search

sxzz / stale-dep

Check if your `node_modules` is stale.
MIT License
156 stars 4 forks source link

chore(deps): update all non-major dependencies #19

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@types/node (source) ^18.16.5 -> ^18.16.9 age adoption passing confidence
pnpm (source) 8.4.0 -> 8.5.1 age adoption passing confidence

Release Notes

pnpm/pnpm ### [`v8.5.1`](https://togithub.com/pnpm/pnpm/releases/tag/v8.5.1) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v8.5.0...v8.5.1) #### Patch Changes - Expanded missing command error, including 'did you mean' [#​6492](https://togithub.com/pnpm/pnpm/issues/6492). - When installation fails because the lockfile is not up-to-date with the `package.json` file(s), print out what are the differences [#​6536](https://togithub.com/pnpm/pnpm/pull/6536). - Normalize current working directory on Windows [#​6524](https://togithub.com/pnpm/pnpm/issues/6524). #### Our Gold Sponsors
#### Our Silver Sponsors
### [`v8.5.0`](https://togithub.com/pnpm/pnpm/releases/tag/v8.5.0) [Compare Source](https://togithub.com/pnpm/pnpm/compare/v8.4.0...v8.5.0) #### Minor Changes - `pnpm patch-remove` command added [#​6521](https://togithub.com/pnpm/pnpm/pull/6521). #### Patch Changes - `pnpm link -g ` should not modify the `package.json` file [#​4341](https://togithub.com/pnpm/pnpm/issues/4341). - The deploy command should not ask for confirmation to purge the `node_modules` directory [#​6510](https://togithub.com/pnpm/pnpm/issues/6510). - Show cyclic workspace dependency details [#​5059](https://togithub.com/pnpm/pnpm/issues/5059). - Node.js range specified through the `engines` field should match prerelease versions [#​6509](https://togithub.com/pnpm/pnpm/pull/6509). #### Our Gold Sponsors
#### Our Silver Sponsors

Configuration

📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.

stackblitz[bot] commented 1 year ago

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

socket-security[bot] commented 1 year ago

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Pull request alert summary
Issue Status
Install scripts ✅ 0 issues
Native code ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues

📊 Modified Dependency Overview:

➕ Added Package Capability Access +/- Transitive Count Publisher
@types/node@18.16.9 None +0 types