Skip to content

deps: bump typescript from 6.0.3 to 7.0.2#29

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/typescript-7.0.2
Closed

deps: bump typescript from 6.0.3 to 7.0.2#29
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/typescript-7.0.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps typescript from 6.0.3 to 7.0.2.

Commits
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for typescript since your current version.


@socket-security

socket-security Bot commented Jul 15, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedtypescript@​6.0.3 ⏵ 7.0.294 -610089 -1100100 +10

View full report

Bumps [typescript](https://github.com/microsoft/TypeScript) from 6.0.3 to 7.0.2.
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Commits](https://github.com/microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: typescript
  dependency-version: 7.0.2
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/npm_and_yarn/typescript-7.0.2 branch from 6318c00 to fc80d73 Compare July 16, 2026 15:09
@robert7

robert7 commented Jul 16, 2026

Copy link
Copy Markdown
Owner

Closing for now because TypeScript 7.0.2 is outside the supported peer range of the current @typescript-eslint toolchain. @typescript-eslint/eslint-plugin 8.64.0 requires TypeScript >=4.8.4 <6.1.0, so npm ci correctly fails with ERESOLVE. We should let Dependabot reopen this upgrade once typescript-eslint officially supports TypeScript 7 rather than bypassing peer validation with --force or --legacy-peer-deps.

@robert7 robert7 closed this Jul 16, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 16, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot
dependabot Bot deleted the dependabot/npm_and_yarn/typescript-7.0.2 branch July 16, 2026 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant