This repository has been archived by the owner on Mar 17, 2020. It is now read-only.
Update dependency eslint to v4.18.2 [SECURITY] #34
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
4.11.0
->4.18.2
GitHub Vulnerability Alerts
GHSA-jcgq-xh2f-2hfm / WS-2018-0592
A vulnerability was descovered in eslint before 4.18.2. One of the regexes in eslint is vulnerable to catastrophic backtracking.
Release Notes
eslint/eslint
v4.18.2
Compare Source
6b71fd0
Fix: [email protected], because 4.0.3 needs "ajv": "^6.0.1" (#10022) (Mathieu Seiler)3c697de
Chore: fix incorrect comment about linter.verify return value (#10030) (Teddy Katz)9df8653
Chore: refactor parser-loading out of linter.verify (#10028) (Teddy Katz)f6901d0
Fix: remove catastrophic backtracking vulnerability (fixes #10002) (#10019) (Jamie Davis)e4f52ce
Chore: Simplify dataflow in linter.verify (#10020) (Teddy Katz)33177cd
Chore: make library files non-executable (#10021) (Teddy Katz)558ccba
Chore: refactor directive comment processing (#10007) (Teddy Katz)18e15d9
Chore: avoid useless catch clauses that just rethrow errors (#10010) (Teddy Katz)a1c3759
Chore: refactor populating configs with defaults in linter (#10006) (Teddy Katz)aea07dc
Fix: Make max-len ignoreStrings ignore JSXText (fixes #9954) (#9985) (Rachael Sim)v4.18.1
Compare Source
f417506
Fix: ensure no-await-in-loop reports the correct node (fixes #9992) (#9993) (Teddy Katz)3e99363
Docs: Fixed typo in key-spacing rule doc (#9987) (Jaid)7c2cd70
Docs: deprecate experimentalObjectRestSpread (#9986) (Toru Nagashima)v4.18.0
Compare Source
70f22f3
Chore: Apply memoization to config creation within glob utils (#9944) (Kenton Jacobsen)0e4ae22
Update: fix indent bug with binary operators/ignoredNodes (fixes #9882) (#9951) (Teddy Katz)47ac478
Update: add named imports and exports for object-curly-newline (#9876) (Nicholas Chua)e8efdd0
Fix: support Rest/Spread Properties (fixes #9885) (#9943) (Toru Nagashima)f012b8c
Fix: support Async iteration (fixes #9891) (#9957) (Toru Nagashima)74fa253
Docs: Clarify no-mixed-operators options (fixes #9962) (#9964) (Ivan Hayes)426868f
Docs: clean up key-spacing docs (fixes #9900) (#9963) (Abid Uzair)4a6f22e
Update: support eslint-disable-* block comments (fixes #8781) (#9745) (Erin)777283b
Docs: Propose fix typo for function (#9965) (John Eismeier)bf3d494
Docs: Fix typo in max-len ignorePattern example. (#9956) (Tim Martin)d64fbb4
Docs: fix typo in prefer-destructuring.md example (#9930) (Vse Mozhet Byt)f8d343f
Chore: Fix default issue template (#9946) (Kai Cataldo)v4.17.0
Compare Source
1da1ada
Update: Add "multiline" type to padding-line-between-statements (#8668) (Matthew Bennett)bb213dc
Chore: Use messageIds in some of the core rules (#9648) (Jed Fox)1aa1970
Docs: remove outdated rule naming convention (#9925) (Teddy Katz)3afaff6
Docs: Add prefer-destructuring variable reassignment example (#9873) (LePirlouit)d20f6b4
Fix: Typo in error message when running npm (#9866) (Maciej Kasprzyk)51ec6a7
Docs: Use GitHub Multiple PR/Issue templates (#9911) (Kai Cataldo)dc80487
Update: space-unary-ops uses astUtils.canTokensBeAdjacent (fixes #9907) (#9906) (Kevin Partington)084351b
Docs: Fix the messageId example (fixes #9889) (#9892) (Jed Fox)9cbb487
Docs: Mention theglobals
key in the no-undef docs (#9867) (Dan Dascalescu)v4.16.0
Compare Source
e26a25f
Update: allow continue instead of if wrap in guard-for-in (fixes #7567) (#9796) (Michael Ficarra)af043eb
Update: Add NewExpression support to comma-style (#9591) (Frazer McLean)4f898c7
Build: Fix JSDoc syntax errors (#9813) (Matija Marohnić)13bcf3c
Fix: Removing curly quotes in no-eq-null report message (#9852) (Kevin Partington)b96fb31
Docs: configuration hierarchy for CLIEngine options (fixes #9526) (#9855) (PiIsFour)8ccbdda
Docs: Clarify that -c configs merge with.eslintrc.*
(fixes #9535) (#9847) (Kevin Partington)978574f
Docs: Fix examples for no-useless-escape (#9853) (Toru Kobayashi)cd5681d
Chore: Deactivate consistent-docs-url in internal rules folder (#9815) (Kevin Partington)2e87ddd
Docs: Sync messageId examples' style with other examples (#9816) (Kevin Partington)1d61930
Update: use doctrine range information in valid-jsdoc (#9831) (Teddy Katz)133336e
Update: fix indent behavior on template literal arguments (fixes #9061) (#9820) (Teddy Katz)ea1b15d
Fix: avoid crashing on malformed configuration comments (fixes #9373) (#9819) (Teddy Katz)add1e70
Update: fix indent bug on comments in ternary expressions (fixes #9729) (#9818) (Teddy Katz)6a5cd32
Fix: prefer-destructuring error with computed properties (fixes #9784) (#9817) (Teddy Katz)601f851
Docs: Minor modification to code comments for clarity (#9821) (rgovind92)b9da067
Docs: fix misleading info about RuleTester column numbers (#9830) (Teddy Katz)2cf4522
Update: Rename and deprecate object-property-newline option (#9570) (Jonathan Pool)acde640
Docs: Add ES 2018 to Configuring ESLint (#9829) (Kai Cataldo)ccfce15
Docs: Minor tweaks to working with rules page (#9824) (Kevin Partington)54b329a
Docs: fix substitution of {{ name }} (#9822) (Andres Kalle)v4.15.0
Compare Source
6ab04b5
New: Add context.report({ messageId }) (fixes #6740) (#9165) (Jed Fox)fc7f404
Docs: add url to each of the rules (refs #6582) (#9788) (Patrick McElhaney)fc44da9
Docs: fix sort-imports rule block language (#9805) (ferhat elmas)65f0176
New: CLIEngine#getRules() (refs #6582) (#9782) (Patrick McElhaney)c64195f
Update: More detailed assert message for rule-tester (#9769) (Weijia Wang)9fcfabf
Fix: no-extra-parens false positive (fixes: #9755) (#9795) (Erin)61e5fa0
Docs: Add table of contents to Node.js API docs (#9785) (Patrick McElhaney)4c87f42
Fix: incorrect error messages of no-unused-vars (fixes #9774) (#9791) (akouryy)bbabf34
Update: addignoreComments
option toindent
rule (fixes #9018) (#9752) (Kevin Partington)db431cb
Docs: HTTP -> HTTPS (fixes #9768) (#9768) (Ronald Eddy Jr)cbf0fb9
Docs: describe how to feature-detect scopeManager/visitorKeys support (#9764) (Teddy Katz)f7dcb70
Docs: Add note about "patch release pending" label to maintainer guide (#9763) (Teddy Katz)v4.14.0
Compare Source
be2f57e
Update: support separate requires in one-var. (fixes #6175) (#9441) (薛定谔的猫)370d614
Docs: Fix typos (#9751) (Jed Fox)8196c45
Chore: Reorganize CLI options and associated docs (#9758) (Kevin Partington)75c7419
Update: Logical-and is counted incomplexity
rule (fixes #8535) (#9754) (Kevin Partington)eb4b1e0
Docs: reintroduce misspelling invalid-typeof
example (#9753) (Teddy Katz)ae51eb2
New: Add allowImplicit option to array-callback-return (fixes #8539) (#9344) (James C. Davis)e9d5dfd
Docs: improve no-extra-parens formatting (#9747) (Rich Trott)37d066c
Chore: Add unit tests for overrides glob matching. (#9744) (Robert Jackson)805a94e
Chore: Fix typo in CLIEngine test name (#9741) (@scriptdaemon)1c2aafd
Update: Improve parser integrations (fixes #8392) (#8755) (Toru Nagashima)4ddc131
Upgrade: debug@^3.1.0 (#9731) (Kevin Partington)f252c19
Docs: Make the lint messagesource
property a little more subtle (#9735) (Jed Fox)5a5c23c
Docs: fix the link to contributing page (#9727) (Victor Hom)f44ce11
Docs: change beginner to good first issue label text (#9726) (Victor Hom)14baa2e
Chore: improve arrow-body-style error message (refs #5498) (#9718) (Teddy Katz)f819920
Docs: fix typos (#9723) (Thomas Broadley)43d4ba8
Fix: false positive on rulelines-between-class-members
(fixes #9665) (#9680) (sakabar)v4.13.1
Compare Source
b72dc83
Fix: eol-last allow empty-string to always pass (refs #9534) (#9696) (Kevin Partington)d80aa7c
Fix: camelcase destructure leading/trailing underscore (fixes #9700) (#9701) (Kevin Partington)d49d9d0
Docs: Add missing period to the README (#9702) (Kevin Partington)4564fe0
Chore: no-invalid-meta crash if no export assignment (refs #9534) (#9698) (Kevin Partington)v4.13.0
Compare Source
256481b
Update: update handling of destructuring in camelcase (fixes #8511) (#9468) (Erin)d067ae1
Docs: Don’t use undocumented array-style configuration for max-len (#9690) (Jed Fox)1ad3091
Chore: fix test-suite to work with node master (#9688) (Myles Borins)cdb1488
Docs: Adds an example with try/catch. (#9672) (Jaap Taal)v4.12.1
Compare Source
1e362a0
Revert "Fix: Use XML 1.1 on XML formatters (fixes #9607) (#9608)" (#9667) (Kevin Partington)v4.12.0
Compare Source
76dab18
Upgrade: doctrine@^2.0.2 (#9656) (Kevin Partington)28c9c8e
New: add a Linter#defineParser function (#9321) (Ives van Hoorne)5619910
Update: Add autofix forsort-vars
(#9496) (Trevin Hofmann)71eedbf
Update: addbeforeStatementContinuationChars
to semi (fixes #9521) (#9594) (Toru Nagashima)4118f14
New: Adds implicit-arrow-linebreak rule (refs #9510) (#9629) (Sharmila Jesupaul)208fb0f
Fix: Use XML 1.1 on XML formatters (fixes #9607) (#9608) (Daniel Reigada)6e04f14
Upgrade:globals
to 11.0.1 (fixes #9614) (#9632) (Toru Nagashima)e13d439
Fix: space-in-parens crash (#9655) (Toru Nagashima)92171cc
Docs: Updating migration guide for single-line disable (#9385) (Justin Helmer)f39ffe7
Docs: remove extra punctuation from readme (#9640) (Teddy Katz)a015234
Fix: prefer-destructuring false positive on "super" (fixes #9625) (#9626) (Kei Ito)0cf081e
Update: add importNames option to no-restricted-imports (#9506) (Benjamin R Gibson)332c214
Docs: Add @platinumazure to TSC (#9618) (Ilya Volodin)Renovate configuration
📅 Schedule: "" (UTC).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.