Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. Ignoring alerts on:
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
witmicko
force-pushed
the
monorepo-language-detector
branch
from
4916133 to
f6550be
Compare
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
witmicko
force-pushed
the
monorepo-language-detector
branch
from
f6550be to
1f4ac90
Compare
This comment was marked as outdated.
This comment was marked as outdated.
Sorry, something went wrong.
|
@SocketSecurity ignore npm/babel-plugin-istanbul@6.1.1 well known dev deps |
|
@SocketSecurity ignore npm/ejs@3.1.10 |
| "@types/jest": "^29.5.8", | ||
| "jest": "^29.7.0" | ||
| "@types/jest": "30.0.0", | ||
| "jest": "30.2.0" |
There was a problem hiding this comment.
Bug: Jest Version Mismatch Causes Installation Failure
Jest and @types/jest are updated to versions 30.2.0 and 30.0.0 respectively in package.json. Jest v30.x does not exist yet, with the latest stable release being in the 29.x series. This will cause dependency installation to fail.
Additional Locations (1)
EllusionN
left a comment
EllusionN
left a comment
There was a problem hiding this comment.
Only reviewed for aspects that impacted the external interface. Nothing notable is in this PR so we can proceed to the next stage and do a deeper implementation review once ready to open the final PRs.
2 participants
Add language detector action
uses github api to automatically detect languages in the process repository and create matrix output to configure workflow downstream.
Note
Introduces a Language Detector GitHub Action that detects repo languages and outputs a scanner matrix, with tests, a demo workflow, and minor CodeQL action/doc updates.
packages/language-detector/action.yml, CLI scripts (src/detect-languages.js,src/job-configurator.js) to fetch GitHub languages and generate a scan matrix..github/workflows/test-language-detector.ymlto validate action and scripts.scripts/generate-config.js: apply language-specific fallbacks and safely emit outputs; minor refactor/formatting.src/config-loader.js: robust default fallback; small cleanup.package.json; tests formatting tweaks.README.mdandpackages/codeql-action/README.mdwith language detection, configuration, and tables.repo-configs/lll.jsstyle; minor log formatting inshared/scripts/check-packages.js.Written by Cursor Bugbot for commit d23dfa2. This will update automatically on new commits. Configure here.