Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency eslint-plugin-security to v3 #272

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 2, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
eslint-plugin-security 1.4.0 -> 3.0.1 age adoption passing confidence

Release Notes

eslint-community/eslint-plugin-security (eslint-plugin-security)

v3.0.1

Compare Source

v3.0.0

Compare Source

⚠ BREAKING CHANGES
  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#​146)
Features
Bug Fixes
2.1.1 (2024-02-14)
Bug Fixes
  • Ensure empty eval() doesn't crash detect-eval-with-expression (#​139) (8a7c7db)

v2.1.1

Compare Source

v2.1.0

Compare Source

Features

v2.0.0

Compare Source

⚠ BREAKING CHANGES
  • switch the recommended config to flat (#​118)
Features
1.7.1 (2023-02-02)
Bug Fixes
  • false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require (#​109) (56102b5)

v1.7.1

Compare Source

v1.7.0

Compare Source

Features

v1.6.0

Compare Source

Features
  • Add meta object documentation for all rules (#​79) (fb1d9ef)
  • detect-bidi-characters rule (#​95) (4294d29)
  • detect-non-literal-fs-filename: change to track non-top-level require() as well (#​105) (d3b1543)
  • extend detect non literal fs filename (#​92) (08ba476)
  • non-literal-require: support template literals (#​81) (208019b)
Bug Fixes
  • Avoid crash when exec() is passed no arguments (7f97815), closes #​82 #​23
  • Avoid TypeError when exec stub is used with no arguments (#​97) (9c18f16)
  • detect-child-process: false positive for destructuring with exec (#​102) (657921a)
  • detect-child-process: false positives for destructuring spawn (#​103) (fdfe37d)
  • Incorrect method name in detect-buffer-noassert. (313c0c6), closes #​63 #​80

v1.5.0

Compare Source

  • Fix avoid crash when exec() is passed no arguments
    Closes #​82 with ref as #​23
  • Fix incorrect method name in detect-buffer-noassert
    Closes #​63 and #​80
  • Clean up source code formatting
    Fixes #​4 and closes #​78
  • Add release script
    Script
  • Add non-literal require TemplateLiteral support #​81
  • Add meta object documentation for all rules #​79
  • Added Git pre-commit hook to format JS files
    Pre-commit hook
  • Added yarn installation method
  • Fix linting errors and step
    Lint errors, Lint step
  • Create workflows
    Check commit message on pull requests, Set up ci on main branch
  • Update test and lint commands to work cross-platform
    Commit
  • Merge pull request #​47 from pdehaan/add-docs
    Add old liftsecurity blog posts to docs/ folder
  • Bumped up dependencies
  • Added package-lock.json
  • Fixed typos in README and documentation
    Replaced dead links in README

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Copy link
Contributor Author

renovate bot commented Dec 2, 2024

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package.json
Post-upgrade command 'npm run lintfix' has not been added to the allowed list in allowedPostUpgradeCommands

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants