[Snyk] Upgrade eslint-plugin-vue from 9.17.0 to 10.4.0

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade eslint-plugin-vue from 9.17.0 to 10.4.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 29 versions ahead of your current version.

• The recommended version was released 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	57	Proof of Concept
	Denial of Service (DoS) SNYK-JS-HTTPPROXYMIDDLEWARE-8229906	57	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	57	No Known Exploit
	Always-Incorrect Control Flow Implementation SNYK-JS-HTTPPROXYMIDDLEWARE-9691387	57	No Known Exploit
	Improper Check for Unusual or Exceptional Conditions SNYK-JS-HTTPPROXYMIDDLEWARE-9691389	57	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	57	No Known Exploit
	Improper Handling of Unexpected Data Type SNYK-JS-ONHEADERS-10773729	57	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	57	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	57	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	57	Proof of Concept

Release notes

Package name: eslint-plugin-vue

• 10.4.0 - 2025-07-31
  

  Minor Changes

  • Added ignoreParents option to vue/no-deprecated-slot-attribute (#2784)
  • Added new vue/no-negated-v-if-condition rule (#2794)
  • Added new vue/no-negated-condition rule (#2795)

  Patch Changes

  • Resolved TypeScript compatibility issues introduced by eslint-typegen (#2790)
  • Fixed inconsistent quotes in vue/block-lang error messages (#2805)
• 10.3.0 - 2025-07-02
  

  Minor Changes

  • Added @ typescript-eslint/parser as an optional peer dependency (#2775)
  • Added TypeScript IntelliSense support via eslint-typegen (#2770)
  • vue/no-deprecated-slot-attribute ignore option now supports regex patterns (#2773)

  Patch Changes

  • Fixed false negatives when using typescript-eslint v8 in vue/script-indent rule (#2775)
  • vue/no-restricted-html-elements now also checks SVG and MathML elements (#2755)
  • Updated resources (#2752)
• 10.2.0 - 2025-06-06
  

  Minor Changes

  • vue/no-restricted-html-elements now accepts multiple elements in each entry (#2750)

  Patch Changes

  • Updated resources (#2747)
• 10.1.0 - 2025-04-30
  

  ✨ Enhancements

  • #2734 Improved allowlist option of vue/no-bare-strings-in-template rule to accept regex.
  • #2736 Added vue/define-props-destructuring rule that enforce consistent style for props destructuring.
  • #2685 Added disallowComments option to vue/no-multiple-template-root rule.

  Full Changelog: v10.0.1...v10.1.0

• 10.0.1 - 2025-04-29
  

  🐛 Bug Fixes

  • #2700 Fixed incorrect type for .eslintrc configs.
  • #2703 Fixed false negatives for multiple script blocks in vue/prefer-use-template-ref rule.
  • #2726 Fixed false positives for tagged template expressions in vue/no-ref-as-operand rule.
  • #2728 Fixed false negatives for props destructure in vue/require-default-prop rule.
  • #2731 Fixed false positives for renamed props in vue/no-dupe-keys rule.

  ⚙️ Updates

  • #2701 Improved the report location for vue/no-export-in-script-setup rule.
  • #2724 Improved the report location for vue/html-self-closing rule.

  Full Changelog: v10.0.0...v10.0.1

• 10.0.0 - 2025-03-05
  

  💥 Breaking changes

  • #2630 Changed Versioning Policy:
    • Allow minor versions of this plugin to enhance the checks for new features in Vue and Nuxt.
    • Allow updating deprecated/reserved HTML+SVG element tag names in minor versions, see #2171.
  • #2645 Removed deprecated rules (see removed rules).
  • #2669 Dropped support for old versions of ESLint and Node.js. New minimum requirements:
    • Node.js: ^18.18.0 || ^20.9.0 || >=21.1.0
    • ESLint: ^8.57.0 || ^9.0.0
  • Updated configs:
    • #2627 Added vue/block-order rule to recommended configs (replaces the removed vue/component-tags-order rule).
    • #2628 Added vue/no-deprecated-delete-set rule to vue3-essential config.
    • #2629 Added vue/no-deprecated-model-definition rule to vue3-essential config.
    • #2640 Added vue/no-required-prop-with-default rule to recommended configs.
    • #2653 Added vue/valid-define-options rule to vue3-essential config.
    • #2674 Removed globals from configs. You may need to configure them manually now, see https://eslint.org/docs/latest/use/configure/language-options#predefined-global-variables.
    • #2648 Renamed .eslintrc configs (to match eslint.config.js config names; see PR for comparison).
    • #2668 Changed .eslintrc base config so that vue-eslint-parser is only used for .vue files.
  • #2670 Changed vue-eslint-parser to peer dependency.
  • #2697 Upgraded vue-eslint-parser to v10.
    • This includes vuejs/vue-eslint-parser#195, which should make the parser much faster for large TypeScript projects ⚡
  • #2153 Added slots and expose to the default order of vue/order-in-components rule.
  • #2626 Removed legacy option from vue/custom-event-name-casing rule.
  • #2655 Removed unused runOutsideVue option from vue/sort-keys rule.
  • #2652 Removed setup-compiler-macros environments.

  ✨ Enhancements

  • #2693 Improved type resolution for generic types and improved the rules for checking type-only macros.
  • #2684 Added vue/no-import-compiler-macros rule that disallows importing Vue compiler macros.
  • #2694 Added except option to vue/prefer-true-attribute-shorthand rule.
  • #2311 Improved the plugin to check for objects declared with Nuxt3 defineNuxtComponent().

  ⚙️ Updates

  • #2171 Updated resources.
  • #2675 Deprecated Vue 2 only rules. They will be removed in eslint-plugin-vue v11.

  Full Changelog: v9.33.0...v10.0.0

• 9.33.0 - 2025-03-05
  

  ✨ Enhancements

  • #2639 Added vue/no-implicit-coercion rule to disallow shorthand type conversions in <template>.
  • #2680 Improved vue/no-ref-as-operand rule to check emit payloads.
  • #2679 Added ignoreProps option to vue/prop-name-casing rule.

  🐛 Bug Fixes

  • #2636 Fixed crash in vue/prefer-use-template-ref rule when setup is an arrow function.
  • #2682 Fixed regex matching order in vue/no-bare-strings-in-template rule.
  • #2683 Fixed false positives for union type prop definitions in vue/max-props rule.

  Full Changelog: v9.32.0...v9.33.0

• 9.32.0 - 2024-11-30
  

  ✨ Enhancements

  • #2598 Added checkMultiRootNodes option to vue/no-duplicate-attr-inheritance rule and changed to ignore multi-root components by default.
  • #2610 Added ignoreElementNamespaces option to vue/no-v-text-v-html-on-component rule.
  • #2609 Added ignoreTags option to vue/attribute-hyphenation rule and vue/v-on-event-hyphenation rule.
  • #2611 Added vue/restricted-component-names rule that enforces using only specific component names.
  • #2620 Added vue/slot-name-casing rule that enforces specific casing for slot names.
  • #2617 Added support for type references in vue/require-explicit-slots rule.
  • #2608 Added support for shallowRef in vue/prefer-use-template-ref rule.

  🐛 Bug Fixes

  • #2612 Changed vue/prefer-use-template-ref rule to only check root-level variables.

  Full Changelog: v9.31.0...v9.32.0

• 9.31.0 - 2024-11-11
  

  ✨ Enhancements

  • #2594 Added caseSensitive option to vue/no-reserved-component-names rule.
  • #2554 Added vue/prefer-use-template-ref rule that requires using useTemplateRef() instead of ref() for template refs.
  • #2595 Made vue/no-empty-component-block rule auto-fixable.

  🐛 Bug Fixes

  • #2591 Fixed false positives for v-bind:name in vue/require-explicit-slots rule.

  ⚙️ Updates

  • #2593 Updated vue/define-macros-order rule to skip TypeScript declare statements.

  Full Changelog: v9.30.0...v9.31.0

• 9.30.0 - 2024-10-28
  

  🐛 Bug Fixes

  • #2585 Fixed vue/custom-event-name-casing rule to check defineEmits() variable and $emit() in <template>.
  • #2586 Fixed false negatives and false positives in vue/require-valid-default-prop rule.

  Full Changelog: v9.29.1...v9.30.0

• 9.29.1 - 2024-10-20
• 9.29.0 - 2024-10-11
• 9.28.0 - 2024-09-03
• 9.27.0 - 2024-07-02
• 9.26.0 - 2024-05-09
• 9.25.0 - 2024-04-14
• 9.24.1 - 2024-04-08
• 9.24.0 - 2024-03-25
• 9.23.0 - 2024-03-11
• 9.22.0 - 2024-02-23
• 9.21.1 - 2024-02-01
• 9.21.0 - 2024-01-30
• 9.20.1 - 2024-01-13
• 9.20.0 - 2024-01-10
• 9.19.2 - 2023-11-30
• 9.19.1 - 2023-11-30
• 9.19.0 - 2023-11-30
• 9.18.1 - 2023-10-27
• 9.18.0 - 2023-10-24
• 9.17.0 - 2023-08-09

from eslint-plugin-vue GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs