Open renovate[bot] opened 1 month ago
Thanks for opening an issue! Make sure you've followed CONTRIBUTING.md.
Remember to comment with one of the following states:
#pr-ready
to enable all auto processing and merging.
#pr-onhold
to prevent merging as you have other commits or discussions to make.
If you do not set the #pr-ready
comment then the auto-merge capabilities will not be active.
Thanks for the PR!
This section of the codebase is owner by https://github.com/AlexRogalskiy/ - if they write a comment saying "LGTM" then it will be merged.
See errors details in artifact Mega-Linter reports on GitHub Action page
_Set VALIDATE_ALL_CODEBASE: true
in mega-linter.yml to validate all sources, not only the diff_
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/parse-json@5.2.0, npm/path-type@4.0.0, npm/sinon@1.17.7
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎
To accept the risk, merge this PR and you will not be notified again.
Alert | Package | Note | Source |
---|---|---|---|
Install scripts | npm/sinon@4.5.0 |
| |
Install scripts | npm/command-join@2.0.1 |
|
|
Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.
Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.
If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.
To ignore an alert, reply with a comment starting with @SocketSecurity ignore
followed by a space separated list of ecosystem/package-name@version
specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0
or ignore all packages with @SocketSecurity ignore-all
@SocketSecurity ignore npm/sinon@4.5.0
@SocketSecurity ignore npm/command-join@2.0.1
This PR contains the following updates:
1.17.7
->18.0.0
Release Notes
sinonjs/sinon (sinon)
### [`v18.0.0`](https://togithub.com/sinonjs/sinon/compare/v17.0.2...v18.0.0) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v17.0.2...v18.0.0) ### [`v17.0.2`](https://togithub.com/sinonjs/sinon/blob/HEAD/CHANGES.md#1702) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v17.0.1...v17.0.2) - [`f6dca0ba`](https://togithub.com/sinonjs/sinon/commit/f6dca0bac3f228fa917165eca8815d5e2b8a6793) upgrade packages ([#2595](https://togithub.com/sinonjs/sinon/issues/2595)) (Carl-Erik Kopseng) - [`5025d001`](https://togithub.com/sinonjs/sinon/commit/5025d001401091fd2086cfa2ec69e40cc0da9b65) Avoid return and callArg\* clearing each other's state ([#2593](https://togithub.com/sinonjs/sinon/issues/2593)) (Carl-Erik Kopseng) > - Partially revert "fix returns does not override call through ([#2567](https://togithub.com/sinonjs/sinon/issues/2567))" > > > > - revert to the old manual clearing of props - [`ed068a88`](https://togithub.com/sinonjs/sinon/commit/ed068a886fa37cbd5f886d355824debd69aa1b16) Bump ip from 1.1.8 to 1.1.9 ([#2587](https://togithub.com/sinonjs/sinon/issues/2587)) (dependabot\[bot]) - [`ec4d592e`](https://togithub.com/sinonjs/sinon/commit/ec4d592ee4faf87d7e592c4b99b3e6fec99105c8) fix [#2589](https://togithub.com/sinonjs/sinon/issues/2589): avoid invoking getter as side-effect ([#2592](https://togithub.com/sinonjs/sinon/issues/2592)) (Carl-Erik Kopseng) - [`9972e1e3`](https://togithub.com/sinonjs/sinon/commit/9972e1e3997198ff7f403ca5c000187f890f1699) Fix typo in mocks documentation ([#2591](https://togithub.com/sinonjs/sinon/issues/2591)) (Eduardo de la Cruz Palacios) - [`52e6e4c5`](https://togithub.com/sinonjs/sinon/commit/52e6e4c540d8d0b95727c9bbde8328f6692a6675) chore: prefer cache option of setup-node (Morgan Roderick) - [`08da1235`](https://togithub.com/sinonjs/sinon/commit/08da123555dc4ee4866720c925215dca4d3c799b) Bump actions/cache from 3 to 4 (dependabot\[bot]) - [`404ef47e`](https://togithub.com/sinonjs/sinon/commit/404ef47e1119c7b8229e9d6a3c6ae9a912305d1f) Bump nokogiri from 1.14.3 to 1.16.2 (dependabot\[bot]) - [`fd79612c`](https://togithub.com/sinonjs/sinon/commit/fd79612c3324bf3264533baa7159bb1722dd9788) Update Bug_report.md (Carl-Erik Kopseng) - [`1fbc812a`](https://togithub.com/sinonjs/sinon/commit/1fbc812a9f3351f55a06758bdc8b1a053135d826) Re-add about (Carl-Erik Kopseng) - [`fc8f6c3e`](https://togithub.com/sinonjs/sinon/commit/fc8f6c3e111473fcb53b2338eb8654b256c06e01) Fix formatting :clown: (Carl-Erik Kopseng) - [`c57e38ae`](https://togithub.com/sinonjs/sinon/commit/c57e38ae2ec6c466f83c4e38e85d3d324f72bb13) Remove old template (Carl-Erik Kopseng) - [`754bf7a9`](https://togithub.com/sinonjs/sinon/commit/754bf7a98b54a01472677772c7a34859f483adeb) Update Bug_report.md (Carl-Erik Kopseng) - [`87eed9d2`](https://togithub.com/sinonjs/sinon/commit/87eed9d255e9493b981494188abd12a9e1d95bf0) Fix some typos at code comments ([#2581](https://togithub.com/sinonjs/sinon/issues/2581)) (EliyahuMachluf) - [`cbae6997`](https://togithub.com/sinonjs/sinon/commit/cbae69978c29d0420fa39d11496bb29b180361b0) Link to createStubInstance util.md docs in stubs.md ([#2577](https://togithub.com/sinonjs/sinon/issues/2577)) (Daniel Kaplan) - [`adcf936d`](https://togithub.com/sinonjs/sinon/commit/adcf936de0e946e2b72a513436c0469319f3da79) Fix Mocha watch task by delegating to Node ([#2573](https://togithub.com/sinonjs/sinon/issues/2573)) (Carl-Erik Kopseng) - [`30ad2372`](https://togithub.com/sinonjs/sinon/commit/30ad23729568d70f865a5e6d323109fd06c7913e) prettier:write (Carl-Erik Kopseng) - [`45c4d6b9`](https://togithub.com/sinonjs/sinon/commit/45c4d6b9b80841947d6ebc4af5046a11b216d598) Remove outdated info from README ([#2571](https://togithub.com/sinonjs/sinon/issues/2571)) (Carl-Erik Kopseng) - [`6c9f5c2a`](https://togithub.com/sinonjs/sinon/commit/6c9f5c2ade9befeadd6fd7d10232883c147a9f1d) Add a notice that the Fake Timers API doc is incomplete ([#2570](https://togithub.com/sinonjs/sinon/issues/2570)) (Carl-Erik Kopseng) - [`93db3ef3`](https://togithub.com/sinonjs/sinon/commit/93db3ef3b0b49458954eb6e7ed765aa1ea34b21d) breaking: Remove sinon.defaultConfig and related modules ([#2565](https://togithub.com/sinonjs/sinon/issues/2565)) (Carl-Erik Kopseng) > - breaking: Remove sinon.defaultConfig and related modules > > default-config and get-config are leftovers from when Sinon > > shipped with sinon.test (now the independent NPM module > > 'sinon-test'). *Released by [Carl-Erik Kopseng](https://togithub.com/fatso83) on 2024-05-07.* ### [`v17.0.1`](https://togithub.com/sinonjs/sinon/blob/HEAD/CHANGES.md#1701) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v17.0.0...v17.0.1) - [`5fde5aeb`](https://togithub.com/sinonjs/sinon/commit/5fde5aebc74dec12bacd84d00a2f22906a7ebcc0) fix returns does not override call through ([#2567](https://togithub.com/sinonjs/sinon/issues/2567)) (Raz Luvaton) - [`b5fc3671`](https://togithub.com/sinonjs/sinon/commit/b5fc3671fff2481ab9b66486242f2c2ceb8d08e5) Documentation for assertion options for the sandbox ([#2564](https://togithub.com/sinonjs/sinon/issues/2564)) (Carl-Erik Kopseng) - [`f7d180cc`](https://togithub.com/sinonjs/sinon/commit/f7d180ccc15b8dce958c08a780d384044d39bb2b) fix: assertion log limit ([#2485](https://togithub.com/sinonjs/sinon/issues/2485)) (Spencer Goossens) - [`4f538e3e`](https://togithub.com/sinonjs/sinon/commit/4f538e3e74580a44e9b0cfcfdec9ca5f76d16fad) Fix mochify breaking on node:assert ([#2559](https://togithub.com/sinonjs/sinon/issues/2559)) (Carl-Erik Kopseng) *Released by [Carl-Erik Kopseng](https://togithub.com/fatso83) on 2023-11-01.* ### [`v17.0.0`](https://togithub.com/sinonjs/sinon/blob/HEAD/CHANGES.md#1700) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v16.1.3...v17.0.0) - [`11a8e3f2`](https://togithub.com/sinonjs/sinon/commit/11a8e3f24ccec981a280dbe63df316d1fbde4ddd) Remove Proxyquire as it did not handle newer syntax (Carl-Erik Kopseng) - [`ec37d634`](https://togithub.com/sinonjs/sinon/commit/ec37d6346fd51dd9b9ccf95d41c3339a0c88f539) Drop Node 16, as it is out of maintenance (Carl-Erik Kopseng) - [`75e2b691`](https://togithub.com/sinonjs/sinon/commit/75e2b6910ca40ee5f3a39295ec654e124a6a325b) Upgrade fake-timers@11.2.2: new Intl mirroring and bugfixes (Carl-Erik Kopseng) *Released by [Carl-Erik Kopseng](https://togithub.com/fatso83) on 2023-10-20.* ### [`v16.1.3`](https://togithub.com/sinonjs/sinon/blob/HEAD/CHANGES.md#1613) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v16.1.2...v16.1.3) - [`93e8aa93`](https://togithub.com/sinonjs/sinon/commit/93e8aa93c56c2d9d1ff783263adbd93de2603803) Remove postinstall script as it causes issues for consumers (Carl-Erik Kopseng) *Released by [Carl-Erik Kopseng](https://togithub.com/fatso83) on 2023-10-19.* ### [`v16.1.2`](https://togithub.com/sinonjs/sinon/compare/v16.1.1...v16.1.2) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v16.1.1...v16.1.2) ### [`v16.1.1`](https://togithub.com/sinonjs/sinon/blob/HEAD/CHANGES.md#1611) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v16.1.0...v16.1.1) - [`ff0e993d`](https://togithub.com/sinonjs/sinon/commit/ff0e993df2adac356995bbc12d1d520a819360bd) Showcase #replace.usingAccessor for DI in the typescript case study ([#2556](https://togithub.com/sinonjs/sinon/issues/2556)) (Carl-Erik Kopseng) - [`c47a4bee`](https://togithub.com/sinonjs/sinon/commit/c47a4beeba98a5138d5b7a4a8a36ed7a8bf00861) Bump [@babel/traverse](https://togithub.com/babel/traverse) from 7.22.5 to 7.23.2 ([#2555](https://togithub.com/sinonjs/sinon/issues/2555)) (dependabot\[bot]) > Co-authored-by: dependabot\[bot] <49699333+dependabot\[bot][@users](https://togithub.com/users).noreply.github.com> *Released by [Carl-Erik Kopseng](https://togithub.com/fatso83) on 2023-10-18.* ### [`v16.1.0`](https://togithub.com/sinonjs/sinon/blob/HEAD/CHANGES.md#1610) [Compare Source](https://togithub.com/sinonjs/sinon/compare/v16.0.0...v16.1.0) - [`cac5184b`](https://togithub.com/sinonjs/sinon/commit/cac5184b2a5c395e7e8775192ebcab234b6c180f) Enable use of assignment in the presence of accessors ([#2538](https://togithub.com/sinonjs/sinon/issues/2538)) (Carl-Erik Kopseng) - [`f8c20e54`](https://togithub.com/sinonjs/sinon/commit/f8c20e5414464cf36a1dd48845ff57bf4e87d158) New article: making Sinon work with complex setups ([#2540](https://togithub.com/sinonjs/sinon/issues/2540)) (Carl-Erik Kopseng) > Co-authored-by: Morgan RoderickConfiguration
📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Moscow, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.