socket-security[bot]
commented
1 year ago New dependency changes detected. Learn more about Socket for GitHub βοΈ
π No new dependency issues detected in pull request
Bot Commands
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all
Pull request alert summary
| Issue | Status |
|---|---|
| Install scripts | β 0 issues |
| Native code | β 0 issues |
| Bin script shell injection | β 0 issues |
| Unresolved require | β 0 issues |
| Invalid package.json | β 0 issues |
| HTTP dependency | β 0 issues |
| Git dependency | β 0 issues |
| Potential typo squat | β 0 issues |
| Known Malware | β 0 issues |
| Telemetry | β 0 issues |
| Protestware/Troll package | β 0 issues |
π Modified Dependency Overview:
| β¬οΈ Updated Package | Version Diff | Added Capability Access | +/- Transitive Count |
Publisher |
|---|---|---|---|---|
| @snyk/protect@1.1152.0 | 1.1143.0...1.1152.0 | None | +0/-0 |
snyk-admin |
This PR contains the following updates:
1.1143.0->1.1152.0Release Notes
snyk/snyk
### [`v1.1152.0`](https://togithub.com/snyk/cli/releases/tag/v1.1152.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1151.0...v1.1152.0) ##### Features - include suppressions in sarif output ([87b573b](https://togithub.com/snyk/snyk/commit/87b573bc4d77c7959bd870fad87ce1af3b251cf8)) ### [`v1.1151.0`](https://togithub.com/snyk/cli/releases/tag/v1.1151.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1150.0...v1.1151.0) ##### Bug Fixes - support tar files-only projects ([a85a534](https://togithub.com/snyk/snyk/commit/a85a534687e5da9e6c27479655eda0071a012542)) ##### Features - switch to zerolog ([d3f0973](https://togithub.com/snyk/snyk/commit/d3f0973679d209ce6613f8d4d23b334ea87c65f0)) ### [`v1.1150.0`](https://togithub.com/snyk/cli/releases/tag/v1.1150.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1149.0...v1.1150.0) ##### Bug Fixes - gradle normalize deps transitives ([bd5a50c](https://togithub.com/snyk/snyk/commit/bd5a50c839d1ce76788f73ad0b4ec5e359b4c285)) ### [`v1.1149.0`](https://togithub.com/snyk/cli/releases/tag/v1.1149.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1148.0...v1.1149.0) ##### Bug Fixes - Upgrade snyk-iac-test to v0.43.1 ([32f381e](https://togithub.com/snyk/snyk/commit/32f381e01cebb7d5c8273a757f98318c75990001)) ### [`v1.1148.0`](https://togithub.com/snyk/cli/releases/tag/v1.1148.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1147.0...v1.1148.0) ##### Bug Fixes - upgrade docker plugin to fix windows go binaries scanning ([6458508](https://togithub.com/snyk/snyk/commit/645850869c46c7b152cddf9fc7dd94b0f61731c6)) ### [`v1.1147.0`](https://togithub.com/snyk/cli/releases/tag/v1.1147.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1146.0...v1.1147.0) ##### Bug Fixes - avoid security tools to kill installed binaries ([54a6952](https://togithub.com/snyk/snyk/commit/54a6952e3e11a0d755e7d48d2dab2228897b6775)) - gradle acceptance test \[HEAD-283] ([#4571](https://togithub.com/snyk/snyk/issues/4571)) ([e164c1d](https://togithub.com/snyk/snyk/commit/e164c1dfcdd3c3889d1abcc009253da60b7a2215)) - update dependencies ([b447bc5](https://togithub.com/snyk/snyk/commit/b447bc55059ffec1eb8dc97dc9486d2a56938fb6)) ### [`v1.1146.0`](https://togithub.com/snyk/cli/releases/tag/v1.1146.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1145.0...v1.1146.0) ##### Bug Fixes - align container sarif output ([15dd67c](https://togithub.com/snyk/snyk/commit/15dd67c7f25f6baadf8322ecb948bd8b70f67e9a)) ### [`v1.1145.0`](https://togithub.com/snyk/cli/releases/tag/v1.1145.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1144.0...v1.1145.0) ##### Bug Fixes - occasional ETXTBSY on CLI runs ([#4568](https://togithub.com/snyk/snyk/issues/4568)) ([cde8ca6](https://togithub.com/snyk/snyk/commit/cde8ca6a33c9b0b7faaae867321a451cfcceceff)) ### [`v1.1144.0`](https://togithub.com/snyk/cli/releases/tag/v1.1144.0) [Compare Source](https://togithub.com/snyk/snyk/compare/v1.1143.0...v1.1144.0) ##### Bug Fixes - bump snyk-docker-plugin ([16bf762](https://togithub.com/snyk/snyk/commit/16bf762368678d1b107ec0588cad16c4e0ad880a)) - temporarily skip failing gradle test ([c194271](https://togithub.com/snyk/snyk/commit/c194271ee0fd95e0c81d738caeb94cb5be49182e)) - use printf rather than echo for escaping in cliv2 Makefile ([#4559](https://togithub.com/snyk/snyk/issues/4559)) ([c074f6c](https://togithub.com/snyk/snyk/commit/c074f6caa61d2416513a689784a98cc87ef888f6))Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.