Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency eslint to v4 [SECURITY] #48

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented May 2, 2020

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
eslint (source) 3.19.0 -> 4.18.2 age adoption passing confidence

GitHub Vulnerability Alerts

GHSA-jcgq-xh2f-2hfm / WS-2018-0592

A vulnerability was descovered in eslint before 4.18.2. One of the regexes in eslint is vulnerable to catastrophic backtracking.


Release Notes

eslint/eslint

v4.18.2

Compare Source

  • 6b71fd0 Fix: table@4.0.2, because 4.0.3 needs "ajv": "^6.0.1" (#​10022) (Mathieu Seiler)
  • 3c697de Chore: fix incorrect comment about linter.verify return value (#​10030) (Teddy Katz)
  • 9df8653 Chore: refactor parser-loading out of linter.verify (#​10028) (Teddy Katz)
  • f6901d0 Fix: remove catastrophic backtracking vulnerability (fixes #​10002) (#​10019) (Jamie Davis)
  • e4f52ce Chore: Simplify dataflow in linter.verify (#​10020) (Teddy Katz)
  • 33177cd Chore: make library files non-executable (#​10021) (Teddy Katz)
  • 558ccba Chore: refactor directive comment processing (#​10007) (Teddy Katz)
  • 18e15d9 Chore: avoid useless catch clauses that just rethrow errors (#​10010) (Teddy Katz)
  • a1c3759 Chore: refactor populating configs with defaults in linter (#​10006) (Teddy Katz)
  • aea07dc Fix: Make max-len ignoreStrings ignore JSXText (fixes #​9954) (#​9985) (Rachael Sim)

v4.18.1

Compare Source

v4.18.0

Compare Source

v4.17.0

Compare Source

  • 1da1ada Update: Add "multiline" type to padding-line-between-statements (#​8668) (Matthew Bennett)
  • bb213dc Chore: Use messageIds in some of the core rules (#​9648) (Jed Fox)
  • 1aa1970 Docs: remove outdated rule naming convention (#​9925) (Teddy Katz)
  • 3afaff6 Docs: Add prefer-destructuring variable reassignment example (#​9873) (LePirlouit)
  • d20f6b4 Fix: Typo in error message when running npm (#​9866) (Maciej Kasprzyk)
  • 51ec6a7 Docs: Use GitHub Multiple PR/Issue templates (#​9911) (Kai Cataldo)
  • dc80487 Update: space-unary-ops uses astUtils.canTokensBeAdjacent (fixes #​9907) (#​9906) (Kevin Partington)
  • 084351b Docs: Fix the messageId example (fixes #​9889) (#​9892) (Jed Fox)
  • 9cbb487 Docs: Mention the globals key in the no-undef docs (#​9867) (Dan Dascalescu)

v4.16.0

Compare Source

  • e26a25f Update: allow continue instead of if wrap in guard-for-in (fixes #​7567) (#​9796) (Michael Ficarra)
  • af043eb Update: Add NewExpression support to comma-style (#​9591) (Frazer McLean)
  • 4f898c7 Build: Fix JSDoc syntax errors (#​9813) (Matija Marohnić)
  • 13bcf3c Fix: Removing curly quotes in no-eq-null report message (#​9852) (Kevin Partington)
  • b96fb31 Docs: configuration hierarchy for CLIEngine options (fixes #​9526) (#​9855) (PiIsFour)
  • 8ccbdda Docs: Clarify that -c configs merge with .eslintrc.* (fixes #​9535) (#​9847) (Kevin Partington)
  • 978574f Docs: Fix examples for no-useless-escape (#​9853) (Toru Kobayashi)
  • cd5681d Chore: Deactivate consistent-docs-url in internal rules folder (#​9815) (Kevin Partington)
  • 2e87ddd Docs: Sync messageId examples' style with other examples (#​9816) (Kevin Partington)
  • 1d61930 Update: use doctrine range information in valid-jsdoc (#​9831) (Teddy Katz)
  • 133336e Update: fix indent behavior on template literal arguments (fixes #​9061) (#​9820) (Teddy Katz)
  • ea1b15d Fix: avoid crashing on malformed configuration comments (fixes #​9373) (#​9819) (Teddy Katz)
  • add1e70 Update: fix indent bug on comments in ternary expressions (fixes #​9729) (#​9818) (Teddy Katz)
  • 6a5cd32 Fix: prefer-destructuring error with computed properties (fixes #​9784) (#​9817) (Teddy Katz)
  • 601f851 Docs: Minor modification to code comments for clarity (#​9821) (rgovind92)
  • b9da067 Docs: fix misleading info about RuleTester column numbers (#​9830) (Teddy Katz)
  • 2cf4522 Update: Rename and deprecate object-property-newline option (#​9570) (Jonathan Pool)
  • acde640 Docs: Add ES 2018 to Configuring ESLint (#​9829) (Kai Cataldo)
  • ccfce15 Docs: Minor tweaks to working with rules page (#​9824) (Kevin Partington)
  • 54b329a Docs: fix substitution of {{ name }} (#​9822) (Andres Kalle)

v4.15.0

Compare Source

v4.14.0

Compare Source

v4.13.1

Compare Source

v4.13.0

Compare Source

  • 256481b Update: update handling of destructuring in camelcase (fixes #​8511) (#​9468) (Erin)
  • d067ae1 Docs: Don’t use undocumented array-style configuration for max-len (#​9690) (Jed Fox)
  • 1ad3091 Chore: fix test-suite to work with node master (#​9688) (Myles Borins)
  • cdb1488 Docs: Adds an example with try/catch. (#​9672) (Jaap Taal)

v4.12.1

Compare Source

v4.12.0

Compare Source

v4.11.0

Compare Source

  • d4557a6 Docs: disallow use of the comma operator using no-restricted-syntax (#​9585) (薛定谔的猫)
  • d602f9e Upgrade: espree v3.5.2 (#​9611) (Kai Cataldo)
  • 4def876 Chore: avoid handling rules instances in config-validator (#​9364) (Teddy Katz)
  • fe5ac7e Chore: fix incorrect comment in safe-emitter.js (#​9605) (Teddy Katz)
  • 6672fae Docs: Fixed a typo on lines-between-class-members doc (#​9603) (Moinul Hossain)
  • 980ecd3 Chore: Update copyright and license info (#​9599) (薛定谔的猫)
  • cc2c7c9 Build: use Node 8 in appveyor (#​9595) (薛定谔的猫)
  • 2542f04 Docs: Add missing options for lines-around-comment (#​9589) (Clément Fiorio)
  • b6a7490 Build: ensure fuzzer tests get run with npm test (#​9590) (Teddy Katz)
  • 1073bc5 Build: remove shelljs-nodecli (refs #​9533) (#​9588) (Teddy Katz)
  • 7e3bf6a Fix: edge-cases of semi-style (#​9560) (Toru Nagashima)
  • e5a37ce Fix: object-curly-newline for flow code (#​9458) (Tiddo Langerak)
  • 9064b9c Chore: add equalTokens in ast-utils. (#​9500) (薛定谔的猫)
  • b7c5b19 Fix: Correct [object Object] output of error.data. (#​9561) (Jonathan Pool)
  • 51c8cf0 Docs: Disambiguate definition of Update tag (#​9584) (Jonathan Pool)
  • afc3c75 Docs: clarify what eslint-config-eslint is (#​9582) (Teddy Katz)
  • aedae9d Docs: fix spelling in valid-typeof example (#​9574) (Maksim Degtyarev)
  • 4c5aaf3 Docs: Fix typo in no-underscore-dangle rule (#​9567) (Fabien Lucas)
  • 3623600 Chore: upgrade ajv@5.3.0 (#​9557) (薛定谔的猫)
  • 1b606cd Chore: Remove an indirect dependency on jsonify (#​9444) (Rouven Weßling)
  • 4d7d7ab Update: Resolve npm installed formatters (#​5900) (#​9464) (Tom Erik Støwer)
  • accc490 Fix: Files with no failures get "passing" testcase (#​9547) (Samuel Levy)
  • ab0f66d Docs: Add examples to better show rule coverage. (#​9548) (Jonathan Pool)
  • 88d2303 Chore: Add object-property-newline tests to increase coverage. (#​9553) (Jonathan Pool)
  • 7f37b1c Build: test Node 9 on Travis (#​9556) (Teddy Katz)
  • acccfbd Docs: Minor rephrase in no-invalid-this. (#​9542) (Francisc)
  • 8f9c0fe Docs: improve id-match usage advice (#​9544) (Teddy Katz)
  • a9606a3 Fix: invalid tests with super (fixes #​9539) (#​9545) (Teddy Katz)
  • 8e1a095 Chore: enable a modified version of multiline-comment-style on codebase (#​9452) (Teddy Katz)
  • cb60285 Chore: remove commented test for HTML formatter (#​9532) (Teddy Katz)
  • 06b491e Docs: fix duplicate entries in changelog (#​9530) (Teddy Katz)
  • 2224733 Chore: use eslint-plugin-rulesdir instead of --rulesdir for self-linting (#​9164) (Teddy Katz)
  • 9cf4ebe Docs: add .md to link(for github users) (#​9529) (薛定谔的猫)

v4.10.0

Compare Source

  • bb6e60a Fix: Improve the doc for no-restricted-modules rule (fixes #​9437) (#​9495) (vibss2397)
  • c529de9 Docs: Amend rule document to correct and complete it (refs #​6251). (#​9498) (Jonathan Pool)
  • f9c6673 Chore: Add tests to cover array and object values and leading commas. (#​9502) (Jonathan Pool)
  • 9169258 Chore: remove npm run check-commit script (#​9513) (Teddy Katz)
  • 7d390b2 Docs: Revise contributor documentation on issue labels. (#​9469) (Jonathan Pool)
  • d80b9d0 Fix: no-var don't fix globals (fixes #​9520) (#​9525) (Toru Nagashima)
  • b8aa071 Fix: allow linting the empty string from stdin (fixes #​9515) (#​9517) (Teddy Katz)
  • 350a72c Chore: regex.test => string.startsWith (#​9518) (薛定谔的猫)
  • de0bef4 Chore: remove obsolete eslintbot templates (#​9512) (Teddy Katz)
  • 720b6d5 Docs: Update ISSUE_TEMPLATE.md (#​9504) (薛定谔的猫)
  • 2fa64b7 Fix: should not convert non-consecutive line comments to a single blo… (#​9475) (薛定谔的猫)
  • 9725146 Fix: multiline-comment-style fix produces invalid code (fixes #​9461). (#​9463) (薛定谔的猫)
  • b12cff8 Fix: Expected order of jsdoc tags (fixes #​9412) (#​9451) (Orlando Wenzinger)
  • f054ab5 Docs: add .md to link (for github users) (#​9501) (薛定谔的猫)
  • 5ed9cfc Docs: Correct violations of “Variable Declarations” in Code Conventions (#​9447) (Jonathan Pool)
  • 3171097 Docs: Clears confusion on usage of global and local plugins.(#​9492) (Vasili Sviridov)
  • 3204773 Chore: enable max-len. (#​9414) (薛定谔的猫)
  • 0f71fef Docs: Unquote booleans in lines-between-class-members docs (#​9497) (Brandon Mills)
  • b3d7532 Docs: use consistent terminology & fix link etc. (#​9490) (薛定谔的猫)
  • 87db8ae Docs: Fix broken links (#​9488) (gpiress)
  • 51bdb2f Docs: Incorrect link to related rule (#​9477) (Gavin King)
  • 1a962e8 Docs: Add FAQ for when ESLint cannot find plugin (#​9467) (Kevin Partington)
  • 8768b2d Fix: multiline-comment-style autofixer added trailing space (#​9454) (Teddy Katz)
  • e830aa1 Fix: multiline-comment-style reports block comments followed by code (#​9450) (Teddy Katz)
  • b12e5fe Docs: Repair broken links and add migration links. (#​9473) (Jonathan Pool)
  • eca01ed Docs: Add missing info about special status of home-dir config files. (#​9472) (Jonathan Pool)
  • eb8cfb1 Fix: change err report in constant condition (fixes #​9398) (#​9436) (Victor Hom)
  • da77eb4 Chore: Revise no-config-file test to prevent false failure. (#​9443) (Jonathan Pool)
  • 47e5f6f Docs: ensure "good commit message" examples actually follow guidelines (#​9466) (Teddy Katz)
  • ebb530d Update: Don't ignore comments (no-trailing-spaces) (#​9416) (Chris van Marle)
  • 5012661 Build: fix npm run profile script (fixes #​9397) (#​9455) (Teddy Katz)
  • ecac0fd Docs: Remove blockBindings references (#​9446) (Jan Pilzer)
  • 0b89865 Chore: ensure tests for internal rules get run (#​9453) (Teddy Katz)
  • 052c504 Docs: suggest deleting branches after merging PRs (#​9449) (Teddy Katz)
  • b31e55a Chore: move internal rules out of lib/ (#​9448) (Teddy Katz)
  • a7521e3 Docs: improve examples for multiline-comment-style (#​9440) (Teddy Katz)

v4.9.0

Compare Source

v4.8.0

Compare Source

v4.7.2

Compare Source

v4.7.1

Compare Source

  • 08656db Fix: Handle nested disable directive correctly (fixes #​9318) (#​9322) (Gyandeep Singh)
  • 9226495 Revert "Chore: rewrite parseListConfig for a small perf gain." (#​9325) (薛定谔的猫)

v4.7.0

Compare Source


Renovate configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by WhiteSource Renovate. View repository job log here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant