Bump the npm group with 6 updates

[dependabot]

Bumps the npm group with 6 updates:

Package	From	To
@eslint/js	9.37.0	9.38.0
@types/node	24.8.0	24.8.1
eslint	9.37.0	9.38.0
@eslint/config-array	0.21.0	0.21.1
@eslint/config-helpers	0.4.0	0.4.1
@eslint/object-schema	2.1.6	2.1.7

Updates @eslint/js from 9.37.0 to 9.38.0

Release notes

Sourced from @​eslint/js's releases.

v9.38.0

Features

• ce40f74 feat: update complexity rule to only highlight function header (#20048) (Atul Nair)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#20187) (Francesco Trotta)

Bug Fixes

• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#20201) (Francesco Trotta)
• a1f06a3 fix: correct SourceCode typings (#20114) (Pixel998)

Documentation

• 462675a docs: improve web accessibility by hiding non-semantic character (#20205) (루밀LuMir)
• c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#20203) (루밀LuMir)
• b39e71a docs: Update README (GitHub Actions Bot)
• cd39983 docs: move custom-formatters type descriptions to nodejs-api (#20190) (Percy Ma)

Chores

• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#20221) (Milos Djermanovic)
• 25d0e33 chore: package.json update for @​eslint/js release (Jenkins)
• c82b5ef refactor: Use types from @​eslint/core (#20168) (Nicholas C. Zakas)
• ff31609 ci: add Node.js 25 to ci.yml (#20220) (루밀LuMir)
• 004577e ci: bump github/codeql-action from 3 to 4 (#20211) (dependabot[bot])
• eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#20206) (Milos Djermanovic)
• 4168a18 chore: fix typo in legacy-eslint.js (#20202) (Sweta Tanwar)
• 205dbd2 chore: fix typos (#20200) (ntnyq)
• dbb200e chore: use team member's username when name is not available in data (#20194) (Milos Djermanovic)
• 8962089 chore: mark deprecated rules as available until v11.0.0 (#20184) (Pixel998)

Commits

• 25d0e33 chore: package.json update for @​eslint/js release
• See full diff in compare view

Updates @types/node from 24.8.0 to 24.8.1

Commits

• See full diff in compare view

Updates eslint from 9.37.0 to 9.38.0

Release notes

Sourced from eslint's releases.

v9.38.0

Features

• ce40f74 feat: update complexity rule to only highlight function header (#20048) (Atul Nair)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#20187) (Francesco Trotta)

Bug Fixes

• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#20201) (Francesco Trotta)
• a1f06a3 fix: correct SourceCode typings (#20114) (Pixel998)

Documentation

• 462675a docs: improve web accessibility by hiding non-semantic character (#20205) (루밀LuMir)
• c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#20203) (루밀LuMir)
• b39e71a docs: Update README (GitHub Actions Bot)
• cd39983 docs: move custom-formatters type descriptions to nodejs-api (#20190) (Percy Ma)

Chores

• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#20221) (Milos Djermanovic)
• 25d0e33 chore: package.json update for @​eslint/js release (Jenkins)
• c82b5ef refactor: Use types from @​eslint/core (#20168) (Nicholas C. Zakas)
• ff31609 ci: add Node.js 25 to ci.yml (#20220) (루밀LuMir)
• 004577e ci: bump github/codeql-action from 3 to 4 (#20211) (dependabot[bot])
• eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#20206) (Milos Djermanovic)
• 4168a18 chore: fix typo in legacy-eslint.js (#20202) (Sweta Tanwar)
• 205dbd2 chore: fix typos (#20200) (ntnyq)
• dbb200e chore: use team member's username when name is not available in data (#20194) (Milos Djermanovic)
• 8962089 chore: mark deprecated rules as available until v11.0.0 (#20184) (Pixel998)

Commits

• 8fe511b 9.38.0
• f961736 Build: changelog update for 9.38.0
• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#20221)
• 25d0e33 chore: package.json update for @​eslint/js release
• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#20201)
• c82b5ef refactor: Use types from @​eslint/core (#20168)
• ff31609 ci: add Node.js 25 to ci.yml (#20220)
• ce40f74 feat: update complexity rule to only highlight function header (#20048)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#20187)
• 004577e ci: bump github/codeql-action from 3 to 4 (#20211)
• Additional commits viewable in compare view

Updates @eslint/config-array from 0.21.0 to 0.21.1

Release notes

Sourced from @​eslint/config-array's releases.

config-array: v0.21.1

0.21.1 (2025-10-17)

Bug Fixes

• fix config-array and object-schema types (#294) (a902bc4)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/object-schema bumped from ^2.1.6 to ^2.1.7

Changelog

Sourced from @​eslint/config-array's changelog.

0.21.1 (2025-10-17)

Bug Fixes

• fix config-array and object-schema types (#294) (a902bc4)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/object-schema bumped from ^2.1.6 to ^2.1.7

Commits

• df12d9a chore: release main (#296)
• a902bc4 fix: fix config-array and object-schema types (#294)
• 6030cad docs: Update README sponsors
• f1f341d docs: Update README sponsors
• ab10682 docs: Update README sponsors
• 7255100 chore: standardize test filenames to *.test.js (#267)
• 100a4c7 docs: Update README sponsors
• b23f179 docs: Update README sponsors
• 62089bc docs: Update README sponsors
• 8413502 docs: Update README sponsors
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​eslint/config-array since your current version.

Updates @eslint/config-helpers from 0.4.0 to 0.4.1

Release notes

Sourced from @​eslint/config-helpers's releases.

config-helpers: v0.4.1

0.4.1 (2025-10-17)

Bug Fixes

• add validation for plugins in isLegacyConfig (#292) (74f9427)
• improve type support for isolated dependencies in pnpm (#289) (f8df139)
• use flat config when eslintrc config does not exist (#288) (ddc8577)

Changelog

Sourced from @​eslint/config-helpers's changelog.

0.4.1 (2025-10-17)

Bug Fixes

• add validation for plugins in isLegacyConfig (#292) (74f9427)
• improve type support for isolated dependencies in pnpm (#289) (f8df139)
• use flat config when eslintrc config does not exist (#288) (ddc8577)

Commits

• df12d9a chore: release main (#296)
• f8df139 fix: improve type support for isolated dependencies in pnpm (#289)
• ddc8577 fix: use flat config when eslintrc config does not exist (#288)
• 74f9427 fix: add validation for plugins in isLegacyConfig (#292)
• 6030cad docs: Update README sponsors
• f1f341d docs: Update README sponsors
• 7f592e3 chore: release main (#257)
• bf1e92e test: add exactOptionalPropertyTypes option to type test (#270)
• ab10682 docs: Update README sponsors
• 7255100 chore: standardize test filenames to *.test.js (#267)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​eslint/config-helpers since your current version.

Updates @eslint/object-schema from 2.1.6 to 2.1.7

Release notes

Sourced from @​eslint/object-schema's releases.

object-schema: v2.1.7

2.1.7 (2025-10-17)

Bug Fixes

• fix config-array and object-schema types (#294) (a902bc4)
• improve type support for isolated dependencies in pnpm (#289) (f8df139)

Changelog

Sourced from @​eslint/object-schema's changelog.

2.1.7 (2025-10-17)

Bug Fixes

• fix config-array and object-schema types (#294) (a902bc4)
• improve type support for isolated dependencies in pnpm (#289) (f8df139)

Commits

• df12d9a chore: release main (#296)
• f8df139 fix: improve type support for isolated dependencies in pnpm (#289)
• a902bc4 fix: fix config-array and object-schema types (#294)
• 6030cad docs: Update README sponsors
• f1f341d docs: Update README sponsors
• ab10682 docs: Update README sponsors
• 7255100 chore: standardize test filenames to *.test.js (#267)
• 100a4c7 docs: Update README sponsors
• b23f179 docs: Update README sponsors
• 62089bc docs: Update README sponsors
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​eslint/object-schema since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@eslint/js	^9.38.0	🟢 6.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 7 Found 21/27 approved changesets -- score normalized to 7 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@types/node	^24.8.1	🟢 6.9	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 8 Found 26/29 approved changesets -- score normalized to 8 Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Fuzzing ⚠️ 0 project is not fuzzed
npm/eslint	^9.38.0	🟢 6.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 7 Found 21/27 approved changesets -- score normalized to 7 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@eslint/config-array	0.21.1	Unknown	Unknown
npm/@eslint/config-helpers	0.4.1	Unknown	Unknown
npm/@eslint/js	9.38.0	🟢 6.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 7 Found 21/27 approved changesets -- score normalized to 7 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits
npm/@eslint/object-schema	2.1.7	Unknown	Unknown
npm/eslint	9.38.0	🟢 6.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 26 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 7 Found 21/27 approved changesets -- score normalized to 7 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits

Scanned Files

• package.json
• pnpm-lock.yaml