Bump @typescript-eslint/parser from 8.54.0 to 8.58.0

[dependabot]

Bumps @typescript-eslint/parser from 8.54.0 to 8.58.0.

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.58.0

8.58.0 (2026-03-30)

🚀 Features

• support TypeScript 6 (#12124)

🩹 Fixes

• eslint-plugin: crash in no-unnecessary-type-arguments (#12163)
• eslint-plugin: [no-extraneous-class] handle index signatures (#12142)
• eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#12161)

❤️ Thank You

• ej shafran @​ej-shafran
• Evyatar Daud @​StyleShit
• GG ZIBLAKING
• milkboy2564 @​SeolJaeHyeok
• teee32 @​teee32

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.57.2

8.57.2 (2026-03-23)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] remove dangling closing parenthesis (#11865)
• eslint-plugin: [array-type] ignore Array and ReadonlyArray without type arguments (#11971)
• eslint-plugin: [no-restricted-types] flag banned generics in extends or implements (#12120)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125)
• eslint-plugin: [no-useless-default-assignment] skip reporting false positives for unresolved type parameters (#12127)
• eslint-plugin: [prefer-readonly-parameter-types] preserve type alias infomation (#11954)
• typescript-estree: skip createIsolatedProgram fallback for projectService (#12066, #12065)

❤️ Thank You

• Kirk Waiblinger @​kirkwaiblinger
• Konv Suu
• mdm317
• Newton Yuan @​NewtonYuan
• RyoheiYamamoto
• SungHyun627 @​SungHyun627
• Tamashoo @​Tamashoo

See GitHub Releases for more information.

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.58.0 (2026-03-30)

🚀 Features

• support TypeScript 6 (#12124)

❤️ Thank You

• Evyatar Daud @​StyleShit

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.2 (2026-03-23)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.1 (2026-03-16)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.0 (2026-03-09)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.56.1 (2026-02-23)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.56.0 (2026-02-16)

🚀 Features

... (truncated)

Commits

• 4933417 chore(release): publish 8.58.0
• 8cde2d0 feat: support TypeScript 6 (#12124)
• be4d54d chore(release): publish 8.57.2
• c7c38aa chore(release): publish 8.57.1
• 2c6aeee chore(release): publish 8.57.0
• f696dad chore: use pnpm catalog (#12047)
• a09921e chore: update vitest to 4.x (#12071)
• 96a04a9 chore(release): publish 8.56.1
• 8b8b68f chore(release): publish 8.56.0
• 68a074f feat: support ESLint v10 (#12057)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[fossabot]

[fossabot]

✓ Safe to upgrade

I recommend merging this upgrade because the changes are confined entirely to the developer tooling layer with no production impact. The sole CI failure was an intentional self-healing workflow pattern: after detecting that dist/ was stale following the Dependabot bump, the workflow automatically rebuilt dist/index.js, committed the result, pushed it to the branch, and exited with code 1 by design to trigger a new verification run — no manual intervention is needed. The flagged malicious package (@​typescript_eslinter/eslint) is a distinct typosquatting package with a different name and is not related to this upgrade. The deprecation warnings concern defaultOptions in @​typescript-eslint/utils (the rule-authoring API), which this project never uses — its only usage is the standard parser: tsParser configuration in eslint.config.mjs. No breaking API symbol changes were detected, and Node 20.19.0 satisfies the package's >=20.9.0 engine requirement. The upgrade brings 10 new features, 18 bug fixes, expanded ESLint v10 peer dependency support, and extended TypeScript 6.1 compatibility.

What we checked

• Dependency declared as "@​typescript-eslint/parser": "^8.58.0" in devDependencies — scoped exclusively to the linting toolchain with no production bundle impact ^[1]
• Parser imported with import tsParser from "@​typescript-eslint/parser" and assigned at line 45 as parser: tsParser — standard, stable usage with no deprecated or changed APIs exercised ^[2]
• Usage of tsParser as the parser property in languageOptions is unchanged across this version range; EdgeBit analysis confirms no symbol changes in the public API ^[3]
• Project requires "node": ">= 20.16.0" and runs on Node 20.19.0, which satisfies the new package's engine requirement of >=20.9.0 — no runtime incompatibility exists despite the context note listing individual minimum versions ^[4]
• The defaultOptions identifiers in the source code are plain local variables for exec() options — entirely unrelated to the deprecated defaultOptions API in @​typescript-eslint/utils (which applies only to custom ESLint rule authors). No code changes are required. ^[5]
• The malicious package alert concerns @​typescript_eslinter/eslint (underscore, 'eslinter') — a distinct typosquatting package unrelated to @​typescript-eslint/parser. Excluded per analysis scope rules. ^[6]

Dependency Usage

@​typescript-eslint/parser is used exclusively within the project's developer tooling layer, with its sole runtime configuration in eslint.config.mjs. It acts as a bridge that allows ESLint to parse and statically analyze TypeScript syntax, enabling the enforcement of code quality and style rules across the codebase. This dependency is purely a development-time concern — it has no impact on production application behavior and is scoped entirely to the linting pipeline.

• Parser imported with import tsParser from "@​typescript-eslint/parser" and assigned at line 45 as parser: tsParser — standard, stable usage with no deprecated or changed APIs exercised
  eslint.config.mjs:7
• Usage of tsParser as the parser property in languageOptions is unchanged across this version range; EdgeBit analysis confirms no symbol changes in the public API
  eslint.config.mjs:45

View 1 more usage

• The defaultOptions identifiers in the source code are plain local variables for exec() options — entirely unrelated to the deprecated defaultOptions API in @​typescript-eslint/utils (which applies only to custom ESLint rule authors). No code changes are required.
  src/index.ts:75

Changes

@​typescript-eslint/parser was updated with multiple bug fixes eliminating false positives in rules including no-base-to-string, no-useless-default-assignment, prefer-regexp-exec, no-unsafe-return, and prefer-optional-chain, alongside expanded compatibility support for ESLint v10 and TypeScript 6. The defaultOptions utility in @​typescript-eslint/utils is now deprecated in favor of meta.defaultOptions.

• utils: deprecate defaultOptions in favor of meta.defaultOptions (#11992) (v8.54.0-8.55.0, changelog)
• Deprecate defaultOptions in utils in favor of meta.defaultOptions (v8.54.0-8.55.0, commit)
• eslint-plugin: [no-base-to-string] fix false positive for toString with overloads (#12089) (v8.56.1-8.57.0, changelog)

View 128 more changes

• eslint-plugin: [no-useless-default-assignment] skip reporting false positives for unresolved type parameters (#12127) (v8.57.1-8.57.2, changelog)
• eslint-plugin: [prefer-regexp-exec] avoid fixing unknown RegExp flags (#12161) (v8.57.2-8.58.0, changelog)
• eslint-plugin: [no-unused-vars] remove trailing newline when removing entire import (#11990) (v8.54.0-8.55.0, changelog)
• eslint-plugin: [prefer-promise-reject-errors] add allow TypeOrValueSpecifier to prefer-promise-reject-errors (#12094) (v8.56.1-8.57.0, changelog)
• Newton Yuan @​NewtonYuan (v8.56.1-8.57.0, changelog)
• Newton Yuan @​NewtonYuan (v8.57.0-8.57.1, changelog)
• eslint-plugin: [no-restricted-types] flag banned generics in extends or implements (#12120) (v8.57.1-8.57.2, changelog)
• Newton Yuan @​NewtonYuan (v8.57.1-8.57.2, changelog)
• eslint-plugin: [no-useless-default-assignment] require strictNullChecks (#11966, #12000) (v8.54.0-8.55.0, changelog)
• eslint-plugin: [no-useless-default-assignment] report unnecessary defaults in ternary expressions (#11984) (v8.54.0-8.55.0, changelog)
• eslint-plugin: [no-useless-default-assignment] reduce param index to ts this handling (#11949) (v8.54.0-8.55.0, changelog)
• typescript-estree: forbid invalid modifier in object expression (#11931) (v8.54.0-8.55.0, changelog)
• Christian Rose @​chrros95 (v8.54.0-8.55.0, changelog)
• fisker Cheung @​fisker (v8.54.0-8.55.0, changelog)
• Josh Goldberg (v8.54.0-8.55.0, changelog)
• Maria Solano @​MariaSolOs (v8.54.0-8.55.0, changelog)
• Minyeong Kim @​minyeong981 (v8.54.0-8.55.0, changelog)
• SungHyun627 @​SungHyun627 (v8.54.0-8.55.0, changelog)
• Yukihiro Hasegawa @​y-hsgw (v8.54.0-8.55.0, changelog)
• support ESLint v10 (#12057) (v8.55.0-8.56.0, changelog)
• use parser options from context.languageOptions (#12043) (v8.55.0-8.56.0, changelog)
• Brad Zacher @​bradzacher (v8.55.0-8.56.0, changelog)
• fnx @​DMartens (v8.55.0-8.56.0, changelog)
• Joshua Chen (v8.55.0-8.56.0, changelog)
• eslint-plugin: [no-unnecessary-condition] allow literal loop conditions in for/do loops (#12080) (v8.56.1-8.57.0, changelog)
• eslint-plugin: [strict-void-return] false positives with overloads (#12055) (v8.56.1-8.57.0, changelog)
• eslint-plugin: handle statically analyzable computed keys in prefer-readonly (#12079) (v8.56.1-8.57.0, changelog)
• eslint-plugin: guard against negative paramIndex in no-useless-default-assignment (#12077) (v8.56.1-8.57.0, changelog)
• typescript-estree: switch back to use ts.getModifiers() (#12034) (v8.56.1-8.57.0, changelog)
• typescript-estree: if the template literal is tagged and the text has an invalid escape, cooked will be null (#11355) (v8.56.1-8.57.0, changelog)
• Brad Zacher @​bradzacher (v8.56.1-8.57.0, changelog)
• Brian Schlenker @​bschlenk (v8.56.1-8.57.0, changelog)
• Evyatar Daud @​StyleShit (v8.56.1-8.57.0, changelog)
• fisker Cheung @​fisker (v8.56.1-8.57.0, changelog)
• James Henry @​JamesHenry (v8.56.1-8.57.0, changelog)
• Josh Goldberg (v8.56.1-8.57.0, changelog)
• Kirk Waiblinger @​kirkwaiblinger (v8.56.1-8.57.0, changelog)
• Moses Odutusin @​thebolarin (v8.56.1-8.57.0, changelog)
• SungHyun627 @​SungHyun627 (v8.56.1-8.57.0, changelog)
• Younsang Na @​nayounsang (v8.56.1-8.57.0, changelog)
• eslint-plugin: [prefer-optional-chain] no report for property on intersection type (#12126) (v8.57.0-8.57.1, changelog)
• eslint-plugin: [prefer-optional-chain] remove dangling closing parenthesis (#11865) (v8.57.1-8.57.2, changelog)
• eslint-plugin: [array-type] ignore Array and ReadonlyArray without type arguments (#11971) (v8.57.1-8.57.2, changelog)
• eslint-plugin: [no-unsafe-return] false positive on unwrapping generic (#12125) (v8.57.1-8.57.2, changelog)
• eslint-plugin: [prefer-readonly-parameter-types] preserve type alias infomation (#11954) (v8.57.1-8.57.2, changelog)
• typescript-estree: skip createIsolatedProgram fallback for projectService (#12066, #12065) (v8.57.1-8.57.2, changelog)
• Claude Opus 4.6 (v8.57.1-8.57.2, changelog)
• Kirk Waiblinger @​kirkwaiblinger (v8.57.1-8.57.2, changelog)
• Konv Suu (v8.57.1-8.57.2, changelog)
• mdm317 (v8.57.1-8.57.2, changelog)
• SungHyun627 @​SungHyun627 (v8.57.1-8.57.2, changelog)
• Tamashoo @​Tamashoo (v8.57.1-8.57.2, changelog)
• support TypeScript 6 (#12124) (v8.57.2-8.58.0, changelog)
• eslint-plugin: crash in no-unnecessary-type-arguments (#12163) (v8.57.2-8.58.0, changelog)
• eslint-plugin: [no-extraneous-class] handle index signatures (#12142) (v8.57.2-8.58.0, changelog)
• ej shafran @​ej-shafran (v8.57.2-8.58.0, changelog)
• Evyatar Daud @​StyleShit (v8.57.2-8.58.0, changelog)
• GG ZIBLAKING (v8.57.2-8.58.0, changelog)
• milkboy2564 @​SeolJaeHyeok (v8.57.2-8.58.0, changelog)
• teee32 @​teee32 (v8.57.2-8.58.0, changelog)
• Fix missing workspace refs in project-service (v8.54.0-8.55.0, commit)
• Fix [no-useless-default-assignment] rule: reduce param index, report unnecessary defaults, and require strictNullChecks (v8.54.0-8.55.0, commit)
• Fix [no-unused-vars] rule: remove trailing newline when removing entries (v8.54.0-8.55.0, commit)
• Fix typescript-estree: forbid invalid modifier in object expression (v8.54.0-8.55.0, commit)
• Fix default value of disallowAutomaticSingleRunInference in parser documentation (v8.56.0-8.56.1, commit)
• Clarify autofix impact on type in method-signature-style documentation (v8.56.0-8.56.1, commit)
• Fixed false positive in no-base-to-string rule for toString with certain conditions (v8.56.1-8.57.0, commit)
• Fixed prefer-promise-reject-errors rule to allow TypeOrValueSpecifier (v8.56.1-8.57.0, commit)
• Fixed template literal handling in typescript-estree when tagged and text has specific content (v8.56.1-8.57.0, commit)
• Fixed negative paramIndex guard in no-useless-default-params rule (v8.56.1-8.57.0, commit)
• Fixed prefer-readonly rule to handle statically analyzable computed keys (v8.56.1-8.57.0, commit)
• Fixed strict-void-return rule false positives with overloads (v8.56.1-8.57.0, commit)
• Updated website editor settings with fixedOverflowWidgets (v8.56.1-8.57.0, commit)
• Corrected test snapshot (v8.56.1-8.57.0, commit)
• Fixed eslint-plugin prefer-optional-chain rule to not report for property on intersections (v8.57.0-8.57.1, commit)
• Add link to GitHub releases in changelog (v8.54.0-8.55.0, commit)
• Add data/ directory to Nx outputs in website (v8.54.0-8.55.0, commit)
• Add default excludes to vitest in eslint-plugin (v8.56.0-8.56.1, commit)
• Added no-unnecessary-condition rule to allow literal loop conditions (v8.56.1-8.57.0, commit)
• Release version 8.55.0 (v8.54.0-8.55.0, commit)
• Update dependency @​types/node to v22.19.7 (v8.54.0-8.55.0, commit)
• Update dependency cspell to v9.6.2 (v8.54.0-8.55.0, commit)
• Update dependency eslint-plugin-eslint-plugin to v7.3.0 (v8.54.0-8.55.0, commit)
• Update dependency esquery to v1.7.0 (v8.54.0-8.55.0, commit)
• Update dependency tsx to v4.21.0 (v8.54.0-8.55.0, commit)
• Update dependency glob to v11.1.0 (v8.54.0-8.55.0, commit)
• Update dependency @​eslint-community/eslint-plugin-eslint-comments (v8.54.0-8.55.0, commit)
• Update dependency @​babel/code-frame to v7.28.6 (v8.54.0-8.55.0, commit)
• Update dependency eslint-plugin-perfectionist to v5.4.0 (v8.54.0-8.55.0, commit)
• Update dependency unist-util-visit to v5.1.0 (v8.54.0-8.55.0, commit)
• Update dependency @​types/babel__code-frame to v7.27.0 (v8.54.0-8.55.0, commit)
• Reload website with latest TypeScript when unsupported version is detected (v8.54.0-8.55.0, commit)
• Use @​docusaurus/faster for faster docusaurus builds (v8.54.0-8.55.0, commit)
• Use workspace refs for workspace deps (v8.54.0-8.55.0, commit)
• Migrate to pnpm (v8.54.0-8.55.0, commit)
• Support ESLint v10 (v8.55.0-8.56.0, commit)
• Use parser options from context.languageOptions (v8.55.0-8.56.0, commit)

View 31 more changes in the full analysis

References (6)

[1]: Dependency declared as "@​typescript-eslint/parser": "^8.58.0" in devDependencies — scoped exclusively to the linting toolchain with no production bundle impact

fossa-action/package.json

Line 24 in e362806

"@typescript-eslint/parser": "^8.58.0",

[2]: Parser imported with import tsParser from "@​typescript-eslint/parser" and assigned at line 45 as parser: tsParser — standard, stable usage with no deprecated or changed APIs exercised

fossa-action/eslint.config.mjs

Line 7 in e362806

import tsParser from "@typescript-eslint/parser";

[3]: Usage of tsParser as the parser property in languageOptions is unchanged across this version range; EdgeBit analysis confirms no symbol changes in the public API

fossa-action/eslint.config.mjs

Line 45 in e362806

parser: tsParser,

[4]: Project requires "node": ">= 20.16.0" and runs on Node 20.19.0, which satisfies the new package's engine requirement of >=20.9.0 — no runtime incompatibility exists despite the context note listing individual minimum versions

fossa-action/package.json

Line 11 in e362806

"node": ">= 20.16.0"

[5]: The defaultOptions identifiers in the source code are plain local variables for exec() options — entirely unrelated to the deprecated defaultOptions API in @​typescript-eslint/utils (which applies only to custom ESLint rule authors). No code changes are required.

fossa-action/src/index.ts

Line 75 in e362806

const defaultOptions = { env: { ...process.env, PATH, FOSSA_API_KEY }, cwd: WORKING_DIRECTORY, listeners };

[6]: The malicious package alert concerns @​typescript_eslinter/eslint (underscore, 'eslinter') — a distinct typosquatting package unrelated to @​typescript-eslint/parser. Excluded per analysis scope rules. (source link)

---

fossabot analyzed this PR using static analysis and dependency research. View this analysis on the web

[dependabot]

A newer version of @​typescript-eslint/parser exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.