Bump eslint-plugin-security from 1.7.1 to 2.1.1

[dependabot]

Bumps eslint-plugin-security from 1.7.1 to 2.1.1.

Release notes

Sourced from eslint-plugin-security's releases.

eslint-plugin-security v2.1.1

Bug Fixes

• Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)

eslint-plugin-security v2.1.0

Features

• add config recommended-legacy (#132) (13d3f2f)

eslint-plugin-security v2.0.0

⚠ BREAKING CHANGES

• switch the recommended config to flat (#118)

Features

• switch the recommended config to flat (#118) (e20a366)

Changelog

Sourced from eslint-plugin-security's changelog.

2.1.1 (2024-02-14)

Bug Fixes

• Ensure empty eval() doesn't crash detect-eval-with-expression (#139) (8a7c7db)

2.1.0 (2023-12-15)

Features

• add config recommended-legacy (#132) (13d3f2f)

2.0.0 (2023-10-17)

⚠ BREAKING CHANGES

• switch the recommended config to flat (#118)

Features

• switch the recommended config to flat (#118) (e20a366)

Commits

• 779da2b chore: release 2.1.1 (#140)
• 56d5a42 docs: Add link in detect-new-buffer docs
• 91fe935 docs: Update detect-object-injection docs
• 1bd0170 docs: Add link to new Buffer security issues
• 8a7c7db fix: Ensure empty eval() doesn't crash detect-eval-with-expression (#139)
• c73effd chore: release 2.1.0 (#133)
• 13d3f2f feat: add config recommended-legacy (#132)
• 27cd160 chore: release 2.0.0 (#129)
• 5a258c2 chore: switch .eslintrc to flat config (#128)
• e20a366 feat!: switch the recommended config to flat (#118)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (a175ec3) 100.00% compared to head (53b3904) 100.00%.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

@@            Coverage Diff            @@
##           develop     #1354   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           37        37           
  Lines         2176      2176           
  Branches       660       660           
=========================================
  Hits          2176      2176           

Flag	Coverage Δ
unit	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.