deps(deps-dev): bump the dev-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the dev-dependencies group with 4 updates in the / directory: @antfu/eslint-config, c8, eslint and eslint-plugin-format.

Updates @antfu/eslint-config from 7.7.3 to 9.0.0

Release notes

Sourced from @​antfu/eslint-config's releases.

v9.0.0

   🚨 Breaking Changes

• react: Update eslint react to 5.0  -  by @​hyoban in antfu/eslint-config#839 (06a1a)

    View changes on GitHub

v8.3.0

   🚀 Features

• Make perfectionist configurable inside antfu()  -  by @​oliver139 in antfu/eslint-config#848 (ae1d6)
• stylistic: Allow easy setting brace style  -  by @​oliver139 in antfu/eslint-config#846 (bd784)
• svelte: Use recommended rules  -  by @​Jungzl in antfu/eslint-config#842 (6c839)

   🐞 Bug Fixes

• markdown: Scope user rule overrides away from md files  -  by @​antfu and Claude Opus 4.7 (1M context) in antfu/eslint-config#844 (8d25a)

    View changes on GitHub

v8.2.0

   🐞 Bug Fixes

• Disbale e18e/prefer-static-regex in non-lib mode  -  by @​antfu (52069)

    View changes on GitHub

v8.1.1

   🐞 Bug Fixes

• Update default exclude  -  by @​antfu (527b6)

    View changes on GitHub

v8.1.0

   🐞 Bug Fixes

• Disable some e18e rules  -  by @​antfu (299c2)

    View changes on GitHub

v8.0.0

   🚨 Breaking Changes

• react: Update eslint react to 3.0  -  by @​hyoban in antfu/eslint-config#832 (83c1d)

   🚀 Features

• Update plugins  -  by @​antfu (ad998)

... (truncated)

Commits

• 8de8c70 chore: release v9.0.0
• 06a1a8a feat(react)!: update eslint react to 5.0 (#839)
• acbb9a3 chore: release v8.3.0
• a4744a8 chore: update deps
• 68e84ae chore: update deps
• 4a003f5 docs: add Prettier configuration instructions (#845)
• bd7848d feat(stylistic): Allow easy setting brace style (#846)
• ae1d6ff feat: Make perfectionist configurable inside antfu() (#848)
• 8d25a37 fix(markdown): scope user rule overrides away from md files (#844)
• 6c8395e feat(svelte): use recommended rules (#842)
• Additional commits viewable in compare view

Updates c8 from 10.1.3 to 11.0.0

Release notes

Sourced from c8's releases.

v11.0.0

11.0.0 (2026-02-22)

⚠ BREAKING CHANGES

• deps: transitive deps require 20 || >=22

Bug Fixes

• deps: pull newer minimatch addressing CVE-2026-26996 (#576) (678eeca)

Changelog

Sourced from c8's changelog.

11.0.0 (2026-02-22)

⚠ BREAKING CHANGES

• deps: transitive deps require 20 || >=22

Bug Fixes

• deps: pull newer minimatch addressing CVE-2026-26996 (#576) (678eeca)

Commits

• ce78df4 chore(main): release 11.0.0 (#577)
• 678eeca fix(deps)!: pull newer minimatch addressing CVE-2026-26996 (#576)
• ec4c5e4 chore: .editorconfig to avoid unintended mods to .snap files (#556)
• See full diff in compare view

Updates eslint from 9.39.4 to 10.3.0

Release notes

Sourced from eslint's releases.

v10.3.0

Features

• 379571a feat: add suggestions for no-unused-private-class-members (#20773) (sethamus)

Bug Fixes

• b6ae5cf fix: handle unavailable require cache (#20812) (Simon Podlipsky)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787) (Milos Djermanovic)

Documentation

• 32cc7ab docs: fix typos in docs and comments (#20809) (Tanuj Kanti)
• 7f47937 docs: Update README (GitHub Actions Bot)

Chores

• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826) (Francesco Trotta)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821) (Pixel998)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818) (Josh Goldberg ✨)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815) (dependabot[bot])
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811) (renovate[bot])
• 2f58136 chore: pin peter-evans/create-pull-request action to 5f6978f (#20810) (renovate[bot])
• 77add7f chore: add initial ecosystem plugin tests workflow (#19643) (Josh Goldberg ✨)
• 4023b55 test: Add unit tests for SuppressionsService.prune() (#20797) (kuldeep kumar)
• 54080da test: add unit tests for ForkContext (#20778) (kuldeep kumar)
• f0e2bcc test: add unit tests for SuppressionsService.suppress() method (#20765) (kuldeep kumar)
• a7f0b94 chore: update dependency prettier to v3.8.3 (#20782) (renovate[bot])
• 7bf93d9 chore: update TypeScript to v6 (#20677) (sethamus)
• b42dd72 ci: bump pnpm/action-setup from 6.0.0 to 6.0.1 (#20781) (dependabot[bot])
• 2b252be test: add unit tests for IdGenerator (#20775) (kuldeep kumar)

v10.2.1

Bug Fixes

• 14be92b fix: model generator yield resumption paths in code path analysis (#20665) (sethamus)
• 84a19d2 fix: no-async-promise-executor false positives for shadowed Promise (#20740) (xbinaryx)
• af764af fix: clarify language and processor validation errors (#20729) (Pixel998)
• e251b89 fix: update eslint (#20715) (renovate[bot])

Documentation

• ca92ca0 docs: reuse markdown-it instance for markdown filter (#20768) (Amaresh S M)
• 57d2ee2 docs: Enable Eleventy incremental mode for watch (#20767) (Amaresh S M)
• c1621b9 docs: fix typos in code-path-analyzer.js (#20700) (Ayush Shukla)
• 1418d52 docs: Update README (GitHub Actions Bot)
• 39771e6 docs: Update README (GitHub Actions Bot)
• 71e0469 docs: fix incomplete JSDoc param description in no-shadow rule (#20728) (kuldeep kumar)
• 22119ce docs: clarify scope of for-direction rule with dead code examples (#20723) (Amaresh S M)
• 8f3fb77 docs: document meta.docs.dialects (#20718) (Pixel998)

Chores

• 7ddfea9 chore: update dependency prettier to v3.8.2 (#20770) (renovate[bot])
• fac40e1 ci: bump pnpm/action-setup from 5.0.0 to 6.0.0 (#20763) (dependabot[bot])
• 7246f92 test: add tests for SuppressionsService.load() error handling (#20734) (kuldeep kumar)
• 4f34b1e chore: update pnpm/action-setup action to v5 (#20762) (renovate[bot])

... (truncated)

Commits

• 7889204 10.3.0
• 5b69b4f Build: changelog update for 10.3.0
• d32235e ci: use pnpm in eslint-flat-config-utils type integration test (#20826)
• b6ae5cf fix: handle unavailable require cache (#20812)
• 3ffb14e chore: clean up typos in comments and JSDoc (#20821)
• 6fb3685 fix: rule suggestions cause continuation in class body (#20787)
• 22eb58a chore: add missing continue-on-error to ecosystem-tests.yml (#20818)
• 88bf002 ci: bump pnpm/action-setup from 6.0.1 to 6.0.3 (#20815)
• 379571a feat: add suggestions for no-unused-private-class-members (#20773)
• 97c8c33 chore: update ilshidur/action-discord action to v0.4.0 (#20811)
• Additional commits viewable in compare view

Updates eslint-plugin-format from 1.5.0 to 2.0.1

Release notes

Sourced from eslint-plugin-format's releases.

v2.0.1

   🐞 Bug Fixes

• Clear extra meta  -  by @​antfu (e8d0c)
• oxfmt: Ignore unsupported file type error  -  by @​hyoban in antfu/eslint-plugin-format#20 (cb945)

    View changes on GitHub

v2.0.0

   🚀 Features

• Migrate to tsdown, drop CJS  -  by @​antfu (d6377)

    View changes on GitHub

Commits

• ce0e909 chore: release v2.0.1
• 1c1fdab chore: update deps
• cb94584 fix(oxfmt): ignore unsupported file type error (#20)
• e8d0cb8 fix: clear extra meta
• c72aabf chore: release v2.0.0
• d637750 feat: migrate to tsdown, drop CJS
• See full diff in compare view

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	c8@​10.1.3 ⏵ 11.0.0
	eslint-plugin-format@​1.5.0 ⏵ 2.0.1				-3
	eslint@​9.39.4 ⏵ 10.3.0	+1
	@​antfu/​eslint-config@​7.7.3 ⏵ 9.0.0				+2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm @typescript-eslint/eslint-plugin is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → npm/@antfu/eslint-config@9.0.0 → npm/@typescript-eslint/eslint-plugin@8.59.2 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.59.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm eslint-plugin-jsdoc is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: pnpm-lock.yaml → npm/@antfu/eslint-config@9.0.0 → npm/eslint-plugin-jsdoc@62.9.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/eslint-plugin-jsdoc@62.9.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report