Bump eslint-plugin-react from 7.30.0 to 7.32.2

[dependabot]

Bumps eslint-plugin-react from 7.30.0 to 7.32.2.

Release notes

Sourced from eslint-plugin-react's releases.

v7.32.2

Fixed

• configs: restore parserOptions in legacy configs (#3523[] @​ljharb)
• [jsx-no-constructed-context-values], [jsx-no-useless-fragment]: add a rule schema (@​ljharb) ( [no-unknown-property]: add fill for <marker> (#3525[] @​alexey-koran)

#1000: jsx-eslint/eslint-plugin-react#1000 #1002: jsx-eslint/eslint-plugin-react#1002 #1005: jsx-eslint/eslint-plugin-react#1005 #100: jsx-eslint/eslint-plugin-react#100 #1010: jsx-eslint/eslint-plugin-react#1010 #1013: jsx-eslint/eslint-plugin-react#1013 #1022: jsx-eslint/eslint-plugin-react#1022 #1029: jsx-eslint/eslint-plugin-react#1029 #102: jsx-eslint/eslint-plugin-react#102 #1034: jsx-eslint/eslint-plugin-react#1034 #1038: jsx-eslint/eslint-plugin-react#1038 #1041: jsx-eslint/eslint-plugin-react#1041 #1043: jsx-eslint/eslint-plugin-react#1043 #1046: jsx-eslint/eslint-plugin-react#1046 #1047: jsx-eslint/eslint-plugin-react#1047 #1050: jsx-eslint/eslint-plugin-react#1050 #1053: jsx-eslint/eslint-plugin-react#1053 #1057: jsx-eslint/eslint-plugin-react#1057 #105: jsx-eslint/eslint-plugin-react#105 #1061: jsx-eslint/eslint-plugin-react#1061 #1062: jsx-eslint/eslint-plugin-react#1062 #1070: jsx-eslint/eslint-plugin-react#1070 #1071: jsx-eslint/eslint-plugin-react#1071 #1073: jsx-eslint/eslint-plugin-react#1073 #1076: jsx-eslint/eslint-plugin-react#1076 #1079: jsx-eslint/eslint-plugin-react#1079 #1088: jsx-eslint/eslint-plugin-react#1088 #1098: jsx-eslint/eslint-plugin-react#1098 #1101: jsx-eslint/eslint-plugin-react#1101 #1103: jsx-eslint/eslint-plugin-react#1103 #110: jsx-eslint/eslint-plugin-react#110 #1116: jsx-eslint/eslint-plugin-react#1116 #1117: jsx-eslint/eslint-plugin-react#1117 #1119: jsx-eslint/eslint-plugin-react#1119 #1121: jsx-eslint/eslint-plugin-react#1121 #1122: jsx-eslint/eslint-plugin-react#1122 #1123: jsx-eslint/eslint-plugin-react#1123 #1130: jsx-eslint/eslint-plugin-react#1130 #1131: jsx-eslint/eslint-plugin-react#1131 #1132: jsx-eslint/eslint-plugin-react#1132 #1134: jsx-eslint/eslint-plugin-react#1134 #1135: jsx-eslint/eslint-plugin-react#1135 #1139: jsx-eslint/eslint-plugin-react#1139

... (truncated)

Changelog

Sourced from eslint-plugin-react's changelog.

7.32.2 - 2023.01.28

Fixed

• configs: restore parserOptions in legacy configs (#3523[] @​ljharb)
• [jsx-no-constructed-context-values], [jsx-no-useless-fragment]: add a rule schema (@​ljharb) ( [no-unknown-property]: add fill for <marker> (#3525[] @​alexey-koran)

#3525: jsx-eslint/eslint-plugin-react#3525 #3520: jsx-eslint/eslint-plugin-react#3523

7.32.1 - 2023.01.16

Fixed

• prevent circular dependency in index and "all" config (#3519[] @​ljharb)
• [destructuring-assignment]: do not force destructuring of optionally chained properties (#3520[] @​ljharb)

#3520: jsx-eslint/eslint-plugin-react#3520 #3519: jsx-eslint/eslint-plugin-react#3519

7.32.0 - 2023.01.10

Added

• support new config system (#3429[] @​jjangga0214)
• [hook-use-state]: add allowDestructuredState option (#3449[] @​ljharb)
• add [sort-default-props] and deprecate [jsx-sort-default-props] (#1861[] @​alexzherdev)
• add [no-object-type-as-default-prop] rule (#2848[] @​cyan33 @​fengkx)

Fixed

• configs: avoid legacy config system error (#3461[] @​ljharb)
• [sort-prop-types]: restore autofixing (#3452[], #3471[] @​ROSSROSALES)
• [no-unknown-property]: do not check fbs elements (#3494[] @​brianogilvie)
• [jsx-newline]: No newline between comments and jsx elements (#3493[] @​justmejulian)
• [jsx-no-leaked-render]: Don't report errors on empty strings if React >= v18 (#3488[] @​himanshu007-creator)
• [no-invalid-html-attribute]: convert autofix to suggestion (#3474[] @​himanshu007-creator @​ljharb)
• [jsx-no-leaked-render]: fix removing parentheses for conditionals (#3502[] @​akulsr0)
• [jsx-no-leaked-render]: invalid fixes in coerce mode (#3511[] @​akulsr0)
• [destructuring-assignment]: Handle destructuring of useContext in SFC (#2797[] @​Zinyon @​ljharb)

Changed

• [Docs] [jsx-no-leaked-render]: Remove mentions of empty strings for React 18 (#3468[] @​karlhorky)
• [Docs] update eslint-doc-generator to v1.0.0 (#3499[] @​bmish)
• [meta] add issue template (#3483[] @​ROSSROSALES)
• [Docs] Use emoji for jsx-runtime config and config file for eslint-doc-generator (#3504[] @​bmish)
• [Docs] [prefer-exact-props]: fix example flow syntax (#3510[] @​smackfu)
• [Perf] use anyOf instead of oneOf (@​ljharb @​remcohaszing)

#3511: jsx-eslint/eslint-plugin-react#3511

... (truncated)

Commits

• 66b58dd Update CHANGELOG and bump version
• 373167c [Tests] button-has-type: add passing test
• 14e315a [Fix] no-unknown-property: add fill for \<marker>
• 4523e73 [Fix] jsx-no-constructed-context-values, jsx-no-useless-fragment: add a r...
• d2194a5 [Tests] avoid a deprecation warning
• 0479acd [Fix] configs: restore parserOptions in legacy configs
• b2e069e Update CHANGELOG and bump version
• 74a9522 [Fix] destructuring-assignment: do not force destructuring of optionally ch...
• 161e5a8 [patch] destructuring-assignment: use report helper for all warnings
• c4c54cb Update link to eslint-plugin-jsx-a11y in README
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[guardrails]

⚠️ We detected 123 security issues in this pull request:

Vulnerable Libraries (123)

Severity	Details
High	@unimodules/react-native-adapter@6.1.0 (t) upgrade to: >6.1.0
High	glob-watcher@5.0.5 (t) upgrade to: >=3.0.0
High	gulp@4.0.2 (t) upgrade to: >=3.9.1
High	ini@1.3.5 (t) upgrade to: >=1.3.6
High	json5@1.0.1 (t) upgrade to: >=1.0.2
High	minimatch@3.0.4 (t) upgrade to: >=3.0.5
Critical	minimist@1.2.5 (t) upgrade to: >=1.2.6
High	tar@4.4.13 (t) upgrade to: >4.4.17
Critical	pkg:npm/msrcrypto@1.5.8@1.5.8 (t) - no patch available
Critical	pkg:npm/msrcrypto@1.5.8@1.5.8 (t) - no patch available
High	pkg:npm/glob-parent@3.1.0@3.1.0 (t) upgrade to: 5.1.2
High	pkg:npm/glob-parent@3.1.0@3.1.0 (t) upgrade to: 5.1.2
High	pkg:npm/glob-parent@3.1.0@3.1.0 (t) upgrade to: 5.1.2
High	pkg:npm/glob-parent@3.1.0@3.1.0 (t) upgrade to: 5.1.2
High	pkg:npm/file-type@3.9.0@3.9.0 (t) - no patch available
High	pkg:npm/file-type@3.9.0@3.9.0 (t) - no patch available
High	pkg:npm/file-type@3.9.0@3.9.0 (t) - no patch available
Low	pkg:npm/request@2.88.2@2.88.2 (t) - no patch available
Low	pkg:npm/request@2.88.2@2.88.2 (t) - no patch available
Critical	pkg:npm/jsonwebtoken@8.5.1@8.5.1 (t) - no patch available
Critical	pkg:npm/jsonwebtoken@8.5.1@8.5.1 (t) - no patch available
Critical	pkg:npm/jsonwebtoken@8.5.1@8.5.1 (t) - no patch available
High	pkg:npm/json@11.0.0@11.0.0 (t) - no patch available
High	pkg:npm/tar@4.4.13@4.4.13 (t) upgrade to: 4.4.18,5.0.10,6.1.9
High	pkg:npm/tar@4.4.13@4.4.13 (t) upgrade to: 4.4.18,5.0.10,6.1.9
N/A	pkg:npm/debug@2.6.9@2.6.9 (t) upgrade to: 3.1.0
N/A	pkg:npm/debug@2.6.9@2.6.9 (t) upgrade to: 3.1.0
N/A	pkg:npm/debug@2.6.9@2.6.9 (t) upgrade to: 3.1.0
High	pkg:npm/yargs-parser@5.0.0-security.0@5.0.0-security.0 (t) - no patch available
High	pkg:npm/yargs-parser@5.0.0-security.0@5.0.0-security.0 (t) - no patch available
Medium	pkg:npm/ws@6.2.2@6.2.2 (t) - no patch available
Medium	pkg:npm/ws@6.2.2@6.2.2 (t) - no patch available
Medium	pkg:npm/ws@6.2.2@6.2.2 (t) - no patch available
Medium	pkg:npm/got@8.3.2@8.3.2 (t) - no patch available
Medium	pkg:npm/got@8.3.2@8.3.2 (t) - no patch available
Medium	pkg:npm/got@8.3.2@8.3.2 (t) - no patch available
High	pkg:npm/flat@5.0.2@5.0.2 (t) - no patch available
High	pkg:npm/flat@5.0.2@5.0.2 (t) - no patch available
High	pkg:npm/flat@5.0.2@5.0.2 (t) - no patch available
N/A	pkg:npm/decode-uri-component@0.2.0@0.2.0 (t) - no patch available
N/A	pkg:npm/decode-uri-component@0.2.0@0.2.0 (t) - no patch available
N/A	pkg:npm/decode-uri-component@0.2.0@0.2.0 (t) - no patch available
High	pkg:npm/file-type@4.4.0@4.4.0 (t) - no patch available
High	pkg:npm/file-type@4.4.0@4.4.0 (t) - no patch available
High	pkg:npm/file-type@4.4.0@4.4.0 (t) - no patch available
Medium	pkg:npm/eslint-plugin-no-unsanitized@4.0.1@4.0.1 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
N/A	pkg:npm/node-forge@0.10.0@0.10.0 (t) upgrade to: 1.0.0
N/A	pkg:npm/node-forge@0.10.0@0.10.0 (t) upgrade to: 1.0.0
High	pkg:npm/minimatch@3.0.4@3.0.4 (t) upgrade to: 3.0.5
High	pkg:npm/minimatch@3.0.4@3.0.4 (t) upgrade to: 3.0.5
Medium	pkg:npm/node-notifier@9.0.0@9.0.0 (t) - no patch available
Medium	pkg:npm/node-notifier@9.0.0@9.0.0 (t) - no patch available
High	pkg:npm/mocha@10.0.0@10.0.0 (t) - no patch available
High	pkg:npm/ini@1.3.5@1.3.5 (t) upgrade to: 1.3.6
High	pkg:npm/ini@1.3.5@1.3.5 (t) upgrade to: 1.3.6
High	pkg:npm/ini@1.3.5@1.3.5 (t) upgrade to: 1.3.6
