Added filterResults option to filter out upgrades based on a user provided function.
filterResults runs after new versions are fetched, in contrast to filter and filterVersion, which run before. This allows you to filter out upgrades with filterResults based on how the version has changed (e.g. a major version change).
Only available in .ncurc.js or when importing npm-check-updates as a module.
/** Filter out non-major version updates.
@param {string} packageName The name of the dependency.
@param {string} currentVersion Current version declaration (may be range).
@param {SemVer[]} currentVersionSemver Current version declaration in semantic versioning format (may be range).
@param {string} upgradedVersion Upgraded version.
@param {SemVer} upgradedVersionSemver Upgraded version in semantic versioning format.
@returns {boolean} Return true if the upgrade should be kept, otherwise it will be ignored.
*/
filterResults: (packageName, {currentVersion, currentVersionSemver, upgradedVersion, upgradedVersionSemver}) => {
const currentMajorVersion = currentVersionSemver?.[0]?.major
const upgradedMajorVersion = upgradedVersionSemver?.major
if (currentMajorVersion && upgradedMajorVersion) {
return currentMajorVersion < upgradedMajorVersion
}
return true
}
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws-samples/aws-cloudwan-workshop-code/network/alerts).
Bumps got to 12.6.0 and updates ancestor dependency npm-check-updates. These dependencies need to be updated together.
Updates
got
from 9.6.0 to 12.6.0Release notes
Sourced from got's releases.
... (truncated)
Commits
13a68d3
12.6.088c88fb
Update dependencies0ca0b7f
Do not enforce newest URI rules on URLs (#2200)7daa9af
Remove deprecatedrequest
from comparison tablee24b896
Update install note979272e
Updatetough-cookie
dependency (#2184)fd75360
Meta tweaks2a4b4e7
12.5.33cc40b5
Fix abort event listeners not always being cleaned up (#2162)5f278d7
12.5.2Updates
npm-check-updates
from 12.5.12 to 16.10.9Release notes
Sourced from npm-check-updates's releases.
... (truncated)
Commits
eda13a9
16.10.9cc72e21
Parse timeout as number (#1295).1efca25
16.10.84efb9b7
npm: cleanup668b44f
Do not call isGlobalDeprecated when using pnpm (#1293).ff4ac81
npm update65b62b0
16.10.7363452d
Bump prompts-ncu5439c87
Replace yaml with lighter js-yaml.1677619
Memoize findNpmConfig per path.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/aws-samples/aws-cloudwan-workshop-code/network/alerts).