[Snyk] Upgrade xo from 0.36.1 to 0.43.0

[snyk-bot]

Snyk has created this PR to upgrade xo from 0.36.1 to 0.43.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 15 versions ahead of your current version.
• The recommended version was released 24 days ago, on 2021-08-03.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	375/1000 Why? CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	375/1000 Why? CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	375/1000 Why? CVSS 7.5	Proof of Concept
	Cryptographic Issues SNYK-JS-ELLIPTIC-1064899	375/1000 Why? CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: xo

• 0.43.0 - 2021-08-03
  

  Improvements

  • Enforce importing process and Buffer in Node.js explicitly 9f40074
    • This is the recommendation in the Node.js docs.
  • Upgrade dependencies f2c5041

  Fixes

  • Make cache directory be relative to cwd (#582) 512291b
    • This fixes editor integration.

  v0.42.0...v0.43.0

• 0.42.0 - 2021-07-16
  

  New rules

  • import/newline-after-import f81e933

  Improvements

  • Upgrade globby dependency (#574) 34800b7

  v0.41.0...v0.42.0

• 0.41.0 - 2021-07-05
  

  Breaking

  • XO can no longer be installed globally.
    • It caused too many problems. Instead, you can run the local XO binary with $ npx xo.
  • XO now enforces trailing comma in multiline statements.
    • This has a lot of benefits.
    • Prettier also enforces this by default.
    • If you don't want it, you can disable the comma-dangle rule, and @ typescript-eslint/comma-dangle if you use TypeScript.
  • Change operator-linebreak rule to enforce operators before.
    • This way is more readable.

  New rules

  • arrow-body-style
  • unicorn/require-array-join-separator
  • unicorn/require-number-to-fixed-digits-argument
  • unicorn/prefer-prototype-methods
  • unicorn/no-array-method-this-argument
  • unicorn/require-post-message-target-origin

  v0.40.3...v0.41.0

• 0.41.0-beta.1 - 2021-07-05
• 0.40.3 - 2021-06-21
  
  • Support xo.config.cjs and .xo-config.cjs (#561) 374dd73

  v0.40.2...v0.40.3

• 0.40.2 - 2021-06-02
  
  • Fix handling of parserOptions for TypeScript (#557) 7ace6e5

  v0.40.1...v0.40.2

• 0.40.1 - 2021-05-11
  
  • Fix resolving base config (#545) d2c5750
  • Fix handling of parserOptions option (#544) e9c96a1

  v0.40.0...v0.40.1

• 0.40.0 - 2021-05-09
  

  Breaking

  • XO now enforces that your project is ESM
    If you cannot yet move to ESM, I recommend staying on XO 0.39 for now.
  • Require Node.js 12.20 cc06c3c

  New rules

  • unicorn/prefer-node-protocol
  • unicorn/prefer-module
  • unicorn/no-document-cookie
  • unicorn/numeric-separators-style
  • unicorn/prefer-array-flat
  • unicorn/prefer-array-flat-map

  Meta

  • Move from deprecated ESLint.CLIEngine to ESLint (#534) 0480d80
    This should hopefully resolve a bunch of issues.

  v0.39.1...v0.40.0

• 0.39.1 - 2021-04-20
  
  • Fix a problem with using XO with Prettier fa34c74

  v0.39.0...v0.39.1

• 0.39.0 - 2021-04-20
  

  New rules

  • unicorn/no-static-only-class
  • unicorn/prefer-array-flat
  • unicorn/prefer-switch
  • @ typescript-eslint/no-unsafe-argument

  Breaking

  • Remove the esnext option e80c094
  • unicorn/prevent-abbreviations rule: Rename options sindresorhus/eslint-plugin-unicorn@cf42cc5
  • unicorn/no-keyword-prefix rule: Rename blacklist option to disallowedPrefixes sindresorhus/eslint-plugin-unicorn@91e60d0

  Improvements

  • Add --print-config flag (#529) 7b8dc70
  • Disable the import/default rule for TypeScript files e3c511b
  • Disable the import/export rule for TypeScript files b385bee

  v0.38.2...v0.39.0

• 0.38.2 - 2021-02-28
  
  • Disable the node/file-extension-in-import rule for TypeScript projects (#523) 1eb8230
    It doesn't work properly with TypeScript projects.

  v0.38.1...v0.38.2

• 0.38.1 - 2021-02-20
• 0.38.0 - 2021-02-20
• 0.37.1 - 2021-01-02
• 0.37.0 - 2021-01-02
• 0.36.1 - 2020-12-08

from xo GitHub release notes

Commit messages

Package name: xo

• 2670d3d 0.43.0
• f2c5041 Upgrade dependencies
• 512291b Make cache directory be relative to cwd (#582)
• f038f9c Recommend installing XO as a dev dependency (#578)
• 9f40074 Enforce importing `process` and `Buffer` explicitly
• ab16df2 0.42.0
• de55a03 Upgrade dependencies
• 34800b7 Upgrade `globby` (#574)
• f81e933 Re-enable `import/newline-after-import` rule
• 47af93e 0.41.0
• af93e79 Upgrade dependencies
• 0733cc5 Fix code style (#570)
• ab17a3c Lint `.cjs` files in codebase (#569)
• 0a752c7 Update dependencies (#568)
• 41c8f39 Convert project to module (#566)
• b3c5e15 Fix typo (#567)
• 2ef9f22 Prevent the `useEslintrc` option from being used (#565)
• 41f0484 0.40.3
• 374dd73 Support `xo.config.cjs` and `.xo-config.cjs` (#561)
• 3e7b77c Remove some needless imports (#560)
• 6adf459 Remove `update-notifier`
• b6389ef 0.40.2
• 7ace6e5 Fix handling of `parserOptions` for TypeScript (#557)
• 7629ce0 0.40.1

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[coveralls]

Coverage remained the same at 91.045% when pulling 6e7ed65 on snyk-upgrade-42381bcea21db9913124b4468730d554 into 83d68ad on main.