Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #911

Closed
wants to merge 1 commit into from
Closed

chore(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates #911

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 9, 2024
edited
Loading

Bumps the dev-dependencies group with 8 updates in the / directory:

Package From To
@docusaurus/module-type-aliases 3.5.2 3.6.3
@types/prismjs 1.26.4 1.26.5
@typescript-eslint/eslint-plugin 8.4.0 8.17.0
@typescript-eslint/parser 8.4.0 8.17.0
eslint-plugin-react 7.35.1 7.37.2
husky 9.1.5 9.1.7
prettier 3.3.3 3.4.2
typescript 5.5.4 5.7.2

Updates @docusaurus/module-type-aliases from 3.5.2 to 3.6.3

Release notes

Sourced from @​docusaurus/module-type-aliases's releases.

3.6.3 (2024-11-22)

🐛 Bug Fix

3.6.2 (2024-11-19)

🐛 Bug Fix

  • docusaurus-module-type-aliases
    • #10693 fix(types): add missing ambiant TS declarations for .md / .mdx partials (@​slorber)
  • docusaurus-theme-translations
  • docusaurus
    • #10685 fix(cli): docusaurus --help should print plugin commands using extendCli() (@​slorber)
  • docusaurus-bundler
    • #10680 fix(bundler): allow CSS nesting by default, restore postcss-preset-env (@​slorber)
  • create-docusaurus
  • docusaurus-bundler, docusaurus-faster, docusaurus
    • #10648 fix(faster): Upgrade to Rspack 1.1.1, fix build progress bar display (@​slorber)

🔧 Maintenance

  • #10691 chore(ci): retry yarn install to ignore temporary network errors (@​slorber)

Committers: 5

3.6.1 (2024-11-08)

🐛 Bug Fix

  • docusaurus
  • docusaurus-bundler, docusaurus-faster, docusaurus-utils-common, docusaurus-utils

💅 Polish

  • docusaurus-bundler, docusaurus-types, docusaurus

... (truncated)

Changelog

Sourced from @​docusaurus/module-type-aliases's changelog.

3.6.3 (2024-11-22)

🐛 Bug Fix

Committers: 1

3.6.2 (2024-11-19)

🐛 Bug Fix

  • docusaurus-module-type-aliases
    • #10693 fix(types): add missing ambiant TS declarations for .md / .mdx partials (@​slorber)
  • docusaurus-theme-translations
  • docusaurus
    • #10685 fix(cli): docusaurus --help should print plugin commands using extendCli() (@​slorber)
  • docusaurus-bundler
    • #10680 fix(bundler): allow CSS nesting by default, restore postcss-preset-env (@​slorber)
  • create-docusaurus
  • docusaurus-bundler, docusaurus-faster, docusaurus
    • #10648 fix(faster): Upgrade to Rspack 1.1.1, fix build progress bar display (@​slorber)

🔧 Maintenance

  • #10691 chore(ci): retry yarn install to ignore temporary network errors (@​slorber)

Committers: 5

3.6.1 (2024-11-08)

🐛 Bug Fix

  • docusaurus
  • docusaurus-bundler, docusaurus-faster, docusaurus-utils-common, docusaurus-utils

💅 Polish

... (truncated)

Commits

Updates @types/prismjs from 1.26.4 to 1.26.5

Commits

Updates @typescript-eslint/eslint-plugin from 8.4.0 to 8.17.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.17.0

8.17.0 (2024-12-02)

🚀 Features

  • eslint-plugin: [prefer-promise-reject-errors] options to allow any and unknown (#10392)
  • typescript-estree: add package version to ts version warning (#10343)

🩹 Fixes

  • eslint-plugin: [no-unnecessary-template-expressions] allow template expressions used to make trailing whitespace visible (#10363)
  • eslint-plugin: remove references to "extendDefaults" in no-restricted-types (#10401)
  • eslint-plugin: [promise-function-async] handle function overloading (#10304)
  • website: press the Report an Issue button makes error if eslintrc does not include rules (#10367)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.16.0

8.16.0 (2024-11-25)

🚀 Features

  • support TypeScript 5.7 (#10372)
  • eslint-plugin: [max-params] add function overload and function type support (#10312)
  • eslint-plugin: [no-base-to-string] check Array.prototype.join (#10287)

🩹 Fixes

  • typescript-estree: update conditions for unsupported version warning (#10385)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.15.0

8.15.0 (2024-11-18)

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.17.0 (2024-12-02)

🚀 Features

  • eslint-plugin: [prefer-promise-reject-errors] options to allow any and unknown (#10392)

🩹 Fixes

  • eslint-plugin: [promise-function-async] handle function overloading (#10304)
  • eslint-plugin: remove references to "extendDefaults" in no-restricted-types (#10401)
  • eslint-plugin: [no-unnecessary-template-expressions] allow template expressions used to make trailing whitespace visible (#10363)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.16.0 (2024-11-25)

🚀 Features

  • eslint-plugin: [no-base-to-string] check Array.prototype.join (#10287)
  • eslint-plugin: [max-params] add function overload and function type support (#10312)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.15.0 (2024-11-18)

🚀 Features

  • eslint-plugin: [prefer-nullish-coalescing] fix detection of ignoreConditionalTests involving boolean ! operator (#10299)
  • eslint-plugin: new rule no-unsafe-type-assertion (#10051)
  • eslint-plugin: added related-getter-setter-pairs rule (#10192)

🩹 Fixes

  • utils: add defaultOptions to meta in rule (#10339)
  • eslint-plugin: report deprecations used in default export (#10330)
  • eslint-plugin: [explicit-module-boundary-types] and [explicit-function-return-type] don't report on as const satisfies (#10315)
  • eslint-plugin: [await-thenable, return-await] don't flag awaiting unconstrained type parameter as unnecessary (#10314)
  • eslint-plugin: [consistent-indexed-object-style] handle circular mapped types (#10301)

... (truncated)

Commits
  • 2c8a75e chore(release): publish 8.17.0
  • 670df27 feat(eslint-plugin): [prefer-promise-reject-errors] options to allow any and ...
  • 68311ee fix(eslint-plugin): [promise-function-async] handle function overloading (#10...
  • 9dbb4f9 fix(eslint-plugin): remove references to "extendDefaults" in no-restricted-ty...
  • fcd6cf0 fix(eslint-plugin): [no-unnecessary-template-expressions] allow template expr...
  • f74a8fa chore(release): publish 8.16.0
  • 2e2433b feat(eslint-plugin): [no-base-to-string] check Array.prototype.join (#10287)
  • 88e4c66 docs(eslint-plugin): add missing > in array-type.mdx (#10371)
  • 71243db chore: correct lint errors in CI (#10370)
  • cdbc669 feat(eslint-plugin): [max-params] add function overload and function type sup...
  • Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.4.0 to 8.17.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.17.0

8.17.0 (2024-12-02)

🚀 Features

  • eslint-plugin: [prefer-promise-reject-errors] options to allow any and unknown (#10392)
  • typescript-estree: add package version to ts version warning (#10343)

🩹 Fixes

  • eslint-plugin: [no-unnecessary-template-expressions] allow template expressions used to make trailing whitespace visible (#10363)
  • eslint-plugin: remove references to "extendDefaults" in no-restricted-types (#10401)
  • eslint-plugin: [promise-function-async] handle function overloading (#10304)
  • website: press the Report an Issue button makes error if eslintrc does not include rules (#10367)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.16.0

8.16.0 (2024-11-25)

🚀 Features

  • support TypeScript 5.7 (#10372)
  • eslint-plugin: [max-params] add function overload and function type support (#10312)
  • eslint-plugin: [no-base-to-string] check Array.prototype.join (#10287)

🩹 Fixes

  • typescript-estree: update conditions for unsupported version warning (#10385)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.15.0

8.15.0 (2024-11-18)

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.17.0 (2024-12-02)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.16.0 (2024-11-25)

🚀 Features

  • support TypeScript 5.7 (#10372)

❤️ Thank You

  • Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

8.15.0 (2024-11-18)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.14.0 (2024-11-11)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.13.0 (2024-11-04)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.12.2 (2024-10-29)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.12.1 (2024-10-28)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.12.0 (2024-10-28)

... (truncated)

Commits
  • 2c8a75e chore(release): publish 8.17.0
  • f74a8fa chore(release): publish 8.16.0
  • fe6b47f feat: support TypeScript 5.7 (#10372)
  • 2444351 chore(release): publish 8.15.0
  • e022eb0 docs: update license file to explicitly use bsd-2 clause license (#10291)
  • 16fba0a chore(release): publish 8.14.0
  • ac1f632 chore(release): publish 8.13.0
  • 4af866a chore(release): publish 8.12.2
  • 1edec1d chore(release): publish 8.12.1
  • 3413a2d chore(release): publish 8.12.0
  • Additional commits viewable in compare view

Updates eslint-plugin-react from 7.35.1 to 7.37.2

Release notes

Sourced from eslint-plugin-react's releases.

v7.37.2

Fixed

  • [destructuring-assignment]: fix false negative when using typeof props.a (#3835[] @​golopot)

Changed

  • [Refactor] [destructuring-assignment]: use getParentStatelessComponent (#3835[] @​golopot)

#3835: jsx-eslint/eslint-plugin-react#3835 [destructuring-assignment]: docs/rules/destructuring-assignment.md

v7.37.1

Fixed

Changed

#3834: jsx-eslint/eslint-plugin-react#3834 #3836: jsx-eslint/eslint-plugin-react#3836

v7.37.0

Added

Changed

#3805: jsx-eslint/eslint-plugin-react#3805 #3824: jsx-eslint/eslint-plugin-react#3824 #3826: jsx-eslint/eslint-plugin-react#3826 #3830: jsx-eslint/eslint-plugin-react#3830 #3831: jsx-eslint/eslint-plugin-react#3831 [forbid-component-props]: docs/rules/forbid-component-props.md [no-unescaped-entities]: docs/rules/no-unescaped-entities.md [no-unstable-nested-components]: docs/rules/no-unstable-nested-components.md

v7.36.1

Fixed

#3823: jsx-eslint/eslint-plugin-react#3823 #3821: jsx-eslint/eslint-plugin-react#3821

... (truncated)

Changelog

Sourced from eslint-plugin-react's changelog.

7.37.2 - 2024.10.22

Fixed

  • [destructuring-assignment]: fix false negative when using typeof props.a (#3835[] @​golopot)

Changed

  • [Refactor] [destructuring-assignment]: use getParentStatelessComponent (#3835[] @​golopot)

#3835: jsx-eslint/eslint-plugin-react#3835

7.37.1 - 2024.10.01

Fixed

Changed

#3836: jsx-eslint/eslint-plugin-react#3836 #3834: jsx-eslint/eslint-plugin-react#3834

7.37.0 - 2024.09.26

Added

Changed

#3831: jsx-eslint/eslint-plugin-react#3831 #3830: jsx-eslint/eslint-plugin-react#3830 #3826: jsx-eslint/eslint-plugin-react#3826 #3824: jsx-eslint/eslint-plugin-react#3824 #3805: jsx-eslint/eslint-plugin-react#3805

7.36.1 - 2024.09.12

Fixed

#3823: jsx-eslint/eslint-plugin-react#3823 #3821: jsx-eslint/eslint-plugin-react#3821

... (truncated)

Commits
  • 256cf74 Update CHANGELOG and bump version
  • 33db656 [Deps] update es-iterator-helpers
  • 5696f99 [Dev Deps] update @babel/core, @babel/eslint-parser, `@babel/plugin-synta...
  • 5c23573 [Dev Deps] update @babel/core, @​babel/eslint-parser, @​babel/plugin-syntax...
  • c47fa56 [types] [Fix] ensure the index types are generated
  • 63aceff [Fix] destructuring-assignment: fix false negative when using typeof props.a
  • 96d46d5 [Refactor] destructuring-assignment: use getParentStatelessComponent
  • ae6fb8d Update CHANGELOG and bump version
  • 63e0b49 [meta] do not npmignore d.ts files
  • 1f95a24 [readme] Fix shared settings link
  • Additional commits viewable in compare view

Updates husky from 9.1.5 to 9.1.7

Release notes

Sourced from husky's releases.

v9.1.7

What's Changed

New Contributors

Full Changelog: typicode/husky@v9.1.6...v9.1.7

v9.1.6

What's Changed

New Contributors

Full Changelog: typicode/husky@v9.1.5...v9.1.6

Commits

Updates prettier from 3.3.3 to 3.4.2

Release notes

Sourced from prettier's releases.

3.4.2

🔗 Changelog

3.4.1

🔗 Changelog

3.4.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.4.2

diff

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @​tats-u)

Prettier doesn't treat U+30A0 & U+30FB as Japanese. U+30FB is commonly used in Japanese to represent the delimitation of first and last names of non-Japanese people or “and”. The following “C言語・C++・Go・Rust” means “C language & C++ & Go & Rust” in Japanese.

<!-- Input (--prose-wrap=never) -->
C言
語
・
C++
・
Go
・
Rust
<!-- Prettier 3.4.1 -->
C言語・ C++ ・ Go ・ Rust
<!-- Prettier 3.4.2 -->
C言語・C++・Go・Rust

U+30A0 can be used as the replacement of the - in non-Japanese names (e.g. “Saint-Saëns” (Charles Camille Saint-Saëns) can be represented as “サン゠サーンス” in Japanese), but substituted by ASCII hyphen (U+002D) or U+FF1D (full width hyphen) in many cases (e.g. “サン=サーンス” or “サン=サーンス”).

Fix comments print on class methods with decorators (#16891 by @​fisker)

// Input
class A {
  @decorator
  /** 
   * The method description
   *
  */
  async method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}
// Prettier 3.4.1
class A {
@​decorator
async /**
</tr></table>

... (truncated)

Commits

Updates typescript from 5.5.4 to 5.7.2

Release notes

Sourced from typescript's releases.

TypeScript 5.7

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

... (truncated)

Commits
  • d701d90 Bump version to 5.7.2 and LKG
  • 0503a63 🤖 Pick PR #60450 (Move to file: fix detection of refe...) into release-5.7 (#...
  • 3140dbb 🤖 Pick PR #60488 (Stub out copilotRelated command) into release-5.7 (#60495)
  • c1216de Update LKG
  • 3ee2b95 🤖 Pick PR #60415 (Fix false positive rewriteRelativeI...) into release-5.7 (#...
  • 44bd3f2 Bump version to 5.7.1-rc and LKG
  • 5925c81 Update LKG
  • 84d58cf Merge remote-tracking branch 'origin/main' into release-5.7
  • 0ec4d30 Fixing exception on unsaved file (#60362)
  • 11b2930 Add compatible overloads that accept ArrayBuffer to BigInt64Array/BigUint64Ar...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps-dev): bump the dev-dependencies group across 1 directory w…
8bea776 
…ith 8 updates

Bumps the dev-dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@docusaurus/module-type-aliases](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-module-type-aliases) | `3.5.2` | `3.6.3` |
| [@types/prismjs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/prismjs) | `1.26.4` | `1.26.5` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.4.0` | `8.17.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.4.0` | `8.17.0` |
| [eslint-plugin-react](https://github.com/jsx-eslint/eslint-plugin-react) | `7.35.1` | `7.37.2` |
| [husky](https://github.com/typicode/husky) | `9.1.5` | `9.1.7` |
| [prettier](https://github.com/prettier/prettier) | `3.3.3` | `3.4.2` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.5.4` | `5.7.2` |



Updates `@docusaurus/module-type-aliases` from 3.5.2 to 3.6.3
- [Release notes](https://github.com/facebook/docusaurus/releases)
- [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/docusaurus/commits/v3.6.3/packages/docusaurus-module-type-aliases)

Updates `@types/prismjs` from 1.26.4 to 1.26.5
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/prismjs)

Updates `@typescript-eslint/eslint-plugin` from 8.4.0 to 8.17.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.17.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.4.0 to 8.17.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.17.0/packages/parser)

Updates `eslint-plugin-react` from 7.35.1 to 7.37.2
- [Release notes](https://github.com/jsx-eslint/eslint-plugin-react/releases)
- [Changelog](https://github.com/jsx-eslint/eslint-plugin-react/blob/master/CHANGELOG.md)
- [Commits](jsx-eslint/eslint-plugin-react@v7.35.1...v7.37.2)

Updates `husky` from 9.1.5 to 9.1.7
- [Release notes](https://github.com/typicode/husky/releases)
- [Commits](typicode/husky@v9.1.5...v9.1.7)

Updates `prettier` from 3.3.3 to 3.4.2
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.3.3...3.4.2)

Updates `typescript` from 5.5.4 to 5.7.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.5.4...v5.7.2)

---
updated-dependencies:
- dependency-name: "@docusaurus/module-type-aliases"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@types/prismjs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: eslint-plugin-react
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: husky
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested review from a team as code owners December 9, 2024 11:18
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 9, 2024
@stacklok-cloud Stacklok Cloud
Copy link
Contributor

stacklok-cloud bot commented Dec 9, 2024

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of 8bea776c:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0

@stacklok-cloud Stacklok Cloud
Copy link
Contributor

stacklok-cloud bot commented Dec 9, 2024

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: @docusaurus/module-type-aliases

Trusty Score: 0

Scoring details
Component Score
Package activity 9.1
Repository activity 9.3
User activity 8.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 1792
Number of git tags or releases 175
Versions matched to tags or releases 72

📦 Dependency: @docusaurus/types

Trusty Score: 0

Scoring details
Component Score
Package activity 9.1
Repository activity 9.3
User activity 8.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 1820
Number of git tags or releases 175
Versions matched to tags or releases 92
Alternatives
Package Score Description
@docusaurus/core 0

📦 Dependency: @types/prismjs

Trusty Score: 0

Scoring details
Component Score
Package activity 9.4
Repository activity 10
User activity 8.9
Provenance unknown

📦 Dependency: @typescript-eslint/eslint-plugin

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3874
Number of git tags or releases 168
Versions matched to tags or releases 158
Alternatives
Package Score Description
@typescript-eslint/parser 0
@typescript-eslint/eslint-plugin-tslint 0

📦 Dependency: @typescript-eslint/parser

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3957
Number of git tags or releases 168
Versions matched to tags or releases 158
Alternatives
Package Score Description
@babel/eslint-parser 0

📦 Dependency: @typescript-eslint/scope-manager

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3196
Number of git tags or releases 168
Versions matched to tags or releases 159
Alternatives
Package Score Description
eslint-plugin-react 0
typescript 0
@typescript-eslint/parser 0
@typescript-eslint/eslint-plugin 0

📦 Dependency: @typescript-eslint/type-utils

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 2265
Number of git tags or releases 168
Versions matched to tags or releases 158
Alternatives
Package Score Description
@typescript-eslint/typescript-estree 0

📦 Dependency: @typescript-eslint/types

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3228
Number of git tags or releases 168
Versions matched to tags or releases 159
Alternatives
Package Score Description
@typescript-eslint/parser 0

📦 Dependency: @typescript-eslint/typescript-estree

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3963
Number of git tags or releases 168
Versions matched to tags or releases 159
Alternatives
Package Score Description
@typescript-eslint/parser 0
@babel/parser 0
@typescript-eslint/eslint-plugin 0

📦 Dependency: @typescript-eslint/utils

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 2247
Number of git tags or releases 168
Versions matched to tags or releases 158
Alternatives
Package Score Description
@typescript-eslint/parser 0
@typescript-eslint/eslint-plugin 0

📦 Dependency: @typescript-eslint/visitor-keys

Trusty Score: 0

Scoring details
Component Score
Package activity 8.4
Repository activity 8.2
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3228
Number of git tags or releases 168
Versions matched to tags or releases 158
Alternatives
Package Score Description
@babel/eslint-parser 0
typescript-eslint 0
eslint-plugin-import 0
eslint 0
eslint-config-airbnb 0

📦 Dependency: call-bind

Trusty Score: 0

Scoring details
Component Score
Package activity 4.6
Repository activity 1.9
User activity 7.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 9
Number of git tags or releases 9
Versions matched to tags or releases 9
Alternatives
Package Score Description
axios 0
superagent 0
node-fetch 0
got 0

📦 Dependency: call-bind-apply-helpers

Trusty Score: 0

Alternatives
Package Score Description
function-bind 0

📦 Dependency: dependencies

Trusty Score: 0

Alternatives
Package Score Description
depcheck 0
auto-install 0

📦 Dependency: dunder-proto

Trusty Score: 0

Scoring details
Component Score
Package activity 4.1
Repository activity 0.8
User activity 7.5
Provenance unknown
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 1
Number of git tags or releases 1
Versions matched to tags or releases 1
Alternatives
Package Score Description
set-prototype-of 0

📦 Dependency: es-abstract

Trusty Score: 0

Scoring details
Component Score
Package activity 5.9
Repository activity 3.4
User activity 8.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 86
Number of git tags or releases 90
Versions matched to tags or releases 85
Alternatives
Package Score Description
es5-shim 0
es6-shim 0
es6-iterator 0

📦 Dependency: es-iterator-helpers

Trusty Score: 0

Scoring details
Component Score
Package activity 4.7
Repository activity 1.8
User activity 7.6
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 22
Number of git tags or releases 22
Versions matched to tags or releases 22
Alternatives
Package Score Description
lodash 0
ramda 0
underscore 0
lazy.js 0

📦 Dependency: eslint-plugin-react

Trusty Score: 0

Scoring details
Component Score
Package activity 8.2
Repository activity 7.9
User activity 8.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 213
Number of git tags or releases 113
Versions matched to tags or releases 66
Alternatives
Package Score Description
eslint-plugin-react-hooks 0
eslint-config-airbnb 0
eslint-plugin-react-native 0

📦 Dependency: eslint-visitor-keys

Trusty Score: 0

Scoring details
Component Score
Package activity 7.2
Repository activity 5.4
User activity 9
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 18
Number of git tags or releases 108
Versions matched to tags or releases 2

This package has been digitally signed using sigtore.
Source repository https://github.com/eslint/js
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/release-please.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=144865437
Alternatives
Package Score Description
eslint-plugin-import 0
eslint-plugin-react 0

📦 Dependency: husky

Trusty Score: 0

Scoring details
Component Score
Package activity 8.3
Repository activity 7.3
User activity 9.3
Provenance verified_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 228
Number of git tags or releases 120
Versions matched to tags or releases 114

This package has been digitally signed using sigtore.
Source repository https://github.com/typicode/husky
Cerificate Issuer CN=sigstore-intermediate,O=sigstore.dev
GitHub action workflow .github/workflows/npm_publish.yml
Rekor (public ledger) entry https://search.sigstore.dev/?logIndex=149537746
Alternatives
Package Score Description
lint-staged 0
pre-commit 0
git-hooks 0

📦 Dependency: is-finalizationregistry

Trusty Score: 0

Scoring details
Component Score
Package activity 4.3
Repository activity 1.3
User activity 7.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 4
Number of git tags or releases 4
Versions matched to tags or releases 4

📦 Dependency: iterator.prototype

Trusty Score: 0

Scoring details
Component Score
Package activity 4.1
Repository activity 0.9
User activity 7.3
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 6
Number of git tags or releases 5
Versions matched to tags or releases 5
Alternatives
Package Score Description
iterall 0
itertools 0
iterare 0

📦 Dependency: object-inspect

Trusty Score: 0

Scoring details
Component Score
Package activity 6
Repository activity 3.4
User activity 8.7
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 38
Number of git tags or releases 37
Versions matched to tags or releases 25
Alternatives
Package Score Description
inspectpack 0

📦 Dependency: prettier

Trusty Score: 0

Scoring details
Component Score
Package activity 9.1
Repository activity 9.4
User activity 8.8
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 168
Number of git tags or releases 124
Versions matched to tags or releases 101
Alternatives
Package Score Description
eslint-plugin-prettier 0

📦 Dependency: reflect.getprototypeof

Trusty Score: 0

Alternatives
Package Score Description
core-js 0
es5-shim 0

📦 Dependency: regexp.prototype.flags

Trusty Score: 0

Scoring details
Component Score
Package activity 5.2
Repository activity 2.1
User activity 8.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 16
Number of git tags or releases 15
Versions matched to tags or releases 15
Alternatives
Package Score Description
regexpu 0

📦 Dependency: typescript

Trusty Score: 0

Scoring details
Component Score
Package activity 9.9
Repository activity 10
User activity 9.9
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 3260
Number of git tags or releases 234
Versions matched to tags or releases 73
Alternatives
Package Score Description
ts-node 0
tslib 0
ts-loader 0
tsc 0

📦 Dependency: which-builtin-type

Trusty Score: 0

Scoring details
Component Score
Package activity 4.4
Repository activity 1.4
User activity 7.4
Provenance historical_provenance_match
Proof of Origin (Provenance)

This package can be linked back to its source code using a historical provenance map.

We were able to correlate a significant number of git tags and tagged releases in this package’s source code to versions of the published package. This mapping creates a strong link from the package back to its source code repository, verifying proof of origin.
Published package versions 8
Number of git tags or releases 8
Versions matched to tags or releases 8
Alternatives
Package Score Description
string 0
array 0

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 12, 2024

Superseded by #915.

@dependabot dependabot bot closed this Dec 12, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/dev-dependencies-fb330fb001 branch December 12, 2024 13:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants