState for new atom state by @dmaskasky in #3313

Full Changelog: pmndrs/jotai@v2.19.1...v2.20.0

yarnpkg/berry (yarn)

`v4.16.0`: v4.16.0

What's Changed

PnP: Include Node 22.22.3 in fstat workaround by @junjuny0227 in #7141
Implements yarn npm stage by @arcanis in #7147
fix: Stop using EBADF workaround for Node 24.16.0+ by @MJDSys in #7152
Bumps eslint-plugin-arca by @arcanis in #7163
Enables staged publishing by @arcanis in #7164
feat: Add editor SDK support for oxc (oxfmt & oxlint) by @slainless in #7078
docs: fix npmMinimalAgeGate default value. by @ryanfox1985 in #7125

New Contributors

@junjuny0227 made their first contribution in #7141
@MJDSys made their first contribution in #7152
@slainless made their first contribution in #7078
@ryanfox1985 made their first contribution in #7125

Full Changelog: https://github.com/yarnpkg/berry/compare/@yarnpkg/cli/4.15.0...@yarnpkg/cli/4.16.0

`v4.15.0`: v4.15.0

What's Changed

Fix Next.JS e2e test by @brandonbothell in #7115
perf(plugin-nm): cache install state across workspaces by @sophiebits in #7126
fix(patch) Correctly handle Unicode paths by @liuxingbaoyu in #7123
fix(plugin-npm-cli): enable OIDC publish on CircleCI by @joshuayoes in #7122
fix(core): ignore legacy YARN_IGNORE_SCRIPTS env var by @KimHyeongRae0 in #7120
fix: Reject dependency names with leading/trailing whitespace (fixes duplicate installs) by @muskaanshraogi in #7124
feat(plugin-pnpm): make pnpm install concurrency configurable by @lennartschoch in #7118
PnP: Stop using EDABF solution for Node 26.1.0+ by @clemyan in #7133
Makes npmMinimalAgeGate: 1d the default by @arcanis in #7135

New Contributors

@brandonbothell made their first contribution in #7115
@sophiebits made their first contribution in #7126
@liuxingbaoyu made their first contribution in #7123
@joshuayoes made their first contribution in #7122
@KimHyeongRae0 made their first contribution in #7120
@muskaanshraogi made their first contribution in #7124
@lennartschoch made their first contribution in #7118

Full Changelog: https://github.com/yarnpkg/berry/compare/@yarnpkg/cli/4.14.1...@yarnpkg/cli/4.15.0

Configuration

📅 Schedule: (in timezone Europe/Berlin)

Branch creation
- "before 8am on saturday"
Automerge
- At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.


          fix(deps): update frontend-minor

f53ff5a

renovate Bot added the renovate label

renovate Bot assigned JuliusHenke

github-actions Bot commented Jun 13, 2026

Visit the preview URL for this PR (updated for commit f53ff5a):

https://tormap-36f44--pr498-renovate-frontend-mi-lo3pz99g.web.app

_{(expires Mon, 13 Jul 2026 00:39:07 GMT)}

_{🔥 via Firebase Hosting GitHub Action 🌎}

_{Sign: 0c1f71965de18e60b0e686b0d0356977fec090dc}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels