search

advanced-security / spdx-dependency-submission-action

MIT License
12 stars 3 forks source link

chore: bump the development-dependencies group across 1 directory with 3 updates #34

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 7 months ago

Bumps the development-dependencies group with 3 updates in the / directory: eslint, @vercel/ncc and jest.

Updates eslint from 8.40.0 to 9.1.1

Release notes

Sourced from eslint's releases.

v9.1.1

Bug Fixes

  • a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0

Features

  • 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
  • 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
  • 4d11e56 feat: add name to eslint configs (#18289) (唯然)
  • 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
  • 0db676f feat: add Intl in es6 globals (#18318) (唯然)

Bug Fixes

  • 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
  • 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
  • 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
  • e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
  • 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)

Documentation

  • fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
  • 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
  • 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
  • 16b6a8b docs: Update README (GitHub Actions Bot)
  • df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
  • c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
  • e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
  • 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
  • 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

Build Related

  • 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)

Chores

  • d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
  • 50d406d chore: package.json update for @​eslint/js release (Jenkins)
  • 155c71c chore: package.json update for @​eslint/js release (Jenkins)
  • 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
  • 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
  • 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
  • 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
  • 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
  • a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
  • 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
  • 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)

v9.0.0

Breaking Changes

  • b7cf3bd fix!: correct camelcase rule schema for allow option (#18232) (eMerzh)
  • 09bd7fe feat!: move AST traversal into SourceCode (#18167) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.1.1 - April 22, 2024

  • a26b402 fix: use @​eslint/create-config latest (#18373) (唯然)

v9.1.0 - April 19, 2024

  • d9a2983 chore: upgrade @​eslint/js to v9.1.1 (#18367) (Francesco Trotta)
  • 03068f1 feat: Provide helpful error message for nullish configs (#18357) (Nicholas C. Zakas)
  • 50d406d chore: package.json update for @​eslint/js release (Jenkins)
  • 8d18958 fix: Remove name from eslint/js packages (#18368) (Nicholas C. Zakas)
  • 155c71c chore: package.json update for @​eslint/js release (Jenkins)
  • 594eb0e fix: do not crash on error in fs.walk filter (#18295) (Francesco Trotta)
  • 751b518 feat: replace dependency graphemer with Intl.Segmenter (#18110) (Francesco Trotta)
  • fb50077 docs: include notes about globals in migration-guide (#18356) (Gabriel Rohden)
  • 4d11e56 feat: add name to eslint configs (#18289) (唯然)
  • 1cbe1f6 feat: allow while(true) in no-constant-condition (#18286) (Tanuj Kanti)
  • 0588fc5 refactor: Move directive gathering to SourceCode (#18328) (Nicholas C. Zakas)
  • 0d8cf63 fix: EMFILE errors (#18313) (Nicholas C. Zakas)
  • e1ac0b5 fix: --inspect-config only for flat config and respect -c (#18306) (Nicholas C. Zakas)
  • 09675e1 fix: --no-ignore should not apply to non-global ignores (#18334) (Milos Djermanovic)
  • 9048e21 chore: lint docs/src/_data js files (#18335) (Milos Djermanovic)
  • 4820790 chore: upgrade globals@15.0.0 dev dependency (#18332) (Milos Djermanovic)
  • 698d9ff chore: upgrade jsdoc & unicorn plugins in eslint-config-eslint (#18333) (Milos Djermanovic)
  • 71c771f docs: Fix missing accessible name for scroll-to-top link (#18329) (Germán Freixinós)
  • 0db676f feat: add Intl in es6 globals (#18318) (唯然)
  • 200fd4e docs: indicate eslintrc mode for .eslintignore (#18285) (Francesco Trotta)
  • 32c08cf chore: drop Node < 18 and use @​eslint/js v9 in eslint-config-eslint (#18323) (Milos Djermanovic)
  • 16b6a8b docs: Update README (GitHub Actions Bot)
  • a76fb55 chore: @​eslint-community/eslint-plugin-eslint-comments v4.3.0 (#18319) (Milos Djermanovic)
  • df5f8a9 docs: paths and patterns difference in no-restricted-imports (#18273) (Tanuj Kanti)
  • c537d76 docs: update npm init @eslint/config generated file names (#18298) (唯然)
  • 78e45b1 chore: eslint-plugin-eslint-plugin v6.0.0 (#18316) (唯然)
  • 36103a5 chore: eslint-plugin-n v17.0.0 (#18315) (唯然)
  • e1e305d docs: fix linebreak-style examples (#18262) (Francesco Trotta)
  • 113f51e docs: Mention package.json config support dropped (#18305) (Nicholas C. Zakas)
  • 1fa6622 build: do not use --force flag to install dependencies (#18284) (Francesco Trotta)
  • 5c35321 docs: add eslintrc-only note to --rulesdir (#18281) (Adam Lui 刘展鹏)

v9.0.0 - April 5, 2024

  • 19f9a89 chore: Update dependencies for v9.0.0 (#18275) (Nicholas C. Zakas)
  • 7c957f2 chore: package.json update for @​eslint/js release (Jenkins)
  • d73a33c chore: ignore /docs/v8.x in link checker (#18274) (Milos Djermanovic)
  • d54a412 feat: Add --inspect-config CLI flag (#18270) (Nicholas C. Zakas)
  • e151050 docs: update get-started to the new @eslint/create-config (#18217) (唯然)
  • 610c148 fix: Support using declarations in no-lone-blocks (#18269) (Kirk Waiblinger)
  • 44a81c6 chore: upgrade knip (#18272) (Lars Kappert)
  • 94178ad docs: mention about name field in flat config (#18252) (Anthony Fu)
  • 1765c24 docs: add Troubleshooting page (#18181) (Josh Goldberg ✨)
  • e80b60c chore: remove code for testing version selectors (#18266) (Milos Djermanovic)

... (truncated)

Commits


Updates @vercel/ncc from 0.36.1 to 0.38.1

Release notes

Sourced from @​vercel/ncc's releases.

0.38.1

0.38.1 (2023-10-18)

Bug Fixes

0.38.0

0.38.0 (2023-09-06)

Features

0.37.0

0.37.0 (2023-09-06)

Features

  • add support for TypeScript 5.0's array extends in tsconfig (#1105) (f898f8e)
Commits
  • ce5984e fix: sourcemap sources removes webpack path (#1122)
  • f9c1153 chore(deps): Bump amannn/action-semantic-pull-request from 5.2.0 to 5.3.0 (#1...
  • 0bc78fe chore(deps-dev): Bump isomorphic-unfetch from 3.1.0 to 4.0.2 (#1116)
  • 5796c1f chore(deps): Bump word-wrap from 1.2.3 to 1.2.4 (#1094)
  • e2779f4 feat: Log minification error when --debug (#1102)
  • 4a9d97c chore(deps): Bump protobufjs from 6.11.3 to 6.11.4 (#1103)
  • ca70272 chore(deps): bump cookiejar from 2.1.2 to 2.1.4 (#1031)
  • c366ead chore(deps): Bump apollo-server-core from 2.22.1 to 2.26.2 (#1108)
  • f898f8e feat: add support for TypeScript 5.0's array extends in tsconfig (#1105)
  • 2a1437b chore(deps-dev): Bump mongoose from 5.13.15 to 5.13.20 (#1093)
  • Additional commits viewable in compare view


Updates jest from 29.4.2 to 29.7.0

Release notes

Sourced from jest's releases.

v29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

New Contributors

Full Changelog: https://github.com/jestjs/jest/compare/v29.6.4...v29.7.0

v29.6.4

Fixes

  • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
  • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
  • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

New Contributors

Full Changelog: https://github.com/jestjs/jest/compare/v29.6.3...v29.6.4

v29.6.3

Fixes

  • [expect, @jest/expect-utils] ObjectContaining support symbol as key (#14414)
  • [expect] Remove @types/node from dependencies (#14385)
  • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
  • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
  • [jest-mock] Revert #13692 as it was a breaking change (#14429)
  • [jest-mock] Revert #13866 as it was a breaking change (#14429)

... (truncated)

Changelog

Sourced from jest's changelog.

29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

29.6.4

Fixes

  • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
  • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
  • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

29.6.3

Fixes

  • [expect, @jest/expect-utils] ObjectContaining support sumbol as key (#14414)
  • [expect] Remove @types/node from dependencies (#14385)
  • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
  • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
  • [jest-mock] Revert #13692 as it was a breaking change (#14429)
  • [jest-mock] Revert #13866 as it was a breaking change (#14429)
  • [jest-mock] Revert #13867 as it was a breaking change (#14429)
  • [@jest/reporters] Marks Reporter's hooks as optional (#14433)
  • [jest-runtime] Fix dynamic ESM import module bug when loaded module through jest.isolateModulesAsync (#14397)

Chore & Maintenance

  • [jest-changed-files, jest-circus, jest-console, @jest/core, @jest/runtime, @jest/transform] Use invariant and notEmpty from jest-util rather than own internal (#14366)

29.6.2

Fixes

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 7 months ago

Dependabot tried to add @lseppala, @courtneycl and @advanced-security/oss-maintainers as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/advanced-security/spdx-dependency-submission-action/pulls/34/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the advanced-security/spdx-dependency-submission-action repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request
dependabot[bot] commented 7 months ago

Superseded by #35.