search

NodeSecure / cli

JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.
MIT License
367 stars 39 forks source link

chore(deps-dev): bump the development-dependencies group across 1 directory with 4 updates #389

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 5 months ago

Bumps the development-dependencies group with 4 updates in the / directory: @myunisoft/httpie, c8, esbuild and eslint.

Updates @myunisoft/httpie from 4.0.1 to 5.0.0

Release notes

Sourced from @​myunisoft/httpie's releases.

v5.0.0

What's Changed

Full Changelog: https://github.com/MyUnisoft/httpie/compare/v4.0.1...v5.0.0

Commits
  • d740ce6 5.0.0
  • c186cb1 Merge pull request #250 from MyUnisoft/dependabot/github_actions/github-actio...
  • 3ff7861 chore(deps): bump the github-actions group across 1 directory with 5 updates
  • 8c94713 Merge pull request #248 from MyUnisoft/fix-create-headers
  • 272a29e fix: use API with valide SSL certificate
  • b1bec6b ci: drop support for Node.js 18
  • 7bf8cd7 fix: update @​openally/result to v1.2.1
  • 71f5a4f fix(createHeaders): custom headers overwrite default header
  • 254b32b refactor: Result error type (#243)
  • See full diff in compare view


Updates c8 from 9.1.0 to 10.1.2

Release notes

Sourced from c8's releases.

v10.1.2

10.1.2 (2024-06-13)

Bug Fixes

  • deps: make monocart-coverage-reports an optional with meta defined (3b91fda)

v10.1.1

10.1.1 (2024-06-11)

Bug Fixes

  • stop installing monocart-coverage-reports (#535) (13979a7)

v10.1.0

10.1.0 (2024-06-11)

Features

v10.0.0

10.0.0 (2024-06-10)

⚠ BREAKING CHANGES

  • deps: Node 18 is now the minimum supported Node.js version

Bug Fixes

  • deps: update test-exclude with new glob / minimatch (#531) (e33cf30)
Changelog

Sourced from c8's changelog.

10.1.2 (2024-06-13)

Bug Fixes

  • deps: make monocart-coverage-reports an optional with meta defined (3b91fda)

10.1.1 (2024-06-11)

Bug Fixes

  • stop installing monocart-coverage-reports (#535) (13979a7)

10.1.0 (2024-06-11)

Features

10.0.0 (2024-06-10)

⚠ BREAKING CHANGES

  • deps: Node 18 is now the minimum supported Node.js version

Bug Fixes

  • deps: update test-exclude with new glob / minimatch (#531) (e33cf30)
Commits
  • ff146b4 chore(main): release 10.1.2 (#538)
  • 3b91fda fix(deps): make monocart-coverage-reports an optional with meta defined
  • e3560e1 chore(main): release 10.1.1 (#536)
  • 13979a7 fix: stop installing monocart-coverage-reports (#535)
  • 15ac690 chore(main): release 10.1.0 (#533)
  • 96e869f build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#534)
  • 2e5e297 feat: add experimental monocart reports (#521)
  • dc38051 chore(main): release 10.0.0 (#532)
  • e33cf30 fix(deps)!: update test-exclude with new glob / minimatch (#531)
  • 1eeeaeb doc(CONTRIBUTING): remove dead link, update broken link (#526)
  • Additional commits viewable in compare view


Updates esbuild from 0.20.2 to 0.21.5

Release notes

Sourced from esbuild's releases.

v0.21.5

  • Fix Symbol.metadata on classes without a class decorator (#3781)

    This release fixes a bug with esbuild's support for the decorator metadata proposal. Previously esbuild only added the Symbol.metadata property to decorated classes if there was a decorator on the class element itself. However, the proposal says that the Symbol.metadata property should be present on all classes that have any decorators at all, not just those with a decorator on the class element itself.

  • Allow unknown import attributes to be used with the copy loader (#3792)

    Import attributes (the with keyword on import statements) are allowed to alter how that path is loaded. For example, esbuild cannot assume that it knows how to load ./bagel.js as type bagel:

    // This is an error with "--bundle" without also using "--external:./bagel.js"
import tasty from "./bagel.js" with { type: "bagel" }

    Because of that, bundling this code with esbuild is an error unless the file ./bagel.js is external to the bundle (such as with --bundle --external:./bagel.js).

    However, there is an additional case where it's ok for esbuild to allow this: if the file is loaded using the copy loader. That's because the copy loader behaves similarly to --external in that the file is left external to the bundle. The difference is that the copy loader copies the file into the output folder and rewrites the import path while --external doesn't. That means the following will now work with the copy loader (such as with --bundle --loader:.bagel=copy):

    // This is no longer an error with "--bundle" and "--loader:.bagel=copy"
import tasty from "./tasty.bagel" with { type: "bagel" }

  • Support import attributes with glob-style imports (#3797)

    This release adds support for import attributes (the with option) to glob-style imports (dynamic imports with certain string literal patterns as paths). These imports previously didn't support import attributes due to an oversight. So code like this will now work correctly:

    async function loadLocale(locale: string): Locale {
  const data = await import(`./locales/${locale}.data`, { with: { type: 'json' } })
  return unpackLocale(locale, data)
}

    Previously this didn't work even though esbuild normally supports forcing the JSON loader using an import attribute. Attempting to do this used to result in the following error:

    ✘ [ERROR] No loader is configured for ".data" files: locales/en-US.data

    example.ts:2:28:
  2 │   const data = await import(`./locales/${locale}.data`, { with: { type: 'json' } })
    ╵                             ~~~~~~~~~~~~~~~~~~~~~~~~~~

    In addition, this change means plugins can now access the contents of with for glob-style imports.

  • Support ${configDir} in tsconfig.json files (#3782)

    This adds support for a new feature from the upcoming TypeScript 5.5 release. The character sequence ${configDir} is now respected at the start of baseUrl and paths values, which are used by esbuild during bundling to correctly map import paths to file system paths. This feature lets base tsconfig.json files specified via extends refer to the directory of the top-level tsconfig.json file. Here is an example:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.21.5

  • Fix Symbol.metadata on classes without a class decorator (#3781)

    This release fixes a bug with esbuild's support for the decorator metadata proposal. Previously esbuild only added the Symbol.metadata property to decorated classes if there was a decorator on the class element itself. However, the proposal says that the Symbol.metadata property should be present on all classes that have any decorators at all, not just those with a decorator on the class element itself.

  • Allow unknown import attributes to be used with the copy loader (#3792)

    Import attributes (the with keyword on import statements) are allowed to alter how that path is loaded. For example, esbuild cannot assume that it knows how to load ./bagel.js as type bagel:

    // This is an error with "--bundle" without also using "--external:./bagel.js"
import tasty from "./bagel.js" with { type: "bagel" }

    Because of that, bundling this code with esbuild is an error unless the file ./bagel.js is external to the bundle (such as with --bundle --external:./bagel.js).

    However, there is an additional case where it's ok for esbuild to allow this: if the file is loaded using the copy loader. That's because the copy loader behaves similarly to --external in that the file is left external to the bundle. The difference is that the copy loader copies the file into the output folder and rewrites the import path while --external doesn't. That means the following will now work with the copy loader (such as with --bundle --loader:.bagel=copy):

    // This is no longer an error with "--bundle" and "--loader:.bagel=copy"
import tasty from "./tasty.bagel" with { type: "bagel" }

  • Support import attributes with glob-style imports (#3797)

    This release adds support for import attributes (the with option) to glob-style imports (dynamic imports with certain string literal patterns as paths). These imports previously didn't support import attributes due to an oversight. So code like this will now work correctly:

    async function loadLocale(locale: string): Locale {
  const data = await import(`./locales/${locale}.data`, { with: { type: 'json' } })
  return unpackLocale(locale, data)
}

    Previously this didn't work even though esbuild normally supports forcing the JSON loader using an import attribute. Attempting to do this used to result in the following error:

    ✘ [ERROR] No loader is configured for ".data" files: locales/en-US.data

    example.ts:2:28:
  2 │   const data = await import(`./locales/${locale}.data`, { with: { type: 'json' } })
    ╵                             ~~~~~~~~~~~~~~~~~~~~~~~~~~

    In addition, this change means plugins can now access the contents of with for glob-style imports.

  • Support ${configDir} in tsconfig.json files (#3782)

    This adds support for a new feature from the upcoming TypeScript 5.5 release. The character sequence ${configDir} is now respected at the start of baseUrl and paths values, which are used by esbuild during bundling to correctly map import paths to file system paths. This feature lets base tsconfig.json files specified via extends refer to the directory of the top-level tsconfig.json file. Here is an example:

... (truncated)

Commits
  • fc37c2f publish 0.21.5 to npm
  • cb11924 fix Symbol.metadata errors in decorator tests
  • b93a2a9 fix #3781: add metadata to all decorated classes
  • 953dae9 fix #3797: import attributes and glob-style import
  • 98cb2ed fix #3782: support ${configDir} in tsconfig.json
  • 8e6603b run make update-compat-table
  • db1b8ca fix #3792: import attributes and the copy loader
  • de572d0 fix non-deterministic import attribute plugin test
  • ae8d1b4 fix #3794: --supported:object-accessors=false
  • 67cbf87 publish 0.21.4 to npm
  • Additional commits viewable in compare view


Updates eslint from 8.57.0 to 9.5.0

Release notes

Sourced from eslint's releases.

v9.5.0

Features

  • b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)

Bug Fixes

  • 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
  • 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
  • 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
  • 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)

Documentation

  • 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
  • 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
  • 8127127 docs: Update README (GitHub Actions Bot)
  • 55c2a66 docs: Update README (GitHub Actions Bot)
  • eb76282 docs: Update README (GitHub Actions Bot)
  • ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
  • d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
  • 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
  • b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
  • 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)
  • eb440fc docs: specifying files with arbitrary or no extension (#18539) (Francesco Trotta)
  • 38c159e docs: Provide example of reading package.json for plugins meta (#18530) (Nicholas C. Zakas)
  • d16a659 docs: add link to migration guide for --ext CLI option (#18537) (Milos Djermanovic)
  • 73408de docs: add link to configuration file docs before examples (#18535) (Milos Djermanovic)

Chores

  • f588160 chore: upgrade @​eslint/js@​9.5.0 (#18591) (Milos Djermanovic)
  • 5890841 chore: package.json update for @​eslint/js release (Jenkins)
  • e9f4ccd chore: remove unused eslint-disable directive (#18589) (Milos Djermanovic)
  • 4b23ffd refactor: Move JS parsing logic into JS language (#18448) (Nicholas C. Zakas)
  • 1495b93 chore: update WebdriverIO packages (#18558) (Christian Bromann)
  • cea7ede chore: add website donate link instead of opencollective (#18582) (Strek)
  • ec94880 chore: package.json update for eslint-config-eslint release (Jenkins)
  • 6912586 chore: extract formatting rules into separate config (#18560) (Milos Djermanovic)
  • 9738f7e ci: fix CLI flags for c8, raise thresholds (#18554) (Francesco Trotta)
  • c6de7bb chore: update dependency markdownlint-cli to ^0.41.0 (#18538) (renovate[bot])
  • 2c8fd34 ci: pin @​wdio/browser-runner v8.36.0 (#18540) (唯然)

v9.4.0

Features

  • 89a4a0a feat: ignore IIFE's in the no-loop-func rule (#17528) (Nitin Kumar)

Bug Fixes

  • f6534d1 fix: skip processor code blocks that match only universal patterns (#18507) (Milos Djermanovic)
  • 7226ebd fix: allow implicit undefined return in no-constructor-return (#18515) (Ali Rezvani)
  • 389744b fix: use @eslint/config-inspector@latest (#18483) (唯然)
  • 70118a5 fix: func-style false positive with arrow functions and super (#18473) (Milos Djermanovic)

Documentation

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.5.0 - June 14, 2024

  • f588160 chore: upgrade @​eslint/js@​9.5.0 (#18591) (Milos Djermanovic)
  • 5890841 chore: package.json update for @​eslint/js release (Jenkins)
  • 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
  • e9f4ccd chore: remove unused eslint-disable directive (#18589) (Milos Djermanovic)
  • 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
  • 4b23ffd refactor: Move JS parsing logic into JS language (#18448) (Nicholas C. Zakas)
  • 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
  • 8127127 docs: Update README (GitHub Actions Bot)
  • b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)
  • 1495b93 chore: update WebdriverIO packages (#18558) (Christian Bromann)
  • cea7ede chore: add website donate link instead of opencollective (#18582) (Strek)
  • 55c2a66 docs: Update README (GitHub Actions Bot)
  • eb76282 docs: Update README (GitHub Actions Bot)
  • ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
  • 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
  • ec94880 chore: package.json update for eslint-config-eslint release (Jenkins)
  • d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
  • 6912586 chore: extract formatting rules into separate config (#18560) (Milos Djermanovic)
  • 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
  • b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
  • 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)
  • 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
  • 9738f7e ci: fix CLI flags for c8, raise thresholds (#18554) (Francesco Trotta)
  • eb440fc docs: specifying files with arbitrary or no extension (#18539) (Francesco Trotta)
  • 38c159e docs: Provide example of reading package.json for plugins meta (#18530) (Nicholas C. Zakas)
  • c6de7bb chore: update dependency markdownlint-cli to ^0.41.0 (#18538) (renovate[bot])
  • 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)
  • d16a659 docs: add link to migration guide for --ext CLI option (#18537) (Milos Djermanovic)
  • 73408de docs: add link to configuration file docs before examples (#18535) (Milos Djermanovic)
  • 2c8fd34 ci: pin @​wdio/browser-runner v8.36.0 (#18540) (唯然)

v9.4.0 - May 31, 2024

  • 010dd2e chore: upgrade to @eslint/js@9.4.0 (#18534) (Francesco Trotta)
  • 5e1b5dc chore: package.json update for @​eslint/js release (Jenkins)
  • d7ab6f5 docs: update theme when when prefers-color-scheme changes (#18510) (Nitin Kumar)
  • 594145f refactor: switch to @eslint/config-array (#18527) (Francesco Trotta)
  • 525fdff docs: fix components files (#18519) (Tanuj Kanti)
  • 89a4a0a feat: ignore IIFE's in the no-loop-func rule (#17528) (Nitin Kumar)
  • 80747d2 docs: refactor prefer-destructuring rule (#18472) (Tanuj Kanti)
  • f6534d1 fix: skip processor code blocks that match only universal patterns (#18507) (Milos Djermanovic)
  • 7226ebd fix: allow implicit undefined return in no-constructor-return (#18515) (Ali Rezvani)
  • f06e0b5 docs: clarify func-style (#18477) (Cameron Steffen)
  • 389744b fix: use @eslint/config-inspector@latest (#18483) (唯然)
  • 70118a5 fix: func-style false positive with arrow functions and super (#18473) (Milos Djermanovic)

v9.3.0 - May 17, 2024

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
PierreDemailly commented 5 months ago

@dependabot rebase

dependabot[bot] commented 5 months ago

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

PierreDemailly commented 5 months ago

@dependabot recreate

dependabot[bot] commented 5 months ago

Superseded by #391.