From 091cee0d430f2e159b6ee21fde95f6f1cd1f2f87 Mon Sep 17 00:00:00 2001
From: Renovate Bot <renovate@t00n.de>
Date: Sun, 15 Mar 2026 22:19:30 +0100
Subject: [PATCH] chore(deps): update dependency eslint-plugin-security to v4
 (#27)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [eslint-plugin-security](https://github.com/eslint-community/eslint-plugin-security) | [`3.0.1` → `4.0.0`](https://renovatebot.com/diffs/npm/eslint-plugin-security/3.0.1/4.0.0) | ![age](https://developer.mend.io/api/mc/badges/age/npm/eslint-plugin-security/4.0.0?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/eslint-plugin-security/3.0.1/4.0.0?slim=true) |

---

### Release Notes

<details>
<summary>eslint-community/eslint-plugin-security (eslint-plugin-security)</summary>

### [`v4.0.0`](https://github.com/eslint-community/eslint-plugin-security/blob/HEAD/CHANGELOG.md#400-2026-02-19)

[Compare Source](https://github.com/eslint-community/eslint-plugin-security/compare/v3.0.1...eslint-plugin-security-v4.0.0)

##### ⚠ BREAKING CHANGES

- requires node ^18.18.0 || ^20.9.0 || >=21.1.0 ([#&#8203;146](https://github.com/eslint-community/eslint-plugin-security/issues/146))
- switch the recommended config to flat ([#&#8203;118](https://github.com/eslint-community/eslint-plugin-security/issues/118))

##### Features

- add config recommended-legacy ([#&#8203;132](https://github.com/eslint-community/eslint-plugin-security/issues/132)) ([13d3f2f](https://github.com/eslint-community/eslint-plugin-security/commit/13d3f2fc6ba327c894959db30462f3fda0272f0c))
- Add meta object documentation for all rules ([#&#8203;79](https://github.com/eslint-community/eslint-plugin-security/issues/79)) ([fb1d9ef](https://github.com/eslint-community/eslint-plugin-security/commit/fb1d9ef56e0cf2705b9e413b483261df394c45e1))
- detect-bidi-characters rule ([#&#8203;95](https://github.com/eslint-community/eslint-plugin-security/issues/95)) ([4294d29](https://github.com/eslint-community/eslint-plugin-security/commit/4294d29cca8af5c627de759919add6dd698644ba))
- **detect-non-literal-fs-filename:** change to track non-top-level `require()` as well ([#&#8203;105](https://github.com/eslint-community/eslint-plugin-security/issues/105)) ([d3b1543](https://github.com/eslint-community/eslint-plugin-security/commit/d3b15435b45b9ac2ee5f0d3249f590e32369d7d2))
- extend detect non literal fs filename ([#&#8203;92](https://github.com/eslint-community/eslint-plugin-security/issues/92)) ([08ba476](https://github.com/eslint-community/eslint-plugin-security/commit/08ba4764a83761f6f44cb28940923f1d25f88581))
- improve detect-child-process rule ([#&#8203;108](https://github.com/eslint-community/eslint-plugin-security/issues/108)) ([64ae529](https://github.com/eslint-community/eslint-plugin-security/commit/64ae52944a86f9d9daee769acd63ebbdfc5b6631))
- **non-literal-require:** support template literals ([#&#8203;81](https://github.com/eslint-community/eslint-plugin-security/issues/81)) ([208019b](https://github.com/eslint-community/eslint-plugin-security/commit/208019bad4f70a142ab1f0ea7238c37cb70d1a5a))
- requires node ^18.18.0 || ^20.9.0 || >=21.1.0 ([#&#8203;146](https://github.com/eslint-community/eslint-plugin-security/issues/146)) ([df1b606](https://github.com/eslint-community/eslint-plugin-security/commit/df1b6063c1224e1163dfdc37c96b64bb52d816bb))
- switch the recommended config to flat ([#&#8203;118](https://github.com/eslint-community/eslint-plugin-security/issues/118)) ([e20a366](https://github.com/eslint-community/eslint-plugin-security/commit/e20a3664c2f638466286ae9a97515722fc98f97c))

##### Bug Fixes

- Add ESLint 10 compatibility for context.sourceCode API change ([#&#8203;186](https://github.com/eslint-community/eslint-plugin-security/issues/186)) ([7f9ee77](https://github.com/eslint-community/eslint-plugin-security/commit/7f9ee77677744f7029c545d714d57f0966b3387e))
- add name to recommended flat config ([#&#8203;161](https://github.com/eslint-community/eslint-plugin-security/issues/161)) ([aa1c8c5](https://github.com/eslint-community/eslint-plugin-security/commit/aa1c8c57a2df4ce64a202808c5642a41b47d4519))
- Avoid crash when exec() is passed no arguments ([7f97815](https://github.com/eslint-community/eslint-plugin-security/commit/7f97815accf6bcd87de73c32a967946b1b3b0530)), closes [#&#8203;82](https://github.com/eslint-community/eslint-plugin-security/issues/82) [#&#8203;23](https://github.com/eslint-community/eslint-plugin-security/issues/23)
- Avoid TypeError when exec stub is used with no arguments ([#&#8203;97](https://github.com/eslint-community/eslint-plugin-security/issues/97)) ([9c18f16](https://github.com/eslint-community/eslint-plugin-security/commit/9c18f16187719b58cc5dfde9860344bad823db28))
- **detect-child-process:** false positive for destructuring with `exec` ([#&#8203;102](https://github.com/eslint-community/eslint-plugin-security/issues/102)) ([657921a](https://github.com/eslint-community/eslint-plugin-security/commit/657921a93f6f73c0de6113e497b22e7cf079f520))
- **detect-child-process:** false positives for destructuring `spawn` ([#&#8203;103](https://github.com/eslint-community/eslint-plugin-security/issues/103)) ([fdfe37d](https://github.com/eslint-community/eslint-plugin-security/commit/fdfe37d667367e5fd228c26573a1791c81a044d2))
- Ensure empty eval() doesn't crash detect-eval-with-expression ([#&#8203;139](https://github.com/eslint-community/eslint-plugin-security/issues/139)) ([8a7c7db](https://github.com/eslint-community/eslint-plugin-security/commit/8a7c7db1e2b49e2831d510b8dc1db235dee0edf0))
- Ensure everything works with ESLint v9 ([#&#8203;145](https://github.com/eslint-community/eslint-plugin-security/issues/145)) ([ac50ab4](https://github.com/eslint-community/eslint-plugin-security/commit/ac50ab481ed63d7262513186136ca1429d3b8290))
- false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require ([#&#8203;109](https://github.com/eslint-community/eslint-plugin-security/issues/109)) ([56102b5](https://github.com/eslint-community/eslint-plugin-security/commit/56102b50aed4bd632dd668770eb37de58788110b))
- generate provenance statement for release ([#&#8203;168](https://github.com/eslint-community/eslint-plugin-security/issues/168)) ([eb3ee9c](https://github.com/eslint-community/eslint-plugin-security/commit/eb3ee9c38cfd51e13c7a4061f5794db7347c90e5))
- Incorrect method name in detect-buffer-noassert. ([313c0c6](https://github.com/eslint-community/eslint-plugin-security/commit/313c0c693f48aa85d0c9b65a46f6c620cd10f907)), closes [#&#8203;63](https://github.com/eslint-community/eslint-plugin-security/issues/63) [#&#8203;80](https://github.com/eslint-community/eslint-plugin-security/issues/80)
- release-please config ([#&#8203;189](https://github.com/eslint-community/eslint-plugin-security/issues/189)) ([2443d10](https://github.com/eslint-community/eslint-plugin-security/commit/2443d10c428724757fac230384ff0692bbd50485))

##### [3.0.1](https://www.github.com/eslint-community/eslint-plugin-security/compare/v3.0.0...v3.0.1) (2024-06-14)

##### Bug Fixes

- add name to recommended flat config ([#&#8203;161](https://www.github.com/eslint-community/eslint-plugin-security/issues/161)) ([aa1c8c5](https://www.github.com/eslint-community/eslint-plugin-security/commit/aa1c8c57a2df4ce64a202808c5642a41b47d4519))

##### [3.0.1](https://www.github.com/eslint-community/eslint-plugin-security/compare/v3.0.0...v3.0.1) (2024-06-13)

##### Bug Fixes

- add name to recommended flat config ([#&#8203;161](https://www.github.com/eslint-community/eslint-plugin-security/issues/161)) ([aa1c8c5](https://www.github.com/eslint-community/eslint-plugin-security/commit/aa1c8c57a2df4ce64a202808c5642a41b47d4519))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41LjQiLCJ1cGRhdGVkSW5WZXIiOiI0My41LjQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Reviewed-on: https://gitea.t000-n.de/t.behrendt/outline-mcp/pulls/27
Reviewed-by: t.behrendt <t.behrendt@noreply.localhost>
Co-authored-by: Renovate Bot <renovate@t00n.de>
Co-committed-by: Renovate Bot <renovate@t00n.de>
---
 bun.lock     | 4 ++--
 package.json | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/bun.lock b/bun.lock
index 09e072b..a1ac1d4 100644
--- a/bun.lock
+++ b/bun.lock
@@ -21,7 +21,7 @@
         "eslint": "9.39.2",
         "eslint-plugin-import": "2.32.0",
         "eslint-plugin-prettier": "5.5.5",
-        "eslint-plugin-security": "3.0.1",
+        "eslint-plugin-security": "4.0.0",
         "eslint-plugin-unicorn": "61.0.2",
         "typescript-eslint": "8.55.0",
       },
@@ -439,7 +439,7 @@
 
     "eslint-plugin-prettier": ["eslint-plugin-prettier@5.5.5", "", { "dependencies": { "prettier-linter-helpers": "^1.0.1", "synckit": "^0.11.12" }, "peerDependencies": { "@types/eslint": ">=8.0.0", "eslint": ">=8.0.0", "eslint-config-prettier": ">= 7.0.0 <10.0.0 || >=10.1.0", "prettier": ">=3.0.0" }, "optionalPeers": ["@types/eslint", "eslint-config-prettier"] }, "sha512-hscXkbqUZ2sPithAuLm5MXL+Wph+U7wHngPBv9OMWwlP8iaflyxpjTYZkmdgB4/vPIhemRlBEoLrH7UC1n7aUw=="],
 
-    "eslint-plugin-security": ["eslint-plugin-security@3.0.1", "", { "dependencies": { "safe-regex": "^2.1.1" } }, "sha512-XjVGBhtDZJfyuhIxnQ/WMm385RbX3DBu7H1J7HNNhmB2tnGxMeqVSnYv79oAj992ayvIBZghsymwkYFS6cGH4Q=="],
+    "eslint-plugin-security": ["eslint-plugin-security@4.0.0", "", { "dependencies": { "safe-regex": "^2.1.1" } }, "sha512-tfuQT8K/Li1ZxhFzyD8wPIKtlzZxqBcPr9q0jFMQ77wWAbKBVEhaMPVQRTMTvCMUDhwBe5vPVqQPwAGk/ASfxQ=="],
 
     "eslint-plugin-unicorn": ["eslint-plugin-unicorn@61.0.2", "", { "dependencies": { "@babel/helper-validator-identifier": "^7.27.1", "@eslint-community/eslint-utils": "^4.7.0", "@eslint/plugin-kit": "^0.3.3", "change-case": "^5.4.4", "ci-info": "^4.3.0", "clean-regexp": "^1.0.0", "core-js-compat": "^3.44.0", "esquery": "^1.6.0", "find-up-simple": "^1.0.1", "globals": "^16.3.0", "indent-string": "^5.0.0", "is-builtin-module": "^5.0.0", "jsesc": "^3.1.0", "pluralize": "^8.0.0", "regexp-tree": "^0.1.27", "regjsparser": "^0.12.0", "semver": "^7.7.2", "strip-indent": "^4.0.0" }, "peerDependencies": { "eslint": ">=9.29.0" } }, "sha512-zLihukvneYT7f74GNbVJXfWIiNQmkc/a9vYBTE4qPkQZswolWNdu+Wsp9sIXno1JOzdn6OUwLPd19ekXVkahRA=="],
 
diff --git a/package.json b/package.json
index 6fcebf7..047ff84 100644
--- a/package.json
+++ b/package.json
@@ -25,7 +25,7 @@
     "eslint": "9.39.2",
     "eslint-plugin-import": "2.32.0",
     "eslint-plugin-prettier": "5.5.5",
-    "eslint-plugin-security": "3.0.1",
+    "eslint-plugin-security": "4.0.0",
     "eslint-plugin-unicorn": "61.0.2",
     "typescript-eslint": "8.55.0"
   },