Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps-dev): bump the development-dependencies group across 1 directory with 8 updates #145

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps-dev): bump the development-dependencies group across 1 directory with 8 updates #145

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 10, 2025

Bumps the development-dependencies group with 8 updates in the /mc directory:

Package From To
@cloudflare/workers-types 4.20250214.0 4.20250310.0
@stylistic/eslint-plugin-ts 3.1.0 4.2.0
@typescript-eslint/eslint-plugin 8.24.1 8.26.1
esbuild 0.25.0 0.25.1
eslint 9.20.1 9.22.0
eslint-config-prettier 10.0.1 10.1.1
typescript 5.7.3 5.8.2
vitest 3.0.5 3.0.8

Updates @cloudflare/workers-types from 4.20250214.0 to 4.20250310.0

Commits

Updates @stylistic/eslint-plugin-ts from 3.1.0 to 4.2.0

Release notes

Sourced from @​stylistic/eslint-plugin-ts's releases.

v4.2.0

4.2.0 (2025-03-03)

Features

  • config: update yield-star-spacing and generator-star-spacing config to align with Prettier (86d17c8)

Documentation

v4.1.0

4.1.0 (2025-02-26)

Features

  • add module.exports named export for require(esm) compatibility (#700) (668c955)

Documentation

Chores

v4.0.1

4.0.1 (2025-02-19)

Bug Fixes

  • indent-binary-ops: handle { for left token check (#693) (7f2740e)

Chores

v4.0.0

4.0.0 (2025-02-18)

... (truncated)

Changelog

Sourced from @​stylistic/eslint-plugin-ts's changelog.

4.2.0 (2025-03-03)

Features

  • config: update yield-star-spacing and generator-star-spacing config to align with Prettier (86d17c8)

Documentation

4.1.0 (2025-02-26)

Features

  • add module.exports named export for require(esm) compatibility (#700) (668c955)

Documentation

Chores

4.0.1 (2025-02-19)

Bug Fixes

  • indent-binary-ops: handle { for left token check (#693) (7f2740e)

Chores

4.0.0 (2025-02-18)

Features

  • semi-spacing: support handling typescript (#687) (8b76c93)

... (truncated)

Commits

Updates @typescript-eslint/eslint-plugin from 8.24.1 to 8.26.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.26.1

8.26.1 (2025-03-10)

🩹 Fixes

  • eslint-plugin: [prefer-nullish-coalescing] treat any/unknown as eligible for nullish coalescing (#10865)
  • eslint-plugin: [no-unsafe-return] handle recursive type (#10883)
  • rule-tester: export TestLanguageOptions (#10930)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.26.0

8.26.0 (2025-03-03)

🚀 Features

  • support TypeScript 5.8 (#10903)
  • eslint-plugin: [no-unnecessary-type-parameters] special case tuples and parameter location arrays as single-use (#9536)
  • eslint-plugin: [no-unused-var] handle implicit exports in declaration files (#10714)
  • eslint-plugin: [explicit-module-boundary-types] add an option to ignore overload implementations (#10889)
  • eslint-plugin: [unified-signatures] support ignoring overload signatures with different JSDoc comments (#10781)
  • rule-tester: export TestLanguageOptions (#10892)
  • scope-manager: only call Object.entries once for each lib (#10647)

🩹 Fixes

  • deps: update dependency typedoc-plugin-markdown to v4.4.2 (#10877)
  • eslint-plugin: [unified-signatures] does not differentiate truly private methods (#10806)
  • eslint-plugin: [no-invalid-void-type] report accessor properties with an invalid void type (#10864)
  • eslint-plugin: [no-unnecessary-type-assertion] handle unknown (#10875)
  • rule-tester: Add missing parser dependency (#10909)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.26.1 (2025-03-10)

🩹 Fixes

  • eslint-plugin: [no-unsafe-return] handle recursive type (#10883)
  • eslint-plugin: [prefer-nullish-coalescing] treat any/unknown as eligible for nullish coalescing (#10865)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.26.0 (2025-03-03)

🚀 Features

  • eslint-plugin: [unified-signatures] support ignoring overload signatures with different JSDoc comments (#10781)
  • eslint-plugin: [explicit-module-boundary-types] add an option to ignore overload implementations (#10889)
  • eslint-plugin: [no-unused-var] handle implicit exports in declaration files (#10714)
  • support TypeScript 5.8 (#10903)
  • eslint-plugin: [no-unnecessary-type-parameters] special case tuples and parameter location arrays as single-use (#9536)

