Bump js-yaml, eslint and eslint-plugin-import in /e2e/playwright#1033
Bump js-yaml, eslint and eslint-plugin-import in /e2e/playwright#1033dependabot[bot] wants to merge 1 commit into
Conversation
Removes [js-yaml](https://github.com/nodeca/js-yaml). It's no longer used after updating ancestor dependencies [js-yaml](https://github.com/nodeca/js-yaml), [eslint](https://github.com/eslint/eslint) and [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import). These dependencies need to be updated together. Removes `js-yaml` Updates `eslint` from 7.32.0 to 10.6.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v7.32.0...v10.6.0) Updates `eslint-plugin-import` from 2.22.0 to 2.32.0 - [Release notes](https://github.com/import-js/eslint-plugin-import/releases) - [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md) - [Commits](import-js/eslint-plugin-import@v2.22.0...v2.32.0) --- updated-dependencies: - dependency-name: js-yaml dependency-version: dependency-type: indirect - dependency-name: eslint dependency-version: 10.6.0 dependency-type: direct:development - dependency-name: eslint-plugin-import dependency-version: 2.32.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>
|
Hello @dependabot[bot], Thanks for your pull request! A Core Committer will review your pull request soon. For code contributions, you can learn more about the review process here. |
|
@coderabbitai review |
✅ Action performedReview finished.
|
📝 WalkthroughWalkthroughThis change updates two devDependency versions in the Playwright e2e test suite's package.json: eslint from 7.32.0 to 10.6.0 and eslint-plugin-import from 2.22.0 to 2.32.0. ChangesDev dependency updates
Estimated code review effort: 1 (Trivial) | ~2 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@e2e/playwright/package.json`:
- Line 20: The ESLint 10 upgrade in the Playwright package is incomplete because
the existing .eslintrc.json and the current `@typescript-eslint` parser/plugin
versions are not compatible with it. Update the Playwright lint setup to use a
flat config and ESLint-10-compatible `@typescript-eslint` packages, or otherwise
keep ESLint on a supported major; make sure the package-level lint entrypoint
still works with the new config.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository UI
Review profile: CHILL
Plan: Pro
Run ID: 4933cc97-c64c-4d2e-b602-edd346eb59f9
⛔ Files ignored due to path filters (1)
e2e/playwright/package-lock.jsonis excluded by!**/package-lock.json
📒 Files selected for processing (1)
e2e/playwright/package.json
| "dotenv": "^16.0.3", | ||
| "eslint": "7.32.0", | ||
| "eslint-plugin-import": "2.22.0", | ||
| "eslint": "10.6.0", |
There was a problem hiding this comment.
🗄️ Data Integrity & Integration | 🔴 Critical | 🏗️ Heavy lift
🧩 Analysis chain
🏁 Script executed:
set -euo pipefail
printf '\n## package.json\n'
cat -n e2e/playwright/package.json
printf '\n## eslint config files\n'
git ls-files 'e2e/playwright/*eslint*' 'e2e/playwright/.eslintrc*' 'e2e/playwright/eslint.config.*' || true
printf '\n## package-local ESLint config\n'
for f in e2e/playwright/.eslintrc.json e2e/playwright/eslint.config.js e2e/playwright/eslint.config.mjs e2e/playwright/eslint.config.cjs; do
if [ -f "$f" ]; then
echo "--- $f"
cat -n "$f"
fi
done
printf '\n## workflow references\n'
rg -n "npm run lint|eslint|node" .github/workflows/playwright.yml e2e/playwright/package.json || true
sed -n '130,170p' .github/workflows/playwright.ymlRepository: mattermost/mattermost-plugin-github
Length of output: 4873
🏁 Script executed:
set -euo pipefail
printf '\n## lockfile matches for eslint and parsers\n'
rg -n '"eslint"|`@typescript-eslint/`(eslint-plugin|parser)|eslint-plugin-(import|react|react-hooks)' e2e/playwright/package-lock.json || true
printf '\n## ESLint package metadata in lockfile\n'
python3 - <<'PY'
import json, re
from pathlib import Path
p = Path("e2e/playwright/package-lock.json")
data = json.loads(p.read_text())
pkgs = data.get("packages", {})
for key in ["node_modules/eslint", "node_modules/@typescript-eslint/parser", "node_modules/@typescript-eslint/eslint-plugin", "node_modules/eslint-plugin-import"]:
if key in pkgs:
print(f"--- {key}")
for k in ["version", "peerDependencies", "dependencies", "engines"]:
if k in pkgs[key]:
print(k, pkgs[key][k])
PY
printf '\n## any flat config file in e2e/playwright\n'
fd -a 'eslint.config.*' e2e/playwright || true
printf '\n## package-lock top-level package versions\n'
python3 - <<'PY'
import json
from pathlib import Path
data = json.loads(Path("e2e/playwright/package-lock.json").read_text())
root = data.get("packages", {}).get("", {})
print(root.get("devDependencies", {}))
PYRepository: mattermost/mattermost-plugin-github
Length of output: 5690
ESLint 10 needs a config/plugin migration first
e2e/playwright/.eslintrc.json won’t be picked up here, and @typescript-eslint/parser / @typescript-eslint/eslint-plugin v5.59 only support ESLint up to 8. npm run lint in CI will fail until this package moves to flat config and ESLint-10-compatible plugins, or ESLint is kept on a supported major.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@e2e/playwright/package.json` at line 20, The ESLint 10 upgrade in the
Playwright package is incomplete because the existing .eslintrc.json and the
current `@typescript-eslint` parser/plugin versions are not compatible with it.
Update the Playwright lint setup to use a flat config and ESLint-10-compatible
`@typescript-eslint` packages, or otherwise keep ESLint on a supported major; make
sure the package-level lint entrypoint still works with the new config.
|
Closing this as the ESlint 7 to 10 bump is a breaking change we can't take in isolation.
We should add ESlint to the dependabot ignore list so we stop getting these bumps until we're ready. Then migrate |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Removes js-yaml. It's no longer used after updating ancestor dependencies js-yaml, eslint and eslint-plugin-import. These dependencies need to be updated together.
Removes
js-yamlUpdates
eslintfrom 7.32.0 to 10.6.0Release notes
Sourced from eslint's releases.
... (truncated)
Commits
5d12a0410.6.0f7ca54bBuild: changelog update for 10.6.06a42034ci: run ecosystem tests on main branch (#20891)b1f9106feat: detect Symbol() and BigInt() in no-constant-binary-expression (#20981)3dbacdbci: bump actions/checkout from 6 to 7 (#21014)c3abfcachore: correct JSDoc param types in html formatter (#21018)a83683ddocs: Update READMEa832320ci: split ecosystem tests into separate jobs (#21001)6b05784fix: prefer-exponentiation-operator invalid autofix at statement start (#20997)bb9eb2afix: account for shadowedBooleaninno-extra-boolean-cast(#21013)Maintainer changes
This version was pushed to npm by eslintbot, a new releaser for eslint since your current version.
Updates
eslint-plugin-importfrom 2.22.0 to 2.32.0Release notes
Sourced from eslint-plugin-import's releases.
... (truncated)
Changelog
Sourced from eslint-plugin-import's changelog.
... (truncated)
Commits
01c9eb0v2.32.0ae57cc1[Deps] updatearray-includes,array.prototype.findlastindex, `eslint-modu...9e1ad6b[Fix]order: codify invariants from docs into config schemaf017790[Docs]no-restricted-paths: clarify wording and fix errors7d83a57[Docs]no-unused-modules: add missing double quote519eb94[utils] v2.12.171ad145[actions] split out tests into new vs old eslint9b096c4[utils] [dev deps] update@arethetypeswrong/cli,@ljharb/tsconfig, `@type...da5f6ec[Fix]enforce-node-protocol-usage: avoid a crash with some TS code6e49a58[Refactor]order: remove unnecessary negative checkInstall script changes
This version modifies
prepublishscript that runs during installation. Review the package contents before updating.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.
Change Impact: 🟢 Low
Reasoning: These updates are limited to development tooling in
/e2e/playwrightand do not affect runtime behavior, public APIs, or core application logic. The blast radius is small and rollback would be straightforward.Regression Risk: Low; the main risk is limited to lint/config compatibility or developer workflow disruption rather than user-facing functionality.
QA Recommendation: Minimal manual QA is needed. A quick validation of the affected Playwright linting/dev workflow is sufficient; this is generally safe to skip broader manual QA.
Generated by CodeRabbitAI