Closed dependabot[bot] closed 3 months ago
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
✅ EDITORCONFIG | editorconfig-checker | 2 | 0 | 0.01s | |
✅ JSON | jsonlint | 2 | 0 | 0.25s | |
✅ JSON | npm-package-json-lint | yes | no | 0.56s | |
✅ JSON | v8r | 2 | 0 | 7.66s | |
✅ REPOSITORY | checkov | yes | no | 12.23s | |
✅ REPOSITORY | gitleaks | yes | no | 1.8s | |
✅ REPOSITORY | git_diff | yes | no | 0.07s | |
✅ REPOSITORY | grype | yes | no | 12.41s | |
✅ REPOSITORY | secretlint | yes | no | 1.24s | |
✅ REPOSITORY | trivy-sbom | yes | no | 1.4s | |
✅ SPELL | lychee | 2 | 0 | 3.23s |
See detailed report in MegaLinter reports
_Set VALIDATE_ALL_CODEBASE: true
in mega-linter.yml to validate all sources, not only the diff_
@dependabot rebase
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/yaml@2.4.3 | environment | 0 |
672 kB | eemeli |
🚮 Removed packages: npm/yaml@2.4.2
Bumps yaml from 2.4.2 to 2.4.3.
Release notes
Sourced from yaml's releases.
Commits
208d98f
2.4.3fad10b2
style: Apply updated Prettier styleb92b602
chore: Refresh lockfilea1dc96f
fix: Improve error when parsing a non-string value (fixes #459)edc623d
fix: Do not parse -.NaN or +.nan as NaN (#546)69f3517
fix: Support # within %TAG prefixes with trailing #commentsba89ff2
fix: Check for non-node complex keys when stringifying with simpleKeys (#541)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show