[Snyk] Upgrade eslint-plugin-react from 7.20.5 to 7.35.0 #35
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade eslint-plugin-react from 7.20.5 to 7.35.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 53 versions ahead of your current version.
The recommended version was released on 2 months ago.
Issues fixed by the recommended upgrade:
SNYK-JS-BODYPARSER-7926860
SNYK-JS-LODASH-567746
SNYK-JS-LODASH-567746
SNYK-JS-LODASH-567746
SNYK-JS-PATHTOREGEXP-7925106
SNYK-JS-MINIMATCH-3050818
SNYK-JS-EXPRESS-6474509
SNYK-JS-EXPRESS-7926867
SNYK-JS-SEND-7926862
SNYK-JS-SERVESTATIC-7926865
Release notes
Package name: eslint-plugin-react
Added
jsx-props-no-spread-multi
(#3724 @ SimonSchick)forbid-component-props
: addpropNamePattern
to allow / disallow prop name patterns (#3774 @ akulsr0)jsx-handler-names
: support ignoring component names (#3772 @ akulsr0)jsx-closing-tag-location
: addline-aligned
option (#3777 @ kimtaejin3)no-danger
: addcustomComponentNames
option (#3748 @ akulsr0)Fixed
no-invalid-html-attribute
: substitute placeholders in suggestion messages (#3759 @ mdjermanovic)sort-prop-types
: single line type ending without semicolon (#3784 @ akulsr0)require-default-props
: report when required props have default value (#3785 @ akulsr0)Refactors
variableUtil
: Avoid creating a single flat variable scope for each lookup (#3782 @ DanielRosenwasser)Fixed
prop-types
: fixclassName
missing in prop validation false negative (#3749 @ akulsr0)sort-prop-types
: Check for undefined before accessingnode.typeAnnotation.typeAnnotation
(#3779 @ tylerlaprade)Fixed
prop-types
: null-check rootNode before calling getScope (#3762 @ crnhrv)boolean-prop-naming
: avoid a crash with a spread prop (#3733 @ ljharb)jsx-boolean-value
:assumeUndefinedIsFalse
withnever
must not allow explicittrue
value (#3757 @ 6uliver)no-object-type-as-default-prop
: enable rule for components with many parameters (#3768 @ JulienR1)jsx-key
: incorrect behavior for checkKeyMustBeforeSpread with map callbacks (#3769 @ akulsr0)Fixed
boolean-prop-naming
: avoid a crash with a non-TSTypeReference type (#3718 @ developer-bandi)jsx-no-leaked-render
: invalid report if left side is boolean (#3746 @ akulsr0)jsx-closing-bracket-location
: message shows{{details}}
when there are no details (#3759 @ mdjermanovic)no-invalid-html-attribute
: ensure error messages are correct (#3759 @ mdjermanovic, @ ljharb)Changed
Fixed
jsx-no-leaked-render
: prevent wrongly adding parens (#3700 @ developer-bandi)boolean-prop-naming
: detect TS interfaces (#3701 @ developer-bandi)boolean-prop-naming
: literalType error fix (#3704 @ developer-bandi)boolean-prop-naming
: allow TSIntersectionType (#3705 @ developer-bandi)no-unknown-property
: supportpopover
,popovertarget
,popovertargetaction
attributes (#3707 @ ljharb)no-unknown-property
: only matchdata-*
attributes containing-
(#3713 @ silverwind)checked-requires-onchange-or-readonly
: correct options that were behaving opposite (#3715 @ jaesoekjjang)Changed
boolean-prop-naming
: improve error message (@ ljharb)Added
sort-prop-types
: give errors on TS types (#3615 @ akulsr0)no-invalid-html-attribute
: add support forapple-touch-startup-image
rel
attributes inlink
tags (#3638 @ thomashockaday)no-unknown-property
: add requireDataLowercase option (#3645 @ HermanBilous)no-unknown-property
: adddisplaystyle
on<math>
(#3652 @ lounsbrough)prefer-read-only-props
,prop-types
, component detection: allow components to be async functions (#3654 @ pnodet)no-unknown-property
: supportonResize
on audio/video tags (#3662 @ caesar1030)jsx-wrap-multilines
: addnever
option to prohibit wrapping parens on multiline JSX (#3668 @ reedws)jsx-filename-extension
: addignoreFilesWithoutCode
option to allow empty files (#3674 @ burtek)jsx-boolean-value
: addassumeUndefinedIsFalse
option (#3675 @ developer-bandi)linkAttribute
setting,jsx-no-target-blank
: support multiple properties (#3673 @ burtek)jsx-no-script-url
: addincludeFromSettings
option to supportlinkAttributes
setting (#3673 @ burtek)jsx-one-expression-per-line
: addnon-jsx
option to allow non-JSX children in one line (#3677 @ burtek)checked-requires-onchange-or-readonly
rule (#3680 @ jaesoekjjang)Fixed
jsx-no-leaked-render
: preserve RHS parens for multiline jsx elements while fixing (#3623 @ akulsr0)jsx-key
: detect conditional returns (#3630 @ yialo)jsx-newline
: prevent a crash whenallowMultilines
(#3633 @ ljharb)no-unknown-property
: use a better regex to avoid a crash (#3666 @ ljharb @ SCH227)prop-types
: handle nested forwardRef + memo (#3679 @ developer-bandi)no-unknown-property
: addfetchPriority
(#3697 @ SevereCloud)forbid-elements
: prevent a crash oncreateElement()
(#3632 @ ljharb)Changed
jsx-boolean-value
: make error messages clearer (#3691 @ developer-bandi)propTypes
: extract type params to var (#3634 @ HenryBrown0)boolean-prop-naming
: invert if statement (#3634 @ HenryBrown0)function-component-definition
: exit early if no type params (#3634 @ HenryBrown0)jsx-props-no-multi-spaces
: extract type parameters to var (#3634 @ HenryBrown0)jsx-key
: fix correct example (#3656 @ developer-bandi)jsx-wrap-multilines
: passing tests (#3545 @ burtek)iframe-missing-sandbox
: fix link to iframe attribute on mdn (#3690 @ nnmrts)hook-use-state
: fix an undefined variable (#3626 @ chentsulin)Fixed
no-deprecated
: prevent false positive on commonjs import (#3614 @ akulsr0)no-unsafe
: report on the method instead of the entire component (@ ljharb)no-deprecated
: report on the destructured property instead of the entire variable declarator (@ ljharb)no-deprecated
: report on the imported specifier instead of the entire import statement (@ ljharb)no-invalid-html-attribute
: report more granularly (@ ljharb)Fixed
require-default-props
: fix config schema (#3605 @ controversial)jsx-curly-brace-presence
: Revert #3538 due to issues with intended string type casting usage (#3611 @ taozhou-glean)sort-prop-types
: ensure sort-prop-types respects noSortAlphabetically (#3610 @ caesar1030)Added
display-name
: addcheckContextObjects
option (#3529 @ JulesBlm)jsx-first-prop-new-line
: addmultiprop
option (#3533 @ haydncomley)no-deprecated
: add React 18 deprecations (#3548 @ sergei-startsev)forbid-component-props
: adddisallowedFor
option (#3417 @ jacketwpbb)Fixed
no-array-index-key
: consider flatMap (#3530 @ k-yle)jsx-curly-brace-presence
: handle single and only expression template literals (#3538 @ taozhou-glean)no-unknown-property
: allowonLoad
onsource
(@ ljharb)jsx-first-prop-new-line
: ensure autofix preserves generics in component name (#3546 @ ljharb)no-unknown-property
: allowfill
prop on<symbol>
(#3555 @ stefanprobst)display-name
,prop-types
: when checking for a capitalized name, ignore underscores entirely (#3560 @ ljharb)no-unused-state
: avoid crashing on a class field function with destructured state (#3568 @ ljharb)no-unused-prop-types
: allow using spread with object expression in jsx (#3570 @ akulsr0)destructuring-assignment
: Handle destructuring of useContext in SFC" (#3583 #2797 @ 102)prefer-read-only-props
: add TS support (#3593 @ HenryBrown0)Changed
jsx-newline
,no-unsafe
,static-property-placement
: Fix code syntax highlighting (#3563 @ nbsp1221)jsx-no-bind
: reword performance rationale (#3581 @ gpoole)jsx-first-prop-new-line
: add missingmultiprop
value (#3598 @ dzek69)Fixed
parserOptions
in legacy configs ([#3523][] @ ljharb)jsx-no-constructed-context-values
,jsx-no-useless-fragment
: add a rule schema (@ ljharb)(
no-unknown-property
: addfill
for<marker>
(#3525 @ alexey-koran)Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"eslint-plugin-react","from":"7.20.5","to":"7.35.0"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-BODYPARSER-7926860","issue_id":"SNYK-JS-BODYPARSER-7926860","priority_score":696,"priority_score_factors":[{"type":"freshness","label":true,"score":71},{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.2","score":410},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Asymmetric Resource Consumption (Amplification)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-567746","issue_id":"SNYK-JS-LODASH-567746","priority_score":731,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":107},{"type":"fixability"...