chore(deps): update npm dev (major)

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@typescript-eslint/eslint-plugin	5.62.0 -> 6.7.3
@typescript-eslint/parser	5.62.0 -> 6.7.3
sigstore (source)	1.2.0 -> 2.1.0

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

Release Notes

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v6.7.3

Compare Source

Note: Version bump only for package @​typescript-eslint/eslint-plugin

You can read about our versioning strategy and releases on our website.

v6.7.2

Compare Source

Note: Version bump only for package @​typescript-eslint/eslint-plugin

You can read about our versioning strategy and releases on our website.

v6.7.0

Compare Source

Bug Fixes

• eslint-plugin: [no-restricted-imports] disallow side effect imports when allowTypeImports is enabled (#​7560) (4908905)

Features

• eslint-plugin: [await-thenable] added suggestion fixer (#​7437) (b284370)

You can read about our versioning strategy and releases on our website.

v6.6.0

Compare Source

Bug Fixes

• eslint-plugin: [key-spacing] consider properties with parens and comments (#​7525) (7012279)

You can read about our versioning strategy and releases on our website.

v6.5.0

Compare Source

Bug Fixes

• eslint-plugin: [consistent-type-assertions] wrap object return value with parentheses (#​6885) (23ac499)

You can read about our versioning strategy and releases on our website.

6.4.1 (2023-08-21)

Bug Fixes

• eslint-plugin: [no-unnecessary-condition] false positives with branded types (#​7466) (b52658f), closes #​7293

You can read about our versioning strategy and releases on our website.

v6.4.1

Compare Source

Bug Fixes

• eslint-plugin: [no-unnecessary-condition] false positives with branded types (#​7466) (b52658f), closes #​7293

You can read about our versioning strategy and releases on our website.

v6.4.0

Compare Source

Bug Fixes

• eslint-plugin: [non-nullable-type-assertion-style] consider operator precedence when fixing (#​7289) (bad37a2)
• eslint-plugin: [strict-boolean-expressions] replace dangerous fixer with suggestions (#​7394) (ad8401a)

You can read about our versioning strategy and releases on our website.

v6.3.0

Compare Source

Bug Fixes

• eslint-plugin: [no-extra-parens] keep parens around call expression arguments when type arguments contain parens (#​7375) (38e5e4e)
• eslint-plugin: [no-restricted-imports] allow inline type qualifiers when allowTypeImports enabled (#​7379) (cc9a46d)

Features

• eslint-plugin: [prefer-nullish-coalescing] allow ignorePrimitives option to be true (#​7331) (dfcafae)

Reverts

• Revert "chore(deps): update dependency marked to v6" (#​7429) (7891a06), closes #​7429 #​7422

You can read about our versioning strategy and releases on our website.

6.2.1 (2023-07-31)

Bug Fixes

• eslint-plugin: [no-inferrable-types] apply also for parameter properties (#​7288) (67f93b1)
• scope-manager: correct decorators(.length) check in ClassVisitor for methods (#​7334) (abbb6c2)

You can read about our versioning strategy and releases on our website.

v6.2.1

Compare Source

Bug Fixes

• eslint-plugin: [no-inferrable-types] apply also for parameter properties (#​7288) (67f93b1)
• scope-manager: correct decorators(.length) check in ClassVisitor for methods (#​7334) (abbb6c2)

You can read about our versioning strategy and releases on our website.

v6.2.0

Compare Source

Bug Fixes

• eslint-plugin: [member-ordering] account for repeated names (#​6864) (d207b59)
• eslint-plugin: [no-unsafe-enum-comparison] exempt bit shift operators (#​7074) (b3e0e75)
• eslint-plugin: [prefer-nullish-coalescing] handle case when type of left side is null or undefined (#​7225) (b62affe)
• eslint-plugin: use a default export for the rules type (#​7266) (af77a1d)

Features

• eslint-plugin: [class-methods-use-this] add extension rule (#​6457) (18ea3b1)
• eslint-plugin: sync getFunctionHeadLoc implementation with upstream (#​7260) (f813147)

You can read about our versioning strategy and releases on our website.

v6.1.0

Compare Source

Bug Fixes

• eslint-plugin: [comma-dangle] fixed crash from undefined predicate.ignore (#​7223) (d368164)
• eslint-plugin: [no-floating-promises] false negative calling .then with second argument undefined (#​6881) (606a52c), closes #​6850
• eslint-plugin: [no-floating-promises] finally should be transparent to unhandled promises (#​7092) (2a4421c)
• eslint-plugin: [no-unnecessary-type-constraint] correctly fix in cts/mts files (#​6795) (1404796)
• eslint-plugin: [no-unused-vars] check if any variable definition is exported (#​6873) (587ac30), closes #​6188
• eslint-plugin: fix schemas across several rules and add schema tests (#​6947) (dd31bed)
• eslint-plugin: include the rules types in the package (#​7215) (a3da11d)

Features

• typescript-estree: add EXPERIMENTAL_useProjectService option to use TypeScript project service (#​6754) (6d3d162)

You can read about our versioning strategy and releases on our website.

v6.0.0

Compare Source

Bug Fixes

• bumped ts-api-utils to 0.0.39 (#​6497) (217c710)
• correct handling of additionalProperties in object schemas (#​6939) (489c7a5)
• correct lint error after merge (277fdb5)
• eslint-plugin: [explicit-module-boundary-types] remove shouldTrackReferences option from schema (#​5399) (6d32734)
• eslint-plugin: allow parser@^6.0.0 (#​6630) (92908bd)
• eslint-plugin: remove valid-typeof disable in eslint-recommended (#​5381) (b82df5e)
• fix illegal decorator check (#​6723) (c456f8c)
• rename typeParameters to typeArguments where needed (#​5384) (08d757b)
• replace tsutils with ts-api-tools (#​6428) (79327b4)
• type-utils: treat intrinsic types as if they are from lib and never match error types (#​6869) (ecb57de)
• typescript-estree: account for namespace nesting in AST conversion (#​6272) (09e3877)
• update exports field in package.json files (#​6550) (53776c2)

chore

• drop support for node v14.17, v17 (#​5971) (cc62015)

Features

• add new package rule-tester (#​6777) (2ce1c1d)
• add package.json exports for public packages (#​6458) (d676683)
• bump minimum supported TS version to 4.2.4 (#​5915) (a8e71d5)
• bump ts-api-utils to v0.0.21 (#​6459) (3915661)
• bump ts-api-utils to v0.0.22 (#​6472) (b88cd23)
• drop support for ESLint v6 (#​5972) (bda806d)
• drop support for node v12 (#​5918) (7e3fe9a)
• drop support for node v14 and test against node v20 (#​7022) (e6235bf)
• eslint-plugin: [prefer-nullish-coalescing]: add support for assignment expressions (#​5234) (4bdbe67)
• eslint-plugin: [prefer-optional-chain] handle cases where the first operands are unrelated to the rest of the chain and add type info (#​6397) (02a37c4)
• eslint-plugin: [prefer-readonly-parameter-types] added an optional type allowlist (#​4436) (c9427b7)
• eslint-plugin: [restrict-plus-operands] change checkCompoundAssignments to skipCompoundAssignments (#​7027) (dc801d8)
• eslint-plugin: add config that disables type-aware linting (#​6470) (3b063cf)
• eslint-plugin: apply final v6 changes to configs (#​7110) (c13ce0b)
• eslint-plugin: deprecate no-type-alias (#​6229) (820bdf2)
• eslint-plugin: final final config changes for v6 (#​7157) (e35c5c1)
• eslint-plugin: rework configs: recommended, strict, stylistic; -type-checked (#​5251) (5346b5b), closes #​5036 #​5834 #​5882 #​5864 #​3076 #​5834 #​5882 #​5864 #​5889 #​5834 #​5882 #​5864 #​5883 #​4863 #​5381 #​5256 #​5399
• fork json schema types for better compat with ESLint rule validation (#​6963) (a4967f2)
• improve rule schemas, add test to validate schemas, add tooling to generate schema types (#​6899) (acc1a43)
• made BaseNode.parent non-optional (#​5252) (a4768f3), closes #​5036 #​5834 #​5882 #​5864 #​3076 #​5834 #​5882 #​5864 #​5889 #​5834 #​5882 #​5864 #​5883 #​4863 #​5381 #​5256 #​5399
• remove RuleTester in /utils in favour of the new /rule-tester package (#​6816) (c33f497)
• remove partial type-information program (#​6066) (7fc062a)
• typescript-estree: add type checker wrapper APIs to ParserServicesWithTypeInformation (#​6404) (62d5755)
• typescript-estree: added allowInvalidAST option to not throw on invalid tokens (#​6247) (a3b177d)
• typescript-estree: check for illegal decorators on function declarations (#​6590) (1b39cfd)
• typescript-estree: check modifiers on every node (#​6615) (62d6230)
• typescript-estree: remove optionality from AST boolean properties (#​6274) (df131e2)
• typescript-estree: throw errors for object methods without function bodies (#​6589) (1d78576)
• typescript-estree: throw errors when abstract property has initializer (#​6613) (dcdbc76)

BREAKING CHANGES

• eslint-plugin: Adds an additional class of checks to the rule
• drop support for ESLint v6
• drops support for node v17
• Bumps the minimum supported range and removes handling for old versions
• drops support for node v12

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v6.7.3

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.7.2

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.7.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.6.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.5.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

6.4.1 (2023-08-21)

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.4.1

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.4.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.3.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

6.2.1 (2023-07-31)

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.2.1

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.2.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

v6.1.0

Compare Source

Features

• typescript-estree: add EXPERIMENTAL_useProjectService option to use TypeScript project service (#​6754) (6d3d162)

You can read about our versioning strategy and releases on our website.

v6.0.0

Compare Source

Bug Fixes

• update exports field in package.json files (#​6550) (53776c2)

chore

• drop support for node v14.17, v17 (#​5971) (cc62015)

Features

• add new package rule-tester (#​6777) (2ce1c1d)
• add package.json exports for public packages (#​6458) (d676683)
• drop support for ESLint v6 (#​5972) (bda806d)
• drop support for node v12 (#​5918) (7e3fe9a)
• drop support for node v14 and test against node v20 (#​7022) (e6235bf)
• remove partial type-information program (#​6066) (7fc062a)
• scope-manager: ignore ECMA version (#​5889) (f2330f7), closes #​5834 #​5882 #​5864 #​5883
• typescript-estree: added allowInvalidAST option to not throw on invalid tokens (#​6247) (a3b177d)
• typescript-estree: allow providing code as a ts.SourceFile (#​5892) (af41b7f)
• typescript-estree: deprecate createDefaultProgram (#​5890) (426d6b6)
• typescript-estree: remove optionality from AST boolean properties (#​6274) (df131e2)

BREAKING CHANGES

• drop support for ESLint v6
• drops support for node v17
• drops support for node v12

You can read about our versioning strategy and releases on our website.

sigstore/sigstore-js (sigstore)

v2.1.0

Compare Source

Minor Changes

• 70cb986: Generate v0.2 Sigstore bundles

Patch Changes

• Updated dependencies [4a386dc]
• Updated dependencies [9256f86]
• Updated dependencies [70cb986]
• Updated dependencies [fca33dc]
• Updated dependencies [73370db]
  • @​sigstore/sign@​2.1.0
  • @​sigstore/bundle@​2.1.0
  • @​sigstore/tuf@​2.1.0

v2.0.0

Compare Source

Major Changes

• 829e123: Replaces the exported sigstore object with individual functions/types
• 4455f7f: Remove TUF helper functions (please use @sigstore/tuf package instead)
• d5060c0: Removes oidcIssuer, oidcClient, oidcClientSecret, and oidcRedirectURL from the options for the sign and attest functions. The OAuth identity provider that was associated with these options has been relocated to the @sigstore/cli package.
• d0053a3: Drop node 14 support
• 3bd0fbb: Removes signer from the options for the sign and attest functions (see the @sigstore/sign package if you require something other than Fulcio-style keyless signing)
• e36bbfa: Removes the legacy CLI (please use the @sigstore/cli package instead)
• 3bd0fbb: Remove sigstore-utils object from public interface

Patch Changes

• 4e49006: Bump @​tufjs/repo-mock from 1.4.0 to 2.0.0
• 06ea684: Bump @​sigstore/protobuf-specs from 0.2.0 to 0.2.1
• Updated dependencies [4e49006]
• Updated dependencies [06ea684]
• Updated dependencies [06ea684]
• Updated dependencies [06ea684]
• Updated dependencies [d0053a3]
• Updated dependencies [d0053a3]
• Updated dependencies [3bc1817]
  • @​sigstore/tuf@​2.0.0
  • @​sigstore/sign@​2.0.0
  • @​sigstore/bundle@​2.0.0

v1.9.0

Compare Source

Minor Changes

• 75ba6cd: Integrate @sigstore/sign package
• e44f05c: Use bundle construction helpers from @sigstore/bundle package

Patch Changes

• 9b8c140: Fix bug in inclusion proof verification
• Updated dependencies [fe31654]
• Updated dependencies [5de42a0]
• Updated dependencies [84eee0b]
• Updated dependencies [abcebbf]
  • @​sigstore/sign@​1.0.0
  • @​sigstore/bundle@​1.1.0

v1.8.0

Compare Source

Minor Changes

• f1b8bad: Support for verifying v0.2 Sigstore bundles that contain inclusion proofs from Rekor
• d9b1540: Integrate @​sigstore/bundle package

Patch Changes

• e0c16ec: Bump @​sigstore/protobuf-specs from 0.1.0 to 0.2.0
• 6abe9ec: Fix bug when setting tlogThreshold/ctLogThreshold verification options to 0
• Updated dependencies [e0c16ec]
• Updated dependencies [f1b8bad]
• Updated dependencies [a388e25]
• Updated dependencies [e0c16ec]
• Updated dependencies [2a5f500]
• Updated dependencies [2a869ba]
  • @​sigstore/bundle@​1.0.0
  • @​sigstore/tuf@​1.0.3

v1.7.0

Compare Source

Minor Changes

• f374dd3: Include transparency log inclusion proof in Sigstore bundle
• fbfb315: Exports new createVerifier function

Patch Changes

• bd1e1e1: Internal refactoring of Typescript types
• Updated dependencies [b97be71]
  • @​sigstore/tuf@​1.0.1

v1.6.0

Compare Source

Minor Changes

• 5ea8b63: Adds a new identityProvider config option for the sign/attest functions
• 16de8c7: Support for verifying Rekor entries w/ the new dsse entry type

Patch Changes

• 4fdf826: Consume TUF client from @sigstore/tuf package
• f72e2b2: Consume Rekor API types from @sigstore/rekor-types package
• 84fd931: Export IdentityProvider interface
• Updated dependencies [29b88a3]
• Updated dependencies [3e770f0]
  • @​sigstore/tuf@​1.0.0

v1.5.2

Compare Source

Patch Changes

• 2f89e43: Update Fulcio client to handle responses with detached SCTs

v1.5.1

Compare Source

Patch Changes

• cab068e: Propagate retry/timeout options to the Timestamp Authority client

v1.5.0

Compare Source

Minor Changes

• f4c677e: Generated bundle excludes Fulcio root and intermediate certificates
• 5ca42a0: New tsaServerURL option for requesting a timestamp from a Timestamp Authority API
• 4e715c9: Exposes a new tuf.client function which returns a client for retrieving targets from the Sigstore TUF repository.
• 4b97516: New tlogUpload option for sign and attest to control signature uploads to the transparency log
• f927296: New retry and timeout options to control fetch behavior when errors occur

Patch Changes

• 2e5e733: Certificate chain verification enforces pathlen constraint for CA certs
• 3205ce9: Updates certificate verification to ignore all but the first certificate present in the bundle
• bb2006b: Updating embedded Sigstore TUF root to v7

v1.4.0

Compare Source

Minor Changes

• 99093bb: add specific errors codes for InternalErrors
• 99093bb: export error classes

v1.3.2

Compare Source

Patch Changes

• 6ba4fd1: Print the rekor search entry when running the sigstore attest command

v1.3.1

Compare Source

Patch Changes

• d2d0702: Update CLI sign cmd to output a link to search.sigstore.dev

v1.3.0

Compare Source

Minor Changes

• c2e3dd5: Add support for verification of certificate extension values encoded as UTF8String
• 6fd6e22: Exposes a new tuf.getTarget function to retrieve targets from the Sigstore TUF repository
• da0bfd7: Added new token provider for looking up OIDC tokens in the SIGSTORE_ID_TOKEN environment variable.

Patch Changes

• 9dbb26d: Use CDN-backend endpoint to fetch TUF root material
• 341b7bd: Update dependency - [email protected]

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.