chore(deps): bump eslint-plugin-jsx-a11y from 6.10.0 to 6.10.2

[dependabot]

Bumps eslint-plugin-jsx-a11y from 6.10.0 to 6.10.2.

Release notes

Sourced from eslint-plugin-jsx-a11y's releases.

v6.10.2

What's Changed

• [Tests] Add tests to reinforce required attributes for role="heading" by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1022
• [Tests] label-has-associated-control: add additional test cases by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1021
• [Docs] label-has-associated-control: add line breaks for readability by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1024
• [patch] no-redundandant-roles: allow <img src="*.svg" role="img" /> by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1026
• refactor: don't spread arrays by @​MichaelDeBoey in jsx-eslint/eslint-plugin-jsx-a11y#1034

Full Changelog: jsx-eslint/eslint-plugin-jsx-a11y@v6.10.1...v6.10.2

v6.10.1

What's Changed

• Use consistent spelling of 'screen reader' by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1018
• Remove accidental whitespace in CONTRIBUTING.md by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1017
• [meta] package.json - Update Jest & jscodeshift by @​lb- in jsx-eslint/eslint-plugin-jsx-a11y#1019

Full Changelog: jsx-eslint/eslint-plugin-jsx-a11y@v6.10.0...v6.10.1

Changelog

Sourced from eslint-plugin-jsx-a11y's changelog.

v6.10.2 - 2024-10-25

Fixed

• [patch] no-redundandant-roles: allow <img src="*.svg" role="img" /> [#936](https://github.com/jsx-eslint/eslint-plugin-jsx-a11y/issues/936)

Commits

• [meta] fix changelog URLs 0d01a1a
• [Refactor] remove no-longer-needed es-iterator-helpers aa075bd
• [Refactor] avoid spreading things that are already arrays d15d3ab
• [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, @babel/plugin-transform-flow-strip-types, @babel/register 5dad7c4
• [Tests] aria-role: Add valid test for <svg role="img" /> daba189
• [Docs] label-has-associated-control: add line breaks for readability 0bc6378
• [Tests] label-has-associated-control: add additional test cases 30d2318
• [Tests] Add tests to reinforce required attributes for role="heading" d92446c

v6.10.1 - 2024-10-20

Commits

• [Fix] handle interactive/noninteractive changes from aria-query 4925ba8
• [Docs] Use consistent spelling of 'screen reader' cb6788c
• [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, @babel/plugin-transform-flow-strip-types, @babel/register, auto-changelog, eslint-plugin-import, tape 518a77e
• [Deps] update es-iterator-helpers, string.prototype.includes eed03a3
• [meta] package.json - Update jscodeshift & remove babel-jest 2ee940c
• [Docs] Remove accidental whitespace in CONTRIBUTING.md a262131
• [Deps] unpin aria-query e517937

Commits

• 7f3d698 v6.10.2
• 0d01a1a [meta] fix changelog URLs
• 5dad7c4 [Dev Deps] update @babel/cli, @babel/core, @babel/eslint-parser, `@babe...
• d15d3ab [Refactor] avoid spreading things that are already arrays
• fa9845d [patch] no-redundandant-roles: allow \<img src="*.svg" role="img" />
• daba189 [Tests] aria-role: Add valid test for \<svg role="img" />
• 0bc6378 [Docs] label-has-associated-control: add line breaks for readability
• 30d2318 [Tests] label-has-associated-control: add additional test cases
• d92446c [Tests] Add tests to reinforce required attributes for role="heading"
• aa075bd [Refactor] remove no-longer-needed es-iterator-helpers
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/aria-query	5.3.2	🟢 4.7	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Maintained ⚠️ 0 0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0 Code-Review 🟢 3 Found 9/23 approved changesets -- score normalized to 3 Pinned-Dependencies 🟢 8 dependency not pinned by hash detected -- score normalized to 8 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/axe-core	4.11.3	🟢 6.5	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Security-Policy 🟢 10 security policy file detected Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/call-bind	1.0.9	🟢 4.2	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 no SAST tool detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected
npm/es-abstract	1.24.2	🟢 4.6	Details Check Score Reason Maintained ⚠️ 2 2 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 2 Code-Review ⚠️ 0 Found 0/23 approved changesets -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 7 SAST tool detected but not run on all commits
npm/eslint-plugin-jsx-a11y	6.10.2	🟢 4.7	Details Check Score Reason Code-Review 🟢 4 Found 13/29 approved changesets -- score normalized to 4 Maintained 🟢 3 0 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/hasown	2.0.3	Unknown	Unknown
npm/safe-array-concat	1.1.4	🟢 4.5	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 6 8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 no SAST tool detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected
npm/eslint-plugin-jsx-a11y	6.10.2	🟢 4.7	Details Check Score Reason Code-Review 🟢 4 Found 13/29 approved changesets -- score normalized to 4 Maintained 🟢 3 0 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• pnpm-lock.yaml
• tooling/eslint/package.json