build(deps-dev): bump xo from 0.37.1 to 0.60.0

[dependabot]

Bumps xo from 0.37.1 to 0.60.0.

Release notes

Sourced from xo's releases.

v0.60.0

New rules

• unicorn/no-length-as-slice-end
• unicorn/prefer-global-this
• unicorn/prefer-math-min-max
• unicorn/consistent-existence-index-check

Improvements

• Update dependencies 0c2be9c

---

xojs/xo@v0.59.3...v0.60.0

v0.59.3

• Allow using experimental Node.js features 3eb8436
• Fix TypeScript extension support (#764) 46a91e0

xojs/xo@v0.59.2...v0.59.3

v0.59.2

• Respect nodeVersion: false option (#762) c965843

xojs/xo@v0.59.1...v0.59.2

v0.59.1

• Fix XO to not override rules from user's config (#761) 9cdab84

xojs/xo@v0.59.0...v0.59.1

v0.59.0

New rules

• unicorn/no-single-promise-in-promise-methods
• unicorn/no-await-in-promise-methods
• unicorn/no-anonymous-default-export
• unicorn/consistent-empty-array-spread
• unicorn/no-invalid-fetch-options
• unicorn/no-magic-array-flat-depth
• unicorn/prefer-structured-clone
• unicorn/no-negation-in-equality-check
• @typescript-eslint/no-unnecessary-parameter-property-assignment
• @typescript-eslint/use-unknown-in-catch-callback-variable

Breaking

• Re-enable eslint-plugin-promise (#656) b168f08

... (truncated)

Commits

• 09cfbd1 0.60.0
• 0c2be9c Update dependencies
• 1877df6 0.59.3
• 3eb8436 Allow experimental Node.js features
• 46a91e0 Fix TypeScript extension support (#764)
• 92216f4 0.59.2
• c965843 Respect nodeVersion: false option (#762)
• b537b21 0.59.1
• 9cdab84 Fix XO to not override rules from user's config (#761)
• 112e657 0.59.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[psiinon]

Checkmarx One – Scan Summary & Details – c9931f21-190e-4047-aed3-a7e1b04f8819

Fixed Issues

Severity	Issue	Source File / Package
	CVE-2024-42461	Npm-elliptic-6.5.4
	CVE-2024-48949	Npm-elliptic-6.5.4
	CVE-2020-28469	Npm-glob-parent-3.1.0
	CVE-2022-25883	Npm-semver-7.3.6
	CVE-2022-25883	Npm-semver-6.3.0
	CVE-2022-25883	Npm-semver-7.3.5
	CVE-2022-25883	Npm-semver-5.7.1
	CVE-2022-25883	Npm-semver-7.3.4
	CVE-2022-25883	Npm-semver-5.5.0
	CVE-2022-3517	Npm-minimatch-3.0.4
	CVE-2023-26115	Npm-word-wrap-1.2.3
	CVE-2024-4068	Npm-braces-2.3.2
	CVE-2024-4068	Npm-braces-3.0.2
	CVE-2022-33987	Npm-got-9.6.0
	CVE-2024-4067	Npm-micromatch-3.1.10
	CVE-2024-4067	Npm-micromatch-4.0.5
	CVE-2024-42459	Npm-elliptic-6.5.4
	CVE-2024-42460	Npm-elliptic-6.5.4
	CVE-2024-48948	Npm-elliptic-6.5.4