[Snyk] Upgrade eslint from 5.16.0 to 9.6.0

[snyk-io]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade eslint from 5.16.0 to 9.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 140 versions ahead of your current version.

• The recommended version was released on 25 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	95	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	95	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-BROWSERIFYSIGN-6037026	95	No Known Exploit
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	95	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-571484	95	Proof of Concept
	Arbitrary Code Execution SNYK-JS-ESLINTUTILS-460220	95	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	95	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	95	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	95	No Known Exploit
	Denial of Service (DoS) SNYK-JS-WS-7266574	95	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579147	95	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	95	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	95	No Known Exploit
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	95	No Known Exploit
	Prototype Pollution SNYK-JS-MIXINDEEP-450212	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	95	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	95	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	95	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	95	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	95	Proof of Concept
	Arbitrary Code Execution SNYK-JS-STATICEVAL-173693	95	No Known Exploit
	Arbitrary Code Execution SNYK-JS-JSYAML-174129	95	No Known Exploit
	Code Injection SNYK-JS-LODASH-1040724	95	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-450202	95	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	95	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	95	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-6139239	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CSSWHAT-3035488	95	Proof of Concept
	Prototype Pollution SNYK-JS-DOTPROP-543489	95	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	95	No Known Exploit
	Timing Attack SNYK-JS-ELLIPTIC-511941	95	No Known Exploit
	Arbitrary Code Execution SNYK-JS-SAFEREVAL-173772	95	No Known Exploit
	Arbitrary Code Execution SNYK-JS-SAFEREVAL-473029	95	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	95	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-JSBEAUTIFY-2311652	95	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	95	Proof of Concept
	Prototype Pollution SNYK-JS-JSON5-3182856	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	95	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	95	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	95	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	95	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	95	Proof of Concept
	Remote Memory Exposure SNYK-JS-NODEADDONAPI-571001	95	No Known Exploit
	Denial of Service (DoS) SNYK-JS-JSYAML-173999	95	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	95	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	95	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	95	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	95	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	95	Proof of Concept

Release notes

Package name: eslint

• 9.6.0 - 2024-06-28
  

  Features

  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)

  Bug Fixes

  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)

  Documentation

  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)

  Chores

  • b15ee30 chore: upgrade @ eslint/[email protected] (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @ eslint/js release (Jenkins)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)
• 9.5.0 - 2024-06-14
  

  Features

  • b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)

  Bug Fixes

  • 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
  • 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
  • 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
  • 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)

  Documentation

  • 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
  • 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
  • 8127127 docs: Update README (GitHub Actions Bot)
  • 55c2a66 docs: Update README (GitHub Actions Bot)
  • eb76282 docs: Update README (GitHub Actions Bot)
  • ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
  • d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
  • 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
  • b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
  • 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)
  • eb440fc docs: specifying files with arbitrary or no extension (#18539) (Francesco Trotta)
  • 38c159e docs: Provide example of reading package.json for plugins meta (#18530) (Nicholas C. Zakas)
  • d16a659 docs: add link to migration guide for --ext CLI option (#18537) (Milos Djermanovic)
  • 73408de docs: add link to configuration file docs before examples (#18535) (Milos Djermanovic)

  Chores

  • f588160 chore: upgrade @ eslint/[email protected] (#18591) (Milos Djermanovic)
  • 5890841 chore: package.json update for @ eslint/js release (Jenkins)
  • e9f4ccd chore: remove unused eslint-disable directive (#18589) (Milos Djermanovic)
  • 4b23ffd refactor: Move JS parsing logic into JS language (#18448) (Nicholas C. Zakas)
  • 1495b93 chore: update WebdriverIO packages (#18558) (Christian Bromann)
  • cea7ede chore: add website donate link instead of opencollective (#18582) (Strek)
  • ec94880 chore: package.json update for eslint-config-eslint release (Jenkins)
  • 6912586 chore: extract formatting rules into separate config (#18560) (Milos Djermanovic)
  • 9738f7e ci: fix CLI flags for c8, raise thresholds (#18554) (Francesco Trotta)
  • c6de7bb chore: update dependency markdownlint-cli to ^0.41.0 (#18538) (renovate[bot])
  • 2c8fd34 ci: pin @ wdio/browser-runner v8.36.0 (#18540) (唯然)
• 9.4.0 - 2024-05-31
  

  Features

  • 89a4a0a feat: ignore IIFE's in the no-loop-func rule (#17528) (Nitin Kumar)

  Bug Fixes

  • f6534d1 fix: skip processor code blocks that match only universal patterns (#18507) (Milos Djermanovic)
  • 7226ebd fix: allow implicit undefined return in no-constructor-return (#18515) (Ali Rezvani)
  • 389744b fix: use @ eslint/config-inspector@latest (#18483) (唯然)
  • 70118a5 fix: func-style false positive with arrow functions and super (#18473) (Milos Djermanovic)

  Documentation

  • d7ab6f5 docs: update theme when when prefers-color-scheme changes (#18510) (Nitin Kumar)
  • 525fdff docs: fix components files (#18519) (Tanuj Kanti)
  • 80747d2 docs: refactor prefer-destructuring rule (#18472) (Tanuj Kanti)
  • f06e0b5 docs: clarify func-style (#18477) (Cameron Steffen)

  Chores

  • 010dd2e chore: upgrade to @ eslint/[email protected] (#18534) (Francesco Trotta)
  • 5e1b5dc chore: package.json update for @ eslint/js release (Jenkins)
  • 594145f refactor: switch to @ eslint/config-array (#18527) (Francesco Trotta)
• 9.3.0 - 2024-05-17
  

  Features

  • b32153c feat: add overrides.namedExports to func-style rule (#18444) (Percy Ma)
  • b67eba4 feat: add restrictedNamedExportsPattern to no-restricted-exports (#18431) (Akul Srivastava)
  • 069aa68 feat: add option allowEscape to no-misleading-character-class rule (#18208) (Francesco Trotta)
  • 05ef92d feat: deprecate multiline-comment-style & line-comment-position (#18435) (唯然)
  • db0b174 feat: add enforceForInnerExpressions option to no-extra-boolean-cast (#18222) (Kirk Waiblinger)

  Bug Fixes

  • 8db0eff fix: Improve config error messages (#18457) (Nicholas C. Zakas)
  • 5c28d9a fix: don't remove comments between key and value in object-shorthand (#18442) (Kuba Jastrzębski)
  • 39fb0ee fix: object-shorthand loses type parameters when auto-fixing (#18438) (dalaoshu)
  • 37eba48 fix: don't crash when fs.readFile returns promise from another realm (#18416) (Milos Djermanovic)

  Documentation

  • ceada8c docs: explain how to use "tsc waiting" label (#18466) (Francesco Trotta)
  • 62e686c docs: Add troubleshooting info for plugin compatibility (#18451) (Nicholas C. Zakas)
  • e17e1c0 docs: Update README (GitHub Actions Bot)
  • 2465a1e docs: Update README (GitHub Actions Bot)
  • d23574c docs: Clarify usage of no-unreachable with TypeScript (#18445) (benj-dobs)
  • 1db9bae docs: Fix typos (#18443) (Frieder Bluemle)
  • 7065196 docs: Update README (GitHub Actions Bot)
  • 04e7c6e docs: update deprecation notice of no-return-await (#18433) (Tanuj Kanti)
  • e763512 docs: Link global ignores section in config object property list (#18430) (MaoShizhong)
  • ac7f718 docs: reflect release of v9 in config migration guide (#18412) (Peter Briggs)
  • 0de0909 docs: fix grammar in configuration file resolution (#18419) (Mike McCready)

  Chores

  • 58e2719 chore: update dependencies for v9.3.0 release (#18469) (Francesco Trotta)
  • b681ecb chore: package.json update for @ eslint/js release (Jenkins)
  • 06f1d1c chore: update dependency @ humanwhocodes/retry to ^0.3.0 (#18463) (renovate[bot])
  • a63ed72 refactor: Use node: protocol for built-in Node.js modules (#18434) (Milos Djermanovic)
  • 040700a chore: update dependency markdownlint-cli to ^0.40.0 (#18425) (renovate[bot])
  • f47847c chore: update actions/stale action to v9 (#18426) (renovate[bot])
  • c18ad25 chore: update actions/upload-artifact action to v4 (#18427) (renovate[bot])
  • 27e3060 chore: Disable documentation label (#18423) (Nicholas C. Zakas)
• 9.2.0 - 2024-05-03
  

  Features

  • 8485d76 feat: no-case-declarations add suggestions (#18388) (Josh Goldberg ✨)
  • a498f35 feat: update Unicode letter detection in capitalized-comments rule (#18375) (Francesco Trotta)

  Bug Fixes

  • eeec413 fix: do not throw when defining a global named defineSetter (#18364) (唯然)

  Documentation

  • 0f5df50 docs: Update README (GitHub Actions Bot)
  • 1579ce0 docs: update wording regarding indirect eval (#18394) (Kirk Waiblinger)
  • f12a02c docs: update to eslint v9 in custom-rule-tutorial (#18383) (唯然)

  Chores

  • b346605 chore: upgrade @ eslint/[email protected] (#18413) (Milos Djermanovic)
  • c4c18e0 chore: package.json update for @ eslint/js release (Jenkins)
  • 284722c chore: package.json update for eslint-config-eslint release (Jenkins)
  • 347d44f chore: remove eslintrc export from eslint-config-esl...

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.