Please use caret (^) for dependencies versions in your eslint-plugin-sonarjs npm package instead of exact version.
Otherwise your plugin makes almost impossible to maintain security vulnerabilities for transitive dependencies (i.e. for minimatch: minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments · CVE-2026-27903 · GitHub Advisory Database · GitHub) and becomes kind of useless.