[Snyk] Upgrade eslint from 8.27.0 to 9.38.0

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade eslint from 8.27.0 to 9.38.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 83 versions ahead of your current version.

• The recommended version was released 22 days ago.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	140	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	140	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ES5EXT-6095076	140	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	140	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIMECOREJS3-9397696	140	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	140	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept

Release notes

Package name: eslint

• 9.38.0 - 2025-10-17
  

  Features

  • ce40f74 feat: update complexity rule to only highlight function header (#20048) (Atul Nair)
  • e37e590 feat: correct no-loss-of-precision false positives with e notation (#20187) (Francesco Trotta)

  Bug Fixes

  • 50c3dfd fix: improve type support for isolated dependencies in pnpm (#20201) (Francesco Trotta)
  • a1f06a3 fix: correct SourceCode typings (#20114) (Pixel998)

  Documentation

  • 462675a docs: improve web accessibility by hiding non-semantic character (#20205) (루밀LuMir)
  • c070e65 docs: correct formatting in no-irregular-whitespace rule documentation (#20203) (루밀LuMir)
  • b39e71a docs: Update README (GitHub Actions Bot)
  • cd39983 docs: move custom-formatters type descriptions to nodejs-api (#20190) (Percy Ma)

  Chores

  • d17c795 chore: upgrade @ eslint/js@9.38.0 (#20221) (Milos Djermanovic)
  • 25d0e33 chore: package.json update for @ eslint/js release (Jenkins)
  • c82b5ef refactor: Use types from @ eslint/core (#20168) (Nicholas C. Zakas)
  • ff31609 ci: add Node.js 25 to ci.yml (#20220) (루밀LuMir)
  • 004577e ci: bump github/codeql-action from 3 to 4 (#20211) (dependabot[bot])
  • eac71fb test: remove use of nodejsScope option of eslint-scope from tests (#20206) (Milos Djermanovic)
  • 4168a18 chore: fix typo in legacy-eslint.js (#20202) (Sweta Tanwar)
  • 205dbd2 chore: fix typos (#20200) (ntnyq)
  • dbb200e chore: use team member's username when name is not available in data (#20194) (Milos Djermanovic)
  • 8962089 chore: mark deprecated rules as available until v11.0.0 (#20184) (Pixel998)
• 9.37.0 - 2025-10-03
  

  Features

  • 39f7fb4 feat: preserve-caught-error should recognize all static "cause" keys (#20163) (Pixel998)
  • f81eabc feat: support TS syntax in no-restricted-imports (#19562) (Nitin Kumar)

  Bug Fixes

  • a129cce fix: correct no-loss-of-precision false positives for leading zeros (#20164) (Francesco Trotta)
  • 09e04fc fix: add missing AST token types (#20172) (Pixel998)
  • 861c6da fix: correct ESLint typings (#20122) (Pixel998)

  Documentation

  • b950359 docs: fix typos across the docs (#20182) (루밀LuMir)
  • 42498a2 docs: improve ToC accessibility by hiding non-semantic character (#20181) (Percy Ma)
  • 29ea092 docs: Update README (GitHub Actions Bot)
  • 5c97a04 docs: show availableUntil in deprecated rule banner (#20170) (Pixel998)
  • 90a71bf docs: update README files to add badge and instructions (#20115) (루밀LuMir)
  • 1603ae1 docs: update references from master to main (#20153) (루밀LuMir)

  Chores

  • afe8a13 chore: update @ eslint/js dependency to version 9.37.0 (#20183) (Francesco Trotta)
  • abee4ca chore: package.json update for @ eslint/js release (Jenkins)
  • fc9381f chore: fix typos in comments (#20175) (overlookmotel)
  • e1574a2 chore: unpin jiti (#20173) (renovate[bot])
  • e1ac05e refactor: mark ESLint.findConfigFile() as async, add missing docs (#20157) (Pixel998)
  • 347906d chore: update eslint (#20149) (renovate[bot])
  • 0cb5897 test: remove tmp dir created for circular fixes in multithread mode test (#20146) (Milos Djermanovic)
  • bb99566 ci: pin jiti to version 2.5.1 (#20151) (Pixel998)
  • 177f669 perf: improve worker count calculation for "auto" concurrency (#20067) (Francesco Trotta)
  • 448b57b chore: Mark deprecated formatting rules as available until v11.0.0 (#20144) (Milos Djermanovic)
• 9.36.0 - 2025-09-19
  

  Features

  • 47afcf6 feat: correct preserve-caught-error edge cases (#20109) (Francesco Trotta)

  Bug Fixes

  • 75b74d8 fix: add missing rule option types (#20127) (ntnyq)
  • 1c0d850 fix: update eslint-all.js to use Object.freeze for rules object (#20116) (루밀LuMir)
  • 7d61b7f fix: add missing scope types to Scope.type (#20110) (Pixel998)
  • 7a670c3 fix: correct rule option typings in rules.d.ts (#20084) (Pixel998)

  Documentation

  • b73ab12 docs: update examples to use defineConfig (#20131) (sethamus)
  • 31d9392 docs: fix typos (#20118) (Pixel998)
  • c7f861b docs: Update README (GitHub Actions Bot)
  • 6b0c08b docs: Update README (GitHub Actions Bot)
  • 91f97c5 docs: Update README (GitHub Actions Bot)

  Chores

  • 12411e8 chore: upgrade @ eslint/js@9.36.0 (#20139) (Milos Djermanovic)
  • 488cba6 chore: package.json update for @ eslint/js release (Jenkins)
  • bac82a2 ci: simplify renovate configuration (#19907) (唯然)
  • c00bb37 ci: bump actions/labeler from 5 to 6 (#20090) (dependabot[bot])
  • fee751d refactor: use defaultOptions in rules (#20121) (Pixel998)
  • 1ace67d chore: update example to use defineConfig (#20111) (루밀LuMir)
  • 4821963 test: add missing loc information to error objects in rule tests (#20112) (루밀LuMir)
  • b42c42e chore: disallow use of deprecated type property in core rule tests (#20094) (Milos Djermanovic)
  • 7bb498d test: remove deprecated type property from core rule tests (#20093) (Pixel998)
  • e10cf2a ci: bump actions/setup-node from 4 to 5 (#20089) (dependabot[bot])
  • 5cb0ce4 refactor: use meta.defaultOptions in preserve-caught-error (#20080) (Pixel998)
  • f9f7cb5 chore: package.json update for eslint-config-eslint release (Jenkins)
  • 81764b2 chore: update eslint peer dependency in eslint-config-eslint (#20079) (Milos Djermanovic)
• 9.35.0 - 2025-09-05
  

  Features

  • 42761fa feat: implement suggestions for no-empty-function (#20057) (jaymarvelz)
  • 102f444 feat: implement suggestions for no-empty-static-block (#20056) (jaymarvelz)
  • e51ffff feat: add preserve-caught-error rule (#19913) (Amnish Singh Arora)

  Bug Fixes

  • 10e7ae2 fix: update uncloneable options error message (#20059) (soda-sorcery)
  • bfa4601 fix: ignore empty switch statements with comments in no-empty rule (#20045) (jaymarvelz)
  • dfd11de fix: add before and after to test case types (#20049) (Francesco Trotta)
  • dabbe95 fix: correct types for no-restricted-imports rule (#20034) (Milos Djermanovic)
  • ea789c7 fix: no-loss-of-precision false positive with uppercase exponent (#20032) (sethamus)

  Documentation

  • d265515 docs: improve phrasing - "if" → "even if" from getting-started section (#20074) (jjangga0214)
  • a355a0e docs: invert comparison logic for example in no-var doc page (#20064) (OTonGitHub)
  • 5082fc2 docs: Update README (GitHub Actions Bot)
  • 99cfd7e docs: add missing "the" in rule deprecation docs (#20050) (Josh Goldberg ✨)
  • 6ad8973 docs: update --no-ignore and --ignore-pattern documentation (#20036) (Francesco Trotta)
  • 8033b19 docs: add documentation for --no-config-lookup (#20033) (Francesco Trotta)

  Chores

  • da87f2f chore: upgrade @ eslint/js@9.35.0 (#20077) (Milos Djermanovic)
  • af2a087 chore: package.json update for @ eslint/js release (Jenkins)
  • 7055764 test: remove tests/lib/eslint/eslint.config.js (#20065) (Milos Djermanovic)
  • 84ffb96 chore: update @ eslint-community/eslint-utils (#20069) (Francesco Trotta)
  • d5ef939 refactor: remove deprecated context.parserOptions usage across rules (#20060) (sethamus)
  • 1b3881d chore: remove redundant word (#20058) (pxwanglu)
• 9.34.0 - 2025-08-22
  

  Features

  • 0bb777a feat: multithread linting (#19794) (Francesco Trotta)
  • 43a5f9e feat: add eslint-plugin-regexp to eslint-config-eslint base config (#19951) (Pixel998)

  Bug Fixes

  • 9b89903 fix: default value of accessor-pairs option in rule.d.ts file (#20024) (Tanuj Kanti)
  • 6c07420 fix: fix spurious failure in neostandard integration test (#20023) (Kirk Waiblinger)
  • 676f4ac fix: allow scientific notation with trailing zeros matching exponent (#20002) (Sweta Tanwar)

  Documentation

  • 0b4a590 docs: make rulesdir deprecation clearer (#20018) (Domenico Gemoli)
  • 327c672 docs: Update README (GitHub Actions Bot)
  • bf26229 docs: Fix typo in core-concepts/index.md (#20009) (Tobias Hernstig)
  • 2309327 docs: fix typo in the "Configuring Rules" section (#20001) (ghazi-git)
  • 2b87e21 docs: [no-else-return] clarify sample code. (#19991) (Yuki Takada (Yukinosuke Takada))
  • c36570c docs: Update README (GitHub Actions Bot)

  Chores

  • f19ad94 chore: upgrade to @ eslint/js@9.34.0 (#20030) (Francesco Trotta)
  • b48fa20 chore: package.json update for @ eslint/js release (Jenkins)
  • 4bce8a2 chore: package.json update for eslint-config-eslint release (Jenkins)
  • 0c9999c refactor: prefer default options in grouped-accessor-pairs (#20028) (루밀LuMir)
  • d503f19 ci: fix stale.yml (#20010) (루밀LuMir)
  • e2dc67d ci: centralize stale.yml (#19994) (루밀LuMir)
  • 7093cb8 ci: bump actions/checkout from 4 to 5 (#20005) (dependabot[bot])
• 9.33.0 - 2025-08-08
  

  Features

  • e07820e feat: add global object access detection to no-restricted-globals (#19939) (sethamus)
  • 90b050e feat: support explicit resource management in one-var (#19941) (Sweta Tanwar)

  Bug Fixes

  • 732433c fix: allow any type for meta.docs.recommended in custom rules (#19995) (Francesco Trotta)
  • e8a6914 fix: Fixed potential bug in check-emfile-handling.js (#19975) (諏訪原慶斗)

  Documentation

  • 34f0723 docs: playground button for TypeScript code example (#19671) (Tanuj Kanti)
  • dc942a4 docs: Update README (GitHub Actions Bot)
  • 5a4b6f7 docs: Update no-multi-assign.md (#19979) (Yuki Takada (Yukinosuke Takada))
  • 247e156 docs: add missing let declarations in no-plusplus (#19980) (Yuki Takada (Yukinosuke Takada))
  • 0d17242 docs: Update README (GitHub Actions Bot)
  • fa20b9d docs: Clarify when to open an issue for a PR (#19974) (Nicholas C. Zakas)

  Build Related

  • 27fa865 build: use ESLint class to generate formatter examples (#19972) (Milos Djermanovic)

  Chores

  • 4258046 chore: update dependency @ eslint/js to v9.33.0 (#19998) (renovate[bot])
  • ad28371 chore: package.json update for @ eslint/js release (Jenkins)
  • 06a22f1 test: resolve flakiness in --mcp flag test (#19993) (Pixel998)
  • 54920ed test: switch to Linter.Config in ESLintRules type tests (#19977) (Francesco Trotta)
• 9.32.0 - 2025-07-25
  

  Features

  • 1245000 feat: support explicit resource management in core rules (#19828) (fnx)
  • 0e957a7 feat: support typescript types in accessor rules (#19882) (fnx)

  Bug Fixes

  • 960fd40 fix: Upgrade @ eslint/js (#19971) (Nicholas C. Zakas)
  • bbf23fa fix: Refactor reporting into FileReport (#19877) (Nicholas C. Zakas)
  • d498887 fix: bump @ eslint/plugin-kit to 0.3.4 to resolve vulnerability (