[Snyk] Upgrade eslint-plugin-react from 7.23.2 to 7.33.1 #261

Loonz206 · 2023-08-20T20:04:04Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade eslint-plugin-react from 7.23.2 to 7.33.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 35 versions ahead of your current version.
The recommended version was released 22 days ago, on 2023-07-29.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Sandbox Bypass SNYK-JS-WEBPACK-3358798	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Prototype Pollution SNYK-JS-LOADERUTILS-3043105	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Prototype Pollution SNYK-JS-MONGOOSE-2961688	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Prototype Pollution SNYK-JS-MONGOOSE-5777721	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Prototype Poisoning SNYK-JS-QS-3153490	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIMOFFNEWLINES-1296850	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Information Exposure SNYK-JS-NANOID-2332193	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Session Fixation SNYK-JS-PASSPORT-2840631	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Open Redirect SNYK-JS-GOT-2932019	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: eslint-plugin-react

7.33.1 - 2023-07-29
Fixed
- require-default-props: fix config schema (#3605 @ controversial)
- jsx-curly-brace-presence: Revert #3538 due to issues with intended string type casting usage (#3611 @ taozhou-glean)
- sort-prop-types: ensure sort-prop-types respects noSortAlphabetically (#3610 @ caesar1030)
7.33.0 - 2023-07-20
Added
- display-name: add checkContextObjects option (#3529 @ JulesBlm)
- jsx-first-prop-new-line: add multiprop option (#3533 @ haydncomley)
- no-deprecated: add React 18 deprecations (#3548 @ sergei-startsev)
- forbid-component-props: add disallowedFor option (#3417 @ jacketwpbb)
Fixed
- no-array-index-key: consider flatMap (#3530 @ k-yle)
- jsx-curly-brace-presence: handle single and only expression template literals (#3538 @ taozhou-glean)
- no-unknown-property: allow onLoad on source (@ ljharb)
- jsx-first-prop-new-line: ensure autofix preserves generics in component name (#3546 @ ljharb)
- no-unknown-property: allow fill prop on <symbol> (#3555 @ stefanprobst)
- display-name, prop-types: when checking for a capitalized name, ignore underscores entirely (#3560 @ ljharb)
- no-unused-state: avoid crashing on a class field function with destructured state (#3568 @ ljharb)
- no-unused-prop-types: allow using spread with object expression in jsx (#3570 @ akulsr0)
- Revert "destructuring-assignment: Handle destructuring of useContext in SFC" (#3583 #2797 @ 102)
- prefer-read-only-props: add TS support (#3593 @ HenryBrown0)
Changed
- [Docs] jsx-newline, no-unsafe, static-property-placement: Fix code syntax highlighting (#3563 @ nbsp1221)
- [readme] resore configuration URL (#3582 @ gokaygurcan)
- [Docs] jsx-no-bind: reword performance rationale (#3581 @ gpoole)
- [Docs] jsx-first-prop-new-line: add missing multiprop value (#3598 @ dzek69)
7.32.2 - 2023-01-29
Fixed
- configs: restore parserOptions in legacy configs ([#3523][] @ ljharb)
- jsx-no-constructed-context-values, jsx-no-useless-fragment: add a rule schema (@ ljharb)
  ( no-unknown-property: add fill for <marker> (#3525 @ alexey-koran)
7.32.1 - 2023-01-16
Fixed
- prevent circular dependency in index and "all" config (#3519 @ ljharb)
- destructuring-assignment: do not force destructuring of optionally chained properties (#3520 @ ljharb)
7.32.0 - 2023-01-11
Read more
7.31.11 - 2022-11-18
Fixed
- jsx-no-target-blank: allow ternaries with literals (#3464 @ akulsr0)
- no-unknown-property: add inert attribute (#3484 @ ljharb)
- jsx-key: detect keys in logical expression and conditional expression (#3490 @ metreniuk)
Changed
- [Perf] component detection: improve performance by avoiding traversing parents unnecessarily (#3459 @ golopot)
- [Docs] forbid-component-props: inclusive language w/ allowlist (#3473 @ AndersDJohnson)
- [Docs] automate doc generation with eslint-doc-generator (#3469 @ bmish)
7.31.10 - 2022-10-10
Fixed
- no-unknown-property: allow allowFullScreen on iframe (#3455 @ almeidx)
7.31.9 - 2022-10-09
Read more
7.31.8 - 2022-09-09
Read more
7.31.7 - 2022-09-05
Read more
7.31.6 - 2022-09-04
7.31.5 - 2022-09-04
7.31.4 - 2022-09-03
7.31.3 - 2022-09-03
7.31.2 - 2022-09-02
7.31.1 - 2022-08-26
7.31.0 - 2022-08-24
7.30.2 - 2022-08-24
7.30.1 - 2022-06-23
7.30.0 - 2022-05-18
7.29.4 - 2022-03-13
7.29.3 - 2022-03-03
7.29.2 - 2022-02-26
7.29.1 - 2022-02-25
7.29.0 - 2022-02-25
7.28.0 - 2021-12-22
7.27.1 - 2021-11-19
7.27.0 - 2021-11-10
7.26.1 - 2021-09-30
7.26.0 - 2021-09-21
7.25.3 - 2021-09-19
7.25.2 - 2021-09-16
7.25.1 - 2021-08-30
7.25.0 - 2021-08-29
7.24.0 - 2021-05-29
7.23.2 - 2021-04-08

from eslint-plugin-react GitHub release notes

Commit messages

Package name: eslint-plugin-react

354cb62 Update CHANGELOG and bump version
26e9578 [Refactor] use `slice` instead of `substring`
1629d44 [eslint] fix import ordering
3c11201 [Fix] `sort-prop-types`: ensure sort-prop-types respects noSortAlphabetically
302925b [Tests] remove or make explicit trailing whitespace
f818096 Revert "[Fix] `jsx-curly-brace-presence`: handle single and only expression template literals"
1a3a17a [Fix] `require-default-props`: fix config schema
31282dd Update CHANGELOG and bump version
4e72b82 [Docs] `jsx-first-prop-new-line`: add missing `multiprop` value
9c5ac98 [Fix] `prefer-read-only-props`: add TS support
fa1c277 [Deps] update `semver`
bf1fc74 [Dev Deps] update `@ babel/core`, `@ babel/eslint-parser`, `aud`
9fdcba7 [Dev Deps] update `@ babel/core`, `@ babel/eslint-parser`, `@ babel/plugin-syntax-decorators`, `@ babel/plugin-syntax-do-expressions`, `@ babel/plugin-syntax-function-bind`, `@ babel/preset-react`, `eslint-remote-tester-repositories`
ae64aa8 [Docs] `jsx-no-bind`: reword performance rationale
7f655f8 Revert "[Fix] `destructuring-assignment`: Handle destructuring of useContext in SFC"
693860f [readme] resore configuration URL
747fad0 [Fix] `no-unused-prop-types`: allow using spread with object expression in jsx
13f5c19 [Docs] `jsx-newline`, `no-unsafe`, `static-property-placement`: Fix code syntax highlighting
f2d8d26 [Fix] `no-unused-state`: avoid crashing on a class field function with destructured state
0855e5f [Dev Deps] pin `jackspeak` since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
15e3a33 [actions] split node tests into multiple workflows
4a92667 [New] `forbid-component-props`: add `disallowedFor` option
477f36d [Refactor] `forbid-component-props`: tweak formatting
1fc7d34 [Fix] `display-name`, `prop-types`: when checking for a capitalized name, ignore underscores entirely