Update dependency eslint to v4.18.2 - autoclosed

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
eslint (source)	dependencies	minor	4.10.0 -> 4.18.2

This PR resolves the vulnerabilities described in Issue #35

---

Version 4.10.0

Risk Change	Critical	High	Medium	Low
N/A	0	4	3	0

Version 4.18.2

Risk Change	Critical	High	Medium	Low
-75%	0 (--)	1 (-3 )	1 (-2 )	0 (--)

Version 4.19.1

Risk Change	Critical	High	Medium	Low
-75%	0 (--)	1 (-3 )	1 (-2 )	0 (--)

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

---

Release Notes

eslint/eslint

v4.18.2

Compare Source

• 6b71fd0 Fix: table@4.0.2, because 4.0.3 needs "ajv": "^6.0.1" (#​10022) (Mathieu Seiler)
• 3c697de Chore: fix incorrect comment about linter.verify return value (#​10030) (Teddy Katz)
• 9df8653 Chore: refactor parser-loading out of linter.verify (#​10028) (Teddy Katz)
• f6901d0 Fix: remove catastrophic backtracking vulnerability (fixes #​10002) (#​10019) (Jamie Davis)
• e4f52ce Chore: Simplify dataflow in linter.verify (#​10020) (Teddy Katz)
• 33177cd Chore: make library files non-executable (#​10021) (Teddy Katz)
• 558ccba Chore: refactor directive comment processing (#​10007) (Teddy Katz)
• 18e15d9 Chore: avoid useless catch clauses that just rethrow errors (#​10010) (Teddy Katz)
• a1c3759 Chore: refactor populating configs with defaults in linter (#​10006) (Teddy Katz)
• aea07dc Fix: Make max-len ignoreStrings ignore JSXText (fixes #​9954) (#​9985) (Rachael Sim)

v4.18.1

Compare Source

• f417506 Fix: ensure no-await-in-loop reports the correct node (fixes #​9992) (#​9993) (Teddy Katz)
• 3e99363 Docs: Fixed typo in key-spacing rule doc (#​9987) (Jaid)
• 7c2cd70 Docs: deprecate experimentalObjectRestSpread (#​9986) (Toru Nagashima)

v4.18.0

Compare Source

• 70f22f3 Chore: Apply memoization to config creation within glob utils (#​9944) (Kenton Jacobsen)
• 0e4ae22 Update: fix indent bug with binary operators/ignoredNodes (fixes #​9882) (#​9951) (Teddy Katz)
• 47ac478 Update: add named imports and exports for object-curly-newline (#​9876) (Nicholas Chua)
• e8efdd0 Fix: support Rest/Spread Properties (fixes #​9885) (#​9943) (Toru Nagashima)
• f012b8c Fix: support Async iteration (fixes #​9891) (#​9957) (Toru Nagashima)
• 74fa253 Docs: Clarify no-mixed-operators options (fixes #​9962) (#​9964) (Ivan Hayes)
• 426868f Docs: clean up key-spacing docs (fixes #​9900) (#​9963) (Abid Uzair)
• 4a6f22e Update: support eslint-disable-* block comments (fixes #​8781) (#​9745) (Erin)
• 777283b Docs: Propose fix typo for function (#​9965) (John Eismeier)
• bf3d494 Docs: Fix typo in max-len ignorePattern example. (#​9956) (Tim Martin)
• d64fbb4 Docs: fix typo in prefer-destructuring.md example (#​9930) (Vse Mozhet Byt)
• f8d343f Chore: Fix default issue template (#​9946) (Kai Cataldo)

v4.17.0

Compare Source

• 1da1ada Update: Add "multiline" type to padding-line-between-statements (#​8668) (Matthew Bennett)
• bb213dc Chore: Use messageIds in some of the core rules (#​9648) (Jed Fox)
• 1aa1970 Docs: remove outdated rule naming convention (#​9925) (Teddy Katz)
• 3afaff6 Docs: Add prefer-destructuring variable reassignment example (#​9873) (LePirlouit)
• d20f6b4 Fix: Typo in error message when running npm (#​9866) (Maciej Kasprzyk)
• 51ec6a7 Docs: Use GitHub Multiple PR/Issue templates (#​9911) (Kai Cataldo)
• dc80487 Update: space-unary-ops uses astUtils.canTokensBeAdjacent (fixes #​9907) (#​9906) (Kevin Partington)
• 084351b Docs: Fix the messageId example (fixes #​9889) (#​9892) (Jed Fox)
• 9cbb487 Docs: Mention the globals key in the no-undef docs (#​9867) (Dan Dascalescu)

v4.16.0

Compare Source

• e26a25f Update: allow continue instead of if wrap in guard-for-in (fixes #​7567) (#​9796) (Michael Ficarra)
• af043eb Update: Add NewExpression support to comma-style (#​9591) (Frazer McLean)
• 4f898c7 Build: Fix JSDoc syntax errors (#​9813) (Matija Marohnić)
• 13bcf3c Fix: Removing curly quotes in no-eq-null report message (#​9852) (Kevin Partington)
• b96fb31 Docs: configuration hierarchy for CLIEngine options (fixes #​9526) (#​9855) (PiIsFour)
• 8ccbdda Docs: Clarify that -c configs merge with .eslintrc.* (fixes #​9535) (#​9847) (Kevin Partington)
• 978574f Docs: Fix examples for no-useless-escape (#​9853) (Toru Kobayashi)
• cd5681d Chore: Deactivate consistent-docs-url in internal rules folder (#​9815) (Kevin Partington)
• 2e87ddd Docs: Sync messageId examples' style with other examples (#​9816) (Kevin Partington)
• 1d61930 Update: use doctrine range information in valid-jsdoc (#​9831) (Teddy Katz)
• 133336e Update: fix indent behavior on template literal arguments (fixes #​9061) (#​9820) (Teddy Katz)
• ea1b15d Fix: avoid crashing on malformed configuration comments (fixes #​9373) (#​9819) (Teddy Katz)
• add1e70 Update: fix indent bug on comments in ternary expressions (fixes #​9729) (#​9818) (Teddy Katz)
• 6a5cd32 Fix: prefer-destructuring error with computed properties (fixes #​9784) (#​9817) (Teddy Katz)
• 601f851 Docs: Minor modification to code comments for clarity (#​9821) (rgovind92)
• b9da067 Docs: fix misleading info about RuleTester column numbers (#​9830) (Teddy Katz)
• 2cf4522 Update: Rename and deprecate object-property-newline option (#​9570) (Jonathan Pool)
• acde640 Docs: Add ES 2018 to Configuring ESLint (#​9829) (Kai Cataldo)
• ccfce15 Docs: Minor tweaks to working with rules page (#​9824) (Kevin Partington)
• 54b329a Docs: fix substitution of {{ name }} (#​9822) (Andres Kalle)

v4.15.0

Compare Source

• 6ab04b5 New: Add context.report({ messageId }) (fixes #​6740) (#​9165) (Jed Fox)
• fc7f404 Docs: add url to each of the rules (refs #​6582) (#​9788) (Patrick McElhaney)
• fc44da9 Docs: fix sort-imports rule block language (#​9805) (ferhat elmas)
• 65f0176 New: CLIEngine#getRules() (refs #​6582) (#​9782) (Patrick McElhaney)
• c64195f Update: More detailed assert message for rule-tester (#​9769) (Weijia Wang)
• 9fcfabf Fix: no-extra-parens false positive (fixes: #​9755) (#​9795) (Erin)
• 61e5fa0 Docs: Add table of contents to Node.js API docs (#​9785) (Patrick McElhaney)
• 4c87f42 Fix: incorrect error messages of no-unused-vars (fixes #​9774) (#​9791) (akouryy)
• bbabf34 Update: add ignoreComments option to indent rule (fixes #​9018) (#​9752) (Kevin Partington)
• db431cb Docs: HTTP -> HTTPS (fixes #​9768) (#​9768) (Ronald Eddy Jr)
• cbf0fb9 Docs: describe how to feature-detect scopeManager/visitorKeys support (#​9764) (Teddy Katz)
• f7dcb70 Docs: Add note about "patch release pending" label to maintainer guide (#​9763) (Teddy Katz)

v4.14.0

Compare Source

• be2f57e Update: support separate requires in one-var. (fixes #​6175) (#​9441) (薛定谔的猫)
• 370d614 Docs: Fix typos (#​9751) (Jed Fox)
• 8196c45 Chore: Reorganize CLI options and associated docs (#​9758) (Kevin Partington)
• 75c7419 Update: Logical-and is counted in complexity rule (fixes #​8535) (#​9754) (Kevin Partington)
• eb4b1e0 Docs: reintroduce misspelling in valid-typeof example (#​9753) (Teddy Katz)
• ae51eb2 New: Add allowImplicit option to array-callback-return (fixes #​8539) (#​9344) (James C. Davis)
• e9d5dfd Docs: improve no-extra-parens formatting (#​9747) (Rich Trott)
• 37d066c Chore: Add unit tests for overrides glob matching. (#​9744) (Robert Jackson)
• 805a94e Chore: Fix typo in CLIEngine test name (#​9741) (@​scriptdaemon)
• 1c2aafd Update: Improve parser integrations (fixes #​8392) (#​8755) (Toru Nagashima)
• 4ddc131 Upgrade: debug@^3.1.0 (#​9731) (Kevin Partington)
• f252c19 Docs: Make the lint message source property a little more subtle (#​9735) (Jed Fox)
• 5a5c23c Docs: fix the link to contributing page (#​9727) (Victor Hom)
• f44ce11 Docs: change beginner to good first issue label text (#​9726) (Victor Hom)
• 14baa2e Chore: improve arrow-body-style error message (refs #​5498) (#​9718) (Teddy Katz)
• f819920 Docs: fix typos (#​9723) (Thomas Broadley)
• 43d4ba8 Fix: false positive on rulelines-between-class-members (fixes #​9665) (#​9680) (sakabar)

v4.13.1

Compare Source

• b72dc83 Fix: eol-last allow empty-string to always pass (refs #​9534) (#​9696) (Kevin Partington)
• d80aa7c Fix: camelcase destructure leading/trailing underscore (fixes #​9700) (#​9701) (Kevin Partington)
• d49d9d0 Docs: Add missing period to the README (#​9702) (Kevin Partington)
• 4564fe0 Chore: no-invalid-meta crash if no export assignment (refs #​9534) (#​9698) (Kevin Partington)

v4.13.0

Compare Source

• 256481b Update: update handling of destructuring in camelcase (fixes #​8511) (#​9468) (Erin)
• d067ae1 Docs: Don’t use undocumented array-style configuration for max-len (#​9690) (Jed Fox)
• 1ad3091 Chore: fix test-suite to work with node master (#​9688) (Myles Borins)
• cdb1488 Docs: Adds an example with try/catch. (#​9672) (Jaap Taal)

v4.12.1

Compare Source

• 1e362a0 Revert "Fix: Use XML 1.1 on XML formatters (fixes #​9607) (#​9608)" (#​9667) (Kevin Partington)

v4.12.0

Compare Source

• 76dab18 Upgrade: doctrine@^2.0.2 (#​9656) (Kevin Partington)
• 28c9c8e New: add a Linter#defineParser function (#​9321) (Ives van Hoorne)
• 5619910 Update: Add autofix for sort-vars (#​9496) (Trevin Hofmann)
• 71eedbf Update: add beforeStatementContinuationChars to semi (fixes #​9521) (#​9594) (Toru Nagashima)
• 4118f14 New: Adds implicit-arrow-linebreak rule (refs #​9510) (#​9629) (Sharmila Jesupaul)
• 208fb0f Fix: Use XML 1.1 on XML formatters (fixes #​9607) (#​9608) (Daniel Reigada)
• 6e04f14 Upgrade: globals to 11.0.1 (fixes #​9614) (#​9632) (Toru Nagashima)
• e13d439 Fix: space-in-parens crash (#​9655) (Toru Nagashima)
• 92171cc Docs: Updating migration guide for single-line disable (#​9385) (Justin Helmer)
• f39ffe7 Docs: remove extra punctuation from readme (#​9640) (Teddy Katz)
• a015234 Fix: prefer-destructuring false positive on "super" (fixes #​9625) (#​9626) (Kei Ito)
• 0cf081e Update: add importNames option to no-restricted-imports (#​9506) (Benjamin R Gibson)
• 332c214 Docs: Add @​platinumazure to TSC (#​9618) (Ilya Volodin)

v4.11.0

Compare Source

• d4557a6 Docs: disallow use of the comma operator using no-restricted-syntax (#​9585) (薛定谔的猫)
• d602f9e Upgrade: espree v3.5.2 (#​9611) (Kai Cataldo)
• 4def876 Chore: avoid handling rules instances in config-validator (#​9364) (Teddy Katz)
• fe5ac7e Chore: fix incorrect comment in safe-emitter.js (#​9605) (Teddy Katz)
• 6672fae Docs: Fixed a typo on lines-between-class-members doc (#​9603) (Moinul Hossain)
• 980ecd3 Chore: Update copyright and license info (#​9599) (薛定谔的猫)
• cc2c7c9 Build: use Node 8 in appveyor (#​9595) (薛定谔的猫)
• 2542f04 Docs: Add missing options for lines-around-comment (#​9589) (Clément Fiorio)
• b6a7490 Build: ensure fuzzer tests get run with npm test (#​9590) (Teddy Katz)
• 1073bc5 Build: remove shelljs-nodecli (refs #​9533) (#​9588) (Teddy Katz)
• 7e3bf6a Fix: edge-cases of semi-style (#​9560) (Toru Nagashima)
• e5a37ce Fix: object-curly-newline for flow code (#​9458) (Tiddo Langerak)
• 9064b9c Chore: add equalTokens in ast-utils. (#​9500) (薛定谔的猫)
• b7c5b19 Fix: Correct [object Object] output of error.data. (#​9561) (Jonathan Pool)
• 51c8cf0 Docs: Disambiguate definition of Update tag (#​9584) (Jonathan Pool)
• afc3c75 Docs: clarify what eslint-config-eslint is (#​9582) (Teddy Katz)
• aedae9d Docs: fix spelling in valid-typeof example (#​9574) (Maksim Degtyarev)
• 4c5aaf3 Docs: Fix typo in no-underscore-dangle rule (#​9567) (Fabien Lucas)
• 3623600 Chore: upgrade ajv@5.3.0 (#​9557) (薛定谔的猫)
• 1b606cd Chore: Remove an indirect dependency on jsonify (#​9444) (Rouven Weßling)
• 4d7d7ab Update: Resolve npm installed formatters (#​5900) (#​9464) (Tom Erik Støwer)
• accc490 Fix: Files with no failures get "passing" testcase (#​9547) (Samuel Levy)
• ab0f66d Docs: Add examples to better show rule coverage. (#​9548) (Jonathan Pool)
• 88d2303 Chore: Add object-property-newline tests to increase coverage. (#​9553) (Jonathan Pool)
• 7f37b1c Build: test Node 9 on Travis (#​9556) (Teddy Katz)
• acccfbd Docs: Minor rephrase in no-invalid-this. (#​9542) (Francisc)
• 8f9c0fe Docs: improve id-match usage advice (#​9544) (Teddy Katz)
• a9606a3 Fix: invalid tests with super (fixes #​9539) (#​9545) (Teddy Katz)
• 8e1a095 Chore: enable a modified version of multiline-comment-style on codebase (#​9452) (Teddy Katz)
• cb60285 Chore: remove commented test for HTML formatter (#​9532) (Teddy Katz)
• 06b491e Docs: fix duplicate entries in changelog (#​9530) (Teddy Katz)
• 2224733 Chore: use eslint-plugin-rulesdir instead of --rulesdir for self-linting (#​9164) (Teddy Katz)
• 9cf4ebe Docs: add .md to link(for github users) (#​9529) (薛定谔的猫)

---

• If you want to rebase/retry this PR, check this box

[coderabbitai]

Important

Auto Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• If you reply to a review comment from CodeRabbit, the bot will automatically respond.
• To engage with CodeRabbit bot directly around the specific lines of code in the PR, mention @coderabbitai in your review comment
• Note: Review comments are made on code diffs or files, not on the PR overview.
• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai help to get help.
• @coderabbitai resolve to resolve all the CodeRabbit review comments.

Note: For conversation with the bot, please use the review comments on code diffs or files.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.json