build(deps): bump eslint from 8.57.0 to 9.1.1

[dependabot]

Bumps eslint from 8.57.0 to 9.1.1.

Release notes

Sourced from eslint's releases.

v9.1.1

Bug Fixes

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0

Features

• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)

Bug Fixes

• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)

Documentation

• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

Build Related

• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)

Chores

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade [email protected] dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)

v9.0.0

Breaking Changes

• b7cf3bd fix!: correct camelcase rule schema for allow option (#18232) (eMerzh)
• 09bd7fe feat!: move AST traversal into SourceCode (#18167) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.1.1 - April 22, 2024

• a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0 - April 19, 2024

• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
• 50d406d chore: package.json update for @​eslint/js release (Jenkins)
• 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
• 155c71c chore: package.json update for @​eslint/js release (Jenkins)
• 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
• 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
• fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
• 4d11e56 feat: add name to eslint configs (#18289) (唯然)
• 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
• 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
• 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
• e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
• 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)
• 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
• 4820790 chore: upgrade [email protected] dev dependency (#18332) (Milos Djermanovic)
• 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
• 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
• 0db676f feat: add Intl in es6 globals (#18318) (唯然)
• 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
• 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
• 16b6a8b docs: Update README (GitHub Actions Bot)
• a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
• df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
• c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
• 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
• 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)
• e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
• 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
• 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)
• 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

v9.0.0 - April 5, 2024

• 19f9a89 chore: Update dependencies for v9.0.0 (#18275) (Nicholas C. Zakas)
• 7c957f2 chore: package.json update for @​eslint/js release (Jenkins)
• d73a33c chore: ignore /docs/v8.x in link checker (#18274) (Milos Djermanovic)
• d54a412 feat: Add --inspect-config CLI flag (#18270) (Nicholas C. Zakas)
• e151050 docs: update get-started to the new @eslint/create-config (#18217) (唯然)
• 610c148 fix: Support using declarations in no-lone-blocks (#18269) (Kirk Waiblinger)
• 44a81c6 chore: upgrade knip (#18272) (Lars Kappert)
• 94178ad docs: mention about name field in flat config (#18252) (Anthony Fu)
• 1765c24 docs: add Troubleshooting page (#18181) (Josh Goldberg ✨)
• e80b60c chore: remove code for testing version selectors (#18266) (Milos Djermanovic)

... (truncated)

Commits

• b4d2512 9.1.1
• ef36aa4 Build: changelog update for 9.1.1
• a26b402 fix: use @​eslint/create-config latest (#18373)
• b78d831 9.1.0
• e4d9c92 Build: changelog update for 9.1.0
• d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367)
• 03068f1 feat: Provide helpful error message for nullish configs (#18357)
• 50d406d chore: package.json update for @​eslint/js release
• 8d18958 fix: Remove name from eslint/js packages (#18368)
• 155c71c chore: package.json update for @​eslint/js release
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ✅ 0 package(s) with unknown licenses.
• ⚠️ 3 packages with OpenSSF Scorecard issues.

See the Details below.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@eslint/eslintrc	3.0.2	🟢 6.2	Details Check Score Reason Maintained 🟢 6 5 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 6 Code-Review 🟢 8 Found 17/21 approved changesets -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	9.1.1	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/@humanwhocodes/config-array	0.13.0	🟢 5.3	Details Check Score Reason Code-Review 🟢 4 Found 7/15 approved changesets -- score normalized to 4 Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 6 4 existing vulnerabilities detected
npm/@humanwhocodes/retry	0.2.3	Unknown	Unknown
npm/eslint	9.1.1	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint-scope	8.0.1	🟢 5.9	Details Check Score Reason Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 Code-Review 🟢 8 Found 21/26 approved changesets -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-visitor-keys	4.0.0	🟢 6	Details Check Score Reason Code-Review 🟢 8 Found 21/26 approved changesets -- score normalized to 8 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/espree	10.0.1	🟢 6	Details Check Score Reason Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/file-entry-cache	8.0.0	🟢 3.9	Details Check Score Reason Code-Review ⚠️ 0 Found 0/15 approved changesets -- score normalized to 0 Maintained 🟢 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/flat-cache	4.0.1	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Maintained 🟢 10 12 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/globals	14.0.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 8 Found 22/27 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/@eslint/eslintrc	2.1.4	🟢 6.2	Details Check Score Reason Maintained 🟢 6 5 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 6 Code-Review 🟢 8 Found 17/21 approved changesets -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/@eslint/js	8.57.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/@humanwhocodes/config-array	0.11.14	🟢 5.3	Details Check Score Reason Code-Review 🟢 4 Found 7/15 approved changesets -- score normalized to 4 Maintained 🟢 10 13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 6 4 existing vulnerabilities detected
npm/@ungap/structured-clone	1.2.0	Unknown	Unknown
npm/doctrine	3.0.0	🟢 5.2	Details Check Score Reason Code-Review 🟢 5 Found 15/29 approved changesets -- score normalized to 5 Maintained ⚠️ 0 project is archived CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Pinned-Dependencies ⚠️ -1 no dependencies found Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint	8.57.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint-scope	7.2.2	🟢 5.9	Details Check Score Reason Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 Code-Review 🟢 8 Found 21/26 approved changesets -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/espree	9.6.1	🟢 6	Details Check Score Reason Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Code-Review 🟢 7 Found 18/25 approved changesets -- score normalized to 7 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/file-entry-cache	6.0.1	🟢 3.9	Details Check Score Reason Code-Review ⚠️ 0 Found 0/15 approved changesets -- score normalized to 0 Maintained 🟢 5 6 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/flat-cache	3.2.0	🟢 4.9	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Maintained 🟢 10 12 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST 🟢 6 SAST tool is not run on all commits -- score normalized to 6 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/fs.realpath	1.0.0	⚠️ 2.7	Details Check Score Reason Code-Review ⚠️ 0 Found 0/13 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected SAST ⚠️ 0 no SAST tool detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/glob	7.2.3	🟢 4.3	Details Check Score Reason Maintained 🟢 9 8 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 9 Code-Review ⚠️ 0 Found 1/30 approved changesets -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
npm/globals	13.24.0	🟢 5.8	Details Check Score Reason Code-Review 🟢 8 Found 22/27 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/graphemer	1.4.0	🟢 3.9	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review ⚠️ 2 Found 4/20 approved changesets -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/inflight	1.0.6	🟢 3.5	Details Check Score Reason Code-Review ⚠️ 0 Found 1/21 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Signed-Releases ⚠️ -1 no releases found License 🟢 10 license file detected Dangerous-Workflow ⚠️ -1 no workflows found Pinned-Dependencies ⚠️ -1 no dependencies found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ -1 No tokens found Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/inherits	2.0.4	⚠️ 2.8	Details Check Score Reason Code-Review ⚠️ 1 Found 3/30 approved changesets -- score normalized to 1 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/once	1.4.0	⚠️ 2.8	Details Check Score Reason Code-Review ⚠️ 1 Found 3/24 approved changesets -- score normalized to 1 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
npm/path-is-absolute	1.0.1	🟢 3.9	Details Check Score Reason Code-Review ⚠️ 0 Found 1/11 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ -1 no dependencies found Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/rimraf	3.0.2	🟢 3.2	Details Check Score Reason Code-Review ⚠️ 0 Found 2/30 approved changesets -- score normalized to 0 Maintained ⚠️ 0 0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 8 2 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/type-fest	0.20.2	🟢 5.6	Details Check Score Reason Code-Review 🟢 6 Found 19/29 approved changesets -- score normalized to 6 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/wrappy	1.0.2	🟢 3.6	Details Check Score Reason Code-Review ⚠️ 1 Found 2/16 approved changesets -- score normalized to 1 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ -1 no dependencies found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected
npm/eslint	^9.1.1	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
npm/eslint	^8.56.0	🟢 6.9	Details Check Score Reason Code-Review 🟢 7 Found 23/30 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

package-lock.json

• @eslint/[email protected]
• @eslint/[email protected]
• @humanwhocodes/[email protected]
• @humanwhocodes/[email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• @eslint/[email protected]
• @eslint/[email protected]
• @humanwhocodes/[email protected]
• @ungap/[email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]

package.json

• eslint@^9.1.1
• eslint@^8.56.0

[netlify]

❌ Deploy Preview for splendorous-snickerdoodle-0e3599 failed.

Name	Link
🔨 Latest commit	214175e
🔍 Latest deploy log	https://app.netlify.com/sites/splendorous-snickerdoodle-0e3599/deploys/6626fa86f2c2e8000854147a

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.