guardrails[bot]
commented
8 months ago :warning: We detected 2 security issues in this pull request:
Vulnerable Libraries (2)
Severity | Details :-: | :-- High | [pkg:npm/gitmoji-changelog@2.3.0](https://github.com/koromerzhin/js-commands/blob/0104740a6ec4db236e2f123f5125469a673070ae/package.json) (t) upgrade to: *> 2.3.0* Informational | [pkg:npm/semantic-git-commit-cli@3.7.0](https://github.com/koromerzhin/js-commands/blob/0104740a6ec4db236e2f123f5125469a673070ae/package.json) (t) upgrade to: *> 3.7.0* More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr).
š Go to the dashboard for detailed results.
š„ Happy? Share your feedback with us.
This PR contains the following updates:
16.3.*->16.4.*Release Notes
motdotla/dotenv (dotenv)
### [`v16.4.5`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1645-2024-02-19) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.4.4...v16.4.5) ##### Changed - š fix recent regression when using `path` option. return to historical behavior: do not attempt to auto find `.env` if `path` set. (regression was introduced in `16.4.3`) [#814](https://togithub.com/motdotla/dotenv/pull/814) ### [`v16.4.4`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1644-2024-02-13) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.4.3...v16.4.4) ##### Changed - š Replaced chaining operator `?.` with old school `&&` (fixing node 12 failures) [#812](https://togithub.com/motdotla/dotenv/pull/812) ### [`v16.4.3`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1643-2024-02-12) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.4.2...v16.4.3) ##### Changed - Fixed processing of multiple files in `options.path` [#805](https://togithub.com/motdotla/dotenv/pull/805) ### [`v16.4.2`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1642-2024-02-10) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.4.1...v16.4.2) ##### Changed - Changed funding link in package.json to [`dotenvx.com`](https://dotenvx.com) ### [`v16.4.1`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1641-2024-01-24) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.4.0...v16.4.1) - Patch support for array as `path` option [#797](https://togithub.com/motdotla/dotenv/pull/797) ### [`v16.4.0`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1640-2024-01-23) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.3.2...v16.4.0) - Add `error.code` to error messages around `.env.vault` decryption handling [#795](https://togithub.com/motdotla/dotenv/pull/795) - Add ability to find `.env.vault` file when filename(s) passed as an array [#784](https://togithub.com/motdotla/dotenv/pull/784) ### [`v16.3.2`](https://togithub.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1632-2024-01-18) [Compare Source](https://togithub.com/motdotla/dotenv/compare/v16.3.1...v16.3.2) ##### Added - Add debug message when no encoding set [#735](https://togithub.com/motdotla/dotenv/pull/735) ##### Changed - Fix output typing for `populate` [#792](https://togithub.com/motdotla/dotenv/pull/792) - Use subarray instead of slice [#793](https://togithub.com/motdotla/dotenv/pull/793)Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.