🩹 Fixes

  • eslint-plugin: [no-unnecessary-type-assertion] handle unknown (#10875)
  • eslint-plugin: [no-invalid-void-type] report accessor properties with an invalid void type (#10864)
  • eslint-plugin: [unified-signatures] does not differentiate truly private methods (#10806)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.25.0 (2025-02-24)

🚀 Features

  • eslint-plugin: [no-misused-spread] add suggestions (#10719)

🩹 Fixes

  • eslint-plugin: [prefer-nullish-coalescing] report on chain expressions in a ternary (#10708)
  • eslint-plugin: [no-deprecated] report usage of deprecated private identifiers (#10844)

... (truncated)

Commits
  • 9aa0b6b chore(release): publish 8.26.1
  • ee90e45 fix(eslint-plugin): [no-unsafe-return] handle recursive type (#10883)
  • dba0bed fix(eslint-plugin): [prefer-nullish-coalescing] treat any/unknown as elig...
  • bc6d19f chore(release): publish 8.26.0
  • 02d9d73 feat(eslint-plugin): [unified-signatures] support ignoring overload signature...
  • 84af50e feat(eslint-plugin): [explicit-module-boundary-types] add an option to ignore...
  • a03b7ef fix(eslint-plugin): [no-unnecessary-type-assertion] handle unknown (#10875)
  • 4082ad0 docs(eslint-plugin): [consistent-return] add link to noImplicitReturns docs...
  • d8d4b3c feat(eslint-plugin): [no-unused-var] handle implicit exports in declaration f...
  • 9674629 feat: support TypeScript 5.8 (#10903)
  • Additional commits viewable in compare view

Updates esbuild from 0.25.0 to 0.25.1

Release notes

Sourced from esbuild's releases.

v0.25.1

  • Fix incorrect paths in inline source maps (#4070, #4075, #4105)

    This fixes a regression from version 0.25.0 where esbuild didn't correctly resolve relative paths contained within source maps in inline sourceMappingURL data URLs. The paths were incorrectly being passed through as-is instead of being resolved relative to the source file containing the sourceMappingURL comment, which was due to the data URL not being a file URL. This regression has been fixed, and this case now has test coverage.

  • Fix invalid generated source maps (#4080, #4082, #4104, #4107)

    This release fixes a regression from version 0.24.1 that could cause esbuild to generate invalid source maps. Specifically under certain conditions, esbuild could generate a mapping with an out-of-bounds source index. It was introduced by code that attempted to improve esbuild's handling of "null" entries in source maps (i.e. mappings with a generated position but no original position). This regression has been fixed.

    This fix was contributed by @​jridgewell.

  • Fix a regression with non-file source map paths (#4078)

    The format of paths in source maps that aren't in the file namespace was unintentionally changed in version 0.25.0. Path namespaces is an esbuild-specific concept that is optionally available for plugins to use to distinguish paths from file paths and from paths meant for other plugins. Previously the namespace was prepended to the path joined with a : character, but version 0.25.0 unintentionally failed to prepend the namespace. The previous behavior has been restored.

  • Fix a crash with switch optimization (#4088)

    The new code in the previous release to optimize dead code in switch statements accidentally introduced a crash in the edge case where one or more switch case values include a function expression. This is because esbuild now visits the case values first to determine whether any cases are dead code, and then visits the case bodies once the dead code status is known. That triggered some internal asserts that guard against traversing the AST in an unexpected order. This crash has been fixed by changing esbuild to expect the new traversal ordering. Here's an example of affected code:

    switch (x) {
  case '':
    return y.map(z => z.value)
  case y.map(z => z.key).join(','):
    return []
}

  • Update Go from 1.23.5 to 1.23.7 (#4076, #4077)

    This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain reports from vulnerability scanners that detect which version of the Go compiler esbuild uses.

    This PR was contributed by @​MikeWillCook.

Changelog

Sourced from esbuild's changelog.

0.25.1

  • Fix incorrect paths in inline source maps (#4070, #4075, #4105)

    This fixes a regression from version 0.25.0 where esbuild didn't correctly resolve relative paths contained within source maps in inline sourceMappingURL data URLs. The paths were incorrectly being passed through as-is instead of being resolved relative to the source file containing the sourceMappingURL comment, which was due to the data URL not being a file URL. This regression has been fixed, and this case now has test coverage.

  • Fix invalid generated source maps (#4080, #4082, #4104, #4107)

    This release fixes a regression from version 0.24.1 that could cause esbuild to generate invalid source maps. Specifically under certain conditions, esbuild could generate a mapping with an out-of-bounds source index. It was introduced by code that attempted to improve esbuild's handling of "null" entries in source maps (i.e. mappings with a generated position but no original position). This regression has been fixed.

    This fix was contributed by @​jridgewell.

  • Fix a regression with non-file source map paths (#4078)

    The format of paths in source maps that aren't in the file namespace was unintentionally changed in version 0.25.0. Path namespaces is an esbuild-specific concept that is optionally available for plugins to use to distinguish paths from file paths and from paths meant for other plugins. Previously the namespace was prepended to the path joined with a : character, but version 0.25.0 unintentionally failed to prepend the namespace. The previous behavior has been restored.

  • Fix a crash with switch optimization (#4088)

    The new code in the previous release to optimize dead code in switch statements accidentally introduced a crash in the edge case where one or more switch case values include a function expression. This is because esbuild now visits the case values first to determine whether any cases are dead code, and then visits the case bodies once the dead code status is known. That triggered some internal asserts that guard against traversing the AST in an unexpected order. This crash has been fixed by changing esbuild to expect the new traversal ordering. Here's an example of affected code:

    switch (x) {
  case '':
    return y.map(z => z.value)
  case y.map(z => z.key).join(','):
    return []
}

  • Update Go from 1.23.5 to 1.23.7 (#4076, #4077)

    This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain reports from vulnerability scanners that detect which version of the Go compiler esbuild uses.

    This PR was contributed by @​MikeWillCook.

Commits

Updates eslint from 9.20.1 to 9.22.0

Release notes

Sourced from eslint's releases.

v9.22.0

Features

  • 7ddb095 feat: Export defineConfig, globalIgnores (#19487) (Nicholas C. Zakas)

Bug Fixes

  • 19c0127 fix: improve message for no-console suggestions (#19483) (Francesco Trotta)
  • 49e624f fix: improve error message for falsy parsed JS AST (#19458) (Josh Goldberg ✨)

Documentation

  • 86c5f37 docs: Update README (GitHub Actions Bot)
  • fbdeff0 docs: Update README (GitHub Actions Bot)
  • c9e8510 docs: generate deprecation notice in TSDoc comments from rule metadata (#19461) (Francesco Trotta)
  • 2f386ad docs: replace var with const in rule examples (#19469) (Tanuj Kanti)
  • 0e688e3 docs: Update README (GitHub Actions Bot)
  • 06b596d docs: Restore the carrot to the position where the search input was lost (#19459) (Amaresh S M)

Chores

v9.21.0

Features

  • 418717f feat: introduce new deprecated types for rules (#19238) (fnx)
  • 5c5b802 feat: Add --ext CLI option (#19405) (Milos Djermanovic)

Bug Fixes

  • db5340d fix: update missing plugin message template (#19445) (Milos Djermanovic)
  • d8ffdd4 fix: do not exit process on rule crash (#19436) (Francesco Trotta)

Documentation

  • c5561ea docs: Update README (GitHub Actions Bot)
  • 80b0485 docs: replace var with let and const in rule example (#19434) (Tanuj Kanti)
  • f67d5e8 docs: Update README (GitHub Actions Bot)
  • 75afc61 docs: Update README (GitHub Actions Bot)
  • 0636cab docs: Update Eleventy from v2 to v3 (#19415) (Amaresh S M)
  • dd7d930 docs: Update README (GitHub Actions Bot)

Chores

  • a8c9a9f chore: update @eslint/eslintrc and @eslint/js (#19453) (Francesco Trotta)
  • 265e0cf chore: package.json update for @​eslint/js release (Jenkins)
  • 3401b85 test: add test for Rule.ReportDescriptor type (#19449) (Francesco Trotta)
  • e497aa7 chore: update rewrite dependencies (#19448) (Francesco Trotta)
  • dab5478 chore: better error message for missing plugin in config (#19402) (Tanuj Kanti)
  • ebfe2eb chore: set js language for bug report issue config block (#19439) (Josh Goldberg ✨)
  • 5fd211d test: processors can return subpaths (#19425) (Milos Djermanovic)
Changelog

Sourced from eslint's changelog.

v9.22.0 - March 7, 2025

  • 97f788b chore: upgrade @​eslint/js@​9.22.0 (#19489) (Milos Djermanovic)
  • eed409a chore: package.json update for @​eslint/js release (Jenkins)
  • f9a56d3 chore: upgrade [email protected] (#19488) (Milos Djermanovic)
  • 7ddb095 feat: Export defineConfig, globalIgnores (#19487) (Nicholas C. Zakas)
  • 86c5f37 docs: Update README (GitHub Actions Bot)
  • 19c0127 fix: improve message for no-console suggestions (#19483) (Francesco Trotta)
  • fbdeff0 docs: Update README (GitHub Actions Bot)
  • c9e8510 docs: generate deprecation notice in TSDoc comments from rule metadata (#19461) (Francesco Trotta)
  • 2f386ad docs: replace var with const in rule examples (#19469) (Tanuj Kanti)
  • 0e688e3 docs: Update README (GitHub Actions Bot)
  • 49e624f fix: improve error message for falsy parsed JS AST (#19458) (Josh Goldberg ✨)
  • 06b596d docs: Restore the carrot to the position where the search input was lost (#19459) (Amaresh S M)

v9.21.0 - February 21, 2025

  • a8c9a9f chore: update @eslint/eslintrc and @eslint/js (#19453) (Francesco Trotta)
  • 265e0cf chore: package.json update for @​eslint/js release (Jenkins)
  • 418717f feat: introduce new deprecated types for rules (#19238) (fnx)
  • 3401b85 test: add test for Rule.ReportDescriptor type (#19449) (Francesco Trotta)
  • e497aa7 chore: update rewrite dependencies (#19448) (Francesco Trotta)
  • c5561ea docs: Update README (GitHub Actions Bot)
  • db5340d fix: update missing plugin message template (#19445) (Milos Djermanovic)
  • d8ffdd4 fix: do not exit process on rule crash (#19436) (Francesco Trotta)
  • dab5478 chore: better error message for missing plugin in config (#19402) (Tanuj Kanti)
  • 80b0485 docs: replace var with let and const in rule example (#19434) (Tanuj Kanti)
  • ebfe2eb chore: set js language for bug report issue config block (#19439) (Josh Goldberg ✨)
  • f67d5e8 docs: Update README (GitHub Actions Bot)
  • 75afc61 docs: Update README (GitHub Actions Bot)
  • 5fd211d test: processors can return subpaths (#19425) (Milos Djermanovic)
  • 0636cab docs: Update Eleventy from v2 to v3 (#19415) (Amaresh S M)
  • 5c5b802 feat: Add --ext CLI option (#19405) (Milos Djermanovic)
  • dd7d930 docs: Update README (GitHub Actions Bot)
Commits

Updates eslint-config-prettier from 10.0.1 to 10.1.1

Release notes

Sourced from eslint-config-prettier's releases.

v10.1.1

Patch Changes

  • #309 eb56a5e Thanks @​JounQin! - fix: separate the /flat entry for compatibility

    For flat config users, the previous "eslint-config-prettier" entry still works, but "eslint-config-prettier/flat" adds a new name property for config-inspector, we just can't add it for the default entry for compatibility.

    See also prettier/eslint-config-prettier#308

    // before
import eslintConfigPrettier from "eslint-config-prettier";
// after
import eslintConfigPrettier from "eslint-config-prettier/flat";

v10.1.0

Minor Changes

v10.0.3

Patch Changes

New Contributors

Full Changelog: prettier/eslint-config-prettier@v10.0.2...v10.0.3

v10.0.2

Patch Changes

Changelog

Sourced from eslint-config-prettier's changelog.

10.1.1

Patch Changes

  • #309 eb56a5e Thanks @​JounQin! - fix: separate the /flat entry for compatibility

    For flat config users, the previous "eslint-config-prettier" entry still works, but "eslint-config-prettier/flat" adds a new name property for config-inspector, we just can't add it for the default entry for compatibility.

    See also prettier/eslint-config-prettier#308

    // before
import eslintConfigPrettier from "eslint-config-prettier";
// after
import eslintConfigPrettier from "eslint-config-prettier/flat";

10.1.0

Minor Changes

10.0.3

Patch Changes

10.0.2

Patch Changes

10.0.0

Major Changes

Versions before 10.0.0

Version 9.1.0 (2023-12-02)

  • Added: [unicorn/template-indent], (as a [special rule][unicorn/template-indent-special]). Thanks to Gürgün Dayıoğlu (@​gurgunday)!
  • Changed: All the [formatting rules that were deprecated in ESLint 8.53.0][deprecated-8.53.0] are now excluded if you set the ESLINT_CONFIG_PRETTIER_NO_DEPRECATED environment variable.

... (truncated)

Commits

Updates typescript from 5.7.3 to 5.8.2

Release notes

Sourced from typescript's releases.

TypeScript 5.8

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8 RC

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8 Beta

For release notes, check out the release announcement.

Downloads are available on:

Commits
  • beb69e4 Bump version to 5.8.2 and LKG
  • 8fdbd54 🤖 Pick PR #61210 (Fix mistakenly disallowed default e...) into release-5.8 (#...
  • f4a3a8a 🤖 Pick PR #61175 (Ban import=require and export= unde...) into release-5.8 (#...
  • 420ff06 Bump version to 5.8.1-rc and LKG
  • 48eb13f Update LKG
  • fb59c19 Merge remote-tracking branch 'origin/main' into release-5.8
  • df342b7 Fixed rewriteRelativeImportExtensions...

    Description has been truncated

@dependabot
build(deps-dev): bump the development-dependencies group across 1 dir…
82e3284 
…ectory with 8 updates

Bumps the development-dependencies group with 8 updates in the /mc directory:

| Package | From | To |
| --- | --- | --- |
| [@cloudflare/workers-types](https://github.com/cloudflare/workerd) | `4.20250214.0` | `4.20250310.0` |
| [@stylistic/eslint-plugin-ts](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin-ts) | `3.1.0` | `4.2.0` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.24.1` | `8.26.1` |
| [esbuild](https://github.com/evanw/esbuild) | `0.25.0` | `0.25.1` |
| [eslint](https://github.com/eslint/eslint) | `9.20.1` | `9.22.0` |
| [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) | `10.0.1` | `10.1.1` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.7.3` | `5.8.2` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `3.0.5` | `3.0.8` |



Updates `@cloudflare/workers-types` from 4.20250214.0 to 4.20250310.0
- [Release notes](https://github.com/cloudflare/workerd/releases)
- [Changelog](https://github.com/cloudflare/workerd/blob/main/Dockerfile.release)
- [Commits](https://github.com/cloudflare/workerd/commits)

Updates `@stylistic/eslint-plugin-ts` from 3.1.0 to 4.2.0
- [Release notes](https://github.com/eslint-stylistic/eslint-stylistic/releases)
- [Changelog](https://github.com/eslint-stylistic/eslint-stylistic/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint-stylistic/eslint-stylistic/commits/v4.2.0/packages/eslint-plugin-ts)

Updates `@typescript-eslint/eslint-plugin` from 8.24.1 to 8.26.1
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.26.1/packages/eslint-plugin)

Updates `esbuild` from 0.25.0 to 0.25.1
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.25.0...v0.25.1)

Updates `eslint` from 9.20.1 to 9.22.0
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v9.20.1...v9.22.0)

Updates `eslint-config-prettier` from 10.0.1 to 10.1.1
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-config-prettier@v10.0.1...v10.1.1)

Updates `typescript` from 5.7.3 to 5.8.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.7.3...v5.8.2)

Updates `vitest` from 3.0.5 to 3.0.8
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.0.8/packages/vitest)

---
updated-dependencies:
- dependency-name: "@cloudflare/workers-types"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: "@stylistic/eslint-plugin-ts"
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: esbuild
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: eslint-config-prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: vitest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 10, 2025
@socket-security Socket Security
Copy link

New and updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@cloudflare/[email protected]4.20250310.0 None 0 0 B
npm/@stylistic/[email protected]4.2.0 Transitive: environment, filesystem +31 2.58 MB eslint-stylistic-bot
npm/@typescript-eslint/[email protected]8.26.1 Transitive: environment, filesystem +43 5.85 MB
npm/[email protected], 0.25.00.25.1 None +25 257 MB esbuild, evanw
npm/[email protected]10.1.1 None 0 58.4 kB jounqin, lydell, thorn0
npm/[email protected]9.22.0 Transitive: environment, eval, filesystem, shell, unsafe +84 6.63 MB
npm/[email protected]5.8.2 None 0 22.9 MB typescript-bot
npm/[email protected]3.0.8 Transitive: environment, filesystem, shell, unsafe +60 57.8 MB antfu, oreanno, patak, ...1 more

View full report↗︎

@socket-security Socket Security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
Unpopular package npm/@eslint/[email protected] 🚫

View full report↗︎

Next steps

What are unpopular packages?

This package is not very popular.

Unpopular packages may have less maintenance and contain other problems.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants