search

NodeSecure / scanner

⚡️ A package API to run a static analysis of your module's dependencies. This is the CLI engine!
MIT License
27 stars 14 forks source link

chore(deps-dev): bump the development-dependencies group across 1 directory with 6 updates #250

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 2 weeks ago

Bumps the development-dependencies group with 5 updates in the / directory:

Package From To
@types/node 20.10.0 20.14.9
c8 9.1.0 10.1.2
eslint 8.57.0 9.6.0
sinon 17.0.1 18.0.0
tsx 4.7.1 4.16.0

Updates @types/node from 20.10.0 to 20.14.9

Commits


Updates c8 from 9.1.0 to 10.1.2

Release notes

Sourced from c8's releases.

v10.1.2

10.1.2 (2024-06-13)

Bug Fixes

  • deps: make monocart-coverage-reports an optional with meta defined (3b91fda)

v10.1.1

10.1.1 (2024-06-11)

Bug Fixes

  • stop installing monocart-coverage-reports (#535) (13979a7)

v10.1.0

10.1.0 (2024-06-11)

Features

v10.0.0

10.0.0 (2024-06-10)

⚠ BREAKING CHANGES

  • deps: Node 18 is now the minimum supported Node.js version

Bug Fixes

  • deps: update test-exclude with new glob / minimatch (#531) (e33cf30)
Changelog

Sourced from c8's changelog.

10.1.2 (2024-06-13)

Bug Fixes

  • deps: make monocart-coverage-reports an optional with meta defined (3b91fda)

10.1.1 (2024-06-11)

Bug Fixes

  • stop installing monocart-coverage-reports (#535) (13979a7)

10.1.0 (2024-06-11)

Features

10.0.0 (2024-06-10)

⚠ BREAKING CHANGES

  • deps: Node 18 is now the minimum supported Node.js version

Bug Fixes

  • deps: update test-exclude with new glob / minimatch (#531) (e33cf30)
Commits
  • ff146b4 chore(main): release 10.1.2 (#538)
  • 3b91fda fix(deps): make monocart-coverage-reports an optional with meta defined
  • e3560e1 chore(main): release 10.1.1 (#536)
  • 13979a7 fix: stop installing monocart-coverage-reports (#535)
  • 15ac690 chore(main): release 10.1.0 (#533)
  • 96e869f build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#534)
  • 2e5e297 feat: add experimental monocart reports (#521)
  • dc38051 chore(main): release 10.0.0 (#532)
  • e33cf30 fix(deps)!: update test-exclude with new glob / minimatch (#531)
  • 1eeeaeb doc(CONTRIBUTING): remove dead link, update broken link (#526)
  • Additional commits viewable in compare view


Updates eslint from 8.57.0 to 9.6.0

Release notes

Sourced from eslint's releases.

v9.6.0

Features

  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)

Bug Fixes

  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)

Documentation

  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)

Chores

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)

v9.5.0

Features

  • b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)

Bug Fixes

  • 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
  • 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
  • 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
  • 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)

Documentation

  • 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
  • 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
  • 8127127 docs: Update README (GitHub Actions Bot)
  • 55c2a66 docs: Update README (GitHub Actions Bot)
  • eb76282 docs: Update README (GitHub Actions Bot)
  • ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
  • d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
  • 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
  • b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
  • 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.6.0 - June 28, 2024

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)

v9.5.0 - June 14, 2024

  • f588160 chore: upgrade @​eslint/js@​9.5.0 (#18591) (Milos Djermanovic)
  • 5890841 chore: package.json update for @​eslint/js release (Jenkins)
  • 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
  • e9f4ccd chore: remove unused eslint-disable directive (#18589) (Milos Djermanovic)
  • 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
  • 4b23ffd refactor: Move JS parsing logic into JS language (#18448) (Nicholas C. Zakas)
  • 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
  • 8127127 docs: Update README (GitHub Actions Bot)
  • b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)
  • 1495b93 chore: update WebdriverIO packages (#18558) (Christian Bromann)
  • cea7ede chore: add website donate link instead of opencollective (#18582) (Strek)
  • 55c2a66 docs: Update README (GitHub Actions Bot)
  • eb76282 docs: Update README (GitHub Actions Bot)
  • ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
  • 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
  • ec94880 chore: package.json update for eslint-config-eslint release (Jenkins)
  • d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
  • 6912586 chore: extract formatting rules into separate config (#18560) (Milos Djermanovic)
  • 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
  • b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
  • 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)
  • 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
  • 9738f7e ci: fix CLI flags for c8, raise thresholds (#18554) (Francesco Trotta)
  • eb440fc docs: specifying files with arbitrary or no extension (#18539) (Francesco Trotta)
  • 38c159e docs: Provide example of reading package.json for plugins meta (#18530) (Nicholas C. Zakas)

... (truncated)

Commits


Updates glob from 10.3.10 to 10.4.2

Changelog

Sourced from glob's changelog.

changeglob

10.4

  • Add includeChildMatches: false option
  • Export the Ignore class

10.3

  • Add --default -p flag to provide a default pattern
  • exclude symbolic links to directories when follow and nodir are both set

10.2

  • Add glob cli

10.1

  • Return '.' instead of the empty string '' when the current working directory is returned as a match.
  • Add posix: true option to return / delimited paths, even on Windows.

10.0.0

  • No default exports, only named exports

9.3.3

  • Upgraded minimatch to v8, adding support for any degree of nested extglob patterns.

9.3

  • Add aliases for methods. glob.sync, glob.stream, glob.stream.sync, etc.

9.2

  • Support using a custom fs object, which is passed to PathScurry
  • add maxDepth option
  • add stat option
  • add custom Ignore support

9.1

  • Bring back the root option, albeit with slightly different semantics than in v8 and before.
  • Support { absolute:false } option to explicitly always return

... (truncated)

Commits


Updates sinon from 17.0.1 to 18.0.0

Changelog

Sourced from sinon's changelog.

18.0.0

This is what 17.0.2 should have been, as that contained two breaking changes. After updating Nise we are down to one breaking change, which only affects sinon-test (which has been updated), so most people are not affected. The legacyRoutes flag that is currently enabled in Nise by default will at some later version be disabled. We will then issue a little migration note.

  • 01d45312 Use Nise 6 with legacyRoutes flag enabled (Carl-Erik Kopseng)

    This should be disabled in a future Sinon version by default.

  • c618edc5 fix #2594: remove needless sandbox creation (Carl-Erik Kopseng)

Released by Carl-Erik Kopseng on 2024-05-15.

17.0.2

  • f6dca0ba upgrade packages (#2595) (Carl-Erik Kopseng)
  • 5025d001 Avoid return and callArg* clearing each other's state (#2593) (Carl-Erik Kopseng)
    • Partially revert "fix returns does not override call through (#2567)"
    • revert to the old manual clearing of props
  • ed068a88 Bump ip from 1.1.8 to 1.1.9 (#2587) (dependabot[bot])
  • ec4d592e fix #2589: avoid invoking getter as side-effect (#2592) (Carl-Erik Kopseng)
  • 9972e1e3 Fix typo in mocks documentation (#2591) (Eduardo de la Cruz Palacios)
  • 52e6e4c5 chore: prefer cache option of setup-node (Morgan Roderick)
  • 08da1235 Bump actions/cache from 3 to 4 (dependabot[bot])
  • 404ef47e Bump nokogiri from 1.14.3 to 1.16.2 (dependabot[bot])
  • fd79612c Update Bug_report.md (Carl-Erik Kopseng)
  • 1fbc812a Re-add about (Carl-Erik Kopseng)
  • fc8f6c3e Fix formatting :clown: (Carl-Erik Kopseng)
  • c57e38ae Remove old template (Carl-Erik Kopseng)
  • 754bf7a9 Update Bug_report.md (Carl-Erik Kopseng)
  • 87eed9d2 Fix some typos at code comments (#2581) (EliyahuMachluf)
  • cbae6997 Link to createStubInstance util.md docs in stubs.md (#2577) (Daniel Kaplan)

... (truncated)

Commits


Updates tsx from 4.7.1 to 4.16.0

Release notes

Sourced from tsx's releases.

v4.16.0

4.16.0 (2024-06-29)

Bug Fixes

  • cjs: tsx.require to support core modules (f748e19)

Features

  • cjs: improve compatibility with other loaders (3e1e546)

This release is also available on:

v4.15.9

4.15.9 (2024-06-29)

Bug Fixes

  • esm: resolve implicit extension in files containing . (c9c690b), closes #604

This release is also available on:

v4.15.8

4.15.8 (2024-06-28)

Bug Fixes

  • cjs: implicit resolution to correctly try extensions (b94482d)
  • cjs: leaking implicit extension resolver (ae2a1bc)

This release is also available on:

... (truncated)

Commits
  • da3bcb0 chore: upgrade deps
  • 3e1e546 feat(cjs): improve compatibility with other loaders
  • f748e19 fix(cjs): tsx.require to support core modules
  • c67e3ba test: directory import by .
  • c9c690b fix(esm): resolve implicit extension in files containing .
  • ae2a1bc fix(cjs): leaking implicit extension resolver
  • b94482d fix(cjs): implicit resolution to correctly try extensions
  • d120d14 chore: improve issue template
  • 56eb82b refactor(esm): simplify resolve code
  • bcf96c7 test: assert extension resolution order in node_modules
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions