Closed renovate[bot] closed 1 year ago
Dependency issues detected. If you merge this pull request, you will not be alerted to the instances of these issues again.
Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.
Package | Script field | Source |
---|---|---|
@swc/core@1.3.32 (upgraded) | postinstall |
config/jest/package.json via @swc/jest@0.2.24, packages/server/package.json via @swc/cli@0.1.60 |
turbo@1.7.1 (upgraded) | postinstall |
package.json |
Issue | Status |
---|---|
Install scripts | â ď¸ 2 issues |
Native code | â 0 issues |
Bin script confusion | â 0 issues |
Bin script shell injection | â 0 issues |
Unresolved require | â 0 issues |
Invalid package.json | â 0 issues |
HTTP dependency | â 0 issues |
Git dependency | â 0 issues |
Potential typo squat | â 0 issues |
Known Malware | â 0 issues |
Telemetry | â 0 issues |
Protestware/Troll package | â 0 issues |
To ignore an alert, reply with a comment starting with @SocketSecurity ignore
followed by a space separated list of package-name@version
specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@2.4.2
@SocketSecurity ignore @swc/core@1.3.32
@SocketSecurity ignore turbo@1.7.1
Powered by socket.dev
This PR contains the following updates:
^8.4.6
->^9.0.0
Release Notes
framer/motion
### [`v9.1.7`](https://togithub.com/framer/motion/blob/HEAD/CHANGELOG.md#917-2023-02-24) [Compare Source](https://togithub.com/framer/motion/compare/v9.1.6...v9.1.7) ##### Fixed - Switching `const enum` for types. ### [`v9.1.6`](https://togithub.com/framer/motion/blob/HEAD/CHANGELOG.md#916-2023-02-23) [Compare Source](https://togithub.com/framer/motion/compare/v9.1.5...v9.1.6) ##### Added - Exporting `scroll` for internal use inside Framer. ### [`v9.1.5`](https://togithub.com/framer/motion/blob/HEAD/CHANGELOG.md#915-2023-02-23) [Compare Source](https://togithub.com/framer/motion/compare/v9.1.4...v9.1.5) ##### Fixed - Changing `FeatureConfiguration
đ Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
đŚ Automerge: Disabled by config. Please merge this manually once you are satisfied.
âť Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
đ Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.