Skip to content

chore(deps): update dependencies #444

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 26, 2024
Merged

chore(deps): update dependencies #444

merged 1 commit into from
Feb 26, 2024

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 23, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@typescript-eslint/eslint-plugin (source) 7.0.2 -> 7.1.0 age adoption passing confidence
@typescript-eslint/parser (source) 7.0.2 -> 7.1.0 age adoption passing confidence
eslint (source) 8.56.0 -> 8.57.0 age adoption passing confidence

Release Notes

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v7.1.0

Compare Source

🚀 Features

  • eslint-plugin: add *-type-checked-only configs

  • eslint-plugin: [naming-convention] support the auto-accessor syntax

  • eslint-plugin: [consistent-return] add new rule

🩹 Fixes

  • eslint-plugin: [prefer-optional-chan] allow typeof for avoiding reference error

  • eslint-plugin: [no-misused-promises] improve check union types

  • eslint-plugin: [no-use-before-define] fix false positive type reference in as, satisfies

❤️ Thank You
  • Arka Pratim Chaudhuri
  • Josh Goldberg ✨
  • YeonJuan

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v7.1.0

Compare Source

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

eslint/eslint (eslint)

v8.57.0

Compare Source

Features

  • 1120b9b feat: Add loadESLint() API method for v8 (#​18098) (Nicholas C. Zakas)
  • dca7d0f feat: Enable eslint.config.mjs and eslint.config.cjs (#​18066) (Nitin Kumar)

Bug Fixes

  • 2196d97 fix: handle absolute file paths in FlatRuleTester (#​18064) (Nitin Kumar)
  • 69dd1d1 fix: Ensure config keys are printed for config errors (#​18067) (Nitin Kumar)
  • 9852a31 fix: deep merge behavior in flat config (#​18065) (Nitin Kumar)
  • 4c7e9b0 fix: allow circular references in config (#​18056) (Milos Djermanovic)

Documentation

Chores

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@socket-security
Copy link

socket-security bot commented Feb 23, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@isaacs/string-locale-compare@1.1.0 None 0 3.16 kB isaacs
npm/@npmcli/agent@2.2.0 environment, network +6 608 kB npm-cli-ops
npm/@npmcli/arborist@7.2.2 environment, filesystem, network Transitive: shell +85 6.1 MB gar
npm/@npmcli/config@8.0.3 environment, filesystem Transitive: shell +22 1.95 MB gar
npm/@npmcli/disparity-colors@3.0.0 None +3 55.6 kB lukekarrys
npm/@npmcli/git@5.0.3 filesystem Transitive: environment, shell +8 156 kB npm-cli-ops
npm/@npmcli/installed-package-contents@2.0.2 filesystem +2 26.9 kB gar
npm/@npmcli/map-workspaces@3.0.4 Transitive: environment, filesystem, shell +19 1.78 MB npm-cli-ops
npm/@npmcli/run-script@7.0.2 environment, filesystem Transitive: network, shell +51 4.63 MB npm-cli-ops
npm/@rollup/pluginutils@5.1.0 None +2 133 kB shellscape
npm/@sigstore/tuf@2.2.0 environment, filesystem +1 249 kB bdehamer
npm/@types/estree@1.0.5 None 0 25.7 kB types
npm/aproba@2.0.0 None 0 8.05 kB iarna
npm/archy@1.0.0 None 0 8.42 kB substack
npm/cacache@18.0.1 filesystem Transitive: environment, shell +28 1.53 MB npm-cli-ops
npm/cidr-regex@4.0.3 None +1 13.5 kB silverwind
npm/citty@0.1.5 Transitive: environment +1 273 kB pi0
npm/cli-columns@4.0.0 None +3 66.6 kB shannonmoeller
npm/clone@1.0.4 None 0 11.1 kB pvorb
npm/columnify@1.6.0 None 0 38.8 kB timoxley
npm/defu@6.1.3 None 0 19.6 kB pi0
npm/diff@4.0.2 None 0 335 kB kpdecker
npm/domhandler@5.0.3 None +1 86.7 kB feedic
npm/esbuild@0.19.10 environment, filesystem, network, shell +23 224 MB evanw
npm/eslint@8.57.0 Transitive: environment, eval, filesystem, shell, unsafe +70 9.9 MB eslintbot, ivolodin, nzakas, ...1 more
npm/fastest-levenshtein@1.0.16 None 0 21.3 kB ka-weihe
npm/fs-minipass@3.0.3 filesystem +1 299 kB npm-cli-ops
npm/init-package-json@6.0.0 filesystem +2 59.8 kB npm-cli-ops
npm/is-cidr@5.0.3 None +2 17.9 kB silverwind
npm/jiti@1.21.0 environment, filesystem, unsafe 0 1.91 MB pi0
npm/libnpmaccess@8.0.2 Transitive: environment, filesystem, network, shell +50 2.94 MB gar
npm/libnpmdiff@6.0.4 Transitive: environment, filesystem, network, shell +92 6.56 MB gar
npm/libnpmexec@7.0.5 environment, filesystem Transitive: network, shell +86 6.11 MB gar
npm/libnpmfund@5.0.2 Transitive: environment, filesystem, network, shell +86 6.11 MB gar
npm/libnpmhook@10.0.1 network Transitive: environment, filesystem, shell +51 2.95 MB gar
npm/libnpmorg@6.0.2 network Transitive: environment, filesystem, shell +51 2.95 MB gar
npm/libnpmpack@6.0.4 filesystem Transitive: environment, network, shell +86 6.1 MB gar
npm/libnpmpublish@9.0.3 environment, filesystem Transitive: network, shell +54 3.06 MB gar
npm/libnpmsearch@7.0.1 Transitive: environment, filesystem, network, shell +50 2.94 MB gar
npm/libnpmteam@6.0.1 Transitive: environment, filesystem, network, shell +51 2.95 MB gar
npm/libnpmversion@5.0.2 filesystem Transitive: environment, network, shell +60 4.79 MB gar
npm/magic-string@0.30.5 None +1 485 kB antfu
npm/minizlib@2.1.2 None 0 17.3 kB isaacs
npm/mlly@1.4.2 None +1 703 kB pi0
npm/node-gyp@10.0.1 environment, shell Transitive: filesystem, network +48 4.59 MB lukekarrys
npm/nopt@1.0.10 environment +1 31.5 kB isaacs
npm/npm-audit-report@5.0.0 None 0 11.8 kB lukekarrys
npm/npm-install-checks@6.3.0 None 0 6.21 kB npm-cli-ops
npm/npm-package-arg@11.0.1 None +1 45.8 kB npm-cli-ops
npm/npm-profile@9.0.0 network Transitive: environment, filesystem, shell +50 2.96 MB npm-cli-ops
npm/npm-registry-fetch@16.1.0 environment, filesystem, network Transitive: shell +49 2.93 MB npm-cli-ops
npm/npm-user-validate@2.0.0 None 0 4.16 kB lukekarrys

🚮 Removed packages: npm/eslint@8.56.0, npm/once@1.4.0, npm/p-limit@3.1.0, npm/picomatch@2.3.1, npm/prettier@3.2.5, npm/pretty-format@29.7.0, npm/readable-stream@2.3.8, npm/regenerator-runtime@0.14.1, npm/resolve@1.22.8, npm/rimraf@5.0.5, npm/safe-buffer@5.2.1, npm/semantic-release@23.0.2, npm/semver@7.5.4, npm/signal-exit@4.1.0, npm/slash@3.0.0, npm/string_decoder@1.1.1, npm/strip-ansi@6.0.1, npm/supports-color@7.2.0, npm/text-table@0.2.0, npm/ts-node@10.9.2, npm/type-check@0.4.0, npm/type-fest@0.20.2, npm/typescript@5.3.3, npm/unbuild@2.0.0, npm/util-deprecate@1.0.2, npm/wrap-ansi@7.0.0, npm/write-file-atomic@4.0.2, npm/yargs@17.7.2

View full report↗︎

@socket-security
Copy link

socket-security bot commented Feb 23, 2024

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package Note
Install scripts npm/esbuild@0.19.10

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/esbuild@0.19.10

@renovate renovate bot force-pushed the renovate/dependencies branch from 44b4500 to 0a0542c Compare February 26, 2024 19:42
@renovate renovate bot changed the title chore(deps): update dependency eslint to v8.57.0 chore(deps): update dependencies Feb 26, 2024
@renovate renovate bot merged commit ce58951 into main Feb 26, 2024
@renovate renovate bot deleted the renovate/dependencies branch February 26, 2024 22:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant