Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump eslint from 9.17.0 to 9.18.0 #51

Merged
merged 2 commits into from
Jan 15, 2025
Merged

Bump eslint from 9.17.0 to 9.18.0 #51

merged 2 commits into from
Jan 15, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 11, 2025
edited
Loading

Bumps eslint from 9.17.0 to 9.18.0.

Release notes

Sourced from eslint's releases.

v9.18.0

Features

  • e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
  • 8efc2d0 feat: unflag TypeScript config files (#19266) (Francesco Trotta)
  • 87a9352 feat: check imports and class names in no-shadow-restricted-names (#19272) (Milos Djermanovic)

Bug Fixes

  • da768d4 fix: correct overrideConfigFile type (#19289) (Francesco Trotta)

Documentation

  • d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
  • 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
  • f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
  • 0b680b3 docs: Update README (GitHub Actions Bot)
  • 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
  • 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
  • 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
  • 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
  • c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
  • 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
  • db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
  • 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)
  • 36ef8bb docs: rewrite examples with var using let and const (#19298) (Amaresh S M)
  • 1610c9e docs: add missing backticks to no-else-return (#19309) (루밀LuMir)
  • df409d8 docs: Update README (GitHub Actions Bot)
  • 2e84213 docs: Fix Horizontal Scroll Overflow in Rule Description on Mobile View (#19304) (Amaresh S M)
  • 6e7361b docs: replace var with let and const in rule example (#19302) (Tanuj Kanti)
  • 069af5e docs: rewrite var using const in rule examples (#19303) (Kim GyeonWon)
  • 064e35d docs: remove 'I hope to' comments from scope-manager-interface (#19300) (Josh Goldberg ✨)
  • 8e00305 docs: replace var with const in rule examples (#19299) (Tanuj Kanti)
  • a559009 docs: Add warning about extending core rules (#19295) (Nicholas C. Zakas)
  • 0bfdf6c docs: Update README (GitHub Actions Bot)
  • ce0b9ff docs: add navigation link for code explorer (#19285) (Tanuj Kanti)
  • e255cc9 docs: add bluesky icon to footer (#19290) (Tanuj Kanti)
  • 5d64851 docs: remove outdated info about environments (#19296) (Francesco Trotta)
  • eec01f0 docs: switch rule examples config format to languageOptions (#19277) (Milos Djermanovic)
  • b36ca0a docs: Fixing Focus Order by Rearranging Element Sequence (#19241) (Amaresh S M)
  • d122c8a docs: add missing backticks to sort-imports (#19282) (루밀LuMir)
  • 0367a70 docs: update custom parser docs (#19288) (Francesco Trotta)
  • 8c07ebb docs: add border-radius to hX:target selector styles (#19270) (루밀LuMir)
  • eff7c57 docs: add limitation section in no-loop-func (#19287) (Tanuj Kanti)
  • 5db226f docs: add missing backticks in various parts of the documentation (#19269) (루밀LuMir)
  • 789edbb docs: Update README (GitHub Actions Bot)
  • 613c06a docs: mark rules that are frozen with ❄️ (#19231) (Amaresh S M)
  • 43172ec docs: Update README (GitHub Actions Bot)
  • ac8b3c4 docs: fix description of overrideConfigFile option (#19262) (Milos Djermanovic)
  • bbb9b46 docs: Update README (GitHub Actions Bot)
  • 995b492 docs: fix inconsistent divider in rule categories box (#19249) (Tanuj Kanti)
  • f76d05d docs: Refactor search result handling with better event listener cleanup (#19252) (Amaresh S M)
  • c5f3d7d docs: Update README (GitHub Actions Bot)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.18.0 - January 10, 2025

  • c52be85 chore: upgrade to @eslint/[email protected] (#19330) (Francesco Trotta)
  • 362099c chore: package.json update for @​eslint/js release (Jenkins)
  • 9486141 deps: upgrade @eslint/core and @eslint/plugin-kit (#19329) (Francesco Trotta)
  • d9c23c5 docs: replace var with const in rule examples (#19325) (Tanuj Kanti)
  • 8e1a898 docs: add tabs to cli code blocks (#18784) (Jay)
  • f3aeefb docs: rewrite using let and const in rule examples (#19320) (PoloSpark)
  • 0b680b3 docs: Update README (GitHub Actions Bot)
  • 98c86a9 docs: Edit this page button link to different branches (#19228) (Tanuj Kanti)
  • 6947901 docs: remove hardcoded edit link (#19323) (Milos Djermanovic)
  • 03f2f44 docs: rewrite var with const in rules examples (#19317) (Thiago)
  • 26c3003 docs: Clarify dangers of eslint:all (#19318) (Nicholas C. Zakas)
  • c038257 docs: add eqeqeq in related rules to no-eq-null (#19310) (루밀LuMir)
  • 89c8fc5 docs: rewrite examples with var using let and const (#19315) (Amaresh S M)
  • 495aa49 chore: extract package name from package.json for public interface (#19314) (루밀LuMir)
  • db574c4 docs: add missing backticks to no-void (#19313) (루밀LuMir)
  • 8d943c3 docs: add missing backticks to default-case-last (#19311) (루밀LuMir)
  • 36ef8bb docs: rewrite examples with var using let and const (#19298) (Amaresh S M)
  • 1610c9e docs: add missing backticks to no-else-return (#19309) (루밀LuMir)
  • df409d8 docs: Update README (GitHub Actions Bot)
  • e84e6e2 feat: Report allowed methods for no-console rule (#19306) (Anna Bocharova)
  • 2e84213 docs: Fix Horizontal Scroll Overflow in Rule Description on Mobile View (#19304) (Amaresh S M)
  • 6e7361b docs: replace var with let and const in rule example (#19302) (Tanuj Kanti)
  • 069af5e docs: rewrite var using const in rule examples (#19303) (Kim GyeonWon)
  • 064e35d docs: remove 'I hope to' comments from scope-manager-interface (#19300) (Josh Goldberg ✨)
  • 8e00305 docs: replace var with const in rule examples (#19299) (Tanuj Kanti)
  • a559009 docs: Add warning about extending core rules (#19295) (Nicholas C. Zakas)
  • 0bfdf6c docs: Update README (GitHub Actions Bot)
  • ce0b9ff docs: add navigation link for code explorer (#19285) (Tanuj Kanti)
  • e255cc9 docs: add bluesky icon to footer (#19290) (Tanuj Kanti)
  • 5d64851 docs: remove outdated info about environments (#19296) (Francesco Trotta)
  • eec01f0 docs: switch rule examples config format to languageOptions (#19277) (Milos Djermanovic)
  • b36ca0a docs: Fixing Focus Order by Rearranging Element Sequence (#19241) (Amaresh S M)
  • d122c8a docs: add missing backticks to sort-imports (#19282) (루밀LuMir)
  • 0367a70 docs: update custom parser docs (#19288) (Francesco Trotta)
  • da768d4 fix: correct overrideConfigFile type (#19289) (Francesco Trotta)
  • 8c07ebb docs: add border-radius to hX:target selector styles (#19270) (루밀LuMir)
  • eff7c57 docs: add limitation section in no-loop-func (#19287) (Tanuj Kanti)
  • 8efc2d0 feat: unflag TypeScript config files (#19266) (Francesco Trotta)
  • 87a9352 feat: check imports and class names in no-shadow-restricted-names (#19272) (Milos Djermanovic)
  • 5db226f docs: add missing backticks in various parts of the documentation (#19269) (루밀LuMir)
  • 789edbb docs: Update README (GitHub Actions Bot)
  • 613c06a docs: mark rules that are frozen with ❄️ (#19231) (Amaresh S M)
  • 43172ec docs: Update README (GitHub Actions Bot)
  • ac8b3c4 docs: fix description of overrideConfigFile option (#19262) (Milos Djermanovic)
  • 6fe0e72 chore: update dependency @​eslint/json to ^0.9.0 (#19263) (renovate[bot])
  • bbb9b46 docs: Update README (GitHub Actions Bot)
  • 995b492 docs: fix inconsistent divider in rule categories box (#19249) (Tanuj Kanti)
  • f76d05d docs: Refactor search result handling with better event listener cleanup (#19252) (Amaresh S M)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 11, 2025
@stacklok-cloud-staging Stacklok Cloud (Staging)
Copy link

stacklok-cloud-staging bot commented Jan 11, 2025
edited
Loading

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of 1c301c57:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 11, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

📦 Dependency: @eslint/js

Trusty Score: 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

📦 Dependency: eslint

Trusty Score: 0

Alternatives
Package Score Description
standard 0
xo 0

@coveralls
Copy link
Collaborator

coveralls commented Jan 11, 2025
edited
Loading

Pull Request Test Coverage Report for Build 12791940884

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 69.536%
Totals Coverage Status
Change from base Build 12791936740: 0.0%
Covered Lines: 421
Relevant Lines: 526
💛 - Coveralls

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-9.18.0 branch from f873f00 to c782d4f Compare January 15, 2025 09:26
stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 15, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 11
Number of git tags or releases 120
Versions matched to tags or releases 11
Alternatives
Package Score Description
eslint-config-prettier 0
eslint-plugin-eslint-comments 0

📦 Dependency: @eslint/js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 56
Number of git tags or releases 133
Versions matched to tags or releases 51
Alternatives
Package Score Description
standard 0
xo 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 120
Versions matched to tags or releases 7

📦 Dependency: eslint

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 377
Number of git tags or releases 134
Versions matched to tags or releases 134
Alternatives
Package Score Description
standard 0
xo 0

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-9.18.0 branch from c782d4f to 7a29735 Compare January 15, 2025 10:38
stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 15, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 11
Number of git tags or releases 120
Versions matched to tags or releases 11
Alternatives
Package Score Description
eslint-config-prettier 0
eslint-plugin-eslint-comments 0

📦 Dependency: @eslint/js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 56
Number of git tags or releases 133
Versions matched to tags or releases 51
Alternatives
Package Score Description
standard 0
xo 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 120
Versions matched to tags or releases 7

📦 Dependency: eslint

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 377
Number of git tags or releases 134
Versions matched to tags or releases 134
Alternatives
Package Score Description
standard 0
xo 0

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-9.18.0 branch from 7a29735 to 571f9d7 Compare January 15, 2025 11:22
stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 15, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 11
Number of git tags or releases 120
Versions matched to tags or releases 11
Alternatives
Package Score Description
eslint-config-prettier 0
eslint-plugin-eslint-comments 0

📦 Dependency: @eslint/js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 56
Number of git tags or releases 133
Versions matched to tags or releases 51
Alternatives
Package Score Description
standard 0
xo 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 120
Versions matched to tags or releases 7

📦 Dependency: eslint

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 377
Number of git tags or releases 134
Versions matched to tags or releases 134
Alternatives
Package Score Description
standard 0
xo 0

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-9.18.0 branch from 571f9d7 to 13a42fc Compare January 15, 2025 11:26
stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 15, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 11
Number of git tags or releases 120
Versions matched to tags or releases 11
Alternatives
Package Score Description
eslint-config-prettier 0
eslint-plugin-eslint-comments 0

📦 Dependency: @eslint/js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 56
Number of git tags or releases 133
Versions matched to tags or releases 51
Alternatives
Package Score Description
standard 0
xo 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 120
Versions matched to tags or releases 7

📦 Dependency: eslint

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 377
Number of git tags or releases 134
Versions matched to tags or releases 134
Alternatives
Package Score Description
standard 0
xo 0

@dependabot
Bump eslint from 9.17.0 to 9.18.0
c8d3a54 
Bumps [eslint](https://github.com/eslint/eslint) from 9.17.0 to 9.18.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.17.0...v9.18.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/eslint-9.18.0 branch from 13a42fc to c8d3a54 Compare January 15, 2025 14:06
stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 15, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 11
Number of git tags or releases 120
Versions matched to tags or releases 11
Alternatives
Package Score Description
eslint-config-prettier 0
eslint-plugin-eslint-comments 0

📦 Dependency: @eslint/js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 56
Number of git tags or releases 133
Versions matched to tags or releases 51
Alternatives
Package Score Description
standard 0
xo 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 120
Versions matched to tags or releases 7

📦 Dependency: eslint

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 377
Number of git tags or releases 134
Versions matched to tags or releases 134
Alternatives
Package Score Description
standard 0
xo 0

@alex-mcgovern alex-mcgovern enabled auto-merge (squash) January 15, 2025 15:46
stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Jan 15, 2025
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @eslint/core

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 11
Number of git tags or releases 120
Versions matched to tags or releases 11
Alternatives
Package Score Description
eslint-config-prettier 0
eslint-plugin-eslint-comments 0

📦 Dependency: @eslint/js

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 56
Number of git tags or releases 133
Versions matched to tags or releases 51
Alternatives
Package Score Description
standard 0
xo 0

📦 Dependency: @eslint/plugin-kit

Trusty Score: 0

Scoring details
Component Score
Package activity 5.8
Repository activity 3.4
User activity 8.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 7
Number of git tags or releases 120
Versions matched to tags or releases 7

📦 Dependency: eslint

Trusty Score: 0

Scoring details
Component Score
Package activity 8.8
Repository activity 8.6
User activity 9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 377
Number of git tags or releases 134
Versions matched to tags or releases 134
Alternatives
Package Score Description
standard 0
xo 0

@alex-mcgovern alex-mcgovern merged commit 989f4bc into main Jan 15, 2025
6 of 7 checks passed
@alex-mcgovern alex-mcgovern deleted the dependabot/npm_and_yarn/eslint-9.18.0 branch January 15, 2025 15:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stacklok-cloud-staging stacklok-cloud-staging[bot] stacklok-cloud-staging[bot] left review comments

@alex-mcgovern alex-mcgovern alex-mcgovern approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@coveralls @alex-mcgovern