socket-security[bot]
commented
1 month ago New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
| Package | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|
| npm/@vercel/ncc@0.38.2 | filesystem, unsafe | 0 |
16.6 MB | chriswdmr, ijjk, matheuss, ...6 more |
🚮 Removed packages: npm/@vercel/ncc@0.38.1
Bumps @vercel/ncc from 0.38.1 to 0.38.2.
Release notes
Sourced from
@vercel/ncc's releases.Commits
158a1fdfix(deps): update webpack to v5.94.0, terser to v5.33.0 (#1213)c1c9c65chore(deps): Bump fast-xml-parser from 4.2.7 to 4.5.0 (#1219)6ef9a48chore(deps-dev): Bump express from 4.18.2 to 4.20.0 (#1214)9e7451bci: ignore failing test on macOS + run in band test-coverage (#1216)b2a325dchore(ci): drop node@16 from ci (#1164)3c68358chore(deps): Bump crypto-js from 4.1.1 to 4.2.0 (#1130)a70188fchore(deps): Bump browserify-sign from 4.2.1 to 4.2.2 (#1131)b4cc7c6chore(deps): Bump actions/setup-node from 3 to 4 (#1133)5f5dda2chore(deps): Bump@babel/traversefrom 7.13.13 to 7.23.2 (#1125)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show