Skip to content

chore(deps): update dependency secretlint to v11 #944

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 15, 2025
Merged

chore(deps): update dependency secretlint to v11 #944

merged 2 commits into from
Oct 15, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 3, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
secretlint (source) ^7.x || ^8.x || ^10.0.0 -> ^7.x || ^8.x || ^10.0.0 || ^11.0.0 age confidence

Release Notes

secretlint/secretlint (secretlint)

v11.2.5

Compare Source

What's Changed
Bug Fixes
  • fix(private-key): reduce false positives for placeholder private keys by @​azu in #​1269
Refactoring
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.2.4...v11.2.5

v11.2.4

Compare Source

What's Changed
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.2.3...v11.2.4

v11.2.3

Compare Source

What's Changed

secretlint v11.2.3+ support npm Provenance.

image
Testing
  • refactor: Consolidate snapshot tests and move rule configs to test directories by @​azu in #​1188
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v11.2.0...v11.2.3

v11.2.2

Compare Source

This is not released in npm.

v11.2.0

Compare Source

What's Changed
Features
Bug Fixes
  • Add support for Makefile variable pattern $(VARIABLE) in database-connection-string rule by @​Copilot in #​1191
Dependency Updates
New Contributors

Full Changelog: secretlint/secretlint@v11.1.0...v11.2.0

v11.1.0

Compare Source

What's Changed
Features

You can use filePathGlobs to match against file paths using glob patterns:

{
  "rules": [
    {
      "id": "@​secretlint/secretlint-rule-pattern",
      "options": {
        "patterns": [
          {
            "name": "env files",
            "filePathGlobs": ["**/.env", "**/.env.*"]
          },
          {
            "name": "AWS credentials in env files",
            "filePathGlobs": ["**/.env*"],
            "pattern": "/aws_access_key_id|aws_secret_access_key/i"
          },
          {
            "name": "private keys",
            "filePathGlobs": ["**/*.pem", "**/*.key"],
            "pattern": "/BEGIN (RSA |EC )?PRIVATE KEY/"
          }
        ]
      }
    }
  ]
}
  • When only filePathGlobs is specified, the rule reports if the file path matches any of the glob patterns
  • When only pattern is specified, the rule reports if the file content matches the regex pattern
  • When both are specified, the rule reports only if both the file path matches the glob AND the content matches the pattern
Refactoring
  • refactor(types): migrate from tsd to vitest for type testing by @​azu in #​1169
Testing
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.0.2...v11.1.0

v11.0.2

Compare Source

What's Changed

Bug Fixes
  • fix(binary): resolve --version issue in Bun compiled binaries by @​azu in #​1164
Documentation
  • docs(contributing): add pre-release documentation checklist by @​azu in #​1162
  • docs(readme): add missing rules from preset-recommend by @​azu in #​1163
Testing
  • test: update valid test snapshots for database connection string rule by @​azu in #​1160
Dependency Updates

Full Changelog: secretlint/secretlint@v11.0.1...v11.0.2

v11.0.1

Compare Source

New Recommended Rules

  • Add @secretlint/secretlint-rule-anthropic to detect Claude API keys (pattern: sk-ant-api0\d-[A-Za-z0-9_-]{90,128}AA)
  • Add @secretlint/secretlint-rule-database-connection-string to detect database credentials like mongodb://user:s3cr3tP4ss@cluster.mongodb.net/myd

What's Changed

Breaking Changes
  • feat: add Anthropic and Database Connection String rules to recommended preset by @​azu in #​1154
Bug Fixes
  • fix: use workspace:* references for internal dependencies in examples by @​azu in #​1157
Documentation
Refactoring
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v10.2.2...v11.0.1

v11.0.0

Compare Source

See v11.0.1

Configuration

📅 Schedule: Branch creation - "after 10:00 before 19:00 every weekday except after 13:00 before 14:00" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the c: dependencies Pull requests that adds/updates a dependency label Oct 3, 2025
@renovate renovate bot requested a review from prisis as a code owner October 3, 2025 10:05
@coderabbitai
Copy link

coderabbitai bot commented Oct 3, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor

github-actions bot commented Oct 3, 2025
edited
Loading

Thank you for following the naming conventions! 🙏

@pkg-pr-new
Copy link

pkg-pr-new bot commented Oct 3, 2025
edited
Loading

Open in StackBlitz

npm i https://pkg.pr.new/anolilab/javascript-style-guide/@anolilab/lint-staged-config@944

commit: ad48aba

prisis
prisis previously approved these changes Oct 14, 2025
View reviewed changes
@renovate renovate bot force-pushed the renovate/major-11-secretlint-monorepo branch from 05e7b6f to ddb9864 Compare October 14, 2025 23:24
@socket-security
Copy link

socket-security bot commented Oct 14, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedexeca@​9.6.09910010084100

View full report

@renovate renovate bot force-pushed the renovate/major-11-secretlint-monorepo branch from 8c96d8d to 9559ba1 Compare October 15, 2025 09:20
@renovate
chore(deps): update dependency secretlint to v11
ad48aba 
BREAKING CHANGE: updated dependencies to major versions
@renovate renovate bot force-pushed the renovate/major-11-secretlint-monorepo branch from 9559ba1 to ad48aba Compare October 15, 2025 09:26
@prisis prisis merged commit 85af8ce into main Oct 15, 2025
10 checks passed
@prisis prisis deleted the renovate/major-11-secretlint-monorepo branch October 15, 2025 12:36
@github-actions
Copy link
Contributor

github-actions bot commented Nov 14, 2025

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using our GitHub Discussions tab for questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 14, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@prisis prisis prisis left review comments

Assignees

No one assigned

Labels

c: dependencies Pull requests that adds/updates a dependency

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@prisis