chore(deps): update dependency @inquirer/confirm to v5.1.19 #1361
Conversation
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
![renovate-approve-2[bot]](https://avatars.githubusercontent.com/in/62175?s=60&v=4){kind=small}
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
📦 Packages
|
github-actions
bot
added
qa:success
github-actions
bot
added
status:merged
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
github-actions
bot
added
status:mergeable
![seer-by-sentry[bot]](https://avatars.githubusercontent.com/in/801464?s=60&v=4){kind=small}
|
|
||
| "@inquirer/select": ["@inquirer/select@4.3.4", "", { "dependencies": { "@inquirer/ansi": "^1.0.0", "@inquirer/core": "^10.2.2", "@inquirer/figures": "^1.0.13", "@inquirer/type": "^3.0.8", "yoctocolors-cjs": "^2.1.2" }, "peerDependencies": { "@types/node": ">=18" }, "optionalPeers": ["@types/node"] }, "sha512-Qp20nySRmfbuJBBsgPU7E/cL62Hf250vMZRzYDcBHty2zdD1kKCnoDFWRr0WO2ZzaXp3R7a4esaVGJUx0E6zvA=="], | ||
|
|
||
| "@inquirer/type": ["@inquirer/type@3.0.8", "", { "peerDependencies": { "@types/node": ">=18" }, "optionalPeers": ["@types/node"] }, "sha512-lg9Whz8onIHRthWaN1Q9EGLa/0LFJjyM8mEUbL1eTi6yMGvBf8gvyDLtxSXztQsxMvhxxNpJYrwa1YHdq+w4Jw=="], | ||
| "@inquirer/type": ["@inquirer/type@3.0.9", "", { "peerDependencies": { "@types/node": ">=18" }, "optionalPeers": ["@types/node"] }, "sha512-QPaNt/nmE2bLGQa9b7wwyRJoLZ7pN6rcyXvzU0YCmivmJyq1BVo94G98tStRWkoD1RgDX5C+dPlhhHzNdu/W/w=="], | ||
|
|
||
| "@ipld/dag-cbor": ["@ipld/dag-cbor@9.2.5", "", { "dependencies": { "cborg": "^4.0.0", "multiformats": "^13.1.0" } }, "sha512-84wSr4jv30biui7endhobYhXBQzQE4c/wdoWlFrKcfiwH+ofaPg8fwsM8okX9cOzkkrsAsNdDyH3ou+kiLquwQ=="], | ||
|
|
There was a problem hiding this comment.
Potential bug: Two versions of @inquirer/core are installed, causing instanceof checks for prompt errors to fail, leading to incorrect error handling.
-
Description: The lockfile resolves two different versions of
@inquirer/core:10.2.2and10.3.0. When a user cancels aconfirmprompt, an error is thrown by a function using version10.3.0. However, the error handler insdk/cli/src/commands/index.tsusesinstanceofto check against error classes imported from version10.2.2. This check fails because the objects are from different package instances. As a result, legitimate cancellations are treated as unknown errors, causing the CLI to exit with code 1 instead of gracefully with code 0. -
Suggested fix: Update the
@inquirer/coredevDependency insdk/cli/package.jsonto match the version used by@inquirer/confirm(e.g.,^10.3.0). This will consolidate the dependency to a single version, ensuring thatinstanceofchecks for prompt errors work correctly across the application.
severity: 0.75, confidence: 0.98
Did we get this right? 👍 / 👎 to inform future reviews.
This PR contains the following updates:
5.1.18->5.1.19Release Notes
SBoudrias/Inquirer.js (@inquirer/confirm)
v5.1.19Compare Source
Configuration
📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.
Summary by cubic
Update @inquirer/confirm in the CLI from 5.1.18 to 5.1.19. Keeps our prompt tooling current with upstream fixes. No runtime impact.