search

finos / git-proxy

Deploy custom push protections and policies on top of Git
https://git-proxy.finos.org
Apache License 2.0
87 stars 59 forks source link

chore(deps): update dependency mocha to v10.6.0 #634

Open renovate[bot] opened 1 week ago

renovate[bot] commented 1 week ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
mocha (source) 10.5.2 -> 10.6.0 age adoption passing confidence

Release Notes

mochajs/mocha (mocha) ### [`v10.6.0`](https://togithub.com/mochajs/mocha/blob/HEAD/CHANGELOG.md#1060--2024-07-02) [Compare Source](https://togithub.com/mochajs/mocha/compare/v10.5.2...v10.6.0) ##### :tada: Enhancements - [#​5150](https://togithub.com/mochajs/mocha/pull/5150) feat: allow ^ versions for character encoding packages ([**@​JoshuaKGoldberg**](https://togithub.com/JoshuaKGoldberg)) - [#​5151](https://togithub.com/mochajs/mocha/pull/5151) feat: allow ^ versions for file matching packages ([**@​JoshuaKGoldberg**](https://togithub.com/JoshuaKGoldberg)) - [#​5152](https://togithub.com/mochajs/mocha/pull/5152) feat: allow ^ versions for yargs packages ([**@​JoshuaKGoldberg**](https://togithub.com/JoshuaKGoldberg)) - [#​5153](https://togithub.com/mochajs/mocha/pull/5153) feat: allow ^ versions for data serialization packages ([**@​JoshuaKGoldberg**](https://togithub.com/JoshuaKGoldberg)) - [#​5154](https://togithub.com/mochajs/mocha/pull/5154) feat: allow ^ versions for miscellaneous packages ([**@​JoshuaKGoldberg**](https://togithub.com/JoshuaKGoldberg))

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

netlify[bot] commented 1 week ago

Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name Link
Latest commit 61b1a254e0900bc893afe08f2d51be94a662dd5a
Latest deploy log https://app.netlify.com/sites/endearing-brigadeiros-63f9d0/deploys/6687f9d782deb6000851ac2b
github-actions[bot] commented 1 week ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/ansi-colors 4.1.3 :green_circle: 3.2
Details
CheckScoreReason
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review:warning: 1Found 4/23 approved changesets -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Pinned-Dependencies:warning: -1no dependencies found
Token-Permissions:warning: -1No tokens found
Binary-Artifacts:green_circle: 10no binaries found in the repo
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:warning: -1no workflows found
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/debug 4.3.5 :green_circle: 3.8
Details
CheckScoreReason
Code-Review:green_circle: 3Found 11/28 approved changesets -- score normalized to 3
Maintained:green_circle: 33 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Token-Permissions:warning: -1No tokens found
Dangerous-Workflow:warning: -1no workflows found
Pinned-Dependencies:warning: -1no dependencies found
Binary-Artifacts:green_circle: 10no binaries found in the repo
Packaging:warning: -1packaging workflow not detected
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Security-Policy:warning: 0security policy file not detected
Signed-Releases:warning: -1no releases found
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/diff 5.2.0 :green_circle: 3.4
Details
CheckScoreReason
Code-Review:warning: 0Found 1/25 approved changesets -- score normalized to 0
Maintained:green_circle: 108 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:warning: -1no workflows found
Token-Permissions:warning: -1No tokens found
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Pinned-Dependencies:warning: -1no dependencies found
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 37 existing vulnerabilities detected
npm/minimatch 5.1.6 :green_circle: 4.3
Details
CheckScoreReason
Maintained:green_circle: 64 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 6
Code-Review:warning: 1Found 3/29 approved changesets -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 82 existing vulnerabilities detected
npm/mocha 10.6.0 :green_circle: 3
Details
CheckScoreReason
Code-Review:green_circle: 4Found 13/29 approved changesets -- score normalized to 4
Maintained:green_circle: 1025 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:warning: 0dangerous workflow patterns detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Security-Policy:warning: 0security policy file not detected
Fuzzing:warning: 0project is not fuzzed
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:warning: 034 existing vulnerabilities detected
npm/serialize-javascript 6.0.2 :green_circle: 4.2
Details
CheckScoreReason
Maintained:warning: 01 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review:green_circle: 5Found 5/9 approved changesets -- score normalized to 5
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies:green_circle: 3dependency not pinned by hash detected -- score normalized to 3
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: -1no releases found
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 73 existing vulnerabilities detected
npm/workerpool 6.5.1 :green_circle: 5.3
Details
CheckScoreReason
Maintained:green_circle: 1013 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Code-Review:green_circle: 3Found 8/24 approved changesets -- score normalized to 3
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts:green_circle: 10no binaries found in the repo
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies:green_circle: 3dependency not pinned by hash detected -- score normalized to 3
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/yargs-parser 20.2.9 :green_circle: 4.3
Details
CheckScoreReason
Code-Review:green_circle: 5Found 8/15 approved changesets -- score normalized to 5
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Fuzzing:warning: 0project is not fuzzed
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
Signed-Releases:warning: -1no releases found
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/ansi-colors 4.1.1 :green_circle: 3.2
Details
CheckScoreReason
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review:warning: 1Found 4/23 approved changesets -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Pinned-Dependencies:warning: -1no dependencies found
Token-Permissions:warning: -1No tokens found
Binary-Artifacts:green_circle: 10no binaries found in the repo
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:warning: -1no workflows found
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/debug 4.3.4 :green_circle: 3.8
Details
CheckScoreReason
Code-Review:green_circle: 3Found 11/28 approved changesets -- score normalized to 3
Maintained:green_circle: 33 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Token-Permissions:warning: -1No tokens found
Dangerous-Workflow:warning: -1no workflows found
Pinned-Dependencies:warning: -1no dependencies found
Binary-Artifacts:green_circle: 10no binaries found in the repo
Packaging:warning: -1packaging workflow not detected
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Fuzzing:warning: 0project is not fuzzed
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Security-Policy:warning: 0security policy file not detected
Signed-Releases:warning: -1no releases found
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
npm/diff 5.0.0 :green_circle: 3.4
Details
CheckScoreReason
Code-Review:warning: 0Found 1/25 approved changesets -- score normalized to 0
Maintained:green_circle: 108 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:warning: -1no workflows found
Token-Permissions:warning: -1No tokens found
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Branch-Protection:warning: 0branch protection not enabled on development/release branches
Pinned-Dependencies:warning: -1no dependencies found
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 37 existing vulnerabilities detected
npm/minimatch 5.0.1 :green_circle: 4.3
Details
CheckScoreReason
Maintained:green_circle: 64 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 6
Code-Review:warning: 1Found 3/29 approved changesets -- score normalized to 1
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 82 existing vulnerabilities detected
npm/mocha 10.5.2 :green_circle: 3
Details
CheckScoreReason
Code-Review:green_circle: 4Found 13/29 approved changesets -- score normalized to 4
Maintained:green_circle: 1025 commit(s) and 24 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: -1no releases found
Dangerous-Workflow:warning: 0dangerous workflow patterns detected
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 2dependency not pinned by hash detected -- score normalized to 2
Security-Policy:warning: 0security policy file not detected
Fuzzing:warning: 0project is not fuzzed
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:warning: 034 existing vulnerabilities detected
npm/serialize-javascript 6.0.0 :green_circle: 4.2
Details
CheckScoreReason
Maintained:warning: 01 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Code-Review:green_circle: 5Found 5/9 approved changesets -- score normalized to 5
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 9license file detected
Packaging:warning: -1packaging workflow not detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies:green_circle: 3dependency not pinned by hash detected -- score normalized to 3
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases:warning: -1no releases found
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 73 existing vulnerabilities detected
npm/workerpool 6.2.1 :green_circle: 5.3
Details
CheckScoreReason
Maintained:green_circle: 1013 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Code-Review:green_circle: 3Found 8/24 approved changesets -- score normalized to 3
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Packaging:warning: -1packaging workflow not detected
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts:green_circle: 10no binaries found in the repo
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies:green_circle: 3dependency not pinned by hash detected -- score normalized to 3
Fuzzing:warning: 0project is not fuzzed
Security-Policy:warning: 0security policy file not detected
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
npm/yargs-parser 20.2.4 :green_circle: 4.3
Details
CheckScoreReason
Code-Review:green_circle: 5Found 8/15 approved changesets -- score normalized to 5
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Vulnerabilities:green_circle: 100 existing vulnerabilities detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Fuzzing:warning: 0project is not fuzzed
Packaging:warning: -1packaging workflow not detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Security-Policy:warning: 0security policy file not detected
Signed-Releases:warning: -1no releases found
SAST:warning: 0SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

package-lock.json
  • ansi-colors@4.1.3
  • debug@4.3.5
  • diff@5.2.0
  • minimatch@5.1.6
  • mocha@10.6.0
  • serialize-javascript@6.0.2
  • workerpool@6.5.1
  • yargs-parser@20.2.9
  • ansi-colors@4.1.1
  • debug@4.3.4
  • diff@5.0.0
  • minimatch@5.0.1
  • mocha@10.5.2
  • serialize-javascript@6.0.0
  • workerpool@6.2.1
  • yargs-parser@20.2.4
codecov[bot] commented 1 week ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 57.39%. Comparing base (bc801ab) to head (61b1a25).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #634 +/- ## ======================================= Coverage 57.39% 57.39% ======================================= Files 46 46 Lines 1582 1582 ======================================= Hits 908 908 Misses 674 674 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.