[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/eslint-config-prettier/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @typescript-eslint/parser

The new version differs by 29 commits.

• 18e7b5b chore: publish v2.32.0
• 18668b7 feat: bump dependencies and align AST (Merge main into releases/v2 github/codeql-action#2007)
• 6987ecc fix(eslint-plugin): [no-base-to-string] support boolean in unions ([Snyk] Security upgrade mocha from 3.5.3 to 4.0.0 #1979)
• 56d9870 fix(eslint-plugin): [no-type-alias] handle readonly types in aliases (Merge main into releases/v2 github/codeql-action#1990)
• 51ca404 fix(eslint-plugin): [no-unused-expressions] inherit `messages` from base rule (Prepare for CodeQL v2.10.5 deprecation github/codeql-action#1992)
• 176054c chore: publish v2.31.0
• 1f3c344 chore: upgrade to prettier 2.0 ([Snyk] Security upgrade nyc from 11.9.0 to 12.0.0 #1970)
• b18bc35 feat(eslint-plugin): new extended rule 'no-invalid-this' ([Snyk] Fix for 2 vulnerabilities #1823)
• 2f0824b feat(eslint-plugin): [prefer-optional-chain] added option to convert to suggestion fixer ([Snyk] Security upgrade xo from 0.16.0 to 0.17.0 #1965)
• 7f3fba3 fix(eslint-plugin): [method-signature-style] fix overloaded methods to an intersection type ([Snyk] Security upgrade tap from 10.7.3 to 12.0.2 #1966)
• f78f13a fix(eslint-plugin): no-base-to-string boolean expression detect ([Snyk] Security upgrade ava from 0.19.1 to 1.0.1 #1969)
• b35070e fix(eslint-plugin): [unbound-method] false positives for unary expressions ([Snyk] Security upgrade xo from 0.16.0 to 0.17.0 #1964)
• f82fd7b fix(eslint-plugin): [return-await] await in a normal function ([Snyk] Security upgrade nyc from 11.9.0 to 12.0.0 #1962)
• 05476ca docs(eslint-plugin): [naming-convention] correct typo in example ([Snyk] Security upgrade nyc from 10.3.2 to 12.0.0 #1961)
• 80d934b chore: turn on `no-poorly-typed-ts-props` ([Snyk] Security upgrade ava from 1.4.1 to 6.0.0 #1955)
• b609b43 chore: fix CI ([Snyk] Fix for 1 vulnerabilities #1958)
• 56ea7c9 feat(eslint-plugin-internal): add rule no-poorly-typed-ts-props ([Snyk] Security upgrade ava from 2.4.0 to 6.0.0 #1949)
• 2dd1638 feat(experimental-utils): expose our RuleTester extension ([Snyk] Security upgrade ava from 2.4.0 to 6.0.0 #1948)
• 383f931 fix(eslint-plugin): [dot-notation] handle missing declarations ([Snyk] Security upgrade ava from 1.4.1 to 6.0.0 #1947)
• f7ec192 feat(eslint-plugin): [member-ordering] add decorators support ([Snyk] Security upgrade nyc from 11.9.0 to 13.0.1 #1870)
• 1b4e430 chore: publish v2.30.0
• 2f45e99 fix(eslint-plugin): fix no-base-to-string boolean literal check ([Snyk] Security upgrade jest from 26.6.3 to 27.0.0 #1850)
• ed2bd60 fix(eslint-plugin): [prefer-string-starts-ends-with] check for negative start index in slice ([Snyk] Security upgrade ava from 2.4.0 to 6.0.0 #1920)
• a85c3e1 feat(eslint-plugin): add extension rule `dot-notation` ([Snyk] Security upgrade ava from 2.4.0 to 6.0.0 #1867)

See the full diff

Package name: eslint

The new version differs by 210 commits.

• 3dd6741 7.0.0
• 9a722f9 Build: changelog update for 7.0.0
• b98d8bd Upgrade: eslint-release@2.0.0 (#13271)
• 4c0b028 Fix: remove Node.js and CommonJS category from build process (#13242)
• 401a687 Chore: fix rules list for prereleases (#13230)
• 4ef6158 Breaking: espree@7.0.0 (#13270)
• b5c8d73 Docs: update 7.0.0 migration guide for consistency (#13267)
• 356fdb4 Docs: add migration guide (#12692)
• 015edf6 Sponsors: Sync README with website
• fdfa364 7.0.0-rc.0
• 8d1b4db Build: changelog update for 7.0.0-rc.0
• 0b1d65a Update: Improve report location for array-callback-return (refs #12334) (#13109)
• d85e291 Fix: yoda left string fix for exceptRange (fixes #12883) (#13052)
• 2ce6bed Chore: added tests for nested arrays (#13145)
• d3aac53 Update: report backtick loc in no-unexpected-multiline (refs #12334) (#13142)
• 8e7a2d9 Fix: func-call-spacing "never" reports wrong message (fixes #13190) (#13193)
• bcafd0f Update: Add ESLint API (refs New: ESLint Class Replacing CLIEngine eslint/rfcs#40) (#12939)
• 3eeae56 Upgrade: some (dev) deps (#13155)
• 6b7030b Chore: Run tests on Node.js v14 (#13210)
• ebc28d7 Fix: Remove default .js from --ext CLI option (#13176)
• 5c1bdeb Update: Improve report location for getter-return (refs #12334) (#13164)
• 56d2bee Docs: fix typos (#13204)
• e13256e Chore: use espree.latestEcmaVersion in config-initializer (#13157)
• e4f57b7 Chore: add nested array tests for array-element-newline (#13161)

See the full diff

Package name: eslint-plugin-react

The new version differs by 27 commits.

• 25bf6cc Update CHANGELOG and bump version
• 2598b1e [Dev Deps] update `@ types/eslint`, `@ types/estree`, `@ types/node`, `@ typescript-eslint/parser`, `coveralls`, `eslint-config-airbnb-base`, `eslint-plugin-import`, `typescript`
• f94d851 [Fix] `jsx-sort-props`: only use localeCompare when case is ignored
• c481a26 [Docs] Clean up examples in rule docs
• 88d404d [eslint] remove `operator-linebreak` override
• 304590a Merge pull request #2635 from ljharb/eslint7
• 35030a0 [Tests] fix mistaken error property and add output property
• 906b474 [New] support eslint v7
• d66f467 [Fix] `jsx-key`: add a failing test case for optional chaining
• da7a045 [Fix] `no-unused-state`: handle optional chaining
• 9861469 [New] `forbid-component-props`/`forbid-dom-props`: Allow a custom message with forbid props
• ab28224 [Fix] `jsx-pascal-case`: Do not consider namespaces when checking for DOM
• 25b1936 [Fix] `jsx-curly-spacing`, `jsx-no-bind`, `usedPropTypes` util: avoid node.start and node.end
• db4e471 [readme] Add Rules of Hooks to Other useful plugins section
• b9d2eb5 [Fix] `jsx-no-target-blank`: allow `no-referrer` without `noopener` by default
• 3385caa [Tests] `button-has-type`: ensure no mistakenly allowed identifiers named `button`/`submit`/`reset`
• aecff62 [Fix] `button-has-type`: improve message when non-static value is used
• bea3b30 [Docs] `no-this-in-sfc`: backtick `this`
• 78ddd46 [Fix] `no-adjacent-inline-elements`: prevent crash on nullish children
• 80f3826 [Docs] `function-component-definition`: Fix unnamedComponents option examples
• e19287d [tests] `displayName`: add a test case
• a93ef20 [Fix] `prop-types`: avoid crash when spreading any type
• ad18d35 [Fix] `require-render-return`: add missing "a"
• 6aa7874 [Fix] `jsx-no-comment-textnodes`: fix for `@ typescript-eslint/parser`

See the full diff

Package name: eslint-plugin-vue

The new version differs by 250 commits.

• 3b5b127 8.0.0
• 4ade913 Add `vue/no-loss-of-precision` rule ([Snyk] Security upgrade jsdoc from 3.6.11 to 4.0.3 #1680)
• 0aeaaaf Add `vue/no-reserved-props` rule ([Snyk] Security upgrade jsdoc from 3.6.11 to 4.0.3 #1678)
• afec265 Fix false positives for non-vue file in `vue/multi-word-component-names` rule ([Snyk] Fix for 1 vulnerabilities #1684)
• 0437972 Support Nuxt.js's `asyncData` in various rules ([Snyk] Security upgrade jsdoc from 3.6.11 to 4.0.3 #1679)
• 44ff0e0 feat: add `setup-compiler-macros` environment for enabling `<script setup>` compiler macro globals ([Snyk] Security upgrade tap from 14.11.0 to 18.0.0 #1685)
• ecc1ae5 Add `ignore` option to `vue/multi-word-component-names` rule ([Snyk] Security upgrade jest from 25.5.4 to 28.0.0 #1681)
• 166dfbf chore: nit typo fix ([Snyk] Fix for 1 vulnerabilities #1683)
• 63d0595 Upgrade vue-eslint-parser to v8.0.0 ([Snyk] Security upgrade tap-spec from 4.1.2 to 5.0.0 #1664)
• bf77169 Change presets configs. ([Snyk] Security upgrade eslint from 7.32.0 to 9.0.0 #1603)
• 14a17d4 Add `vue/first-attribute-linebreak` rule ([Snyk] Security upgrade eslint from 5.16.0 to 9.0.0 #1587)
• 7cd2839 Drop supports Node.js v8-10, v13 and v15 ([Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1588)
• 51079bf 7.20.0
• b28867d Add `no-deprecated-router-link-tag-prop` rule ([Snyk] Security upgrade xo from 0.6.1 to 0.13.0 #1663)
• 68b184a Update document ([Snyk] Fix for 1 vulnerabilities #1666)
• a74dd59 Add `multi-word-component-names` rule ([Snyk] Security upgrade eslint from 1.10.3 to 2.1.0 #1661)
• 928e0c6 Fix false positives for vars inside type in vue/valid-define-emits and vue/valid-define-props rules ([Snyk] Fix for 1 vulnerabilities #1658)
• 00c3b99 Improve no-use-computed-property-like-method rule ([Snyk] Security upgrade gulp from 3.9.1 to 4.0.0 #1659)
• 7bca4d3 Change peer deps eslint ver from `^6.2.0 || ^7.0.0 || ^8.0.0-0` to `^6.2.0 || ^7.0.0 || ^8.0.0` and change to use ESLint v8. ([Snyk] Security upgrade eslint from 1.10.3 to 2.1.0 #1654)
• dc48d1c Add `vue/no-computed-properties-in-data` rule ([Snyk] Security upgrade tap from 2.3.4 to 3.0.0 #1653)
• a70175e Fix false positives for function args in `vue/valid-define-emits` and `vue/valid-define-props` rules ([Snyk] Security upgrade @commitlint/cli from 8.2.0 to 8.3.6 #1652)
• 852096e Add `vue/no-undef-properties` rule ([Snyk] Security upgrade coveralls from 2.13.3 to 3.0.0 #1472)
• 31a5afa docs: fix typo in rule example ([Snyk] Security upgrade changelogx from 3.0.0 to 4.0.0 #1650)
• 1ece73e 7.19.0

See the full diff

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)