[Snyk] Upgrade eslint-plugin-react from 7.23.2 to 7.33.1

[ManuelDevWeb]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade eslint-plugin-react from 7.23.2 to 7.33.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 35 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-07-29.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: eslint-plugin-react

• 7.33.1 - 2023-07-29
  

  Fixed

  • require-default-props: fix config schema (#3605 @ controversial)
  • jsx-curly-brace-presence: Revert #3538 due to issues with intended string type casting usage (#3611 @ taozhou-glean)
  • sort-prop-types: ensure sort-prop-types respects noSortAlphabetically (#3610 @ caesar1030)
• 7.33.0 - 2023-07-20
  

  Added

  • display-name: add checkContextObjects option (#3529 @ JulesBlm)
  • jsx-first-prop-new-line: add multiprop option (#3533 @ haydncomley)
  • no-deprecated: add React 18 deprecations (#3548 @ sergei-startsev)
  • forbid-component-props: add disallowedFor option (#3417 @ jacketwpbb)

  Fixed

  • no-array-index-key: consider flatMap (#3530 @ k-yle)
  • jsx-curly-brace-presence: handle single and only expression template literals (#3538 @ taozhou-glean)
  • no-unknown-property: allow onLoad on source (@ ljharb)
  • jsx-first-prop-new-line: ensure autofix preserves generics in component name (#3546 @ ljharb)
  • no-unknown-property: allow fill prop on <symbol> (#3555 @ stefanprobst)
  • display-name, prop-types: when checking for a capitalized name, ignore underscores entirely (#3560 @ ljharb)
  • no-unused-state: avoid crashing on a class field function with destructured state (#3568 @ ljharb)
  • no-unused-prop-types: allow using spread with object expression in jsx (#3570 @ akulsr0)
  • Revert "destructuring-assignment: Handle destructuring of useContext in SFC" (#3583 #2797 @ 102)
  • prefer-read-only-props: add TS support (#3593 @ HenryBrown0)

  Changed

  • [Docs] jsx-newline, no-unsafe, static-property-placement: Fix code syntax highlighting (#3563 @ nbsp1221)
  • [readme] resore configuration URL (#3582 @ gokaygurcan)
  • [Docs] jsx-no-bind: reword performance rationale (#3581 @ gpoole)
  • [Docs] jsx-first-prop-new-line: add missing multiprop value (#3598 @ dzek69)
• 7.32.2 - 2023-01-29
  

  Fixed

  • configs: restore parserOptions in legacy configs ([#3523][] @ ljharb)
  • jsx-no-constructed-context-values, jsx-no-useless-fragment: add a rule schema (@ ljharb)
    ( no-unknown-property: add fill for <marker> (#3525 @ alexey-koran)
• 7.32.1 - 2023-01-16
  

  Fixed

  • prevent circular dependency in index and "all" config (#3519 @ ljharb)
  • destructuring-assignment: do not force destructuring of optionally chained properties (#3520 @ ljharb)
• 7.32.0 - 2023-01-11
  Read more
• 7.31.11 - 2022-11-18
  

  Fixed

  • jsx-no-target-blank: allow ternaries with literals (#3464 @ akulsr0)
  • no-unknown-property: add inert attribute (#3484 @ ljharb)
  • jsx-key: detect keys in logical expression and conditional expression (#3490 @ metreniuk)

  Changed

  • [Perf] component detection: improve performance by avoiding traversing parents unnecessarily (#3459 @ golopot)
  • [Docs] forbid-component-props: inclusive language w/ allowlist (#3473 @ AndersDJohnson)
  • [Docs] automate doc generation with eslint-doc-generator (#3469 @ bmish)
• 7.31.10 - 2022-10-10
  

  Fixed

  • no-unknown-property: allow allowFullScreen on iframe (#3455 @ almeidx)
• 7.31.9 - 2022-10-09
  Read more
• 7.31.8 - 2022-09-09
  Read more
• 7.31.7 - 2022-09-05
  Read more
• 7.31.6 - 2022-09-04
• 7.31.5 - 2022-09-04
• 7.31.4 - 2022-09-03
• 7.31.3 - 2022-09-03
• 7.31.2 - 2022-09-02
• 7.31.1 - 2022-08-26
• 7.31.0 - 2022-08-24
• 7.30.2 - 2022-08-24
• 7.30.1 - 2022-06-23
• 7.30.0 - 2022-05-18
• 7.29.4 - 2022-03-13
• 7.29.3 - 2022-03-03
• 7.29.2 - 2022-02-26
• 7.29.1 - 2022-02-25
• 7.29.0 - 2022-02-25
• 7.28.0 - 2021-12-22
• 7.27.1 - 2021-11-19
• 7.27.0 - 2021-11-10
• 7.26.1 - 2021-09-30
• 7.26.0 - 2021-09-21
• 7.25.3 - 2021-09-19
• 7.25.2 - 2021-09-16
• 7.25.1 - 2021-08-30
• 7.25.0 - 2021-08-29
• 7.24.0 - 2021-05-29
• 7.23.2 - 2021-04-08

from eslint-plugin-react GitHub release notes

Commit messages

Package name: eslint-plugin-react

• 354cb62 Update CHANGELOG and bump version
• 26e9578 [Refactor] use `slice` instead of `substring`
• 1629d44 [eslint] fix import ordering
• 3c11201 [Fix] `sort-prop-types`: ensure sort-prop-types respects noSortAlphabetically
• 302925b [Tests] remove or make explicit trailing whitespace
• f818096 Revert "[Fix] `jsx-curly-brace-presence`: handle single and only expression template literals"
• 1a3a17a [Fix] `require-default-props`: fix config schema
• 31282dd Update CHANGELOG and bump version
• 4e72b82 [Docs] `jsx-first-prop-new-line`: add missing `multiprop` value
• 9c5ac98 [Fix] `prefer-read-only-props`: add TS support
• fa1c277 [Deps] update `semver`
• bf1fc74 [Dev Deps] update `@ babel/core`, `@ babel/eslint-parser`, `aud`
• 9fdcba7 [Dev Deps] update `@ babel/core`, `@ babel/eslint-parser`, `@ babel/plugin-syntax-decorators`, `@ babel/plugin-syntax-do-expressions`, `@ babel/plugin-syntax-function-bind`, `@ babel/preset-react`, `eslint-remote-tester-repositories`
• ae64aa8 [Docs] `jsx-no-bind`: reword performance rationale
• 7f655f8 Revert "[Fix] `destructuring-assignment`: Handle destructuring of useContext in SFC"
• 693860f [readme] resore configuration URL
• 747fad0 [Fix] `no-unused-prop-types`: allow using spread with object expression in jsx
• 13f5c19 [Docs] `jsx-newline`, `no-unsafe`, `static-property-placement`: Fix code syntax highlighting
• f2d8d26 [Fix] `no-unused-state`: avoid crashing on a class field function with destructured state
• 0855e5f [Dev Deps] pin `jackspeak` since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
• 15e3a33 [actions] split node tests into multiple workflows
• 4a92667 [New] `forbid-component-props`: add `disallowedFor` option
• 477f36d [Refactor] `forbid-component-props`: tweak formatting
• 1fc7d34 [Fix] `display-name`, `prop-types`: when checking for a capitalized name, ignore underscores entirely

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs