chore(deps): bump the all-dependencies group across 1 directory with 9 updates

[dependabot]

Bumps the all-dependencies group with 9 updates in the / directory:

Package	From	To
@anthropic-ai/claude-code	2.1.63	2.1.74
@openai/codex	0.106.0	0.114.0
@eslint/js	9.39.3	10.0.1
@types/node	25.3.3	25.4.0
eslint	9.39.3	10.0.3
eslint-plugin-import-x	4.16.1	4.16.2
eslint-plugin-react-hooks	5.2.0	7.0.1
jest	30.2.0	30.3.0
typescript-eslint	8.56.1	8.57.0

Updates @anthropic-ai/claude-code from 2.1.63 to 2.1.74

Release notes

Sourced from @​anthropic-ai/claude-code's releases.

v2.1.74

What's changed

• Added actionable suggestions to /context command — identifies context-heavy tools, memory bloat, and capacity warnings with specific optimization tips
• Added autoMemoryDirectory setting to configure a custom directory for auto-memory storage
• Fixed memory leak where streaming API response buffers were not released when the generator was terminated early, causing unbounded RSS growth on the Node.js/npm code path
• Fixed managed policy ask rules being bypassed by user allow rules or skill allowed-tools
• Fixed full model IDs (e.g., claude-opus-4-5) being silently ignored in agent frontmatter model: field and --agents JSON config — agents now accept the same model values as --model
• Fixed MCP OAuth authentication hanging when the callback port is already in use
• Fixed MCP OAuth refresh never prompting for re-auth after the refresh token expires, for OAuth servers that return errors with HTTP 200 (e.g. Slack)
• Fixed voice mode silently failing on the macOS native binary for users whose terminal had never been granted microphone permission — the binary now includes the audio-input entitlement so macOS prompts correctly
• Fixed SessionEnd hooks being killed after 1.5 s on exit regardless of hook.timeout — now configurable via CLAUDE_CODE_SESSIONEND_HOOKS_TIMEOUT_MS
• Fixed /plugin install failing inside the REPL for marketplace plugins with local sources
• Fixed marketplace update not syncing git submodules — plugin sources in submodules no longer break after update
• Fixed unknown slash commands with arguments silently dropping input — now shows your input as a warning
• Fixed Hebrew, Arabic, and other RTL text not rendering correctly in Windows Terminal, conhost, and VS Code integrated terminal
• Fixed LSP servers not working on Windows due to malformed file URIs
• Changed --plugin-dir so local dev copies now override installed marketplace plugins with the same name (unless that plugin is force-enabled by managed settings)
• [VSCode] Fixed delete button not working for Untitled sessions
• [VSCode] Improved scroll wheel responsiveness in the integrated terminal with terminal-aware acceleration

v2.1.73

What's changed

• Added modelOverrides setting to map model picker entries to custom provider model IDs (e.g. Bedrock inference profile ARNs)
• Added actionable guidance when OAuth login or connectivity checks fail due to SSL certificate errors (corporate proxies, NODE_EXTRA_CA_CERTS)
• Fixed freezes and 100% CPU loops triggered by permission prompts for complex bash commands
• Fixed a deadlock that could freeze Claude Code when many skill files changed at once (e.g. during git pull in a repo with a large .claude/skills/ directory)
• Fixed Bash tool output being lost when running multiple Claude Code sessions in the same project directory
• Fixed subagents with model: opus/sonnet/haiku being silently downgraded to older model versions on Bedrock, Vertex, and Microsoft Foundry
• Fixed background bash processes spawned by subagents not being cleaned up when the agent exits
• Fixed /resume showing the current session in the picker
• Fixed /ide crashing with onInstall is not defined when auto-installing the extension
• Fixed /loop not being available on Bedrock/Vertex/Foundry and when telemetry was disabled
• Fixed SessionStart hooks firing twice when resuming a session via --resume or --continue
• Fixed JSON-output hooks injecting no-op system-reminder messages into the model's context on every turn
• Fixed voice mode session corruption when a slow connection overlaps a new recording
• Fixed Linux sandbox failing to start with "ripgrep (rg) not found" on native builds
• Fixed Linux native modules not loading on Amazon Linux 2 and other glibc 2.26 systems
• Fixed "media_type: Field required" API error when receiving images via Remote Control
• Fixed /heapdump failing on Windows with EEXIST error when the Desktop folder already exists
• Improved Up arrow after interrupting Claude — now restores the interrupted prompt and rewinds the conversation in one step
• Improved IDE detection speed at startup
• Improved clipboard image pasting performance on macOS
• Improved /effort to work while Claude is responding, matching /model behavior
• Improved voice mode to automatically retry transient connection failures during rapid push-to-talk re-press
• Improved the Remote Control spawn mode selection prompt with better context
• Changed default Opus model on Bedrock, Vertex, and Microsoft Foundry to Opus 4.6 (was Opus 4.1)
• Deprecated /output-style command — use /config instead. Output style is now fixed at session start for better prompt caching
• VSCode: Fixed HTTP 400 errors for users behind proxies or on Bedrock/Vertex with Claude 4.5 models

... (truncated)

Changelog

Sourced from @​anthropic-ai/claude-code's changelog.

2.1.74

• Added actionable suggestions to /context command — identifies context-heavy tools, memory bloat, and capacity warnings with specific optimization tips
• Added autoMemoryDirectory setting to configure a custom directory for auto-memory storage
• Fixed memory leak where streaming API response buffers were not released when the generator was terminated early, causing unbounded RSS growth on the Node.js/npm code path
• Fixed managed policy ask rules being bypassed by user allow rules or skill allowed-tools
• Fixed full model IDs (e.g., claude-opus-4-5) being silently ignored in agent frontmatter model: field and --agents JSON config — agents now accept the same model values as --model
• Fixed MCP OAuth authentication hanging when the callback port is already in use
• Fixed MCP OAuth refresh never prompting for re-auth after the refresh token expires, for OAuth servers that return errors with HTTP 200 (e.g. Slack)
• Fixed voice mode silently failing on the macOS native binary for users whose terminal had never been granted microphone permission — the binary now includes the audio-input entitlement so macOS prompts correctly
• Fixed SessionEnd hooks being killed after 1.5 s on exit regardless of hook.timeout — now configurable via CLAUDE_CODE_SESSIONEND_HOOKS_TIMEOUT_MS
• Fixed /plugin install failing inside the REPL for marketplace plugins with local sources
• Fixed marketplace update not syncing git submodules — plugin sources in submodules no longer break after update
• Fixed unknown slash commands with arguments silently dropping input — now shows your input as a warning
• Fixed Hebrew, Arabic, and other RTL text not rendering correctly in Windows Terminal, conhost, and VS Code integrated terminal
• Fixed LSP servers not working on Windows due to malformed file URIs
• Changed --plugin-dir so local dev copies now override installed marketplace plugins with the same name (unless that plugin is force-enabled by managed settings)
• [VSCode] Fixed delete button not working for Untitled sessions
• [VSCode] Improved scroll wheel responsiveness in the integrated terminal with terminal-aware acceleration

2.1.73

• Added modelOverrides setting to map model picker entries to custom provider model IDs (e.g. Bedrock inference profile ARNs)
• Added actionable guidance when OAuth login or connectivity checks fail due to SSL certificate errors (corporate proxies, NODE_EXTRA_CA_CERTS)
• Fixed freezes and 100% CPU loops triggered by permission prompts for complex bash commands
• Fixed a deadlock that could freeze Claude Code when many skill files changed at once (e.g. during git pull in a repo with a large .claude/skills/ directory)
• Fixed Bash tool output being lost when running multiple Claude Code sessions in the same project directory
• Fixed subagents with model: opus/sonnet/haiku being silently downgraded to older model versions on Bedrock, Vertex, and Microsoft Foundry
• Fixed background bash processes spawned by subagents not being cleaned up when the agent exits
• Fixed /resume showing the current session in the picker
• Fixed /ide crashing with onInstall is not defined when auto-installing the extension
• Fixed /loop not being available on Bedrock/Vertex/Foundry and when telemetry was disabled
• Fixed SessionStart hooks firing twice when resuming a session via --resume or --continue
• Fixed JSON-output hooks injecting no-op system-reminder messages into the model's context on every turn
• Fixed voice mode session corruption when a slow connection overlaps a new recording
• Fixed Linux sandbox failing to start with "ripgrep (rg) not found" on native builds
• Fixed Linux native modules not loading on Amazon Linux 2 and other glibc 2.26 systems
• Fixed "media_type: Field required" API error when receiving images via Remote Control
• Fixed /heapdump failing on Windows with EEXIST error when the Desktop folder already exists
• Improved Up arrow after interrupting Claude — now restores the interrupted prompt and rewinds the conversation in one step
• Improved IDE detection speed at startup
• Improved clipboard image pasting performance on macOS
• Improved /effort to work while Claude is responding, matching /model behavior
• Improved voice mode to automatically retry transient connection failures during rapid push-to-talk re-press
• Improved the Remote Control spawn mode selection prompt with better context
• Changed default Opus model on Bedrock, Vertex, and Microsoft Foundry to Opus 4.6 (was Opus 4.1)
• Deprecated /output-style command — use /config instead. Output style is now fixed at session start for better prompt caching
• VSCode: Fixed HTTP 400 errors for users behind proxies or on Bedrock/Vertex with Claude 4.5 models

2.1.72

... (truncated)

Commits

• 6f049b6 chore: Update CHANGELOG.md
• 45b5430 chore: Update CHANGELOG.md
• f6dbf44 chore: Update CHANGELOG.md
• 540b61b chore: Update CHANGELOG.md
• 00553de chore: Update CHANGELOG.md
• 53a5f3e chore: Update CHANGELOG.md
• da80366 chore: Update CHANGELOG.md
• 9582ad4 chore: Update CHANGELOG.md
• 0b3f7cb chore: Update CHANGELOG.md
• a833523 chore: Update CHANGELOG.md
• Additional commits viewable in compare view

Updates @openai/codex from 0.106.0 to 0.114.0

Release notes

Sourced from @​openai/codex's releases.

0.114.0

New Features

• Added an experimental code mode for more isolated coding workflows. (#13418)
• Added an experimental hooks engine with SessionStart and Stop hook events. (#13276)
• WebSocket app-server deployments now expose GET /readyz and GET /healthz on the same listener for easier health checks. (#13782)
• Added a config switch to disable bundled system skills entirely. (#13792)
• Handoffs now carry realtime transcript context, which improves continuity when work is transferred between turns. (#14132)
• Improved the $ mention picker by clearly labeling Skills, Apps, and Plugins, and by surfacing plugins first. (#14147, #14163)

Bug Fixes

• Fixed a Linux tmux crash caused by concurrent user-shell lookups. (#13900)
• Fixed apps being enabled in unsupported sessions by tightening the enablement check. (#14011)
• Fixed reopened threads getting stuck as in-progress after quitting mid-run and then resuming later. (#14125)
• Fixed permission handling so legacy workspace-write behavior is preserved and newer permission profiles degrade more safely on older builds. (#13957, #14107)
• Fixed approval flows so granted permissions persist across turns, work with reject-style configs, and are honored by apply_patch. (#14009, #14055, #14118, #14165)

Chores

• Laid the groundwork for the Python SDK’s generated v2 schema types and pinned platform-specific runtime binaries. (#13953)

Changelog

Full Changelog: openai/codex@rust-v0.113.0...rust-v0.114.0

• #14009 feat(core) Persist request_permission data across turns @​dylan-hurd-oai
• #14136 fix(core): use dedicated types for responsesapi web search tool config @​owenlin0
• #13782 codex-rs/app-server: add health endpoints for --listen websocket server @​maxj-oai
• #14055 fix(core) RequestPermissions + ApplyPatch @​dylan-hurd-oai
• #14118 feat(approvals) RejectConfig for request_permissions @​dylan-hurd-oai
• #13957 fix(protocol): preserve legacy workspace-write semantics @​viyatb-oai
• #14107 fix: keep permissions profiles forward compatible @​viyatb-oai
• #14147 make dollar-mention always clarify item category (skill, app, plugin) @​sayan-oai
• #14152 Refactor tool output into trait implementations @​pakrym-oai
• #14163 sort plugins first in menu @​sayan-oai
• #13418 Add code_mode experimental feature @​pakrym-oai
• #13276 start of hooks engine @​eternal-openai
• #14135 tui: only show fast status for gpt-5.4 @​pash-openai
• #14157 Enforce single tool output type in codex handlers @​pakrym-oai
• #14165 fix(core) default RejectConfig.request_permissions @​dylan-hurd-oai
• #14167 Export tools module into code mode runner @​pakrym-oai
• #13792 feat: support disabling bundled system skills @​xl-openai
• #14169 Move exec command truncation into ExecCommandToolOutput @​pakrym-oai
• #14011 [apps] Fix apps enablement condition. @​mzeng-openai
• #14000 Delay pending cleanup until task aborts @​aibrahim-oai
• #12296 Implemented thread-level atomic elicitation counter for stopwatch pausing @​cconger
• #14132 Use realtime transcript for handoff context @​aibrahim-oai
• #13879 Stabilize incomplete SSE retry test @​aibrahim-oai
• #14184 Fix unified exec test output assertion @​aibrahim-oai
• #14002 Stabilize websocket test server binding @​aibrahim-oai
• #13939 Stabilize app-server notify initialize test @​aibrahim-oai
• #13953 python-sdk: generated type foundation (all v2 schemas) @​shaqayeq-oai

... (truncated)

Commits

• See full diff in compare view

Updates @eslint/js from 9.39.3 to 10.0.1

Release notes

Sourced from @​eslint/js's releases.

v10.0.1

Bug Fixes

• c87d5bd fix: update eslint (#20531) (renovate[bot])
• d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
• 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
• 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

• 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
• 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
• b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

• e5c281f chore: updates for v9.39.3 release (Jenkins)
• 8c3832a chore: update @​typescript-eslint/parser to ^8.56.0 (#20514) (Milos Djermanovic)
• 8330d23 test: add tests for config-api (#20493) (Milos Djermanovic)
• 37d6e91 chore: remove eslint v10 prereleases from eslint-config-eslint deps (#20494) (Milos Djermanovic)
• da7cd0e refactor: cleanup error message templates (#20479) (Francesco Trotta)
• 84fb885 chore: package.json update for @​eslint/js release (Jenkins)
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467) (Milos Djermanovic)

v10.0.0

Breaking Changes

• f9e54f4 feat!: estimate rule-tester failure location (#20420) (ST-DDT)
• a176319 feat!: replace chalk with styleText and add color to ResultsMeta (#20227) (루밀LuMir)
• c7046e6 feat!: enable JSX reference tracking (#20152) (Pixel998)
• fa31a60 feat!: add name to configs (#20015) (Kirk Waiblinger)
• 3383e7e fix!: remove deprecated SourceCode methods (#20137) (Pixel998)
• 501abd0 feat!: update dependency minimatch to v10 (#20246) (renovate[bot])
• ca4d3b4 fix!: stricter rule tester assertions for valid test cases (#20125) (唯然)
• 96512a6 fix!: Remove deprecated rule context methods (#20086) (Nicholas C. Zakas)
• c69fdac feat!: remove eslintrc support (#20037) (Francesco Trotta)
• 208b5cc feat!: Use ScopeManager#addGlobals() (#20132) (Milos Djermanovic)
• a2ee188 fix!: add uniqueItems: true in no-invalid-regexp option (#20155) (Tanuj Kanti)
• a89059d feat!: Program range span entire source text (#20133) (Pixel998)
• 39a6424 fix!: assert 'text' is a string across all RuleFixer methods (#20082) (Pixel998)
• f28fbf8 fix!: Deprecate "always" and "as-needed" options of the radix rule (#20223) (Milos Djermanovic)
• aa3fb2b fix!: tighten func-names schema (#20119) (Pixel998)
• f6c0ed0 feat!: report eslint-env comments as errors (#20128) (Francesco Trotta)
• 4bf739f fix!: remove deprecated LintMessage#nodeType and TestCaseError#type (#20096) (Pixel998)
• 523c076 feat!: drop support for jiti < 2.2.0 (#20016) (michael faith)
• 454a292 feat!: update eslint:recommended configuration (#20210) (Pixel998)
• 4f880ee feat!: remove v10_* and inactive unstable_* flags (#20225) (sethamus)
• f18115c feat!: no-shadow-restricted-names report globalThis by default (#20027) (sethamus)
• c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160) (Milos Djermanovic)

