[Snyk] Security upgrade eslint from 8.57.0 to 9.0.0

[naiba4]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	141/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Local, EPSS: 0.01055, Social Trends: No, Days since published: 127, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Medium, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.35, Score Version: V5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 231 commits.

• e0cbc50 9.0.0
• 75cb5f4 Build: changelog update for 9.0.0
• 19f9a89 chore: Update dependencies for v9.0.0 (#18275)
• 7c957f2 chore: package.json update for @ eslint/js release
• d73a33c chore: ignore `/docs/v8.x` in link checker (#18274)
• d54a412 feat: Add --inspect-config CLI flag (#18270)
• e151050 docs: update get-started to the new `@ eslint/create-config` (#18217)
• 610c148 fix: Support `using` declarations in no-lone-blocks (#18269)
• 44a81c6 chore: upgrade knip (#18272)
• 94178ad docs: mention about `name` field in flat config (#18252)
• 1765c24 docs: add Troubleshooting page (#18181)
• e80b60c chore: remove code for testing version selectors (#18266)
• 96607d0 docs: version selectors synchronization (#18260)
• e508800 fix: rule tester ignore irrelevant test case properties (#18235)
• a129acb fix: flat config name on ignores object (#18258)
• 97ce45b feat: Add `reportUsedIgnorePattern` option to `no-unused-vars` rule (#17662)
• 651ec91 docs: remove `/* eslint-env */` comments from rule examples (#18249)
• 950c4f1 docs: Update README
• 3e9fcea feat: Show config names in error messages (#18256)
• b7cf3bd fix!: correct `camelcase` rule schema for `allow` option (#18232)
• 12f5746 docs: add info about dot files and dir in flat config (#18239)
• b93f408 docs: update shared settings example (#18251)
• 26384d3 docs: fix `ecmaVersion` in one example, add checks (#18241)
• 7747097 docs: Update PR review process (#18233)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[pull-request-quantifier-deprecated]

This PR has 2 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

---

Quantification details

Label      : Extra Small
Size       : +1 -1
Percentile : 0.8%

Total files changed: 1

Change summary by file extension:
.json : +1 -1

Change counts above are quantified counts, based on the PullRequestQuantifier customizations.

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a
balance between between PR complexity and PR review overhead. PRs within the
optimal size (typical small, or medium sized PRs) mean:

• Fast and predictable releases to production:
  • Optimal size changes are more likely to be reviewed faster with fewer
    iterations.
  • Similarity in low PR complexity drives similar review times.
• Review quality is likely higher as complexity is lower:
  • Bugs are more likely to be detected.
  • Code inconsistencies are more likely to be detected.
• Knowledge sharing is improved within the participants:
  • Small portions can be assimilated better.
• Better engineering practices are exercised:
  • Solving big problems by dividing them in well contained, smaller problems.
  • Exercising separation of concerns within the code changes.

What can I do to optimize my changes

• Use the PullRequestQuantifier to quantify your PR accurately
  • Create a context profile for your repo using the context generator
  • Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the Excluded section from your prquantifier.yaml context profile.
  • Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your prquantifier.yaml context profile.
  • Only use the labels that matter to you, see context specification to customize your prquantifier.yaml context profile.
• Change your engineering behaviors
  • For PRs that fall outside of the desired spectrum, review the details and check if:
    • Your PR could be split in smaller, self-contained PRs instead
    • Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR).

How to interpret the change counts in git diff output

• One line was added: +1 -0
• One line was deleted: +0 -1
• One line was modified: +1 -1 (git diff doesn't know about modified, it will
  interpret that line like one addition plus one deletion)
• Change percentiles: Change characteristics (addition, deletion, modification)
  of this PR in relation to all other PRs within the repository.

---

Was this comment helpful? 👍  :ok_hand:  :thumbsdown: (Email)
Customize PullRequestQuantifier for this repository.

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Filesystem access	npm/read-pkg@5.2.0	Module: fs Location: Package overview	orphan: npm/read-pkg@5.2.0
Unmaintained	npm/validate-npm-package-license@3.0.4	Last Publish: 8/5/2018, 4:59:03 PM	orphan: npm/validate-npm-package-license@3.0.4
Unmaintained	npm/error-ex@1.3.2	Last Publish: 6/19/2018, 6:20:32 AM	orphan: npm/error-ex@1.3.2
Unmaintained	npm/is-arrayish@0.2.1	Last Publish: 6/19/2018, 8:09:45 AM	orphan: npm/is-arrayish@0.2.1
Trivial Package	npm/is-arrayish@0.2.1	Location: Package overview	orphan: npm/is-arrayish@0.2.1
Network access	npm/node-fetch@2.7.0	Module: globalThis["fetch"] Location: Package overview	orphan: npm/node-fetch@2.7.0
Network access	npm/node-fetch@2.7.0	Module: https Location: Package overview	orphan: npm/node-fetch@2.7.0
Network access	npm/node-fetch@2.7.0	Module: http Location: Package overview	orphan: npm/node-fetch@2.7.0
Mild CVE	npm/axios@0.21.4	CVE: GHSA-wf5p-g6vw-rhxx Axios Cross-Site Request Forgery Vulnerability (MODERATE) Affected versions: >= 0.8.1, < 0.28.0 Patched version: 0.28.0	orphan: npm/axios@0.21.4
Environment variable access	npm/axios@0.21.4	Env Vars: NO_PROXY Location: Package overview	orphan: npm/axios@0.21.4
Environment variable access	npm/axios@0.21.4	Env Vars: no_proxy Location: Package overview	orphan: npm/axios@0.21.4
Environment variable access	npm/axios@0.21.4	Env Vars: Location: Package overview	orphan: npm/axios@0.21.4
Environment variable access	npm/axios@0.21.4	Env Vars: proxyEnv Location: Package overview	orphan: npm/axios@0.21.4
Network access	npm/axios@0.21.4	Module: https Location: Package overview	orphan: npm/axios@0.21.4
Network access	npm/axios@0.21.4	Module: http Location: Package overview	orphan: npm/axios@0.21.4
Unmaintained	npm/buffer-alloc@1.2.0	Last Publish: 5/29/2018, 11:41:06 PM	orphan: npm/buffer-alloc@1.2.0
Unmaintained	npm/buffer-alloc-unsafe@1.1.0	Last Publish: 5/29/2018, 11:18:40 PM	orphan: npm/buffer-alloc-unsafe@1.1.0
Unmaintained	npm/buffer-fill@1.0.0	Last Publish: 5/29/2018, 11:35:52 PM	orphan: npm/buffer-fill@1.0.0
Unmaintained	npm/deep-extend@0.6.0	Last Publish: 5/22/2018, 6:13:17 PM	orphan: npm/deep-extend@0.6.0
Dynamic require	npm/colors@1.0.3	Location: Package overview	orphan: npm/colors@1.0.3
Environment variable access	npm/picocolors@1.0.0	Env Vars: Location: Package overview	orphan: npm/picocolors@1.0.0
Environment variable access	npm/picocolors@1.0.0	Env Vars: TERM Location: Package overview	orphan: npm/picocolors@1.0.0
Environment variable access	npm/resolve@1.22.8	Env Vars: USER Location: Package overview	orphan: npm/resolve@1.22.8
Filesystem access	npm/resolve@1.22.8	Module: fs Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: USERNAME Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: USERPROFILE Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: HOMEDRIVE Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: HOMEPATH Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: HOME Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: LOGNAME Location: Package overview	orphan: npm/resolve@1.22.8
Environment variable access	npm/resolve@1.22.8	Env Vars: LNAME Location: Package overview	orphan: npm/resolve@1.22.8
Trivial Package	npm/arrify@1.0.1	Location: Package overview	orphan: npm/arrify@1.0.1
Unmaintained	npm/clone-deep@4.0.1	Last Publish: 11/22/2018, 12:00:24 AM	orphan: npm/clone-deep@4.0.1
Filesystem access	npm/filelist@1.0.4	Module: fs Location: Package overview	orphan: npm/filelist@1.0.4
Unmaintained	npm/clone@2.1.2	Last Publish: 3/21/2018, 9:21:25 PM	orphan: npm/clone@2.1.2
Dynamic require	npm/rechoir@0.6.2	Location: Package overview	orphan: npm/rechoir@0.6.2
Filesystem access	npm/shelljs@0.8.5	Module: fs Location: Package overview	orphan: npm/shelljs@0.8.5
Environment variable access	npm/shelljs@0.8.5	Env Vars: Location: Package overview	orphan: npm/shelljs@0.8.5
Dynamic require	npm/shelljs@0.8.5	Location: Package overview	orphan: npm/shelljs@0.8.5
Environment variable access	npm/shelljs@0.8.5	Env Vars: OLDPWD Location: Package overview	orphan: npm/shelljs@0.8.5
Unmaintained	npm/create-error-class@3.0.2	Last Publish: 4/5/2016, 7:14:51 AM	orphan: npm/create-error-class@3.0.2
Unmaintained	npm/unzip-response@2.0.1	Last Publish: 5/6/2017, 9:37:25 AM	orphan: npm/unzip-response@2.0.1
New author	npm/capture-stack-trace@1.0.2	New Author: sindresorhus Previous Author: floatdrop	orphan: npm/capture-stack-trace@1.0.2
Filesystem access	npm/jake@10.8.7	Module: fs Location: Package overview	orphan: npm/jake@10.8.7
Shell access	npm/jake@10.8.7	Module: child_process Location: Package overview	orphan: npm/jake@10.8.7
Environment variable access	npm/jake@10.8.7	Env Vars: Location: Package overview	orphan: npm/jake@10.8.7
Dynamic require	npm/jake@10.8.7	Location: Package overview	orphan: npm/jake@10.8.7
Dynamic require	npm/jake@10.8.7	Location: Package overview	orphan: npm/jake@10.8.7
Unmaintained	npm/jsonparse@1.3.1	Last Publish: 5/9/2017, 7:59:13 PM	orphan: npm/jsonparse@1.3.1
Trivial Package	npm/load-json-file@4.0.0	Location: Package overview	orphan: npm/load-json-file@4.0.0
Filesystem access	npm/path-type@3.0.0	Module: fs Location: Package overview	orphan: npm/path-type@3.0.0
Unmaintained	npm/is-utf8@0.2.1	Last Publish: 12/19/2015, 4:04:22 AM	orphan: npm/is-utf8@0.2.1
Unmaintained	npm/string-template@0.2.1	Last Publish: 1/7/2016, 7:53:15 PM	orphan: npm/string-template@0.2.1
Unmaintained	npm/@mrmlnc/readdir-enhanced@2.2.1	Last Publish: 2/13/2018, 5:22:19 PM	orphan: npm/@mrmlnc/readdir-enhanced@2.2.1
Filesystem access	npm/@mrmlnc/readdir-enhanced@2.2.1	Module: fs Location: Package overview	orphan: npm/@mrmlnc/readdir-enhanced@2.2.1
Unmaintained	npm/glob-to-regexp@0.3.0	Last Publish: 4/1/2019, 4:19:53 PM	orphan: npm/glob-to-regexp@0.3.0
Filesystem access	npm/@nodelib/fs.stat@1.1.3	Module: fs Location: Package overview	orphan: npm/@nodelib/fs.stat@1.1.3
Filesystem access	npm/isbinaryfile@4.0.10	Module: fs Location: Package overview	orphan: npm/isbinaryfile@4.0.10
Unmaintained	npm/clone-buffer@1.0.0	Last Publish: 9/25/2016, 5:49:20 AM	orphan: npm/clone-buffer@1.0.0
Debug access	npm/vinyl@2.2.1	Module: replace-ext Location: Package overview	orphan: npm/vinyl@2.2.1
Unmaintained	npm/clone-stats@1.0.0	Last Publish: 5/17/2016, 1:33:41 AM	orphan: npm/clone-stats@1.0.0
Filesystem access	npm/clone-stats@1.0.0	Module: fs Location: Package overview	orphan: npm/clone-stats@1.0.0
Unmaintained	npm/detect-conflict@1.0.1	Last Publish: 7/4/2016, 10:22:03 PM	orphan: npm/detect-conflict@1.0.1
Filesystem access	npm/detect-conflict@1.0.1	Module: fs Location: Package overview	orphan: npm/detect-conflict@1.0.1
Unmaintained	npm/download-stats@0.3.4	Last Publish: 3/6/2018, 11:44:47 PM	orphan: npm/download-stats@0.3.4
Dynamic require	npm/download-stats@0.3.4	Location: Package overview	orphan: npm/download-stats@0.3.4
Network access	npm/download-stats@0.3.4	Module: https Location: Package overview	orphan: npm/download-stats@0.3.4
Environment variable access	npm/editions@2.3.1	Env Vars: EDITIONS_SYNTAX_BLACKLIST Location: Package overview	orphan: npm/editions@2.3.1
Dynamic require	npm/editions@2.3.1	Location: Package overview	orphan: npm/editions@2.3.1
Dynamic require	npm/editions@2.3.1	Location: Package overview	orphan: npm/editions@2.3.1
Environment variable access	npm/editions@2.3.1	Env Vars: EDITIONS_TAG_BLACKLIST Location: Package overview	orphan: npm/editions@2.3.1
Environment variable access	npm/editions@2.3.1

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud