From 5e879d538361a4208da15270c4b5e2dcb2f36aeb Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Wed, 21 Aug 2024 16:38:55 -0700 Subject: [PATCH 01/27] Upgrade trunk to 1.22.4-beta.1 (#851) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Trunk](https://static.trunk.io/assets/trunk_action_upgrade_banner.png)](https://trunk.io) cli upgraded: 1.22.3-beta.33 → 1.22.4-beta.1 This PR was generated by the [Trunk Action]. For more info, see our [docs] or reach out on [Slack]. [Trunk Action]: https://github.com/trunk-io/trunk-action [docs]: https://docs.trunk.io [Slack]: https://slack.trunk.io/ Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> --- .trunk/trunk.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 09055eb7a..a71cd7081 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -2,7 +2,7 @@ version: 0.1 # version used for local trunk runs and testing cli: - version: 1.22.3-beta.33 + version: 1.22.4-beta.1 shell_hooks: enforce: true From 1d8745cb8953c8a3d380dd7add32220ca3b6e3e9 Mon Sep 17 00:00:00 2001 From: pat-trunk-io Date: Wed, 28 Aug 2024 23:09:53 -0700 Subject: [PATCH 02/27] (Feat): Add git submodule action (#856) Add hook to update submodule on git hooks --- actions/submodules/plugin.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 actions/submodules/plugin.yaml diff --git a/actions/submodules/plugin.yaml b/actions/submodules/plugin.yaml new file mode 100644 index 000000000..dcae26219 --- /dev/null +++ b/actions/submodules/plugin.yaml @@ -0,0 +1,10 @@ +version: 0.1 +actions: + definitions: + - id: submodule-init-update + display_name: Submodule Init Update + description: Git hook for updating submodules + run: git submodule update --init --recursive + triggers: + - git_hooks: [post-checkout, post-merge, pre-rebase] + notify_on_error: false From 7c99365dd941512d4689af309af106a127b7f6e8 Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Fri, 30 Aug 2024 19:55:16 +0000 Subject: [PATCH 03/27] Auto-add missing snapshots (#855) Create new snapshots from https://github.com/trunk-io/plugins/actions/runs/10629134024 --------- Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> Co-authored-by: Tyler Jang --- .trunk/trunk.yaml | 3 +- .../buildifier_v7.3.1_basic_check.check.shot | 135 +++ ...config.test_data.add_tables.BUILD.fmt.shot | 36 + ...3.1_no_config.test_data.basic.bzl.fmt.shot | 11 + ...config.test_data.add_tables.BUILD.fmt.shot | 36 + linters/osv-scanner/expected_issues.json | 969 ++++++++++-------- .../pyright_v1.1.378_basic.check.shot | 226 ++++ 7 files changed, 983 insertions(+), 433 deletions(-) create mode 100644 linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot create mode 100644 linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot create mode 100644 linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot create mode 100644 linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot create mode 100644 linters/pyright/test_data/pyright_v1.1.378_basic.check.shot diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index a71cd7081..547256f05 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -17,7 +17,7 @@ plugins: - id: configs uri: https://github.com/trunk-io/configs - ref: v1.0.7 + ref: v1.0.8 lint: files: @@ -46,7 +46,6 @@ lint: disabled: - pylint # pylint diagnostics are too strict - semgrep - - trivy # investigating issues with shared cachedir ignore: - linters: [ALL] diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot b/linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot new file mode 100644 index 000000000..51223c11c --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_basic_check.check.shot @@ -0,0 +1,135 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing linter buildifier test basic_check 1`] = ` +{ + "issues": [ + { + "code": "module-docstring", + "column": "1", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/bazelbuild/buildtools/blob/main/WARNINGS.md#module-docstring", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "The file has no module docstring. +A module docstring is a string literal (not a comment) which should be the first statement of a file (it may follow comment lines).", + "targetType": "starlark", + }, + { + "code": "load", + "column": "26", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/bazelbuild/buildtools/blob/main/WARNINGS.md#load", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "Loaded symbol "a" is unused. Please remove it. +To disable the warning, add '@unused' in a comment. +If you want to re-export a symbol, use the following pattern: + + load(..., _a = "a", ...) + a = _a", + "targetType": "starlark", + }, + { + "code": "load", + "column": "26", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/bazelbuild/buildtools/blob/main/WARNINGS.md#load", + "level": "LEVEL_HIGH", + "line": "2", + "linter": "buildifier", + "message": "Loaded symbol "b" is unused. Please remove it. +To disable the warning, add '@unused' in a comment. +If you want to re-export a symbol, use the following pattern: + + load(..., _b = "b", ...) + b = _b", + "targetType": "starlark", + }, + ], + "lintActions": [ + { + "command": "fix", + "fileGroupName": "bazel-build", + "linter": "buildifier", + "paths": [ + "test_data/add_tables.BUILD", + ], + "verb": "TRUNK_VERB_FMT", + }, + { + "command": "fix", + "fileGroupName": "starlark", + "linter": "buildifier", + "paths": [ + "test_data/basic.bzl", + ], + "verb": "TRUNK_VERB_FMT", + }, + { + "command": "warn", + "fileGroupName": "bazel-build", + "linter": "buildifier", + "paths": [ + "test_data/add_tables.BUILD", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "warn", + "fileGroupName": "starlark", + "linter": "buildifier", + "paths": [ + "test_data/basic.bzl", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "warn", + "fileGroupName": "bazel-build", + "linter": "buildifier", + "paths": [ + "test_data/add_tables.BUILD", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "warn", + "fileGroupName": "starlark", + "linter": "buildifier", + "paths": [ + "test_data/basic.bzl", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [ + { + "column": "1", + "file": "test_data/add_tables.BUILD", + "issueClass": "ISSUE_CLASS_UNFORMATTED", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "Incorrect formatting, autoformat by running 'trunk fmt'", + }, + { + "column": "1", + "file": "test_data/basic.bzl", + "issueClass": "ISSUE_CLASS_UNFORMATTED", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "buildifier", + "message": "Incorrect formatting, autoformat by running 'trunk fmt'", + }, + ], +} +`; diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot new file mode 100644 index 000000000..54e82961f --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.add_tables.BUILD.fmt.shot @@ -0,0 +1,36 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing formatter buildifier test no_config 1`] = ` +"foo_macro( + fizz = [ + ":lib2", + ":lib1", + ], +) + +filegroup( + name = "files", + srcs = glob(["**"]), +) + +sh_library( + name = "lib1", + srcs = ["src1.sh"], +) + +sh_library( + name = "lib2", + srcs = ["src1.sh"], +) + +sh_binary( + name = "foo", + srcs = ["foo.sh"], + deps = [ + ":lib1", + ":lib2", + ], +) +" +`; diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot new file mode 100644 index 000000000..0f9da3bb5 --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_no_config.test_data.basic.bzl.fmt.shot @@ -0,0 +1,11 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing formatter buildifier test no_config 1`] = ` +"# Misformatted file +def eponymous_name(): + name = native.package_name() + + return name[name.rfind("/") + 1:] +" +`; diff --git a/linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot b/linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot new file mode 100644 index 000000000..e4ce11ada --- /dev/null +++ b/linters/buildifier/test_data/buildifier_v7.3.1_with_config.test_data.add_tables.BUILD.fmt.shot @@ -0,0 +1,36 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing formatter buildifier test with_config 1`] = ` +"foo_macro( + fizz = [ + ":lib1", + ":lib2", + ], +) + +filegroup( + name = "files", + srcs = glob(["**"]), +) + +sh_library( + name = "lib1", + srcs = ["src1.sh"], +) + +sh_library( + name = "lib2", + srcs = ["src1.sh"], +) + +sh_binary( + name = "foo", + srcs = ["foo.sh"], + deps = [ + ":lib1", + ":lib2", + ], +) +" +`; diff --git a/linters/osv-scanner/expected_issues.json b/linters/osv-scanner/expected_issues.json index f62a00908..367c09831 100644 --- a/linters/osv-scanner/expected_issues.json +++ b/linters/osv-scanner/expected_issues.json @@ -54,17 +54,6 @@ "targetType": "lockfile", "isSecurity": true }, - { - "file": "test_data/Gemfile.lock", - "line": "16", - "message": "Active Support Possibly Discloses Locally Encrypted Files. Current version of 'activesupport' is vulnerable: 5.2.8.1. Patch available: upgrade to 6.1.7.5 or higher.", - "code": "GHSA-cr5q-6q9f-rq6q", - "level": "LEVEL_LOW", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-cr5q-6q9f-rq6q", - "targetType": "lockfile", - "isSecurity": true - }, { "file": "test_data/Gemfile.lock", "line": "16", @@ -87,6 +76,17 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/Gemfile.lock", + "line": "16", + "message": "Active Support Possibly Discloses Locally Encrypted Files. Current version of 'activesupport' is vulnerable: 5.2.8.1. Patch available: upgrade to 6.1.7.5 or higher.", + "code": "GHSA-cr5q-6q9f-rq6q", + "level": "LEVEL_LOW", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-cr5q-6q9f-rq6q", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/Gemfile.lock", "line": "34", @@ -131,6 +131,17 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/Gemfile.lock", + "line": "97", + "message": "'Nokogiri' updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459. Current version of 'nokogiri' is vulnerable: 1.14.1. Patch available: upgrade to 1.16.5 or higher.", + "code": "GHSA-r95h-9x8f-r3f7", + "level": "LEVEL_LOW", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-r95h-9x8f-r3f7", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/Gemfile.lock", "line": "97", @@ -221,41 +232,21 @@ }, { "file": "test_data/go.mod", - "message": "Improper handling of JavaScript whitespace in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24540", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24540", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "message": "Excessive resource consumption in mime/multipart. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41725", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41725", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "message": "Large RSA keys can cause high CPU usage in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-29409", + "message": "Comments in display names are incorrectly handled in net/mail. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24784", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-29409", + "issueUrl": "https://osv.dev/CVE-2024-24784", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Insufficient sanitization of Host header in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-29406", + "message": "Panic due to crafted inputs in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-39293", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-29406", + "issueUrl": "https://osv.dev/CVE-2021-39293", "targetType": "lockfile", "isSecurity": true }, @@ -281,221 +272,211 @@ }, { "file": "test_data/go.mod", - "message": "Improper handling of special tags within script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-39319", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-39319", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "message": "Denial of service via chunk extensions in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-39326", + "message": "Improper handling of JavaScript whitespace in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24540", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-39326", + "issueUrl": "https://osv.dev/CVE-2023-24540", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Insecure parsing of Windows paths with a \\??\\ prefix in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45283", + "message": "Improper sanitization of CSS values in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24539", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45283", + "issueUrl": "https://osv.dev/CVE-2023-24539", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect detection of reserved device names on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45284", + "message": "Backticks not treated as string delimiters in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24538", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45284", + "issueUrl": "https://osv.dev/CVE-2023-24538", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45287", + "message": "Stack exhaustion on crafted paths in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30632", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45287", + "issueUrl": "https://osv.dev/CVE-2022-30632", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45289", + "message": "Stack exhaustion when reading certain archives in compress/gzip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30631", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45289", + "issueUrl": "https://osv.dev/CVE-2022-30631", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Memory exhaustion in multipart form parsing in net/textproto and net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-45290", + "message": "Stack exhaustion in Glob on certain paths in io/fs. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30630", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-45290", + "issueUrl": "https://osv.dev/CVE-2022-30630", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Verify panics on certificates with an unknown public key algorithm in crypto/x509. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2024-24783", + "message": "Session tickets lack random ticket_age_add in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30629", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2024-24783", + "issueUrl": "https://osv.dev/CVE-2022-30629", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Comments in display names are incorrectly handled in net/mail. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2024-24784", + "message": "Empty Cmd.Path can trigger unintended binary in os/exec on Windows. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30580", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2024-24784", + "issueUrl": "https://osv.dev/CVE-2022-30580", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Errors returned from JSON marshaling may break template escaping in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2024-24785", + "message": "Path traversal via Clean on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-29804", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2024-24785", + "issueUrl": "https://osv.dev/CVE-2022-29804", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-4374-p667-p6c8", + "message": "Incorrect sanitization of forwarded query parameters in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-2880", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", + "issueUrl": "https://osv.dev/CVE-2022-2880", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-4v7x-pqxf-cx7m", + "message": "Unbounded memory consumption when reading headers in archive/tar. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-2879", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", + "issueUrl": "https://osv.dev/CVE-2022-2879", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Denial of service in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-69cg-p879-7622", + "message": "Panic due to large inputs affecting P-256 curves in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-28327", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", + "issueUrl": "https://osv.dev/CVE-2022-28327", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-h86h-8ppg-mxmh", + "message": "Stack exhaustion from deeply nested XML documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-28131", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", + "issueUrl": "https://osv.dev/CVE-2022-28131", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect privilege reporting in syscall and golang.org/x/sys/unix. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-p782-xgp4-8hr8", + "message": "Stack exhaustion when compiling deeply nested expressions in regexp. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-24921", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-p782-xgp4-8hr8", + "issueUrl": "https://osv.dev/CVE-2022-24921", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-vc3p-29h2-gpcp", + "message": "Stack overflow from a large amount of PEM data in encoding/pem. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-24675", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", + "issueUrl": "https://osv.dev/CVE-2022-24675", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-vvpx-j8f3-3w6h", + "message": "Incorrect computation for some invalid field elements in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-23806", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", + "issueUrl": "https://osv.dev/CVE-2022-23806", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "GHSA-xrjj-mj9h-534m", + "message": "Uncontrolled memory consumption in math/big. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-23772", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", + "issueUrl": "https://osv.dev/CVE-2022-23772", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect calculation on P256 curves in crypto/internal/nistec. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24532", + "message": "Stack exhaustion due to deeply nested types in go/parser. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-1962", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24532", + "issueUrl": "https://osv.dev/CVE-2022-1962", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic on large handshake records in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41724", + "message": "Improper sanitization of Transfer-Encoding headers in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-1705", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41724", + "issueUrl": "https://osv.dev/CVE-2022-1705", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper sanitization of CSS values in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24539", + "message": "Misdirected I/O in syscall. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-44717", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24539", + "issueUrl": "https://osv.dev/CVE-2021-44717", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Backticks not treated as string delimiters in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-24538", + "message": "Indefinite hang with large buffers on Windows in crypto/rand. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30634", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-24538", + "issueUrl": "https://osv.dev/CVE-2022-30634", "targetType": "lockfile", "isSecurity": true }, @@ -531,101 +512,121 @@ }, { "file": "test_data/go.mod", - "message": "Cross-site scripting in net/http/cgi and net/http/fcgi. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2020-24553", + "message": "Incorrect calculation on P256 curves in crypto/internal/nistec. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-24532", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2020-24553", + "issueUrl": "https://osv.dev/CVE-2023-24532", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Infinite loop when decoding inputs in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-27918", + "message": "Excessive resource consumption in mime/multipart. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41725", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-27918", + "issueUrl": "https://osv.dev/CVE-2022-41725", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect operations on the P-224 curve in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-3114", + "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-xrjj-mj9h-534m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-3114", + "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper sanitization when resolving values from DNS in net. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33195", + "message": "Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-vvpx-j8f3-3w6h", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33195", + "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic when reading certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33196", + "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-vc3p-29h2-gpcp", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33196", + "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Attacker can drop certain headers in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33197", + "message": "Incorrect privilege reporting in syscall and golang.org/x/sys/unix. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-p782-xgp4-8hr8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33197", + "issueUrl": "https://osv.dev/GHSA-p782-xgp4-8hr8", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic on inputs with large exponents in math/big. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-33198", + "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-h86h-8ppg-mxmh", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-33198", + "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic on certain certificates in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-34558", + "message": "Denial of service in net/http and golang.org/x/net/http2. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-69cg-p879-7622", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-34558", + "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic in ReverseProxy in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-36221", + "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-4v7x-pqxf-cx7m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-36221", + "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic due to crafted inputs in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-39293", + "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "GHSA-4374-p667-p6c8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-39293", + "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Denial of service due to improper 100-continue handling in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24791", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2024-24791", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24790", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2024-24790", "targetType": "lockfile", "isSecurity": true }, @@ -641,201 +642,201 @@ }, { "file": "test_data/go.mod", - "message": "Panic when opening certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-41772", + "message": "Panic on large handshake records in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41724", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-41772", + "issueUrl": "https://osv.dev/CVE-2022-41724", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Misdirected I/O in syscall. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2021-44717", + "message": "Path traversal on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41722", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2021-44717", + "issueUrl": "https://osv.dev/CVE-2022-41722", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper sanitization of Transfer-Encoding headers in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-1705", + "message": "Mishandling of corrupt central directory record in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24789", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-1705", + "issueUrl": "https://osv.dev/CVE-2024-24789", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion due to deeply nested types in go/parser. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-1962", + "message": "Restricted file access on Windows in os and net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41720", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-1962", + "issueUrl": "https://osv.dev/CVE-2022-41720", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Uncontrolled memory consumption in math/big. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-23772", + "message": "Errors returned from JSON marshaling may break template escaping in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24785", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-23772", + "issueUrl": "https://osv.dev/CVE-2024-24785", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect computation for some invalid field elements in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-23806", + "message": "Large RSA keys can cause high CPU usage in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-29409", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-23806", + "issueUrl": "https://osv.dev/CVE-2023-29409", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack overflow from a large amount of PEM data in encoding/pem. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-24675", + "message": "Verify panics on certificates with an unknown public key algorithm in crypto/x509. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2024-24783", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-24675", + "issueUrl": "https://osv.dev/CVE-2024-24783", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion when compiling deeply nested expressions in regexp. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-24921", + "message": "Memory exhaustion in multipart form parsing in net/textproto and net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45290", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-24921", + "issueUrl": "https://osv.dev/CVE-2023-45290", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion from deeply nested XML documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-28131", + "message": "Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45289", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-28131", + "issueUrl": "https://osv.dev/CVE-2023-45289", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic due to large inputs affecting P-256 curves in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-28327", + "message": "Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45287", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-28327", + "issueUrl": "https://osv.dev/CVE-2023-45287", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Unbounded memory consumption when reading headers in archive/tar. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-2879", + "message": "Incorrect detection of reserved device names on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45284", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-2879", + "issueUrl": "https://osv.dev/CVE-2023-45284", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Incorrect sanitization of forwarded query parameters in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-2880", + "message": "Insecure parsing of Windows paths with a \\??\\ prefix in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-45283", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-2880", + "issueUrl": "https://osv.dev/CVE-2023-45283", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Path traversal via Clean on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-29804", + "message": "Denial of service via chunk extensions in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-39326", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-29804", + "issueUrl": "https://osv.dev/CVE-2023-39326", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Empty Cmd.Path can trigger unintended binary in os/exec on Windows. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30580", + "message": "Unsanitized NUL in environment variables on Windows in syscall and os/exec. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41716", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30580", + "issueUrl": "https://osv.dev/CVE-2022-41716", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Session tickets lack random ticket_age_add in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30629", + "message": "Memory exhaustion when compiling regular expressions in regexp/syntax. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-41715", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30629", + "issueUrl": "https://osv.dev/CVE-2022-41715", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion in Glob on certain paths in io/fs. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30630", + "message": "Panic when opening certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-41772", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30630", + "issueUrl": "https://osv.dev/CVE-2021-41772", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion when reading certain archives in compress/gzip. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30631", + "message": "Insufficient sanitization of Host header in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-29406", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30631", + "issueUrl": "https://osv.dev/CVE-2023-29406", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion on crafted paths in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30632", + "message": "Panic when decoding Float and Rat types in math/big. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-32189", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30632", + "issueUrl": "https://osv.dev/CVE-2022-32189", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Stack exhaustion when unmarshaling certain documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30633", + "message": "Exposure of client IP addresses in net/http. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-32148", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30633", + "issueUrl": "https://osv.dev/CVE-2022-32148", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Indefinite hang with large buffers on Windows in crypto/rand. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-30634", + "message": "Improper handling of special tags within script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-39319", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-30634", + "issueUrl": "https://osv.dev/CVE-2023-39319", "targetType": "lockfile", "isSecurity": true }, @@ -851,91 +852,131 @@ }, { "file": "test_data/go.mod", - "message": "Exposure of client IP addresses in net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-32148", + "message": "Improper handling of HTML-like comments in script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2023-39318", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-32148", + "issueUrl": "https://osv.dev/CVE-2023-39318", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Panic when decoding Float and Rat types in math/big. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-32189", + "message": "Cross-site scripting in net/http/cgi and net/http/fcgi. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2020-24553", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-32189", + "issueUrl": "https://osv.dev/CVE-2020-24553", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Memory exhaustion when compiling regular expressions in regexp/syntax. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41715", + "message": "Infinite loop when decoding inputs in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-27918", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41715", + "issueUrl": "https://osv.dev/CVE-2021-27918", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Unsanitized NUL in environment variables on Windows in syscall and os/exec. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41716", + "message": "Incorrect operations on the P-224 curve in crypto/elliptic. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-3114", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41716", + "issueUrl": "https://osv.dev/CVE-2021-3114", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Restricted file access on Windows in os and net/http. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41720", + "message": "Improper sanitization when resolving values from DNS in net. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33195", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41720", + "issueUrl": "https://osv.dev/CVE-2021-33195", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Path traversal on Windows in path/filepath. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2022-41722", + "message": "Panic when reading certain archives in archive/zip. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33196", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2022-41722", + "issueUrl": "https://osv.dev/CVE-2021-33196", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", - "message": "Improper handling of HTML-like comments in script contexts in html/template. Current version of 'stdlib' is vulnerable: 1.13.", - "code": "CVE-2023-39318", + "message": "Attacker can drop certain headers in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33197", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/CVE-2023-39318", + "issueUrl": "https://osv.dev/CVE-2021-33197", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Panic on inputs with large exponents in math/big. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-33198", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2021-33198", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Panic on certain certificates in crypto/tls. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-34558", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2021-34558", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Panic in ReverseProxy in net/http/httputil. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2021-36221", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2021-36221", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "message": "Stack exhaustion when unmarshaling certain documents in encoding/xml. Current version of 'stdlib' is vulnerable: 1.13.", + "code": "CVE-2022-30633", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2022-30633", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea erroneous repo clones. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-8j3v-68w3-3848", - "level": "LEVEL_MEDIUM", + "message": "Gitea vulnerable to Argument Injection in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-w8xw-7crf-h23x", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-8j3v-68w3-3848", + "issueUrl": "https://osv.dev/GHSA-w8xw-7crf-h23x", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Stored Cross-site Scripting in gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", + "message": "Stored Cross-site Scripting in gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", "code": "GHSA-ph3w-2843-72mx", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-ph3w-2843-72mx", "targetType": "lockfile", @@ -944,113 +985,157 @@ { "file": "test_data/go.mod", "line": "7", - "message": "Gogs and Gitea SSRF Vulnerability. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-fg3x-rwq9-74cw", + "message": "Shell command injection in gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-p5f9-c9j9-g8qx", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-fg3x-rwq9-74cw", + "issueUrl": "https://osv.dev/GHSA-p5f9-c9j9-g8qx", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea allowed assignment of private issues. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-fhv8-m4j4-cww2", - "level": "LEVEL_MEDIUM", + "message": "Capture-replay in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-jrpg-35hw-m4p9", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-fhv8-m4j4-cww2", + "issueUrl": "https://osv.dev/GHSA-jrpg-35hw-m4p9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Arbitrary file deletion in gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-g7p7-x6w7-w6qg", + "message": "Gitea Missing Authorization vulnerability in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-jr9c-h74f-2v28", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-g7p7-x6w7-w6qg", + "issueUrl": "https://osv.dev/GHSA-jr9c-h74f-2v28", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Arbitrary Code Execution in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-3h6c-c475-jm7v", + "message": "Path Traversal in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-h3q4-vmw4-cpr5", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-3h6c-c475-jm7v", + "issueUrl": "https://osv.dev/GHSA-h3q4-vmw4-cpr5", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "'code.gitea.io/gitea' Open Redirect vulnerability. Current version is vulnerable: 1.9.0-dev.", - "code": "GHSA-cf6v-9j57-v6r6", - "level": "LEVEL_LOW", + "message": "Cross-site Scripting in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-g95p-88p4-76cm", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-cf6v-9j57-v6r6", + "issueUrl": "https://osv.dev/GHSA-g95p-88p4-76cm", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Cross-site Scripting in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-g95p-88p4-76cm", - "level": "LEVEL_MEDIUM", + "message": "Arbitrary file deletion in gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-g7p7-x6w7-w6qg", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-g95p-88p4-76cm", + "issueUrl": "https://osv.dev/GHSA-g7p7-x6w7-w6qg", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Path Traversal in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-h3q4-vmw4-cpr5", - "level": "LEVEL_MEDIUM", + "message": "Denial of Service in Gitea in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-g2qx-6ghw-67hm", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-h3q4-vmw4-cpr5", + "issueUrl": "https://osv.dev/GHSA-g2qx-6ghw-67hm", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea Missing Authorization vulnerability. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-jr9c-h74f-2v28", + "message": "Gitea allowed assignment of private issues in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-fhv8-m4j4-cww2", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-jr9c-h74f-2v28", + "issueUrl": "https://osv.dev/GHSA-fhv8-m4j4-cww2", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Shell command injection in gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", - "code": "GHSA-p5f9-c9j9-g8qx", + "message": "Gogs and Gitea SSRF Vulnerability in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-fg3x-rwq9-74cw", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-p5f9-c9j9-g8qx", + "issueUrl": "https://osv.dev/GHSA-fg3x-rwq9-74cw", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "'code.gitea.io/gitea' Open Redirect vulnerability. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-cf6v-9j57-v6r6", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-cf6v-9j57-v6r6", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Gitea erroneous repo clones in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-8j3v-68w3-3848", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-8j3v-68w3-3848", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "7", - "message": "Gitea Open Redirect. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", + "message": "Gitea Open Redirect in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", "code": "GHSA-4rqq-rxvc-v2rc", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-4rqq-rxvc-v2rc", "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Gitea Cross-site Scripting Vulnerability in 'code.gitea.io/gitea'. Current version is vulnerable: 1.9.0-dev.", + "code": "GHSA-4h4p-553m-46qh", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-4h4p-553m-46qh", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "7", + "message": "Arbitrary Code Execution in Gitea. Current version of 'code.gitea.io/gitea' is vulnerable: 1.9.0-dev.", + "code": "GHSA-3h6c-c475-jm7v", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-3h6c-c475-jm7v", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/go.mod", "line": "16", @@ -1087,18 +1172,18 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Open redirect in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-36h2-95gj-w488", - "level": "LEVEL_MEDIUM", + "message": "Gitea Improper Input Validation in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", + "code": "GHSA-q47x-6mqq-4w92", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-36h2-95gj-w488", + "issueUrl": "https://osv.dev/GHSA-q47x-6mqq-4w92", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Cross Site Request Forgery in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Cross Site Request Forgery in Gitea in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-4wp3-8q92-mh8w", "level": "LEVEL_HIGH", "linter": "osv-scanner", @@ -1109,9 +1194,20 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Gitea displaying raw OpenID error in UI. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Open redirect in Gitea in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", + "code": "GHSA-36h2-95gj-w488", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-36h2-95gj-w488", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/go.mod", + "line": "58", + "message": "Gitea displaying raw OpenID error in UI in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-8h8p-x289-vvqr", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-8h8p-x289-vvqr", "targetType": "lockfile", @@ -1120,9 +1216,9 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Gitea Exposes Private Email Addresses. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Gitea Exposes Private Email Addresses in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-f5fj-7265-jxhj", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-f5fj-7265-jxhj", "targetType": "lockfile", @@ -1142,97 +1238,86 @@ { "file": "test_data/go.mod", "line": "58", - "message": "Capture-replay in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-jrpg-35hw-m4p9", + "message": "Gitea vulnerable to Argument Injection. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "code": "GHSA-w8xw-7crf-h23x", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-jrpg-35hw-m4p9", + "issueUrl": "https://osv.dev/GHSA-w8xw-7crf-h23x", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Gitea Improper Input Validation. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-q47x-6mqq-4w92", + "message": "Improper Access Control in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "code": "GHSA-r7h7-chh4-5rvm", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-q47x-6mqq-4w92", + "issueUrl": "https://osv.dev/GHSA-r7h7-chh4-5rvm", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Cross-site Scripting in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "message": "Cross-site Scripting in Gitea in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", "code": "GHSA-r3gq-wxqf-q4gh", - "level": "LEVEL_MEDIUM", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-r3gq-wxqf-q4gh", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/go.mod", - "line": "58", - "message": "Improper Access Control in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-r7h7-chh4-5rvm", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-r7h7-chh4-5rvm", + "issueUrl": "https://osv.dev/GHSA-r3gq-wxqf-q4gh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Gitea vulnerable to Argument Injection. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-w8xw-7crf-h23x", + "message": "Gitea Remote Code Execution in 'github.com/go-gitea/gitea'. Current version is vulnerable: 1.2.3.", + "code": "GHSA-hpmr-prr2-cqc4", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-w8xw-7crf-h23x", + "issueUrl": "https://osv.dev/GHSA-hpmr-prr2-cqc4", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "58", - "message": "Gitea Remote Code Execution. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", - "code": "GHSA-hpmr-prr2-cqc4", + "message": "Capture-replay in Gitea. Current version of 'github.com/go-gitea/gitea' is vulnerable: 1.2.3.", + "code": "GHSA-jrpg-35hw-m4p9", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-hpmr-prr2-cqc4", + "issueUrl": "https://osv.dev/GHSA-jrpg-35hw-m4p9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish vulnerable to Cross-site Scripting via crafted landing page. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-55m9-hm92-xm8j", - "level": "LEVEL_MEDIUM", + "message": "Gophish before 0.12.0 vulnerable to Open Redirect in 'github.com/gophish/gophish'. Current version is vulnerable: 0.1.2.", + "code": "GHSA-hvw3-p9px-gpc9", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-55m9-hm92-xm8j", + "issueUrl": "https://osv.dev/GHSA-hvw3-p9px-gpc9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish vulnerable to Denial of Service via crafted payload involving autofocus. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-8gg8-wr4j-v2wr", + "message": "Gophish XSS Vulnerability in 'github.com/gophish/gophish'. Current version is vulnerable: 0.1.2.", + "code": "GHSA-9h9f-9q8g-6764", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-8gg8-wr4j-v2wr", + "issueUrl": "https://osv.dev/GHSA-9h9f-9q8g-6764", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish vulnerable to Server-Side Request Forgery. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", + "message": "Gophish vulnerable to Server-Side Request Forgery in 'github.com/gophish/gophish'. Current version is vulnerable: 0.1.2.", "code": "GHSA-9c9w-9pq7-f35h", - "level": "LEVEL_MEDIUM", + "level": "LEVEL_HIGH", "linter": "osv-scanner", "issueUrl": "https://osv.dev/GHSA-9c9w-9pq7-f35h", "targetType": "lockfile", @@ -1241,44 +1326,44 @@ { "file": "test_data/go.mod", "line": "84", - "message": "Gophish XSS Vulnerability. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-9h9f-9q8g-6764", - "level": "LEVEL_MEDIUM", + "message": "Gophish vulnerable to Denial of Service via crafted payload involving autofocus. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", + "code": "GHSA-8gg8-wr4j-v2wr", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-9h9f-9q8g-6764", + "issueUrl": "https://osv.dev/GHSA-8gg8-wr4j-v2wr", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "84", - "message": "Gophish before 0.12.0 vulnerable to Open Redirect. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", - "code": "GHSA-hvw3-p9px-gpc9", + "message": "Gophish vulnerable to Cross-site Scripting via crafted landing page. Current version of 'github.com/gophish/gophish' is vulnerable: 0.1.2.", + "code": "GHSA-55m9-hm92-xm8j", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-hvw3-p9px-gpc9", + "issueUrl": "https://osv.dev/GHSA-55m9-hm92-xm8j", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "91", - "message": "pgx SQL Injection via Protocol Message Size Overflow. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", - "code": "GHSA-7jwh-3vrq-q3m8", + "message": "pgx SQL Injection via Line Comment Creation. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", + "code": "GHSA-m7wr-2xf7-cm9p", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-7jwh-3vrq-q3m8", + "issueUrl": "https://osv.dev/GHSA-m7wr-2xf7-cm9p", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "91", - "message": "pgx SQL Injection via Line Comment Creation. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", - "code": "GHSA-m7wr-2xf7-cm9p", + "message": "pgx SQL Injection via Protocol Message Size Overflow. Current version of 'github.com/jackc/pgx' is vulnerable: 3.6.0+incompatible.", + "code": "GHSA-7jwh-3vrq-q3m8", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-m7wr-2xf7-cm9p", + "issueUrl": "https://osv.dev/GHSA-7jwh-3vrq-q3m8", "targetType": "lockfile", "isSecurity": true }, @@ -1318,22 +1403,22 @@ { "file": "test_data/go.mod", "line": "161", - "message": "Path traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", - "code": "GHSA-vpx7-vm66-qx8r", + "message": "Path Traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", + "code": "GHSA-88jf-7rch-32qc", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vpx7-vm66-qx8r", + "issueUrl": "https://osv.dev/GHSA-88jf-7rch-32qc", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "161", - "message": "Path Traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", - "code": "GHSA-88jf-7rch-32qc", + "message": "Path traversal in 'github.com/unknwon/cae'. Current version is vulnerable: 1.0.0.", + "code": "GHSA-vpx7-vm66-qx8r", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-88jf-7rch-32qc", + "issueUrl": "https://osv.dev/GHSA-vpx7-vm66-qx8r", "targetType": "lockfile", "isSecurity": true }, @@ -1436,6 +1521,17 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/go.mod", + "line": "172", + "message": "Limited directory traversal vulnerability on Windows in 'golang.org/x/crypto'. Current version is vulnerable: 0.0.0-20190308221718-c2843e01d9a2.", + "code": "CVE-2022-30636", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/CVE-2022-30636", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/go.mod", "line": "173", @@ -1450,11 +1546,11 @@ { "file": "test_data/go.mod", "line": "173", - "message": "Denial of service via crafted TIFF image in golang.org/x/image/tiff. Current version is vulnerable: 0.0.0-20190802002840-cff245a6509b.", - "code": "GHSA-qgc7-mgm3-q253", + "message": "Panic when parsing invalid palette-color images in 'golang.org/x/image'. Current version is vulnerable: 0.0.0-20190802002840-cff245a6509b.", + "code": "GHSA-9phm-fm57-rhg8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-qgc7-mgm3-q253", + "issueUrl": "https://osv.dev/GHSA-9phm-fm57-rhg8", "targetType": "lockfile", "isSecurity": true }, @@ -1469,25 +1565,36 @@ "targetType": "lockfile", "isSecurity": true }, + { + "file": "test_data/go.mod", + "line": "173", + "message": "Denial of service via crafted TIFF image in golang.org/x/image/tiff. Current version is vulnerable: 0.0.0-20190802002840-cff245a6509b.", + "code": "GHSA-qgc7-mgm3-q253", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-qgc7-mgm3-q253", + "targetType": "lockfile", + "isSecurity": true + }, { "file": "test_data/go.mod", "line": "174", - "message": "Denial of service in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-69cg-p879-7622", + "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-xrjj-mj9h-534m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", + "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Denial of service via crafted HTTP/2 stream in net/http and 'golang.org/x/net'. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-vvpx-j8f3-3w6h", + "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-vc3p-29h2-gpcp", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", + "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", "targetType": "lockfile", "isSecurity": true }, @@ -1495,87 +1602,87 @@ "file": "test_data/go.mod", "line": "174", "message": "HTTP/2 Stream Cancellation Attack. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-2m7v-gc89-fjqf", + "code": "GHSA-qppj-fm5r-hxr3", "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2m7v-gc89-fjqf", + "issueUrl": "https://osv.dev/GHSA-qppj-fm5r-hxr3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Improper rendering of text nodes in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-2wrh-6pvc-2jm9", + "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-h86h-8ppg-mxmh", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2wrh-6pvc-2jm9", + "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-4374-p667-p6c8", + "message": "Infinite loop when parsing inputs in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-83g2-8m93-v3w7", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", + "issueUrl": "https://osv.dev/GHSA-83g2-8m93-v3w7", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-4v7x-pqxf-cx7m", + "message": "Denial of service in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-69cg-p879-7622", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", + "issueUrl": "https://osv.dev/GHSA-69cg-p879-7622", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Excessive memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-xrjj-mj9h-534m", + "message": "HTTP/2 CONTINUATION flood in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-4v7x-pqxf-cx7m", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-xrjj-mj9h-534m", + "issueUrl": "https://osv.dev/GHSA-4v7x-pqxf-cx7m", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Infinite loop when parsing inputs in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-83g2-8m93-v3w7", + "message": "HTTP/2 rapid reset can cause excessive work in net/http. Current version of 'golang.org/x/net' is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-4374-p667-p6c8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-83g2-8m93-v3w7", + "issueUrl": "https://osv.dev/GHSA-4374-p667-p6c8", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Panic due to large headers in net/http and golang.org/x/net/http/httpguts. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-h86h-8ppg-mxmh", + "message": "Improper rendering of text nodes in golang.org/x/net/html. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-2wrh-6pvc-2jm9", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-h86h-8ppg-mxmh", + "issueUrl": "https://osv.dev/GHSA-2wrh-6pvc-2jm9", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "174", - "message": "Unbounded memory growth in net/http and golang.org/x/net/http2. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", - "code": "GHSA-vc3p-29h2-gpcp", + "message": "Denial of service via crafted HTTP/2 stream in net/http and 'golang.org/x/net'. Current version is vulnerable: 0.0.0-20200324143707-d3edc9973b7e.", + "code": "GHSA-vvpx-j8f3-3w6h", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-vc3p-29h2-gpcp", + "issueUrl": "https://osv.dev/GHSA-vvpx-j8f3-3w6h", "targetType": "lockfile", "isSecurity": true }, @@ -1593,22 +1700,22 @@ { "file": "test_data/go.mod", "line": "179", - "message": "Denial of service from HTTP/2 Rapid Reset in 'google.golang.org/grpc'. Current version is vulnerable: 1.23.0.", - "code": "GHSA-m425-mq94-257g", - "level": "LEVEL_HIGH", + "message": "HTTP/2 Stream Cancellation Attack. Current version of 'google.golang.org/grpc' is vulnerable: 1.23.0.", + "code": "GHSA-qppj-fm5r-hxr3", + "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-m425-mq94-257g", + "issueUrl": "https://osv.dev/GHSA-qppj-fm5r-hxr3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/go.mod", "line": "179", - "message": "HTTP/2 Stream Cancellation Attack. Current version of 'google.golang.org/grpc' is vulnerable: 1.23.0.", - "code": "GHSA-2m7v-gc89-fjqf", - "level": "LEVEL_MEDIUM", + "message": "Denial of service from HTTP/2 Rapid Reset in 'google.golang.org/grpc'. Current version is vulnerable: 1.23.0.", + "code": "GHSA-m425-mq94-257g", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2m7v-gc89-fjqf", + "issueUrl": "https://osv.dev/GHSA-m425-mq94-257g", "targetType": "lockfile", "isSecurity": true }, @@ -1648,99 +1755,99 @@ { "file": "test_data/requirements.txt", "line": "1", - "message": "'Pillow' buffer overflow vulnerability. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.3.0 or higher.", - "code": "GHSA-44wm-f244-xhp3", - "level": "LEVEL_MEDIUM", + "message": "Arbitrary Code Execution in 'Pillow'. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.2.0 or higher.", + "code": "GHSA-3f63-hfp8-52jq", + "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-44wm-f244-xhp3", + "issueUrl": "https://osv.dev/GHSA-3f63-hfp8-52jq", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "'Pillow' before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", - "code": "GHSA-m2vv-5vj5-2hm7", + "message": "'Pillow' versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). 'Pillow' v10.0.1 upgrades the bundled libwebp binary to v1.3.2. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "PYSEC-2023-175", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-m2vv-5vj5-2hm7", + "issueUrl": "https://osv.dev/PYSEC-2023-175", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Invalid-free in _dealloc. Current version of 'pillow' is vulnerable: 9.1.1.", - "code": "OSV-2022-1074", - "level": "LEVEL_HIGH", + "message": "'Pillow' buffer overflow vulnerability. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.3.0 or higher.", + "code": "GHSA-44wm-f244-xhp3", + "level": "LEVEL_MEDIUM", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/OSV-2022-1074", + "issueUrl": "https://osv.dev/GHSA-44wm-f244-xhp3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Segv on unknown address in jpeg_read_scanlines. Current version of 'pillow' is vulnerable: 9.1.1.", - "code": "OSV-2022-715", + "message": "Bundled libwebp in 'Pillow' vulnerable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-56pw-mpj4-fxww", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/OSV-2022-715", + "issueUrl": "https://osv.dev/GHSA-56pw-mpj4-fxww", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "libwebp: OOB write in BuildHuffmanTable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", - "code": "GHSA-j7hp-h8jx-5ppr", + "message": "An issue was discovered in 'Pillow' before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.0 or higher.", + "code": "GHSA-8ghj-p4vj-mr35", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-j7hp-h8jx-5ppr", + "issueUrl": "https://osv.dev/GHSA-8ghj-p4vj-mr35", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "An issue was discovered in 'Pillow' before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of memory. This occurs for truetype in ImageFont when textlength in an ImageDraw instance operates on a long text argument. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.0 or higher.", - "code": "GHSA-8ghj-p4vj-mr35", + "message": "libwebp: OOB write in BuildHuffmanTable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", + "code": "GHSA-j7hp-h8jx-5ppr", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-8ghj-p4vj-mr35", + "issueUrl": "https://osv.dev/GHSA-j7hp-h8jx-5ppr", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Bundled libwebp in 'Pillow' vulnerable. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", - "code": "GHSA-56pw-mpj4-fxww", + "message": "'Pillow' before 9.2.0 performs Improper Handling of Highly Compressed GIF Data (Data Amplification). Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 9.2.0 or higher.", + "code": "GHSA-m2vv-5vj5-2hm7", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-56pw-mpj4-fxww", + "issueUrl": "https://osv.dev/GHSA-m2vv-5vj5-2hm7", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "'Pillow' versions before v10.0.1 bundled libwebp binaries in wheels that are vulnerable to CVE-2023-5129 (previously CVE-2023-4863). 'Pillow' v10.0.1 upgrades the bundled libwebp binary to v1.3.2. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.0.1 or higher.", - "code": "PYSEC-2023-175", + "message": "Invalid-free in _dealloc. Current version of 'pillow' is vulnerable: 9.1.1.", + "code": "OSV-2022-1074", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/PYSEC-2023-175", + "issueUrl": "https://osv.dev/OSV-2022-1074", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "1", - "message": "Arbitrary Code Execution in 'Pillow'. Current version of 'pillow' is vulnerable: 9.1.1. Patch available: upgrade to 10.2.0 or higher.", - "code": "GHSA-3f63-hfp8-52jq", + "message": "Segv on unknown address in jpeg_read_scanlines. Current version of 'pillow' is vulnerable: 9.1.1.", + "code": "OSV-2022-715", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-3f63-hfp8-52jq", + "issueUrl": "https://osv.dev/OSV-2022-715", "targetType": "lockfile", "isSecurity": true }, @@ -1758,11 +1865,11 @@ { "file": "test_data/requirements.txt", "line": "2", - "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary code execution in load_prompt. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-6643-h7h5-x9wh", + "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary Code Execution. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.225 or higher.", + "code": "GHSA-x32c-59v5-h7fg", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-6643-h7h5-x9wh", + "issueUrl": "https://osv.dev/GHSA-x32c-59v5-h7fg", "targetType": "lockfile", "isSecurity": true }, @@ -1780,44 +1887,66 @@ { "file": "test_data/requirements.txt", "line": "2", - "message": "'langchain' vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.312 or higher.", - "code": "GHSA-7gfq-f96f-g85j", + "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary code execution in load_prompt. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-6643-h7h5-x9wh", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-7gfq-f96f-g85j", + "issueUrl": "https://osv.dev/GHSA-6643-h7h5-x9wh", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "2", - "message": "SQL injection vulnerability in 'langchain' v.0.0.64 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-7q94-qpjr-xpgm", + "message": "'LangChain' before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.317 or higher.", + "code": "GHSA-655w-fm8m-m478", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-7q94-qpjr-xpgm", + "issueUrl": "https://osv.dev/GHSA-655w-fm8m-m478", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "2", - "message": "An issue in Harrison Chase 'langchain' v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.195 or higher.", - "code": "GHSA-92j5-3459-qgp4", + "message": "An issue in 'langchain' v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-57fc-8q82-gfp3", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-92j5-3459-qgp4", + "issueUrl": "https://osv.dev/GHSA-57fc-8q82-gfp3", "targetType": "lockfile", "isSecurity": true }, { "file": "test_data/requirements.txt", "line": "2", - "message": "'Langchain' 0.0.171 is vulnerable to Arbitrary Code Execution. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.225 or higher.", - "code": "GHSA-x32c-59v5-h7fg", + "message": "An issue in 'langchain' v.0.0.199 allows an attacker to execute arbitrary code via the PALChain in the python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-2qmj-7962-cjq8", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-x32c-59v5-h7fg", + "issueUrl": "https://osv.dev/GHSA-2qmj-7962-cjq8", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "SQL injection vulnerability in 'langchain' v.0.0.64 allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", + "code": "GHSA-7q94-qpjr-xpgm", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-7q94-qpjr-xpgm", + "targetType": "lockfile", + "isSecurity": true + }, + { + "file": "test_data/requirements.txt", + "line": "2", + "message": "An issue in Harrison Chase 'langchain' v.0.0.194 and before allows a remote attacker to execute arbitrary code via the from_math_prompt and from_colored_object_prompt functions. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.195 or higher.", + "code": "GHSA-92j5-3459-qgp4", + "level": "LEVEL_HIGH", + "linter": "osv-scanner", + "issueUrl": "https://osv.dev/GHSA-92j5-3459-qgp4", "targetType": "lockfile", "isSecurity": true }, @@ -1890,33 +2019,11 @@ { "file": "test_data/requirements.txt", "line": "2", - "message": "An issue in 'langchain' v.0.0.64 allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-57fc-8q82-gfp3", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-57fc-8q82-gfp3", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/requirements.txt", - "line": "2", - "message": "An issue in 'langchain' v.0.0.199 allows an attacker to execute arbitrary code via the PALChain in the python exec method. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.247 or higher.", - "code": "GHSA-2qmj-7962-cjq8", - "level": "LEVEL_HIGH", - "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-2qmj-7962-cjq8", - "targetType": "lockfile", - "isSecurity": true - }, - { - "file": "test_data/requirements.txt", - "line": "2", - "message": "'LangChain' before 0.0.317 allows SSRF via document_loaders/recursive_url_loader.py because crawling can proceed from an external server to an internal server. Current version of 'langchain' is vulnerable: 0.0.171. Patch available: upgrade to 0.0.317 or higher.", - "code": "GHSA-655w-fm8m-m478", + "message": "'langchain' vulnerable to arbitrary code execution. Current version is vulnerable: 0.0.171. Patch available: upgrade to 0.0.312 or higher.", + "code": "GHSA-7gfq-f96f-g85j", "level": "LEVEL_HIGH", "linter": "osv-scanner", - "issueUrl": "https://osv.dev/GHSA-655w-fm8m-m478", + "issueUrl": "https://osv.dev/GHSA-7gfq-f96f-g85j", "targetType": "lockfile", "isSecurity": true } diff --git a/linters/pyright/test_data/pyright_v1.1.378_basic.check.shot b/linters/pyright/test_data/pyright_v1.1.378_basic.check.shot new file mode 100644 index 000000000..1d230608a --- /dev/null +++ b/linters/pyright/test_data/pyright_v1.1.378_basic.check.shot @@ -0,0 +1,226 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing linter pyright test basic 1`] = ` +{ + "issues": [ + { + "code": "reportAttributeAccessIssue", + "column": "57", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportAttributeAccessIssue", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "pyright", + "message": ""Enum" is unknown import symbol", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "4", + "offset": "56", + }, + ], + "targetType": "python", + }, + { + "column": "13", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#", + "level": "LEVEL_LOW", + "line": "15", + "linter": "pyright", + "message": "Type of "a.x" is "int | str"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "3", + "offset": "384", + }, + ], + "targetType": "python", + }, + { + "code": "reportAttributeAccessIssue", + "column": "3", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportAttributeAccessIssue", + "level": "LEVEL_HIGH", + "line": "18", + "linter": "pyright", + "message": "Cannot assign to attribute "x" for class "A" +  Expression of type "float" cannot be assigned to attribute "x" of class "A" +    Type "float" is not assignable to type "int | str" +      "float" is not assignable to "int" +      "float" is not assignable to "str"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "462", + }, + ], + "targetType": "python", + }, + { + "code": "reportUndefinedVariable", + "column": "8", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportUndefinedVariable", + "level": "LEVEL_HIGH", + "line": "24", + "linter": "pyright", + "message": ""ClassVar" is not defined", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "8", + "offset": "602", + }, + ], + "targetType": "python", + }, + { + "code": "reportAttributeAccessIssue", + "column": "9", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportAttributeAccessIssue", + "level": "LEVEL_HIGH", + "line": "31", + "linter": "pyright", + "message": "Cannot access attribute "z" for class "type[A]" +  Attribute "z" is unknown", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "742", + }, + ], + "targetType": "python", + }, + { + "code": "reportReturnType", + "column": "29", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportReturnType", + "level": "LEVEL_HIGH", + "line": "39", + "linter": "pyright", + "message": "Function with declared return type "bool" must return value on all code paths +  "None" is not assignable to "bool"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "4", + "offset": "864", + }, + ], + "targetType": "python", + }, + { + "code": "reportReturnType", + "column": "12", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportReturnType", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "pyright", + "message": "Type "int" is not assignable to return type "str" +  "int" is not assignable to "str"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "105", + }, + ], + "targetType": "python", + }, + { + "column": "25", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#", + "level": "LEVEL_LOW", + "line": "51", + "linter": "pyright", + "message": "Type of "val" is "int"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "3", + "offset": "1128", + }, + ], + "targetType": "python", + }, + { + "column": "39", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#", + "level": "LEVEL_LOW", + "line": "54", + "linter": "pyright", + "message": "Type of "val" is "int"", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "3", + "offset": "1244", + }, + ], + "targetType": "python", + }, + { + "code": "reportRedeclaration", + "column": "7", + "file": "test_data/basic.in.py", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/microsoft/pyright/blob/main/docs/configuration.md#reportRedeclaration", + "level": "LEVEL_HIGH", + "line": "7", + "linter": "pyright", + "message": "Class declaration "A" is obscured by a declaration of the same name", + "ranges": [ + { + "filePath": "test_data/basic.in.py", + "length": "1", + "offset": "183", + }, + ], + "targetType": "python", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "python", + "linter": "pyright", + "paths": [ + "test_data/basic.in.py", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "python", + "linter": "pyright", + "paths": [ + "test_data/basic.in.py", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; From 160ec2d2efe72990ca54ecad0d81d8e8660737fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Aug 2024 13:08:37 -0700 Subject: [PATCH 04/27] Bump github/codeql-action from 3.26.2 to 3.26.5 in the dependencies group (#853) Bumps the dependencies group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.26.2 to 3.26.5
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.26.5 - 23 Aug 2024

  • Fix an issue where the csrutil system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #2441

3.26.4 - 21 Aug 2024

  • Deprecation: The add-snippets input on the analyze Action is deprecated and will be removed in the first release in August 2025. #2436
  • Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434

3.26.3 - 19 Aug 2024

  • Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430

3.26.2 - 14 Aug 2024

  • Update default CodeQL bundle version to 2.18.2. #2417

3.26.1 - 13 Aug 2024

No user facing changes.

3.26.0 - 06 Aug 2024

  • Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403
  • Bump the minimum CodeQL bundle version to 2.13.5. #2408

3.25.15 - 26 Jul 2024

  • Update default CodeQL bundle version to 2.18.1. #2385

3.25.14 - 25 Jul 2024

  • Experimental: add a new start-proxy action which starts the same HTTP proxy as used by github/dependabot-action. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2376

3.25.13 - 19 Jul 2024

  • Add codeql-version to outputs. #2368
  • Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. #2375
    • If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
    • Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.25.13 and github/codeql-action/*@v2 by github/codeql-action/*@v2.25.13 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

... (truncated)

Commits
  • 2c779ab Merge main into releases/v3 (#2444)
  • 68cd1f9 Update changelog for v3.26.5
  • 7e27807 Only run check SIP enablement once in init step (#2441)
  • fd5fa13 Merge pull request #2438 from github/mergeback/v3.26.4-to-main-f0f3afee
  • 6f10eb0 Update checked-in dependencies
  • b15a247 Update changelog and version after v3.26.4
  • f0f3afe Merge main into releases/v3 (#2437)
  • e354359 Update changelog for v3.26.4
  • ae01f80 Merge pull request #2436 from rvermeulen/rvermeulen/deprecate-add-snippets
  • 72bc3f7 Address incorrect changelog location
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.2&new-version=3.26.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bdb0bfca6..40c9b2156 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/autobuild@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 9a0646763..baf986d4a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 with: sarif_file: results.sarif From e444c32e69c6dd40f77b1da83f1bf5b6a88c1921 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Aug 2024 13:36:18 -0700 Subject: [PATCH 05/27] Bump the dependencies group with 5 updates (#852) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.4.0` | `22.5.0` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.1.0` | `8.2.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.1.0` | `8.2.0` | | [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.2.4` | `29.2.5` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.1.0` | `8.2.0` | Updates `@types/node` from 22.4.0 to 22.5.0
Commits

Updates `@typescript-eslint/eslint-plugin` from 8.1.0 to 8.2.0
Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.2.0

8.2.0 (2024-08-19)

🚀 Features

  • eslint-plugin: add suggestion to require-await to remove async keyword (#9718)
  • typescript-estree: special-case error for parserOptions.project and project references (#9686)

🩹 Fixes

  • eslint-plugin: [use-unknown-in-catch-callback-variable] flag second argument of .then (#9059)
  • eslint-plugin: [no-unnecessary-type-assertion] conflict with TS for variables used before assignment (#9209)
  • eslint-plugin: delete [] in message if ReadOnly is detected (#9513)
  • eslint-plugin: [no-redundant-type-constituents] differentiate a types-error any from a true any (#9555)
  • eslint-plugin: [no-unnecessary-type-parameters] check mapped constraint types if necessary (#9740)
  • eslint-plugin: [no-unsafe-enum-comparison] add logic to see through intersections (#9777)
  • typescript-estree: pass in tsconfigRootDir as cwd to getParsedConfigFile (#9804)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.2.0 (2024-08-19)

🚀 Features

  • eslint-plugin: add suggestion to require-await to remove async keyword

🩹 Fixes

  • eslint-plugin: [use-unknown-in-catch-callback-variable] flag second argument of .then

  • eslint-plugin: [no-unnecessary-type-assertion] conflict with TS for variables used before assignment

  • eslint-plugin: delete [] in message if ReadOnly is detected

  • eslint-plugin: [no-redundant-type-constituents] differentiate a types-error any from a true any

  • eslint-plugin: [no-unnecessary-type-parameters] check mapped constraint types if necessary

  • eslint-plugin: [no-unsafe-enum-comparison] add logic to see through intersections

❤️ Thank You

  • Abraham Guo
  • Dave
  • Jake Bailey
  • James
  • Josh Goldberg ✨
  • liuxingbaoyu
  • Yukihiro Hasegawa
  • Yutong Zhu

You can read about our versioning strategy and releases on our website.

Commits
  • 7440e14 chore(release): publish 8.2.0
  • db558d1 fix(eslint-plugin): [no-unsafe-enum-comparison] add logic to see through inte...
  • 3962885 chore: enable unicorn/prefer-string-replace-all (#9798)
  • da02f61 fix(eslint-plugin): [no-unnecessary-type-parameters] check mapped constraint ...
  • 478990f feat(eslint-plugin): add suggestion to require-await to remove async keyw...
  • 8087d17 fix(eslint-plugin): [no-redundant-type-constituents] differentiate a types-er...
  • 8e01254 fix(eslint-plugin): delete [] in message if ReadOnly<string[]> is detected (#...
  • 3ca8477 fix(eslint-plugin): [no-unnecessary-type-assertion] conflict with TS for vari...
  • 75a09a8 fix(eslint-plugin): [use-unknown-in-catch-callback-variable] flag second argu...
  • 382e87b chore: enable unicorn/prefer-node-protocol (#9742)
  • Additional commits viewable in compare view

Updates `@typescript-eslint/parser` from 8.1.0 to 8.2.0
Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.2.0

8.2.0 (2024-08-19)

🚀 Features

  • eslint-plugin: add suggestion to require-await to remove async keyword (#9718)
  • typescript-estree: special-case error for parserOptions.project and project references (#9686)

🩹 Fixes

  • eslint-plugin: [use-unknown-in-catch-callback-variable] flag second argument of .then (#9059)
  • eslint-plugin: [no-unnecessary-type-assertion] conflict with TS for variables used before assignment (#9209)
  • eslint-plugin: delete [] in message if ReadOnly is detected (#9513)
  • eslint-plugin: [no-redundant-type-constituents] differentiate a types-error any from a true any (#9555)
  • eslint-plugin: [no-unnecessary-type-parameters] check mapped constraint types if necessary (#9740)
  • eslint-plugin: [no-unsafe-enum-comparison] add logic to see through intersections (#9777)
  • typescript-estree: pass in tsconfigRootDir as cwd to getParsedConfigFile (#9804)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.2.0 (2024-08-19)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates `ts-jest` from 29.2.4 to 29.2.5
Release notes

Sourced from ts-jest's releases.

v29.2.5

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.5 (2024-08-23)

Bug Fixes

  • build: build package with NodeNext module (9b3ade5)
  • fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset (d9ff362)
  • fix(compiler): fallback to NodeJS module resolution for ts 4.8 (b7d3409), closes #4499
Commits
  • 500a863 chore(release): 29.2.5
  • dce986e build(deps): Update dependency @​babel/preset-env to ^7.25.4
  • 48a28a6 build(deps): Update dependency vite to ^5.4.2
  • d9ff362 fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset
  • 00550ef test: add e2e test case for ESM features
  • 978169b build(deps): Update dependency @​types/node to v20.16.1
  • e9a643c build(deps): Update dependency @​types/node to v20.16.0
  • 535edab build(deps): Update dependency @​types/node to v20.15.0
  • 011a9d8 build(deps): Update dependency vite to ^5.4.1
  • 4eb8ccd build: update renovate bot
  • Additional commits viewable in compare view

Updates `typescript-eslint` from 8.1.0 to 8.2.0
Release notes

Sourced from typescript-eslint's releases.

v8.2.0

8.2.0 (2024-08-19)

🚀 Features

  • eslint-plugin: add suggestion to require-await to remove async keyword (#9718)
  • typescript-estree: special-case error for parserOptions.project and project references (#9686)

🩹 Fixes

  • eslint-plugin: [use-unknown-in-catch-callback-variable] flag second argument of .then (#9059)
  • eslint-plugin: [no-unnecessary-type-assertion] conflict with TS for variables used before assignment (#9209)
  • eslint-plugin: delete [] in message if ReadOnly is detected (#9513)
  • eslint-plugin: [no-redundant-type-constituents] differentiate a types-error any from a true any (#9555)
  • eslint-plugin: [no-unnecessary-type-parameters] check mapped constraint types if necessary (#9740)
  • eslint-plugin: [no-unsafe-enum-comparison] add logic to see through intersections (#9777)
  • typescript-estree: pass in tsconfigRootDir as cwd to getParsedConfigFile (#9804)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.2.0 (2024-08-19)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tyler Jang --- package-lock.json | 256 +++++++++++++++++++++++----------------------- package.json | 10 +- 2 files changed, 133 insertions(+), 133 deletions(-) diff --git a/package-lock.json b/package-lock.json index b16999191..3371e9521 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,10 +16,10 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.12", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.4.0", + "@types/node": "^22.5.0", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.1.0", - "@typescript-eslint/parser": "^8.1.0", + "@typescript-eslint/eslint-plugin": "^8.2.0", + "@typescript-eslint/parser": "^8.2.0", "caller": "^1.1.0", "debug": "^4.3.6", "eslint": "^8.57.0", @@ -37,11 +37,11 @@ "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", "simple-git": "^3.25.0", - "ts-jest": "^29.2.4", + "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.5.4", - "typescript-eslint": "^8.1.0", + "typescript-eslint": "^8.2.0", "yaml": "^2.5.0" }, "engines": { @@ -1354,9 +1354,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.4.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.4.0.tgz", - "integrity": "sha512-49AbMDwYUz7EXxKU/r7mXOsxwFr4BYbvB7tWYxVuLdb2ibd30ijjXINSMAHiEEZk5PCRBmW1gUeisn2VMKt3cQ==", + "version": "22.5.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.0.tgz", + "integrity": "sha512-DkFrJOe+rfdHTqqMg0bSNlGlQ85hSoh2TPzZyhHsXnMtligRWpxUySiyw8FY14ITt24HVCiQPWxS3KO/QlGmWg==", "dev": true, "dependencies": { "undici-types": "~6.19.2" @@ -1387,16 +1387,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.1.0.tgz", - "integrity": "sha512-LlNBaHFCEBPHyD4pZXb35mzjGkuGKXU5eeCA1SxvHfiRES0E82dOounfVpL4DCqYvJEKab0bZIA0gCRpdLKkCw==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.2.0.tgz", + "integrity": "sha512-02tJIs655em7fvt9gps/+4k4OsKULYGtLBPJfOsmOq1+3cdClYiF0+d6mHu6qDnTcg88wJBkcPLpQhq7FyDz0A==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/type-utils": "8.1.0", - "@typescript-eslint/utils": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/scope-manager": "8.2.0", + "@typescript-eslint/type-utils": "8.2.0", + "@typescript-eslint/utils": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1420,13 +1420,13 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", + "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1437,9 +1437,9 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", + "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1450,13 +1450,13 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", + "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -1478,15 +1478,15 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.1.0.tgz", - "integrity": "sha512-ypRueFNKTIFwqPeJBfeIpxZ895PQhNyH4YID6js0UoBImWYoSjBsahUn9KMiJXh94uOjVBgHD9AmkyPsPnFwJA==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.2.0.tgz", + "integrity": "sha512-O46eaYKDlV3TvAVDNcoDzd5N550ckSe8G4phko++OCSC1dYIb9LTc3HDGYdWqWIAT5qDUKphO6sd9RrpIJJPfg==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0" + "@typescript-eslint/scope-manager": "8.2.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/typescript-estree": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1500,12 +1500,12 @@ } }, "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", + "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", + "@typescript-eslint/types": "8.2.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -1541,15 +1541,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.1.0.tgz", - "integrity": "sha512-U7iTAtGgJk6DPX9wIWPPOlt1gO57097G06gIcl0N0EEnNw8RGD62c+2/DiP/zL7KrkqnnqF7gtFGR7YgzPllTA==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.2.0.tgz", + "integrity": "sha512-j3Di+o0lHgPrb7FxL3fdEy6LJ/j2NE8u+AP/5cQ9SKb+JLH6V6UHDqJ+e0hXBkHP1wn1YDFjYCS9LBQsZDlDEg==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/scope-manager": "8.2.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/typescript-estree": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0", "debug": "^4.3.4" }, "engines": { @@ -1569,13 +1569,13 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", + "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1586,9 +1586,9 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", + "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1599,13 +1599,13 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", + "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -1627,12 +1627,12 @@ } }, "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", + "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", + "@typescript-eslint/types": "8.2.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -1685,13 +1685,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.1.0.tgz", - "integrity": "sha512-oLYvTxljVvsMnldfl6jIKxTaU7ok7km0KDrwOt1RHYu6nxlhN3TIx8k5Q52L6wR33nOwDgM7VwW1fT1qMNfFIA==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.2.0.tgz", + "integrity": "sha512-g1CfXGFMQdT5S+0PSO0fvGXUaiSkl73U1n9LTK5aRAFnPlJ8dLKkXr4AaLFvPedW8lVDoMgLLE3JN98ZZfsj0w==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.1.0", - "@typescript-eslint/utils": "8.1.0", + "@typescript-eslint/typescript-estree": "8.2.0", + "@typescript-eslint/utils": "8.2.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -1709,13 +1709,13 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", + "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1726,9 +1726,9 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", + "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1739,13 +1739,13 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", + "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -1767,15 +1767,15 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.1.0.tgz", - "integrity": "sha512-ypRueFNKTIFwqPeJBfeIpxZ895PQhNyH4YID6js0UoBImWYoSjBsahUn9KMiJXh94uOjVBgHD9AmkyPsPnFwJA==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.2.0.tgz", + "integrity": "sha512-O46eaYKDlV3TvAVDNcoDzd5N550ckSe8G4phko++OCSC1dYIb9LTc3HDGYdWqWIAT5qDUKphO6sd9RrpIJJPfg==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0" + "@typescript-eslint/scope-manager": "8.2.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/typescript-estree": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1789,12 +1789,12 @@ } }, "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", + "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", + "@typescript-eslint/types": "8.2.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -6066,20 +6066,20 @@ } }, "node_modules/ts-jest": { - "version": "29.2.4", - "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.4.tgz", - "integrity": "sha512-3d6tgDyhCI29HlpwIq87sNuI+3Q6GLTTCeYRHCs7vDz+/3GCMwEtV9jezLyl4ZtnBgx00I7hm8PCP8cTksMGrw==", + "version": "29.2.5", + "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz", + "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==", "dev": true, "dependencies": { - "bs-logger": "0.x", + "bs-logger": "^0.2.6", "ejs": "^3.1.10", - "fast-json-stable-stringify": "2.x", + "fast-json-stable-stringify": "^2.1.0", "jest-util": "^29.0.0", "json5": "^2.2.3", - "lodash.memoize": "4.x", - "make-error": "1.x", - "semver": "^7.5.3", - "yargs-parser": "^21.0.1" + "lodash.memoize": "^4.1.2", + "make-error": "^1.3.6", + "semver": "^7.6.3", + "yargs-parser": "^21.1.1" }, "bin": { "ts-jest": "cli.js" @@ -6286,14 +6286,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.1.0.tgz", - "integrity": "sha512-prB2U3jXPJLpo1iVLN338Lvolh6OrcCZO+9Yv6AR+tvegPPptYCDBIHiEEUdqRi8gAv2bXNKfMUrgAd2ejn/ow==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.2.0.tgz", + "integrity": "sha512-DmnqaPcML0xYwUzgNbM1XaKXpEb7BShYf2P1tkUmmcl8hyeG7Pj08Er7R9bNy6AufabywzJcOybQAtnD/c9DGw==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.1.0", - "@typescript-eslint/parser": "8.1.0", - "@typescript-eslint/utils": "8.1.0" + "@typescript-eslint/eslint-plugin": "8.2.0", + "@typescript-eslint/parser": "8.2.0", + "@typescript-eslint/utils": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6309,13 +6309,13 @@ } }, "node_modules/typescript-eslint/node_modules/@typescript-eslint/scope-manager": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.1.0.tgz", - "integrity": "sha512-DsuOZQji687sQUjm4N6c9xABJa7fjvfIdjqpSIIVOgaENf2jFXiM9hIBZOL3hb6DHK9Nvd2d7zZnoMLf9e0OtQ==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", + "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0" + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6326,9 +6326,9 @@ } }, "node_modules/typescript-eslint/node_modules/@typescript-eslint/types": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.1.0.tgz", - "integrity": "sha512-q2/Bxa0gMOu/2/AKALI0tCKbG2zppccnRIRCW6BaaTlRVaPKft4oVYPp7WOPpcnsgbr0qROAVCVKCvIQ0tbWog==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", + "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6339,13 +6339,13 @@ } }, "node_modules/typescript-eslint/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.1.0.tgz", - "integrity": "sha512-NTHhmufocEkMiAord/g++gWKb0Fr34e9AExBRdqgWdVBaKoei2dIyYKD9Q0jBnvfbEA5zaf8plUFMUH6kQ0vGg==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", + "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/visitor-keys": "8.1.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/visitor-keys": "8.2.0", "debug": "^4.3.4", "globby": "^11.1.0", "is-glob": "^4.0.3", @@ -6367,15 +6367,15 @@ } }, "node_modules/typescript-eslint/node_modules/@typescript-eslint/utils": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.1.0.tgz", - "integrity": "sha512-ypRueFNKTIFwqPeJBfeIpxZ895PQhNyH4YID6js0UoBImWYoSjBsahUn9KMiJXh94uOjVBgHD9AmkyPsPnFwJA==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.2.0.tgz", + "integrity": "sha512-O46eaYKDlV3TvAVDNcoDzd5N550ckSe8G4phko++OCSC1dYIb9LTc3HDGYdWqWIAT5qDUKphO6sd9RrpIJJPfg==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.1.0", - "@typescript-eslint/types": "8.1.0", - "@typescript-eslint/typescript-estree": "8.1.0" + "@typescript-eslint/scope-manager": "8.2.0", + "@typescript-eslint/types": "8.2.0", + "@typescript-eslint/typescript-estree": "8.2.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6389,12 +6389,12 @@ } }, "node_modules/typescript-eslint/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.1.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.1.0.tgz", - "integrity": "sha512-ba0lNI19awqZ5ZNKh6wCModMwoZs457StTebQ0q1NP58zSi2F6MOZRXwfKZy+jB78JNJ/WH8GSh2IQNzXX8Nag==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", + "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.1.0", + "@typescript-eslint/types": "8.2.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { diff --git a/package.json b/package.json index 922026a1c..22370c880 100644 --- a/package.json +++ b/package.json @@ -14,10 +14,10 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.12", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.4.0", + "@types/node": "^22.5.0", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.1.0", - "@typescript-eslint/parser": "^8.1.0", + "@typescript-eslint/eslint-plugin": "^8.2.0", + "@typescript-eslint/parser": "^8.2.0", "caller": "^1.1.0", "debug": "^4.3.6", "eslint": "^8.57.0", @@ -35,11 +35,11 @@ "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", "simple-git": "^3.25.0", - "ts-jest": "^29.2.4", + "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.5.4", - "typescript-eslint": "^8.1.0", + "typescript-eslint": "^8.2.0", "yaml": "^2.5.0" }, "bundleDependencies": [ From 8caa1242a02679d7e16b1f69e9a4c7a5cce3a755 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 20:39:22 -0700 Subject: [PATCH 06/27] Bump the dependencies group with 3 updates (#860) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action). Updates `github/codeql-action` from 3.26.5 to 3.26.6
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.26.6 - 29 Aug 2024

  • Update default CodeQL bundle version to 2.18.3. #2449

3.26.5 - 23 Aug 2024

  • Fix an issue where the csrutil system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #2441

3.26.4 - 21 Aug 2024

  • Deprecation: The add-snippets input on the analyze Action is deprecated and will be removed in the first release in August 2025. #2436
  • Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434

3.26.3 - 19 Aug 2024

  • Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430

3.26.2 - 14 Aug 2024

  • Update default CodeQL bundle version to 2.18.2. #2417

3.26.1 - 13 Aug 2024

No user facing changes.

3.26.0 - 06 Aug 2024

  • Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403
  • Bump the minimum CodeQL bundle version to 2.13.5. #2408

3.25.15 - 26 Jul 2024

  • Update default CodeQL bundle version to 2.18.1. #2385

3.25.14 - 25 Jul 2024

  • Experimental: add a new start-proxy action which starts the same HTTP proxy as used by github/dependabot-action. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2376

3.25.13 - 19 Jul 2024

... (truncated)

Commits
  • 4dd1613 Merge pull request #2452 from github/update-v3.26.6-7233ec5e6
  • dd9dd2d Update changelog for v3.26.6
  • 7233ec5 Merge pull request #2449 from github/update-bundle/codeql-bundle-v2.18.3
  • a32c44d Add changelog note
  • 2966897 Update default bundle to codeql-bundle-v2.18.3
  • b8efe4d Merge pull request #2435 from github/update-supported-enterprise-server-versions
  • ab408a8 Merge branch 'main' into update-supported-enterprise-server-versions
  • 864b979 Merge pull request #2443 from github/dbartol/config-file-telemetry
  • d36c7aa Merge pull request #2448 from github/dependabot/npm_and_yarn/npm-09b7c43f6b
  • b3bf514 Update checked-in dependencies
  • Additional commits viewable in compare view

Updates `actions/upload-artifact` from 4.3.6 to 4.4.0
Release notes

Sourced from actions/upload-artifact's releases.

v4.4.0

Notice: Breaking Changes :warning:

We will no longer include hidden files and folders by default in the upload-artifact action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, include-hidden-files, to continue to do so.

See "Notice of upcoming deprecations and breaking changes in GitHub Actions runners" changelog and this issue for more details.

What's Changed

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0

Commits
  • 5076954 Merge pull request #598 from actions/joshmgross/exclude-hidden-files
  • d52396a Add a warning about enabling include-hidden-files
  • 710f362 Remove "merged" from include-hidden-files input description
  • 3b315f2 npm run release again 🙂
  • 3be2180 Remove another trailing comma
  • 453e8d0 Update glob license
  • 0a398c1 npm run release
  • a0c40cf Update to latest @actions/glob and fix tests
  • acb59e4 lint
  • cb6558b Exclude hidden files by default
  • See full diff in compare view

Updates `slackapi/slack-github-action` from 1.26.0 to 1.27.0
Release notes

Sourced from slackapi/slack-github-action's releases.

Slack Send V1.27.0

What's changed

This release introduces an optional payload-delimiter parameter for flattening nested objects with a customized delimiter before the payload is sent to Slack Workflow Builder when using workflow webhook triggers.

  - name: Send a custom flattened payload
    uses: slackapi/slack-github-action@v1.27.0
+   with:
+     payload-delimiter: "_"
    env:
      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

Setting this value to an underscore (_) is recommended when using nested inputs within Workflow Builder to match expected input formats of Workflow Builder, but the actual value can be changed to something else! This "flattening" behavior did exist prior to this version, but used a period (.) which is not valid for webook inputs in Workflow Builder.

The resulting output of flattened objects is not always clear, but the following can hopefully serve as a quick reference as well as these specs when using _ as the delimiter:

Input:

{
    "apples": "tree",
    "bananas": {
        "truthiness": true
    }
}

Output:

{
    "apples": "tree",
    "bananas_truthiness": "true"
}

Notice that bananas_truthiness is also stringified in this process, as part of updating values to match the expected inputs of Workflow Builder!

Changes

In addition to the changes above, the following lists all of the changes since the prior version with the complete changelog changes found here: https://github.com/slackapi/slack-github-action/compare/v1.26.0...v1.27.0

🎁 Enhancements

... (truncated)

Commits
  • 37ebaef Automatic compilation
  • 5d1fb07 chore(release): tag version 1.27.0
  • 3bc0671 chore(deps): bump axios to 1.7.5 (#332)
  • b452451 feat: make the payload delimiter configurable for workflow webhook triggers (...
  • c50e848 build(deps-dev): bump mocha from 10.5.2 to 10.7.0 (#328)
  • e4a9c4b build(deps): bump @​slack/web-api from 7.2.0 to 7.3.2 (#327)
  • 9a7f0fa build(deps-dev): bump chai from 4.4.1 to 4.5.0 (#326)
  • 73b7062 build(deps-dev): bump eslint-plugin-jsdoc from 48.5.0 to 48.10.2 (#325)
  • 3d5207b build(deps): bump https-proxy-agent from 7.0.4 to 7.0.5 (#320)
  • 4e15b6a build(deps): bump @​slack/web-api from 7.0.4 to 7.2.0 (#323)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/nightly.yaml | 4 ++-- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/upload_results.reusable.yaml | 8 ++++---- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 40c9b2156..728bc44f7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 + uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 + uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 + uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index 66966bfe8..9d8a80242 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -183,7 +183,7 @@ jobs: - name: Upload Test Outputs for Upload Job # Only upload results from latest. Always run, except when cancelled. if: (failure() || success()) && matrix.linter-version == 'Latest' - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json @@ -244,7 +244,7 @@ jobs: - name: Upload Test Outputs for Notification Job # Always run, except when cancelled. if: (failure() || success()) - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: tools-${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index baf986d4a..64c7d848a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -57,7 +57,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: Upload artifact - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: SARIF file path: results.sarif @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5 + uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: sarif_file: results.sarif diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 28762ee5e..8b0255bd3 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -98,7 +98,7 @@ jobs: echo "::endgroup::" - name: Slack Notification For Missing Artifacts - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: steps.download-ubuntu.outcome == 'failure' || steps.download-macos.outcome == 'failure' || steps.download-windows.outcome == 'failure' @@ -181,7 +181,7 @@ jobs: # Slack notifications - name: Slack Notification For Failures - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: always() && steps.parse.outputs.failures == 'true' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -190,7 +190,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Staging Upload Failure - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: inputs.upload-validated-versions == true && steps.upload-staging.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -211,7 +211,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Prod Upload Failure - uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 + uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0 if: inputs.upload-validated-versions == true && steps.upload-prod.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} From c22374971ce9d3ed66d60c2a6a0d302565cecb67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 20:39:55 -0700 Subject: [PATCH 07/27] Bump the dependencies group with 7 updates (#861) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 7 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.5.0` | `22.5.1` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.2.0` | `8.3.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.2.0` | `8.3.0` | | [eslint-import-resolver-typescript](https://github.com/import-js/eslint-import-resolver-typescript) | `3.6.1` | `3.6.3` | | [eslint-plugin-import-x](https://github.com/un-ts/eslint-plugin-import-x) | `3.1.0` | `4.1.1` | | [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `28.8.0` | `28.8.1` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.2.0` | `8.3.0` | Updates `@types/node` from 22.5.0 to 22.5.1
Commits

Updates `@typescript-eslint/eslint-plugin` from 8.2.0 to 8.3.0
Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.3.0

8.3.0 (2024-08-26)

🚀 Features

  • eslint-plugin: [no-deprecation] add rule (#9783)
  • typescript-estree: replace globby w/ fast-glob (#9518)
  • typescript-estree: reload project service once when file config isn't found (#9853)

🩹 Fixes

  • ast-spec: use Expression in argument of ThrowStatement (#9632)
  • eslint-plugin: [no-unnecessary-template-expression] add missing parentheses in autofix (#8673)
  • eslint-plugin: [no-unnecessary-type-parameters] check mapped alias type arguments (#9741)
  • utils: add missing TSSatisfiesExpression in RuleListenerBaseSelectors (#9832)
  • utils: add TSDeclareFunction to functionTypeTypes (#9788)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.3.0 (2024-08-26)

🚀 Features

  • eslint-plugin: [no-deprecation] add rule

🩹 Fixes

  • eslint-plugin: [no-unnecessary-template-expression] add missing parentheses in autofix

  • eslint-plugin: [no-unnecessary-type-parameters] check mapped alias type arguments

  • utils: add TSDeclareFunction to functionTypeTypes

  • ast-spec: use Expression in argument of ThrowStatement

❤️ Thank You

  • Abraham Guo
  • Daichi Kamiyama
  • Josh Goldberg ✨
  • Kim Sang Du
  • Sukka
  • Vida Xie

You can read about our versioning strategy and releases on our website.

Commits
  • ef2eab1 chore(release): publish 8.3.0
  • fd55358 chore: enable sonarjs/no-duplicated-branches (#9821)
  • 9f70ed1 fix(ast-spec): use Expression in argument of ThrowStatement (#9632)
  • 7160687 chore: enable unicorn/no-lonely-if (#9830)
  • 6377f18 fix(utils): add TSDeclareFunction to functionTypeTypes (#9788)
  • 8389e06 docs(eslint-plugin): [restrict-template-expressions] add explanation for allo...
  • 57e4120 feat(eslint-plugin): [no-deprecation] add rule (#9783)
  • 94f7c99 fix(eslint-plugin): [no-unnecessary-type-parameters] check mapped alias type ...
  • 1c2938f chore: enable object-shorthand (#9816)
  • 90655d1 fix(eslint-plugin): [no-unnecessary-template-expression] add missing parenthe...
  • See full diff in compare view

Updates `@typescript-eslint/parser` from 8.2.0 to 8.3.0
Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.3.0

8.3.0 (2024-08-26)

🚀 Features

  • eslint-plugin: [no-deprecation] add rule (#9783)
  • typescript-estree: replace globby w/ fast-glob (#9518)
  • typescript-estree: reload project service once when file config isn't found (#9853)

🩹 Fixes

  • ast-spec: use Expression in argument of ThrowStatement (#9632)
  • eslint-plugin: [no-unnecessary-template-expression] add missing parentheses in autofix (#8673)
  • eslint-plugin: [no-unnecessary-type-parameters] check mapped alias type arguments (#9741)
  • utils: add missing TSSatisfiesExpression in RuleListenerBaseSelectors (#9832)
  • utils: add TSDeclareFunction to functionTypeTypes (#9788)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.3.0 (2024-08-26)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates `eslint-import-resolver-typescript` from 3.6.1 to 3.6.3
Release notes

Sourced from eslint-import-resolver-typescript's releases.

v3.6.3

Patch Changes

Changelog

Sourced from eslint-import-resolver-typescript's changelog.

3.6.3

Patch Changes

3.6.2

Patch Changes

Commits
  • 3dfad60 chore(deps): update dependency node to v18.20.4 (#309)
  • 47561fb chore(deps): update dependency @​changesets/cli to ^2.27.7 (#308)
  • c9b5626 chore: release eslint-import-resolver-typescript (#302)
  • f8d7b82 fix(#303): use @nolyfill/is-core-module (#305)
  • a4c6c78 fix: ignore bun built-in modules (#288)
  • 79148f4 chore: release eslint-import-resolver-typescript (#301)
  • ff3d3c6 chore(deps): remove is-core-module dependency (#295)
  • 10f9b17 Allow either import or import-x plugin as a peer dependency (#294)
  • b777b44 ci(workflows/ci): setup node before enabling corepack (#300)
  • 4f9db59 chore(deps): update dependency node to v18.20.3 (#297)
  • Additional commits viewable in compare view

Updates `eslint-plugin-import-x` from 3.1.0 to 4.1.1
Release notes

Sourced from eslint-plugin-import-x's releases.

v4.1.1

Patch Changes

  • #133 757ffa9 Thanks @​SukkaW! - Fix #123 where the rule no-named-as-default would have confuse TypeScript namespace exports with actual exports.

v4.1.0

Minor Changes

  • #122 cd52e86 Thanks @​michaelfaith! - Add ESLint flat configuration presets. You can access them with:

    import eslintPluginImportX from
"eslint-plugin-import-x";

    eslintPluginImportX.flatConfigs.recommended;
    
eslintPluginImportX.flatConfigs.react;
    
eslintPluginImportX.flatConfigs.typescript;
    
eslintPluginImportX.flatConfigs.electron;

  • #132 9948c78 Thanks @​SukkaW! - Added no-rename-default that forbid importing a default export by a different name. Originally created by @​whitneyit, ported by @​SukkaW

v4.0.0

Major Changes

  • #112 4ba14da Thanks @​SukkaW! - Use typescript-eslint v8. The minimum supported ESLint version is now >= 8.57.0 and the minimum required Node.js version is now 18.18.0.
Changelog

Sourced from eslint-plugin-import-x's changelog.

4.1.1

Patch Changes

  • #133 757ffa9 Thanks @​SukkaW! - Fix #123 where the rule no-named-as-default will confuse TypeScript namespace exports with actual exports.

4.1.0

Minor Changes

  • #122 cd52e86 Thanks @​michaelfaith! - Add ESLint flat configuration presets. You can access them with:

    import eslintPluginImportX from
"eslint-plugin-import-x";

    eslintPluginImportX.flatConfigs.recommended;
    
eslintPluginImportX.flatConfigs.react;
    
eslintPluginImportX.flatConfigs.typescript;
    
eslintPluginImportX.flatConfigs.electron;

  • #132 9948c78 Thanks @​SukkaW! - Added no-rename-default that forbid importing a default export by a different name. Originally created by @​whitneyit, ported by @​SukkaW

4.0.0

Major Changes

  • #112 4ba14da Thanks @​SukkaW! - Use typescript-eslint v8. The minimum supported ESLint version is now >= 8.57.0 and the minimum required Node.js version is now 18.18.0.
Commits

Updates `eslint-plugin-jest` from 28.8.0 to 28.8.1
Release notes

Sourced from eslint-plugin-jest's releases.

v28.8.1

28.8.1 (2024-08-29)

Bug Fixes

  • prefer-importing-jest-globals: support typescript-eslint parser (#1639) (307f6a7)
Changelog

Sourced from eslint-plugin-jest's changelog.

28.8.1 (2024-08-29)

Bug Fixes

  • prefer-importing-jest-globals: support typescript-eslint parser (#1639) (307f6a7)
Commits
  • 1df45e9 chore(release): 28.8.1 [skip ci]
  • 307f6a7 fix(prefer-importing-jest-globals): support typescript-eslint parser (#1639)
  • 267702d chore(deps): lock file maintenance
  • f969f92 chore(deps): lock file maintenance
  • f5f3e99 chore(deps): lock file maintenance
  • See full diff in compare view

Updates `typescript-eslint` from 8.2.0 to 8.3.0
Release notes

Sourced from typescript-eslint's releases.

v8.3.0

8.3.0 (2024-08-26)

🚀 Features

  • eslint-plugin: [no-deprecation] add rule (#9783)
  • typescript-estree: replace globby w/ fast-glob (#9518)
  • typescript-estree: reload project service once when file config isn't found (#9853)

🩹 Fixes

  • ast-spec: use Expression in argument of ThrowStatement (#9632)
  • eslint-plugin: [no-unnecessary-template-expression] add missing parentheses in autofix (#8673)
  • eslint-plugin: [no-unnecessary-type-parameters] check mapped alias type arguments (#9741)
  • utils: add missing TSSatisfiesExpression in RuleListenerBaseSelectors (#9832)
  • utils: add TSDeclareFunction to functionTypeTypes (#9788)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.3.0 (2024-08-26)

🚀 Features

  • eslint-plugin: [no-deprecation] add rule

❤️ Thank You

  • Abraham Guo
  • Daichi Kamiyama
  • Josh Goldberg ✨
  • Kim Sang Du
  • Sukka
  • Vida Xie

You can read about our versioning strategy and releases on our website.

Commits
  • ef2eab1 chore(release): publish 8.3.0
  • d4f6943 chore: enable eslint-plugin-perfectionist on typescript-eslint package (#9851)
  • 57e4120 feat(eslint-plugin): [no-deprecation] add rule (#9783)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 729 ++++++++-------------------------------------- package.json | 14 +- 2 files changed, 134 insertions(+), 609 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3371e9521..696b55a26 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,18 +16,18 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.12", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.0", + "@types/node": "^22.5.1", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.2.0", - "@typescript-eslint/parser": "^8.2.0", + "@typescript-eslint/eslint-plugin": "^8.3.0", + "@typescript-eslint/parser": "^8.3.0", "caller": "^1.1.0", "debug": "^4.3.6", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", - "eslint-import-resolver-typescript": "^3.5.2", + "eslint-import-resolver-typescript": "^3.6.3", "eslint-plugin-import": "^2.29.1", - "eslint-plugin-import-x": "^3.1.0", - "eslint-plugin-jest": "^28.8.0", + "eslint-plugin-import-x": "^4.1.1", + "eslint-plugin-jest": "^28.8.1", "eslint-plugin-n": "^17.10.2", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", @@ -41,7 +41,7 @@ "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.5.4", - "typescript-eslint": "^8.2.0", + "typescript-eslint": "^8.3.0", "yaml": "^2.5.0" }, "engines": { @@ -1177,6 +1177,15 @@ "node": ">= 8" } }, + "node_modules/@nolyfill/is-core-module": { + "version": "1.0.39", + "resolved": "https://registry.npmjs.org/@nolyfill/is-core-module/-/is-core-module-1.0.39.tgz", + "integrity": "sha512-nn5ozdjYQpUCZlWGuxcJY/KpxkWQs4DcbMCmKojjyrYDEAGy4Ce19NN4v5MduafTwJlbKc99UA8YhSVqq9yPZA==", + "dev": true, + "engines": { + "node": ">=12.4.0" + } + }, "node_modules/@pkgr/core": { "version": "0.1.1", "resolved": "https://registry.npmjs.org/@pkgr/core/-/core-0.1.1.tgz", @@ -1354,9 +1363,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.5.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.0.tgz", - "integrity": "sha512-DkFrJOe+rfdHTqqMg0bSNlGlQ85hSoh2TPzZyhHsXnMtligRWpxUySiyw8FY14ITt24HVCiQPWxS3KO/QlGmWg==", + "version": "22.5.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.1.tgz", + "integrity": "sha512-KkHsxej0j9IW1KKOOAA/XBA0z08UFSrRQHErzEfA3Vgq57eXIMYboIlHJuYIfd+lwCQjtKqUu3UnmKbtUc9yRw==", "dev": true, "dependencies": { "undici-types": "~6.19.2" @@ -1387,16 +1396,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.2.0.tgz", - "integrity": "sha512-02tJIs655em7fvt9gps/+4k4OsKULYGtLBPJfOsmOq1+3cdClYiF0+d6mHu6qDnTcg88wJBkcPLpQhq7FyDz0A==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.3.0.tgz", + "integrity": "sha512-FLAIn63G5KH+adZosDYiutqkOkYEx0nvcwNNfJAf+c7Ae/H35qWwTYvPZUKFj5AS+WfHG/WJJfWnDnyNUlp8UA==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.2.0", - "@typescript-eslint/type-utils": "8.2.0", - "@typescript-eslint/utils": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0", + "@typescript-eslint/scope-manager": "8.3.0", + "@typescript-eslint/type-utils": "8.3.0", + "@typescript-eslint/utils": "8.3.0", + "@typescript-eslint/visitor-keys": "8.3.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1419,137 +1428,16 @@ } } }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/scope-manager": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", - "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/types": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", - "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", - "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0", - "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", - "ts-api-utils": "^1.3.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/utils": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.2.0.tgz", - "integrity": "sha512-O46eaYKDlV3TvAVDNcoDzd5N550ckSe8G4phko++OCSC1dYIb9LTc3HDGYdWqWIAT5qDUKphO6sd9RrpIJJPfg==", - "dev": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.2.0", - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/typescript-estree": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependencies": { - "eslint": "^8.57.0 || ^9.0.0" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", - "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/@typescript-eslint/eslint-plugin/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@typescript-eslint/parser": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.2.0.tgz", - "integrity": "sha512-j3Di+o0lHgPrb7FxL3fdEy6LJ/j2NE8u+AP/5cQ9SKb+JLH6V6UHDqJ+e0hXBkHP1wn1YDFjYCS9LBQsZDlDEg==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.3.0.tgz", + "integrity": "sha512-h53RhVyLu6AtpUzVCYLPhZGL5jzTD9fZL+SYf/+hYOx2bDkyQXztXSc4tbvKYHzfMXExMLiL9CWqJmVz6+78IQ==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.2.0", - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/typescript-estree": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0", + "@typescript-eslint/scope-manager": "8.3.0", + "@typescript-eslint/types": "8.3.0", + "@typescript-eslint/typescript-estree": "8.3.0", + "@typescript-eslint/visitor-keys": "8.3.0", "debug": "^4.3.4" }, "engines": { @@ -1568,168 +1456,15 @@ } } }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/scope-manager": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", - "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/types": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", - "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", - "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0", - "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", - "ts-api-utils": "^1.3.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/@typescript-eslint/parser/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", - "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/@typescript-eslint/parser/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@typescript-eslint/scope-manager": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-7.17.0.tgz", - "integrity": "sha512-0P2jTTqyxWp9HiKLu/Vemr2Rg1Xb5B7uHItdVZ6iAenXmPo4SZ86yOPCJwMqpCyaMiEHTNqizHfsbmCFT1x9SA==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.3.0.tgz", + "integrity": "sha512-mz2X8WcN2nVu5Hodku+IR8GgCOl4C0G/Z1ruaWN4dgec64kDBabuXyPAr+/RgJtumv8EEkqIzf3X2U5DUKB2eg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "7.17.0", - "@typescript-eslint/visitor-keys": "7.17.0" - }, - "engines": { - "node": "^18.18.0 || >=20.0.0" + "@typescript-eslint/types": "8.3.0", + "@typescript-eslint/visitor-keys": "8.3.0" }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.2.0.tgz", - "integrity": "sha512-g1CfXGFMQdT5S+0PSO0fvGXUaiSkl73U1n9LTK5aRAFnPlJ8dLKkXr4AaLFvPedW8lVDoMgLLE3JN98ZZfsj0w==", - "dev": true, - "dependencies": { - "@typescript-eslint/typescript-estree": "8.2.0", - "@typescript-eslint/utils": "8.2.0", - "debug": "^4.3.4", - "ts-api-utils": "^1.3.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/scope-manager": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", - "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/types": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", - "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", - "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, @@ -1738,19 +1473,15 @@ "url": "https://opencollective.com/typescript-eslint" } }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", - "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", + "node_modules/@typescript-eslint/type-utils": { + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.3.0.tgz", + "integrity": "sha512-wrV6qh//nLbfXZQoj32EXKmwHf4b7L+xXLrP3FZ0GOUU72gSvLjeWUl5J5Ue5IwRxIV1TfF73j/eaBapxx99Lg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0", + "@typescript-eslint/typescript-estree": "8.3.0", + "@typescript-eslint/utils": "8.3.0", "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", "ts-api-utils": "^1.3.0" }, "engines": { @@ -1766,76 +1497,13 @@ } } }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/utils": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.2.0.tgz", - "integrity": "sha512-O46eaYKDlV3TvAVDNcoDzd5N550ckSe8G4phko++OCSC1dYIb9LTc3HDGYdWqWIAT5qDUKphO6sd9RrpIJJPfg==", - "dev": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.2.0", - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/typescript-estree": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependencies": { - "eslint": "^8.57.0 || ^9.0.0" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", - "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/@typescript-eslint/type-utils/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/@typescript-eslint/types": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-7.17.0.tgz", - "integrity": "sha512-a29Ir0EbyKTKHnZWbNsrc/gqfIBqYPwj3F2M+jWE/9bqfEHg0AMtXzkbUkOG6QgEScxh2+Pz9OXe11jHDnHR7A==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.3.0.tgz", + "integrity": "sha512-y6sSEeK+facMaAyixM36dQ5NVXTnKWunfD1Ft4xraYqxP0lC0POJmIaL/mw72CUMqjY9qfyVfXafMeaUj0noWw==", "dev": true, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", @@ -1843,22 +1511,22 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-7.17.0.tgz", - "integrity": "sha512-72I3TGq93t2GoSBWI093wmKo0n6/b7O4j9o8U+f65TVD0FS6bI2180X5eGEr8MA8PhKMvYe9myZJquUT2JkCZw==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.3.0.tgz", + "integrity": "sha512-Mq7FTHl0R36EmWlCJWojIC1qn/ZWo2YiWYc1XVtasJ7FIgjo0MVv9rZWXEE7IK2CGrtwe1dVOxWwqXUdNgfRCA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "7.17.0", - "@typescript-eslint/visitor-keys": "7.17.0", + "@typescript-eslint/types": "8.3.0", + "@typescript-eslint/visitor-keys": "8.3.0", "debug": "^4.3.4", - "globby": "^11.1.0", + "fast-glob": "^3.3.2", "is-glob": "^4.0.3", "minimatch": "^9.0.4", "semver": "^7.6.0", "ts-api-utils": "^1.3.0" }, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", @@ -1895,38 +1563,38 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-7.17.0.tgz", - "integrity": "sha512-r+JFlm5NdB+JXc7aWWZ3fKSm1gn0pkswEwIYsrGPdsT2GjsRATAKXiNtp3vgAAO1xZhX8alIOEQnNMl3kbTgJw==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.3.0.tgz", + "integrity": "sha512-F77WwqxIi/qGkIGOGXNBLV7nykwfjLsdauRB/DOFPdv6LTF3BHHkBpq81/b5iMPSF055oO2BiivDJV4ChvNtXA==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "7.17.0", - "@typescript-eslint/types": "7.17.0", - "@typescript-eslint/typescript-estree": "7.17.0" + "@typescript-eslint/scope-manager": "8.3.0", + "@typescript-eslint/types": "8.3.0", + "@typescript-eslint/typescript-estree": "8.3.0" }, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", "url": "https://opencollective.com/typescript-eslint" }, "peerDependencies": { - "eslint": "^8.56.0" + "eslint": "^8.57.0 || ^9.0.0" } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "7.17.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-7.17.0.tgz", - "integrity": "sha512-RVGC9UhPOCsfCdI9pU++K4nD7to+jTcMIbXTSOcrLqUEW6gF2pU1UUbYJKc9cvcRSK1UDeMJ7pdMxf4bhMpV/A==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.3.0.tgz", + "integrity": "sha512-RmZwrTbQ9QveF15m/Cl28n0LXD6ea2CjkhH5rQ55ewz3H24w+AMCJHPVYaZ8/0HoG8Z3cLLFFycRXxeO2tz9FA==", "dev": true, "dependencies": { - "@typescript-eslint/types": "7.17.0", + "@typescript-eslint/types": "8.3.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { - "node": "^18.18.0 || >=20.0.0" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "funding": { "type": "opencollective", @@ -2079,14 +1747,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/array-union": { - "version": "2.1.0", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/array.prototype.findlastindex": { "version": "1.2.3", "dev": true, @@ -2602,17 +2262,6 @@ "node": "^14.15.0 || ^16.10.0 || >=18.0.0" } }, - "node_modules/dir-glob": { - "version": "3.0.1", - "dev": true, - "license": "MIT", - "dependencies": { - "path-type": "^4.0.0" - }, - "engines": { - "node": ">=8" - } - }, "node_modules/doctrine": { "version": "3.0.0", "dev": true, @@ -2888,16 +2537,18 @@ } }, "node_modules/eslint-import-resolver-typescript": { - "version": "3.6.1", - "dev": true, - "license": "ISC", - "dependencies": { - "debug": "^4.3.4", - "enhanced-resolve": "^5.12.0", - "eslint-module-utils": "^2.7.4", - "fast-glob": "^3.3.1", - "get-tsconfig": "^4.5.0", - "is-core-module": "^2.11.0", + "version": "3.6.3", + "resolved": "https://registry.npmjs.org/eslint-import-resolver-typescript/-/eslint-import-resolver-typescript-3.6.3.tgz", + "integrity": "sha512-ud9aw4szY9cCT1EWWdGv1L1XR6hh2PaRWif0j2QjQ0pgTY/69iw+W0Z4qZv5wHahOl8isEr+k/JnyAqNQkLkIA==", + "dev": true, + "dependencies": { + "@nolyfill/is-core-module": "1.0.39", + "debug": "^4.3.5", + "enhanced-resolve": "^5.15.0", + "eslint-module-utils": "^2.8.1", + "fast-glob": "^3.3.2", + "get-tsconfig": "^4.7.5", + "is-bun-module": "^1.0.2", "is-glob": "^4.0.3" }, "engines": { @@ -2908,13 +2559,23 @@ }, "peerDependencies": { "eslint": "*", - "eslint-plugin-import": "*" + "eslint-plugin-import": "*", + "eslint-plugin-import-x": "*" + }, + "peerDependenciesMeta": { + "eslint-plugin-import": { + "optional": true + }, + "eslint-plugin-import-x": { + "optional": true + } } }, "node_modules/eslint-module-utils": { - "version": "2.8.0", + "version": "2.8.2", + "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.8.2.tgz", + "integrity": "sha512-3XnC5fDyc8M4J2E8pt8pmSVRX2M+5yWMCfI/kDZwauQeFgzQOuhcRBFKjTeJagqgk4sFKxe1mvNVnaWwImx/Tg==", "dev": true, - "license": "MIT", "dependencies": { "debug": "^3.2.7" }, @@ -2986,27 +2647,28 @@ } }, "node_modules/eslint-plugin-import-x": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-3.1.0.tgz", - "integrity": "sha512-/UbPA+bYY7nIxcjL3kpcDY3UNdoLHFhyBFzHox2M0ypcUoueTn6woZUUmzzi5et/dXChksasYYFeKE2wshOrhg==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.1.1.tgz", + "integrity": "sha512-dBEM8fACIFNt4H7GoOaRmnH6evJW6JSTJTYYgmRd3vI4geBTjgDM/JyUDKUwIw0HDSyI+u7Vs3vFRXUo/BOAtA==", "dev": true, "dependencies": { - "@typescript-eslint/utils": "^7.4.0", + "@typescript-eslint/typescript-estree": "^8.1.0", + "@typescript-eslint/utils": "^8.1.0", "debug": "^4.3.4", "doctrine": "^3.0.0", "eslint-import-resolver-node": "^0.3.9", "get-tsconfig": "^4.7.3", "is-glob": "^4.0.3", "minimatch": "^9.0.3", - "semver": "^7.6.0", + "semver": "^7.6.3", "stable-hash": "^0.0.4", - "tslib": "^2.6.2" + "tslib": "^2.6.3" }, "engines": { - "node": ">=16" + "node": "^18.18.0 || ^20.9.0 || >=21.1.0" }, "peerDependencies": { - "eslint": "^8.56.0 || ^9.0.0-0" + "eslint": "^8.57.0 || ^9.0.0" } }, "node_modules/eslint-plugin-import-x/node_modules/brace-expansion": { @@ -3091,9 +2753,9 @@ } }, "node_modules/eslint-plugin-jest": { - "version": "28.8.0", - "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.0.tgz", - "integrity": "sha512-Tubj1hooFxCl52G4qQu0edzV/+EZzPUeN8p2NnW5uu4fbDs+Yo7+qDVDc4/oG3FbCqEBmu/OC3LSsyiU22oghw==", + "version": "28.8.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.1.tgz", + "integrity": "sha512-G46XMyYu6PtSNJUkQ0hsPjzXYpzq/O4vpCciMizTKRJG8kNsRreGoMRDG6H9FIB/xVgfFuclVnuX4XRvFUzrZQ==", "dev": true, "dependencies": { "@typescript-eslint/utils": "^6.0.0 || ^7.0.0 || ^8.0.0" @@ -3378,9 +3040,10 @@ "license": "Apache-2.0" }, "node_modules/fast-glob": { - "version": "3.3.1", + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz", + "integrity": "sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==", "dev": true, - "license": "MIT", "dependencies": { "@nodelib/fs.stat": "^2.0.2", "@nodelib/fs.walk": "^1.2.3", @@ -3726,25 +3389,6 @@ "url": "https://github.com/sponsors/ljharb" } }, - "node_modules/globby": { - "version": "11.1.0", - "dev": true, - "license": "MIT", - "dependencies": { - "array-union": "^2.1.0", - "dir-glob": "^3.0.1", - "fast-glob": "^3.2.9", - "ignore": "^5.2.0", - "merge2": "^1.4.1", - "slash": "^3.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/gopd": { "version": "1.0.1", "dev": true, @@ -3984,6 +3628,15 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/is-bun-module": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-bun-module/-/is-bun-module-1.1.0.tgz", + "integrity": "sha512-4mTAVPlrXpaN3jtF0lsnPCMGnq4+qZjVIKq0HCpfcqf8OC1SM5oATCIAPM5V5FN05qp2NNnFndphmdZS9CV3hA==", + "dev": true, + "dependencies": { + "semver": "^7.6.3" + } + }, "node_modules/is-callable": { "version": "1.2.7", "dev": true, @@ -5341,14 +4994,6 @@ "dev": true, "license": "MIT" }, - "node_modules/path-type": { - "version": "4.0.0", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=8" - } - }, "node_modules/picocolors": { "version": "1.0.0", "dev": true, @@ -6177,9 +5822,10 @@ } }, "node_modules/tslib": { - "version": "2.6.2", - "dev": true, - "license": "0BSD" + "version": "2.7.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.7.0.tgz", + "integrity": "sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==", + "dev": true }, "node_modules/type-check": { "version": "0.4.0", @@ -6286,72 +5932,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.2.0.tgz", - "integrity": "sha512-DmnqaPcML0xYwUzgNbM1XaKXpEb7BShYf2P1tkUmmcl8hyeG7Pj08Er7R9bNy6AufabywzJcOybQAtnD/c9DGw==", + "version": "8.3.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.3.0.tgz", + "integrity": "sha512-EvWjwWLwwKDIJuBjk2I6UkV8KEQcwZ0VM10nR1rIunRDIP67QJTZAHBXTX0HW/oI1H10YESF8yWie8fRQxjvFA==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.2.0", - "@typescript-eslint/parser": "8.2.0", - "@typescript-eslint/utils": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependenciesMeta": { - "typescript": { - "optional": true - } - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/scope-manager": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.2.0.tgz", - "integrity": "sha512-OFn80B38yD6WwpoHU2Tz/fTz7CgFqInllBoC3WP+/jLbTb4gGPTy9HBSTsbDWkMdN55XlVU0mMDYAtgvlUspGw==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/types": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.2.0.tgz", - "integrity": "sha512-6a9QSK396YqmiBKPkJtxsgZZZVjYQ6wQ/TlI0C65z7vInaETuC6HAHD98AGLC8DyIPqHytvNuS8bBVvNLKyqvQ==", - "dev": true, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/typescript-estree": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.2.0.tgz", - "integrity": "sha512-kiG4EDUT4dImplOsbh47B1QnNmXSoUqOjWDvCJw/o8LgfD0yr7k2uy54D5Wm0j4t71Ge1NkynGhpWdS0dEIAUA==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/visitor-keys": "8.2.0", - "debug": "^4.3.4", - "globby": "^11.1.0", - "is-glob": "^4.0.3", - "minimatch": "^9.0.4", - "semver": "^7.6.0", - "ts-api-utils": "^1.3.0" + "@typescript-eslint/eslint-plugin": "8.3.0", + "@typescript-eslint/parser": "8.3.0", + "@typescript-eslint/utils": "8.3.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6366,69 +5954,6 @@ } } }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/utils": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.2.0.tgz", - "integrity": "sha512-O46eaYKDlV3TvAVDNcoDzd5N550ckSe8G4phko++OCSC1dYIb9LTc3HDGYdWqWIAT5qDUKphO6sd9RrpIJJPfg==", - "dev": true, - "dependencies": { - "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.2.0", - "@typescript-eslint/types": "8.2.0", - "@typescript-eslint/typescript-estree": "8.2.0" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - }, - "peerDependencies": { - "eslint": "^8.57.0 || ^9.0.0" - } - }, - "node_modules/typescript-eslint/node_modules/@typescript-eslint/visitor-keys": { - "version": "8.2.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.2.0.tgz", - "integrity": "sha512-sbgsPMW9yLvS7IhCi8IpuK1oBmtbWUNP+hBdwl/I9nzqVsszGnNGti5r9dUtF5RLivHUFFIdRvLiTsPhzSyJ3Q==", - "dev": true, - "dependencies": { - "@typescript-eslint/types": "8.2.0", - "eslint-visitor-keys": "^3.4.3" - }, - "engines": { - "node": "^18.18.0 || ^20.9.0 || >=21.1.0" - }, - "funding": { - "type": "opencollective", - "url": "https://opencollective.com/typescript-eslint" - } - }, - "node_modules/typescript-eslint/node_modules/brace-expansion": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz", - "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==", - "dev": true, - "dependencies": { - "balanced-match": "^1.0.0" - } - }, - "node_modules/typescript-eslint/node_modules/minimatch": { - "version": "9.0.5", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz", - "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==", - "dev": true, - "dependencies": { - "brace-expansion": "^2.0.1" - }, - "engines": { - "node": ">=16 || 14 >=14.17" - }, - "funding": { - "url": "https://github.com/sponsors/isaacs" - } - }, "node_modules/unbox-primitive": { "version": "1.0.2", "dev": true, diff --git a/package.json b/package.json index 22370c880..21e036b3f 100644 --- a/package.json +++ b/package.json @@ -14,18 +14,18 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.12", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.0", + "@types/node": "^22.5.1", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.2.0", - "@typescript-eslint/parser": "^8.2.0", + "@typescript-eslint/eslint-plugin": "^8.3.0", + "@typescript-eslint/parser": "^8.3.0", "caller": "^1.1.0", "debug": "^4.3.6", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", - "eslint-import-resolver-typescript": "^3.5.2", + "eslint-import-resolver-typescript": "^3.6.3", "eslint-plugin-import": "^2.29.1", - "eslint-plugin-import-x": "^3.1.0", - "eslint-plugin-jest": "^28.8.0", + "eslint-plugin-import-x": "^4.1.1", + "eslint-plugin-jest": "^28.8.1", "eslint-plugin-n": "^17.10.2", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", @@ -39,7 +39,7 @@ "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.5.4", - "typescript-eslint": "^8.2.0", + "typescript-eslint": "^8.3.0", "yaml": "^2.5.0" }, "bundleDependencies": [ From 4edf9311bfc8a270ead79d356915de1b6c97e541 Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Tue, 3 Sep 2024 11:45:40 -0700 Subject: [PATCH 08/27] (Fix): Use correct token input name (#862) I broke this a couple months ago when I removed CI Debugger. We were getting non-fatal [errors](https://github.com/trunk-io/plugins/actions/runs/10687539115/job/29625379323) `Missing trunk api token` for staging uploads --- .github/actions/action_tests/action.yaml | 2 +- .github/actions/linter_tests/action.yaml | 2 +- .github/actions/tool_tests/action.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/action_tests/action.yaml b/.github/actions/action_tests/action.yaml index ec3ba71eb..faac5b6c3 100644 --- a/.github/actions/action_tests/action.yaml +++ b/.github/actions/action_tests/action.yaml @@ -79,7 +79,7 @@ runs: with: junit-paths: junit.xml org-slug: trunk-staging-org - token: ${{ inputs.trunk-token }} + token: ${{ inputs.trunk-staging-token }} continue-on-error: true env: TRUNK_PUBLIC_API_ADDRESS: https://api.trunk-staging.io diff --git a/.github/actions/linter_tests/action.yaml b/.github/actions/linter_tests/action.yaml index 81a9c9f7f..43bc45381 100644 --- a/.github/actions/linter_tests/action.yaml +++ b/.github/actions/linter_tests/action.yaml @@ -128,7 +128,7 @@ runs: with: junit-paths: junit.xml org-slug: trunk-staging-org - token: ${{ inputs.trunk-token }} + token: ${{ inputs.trunk-staging-token }} continue-on-error: true env: TRUNK_PUBLIC_API_ADDRESS: https://api.trunk-staging.io diff --git a/.github/actions/tool_tests/action.yaml b/.github/actions/tool_tests/action.yaml index 795670be7..598f8c7cd 100644 --- a/.github/actions/tool_tests/action.yaml +++ b/.github/actions/tool_tests/action.yaml @@ -96,7 +96,7 @@ runs: with: junit-paths: junit.xml org-slug: trunk-staging-org - token: ${{ inputs.trunk-token }} + token: ${{ inputs.trunk-staging-token }} continue-on-error: true env: TRUNK_PUBLIC_API_ADDRESS: https://api.trunk-staging.io From 2c48cf42ccc18c09838e03c267cbc688f846c54f Mon Sep 17 00:00:00 2001 From: Eli Schleifer <1265982+EliSchleifer@users.noreply.github.com> Date: Tue, 3 Sep 2024 12:30:58 -0700 Subject: [PATCH 09/27] Update definition for trunk-toolbox to include latest support for neveredit rule (#859) 1. trunk toolbox definition and support changes with version 0.4.1. toolbox can now run correctly with hold-the-line standard upstream support. Also adds support for a new rule "neveredit" which protect files from editing once checked in. 2. backwards support for old version of toolbox is maintained. --- .trunk/trunk.yaml | 1 + linters/trunk-toolbox/plugin.yaml | 17 +++- ...runk_toolbox_v0.4.1_do_not_land.check.shot | 85 +++++++++++++++++++ 3 files changed, 99 insertions(+), 4 deletions(-) create mode 100644 linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 547256f05..213a76ad4 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -43,6 +43,7 @@ lint: # enabled linters inherited from github.com/trunk-io/configs plugin - definition-checker - eslint@9.9.0 + - trunk-toolbox@0.4.1 disabled: - pylint # pylint diagnostics are too strict - semgrep diff --git a/linters/trunk-toolbox/plugin.yaml b/linters/trunk-toolbox/plugin.yaml index 5be873d4a..561c98a7d 100644 --- a/linters/trunk-toolbox/plugin.yaml +++ b/linters/trunk-toolbox/plugin.yaml @@ -2,7 +2,7 @@ version: 0.1 downloads: - name: trunk-toolbox - version: 0.3.1 + version: 0.4.1 downloads: - os: linux: unknown-linux-gnu @@ -17,21 +17,30 @@ tools: - name: trunk-toolbox download: trunk-toolbox shims: [trunk-toolbox] - known_good_version: 0.3.1 + known_good_version: 0.4.1 lint: definitions: - name: trunk-toolbox + description: Repository level linting tools main_tool: trunk-toolbox files: [ALL] - description: Collection of universal linting tools commands: - name: lint - run: trunk-toolbox --upstream=${upstream-ref} --results=${tmpfile} ${target} + version: ">=0.4.1" + run: + trunk-toolbox --upstream=${upstream-ref} --cache-dir=${cachedir} --results=${tmpfile} + ${target} output: sarif batch: true success_codes: [0] read_output_from: tmp_file + - name: lint + run: trunk-toolbox --upstream=${upstream-ref} --results=${tmpfile} ${target} + output: sarif + batch: true + success_codes: [0] disable_upstream: true + read_output_from: tmp_file suggest_if: never version_command: parse_regex: ${semver} diff --git a/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot b/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot new file mode 100644 index 000000000..8948a64ac --- /dev/null +++ b/linters/trunk-toolbox/test_data/trunk_toolbox_v0.4.1_do_not_land.check.shot @@ -0,0 +1,85 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Testing linter trunk-toolbox test do_not_land 1`] = ` +{ + "issues": [ + { + "code": "do-not-land", + "column": "3", + "file": "test_data/do_not_land.in.txt", + "issueClass": "ISSUE_CLASS_NEW", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "trunk-toolbox", + "message": "Found 'DONOTLAND'", + "ranges": [ + { + "filePath": "test_data/do_not_land.in.txt", + "length": "9", + "offset": "2", + }, + ], + "targetType": "ALL", + }, + { + "code": "do-not-land", + "column": "3", + "file": "test_data/do_not_land.in.txt", + "issueClass": "ISSUE_CLASS_NEW", + "level": "LEVEL_HIGH", + "line": "2", + "linter": "trunk-toolbox", + "message": "Found 'do-not-land'", + "ranges": [ + { + "filePath": "test_data/do_not_land.in.txt", + "length": "11", + "offset": "14", + }, + ], + "targetType": "ALL", + }, + { + "code": "do-not-land", + "column": "3", + "file": "test_data/do_not_land.in.txt", + "issueClass": "ISSUE_CLASS_NEW", + "level": "LEVEL_HIGH", + "line": "3", + "linter": "trunk-toolbox", + "message": "Found 'do_not_land'", + "ranges": [ + { + "filePath": "test_data/do_not_land.in.txt", + "length": "11", + "offset": "28", + }, + ], + "targetType": "ALL", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "ALL", + "linter": "trunk-toolbox", + "paths": [ + "test_data/do_not_land.in.txt", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "ALL", + "linter": "trunk-toolbox", + "paths": [ + "test_data/do_not_land.in.txt", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; From f0ed21fc0ddc17b8b843cde88589c966625fee14 Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Tue, 3 Sep 2024 13:55:18 -0700 Subject: [PATCH 10/27] (Fix): Disable caching for pyright (#863) Similar to eslint, pyright needs to be aware of the rest of the repo for imports, which means we can't make an isolated caching sandbox. We should default this off --- linters/pyright/plugin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linters/pyright/plugin.yaml b/linters/pyright/plugin.yaml index 9939a4d07..9625a550f 100644 --- a/linters/pyright/plugin.yaml +++ b/linters/pyright/plugin.yaml @@ -19,7 +19,7 @@ lint: success_codes: [0, 1] read_output_from: stdout batch: true - cache_results: true + cache_results: false parser: runtime: python run: python3 ${plugin}/linters/pyright/pyright_to_sarif.py From bb7104bb557df11df5e9a571e657da2a7e79ecd0 Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Wed, 4 Sep 2024 11:58:13 -0700 Subject: [PATCH 11/27] Upgrade trunk to 1.22.5-beta.3 (#854) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Trunk](https://static.trunk.io/assets/trunk_action_upgrade_banner.png)](https://trunk.io) cli upgraded: 1.22.4-beta.1 → 1.22.5-beta.3 1 linter was upgraded: - eslint 9.9.0 → 9.9.1 This PR was generated by the [Trunk Action]. For more info, see our [docs] or reach out on [Slack]. [Trunk Action]: https://github.com/trunk-io/trunk-action [docs]: https://docs.trunk.io [Slack]: https://slack.trunk.io/ Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> --- .trunk/trunk.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index 213a76ad4..c5da79967 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -2,7 +2,7 @@ version: 0.1 # version used for local trunk runs and testing cli: - version: 1.22.4-beta.1 + version: 1.22.5-beta.3 shell_hooks: enforce: true @@ -42,7 +42,7 @@ lint: enabled: # enabled linters inherited from github.com/trunk-io/configs plugin - definition-checker - - eslint@9.9.0 + - eslint@9.9.1 - trunk-toolbox@0.4.1 disabled: - pylint # pylint diagnostics are too strict From bf141a3af858e2a245529cece2a20b535c44f29a Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Thu, 5 Sep 2024 10:05:01 -0700 Subject: [PATCH 12/27] Auto-add missing snapshots (#864) Create new snapshots from https://github.com/trunk-io/plugins/actions/runs/10716406926 Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> --- .../test_data/regal_v0.26.0_basic.check.shot | 101 ++++++++++++++++++ 1 file changed, 101 insertions(+) create mode 100644 linters/regal/test_data/regal_v0.26.0_basic.check.shot diff --git a/linters/regal/test_data/regal_v0.26.0_basic.check.shot b/linters/regal/test_data/regal_v0.26.0_basic.check.shot new file mode 100644 index 000000000..f848c5b2b --- /dev/null +++ b/linters/regal/test_data/regal_v0.26.0_basic.check.shot @@ -0,0 +1,101 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP +// trunk-upgrade-validation:RELEASE + +exports[`Testing linter regal test basic 1`] = ` +{ + "issues": [ + { + "code": "opa-fmt", + "column": "1", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "regal", + "message": "File should be formatted with \`opa fmt\`", + "targetType": "rego", + }, + { + "code": "directory-package-mismatch", + "column": "9", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "regal", + "message": "Directory structure should mirror package", + "targetType": "rego", + }, + { + "code": "prefer-snake-case", + "column": "1", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "12", + "linter": "regal", + "message": "Prefer snake_case for names", + "ranges": [ + { + "filePath": "test_data/basic.in.rego", + "length": "10", + "offset": "119", + }, + ], + "targetType": "rego", + }, + { + "code": "non-raw-regex-pattern", + "column": "27", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "12", + "linter": "regal", + "message": "Use raw strings for regex patterns", + "ranges": [ + { + "filePath": "test_data/basic.in.rego", + "length": "18", + "offset": "145", + }, + ], + "targetType": "rego", + }, + { + "code": "use-assignment-operator", + "column": "15", + "file": "test_data/basic.in.rego", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "regal", + "message": "Prefer := over = for assignment", + "targetType": "rego", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "rego", + "linter": "regal", + "paths": [ + "test_data/basic.in.rego", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "rego", + "linter": "regal", + "paths": [ + "test_data/basic.in.rego", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; From 4ac62504e53f180a6596ac9912e19ac7ab86114d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Sep 2024 17:32:32 -0700 Subject: [PATCH 13/27] Bump the dependencies group with 11 updates (#866) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 11 updates: | Package | From | To | | --- | --- | --- | | [@trunkio/launcher](https://trunk.io) | `1.3.1` | `1.3.2` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.5.1` | `22.5.4` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.3.0` | `8.4.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.3.0` | `8.4.0` | | [debug](https://github.com/debug-js/debug) | `4.3.6` | `4.3.7` | | [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import) | `2.29.1` | `2.30.0` | | [eslint-plugin-import-x](https://github.com/un-ts/eslint-plugin-import-x) | `4.1.1` | `4.2.1` | | [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `28.8.1` | `28.8.3` | | [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.25.0` | `3.26.0` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.3.0` | `8.4.0` | | [yaml](https://github.com/eemeli/yaml) | `2.5.0` | `2.5.1` | Updates `@trunkio/launcher` from 1.3.1 to 1.3.2 Updates `@types/node` from 22.5.1 to 22.5.4
Commits

Updates `@typescript-eslint/eslint-plugin` from 8.3.0 to 8.4.0
Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.4.0

8.4.0 (2024-09-02)

🚀 Features

  • typescript-estree: make withoutProjectParserOptions generic (#9877)

❤️ Thank You

  • Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.4.0 (2024-09-02)

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits
  • 3920c93 chore(release): publish 8.4.0
  • 2ad3404 chore: enable unicorn/prefer-export-from and `@typescript-eslint/consistent...
  • 46f27e6 docs: added note on async generator support in require-await (#9795)
  • e5d1ac4 docs: add dedicated TypeOrValueSpecifier docs page (#9875)
  • 5fd4251 docs: fill in most remaining rule option descriptions (#9868)
  • 2421575 docs: add global variable rule disabling FAQ for ESLint (#9865)
  • See full diff in compare view

Updates `@typescript-eslint/parser` from 8.3.0 to 8.4.0
Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.4.0

8.4.0 (2024-09-02)

🚀 Features

  • typescript-estree: make withoutProjectParserOptions generic (#9877)

❤️ Thank You

  • Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.4.0 (2024-09-02)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits
  • 3920c93 chore(release): publish 8.4.0
  • 2ad3404 chore: enable unicorn/prefer-export-from and `@typescript-eslint/consistent...
  • See full diff in compare view

Updates `debug` from 4.3.6 to 4.3.7
Release notes

Sourced from debug's releases.

4.3.7

What's Changed

Full Changelog: https://github.com/debug-js/debug/compare/4.3.6...4.3.7

Commits

Updates `eslint-plugin-import` from 2.29.1 to 2.30.0
Release notes

Sourced from eslint-plugin-import's releases.

v2.30.0

Added

Fixed

Changed

  • [Docs] no-extraneous-dependencies: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
  • [no-unused-modules]: add console message to help debug #2866
  • [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
  • [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
  • [Docs] order: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
  • [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
  • [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
  • [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
  • [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
  • [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
  • [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])

... (truncated)

Changelog

Sourced from eslint-plugin-import's changelog.

[2.30.0] - 2024-09-02

Added

  • [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments (#2942, thanks [@​JiangWeixian])
  • [dynamic-import-chunkname]: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode (#3004, thanks [@​amsardesai])
  • [no-unused-modules]: Add ignoreUnusedTypeExports option (#3011, thanks [@​silverwind])
  • add support for Flat Config (#3018, thanks [@​michaelfaith])

Fixed

Changed

  • [Docs] no-extraneous-dependencies: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
  • [no-unused-modules]: add console message to help debug #2866
  • [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
  • [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
  • [Docs] order: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
  • [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
  • [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
  • [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
  • [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
  • [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
  • [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])
Commits
  • 18787d3 Bump to 2.30.0
  • 9902298 [Deps] update eslint-module-utils
  • 9d194a6 [utils] v2.9.0
  • 0a58d75 [resolvers/webpack] v0.13.9
  • a3015eb [Test] namespace: ensure valid case is actually included
  • 8bdb32b [Test] add explicit marker for trailing whitespace in cases
  • 038c26c [readme] Clarify how to install the plugin
  • 32a2b89 [Fix] order: do not compare first path segment for relative paths (#2682)
  • ee1ea02 [Fix] newline-after-import: fix considerComments option when require
  • 806e3c2 [New] add support for Flat Config
  • Additional commits viewable in compare view

Updates `eslint-plugin-import-x` from 4.1.1 to 4.2.1
Release notes

Sourced from eslint-plugin-import-x's releases.

v4.2.1

Patch Changes

v4.2.0

Minor Changes

Patch Changes

Changelog

Sourced from eslint-plugin-import-x's changelog.

4.2.1

Patch Changes

4.2.0

Minor Changes

Patch Changes

Commits

Updates `eslint-plugin-jest` from 28.8.1 to 28.8.3
Release notes

Sourced from eslint-plugin-jest's releases.

v28.8.3

28.8.3 (2024-09-04)

Bug Fixes

  • prefer-importing-jest-globals: don't add imports in the middle of statements (#1645) (9c4197c)

v28.8.2

28.8.2 (2024-09-02)

Performance Improvements

  • prefer-importing-jest-globals: stop collecting import specifiers for no reason (#1646) (0660242)
Changelog

Sourced from eslint-plugin-jest's changelog.

28.8.3 (2024-09-04)

Bug Fixes

  • prefer-importing-jest-globals: don't add imports in the middle of statements (#1645) (9c4197c)

28.8.2 (2024-09-02)

Performance Improvements

  • prefer-importing-jest-globals: stop collecting import specifiers for no reason (#1646) (0660242)
Commits
  • 497a500 chore(release): 28.8.3 [skip ci]
  • 9c4197c fix(prefer-importing-jest-globals): don't add imports in the middle of statem...
  • 9adda0a chore(release): 28.8.2 [skip ci]
  • 0660242 perf(prefer-importing-jest-globals): stop collecting import specifiers for no...
  • a789420 chore(deps): lock file maintenance
  • See full diff in compare view

Updates `simple-git` from 3.25.0 to 3.26.0
Release notes

Sourced from simple-git's releases.

simple-git@3.26.0

Minor Changes

  • 28d545b: Upgrade build tools and typescript
Changelog

Sourced from simple-git's changelog.

3.26.0

Minor Changes

  • 28d545b: Upgrade build tools and typescript
Commits

Updates `typescript-eslint` from 8.3.0 to 8.4.0
Release notes

Sourced from typescript-eslint's releases.

v8.4.0

8.4.0 (2024-09-02)

🚀 Features

  • typescript-estree: make withoutProjectParserOptions generic (#9877)

❤️ Thank You

  • Josh Goldberg ✨

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.4.0 (2024-09-02)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits
  • 3920c93 chore(release): publish 8.4.0
  • 2ad3404 chore: enable unicorn/prefer-export-from and `@typescript-eslint/consistent...
  • See full diff in compare view

Updates `yaml` from 2.5.0 to 2.5.1
Release notes

Sourced from yaml's releases.

v2.5.1

  • Include range in flow sequence pair maps (#573)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 886 ++++++++++++++++++++++++++++++---------------- package.json | 22 +- 2 files changed, 585 insertions(+), 323 deletions(-) diff --git a/package-lock.json b/package-lock.json index 696b55a26..454edd502 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,23 +11,23 @@ "@jest/console": "^29.4.1", "@jest/reporters": "^29.4.1", "@jest/test-result": "^29.4.1", - "@trunkio/launcher": "^1.3.1", + "@trunkio/launcher": "^1.3.2", "@types/caller": "^1.0.2", "@types/debug": "^4.1.12", "@types/jest": "^29.5.12", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.1", + "@types/node": "^22.5.4", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.3.0", - "@typescript-eslint/parser": "^8.3.0", + "@typescript-eslint/eslint-plugin": "^8.4.0", + "@typescript-eslint/parser": "^8.4.0", "caller": "^1.1.0", - "debug": "^4.3.6", + "debug": "^4.3.7", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", "eslint-import-resolver-typescript": "^3.6.3", - "eslint-plugin-import": "^2.29.1", - "eslint-plugin-import-x": "^4.1.1", - "eslint-plugin-jest": "^28.8.1", + "eslint-plugin-import": "^2.30.0", + "eslint-plugin-import-x": "^4.2.1", + "eslint-plugin-jest": "^28.8.3", "eslint-plugin-n": "^17.10.2", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", @@ -36,13 +36,13 @@ "jest-junit": "^16.0.0", "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", - "simple-git": "^3.25.0", + "simple-git": "^3.26.0", "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.5.4", - "typescript-eslint": "^8.3.0", - "yaml": "^2.5.0" + "typescript-eslint": "^8.4.0", + "yaml": "^2.5.1" }, "engines": { "node": ">=16" @@ -1198,6 +1198,12 @@ "url": "https://opencollective.com/unts" } }, + "node_modules/@rtsao/scc": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/@rtsao/scc/-/scc-1.1.0.tgz", + "integrity": "sha512-zt6OdqaDoOnJ1ZYsCYGt9YmWzDXl4vQdKTyJev62gFhRGKdx7mcT54V9KIjg+d2wi9EXsPvAPKe7i7WjfVWB8g==", + "dev": true + }, "node_modules/@sinclair/typebox": { "version": "0.27.8", "dev": true, @@ -1220,17 +1226,17 @@ } }, "node_modules/@trunkio/launcher": { - "version": "1.3.1", + "version": "1.3.2", + "resolved": "https://registry.npmjs.org/@trunkio/launcher/-/launcher-1.3.2.tgz", + "integrity": "sha512-b5XTWaCjfXDk1wrFKutBqhoc3jVBEjD6l36aUc9AI+QFWWOqX5bLjkgOMAa2krN1QqAjP834wDYIW4n3PvXhCA==", "dev": true, - "license": "ISC", "dependencies": { "semver": "^7.5.4", "tar": "^6.2.0", "yaml": "^2.2.0" }, "bin": { - "trunk": "trunk.js", - "trunk_bash": "trunk" + "trunk": "trunk.js" }, "engines": { "node": ">=18.0.0" @@ -1363,9 +1369,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.5.1", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.1.tgz", - "integrity": "sha512-KkHsxej0j9IW1KKOOAA/XBA0z08UFSrRQHErzEfA3Vgq57eXIMYboIlHJuYIfd+lwCQjtKqUu3UnmKbtUc9yRw==", + "version": "22.5.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.4.tgz", + "integrity": "sha512-FDuKUJQm/ju9fT/SeX/6+gBzoPzlVCzfzmGkwKvRHQVxi4BntVbyIwf6a4Xn62mrvndLiml6z/UBXIdEVjQLXg==", "dev": true, "dependencies": { "undici-types": "~6.19.2" @@ -1396,16 +1402,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.3.0.tgz", - "integrity": "sha512-FLAIn63G5KH+adZosDYiutqkOkYEx0nvcwNNfJAf+c7Ae/H35qWwTYvPZUKFj5AS+WfHG/WJJfWnDnyNUlp8UA==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.4.0.tgz", + "integrity": "sha512-rg8LGdv7ri3oAlenMACk9e+AR4wUV0yrrG+XKsGKOK0EVgeEDqurkXMPILG2836fW4ibokTB5v4b6Z9+GYQDEw==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.3.0", - "@typescript-eslint/type-utils": "8.3.0", - "@typescript-eslint/utils": "8.3.0", - "@typescript-eslint/visitor-keys": "8.3.0", + "@typescript-eslint/scope-manager": "8.4.0", + "@typescript-eslint/type-utils": "8.4.0", + "@typescript-eslint/utils": "8.4.0", + "@typescript-eslint/visitor-keys": "8.4.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1429,15 +1435,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.3.0.tgz", - "integrity": "sha512-h53RhVyLu6AtpUzVCYLPhZGL5jzTD9fZL+SYf/+hYOx2bDkyQXztXSc4tbvKYHzfMXExMLiL9CWqJmVz6+78IQ==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.4.0.tgz", + "integrity": "sha512-NHgWmKSgJk5K9N16GIhQ4jSobBoJwrmURaLErad0qlLjrpP5bECYg+wxVTGlGZmJbU03jj/dfnb6V9bw+5icsA==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.3.0", - "@typescript-eslint/types": "8.3.0", - "@typescript-eslint/typescript-estree": "8.3.0", - "@typescript-eslint/visitor-keys": "8.3.0", + "@typescript-eslint/scope-manager": "8.4.0", + "@typescript-eslint/types": "8.4.0", + "@typescript-eslint/typescript-estree": "8.4.0", + "@typescript-eslint/visitor-keys": "8.4.0", "debug": "^4.3.4" }, "engines": { @@ -1457,13 +1463,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.3.0.tgz", - "integrity": "sha512-mz2X8WcN2nVu5Hodku+IR8GgCOl4C0G/Z1ruaWN4dgec64kDBabuXyPAr+/RgJtumv8EEkqIzf3X2U5DUKB2eg==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.4.0.tgz", + "integrity": "sha512-n2jFxLeY0JmKfUqy3P70rs6vdoPjHK8P/w+zJcV3fk0b0BwRXC/zxRTEnAsgYT7MwdQDt/ZEbtdzdVC+hcpF0A==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.3.0", - "@typescript-eslint/visitor-keys": "8.3.0" + "@typescript-eslint/types": "8.4.0", + "@typescript-eslint/visitor-keys": "8.4.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1474,13 +1480,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.3.0.tgz", - "integrity": "sha512-wrV6qh//nLbfXZQoj32EXKmwHf4b7L+xXLrP3FZ0GOUU72gSvLjeWUl5J5Ue5IwRxIV1TfF73j/eaBapxx99Lg==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.4.0.tgz", + "integrity": "sha512-pu2PAmNrl9KX6TtirVOrbLPLwDmASpZhK/XU7WvoKoCUkdtq9zF7qQ7gna0GBZFN0hci0vHaSusiL2WpsQk37A==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.3.0", - "@typescript-eslint/utils": "8.3.0", + "@typescript-eslint/typescript-estree": "8.4.0", + "@typescript-eslint/utils": "8.4.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -1498,9 +1504,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.3.0.tgz", - "integrity": "sha512-y6sSEeK+facMaAyixM36dQ5NVXTnKWunfD1Ft4xraYqxP0lC0POJmIaL/mw72CUMqjY9qfyVfXafMeaUj0noWw==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.4.0.tgz", + "integrity": "sha512-T1RB3KQdskh9t3v/qv7niK6P8yvn7ja1mS7QK7XfRVL6wtZ8/mFs/FHf4fKvTA0rKnqnYxl/uHFNbnEt0phgbw==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1511,13 +1517,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.3.0.tgz", - "integrity": "sha512-Mq7FTHl0R36EmWlCJWojIC1qn/ZWo2YiWYc1XVtasJ7FIgjo0MVv9rZWXEE7IK2CGrtwe1dVOxWwqXUdNgfRCA==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.4.0.tgz", + "integrity": "sha512-kJ2OIP4dQw5gdI4uXsaxUZHRwWAGpREJ9Zq6D5L0BweyOrWsL6Sz0YcAZGWhvKnH7fm1J5YFE1JrQL0c9dd53A==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.3.0", - "@typescript-eslint/visitor-keys": "8.3.0", + "@typescript-eslint/types": "8.4.0", + "@typescript-eslint/visitor-keys": "8.4.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -1563,15 +1569,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.3.0.tgz", - "integrity": "sha512-F77WwqxIi/qGkIGOGXNBLV7nykwfjLsdauRB/DOFPdv6LTF3BHHkBpq81/b5iMPSF055oO2BiivDJV4ChvNtXA==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.4.0.tgz", + "integrity": "sha512-swULW8n1IKLjRAgciCkTCafyTHHfwVQFt8DovmaF69sKbOxTSFMmIZaSHjqO9i/RV0wIblaawhzvtva8Nmm7lQ==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.3.0", - "@typescript-eslint/types": "8.3.0", - "@typescript-eslint/typescript-estree": "8.3.0" + "@typescript-eslint/scope-manager": "8.4.0", + "@typescript-eslint/types": "8.4.0", + "@typescript-eslint/typescript-estree": "8.4.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1585,12 +1591,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.3.0.tgz", - "integrity": "sha512-RmZwrTbQ9QveF15m/Cl28n0LXD6ea2CjkhH5rQ55ewz3H24w+AMCJHPVYaZ8/0HoG8Z3cLLFFycRXxeO2tz9FA==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.4.0.tgz", + "integrity": "sha512-zTQD6WLNTre1hj5wp09nBIDiOc2U5r/qmzo7wxPn4ZgAjHql09EofqhF9WF+fZHzL5aCyaIpPcT2hyxl73kr9A==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.3.0", + "@typescript-eslint/types": "8.4.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -1718,26 +1724,32 @@ "license": "Python-2.0" }, "node_modules/array-buffer-byte-length": { - "version": "1.0.0", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/array-buffer-byte-length/-/array-buffer-byte-length-1.0.1.tgz", + "integrity": "sha512-ahC5W1xgou+KTXix4sAO8Ki12Q+jf4i0+tmk3sC+zgcynshkHxzpXdImBehiUYKKKDwvfFiJl1tZt6ewscS1Mg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "is-array-buffer": "^3.0.1" + "call-bind": "^1.0.5", + "is-array-buffer": "^3.0.4" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/array-includes": { - "version": "3.1.7", + "version": "3.1.8", + "resolved": "https://registry.npmjs.org/array-includes/-/array-includes-3.1.8.tgz", + "integrity": "sha512-itaWrbYbqpGXkGhZPGUulwnhVf5Hpy1xiCFsGqyIGglbBxmG5vSjxQen3/WGOjPpNEv1RtBLKxbmVXm8HpJStQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1", - "get-intrinsic": "^1.2.1", + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2", + "es-object-atoms": "^1.0.0", + "get-intrinsic": "^1.2.4", "is-string": "^1.0.7" }, "engines": { @@ -1748,15 +1760,17 @@ } }, "node_modules/array.prototype.findlastindex": { - "version": "1.2.3", + "version": "1.2.5", + "resolved": "https://registry.npmjs.org/array.prototype.findlastindex/-/array.prototype.findlastindex-1.2.5.tgz", + "integrity": "sha512-zfETvRFA8o7EiNn++N5f/kaCw221hrpGsDmcpndVupkPzEc1Wuf3VgC0qby1BbHs7f5DVYjgtEU2LLh5bqeGfQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1", - "es-shim-unscopables": "^1.0.0", - "get-intrinsic": "^1.2.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.0.0", + "es-shim-unscopables": "^1.0.2" }, "engines": { "node": ">= 0.4" @@ -1800,15 +1814,18 @@ } }, "node_modules/arraybuffer.prototype.slice": { - "version": "1.0.1", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/arraybuffer.prototype.slice/-/arraybuffer.prototype.slice-1.0.3.tgz", + "integrity": "sha512-bMxMKAjg13EBSVscxTaYA4mRc5t1UAXa2kXiGTNfZ079HIWXEkKmkgFrh/nJqamaLSrXO5H4WFFkPEaLJWbs3A==", "dev": true, - "license": "MIT", "dependencies": { - "array-buffer-byte-length": "^1.0.0", - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "get-intrinsic": "^1.2.1", - "is-array-buffer": "^3.0.2", + "array-buffer-byte-length": "^1.0.1", + "call-bind": "^1.0.5", + "define-properties": "^1.2.1", + "es-abstract": "^1.22.3", + "es-errors": "^1.2.1", + "get-intrinsic": "^1.2.3", + "is-array-buffer": "^3.0.4", "is-shared-array-buffer": "^1.0.2" }, "engines": { @@ -1825,9 +1842,13 @@ "dev": true }, "node_modules/available-typed-arrays": { - "version": "1.0.5", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz", + "integrity": "sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==", "dev": true, - "license": "MIT", + "dependencies": { + "possible-typed-array-names": "^1.0.0" + }, "engines": { "node": ">= 0.4" }, @@ -1998,12 +2019,19 @@ "license": "MIT" }, "node_modules/call-bind": { - "version": "1.0.2", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz", + "integrity": "sha512-GHTSNSYICQ7scH7sZ+M2rFopRoLh8t2bLSW6BbgrtLsahOIB5iyAVJf9GjWK3cYTDaMj4XdBpM1cA6pIS0Kv2w==", "dev": true, - "license": "MIT", "dependencies": { - "function-bind": "^1.1.1", - "get-intrinsic": "^1.0.2" + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "set-function-length": "^1.2.1" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -2180,13 +2208,64 @@ "node": ">= 8" } }, + "node_modules/data-view-buffer": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/data-view-buffer/-/data-view-buffer-1.0.1.tgz", + "integrity": "sha512-0lht7OugA5x3iJLOWFhWK/5ehONdprk0ISXqVFn/NFrDu+cuc8iADFrGQz5BnRK7LLU3JmkbXSxaqX+/mXYtUA==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.6", + "es-errors": "^1.3.0", + "is-data-view": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/data-view-byte-length": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/data-view-byte-length/-/data-view-byte-length-1.0.1.tgz", + "integrity": "sha512-4J7wRJD3ABAzr8wP+OcIcqq2dlUKp4DVflx++hs5h5ZKydWMI6/D/fAot+yh6g2tHh8fLFTvNOaVN357NvSrOQ==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "is-data-view": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/data-view-byte-offset": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/data-view-byte-offset/-/data-view-byte-offset-1.0.0.tgz", + "integrity": "sha512-t/Ygsytq+R995EJ5PZlD4Cu56sWa8InXySaViRzw9apusqsOO2bQP+SbYzAhR0pFKoB+43lYy8rWban9JSuXnA==", + "dev": true, + "dependencies": { + "call-bind": "^1.0.6", + "es-errors": "^1.3.0", + "is-data-view": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/debug": { - "version": "4.3.6", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.6.tgz", - "integrity": "sha512-O/09Bd4Z1fBrU4VzkhFqVgpPzaGbw6Sm9FEkBT1A/YBXQFGuuSxa1dN2nxgxS34JmKXqYx8CZAwEVoJFImUXIg==", + "version": "4.3.7", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.7.tgz", + "integrity": "sha512-Er2nc/H7RrMXZBFCEim6TCmMk02Z8vLC2Rbi1KEBggpo0fS6l0S1nnapwmIi3yW/+GOJap1Krg4w0Hg80oCqgQ==", "dev": true, "dependencies": { - "ms": "2.1.2" + "ms": "^2.1.3" }, "engines": { "node": ">=6.0" @@ -2223,11 +2302,30 @@ "node": ">=0.10.0" } }, + "node_modules/define-data-property": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", + "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", + "dev": true, + "dependencies": { + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "gopd": "^1.0.1" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/define-properties": { - "version": "1.2.0", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.2.1.tgz", + "integrity": "sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==", "dev": true, - "license": "MIT", "dependencies": { + "define-data-property": "^1.0.1", "has-property-descriptors": "^1.0.0", "object-keys": "^1.1.1" }, @@ -2331,49 +2429,57 @@ } }, "node_modules/es-abstract": { - "version": "1.22.1", - "dev": true, - "license": "MIT", - "dependencies": { - "array-buffer-byte-length": "^1.0.0", - "arraybuffer.prototype.slice": "^1.0.1", - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.2", - "es-set-tostringtag": "^2.0.1", + "version": "1.23.3", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.23.3.tgz", + "integrity": "sha512-e+HfNH61Bj1X9/jLc5v1owaLYuHdeHHSQlkhCBiTK8rBvKaULl/beGMxwrMXjpYrv4pz22BlY570vVePA2ho4A==", + "dev": true, + "dependencies": { + "array-buffer-byte-length": "^1.0.1", + "arraybuffer.prototype.slice": "^1.0.3", + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.7", + "data-view-buffer": "^1.0.1", + "data-view-byte-length": "^1.0.1", + "data-view-byte-offset": "^1.0.0", + "es-define-property": "^1.0.0", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.0.0", + "es-set-tostringtag": "^2.0.3", "es-to-primitive": "^1.2.1", - "function.prototype.name": "^1.1.5", - "get-intrinsic": "^1.2.1", - "get-symbol-description": "^1.0.0", + "function.prototype.name": "^1.1.6", + "get-intrinsic": "^1.2.4", + "get-symbol-description": "^1.0.2", "globalthis": "^1.0.3", "gopd": "^1.0.1", - "has": "^1.0.3", - "has-property-descriptors": "^1.0.0", - "has-proto": "^1.0.1", + "has-property-descriptors": "^1.0.2", + "has-proto": "^1.0.3", "has-symbols": "^1.0.3", - "internal-slot": "^1.0.5", - "is-array-buffer": "^3.0.2", + "hasown": "^2.0.2", + "internal-slot": "^1.0.7", + "is-array-buffer": "^3.0.4", "is-callable": "^1.2.7", - "is-negative-zero": "^2.0.2", + "is-data-view": "^1.0.1", + "is-negative-zero": "^2.0.3", "is-regex": "^1.1.4", - "is-shared-array-buffer": "^1.0.2", + "is-shared-array-buffer": "^1.0.3", "is-string": "^1.0.7", - "is-typed-array": "^1.1.10", + "is-typed-array": "^1.1.13", "is-weakref": "^1.0.2", - "object-inspect": "^1.12.3", + "object-inspect": "^1.13.1", "object-keys": "^1.1.1", - "object.assign": "^4.1.4", - "regexp.prototype.flags": "^1.5.0", - "safe-array-concat": "^1.0.0", - "safe-regex-test": "^1.0.0", - "string.prototype.trim": "^1.2.7", - "string.prototype.trimend": "^1.0.6", - "string.prototype.trimstart": "^1.0.6", - "typed-array-buffer": "^1.0.0", - "typed-array-byte-length": "^1.0.0", - "typed-array-byte-offset": "^1.0.0", - "typed-array-length": "^1.0.4", + "object.assign": "^4.1.5", + "regexp.prototype.flags": "^1.5.2", + "safe-array-concat": "^1.1.2", + "safe-regex-test": "^1.0.3", + "string.prototype.trim": "^1.2.9", + "string.prototype.trimend": "^1.0.8", + "string.prototype.trimstart": "^1.0.8", + "typed-array-buffer": "^1.0.2", + "typed-array-byte-length": "^1.0.1", + "typed-array-byte-offset": "^1.0.2", + "typed-array-length": "^1.0.6", "unbox-primitive": "^1.0.2", - "which-typed-array": "^1.1.10" + "which-typed-array": "^1.1.15" }, "engines": { "node": ">= 0.4" @@ -2382,25 +2488,60 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/es-define-property": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", + "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", + "dev": true, + "dependencies": { + "get-intrinsic": "^1.2.4" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "dev": true, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-object-atoms": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.0.0.tgz", + "integrity": "sha512-MZ4iQ6JwHOBQjahnjwaC1ZtIBH+2ohjamzAO3oaHcXYup7qxjF2fixyH+Q71voWHeOkI2q/TnJao/KfXYIZWbw==", + "dev": true, + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/es-set-tostringtag": { - "version": "2.0.1", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.0.3.tgz", + "integrity": "sha512-3T8uNMC3OQTHkFUsFq8r/BwAXLHvU/9O9mE0fBc/MY5iq/8H7ncvO947LmYA6ldWw9Uh8Yhf25zu6n7nML5QWQ==", "dev": true, - "license": "MIT", "dependencies": { - "get-intrinsic": "^1.1.3", - "has": "^1.0.3", - "has-tostringtag": "^1.0.0" + "get-intrinsic": "^1.2.4", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.1" }, "engines": { "node": ">= 0.4" } }, "node_modules/es-shim-unscopables": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/es-shim-unscopables/-/es-shim-unscopables-1.0.2.tgz", + "integrity": "sha512-J3yBRXCzDu4ULnQwxyToo/OjdMx6akgVC7K6few0a7F/0wLtmKKN7I73AH5T2836UuXRqN7Qg+IIUw/+YJksRw==", "dev": true, - "license": "MIT", "dependencies": { - "has": "^1.0.3" + "hasown": "^2.0.0" } }, "node_modules/es-to-primitive": { @@ -2572,9 +2713,9 @@ } }, "node_modules/eslint-module-utils": { - "version": "2.8.2", - "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.8.2.tgz", - "integrity": "sha512-3XnC5fDyc8M4J2E8pt8pmSVRX2M+5yWMCfI/kDZwauQeFgzQOuhcRBFKjTeJagqgk4sFKxe1mvNVnaWwImx/Tg==", + "version": "2.11.0", + "resolved": "https://registry.npmjs.org/eslint-module-utils/-/eslint-module-utils-2.11.0.tgz", + "integrity": "sha512-gbBE5Hitek/oG6MUVj6sFuzEjA/ClzNflVrLovHi/JgLdC7fiN5gLAY1WIPW1a0V5I999MnsrvVrCOGmmVqDBQ==", "dev": true, "dependencies": { "debug": "^3.2.7" @@ -2617,25 +2758,27 @@ } }, "node_modules/eslint-plugin-import": { - "version": "2.29.1", + "version": "2.30.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-import/-/eslint-plugin-import-2.30.0.tgz", + "integrity": "sha512-/mHNE9jINJfiD2EKkg1BKyPyUk4zdnT54YgbOgfjSakWT5oyX/qQLVNTkehyfpcMxZXMy1zyonZ2v7hZTX43Yw==", "dev": true, - "license": "MIT", "dependencies": { - "array-includes": "^3.1.7", - "array.prototype.findlastindex": "^1.2.3", + "@rtsao/scc": "^1.1.0", + "array-includes": "^3.1.8", + "array.prototype.findlastindex": "^1.2.5", "array.prototype.flat": "^1.3.2", "array.prototype.flatmap": "^1.3.2", "debug": "^3.2.7", "doctrine": "^2.1.0", "eslint-import-resolver-node": "^0.3.9", - "eslint-module-utils": "^2.8.0", - "hasown": "^2.0.0", - "is-core-module": "^2.13.1", + "eslint-module-utils": "^2.9.0", + "hasown": "^2.0.2", + "is-core-module": "^2.15.1", "is-glob": "^4.0.3", "minimatch": "^3.1.2", - "object.fromentries": "^2.0.7", - "object.groupby": "^1.0.1", - "object.values": "^1.1.7", + "object.fromentries": "^2.0.8", + "object.groupby": "^1.0.3", + "object.values": "^1.2.0", "semver": "^6.3.1", "tsconfig-paths": "^3.15.0" }, @@ -2647,12 +2790,11 @@ } }, "node_modules/eslint-plugin-import-x": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.1.1.tgz", - "integrity": "sha512-dBEM8fACIFNt4H7GoOaRmnH6evJW6JSTJTYYgmRd3vI4geBTjgDM/JyUDKUwIw0HDSyI+u7Vs3vFRXUo/BOAtA==", + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.2.1.tgz", + "integrity": "sha512-WWi2GedccIJa0zXxx3WDnTgouGQTtdYK1nhXMwywbqqAgB0Ov+p1pYBsWh3VaB0bvBOwLse6OfVII7jZD9xo5Q==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "^8.1.0", "@typescript-eslint/utils": "^8.1.0", "debug": "^4.3.4", "doctrine": "^3.0.0", @@ -2753,9 +2895,9 @@ } }, "node_modules/eslint-plugin-jest": { - "version": "28.8.1", - "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.1.tgz", - "integrity": "sha512-G46XMyYu6PtSNJUkQ0hsPjzXYpzq/O4vpCciMizTKRJG8kNsRreGoMRDG6H9FIB/xVgfFuclVnuX4XRvFUzrZQ==", + "version": "28.8.3", + "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.3.tgz", + "integrity": "sha512-HIQ3t9hASLKm2IhIOqnu+ifw7uLZkIlR7RYNv7fMcEi/p0CIiJmfriStQS2LDkgtY4nyLbIZAD+JL347Yc2ETQ==", "dev": true, "dependencies": { "@typescript-eslint/utils": "^6.0.0 || ^7.0.0 || ^8.0.0" @@ -3184,8 +3326,9 @@ }, "node_modules/for-each": { "version": "0.3.3", + "resolved": "https://registry.npmjs.org/for-each/-/for-each-0.3.3.tgz", + "integrity": "sha512-jqYfLp7mo9vIyQf8ykW2v7A+2N4QjeCeI5+Dz9XraiO1ign81wjiH7Fb9vSOWvQfNtmSa4H2RoQTrrXivdUZmw==", "dev": true, - "license": "MIT", "dependencies": { "is-callable": "^1.1.3" } @@ -3231,14 +3374,15 @@ } }, "node_modules/function.prototype.name": { - "version": "1.1.5", + "version": "1.1.6", + "resolved": "https://registry.npmjs.org/function.prototype.name/-/function.prototype.name-1.1.6.tgz", + "integrity": "sha512-Z5kx79swU5P27WEayXM1tBi5Ze/lbIyiNgU3qyXUOf9b2rgXYyF9Dy9Cx+IQv/Lc8WCG6L82zwUPpSS9hGehIg==", "dev": true, - "license": "MIT", "dependencies": { "call-bind": "^1.0.2", - "define-properties": "^1.1.3", - "es-abstract": "^1.19.0", - "functions-have-names": "^1.2.2" + "define-properties": "^1.2.0", + "es-abstract": "^1.22.1", + "functions-have-names": "^1.2.3" }, "engines": { "node": ">= 0.4" @@ -3249,8 +3393,9 @@ }, "node_modules/functions-have-names": { "version": "1.2.3", + "resolved": "https://registry.npmjs.org/functions-have-names/-/functions-have-names-1.2.3.tgz", + "integrity": "sha512-xckBUXyTIqT97tq2x2AMb+g163b5JFysYk0x4qxNFwbfQkmNZoiRHb6sPzI9/QV33WeuvVYBUIiD4NzNIyqaRQ==", "dev": true, - "license": "MIT", "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -3272,14 +3417,19 @@ } }, "node_modules/get-intrinsic": { - "version": "1.2.1", + "version": "1.2.4", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", + "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", "dev": true, - "license": "MIT", "dependencies": { - "function-bind": "^1.1.1", - "has": "^1.0.3", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", "has-proto": "^1.0.1", - "has-symbols": "^1.0.3" + "has-symbols": "^1.0.3", + "hasown": "^2.0.0" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -3305,12 +3455,14 @@ } }, "node_modules/get-symbol-description": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/get-symbol-description/-/get-symbol-description-1.0.2.tgz", + "integrity": "sha512-g0QYk1dZBxGwk+Ngc+ltRH2IBp2f7zBkBMBJZCDerh6EhlhSR6+9irMCuT/09zD6qkarHUSn529sK/yL4S27mg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.1.1" + "call-bind": "^1.0.5", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4" }, "engines": { "node": ">= 0.4" @@ -3391,8 +3543,9 @@ }, "node_modules/gopd": { "version": "1.0.1", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", + "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", "dev": true, - "license": "MIT", "dependencies": { "get-intrinsic": "^1.1.3" }, @@ -3410,17 +3563,6 @@ "dev": true, "license": "MIT" }, - "node_modules/has": { - "version": "1.0.3", - "dev": true, - "license": "MIT", - "dependencies": { - "function-bind": "^1.1.1" - }, - "engines": { - "node": ">= 0.4.0" - } - }, "node_modules/has-bigints": { "version": "1.0.2", "dev": true, @@ -3438,20 +3580,22 @@ } }, "node_modules/has-property-descriptors": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", + "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", "dev": true, - "license": "MIT", "dependencies": { - "get-intrinsic": "^1.1.1" + "es-define-property": "^1.0.0" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/has-proto": { - "version": "1.0.1", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", + "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", "dev": true, - "license": "MIT", "engines": { "node": ">= 0.4" }, @@ -3471,11 +3615,12 @@ } }, "node_modules/has-tostringtag": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", "dev": true, - "license": "MIT", "dependencies": { - "has-symbols": "^1.0.2" + "has-symbols": "^1.0.3" }, "engines": { "node": ">= 0.4" @@ -3485,9 +3630,10 @@ } }, "node_modules/hasown": { - "version": "2.0.0", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", "dev": true, - "license": "MIT", "dependencies": { "function-bind": "^1.1.2" }, @@ -3572,12 +3718,13 @@ "license": "ISC" }, "node_modules/internal-slot": { - "version": "1.0.5", + "version": "1.0.7", + "resolved": "https://registry.npmjs.org/internal-slot/-/internal-slot-1.0.7.tgz", + "integrity": "sha512-NGnrKwXzSms2qUUih/ILZ5JBqNTSa1+ZmP6flaIp6KmSElgE9qdndzS3cqjrDovwFdmwsGsLdeFgB6suw+1e9g==", "dev": true, - "license": "MIT", "dependencies": { - "get-intrinsic": "^1.2.0", - "has": "^1.0.3", + "es-errors": "^1.3.0", + "hasown": "^2.0.0", "side-channel": "^1.0.4" }, "engines": { @@ -3585,13 +3732,16 @@ } }, "node_modules/is-array-buffer": { - "version": "3.0.2", + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/is-array-buffer/-/is-array-buffer-3.0.4.tgz", + "integrity": "sha512-wcjaerHw0ydZwfhiKbXJWLDY8A7yV7KhjQOpb83hGgGfId/aQa4TOvwyzn2PuswW2gPCYEL/nEAiSVpdOj1lXw==", "dev": true, - "license": "MIT", "dependencies": { "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.0", - "is-typed-array": "^1.1.10" + "get-intrinsic": "^1.2.1" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -3649,11 +3799,30 @@ } }, "node_modules/is-core-module": { - "version": "2.13.1", + "version": "2.15.1", + "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.15.1.tgz", + "integrity": "sha512-z0vtXSwucUJtANQWldhbtbt7BnL0vxiFjIdDLAatwhDYty2bad6s+rijD6Ri4YuYJubLzIJLUidCh09e1djEVQ==", "dev": true, - "license": "MIT", "dependencies": { - "hasown": "^2.0.0" + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/is-data-view": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-data-view/-/is-data-view-1.0.1.tgz", + "integrity": "sha512-AHkaJrsUVW6wq6JS8y3JnM/GJF/9cf+k20+iDzlSaJrinEo5+7vRiteOSwBhHRiAyQATN1AmY4hwzxJKPmYf+w==", + "dev": true, + "dependencies": { + "is-typed-array": "^1.1.13" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -3709,9 +3878,10 @@ } }, "node_modules/is-negative-zero": { - "version": "2.0.2", + "version": "2.0.3", + "resolved": "https://registry.npmjs.org/is-negative-zero/-/is-negative-zero-2.0.3.tgz", + "integrity": "sha512-5KoIu2Ngpyek75jXodFvnafB6DJgr3u8uuK0LEZJjrU19DrMD3EVERaR8sjz8CCGgpZvxPl9SuE1GMVPFHx1mw==", "dev": true, - "license": "MIT", "engines": { "node": ">= 0.4" }, @@ -3751,8 +3921,9 @@ }, "node_modules/is-regex": { "version": "1.1.4", + "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.4.tgz", + "integrity": "sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==", "dev": true, - "license": "MIT", "dependencies": { "call-bind": "^1.0.2", "has-tostringtag": "^1.0.0" @@ -3765,11 +3936,15 @@ } }, "node_modules/is-shared-array-buffer": { - "version": "1.0.2", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/is-shared-array-buffer/-/is-shared-array-buffer-1.0.3.tgz", + "integrity": "sha512-nA2hv5XIhLR3uVzDDfCIknerhx8XUKnstuOERPNNIinXG7v9u+ohXF67vxm4TPTEPU6lm61ZkwP3c9PCB97rhg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2" + "call-bind": "^1.0.7" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -3815,11 +3990,12 @@ } }, "node_modules/is-typed-array": { - "version": "1.1.12", + "version": "1.1.13", + "resolved": "https://registry.npmjs.org/is-typed-array/-/is-typed-array-1.1.13.tgz", + "integrity": "sha512-uZ25/bUAlUY5fR4OKT4rZQEBrzQWYV9ZJYGGsUmEJ6thodVJ1HX64ePQ6Z0qPWP+m+Uq6e9UugrE38jeYsDSMw==", "dev": true, - "license": "MIT", "dependencies": { - "which-typed-array": "^1.1.11" + "which-typed-array": "^1.1.14" }, "engines": { "node": ">= 0.4" @@ -3841,8 +4017,9 @@ }, "node_modules/isarray": { "version": "2.0.5", - "dev": true, - "license": "MIT" + "resolved": "https://registry.npmjs.org/isarray/-/isarray-2.0.5.tgz", + "integrity": "sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw==", + "dev": true }, "node_modules/isexe": { "version": "2.0.0", @@ -4749,9 +4926,10 @@ } }, "node_modules/ms": { - "version": "2.1.2", - "dev": true, - "license": "MIT" + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz", + "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==", + "dev": true }, "node_modules/natural-compare": { "version": "1.4.0", @@ -4788,9 +4966,13 @@ } }, "node_modules/object-inspect": { - "version": "1.12.3", + "version": "1.13.2", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.2.tgz", + "integrity": "sha512-IRZSRuzJiynemAXPYtPe5BoI/RESNYR7TYm50MC5Mqbd3Jmw5y790sErYw3V6SryFJD64b74qQQs9wn5Bg/k3g==", "dev": true, - "license": "MIT", + "engines": { + "node": ">= 0.4" + }, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -4804,12 +4986,13 @@ } }, "node_modules/object.assign": { - "version": "4.1.4", + "version": "4.1.5", + "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.5.tgz", + "integrity": "sha512-byy+U7gp+FVwmyzKPYhW2h5l3crpmGsxl7X2s8y43IgxvG4g3QZ6CffDtsNQy1WsmZpQbO+ybo0AlW7TY6DcBQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", + "call-bind": "^1.0.5", + "define-properties": "^1.2.1", "has-symbols": "^1.0.3", "object-keys": "^1.1.1" }, @@ -4821,13 +5004,15 @@ } }, "node_modules/object.fromentries": { - "version": "2.0.7", + "version": "2.0.8", + "resolved": "https://registry.npmjs.org/object.fromentries/-/object.fromentries-2.0.8.tgz", + "integrity": "sha512-k6E21FzySsSK5a21KRADBd/NGneRegFO5pLHfdQLpRDETUNJueLXs3WCzyQ3tFRDYgbq3KHGXfTbi2bs8WQ6rQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2", + "es-object-atoms": "^1.0.0" }, "engines": { "node": ">= 0.4" @@ -4837,24 +5022,28 @@ } }, "node_modules/object.groupby": { - "version": "1.0.1", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/object.groupby/-/object.groupby-1.0.3.tgz", + "integrity": "sha512-+Lhy3TQTuzXI5hevh8sBGqbmurHbbIjAi0Z4S63nthVLmLxfbj4T54a4CfZrXIrt9iP4mVAPYMo/v99taj3wjQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1", - "get-intrinsic": "^1.2.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.2" + }, + "engines": { + "node": ">= 0.4" } }, "node_modules/object.values": { - "version": "1.1.7", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/object.values/-/object.values-1.2.0.tgz", + "integrity": "sha512-yBYjY9QX2hnRmZHAjG/f13MzmBzxzYgQhFrke06TTyKY5zSTEqkOeukBzIdVA3j3ulu8Qa3MbVFShV7T2RmGtQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "es-abstract": "^1.22.1" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-object-atoms": "^1.0.0" }, "engines": { "node": ">= 0.4" @@ -5077,6 +5266,15 @@ "node": ">=8" } }, + "node_modules/possible-typed-array-names": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/possible-typed-array-names/-/possible-typed-array-names-1.0.0.tgz", + "integrity": "sha512-d7Uw+eZoloe0EHDIYoe+bQ5WXnGMOpmiZFTuMWCwpjzzkL2nTjcKiAk4hh8TjnGye2TwWOk3UXucZ+3rbmBa8Q==", + "dev": true, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/prelude-ls": { "version": "1.2.1", "dev": true, @@ -5195,13 +5393,15 @@ "license": "MIT" }, "node_modules/regexp.prototype.flags": { - "version": "1.5.0", + "version": "1.5.2", + "resolved": "https://registry.npmjs.org/regexp.prototype.flags/-/regexp.prototype.flags-1.5.2.tgz", + "integrity": "sha512-NcDiDkTLuPR+++OCKB0nWafEmhg/Da8aUPLPMQbK+bxKKCm1/S5he+AqYa4PlMCVBalb4/yxIRub6qkEx5yJbw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.2.0", - "functions-have-names": "^1.2.3" + "call-bind": "^1.0.6", + "define-properties": "^1.2.1", + "es-errors": "^1.3.0", + "set-function-name": "^2.0.1" }, "engines": { "node": ">= 0.4" @@ -5324,12 +5524,13 @@ } }, "node_modules/safe-array-concat": { - "version": "1.0.0", + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/safe-array-concat/-/safe-array-concat-1.1.2.tgz", + "integrity": "sha512-vj6RsCsWBCf19jIeHEfkRMw8DPiBb+DMXklQ/1SGDHOMlHdPUkZXFQ2YdplS23zESTijAcurb1aSgJA3AgMu1Q==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.0", + "call-bind": "^1.0.7", + "get-intrinsic": "^1.2.4", "has-symbols": "^1.0.3", "isarray": "^2.0.5" }, @@ -5341,14 +5542,18 @@ } }, "node_modules/safe-regex-test": { - "version": "1.0.0", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/safe-regex-test/-/safe-regex-test-1.0.3.tgz", + "integrity": "sha512-CdASjNJPvRa7roO6Ra/gLYBTzYzzPyyBXxIMdGW3USQLyjWEls2RgW5UBTXaQVp+OrpeCK3bLem8smtmheoRuw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.1.3", + "call-bind": "^1.0.6", + "es-errors": "^1.3.0", "is-regex": "^1.1.4" }, + "engines": { + "node": ">= 0.4" + }, "funding": { "url": "https://github.com/sponsors/ljharb" } @@ -5365,6 +5570,38 @@ "node": ">=10" } }, + "node_modules/set-function-length": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", + "integrity": "sha512-pgRc4hJ4/sNjWCSS9AmnS40x3bNMDTknHgL5UaMBTMyJnU90EgWh1Rz+MC9eFu4BuN/UwZjKQuY/1v3rM7HMfg==", + "dev": true, + "dependencies": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "function-bind": "^1.1.2", + "get-intrinsic": "^1.2.4", + "gopd": "^1.0.1", + "has-property-descriptors": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/set-function-name": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/set-function-name/-/set-function-name-2.0.2.tgz", + "integrity": "sha512-7PGFlmtwsEADb0WYyvCMa1t+yke6daIG4Wirafur5kcf+MhUnPms1UeR0CKQdTZD81yESwMHbtn+TR+dMviakQ==", + "dev": true, + "dependencies": { + "define-data-property": "^1.1.4", + "es-errors": "^1.3.0", + "functions-have-names": "^1.2.3", + "has-property-descriptors": "^1.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/shebang-command": { "version": "2.0.0", "dev": true, @@ -5385,13 +5622,18 @@ } }, "node_modules/side-channel": { - "version": "1.0.4", + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.6.tgz", + "integrity": "sha512-fDW/EZ6Q9RiO8eFG8Hj+7u/oW+XrPTIChwCOM2+th2A6OblDtYYIpve9m+KvI9Z4C9qSEXlaGR6bTEYHReuglA==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.0", - "get-intrinsic": "^1.0.2", - "object-inspect": "^1.9.0" + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.4", + "object-inspect": "^1.13.1" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -5403,9 +5645,9 @@ "license": "ISC" }, "node_modules/simple-git": { - "version": "3.25.0", - "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.25.0.tgz", - "integrity": "sha512-KIY5sBnzc4yEcJXW7Tdv4viEz8KyG+nU0hay+DWZasvdFOYKeUZ6Xc25LUHHjw0tinPT7O1eY6pzX7pRT1K8rw==", + "version": "3.26.0", + "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.26.0.tgz", + "integrity": "sha512-5tbkCSzuskR6uA7uA23yjasmA0RzugVo8QM2bpsnxkrgP13eisFT7TMS4a+xKEJvbmr4qf+l0WT3eKa9IxxUyw==", "dev": true, "dependencies": { "@kwsites/file-exists": "^1.1.1", @@ -5503,13 +5745,15 @@ } }, "node_modules/string.prototype.trim": { - "version": "1.2.7", + "version": "1.2.9", + "resolved": "https://registry.npmjs.org/string.prototype.trim/-/string.prototype.trim-1.2.9.tgz", + "integrity": "sha512-klHuCNxiMZ8MlsOihJhJEBJAiMVqU3Z2nEXWfWnIqjN0gEFS9J9+IxKozWWtQGcgoa1WUZzLjKPTr4ZHNFTFxw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", - "es-abstract": "^1.20.4" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-abstract": "^1.23.0", + "es-object-atoms": "^1.0.0" }, "engines": { "node": ">= 0.4" @@ -5519,26 +5763,31 @@ } }, "node_modules/string.prototype.trimend": { - "version": "1.0.6", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/string.prototype.trimend/-/string.prototype.trimend-1.0.8.tgz", + "integrity": "sha512-p73uL5VCHCO2BZZ6krwwQE3kCzM7NKmis8S//xEC6fQonchbum4eP6kR4DLEjQFO3Wnj3Fuo8NM0kOSjVdHjZQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", - "es-abstract": "^1.20.4" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-object-atoms": "^1.0.0" }, "funding": { "url": "https://github.com/sponsors/ljharb" } }, "node_modules/string.prototype.trimstart": { - "version": "1.0.6", + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/string.prototype.trimstart/-/string.prototype.trimstart-1.0.8.tgz", + "integrity": "sha512-UXSH262CSZY1tfu3G3Secr6uGLCFVPMhIqHjlgCUtCCcgihYc/xKs9djMTMUOb2j1mVSeU8EU6NWc/iQKU6Gfg==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "define-properties": "^1.1.4", - "es-abstract": "^1.20.4" + "call-bind": "^1.0.7", + "define-properties": "^1.2.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -5858,27 +6107,30 @@ } }, "node_modules/typed-array-buffer": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/typed-array-buffer/-/typed-array-buffer-1.0.2.tgz", + "integrity": "sha512-gEymJYKZtKXzzBzM4jqa9w6Q1Jjm7x2d+sh19AdsD4wqnMPDYyvwpsIc2Q/835kHuo3BEQ7CjelGhfTsoBb2MQ==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", - "get-intrinsic": "^1.2.1", - "is-typed-array": "^1.1.10" + "call-bind": "^1.0.7", + "es-errors": "^1.3.0", + "is-typed-array": "^1.1.13" }, "engines": { "node": ">= 0.4" } }, "node_modules/typed-array-byte-length": { - "version": "1.0.0", + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/typed-array-byte-length/-/typed-array-byte-length-1.0.1.tgz", + "integrity": "sha512-3iMJ9q0ao7WE9tWcaYKIptkNBuOIcZCCT0d4MRvuuH88fEoEH62IuQe0OtraD3ebQEoTRk8XCBoknUNc1Y67pw==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", + "call-bind": "^1.0.7", "for-each": "^0.3.3", - "has-proto": "^1.0.1", - "is-typed-array": "^1.1.10" + "gopd": "^1.0.1", + "has-proto": "^1.0.3", + "is-typed-array": "^1.1.13" }, "engines": { "node": ">= 0.4" @@ -5888,15 +6140,17 @@ } }, "node_modules/typed-array-byte-offset": { - "version": "1.0.0", + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/typed-array-byte-offset/-/typed-array-byte-offset-1.0.2.tgz", + "integrity": "sha512-Ous0vodHa56FviZucS2E63zkgtgrACj7omjwd/8lTEMEPFFyjfixMZ1ZXenpgCFBBt4EC1J2XsyVS2gkG0eTFA==", "dev": true, - "license": "MIT", "dependencies": { - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.2", + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.7", "for-each": "^0.3.3", - "has-proto": "^1.0.1", - "is-typed-array": "^1.1.10" + "gopd": "^1.0.1", + "has-proto": "^1.0.3", + "is-typed-array": "^1.1.13" }, "engines": { "node": ">= 0.4" @@ -5906,13 +6160,20 @@ } }, "node_modules/typed-array-length": { - "version": "1.0.4", + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/typed-array-length/-/typed-array-length-1.0.6.tgz", + "integrity": "sha512-/OxDN6OtAk5KBpGb28T+HZc2M+ADtvRxXrKKbUwtsLgdoxgX13hyy7ek6bFRl5+aBs2yZzB0c4CnQfAtVypW/g==", "dev": true, - "license": "MIT", "dependencies": { - "call-bind": "^1.0.2", + "call-bind": "^1.0.7", "for-each": "^0.3.3", - "is-typed-array": "^1.1.9" + "gopd": "^1.0.1", + "has-proto": "^1.0.3", + "is-typed-array": "^1.1.13", + "possible-typed-array-names": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" }, "funding": { "url": "https://github.com/sponsors/ljharb" @@ -5932,14 +6193,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.3.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.3.0.tgz", - "integrity": "sha512-EvWjwWLwwKDIJuBjk2I6UkV8KEQcwZ0VM10nR1rIunRDIP67QJTZAHBXTX0HW/oI1H10YESF8yWie8fRQxjvFA==", + "version": "8.4.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.4.0.tgz", + "integrity": "sha512-67qoc3zQZe3CAkO0ua17+7aCLI0dU+sSQd1eKPGq06QE4rfQjstVXR6woHO5qQvGUa550NfGckT4tzh3b3c8Pw==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.3.0", - "@typescript-eslint/parser": "8.3.0", - "@typescript-eslint/utils": "8.3.0" + "@typescript-eslint/eslint-plugin": "8.4.0", + "@typescript-eslint/parser": "8.4.0", + "@typescript-eslint/utils": "8.4.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -6076,15 +6337,16 @@ } }, "node_modules/which-typed-array": { - "version": "1.1.11", + "version": "1.1.15", + "resolved": "https://registry.npmjs.org/which-typed-array/-/which-typed-array-1.1.15.tgz", + "integrity": "sha512-oV0jmFtUky6CXfkqehVvBP/LSWJ2sy4vWMioiENyJLePrBO/yKyV9OyJySfAKosh+RYkIl5zJCNZ8/4JncrpdA==", "dev": true, - "license": "MIT", "dependencies": { - "available-typed-arrays": "^1.0.5", - "call-bind": "^1.0.2", + "available-typed-arrays": "^1.0.7", + "call-bind": "^1.0.7", "for-each": "^0.3.3", "gopd": "^1.0.1", - "has-tostringtag": "^1.0.0" + "has-tostringtag": "^1.0.2" }, "engines": { "node": ">= 0.4" @@ -6145,9 +6407,9 @@ "license": "ISC" }, "node_modules/yaml": { - "version": "2.5.0", - "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.5.0.tgz", - "integrity": "sha512-2wWLbGbYDiSqqIKoPjar3MPgB94ErzCtrNE1FdqGuaO0pi2JGjmE8aW8TDZwzU7vuxcGRdL/4gPQwQ7hD5AMSw==", + "version": "2.5.1", + "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.5.1.tgz", + "integrity": "sha512-bLQOjaX/ADgQ20isPJRvF0iRUHIxVhYvr53Of7wGcWlO2jvtUlH5m87DsmulFVxRpNLOnI4tB6p/oh8D7kpn9Q==", "dev": true, "bin": { "yaml": "bin.mjs" diff --git a/package.json b/package.json index 21e036b3f..cfba215fa 100644 --- a/package.json +++ b/package.json @@ -9,23 +9,23 @@ "@jest/console": "^29.4.1", "@jest/reporters": "^29.4.1", "@jest/test-result": "^29.4.1", - "@trunkio/launcher": "^1.3.1", + "@trunkio/launcher": "^1.3.2", "@types/caller": "^1.0.2", "@types/debug": "^4.1.12", "@types/jest": "^29.5.12", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.1", + "@types/node": "^22.5.4", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.3.0", - "@typescript-eslint/parser": "^8.3.0", + "@typescript-eslint/eslint-plugin": "^8.4.0", + "@typescript-eslint/parser": "^8.4.0", "caller": "^1.1.0", - "debug": "^4.3.6", + "debug": "^4.3.7", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", "eslint-import-resolver-typescript": "^3.6.3", - "eslint-plugin-import": "^2.29.1", - "eslint-plugin-import-x": "^4.1.1", - "eslint-plugin-jest": "^28.8.1", + "eslint-plugin-import": "^2.30.0", + "eslint-plugin-import-x": "^4.2.1", + "eslint-plugin-jest": "^28.8.3", "eslint-plugin-n": "^17.10.2", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", @@ -34,13 +34,13 @@ "jest-junit": "^16.0.0", "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", - "simple-git": "^3.25.0", + "simple-git": "^3.26.0", "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.5.4", - "typescript-eslint": "^8.3.0", - "yaml": "^2.5.0" + "typescript-eslint": "^8.4.0", + "yaml": "^2.5.1" }, "bundleDependencies": [ "tests" From 019f8141a472989591483fa7a379a71a92c8fc19 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Sep 2024 17:34:07 -0700 Subject: [PATCH 14/27] Bump peter-evans/create-pull-request from 6 to 7 in the dependencies group (#865) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 1 update: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request). Updates `peter-evans/create-pull-request` from 6 to 7
Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v7.0.0

:sparkles: Now supports commit signing with bot-generated tokens! See "What's new" below. :writing_hand::robot:

Behaviour changes

  • Action input git-token has been renamed branch-token, to be more clear about its purpose. The branch-token is the token that the action will use to create and update the branch.
  • The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total of three attempts. Requests hitting a secondary rate limit will not be retried.
  • The pull-request-operation output now returns none when no operation was executed.
  • Removed deprecated output environment variable PULL_REQUEST_NUMBER. Please use the pull-request-number action output instead.

What's new

  • The action can now sign commits as github-actions[bot] when using GITHUB_TOKEN, or your own bot when using GitHub App tokens. See commit signing for details.
  • Action input draft now accepts a new value always-true. This will set the pull request to draft status when the pull request is updated, as well as on creation.
  • A new action input maintainer-can-modify indicates whether maintainers can modify the pull request. The default is true, which retains the existing behaviour of the action.
  • A new output pull-request-commits-verified returns true or false, indicating whether GitHub considers the signature of the branch's commits to be verified.

What's Changed

New Contributors

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v6.1.0...v7.0.0

Create Pull Request v6.1.0

✨ Adds pull-request-branch as an action output.

What's Changed

... (truncated)

Commits
  • 8867c4a fix: handle ambiguous argument failure on diff stat (#3312)
  • 6073f54 build(deps-dev): bump @​typescript-eslint/eslint-plugin (#3291)
  • 6d01b56 build(deps-dev): bump eslint-plugin-import from 2.29.1 to 2.30.0 (#3290)
  • 25cf845 build(deps-dev): bump @​typescript-eslint/parser from 7.17.0 to 7.18.0 (#3289)
  • d87b980 build(deps-dev): bump @​types/node from 18.19.46 to 18.19.48 (#3288)
  • 119d131 build(deps): bump peter-evans/create-pull-request from 6 to 7 (#3283)
  • 73e6230 docs: update readme
  • c0348e8 ci: add v7 to workflow
  • 4320041 feat: signed commits (v7) (#3057)
  • 0c2a66f build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 (#3256)
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6&new-version=7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/upload_results.reusable.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 8b0255bd3..5b2869365 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -278,7 +278,7 @@ jobs: private_key: ${{ secrets.TRUNK_OPEN_PR_APP_PRIVATE_KEY }} - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 with: title: Auto-add missing snapshots body: From a7e3b4675a69e56d878d907397fa7278a187a5fb Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Tue, 10 Sep 2024 16:32:38 -0700 Subject: [PATCH 15/27] (Feat): Add support for squawk (#858) Adds [squawk](https://github.com/sbdchd/squawk#readme), a linter for Postgres migrations. Fixes #857. See note there about line number issues. Special thanks to @fnimick for getting this started. I tried this out on our migration files and it raised a lot of issues, particularly about indexes. Without spending too long, I'm not sure how important those issues are, but I think it's better that this is a `suggest_if: config_present` for the near future. The relevant code owner should do an audit of the issues and config tuning. --- README.md | 3 +- linters/squawk/plugin.yaml | 38 ++++++ linters/squawk/squawk.test.ts | 3 + linters/squawk/test_data/basic.in.sql | 8 ++ .../test_data/squawk_v1.1.2_basic.check.shot | 125 ++++++++++++++++++ linters/terrascan/terrascan.test.ts | 3 +- runtimes/node/plugin.yaml | 4 + 7 files changed, 182 insertions(+), 2 deletions(-) create mode 100644 linters/squawk/plugin.yaml create mode 100644 linters/squawk/squawk.test.ts create mode 100644 linters/squawk/test_data/basic.in.sql create mode 100644 linters/squawk/test_data/squawk_v1.1.2_basic.check.shot diff --git a/README.md b/README.md index 3df95c43b..a1e2c41c3 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ trunk check enable {linter} | Rust | [clippy], [rustfmt] | | Scala | [scalafmt] | | Security | [checkov], [dustilock], [nancy], [osv-scanner], [tfsec], [trivy], [trufflehog], [terrascan] | -| SQL | [sqlfluff], [sqlfmt], [sql-formatter] | +| SQL | [sqlfluff], [sqlfmt], [sql-formatter], [squawk] | | SVG | [svgo] | | Swift | [stringslint], [swiftlint], [swiftformat] | | Terraform | [terraform] (validate and fmt), [checkov], [tflint], [tfsec], [terrascan], [tofu] | @@ -173,6 +173,7 @@ trunk check enable {linter} [sql-formatter]: https://github.com/sql-formatter-org/sql-formatter#readme [sqlfluff]: https://github.com/sqlfluff/sqlfluff#readme [sqlfmt]: https://github.com/tconbeer/sqlfmt#readme +[squawk]: https://github.com/sbdchd/squawk#readme [standardrb]: https://github.com/testdouble/standard#readme [stringslint]: https://github.com/dral3x/StringsLint#readme [stylelint]: https://github.com/stylelint/stylelint#readme diff --git a/linters/squawk/plugin.yaml b/linters/squawk/plugin.yaml new file mode 100644 index 000000000..013084ff0 --- /dev/null +++ b/linters/squawk/plugin.yaml @@ -0,0 +1,38 @@ +version: 0.1 +tools: + definitions: + - name: squawk + runtime: node + package: squawk-cli + # First version to include Windows install. + known_good_version: 1.2.0 + shims: [squawk] +lint: + definitions: + - name: squawk + description: A linter for Postgres migrations + files: [sql] + tools: [squawk] + known_good_version: 1.2.0 + suggest_if: config_present + direct_configs: [.squawk.toml] + commands: + - name: lint + platforms: [windows] + run: ${linter}/node_modules/squawk-cli/js/binaries/squawk --reporter Gcc ${target} + output: regex + success_codes: [0, 1] + batch: true + cache_results: true + parse_regex: + "(?P.*):(?P\\d+):(?P\\d+): (?P\\S*) (?P\\S*) + (?P.*)" + - name: lint + run: squawk --reporter Gcc ${target} + output: regex + success_codes: [0, 1] + batch: true + cache_results: true + parse_regex: + "(?P.*):(?P\\d+):(?P\\d+): (?P\\S*) (?P\\S*) + (?P.*)" diff --git a/linters/squawk/squawk.test.ts b/linters/squawk/squawk.test.ts new file mode 100644 index 000000000..066481afb --- /dev/null +++ b/linters/squawk/squawk.test.ts @@ -0,0 +1,3 @@ +import { linterCheckTest } from "tests"; + +linterCheckTest({ linterName: "squawk" }); diff --git a/linters/squawk/test_data/basic.in.sql b/linters/squawk/test_data/basic.in.sql new file mode 100644 index 000000000..2476e616d --- /dev/null +++ b/linters/squawk/test_data/basic.in.sql @@ -0,0 +1,8 @@ +CREATE TABLE "core_bar" ( + "id" serial NOT NULL PRIMARY KEY, + "alpha" varchar(100) NOT NULL +); + +CREATE INDEX "field_name_idx" ON "table_name" ("field_name"); + +ALTER TABLE table_name ADD CONSTRAINT field_name_constraint UNIQUE (field_name); diff --git a/linters/squawk/test_data/squawk_v1.1.2_basic.check.shot b/linters/squawk/test_data/squawk_v1.1.2_basic.check.shot new file mode 100644 index 000000000..16e369f92 --- /dev/null +++ b/linters/squawk/test_data/squawk_v1.1.2_basic.check.shot @@ -0,0 +1,125 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Testing linter squawk test basic 1`] = ` +{ + "issues": [ + { + "code": "prefer-big-int", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Hitting the max 32 bit integer is possible and may break your application. Use 64bit integer values instead to prevent hitting this limit.", + "targetType": "sql", + }, + { + "code": "prefer-bigint-over-int", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Hitting the max 32 bit integer is possible and may break your application. Use 64bit integer values instead to prevent hitting this limit.", + "targetType": "sql", + }, + { + "code": "prefer-identity", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Serial types have confusing behaviors that make schema management difficult. Use identity columns instead for more features and better usability.", + "targetType": "sql", + }, + { + "code": "prefer-robust-stmts", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Consider wrapping in a transaction or adding a IF NOT EXISTS clause if the statement supports it.", + "targetType": "sql", + }, + { + "code": "prefer-text-field", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "1", + "linter": "squawk", + "message": "Changing the size of a varchar field requires an ACCESS EXCLUSIVE lock. Use a text field with a check constraint.", + "targetType": "sql", + }, + { + "code": "prefer-robust-stmts", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "squawk", + "message": "Consider wrapping in a transaction or adding a IF NOT EXISTS clause if the statement supports it.", + "targetType": "sql", + }, + { + "code": "require-concurrent-index-creation", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "5", + "linter": "squawk", + "message": "Creating an index blocks writes. Create the index CONCURRENTLY.", + "targetType": "sql", + }, + { + "code": "disallowed-unique-constraint", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "7", + "linter": "squawk", + "message": "Adding a UNIQUE constraint requires an ACCESS EXCLUSIVE lock which blocks reads. Create an index CONCURRENTLY and create the constraint using the index.", + "targetType": "sql", + }, + { + "code": "prefer-robust-stmts", + "column": "2", + "file": "test_data/basic.in.sql", + "issueClass": "ISSUE_CLASS_EXISTING", + "level": "LEVEL_HIGH", + "line": "7", + "linter": "squawk", + "message": "Consider wrapping in a transaction or adding a IF NOT EXISTS clause if the statement supports it.", + "targetType": "sql", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "sql", + "linter": "squawk", + "paths": [ + "test_data/basic.in.sql", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "sql", + "linter": "squawk", + "paths": [ + "test_data/basic.in.sql", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/linters/terrascan/terrascan.test.ts b/linters/terrascan/terrascan.test.ts index 8089ac57c..5aadbec40 100644 --- a/linters/terrascan/terrascan.test.ts +++ b/linters/terrascan/terrascan.test.ts @@ -20,4 +20,5 @@ const preCheck = (driver: TrunkLintDriver) => { driver.writeFile(trunkYamlPath, newContents); }; -linterCheckTest({ linterName: "terrascan", preCheck }); +// TODO(Tyler): Fix flakiness with this test. +linterCheckTest({ linterName: "terrascan", preCheck, skipTestIf: () => true }); diff --git a/runtimes/node/plugin.yaml b/runtimes/node/plugin.yaml index 09657f4b5..6720795ed 100644 --- a/runtimes/node/plugin.yaml +++ b/runtimes/node/plugin.yaml @@ -47,6 +47,10 @@ runtimes: - name: NPM_CONFIG_USERCONFIG value: ${env.NPM_CONFIG_USERCONFIG} optional: true + # Necessary for some Windows install scripts + - name: COMSPEC + value: ${env.COMSPEC} + optional: true linter_environment: - name: PATH list: ["${linter}/node_modules/.bin"] From f3f2b7106831203af54fe3068770059e344f7c3d Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Wed, 11 Sep 2024 01:58:49 -0700 Subject: [PATCH 16/27] Upgrade trunk to 1.22.6-beta.2 (#868) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Trunk](https://static.trunk.io/assets/trunk_action_upgrade_banner.png)](https://trunk.io) cli upgraded: 1.22.5-beta.3 → 1.22.6-beta.2 1 linter was upgraded: - eslint 9.9.1 → 9.10.0 This PR was generated by the [Trunk Action]. For more info, see our [docs] or reach out on [Slack]. [Trunk Action]: https://github.com/trunk-io/trunk-action [docs]: https://docs.trunk.io [Slack]: https://slack.trunk.io/ Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> --- .trunk/trunk.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index c5da79967..fba1a4c9c 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -2,7 +2,7 @@ version: 0.1 # version used for local trunk runs and testing cli: - version: 1.22.5-beta.3 + version: 1.22.6-beta.2 shell_hooks: enforce: true @@ -42,7 +42,7 @@ lint: enabled: # enabled linters inherited from github.com/trunk-io/configs plugin - definition-checker - - eslint@9.9.1 + - eslint@9.10.0 - trunk-toolbox@0.4.1 disabled: - pylint # pylint diagnostics are too strict From cfdefbd22811906b46bf6613260d6483d7420fee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 09:56:47 -0700 Subject: [PATCH 17/27] Bump github/codeql-action from 3.26.6 to 3.26.7 in the dependencies group (#871) Bumps the dependencies group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.26.6 to 3.26.7
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.26.7 - 13 Sep 2024

  • Update default CodeQL bundle version to 2.18.4. #2471

3.26.6 - 29 Aug 2024

  • Update default CodeQL bundle version to 2.18.3. #2449

3.26.5 - 23 Aug 2024

  • Fix an issue where the csrutil system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #2441

3.26.4 - 21 Aug 2024

  • Deprecation: The add-snippets input on the analyze Action is deprecated and will be removed in the first release in August 2025. #2436
  • Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434

3.26.3 - 19 Aug 2024

  • Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430

3.26.2 - 14 Aug 2024

  • Update default CodeQL bundle version to 2.18.2. #2417

3.26.1 - 13 Aug 2024

No user facing changes.

3.26.0 - 06 Aug 2024

  • Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403
  • Bump the minimum CodeQL bundle version to 2.13.5. #2408

3.25.15 - 26 Jul 2024

  • Update default CodeQL bundle version to 2.18.1. #2385

3.25.14 - 25 Jul 2024

... (truncated)

Commits
  • 8214744 Merge pull request #2478 from github/update-v3.26.7-4a01ec798
  • a3b3e07 Update changelog for v3.26.7
  • 4a01ec7 Merge pull request #2474 from github/aeisenberg/always-upload-eslint-sarif
  • 762dbae Merge pull request #2471 from github/update-bundle/codeql-bundle-v2.18.4
  • 0d0f998 Always upload eslint.sarif
  • e817992 Merge pull request #2469 from github/aeisenberg/upload-eslint-sarif
  • 49021ad Merge pull request #2472 from rvermeulen/rvermeulen/update-release-branch-authz
  • 56b8418 Ignore suppressed alerts
  • f824adb Merge branch 'main' into rvermeulen/update-release-branch-authz
  • 8d9ed0b Add changelog note
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.6&new-version=3.26.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 728bc44f7..31a533b79 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 64c7d848a..1e0cf727a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: results.sarif From a3fab5153deb6945faddbde92d768a426c04cd15 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 09:57:25 -0700 Subject: [PATCH 18/27] Bump the dependencies group with 6 updates (#870) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 6 updates: | Package | From | To | | --- | --- | --- | | [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) | `29.5.12` | `29.5.13` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.5.4` | `22.5.5` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.4.0` | `8.5.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.4.0` | `8.5.0` | | [typescript](https://github.com/microsoft/TypeScript) | `5.5.4` | `5.6.2` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.4.0` | `8.5.0` | Updates `@types/jest` from 29.5.12 to 29.5.13
Commits

Updates `@types/node` from 22.5.4 to 22.5.5
Commits

Updates `@typescript-eslint/eslint-plugin` from 8.4.0 to 8.5.0
Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.5.0

8.5.0 (2024-09-09)

🚀 Features

  • eslint-plugin: [no-duplicate-type-constituents] prevent unnecessary | undefined for optional parameters (#9479)
  • eslint-plugin: [no-unsafe-argument] differentiate error types (#9920)
  • typescript-estree: default projectService.defaultProject to 'tsconfig.json' (#9893)

🩹 Fixes

  • deps: update dependency prism-react-renderer to v2.4.0 (#9943)
  • eslint-plugin: [no-unnecessary-type-assertion] fix TSNonNullExpression fixer (#9898)
  • eslint-plugin: [no-misused-promises] handle static method (#9951)
  • eslint-plugin: [no-unnecessary-type-parameters] fix AST quick path scope analysis (#9900)
  • eslint-plugin: [consistent-type-assertions] access parser services lazily (#9921)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.5.0 (2024-09-09)

🚀 Features

  • eslint-plugin: [no-duplicate-type-constituents] prevent unnecessary `

  • eslint-plugin: [no-unsafe-argument] differentiate error types

🩹 Fixes

  • eslint-plugin: [no-unnecessary-type-assertion] fix TSNonNullExpression fixer

  • eslint-plugin: [no-misused-promises] handle static method

  • eslint-plugin: [no-unnecessary-type-parameters] fix AST quick path scope analysis

  • eslint-plugin: [consistent-type-assertions] access parser services lazily

❤️ Thank You

  • f44da958e
  • Josh Goldberg ✨
  • Kirk Waiblinger
  • YeonJuan

You can read about our versioning strategy and releases on our website.

Commits
  • 4d31ebe chore(release): publish 8.5.0
  • 918bdf4 fix(eslint-plugin): [consistent-type-assertions] access parser services lazil...
  • 4f6a97b fix(eslint-plugin): [no-unnecessary-type-parameters] fix AST quick path scope...
  • dbcade8 docs: [no-floating-promises] add MDN link regarding void operator (#9953)
  • ead85a3 fix(eslint-plugin): [no-misused-promises] handle static method (#9951)
  • c49b91f feat(eslint-plugin): [no-unsafe-argument] differentiate error types (#9920)
  • 04d1bd0 docs: mark allowRuleToRunWithoutStrictNullChecksIKnowWhatIAmDoing options as ...
  • cafed6d chore: enable unicorn/prefer-array-some (#9932)
  • bee8c9d chore: enable unicorn/prefer-spread (#9834)
  • fe2a16e fix(eslint-plugin): [no-unnecessary-type-assertion] fix TSNonNullExpression f...
  • Additional commits viewable in compare view

Updates `@typescript-eslint/parser` from 8.4.0 to 8.5.0
Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.5.0

8.5.0 (2024-09-09)

🚀 Features

  • eslint-plugin: [no-duplicate-type-constituents] prevent unnecessary | undefined for optional parameters (#9479)
  • eslint-plugin: [no-unsafe-argument] differentiate error types (#9920)
  • typescript-estree: default projectService.defaultProject to 'tsconfig.json' (#9893)

🩹 Fixes

  • deps: update dependency prism-react-renderer to v2.4.0 (#9943)
  • eslint-plugin: [no-unnecessary-type-assertion] fix TSNonNullExpression fixer (#9898)
  • eslint-plugin: [no-misused-promises] handle static method (#9951)
  • eslint-plugin: [no-unnecessary-type-parameters] fix AST quick path scope analysis (#9900)
  • eslint-plugin: [consistent-type-assertions] access parser services lazily (#9921)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.5.0 (2024-09-09)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates `typescript` from 5.5.4 to 5.6.2
Release notes

Sourced from typescript's releases.

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

Commits
  • a7e3374 Bump version to 5.6.2 and LKG
  • 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
  • 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
  • 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
  • 6212132 Update LKG
  • bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
  • e6914a5 Bump version to 5.6.1-rc and LKG
  • 34121c4 Update LKG
  • 2a30c2a Merge remote-tracking branch 'origin/main' into release-5.6
  • 936a79b Expose TypeChecker. getAwaitedType to public (#59268)
  • Additional commits viewable in compare view

Updates `typescript-eslint` from 8.4.0 to 8.5.0
Release notes

Sourced from typescript-eslint's releases.

v8.5.0

8.5.0 (2024-09-09)

🚀 Features

  • eslint-plugin: [no-duplicate-type-constituents] prevent unnecessary | undefined for optional parameters (#9479)
  • eslint-plugin: [no-unsafe-argument] differentiate error types (#9920)
  • typescript-estree: default projectService.defaultProject to 'tsconfig.json' (#9893)

🩹 Fixes

  • deps: update dependency prism-react-renderer to v2.4.0 (#9943)
  • eslint-plugin: [no-unnecessary-type-assertion] fix TSNonNullExpression fixer (#9898)
  • eslint-plugin: [no-misused-promises] handle static method (#9951)
  • eslint-plugin: [no-unnecessary-type-parameters] fix AST quick path scope analysis (#9900)
  • eslint-plugin: [consistent-type-assertions] access parser services lazily (#9921)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.5.0 (2024-09-09)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 125 +++++++++++++++++++++++----------------------- package.json | 12 ++--- 2 files changed, 69 insertions(+), 68 deletions(-) diff --git a/package-lock.json b/package-lock.json index 454edd502..ec445f3bc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,12 +14,12 @@ "@trunkio/launcher": "^1.3.2", "@types/caller": "^1.0.2", "@types/debug": "^4.1.12", - "@types/jest": "^29.5.12", + "@types/jest": "^29.5.13", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.4", + "@types/node": "^22.5.5", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.4.0", - "@typescript-eslint/parser": "^8.4.0", + "@typescript-eslint/eslint-plugin": "^8.5.0", + "@typescript-eslint/parser": "^8.5.0", "caller": "^1.1.0", "debug": "^4.3.7", "eslint": "^8.57.0", @@ -40,8 +40,8 @@ "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", - "typescript": "^5.5.4", - "typescript-eslint": "^8.4.0", + "typescript": "^5.6.2", + "typescript-eslint": "^8.5.0", "yaml": "^2.5.1" }, "engines": { @@ -1342,9 +1342,10 @@ } }, "node_modules/@types/jest": { - "version": "29.5.12", + "version": "29.5.13", + "resolved": "https://registry.npmjs.org/@types/jest/-/jest-29.5.13.tgz", + "integrity": "sha512-wd+MVEZCHt23V0/L642O5APvspWply/rGY5BcW4SUETo2UzPU3Z26qr8jC2qxpimI2jjx9h7+2cj2FwIr01bXg==", "dev": true, - "license": "MIT", "dependencies": { "expect": "^29.0.0", "pretty-format": "^29.0.0" @@ -1369,9 +1370,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.5.4", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.4.tgz", - "integrity": "sha512-FDuKUJQm/ju9fT/SeX/6+gBzoPzlVCzfzmGkwKvRHQVxi4BntVbyIwf6a4Xn62mrvndLiml6z/UBXIdEVjQLXg==", + "version": "22.5.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.5.tgz", + "integrity": "sha512-Xjs4y5UPO/CLdzpgR6GirZJx36yScjh73+2NlLlkFRSoQN8B0DpfXPdZGnvVmLRLOsqDpOfTNv7D9trgGhmOIA==", "dev": true, "dependencies": { "undici-types": "~6.19.2" @@ -1402,16 +1403,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.4.0.tgz", - "integrity": "sha512-rg8LGdv7ri3oAlenMACk9e+AR4wUV0yrrG+XKsGKOK0EVgeEDqurkXMPILG2836fW4ibokTB5v4b6Z9+GYQDEw==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.5.0.tgz", + "integrity": "sha512-lHS5hvz33iUFQKuPFGheAB84LwcJ60G8vKnEhnfcK1l8kGVLro2SFYW6K0/tj8FUhRJ0VHyg1oAfg50QGbPPHw==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.4.0", - "@typescript-eslint/type-utils": "8.4.0", - "@typescript-eslint/utils": "8.4.0", - "@typescript-eslint/visitor-keys": "8.4.0", + "@typescript-eslint/scope-manager": "8.5.0", + "@typescript-eslint/type-utils": "8.5.0", + "@typescript-eslint/utils": "8.5.0", + "@typescript-eslint/visitor-keys": "8.5.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1435,15 +1436,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.4.0.tgz", - "integrity": "sha512-NHgWmKSgJk5K9N16GIhQ4jSobBoJwrmURaLErad0qlLjrpP5bECYg+wxVTGlGZmJbU03jj/dfnb6V9bw+5icsA==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.5.0.tgz", + "integrity": "sha512-gF77eNv0Xz2UJg/NbpWJ0kqAm35UMsvZf1GHj8D9MRFTj/V3tAciIWXfmPLsAAF/vUlpWPvUDyH1jjsr0cMVWw==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.4.0", - "@typescript-eslint/types": "8.4.0", - "@typescript-eslint/typescript-estree": "8.4.0", - "@typescript-eslint/visitor-keys": "8.4.0", + "@typescript-eslint/scope-manager": "8.5.0", + "@typescript-eslint/types": "8.5.0", + "@typescript-eslint/typescript-estree": "8.5.0", + "@typescript-eslint/visitor-keys": "8.5.0", "debug": "^4.3.4" }, "engines": { @@ -1463,13 +1464,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.4.0.tgz", - "integrity": "sha512-n2jFxLeY0JmKfUqy3P70rs6vdoPjHK8P/w+zJcV3fk0b0BwRXC/zxRTEnAsgYT7MwdQDt/ZEbtdzdVC+hcpF0A==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.5.0.tgz", + "integrity": "sha512-06JOQ9Qgj33yvBEx6tpC8ecP9o860rsR22hWMEd12WcTRrfaFgHr2RB/CA/B+7BMhHkXT4chg2MyboGdFGawYg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.4.0", - "@typescript-eslint/visitor-keys": "8.4.0" + "@typescript-eslint/types": "8.5.0", + "@typescript-eslint/visitor-keys": "8.5.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1480,13 +1481,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.4.0.tgz", - "integrity": "sha512-pu2PAmNrl9KX6TtirVOrbLPLwDmASpZhK/XU7WvoKoCUkdtq9zF7qQ7gna0GBZFN0hci0vHaSusiL2WpsQk37A==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.5.0.tgz", + "integrity": "sha512-N1K8Ix+lUM+cIDhL2uekVn/ZD7TZW+9/rwz8DclQpcQ9rk4sIL5CAlBC0CugWKREmDjBzI/kQqU4wkg46jWLYA==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.4.0", - "@typescript-eslint/utils": "8.4.0", + "@typescript-eslint/typescript-estree": "8.5.0", + "@typescript-eslint/utils": "8.5.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -1504,9 +1505,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.4.0.tgz", - "integrity": "sha512-T1RB3KQdskh9t3v/qv7niK6P8yvn7ja1mS7QK7XfRVL6wtZ8/mFs/FHf4fKvTA0rKnqnYxl/uHFNbnEt0phgbw==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.5.0.tgz", + "integrity": "sha512-qjkormnQS5wF9pjSi6q60bKUHH44j2APxfh9TQRXK8wbYVeDYYdYJGIROL87LGZZ2gz3Rbmjc736qyL8deVtdw==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1517,13 +1518,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.4.0.tgz", - "integrity": "sha512-kJ2OIP4dQw5gdI4uXsaxUZHRwWAGpREJ9Zq6D5L0BweyOrWsL6Sz0YcAZGWhvKnH7fm1J5YFE1JrQL0c9dd53A==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.5.0.tgz", + "integrity": "sha512-vEG2Sf9P8BPQ+d0pxdfndw3xIXaoSjliG0/Ejk7UggByZPKXmJmw3GW5jV2gHNQNawBUyfahoSiCFVov0Ruf7Q==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.4.0", - "@typescript-eslint/visitor-keys": "8.4.0", + "@typescript-eslint/types": "8.5.0", + "@typescript-eslint/visitor-keys": "8.5.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -1569,15 +1570,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.4.0.tgz", - "integrity": "sha512-swULW8n1IKLjRAgciCkTCafyTHHfwVQFt8DovmaF69sKbOxTSFMmIZaSHjqO9i/RV0wIblaawhzvtva8Nmm7lQ==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.5.0.tgz", + "integrity": "sha512-6yyGYVL0e+VzGYp60wvkBHiqDWOpT63pdMV2CVG4LVDd5uR6q1qQN/7LafBZtAtNIn/mqXjsSeS5ggv/P0iECw==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.4.0", - "@typescript-eslint/types": "8.4.0", - "@typescript-eslint/typescript-estree": "8.4.0" + "@typescript-eslint/scope-manager": "8.5.0", + "@typescript-eslint/types": "8.5.0", + "@typescript-eslint/typescript-estree": "8.5.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1591,12 +1592,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.4.0.tgz", - "integrity": "sha512-zTQD6WLNTre1hj5wp09nBIDiOc2U5r/qmzo7wxPn4ZgAjHql09EofqhF9WF+fZHzL5aCyaIpPcT2hyxl73kr9A==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.5.0.tgz", + "integrity": "sha512-yTPqMnbAZJNy2Xq2XU8AdtOW9tJIr+UQb64aXB9f3B1498Zx9JorVgFJcZpEc9UBuCCrdzKID2RGAMkYcDtZOw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.4.0", + "@typescript-eslint/types": "8.5.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -6180,9 +6181,9 @@ } }, "node_modules/typescript": { - "version": "5.5.4", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.4.tgz", - "integrity": "sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==", + "version": "5.6.2", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.2.tgz", + "integrity": "sha512-NW8ByodCSNCwZeghjN3o+JX5OFH0Ojg6sadjEKY4huZ52TqbJTJnDo5+Tw98lSy63NZvi4n+ez5m2u5d4PkZyw==", "dev": true, "bin": { "tsc": "bin/tsc", @@ -6193,14 +6194,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.4.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.4.0.tgz", - "integrity": "sha512-67qoc3zQZe3CAkO0ua17+7aCLI0dU+sSQd1eKPGq06QE4rfQjstVXR6woHO5qQvGUa550NfGckT4tzh3b3c8Pw==", + "version": "8.5.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.5.0.tgz", + "integrity": "sha512-uD+XxEoSIvqtm4KE97etm32Tn5MfaZWgWfMMREStLxR6JzvHkc2Tkj7zhTEK5XmtpTmKHNnG8Sot6qDfhHtR1Q==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.4.0", - "@typescript-eslint/parser": "8.4.0", - "@typescript-eslint/utils": "8.4.0" + "@typescript-eslint/eslint-plugin": "8.5.0", + "@typescript-eslint/parser": "8.5.0", + "@typescript-eslint/utils": "8.5.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" diff --git a/package.json b/package.json index cfba215fa..644ee7876 100644 --- a/package.json +++ b/package.json @@ -12,12 +12,12 @@ "@trunkio/launcher": "^1.3.2", "@types/caller": "^1.0.2", "@types/debug": "^4.1.12", - "@types/jest": "^29.5.12", + "@types/jest": "^29.5.13", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.4", + "@types/node": "^22.5.5", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.4.0", - "@typescript-eslint/parser": "^8.4.0", + "@typescript-eslint/eslint-plugin": "^8.5.0", + "@typescript-eslint/parser": "^8.5.0", "caller": "^1.1.0", "debug": "^4.3.7", "eslint": "^8.57.0", @@ -38,8 +38,8 @@ "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", - "typescript": "^5.5.4", - "typescript-eslint": "^8.4.0", + "typescript": "^5.6.2", + "typescript-eslint": "^8.5.0", "yaml": "^2.5.1" }, "bundleDependencies": [ From 0d769b6d3742409443ddd52dd4c2d6e880c30519 Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Thu, 19 Sep 2024 14:26:27 -0700 Subject: [PATCH 19/27] (Feat): Add tool dbt-cli (#872) I added this definition to support a user, figured I'd add it here too Also fixes the squawk test constraints. --- linters/squawk/squawk.test.ts | 6 +++++- tools/dbt-cli/dbt_cli.test.ts | 6 ++++++ tools/dbt-cli/plugin.yaml | 26 ++++++++++++++++++++++++++ 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 tools/dbt-cli/dbt_cli.test.ts create mode 100644 tools/dbt-cli/plugin.yaml diff --git a/linters/squawk/squawk.test.ts b/linters/squawk/squawk.test.ts index 066481afb..470ecbf68 100644 --- a/linters/squawk/squawk.test.ts +++ b/linters/squawk/squawk.test.ts @@ -1,3 +1,7 @@ import { linterCheckTest } from "tests"; -linterCheckTest({ linterName: "squawk" }); +// No release for squawk on arm64 darwin https://github.com/sbdchd/squawk/issues/372 +linterCheckTest({ + linterName: "squawk", + skipTestIf: () => process.arch === "arm64" && process.platform === "darwin", +}); diff --git a/tools/dbt-cli/dbt_cli.test.ts b/tools/dbt-cli/dbt_cli.test.ts new file mode 100644 index 000000000..86fe7224a --- /dev/null +++ b/tools/dbt-cli/dbt_cli.test.ts @@ -0,0 +1,6 @@ +import { toolInstallTest } from "tests"; + +toolInstallTest({ + toolName: "dbt-cli", + toolVersion: "0.38.14", +}); diff --git a/tools/dbt-cli/plugin.yaml b/tools/dbt-cli/plugin.yaml new file mode 100644 index 000000000..a9d14650c --- /dev/null +++ b/tools/dbt-cli/plugin.yaml @@ -0,0 +1,26 @@ +version: 0.1 +downloads: + - name: dbt-cli + version: 0.38.14 + downloads: + - os: + linux: linux + cpu: + x86_64: amd64 + arm_64: arm64 + url: https://github.com/dbt-labs/dbt-cli/releases/download/v${version}/dbt_${version}_${os}_${cpu}.tar.gz + - os: + macos: darwin + url: https://github.com/dbt-labs/dbt-cli/releases/download/v${version}/dbt_${version}_darwin_all.tar.gz + - os: + windows: windows + url: https://github.com/dbt-labs/dbt-cli/releases/download/v${version}/dbt_${version}_windows_amd64.tar.gz +tools: + definitions: + - name: dbt-cli + download: dbt-cli + known_good_version: 0.38.14 + shims: [dbt] + health_checks: + - command: dbt --version + parse_regex: dbt Cloud CLI - ${semver} From b438692c24243df3591e45146fe7fe6ac8c21c3b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 22 Sep 2024 21:54:58 -0700 Subject: [PATCH 20/27] Bump the dependencies group with 2 updates (#874) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 2 updates: [github/codeql-action](https://github.com/github/codeql-action) and [actions/setup-node](https://github.com/actions/setup-node). Updates `github/codeql-action` from 3.26.7 to 3.26.8
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.26.8 - 19 Sep 2024

  • Update default CodeQL bundle version to 2.19.0. #2483

3.26.7 - 13 Sep 2024

  • Update default CodeQL bundle version to 2.18.4. #2471

3.26.6 - 29 Aug 2024

  • Update default CodeQL bundle version to 2.18.3. #2449

3.26.5 - 23 Aug 2024

  • Fix an issue where the csrutil system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #2441

3.26.4 - 21 Aug 2024

  • Deprecation: The add-snippets input on the analyze Action is deprecated and will be removed in the first release in August 2025. #2436
  • Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434

3.26.3 - 19 Aug 2024

  • Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430

3.26.2 - 14 Aug 2024

  • Update default CodeQL bundle version to 2.18.2. #2417

3.26.1 - 13 Aug 2024

No user facing changes.

3.26.0 - 06 Aug 2024

  • Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403
  • Bump the minimum CodeQL bundle version to 2.13.5. #2408

3.25.15 - 26 Jul 2024

... (truncated)

Commits
  • 294a9d9 Merge pull request #2490 from github/update-v3.26.8-64431c66d
  • 00b3604 Update changelog for v3.26.8
  • 64431c6 Merge pull request #2483 from github/update-bundle/codeql-bundle-v2.19.0
  • e0e2d75 Merge branch 'main' into update-bundle/codeql-bundle-v2.19.0
  • cb28816 Merge pull request #2487 from rvermeulen/rvermeulen/uri-errors-as-warnings
  • 498c508 Rebuild JavaScript files
  • a1a585f Merge branch 'main' into rvermeulen/uri-errors-as-warnings
  • 34666c1 Merge pull request #2488 from github/henrymercer/debug-artifacts-better-logging
  • 6e24973 Improve logging for combined SARIF debug artifact
  • d0a3cf2 Improve logging for debug artifacts
  • Additional commits viewable in compare view

Updates `actions/setup-node` from 4.0.3 to 4.0.4
Release notes

Sourced from actions/setup-node's releases.

v4.0.4

What's Changed

Documentation changes:

New Contributors

Full Changelog: https://github.com/actions/setup-node/compare/v4...v4.0.4

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/repo_tests.reusable.yaml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/upload_results.reusable.yaml | 4 ++-- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 31a533b79..c8b6bf5df 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/init@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/autobuild@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 diff --git a/.github/workflows/repo_tests.reusable.yaml b/.github/workflows/repo_tests.reusable.yaml index 843cc25f7..c3e28f4e2 100644 --- a/.github/workflows/repo_tests.reusable.yaml +++ b/.github/workflows/repo_tests.reusable.yaml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup node - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 18 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1e0cf727a..300fc6cfa 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 with: sarif_file: results.sarif diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 5b2869365..7e72f9b58 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -121,7 +121,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Setup Node - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 18 @@ -241,7 +241,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Setup Node - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: 18 From ec02ec51490eb7f1a61f37cb31586e45ce5c21a6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 22 Sep 2024 22:53:27 -0700 Subject: [PATCH 21/27] Bump the dependencies group with 5 updates (#873) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.5.0` | `8.6.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.5.0` | `8.6.0` | | [eslint-plugin-n](https://github.com/eslint-community/eslint-plugin-n) | `17.10.2` | `17.10.3` | | [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.26.0` | `3.27.0` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.5.0` | `8.6.0` | Updates `@typescript-eslint/eslint-plugin` from 8.5.0 to 8.6.0
Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.6.0

8.6.0 (2024-09-16)

🚀 Features

  • add allow option for restrict-template-expressions (#8556)
  • eslint-plugin: [no-unnecessary-condition] check switch cases (#9912)
  • eslint-plugin: [no-misused-promises] check array predicate return (#9955)
  • type-utils: isNullableType add Void logic (#9937)
  • typescript-estree: disable plugin loading by default in project service (#9964)

🩹 Fixes

  • eslint-plugin: [no-deprecated] don't report recursive types in destructuring assignment twice (#9969)
  • eslint-plugin: [no-deprecated] report on deprecated variables used in destructuring assignment (#9978)
  • eslint-plugin: [no-deprecated] report on deprecated properties with function-like types (#9977)
  • eslint-plugin: [no-unnecessary-condition] properly reflect multiple negations in message (#9940)
  • typescript-estree: don't throw on missing tsconfig.json by default in project service (#9989)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.6.0 (2024-09-16)

🚀 Features

  • add allow option for restrict-template-expressions

  • type-utils: isNullableType add Void logic

  • eslint-plugin: [no-unnecessary-condition] check switch cases

  • eslint-plugin: [no-misused-promises] check array predicate return

🩹 Fixes

  • eslint-plugin: [no-deprecated] don't report recursive types in destructuring assignment twice

  • eslint-plugin: [no-deprecated] report on deprecated variables used in destructuring assignment

  • eslint-plugin: [no-deprecated] report on deprecated properties with function-like types

  • eslint-plugin: [no-unnecessary-condition] properly reflect multiple negations in message

❤️ Thank You

  • Abraham Guo
  • auvred
  • Josh Goldberg ✨
  • Kim Sang Du
  • YeonJuan

You can read about our versioning strategy and releases on our website.

Commits
  • 343710e chore(release): publish 8.6.0
  • 454d37e feat(eslint-plugin): [no-misused-promises] check array predicate return (#9955)
  • af92611 feat: add allow option for restrict-template-expressions (#8556)
  • 2a809e2 test(eslint-plugin): [no-unnecessary-type-parameters] add tests with intrinsi...
  • 682299e feat(eslint-plugin): [no-unnecessary-condition] check switch cases (#9912)
  • 77e65df fix(eslint-plugin): [no-unnecessary-condition] properly reflect multiple nega...
  • c11ca06 chore(eslint-plugin): make utility for static member access (#9836)
  • 2a956b2 fix(eslint-plugin): [no-deprecated] report on deprecated properties with func...
  • 9a80067 fix(eslint-plugin): [no-deprecated] report on deprecated variables used in de...
  • 3710c9c feat(type-utils): isNullableType add Void logic (#9937)
  • Additional commits viewable in compare view

Updates `@typescript-eslint/parser` from 8.5.0 to 8.6.0
Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.6.0

8.6.0 (2024-09-16)

🚀 Features

  • add allow option for restrict-template-expressions (#8556)
  • eslint-plugin: [no-unnecessary-condition] check switch cases (#9912)
  • eslint-plugin: [no-misused-promises] check array predicate return (#9955)
  • type-utils: isNullableType add Void logic (#9937)
  • typescript-estree: disable plugin loading by default in project service (#9964)

🩹 Fixes

  • eslint-plugin: [no-deprecated] don't report recursive types in destructuring assignment twice (#9969)
  • eslint-plugin: [no-deprecated] report on deprecated variables used in destructuring assignment (#9978)
  • eslint-plugin: [no-deprecated] report on deprecated properties with function-like types (#9977)
  • eslint-plugin: [no-unnecessary-condition] properly reflect multiple negations in message (#9940)
  • typescript-estree: don't throw on missing tsconfig.json by default in project service (#9989)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.6.0 (2024-09-16)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates `eslint-plugin-n` from 17.10.2 to 17.10.3
Release notes

Sourced from eslint-plugin-n's releases.

v17.10.3

17.10.3 (2024-09-18)

🩹 Fixes

  • Use our data set to work out if a module is a node module (#338) (6a1b2c5)

📚 Documentation

  • process-exit-as-throw: update wording (#323) (e5e758e)
Changelog

Sourced from eslint-plugin-n's changelog.

17.10.3 (2024-09-18)

🩹 Fixes

  • Use our data set to work out if a module is a node module (#338) (6a1b2c5)

📚 Documentation

  • process-exit-as-throw: update wording (#323) (e5e758e)
Commits

Updates `simple-git` from 3.26.0 to 3.27.0
Release notes

Sourced from simple-git's releases.

simple-git@3.27.0

Minor Changes

  • 52f767b: Add similarity to the DiffResultNameStatusFile interface used when fetching log/diff with the --name-status option.
  • 739b0d9: Diff summary includes original name of renamed files when run wiht the --name-status option.
  • bc90e7e: Fixes an issue with reporting name changes in the files array returned by git.status. Thank you @​mark-codesphere for the contribution.

Patch Changes

  • 03e1c64: Resolve error in log parsing when fields have empty values.
Changelog

Sourced from simple-git's changelog.

3.27.0

Minor Changes

  • 52f767b: Add similarity to the DiffResultNameStatusFile interface used when fetching log/diff with the --name-status option.
  • 739b0d9: Diff summary includes original name of renamed files when run wiht the --name-status option.
  • bc90e7e: Fixes an issue with reporting name changes in the files array returned by git.status. Thank you @​mark-codesphere for the contribution.

Patch Changes

  • 03e1c64: Resolve error in log parsing when fields have empty values.
Commits

Updates `typescript-eslint` from 8.5.0 to 8.6.0
Release notes

Sourced from typescript-eslint's releases.

v8.6.0

8.6.0 (2024-09-16)

🚀 Features

  • add allow option for restrict-template-expressions (#8556)
  • eslint-plugin: [no-unnecessary-condition] check switch cases (#9912)
  • eslint-plugin: [no-misused-promises] check array predicate return (#9955)
  • type-utils: isNullableType add Void logic (#9937)
  • typescript-estree: disable plugin loading by default in project service (#9964)

🩹 Fixes

  • eslint-plugin: [no-deprecated] don't report recursive types in destructuring assignment twice (#9969)
  • eslint-plugin: [no-deprecated] report on deprecated variables used in destructuring assignment (#9978)
  • eslint-plugin: [no-deprecated] report on deprecated properties with function-like types (#9977)
  • eslint-plugin: [no-unnecessary-condition] properly reflect multiple negations in message (#9940)
  • typescript-estree: don't throw on missing tsconfig.json by default in project service (#9989)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.6.0 (2024-09-16)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 118 +++++++++++++++++++++++----------------------- package.json | 10 ++-- 2 files changed, 64 insertions(+), 64 deletions(-) diff --git a/package-lock.json b/package-lock.json index ec445f3bc..5be9668c6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,8 +18,8 @@ "@types/jest-specific-snapshot": "^0.5.9", "@types/node": "^22.5.5", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.5.0", - "@typescript-eslint/parser": "^8.5.0", + "@typescript-eslint/eslint-plugin": "^8.6.0", + "@typescript-eslint/parser": "^8.6.0", "caller": "^1.1.0", "debug": "^4.3.7", "eslint": "^8.57.0", @@ -28,7 +28,7 @@ "eslint-plugin-import": "^2.30.0", "eslint-plugin-import-x": "^4.2.1", "eslint-plugin-jest": "^28.8.3", - "eslint-plugin-n": "^17.10.2", + "eslint-plugin-n": "^17.10.3", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", "fast-sort": "^3.4.1", @@ -36,12 +36,12 @@ "jest-junit": "^16.0.0", "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", - "simple-git": "^3.26.0", + "simple-git": "^3.27.0", "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.6.2", - "typescript-eslint": "^8.5.0", + "typescript-eslint": "^8.6.0", "yaml": "^2.5.1" }, "engines": { @@ -1403,16 +1403,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.5.0.tgz", - "integrity": "sha512-lHS5hvz33iUFQKuPFGheAB84LwcJ60G8vKnEhnfcK1l8kGVLro2SFYW6K0/tj8FUhRJ0VHyg1oAfg50QGbPPHw==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.6.0.tgz", + "integrity": "sha512-UOaz/wFowmoh2G6Mr9gw60B1mm0MzUtm6Ic8G2yM1Le6gyj5Loi/N+O5mocugRGY+8OeeKmkMmbxNqUCq3B4Sg==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.5.0", - "@typescript-eslint/type-utils": "8.5.0", - "@typescript-eslint/utils": "8.5.0", - "@typescript-eslint/visitor-keys": "8.5.0", + "@typescript-eslint/scope-manager": "8.6.0", + "@typescript-eslint/type-utils": "8.6.0", + "@typescript-eslint/utils": "8.6.0", + "@typescript-eslint/visitor-keys": "8.6.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1436,15 +1436,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.5.0.tgz", - "integrity": "sha512-gF77eNv0Xz2UJg/NbpWJ0kqAm35UMsvZf1GHj8D9MRFTj/V3tAciIWXfmPLsAAF/vUlpWPvUDyH1jjsr0cMVWw==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.6.0.tgz", + "integrity": "sha512-eQcbCuA2Vmw45iGfcyG4y6rS7BhWfz9MQuk409WD47qMM+bKCGQWXxvoOs1DUp+T7UBMTtRTVT+kXr7Sh4O9Ow==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.5.0", - "@typescript-eslint/types": "8.5.0", - "@typescript-eslint/typescript-estree": "8.5.0", - "@typescript-eslint/visitor-keys": "8.5.0", + "@typescript-eslint/scope-manager": "8.6.0", + "@typescript-eslint/types": "8.6.0", + "@typescript-eslint/typescript-estree": "8.6.0", + "@typescript-eslint/visitor-keys": "8.6.0", "debug": "^4.3.4" }, "engines": { @@ -1464,13 +1464,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.5.0.tgz", - "integrity": "sha512-06JOQ9Qgj33yvBEx6tpC8ecP9o860rsR22hWMEd12WcTRrfaFgHr2RB/CA/B+7BMhHkXT4chg2MyboGdFGawYg==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.6.0.tgz", + "integrity": "sha512-ZuoutoS5y9UOxKvpc/GkvF4cuEmpokda4wRg64JEia27wX+PysIE9q+lzDtlHHgblwUWwo5/Qn+/WyTUvDwBHw==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.5.0", - "@typescript-eslint/visitor-keys": "8.5.0" + "@typescript-eslint/types": "8.6.0", + "@typescript-eslint/visitor-keys": "8.6.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1481,13 +1481,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.5.0.tgz", - "integrity": "sha512-N1K8Ix+lUM+cIDhL2uekVn/ZD7TZW+9/rwz8DclQpcQ9rk4sIL5CAlBC0CugWKREmDjBzI/kQqU4wkg46jWLYA==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.6.0.tgz", + "integrity": "sha512-dtePl4gsuenXVwC7dVNlb4mGDcKjDT/Ropsk4za/ouMBPplCLyznIaR+W65mvCvsyS97dymoBRrioEXI7k0XIg==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.5.0", - "@typescript-eslint/utils": "8.5.0", + "@typescript-eslint/typescript-estree": "8.6.0", + "@typescript-eslint/utils": "8.6.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -1505,9 +1505,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.5.0.tgz", - "integrity": "sha512-qjkormnQS5wF9pjSi6q60bKUHH44j2APxfh9TQRXK8wbYVeDYYdYJGIROL87LGZZ2gz3Rbmjc736qyL8deVtdw==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.6.0.tgz", + "integrity": "sha512-rojqFZGd4MQxw33SrOy09qIDS8WEldM8JWtKQLAjf/X5mGSeEFh5ixQlxssMNyPslVIk9yzWqXCsV2eFhYrYUw==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1518,13 +1518,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.5.0.tgz", - "integrity": "sha512-vEG2Sf9P8BPQ+d0pxdfndw3xIXaoSjliG0/Ejk7UggByZPKXmJmw3GW5jV2gHNQNawBUyfahoSiCFVov0Ruf7Q==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.6.0.tgz", + "integrity": "sha512-MOVAzsKJIPIlLK239l5s06YXjNqpKTVhBVDnqUumQJja5+Y94V3+4VUFRA0G60y2jNnTVwRCkhyGQpavfsbq/g==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.5.0", - "@typescript-eslint/visitor-keys": "8.5.0", + "@typescript-eslint/types": "8.6.0", + "@typescript-eslint/visitor-keys": "8.6.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -1570,15 +1570,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.5.0.tgz", - "integrity": "sha512-6yyGYVL0e+VzGYp60wvkBHiqDWOpT63pdMV2CVG4LVDd5uR6q1qQN/7LafBZtAtNIn/mqXjsSeS5ggv/P0iECw==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.6.0.tgz", + "integrity": "sha512-eNp9cWnYf36NaOVjkEUznf6fEgVy1TWpE0o52e4wtojjBx7D1UV2WAWGzR+8Y5lVFtpMLPwNbC67T83DWSph4A==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.5.0", - "@typescript-eslint/types": "8.5.0", - "@typescript-eslint/typescript-estree": "8.5.0" + "@typescript-eslint/scope-manager": "8.6.0", + "@typescript-eslint/types": "8.6.0", + "@typescript-eslint/typescript-estree": "8.6.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1592,12 +1592,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.5.0.tgz", - "integrity": "sha512-yTPqMnbAZJNy2Xq2XU8AdtOW9tJIr+UQb64aXB9f3B1498Zx9JorVgFJcZpEc9UBuCCrdzKID2RGAMkYcDtZOw==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.6.0.tgz", + "integrity": "sha512-wapVFfZg9H0qOYh4grNVQiMklJGluQrOUiOhYRrQWhx7BY/+I1IYb8BczWNbbUpO+pqy0rDciv3lQH5E1bCLrg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.5.0", + "@typescript-eslint/types": "8.6.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -2921,9 +2921,9 @@ } }, "node_modules/eslint-plugin-n": { - "version": "17.10.2", - "resolved": "https://registry.npmjs.org/eslint-plugin-n/-/eslint-plugin-n-17.10.2.tgz", - "integrity": "sha512-e+s4eAf5NtJaxPhTNu3qMO0Iz40WANS93w9LQgYcvuljgvDmWi/a3rh+OrNyMHeng6aOWGJO0rCg5lH4zi8yTw==", + "version": "17.10.3", + "resolved": "https://registry.npmjs.org/eslint-plugin-n/-/eslint-plugin-n-17.10.3.tgz", + "integrity": "sha512-ySZBfKe49nQZWR1yFaA0v/GsH6Fgp8ah6XV0WDz6CN8WO0ek4McMzb7A2xnf4DCYV43frjCygvb9f/wx7UUxRw==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", @@ -5646,9 +5646,9 @@ "license": "ISC" }, "node_modules/simple-git": { - "version": "3.26.0", - "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.26.0.tgz", - "integrity": "sha512-5tbkCSzuskR6uA7uA23yjasmA0RzugVo8QM2bpsnxkrgP13eisFT7TMS4a+xKEJvbmr4qf+l0WT3eKa9IxxUyw==", + "version": "3.27.0", + "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.27.0.tgz", + "integrity": "sha512-ivHoFS9Yi9GY49ogc6/YAi3Fl9ROnF4VyubNylgCkA+RVqLaKWnDSzXOVzya8csELIaWaYNutsEuAhZrtOjozA==", "dev": true, "dependencies": { "@kwsites/file-exists": "^1.1.1", @@ -6194,14 +6194,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.5.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.5.0.tgz", - "integrity": "sha512-uD+XxEoSIvqtm4KE97etm32Tn5MfaZWgWfMMREStLxR6JzvHkc2Tkj7zhTEK5XmtpTmKHNnG8Sot6qDfhHtR1Q==", + "version": "8.6.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.6.0.tgz", + "integrity": "sha512-eEhhlxCEpCd4helh3AO1hk0UP2MvbRi9CtIAJTVPQjuSXOOO2jsEacNi4UdcJzZJbeuVg1gMhtZ8UYb+NFYPrA==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.5.0", - "@typescript-eslint/parser": "8.5.0", - "@typescript-eslint/utils": "8.5.0" + "@typescript-eslint/eslint-plugin": "8.6.0", + "@typescript-eslint/parser": "8.6.0", + "@typescript-eslint/utils": "8.6.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" diff --git a/package.json b/package.json index 644ee7876..d5934b716 100644 --- a/package.json +++ b/package.json @@ -16,8 +16,8 @@ "@types/jest-specific-snapshot": "^0.5.9", "@types/node": "^22.5.5", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.5.0", - "@typescript-eslint/parser": "^8.5.0", + "@typescript-eslint/eslint-plugin": "^8.6.0", + "@typescript-eslint/parser": "^8.6.0", "caller": "^1.1.0", "debug": "^4.3.7", "eslint": "^8.57.0", @@ -26,7 +26,7 @@ "eslint-plugin-import": "^2.30.0", "eslint-plugin-import-x": "^4.2.1", "eslint-plugin-jest": "^28.8.3", - "eslint-plugin-n": "^17.10.2", + "eslint-plugin-n": "^17.10.3", "eslint-plugin-prettier": "^5.2.1", "eslint-plugin-simple-import-sort": "^12.1.1", "fast-sort": "^3.4.1", @@ -34,12 +34,12 @@ "jest-junit": "^16.0.0", "jest-specific-snapshot": "^8.0.0", "semver": "^7.6.3", - "simple-git": "^3.26.0", + "simple-git": "^3.27.0", "ts-jest": "^29.2.5", "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.6.2", - "typescript-eslint": "^8.5.0", + "typescript-eslint": "^8.6.0", "yaml": "^2.5.1" }, "bundleDependencies": [ From f378f067d4aceb667c8689c3f13476a893964918 Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Mon, 23 Sep 2024 12:08:48 -0700 Subject: [PATCH 22/27] (Fix): Fix squawk platform constraint (#875) Fix typo in #872 --- linters/squawk/squawk.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/linters/squawk/squawk.test.ts b/linters/squawk/squawk.test.ts index 470ecbf68..84ccbe43a 100644 --- a/linters/squawk/squawk.test.ts +++ b/linters/squawk/squawk.test.ts @@ -1,7 +1,7 @@ import { linterCheckTest } from "tests"; -// No release for squawk on arm64 darwin https://github.com/sbdchd/squawk/issues/372 +// No release for squawk on arm64 linux https://github.com/sbdchd/squawk/issues/372 linterCheckTest({ linterName: "squawk", - skipTestIf: () => process.arch === "arm64" && process.platform === "darwin", + skipTestIf: () => process.arch === "arm64" && process.platform === "linux", }); From 32ecb676ae7fba843ae2233ac0cdca38601c42a5 Mon Sep 17 00:00:00 2001 From: "trunk-open-pr-bot[bot]" <131314627+trunk-open-pr-bot[bot]@users.noreply.github.com> Date: Wed, 25 Sep 2024 09:57:22 -0700 Subject: [PATCH 23/27] Upgrade trunk (#878) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Trunk](https://static.trunk.io/assets/trunk_action_upgrade_banner.png)](https://trunk.io) 1 linter was upgraded: - eslint 9.10.0 → 9.11.1 This PR was generated by the [Trunk Action]. For more info, see our [docs] or reach out on [Slack]. [Trunk Action]: https://github.com/trunk-io/trunk-action [docs]: https://docs.trunk.io [Slack]: https://slack.trunk.io/ Co-authored-by: TylerJang27 <42743566+TylerJang27@users.noreply.github.com> --- .trunk/trunk.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml index fba1a4c9c..981a8b5ec 100644 --- a/.trunk/trunk.yaml +++ b/.trunk/trunk.yaml @@ -42,7 +42,7 @@ lint: enabled: # enabled linters inherited from github.com/trunk-io/configs plugin - definition-checker - - eslint@9.10.0 + - eslint@9.11.1 - trunk-toolbox@0.4.1 disabled: - pylint # pylint diagnostics are too strict From 0f4799e5960cab8728c9ece9d030722c67e2be37 Mon Sep 17 00:00:00 2001 From: Tyler Jang Date: Thu, 26 Sep 2024 10:50:06 -0700 Subject: [PATCH 24/27] (Chore): Re-enable squawk linux arm tests (#877) Follow-up to #875. They now support it in [v1.4.0](https://github.com/sbdchd/squawk/releases/tag/v1.4.0)! --- linters/squawk/plugin.yaml | 6 +++--- linters/squawk/squawk.test.ts | 9 +++++++-- ...2_basic.check.shot => squawk_v1.4.0_basic.check.shot} | 0 3 files changed, 10 insertions(+), 5 deletions(-) rename linters/squawk/test_data/{squawk_v1.1.2_basic.check.shot => squawk_v1.4.0_basic.check.shot} (100%) diff --git a/linters/squawk/plugin.yaml b/linters/squawk/plugin.yaml index 013084ff0..23ad5f8ac 100644 --- a/linters/squawk/plugin.yaml +++ b/linters/squawk/plugin.yaml @@ -4,8 +4,8 @@ tools: - name: squawk runtime: node package: squawk-cli - # First version to include Windows install. - known_good_version: 1.2.0 + # First version to include Windows install and linux arm64 + known_good_version: 1.4.0 shims: [squawk] lint: definitions: @@ -13,7 +13,7 @@ lint: description: A linter for Postgres migrations files: [sql] tools: [squawk] - known_good_version: 1.2.0 + known_good_version: 1.4.0 suggest_if: config_present direct_configs: [.squawk.toml] commands: diff --git a/linters/squawk/squawk.test.ts b/linters/squawk/squawk.test.ts index 84ccbe43a..f279b9c19 100644 --- a/linters/squawk/squawk.test.ts +++ b/linters/squawk/squawk.test.ts @@ -1,7 +1,12 @@ +import semver from "semver"; import { linterCheckTest } from "tests"; -// No release for squawk on arm64 linux https://github.com/sbdchd/squawk/issues/372 +// Squawk first supported linux arm in 1.4.0 https://github.com/sbdchd/squawk/issues/372 linterCheckTest({ linterName: "squawk", - skipTestIf: () => process.arch === "arm64" && process.platform === "linux", + skipTestIf: (version) => + process.arch === "arm64" && + process.platform === "linux" && + version !== undefined && + semver.lt(version, "1.4.0"), }); diff --git a/linters/squawk/test_data/squawk_v1.1.2_basic.check.shot b/linters/squawk/test_data/squawk_v1.4.0_basic.check.shot similarity index 100% rename from linters/squawk/test_data/squawk_v1.1.2_basic.check.shot rename to linters/squawk/test_data/squawk_v1.4.0_basic.check.shot From 512ca7036c7930aac85e632ef873d3e092416964 Mon Sep 17 00:00:00 2001 From: Chris Clearwater Date: Fri, 27 Sep 2024 13:21:47 -0700 Subject: [PATCH 25/27] Add support for markdownlint-cli2 (#879) This pull request introduces a new linter, `markdownlint-cli2`, and updates the documentation and configuration files accordingly. The most important changes include adding the new linter to the `README.md`, creating configuration and test files for `markdownlint-cli2`, and updating existing linter configurations. ### Introduction of `markdownlint-cli2`: * **Configuration and Test Files:** - Created a basic test for `markdownlint-cli2` in `linters/markdownlint-cli2/markdownlint.test.ts`. - Defined the `markdownlint-cli2` tool and its configurations in `linters/markdownlint-cli2/plugin.yaml`. - Added a JSON configuration file for `markdownlint-cli2` in `linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc`. - Provided test data and expected output for `markdownlint-cli2` in `linters/markdownlint-cli2/test_data/basic.in.md` and `linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot`. [[1]](diffhunk://#diff-6d06de89ac9581b3de417feab835ac7b52f10e532843efb099cc4b01d3434177R1-R11) [[2]](diffhunk://#diff-ca893877499930e4cb50e87128752a099619bfca0015eeb580efa09f525a2578R1-R43) ### Documentation Updates: * **README.md:** - Updated the Markdown linters list to include `markdownlint-cli2` in `README.md`. ### Removal of Old Configurations: * **Old Linter Configurations:** - Removed outdated `markdownlint-cli2` configurations from `linters/markdownlint/plugin.yaml`. --- .gitignore | 2 + README.md | 107 +++++++++--------- .../markdownlint-cli2/markdownlint.test.ts | 3 + linters/markdownlint-cli2/plugin.yaml | 46 ++++++++ .../test_data/.markdownlint-cli2.jsonc | 5 + .../markdownlint-cli2/test_data/basic.in.md | 11 ++ ...markdownlint_cli2_v0.14.0_basic.check.shot | 43 +++++++ linters/markdownlint/plugin.yaml | 3 - 8 files changed, 164 insertions(+), 56 deletions(-) create mode 100644 linters/markdownlint-cli2/markdownlint.test.ts create mode 100644 linters/markdownlint-cli2/plugin.yaml create mode 100644 linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc create mode 100644 linters/markdownlint-cli2/test_data/basic.in.md create mode 100644 linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot diff --git a/.gitignore b/.gitignore index 003c57f6f..026fd7db3 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ node_modules/ # Typescript out/ + +junit.xml diff --git a/README.md b/README.md index a1e2c41c3..ad42f489a 100644 --- a/README.md +++ b/README.md @@ -38,59 +38,59 @@ Enable the following tools via: trunk check enable {linter} ``` -| Technology | Linters | -| --------------- | -------------------------------------------------------------------------------------------------------------------- | -| All | [codespell], [cspell], [gitleaks], [git-diff-check], [pre-commit-hooks], [trunk-toolbox], [vale] | -| Ansible | [ansible-lint] | -| Apex | [pmd] | -| Bash | [shellcheck], [shfmt] | -| Bazel, Starlark | [buildifier] | -| C, C++ | [clang-format], [clang-tidy], [include-what-you-use], [pragma-once] | -| C# | [dotnet-format] | -| CircleCI Config | [circleci] | -| Cloudformation | [cfnlint], [checkov] | -| CMake | [cmake-format] | -| CSS, SCSS | [stylelint], [prettier] | -| Cue | [cue-fmt] | -| Dart | [dart] | -| Docker | [hadolint], [checkov] | -| Dotenv | [dotenv-linter] | -| GitHub | [actionlint] | -| Go | [gofmt], [gofumpt], [goimports], [gokart], [golangci-lint], [golines], [semgrep] | -| GraphQL | [graphql-schema-linter], [prettier] | -| HAML | [haml-lint] | -| HTML Templates | [djlint] | -| Java | [google-java-format], [pmd], [semgrep] | -| Javascript | [biome], [deno], [eslint], [prettier], [rome], [semgrep] | -| JSON | [biome], [deno], [eslint], [prettier], [semgrep] | -| Kotlin | [detekt], [ktlint] | -| Kubernetes | [kube-linter] | -| Lua | [stylua] | -| Markdown | [deno], [markdownlint], [markdown-link-check], [markdown-table-prettify], [prettier], [remark-lint] | -| Nix | [nixpkgs-fmt] | -| package.json | [sort-package-json] | -| Perl | [perlcritic], [perltidy] | -| PHP | [php-cs-fixer], [phpstan] | -| PNG | [oxipng] | -| PowerShell | [psscriptanalyzer] | -| Prisma | [prisma] | -| Protobuf | [buf] (breaking, lint, and format), [clang-format], [clang-tidy] | -| Python | [autopep8], [bandit], [black], [flake8], [isort], [mypy], [pylint], [pyright], [semgrep], [yapf], [ruff], [sourcery] | -| Rego | [regal], [opa] | -| Renovate | [renovate] | -| Ruby | [brakeman], [rubocop], [rufo], [semgrep], [standardrb] | -| Rust | [clippy], [rustfmt] | -| Scala | [scalafmt] | -| Security | [checkov], [dustilock], [nancy], [osv-scanner], [tfsec], [trivy], [trufflehog], [terrascan] | -| SQL | [sqlfluff], [sqlfmt], [sql-formatter], [squawk] | -| SVG | [svgo] | -| Swift | [stringslint], [swiftlint], [swiftformat] | -| Terraform | [terraform] (validate and fmt), [checkov], [tflint], [tfsec], [terrascan], [tofu] | -| Terragrunt | [terragrunt] | -| Textproto | [txtpbfmt] | -| TOML | [taplo] | -| Typescript | [deno], [eslint], [prettier], [rome], [semgrep] | -| YAML | [prettier], [semgrep], [yamllint] | +| Technology | Linters | +| --------------- | ------------------------------------------------------------------------------------------------------------------------ | +| All | [codespell], [cspell], [gitleaks], [git-diff-check], [pre-commit-hooks], [trunk-toolbox], [vale] | +| Ansible | [ansible-lint] | +| Apex | [pmd] | +| Bash | [shellcheck], [shfmt] | +| Bazel, Starlark | [buildifier] | +| C, C++ | [clang-format], [clang-tidy], [include-what-you-use], [pragma-once] | +| C# | [dotnet-format] | +| CircleCI Config | [circleci] | +| Cloudformation | [cfnlint], [checkov] | +| CMake | [cmake-format] | +| CSS, SCSS | [stylelint], [prettier] | +| Cue | [cue-fmt] | +| Dart | [dart] | +| Docker | [hadolint], [checkov] | +| Dotenv | [dotenv-linter] | +| GitHub | [actionlint] | +| Go | [gofmt], [gofumpt], [goimports], [gokart], [golangci-lint], [golines], [semgrep] | +| GraphQL | [graphql-schema-linter], [prettier] | +| HAML | [haml-lint] | +| HTML Templates | [djlint] | +| Java | [google-java-format], [pmd], [semgrep] | +| Javascript | [biome], [deno], [eslint], [prettier], [rome], [semgrep] | +| JSON | [biome], [deno], [eslint], [prettier], [semgrep] | +| Kotlin | [detekt], [ktlint] | +| Kubernetes | [kube-linter] | +| Lua | [stylua] | +| Markdown | [deno], [markdownlint], [markdownlint-cli2], [markdown-link-check], [markdown-table-prettify], [prettier], [remark-lint] | +| Nix | [nixpkgs-fmt] | +| package.json | [sort-package-json] | +| Perl | [perlcritic], [perltidy] | +| PHP | [php-cs-fixer], [phpstan] | +| PNG | [oxipng] | +| PowerShell | [psscriptanalyzer] | +| Prisma | [prisma] | +| Protobuf | [buf] (breaking, lint, and format), [clang-format], [clang-tidy] | +| Python | [autopep8], [bandit], [black], [flake8], [isort], [mypy], [pylint], [pyright], [semgrep], [yapf], [ruff], [sourcery] | +| Rego | [regal], [opa] | +| Renovate | [renovate] | +| Ruby | [brakeman], [rubocop], [rufo], [semgrep], [standardrb] | +| Rust | [clippy], [rustfmt] | +| Scala | [scalafmt] | +| Security | [checkov], [dustilock], [nancy], [osv-scanner], [tfsec], [trivy], [trufflehog], [terrascan] | +| SQL | [sqlfluff], [sqlfmt], [sql-formatter], [squawk] | +| SVG | [svgo] | +| Swift | [stringslint], [swiftlint], [swiftformat] | +| Terraform | [terraform] (validate and fmt), [checkov], [tflint], [tfsec], [terrascan], [tofu] | +| Terragrunt | [terragrunt] | +| Textproto | [txtpbfmt] | +| TOML | [taplo] | +| Typescript | [deno], [eslint], [prettier], [rome], [semgrep] | +| YAML | [prettier], [semgrep], [yamllint] | [actionlint]: https://trunk.io/linters/infra/actionlint [ansible-lint]: https://github.com/ansible/ansible-lint#readme @@ -137,6 +137,7 @@ trunk check enable {linter} [ktlint]: https://github.com/pinterest/ktlint#readme [kube-linter]: https://github.com/stackrox/kube-linter#readme [markdownlint]: https://github.com/DavidAnson/markdownlint#readme +[markdownlint-cli2]: https://github.com/DavidAnson/markdownlint-cli2#readme [markdown-table-prettify]: https://github.com/darkriszty/MarkdownTablePrettify-VSCodeExt#readme [markdown-link-check]: https://github.com/tcort/markdown-link-check#readme [mypy]: https://github.com/python/mypy#readme diff --git a/linters/markdownlint-cli2/markdownlint.test.ts b/linters/markdownlint-cli2/markdownlint.test.ts new file mode 100644 index 000000000..91b33f474 --- /dev/null +++ b/linters/markdownlint-cli2/markdownlint.test.ts @@ -0,0 +1,3 @@ +import { linterCheckTest } from "tests"; + +linterCheckTest({ linterName: "markdownlint-cli2" }); diff --git a/linters/markdownlint-cli2/plugin.yaml b/linters/markdownlint-cli2/plugin.yaml new file mode 100644 index 000000000..1b662a8d4 --- /dev/null +++ b/linters/markdownlint-cli2/plugin.yaml @@ -0,0 +1,46 @@ +version: 0.1 +tools: + definitions: + - name: markdownlint-cli2 + runtime: node + package: markdownlint-cli2 + shims: [markdownlint-cli2] + known_good_version: 0.14.0 + +lint: + definitions: + - name: markdownlint-cli2 + files: [markdown] + tools: [markdownlint-cli2] + description: A style checker and lint tool for markdown files + commands: + - name: lint + # Custom parser type defined in the trunk cli to handle markdownlint's JSON output. + output: regex + read_output_from: stderr + parse_regex: + "(?P[^:]+):(?P[\\d+]+)(?::(?P[\\d+]+))? (?P[^ ]+) + (?P.*)\n" + run: markdownlint-cli2 ${target} --json + success_codes: [0, 1] + batch: true + cache_results: true + suggest_if: config_present + direct_configs: + - .markdownlint-cli2.jsonc + - .markdownlint-cli2.yaml + - .markdownlint-cli2.cjs + - .markdownlint-cli2.mjs + affects_cache: + - package.json + - .markdownlint.jsonc + - .markdownlint.json + - .markdownlint.yaml + - .markdownlint.yml + - .markdownlint.cjs + - .markdownlint.mjs + issue_url_format: https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#{} + known_good_version: 0.14.0 + version_command: + parse_regex: ${semver} + run: markdownlint --version diff --git a/linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc b/linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc new file mode 100644 index 000000000..5ecf259c3 --- /dev/null +++ b/linters/markdownlint-cli2/test_data/.markdownlint-cli2.jsonc @@ -0,0 +1,5 @@ +{ + "config": { + "extends": "markdownlint/style/prettier" + } +} diff --git a/linters/markdownlint-cli2/test_data/basic.in.md b/linters/markdownlint-cli2/test_data/basic.in.md new file mode 100644 index 000000000..9163e8372 --- /dev/null +++ b/linters/markdownlint-cli2/test_data/basic.in.md @@ -0,0 +1,11 @@ +# bad.md + +# This file fails some rules + +Line is OK- Make a realy long line that breaks the layout rules completely. Make a realy long line +that breaks +But this should be ignored because of config + + +Line is too long (over 120) A B C D E F G A B C D E F G A B C D E F G A B C D E F G A B C D E F G A +B C D E F G A B C D E F G A B C D E F G diff --git a/linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot b/linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot new file mode 100644 index 000000000..a0471cf50 --- /dev/null +++ b/linters/markdownlint-cli2/test_data/markdownlint_cli2_v0.14.0_basic.check.shot @@ -0,0 +1,43 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`Testing linter markdownlint-cli2 test basic 1`] = ` +{ + "issues": [ + { + "code": "MD025/single-title/single-h1", + "column": "1", + "file": "test_data/basic.in.md", + "issueClass": "ISSUE_CLASS_EXISTING", + "issueUrl": "https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#MD025/single-title/single-h1", + "level": "LEVEL_HIGH", + "line": "3", + "linter": "markdownlint-cli2", + "message": "Multiple top-level headings in the same document [Context: "This file fails some rules"]", + "targetType": "markdown", + }, + ], + "lintActions": [ + { + "command": "lint", + "fileGroupName": "markdown", + "linter": "markdownlint-cli2", + "paths": [ + "test_data/basic.in.md", + ], + "verb": "TRUNK_VERB_CHECK", + }, + { + "command": "lint", + "fileGroupName": "markdown", + "linter": "markdownlint-cli2", + "paths": [ + "test_data/basic.in.md", + ], + "upstream": true, + "verb": "TRUNK_VERB_CHECK", + }, + ], + "taskFailures": [], + "unformattedFiles": [], +} +`; diff --git a/linters/markdownlint/plugin.yaml b/linters/markdownlint/plugin.yaml index 978bbdd0c..1aa1515d5 100644 --- a/linters/markdownlint/plugin.yaml +++ b/linters/markdownlint/plugin.yaml @@ -26,9 +26,6 @@ lint: - .markdownlint.yaml - .markdownlint.yml - .markdownlintrc - - .markdownlint-cli2.json - - .markdownlint-cli2.yaml - - .markdownlint-cli2.jsonc issue_url_format: https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#{} known_good_version: 0.33.0 version_command: From 0ebff0f2ce828a38fa5b2f01dd5088be198ad40d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 29 Sep 2024 17:55:32 -0700 Subject: [PATCH 26/27] Bump github/codeql-action from 3.26.8 to 3.26.9 in the dependencies group (#880) Bumps the dependencies group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 3.26.8 to 3.26.9
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

  • We are rolling out a feature in September/October 2024 that sets up CodeQL using a bundle compressed with Zstandard. Our aim is to improve the performance of setting up CodeQL. #2502

3.26.9 - 24 Sep 2024

No user facing changes.

3.26.8 - 19 Sep 2024

  • Update default CodeQL bundle version to 2.19.0. #2483

3.26.7 - 13 Sep 2024

  • Update default CodeQL bundle version to 2.18.4. #2471

3.26.6 - 29 Aug 2024

  • Update default CodeQL bundle version to 2.18.3. #2449

3.26.5 - 23 Aug 2024

  • Fix an issue where the csrutil system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. #2441

3.26.4 - 21 Aug 2024

  • Deprecation: The add-snippets input on the analyze Action is deprecated and will be removed in the first release in August 2025. #2436
  • Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. #2434

3.26.3 - 19 Aug 2024

  • Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. #2430

3.26.2 - 14 Aug 2024

  • Update default CodeQL bundle version to 2.18.2. #2417

3.26.1 - 13 Aug 2024

No user facing changes.

3.26.0 - 06 Aug 2024

  • Deprecation: Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. #2403

... (truncated)

Commits
  • 461ef6c Merge pull request #2503 from github/update-v3.26.9-f861efb2b
  • 00b1146 Update changelog for v3.26.9
  • f861efb Merge pull request #2498 from github/dependabot/npm_and_yarn/npm-9874b37b58
  • 426821d Merge pull request #2485 from github/dependabot/github_actions/actions-a88a8c...
  • 07e8133 Merge pull request #2501 from github/henrymercer/missing-autobuild-config-error
  • e0a151e Fix inconsistency in autobuild error tracking
  • 6b0ce4e revert eslint-plugin-import to 2.29.1
  • 07fd497 Merge branch 'main' into dependabot/github_actions/actions-a88a8c5a24
  • 2cddcb1 Merge pull request #2499 from github/aeisenberg/no-upload-sarif
  • 6225a95 Don't upload during cancelled jobs
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.8&new-version=3.26.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c8b6bf5df..7ef466e3b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/autobuild@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 # ℹ️ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 300fc6cfa..cc4870873 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: results.sarif From 45867230ca214dd6750252fde4173558fc812b7d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 29 Sep 2024 17:56:02 -0700 Subject: [PATCH 27/27] Bump the dependencies group with 5 updates (#881) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.5.5` | `22.7.4` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.6.0` | `8.7.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.6.0` | `8.7.0` | | [eslint-plugin-import-x](https://github.com/un-ts/eslint-plugin-import-x) | `4.2.1` | `4.3.0` | | [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.6.0` | `8.7.0` | Updates `@types/node` from 22.5.5 to 22.7.4
Commits

Updates `@typescript-eslint/eslint-plugin` from 8.6.0 to 8.7.0
Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.7.0

8.7.0 (2024-09-23)

🚀 Features

  • eslint-plugin: [no-unsafe-call] check calls of Function (#10010)
  • eslint-plugin: [consistent-type-exports] check export * exports to see if all exported members are types (#10006)

🩹 Fixes

  • eslint-plugin: properly coerce all types to string in getStaticMemberAccessValue (#10004)
  • eslint-plugin: [no-deprecated] report on imported deprecated variables (#9987)
  • eslint-plugin: [no-confusing-non-null-assertion] check !in and !instanceof (#9994)
  • types: add NewExpression as a parent of SpreadElement (#10024)
  • utils: add missing entries to the RuleListener selectors list (#9992)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.7.0 (2024-09-23)

🚀 Features

  • eslint-plugin: [no-unsafe-call] check calls of Function

  • eslint-plugin: [consistent-type-exports] check export * exports to see if all exported members are types

🩹 Fixes

  • eslint-plugin: properly coerce all types to string in getStaticMemberAccessValue

  • eslint-plugin: [no-deprecated] report on imported deprecated variables

  • eslint-plugin: [no-confusing-non-null-assertion] check !in and !instanceof

❤️ Thank You

  • Abraham Guo
  • auvred
  • Brian Donovan
  • Kirk Waiblinger

You can read about our versioning strategy and releases on our website.

Commits
  • b88ea33 chore(release): publish 8.7.0
  • cdd93f6 docs(eslint-plugin): [no-inferrable-types] do not use no-inferrable-types wit...
  • d0e35d9 feat(eslint-plugin): [consistent-type-exports] check export * exports to se...
  • dc1c6d3 docs: [no-unnecessary-type-parameters] add FAQ section (#9975)
  • e8555a0 feat(eslint-plugin): [no-unsafe-call] check calls of Function (#10010)
  • 8293546 fix(eslint-plugin): [no-confusing-non-null-assertion] check !in and !instance...
  • b75d42b fix(eslint-plugin): [no-deprecated] report on imported deprecated variables (...
  • c5dc755 docs: [no-floating-promises] clarify that void does not resolve promises (#9949)
  • 1c183ab fix(eslint-plugin): properly coerce all types to string in `getStaticMemberAc...
  • 7b149b9 docs: [strict-boolean-expressions] fix adominition (#10033)
  • Additional commits viewable in compare view

Updates `@typescript-eslint/parser` from 8.6.0 to 8.7.0
Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.7.0

8.7.0 (2024-09-23)

🚀 Features

  • eslint-plugin: [no-unsafe-call] check calls of Function (#10010)
  • eslint-plugin: [consistent-type-exports] check export * exports to see if all exported members are types (#10006)

🩹 Fixes

  • eslint-plugin: properly coerce all types to string in getStaticMemberAccessValue (#10004)
  • eslint-plugin: [no-deprecated] report on imported deprecated variables (#9987)
  • eslint-plugin: [no-confusing-non-null-assertion] check !in and !instanceof (#9994)
  • types: add NewExpression as a parent of SpreadElement (#10024)
  • utils: add missing entries to the RuleListener selectors list (#9992)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.7.0 (2024-09-23)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates `eslint-plugin-import-x` from 4.2.1 to 4.3.0
Release notes

Sourced from eslint-plugin-import-x's releases.

v4.3.0

Minor Changes

Changelog

Sourced from eslint-plugin-import-x's changelog.

4.3.0

Minor Changes

Commits

Updates `typescript-eslint` from 8.6.0 to 8.7.0
Release notes

Sourced from typescript-eslint's releases.

v8.7.0

8.7.0 (2024-09-23)

🚀 Features

  • eslint-plugin: [no-unsafe-call] check calls of Function (#10010)
  • eslint-plugin: [consistent-type-exports] check export * exports to see if all exported members are types (#10006)

🩹 Fixes

  • eslint-plugin: properly coerce all types to string in getStaticMemberAccessValue (#10004)
  • eslint-plugin: [no-deprecated] report on imported deprecated variables (#9987)
  • eslint-plugin: [no-confusing-non-null-assertion] check !in and !instanceof (#9994)
  • types: add NewExpression as a parent of SpreadElement (#10024)
  • utils: add missing entries to the RuleListener selectors list (#9992)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.7.0 (2024-09-23)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 118 +++++++++++++++++++++++----------------------- package.json | 10 ++-- 2 files changed, 64 insertions(+), 64 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5be9668c6..a70970f63 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,17 +16,17 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.13", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.5", + "@types/node": "^22.7.4", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.6.0", - "@typescript-eslint/parser": "^8.6.0", + "@typescript-eslint/eslint-plugin": "^8.7.0", + "@typescript-eslint/parser": "^8.7.0", "caller": "^1.1.0", "debug": "^4.3.7", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", "eslint-import-resolver-typescript": "^3.6.3", "eslint-plugin-import": "^2.30.0", - "eslint-plugin-import-x": "^4.2.1", + "eslint-plugin-import-x": "^4.3.0", "eslint-plugin-jest": "^28.8.3", "eslint-plugin-n": "^17.10.3", "eslint-plugin-prettier": "^5.2.1", @@ -41,7 +41,7 @@ "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.6.2", - "typescript-eslint": "^8.6.0", + "typescript-eslint": "^8.7.0", "yaml": "^2.5.1" }, "engines": { @@ -1370,9 +1370,9 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "22.5.5", - "resolved": "https://registry.npmjs.org/@types/node/-/node-22.5.5.tgz", - "integrity": "sha512-Xjs4y5UPO/CLdzpgR6GirZJx36yScjh73+2NlLlkFRSoQN8B0DpfXPdZGnvVmLRLOsqDpOfTNv7D9trgGhmOIA==", + "version": "22.7.4", + "resolved": "https://registry.npmjs.org/@types/node/-/node-22.7.4.tgz", + "integrity": "sha512-y+NPi1rFzDs1NdQHHToqeiX2TIS79SWEAw9GYhkkx8bD0ChpfqC+n2j5OXOCpzfojBEBt6DnEnnG9MY0zk1XLg==", "dev": true, "dependencies": { "undici-types": "~6.19.2" @@ -1403,16 +1403,16 @@ "license": "MIT" }, "node_modules/@typescript-eslint/eslint-plugin": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.6.0.tgz", - "integrity": "sha512-UOaz/wFowmoh2G6Mr9gw60B1mm0MzUtm6Ic8G2yM1Le6gyj5Loi/N+O5mocugRGY+8OeeKmkMmbxNqUCq3B4Sg==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-8.7.0.tgz", + "integrity": "sha512-RIHOoznhA3CCfSTFiB6kBGLQtB/sox+pJ6jeFu6FxJvqL8qRxq/FfGO/UhsGgQM9oGdXkV4xUgli+dt26biB6A==", "dev": true, "dependencies": { "@eslint-community/regexpp": "^4.10.0", - "@typescript-eslint/scope-manager": "8.6.0", - "@typescript-eslint/type-utils": "8.6.0", - "@typescript-eslint/utils": "8.6.0", - "@typescript-eslint/visitor-keys": "8.6.0", + "@typescript-eslint/scope-manager": "8.7.0", + "@typescript-eslint/type-utils": "8.7.0", + "@typescript-eslint/utils": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0", "graphemer": "^1.4.0", "ignore": "^5.3.1", "natural-compare": "^1.4.0", @@ -1436,15 +1436,15 @@ } }, "node_modules/@typescript-eslint/parser": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.6.0.tgz", - "integrity": "sha512-eQcbCuA2Vmw45iGfcyG4y6rS7BhWfz9MQuk409WD47qMM+bKCGQWXxvoOs1DUp+T7UBMTtRTVT+kXr7Sh4O9Ow==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-8.7.0.tgz", + "integrity": "sha512-lN0btVpj2unxHlNYLI//BQ7nzbMJYBVQX5+pbNXvGYazdlgYonMn4AhhHifQ+J4fGRYA/m1DjaQjx+fDetqBOQ==", "dev": true, "dependencies": { - "@typescript-eslint/scope-manager": "8.6.0", - "@typescript-eslint/types": "8.6.0", - "@typescript-eslint/typescript-estree": "8.6.0", - "@typescript-eslint/visitor-keys": "8.6.0", + "@typescript-eslint/scope-manager": "8.7.0", + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/typescript-estree": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0", "debug": "^4.3.4" }, "engines": { @@ -1464,13 +1464,13 @@ } }, "node_modules/@typescript-eslint/scope-manager": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.6.0.tgz", - "integrity": "sha512-ZuoutoS5y9UOxKvpc/GkvF4cuEmpokda4wRg64JEia27wX+PysIE9q+lzDtlHHgblwUWwo5/Qn+/WyTUvDwBHw==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-8.7.0.tgz", + "integrity": "sha512-87rC0k3ZlDOuz82zzXRtQ7Akv3GKhHs0ti4YcbAJtaomllXoSO8hi7Ix3ccEvCd824dy9aIX+j3d2UMAfCtVpg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.6.0", - "@typescript-eslint/visitor-keys": "8.6.0" + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1481,13 +1481,13 @@ } }, "node_modules/@typescript-eslint/type-utils": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.6.0.tgz", - "integrity": "sha512-dtePl4gsuenXVwC7dVNlb4mGDcKjDT/Ropsk4za/ouMBPplCLyznIaR+W65mvCvsyS97dymoBRrioEXI7k0XIg==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/type-utils/-/type-utils-8.7.0.tgz", + "integrity": "sha512-tl0N0Mj3hMSkEYhLkjREp54OSb/FI6qyCzfiiclvJvOqre6hsZTGSnHtmFLDU8TIM62G7ygEa1bI08lcuRwEnQ==", "dev": true, "dependencies": { - "@typescript-eslint/typescript-estree": "8.6.0", - "@typescript-eslint/utils": "8.6.0", + "@typescript-eslint/typescript-estree": "8.7.0", + "@typescript-eslint/utils": "8.7.0", "debug": "^4.3.4", "ts-api-utils": "^1.3.0" }, @@ -1505,9 +1505,9 @@ } }, "node_modules/@typescript-eslint/types": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.6.0.tgz", - "integrity": "sha512-rojqFZGd4MQxw33SrOy09qIDS8WEldM8JWtKQLAjf/X5mGSeEFh5ixQlxssMNyPslVIk9yzWqXCsV2eFhYrYUw==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/types/-/types-8.7.0.tgz", + "integrity": "sha512-LLt4BLHFwSfASHSF2K29SZ+ZCsbQOM+LuarPjRUuHm+Qd09hSe3GCeaQbcCr+Mik+0QFRmep/FyZBO6fJ64U3w==", "dev": true, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1518,13 +1518,13 @@ } }, "node_modules/@typescript-eslint/typescript-estree": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.6.0.tgz", - "integrity": "sha512-MOVAzsKJIPIlLK239l5s06YXjNqpKTVhBVDnqUumQJja5+Y94V3+4VUFRA0G60y2jNnTVwRCkhyGQpavfsbq/g==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-8.7.0.tgz", + "integrity": "sha512-MC8nmcGHsmfAKxwnluTQpNqceniT8SteVwd2voYlmiSWGOtjvGXdPl17dYu2797GVscK30Z04WRM28CrKS9WOg==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.6.0", - "@typescript-eslint/visitor-keys": "8.6.0", + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/visitor-keys": "8.7.0", "debug": "^4.3.4", "fast-glob": "^3.3.2", "is-glob": "^4.0.3", @@ -1570,15 +1570,15 @@ } }, "node_modules/@typescript-eslint/utils": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.6.0.tgz", - "integrity": "sha512-eNp9cWnYf36NaOVjkEUznf6fEgVy1TWpE0o52e4wtojjBx7D1UV2WAWGzR+8Y5lVFtpMLPwNbC67T83DWSph4A==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/utils/-/utils-8.7.0.tgz", + "integrity": "sha512-ZbdUdwsl2X/s3CiyAu3gOlfQzpbuG3nTWKPoIvAu1pu5r8viiJvv2NPN2AqArL35NCYtw/lrPPfM4gxrMLNLPw==", "dev": true, "dependencies": { "@eslint-community/eslint-utils": "^4.4.0", - "@typescript-eslint/scope-manager": "8.6.0", - "@typescript-eslint/types": "8.6.0", - "@typescript-eslint/typescript-estree": "8.6.0" + "@typescript-eslint/scope-manager": "8.7.0", + "@typescript-eslint/types": "8.7.0", + "@typescript-eslint/typescript-estree": "8.7.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" @@ -1592,12 +1592,12 @@ } }, "node_modules/@typescript-eslint/visitor-keys": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.6.0.tgz", - "integrity": "sha512-wapVFfZg9H0qOYh4grNVQiMklJGluQrOUiOhYRrQWhx7BY/+I1IYb8BczWNbbUpO+pqy0rDciv3lQH5E1bCLrg==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-8.7.0.tgz", + "integrity": "sha512-b1tx0orFCCh/THWPQa2ZwWzvOeyzzp36vkJYOpVg0u8UVOIsfVrnuC9FqAw9gRKn+rG2VmWQ/zDJZzkxUnj/XQ==", "dev": true, "dependencies": { - "@typescript-eslint/types": "8.6.0", + "@typescript-eslint/types": "8.7.0", "eslint-visitor-keys": "^3.4.3" }, "engines": { @@ -2791,9 +2791,9 @@ } }, "node_modules/eslint-plugin-import-x": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.2.1.tgz", - "integrity": "sha512-WWi2GedccIJa0zXxx3WDnTgouGQTtdYK1nhXMwywbqqAgB0Ov+p1pYBsWh3VaB0bvBOwLse6OfVII7jZD9xo5Q==", + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/eslint-plugin-import-x/-/eslint-plugin-import-x-4.3.0.tgz", + "integrity": "sha512-PxGzP7gAjF2DLeRnQtbYkkgZDg1intFyYr/XS1LgTYXUDrSXMHGkXx8++6i2eDv2jMs0jfeO6G6ykyeWxiFX7w==", "dev": true, "dependencies": { "@typescript-eslint/utils": "^8.1.0", @@ -6194,14 +6194,14 @@ } }, "node_modules/typescript-eslint": { - "version": "8.6.0", - "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.6.0.tgz", - "integrity": "sha512-eEhhlxCEpCd4helh3AO1hk0UP2MvbRi9CtIAJTVPQjuSXOOO2jsEacNi4UdcJzZJbeuVg1gMhtZ8UYb+NFYPrA==", + "version": "8.7.0", + "resolved": "https://registry.npmjs.org/typescript-eslint/-/typescript-eslint-8.7.0.tgz", + "integrity": "sha512-nEHbEYJyHwsuf7c3V3RS7Saq+1+la3i0ieR3qP0yjqWSzVmh8Drp47uOl9LjbPANac4S7EFSqvcYIKXUUwIfIQ==", "dev": true, "dependencies": { - "@typescript-eslint/eslint-plugin": "8.6.0", - "@typescript-eslint/parser": "8.6.0", - "@typescript-eslint/utils": "8.6.0" + "@typescript-eslint/eslint-plugin": "8.7.0", + "@typescript-eslint/parser": "8.7.0", + "@typescript-eslint/utils": "8.7.0" }, "engines": { "node": "^18.18.0 || ^20.9.0 || >=21.1.0" diff --git a/package.json b/package.json index d5934b716..1e5bc3887 100644 --- a/package.json +++ b/package.json @@ -14,17 +14,17 @@ "@types/debug": "^4.1.12", "@types/jest": "^29.5.13", "@types/jest-specific-snapshot": "^0.5.9", - "@types/node": "^22.5.5", + "@types/node": "^22.7.4", "@types/semver": "^7.5.8", - "@typescript-eslint/eslint-plugin": "^8.6.0", - "@typescript-eslint/parser": "^8.6.0", + "@typescript-eslint/eslint-plugin": "^8.7.0", + "@typescript-eslint/parser": "^8.7.0", "caller": "^1.1.0", "debug": "^4.3.7", "eslint": "^8.57.0", "eslint-config-prettier": "^9.1.0", "eslint-import-resolver-typescript": "^3.6.3", "eslint-plugin-import": "^2.30.0", - "eslint-plugin-import-x": "^4.2.1", + "eslint-plugin-import-x": "^4.3.0", "eslint-plugin-jest": "^28.8.3", "eslint-plugin-n": "^17.10.3", "eslint-plugin-prettier": "^5.2.1", @@ -39,7 +39,7 @@ "ts-node": "^10.9.2", "tsconfig-paths": "^4.1.2", "typescript": "^5.6.2", - "typescript-eslint": "^8.6.0", + "typescript-eslint": "^8.7.0", "yaml": "^2.5.1" }, "bundleDependencies": [