Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm-development group across 1 directory with 8 updates #23

Closed
wants to merge 1 commit into from
Closed

Bump the npm-development group across 1 directory with 8 updates #23

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 23, 2024
edited
Loading

Bumps the npm-development group with 8 updates in the / directory:

Package From To
@types/jest 29.5.12 29.5.13
@vercel/ncc 0.38.1 0.38.2
eslint-plugin-github 5.0.1 5.0.2
eslint-plugin-jest 28.6.0 28.8.3
jose 5.6.3 5.9.3
nock 13.5.4 13.5.5
ts-jest 29.2.3 29.2.5
typescript 5.5.4 5.6.2

Updates @types/jest from 29.5.12 to 29.5.13

Commits

Updates @vercel/ncc from 0.38.1 to 0.38.2

Release notes

Sourced from @​vercel/ncc's releases.

0.38.2

0.38.2 (2024-09-23)

Bug Fixes

Huge thanks to @​theoludwig 🎉

Commits
  • 158a1fd fix(deps): update webpack to v5.94.0, terser to v5.33.0 (#1213)
  • c1c9c65 chore(deps): Bump fast-xml-parser from 4.2.7 to 4.5.0 (#1219)
  • 6ef9a48 chore(deps-dev): Bump express from 4.18.2 to 4.20.0 (#1214)
  • 9e7451b ci: ignore failing test on macOS + run in band test-coverage (#1216)
  • b2a325d chore(ci): drop node@16 from ci (#1164)
  • 3c68358 chore(deps): Bump crypto-js from 4.1.1 to 4.2.0 (#1130)
  • a70188f chore(deps): Bump browserify-sign from 4.2.1 to 4.2.2 (#1131)
  • b4cc7c6 chore(deps): Bump actions/setup-node from 3 to 4 (#1133)
  • 5f5dda2 chore(deps): Bump @​babel/traverse from 7.13.13 to 7.23.2 (#1125)
  • See full diff in compare view

Updates eslint-plugin-github from 5.0.1 to 5.0.2

Release notes

Sourced from eslint-plugin-github's releases.

v5.0.2

What's Changed

Full Changelog: github/eslint-plugin-github@v5.0.1...v5.0.2

Commits
  • d6f656d Merge pull request #551 from github/dependabot/npm_and_yarn/all-dependencies-...
  • df2c60a chore(deps): bump the all-dependencies group across 1 directory with 4 updates
  • 0f0979c chore(deps): bump the all-dependencies group with 3 updates (#545)
  • 0e294e5 Merge pull request #544 from github/dependabot/npm_and_yarn/all-dependencies-...
  • 17c6e39 chore(deps): bump the all-dependencies group with 3 updates
  • 86d5cb1 Merge pull request #543 from github/dependabot/npm_and_yarn/all-dependencies-...
  • 522309f chore(deps): bump the all-dependencies group across 1 directory with 3 updates
  • c3857ba Merge pull request #541 from github/dependabot/npm_and_yarn/all-dependencies-...
  • 8010f55 chore(deps): bump the all-dependencies group with 4 updates
  • 7772275 Merge pull request #540 from github/dependabot/npm_and_yarn/all-dependencies-...
  • Additional commits viewable in compare view

Updates eslint-plugin-jest from 28.6.0 to 28.8.3

Release notes

Sourced from eslint-plugin-jest's releases.

v28.8.3

28.8.3 (2024-09-04)

Bug Fixes

  • prefer-importing-jest-globals: don't add imports in the middle of statements (#1645) (9c4197c)

v28.8.2

28.8.2 (2024-09-02)

Performance Improvements

  • prefer-importing-jest-globals: stop collecting import specifiers for no reason (#1646) (0660242)

v28.8.1

28.8.1 (2024-08-29)

Bug Fixes

  • prefer-importing-jest-globals: support typescript-eslint parser (#1639) (307f6a7)

v28.8.0

28.8.0 (2024-08-07)

Features

  • import formatting rules from eslint-plugin-jest-formatting (#1563) (74078ee)

v28.7.0

28.7.0 (2024-08-03)

Features

  • allow [@typescript-eslint](https://github.com/typescript-eslint) v8 (#1636) (fb43171)
Changelog

Sourced from eslint-plugin-jest's changelog.

28.8.3 (2024-09-04)

Bug Fixes

  • prefer-importing-jest-globals: don't add imports in the middle of statements (#1645) (9c4197c)

28.8.2 (2024-09-02)

Performance Improvements

  • prefer-importing-jest-globals: stop collecting import specifiers for no reason (#1646) (0660242)

28.8.1 (2024-08-29)

Bug Fixes

  • prefer-importing-jest-globals: support typescript-eslint parser (#1639) (307f6a7)

28.8.0 (2024-08-07)

Features

  • import formatting rules from eslint-plugin-jest-formatting (#1563) (74078ee)

28.7.0 (2024-08-03)

Features

  • allow [@typescript-eslint](https://github.com/typescript-eslint) v8 (#1636) (fb43171)
Commits
  • 497a500 chore(release): 28.8.3 [skip ci]
  • 9c4197c fix(prefer-importing-jest-globals): don't add imports in the middle of statem...
  • 9adda0a chore(release): 28.8.2 [skip ci]
  • 0660242 perf(prefer-importing-jest-globals): stop collecting import specifiers for no...
  • a789420 chore(deps): lock file maintenance
  • 1df45e9 chore(release): 28.8.1 [skip ci]
  • 307f6a7 fix(prefer-importing-jest-globals): support typescript-eslint parser (#1639)
  • 267702d chore(deps): lock file maintenance
  • f969f92 chore(deps): lock file maintenance
  • f5f3e99 chore(deps): lock file maintenance
  • Additional commits viewable in compare view

Updates jose from 5.6.3 to 5.9.3

Release notes

Sourced from jose's releases.

v5.9.3

Refactor

  • use as Type for type assertions instead of (c4dc24d)

v5.9.2

Refactor

  • types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

  • types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

  • allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
  qi: "iYltkV_4PmQDfZfGFpzn2UtYEKyhy-9t3Vy8Mw2VHLAADKGwJvVK5ficQAr2atIF1-agXY2bd6KV-w52zR8rmZfTr0gobzYIyqHczOm13t7uXJv2WygY7QEC2OGjdxa2Fr9RnvS99ozMa5nomZBqTqT7z5QV33czjPRCjvg6FcE",
};
const jwt = await new jose.SignJWT({ "urn:example:claim": true })
.setProtectedHeader({ alg })
.setIssuedAt()
.setIssuer("urn:example:issuer")
.setAudience("urn:example:audience")
.setExpirationTime("2h")
.sign(jwk);
console.log(jwt);

Example Verification

... (truncated)

Changelog

Sourced from jose's changelog.

5.9.3 (2024-09-22)

Refactor

  • use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

  • types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

  • types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

Features

  • allow JWK objects as "key" input to sign and verify (c6302ea)

5.8.0 (2024-08-26)

Features

  • add subpath module exports (72ecff6)

Refactor

  • omit LocalJWKSet export since it's no longer needed for RemoteJWKSet (c502731)

5.7.0 (2024-08-19)

Features

  • graduate jwksCache to stable API (0f09c12)
Commits
  • 3696919 chore(release): 5.9.3
  • c4dc24d refactor: use as Type for type assertions instead of <Type>
  • e932007 test: update Firefox X25519 expectations
  • 6796396 chore: bump dev deps
  • df7e11c docs: update JSDoc to use more link syntax
  • c45319e docs: link to Algorithm Key Requirements from more places
  • 3f7b08d docs: update JWK docs
  • 708a010 chore: cleanup after release
  • a5e4cbc chore(release): 5.9.2
  • ccf0cda refactor(types): remove index signatures from JWK interfaces
  • Additional commits viewable in compare view

Updates nock from 13.5.4 to 13.5.5

Release notes

Sourced from nock's releases.

v13.5.5

13.5.5 (2024-08-20)

Bug Fixes

  • backport: memory leaks due to timer references outliving the timers (#2773) (#2773) (66eb7f4)
Commits
  • 66eb7f4 fix(backport): memory leaks due to timer references outliving the timers (#27...
  • e92cdfa chore(deps-dev): bump eslint-plugin-mocha from 10.4.1 to 10.5.0
  • 623c933 chore(deps-dev): bump typescript from 5.4.3 to 5.5.4
  • 2b7836d ci: exclude nodejs 10, 12 and 14 tests running on macos (#2753)
  • 565e99a chore(deps-dev): bump braces from 3.0.2 to 3.0.3 (#2752)
  • d013ed2 chore(deps-dev): bump typescript from 5.3.3 to 5.4.3
  • 7a4badb chore(deps-dev): bump semantic-release from 23.0.2 to 23.0.6
  • db0f76a chore(deps-dev): bump eslint-plugin-mocha from 10.2.0 to 10.4.1
  • e44812b chore(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2597)
  • 3659e82 chore(deps-dev): bump prettier from 3.2.4 to 3.2.5 (#2596)
  • Additional commits viewable in compare view

Updates ts-jest from 29.2.3 to 29.2.5

Release notes

Sourced from ts-jest's releases.

v29.2.5

Please refer to CHANGELOG.md for details.

v29.2.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.5 (2024-08-23)

Bug Fixes

  • build: build package with NodeNext module (9b3ade5)
  • fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset (d9ff362)
  • fix(compiler): fallback to NodeJS module resolution for ts 4.8 (b7d3409), closes #4499

29.2.4 (2024-08-01)

Bug Fixes

  • fix: revert support implementation for Node16/NodeNext (70b9530), closes #4468 #4473
Commits
  • 500a863 chore(release): 29.2.5
  • dce986e build(deps): Update dependency @​babel/preset-env to ^7.25.4
  • 48a28a6 build(deps): Update dependency vite to ^5.4.2
  • d9ff362 fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset
  • 00550ef test: add e2e test case for ESM features
  • 978169b build(deps): Update dependency @​types/node to v20.16.1
  • e9a643c build(deps): Update dependency @​types/node to v20.16.0
  • 535edab build(deps): Update dependency @​types/node to v20.15.0
  • 011a9d8 build(deps): Update dependency vite to ^5.4.1
  • 4eb8ccd build: update renovate bot
  • Additional commits viewable in compare view

Updates typescript from 5.5.4 to 5.6.2

Release notes

Sourced from typescript's releases.

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

Commits
  • a7e3374 Bump version to 5.6.2 and LKG
  • 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
  • 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
  • 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
  • 6212132 Update LKG
  • bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
  • e6914a5 Bump version to 5.6.1-rc and LKG
  • 34121c4 Update LKG
  • 2a30c2a Merge remote-tracking branch 'origin/main' into release-5.6
  • 936a79b Expose TypeChecker. getAwaitedType to public (#59268)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the npm-development group across 1 directory with 8 updates
9485c52 
Bumps the npm-development group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.12` | `29.5.13` |
| [@vercel/ncc](https://github.com/vercel/ncc) | `0.38.1` | `0.38.2` |
| [eslint-plugin-github](https://github.com/github/eslint-plugin-github) | `5.0.1` | `5.0.2` |
| [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `28.6.0` | `28.8.3` |
| [jose](https://github.com/panva/jose) | `5.6.3` | `5.9.3` |
| [nock](https://github.com/nock/nock) | `13.5.4` | `13.5.5` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.2.3` | `29.2.5` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.5.4` | `5.6.2` |



Updates `@types/jest` from 29.5.12 to 29.5.13
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Updates `@vercel/ncc` from 0.38.1 to 0.38.2
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](vercel/ncc@0.38.1...0.38.2)

Updates `eslint-plugin-github` from 5.0.1 to 5.0.2
- [Release notes](https://github.com/github/eslint-plugin-github/releases)
- [Commits](github/eslint-plugin-github@v5.0.1...v5.0.2)

Updates `eslint-plugin-jest` from 28.6.0 to 28.8.3
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](jest-community/eslint-plugin-jest@v28.6.0...v28.8.3)

Updates `jose` from 5.6.3 to 5.9.3
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v5.6.3...v5.9.3)

Updates `nock` from 13.5.4 to 13.5.5
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v13.5.4...v13.5.5)

Updates `ts-jest` from 29.2.3 to 29.2.5
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.2.3...v29.2.5)

Updates `typescript` from 5.5.4 to 5.6.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.5.4...v5.6.2)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint-plugin-github
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: jose
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: nock
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: ts-jest
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Sep 23, 2024
sourcery-ai[bot]
sourcery-ai bot reviewed Sep 23, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. Here's why:

  • It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!
  • We don't review packaging changes - Let us know if you'd like us to change this.

@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@types/[email protected] Transitive: environment, filesystem, unsafe +48 1.76 MB types
npm/@vercel/[email protected] filesystem, unsafe 0 16.6 MB chriswdmr, ijjk, matheuss, ...6 more
npm/[email protected] Transitive: environment, eval, filesystem, shell, unsafe +172 21.7 MB githubbot
npm/[email protected] filesystem Transitive: environment +38 4.44 MB aaronabramov, jeysal, jsonp, ...6 more
npm/[email protected] None 0 551 kB panva
npm/[email protected] environment, filesystem, network +4 260 kB nockbot
npm/[email protected] Transitive: environment, eval, filesystem, network, shell, unsafe +160 15.4 MB anhpnnd, kul, tsjest
npm/[email protected] None 0 22.4 MB typescript-bot

🚮 Removed packages: npm/@types/[email protected], npm/@vercel/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 30, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 30, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm-development-8fe924d539 branch September 30, 2024 23:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants