Added filterResults option to filter out upgrades based on a user provided function.
filterResults runs after new versions are fetched, in contrast to filter and filterVersion, which run before. This allows you to filter out upgrades with filterResults based on how the version has changed (e.g. a major version change).
Only available in .ncurc.js or when importing npm-check-updates as a module.
/** Filter out non-major version updates.
@param {string} packageName The name of the dependency.
@param {string} currentVersion Current version declaration (may be range).
@param {SemVer[]} currentVersionSemver Current version declaration in semantic versioning format (may be range).
@param {string} upgradedVersion Upgraded version.
@param {SemVer} upgradedVersionSemver Upgraded version in semantic versioning format.
@returns {boolean} Return true if the upgrade should be kept, otherwise it will be ignored.
*/
filterResults: (packageName, {currentVersion, currentVersionSemver, upgradedVersion, upgradedVersionSemver}) => {
const currentMajorVersion = currentVersionSemver?.[0]?.major
const upgradedMajorVersion = upgradedVersionSemver?.major
if (currentMajorVersion && upgradedMajorVersion) {
return currentMajorVersion < upgradedMajorVersion
}
return true
}
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/saem/vscode-nim/network/alerts).
Bumps got to 12.6.1 and updates ancestor dependency npm-check-updates. These dependencies need to be updated together.
Updates
got
from 9.6.0 to 12.6.1Release notes
Sourced from got's releases.
... (truncated)
Commits
c405f54
12.6.167d5039
Fixget-stream
import statement (#2266)469a455
Meta tweaks8f77e8d
Fix readme "axios bugs" urls (#2253)af928f6
Fix type error on build (#2251)702ed35
Meta tweakse4460f7
Add failing tests for #2170 (#2171)13a68d3
12.6.088c88fb
Update dependencies0ca0b7f
Do not enforce newest URI rules on URLs (#2200)Updates
npm-check-updates
from 13.1.5 to 16.10.15Release notes
Sourced from npm-check-updates's releases.
... (truncated)
Commits
c467e24
16.10.15a56601c
Bump minor and patch dependencies.eec0739
16.10.1442f4d9b
Parse deprecated timeout option from npm config as a number (#1303).d546eba
16.10.13aba3513
lint9fa783d
Fix namespaced workspace matching. Fixes #1304.5e46ec0
getAllPackages: Minor refactor.e66f04f
16.10.12f7979d1
Add LRU_CACHE_IGNORE_AC_WARNING=1 for node v14.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/saem/vscode-nim/network/alerts).