⬆️ Updates eslint-plugin-unicorn to v54

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
eslint-plugin-unicorn	^34.0.1 -> ^54.0.0

---

Release Notes

sindresorhus/eslint-plugin-unicorn (eslint-plugin-unicorn)

v54.0.0

Compare Source

New rules

• no-negation-in-equality-check (#​2353) 8957a03

Breaking

• prefer-array-find: Change checkFromLast default value to true (#​2367) a449af9

Improvements

• Add name to flat configs (#​2377) ac8536e
• prefer-array-some: Check Array#{findIndex,findLastIndex}() (#​2370) 10568ab
• prefer-includes: Check .lastIndexOf() (#​2368) d812ad1
• prefer-string-raw: Ignore strings in Enums (#​2354) 175ea04

Fixes

• Fix edge cases when add new to calls (#​2352) d8f8161

v53.0.0

Compare Source

New rules

• consistent-empty-array-spread (#​2349) 8d7954c
• prefer-string-raw (#​2339) 4f1400a
• no-invalid-fetch-options (#​2338) 342aafb
• no-magic-array-flat-depth (#​2335) bc17428
• prefer-structured-clone (#​2329) 497519e

Breaking

• Require Node.js 18.18 (#​2250) 598f57b

Meta

• You can now sponsor @​fisker for his work on this project (#​2348) b82542d

Improvements

• Support ESLint 9 (#​2250) 598f57b
• no-array-method-this-argument: Check Array.fromAsync() (#​2330) 99489b9
• prefer-number-properties: Add checkNaN option (#​2315) d30de50
• template-indent: Support member expression paths in tags and functions (#​2346) aabcf1d
• prefer-number-properties: Don't require by default for Infinity/-Infinity to be written as Number.POSITIVE_INFINITY/Number.NEGATIVE_INFINITY (#​2312) e0dfed2
• escape-case: Ignore String.raw (#​2342) 45bd444
• no-hex-escape: Ignore String.raw (#​2343) cc02a7f
• prefer-dom-node-dataset: Ignore awaited getAttribute call (#​2334) 45f23d5
• prevent-abbreviations: Support non-ASCII filenames (#​2308) 28762c8
• throw-new-error: Check all call expressions instead of just argument of ThrowStatement (#​2332) 1626852

v52.0.0

Compare Source

New rules

• no-single-promise-in-promise-methods (#​2258) 8f0ee89
• no-await-in-promise-methods (#​2259) a3be554
• no-anonymous-default-export (#​2273) c035216

Improvements

• filename-case: Add option for multiple file extensions (#​2186) 4594020
• import-style: Support node: protocol (#​2297) c28a086
• prefer-array-find: Check array.filter().at(0) (#​2284) e6074fe
• prefer-prototype-methods: Check Object.prototype methods from globalThis (#​2286) 1792d33
• no-array-callback-reference: Check logical expressions and check ternaries deeply (#​2289) 231529a

Fixes

• prefer-spread: Fix it to not report on optional chaining (#​2304) df1ff1c
• no-anonymous-default-export: Uppercase class name (#​2282) 5ce4169

v51.0.1

Compare Source

• prefer-node-protocol: Fix false positive on bun:* modules (#​2272) 43fc638

v51.0.0

Compare Source

Breaking

• consistent-destructuring: Remove from recommended preset (#​2260) 702d51b

Improvements

• no-array-method-this-argument: Check Array.from() (#​2262) 797caee

Fixes

• no-thenable: Fix crash on {[Symbol.prototype]: 0} (#​2248) 3c7d7c0
• prefer-prototype-methods: Fix argument of isMethodCall (#​2247) 3b504fa

v50.0.1

Compare Source

Fixes

• no-unnecessary-polyfills: Fix missing dependency error (#​2242) 3df1606

v50.0.0

Compare Source

New rules

• no-unnecessary-polyfills (#​1717) 6788d86

Improvements

• Support ESLint's new config system (#​1886) 65711f9
• no-useless-undefined: Add checkArrowFunctionBody option (#​2232) 9d7048c
• prefer-negative-index: Check TypedArray#subarray() (#​2237) 6708a30
• no-useless-undefined: Ignore React state setters (#​2223) 42881ba
• prefer-module: Allow module as TSTypeParameter name (#​2213) 8f61f7c

Fixes

• string-content: Fix JSX autofix for newlines, etc. (#​2222) b95e75e

v49.0.0

Compare Source

Improvements

• expiring-todo-comments: Support monorepos (#​2159) ac51d40
• prefer-module: Allow module as TSIndexSignature names or TSTypeAliasDeclaration ids (#​2209) ea94b3b
• Support RegExp v flag (#​2195) 28e7498
• prefer-event-target: Ignore EventEmitter from @angular/core and eventemitter3 (#​2197) 1629ebe

v48.0.1

Compare Source

• no-empty-file: Fix directive check for TypeScript parser (#​2180) 1bb9ce8

v48.0.0

Compare Source

Improvements

• Deprecate no-unsafe-regex rule (#​2135) 7b473aa
• prefer-top-level-await: Ignore promises inside Promise.{all,allSettled,any,race}() (#​2139) d3f6b60
• no-process-exit: Ignore when using node:worker_threads module (#​2136) 2907805
• prefer-array-some: Ignore filter calls with literal argument (#​2097) 7a32edb
• prefer-modern-math-api: Check cases that Math.hypot() should be preferred (#​2080) 9bbc948
• explicit-length-check: Ignore .length || number (#​1977) b9b8794

Fixes

• Fix crash on array holes (#​2129) f10f1a6
• prefer-dom-node-dataset: Fix edge cases (#​2171) b2d7378
• prefer-dom-node-dataset: Remove broken fix for element.setAttribute (#​2169) 61234af
• no-lonely-if: Fix an edge case (#​2168) ca837a8
• no-useless-undefined: Turn parameter with undefined default value into optional parameter (#​2138) 4aa7d60
• no-thenable: Fix Object.fromEntries() check (#​2130) f3265b9
• prefer-dom-node-remove: Fix incorrect auto-fix (#​2084) 74bb36d

v47.0.0

Compare Source

Breaking

• Require Node.js 16 (#​2073) a3bc120
• Require eslint@>=8.38.0 (#​2066) 04af765
• Enable prefer-at, prefer-event-target, and prefer-string-replace-all in recommended config (#​2073) a3bc120

New rules

• prefer-blob-reading-methods (#​2065) 2bb1a04

Improvements

• prefer-top-level-await: Ignore .cjs files (#​2072) 0c3ccb1
• prefer-spread: Stop checking Array.from call with map function (#​2064) f5beccb
• prefer-dom-node-text-content: Check optional chaining (#​2062) 8d6d007
• prefer-dom-node-{append,remove}: Check optional chaining (#​2061) 443999b

Fixes

• prefer-number-properties: Fix false positives (#​2050) 124bfa7

v46.0.1

Compare Source

• Fix expiring-todo-comments (#​2077) 7a6861a

v46.0.0

Compare Source

Improvements

• Add elems to abbreviations (#​2040) 2a9c840
• no-useless-spread: Check Array#{toReversed,toSorted,toSpliced,with} (#​2030) 55469e5
• prefer-set-has: Support Array#{toReversed,toSorted,toSpliced,with} (#​2032) fea5b42
• prefer-spread: Forbid use of Array#toSpliced() to copy array (#​2034) 4ada50e
• prefer-negative-index: Check .toSpliced() and .with() (#​2031) 7ed738a
• no-empty-file: Support .jsx and .tsx extensions (#​2002) ba1a00e

Fixes

• expiring-todo-comments: Do not normalize package.json (#​1871) (#​2020) fcd8934

v45.0.2

Compare Source

• prefer-string-replace-all: Don't crash on invalid pattern (#​2011) 3bbe027
• prevent-abbreviations: Skip fix for variables used in Vue template (#​2012) 8cd1ded

v45.0.1

Compare Source

• no-useless-spread: Remove unsafe fix (#​1996) 6756cbd

v45.0.0

Compare Source

New rules

• no-typeof-undefined (#​1966) d7f7341
• no-negated-condition (#​1963) e4aaa42
• prefer-set-size (#​1952) 5f23c98

Improvements

• prefer-at: Support private fields (#​1929) 60bb455
• no-useless-undefined: Ignore Array#includes() and Set#has() (#​1951) 8dfd5a7
• no-useless-spread: Check cloning inline arrays (#​1980) 5d90d73
• prefer-top-level-await: Ignore expressions in class (#​1976) b90a3aa
• prefer-string-replace-all: Improve RegExp to string fix (#​1971) b844dbc
• prefer-string-replace-all: Check pattern even if it's already using .replaceAll (#​1981) e8c5156
• prefer-string-replace-all: Report all String#replace() when the pattern has g flag (#​1965) 6316f05
• prefer-string-replace-all: Ignore regex with pipe (#​1962) 76deaa3
• prefer-regexp-test: Use suggestions if not sure regexp without g flag (#​1954) 505a203
• no-array-for-each: Skip fix for some edge cases (#​1979) 48efc7a
• prefer-add-event-listener: Only fix ExpressionStatement, check operator (#​1955) aca21f2
• prevent-abbreviations: Improve fix for retVal (#​1953) 25cd810

Fixes

• prefer-top-level-await: Fix crash on for..of loop (#​1950) 00a29c8

v44.0.2

Compare Source

• no-array-method-this-argument: Ignore lodash.findLast and lodash.findLastIndex (#​1927) 86e8add

v44.0.1

Compare Source

• prefer-array-index-of: Add missing message (#​1924) a981a13

v44.0.0

Compare Source

New rules

• no-unnecessary-await (#​1904) 412fc6f
• switch-case-braces (#​1902) 690ed8c

Improvements

• prefer-array-find: Add option to also prefer .findLast() (#​1900) 02252c7
• template-indent: Preserve trailing spaces (#​1872) e4071f5
• no-document-cookie: Check window.document.cookie (#​1833) 0886544
• prefer-array-index-of: Prefer .lastIndexOf() over .findLastIndex() (#​1896) 70e5bdd
• prefer-array-some: Check .findLast() (#​1897) 3e6ae43
• prefer-native-coercion-functions: Check .findLast and .findLastIndex (#​1893) f2c6acc
• no-array-method-this-argument: Check .findLast and .findLastIndex (#​1890) 3bc28ad
• no-array-callback-reference: Check .findLast and .findLastIndex (#​1889) 37a5cda
• prefer-negative-index: Remove ArrayBuffer#at (#​1899) a10e3f6
• prefer-at: Improve fix (#​1901) 1c457bb

Fixes

• no-await-expression-member: Fix crash on TypeScript parser (#​1910) b002e75
• prevent-abbreviations: Skip fix when variable is JSX component (#​1907) 9ed08ab
• better-regexp: Don't fix if .source or .toString() is used (#​1903) 8ad592b

v43.0.2

Compare Source

• prefer-spread: Ignore Array#join().concat() and (a + b).concat() (#​1859) ab71971

v43.0.1

Compare Source

• Remove prefer-event-target from the recommended preset 4d2faac
  • EventTarget requires Node.js 16 and we target Node.js 14. We'll enable it again in a year when we can target Node.js 16.

v43.0.0

Compare Source

New rules

• prefer-logical-operator-over-ternary (#​1830) 5d7e622
• prefer-event-target (#​1792) 166524a

Breaking

• Require Node.js 14

Improvements

• Add prefer-top-level-await rule to recommended preset (#​1803) 6f5ecf5
• Deprecate import-index rule (#​1787) 0034e69
• Update abbreviations to support Next.js functions (#​1804) 4b96057
• text-encoding-identifier-case: Ignore JSX meta[charset="utf-8"] (#​1817) c67a70f
• prefer-number-properties: Check any use of global functions (#​1834) 51d7e06
• prefer-number-properties: Detect usage via global object (#​1832) 80c4af2
• no-array-for-each: Check reassign in for..in and for..of (#​1824) d3b2548
• no-useless-undefined: Ignore ref(undefined) in Vue project (#​1828) e7306e5
• prefer-node-protocol: Always check require() (#​1827) 2c914d4
• no-array-for-each: Improve parameter reassign detection (#​1823) 56df468
• no-array-for-each: Add fix for arrow function body (#​1785) 59218e3

Fixes

• no-array-for-each: Fix auto-fix causing SyntaxError (#​1813) 47c8337

v42.0.0

Compare Source

The project has passed 100 lint rules 🎉

Thanks to everyone that has contributed so far.

And special thanks to our team member @​fisker for doing most of the work on this project. We could not have gotten this far without him.

New rules

• no-useless-switch-case (#​1779) a8fb966
• prefer-modern-math-apis (#​1780) 6dfdeb0
• no-unreadable-iife (#​1765) ce8a4b7
• prefer-native-coercion-functions (#​1767) 51166f4

Improvements

• template-indent: Set the rule error instead of warn in recommended preset (#​1781) 09923af
• prefer-json-parse-buffer: Remove from recommended preset (#​1750) 93f49f2
• no-array-for-each: Add fixer for parenthesized call (#​1784) 5f39c37
• no-array-for-each: Handle optional chaining (#​1753) 1d32db4
• prefer-object-from-entries: Stop checking unknown cases (#​1771) 309771d
• prefer-string-trim-start-end: Check optional chaining (#​1768) 1920597
• no-useless-undefined: Ignore arguments in Function#bind() (#​1762) c501243
• prefer-ternary: Skip fix if there are comments (#​1763) 3013565
• text-encoding-identifier-case: Auto-fix encoding in fs.{readFile,readFileSync}() (#​1755) 5e1c932
• Add dist and dst abbreviations (#​1756) dffcea8

Fixes

• no-array-for-each: Handle ChainExpression correctly (#​1772) e615a37

v41.0.1

Compare Source

• relative-url-style: Improve fix (#​1748) f406795

v41.0.0

Compare Source

New rules

• text-encoding-identifier-case (#​1718) 4370602

Breaking

• Require ESLint 8 (#​1724) 608a90c

Fixes

• prefer-export-from: Fix TypeScript compatibility (#​1728) f14aa95
• prefer-at: Remove auto-fix for arguments (#​1705) bba518e

v40.1.0

Compare Source

• expiring-todo-comments: Add date option (#​1683) 16bc33a
• consistent-function-scoping: Allow React.useHook (#​1691) e910633
• no-useless-undefined: Allow React.createContext(undefined) (#​1688) 40bc603

v40.0.0

Compare Source

New rules

• no-thenable (#​1616) c318644
• no-useless-promise-resolve-reject (#​1623) 054436e
• relative-url-style (#​1672) 6ab705b
• prefer-json-parse-buffer (#​1676) 84c9c70

Improvements

• prefer-object-has-own: Deprecate in favor of the built-in prefer-object-has-own rule (#​1646) e59a856
• filename-case: Ignore $ in filenames (#​1628) a43a174
• no-useless-promise-resolve-reject: Detect unnecessary Promise.resolve/reject in promise callback functions (#​1666) f6215f3
• prefer-export-from: Support import assertions (#​1618) 1d7a6b6
• prefer-top-level-await: Improve top-level expression detection (#​1526) b054d65
• prefer-dom-node-dataset: Check .hasAttribute() and .getAttribute() (#​1673) 152f153
• prefer-dom-node-dataset: Check .removeAttribute() (#​1668) 22d8d03
• prefer-string-slice: Improve fix (#​1675) 267115a
• prefer-math-trunc: Improve fix logic (#​1670) 784c7a8
• prefer-string-slice: Improve argument type detection (#​1664) 03b0946
• prefer-add-event-listener: Remove fix for onerror (#​1650) 7bf63bb
• no-array-push-push: Ignore process.{stdin,stdout,stderr} (#​1654) 10ad699
• no-new-array & no-new-buffer: Improve argument type detection (#​1648) 9b04e43
• no-array-for-each: Ignore pIteration.forEach (#​1649) 2b92385
• no-array-callback-reference: Ignore primitive wrappers in Array#map() (#​1642) 0362c09
• prefer-export-from: Support "string literal specifier" (#​1636) 0866b41
• template-indent: Check Jest inline snapshots by default (#​1637) 64460e2

Fixes

• prefer-dom-node-dataset: Fix name conversion (#​1674) 7fb6f7b
• prefer-export-from: Fix crash in TypeScript files (#​1647) 1ff8e42

v39.0.0

Compare Source

New rules

• prefer-code-point (#​1584) 31c83cd
• no-await-expression-member (#​1586) 0485924

Improvements

• prefer-export-from: Add ignoreUsedVariables option (#​1590) a8d52e4
• prevent-abbreviations: Show file basename instead of full path (#​1593) 7c2867d
• Remove require-post-message-target-origin rule from recommended config (#​1581) 014b4dc

Fixes

• no-empty-file: Fix false positive with triple-slash directives (#​1605) 6354bb8
• require-number-to-fixed-digits-argument: Ignore .toFixed from new expression (#​1601) 20d61e7
• prefer-export-from: Fix bug on fixing export namespace as default (#​1583) b564ff1
• Add missing additionalProperties to schema (#​1589) 579d05d

v38.0.1

Compare Source

• prefer-export-from: Ignore variables with type (#​1580) ea49b21

v38.0.0

Compare Source

New rules

• no-empty-file (#​1506) a2ba25e
• prefer-export-from (#​1453) ff43745

Improvements

• Ignore Ramda methods in rules (#​1557) 5f3bad5
• no-array-callback-reference: Only ignore Boolean in reasonable places (#​1570) 46f8638
• require-array-join-separator: Check optional member (#​1569) 15f9028

v37.0.1

Compare Source

• Fix compatibility with ESLint 7 (#​1548) e6cee0f

v37.0.0

Compare Source

New rules

• template-indent (#​1478) 5f4c440

Improvements

• Support ESLint 8 (#​1488) e97ab7e
• Use 'latest' as ecmaVersion (#​1465) 9feb181

v36.0.0

Compare Source

New rules

• no-useless-fallback-in-spread (#​1481) 1675118
• no-invalid-remove-event-listener (#​1216) f0ff04d

Improvements

• Add all config (#​1512) a512ad1
  • This config includes all the rules, except deprecated ones.
• prefer-spread: Check String#split('') (#​1489) d51a197

---

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Moscow, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

Thanks for the PR!

This section of the codebase is owner by https://github.com/AlexRogalskiy/ - if they write a comment saying "LGTM" then it will be merged.

[github-actions]

Thanks for opening an issue! Make sure you've followed CONTRIBUTING.md.

[github-actions]

Hello from PR Helper

Is your PR ready for review and processing? Mark the PR ready by including #pr-ready in a comment.

If you still have work to do, even after marking this ready. Put the PR on hold by including #pr-onhold in a comment.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/eslint-plugin-unicorn@53.0.0	Transitive: environment, filesystem, shell, unsafe	+28	7.67 MB	sindresorhus

🚮 Removed packages: npm/eslint-plugin-unicorn@34.0.1, npm/git-cz@4.9.0, npm/gradient-string@1.2.0, npm/hero-patterns@2.1.0, npm/husky@7.0.4, npm/if-env@1.0.4, npm/isomorphic-unfetch@3.1.0, npm/jest-circus@27.5.1, npm/jest@27.5.1, npm/jsonlint@1.6.3, npm/license-checker@25.0.1, npm/lunr@2.3.9, npm/markdown-link-check@3.12.2, npm/node-cron@3.0.3, npm/nodemon@2.0.22, npm/onchange@7.1.0, npm/opener@1.5.2, npm/prettier@2.8.8, npm/pretty-quick@3.3.1, npm/randomcolor@0.5.4, npm/remark-cli@9.0.0, npm/remark-lint-code-block-style@2.0.1, npm/remark-lint-ordered-list-marker-value@2.0.1, npm/remark-preset-davidtheclark@0.12.0, npm/remark-validate-links@10.0.4, npm/semantic-release@17.4.7, npm/ts-jest@27.1.5, npm/ts-node@10.9.2, npm/typedoc@0.21.10, npm/typescript@4.9.5, npm/validate-commit-msg@2.14.0

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Install scripts	npm/core-js@2.6.12	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	orphan: npm/core-js@2.6.12

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/core-js@2.6.12