[Snyk] Upgrade eslint-plugin-jsx-a11y from 6.4.1 to 6.8.0

[Loonz206]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade eslint-plugin-jsx-a11y from 6.4.1 to 6.8.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 7 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2023-11-01.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-AXIOS-6144788	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MONGOOSE-2961688	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-5777721	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Sandbox Bypass SNYK-JS-WEBPACK-3358798	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TERSER-2806366	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIMOFFNEWLINES-1296850	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-NANOID-2332193	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Session Fixation SNYK-JS-PASSPORT-2840631	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-POSTCSS-5926692	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Open Redirect SNYK-JS-GOT-2932019	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: eslint-plugin-jsx-a11y

• 6.8.0 - 2023-11-01
  

  v6.8.0

• 6.7.1 - 2023-01-12
  

  v6.7.1

• 6.7.0 - 2023-01-09
  

  v6.7.0

• 6.6.1 - 2022-07-21
  

  v6.6.1

• 6.6.0 - 2022-06-24
  

  Full Changelog: v6.5.1...v6.6.0

• 6.5.1 - 2021-11-10
  

  Full Changelog: v6.5.0...v6.5.1

• 6.5.0 - 2021-11-10
  Read more
• 6.4.1 - 2020-10-26
  

  What's Changed

  • Adding test cases for label tests by @ jessebeach in #709
  • docs: fix travis badge by @ AviVahl in #711
  • Account for additional control elements in label-has-associated-control by @ jessebeach in #710
  • Additional test case for no-redundant-roles by @ jessebeach in #707
  • Negative tabindex is allowed in aria-activedescendant-has-tabindex rule by @ jessebeach in #708
  • Add a testcase for tablist to interactive supports focus by @ jessebeach in #714
  • Deprecate the accessible-emoji rule by @ jessebeach in #713
  • Update to [email protected] by @ jessebeach in #712
  • Add failing test for autocomplete with dynamic type by @ lencioni in #721
  • Add WCAG guidelines to rule documentation by @ backwardok in #719
  • [fix:635] Ignore control elements that are hidden by @ jessebeach in #723
  • Fixed rule name in comments by @ chiragswadia in #724
  • Fix screenreader -> screen reader by @ piperchester in #725
  • Adds translations directory, Spanish README -- linked in original README by @ ari-os310 in #737
  • CHANGELOG update for v6.4.0 by @ jessebeach in #753

  New Contributors

  • @ AviVahl made their first contribution in #711
  • @ chiragswadia made their first contribution in #724
  • @ piperchester made their first contribution in #725
  • @ ari-os310 made their first contribution in #737

  Full Changelog: v6.3.1...v6.4.1

from eslint-plugin-jsx-a11y GitHub release notes

Commit messages

Package name: eslint-plugin-jsx-a11y

• 9742753 v6.8.0
• b755318 [Deps] update `ast-types-flow`
• f1c976b [Dev Deps] update `eslint-plugin-import`
• 52de824 [Refactor] use `es-iterator-helpers`
• 9a8edde [Refactor] use `hasown` instead of `has`
• 46ffbc3 [Deps] update `@ babel/runtime`, `array-includes`, `array.prototype.flatmap`, `object.entries`, `object.fromentries`
• 4dc7f1e [Dev Deps] update `@ babel/cli`, `@ babel/core`, `@ babel/eslint-parser`, `@ babel/register`, `eslint-doc-generator`, `eslint-plugin-import`
• fffb05b [New] add `polymorphicPropName` setting for polymorphic components
• 3d1d26d [Deps] unpin `language-tags`
• 10c061a [actions] update used actions
• ce4d57f [Tests] migrate helper parsers function from `eslint-plugin-react`
• 9688ad8 Merge pull request #727 from gorohash/anchor-has-title-and-aria-label
• e6bfd5c [New] `anchor-has-content`: Allow title attribute OR aria-label attribute
• 7b3492b [Docs] `aria-activedescendant-has-tabindex`: align with changes from #708
• 64bfea6 [Fix] `isNonInteractiveElement`: Upgrade aria-query to 5.3.0 and axobject-query to 3.2.1
• 1271153 [Docs] `no-static-element-interactions`: tabIndex is written tabindex
• 4da13e7 [patch] move `semver` from Deps to Dev Deps
• 5999555 [Deps] update `@ babel/runtime`, `axobject-query`, `jsx-ast-utils`, `semver`
• 6d5022d [Dev Deps] update `@ babel/cli`, `@ babel/core`, `@ babel/eslint-parser`, `@ babel/plugin-transform-flow-strip-types`, `@ babel/register`, `aud`, `eslint-doc-generator`, `eslint-plugin-import`, `minimist`
• eadd70c [patch] `mouse-events-have-key-events`: rport the attribute, not the node
• 0c278f4 [Dev Deps] pin `jackspeak` since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
• 8d8f016 [Fix] pin `aria-query` and `axe-core` to fix failing tests on main
• f0d2ddb [Deps] Upgrade ast-types-flow to mitigate Docker user namespacing problems
• db64898 [New] `mouse-events-have-key-events`: add `hoverInHandlers`/`hoverOutHandlers` config

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[sonarqubecloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud