fix: bump the npm group across 1 directory with 15 updates

[dependabot[bot]]

Bumps the npm group with 15 updates in the / directory:

Package	From	To
@cyclonedx/cyclonedx-library	6.5.1	6.9.5
normalize-package-data	6.0.0	6.0.1
@commitlint/cli	19.2.2	19.3.0
@types/node	20.12.7	20.12.12
@typescript-eslint/eslint-plugin	6.12.0	7.10.0
@typescript-eslint/parser	6.12.0	7.10.0
@vitest/coverage-v8	1.5.0	1.6.0
ajv	8.12.0	8.14.0
eslint	8.54.0	9.3.0
fast-xml-parser	4.3.6	4.4.0
lint-staged	15.2.2	15.2.5
rollup	4.14.3	4.18.0
semantic-release	23.0.8	23.1.1
vitest	1.5.0	1.6.0
@vitejs/plugin-react	4.2.0	4.3.0

Updates @cyclonedx/cyclonedx-library from 6.5.1 to 6.9.5

Release notes

Sourced from @​cyclonedx/cyclonedx-library's releases.

6.9.5

Maintenance release.

Chore

• The package will be published to GitHub package registry, too. (#1026 via #1078)

#1026: CycloneDX/cyclonedx-javascript-library#1026 #1078: CycloneDX/cyclonedx-javascript-library#1078

---

What's Changed

• chore: publish package to GithubPackages by @​jkowalleck in CycloneDX/cyclonedx-javascript-library#1078

Full Changelog: https://github.com/CycloneDX/cyclonedx-javascript-library/compare/v6.9.0...v6.9.5

6.9.4-beta.0

No release notes provided.

6.9.3-beta.1

No release notes provided.

6.9.3-beta.0

No release notes provided.

6.9.2-beta.0

No release notes provided.

6.9.0

Changed

• Updated SPDX license list to v3.24.0 (via #1077)

#1077: CycloneDX/cyclonedx-javascript-library#1077

---

What's Changed

• feat: update SPDX license list to v3.24.0 by @​jkowalleck in CycloneDX/cyclonedx-javascript-library#1077

Full Changelog: https://github.com/CycloneDX/cyclonedx-javascript-library/compare/v6.8.2...v6.9.0

6.8.2

Fixed

• Added Factories.PackageUrlFactory's generic type's default back in (via #1076)

#1076: CycloneDX/cyclonedx-javascript-library#1076

---

... (truncated)

Changelog

Sourced from @​cyclonedx/cyclonedx-library's changelog.

6.9.5 -- 2024-05-23

Maintenance release.

• Chore
  • The package will be published to GitHub package registry, too. (#1026 via #1078)

#1026: CycloneDX/cyclonedx-javascript-library#1026 #1078: CycloneDX/cyclonedx-javascript-library#1078

6.9.0 -- 2024-05-23

• Changed
  • Updated SPDX license list to v3.24.0 (via #1077)

#1077: CycloneDX/cyclonedx-javascript-library#1077

6.8.2 -- 2024-05-21

• Fixed
  • Added Factories.PackageUrlFactory's generic type's default back in (via #1076)

#1076: CycloneDX/cyclonedx-javascript-library#1076

6.8.1 -- 2024-05-21

• Fixed
  • Hardened Factories.FromNodePackageJson.PackageUrlFactory's default package repository detection (#1073 via #1074)

#1073: CycloneDX/cyclonedx-javascript-library#1073 #1074: CycloneDX/cyclonedx-javascript-library#1074

6.8.0 -- 2024-05-14

• Added
  • Explicitly export own first-level submodules via package manifest (via #1066)
    When used with bundlers/packers downstream, this might enable better tree shaking due to scoped imports.
• Refactor
  • Ease internal tree shaking (via #1066)

#1066: CycloneDX/cyclonedx-javascript-library#1066

6.7.2 -- 2024-05-07

• Changed
  • The provided XML validation capabilities were explicitly hardened (via #1064; concerns #1061)
    This is considered a security measure concerning XML external entity (XXE) injection.

#1061: CycloneDX/cyclonedx-javascript-library#1061 #1064: CycloneDX/cyclonedx-javascript-library#1064

... (truncated)

Commits

• f585e09 6.9.5
• e1fdf44 chore: prep v6.9.5
• 8f6aed5 chore: prep v6.9.4
• ed3caa7 chore: publish package to GithubPackages (#1078)
• ddb4753 6.9.0
• 5ae7696 chore: prep v6.9.0
• 10eef1a feat: update SPDX license list to v3.24.0 (#1077)
• 212f178 6.8.2
• f9191e1 fix: PackageUrlFactory generic default (#1076)
• f45a49a 6.8.1
• Additional commits viewable in compare view

Updates normalize-package-data from 6.0.0 to 6.0.1

Release notes

Sourced from normalize-package-data's releases.

v6.0.1

6.0.1 (2024-05-04)

Bug Fixes

• 27688b4 #217 linting: no-unused-vars (@​lukekarrys)

Documentation

• c5b90cd #214 readme: fix broken badge URL (#214) (@​10xLaCroixDrinker)

Chores

• 3c74f51 #217 bump @​npmcli/template-oss to 4.22.0 (@​lukekarrys)
• 02de832 #217 postinstall for dependabot template-oss PR (@​lukekarrys)
• f6b1f8c #216 bump @​npmcli/template-oss from 4.21.3 to 4.21.4 (@​dependabot[bot])

Changelog

Sourced from normalize-package-data's changelog.

6.0.1 (2024-05-04)

Bug Fixes

• 27688b4 #217 linting: no-unused-vars (@​lukekarrys)

Documentation

• c5b90cd #214 readme: fix broken badge URL (#214) (@​10xLaCroixDrinker)

Chores

• 3c74f51 #217 bump @​npmcli/template-oss to 4.22.0 (@​lukekarrys)
• 02de832 #217 postinstall for dependabot template-oss PR (@​lukekarrys)
• f6b1f8c #216 bump @​npmcli/template-oss from 4.21.3 to 4.21.4 (@​dependabot[bot])

Commits

• 335a295 chore: release 6.0.1 (#219)
• 27688b4 fix(linting): no-unused-vars
• 02de832 chore: postinstall for dependabot template-oss PR
• 3c74f51 chore: bump @​npmcli/template-oss to 4.22.0
• c367107 chore: postinstall for dependabot template-oss PR
• f6b1f8c chore: bump @​npmcli/template-oss from 4.21.3 to 4.21.4
• c5b90cd docs(readme): fix broken badge URL (#214)
• d3bfe73 chore: postinstall for dependabot template-oss PR
• a80c4a4 chore: bump @​npmcli/template-oss from 4.21.1 to 4.21.3
• 5c121d5 chore: postinstall for dependabot template-oss PR
• Additional commits viewable in compare view

Updates @commitlint/cli from 19.2.2 to 19.3.0

Release notes

Sourced from @​commitlint/cli's releases.

v19.3.0

19.3.0 (2024-04-23)

Features

• feat(format): print full commit message for valid commits if -V by @​weixinwu in conventional-changelog/commitlint#4026
• feat(container): added @​commitlint/config-nx-scopes for nx monorepos by @​gperdomor in conventional-changelog/commitlint#3913

Chore

• docs: :memo: add pnpm to the getting started and local setup guides by @​VoloshchenkoAl in conventional-changelog/commitlint#4041

New Contributors

• @​weixinwu made their first contribution in conventional-changelog/commitlint#4026
• @​fuyangpengqi made their first contribution in conventional-changelog/commitlint#4035
• @​gperdomor made their first contribution in conventional-changelog/commitlint#3913
• @​VoloshchenkoAl made their first contribution in conventional-changelog/commitlint#4041

Full Changelog: https://github.com/conventional-changelog/commitlint/compare/v19.2.2...v19.3.0

Changelog

Sourced from @​commitlint/cli's changelog.

19.3.0 (2024-04-23)

Note: Version bump only for package @​commitlint/cli

Commits

• 447fd3b v19.3.0
• See full diff in compare view

Updates @types/node from 20.12.7 to 20.12.12

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 6.12.0 to 7.10.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v7.10.0

7.10.0 (2024-05-20)

🚀 Features

• eslint-plugin: [sort-type-constituents] support case sensitive sorting (#8760)

🩹 Fixes

• eslint-plugin: [prefer-regexp-exec] fix heuristic to check whether regex may contain global flag (#8764)
• typescript-estree: don't add in-project files to defaultProjectMatchedFiles (#9097)
• utils: remove function form type from flat config files and ignores (#9111)

❤️ Thank You

• auvred @​auvred
• Emanuel Hoogeveen @​ehoogeveen-medweb
• jsfm01 @​jsfm01
• Kirk Waiblinger

You can read about our versioning strategy and releases on our website.

v7.9.0

7.9.0 (2024-05-13)

🚀 Features

• rule-tester: check for missing placeholder data in the message (#9039)

🩹 Fixes

• do not pass tsconfig canonical file name to typescript API to get program details for config file (#9042)
• eslint-plugin: [explicit-function-return-types] fix false positive on default parameters (#9045)

❤️ Thank You

• Kirk Waiblinger
• Sheetal Nandi
• Vinccool96

You can read about our versioning strategy and releases on our website.

v7.8.0

7.8.0 (2024-04-29)

🚀 Features

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

7.10.0 (2024-05-20)

🚀 Features

• eslint-plugin: [sort-type-constituents] support case sensitive sorting

🩹 Fixes

• eslint-plugin: [prefer-regexp-exec] fix heuristic to check whether regex may contain global flag

❤️ Thank You

• auvred
• Emanuel Hoogeveen
• jsfm01
• Kirk Waiblinger

You can read about our versioning strategy and releases on our website.

7.9.0 (2024-05-13)

🩹 Fixes

• eslint-plugin: [explicit-function-return-types] fix false positive on default parameters

❤️ Thank You

• Kirk Waiblinger
• Sheetal Nandi
• Vinccool96

You can read about our versioning strategy and releases on our website.

7.8.0 (2024-04-29)

🩹 Fixes

• eslint-plugin: [no-unsafe-argument] handle tagged templates

• eslint-plugin: [prefer-optional-chain] suggests optional chaining during strict null equality check

• eslint-plugin: [consistent-type-assertions] handle tagged templates

• eslint-plugin: [no-unsafe-return] handle union types

... (truncated)

Commits

• c18226e chore(release): publish 7.10.0
• 8d92ba8 docs: [no-floating-promises] fix capitalization typo (#9118)
• d951d83 fix(eslint-plugin): [prefer-regexp-exec] fix heuristic to check whether regex...
• 987a96e feat(eslint-plugin): [sort-type-constituents] support case sensitive sorting ...
• 77fc366 chore(release): publish 7.9.0
• f53fece chore: add knip (#8192)
• 8acb8d4 fix(eslint-plugin): [explicit-function-return-types] fix false positive on de...
• d696ea2 docs(eslint-plugin): fix several 404 URLs (#9064)
• 37a41d9 docs: fix broken link to import/no-duplicates on no-duplicate-imports pag...
• ab92621 docs: correct its/it's spelling (#9048)
• Additional commits viewable in compare view

Updates @typescript-eslint/parser from 6.12.0 to 7.10.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v7.10.0

7.10.0 (2024-05-20)

🚀 Features

• eslint-plugin: [sort-type-constituents] support case sensitive sorting (#8760)

🩹 Fixes

• eslint-plugin: [prefer-regexp-exec] fix heuristic to check whether regex may contain global flag (#8764)
• typescript-estree: don't add in-project files to defaultProjectMatchedFiles (#9097)
• utils: remove function form type from flat config files and ignores (#9111)

❤️ Thank You

• auvred @​auvred
• Emanuel Hoogeveen @​ehoogeveen-medweb
• jsfm01 @​jsfm01
• Kirk Waiblinger

You can read about our versioning strategy and releases on our website.

v7.9.0

7.9.0 (2024-05-13)

🚀 Features

• rule-tester: check for missing placeholder data in the message (#9039)

🩹 Fixes

• do not pass tsconfig canonical file name to typescript API to get program details for config file (#9042)
• eslint-plugin: [explicit-function-return-types] fix false positive on default parameters (#9045)

❤️ Thank You

• Kirk Waiblinger
• Sheetal Nandi
• Vinccool96

You can read about our versioning strategy and releases on our website.

v7.8.0

7.8.0 (2024-04-29)

🚀 Features

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

7.10.0 (2024-05-20)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

7.9.0 (2024-05-13)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

7.8.0 (2024-04-29)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

7.7.1 (2024-04-22)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

7.7.0 (2024-04-15)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

7.6.0 (2024-04-08)

🚀 Features

• bump npm dependency ranges

❤️ Thank You

• Abraham Guo
• auvred
• Brad Zacher

You can read about our versioning strategy and releases on our website.

7.5.0 (2024-04-01)

🩹 Fixes

... (truncated)

Commits

• c18226e chore(release): publish 7.10.0
• 77fc366 chore(release): publish 7.9.0
• f53fece chore: add knip (#8192)
• ee677f6 chore(release): publish 7.8.0
• 3e19436 chore(release): publish 7.7.1
• e44a1a2 chore(release): publish 7.7.0
• e1db872 chore(release): publish 7.6.0
• a6ab2cb feat: bump npm dependency ranges (#8860)
• a14ba9d chore(release): publish 7.5.0
• ecb6b55 docs: add homepage (#8742)
• Additional commits viewable in compare view

Updates @vitest/coverage-v8 from 1.5.0 to 1.6.0

Release notes

Sourced from @​vitest/coverage-v8's releases.

v1.6.0

   🚀 Features

• Support standalone mode  -  by @​sheremet-va in vitest-dev/vitest#5565 (bdce0)
• Custom "snapshotEnvironment" option  -  by @​sheremet-va in vitest-dev/vitest#5449 (30f72)
• benchmark: Support comparing benchmark result  -  by @​hi-ogawa and @​sheremet-va in vitest-dev/vitest#5398 (f8d3d)
• browser: Allow injecting scripts  -  by @​sheremet-va in vitest-dev/vitest#5656 (21e58)
• reporter: Support includeConsoleOutput and addFileAttribute in junit  -  by @​hi-ogawa in vitest-dev/vitest#5659 (2f913)
• ui: Sort items by file name  -  by @​btea in vitest-dev/vitest#5652 (1f726)

   🐞 Bug Fixes

• Keep order of arguments for .each in custom task collectors  -  by @​sheremet-va in vitest-dev/vitest#5640 (7d57c)
• Call resolveId('vitest') after buildStart  -  by @​hi-ogawa in vitest-dev/vitest#5646 (f5faf)
• Hash the name of the file when caching  -  by @​sheremet-va in vitest-dev/vitest#5654 (c9e68)
• Don't panic on empty files in node_modules  -  by @​sheremet-va (40c29)
• Use toJSON for error serialization  -  by @​hi-ogawa in vitest-dev/vitest#5526 (19a21)
• coverage:
  • Exclude *.test-d.* by default  -  by @​MindfulPol in vitest-dev/vitest#5634 (bfe8a)
  • Apply vite-node's wrapper only to executed files  -  by @​AriPerkkio in vitest-dev/vitest#5642 (c9883)
• vm:
  • Support network imports  -  by @​sheremet-va in vitest-dev/vitest#5610 (103a6)

   🏎 Performance

• Improve performance of forks pool  -  by @​sheremet-va in vitest-dev/vitest#5592 (d8304)
• Unnecessary rpc call when coverage is disabled  -  by @​AriPerkkio in vitest-dev/vitest#5658 (c5712)

    View changes on GitHub

v1.5.3

   🐞 Bug Fixes

• Use package.json name for a workspace project if not provided  -  by @​sheremet-va in vitest-dev/vitest#5608 (48fba)
• Backport jest iterable equality within object  -  by @​sukovanej in vitest-dev/vitest#5621 (30e5d)
• browser: Support benchmark  -  by @​hi-ogawa in vitest-dev/vitest#5622 (becab)
• reporter: Use default error formatter for JUnit  -  by @​hi-ogawa in vitest-dev/vitest#5629 (20060)

    View changes on GitHub

v1.5.2

   🐞 Bug Fixes

• Check for null before storing in weakmap  -  by @​sheremet-va (ce368)

    View changes on GitHub

v1.5.1

   🚀 Features

... (truncated)

Commits

• 6b29f3d chore: release v1.6.0
• c9883f3 fix(coverage): apply vite-node's wrapper only to executed files (#5642)
• a52964b chore: release v1.5.3
• 81f57f4 chore: release v1.5.2
• 1be4510 chore: release v1.5.1
• 80265b4 fix(coverage): thresholds to compare files relative to root (#5574)
• ea3c16e fix(coverage): prevent crash when cleanOnRerun is disabled (#5540)
• See full diff in compare view

Updates ajv from 8.12.0 to 8.14.0

Release notes

Sourced from ajv's releases.

v8.14.0

What's Changed

• readme: build badge by @​epoberezkin in ajv-validator/ajv#2424
• Update workflows by @​rotu in ajv-validator/ajv#2410
• docs: add warning to maxLength / minLength by @​jasoniangreen in ajv-validator/ajv#2428
• fix: broken link in docs warning by @​jasoniangreen in ajv-validator/ajv#2431
• compileAsync a schema with discriminator and $ref, fixes #2427 by @​jasoniangreen in ajv-validator/ajv#2433
• bump version to 8.14.0 for publishing by @​jasoniangreen in ajv-validator/ajv#2440

New Contributors

• @​rotu made their first contribution in ajv-validator/ajv#2410

Full Changelog: https://github.com/ajv-validator/ajv/compare/v8.13.0...v8.14.0

v8.13.0

• add named exports
• update dependencies
• update node.js

Commits

• 9e26639 bump version to 8.14.0 for publishing (#2440)
• 5f20d5f compileAsync a schema with discriminator and $ref, fixes #2427 (#2433)
• be38f34 fix: broken link in docs warning (#2431)
• a4a85fa docs: add warning to maxLength / minLength (#2428)
• d9bd01b Update workflows (#2410)
• 2917fb6 readme: build badge (#2424)
• 857ecac fix: bump node version in publish job (#2423)
• f74ecdb bump version to 8.13.0 (#2421)
• c64f528 chore: update typescript to 5.3.3 (#2406)
• 5370b84 chore: bump ajv-formats to 3.0.1 (#2402)
• Additional commits viewable in compare view

Updates eslint from 8.54.0 to 9.3.0

Release notes

Sourced from eslint's releases.

v9.3.0

Features

• b32153c feat: add overrides.namedExports to func-style rule (#18444) (Percy Ma)
• b67eba4 feat: add restrictedNamedExportsPattern to no-restricted-exports (#18431) (Akul Srivastava)
• 069aa68 feat: add option allowEscape to no-misleading-character-class rule (#18208) (Francesco Trotta)
• 05ef92d feat: deprecate multiline-comment-style & line-comment-position (#18435) (唯然)
• db0b174 feat: add enforceForInnerExpressions option to no-extra-boolean-cast (#18222) (Kirk Waiblinger)

Bug Fixes

• 8db0eff fix: Improve config error messages (#18457) (Nicholas C. Zakas)
• 5c28d9a fix: don't remove comments between key and value in object-shorthand (#18442) (Kuba Jastrzębski)
• 39fb0ee fix: object-shorthand loses type parameters when auto-fixing (#18438) (dalaoshu)
• 37eba48 fix: don't crash when fs.readFile returns promise from another realm (#18416) (Milos Djermanovic)

Documentation

• ceada8c docs: explain how to use "tsc waiting" label (#18466) (Francesco Trotta)
• 62e686c docs: Add troubleshooting info for plugin compatibility (#18451) (Nicholas C. Zakas)
• e17e1c0 docs: Update README (GitHub Actions Bot)
• 2465a1e docs: Update README (GitHub Actions Bot)
• d23574c docs: Clarify usage of no-unreachable with TypeScript (#18445) (benj-dobs)
• 1db9bae docs: Fix typos (#18443) (Frieder Bluemle)
• 7065196 docs: Update README (GitHub Actions Bot)
• 04e7c6e docs: update deprecation notice of no-return-await (#18433) (Tanuj Kanti)
• e763512 docs: Link global ignores section in config object property list (#18430) (MaoShizhong)
• ac7f718 docs: reflect release of v9 in config migration guide (#18412) (Peter Briggs)
• 0de0909 docs: fix grammar in configuration file resolution (#18419) (Mike McCready)

Chores

• 58e2719 chore: update dependencies for v9.3.0 release (#18469) (Francesco Trotta)
• b681ecb chore: package.json update for @​eslint/js release (Jenkins)
• 06f1d1c chore: update dependency @​humanwhocodes/retry to ^0.3.0 (#18463) (renovate[bot])
• a63ed72 refactor: Use node: protocol for built-in Node.js modules (#18434) (Milos Djermanovic)
• 040700a chore: update dependency markdownlint-cli to ^0.40.0 (#18425) (renovate[bot])
• f47847c chore: update actions/stale action to v9 (#18426) (renovate[bot])
• c18ad25 chore: update actions/upload-artifact action to v4 (#18427) (renovate[bot])
• 27e3060 chore: Disable documentation label (#18423) (Nicholas C. Zakas)

v9.2.0

Features

• 8485d76 feat: no-case-declarations add suggestions (#18388) (Josh Goldberg ✨)
• a498f35 feat: update Unicode letter detection in capitalized-comments rule (#18375) (Francesco Trotta)

Bug Fixes

• eeec413 fix: do not throw when defining a global named defineSetter (#18364) (唯然)

Documentation

• 0f5df50 docs: Update README (GitHub Actions Bot)
• 1579ce0 docs: update wording regarding indirect eval (#18394) (Kirk Waiblinger)
• f12a02c docs: update to eslint v9 in custom-rule-tutorial (#18383) (唯然)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.3.0 - May 17, 2024

• 58e2719 chore: update dependencies for v9.3.0 release (#18469) (Francesco Trotta)
• b681ecb chore: package.json update for @​eslint/js release (Jenkins)
• 8db0eff fix: Improve config error messages (#18457) (Nicholas C. Zakas)
• ceada8c docs: explain how to use "tsc waiting" label (#18466) (Francesco Trotta)
• b32153c feat: add overrides.namedExports to func-style rule (#18444) (Percy Ma)
• 06f1d1c chore: update dependency @​humanwhocodes/retry to ^0.3.0 (#18463) (renovate[bot])
• 5c28d9a fix: don't remove comments between key and value in object-shorthand (#18442) (Kuba Jastrzębski)
• 62e686c docs: Add troubleshooting info for plugin compatibility (#18451) (Nicholas C. Zakas)
• e17e1c0 docs: Update README (GitHub Actions Bot)
• 39fb0ee fix: object-shorthand loses type parameters when auto-fixing (#18438) (dalaoshu)
• b67eba4 feat: add restrictedNamedExportsPattern to no-restricted-exports (#18431) (Akul Srivastava)
• dependabot[bot] commented 4 months ago

  Looks like these dependencies are updatable in another way, so this is no longer needed.