deps: skuba 10.1.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
skuba	8.2.1 -> 10.1.0

---

Release Notes

seek-oss/skuba (skuba)

v10.1.0

Compare Source

Minor Changes

• lint: Automatically remove yarn --ignore-optional flags (#​1834)

  This flag is no longer templated by skuba, having moved to pnpm, but was in the past. The use of this flag has started causing issues with some dependencies which declare optional dependencies for different platforms when using compiled binaries, with each marked as optional (but at least one being required).

  This change uses heuristics, and may not find all use, or may remove false positives; you should review the changes.

Patch Changes

• deps: pin eslint-config-seek to 14.3.2 (#​1834)

  This change sets skuba to use a known-good version of its dependency set that doesn't clash with the use of yarn --ignore-optional in skuba projects.

  This yarn flag is not recommended by skuba. A future version of skuba will revert this change, effectively removing support for the flag.

v10.0.4

Compare Source

Patch Changes

• migrate: Remove throw on not found package.json (#​1832)

v10.0.3

Compare Source

Patch Changes

• deps: eslint-config-seek ^14.3.2 (#​1830)

  This version pins eslint-plugin-import-x to an older version, due to compatibility issues with the skuba ecosystem.

v10.0.2

Compare Source

Patch Changes

• migrate: Remove auto upgrading @types/node version due to build pipeline constraints (#​1820)

v10.0.1

Compare Source

Patch Changes

• migrate: Check nearest package.json during Node.js version migrations (#​1818)

• migrate: Update @types/node in lock file during Node.js version migrations (#​1814)

v10.0.0

Compare Source

Major Changes

• format, lint: Migrate projects to Node.js 22 (#​1804)

  As of skuba 10, skuba format and skuba lint include patches that attempt to automatically migrate your project to the active LTS version of Node.js. This is intended to minimise effort required to keep up with annual Node.js releases.

  With each skuba upgrade that includes these patches, you can locally opt out of the migration by setting the SKIP_NODE_UPGRADE environment variable, running skuba format, and committing the result.

  Changes must be manually reviewed by an engineer before merging the migration output. See skuba migrate node for more information on this feature and how to use it responsibly.

• migrate: Introduce skuba migrate node22 (#​1735)

  skuba migrate node22 attempts to automatically upgrade your project to Node.js 22. Changes must be manually reviewed by an engineer before committing the migration output. See skuba migrate node for more information on this feature and how to use it responsibly.

  skuba may not be able to upgrade all projects. Check your project for files that may have been missed, review and test the modified code as appropriate before releasing to production, and open an issue if your project files were corrupted by the migration.

  Node.js 22 includes breaking changes. For more information on the upgrade, refer to:

  • The Node.js release notes
  • The AWS release announcement for the Lambda nodejs22.x runtime update

  You may need to manually upgrade CDK and Serverless package versions as appropriate to support nodejs22.x.

Minor Changes

• lint: Flag CODEOWNERS files that appear to have been incorrectly formatted (#​1796)

  Some code editors incorrectly detect CODEOWNERS files as markdown files and re-format them as such, breaking their syntax. skuba lint now attempts to detect this scenario and flags the file as being incorrect.

• deps: Drop dependencies validate-npm-package-name and libnpmsearch (#​1809)

  These dependencies have been removed, replaced by npm-registry-fetch.

• template/*-rest-api: Remove seek:source:url tag from gantry files (#​1797)

• template/lambda-sqs-worker: Remove template (#​1789)

  It is recommended to use the lambda-sqs-worker-cdk template instead.

• deps: TypeScript 5.8 (#​1750)

  This major release includes breaking changes. See the TypeScript 5.7 and TypeScript 5.8 announcements for more information.

Patch Changes

• configure: Fix crash during detecting whether the working tree is clean (#​1737)

• template/express-rest-api: express 5 (#​1761)

• init: Skip malformed template files (#​1808)

  skuba init runs templates, either bundled or BYO, through a series of string templating and processing steps.

  Occasionally, binary files can include substrings that appear to be directives for skuba to translate the file contents, which may then proceed to crash.

  To work around this, skuba init now skips templating of a given file when encountering an error.

• template/lambda-sqs-worker-cdk: Add git to the base Docker image (#​1775)

• template/lambda-sqs-worker-cdk: Upgrade aws-cdk and aws-cdk-lib to ^2.167.1 (#​1740)

• template/lambda-sqs-worker-cdk: Upgrade to datadog-cdk-constructs-v2 2 (#​1799)

• template/lambda-sqs-worker-cdk: Fix failing unit test and add start command (#​1724)

• deps: ignore ^7.0.0 (#​1762)

• deps: prettier ~3.5.0 (#​1788)

• deps: esbuild ~0.25.0 (#​1787)

• deps: prettier ~3.4.0 (#​1751)

  This change may contain some formatting changes. Review the release notes: https://prettier.io/blog/2024/11/26/3.4.0.html

• template/*: Upgrade to Node 22 (#​1789)

• template: Align with latest AWS tagging guidance (#​1782)

• template/express-rest-api, template/koa-rest-api: Drop support for failOnScanFindings for gantry 4 support (#​1759)

• deps: Drop serialize-error (#​1763)

• template/*-rest-api: seek-jobs/gantry v4.0.0 (#​1785)

• init: Fix pnpm dlx skuba init usage (#​1793)

v9.1.0

Compare Source

Minor Changes

• deps: Drop strip-ansi dependency in favour of util.stripVTControlCharacters (#​1713)

• lint, format, template: Use pinned pnpm version in Dockerfiles (#​1714)

  This fixes an issue where pnpm commands in Dockerfiles incorrectly use the latest pnpm version instead of the pinned version.

Patch Changes

• template/lambda-sqs-worker-cdk: Align template with Serverless template (#​1577)

  This adds the same boilerplate code available in lambda-sqs-worker along with Datadog integration.

• deps: libnpmsearch ^8.0.0 (#​1698)

v9.0.1

Compare Source

Patch Changes

• lint, format: Put back logic which skips autofixing Renovate branches when there is no open pull request. (#​1699)

  Previously, this was put in place to prevent an issue where a Renovate branch can get stuck in the Edited/Blocked state without a pull request being raised. This was subsequently removed because Skuba's default autofix commits were ignored by skuba's recommended renovate configuration.

  However, this has resulted in some build-rebase-build-rebase-... loops, and so the Renovate config change has been reverted, and requires investigation before reinstating.

v9.0.0

Compare Source

skuba 9 is a reasonably large release but it shouldn't be too much trouble to upgrade.

The main changes are:

• ESLint 9 and flat config migration (where skuba format should handle most of the work)
• Swapping out ts-node for tsx
• Some fixes in Buildkite & Docker files

Read the full changelog:

Major Changes

• deps: ESLint 9 + typescript-eslint 8 (#​1537)

  This major upgrade bundles the following changes:

  • Migration to flat config format

    skuba format will attempt to migrate your existing .eslintignore and .eslintrc.js files to a flat eslint.config.js file.

    See the migration guide for more information.

  • Some lint rules have been changed or renamed

    You will likely need to manually review and adjust your code after running skuba lint.

  • eslint-plugin-import has been replaced with eslint-plugin-import-x

    To migrate, replace references to eslint-plugin-import with eslint-plugin-import-x, and import/ rules with import-x/.

  Wider changes may be necessary if your project has a custom ESLint configuration. Refer to the following resources to get started:

  • ESLint 9
  • typescript-eslint 8

• node, start: Replace ts-node with tsx (#​1623)

  skuba node and skuba start now use tsx instead of ts-node to execute TypeScript files.

  tsx improves support for ESM features like dynamic import()s. However, if you use its REPL by running skuba node without any arguments, there are a couple regressions to note:

  • Static import declarations are no longer supported. Use require and await import() instead.
  • Pasting code into the editor may be more finicky by default. Consider using .editor mode.

  skuba node <file> and skuba start should continue to work as expected, but we have marked this as a major upgrade as it is difficult to comprehensively test every scenario. We strongly recommend to manually verify usage of skuba node and skuba start when you upgrade.

Minor Changes

• format, lint: Point Docker base images to AWS ECR Public and remove constant --platform arguments (#​1684)

  This updates references to node: or python: Docker images in your Dockerfiles and docker-compose.yml files to point to AWS ECR Public to avoid Docker Hub rate limiting. It also removes constant --platform arguments from Dockerfiles.

  - FROM --platform=arm64 node:20-alpine AS dev-deps
  + FROM public.ecr.aws/docker/library/node:20-alpine AS dev-deps

  Your Dockerfiles may not be set up to build multi-platform images, so keep in mind that building them locally on an Intel x86 laptop may not yield images that can execute on AWS Graviton instances.

• format, lint: Remove obsolete version field from docker-compose.yml files (#​1638)

• format, lint, template: Mount Buildkite .npmrc in /tmp/ rather than <workdir>/tmp/ (#​1693)

  This avoids accidental inclusion in Git commits or published artifacts, as per the original intent of this handling.

  - secrets: id=npm,src=tmp/.npmrc
  + secrets: id=npm,src=/tmp/.npmrc
  
  - output-path: tmp/
  + output-path: /tmp/

• deps: TypeScript 5.6 (#​1655)

  This major release includes breaking changes. See the TypeScript 5.6 announcement for more information.

• format, lint: Fix duplicated YAML merge keys in .buildkite/ pipelines (#​1537)

  - - <<: *deploy
  -   <<: *docker
  + - <<: [*deploy, *docker]
      label: stuff

  This change supports standardised YAML parsing across tools such as ESLint; it should not functionally alter the behaviour of your build pipeline.

  The bundled patch is fairly conservative and will not attempt to migrate more complex scenarios, such as where there are other keys between the merge keys. Take care with preserving the order of merge keys when manually updating other occurrences.

  - - <<: *deploy
  + - <<: [*deploy, *docker]
      label: stuff
  -   <<: *docker

• format, lint: Remove logic to skip autofixing Renovate branches when there is no open pull request (#​1687)

  Previously, this was put in place to prevent an issue where a Renovate branch could get stuck in an Edited/Blocked state without a pull request being raised.

  skuba's default autofix commits are now ignored in our recommended Renovate configuration.

Patch Changes

• template/koa-rest-api: Switch from koa-bodyparser to @koa/bodyparser (#​1605)

• template/koa-rest-api: Enable secure headers middleware by default (#​1601)

  See the Koala documentation for more information.

• template/lambda-sqs-worker-cdk: Comply with AWS tagging guidance (#​1643)

• api: Truncate Buildkite annotations over 1 MiB to resolve buildkite-agent crash (#​1645)

• deps: validate-npm-package-name ^6.0.0 (#​1682)

• deps: normalize-package-data ^7.0.0 (#​1681)

• deps: esbuild ~0.24.0 (#​1671)

• deps: concurrently ^9.0.0 (#​1666)

• template/lambda-sqs-worker-cdk: Replace custom hooks with @seek/aws-codedeploy-infra (#​1644)

• template: Point Docker base images to AWS ECR Public and remove constant --platform arguments (#​1684)

---

Configuration

📅 Schedule: Branch creation - "after 3:00 am and before 6:00 am every weekday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.