Closed e-moran closed 2 weeks ago
😎 Merged successfully - details.
New dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/@arcjet/body@1.0.0-alpha.21 | None | 0 |
0 B | |
npm/@types/react@18.3.3 | None | 0 |
437 kB | types |
npm/autoprefixer@10.4.19 | environment | +2 |
2.47 MB | ai |
npm/nextjs-14-sensitive-info@0.1.0 | None | 0 |
0 B | |
npm/postcss@8.4.39 | environment, filesystem | 0 |
198 kB | ai |
npm/tailwindcss@3.4.5 | environment, filesystem | 0 |
5.62 MB | adamwathan |
@blaine-arcjet That latest push should address almost everything, its missing a few docs changes and adding tests for testing that we report to the server correctly. It's also failing to run npm ci
... despite no package-lock changes happening when I run npm install
locally. I'll look in to all of these tomorrow. But if you get the chance to look over it and let me know if anything else needs my attention that would be great!
It's also failing to run npm ci... despite no package-lock changes happening when I run npm install locally.
The problem seemed to be that GitHub Actions creates a merge commit when run on PRs, so it found that the @rollup/wasm-node
package was different in @arcjet/body
than the rest of the repo which was a different lockfile. I'm sorry that I told you that I didn't think the dependency changes would be a problem when they were. Anyway, I merged main and updated that dependency and things look to be building.
Adds a new rule that can be used to detect sensitive information being sent in a request when it isn't expected.