Features

• bff9091 feat: handle Array.fromAsync in array-callback-return (#20457) (Francesco Trotta)
• 290c594 feat: add self to no-implied-eval rule (#20468) (sethamus)
• 43677de feat: fix handling of function and class expression names in no-shadow (#20432) (Milos Djermanovic)

... (truncated)

Commits

• 84fb885 chore: package.json update for @​eslint/js release
• 1f66734 chore: add eslint to peerDependencies of @eslint/js (#20467)
• f3fbc2f chore: set @eslint/js version to 10.0.0 to skip releasing it (#20466)
• b4b3127 chore: package.json update for @​eslint/js release
• 0b14059 chore: package.json update for @​eslint/js release
• fa31a60 feat!: add name to configs (#20015)
• 1e2cad5 chore: package.json update for @​eslint/js release
• 454a292 feat!: update eslint:recommended configuration (#20210)
• c6358c3 feat!: Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#20160)
• See full diff in compare view

Updates @types/node from 25.3.3 to 25.4.0

Commits

• See full diff in compare view

Updates eslint from 9.39.3 to 10.0.3

Release notes

Sourced from eslint's releases.

v10.0.3

Bug Fixes

• e511b58 fix: update eslint (#20595) (renovate[bot])
• f4c9cf9 fix: include variable name in no-useless-assignment message (#20581) (sethamus)
• ee9ff31 fix: update dependency minimatch to ^10.2.4 (#20562) (Milos Djermanovic)

Documentation

• 9fc31b0 docs: Update README (GitHub Actions Bot)
• 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570) (DesselBane)
• 23b2759 docs: add v10 migration guide link to Use docs index (#20577) (Pixel998)
• 80259a9 docs: Remove deprecated eslintrc documentation files (#20472) (Copilot)
• 9b9b4ba docs: fix typo in no-await-in-loop documentation (#20575) (Pixel998)
• e7d72a7 docs: document TypeScript 5.3 minimum supported version (#20547) (sethamus)

Chores

• ef8fb92 chore: package.json update for eslint-config-eslint release (Jenkins)
• e8f2104 chore: updates for v9.39.4 release (Jenkins)
• 5cd1604 refactor: simplify isCombiningCharacter helper (#20524) (Huáng Jùnliàng)
• 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586) (Milos Djermanovic)
• e32df71 chore: update eslint-plugin-eslint-comments, remove legacy-peer-deps (#20576) (Milos Djermanovic)
• 53ca6ee chore: disable eslint-comments/no-unused-disable rule (#20578) (Milos Djermanovic)
• e121895 ci: pin Node.js 25.6.1 (#20559) (Milos Djermanovic)
• efc5aef chore: update tsconfig.json in eslint-config-eslint (#20551) (Francesco Trotta)

v10.0.2

Bug Fixes

• 2b72361 fix: update ajv to 6.14.0 to address security vulnerabilities (#20537) (루밀LuMir)

Documentation

• 13eeedb docs: link rule type explanation to CLI option --fix-type (#20548) (Mike McCready)
• 98cbf6b docs: update migration guide per Program range change (#20534) (Huáng Jùnliàng)
• 61a2405 docs: add missing semicolon in vars-on-top rule example (#20533) (Abilash)

Chores

• 951223b chore: update dependency @​eslint/eslintrc to ^3.3.4 (#20553) (renovate[bot])
• 6aa1afe chore: update dependency eslint-plugin-jsdoc to ^62.7.0 (#20536) (Milos Djermanovic)

v10.0.1

Bug Fixes

• c87d5bd fix: update eslint (#20531) (renovate[bot])
• d841001 fix: update minimatch to 10.2.1 to address security vulnerabilities (#20519) (루밀LuMir)
• 04c2147 fix: update error message for unused suppressions (#20496) (fnx)
• 38b089c fix: update dependency @​eslint/config-array to ^0.23.1 (#20484) (renovate[bot])

Documentation

• 5b3dbce docs: add AI acknowledgement section to templates (#20431) (루밀LuMir)
• 6f23076 docs: toggle nav in no-JS mode (#20476) (Tanuj Kanti)
• b69cfb3 docs: Update README (GitHub Actions Bot)

Chores

... (truncated)

Commits

• bfce7ea 10.0.3
• d44ced8 Build: changelog update for 10.0.3
• e511b58 fix: update eslint (#20595)
• ef8fb92 chore: package.json update for eslint-config-eslint release
• e8f2104 chore: updates for v9.39.4 release
• 5cd1604 refactor: simplify isCombiningCharacter helper (#20524)
• 9fc31b0 docs: Update README
• 70ff1d0 chore: eslint-config-eslint require Node ^20.19.0 || ^22.13.0 || >=24 (#20586)
• f4c9cf9 fix: include variable name in no-useless-assignment message (#20581)
• 4efaa36 docs: add info box for eslint-plugin-eslint-comments (#20570)
• Additional commits viewable in compare view

Updates eslint-plugin-import-x from 4.16.1 to 4.16.2

Release notes

Sourced from eslint-plugin-import-x's releases.

v4.16.2

Patch Changes

• #457 1da4043 Thanks @​SukkaW! - Make the no-unused-modules rule no-op on ESLint 10 or later for now before we can implement an alternative. A warning message about this behavior is added, and can be suppressed with the new suppressMissingFileEnumeratorAPIWarning rule option (import-x/no-unused-modules: ['error', { suppressMissingFileEnumeratorAPIWarning: true }]).

• #450 a51be0f Thanks @​andrewgaun! - fix(deps): Bumping minimatch 10 version to avoid dependency with a critical vulnerability

  Updating the minimum minimatch 10 version to 10.1.2 which updates a dependency (@​isaacs/brace-expansion) with a critical vulnerability. See GHSA-7h2j-956f-4vf2

• #466 b669aca Thanks @​SukkaW! - Make eslint-plugin-import-x compatible with ESLint's defineConfig

• #434 a3aae61 Thanks @​stepankuzmin! - fix(deps): replace type-fest with @​package-json/types

  PackageJson types are imported in published declaration files (lib/rules/no-extraneous-dependencies.d.ts and lib/utils/read-pkg-up.d.ts), which causes TypeScript compilation errors for consumers who don't have skipLibCheck enabled. Replacing type-fest with the smaller @​package-json/types package ensures the types are available to all consumers while reducing bundle size.

• #458 60312ee Thanks @​SukkaW! - Bump peer deps version range to include ESLint 10 support

• #443 b416a8a Thanks @​baevm! - consistent-type-specifier-style: Add exception for TS resolution-mode import attributes

• #454 d3f8d67 Thanks @​SukkaW! - First step toward ESLint 10 support:

  • sourceType determination now prefers context.languageOptions when possible
  • Ensure context.parserOptions no longer results in crashes with ESLint 10
  • Merge getParser and getParserPath implementations into one getParserOrPath

• #406 d0a7816 Thanks @​marcalexiei! - fix(package): remove config and rules exports pointing to empty files

Changelog

Sourced from eslint-plugin-import-x's changelog.

4.16.2

Patch Changes

• #457 1da4043 Thanks @​SukkaW! - Make the no-unused-modules rule no-op on ESLint 10 or later for now before we can implement an alternative. A warning message about this behavior is added, and can be suppressed with the new suppressMissingFileEnumeratorAPIWarning rule option (import-x/no-unused-modules: ['error', { suppressMissingFileEnumeratorAPIWarning: true }]).

• #450 a51be0f Thanks @​andrewgaun! - fix(deps): Bumping minimatch 10 version to avoid dependency with a critical vulnerability

  Updating the minimum minimatch 10 version to 10.1.2 which updates a dependency (@​isaacs/brace-expansion) with a critical vulnerability. See GHSA-7h2j-956f-4vf2

• #466 b669aca Thanks @​SukkaW! - Make eslint-plugin-import-x compatible with ESLint's defineConfig

• #434 a3aae61 Thanks @​stepankuzmin! - fix(deps): replace type-fest with @​package-json/types

  PackageJson types are imported in published declaration files (lib/rules/no-extraneous-dependencies.d.ts and lib/utils/read-pkg-up.d.ts), which causes TypeScript compilation errors for consumers who don't have skipLibCheck enabled. Replacing type-fest with the smaller @​package-json/types package ensures the types are available to all consumers while reducing bundle size.

• #458 60312ee Thanks @​SukkaW! - Bump peer deps version range to include ESLint 10 support

• #443 b416a8a Thanks @​baevm! - consistent-type-specifier-style: Add exception for TS resolution-mode import attributes

• #454 d3f8d67 Thanks @​SukkaW! - First step toward ESLint 10 support:

  • sourceType determination now prefers context.languageOptions when possible
  • Ensure context.parserOptions no longer results in crashes with ESLint 10
  • Merge getParser and getParserPath implementations into one getParserOrPath

• #406 d0a7816 Thanks @​marcalexiei! - fix(package): remove config and rules exports pointing to empty files

Commits

• 69ddbba chore: release eslint-plugin-import-x (#407)
• b669aca fix(#421): defineConfig compatible (#466)
• 60312ee chore: prepare for ESLint 10 more (#458)
• 1da4043 refactor: make no-unused-modules no-op on ESLint 10 or later (#457)
• d801fd7 docs: remove SublimeLinter-eslint mention in README (#432)
• 1909953 chore(deps): update dependency minimatch to v9.0.8 [security] (#460)
• b416a8a fix: consistent-type-specifier-style with prefer-inline and TS resolution...
• a51be0f chore(deps): bumping minimatch 10 to 10.1.2 to avoid dependencies with cr...
• d3f8d67 refactor: first step toward ESLint 10 support (#454)
• a3aae61 fix(deps): replace type-fest w/ @package-json/types (#434)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-import-x since your current version.

Updates eslint-plugin-react-hooks from 5.2.0 to 7.0.1

Changelog

Sourced from eslint-plugin-react-hooks's changelog.

7.0.1

• Disallowed passing inline useEffectEvent values as JSX props to guard against accidental propagation. (#34820 by @​jf-eirinha)
• Switch to export = so eslint-plugin-react-hooks emits correct types for consumers in Node16 ESM projects. (#34949 by @​karlhorky)
• Tightened the typing of configs.flat so the configs export is always defined. (#34950 by @​poteto)
• Fix named import runtime errors. (#34951, #34953 by @​karlhorky)

7.0.0

This release slims down presets to just 2 configurations (recommended and recommended-latest), and all compiler rules are enabled by default.

• Breaking: Removed recommended-latest-legacy and flat/recommended configs. The plugin now provides recommended (legacy and flat configs with all recommended rules), and recommended-latest (legacy and flat configs with all recommended rules plus new bleeding edge experimental compiler rules). (@​poteto in #34757)

6.1.1

Note: 6.1.0 accidentally allowed use of recommended without flat config, causing errors when used with ESLint v9's defineConfig() helper. This has been fixed in 6.1.1.

• Fix recommended config for flat config compatibility. The recommended config has been converted to flat config format. Non-flat config users should use recommended-legacy instead. (@​poteto in #34700)
• Add recommended-latest and recommended-latest-legacy configs that include React Compiler rules. (@​poteto in #34675)
• Remove unused NoUnusedOptOutDirectives rule. (@​poteto in #34703)
• Remove hermes-parser and dependency. (@​poteto in #34719)
• Remove @babel/plugin-proposal-private-methods dependency. (@​ArnaudBarre and @​josephsavona in #34715)
• Update for Zod v3/v4 compatibility. (@​kolian and @​josephsavona in

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4dafc8b2f7

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Keep ESLint major compatible with React lint plugins

Upgrading eslint to ^10.0.3 here introduces an unsupported peer-dependency combination for the current React lint stack: in this same lockfile, eslint-plugin-react@7.37.5 and eslint-plugin-react-hooks@7.0.1 still declare peers capped at ESLint 9 (^9.7 and ^9.0.0 respectively). In environments that enforce peer compatibility (for example stricter npm settings, pnpm, or CI policies), dependency installation can fail or produce an unstable lint toolchain, which blocks just lint/CI.

Useful? React with 👍 / 👎.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.