Update dependency @eslint/compat to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@eslint/compat (source)	^1.2.1 -> ^2.0.0

---

Release Notes

eslint/rewrite (@​eslint/compat)

v2.0.0

Compare Source

⚠ BREAKING CHANGES

• Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#​297)

Features

• patch missing context and SourceCode methods for v10 (#​311) (a40d8c6)
• Require Node.js ^20.19.0 || ^22.13.0 || >=24 (#​297) (acc623c)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^0.17.0 to ^1.0.0

v1.4.1

Compare Source

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^0.16.0 to ^0.17.0

v1.4.0

Compare Source

Features

• Add config types in @​eslint/core (#​237) (7b6dd37)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^0.15.2 to ^0.16.0

v1.3.2

Compare Source

Dependencies

• The following workspace dependencies were updated
  • devDependencies
    • @​eslint/core bumped from ^0.15.1 to ^0.15.2

v1.3.1

Compare Source

Bug Fixes

• relax @eslint/compat eslint peerDependencies constraint (#​215) (b96ec0c)

Dependencies

• The following workspace dependencies were updated
  • devDependencies
    • @​eslint/core bumped from ^0.15.0 to ^0.15.1

v1.3.0

Compare Source

Features

• add support for custom name parameter to includeIgnoreFile (#​211) (3e18175)

Dependencies

• The following workspace dependencies were updated
  • devDependencies
    • @​eslint/core bumped from ^0.14.0 to ^0.15.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: eac3789

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​eslint/​compat@​1.2.9 ⏵ 2.0.0				+2

View full report

[coderabbitai]

Walkthrough

This pull request updates the @eslint/compat devDependency in package.json from version ^1.2.1 to ^2.0.0. The change represents a major version upgrade of the ESLint compatibility package. No additional modifications to other files or functional code are included in this update.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: updating @eslint/compat to version 2, which directly matches the package.json modification.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check	✅ Passed	The PR description is directly related to the changeset, providing detailed information about the @eslint/compat dependency upgrade from ^1.2.1 to ^2.0.0.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch renovate/eslint-compat-2.x

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6308fdc and eac3789.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📚 Learning: 2025-09-04T09:13:21.278Z

Learnt from: Amxx
Repo: OpenZeppelin/openzeppelin-contracts PR: 5904
File: contracts/crosschain/ERC7786Recipient.sol:3-3
Timestamp: 2025-09-04T09:13:21.278Z
Learning: In OpenZeppelin contracts, hardhat.config.js uses a sophisticated yargs-based configuration where the Solidity compiler version is set via argv.compiler (line 77) with a default of '0.8.27' defined in the yargs options (line 21), allowing flexible command-line overrides while maintaining a consistent default.

Applied to files:

• package.json

📚 Learning: 2025-09-04T09:13:21.278Z

Learnt from: Amxx
Repo: OpenZeppelin/openzeppelin-contracts PR: 5904
File: contracts/crosschain/ERC7786Recipient.sol:3-3
Timestamp: 2025-09-04T09:13:21.278Z
Learning: In OpenZeppelin contracts, hardhat.config.js uses yargs to configure the Solidity compiler version dynamically via command line arguments, with a default of '0.8.27' set on line 21 and the solidity configuration using argv.compile around lines 76-87, rather than hardcoded version strings.

Applied to files:

• package.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)

• GitHub Check: boostsecurity - boostsecurityio/scanner
• GitHub Check: Redirect rules - solidity-contracts
• GitHub Check: Header rules - solidity-contracts
• GitHub Check: Pages changed - solidity-contracts
• GitHub Check: tests-upgradeable
• GitHub Check: tests
• GitHub Check: tests-foundry
• GitHub Check: slither
• GitHub Check: coverage
• GitHub Check: halmos

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify Node.js version compatibility with @eslint/compat v2.0.0.

@eslint/compat v2.0.0 requires Node.js v20.19.0 or later, a significant increase from v1.x. Confirm that the project's CI/CD pipelines and local development environments support Node.js 20.19.0+ (or 22.13.0+, or >=24). This is a breaking change that could prevent linting on machines running older Node.js versions.

Run the following script to verify Node.js version constraints are properly configured:

---

🏁 Script executed:

#!/bin/bash
# Description: Check current Node.js version constraints in the repository

echo "=== Checking engines field in package.json ==="
jq '.engines // "No engines field found"' package.json

echo -e "\n=== Checking .nvmrc file ==="
if [ -f .nvmrc ]; then
  cat .nvmrc
else
  echo "No .nvmrc file found"
fi

echo -e "\n=== Checking .node-version file ==="
if [ -f .node-version ]; then
  cat .node-version
else
  echo "No .node-version file found"
fi

echo -e "\n=== Checking GitHub Actions workflows for Node.js version constraints ==="
find .github/workflows -type f \( -name "*.yml" -o -name "*.yaml" \) 2>/dev/null | while read file; do
  if grep -q "node-version\|setup-node" "$file"; then
    echo "Found in $file:"
    grep -A 2 "node-version\|setup-node" "$file" | head -10
  fi
done || echo "No Node.js version constraints found in workflows"

Length of output: 262

---

Add Node.js version constraint to package.json to enforce @eslint/compat v2.0.0 compatibility.

The upgrade from @eslint/compat v1.2.1 to v2.0.0 introduces a breaking change with stricter Node.js requirements. However, the repository lacks any explicit Node.js version constraints in package.json (no engines field), version management files (.nvmrc, .node-version), or CI workflow specifications. This means developers and CI systems cannot detect the new Node.js requirement, risking silent failures during linting.

Add an engines field to package.json to explicitly declare the minimum Node.js version required:

"engines": {
  "node": "^20.19.0 || ^22.13.0 || >=24"
}

Also verify that GitHub Actions workflows are configured to use compatible Node.js versions or will inherit them correctly.

🤖 Prompt for AI Agents

In package.json around line 59, there is no Node.js engine constraint which is
required because @eslint/compat v2.0.0 has stricter Node requirements; add an
"engines" field to package.json with the node constraint "node": "^20.19.0 ||
^22.13.0 || >=24" (or equivalent semver range) so package managers and tools can
detect the minimum Node version, and also add/update a .nvmrc or .node-version
file and/or ensure GitHub Actions workflows set compatible Node versions (20.19,
22.13, or >=24) to keep local and CI environments consistent.

---

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

Verify Node.js version compatibility with @eslint/compat v2.0.0.

@eslint/compat v2.0.0 requires Node.js v20.19.0 or later, compared to its v1.x versions. This is a breaking change that may impact CI/CD pipelines and local development if the project currently supports Node.js versions below 20.19.0 or 22.13.0.

Ensure the project's Node.js version constraints are updated accordingly.

Run the following script to check the project's current Node.js version constraints:

---

🏁 Script executed:

#!/bin/bash
# Description: Check for Node.js version constraints in the repository

# Check if package.json has an engines field
echo "=== Checking engines field in package.json ==="
jq '.engines // "No engines field found"' package.json

# Check for .nvmrc file
echo -e "\n=== Checking .nvmrc file ==="
if [ -f .nvmrc ]; then
  cat .nvmrc
else
  echo "No .nvmrc file found"
fi

# Check for .node-version file
echo -e "\n=== Checking .node-version file ==="
if [ -f .node-version ]; then
  cat .node-version
else
  echo "No .node-version file found"
fi

# Search for GitHub Actions workflows that specify Node.js version
echo -e "\n=== Checking GitHub Actions workflows for Node.js version ==="
find .github/workflows -name "*.yml" -o -name "*.yaml" 2>/dev/null | xargs grep -h "node-version\|uses.*setup-node" 2>/dev/null || echo "No GitHub Actions workflows found or no Node.js version specified"

Length of output: 316

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Description: More thorough check for CI configurations and version constraints

# Check if .github/workflows directory exists and list contents
echo "=== Checking .github directory structure ==="
if [ -d .github ]; then
  find .github -type f \( -name "*.yml" -o -name "*.yaml" -o -name "*.json" \) | head -20
else
  echo ".github directory does not exist"
fi

# Check for other CI configuration files
echo -e "\n=== Checking for other CI configuration files ==="
for file in .travis.yml .circleci/config.yml Jenkinsfile azure-pipelines.yml .gitlab-ci.yml; do
  if [ -f "$file" ]; then
    echo "Found: $file"
  fi
done
echo "Done"

# Display the full package.json to see context
echo -e "\n=== Checking package.json for engines and eslint-related entries ==="
jq '.engines, .devDependencies | select(. != null)' package.json 2>/dev/null || cat package.json | grep -A5 -B5 "eslint\|engines" | head -30

Length of output: 1907

---

🏁 Script executed:

#!/bin/bash
# Description: Check documentation for Node.js requirements

echo "=== Checking README for Node.js requirements ==="
if [ -f README.md ]; then
  grep -i "node\|version\|requirement" README.md | head -10 || echo "No Node.js version info found in README"
else
  echo "No README.md found"
fi

echo -e "\n=== Checking for CHANGELOG or similar docs ==="
find . -maxdepth 1 -type f \( -name "CHANGELOG*" -o -name "HISTORY*" -o -name "RELEASES*" \) 2>/dev/null | head -5

Length of output: 1726

---

---

🏁 Script executed:

```shell
#!/bin/bash
# Description: Check GitHub workflow files for Node.js version specifications

echo "=== Checking workflow files for Node.js version ==="
for workflow in .github/workflows/*.yml; do
  if [ -f "$workflow" ]; then
    echo "--- $workflow ---"
    grep -E "node-version|setup-node|uses:.*node" "$workflow" | head -5
  fi
done

echo -e "\n=== Checking .github/actions/setup/action.yml for Node.js setup ==="
if [ -f .github/actions/setup/action.yml ]; then
  cat .github/actions/setup/action.yml
fi

Length of output: 944

---

🏁 Script executed:

#!/bin/bash
# Description: Check CHANGELOG for Node.js version policy

echo "=== Checking CHANGELOG for Node.js version requirements ==="
grep -i "node" CHANGELOG.md | head -15 || echo "No Node.js info in CHANGELOG"

echo -e "\n=== Checking if PR diff mentions engines field ==="
# This would check if engines was added, but we need context from user
echo "Note: Need to verify if this PR intended to add engines field"

Length of output: 345

---

Add engines field to enforce Node.js version requirement for @eslint/compat v2.0.0.

CI is correctly configured with Node.js 24.x. However, @eslint/compat v2.0.0 requires Node.js ^20.19.0 || ^22.13.0 || >=24, and package.json lacks an engines field to enforce this requirement for local development and package installation. This could allow installation on incompatible Node versions, causing runtime failures.

Add to package.json:

"engines": {
  "node": "^20.19.0 || ^22.13.0 || >=24"
}

🤖 Prompt for AI Agents

In package.json around line 59, add an "engines" field to enforce the Node.js
versions required by @eslint/compat v2.0.0; update package.json to include an
"engines" object specifying node: ^20.19.0 || ^22.13.0 || >=24 so local installs
and development will be blocked or warned on incompatible Node versions.