High	pkg:npm/ua-parser-js@0.7.33@0.7.33 (t) - no patch available
High	pkg:npm/ua-parser-js@0.7.33@0.7.33 (t) - no patch available
High	pkg:npm/ua-parser-js@0.7.33@0.7.33 (t) - no patch available
Medium	pkg:npm/node-fetch@1.7.3@1.7.3 (t) - no patch available
Medium	pkg:npm/node-fetch@1.7.3@1.7.3 (t) - no patch available
Medium	pkg:npm/node-fetch@1.7.3@1.7.3 (t) - no patch available
High	pkg:npm/fast-json-patch@2.2.1@2.2.1 (t) - no patch available
High	pkg:npm/fast-json-patch@2.2.1@2.2.1 (t) - no patch available
High	pkg:npm/fast-json-patch@2.2.1@2.2.1 (t) - no patch available
High	pkg:npm/json-merge-patch@0.2.3@0.2.3 (t) - no patch available
High	pkg:npm/json-merge-patch@0.2.3@0.2.3 (t) - no patch available
High	pkg:npm/json-merge-patch@0.2.3@0.2.3 (t) - no patch available
High	pkg:npm/file-type@5.2.0@5.2.0 (t) - no patch available
High	pkg:npm/file-type@5.2.0@5.2.0 (t) - no patch available
High	pkg:npm/file-type@5.2.0@5.2.0 (t) - no patch available
High	pkg:npm/file-type@5.2.0@5.2.0 (t) - no patch available
High	pkg:npm/file-type@5.2.0@5.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
Medium	pkg:npm/react@18.2.0@18.2.0 (t) - no patch available
High	pkg:npm/file-type@11.1.0@11.1.0 (t) - no patch available
High	pkg:npm/file-type@11.1.0@11.1.0 (t) - no patch available
High	pkg:npm/file-type@11.1.0@11.1.0 (t) - no patch available
Critical	pkg:npm/unset-value@1.0.0@1.0.0 (t) - no patch available
Critical	pkg:npm/unset-value@1.0.0@1.0.0 (t) - no patch available
Medium	pkg:npm/got@9.6.0@9.6.0 (t) - no patch available
Medium	pkg:npm/got@9.6.0@9.6.0 (t) - no patch available
Critical	pkg:npm/qs@6.9.6@6.9.6 (t) - no patch available
Critical	pkg:npm/qs@6.9.6@6.9.6 (t) - no patch available
Critical	pkg:npm/minimist@1.2.5@1.2.5 (t) upgrade to: 1.2.6
Critical	pkg:npm/minimist@1.2.5@1.2.5 (t) upgrade to: 1.2.6
High	pkg:npm/json5@1.0.1@1.0.1 (t) upgrade to: 2.2.2
High	pkg:npm/json5@1.0.1@1.0.1 (t) upgrade to: 2.2.2
High	pkg:npm/moment@2.29.2@2.29.2 (t) upgrade to: 2.29.4,2.29.4
High	pkg:npm/moment@2.29.2@2.29.2 (t) upgrade to: 2.29.4,2.29.4
Critical	pkg:npm/set-value@2.0.1@2.0.1 (t) - no patch available
Critical	pkg:npm/set-value@2.0.1@2.0.1 (t) - no patch available
Critical	pkg:npm/set-value@2.0.1@2.0.1 (t) - no patch available
High	pkg:npm/file-type@6.2.0@6.2.0 (t) - no patch available
High	pkg:npm/file-type@6.2.0@6.2.0 (t) - no patch available
High	pkg:npm/file-type@6.2.0@6.2.0 (t) - no patch available
Medium	pkg:npm/jszip@3.7.1@3.7.1 (t) - no patch available
Medium	pkg:npm/jszip@3.7.1@3.7.1 (t) - no patch available
Medium	pkg:npm/jszip@3.7.1@3.7.1 (t) - no patch available
Medium	pkg:npm/express@4.17.2@4.17.2 (t) - no patch available
Medium	pkg:npm/express@4.17.2@4.17.2 (t) - no patch available
Medium	pkg:npm/express@4.17.2@4.17.2 (t) - no patch available
Low	pkg:npm/node-fetch@2.6.8@2.6.8 (t) - no patch available
Low	pkg:npm/node-fetch@2.6.8@2.6.8 (t) - no patch available
Low	pkg:npm/node-fetch@2.6.8@2.6.8 (t) - no patch available

More info on how to fix Vulnerable Libraries in JavaScript.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

[github-advanced-security]

You have successfully added a new CodeQL configuration .github/workflows/codeql-analysis.yml:analyze/language:javascript. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

[dependabot]

Superseded by #338.