chore(deps): bump the nodesecure-dependencies group with 2 updates #408

dependabot · 2024-08-05T05:33:11Z

Bumps the nodesecure-dependencies group with 2 updates: @nodesecure/rc and @nodesecure/scanner.

Updates @nodesecure/rc from 2.1.0 to 3.0.0

Release notes

Sourced from @nodesecure/rc's releases.

v3.0.0

What's Changed

chore(deps): bump the github-actions group with 4 updates by @dependabot in NodeSecure/rc#213

chore(deps-dev): bump the development-dependencies group with 2 updates by @dependabot in NodeSecure/rc#214

chore(deps-dev): bump the development-dependencies group with 3 updates by @dependabot in NodeSecure/rc#217

chore(deps-dev): bump the development-dependencies group with 3 updates by @dependabot in NodeSecure/rc#221

chore(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in NodeSecure/rc#222

chore(deps-dev): bump the development-dependencies group with 5 updates by @dependabot in NodeSecure/rc#224

chore(deps-dev): bump the development-dependencies group with 3 updates by @dependabot in NodeSecure/rc#226

chore(deps): bump the github-actions group with 3 updates by @dependabot in NodeSecure/rc#228

chore(deps-dev): bump the development-dependencies group with 4 updates by @dependabot in NodeSecure/rc#232

refactor(scanner): add new highlight + contacts property by @fraxken in NodeSecure/rc#233

chore(deps-dev): bump the development-dependencies group with 3 updates by @dependabot in NodeSecure/rc#234

chore(deps-dev): bump @types/node from 20.14.10 to 20.14.11 in the development-dependencies group by @dependabot in NodeSecure/rc#238

chore(deps-dev): bump the development-dependencies group with 3 updates by @dependabot in NodeSecure/rc#242

chore(deps): bump fast-xml-parser from 4.2.7 to 4.4.1 by @dependabot in NodeSecure/rc#245

Remove package-lock.json & update dependencies by @fraxken in NodeSecure/rc#246

refactor: migrate to @openally/config by @fraxken in NodeSecure/rc#247

docs: blockquote, avoid scroll & add defs links by @fraxken in NodeSecure/rc#248

Full Changelog: NodeSecure/rc@v2.1.0...v3.0.0

Commits

e16f591 3.0.0
d5fcb58 docs: blockquote, avoid scroll & add defs links (#248)
25ecd7f refactor: migrate to @openally/config (#247)
22100e5 Merge pull request #246 from NodeSecure/remove-lock
9529f10 chore: update dependencies
5f2e10b chore: update to eslint v9
44b2c28 chore: remove package-lock.json
41801d0 chore(deps): bump fast-xml-parser from 4.2.7 to 4.4.1 (#245)
87a4282 chore(deps-dev): bump the development-dependencies group with 3 updates (#242)
e701f5f chore(deps-dev): bump @types/node in the development-dependencies group (#238)
Additional commits viewable in compare view

Updates @nodesecure/scanner from 5.3.0 to 6.0.1

Release notes

Sourced from @nodesecure/scanner's releases.

v6.0.1

What's Changed

fix(scanner): add missing @nodesecure/contact by @fraxken in NodeSecure/scanner#285

chore(deps): bump the github-actions group with 5 updates by @dependabot in NodeSecure/scanner#286

Full Changelog: NodeSecure/scanner@scanner-v6.0.0...scanner-v6.0.1

v6.0.0

What's Changed

docs: add kishore881 as a contributor for code by @allcontributors in NodeSecure/scanner#205

chore: make tests to pass by @PierreDemailly in NodeSecure/scanner#217

[WIP] Make a deep comparison of two payloads by @jean-michelet in NodeSecure/scanner#211

chore: update copyright by @fabnguess in NodeSecure/scanner#212

chore: use dependabot groups by @fraxken in NodeSecure/scanner#218

chore(deps): bump the github-actions group with 5 updates by @dependabot in NodeSecure/scanner#219

chore(deps-dev): bump the development-dependencies group with 2 updates by @dependabot in NodeSecure/scanner#221

chore(deps): bump the dependencies group with 1 update by @dependabot in NodeSecure/scanner#220

refactor: init workspaces & migrate tarball by @fraxken in NodeSecure/scanner#195

chore(deps): bump the github-actions group with 4 updates by @dependabot in NodeSecure/scanner#235

refactor: migrate npm walker to tree-walker workspace by @fraxken in NodeSecure/scanner#236

refactor: migrate everything to typescript & workspaces by @fraxken in NodeSecure/scanner#240

chore(deps): bump the github-actions group across 1 directory with 4 updates by @dependabot in NodeSecure/scanner#249

chore(deps): bump tar from 6.1.13 to 6.2.1 by @dependabot in NodeSecure/scanner#248

chore(deps-dev): bump the development-dependencies group across 1 directory with 6 updates by @dependabot in NodeSecure/scanner#250

docs: complete workspaces README & review some interfaces by @fraxken in NodeSecure/scanner#251

feat: add npm-types workspace by @fraxken in NodeSecure/scanner#254

refactor: decouple tree-walker & scanner by removing Dependency class by @fraxken in NodeSecure/scanner#252

Reconfigure workspaces & replace @slimio/lock with @openally/mutex by @fraxken in NodeSecure/scanner#255

refactor(npm-walker): re-implement walker with a class and DI by @fraxken in NodeSecure/scanner#256

refactor(scanner)!: migrate to npm-registry-sdk V3 and enhance types by @fraxken in NodeSecure/scanner#259

refactor!: migrate ntlp into new conformance workspace by @fraxken in NodeSecure/scanner#261

Implement Manifest Manager by @fraxken in NodeSecure/scanner#262

fix: use object-hash & expose utils from mama for Scanner by @fraxken in NodeSecure/scanner#263

chore(deps-dev): bump the development-dependencies group with 2 updates by @dependabot in NodeSecure/scanner#267

feat: implement Contact to replace @nodesecure/authors by @fraxken in NodeSecure/scanner#266

chore(deps-dev): bump the development-dependencies group with 2 updates by @dependabot in NodeSecure/scanner#269

chore: update to latest JS-X-Ray major by @fraxken in NodeSecure/scanner#272

docs: fix version badge and workspaces list by @fraxken in NodeSecure/scanner#273

chore(deps-dev): bump the development-dependencies group across 1 directory with 3 updates by @dependabot in NodeSecure/scanner#274

chore(deps): bump the dependencies group across 1 directory with 4 updates by @dependabot in NodeSecure/scanner#275

chore: use eslint v9 by @PierreDemailly in NodeSecure/scanner#277

refactor(tree-walker): remove max-depth limitation & start writing UT/FT by @fraxken in NodeSecure/scanner#276

refactor(tree-walker): optimize local relationsMap & use npm-pick-manifest by @fraxken in NodeSecure/scanner#278

chore(deps): bump fast-xml-parser from 4.3.2 to 4.4.1 by @dependabot in NodeSecure/scanner#280

chore(deps-dev): bump @types/node from 20.14.12 to 22.0.0 in the development-dependencies group by @dependabot in NodeSecure/scanner#279

refactor(compare): migrate to V6 & fix some TS issues by @fraxken in NodeSecure/scanner#281

feat: implement @nodesecure/rc to highlight contacts by @fraxken in NodeSecure/scanner#282

chore(npm-types): v1.1.0 by @fraxken in NodeSecure/scanner#283

... (truncated)

Commits

4a540d4 chore(scanner): v6.0.1
b00fd51 chore(deps): bump the github-actions group with 5 updates (#286)
881635e fix(scanner): add missing @nodesecure/contact (#285)
d35d228 chore(scanner): v6.0.0
e47733c Merge pull request #283 from NodeSecure/npm-types-v1.1.0
d306530 chore: update npm-types version for all workspaces
f41c9e7 chore(npm-types): v1.1.0
a4e2939 feat: implement @nodesecure/rc to highlight contacts (#282)
494e728 refactor(compare): migrate to V6 & fix some TS issues (#281)
7a0a49f chore(deps-dev): bump @types/node in the development-dependencies group (#279)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the nodesecure-dependencies group with 2 updates: [@nodesecure/rc](https://github.com/NodeSecure/rc) and [@nodesecure/scanner](https://github.com/NodeSecure/scanner). Updates `@nodesecure/rc` from 2.1.0 to 3.0.0 - [Release notes](https://github.com/NodeSecure/rc/releases) - [Commits](NodeSecure/rc@v2.1.0...v3.0.0) Updates `@nodesecure/scanner` from 5.3.0 to 6.0.1 - [Release notes](https://github.com/NodeSecure/scanner/releases) - [Commits](NodeSecure/scanner@v5.3.0...scanner-v6.0.1) --- updated-dependencies: - dependency-name: "@nodesecure/rc" dependency-type: direct:production update-type: version-update:semver-major dependency-group: nodesecure-dependencies - dependency-name: "@nodesecure/scanner" dependency-type: direct:production update-type: version-update:semver-major dependency-group: nodesecure-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-08-09T19:58:08Z

Looks like these dependencies are no longer updatable, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 5, 2024

dependabot bot closed this Aug 9, 2024

dependabot bot deleted the dependabot/npm_and_yarn/nodesecure-dependencies-b313fd8c09 branch August 9, 2024 19:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the nodesecure-dependencies group with 2 updates #408

chore(deps): bump the nodesecure-dependencies group with 2 updates #408

dependabot bot commented on behalf of github Aug 5, 2024 •

edited

Loading

dependabot bot commented on behalf of github Aug 9, 2024

chore(deps): bump the nodesecure-dependencies group with 2 updates #408

chore(deps): bump the nodesecure-dependencies group with 2 updates #408

Conversation

dependabot bot commented on behalf of github Aug 5, 2024 • edited Loading

v3.0.0

What's Changed

v6.0.1

What's Changed

v6.0.0

What's Changed

dependabot bot commented on behalf of github Aug 9, 2024

dependabot bot commented on behalf of github Aug 5, 2024 •

edited

Loading