Skip to content

Bump eslint-plugin-react-refresh from 0.4.26 to 0.5.2#83

Open
dependabot[bot] wants to merge 3 commits intomainfrom
dependabot/npm_and_yarn/eslint-plugin-react-refresh-0.5.2
Open

Bump eslint-plugin-react-refresh from 0.4.26 to 0.5.2#83
dependabot[bot] wants to merge 3 commits intomainfrom
dependabot/npm_and_yarn/eslint-plugin-react-refresh-0.5.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps eslint-plugin-react-refresh from 0.4.26 to 0.5.2.

Release notes

Sourced from eslint-plugin-react-refresh's releases.

v0.5.2

  • Support nested function calls for extraHOCs (actually fixes #104)

v0.5.1

  • Mark ESLint v10 as supported
  • Support false positives with TypeScript function overloading (fixes #105)
  • Support nested function calls for extraHOCs (fixes #104)

v0.5.0

Breaking changes

  • The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
  • A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
    • plugin: The plugin object with the rules
    • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
  • customHOCs option was renamed to extraHOCs
  • Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option (like connect or styled)

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig({
files: ["/*.ts", "/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});
</tr></table>

... (truncated)

Changelog

Sourced from eslint-plugin-react-refresh's changelog.

0.5.2

  • Support nested function calls for extraHOCs (actually fixes #104)

0.5.1

  • Mark ESLint v10 as supported
  • Support false positives with TypeScript function overloading (fixes #105)
  • Support nested function calls for extraHOCs (fixes #104)

0.5.0

Breaking changes

  • The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
  • A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
    • plugin: The plugin object with the rules
    • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
  • customHOCs option was renamed to extraHOCs
  • Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig({
files: ["/*.ts", "/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
</tr></table>

... (truncated)

Commits
  • c0317bf Fix support for nested function calls for extraHOCs [publish]
  • 42a1805 Explicit v10 support (fixes #106) [publish]
  • 199793e Support nested function calls for extraHOCs (fixes #104)
  • 26b3c15 Support false positives with TypeScript function overloading (fixes #105)
  • daa2efb Revamp logic to catch more cases [publish] (#97)
  • See full diff in compare view

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 4, 2026

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@socket-security
Copy link
Copy Markdown

socket-security Bot commented May 4, 2026
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedeslint-plugin-react-refresh@​0.4.26 ⏵ 0.5.2100 +1100100 +185100

View full report

@guibranco guibranco enabled auto-merge (squash) May 5, 2026 05:17
@gstraccini gstraccini Bot added the ☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) label May 5, 2026
@gstraccini gstraccini Bot added the 🤖 bot Automated processes or integrations label May 5, 2026
@dependabot
Bump eslint-plugin-react-refresh from 0.4.26 to 0.5.2
94a9a05 
Bumps [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) from 0.4.26 to 0.5.2.
- [Release notes](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases)
- [Changelog](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md)
- [Commits](ArnaudBarre/eslint-plugin-react-refresh@v0.4.26...v0.5.2)

---
updated-dependencies:
- dependency-name: eslint-plugin-react-refresh
  dependency-version: 0.5.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/eslint-plugin-react-refresh-0.5.2 branch from 892eb64 to 94a9a05 Compare May 5, 2026 10:49
guibranco
guibranco approved these changes May 5, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@guibranco guibranco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approved by gstraccini[bot]

@deepsource-io
Copy link
Copy Markdown

deepsource-io Bot commented May 6, 2026
edited
Loading

DeepSource Code Review

We reviewed changes in 860e9d9...4a2b25c on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
JavaScript May 6, 2026 3:04p.m. Review ↗
Secrets May 6, 2026 3:04p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 7, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@guibranco guibranco guibranco approved these changes

@gstraccini gstraccini[bot] gstraccini[bot] approved these changes

Assignees

@guibranco guibranco

Labels

☑️ auto-merge Automatic merging of pull requests (gstraccini-bot) 🤖 bot Automated processes or integrations

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@guibranco