[Snyk] Upgrade eslint from 8.48.0 to 9.10.0

[WontonSam]

Snyk has created this PR to upgrade eslint from 8.48.0 to 9.10.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 30 versions ahead of your current version.
• The recommended version was released a month ago, on 2024-09-06.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	Proof of Concept
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	Proof of Concept
	Prototype Pollution SNYK-JS-AXIOS-6144788	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	No Known Exploit
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	221/1000 Why? Confidentiality impact: High, Integrity impact: Low, Availability impact: Low, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00084, Social Trends: No, Days since published: 60, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 7.84, Likelihood: 2.81, Score Version: V5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: eslint

• 9.10.0 - 2024-09-06
  

  Features

  • 301b90d feat: Add types (#18854) (Nicholas C. Zakas)
  • bcf0df5 feat: limit namespace import identifier in id-length rule (#18849) (ChaedongIm)
  • 45c18e1 feat: add requireFlag option to require-unicode-regexp rule (#18836) (Brett Zamir)
  • 183b459 feat: add error message for duplicate flags in no-invalid-regexp (#18837) (Tanuj Kanti)
  • c69b406 feat: report duplicate allowed flags in no-invalid-regexp (#18754) (Tanuj Kanti)

  Documentation

  • bee0e7a docs: update README (#18865) (Milos Djermanovic)
  • 5d80b59 docs: specify that ruleId can be null in custom formatter docs (#18857) (Milos Djermanovic)
  • 156b1c3 docs: Update README (GitHub Actions Bot)
  • f6fdef9 docs: Update README (GitHub Actions Bot)
  • a20c870 docs: Update README (GitHub Actions Bot)
  • 90e699b docs: Update README (GitHub Actions Bot)

  Chores

  • 24c3ff7 chore: upgrade to @ eslint/[email protected] (#18866) (Francesco Trotta)
  • 1ebdde1 chore: package.json update for @ eslint/js release (Jenkins)
  • e8fc5bd chore: update dependency @ eslint/core to ^0.5.0 (#18848) (renovate[bot])
  • 343f992 refactor: don't use node.value when removing unused directives (#18835) (Milos Djermanovic)
  • 3db18b0 refactor: Extract FileContext into class (#18831) (Nicholas C. Zakas)
  • 931d650 refactor: Use @ eslint/plugin-kit (#18822) (Nicholas C. Zakas)
  • ed5cf0c chore: update dependency @ eslint/json to ^0.4.0 (#18829) (Milos Djermanovic)
  • d1f0831 chore: added missing ids (#18817) (Strek)
  • ec92813 refactor: Config class (#18763) (Nicholas C. Zakas)
• 9.9.1 - 2024-08-23
  

  Bug Fixes

  • 9bde90c fix: add logic to handle fixTypes in lintText() (#18736) (Amaresh S M)

  Documentation

  • 4840930 docs: Update README with version support and clean up content (#18804) (Nicholas C. Zakas)
  • f61f40d docs: Update globals examples (#18805) (Nicholas C. Zakas)
  • 241fcea docs: Use and define languages (#18795) (Nicholas C. Zakas)
  • 5dbdd63 docs: eslint-plugin-markdown -> @ eslint/markdown (#18797) (Nicholas C. Zakas)
  • c6c8ddd docs: update links to eslint-visitor-keys repo (#18796) (Francesco Trotta)
  • f981d05 docs: Update README (GitHub Actions Bot)
  • b516974 docs: update links to eslint/js repo (#18781) (Francesco Trotta)
  • fb7a3f5 docs: update note for package managers (#18779) (Jay)

  Chores

  • b0c34d0 chore: upgrade to @ eslint/[email protected] (#18809) (Francesco Trotta)
  • cd5a0da chore: package.json update for @ eslint/js release (Jenkins)
  • e112642 refactor: Extract parsing logic from Linter (#18790) (Nicholas C. Zakas)
  • 0f68a85 chore: use eslint-plugin-yml on yaml files only (#18801) (Milos Djermanovic)
  • f8d1b3c chore: update dependencies for browser tests (#18794) (Christian Bromann)
  • aed2624 chore: update dependency @ eslint/config-array to ^0.18.0 (#18788) (renovate[bot])
  • 5c29128 chore: update dependency @ eslint/core to ^0.4.0 (#18789) (renovate[bot])
  • 5d66fb2 chore: migrate linting workflow to use trunk check meta-linter (#18643) (Chris Clearwater)
  • bf96855 chore: add ids to github issue templates (#18775) (Strek)
• 9.9.0 - 2024-08-09
  

  Features

  • 41d0206 feat: Add support for TS config files (#18134) (Arya Emami)
  • 3a4eaf9 feat: add suggestion to require-await to remove async keyword (#18716) (Dave)

  Documentation

  • 9fe068c docs: how to author plugins with configs that extend other configs (#18753) (Alec Gibson)
  • 48117b2 docs: add version support page in the side navbar (#18738) (Amaresh S M)
  • fec2951 docs: add version support page to the dropdown (#18730) (Amaresh S M)
  • 38a0661 docs: Fix typo (#18735) (Zaina Al Habash)
  • 3c32a9e docs: Update yarn command for creating ESLint config (#18739) (Temitope Ogunleye)
  • f9ac978 docs: Update README (GitHub Actions Bot)

  Chores

  • 461b2c3 chore: upgrade to @ eslint/[email protected] (#18765) (Francesco Trotta)
  • 59dba1b chore: package.json update for @ eslint/js release (Jenkins)
  • fea8563 chore: update dependency @ eslint/core to ^0.3.0 (#18724) (renovate[bot])
  • aac191e chore: update dependency @ eslint/json to ^0.3.0 (#18760) (renovate[bot])
  • b97fa05 chore: update wdio dependencies for more stable tests (#18759) (Christian Bromann)
• 9.8.0 - 2024-07-26
  Read more
• 9.7.0 - 2024-07-12
  Read more
• 9.6.0 - 2024-06-28
  Read more
• 9.5.0 - 2024-06-14
  Read more
• 9.4.0 - 2024-05-31
  Read more
• 9.3.0 - 2024-05-17
  Read more
• 9.2.0 - 2024-05-03
  Read more
• 9.1.1 - 2024-04-22
• 9.1.0 - 2024-04-19
• 9.0.0 - 2024-04-05
• 9.0.0-rc.0 - 2024-03-22
• 9.0.0-beta.2 - 2024-03-08
• 9.0.0-beta.1 - 2024-02-23
• 9.0.0-beta.0 - 2024-02-09
• 9.0.0-alpha.2 - 2024-01-26
• 9.0.0-alpha.1 - 2024-01-12
• 9.0.0-alpha.0 - 2023-12-29
• 8.57.1 - 2024-09-16
• 8.57.0 - 2024-02-23
• 8.56.0 - 2023-12-15
• 8.55.0 - 2023-12-01
• 8.54.0 - 2023-11-17
• 8.53.0 - 2023-11-03
• 8.52.0 - 2023-10-20
• 8.51.0 - 2023-10-06
• 8.50.0 - 2023-09-22
• 8.49.0 - 2023-09-08
• 8.48.0 - 2023-08-25

from eslint GitHub release notes

Commit messages

Package name: eslint

• 6448f32 9.10.0
• afeb9b1 Build: changelog update for 9.10.0
• 24c3ff7 chore: upgrade to @ eslint/[email protected] (#18866)
• 1ebdde1 chore: package.json update for @ eslint/js release
• 301b90d feat: Add types (#18854)
• bee0e7a docs: update README (#18865)
• bcf0df5 feat: limit namespace import identifier in id-length rule (#18849)
• 45c18e1 feat: add `requireFlag` option to `require-unicode-regexp` rule (#18836)
• 5d80b59 docs: specify that `ruleId` can be `null` in custom formatter docs (#18857)
• 156b1c3 docs: Update README
• e8fc5bd chore: update dependency @ eslint/core to ^0.5.0 (#18848)
• 343f992 refactor: don't use `node.value` when removing unused directives (#18835)
• 183b459 feat: add error message for duplicate flags in `no-invalid-regexp` (#18837)
• f6fdef9 docs: Update README
• c69b406 feat: report duplicate allowed flags in `no-invalid-regexp` (#18754)
• a20c870 docs: Update README
• 90e699b docs: Update README
• 3db18b0 refactor: Extract FileContext into class (#18831)
• 931d650 refactor: Use @ eslint/plugin-kit (#18822)
• ed5cf0c chore: update dependency @ eslint/json to ^0.4.0 (#18829)
• d1f0831 chore: added missing ids (#18817)
• ec92813 refactor: Config class (#18763)
• 8781e6f 9.9.1
• 1503d03 Build: changelog update for 9.9.1

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.