Open dependabot[bot] opened 7 months ago
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
๐ฎ Removed packages: npm/@jridgewell/resolve-uri@3.1.1, npm/@npmcli/agent@2.2.0, npm/@npmcli/git@5.0.3, npm/@npmcli/promise-spawn@7.0.0, npm/@npmcli/run-script@7.0.2, npm/@sigstore/bundle@2.1.0, npm/@sigstore/protobuf-specs@0.2.1, npm/@sigstore/sign@2.2.0, npm/@sigstore/tuf@2.2.0, npm/@tapjs/after-each@1.1.17, npm/@tapjs/after@1.1.17, npm/@tapjs/asserts@1.1.17, npm/@tapjs/before-each@1.1.17, npm/@tapjs/before@1.1.17, npm/@tapjs/config@2.4.14, npm/@tapjs/core@1.4.6, npm/@tapjs/error-serdes@1.2.1, npm/@tapjs/filter@1.2.17, npm/@tapjs/fixture@1.2.17, npm/@tapjs/intercept@1.2.17, npm/@tapjs/mock@1.2.15, npm/@tapjs/node-serialize@1.2.6, npm/@tapjs/processinfo@3.1.6, npm/@tapjs/reporter@1.3.15, npm/@tapjs/run@1.4.16, npm/@tapjs/snapshot@1.2.17, npm/@tapjs/spawn@1.1.17, npm/@tapjs/stack@1.2.7, npm/@tapjs/stdin@1.1.17, npm/@tapjs/test@1.3.17, npm/@tapjs/typescript@1.3.6, npm/@tapjs/worker@1.1.17, npm/@tsconfig/node14@14.1.0, npm/@tsconfig/node16@16.1.1, npm/@tsconfig/node18@18.2.2, npm/@tsconfig/node20@20.1.2, npm/acorn-walk@8.3.0, npm/acorn@8.11.2, npm/ansi-escapes@6.2.0, npm/binary-extensions@2.2.0, npm/cacache@18.0.0, npm/chokidar@3.5.3, npm/diff@5.1.0, npm/escalade@3.1.1, npm/hasown@2.0.0, npm/http-proxy-agent@7.0.0, npm/https-proxy-agent@7.0.2, npm/ignore-walk@6.0.3, npm/ip@2.0.0, npm/istanbul-reports@3.1.6, npm/json-parse-even-better-errors@3.0.0, npm/lru-cache@10.0.2, npm/minipass-collect@1.0.2, npm/node-gyp@10.0.1, npm/npm-packlist@8.0.0, npm/pacote@17.0.4, npm/semver@7.5.4, npm/sigstore@2.1.0, npm/socks@2.7.1, npm/spdx-exceptions@2.3.0, npm/spdx-license-ids@3.0.16, npm/tap-parser@15.3.1, npm/tap-yaml@2.2.1, npm/tap@18.6.1, npm/tar@6.2.0, npm/tcompare@6.4.5, npm/tshy@1.8.0, npm/tuf-js@2.1.0, npm/v8-to-istanbul@9.1.3, npm/ws@8.14.2, npm/yaml@2.3.4
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
โ EDITORCONFIG | editorconfig-checker | 1 | 0 | 0.0s | |
โ JSON | eslint-plugin-jsonc | 1 | 0 | 1.3s | |
โ JSON | jsonlint | 1 | 0 | 0.2s | |
โ JSON | npm-package-json-lint | yes | no | 0.78s | |
โ JSON | v8r | 1 | 0 | 2.49s | |
โ REPOSITORY | checkov | yes | no | 9.97s | |
โ REPOSITORY | gitleaks | yes | no | 0.27s | |
โ REPOSITORY | git_diff | yes | no | 0.0s | |
โ REPOSITORY | grype | yes | no | 11.86s | |
โ REPOSITORY | secretlint | yes | no | 0.95s | |
โ REPOSITORY | trivy-sbom | yes | no | 0.88s | |
โ REPOSITORY | trufflehog | yes | no | 6.47s | |
โ SPELL | lychee | 1 | 3 | 0.46s |
See detailed report in MegaLinter reports
_Set VALIDATE_ALL_CODEBASE: true
in mega-linter.yml to validate all sources, not only the diff_
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show