Skip to content

chore: release 4.0.0 🚀#1

Open
github-actions[bot] wants to merge 1 commit intomainfrom
release-please--branches--main--components--eslint-plugin-security
Open

chore: release 4.0.0 🚀#1
github-actions[bot] wants to merge 1 commit intomainfrom
release-please--branches--main--components--eslint-plugin-security

Conversation

@github-actions
Copy link

@github-actions github-actions bot commented Feb 13, 2026
edited
Loading

🤖 I have created a release beep boop

4.0.0 (2026-02-19)

⚠ BREAKING CHANGES

  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146)
  • switch the recommended config to flat (#118)

Features

  • add config recommended-legacy (#132) (13d3f2f)
  • Add meta object documentation for all rules (#79) (fb1d9ef)
  • detect-bidi-characters rule (#95) (4294d29)
  • detect-non-literal-fs-filename: change to track non-top-level require() as well (#105) (d3b1543)
  • extend detect non literal fs filename (#92) (08ba476)
  • improve detect-child-process rule (#108) (64ae529)
  • non-literal-require: support template literals (#81) (208019b)
  • requires node ^18.18.0 || ^20.9.0 || >=21.1.0 (#146) (df1b606)
  • switch the recommended config to flat (#118) (e20a366)

Bug Fixes

  • add .release-please-manifest.json (da78a5f)
  • Add ESLint 10 compatibility for context.sourceCode API change (#186) (7f9ee77)
  • add name to recommended flat config (#161) (aa1c8c5)
  • add release-please-config.json (6c4a015)
  • add release-type: node (ca15f95)
  • Avoid crash when exec() is passed no arguments (7f97815), closes #82 #23
  • Avoid TypeError when exec stub is used with no arguments (#97) (9c18f16)
  • detect-child-process: false positive for destructuring with exec (#102) (657921a)
  • detect-child-process: false positives for destructuring spawn (#103) (fdfe37d)
  • Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)
  • Ensure everything works with ESLint v9 (#145) (ac50ab4)
  • false positives for static expressions in detect-non-literal-fs-filename, detect-child-process, detect-non-literal-regexp, and detect-non-literal-require (#109) (56102b5)
  • generate provenance statement for release (#168) (eb3ee9c)
  • Incorrect method name in detect-buffer-noassert. (313c0c6), closes #63 #80
  • release-please config (9feb0d9)
  • remove unwanted config (2782a16)
  • remove WORKFLOW_PUSH_BOT_TOKEN (ccf8bc6)
  • revert changes from eslint/css@0d83c26 (6766471)
  • run tweet only when a new release is created (7fb69b8)
  • update npm publish command to include public access and add tweet announcement step (f71a64a)

This PR was generated with Release Please. See documentation.

@aladdin-add aladdin-add mentioned this pull request Feb 13, 2026
Merged
@github-actions github-actions bot force-pushed the release-please--branches--main--components--eslint-plugin-security branch 3 times, most recently from 7a62f89 to f3bd892 Compare February 13, 2026 03:23
@github-actions github-actions bot changed the title chore(main): release 1.0.0 chore: release 4.0.0 🚀 Feb 19, 2026
@github-actions github-actions bot force-pushed the release-please--branches--main--components--eslint-plugin-security branch from f3bd892 to 52f9a4e Compare February 19, 2026 14:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants