Bump typescript from 5.7.3 to 5.9.3

[dependabot]

Bumps typescript from 5.7.3 to 5.9.3.

Release notes

Sourced from typescript's releases.

TypeScript 5.9.3

TypeScript 5.9

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).
• No specific changes for TypeScript 5.9.2 (Stable)

Downloads are available on:

• npm

TypeScript 5.9 RC

For release notes, check out the release announcement

• fixed issues query for Typescript 5.9.0 (Beta).
• fixed issues query for Typescript 5.9.1 (RC).

Downloads are available on:

• npm

TypeScript 5.9 Beta

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.9.0 (Beta).

Downloads are available on:

• npm

TypeScript 5.8.3

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.8.0 (Beta).
• fixed issues query for Typescript 5.8.1 (RC).
• fixed issues query for Typescript 5.8.2 (Stable).
• fixed issues query for Typescript 5.8.3 (Stable).

Downloads are available on:

• npm

TypeScript 5.8

... (truncated)

Commits

• 31a0ead Don't compare "missing" to undefined in compareProperties under `exactOpt...
• d4b15eb Enhance type argument completions (#62170)
• 83ff202 Bump the github-actions group across 1 directory with 2 updates (#62507)
• e350126 Port microsoft/typescript-go#1764 (#62510)
• 97610a8 Port microsoft/typescript-go#1757 (#62501)
• 1cd5309 Port microsoft/typescript-go#1759 (#62502)
• 5f183ad Revert PR 61928 (#62423)
• 6f6efb4 Disable conditional exports fallbacks on null values (#62483)
• 96acaa5 Remove no-default-lib (#62435)
• 904e7dd Enable noUncheckedSideEffectImports by default (#62443)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[fossabot]

Needs Review

I recommend reviewing this upgrade before merging because the security analysis flagged malicious packages (@​typescript_eslinter/eslint and @​typescript_eslinter/prettier) as potential concerns in the ecosystem, though these are NOT present in this repository. Additionally, TypeScript 5.9 introduces type inference changes that may produce new type errors requiring explicit type arguments in generic function calls. The codebase uses strict TypeScript with generic types (Omit, Partial) and should be validated with 'npx tsc --noEmit' before merging to ensure no new type errors are introduced.

What we checked

• TypeScript dependency upgraded to ^5.9.3 in devDependencies ^[1]
• Uses generic utility types (Omit<User, ...>) that may be affected by TypeScript 5.9 type inference changes ^[2]
• Uses nested generic types (Partial<Omit<User, ...>>) that may require explicit type arguments under TypeScript 5.9's stricter inference rules ^[3]
• Strict mode enabled with noImplicitAny and strictNullChecks, making the codebase more susceptible to new type errors from TypeScript 5.9's stricter type inference ^[4]
• Official TypeScript 5.9 release notes document type inference changes that may introduce new errors and require adding type arguments to generic function calls ^[5]
• TypeScript breaking changes documentation provides guidance on handling enum improvements and stricter type checking across versions ^[6]

Dependency Usage

TypeScript serves as the foundational development toolchain for this full-stack CRUD application, enabling strict type checking across both the Express backend server and React frontend client. The compiler is configured with strict mode and powers the development workflow through ts-node for server execution and provides type safety for all application routes, models, API calls, and UI components. While no direct runtime imports are detected, TypeScript is architecturally critical as a build-time dependency that ensures type correctness across 14 TypeScript source files spanning server routes, data models, and client-side React components.

Changes

TypeScript upgraded with bug fixes addressing issues from the 3.3 milestone. This is a maintenance update with no breaking changes or security fixes.

• fixed issues query for TypeScript v5.9.3. (vv5.9.3, release notes)
• npm (vv5.9.3, release notes)
• No specific changes for TypeScript 5.9.2 (Stable) (vv5.9.2, release notes)

References (6)

[1]: TypeScript dependency upgraded to ^5.9.3 in devDependencies

dependabot-metadata-test/package.json

Line 33 in 75438cd

"typescript": "^5.9.3"

[2]: Uses generic utility types (Omit<User, ...>) that may be affected by TypeScript 5.9 type inference changes

dependabot-metadata-test/src/models/user.ts

Line 14 in 75438cd

create: (userData: Omit<User, 'id' | 'createdAt' | 'updatedAt'>): User => {

[3]: Uses nested generic types (Partial<Omit<User, ...>>) that may require explicit type arguments under TypeScript 5.9's stricter inference rules

dependabot-metadata-test/src/models/user.ts

Line 38 in 75438cd

update: (id: string, userData: Partial<Omit<User, 'id' | 'createdAt' | 'updatedAt'>>): User | undefined => {

[4]: Strict mode enabled with noImplicitAny and strictNullChecks, making the codebase more susceptible to new type errors from TypeScript 5.9's stricter type inference

dependabot-metadata-test/tsconfig.json

Line 18 in 75438cd

"strict": true,

[5]: Official TypeScript 5.9 release notes document type inference changes that may introduce new errors and require adding type arguments to generic function calls (source link)

[6]: TypeScript breaking changes documentation provides guidance on handling enum improvements and stricter type checking across versions (source link)

---

fossabot analyzed this PR using dependency research.

[github-actions]

🤖 Dependabot Metadata:

• Dependency Names: typescript
• Package Ecosystem: npm_and_yarn
• From version: 5.7.3
• To version: 5.9.3
• URL: ``
• Compatibility Score: 0
• Maintainer Changes: false
• Update Type: version-update:semver-minor
• Updated Dependencies JSON: [{"dependencyName":"typescript","dependencyType":"direct:development","updateType":"version-update:semver-minor","directory":"/","packageEcosystem":"npm_and_yarn","targetBranch":"main","prevVersion":"5.7.3","newVersion":"5.9.3","compatScore":0,"maintainerChanges":false,"dependencyGroup":"","alertState":"","ghsaId":"","cvss":0}]

[Zhuochengyu]

test