chore(deps-dev): bump eslint-plugin-react-refresh from 0.4.26 to 0.5.0 in /apps/admin

[dependabot]

Bumps eslint-plugin-react-refresh from 0.4.26 to 0.5.0.

Release notes

Sourced from eslint-plugin-react-refresh's releases.

v0.5.0

Breaking changes

• The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
• A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
  • plugin: The plugin object with the rules
  • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
• customHOCs option was renamed to extraHOCs
• Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig({
files: ["/*.ts", "/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});

Why

This version follows a revamp of the internal logic to better make the difference between random call expressions like export const Enum = Object.keys(Record) and actual React HOC calls like export const MemoComponent = memo(Component). (fixes #93)

The rule now handles ternaries and patterns like export default customHOC(props)(Component) which makes it able to correctly support files like this one given this config:

... (truncated)

Changelog

Sourced from eslint-plugin-react-refresh's changelog.

0.5.0

Breaking changes

• The package now ships as ESM and requires ESLint 9 + node 20. Because legacy config doesn't support ESM, this requires to use flat config
• A new reactRefresh export is available and prefered over the default export. It's an object with two properties:
  • plugin: The plugin object with the rules
  • configs: An object containing configuration presets, each exposed as a function. These functions accept your custom options, merge them with sensible defaults for that config, and return the final config object.
• customHOCs option was renamed to extraHOCs
• Validation of HOCs calls is now more strict, you may need to add some HOCs to the extraHOCs option

Config example:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig(
/* Main config */
reactRefresh.configs.vite({ extraHOCs: ["someLibHOC"] }),
);

Config example without config:

import { defineConfig } from "eslint/config";
import { reactRefresh } from "eslint-plugin-react-refresh";
export default defineConfig({
files: ["/*.ts", "/*.tsx"],
plugins: {
// other plugins
"react-refresh": reactRefresh.plugin,
},
rules: {
// other rules
"react-refresh/only-export-components": [
"warn",
{ extraHOCs: ["someLibHOC"] },
],
},
});

Why

This version follows a revamp of the internal logic to better make the difference between random call expressions like export const Enum = Object.keys(Record) and actual React HOC calls like export const MemoComponent = memo(Component). (fixes #93)

The rule now handles ternaries and patterns like export default customHOC(props)(Component) which makes it able to correctly support files like this one given this config:

... (truncated)

Commits

• daa2efb Revamp logic to catch more cases [publish] (#97)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[fingertips18]

@coderabbitai Are there any breaking changes in this dependency update? Is it safe to merge?

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@fingertips18: Let me check your current ESLint configuration to assess the breaking changes.

---

🏁 Script executed:

#!/bin/bash

# Check ESLint version in apps/admin
echo "=== ESLint version in apps/admin ==="
if [ -f "apps/admin/package.json" ]; then
  cat apps/admin/package.json | jq '.devDependencies.eslint // .dependencies.eslint // "not found"'
fi

# Check Node version requirements
echo -e "\n=== Node version requirement ==="
if [ -f "apps/admin/package.json" ]; then
  cat apps/admin/package.json | jq '.engines.node // "not specified"'
fi
if [ -f "package.json" ]; then
  cat package.json | jq '.engines.node // "not specified"'
fi

# Find ESLint configuration files
echo -e "\n=== ESLint configuration files ==="
fd -t f 'eslint.config' apps/admin
fd -t f '.eslintrc' apps/admin

# Check current eslint-plugin-react-refresh usage
echo -e "\n=== Current ESLint config content ==="
if [ -f "apps/admin/eslint.config.js" ]; then
  echo "Found eslint.config.js (flat config):"
  cat apps/admin/eslint.config.js
elif [ -f "apps/admin/eslint.config.mjs" ]; then
  echo "Found eslint.config.mjs (flat config):"
  cat apps/admin/eslint.config.mjs
elif [ -f "apps/admin/.eslintrc.json" ]; then
  echo "Found .eslintrc.json (legacy config):"
  cat apps/admin/.eslintrc.json
elif [ -f "apps/admin/.eslintrc.js" ]; then
  echo "Found .eslintrc.js (legacy config):"
  cat apps/admin/.eslintrc.js
elif [ -f "apps/admin/.eslintrc.cjs" ]; then
  echo "Found .eslintrc.cjs (legacy config):"
  cat apps/admin/.eslintrc.cjs
fi

# Check for any usage of customHOCs option
echo -e "\n=== Checking for customHOCs usage ==="
rg 'customHOCs' apps/admin --type js --type ts

Length of output: 1719

---

🏁 Script executed:

#!/bin/bash

# Check if there's a .nvmrc or .node-version file
echo "=== Node version files ==="
if [ -f ".nvmrc" ]; then
  echo "Found .nvmrc:"
  cat .nvmrc
fi
if [ -f ".node-version" ]; then
  echo "Found .node-version:"
  cat .node-version
fi

# Check GitHub Actions workflow for Node version
echo -e "\n=== GitHub Actions Node versions ==="
fd -t f '.yml' .github/workflows --exec cat {} | rg 'node-version' -A1 -B1

# Check for volta configuration in package.json
echo -e "\n=== Volta configuration ==="
cat package.json | jq '.volta // "not configured"'

Length of output: 138

---

@fingertips18: Yes, there are breaking changes that will affect your project. Here's what I found:

✅ Compatible Items:

• ESLint version: You're using ^9.39.2 (meets requirement)
• Flat config: Already using eslint.config.js (correct format)
• Import style: Already using reactRefresh named import (correct)
• customHOCs: Not using this option (no impact)

⚠️ Breaking Changes That Need Action:

1. Node Version Requirement

• Current: >=18.0.0 in apps/admin/package.json
• Required: Node 20+
• Action: Update your engines.node to >=20.0.0

2. Config API Change (Critical)

• Current usage (Line 36 in eslint.config.js):

...reactRefresh.configs.vite.rules,

• New v0.5.0 syntax requires a function call:

...reactRefresh.configs.vite(),

Required Changes:

File: apps/admin/package.json

"engines": {
  "node": ">=20.0.0"
}

File: apps/admin/eslint.config.js

rules: {
  ...reactHooks.configs.recommended.rules,
  ...reactRefresh.configs.vite(),  // Changed from .rules to ()
  '@typescript-eslint/no-unsafe-assignment': 'off',
  '@typescript-eslint/no-unsafe-member-access': 'off',
},

Recommendation:

Not safe to merge as-is. You need to make these configuration updates first, otherwise ESLint will break after the dependency update. Would you like me to help you plan these changes?