Renovate Bot
091cee0d43
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [eslint-plugin-security](https://github.com/eslint-community/eslint-plugin-security) | [`3.0.1` → `4.0.0`](https://renovatebot.com/diffs/npm/eslint-plugin-security/3.0.1/4.0.0) |  |  | --- ### Release Notes <details> <summary>eslint-community/eslint-plugin-security (eslint-plugin-security)</summary> ### [`v4.0.0`](https://github.com/eslint-community/eslint-plugin-security/blob/HEAD/CHANGELOG.md#400-2026-02-19) [Compare Source](https://github.com/eslint-community/eslint-plugin-security/compare/v3.0.1...eslint-plugin-security-v4.0.0) ##### ⚠ BREAKING CHANGES - requires node ^18.18.0 || ^20.9.0 || >=21.1.0 ([#​146](https://github.com/eslint-community/eslint-plugin-security/issues/146)) - switch the recommended config to flat ([#​118](https://github.com/eslint-community/eslint-plugin-security/issues/118)) ##### Features - add config recommended-legacy ([#​132](https://github.com/eslint-community/eslint-plugin-security/issues/132)) ([13d3f2f](13d3f2fc6b)) - Add meta object documentation for all rules ([#​79](https://github.com/eslint-community/eslint-plugin-security/issues/79)) ([fb1d9ef](fb1d9ef56e)) - detect-bidi-characters rule ([#​95](https://github.com/eslint-community/eslint-plugin-security/issues/95)) ([4294d29](4294d29cca)) - **detect-non-literal-fs-filename:** change to track non-top-level `require()` as well ([#​105](https://github.com/eslint-community/eslint-plugin-security/issues/105)) ([d3b1543](d3b15435b4)) - extend detect non literal fs filename ([#​92](https://github.com/eslint-community/eslint-plugin-security/issues/92)) ([08ba476](08ba4764a8)) - improve detect-child-process rule ([#​108](https://github.com/eslint-community/eslint-plugin-security/issues/108)) ([64ae529](64ae52944a)) - **non-literal-require:** support template literals ([#​81](https://github.com/eslint-community/eslint-plugin-security/issues/81)) ([208019b](208019bad4)) - requires node ^18.18.0 || ^20.9.0 || >=21.1.0 ([#​146](https://github.com/eslint-community/eslint-plugin-security/issues/146)) ([df1b606](df1b6063c1)) - switch the recommended config to flat ([#​118](https://github.com/eslint-community/eslint-plugin-security/issues/118)) ([e20a366](e20a3664c2)) ##### Bug Fixes - Add ESLint 10 compatibility for context.sourceCode API change ([#​186](https://github.com/eslint-community/eslint-plugin-security/issues/186)) ([7f9ee77](7f9ee77677)) - add name to recommended flat config ([#​161](https://github.com/eslint-community/eslint-plugin-security/issues/161)) ([aa1c8c5](aa1c8c57a2)) - Avoid crash when exec() is passed no arguments ([7f97815](7f97815acc)), closes [#​82](https://github.com/eslint-community/eslint-plugin-security/issues/82) [#​23](https://github.com/eslint-community/eslint-plugin-security/issues/23) - Avoid TypeError when exec stub is used with no arguments ([#​97](https://github.com/eslint-community/eslint-plugin-security/issues/97)) ([9c18f16](9c18f16187)) - **detect-child-process:** false positive for destructuring with `exec` ([#​102](https://github.com/eslint-community/eslint-plugin-security/issues/102)) ([657921a](657921a93f)) - **detect-child-process:** false positives for destructuring `spawn` ([#​103](https://github.com/eslint-community/eslint-plugin-security/issues/103)) ([fdfe37d](fdfe37d667)) - Ensure empty eval() doesn't crash detect-eval-with-expression ([#​139](https://github.com/eslint-community/eslint-plugin-security/issues/139)) ([8a7c7db](8a7c7db1e2)) - Ensure everything works with ESLint v9 ([#​145](https://github.com/eslint-community/eslint-plugin-security/issues/145)) ([ac50ab4](ac50ab481e)) - false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require ([#​109](https://github.com/eslint-community/eslint-plugin-security/issues/109)) ([56102b5](56102b50ae)) - generate provenance statement for release ([#​168](https://github.com/eslint-community/eslint-plugin-security/issues/168)) ([eb3ee9c](eb3ee9c38c)) - Incorrect method name in detect-buffer-noassert. ([313c0c6](313c0c693f)), closes [#​63](https://github.com/eslint-community/eslint-plugin-security/issues/63) [#​80](https://github.com/eslint-community/eslint-plugin-security/issues/80) - release-please config ([#​189](https://github.com/eslint-community/eslint-plugin-security/issues/189)) ([2443d10](2443d10c42)) ##### [3.0.1](https://www.github.com/eslint-community/eslint-plugin-security/compare/v3.0.0...v3.0.1) (2024-06-14) ##### Bug Fixes - add name to recommended flat config ([#​161](https://www.github.com/eslint-community/eslint-plugin-security/issues/161)) ([aa1c8c5](aa1c8c57a2)) ##### [3.0.1](https://www.github.com/eslint-community/eslint-plugin-security/compare/v3.0.0...v3.0.1) (2024-06-13) ##### Bug Fixes - add name to recommended flat config ([#​161](https://www.github.com/eslint-community/eslint-plugin-security/issues/161)) ([aa1c8c5](aa1c8c57a2)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My41LjQiLCJ1cGRhdGVkSW5WZXIiOiI0My41LjQiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=--> Reviewed-on: #27 Reviewed-by: t.behrendt <t.behrendt@noreply.localhost> Co-authored-by: Renovate Bot <renovate@t00n.de> Co-committed-by: Renovate Bot <renovate@t00n.de>
1.0 KiB
1.0 KiB