Skip to content

Bump typescript from 5.7.3 to 5.9.2#50

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/typescript-5.9.2
Closed

Bump typescript from 5.7.3 to 5.9.2#50
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/typescript-5.9.2

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Aug 12, 2025

Bumps typescript from 5.7.3 to 5.9.2.

Release notes

Sourced from typescript's releases.

TypeScript 5.9

For release notes, check out the release announcement

Downloads are available on:

TypeScript 5.9 RC

For release notes, check out the release announcement

Downloads are available on:

TypeScript 5.9 Beta

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8.3

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8 RC

... (truncated)

Commits
  • be86783 Give more specific errors for verbatimModuleSyntax (#62113)
  • 22ef577 LEGO: Pull request from lego/hb_5378966c-b857-470a-8675-daebef4a6da1_20250714...
  • d5a414c Don't use noErrorTruncation when printing types with maximumLength set (#...
  • f14b5c8 Remove unused and confusing dom.iterable.d.ts file (#62037)
  • 2778e84 Restore AbortSignal.abort (#62086)
  • 65cb4bd LEGO: Pull request from lego/hb_5378966c-b857-470a-8675-daebef4a6da1_20250710...
  • 9e20e03 Clear out checker-level stacks on pop (#62016)
  • 87740bc Fix for Issue 61081 (#61221)
  • 833a8d4 Fix Symbol completion priority and cursor positioning (#61945)
  • 0018c9f LEGO: Pull request from lego/hb_5378966c-b857-470a-8675-daebef4a6da1_20250702...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump typescript from 5.7.3 to 5.9.2
ffa40db 
Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.7.3 to 5.9.2.
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml)
- [Commits](microsoft/TypeScript@v5.7.3...v5.9.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-version: 5.9.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 12, 2025
@dependabot dependabot bot mentioned this pull request Aug 12, 2025
Closed
@fossabot
Copy link

fossabot bot commented Aug 12, 2025
edited
Loading

fossabot is Thinking

@fossabot
Copy link

fossabot bot commented Aug 12, 2025
edited
Loading

✓ Safe to upgrade

I recommend proceeding with this TypeScript 5.7.3 to 5.9.2 upgrade as the breaking changes have minimal impact on this codebase. The most significant change involves type inference improvements that fix type variable leaks, but this project already uses explicit type arguments in generic function calls and has strict TypeScript configuration that would catch any issues during compilation. The other changes around import defer syntax and tsc --init output format don't affect this project's existing patterns.

  • Analyzed all generic function calls in the codebase for type inference vulnerability1
  • Verified TypeScript configuration strictness to assess type safety coverage2
  • Searched codebase for new TypeScript 5.9 feature usage that could cause compatibility issues3

Change Details

✓ Safe Breaking Changes (3)
✓ typescript: Type inference changes that may introduce new type errors in existing codebases due to fixes for 'leaks' of type variables during inference. These changes are unpredictable but can often be fixed by adding explicit type arguments to generic function calls.

Status: ✓ Safe - No impact detected

The codebase uses straightforward TypeScript patterns with explicit type annotations. All generic function calls already have explicit type arguments (useState<User[]>, React.FC, etc.). The strict TypeScript configuration would catch any type inference issues during compilation. No complex generic inference patterns that would be susceptible to type variable leak fixes.

Validations (3)

  1. Found limited generic usage: React.FC components, useState hooks with explicit types, Partial and Omit utility types, and Promise return types. All generic calls have explicit type arguments already.

  2. Project has strict: true, noImplicitAny: true, and strictNullChecks: true enabled, which means type inference issues would be caught during compilation.

  3. Found official documentation confirming these changes fix type variable leaks during inference. Changes are unpredictable but typically affect complex generic scenarios. Top 400 repositories tested successfully.

Citations (3)

src/client/App.tsx

Generic useState calls already have explicit type arguments, making them safe from inference changes

tsconfig.json

Strict mode enabled which would catch type inference issues during compilation

Additional Citations:

Summary: Official TypeScript pull request documenting the type variable leak fixes that affect inference

microsoft/TypeScript#61668

Fix type variable leaks and cache inconsistencies

✓ typescript: tsc --init now generates a more minimal tsconfig.json instead of the previous full version with commented-out settings, which may affect tooling or scripts that depend on the previous format.

Status: ✓ Safe - No impact detected

The project doesn't use 'tsc --init' in its build process and has a manually configured tsconfig.json. The existing configuration is stable and won't be affected by changes to the default output format of 'tsc --init'. Build tooling (ts-node, parcel) works with the current configuration format.

Validations (3)

  1. Current tsconfig.json appears to be manually configured with specific settings for the project. Contains commented module setting but is not in the verbose tsc --init format.

  2. No scripts in package.json that call 'tsc --init'. Build process uses 'ts-node' and 'parcel' which read existing tsconfig.json but don't regenerate it.

  3. Found GitHub issues discussing the change to minimal format. Some tools expect commented configurations but most modern tooling adapts to minimal format. No widespread breakage reported.

Citations (3)

package.json

Build scripts use existing tsconfig.json and don't regenerate it with tsc --init

tsconfig.json

Manually configured tsconfig.json that won't be affected by tsc --init format changes

Additional Citations:

Summary: Community discussion about the move to minimal tsconfig.json format

microsoft/TypeScript#53746

tsc --init should generate tsconfig.json without comments

✓ typescript: import defer feature only works under --module modes preserve and esnext, which may require module configuration changes for projects wanting to use this feature.

Status: ✓ Safe - No impact detected

The codebase does not use import defer syntax anywhere. The current module configuration (implicit commonjs) is compatible with the existing import/export patterns. This breaking change only affects projects that want to use the new import defer feature, which this project does not.

Validations (3)

  1. No import defer statements found in any TypeScript files. Feature is not used in the codebase.

  2. Project has no explicit module setting (defaults to commonjs for es2016 target) and uses standard import/export syntax. No need for preserve or esnext module modes.

  3. import defer only works with --module preserve or esnext modes. Feature requires runtime or bundler support. No ecosystem reports of compatibility issues since it's opt-in.

Citations (2)

tsconfig.json

Module setting is commented out, defaulting to commonjs. No import defer usage found in codebase.

Additional Citations:

Summary: Official documentation confirming module configuration requirements for import defer feature

https://devblogs.microsoft.com/typescript/announcing-typescript-5-9/

import defer will only work under the --module modes preserve and esnext

Was this helpful? 👍 👎

Footnotes

  1. Found that all generic usage already has explicit type arguments: React.FC<UserFormProps>, useState<User[]>, Partial<User>, and Omit<User> utility types, making the codebase resistant to type variable leak fixes

  2. Confirmed the project has strict: true, noImplicitAny: true, and strictNullChecks: true enabled, ensuring any type inference issues would be caught during compilation rather than causing runtime problems

  3. Found no usage of import defer syntax anywhere in the TypeScript files, and confirmed the project doesn't use tsc --init in its build process, eliminating impact from those breaking changes

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Oct 1, 2025

Superseded by #67.

@dependabot dependabot bot closed this Oct 1, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/typescript-5.9.2 branch October 1, 2025 16:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants