[Snyk] Security upgrade eslint from 2.13.1 to 4.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	748/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1	Improper Privilege Management SNYK-JS-SHELLJS-2332187	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: eslint

The new version differs by 250 commits.

• c61194f 4.0.0
• 821a1e6 Build: changelog update for 4.0.0
• 4aefb49 Chore: avoid using deprecated rules on ESLint codebase (#8708)
• 389feba Chore: upgrade deps. (#8684)
• 3da7b5e Fix: Semi-Style only check for comments when tokens exist (fixes #8696) (#8697)
• 3cfe9ee Fix: Add space between async and param on fix (fixes #8682) (#8693)
• c702858 Chore: enable no-multiple-empty-lines on ESLint codebase (#8694)
• 34c4020 Update: Add support for parens on left side for-loops (fixes: #8393) (#8679)
• 735cd09 Docs: Correct the comment in an example for `no-mixed-requires` (#8686)
• 026f048 Chore: remove dead code from prefer-const (#8683)
• a8e1c1c 4.0.0-rc.0
• 1768dc0 Build: changelog update for 4.0.0-rc.0
• 0058b0f Update: add --fix to no-debugger (#8660)
• b4daa22 Docs: Note to --fix option for strict rule (#8680)
• 4df33e7 Chore: check for root:true in project sooner (fixes #8561) (#8638)
• c9b980c Build: Add Node 8 on travis (#8669)
• 9524833 Fix: Don't check object destructing in integer property (fixes #8654) (#8657)
• c4ac969 Update: fix parenthesized ternary expression indentation (fixes #8637) (#8649)
• 4f2f9fc Build: update license checker to allow LGPL (fixes #8647) (#8652)
• b0c83bd Docs: suggest pushing new commits to a PR instead of amending (#8632)
• d0e9fd2 Fix: Config merge to correctly account for extends (fixes #8193) (#8636)
• 705d88f Docs: Update CLA link on Pull Requests page (#8642)
• 794d4d6 Docs: missing paren on readme (#8640)
• 7ebd9d6 New: array-element-newline rule (fixes build: Node.js 23.0 expressjs/express#6075) (#8375)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[pull-request-quantifier-deprecated]

This PR has 2 quantified lines of changes. In general, a change size of upto 200 lines is ideal for the best PR experience!

---

Quantification details

Label      : Extra Small
Size       : +1 -1
Percentile : 0.8%

Total files changed: 1

Change summary by file extension:
.json : +1 -1

Change counts above are quantified counts, based on the PullRequestQuantifier customizations.

Why proper sizing of changes matters

Optimal pull request sizes drive a better predictable PR flow as they strike a
balance between between PR complexity and PR review overhead. PRs within the
optimal size (typical small, or medium sized PRs) mean:

• Fast and predictable releases to production:
  • Optimal size changes are more likely to be reviewed faster with fewer
    iterations.
  • Similarity in low PR complexity drives similar review times.
• Review quality is likely higher as complexity is lower:
  • Bugs are more likely to be detected.
  • Code inconsistencies are more likely to be detetcted.
• Knowledge sharing is improved within the participants:
  • Small portions can be assimilated better.
• Better engineering practices are exercised:
  • Solving big problems by dividing them in well contained, smaller problems.
  • Exercising separation of concerns within the code changes.

What can I do to optimize my changes

• Use the PullRequestQuantifier to quantify your PR accurately
  • Create a context profile for your repo using the context generator
  • Exclude files that are not necessary to be reviewed or do not increase the review complexity. Example: Autogenerated code, docs, project IDE setting files, binaries, etc. Check out the Excluded section from your prquantifier.yaml context profile.
  • Understand your typical change complexity, drive towards the desired complexity by adjusting the label mapping in your prquantifier.yaml context profile.
  • Only use the labels that matter to you, see context specification to customize your prquantifier.yaml context profile.
• Change your engineering behaviors
  • For PRs that fall outside of the desired spectrum, review the details and check if:
    • Your PR could be split in smaller, self-contained PRs instead
    • Your PR only solves one particular issue. (For example, don't refactor and code new features in the same PR).

How to interpret the change counts in git diff output

• One line was added: +1 -0
• One line was deleted: +0 -1
• One line was modified: +1 -1 (git diff doesn't know about modified, it will
  interpret that line like one addition plus one deletion)
• Change percentiles: Change characteristics (addition, deletion, modification)
  of this PR in relation to all other PRs within the repository.

---

Was this comment helpful? 👍  :ok_hand:  :thumbsdown: (Email)
Customize PullRequestQuantifier for this repository.