Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps-dev): bump eslint from 8.40.0 to 8.54.0 in /functions #460

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2023

Bumps eslint from 8.40.0 to 8.54.0.

Release notes

Sourced from eslint's releases.

v8.54.0

Features

  • a7a883b feat: for-direction rule add check for condition in reverse order (#17755) (Angelo Annunziata)
  • 1452dc9 feat: Add suggestions to no-console (#17680) (Joel Mathew Koshy)
  • 21ebf8a feat: update no-array-constructor rule (#17711) (Francesco Trotta)

Bug Fixes

  • 98926e6 fix: Ensure that extra data is not accidentally stored in the cache file (#17760) (Milos Djermanovic)
  • e8cf9f6 fix: Make dark scroll bar in dark theme (#17753) (Pavel)
  • 3cbeaad fix: Use cwd constructor option as config basePath in Linter (#17705) (Milos Djermanovic)

Documentation

  • becfdd3 docs: Make clear when rules are removed (#17728) (Nicholas C. Zakas)
  • 05d6e99 docs: update "Submit a Pull Request" page (#17712) (Francesco Trotta)
  • eb2279e docs: display info about deprecated rules (#17749) (Percy Ma)
  • d245326 docs: Correct working in migrating plugin docs (#17722) (Filip Tammergård)

Chores

  • d644de9 chore: upgrade @​eslint/js@​8.54.0 (#17773) (Milos Djermanovic)
  • 1e6e314 chore: package.json update for @​eslint/js release (Jenkins)
  • 6fb8805 chore: Fixed grammar in issue_templates/rule_change (#17770) (Joel Mathew Koshy)
  • 85db724 chore: upgrade markdownlint to 0.31.1 (#17754) (Nitin Kumar)
  • 6d470d2 chore: update dependency recast to ^0.23.0 (#17736) (renovate[bot])
  • b7121b5 chore: update dependency markdownlint-cli to ^0.37.0 (#17735) (renovate[bot])
  • 633b9a1 chore: update dependency regenerator-runtime to ^0.14.0 (#17739) (renovate[bot])
  • acac16f chore: update dependency vite-plugin-commonjs to ^0.10.0 (#17740) (renovate[bot])
  • ba8ca7e chore: add .github/renovate.json5 (#17567) (Josh Goldberg ✨)

v8.53.0

Features

  • 528e1c0 feat: Deprecate formatting rules (#17696) (Nicholas C. Zakas)
  • c0b11dd feat: Add suggestions for no-prototype-builtins (#17677) (Yonathan Randolph)

Bug Fixes

  • 1ad6257 fix: ensure that exit code for fatal errors is not overwritten (#17683) (Milos Djermanovic)
  • b329ea7 fix: add ; after JSX nodes in no-object-constructor autofix (#17672) (Francesco Trotta)

Documentation

  • ab8c60d docs: change position of return to top button (#17688) (Tanuj Kanti)
  • 4fc44c0 docs: update twitter icon to new X icon (#17687) (Tanuj Kanti)
  • 4164b2c docs: Update README (GitHub Actions Bot)
  • 8651895 docs: Fix tabs in rule examples (#17653) (Francesco Trotta)
  • 3aec1c5 docs: explained rule fixers and suggestions (#17657) (Josh Goldberg ✨)

Chores

  • ba4d4d5 chore: remove metascraper (#17707) (Milos Djermanovic)
  • 0d07338 chore: Update dependencies (#17706) (Milos Djermanovic)
  • 93256a3 chore: package.json update for @​eslint/js release (ESLint Jenkins)
  • 485ec7d test: fix ESLint tests for caching (#17699) (Milos Djermanovic)
  • db06a7f ci: bump actions/setup-node from 3 to 4 (#17676) (dependabot[bot])

... (truncated)

Changelog

Sourced from eslint's changelog.

v8.54.0 - November 17, 2023

  • d644de9 chore: upgrade @​eslint/js@​8.54.0 (#17773) (Milos Djermanovic)
  • 1e6e314 chore: package.json update for @​eslint/js release (Jenkins)
  • 98926e6 fix: Ensure that extra data is not accidentally stored in the cache file (#17760) (Milos Djermanovic)
  • a7a883b feat: for-direction rule add check for condition in reverse order (#17755) (Angelo Annunziata)
  • 1452dc9 feat: Add suggestions to no-console (#17680) (Joel Mathew Koshy)
  • 6fb8805 chore: Fixed grammar in issue_templates/rule_change (#17770) (Joel Mathew Koshy)
  • becfdd3 docs: Make clear when rules are removed (#17728) (Nicholas C. Zakas)
  • e8cf9f6 fix: Make dark scroll bar in dark theme (#17753) (Pavel)
  • 85db724 chore: upgrade markdownlint to 0.31.1 (#17754) (Nitin Kumar)
  • 21ebf8a feat: update no-array-constructor rule (#17711) (Francesco Trotta)
  • 05d6e99 docs: update "Submit a Pull Request" page (#17712) (Francesco Trotta)
  • eb2279e docs: display info about deprecated rules (#17749) (Percy Ma)
  • 6d470d2 chore: update dependency recast to ^0.23.0 (#17736) (renovate[bot])
  • b7121b5 chore: update dependency markdownlint-cli to ^0.37.0 (#17735) (renovate[bot])
  • 633b9a1 chore: update dependency regenerator-runtime to ^0.14.0 (#17739) (renovate[bot])
  • acac16f chore: update dependency vite-plugin-commonjs to ^0.10.0 (#17740) (renovate[bot])
  • ba8ca7e chore: add .github/renovate.json5 (#17567) (Josh Goldberg ✨)
  • 3cbeaad fix: Use cwd constructor option as config basePath in Linter (#17705) (Milos Djermanovic)
  • d245326 docs: Correct working in migrating plugin docs (#17722) (Filip Tammergård)
  • 5454c22 Revert "chore: remove metascraper (#17707)" (#17708) (Milos Djermanovic)

v8.53.0 - November 3, 2023

  • ba4d4d5 chore: remove metascraper (#17707) (Milos Djermanovic)
  • 0d07338 chore: Update dependencies (#17706) (Milos Djermanovic)
  • 93256a3 chore: package.json update for @​eslint/js release (ESLint Jenkins)
  • ab8c60d docs: change position of return to top button (#17688) (Tanuj Kanti)
  • 528e1c0 feat: Deprecate formatting rules (#17696) (Nicholas C. Zakas)
  • 485ec7d test: fix ESLint tests for caching (#17699) (Milos Djermanovic)
  • c0b11dd feat: Add suggestions for no-prototype-builtins (#17677) (Yonathan Randolph)
  • 4fc44c0 docs: update twitter icon to new X icon (#17687) (Tanuj Kanti)
  • 1ad6257 fix: ensure that exit code for fatal errors is not overwritten (#17683) (Milos Djermanovic)
  • 4164b2c docs: Update README (GitHub Actions Bot)
  • 8651895 docs: Fix tabs in rule examples (#17653) (Francesco Trotta)
  • 3aec1c5 docs: explained rule fixers and suggestions (#17657) (Josh Goldberg ✨)
  • db06a7f ci: bump actions/setup-node from 3 to 4 (#17676) (dependabot[bot])
  • b329ea7 fix: add ; after JSX nodes in no-object-constructor autofix (#17672) (Francesco Trotta)
  • 994596b ci: run tests in Node.js 21 (#17673) (Francesco Trotta)

v8.52.0 - October 20, 2023

  • 6d1f0c2 chore: upgrade @​eslint/js@​8.52.0 (#17671) (Milos Djermanovic)
  • d63d4fe chore: package.json update for @​eslint/js release (ESLint Jenkins)
  • 476d58a docs: Add note about invalid CLI flags when using flat config. (#17664) (Nicholas C. Zakas)
  • 5de9637 fix: Ensure shared references in rule configs are separated (#17666) (Nicholas C. Zakas)
  • f30cefe test: fix FlatESLint tests for caching (#17658) (Milos Djermanovic)
  • ef650cb test: update tests for no-promise-executor-return (#17661) (Milos Djermanovic)
  • 70648ee feat: report-unused-disable-directive to report unused eslint-enable (#17611) (Yosuke Ota)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [eslint](https://github.com/eslint/eslint) from 8.40.0 to 8.54.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v8.40.0...v8.54.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from aravindvnair99 as a code owner November 20, 2023 12:14
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 20, 2023
Copy link

sonarcloud bot commented Nov 20, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

Copy link

guardrails bot commented Nov 20, 2023

⚠️ We detected 7 security issues in this pull request:

Insecure File Management (1)
Severity Details Docs
High Title: Path Traversal from user input
path.join(os.tmpdir(), path.basename(req.files.file[0].fieldname)),
📚

More info on how to fix Insecure File Management in JavaScript.


Insecure Use of Crypto (1)
Severity Details Docs
Medium Title: Insecure use of random generator
result += characters.charAt(Math.floor(Math.random() * charactersLength));
📚

More info on how to fix Insecure Use of Crypto in JavaScript.


Vulnerable Libraries (5)
Severity Details
Critical pkg:npm/@tensorflow/tfjs-node@3.14.0 upgrade to: > 3.14.0
Medium pkg:npm/axios@0.25.0 upgrade to: 1.6.0
Critical pkg:npm/firebase-admin@11.3.0 upgrade to: > 11.3.0
High pkg:npm/busboy@0.3.1 upgrade to: > 0.3.1
High pkg:npm/firebase-functions@4.2.1 upgrade to: > 4.2.1

More info on how to fix Vulnerable Libraries in JavaScript.


👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@aravindvnair99 aravindvnair99 merged commit dbe9a5b into main Nov 26, 2023
12 of 14 checks passed
@aravindvnair99 aravindvnair99 deleted the dependabot/npm_and_yarn/functions/eslint-8.54.0 branch November 26, 2023 18:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file size/XS
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant