Closed dependabot[bot] closed 4 months ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/@types/node@20.12.12 | None | +1 |
2.13 MB | types |
npm/@types/vscode@1.89.0 | None | 0 |
634 kB | types |
npm/@typescript-eslint/eslint-plugin@7.10.0 | Transitive: environment, filesystem | +42 |
8.18 MB | jameshenry |
npm/@typescript-eslint/parser@7.10.0 | Transitive: environment, filesystem | +36 |
3.43 MB | jameshenry |
npm/@vscode/test-electron@2.3.10 | environment, filesystem, network, shell | +20 |
2.12 MB | vscode-bot |
npm/eslint@9.3.0 | environment Transitive: eval, filesystem, shell, unsafe | +90 |
9.83 MB | eslintbot |
npm/glob@10.4.1 | Transitive: environment, filesystem, shell | +31 |
2.84 MB | isaacs |
npm/typescript@5.4.5 | None | 0 |
32.4 MB | typescript-bot |
🚮 Removed packages: npm/@types/node@20.12.2, npm/@types/vscode@1.87.0, npm/@typescript-eslint/eslint-plugin@7.4.0, npm/@typescript-eslint/parser@7.4.0, npm/@vscode/test-electron@2.3.9, npm/eslint@8.57.0, npm/glob@10.3.12, npm/typescript@5.4.3
Superseded by #288.
Bumps the dev-dependencies group with 8 updates in the / directory:
20.12.2
20.12.12
1.87.0
1.89.0
7.4.0
7.10.0
7.4.0
7.10.0
2.3.9
2.3.10
8.57.0
9.3.0
10.3.12
10.4.1
5.4.3
5.4.5
Updates
@types/node
from 20.12.2 to 20.12.12Commits
Updates
@types/vscode
from 1.87.0 to 1.89.0Commits
Updates
@typescript-eslint/eslint-plugin
from 7.4.0 to 7.10.0Release notes
Sourced from
@typescript-eslint/eslint-plugin
's releases.... (truncated)
Changelog
Sourced from
@typescript-eslint/eslint-plugin
's changelog.... (truncated)
Commits
c18226e
chore(release): publish 7.10.08d92ba8
docs: [no-floating-promises] fix capitalization typo (#9118)d951d83
fix(eslint-plugin): [prefer-regexp-exec] fix heuristic to check whether regex...987a96e
feat(eslint-plugin): [sort-type-constituents] support case sensitive sorting ...77fc366
chore(release): publish 7.9.0f53fece
chore: add knip (#8192)8acb8d4
fix(eslint-plugin): [explicit-function-return-types] fix false positive on de...d696ea2
docs(eslint-plugin): fix several 404 URLs (#9064)37a41d9
docs: fix broken link toimport/no-duplicates
onno-duplicate-imports
pag...ab92621
docs: correct its/it's spelling (#9048)Updates
@typescript-eslint/parser
from 7.4.0 to 7.10.0Release notes
Sourced from
@typescript-eslint/parser
's releases.... (truncated)
Changelog
Sourced from
@typescript-eslint/parser
's changelog.... (truncated)
Commits
c18226e
chore(release): publish 7.10.077fc366
chore(release): publish 7.9.0f53fece
chore: add knip (#8192)ee677f6
chore(release): publish 7.8.03e19436
chore(release): publish 7.7.1e44a1a2
chore(release): publish 7.7.0e1db872
chore(release): publish 7.6.0a6ab2cb
feat: bump npm dependency ranges (#8860)a14ba9d
chore(release): publish 7.5.0ecb6b55
docs: add homepage (#8742)Updates
@vscode/test-electron
from 2.3.9 to 2.3.10Changelog
Sourced from
@vscode/test-electron
's changelog.Commits
68fb5fb
2.3.103f7a3cc
feat: runVSCodeCommand as workaround for CVE-2024-2798040ecedf
Merge pull request #263 from microsoft/dependabot/npm_and_yarn/vite-2.9.18e7b5d61
chore(deps): bump vite from 2.9.17 to 2.9.181305af5
chore(deps): updateglob
and remove@types/glob
(#262)bc400a2
Merge pull request #256 from microsoft/connor4312/fix-windows-first-run92c0591
Merge pull request #257 from microsoft/dependabot/npm_and_yarn/vite-2.9.171caf111
chore(deps): bump vite from 2.9.16 to 2.9.17Updates
eslint
from 8.57.0 to 9.3.0Release notes
Sourced from eslint's releases.
... (truncated)
Changelog
Sourced from eslint's changelog.
... (truncated)
Commits
41a871c
9.3.0463a2e3
Build: changelog update for 9.3.058e2719
chore: update dependencies for v9.3.0 release (#18469)b681ecb
chore: package.json update for@eslint/js
release8db0eff
fix: Improve config error messages (#18457)ceada8c
docs: explain how to use "tsc waiting" label (#18466)b32153c
feat: addoverrides.namedExports
tofunc-style
rule (#18444)06f1d1c
chore: update dependency@humanwhocodes/retry
to ^0.3.0 (#18463)5c28d9a
fix: don't remove comments between key and value in object-shorthand (#18442)62e686c
docs: Add troubleshooting info for plugin compatibility (#18451)Updates
glob
from 10.3.12 to 10.4.1Changelog
Sourced from glob's changelog.
... (truncated)
Commits
3cb1ed7
10.4.17a6c2a2
changelog 10.4057d5b2
update prettier, format everything10162fb
export Ignoref0bd1e8
10.4.0ed0d061
AddincludeChildMatches: false
optionb274298
10.3.161efe27c
jackspeak@3.1.2ea4734f
fix: benchmark ESM build compatibility921c4b9
10.3.15Updates
typescript
from 5.4.3 to 5.4.5Release notes
Sourced from typescript's releases.
Commits
27bcd4c
Update LKG9f33bf1
🤖 Pick PR #58098 (Fix constraints of nested homomorph...) into release-5.4 (#...71b2f84
Bump version to 5.4.5 and LKG892936f
🤖 Pick PR #58083 (Don't propagate partial union/inter...) into release-5.4 (#...38a7c05
release-5.4: Always set node-version for setup-node (#58117)b754fc3
🤖 Pick PR #57778 (fix type import check for default-i...) into release-5.4 (#...8eb3367
Bump version to 5.4.4 and LKGde9096b
🤖 Pick PR #57871 (Divide-and-conquer strategy for int...) into release-5.4 (#...06aae98
🤖 Pick PR #57973 (Compare package.json paths with cor...) into release-5.4 (#...6d8134e
🤖 Pick PR #57637 (Fixed a regression related to deter...) into release-5.4 (#...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show