[Snyk] Upgrade eslint-plugin-react from 6.9.0 to 7.30.1

[snyk-bot]

Snyk has created this PR to upgrade eslint-plugin-react from 6.9.0 to 7.30.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 82 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-06-23.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-SETVALUE-450213	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-450213	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-SETVALUE-1540541	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MIXINDEEP-450212	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-450202	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary Code Execution SNYK-JS-JSYAML-174129	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary Code Execution SNYK-JS-ISMYJSONVALID-597167	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISMYJSONVALID-597165	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-NODEFETCH-2342118	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-JSYAML-173999	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-JSONPOINTER-1577288	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Validation Bypass SNYK-JS-KINDOF-537849	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONPOINTER-598804	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: eslint-plugin-react

• 7.30.1 - 2022-06-23
  
• 7.30.0 - 2022-05-18
  

  Added

  • destructuring-assignment: add option destructureInSignature (#3235 @ golopot)
  • no-unknown-property: Allow crossOrigin on image tag (SVG) (#3251 @ zpao)
  • jsx-tag-spacing: Add multiline-always option (#3260, #3264 @ Nokel81)
  • function-component-definition: replace var by const in certain situations (#3248 @ JohnBerd @ SimeonC)
  • add jsx-no-leaked-render (#3203 @ Belco90)
  • require-default-props: add option functions (#3249 @ nix6839)

  Fixed

  • hook-use-state: Allow UPPERCASE setState setter prefixes (#3244 @ duncanbeevers)
  • propTypes: add VFC to react generic type param map (#3230 @ dlech)
  • no-unused-state: avoid a crash (#3258 @ WillyLiaoWH @ ljharb)
  • jsx-no-useless-fragment: use proper apostrophe in error message (#3266 @ develohpanda)
  • propTypes: handle imported types/interface in forwardRef generic (#3280 @ vedadeepta)
  • button-has-type: fix exception for <button type> (#3255 @ meowtec)
  • no-unstable-nested-components: Improve error message and catch React.memo() (#3247 @ zacharyliu)

  Changed

  • [readme] remove global usage and eslint version from readme (#3254 @ aladdin-add)
  • [Refactor] fix linter errors (#3261 @ golopot)
  • [Docs] no-unused-prop-types: fix syntax errors (#3259 @ mrdulin)
  • [Refactor] improve performance for detecting function components (#3265 @ golopot)
  • [Refactor] improve performance for detecting class components (#3267 @ golopot)
  • [Refactor] no-deprecated: improve performance (#3271 @ golopot)
  • [Refactor] no-did-mount-set-state, no-did-update-set-state, no-will-update-set-state: improve performance (#3272 @ golopot)
  • [Refactor] improve performance by avoiding unnecessary Components.detect (#3273 @ golopot)
  • [Refactor] add isParenthesized AST util (#3203 @ Belco90)
  • [Docs] default-props-match-prop-types, require-default-props, sort-prop-types: fix typos (#3279 @ nix6839)
  • [Refactor] improve performance of rule merging (#3281 @ golopot)
  • [Refactor] improve performance of component detection (#3276 @ golopot)
• 7.29.4 - 2022-03-13
  

  Fixed

  • no-unused-state: avoid a crash on a class field gDSFP (#3236 @ ljharb)
  • boolean-prop-naming: handle React.FC, intersection, union types (#3241 @ ljharb)
• 7.29.3 - 2022-03-03
  

  Fixed

  • no-unused-state: avoid a crash on type-only gDSFP declarations (#3225 @ ljharb)
  • jsx-curly-brace-presence: the string "never" defaults to propElementValues as ignore (#3228 @ ljharb)
  • propTypes: add VFC to react generic list (#3230 @ ljharb)
• 7.29.2 - 2022-02-26
  
  • jsx-curly-brace-presence: avoid warning on curlies containing quote characters (#3214 @ ljharb)
  • jsx-indent: do not report on non-jsx-returning ternaries that contain null (#3222 @ ljharb)
  • jsx-indent: properly report on returned ternaries with jsx (#3222 @ ljharb)
  • no-array-index-key: detect named-imported cloneElement/createElement (#3213 @ ljharb)
• 7.29.1 - 2022-02-25
  

  Fixed

  • jsx-key: prevent false "missing array key" warning (#3215 @ ljharb)
  • jsx-indent: avoid checking returns sans jsx (#3218 @ ljharb)
  • jsx-key: avoid a crash (#3220 @ ljharb)
  • version settings: avoid a crash with an invalid version (#3219 @ ljharb)
• 7.29.0 - 2022-02-25
  Read more
• 7.28.0 - 2021-12-22
  Read more
• 7.27.1 - 2021-11-19
  Read more
• 7.27.0 - 2021-11-10
  Read more
• 7.26.1 - 2021-09-30
• 7.26.0 - 2021-09-21
• 7.25.3 - 2021-09-19
• 7.25.2 - 2021-09-16
• 7.25.1 - 2021-08-30
• 7.25.0 - 2021-08-29
• 7.24.0 - 2021-05-29
• 7.23.2 - 2021-04-08
• 7.23.1 - 2021-03-24
• 7.23.0 - 2021-03-23
• 7.22.0 - 2020-12-30
• 7.21.5 - 2020-10-20
• 7.21.4 - 2020-10-09
• 7.21.3 - 2020-10-02
• 7.21.2 - 2020-09-24
• 7.21.1 - 2020-09-23
• 7.21.0 - 2020-09-23
• 7.20.6 - 2020-08-12
• 7.20.5 - 2020-07-28
• 7.20.4 - 2020-07-27
• 7.20.3 - 2020-06-30
• 7.20.2 - 2020-06-29
• 7.20.1 - 2020-06-28
• 7.20.0 - 2020-05-13
• 7.19.0 - 2020-03-06
• 7.18.3 - 2020-02-03
• 7.18.2 - 2020-02-02
• 7.18.1 - 2020-02-01
• 7.18.0 - 2020-01-16
• 7.17.0 - 2019-11-29
• 7.16.0 - 2019-10-04
• 7.15.1 - 2019-10-01
• 7.15.0 - 2019-10-01
• 7.14.3 - 2019-07-22
• 7.14.2 - 2019-06-24
• 7.14.1 - 2019-06-24
• 7.14.0 - 2019-06-23
• 7.13.0 - 2019-05-03
• 7.12.4 - 2019-01-17
• 7.12.3 - 2019-01-04
• 7.12.2 - 2019-01-02
• 7.12.1 - 2019-01-01
• 7.12.0 - 2018-12-28
• 7.11.1 - 2018-08-14
• 7.11.0 - 2018-08-13
• 7.10.0 - 2018-06-25
• 7.9.1 - 2018-06-04
• 7.9.0 - 2018-06-03
• 7.8.2 - 2018-05-13
• 7.8.1 - 2018-05-11
• 7.8.0 - 2018-05-11
• 7.8.0-rc.0 - 2018-05-10
• 7.7.0 - 2018-02-20
• 7.6.1 - 2018-01-29
• 7.6.0 - 2018-01-25
• 7.5.1 - 2017-11-19
• 7.5.0 - 2017-11-18
• 7.4.0 - 2017-09-24
• 7.4.0-rc.1 - 2017-09-12
• 7.4.0-rc.0 - 2017-09-05
• 7.3.0 - 2017-08-21
• 7.2.1 - 2017-08-14
• 7.2.0 - 2017-08-09
• 7.1.0 - 2017-06-13
• 7.0.1 - 2017-05-13
• 7.0.0 - 2017-05-06
• 7.0.0-rc.1 - 2017-05-01
• 7.0.0-rc.0 - 2017-04-23
• 6.10.3 - 2017-03-20
• 6.10.2 - 2017-03-19
• 6.10.1 - 2017-03-19
• 6.10.0 - 2017-02-15
• 6.9.0 - 2017-01-08

from eslint-plugin-react GitHub release notes

Commit messages

Package name: eslint-plugin-react

• 3348023 Update CHANGELOG and bump version
• a73570f [Dev Deps] update `@ babel/core`, `@ babel/eslint-parser`, `eslint-remote-tester-repositories`, `ls-engines`
• b9aa04b [Fix] `display-name`: fix false positive when using memo
• e7fc22f [Fix] `jsx-no-leaked-render`: avoid unnecessary negation operators and ternary branches deletion
• c42b624 [Docs] `jsx-key`: split the examples
• 527db86 [Docs] `jsx-tag-spacing`: rename option from #3264
• fc9664f [Fix] `display-name`: fix false positive for HOF returning only nulls
• 91d3757 Update CHANGELOG and bump version
• 1fdf9bd [Fix] `no-unstable-nested-components`: Improve error message and catch React.memo()
• 316bc40 [Fix] `jsx-tag-spacing`: change multiline-always to proportional-always
• 9356230 [Fix] `button-has-type`: fix exception for `<button type>`
• 46ce117 [Refactor] improve performance of component detection
• ea3b2a3 [meta] use `npmignore --auto` instead of `files` to limit published files
• 7456e18 [eslint] use `ignorePatterns` instead of `eslintignore`
• 4153a15 [Deps] update `array-includes`, `object.hasown`
• 08e6c6e [Dev Deps] update `@ babel/core`, `@ babel/plugin-syntax-decorators`, `@ babel/preset-react`, `@ types/estree`, `@ types/node`, `ls-engines`
• 438c21a [Refactor] improve performance of rule merging
• c8833f3 [Deps] update `array.prototype.flatmap`
• d807c3e [Dev Deps] update `@ babel/core`, `@ types/node`, `eslint-plugin-import`, `eslint-remote-tester`, `eslint-remote-tester-repositories`
• 6c88912 [Fix] `propTypes`: handle imported types/interface in forwardRef generic
• b7a9c2a [Docs] `default-props-match-prop-types`, `require-default-props`, `sort-prop-types`: fix typos
• 24621e4 [New] `require-default-props`: add option `functions`
• 5554bd4 [Refactor] add AST util `isFunctionLike()`
• ef733fd [New] add `jsx-no-leaked-render`

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs