Closed dependabot[bot] closed 2 months ago
socket-security[bot]
commented
2 months ago New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
| Package | New capabilities | Transitives | Size | Publisher |
|---|---|---|---|---|
| npm/tap@20.0.3 | Transitive: environment, filesystem, network, shell, unsafe | +276 |
47.3 MB | isaacs |
🚮 Removed packages: npm/tap@16.3.10
github-actions[bot]
commented
2 months ago | Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ EDITORCONFIG | editorconfig-checker | 2 | 0 | 0.01s | |
| ✅ JSON | jsonlint | 2 | 0 | 0.31s | |
| ✅ JSON | npm-package-json-lint | yes | no | 0.74s | |
| ✅ JSON | v8r | 2 | 0 | 8.87s | |
| ✅ REPOSITORY | checkov | yes | no | 12.41s | |
| ✅ REPOSITORY | gitleaks | yes | no | 2.27s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.06s | |
| ✅ REPOSITORY | grype | yes | no | 12.24s | |
| ❌ REPOSITORY | secretlint | yes | 1 | 1.29s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | 1.03s | |
| ❌ SPELL | lychee | 2 | 1 | 3.12s |
See detailed report in MegaLinter reports
_Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_
_MegaLinter is graciously provided by 
_
dependabot[bot]
commented
2 months ago Superseded by #171.
Bumps tap from 16.3.10 to 20.0.3.
Release notes
Sourced from tap's releases.
... (truncated)
Commits
161ff8aupdate versionscd17ec3fully uninstall installed plugins, reduce noise3a4f8aecore: do not run prepare if src not present85d100ctest: set plugin package.json, link to@tapjs/corea528863test: link tests's core into the plugins, to avoid duality issuesb0400deupdate versions412c644trivial: prevent dupe array creation in plugin addfa107ceclock: remove unneeded guardeac4cf7make the implicit-end sigil a keyed symbola6f7df4update versionsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show