Open dependabot[bot] opened 7 months ago
New and removed dependencies detected. Learn more about Socket for GitHub โ๏ธ
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/tap@18.7.0 | Transitive: environment, filesystem, network, shell, unsafe | +297 |
73 MB | isaacs |
๐ฎ Removed packages: npm/tap@16.3.7
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
โ EDITORCONFIG | editorconfig-checker | 2 | 0 | 0.01s | |
โ JSON | eslint-plugin-jsonc | 2 | 0 | 2.13s | |
โ JSON | jsonlint | 2 | 0 | 0.25s | |
โ JSON | npm-package-json-lint | yes | no | 0.93s | |
โ JSON | v8r | 2 | 0 | 7.16s | |
โ REPOSITORY | checkov | yes | no | 9.69s | |
โ REPOSITORY | gitleaks | yes | no | 0.33s | |
โ REPOSITORY | git_diff | yes | no | 0.01s | |
โ REPOSITORY | grype | yes | no | 10.84s | |
โ REPOSITORY | secretlint | yes | no | 0.86s | |
โ REPOSITORY | trivy-sbom | yes | no | 1.39s | |
โ SPELL | lychee | 2 | 3 | 1.07s |
See detailed report in MegaLinter reports
_Set VALIDATE_ALL_CODEBASE: true
in mega-linter.yml to validate all sources, not only the diff_
Bumps tap from 16.3.7 to 18.7.0.
Release notes
Sourced from tap's releases.
... (truncated)
Commits
5187113
update versions5bb7ca8
remove shell:true from publish script2f9abd3
changelog 18.7f105701
late-bind t.context, so it can be set in before()ae2deb7
always initializet.context
e906d21
tcompare: update test to strip out node version specific cruftdc8dadd
ci: node 20 and 21 only0768324
remove windows from CI5063b46
chore: use --loader in bootstrap51e8a31
bootstrap: run nx in --verbose modeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show