[Snyk] Upgrade eslint-plugin-vue from 9.21.1 to 9.33.0

[hashim21223445]

Snyk has created this PR to upgrade eslint-plugin-vue from 9.21.1 to 9.33.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 14 versions ahead of your current version.

• The recommended version was released 5 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	57	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	57	No Known Exploit
	Incorrect Authorization SNYK-JS-VITE-9653016	57	Proof of Concept
	Improper Input Validation SNYK-JS-NANOID-8492085	57	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	57	Proof of Concept
	Information Exposure SNYK-JS-VITE-8023174	57	Proof of Concept
	Origin Validation Error SNYK-JS-VITE-8648411	57	Proof of Concept
	Incorrect Authorization SNYK-JS-VITE-9512410	57	Mature
	Access Control Bypass SNYK-JS-VITE-9576207	57	Proof of Concept
	Information Exposure SNYK-JS-VITE-9685035	57	Proof of Concept
	Directory Traversal SNYK-JS-VITE-9919777	57	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	57	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	57	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-VITE-8022916	57	Proof of Concept

Release notes

Package name: eslint-plugin-vue

• 9.33.0 - 2025-03-05
  

  ✨ Enhancements

  • #2639 Added vue/no-implicit-coercion rule to disallow shorthand type conversions in <template>.
  • #2680 Improved vue/no-ref-as-operand rule to check emit payloads.
  • #2679 Added ignoreProps option to vue/prop-name-casing rule.

  🐛 Bug Fixes

  • #2636 Fixed crash in vue/prefer-use-template-ref rule when setup is an arrow function.
  • #2682 Fixed regex matching order in vue/no-bare-strings-in-template rule.
  • #2683 Fixed false positives for union type prop definitions in vue/max-props rule.

  Full Changelog: v9.32.0...v9.33.0

• 9.32.0 - 2024-11-30
  

  ✨ Enhancements

  • #2598 Added checkMultiRootNodes option to vue/no-duplicate-attr-inheritance rule and changed to ignore multi-root components by default.
  • #2610 Added ignoreElementNamespaces option to vue/no-v-text-v-html-on-component rule.
  • #2609 Added ignoreTags option to vue/attribute-hyphenation rule and vue/v-on-event-hyphenation rule.
  • #2611 Added vue/restricted-component-names rule that enforces using only specific component names.
  • #2620 Added vue/slot-name-casing rule that enforces specific casing for slot names.
  • #2617 Added support for type references in vue/require-explicit-slots rule.
  • #2608 Added support for shallowRef in vue/prefer-use-template-ref rule.

  🐛 Bug Fixes

  • #2612 Changed vue/prefer-use-template-ref rule to only check root-level variables.

  Full Changelog: v9.31.0...v9.32.0

• 9.31.0 - 2024-11-11
  

  ✨ Enhancements

  • #2594 Added caseSensitive option to vue/no-reserved-component-names rule.
  • #2554 Added vue/prefer-use-template-ref rule that requires using useTemplateRef() instead of ref() for template refs.
  • #2595 Made vue/no-empty-component-block rule auto-fixable.

  🐛 Bug Fixes

  • #2591 Fixed false positives for v-bind:name in vue/require-explicit-slots rule.

  ⚙️ Updates

  • #2593 Updated vue/define-macros-order rule to skip TypeScript declare statements.

  Full Changelog: v9.30.0...v9.31.0

• 9.30.0 - 2024-10-28
  

  🐛 Bug Fixes

  • #2585 Fixed vue/custom-event-name-casing rule to check defineEmits() variable and $emit() in <template>.
  • #2586 Fixed false negatives and false positives in vue/require-valid-default-prop rule.

  Full Changelog: v9.29.1...v9.30.0

• 9.29.1 - 2024-10-20
  

  🐛 Bug Fixes

  • #2572 Fixed index.d.ts

  Full Changelog: v9.29.0...v9.29.1

• 9.29.0 - 2024-10-11
  

  ✨ Enhancements

  New Rules

  • #2540 Added vue/no-deprecated-delete-set rule that disallows using deprecated $delete and $set.

  Others

  • #2513 Added support for Vuex and Pinia to vue/no-undef-properties rule.
  • #2541 Added support for Vue 3.5's useTemplateRef() to vue/no-unused-refs rule.
  • Added support for Vue 3.5's props destructure to various rules:
    • #2551 to vue/require-valid-default-prop rule.
    • #2552 to vue/require-default-prop rule.
    • #2553 to vue/no-boolean-default rule.
    • #2560 to vue/no-required-prop-with-default rule.
    • #2562 to vue/no-restricted-props rule.
    • #2550 to vue/no-setup-props-reactivity-loss rule.

  ⚙️ Updates

  • #2528, #2566 Added TypeScript declarations for configs.
  • #2565 Added support for recognizing Vue components in .tsx files.
• 9.28.0 - 2024-09-03
  

  ✨ Enhancements

  New Rules

  • #2430 Added vue/max-props rule that enforces the maximum number of props in Vue components.
  • #2494 Added vue/require-default-export rule that requires components to be the default export.
  • #2525 Added vue/max-template-depth rule that enforces the maximum depth of <template>.

  New Features

  • #2501 Allow specifying custom macros in vue/define-macros-order rule.
  • #2537 Added additionalDirectives option to vue/require-toggle-inside-transition rule.

  🐛 Bug Fixes

  • #2348 Fixed false positives/negatives for siblings in vue/v-if-else-key rule.
  • #2505 Fixed false positives for JavaScript components in vue/require-typed-object-prop rule.
  • #2511 Fixed false negatives for v-model directive in vue/attribute-hyphenation rule.
  • #2533 Fixed auto-fix for vue/attribute-hyphenation rule to skip v-bind.sync.
  • #2529 Fixed auto-fix for vue/no-deprecated-slot-attribute rule to handle v-for with dynamic slot.
  • #2530 Fixed auto-fix for vue/no-deprecated-slot-attribute rule to skip dynamic components.

  ⚙️ Updates

  • #2498 Renamed flat config names for inspector.

  Full Changelog: v9.27.0...v9.28.0

• 9.27.0 - 2024-07-02
  

  ✨ Enhancements

  • #2487 Improved vue/require-toggle-inside-transition rule to understand v-bind:appear.

  🐛 Bug Fixes

  • #2489 Fixed false negatives for elements inside template literals in vue/no-setup-props-reactivity-loss rule.

  ⚙️ Updates

  • #2476 Added name property to flat configs.
  • #2488 Upgraded vue-eslint-parser to v9.4.3.

  Full Changelog: v9.26.0...v9.27.0

• 9.26.0 - 2024-05-09
  

  ✨ Enhancements

  • #2457 Improved some rules to understand MathML elements:
    • vue/component-name-in-template-casing
    • vue/no-deprecated-html-element-is
    • vue/no-undef-components
    • vue/no-unused-components
    • vue/script-setup-uses-vars (note that this rule is deprecated!)

  🐛 Bug Fixes

  • #2456 Fixed vue/require-default-prop rule to ignore the spread and continue checking.
  • #2427 Fixed vue/require-typed-ref rule to ignore <script> blocks without lang="ts" in .vue files.

  Full Changelog: v9.25.0...v9.26.0

• 9.25.0 - 2024-04-14
  

  ✨ Enhancements

  • #2441 Added support for Pinia methods to vue/no-unused-properties rule.

  🐛 Bug Fixes

  • #2438 Improved vue/no-use-computed-property-like-method rule to understand logical expressions.
  • #2435 Fixed false negatives for props in template in vue/no-unused-properties rule.

  Full Changelog: v9.24.1...v9.25.0

• 9.24.1 - 2024-04-08
• 9.24.0 - 2024-03-25
• 9.23.0 - 2024-03-11
• 9.22.0 - 2024-02-23
• 9.21.1 - 2024-02-01

from eslint-plugin-vue GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[semanticdiff-com]

Review changes with  

Changed Files

File	Status
package.json	0% smaller

[snyk-io]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)