[Snyk] Upgrade eslint-plugin-import from 2.22.1 to 2.28.1

[ManuelDevWeb]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade eslint-plugin-import from 2.22.1 to 2.28.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 22 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2023-08-18.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-JSON5-3182856	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	427/1000 Why? Proof of Concept exploit, CVSS 6.4	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: eslint-plugin-import

• 2.28.1 - 2023-08-18
  

  v2.28.1

• 2.28.0 - 2023-07-28
  

  v2.28.0

• 2.27.5 - 2023-01-16
• 2.27.4 - 2023-01-12
• 2.27.3 - 2023-01-12
• 2.27.2 - 2023-01-12
• 2.27.1 - 2023-01-12
• 2.27.0 - 2023-01-11
• 2.26.0 - 2022-04-05
• 2.25.4 - 2022-01-02
• 2.25.3 - 2021-11-10
• 2.25.2 - 2021-10-12
• 2.25.1 - 2021-10-12
• 2.25.0 - 2021-10-12
• 2.24.2 - 2021-08-24
• 2.24.1 - 2021-08-19
• 2.24.0 - 2021-08-08
• 2.23.4 - 2021-05-29
• 2.23.3 - 2021-05-21
• 2.23.2 - 2021-05-15
• 2.23.1 - 2021-05-15
• 2.23.0 - 2021-05-14
• 2.22.1 - 2020-09-27

from eslint-plugin-import GitHub release notes

Commit messages

Package name: eslint-plugin-import

• cd95728 Bump to 2.28.1
• 0847443 Revert 1fa2971 (breaking group change in `order`)
• e9de30a [resolvers/webpack] v0.13.6
• cd1dff7 Revert "[resolvers/webpack] [refactor] replace `lodash/isEqual` usage with `deep-equal`"
• da71746 [resolvers/webpack] v0.13.5
• 22a0802 [resolvers/webpack] [deps] update `resolve`
• 1e81734 [resolvers/webpack] [refactor] replace `lodash/isEqual` usage with `deep-equal`
• 2c18c29 [resolvers/webpack] [refactor] remove `lodash/get` usage
• b9b9c86 [resolvers/webpack] [refactor] switch to a maintained array.prototype.find package
• 2e7612f [Dev Deps] pin `jackspeak` since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
• 26ea4f8 [Docs] Add markdownlint
• c704253 [resolvers/node] v0.3.9
• 559480d [resolvers/webpack] v0.13.4
• 10913e7 [resolvers] [*] [fix] restore node 6 compatibility
• 69fce5c [Tests] actually test non-babel’d packages without babel
• 0501367 [Docs] remove duplicate fixable notices in docs
• 7f7a9a6 [resolvers/node] v0.3.8
• 6f6f414 [resolvers/webpack] v0.13.3
• 95f9f00 [resolvers/webpack] [deps] update `semver`
• 4a75aaf [Deps] remove unused root dep
• 5209a43 [resolvers] [*] [deps] update `is-core-module`, `resolve`
• 132a433 [Deps] update `is-core-module`, `resolve`
• a257df9 Bump to 2.28.0
• 600fcc1 [Refactor] `order`: use `object.groupby`

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs