Bump npm pkg version for hashFiles.#4122
Merged
TingluoHuang merged 1 commit intomainfrom Nov 18, 2025
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR bumps npm package versions for the hashFiles expression function to address security vulnerabilities identified by npm audit fix. The changes include major version upgrades of TypeScript ESLint tooling and Node.js type definitions, along with corresponding configuration updates and a regenerated webpack bundle.
Key Changes
- Major version bump of @typescript-eslint packages from v6 to v8
- Update @types/node from v20 to v22
- Migration of deprecated ESLint rules to their new equivalents
- Regenerated webpack bundle (index.js) reflecting the dependency updates
Reviewed Changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| src/Misc/expressionFunc/hashFiles/package.json | Updates devDependencies for @types/node (20.6.2 → 22.0.0), @typescript-eslint/eslint-plugin (6.21.0 → 8.0.0), and @typescript-eslint/parser (6.7.2 → 8.0.0) |
| src/Misc/expressionFunc/hashFiles/package-lock.json | Reflects complete dependency tree updates including transitive dependencies, security patches, and new package additions (undici-types) |
| src/Misc/expressionFunc/hashFiles/.eslintrc.json | Migrates deprecated TypeScript ESLint v6 rules to v8 equivalents (@typescript-eslint/func-call-spacing → func-call-spacing, @typescript-eslint/semi → semi) and removes @typescript-eslint/type-annotation-spacing |
| src/Misc/layoutbin/hashFiles/index.js | Auto-generated webpack/ncc bundle reflecting updated dependencies with new module IDs and updated helper functions |
Files not reviewed (1)
- src/Misc/expressionFunc/hashFiles/package-lock.json: Language not supported
TingluoHuang
force-pushed
the
users/tihuang/bumpnpmpkg
branch
from
01e674f to
024e034
Compare
salmanmkc
approved these changes
Nov 18, 2025
alinetskyi
pushed a commit
to CoreumFoundation/runner
that referenced
this pull request
Jan 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Update pkg to make
npm audit fixclear.