Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deps: Bump eslint from 8.57.0 to 8.57.1 #4171

Merged
merged 1 commit into from
Oct 2, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2024

Bumps eslint from 8.57.0 to 8.57.1.

Release notes

Sourced from eslint's releases.

v8.57.1

Bug Fixes

  • a19072f fix: add logic to handle fixTypes in the lintText() method (#18900) (Francesco Trotta)
  • 04c7188 fix: Don't lint same file multiple times (#18899) (Francesco Trotta)
  • 87ec3c4 fix: do not throw when defining a global named __defineSetter__ (#18898) (Francesco Trotta)
  • 60a1267 fix: Provide helpful error message for nullish configs (#18889) (Milos Djermanovic)
  • a0dea8e fix: allow name in global ignores, fix --no-ignore for non-global (#18875) (Milos Djermanovic)
  • 3836bb4 fix: do not crash on error in fs.walk filter (#18886) (Milos Djermanovic)
  • 2dec349 fix: skip processor code blocks that match only universal patterns (#18880) (Milos Djermanovic)

Documentation

  • 6a5add4 docs: v8.x Add EOL banner (#18744) (Amaresh S M)
  • b034575 docs: v8.x add version support page to the dropdown (#18731) (Amaresh S M)
  • 760ef7d docs: v8.x add version support page in the side navbar (#18740) (Amaresh S M)
  • 428b7ea docs: Add Powered by Algolia label to the search (#18658) (Amaresh S M)
  • c68c07f docs: version selectors synchronization (#18265) (Milos Djermanovic)

Build Related

  • 35d366a build: Support updates to previous major versions (#18870) (Milos Djermanovic)

Chores

Changelog

Sourced from eslint's changelog.

v8.57.1 - September 16, 2024

  • 140ec45 chore: upgrade @​eslint/js@​8.57.1 (#18913) (Milos Djermanovic)
  • bcdfc04 chore: package.json update for @​eslint/js release (Jenkins)
  • 3f6ce8d chore: pin [email protected] (#18910) (Milos Djermanovic)
  • a19072f fix: add logic to handle fixTypes in the lintText() method (#18900) (Francesco Trotta)
  • 04c7188 fix: Don't lint same file multiple times (#18899) (Francesco Trotta)
  • 87ec3c4 fix: do not throw when defining a global named __defineSetter__ (#18898) (Francesco Trotta)
  • 60a1267 fix: Provide helpful error message for nullish configs (#18889) (Milos Djermanovic)
  • 35d366a build: Support updates to previous major versions (#18870) (Milos Djermanovic)
  • a0dea8e fix: allow name in global ignores, fix --no-ignore for non-global (#18875) (Milos Djermanovic)
  • 3836bb4 fix: do not crash on error in fs.walk filter (#18886) (Milos Djermanovic)
  • 2dec349 fix: skip processor code blocks that match only universal patterns (#18880) (Milos Djermanovic)
  • 6a5add4 docs: v8.x Add EOL banner (#18744) (Amaresh S M)
  • b034575 docs: v8.x add version support page to the dropdown (#18731) (Amaresh S M)
  • 760ef7d docs: v8.x add version support page in the side navbar (#18740) (Amaresh S M)
  • 428b7ea docs: Add Powered by Algolia label to the search (#18658) (Amaresh S M)
  • 9f07549 chore: ignore /docs/v8.x in link checker (#18660) (Milos Djermanovic)
  • c68c07f docs: version selectors synchronization (#18265) (Milos Djermanovic)

v9.10.0 - September 6, 2024

  • 24c3ff7 chore: upgrade to @​eslint/js@​9.10.0 (#18866) (Francesco Trotta)
  • 1ebdde1 chore: package.json update for @​eslint/js release (Jenkins)
  • 301b90d feat: Add types (#18854) (Nicholas C. Zakas)
  • bee0e7a docs: update README (#18865) (Milos Djermanovic)
  • bcf0df5 feat: limit namespace import identifier in id-length rule (#18849) (ChaedongIm)
  • 45c18e1 feat: add requireFlag option to require-unicode-regexp rule (#18836) (Brett Zamir)
  • 5d80b59 docs: specify that ruleId can be null in custom formatter docs (#18857) (Milos Djermanovic)
  • 156b1c3 docs: Update README (GitHub Actions Bot)
  • e8fc5bd chore: update dependency @​eslint/core to ^0.5.0 (#18848) (renovate[bot])
  • 343f992 refactor: don't use node.value when removing unused directives (#18835) (Milos Djermanovic)
  • 183b459 feat: add error message for duplicate flags in no-invalid-regexp (#18837) (Tanuj Kanti)
  • f6fdef9 docs: Update README (GitHub Actions Bot)
  • c69b406 feat: report duplicate allowed flags in no-invalid-regexp (#18754) (Tanuj Kanti)
  • a20c870 docs: Update README (GitHub Actions Bot)
  • 90e699b docs: Update README (GitHub Actions Bot)
  • 3db18b0 refactor: Extract FileContext into class (#18831) (Nicholas C. Zakas)
  • 931d650 refactor: Use @​eslint/plugin-kit (#18822) (Nicholas C. Zakas)
  • ed5cf0c chore: update dependency @​eslint/json to ^0.4.0 (#18829) (Milos Djermanovic)
  • d1f0831 chore: added missing ids (#18817) (Strek)
  • ec92813 refactor: Config class (#18763) (Nicholas C. Zakas)

v9.9.1 - August 23, 2024

  • b0c34d0 chore: upgrade to @​eslint/js@​9.9.1 (#18809) (Francesco Trotta)
  • cd5a0da chore: package.json update for @​eslint/js release (Jenkins)
  • 4840930 docs: Update README with version support and clean up content (#18804) (Nicholas C. Zakas)
  • f61f40d docs: Update globals examples (#18805) (Nicholas C. Zakas)
  • e112642 refactor: Extract parsing logic from Linter (#18790) (Nicholas C. Zakas)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested a review from a team as a code owner October 1, 2024 04:06
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 1, 2024
Copy link

github-actions bot commented Oct 1, 2024

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA b0a8cd7.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@eslint/js 8.57.1 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 7Found 22/30 approved changesets -- score normalized to 7
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/@humanwhocodes/config-array 0.13.0 🟢 4
Details
CheckScoreReason
Code-Review🟢 4Found 7/15 approved changesets -- score normalized to 4
Maintained⚠️ 0project is archived
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
npm/eslint 8.57.1 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 7Found 22/30 approved changesets -- score normalized to 7
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
npm/eslint ^8.57.1 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 7Found 22/30 approved changesets -- score normalized to 7
Maintained🟢 1030 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits

Scanned Manifest Files

package-lock.json
package.json
  • eslint@^8.57.1
  • eslint@^8.57.0

Copy link

github-actions bot commented Oct 1, 2024

Conventional Commits Report

Type Number
Dependencies 1

🚀 Conventional commits found.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/main/eslint-8.57.1 branch 2 times, most recently from 86c0237 to 87b6bbc Compare October 1, 2024 09:00
Bumps [eslint](https://github.com/eslint/eslint) from 8.57.0 to 8.57.1.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v8.57.0...v8.57.1)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/main/eslint-8.57.1 branch from 87b6bbc to b0a8cd7 Compare October 1, 2024 10:28
@daniele-mng daniele-mng merged commit 5840c4d into main Oct 2, 2024
18 of 19 checks passed
@daniele-mng daniele-mng deleted the dependabot/npm_and_yarn/main/eslint-8.57.1 branch October 2, 2024 06:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant