chore: update maintenance dependencies

[afc163]

Summary

• Link the Ant Design ecosystem logo in README files to https://ant.design
• Update React, React DOM, TypeScript, ESLint, Testing Library, @types/, @typescript-eslint/, lint-staged, and related lint dependencies
• Add ESLint flat config compatibility for ESLint 9 and TypeScript ESLint 8
• Use grouped Dependabot updates for npm and GitHub Actions

Test Plan

• npm run lint
• npm run tsc

Summary by CodeRabbit

• Documentation
  • 更新中英文 README 顶部徽标链接，点击可跳转到相关官网。
• Chores
  • 调整依赖更新分组与多项开发工具配置，优化后续维护体验。
  • 刷新多项开发依赖版本，补充部分常用测试与代码规范工具支持。
• Style
  • 调整 TypeScript 与 ESLint 相关设置，统一项目检查行为。

[vercel]

Deployment failed with the following error:

Resource is limited - try again in 24 hours (more than 100, code: "api-deployments-free-per-day").

Learn More: https://vercel.com/react-component?upgradeToPro=build-rate-limit

[coderabbitai]

概要

该 PR 将开发工具链升级至新版本：升级 devDependencies，新增 ESLint Flat Config 入口文件，添加 global.d.ts 和 react-compat.d.ts 全局类型声明，放宽 TypeScript 严格性设置，并对 Dependabot 更新进行分组配置。

变更内容

工具链现代化

层次 / 文件	概述
devDependencies 升级 package.json	整体升级 ESLint、TypeScript、React、Testing Library 等开发依赖版本，并新增 @eslint/eslintrc、@typescript-eslint/*、eslint-plugin-react*、@testing-library/jest-dom 等包。
ESLint Flat Config eslint.config.mjs	新增 Flat Config 入口，通过 FlatCompat 兼容旧版 .eslintrc.js；normalizeConfig 函数过滤并归一化 @typescript-eslint 规则；导出配置包含 ignores 列表与若干 TS 规则的关闭项。
全局类型声明与 React 兼容类型 global.d.ts, react-compat.d.ts, tsconfig.json	global.d.ts 声明 jest/vi 测试全局、JSX 命名空间及模块类型；react-compat.d.ts 补充 React/ReactDOM 缺失 API 签名；tsconfig.json 将两文件纳入 include，并将 ignoreDeprecations 改为 6.0，同时显式关闭多项严格性检查。
Dependabot 分组与 README 链接 .github/dependabot.yml, README.md, README.zh-CN.md	Dependabot 为 npm 和 github-actions 生态新增分组（patterns: '*'）；README 中 Ant Design 图标补充指向 https://ant.design 的超链接。

估算的代码审查工作量

🎯 3 (Moderate) | ⏱️ ~25 minutes

可能相关的 PR

• react-component/progress#310：同样修改了 tsconfig.json 的编译配置（调整 include/exclude），与本 PR 中更新 ignoreDeprecations、关闭严格性开关、新增类型文件至 include 的变更高度相关。

小诗

🐇 小兔跳跃在代码丛中，
依赖升级、规则归一，
ESLint 铺平新路径，
类型声明守护每行字，
Dependabot 整齐分好组——
工具链焕然，代码安然眠。✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	标题准确概括了这次以维护性依赖和相关工具升级为主的变更。
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/update-maintenance-deps

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint install failed: dependency version conflict. Check your lock file or package.json.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[gemini-code-assist]

Code Review

This pull request updates the project's dependencies to React 19, ESLint 9, and TypeScript 6, introduces an ESLint flat configuration, and adds type declaration files for compatibility. Feedback on these changes emphasizes maintaining type safety: you should avoid disabling strict type-checking in tsconfig.json, refrain from globally overriding core React types in react-compat.d.ts to prevent consumer type conflicts, and remove redundant any declarations for testing globals in global.d.ts since Jest types are already referenced.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

Disabling strict type-checking options (strict: false, strictNullChecks: false, noImplicitAny: false, etc.) significantly reduces type safety and code quality. It can easily introduce runtime errors (such as TypeError: Cannot read properties of undefined) that TypeScript is designed to prevent. Instead of disabling these checks to accommodate React 19 or TypeScript upgrades, it is highly recommended to keep them enabled and resolve the underlying type errors in the codebase.

    "strict": true

[gemini-code-assist]

Globally overriding and augmenting core React types (like useRef, isValidElement, cloneElement, and hydrate) is highly discouraged. This can cause severe type conflicts and unexpected behavior for consumers of this library, as these global overrides will affect their own compilation environments if the declaration files are exported. Instead of globally overriding these types to bypass React 19 breaking changes, you should update the component implementations to use React 19-compatible patterns, or use local type assertions/helper functions where necessary.

[gemini-code-assist]

Declaring testing globals like describe, it, test, and expect as any overrides the strongly-typed definitions provided by @types/jest (which is referenced on line 1). This disables type safety in your test files. Since Jest types are already referenced, these declarations are redundant and reduce type safety.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​@​types/​keyv@​3.1.4 ⏵ 4.2.0			-30	-29
	npm/​@​typescript-eslint/​parser@​8.62.0
	npm/​@​types/​react-dom@​19.2.3
	npm/​@​types/​react@​19.2.17
	npm/​@​typescript-eslint/​eslint-plugin@​8.62.0
	npm/​@​eslint/​eslintrc@​3.3.5
	npm/​eslint-config-prettier@​10.1.8
	npm/​@​testing-library/​react@​16.3.2
	npm/​@​eslint/​js@​9.39.4
	npm/​@​testing-library/​jest-dom@​6.9.1
	npm/​typescript@​6.0.3
	npm/​eslint-plugin-unicorn@​65.0.1
	npm/​lint-staged@​17.0.8
	npm/​eslint-plugin-react-hooks@​7.1.1
	npm/​eslint@​9.39.4
	npm/​eslint-plugin-jest@​29.15.3

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm @typescript-eslint/eslint-plugin is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: package.json → npm/@typescript-eslint/eslint-plugin@8.62.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.62.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[github-actions]

✅ Preview is ready!

	✅ Ready
	🔗 Preview https://react-component-progress-preview-pr-317.surge.sh
	📝 Commit	f61a75b
	⏱️ Build time	21.991s
	📦 Size	1.7 MB · 49 files
	🪵 Logs	View logs
	📱 Mobile

_{↩️ Previous: ⚡️ f61a75b · react-component-progress-preview-pr-317.surge.sh (open ↗) · 2026-06-29 10:26:54 UTC}

_{🤖 Powered by surge-preview}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
progress	Ready	Preview, Comment	Jun 29, 2026 10:30am

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

package.json (1)

49-80: 🩺 Stability & Availability | 🔵 Trivial

补一条打包/文档冒烟检查。 这次同时升级了 father 和 dumi，而 npm run lint / npm run tsc 覆盖不到 npm run build、npm run docs:build、npm run compile 这条链路；合并前至少再补一条库构建和文档站点构建检查。

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@package.json` around lines 49 - 80, The dependency upgrades in package.json
affect the build and docs toolchain, but the current validation only covers
linting and type checking. Add a smoke-check for the build path by running
and/or documenting verification for the library build and docs site build, using
the existing scripts such as build, docs:build, and compile, so the father and
dumi upgrade is covered before merge.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@eslint.config.mjs`:
- Around line 40-48: `next.rules` 的过滤逻辑把迁移中需要保留的
`@typescript-eslint/no-explicit-any` 丢掉了，导致原来在 `.eslintrc.js` 里显式关闭的规则在 flat
config 中失效。请在 `eslint.config.mjs` 的这段 allowlist 过滤中把
`@typescript-eslint/no-explicit-any` 加回去，或者在最终的 flat config `rules`
合并结果里再次显式关闭它，确保迁移后的行为与现有配置一致。

---

Nitpick comments:
In `@package.json`:
- Around line 49-80: The dependency upgrades in package.json affect the build
and docs toolchain, but the current validation only covers linting and type
checking. Add a smoke-check for the build path by running and/or documenting
verification for the library build and docs site build, using the existing
scripts such as build, docs:build, and compile, so the father and dumi upgrade
is covered before merge.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a88ad097-d820-49f0-a48f-5c1622bf7c23

📥 Commits

Reviewing files that changed from the base of the PR and between a3242bc and f61a75b.

📒 Files selected for processing (8)

• .github/dependabot.yml
• README.md
• README.zh-CN.md
• eslint.config.mjs
• global.d.ts
• package.json
• react-compat.d.ts
• tsconfig.json

[coderabbitai]

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf '## file list\n'
git ls-files | rg '^(eslint\.config\.mjs|\.eslintrc\.js)$|typescript-eslint|eslint'

printf '\n## locate no-explicit-any and related ts rule filtering\n'
rg -n "`@typescript-eslint/no-explicit-any`|recommendedTsRules|ban-types|normalizeConfig|FlatCompat" eslint.config.mjs .eslintrc.js

Repository: react-component/progress

Length of output: 944

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf '## eslint.config.mjs lines\n'
cat -n eslint.config.mjs | sed -n '1,140p'

printf '\n## .eslintrc.js lines\n'
cat -n .eslintrc.js | sed -n '1,120p'

Repository: react-component/progress

Length of output: 3317

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python3 - <<'PY'
from pathlib import Path
import re, json

cfg = Path('eslint.config.mjs').read_text()
legacy = Path('.eslintrc.js').read_text()

for name, text in [('eslint.config.mjs', cfg), ('.eslintrc.js', legacy)]:
    print(f'## {name}')
    for pat in ['no-explicit-any', 'recommendedTsRules', 'ban-types', 'normalizeConfig', 'FlatCompat']:
        if pat in text:
            print(f'contains {pat}')
    print()

# simple extraction of the filter block if present
m = re.search(r'if \(next\.rules\) \{.*?Object\.fromEntries\(\s*Object\.entries\(next\.rules\)\.filter\(\(\[ruleName\]\) => \{(.*?)\}\),\s*\);\n', cfg, re.S)
print('filter_block_found=', bool(m))
if m:
    print(m.group(1))
PY

Repository: react-component/progress

Length of output: 539

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python3 - <<'PY'
from pathlib import Path
import re

cfg = Path('eslint.config.mjs').read_text()
legacy = Path('.eslintrc.js').read_text()

for name, text in [('eslint.config.mjs', cfg), ('.eslintrc.js', legacy)]:
    print(f'## {name}')
    for pat in ['no-explicit-any', 'recommendedTsRules', 'ban-types', 'normalizeConfig', 'FlatCompat']:
        if pat in text:
            print(f'contains {pat}')
    print()

m = re.search(r'if \(next\.rules\) \{.*?Object\.fromEntries\(\s*Object\.entries\(next\.rules\)\.filter\(\(\[ruleName\]\) => \{(.*?)\}\),\s*\);\n', cfg, re.S)
print('filter_block_found=', bool(m))
if m:
    print(m.group(1))
PY

Repository: react-component/progress

Length of output: 539

---

保留 @typescript-eslint/no-explicit-any 的迁移规则

.eslintrc.js:11 里有显式关闭，但 eslint.config.mjs:42-46 只保留 recommended 里的 TS 规则和 @typescript-eslint/ban-types，这个 override 会在迁移时被丢掉；后面的全局 rules 里也没有再关回去。可把它补进 allowlist，或在 flat config 末尾显式关闭。

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@eslint.config.mjs` around lines 40 - 48, `next.rules` 的过滤逻辑把迁移中需要保留的
`@typescript-eslint/no-explicit-any` 丢掉了，导致原来在 `.eslintrc.js` 里显式关闭的规则在 flat
config 中失效。请在 `eslint.config.mjs` 的这段 allowlist 过滤中把
`@typescript-eslint/no-explicit-any` 加回去，或者在最终的 flat config `rules`
合并结果里再次显式关闭它，确保迁移后的行为与现有配置一致。