Bump eslint from 9.17.0 to 9.18.0 #35
Conversation
Bumps [eslint](https://github.com/eslint/eslint) from 9.17.0 to 9.18.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](eslint/eslint@v9.17.0...v9.18.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
Minder Vulnerability Report ✅Minder analyzed this PR and found it does not add any new vulnerable dependencies.
|
ghost
left a comment
ghost
left a comment
There was a problem hiding this comment.
Dependency Information
Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.
📦 Dependency: @eslint/core
Trusty Score: 0
Scoring details
| Component | Score |
|---|---|
| Package activity | 5.8 |
| Repository activity | 3.4 |
| User activity | 8.3 |
| Provenance | historical_provenance_match |
Proof of Origin (Provenance)
This package can be linked back to its source code using a historical provenance map.
We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
| Published package versions | 11 |
| Number of git tags or releases | 120 |
| Versions matched to tags or releases | 11 |
Alternatives
| Package | Score | Description |
|---|---|---|
| eslint-config-prettier | 0 | |
| eslint-plugin-eslint-comments | 0 |
📦 Dependency: @eslint/js
Trusty Score: 0
Scoring details
| Component | Score |
|---|---|
| Package activity | 8.8 |
| Repository activity | 8.6 |
| User activity | 9 |
| Provenance | historical_provenance_match |
Proof of Origin (Provenance)
This package can be linked back to its source code using a historical provenance map.
We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
| Published package versions | 56 |
| Number of git tags or releases | 133 |
| Versions matched to tags or releases | 51 |
📦 Dependency: @eslint/plugin-kit
Trusty Score: 0
Scoring details
| Component | Score |
|---|---|
| Package activity | 5.8 |
| Repository activity | 3.4 |
| User activity | 8.3 |
| Provenance | historical_provenance_match |
Proof of Origin (Provenance)
This package can be linked back to its source code using a historical provenance map.
We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
| Published package versions | 7 |
| Number of git tags or releases | 120 |
| Versions matched to tags or releases | 7 |
📦 Dependency: eslint
Trusty Score: 0
Scoring details
| Component | Score |
|---|---|
| Package activity | 8.8 |
| Repository activity | 8.6 |
| User activity | 9 |
| Provenance | historical_provenance_match |
Proof of Origin (Provenance)
This package can be linked back to its source code using a historical provenance map.
We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
| Published package versions | 377 |
| Number of git tags or releases | 134 |
| Versions matched to tags or releases | 134 |
|
Superseded by #37. |
Bumps eslint from 9.17.0 to 9.18.0.
Release notes
Sourced from eslint's releases.
... (truncated)
Changelog
Sourced from eslint's changelog.
... (truncated)
Commits
1c87b419.18.04df3132Build: changelog update for 9.18.0c52be85chore: upgrade to@eslint/js@9.18.0(#19330)362099cchore: package.json update for@eslint/jsrelease9486141deps: upgrade@eslint/coreand@eslint/plugin-kit(#19329)d9c23c5docs: replacevarwithconstin rule examples (#19325)8e1a898docs: add tabs to cli code blocks (#18784)f3aeefbdocs: rewrite using let and const in rule examples (#19320)0b680b3docs: Update README98c86a9docs:Edit this pagebutton link to different branches (#19228)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)