CycloneDX / cyclonedx-node-npm

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.
https://cyclonedx.org/
Apache License 2.0
73 stars 20 forks source link

chore(deps-dev): bump the eslint group with 2 updates #1152

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 9 months ago

Bumps the eslint group with 2 updates: @typescript-eslint/eslint-plugin and eslint-plugin-simple-import-sort.

Updates @typescript-eslint/eslint-plugin from 6.20.0 to 6.21.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v6.21.0

6.21.0 (2024-02-05)

🚀 Features

  • export plugin metadata (#8331)
  • allow parserOptions.project: false (#8339)
  • eslint-plugin: add rule prefer-find (#8216)
  • typescript-estree: forbid duplicated accessibility modifiers (#8257)
  • utils: improve eslint types (#8344)

🩹 Fixes

  • ast-spec: add JSXElement type to the JSXAttribute['value'] (#8285)
  • eslint-plugin: [no-unused-vars] don't report on types referenced in export assignment expression (#8265)
  • eslint-plugin: [switch-exhaustiveness-check] better support for intersections, infinite types, non-union values (#8250)
  • eslint-plugin: [consistent-type-imports] dont report on types used in export assignment expressions (#8332)
  • eslint-plugin: [no-unnecessary-condition] handle left-hand optional with exactOptionalPropertyTypes option (#8249)
  • eslint-plugin: [class-literal-property-style] allow getter when same key setter exists (#8277)
  • eslint-plugin: [no-unnecessary-type-assertion] provide valid fixes for assertions with extra tokens before as keyword (#8326)
  • rule-tester: fix a phantom dependency on the "semver" package (#8260)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

6.21.0 (2024-02-05)

🚀 Features

  • export plugin metadata

  • allow parserOptions.project: false

  • eslint-plugin: add rule prefer-find

🩹 Fixes

  • eslint-plugin: [no-unused-vars] don't report on types referenced in export assignment expression

  • eslint-plugin: [switch-exhaustiveness-check] better support for intersections, infinite types, non-union values

  • eslint-plugin: [consistent-type-imports] dont report on types used in export assignment expressions

  • eslint-plugin: [no-unnecessary-condition] handle left-hand optional with exactOptionalPropertyTypes option

  • eslint-plugin: [class-literal-property-style] allow getter when same key setter exists

  • eslint-plugin: [no-unnecessary-type-assertion] provide valid fixes for assertions with extra tokens before as keyword

❤️ Thank You

  • auvred
  • Brad Zacher
  • Kirk Waiblinger
  • Pete Gonzalez
  • YeonJuan

You can read about our versioning strategy and releases on our website.

Commits
  • 289ee88 chore(release): publish 6.21.0
  • f892a72 docs(eslint-plugin): mention alternatives in no-explicit-any (#8370)
  • aa5edf7 chore(deps): update dependency prettier to v3.2.4 (#8357)
  • 1d7447f chore(eslint-plugin): [no-invalid-void-type] fix Options typing to reflect ...
  • e2b46e0 fix(eslint-plugin): [no-unnecessary-type-assertion] provide valid fixes for a...
  • 3bbb78d feat(eslint-plugin): add rule prefer-find (#8216)
  • 9883ee2 feat: export plugin metadata (#8331)
  • 69bd501 fix(eslint-plugin): [class-literal-property-style] allow getter when same key...
  • cd5dff8 chore: bump eslint versions (#8338)
  • 8d62ee6 chore: remove unnecessary eslint-disable comments (#8336)
  • Additional commits viewable in compare view


Updates eslint-plugin-simple-import-sort from 10.0.0 to 12.0.0

Changelog

Sourced from eslint-plugin-simple-import-sort's changelog.

Version 12.0.0 (2024-02-10)

This release removes the support for import assignments added in version 11.0.0:

  • Turns out it was broken in some cases.
  • The suggested fix went past my complexity tolerance for such an esoteric feature.
  • I also learned that they aren’t really imports, and that I don’t understand their semantics well enough to know how sorting them affects your program.

If you miss the support for import assignments, I suggest you write your own ESLint rule which moves them out of the way from the actual imports, sorting them or not.

Version 11.0.0 (2024-02-08)

This release adds support for TypeScript import assignments (import A = B.C and import A = require("module")). Thanks to Szabolcs Kurdi (@​szku01) and Svyatoslav Zaytsev (@​MillerSvt)!

It’s only a breaking change if you use TypeScript import assignments, and only in the form that you need to autofix your files.

In other news, this release adds the meta plugin property in preparation for ESLint Flat Config, and avoids the deprecated context.getSourceCode() method (while still being backwards compatible).

Commits
  • 611d87b eslint-plugin-simple-import-sort v12.0.0
  • 2480727 Update comments
  • 6de7a10 Revert "Add support for TypeScript import assignments (#149)" (#158)
  • 289f75b eslint-plugin-simple-import-sort v11.0.0
  • db0a55a Add meta property and flat config docs (#155)
  • 4c7cb45 Avoid deprecated context.getSourceCode() (#154)
  • c07aeca Add support for TypeScript import assignments (#149)
  • c641891 Fix link to dprint configuration
  • c31798c Bump @​babel/traverse from 7.20.12 to 7.23.2 (#147)
  • 343ac29 Bump word-wrap from 1.2.3 to 1.2.4 (#141)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions