[Deps] Safe dependency updates (2026-04-17)

[github-actions]

Automated Safe Dependency Updates

This PR contains safe patch/minor-level dependency updates that have been verified to:

• ✅ Pass all tests (1529/1531 — 2 pre-existing environment failures unrelated to these changes)
• ✅ Have no breaking changes
• ✅ No new security vulnerabilities (npm audit reports 0 vulnerabilities)

Updated Dependencies

Package	Previous	Updated	Type
@eslint/compat	2.0.3	2.0.5	patch
@types/node	25.5.0	25.6.0	minor
@typescript-eslint/eslint-plugin	8.57.1	8.58.2	patch
@typescript-eslint/parser	8.57.1	8.58.2	patch
eslint	10.0.3	10.2.1	patch
globals	17.4.0	17.5.0	minor
ts-jest	29.4.6	29.4.9	patch
typescript-eslint	8.57.1	8.58.2	patch

Security Fixes Included

None — npm audit reports 0 vulnerabilities before and after these updates.

Skipped Updates (major version bumps — potential breaking changes)

• chalk 4 → 5 (ESM-only in v5)
• commander 12 → 14
• execa 5 → 9
• typescript 5 → 6
• eslint-plugin-security 3 → 4

Verification

• All tests pass (1529 passed, 2 pre-existing environment failures)
• No breaking changes detected
• npm audit shows 0 vulnerabilities

---

Generated by Dependency Security Monitor Workflow

---

Warning

Protected Files

This was originally intended as a pull request, but the patch modifies protected files. These files may affect project dependencies, CI/CD pipelines, or agent behaviour. Please review the changes carefully before creating the pull request.

Click here to create the pull request once you have reviewed the changes

Protected files

• package-lock.json

• package.json

To route changes like this to a review issue instead of blocking, configure protected-files: fallback-to-issue in your workflow configuration.

Generated by Dependency Security Monitor · ● 356.7K · ◷