fix(deps): update dependency eslint to v9 [security]

[renovate-bot]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
eslint (source)	^8.57.0 → ^9.0.0

GitHub Vulnerability Alerts

CVE-2025-50537

There is a Stack Overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run() method, which validates test cases and checks for duplicates. During validation, the internal function checkDuplicateTestCase() is called, which in turn uses the isSerializable() function for serialization checks. When a circular reference object is passed in, isSerializable() enters infinite recursion, ultimately causing a Stack Overflow.

---

Release Notes

eslint/eslint (eslint)

v9.39.2

Compare Source

v9.39.1

Compare Source

v9.39.0

Compare Source

v9.38.0

Compare Source

Features

• ce40f74 feat: update complexity rule to only highlight function header (#​20048) (Atul Nair)
• e37e590 feat: correct no-loss-of-precision false positives with e notation (#​20187) (Francesco Trotta)

Bug Fixes

• 50c3dfd fix: improve type support for isolated dependencies in pnpm (#​20201) (Francesco Trotta)
• a1f06a3 fix: correct SourceCode typings (#​20114) (Pixel998)

Documentation

• 462675a docs: improve web accessibility by hiding non-semantic character (#​20205) (루밀LuMir)
• c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#​20203) (루밀LuMir)
• b39e71a docs: Update README (GitHub Actions Bot)
• cd39983 docs: move custom-formatters type descriptions to nodejs-api (#​20190) (Percy Ma)

Chores

• d17c795 chore: upgrade @​eslint/js@​9.38.0 (#​20221) (Milos Djermanovic)
• 25d0e33 chore: package.json update for @​eslint/js release (Jenkins)
• c82b5ef refactor: Use types from @​eslint/core (#​20168) (Nicholas C. Zakas)
• ff31609 ci: add Node.js 25 to ci.yml (#​20220) (루밀LuMir)
• 004577e ci: bump github/codeql-action from 3 to 4 (#​20211) (dependabot[bot])
• eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#​20206) (Milos Djermanovic)
• 4168a18 chore: fix typo in legacy-eslint.js (#​20202) (Sweta Tanwar)
• 205dbd2 chore: fix typos (#​20200) (ntnyq)
• dbb200e chore: use team member's username when name is not available in data (#​20194) (Milos Djermanovic)
• 8962089 chore: mark deprecated rules as available until v11.0.0 (#​20184) (Pixel998)

v9.37.0

Compare Source

Features

• 39f7fb4 feat: preserve-caught-error should recognize all static "cause" keys (#​20163) (Pixel998)
• f81eabc feat: support TS syntax in no-restricted-imports (#​19562) (Nitin Kumar)

Bug Fixes

• a129cce fix: correct no-loss-of-precision false positives for leading zeros (#​20164) (Francesco Trotta)
• 09e04fc fix: add missing AST token types (#​20172) (Pixel998)
• 861c6da fix: correct ESLint typings (#​20122) (Pixel998)

Documentation

• b950359 docs: fix typos across the docs (#​20182) (루밀LuMir)
• 42498a2 docs: improve ToC accessibility by hiding non-semantic character (#​20181) (Percy Ma)
• 29ea092 docs: Update README (GitHub Actions Bot)
• 5c97a04 docs: show availableUntil in deprecated rule banner (#​20170) (Pixel998)
• 90a71bf docs: update README files to add badge and instructions (#​20115) (루밀LuMir)
• 1603ae1 docs: update references from master to main (#​20153) (루밀LuMir)

Chores

• afe8a13 chore: update @eslint/js dependency to version 9.37.0 (#​20183) (Francesco Trotta)
• abee4ca chore: package.json update for @​eslint/js release (Jenkins)
• fc9381f chore: fix typos in comments (#​20175) (overlookmotel)
• e1574a2 chore: unpin jiti (#​20173) (renovate[bot])
• e1ac05e refactor: mark ESLint.findConfigFile() as async, add missing docs (#​20157) (Pixel998)
• 347906d chore: update eslint (#​20149) (renovate[bot])
• 0cb5897 test: remove tmp dir created for circular fixes in multithread mode test (#​20146) (Milos Djermanovic)
• bb99566 ci: pin jiti to version 2.5.1 (#​20151) (Pixel998)
• 177f669 perf: improve worker count calculation for "auto" concurrency (#​20067) (Francesco Trotta)
• 448b57b chore: Mark deprecated formatting rules as available until v11.0.0 (#​20144) (Milos Djermanovic)

v9.36.0

Compare Source

Features

• 47afcf6 feat: correct preserve-caught-error edge cases (#​20109) (Francesco Trotta)

Bug Fixes

• 75b74d8 fix: add missing rule option types (#​20127) (ntnyq)
• 1c0d850 fix: update eslint-all.js to use Object.freeze for rules object (#​20116) (루밀LuMir)
• 7d61b7f fix: add missing scope types to Scope.type (#​20110) (Pixel998)
• 7a670c3 fix: correct rule option typings in rules.d.ts (#​20084) (Pixel998)

Documentation

• b73ab12 docs: update examples to use defineConfig (#​20131) (sethamus)
• 31d9392 docs: fix typos (#​20118) (Pixel998)
• c7f861b docs: Update README (GitHub Actions Bot)
• 6b0c08b docs: Update README (GitHub Actions Bot)
• 91f97c5 docs: Update README (GitHub Actions Bot)

Chores

• 12411e8 chore: upgrade @​eslint/js@​9.36.0 (#​20139) (Milos Djermanovic)
• 488cba6 chore: package.json update for @​eslint/js release (Jenkins)
• bac82a2 ci: simplify renovate configuration (#​19907) (唯然)
• c00bb37 ci: bump actions/labeler from 5 to 6 (#​20090) (dependabot[bot])
• fee751d refactor: use defaultOptions in rules (#​20121) (Pixel998)
• 1ace67d chore: update example to use defineConfig (#​20111) (루밀LuMir)
• 4821963 test: add missing loc information to error objects in rule tests (#​20112) (루밀LuMir)
• b42c42e chore: disallow use of deprecated type property in core rule tests (#​20094) (Milos Djermanovic)
• 7bb498d test: remove deprecated type property from core rule tests (#​20093) (Pixel998)
• e10cf2a ci: bump actions/setup-node from 4 to 5 (#​20089) (dependabot[bot])
• 5cb0ce4 refactor: use meta.defaultOptions in preserve-caught-error (#​20080) (Pixel998)
• f9f7cb5 chore: package.json update for eslint-config-eslint release (Jenkins)
• 81764b2 chore: update eslint peer dependency in eslint-config-eslint (#​20079) (Milos Djermanovic)

v9.35.0

Compare Source

Features

• 42761fa feat: implement suggestions for no-empty-function (#​20057) (jaymarvelz)
• 102f444 feat: implement suggestions for no-empty-static-block (#​20056) (jaymarvelz)
• e51ffff feat: add preserve-caught-error rule (#​19913) (Amnish Singh Arora)

Bug Fixes

• 10e7ae2 fix: update uncloneable options error message (#​20059) (soda-sorcery)
• bfa4601 fix: ignore empty switch statements with comments in no-empty rule (#​20045) (jaymarvelz)
• dfd11de fix: add before and after to test case types (#​20049) (Francesco Trotta)
• dabbe95 fix: correct types for no-restricted-imports rule (#​20034) (Milos Djermanovic)
• ea789c7 fix: no-loss-of-precision false positive with uppercase exponent (#​20032) (sethamus)

Documentation

• d265515 docs: improve phrasing - "if" → "even if" from getting-started section (#​20074) (jjangga0214)
• a355a0e docs: invert comparison logic for example in no-var doc page (#​20064) (OTonGitHub)
• 5082fc2 docs: Update README (GitHub Actions Bot)
• 99cfd7e docs: add missing "the" in rule deprecation docs (#​20050) (Josh Goldberg ✨)
• 6ad8973 docs: update --no-ignore and --ignore-pattern documentation (#​20036) (Francesco Trotta)
• 8033b19 docs: add documentation for --no-config-lookup (#​20033) (Francesco Trotta)

Chores

• da87f2f chore: upgrade @​eslint/js@​9.35.0 (#​20077) (Milos Djermanovic)
• af2a087 chore: package.json update for @​eslint/js release (Jenkins)
• 7055764 test: remove tests/lib/eslint/eslint.config.js (#​20065) (Milos Djermanovic)
• 84ffb96 chore: update @eslint-community/eslint-utils (#​20069) (Francesco Trotta)
• d5ef939 refactor: remove deprecated context.parserOptions usage across rules (#​20060) (sethamus)
• 1b3881d chore: remove redundant word (#​20058) (pxwanglu)

v9.34.0

Compare Source

Features

• 0bb777a feat: multithread linting (#​19794) (Francesco Trotta)
• 43a5f9e feat: add eslint-plugin-regexp to eslint-config-eslint base config (#​19951) (Pixel998)

Bug Fixes

• 9b89903 fix: default value of accessor-pairs option in rule.d.ts file (#​20024) (Tanuj Kanti)
• 6c07420 fix: fix spurious failure in neostandard integration test (#​20023) (Kirk Waiblinger)
• 676f4ac fix: allow scientific notation with trailing zeros matching exponent (#​20002) (Sweta Tanwar)

Documentation

• 0b4a590 docs: make rulesdir deprecation clearer (#​20018) (Domenico Gemoli)
• 327c672 docs: Update README (GitHub Actions Bot)
• bf26229 docs: Fix typo in core-concepts/index.md (#​20009) (Tobias Hernstig)
• 2309327 docs: fix typo in the "Configuring Rules" section (#​20001) (ghazi-git)
• 2b87e21 docs: [no-else-return] clarify sample code. (#​19991) (Yuki Takada (Yukinosuke Takada))
• c36570c docs: Update README (GitHub Actions Bot)

Chores

• f19ad94 chore: upgrade to @eslint/[email protected] (#​20030) (Francesco Trotta)
• b48fa20 chore: package.json update for @​eslint/js release (Jenkins)
• 4bce8a2 chore: package.json update for eslint-config-eslint release (Jenkins)
• 0c9999c refactor: prefer default options in grouped-accessor-pairs (#​20028) (루밀LuMir)
• d503f19 ci: fix stale.yml (#​20010) (루밀LuMir)
• e2dc67d ci: centralize stale.yml (#​19994) (루밀LuMir)
• 7093cb8 ci: bump actions/checkout from 4 to 5 (#​20005) (dependabot[bot])

v9.33.0

Compare Source

Features

• e07820e feat: add global object access detection to no-restricted-globals (#​19939) (sethamus)
• 90b050e feat: support explicit resource management in one-var (#​19941) (Sweta Tanwar)

Bug Fixes

• 732433c fix: allow any type for meta.docs.recommended in custom rules (#​19995) (Francesco Trotta)
• e8a6914 fix: Fixed potential bug in check-emfile-handling.js (#​19975) (諏訪原慶斗)

Documentation

• 34f0723 docs: playground button for TypeScript code example (#​19671) (Tanuj Kanti)
• dc942a4 docs: Update README (GitHub Actions Bot)
• 5a4b6f7 docs: Update no-multi-assign.md (#​19979) (Yuki Takada (Yukinosuke Takada))
• 247e156 docs: add missing let declarations in no-plusplus (#​19980) (Yuki Takada (Yukinosuke Takada))
• 0d17242 docs: Update README (GitHub Actions Bot)
• fa20b9d docs: Clarify when to open an issue for a PR (#​19974) (Nicholas C. Zakas)

Build Related

• 27fa865 build: use ESLint class to generate formatter examples (#​19972) (Milos Djermanovic)

Chores

• 4258046 chore: update dependency @​eslint/js to v9.33.0 (#​19998) (renovate[bot])
• ad28371 chore: package.json update for @​eslint/js release (Jenkins)
• 06a22f1 test: resolve flakiness in --mcp flag test (#​19993) (Pixel998)
• 54920ed test: switch to Linter.Config in ESLintRules type tests (#​19977) (Francesco Trotta)

v9.32.0

Compare Source

Features

• 1245000 feat: support explicit resource management in core rules (#​19828) (fnx)
• 0e957a7 feat: support typescript types in accessor rules (#​19882) (fnx)

Bug Fixes

• 960fd40 fix: Upgrade @​eslint/js (#​19971) (Nicholas C. Zakas)
• bbf23fa fix: Refactor reporting into FileReport (#​19877) (Nicholas C. Zakas)
• d498887 fix: bump @​eslint/plugin-kit to 0.3.4 to resolve vulnerability (#​19965) (Milos Djermanovic)
• f46fc6c fix: report only global references in no-implied-eval (#​19932) (Nitin Kumar)
• 7863d26 fix: remove outdated types in ParserOptions.ecmaFeatures (#​19944) (ntnyq)
• 3173305 fix: update execScript message in no-implied-eval rule (#​19937) (TKDev7)

Documentation

• 86e7426 docs: Update README (GitHub Actions Bot)

Chores

• 50de1ce chore: package.json update for @​eslint/js release (Jenkins)
• 74f01a3 ci: unpin jiti to version ^2.5.1 (#​19970) (루밀LuMir)
• 2ab1381 ci: pin jiti to version 2.4.2 (#​19964) (Francesco Trotta)
• b7f7545 test: switch to flat config mode in SourceCode tests (#​19953) (Milos Djermanovic)
• f5a35e3 test: switch to flat config mode in eslint-fuzzer (#​19960) (Milos Djermanovic)
• e22af8c refactor: use CustomRuleDefinitionType in JSRuleDefinition (#​19949) (Francesco Trotta)
• e855717 chore: switch performance tests to hyperfine (#​19919) (Francesco Trotta)
• 2f73a23 test: switch to flat config mode in ast-utils tests (#​19948) (Milos Djermanovic)
• c565a53 chore: exclude further_reading_links.json from Prettier formatting (#​19943) (Milos Djermanovic)

v9.31.0

Compare Source

Features

• 35cf44c feat: output full actual location in rule tester if different (#​19904) (ST-DDT)
• a6a6325 feat: support explicit resource management in no-loop-func (#​19895) (Milos Djermanovic)
• 4682cdc feat: support explicit resource management in no-undef-init (#​19894) (Milos Djermanovic)
• 5848216 feat: support explicit resource management in init-declarations (#​19893) (Milos Djermanovic)
• bb370b8 feat: support explicit resource management in no-const-assign (#​19892) (Milos Djermanovic)

Bug Fixes

• 07fac6c fix: retry on EMFILE when writing autofix results (#​19926) (TKDev7)
• 28cc7ab fix: Remove incorrect RuleContext types (#​19910) (Nicholas C. Zakas)

Documentation

• 664cb44 docs: Update README (GitHub Actions Bot)
• 40dbe2a docs: fix mismatch between globalIgnores() code and text (#​19914) (MaoShizhong)
• 5a0069d docs: Update README (GitHub Actions Bot)
• fef04b5 docs: Update working on issues info (#​19902) (Nicholas C. Zakas)

Chores

• 3ddd454 chore: upgrade to @eslint/[email protected] (#​19935) (Francesco Trotta)
• d5054e5 chore: package.json update for @​eslint/js release (Jenkins)
• 0f4a378 chore: update eslint (#​19933) (renovate[bot])
• 76c2340 chore: bump mocha to v11 (#​19917) (루밀LuMir)

v9.30.1

Compare Source

Bug Fixes

• e91bb87 fix: allow separate default and named type imports (#​19899) (xbinaryx)

Documentation

• ab7c625 docs: Update README (GitHub Actions Bot)
• dae1e5b docs: update jsdoc's link (#​19896) (JamesVanWaza)

Chores

• b035f74 chore: upgrade to @eslint/[email protected] (#​19906) (Francesco Trotta)
• b3dbc16 chore: package.json update for @​eslint/js release (Jenkins)

v9.30.0

Compare Source

Features

• 52a5fca feat: Support basePath property in config objects (#​19879) (Milos Djermanovic)
• 4ab4482 feat: add allowSeparateTypeImports option to no-duplicate-imports (#​19872) (sethamus)
• b8a7e7a feat: throw error when column is negative in getIndexFromLoc (#​19831) (루밀LuMir)

Bug Fixes

• 6a0f164 fix: handle null type loc in getIndexFromLoc method (#​19862) (루밀LuMir)
• 3fbcd70 fix: update error message for no-restricted-properties (#​19855) (Tanuj Kanti)
• 7ef4cf7 fix: remove unnecessary semicolon from fixes (#​19857) (Francesco Trotta)
• 7dabc38 fix: use process.version in --env-info (#​19865) (TKDev7)

Documentation

• 8662ed1 docs: adopt eslint-stylistic sub packages related changes (#​19887) (ntnyq)
• 20158b0 docs: typo in comment for unused variables handling (#​19870) (leopardracer)
• ebfb5b4 docs: Fixed Typo in configuration-files.md (#​19873) (0-20)
• 4112fd0 docs: clarify that boolean is still allowed for rule meta.deprecated (#​19866) (Bryan Mishkin)

Chores

• 2b6491c chore: upgrade to @eslint/[email protected] (#​19889) (Francesco Trotta)
• 5a5d526 chore: package.json update for @​eslint/js release (Jenkins)
• eaf8a41 chore: Correct typos in linter tests (#​19878) (kilavvy)

v9.29.0

Compare Source

Features

• f686fcb feat: add ecmaVersion: 2026, parsing using and await using (#​19832) (Milos Djermanovic)
• 19cdd22 feat: prune suppressions for non-existent files (#​19825) (TKDev7)
• b3d720f feat: add ES2025 globals (#​19835) (fisker Cheung)
• 677a283 feat: add auto-accessor fields support to class-methods-use-this (#​19789) (sethamus)
• dbba058 feat: allow global type declaration in no-var (#​19714) (Remco Haszing)
• 342bd29 feat: ignore type annotations in no-restricted-globals (#​19781) (sethamus)
• 786bcd1 feat: add allowProperties option to no-restricted-properties (#​19772) (sethamus)
• 05b66d0 feat: add sourceCode.isGlobalReference(node) method (#​19695) (Nitin Kumar)

Bug Fixes

• 85c082c fix: explicit matching behavior with negated patterns and arrays (#​19845) (Milos Djermanovic)
• 9bda4a9 fix: fix LintOptions.filterCodeBlock types (#​19837) (ntnyq)
• 7ab77a2 fix: correct breaking deprecation of FlatConfig type (#​19826) (Logicer)
• 1ba3318 fix: add language and dialects to no-use-before-define (#​19808) (Francesco Trotta)

Documentation

• 00e3e6a docs: add support for custom name parameter to includeIgnoreFile (#​19795) (루밀LuMir)
• 3aed075 docs: Update README (GitHub Actions Bot)
• a2f888d docs: enhance documentation with links and fix typos (#​19761) (루밀LuMir)
• 53c3235 docs: update to clarify prompt usage (#​19748) (Jennifer Davis)

Chores

• 5c114c9 chore: upgrade @​eslint/js@​9.29.0 (#​19851) (Milos Djermanovic)
• acf2201 chore: package.json update for @​eslint/js release (Jenkins)
• a806994 refactor: Remove eslintrc from flat config functionality (#​19833) (Nicholas C. Zakas)
• 152ed51 test: switch to flat config mode in code path analysis tests (#​19824) (Milos Djermanovic)
• b647239 chore: Update first-party dependencies faster with Renovate (#​19822) (Nicholas C. Zakas)
• 7abe42e refactor: SafeEmitter -> SourceCodeVisitor (#​19708) (Nicholas C. Zakas)
• e392895 perf: improve time complexity of getLocFromIndex (#​19782) (루밀LuMir)
• 0ed289c chore: remove accidentally committed file (#​19807) (Francesco Trotta)

v9.28.0

Compare Source

Features

• b0674be feat: Customization of serialization for languageOptions (#​19760) (Nicholas C. Zakas)
• a95721f feat: Add --pass-on-unpruned-suppressions CLI option (#​19773) (Milos Djermanovic)
• bfd0e7a feat: support TypeScript syntax in no-use-before-define (#​19566) (Tanuj Kanti)
• 68c61c0 feat: support TS syntax in no-shadow (#​19565) (Nitin Kumar)
• 0f773ef feat: support TS syntax in no-magic-numbers (#​19561) (Nitin Kumar)
• c4a6b60 feat: add allowTypeAnnotation to func-style (#​19754) (sethamus)
• b03ad17 feat: add TypeScript support to prefer-arrow-callback (#​19678) (Tanuj Kanti)
• bc3c331 feat: ignore overloaded function declarations in func-style rule (#​19755) (sethamus)

Bug Fixes

• eea3e7e fix: Remove configured global variables from GlobalScope#implicit (#​19779) (Milos Djermanovic)
• a467de3 fix: update context.report types (#​19751) (Nitin Kumar)
• fd467bb fix: remove interopDefault to use jiti's default (#​19697) (sethamus)
• 72d16e3 fix: avoid false positive in no-unassigned-vars for declare module (#​19746) (Azat S.)
• 81c3c93 fix: curly types (#​19750) (Eli)

Documentation

• 3ec2082 docs: Nested arrays in files config entry (#​19799) (Nicholas C. Zakas)
• 89a65b0 docs: clarify how config arrays can apply to subsets of files (#​19788) (Shais Ch)
• 2ba8a0d docs: Add description of meta.namespace to plugin docs (#​19798) (Nicholas C. Zakas)
• 59dd7e6 docs: update func-style with examples (#​19793) (Tanuj Kanti)
• e9129e0 docs: add global scope's implicit field to Scope Manager docs (#​19770) (Milos Djermanovic)
• 52f5b7a docs: fix minor typos and add links (#​19743) (루밀LuMir)
• 00716a3 docs: upfront recommend against using the no-return-await rule (#​19727) (Mike DiDomizio)

Chores

• 175b7b8 chore: upgrade to @eslint/[email protected] (#​19802) (Francesco Trotta)
• 844f5a6 chore: package.json update for @​eslint/js release (Jenkins)
• 62b1c1b chore: update globals to v16 (#​19791) (Nitin Kumar)
• e8a1cb8 chore: ignore jiti-v2.0 & jiti-v2.1 for renovate (#​19786) (Nitin Kumar)
• 43d3975 chore: Add Copilot Instructions file (#​19753) (Nicholas C. Zakas)
• 2dfb5eb test: update SourceCodeTraverser tests (#​19763) (Milos Djermanovic)
• 5bc21f9 chore: add *.code-workspace to .gitignore (#​19771) (루밀LuMir)
• f4fa40e refactor: NodeEventGenerator -> SourceCodeTraverser (#​19679) (Nicholas C. Zakas)
• 0f49329 refactor: use a service to emit warnings (#​19725) (Francesco Trotta)
• 20a9e59 chore: update dependency shelljs to ^0.10.0 (#​19740) (renovate[bot])

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[dpebot]

/gcbrun

[gemini-code-assist]

Summary of Changes

Hello @renovate-bot, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request performs a significant upgrade of the eslint dependency to its major version 9. The primary motivation is to incorporate critical security fixes and leverage the numerous new features, bug resolutions, and performance optimizations introduced in the latest eslint releases. This ensures the project maintains robust code quality standards and is protected against known vulnerabilities.

Highlights

• Major Dependency Upgrade: The eslint dependency has been upgraded from version 8.57.0 to 9.0.0, bringing the project up to the latest major release.
• Security Vulnerability Addressed: This update specifically addresses CVE-2025-50537, a Stack Overflow vulnerability found in eslint versions prior to 9.26.0 when serializing objects with circular references.
• New Features and Bug Fixes: The upgrade to eslint v9 includes a wide range of new features, bug fixes, documentation improvements, and performance enhancements across multiple minor versions (v9.28.0 through v9.39.2).

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates eslint from version 8 to 9 to address a security vulnerability. While the update is necessary for security, upgrading eslint to a new major version introduces breaking changes. The current linting setup, which uses gts (Google TypeScript Style) and other plugins, is not compatible with ESLint v9. This will likely break the CI pipeline. I've added a specific comment with more details. Additionally, eslint should be a devDependency, not a dependency.

[gemini-code-assist]

Upgrading eslint to v9 is a major version change that will likely break the build due to incompatibilities with other development dependencies.

1. gts incompatibility: The gts package (version 5.3.0), used for linting via the lint script, depends on eslint@^8.0.0 and is not compatible with ESLint v9.
2. eslint-plugin-n incompatibility: The eslint-plugin-n package (version ^14.0.0) is not compatible with ESLint v9. It needs to be updated to ^17.0.0 or later to work with ESLint v9.

These incompatibilities will cause the lint and fix scripts to fail.

Before this upgrade can be merged, the packages gts and eslint-plugin-n must be updated to versions that support ESLint v9. However, [email protected] is the latest version and does not support ESLint v9.

Additionally, eslint is a development tool and should be in devDependencies, not dependencies.