Summary
Several dev dependencies require major version upgrades to address security vulnerabilities and maintain compatibility with modern Node.js.
Current vs Latest Versions
| Package |
Current |
Latest |
Breaking? |
| typescript |
3.0.3 |
5.9.3 |
Yes |
| mocha |
5.2.0 |
11.7.5 |
Yes |
| @types/mocha |
5.2.5 |
10.0.10 |
Yes |
| tslint |
5.11.0 |
5.20.1 |
No (but deprecated) |
Notable Breaking Changes (TypeScript 3.x → 5.x)
Awaited type changes affecting Promise handling- Import elision behavior changes
- Stricter type checking with
--useUnknownForCatchVariables
- Template string concatenation uses
.concat() instead of +
- See TypeScript Breaking Changes
Recommended Actions
- TSLint → ESLint migration: TSLint is deprecated. Consider migrating to ESLint with
@typescript-eslint.
- Update TypeScript: Upgrade to 5.x and fix any type errors
- Update Mocha: Upgrade to 11.x (requires Node.js 18+)
- Update Node.js engine requirement: Current
"node": "8.x.x" is extremely outdated. Recommend Node.js 18+ or 20+.
Security Vulnerabilities Addressed
minimist prototype pollution (critical)diff DoS vulnerabilityminimatch ReDoS vulnerability- Various other vulnerabilities in transitive dependencies
🤖 Generated by automated security sweep
Summary
Several dev dependencies require major version upgrades to address security vulnerabilities and maintain compatibility with modern Node.js.
Current vs Latest Versions
Notable Breaking Changes (TypeScript 3.x → 5.x)
Awaitedtype changes affecting Promise handling--useUnknownForCatchVariables.concat()instead of+Recommended Actions
@typescript-eslint."node": "8.x.x"is extremely outdated. Recommend Node.js 18+ or 20+.Security Vulnerabilities Addressed
minimistprototype pollution (critical)diffDoS vulnerabilityminimatchReDoS vulnerability🤖 Generated by automated security sweep