Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 8 directories with 10 updates #19

Merged
merged 1 commit into from
Aug 31, 2024
Merged

Bump the npm_and_yarn group across 8 directories with 10 updates #19

merged 1 commit into from
Aug 31, 2024

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Aug 11, 2024

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
minimatch 3.1.2 10.0.1
postcss 8.4.33 8.4.34
xml2js 0.5.0 0.6.0
es5-ext 0.10.63 0.10.64
terser 5.27.0 5.31.5
ws 7.4.6 7.5.10

Bumps the npm_and_yarn group with 2 updates in the /build directory: braces and @azure/identity.
Bumps the npm_and_yarn group with 1 update in the /extensions directory: braces.
Bumps the npm_and_yarn group with 2 updates in the /extensions/markdown-language-features directory: semver and katex.
Bumps the npm_and_yarn group with 1 update in the /extensions/markdown-math directory: katex.
Bumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: ws.
Bumps the npm_and_yarn group with 2 updates in the /extensions/npm directory: minimatch and braces.
Bumps the npm_and_yarn group with 2 updates in the /remote directory: braces and semver.

Updates minimatch from 3.1.2 to 10.0.1

Changelog

Sourced from minimatch's changelog.

change log

10.0

  • Require node 20 or 22 and higher

9.0

  • No default export, only named exports.

8.0

  • Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
  • Bump required Node.js version

7.4

  • Add escape() method
  • Add unescape() method
  • Add Minimatch.hasMagic() method

7.3

  • Add support for posix character classes in a unicode-aware way.

7.2

  • Add windowsNoMagicRoot option

7.1

  • Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

7.0

  • Preprocess patterns to simplify complicated patterns and reduce out .. pattern portions where possible. Note that this means a pattern like a/b/../* will be equivalent to a/*, and will not match the string a/b/../c. If this causes problems, it can be addressed in a patch release by resolving .. portions in the test string.

6.2

... (truncated)

Commits

Updates postcss from 8.4.33 to 8.4.34

Release notes

Sourced from postcss's releases.

8.4.34

Changelog

Sourced from postcss's changelog.

8.4.34

  • Fixed AtRule#nodes type (by Tim Weißenfels).
  • Cleaned up code (by Dmitry Kirillov).
Commits

Updates xml2js from 0.5.0 to 0.6.0

Commits
  • 0e29f0e Release new version
  • a25035c Remove old unused files
  • 1de4688 Merge pull request #680 from Leonidas-from-XIV/zap-dependency-fix
  • 3b97ae5 Merge pull request #681 from Leonidas-from-XIV/cve-compat-fix
  • 167a385 Fix zap to be the original dependency
  • 5f6620f Compile changed coffeescript code
  • 044cfe5 Undo API changes from #603
  • 7292aa9 fix: include missed key check
  • 4c8ec89 fix: revert incorrectly adapted code
  • ad3a297 refactor: extract function for key check
  • Additional commits viewable in compare view

Updates es5-ext from 0.10.63 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)
Commits
  • f76b03d chore: Release v0.10.64
  • 2881acd chore: Bump dependencies
  • c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
  • 16f2b72 docs: Fix date in the changelog
  • See full diff in compare view

Updates terser from 5.27.0 to 5.31.5

Changelog

Sourced from terser's changelog.

v5.31.5

  • Revert v5.31.4, which created mysterious issues #1548, #1549

v5.31.4 (reverted)

  • drop_unused: drop classes which only have side effects in the extends part

v5.31.3

  • drop_unused: drop unused parameters from IIFEs in some more situations.

v5.31.2

  • drop_unused: scan variables in self-referential class declarations that contain side effects.
  • Don't add parens to arrow function when it's the default for an argument (#1540)
  • Update domprops (#1538)

v5.31.1

  • Allow drop-unused to drop the whole assignment (not just the assigned name) in more situations, in order to avoid duplication of long strings.

v5.31.0

  • Sync up property mangler exceptions with current contents of Firefox and Chrome environments
  • Add more webcomponent properties to property mangler exceptions (#1525)
  • Drop non-nullish constants in ...spreads in objects (#1141)

v5.30.4

  • Fix parsing #private in ... when next to other operators

v5.30.3

  • Fix precedence of #private in ... operator

v5.30.2

  • Avoid optimizations inside computed keys, because they can cause js-engine-specific bugs.

v5.30.1

  • Removed useless \ escapes for non-ascii characters
  • Make modern identifier characters quoted for older environments (#1512)

v5.30.0

  • Improve removal of classes referring to themselves

v5.29.2

  • Make sure 'computed_props' creates string keys
  • Take into account the evaluated size when inlining

v5.29.1

  • fix optimisation of all-bits mask check

v5.29.0

  • Re-releases previously reverted 5.28.0
  • Fix crash while optimizing some bitwise ops
  • (internal) Remove needless wrapper for from_moz (#1499)

... (truncated)

Commits

Updates ws from 7.4.6 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

  • Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

  • Backported 0fdcc0af to the 7.x release line (2758ed35).
  • Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

  • Backported 6946f5fe to the 7.x release line (1f72e2e1).

7.5.6

Bug fixes

  • Backported b8186dd1 to the 7.x release line (73dec34b).
  • Backported ed2b8039 to the 7.x release line (22a26afb).

7.5.5

Bug fixes

  • Backported ec9377ca to the 7.x release line (0e274acd).

7.5.4

Bug fixes

  • Backported 6a72da3e to the 7.x release line (76087fbf).
  • Backported 869c9892 to the 7.x release line (27997933).

7.5.3

Bug fixes

  • The WebSocketServer constructor now throws an error if more than one of the noServer, server, and port options are specefied (66e58d27).
  • Fixed a bug where a 'close' event was emitted by a WebSocketServer before the internal HTTP/S server was actually closed (5a587304).
  • Fixed a bug that allowed WebSocket connections to be established after WebSocketServer.prototype.close() was called (772236a1).

7.5.2

Bug fixes

... (truncated)

Commits
  • d962d70 [dist] 7.5.10
  • 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
  • 8a78f87 [dist] 7.5.9
  • 0435e6e [security] Fix same host check for ws+unix: redirects
  • 4271f07 [dist] 7.5.8
  • dc1781b [security] Drop sensitive headers when following insecure redirects
  • 2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
  • a370613 [dist] 7.5.7
  • 1f72e2e [security] Drop sensitive headers when following redirects (#2013)
  • 8ecd890 [dist] 7.5.6
  • Additional commits viewable in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

Updates @azure/identity from 3.4.1 to 4.2.1

Commits
  • 183d301 Upgrade to a version ESRP Release that supports federated auth (#29612)
  • 9a2afdf [identity] Prep for release (#29981)
  • 3caf203 [identity] Prepare identity for May release (#29441)
  • 0a69729 [core] CHANGELOG date for @​azure-rest/core-client release (#29440)
  • 88d244a Sync eng/common directory with azure-sdk-tools for PR 8158 (#29423)
  • 7706373 [template-dpg] Suppress build failure (#29437)
  • 769c1b1 [EngSys] Update name of @​azure-tools/test-utils NO_CI
  • 8cd5bc2 [core] New multipart/form-data primitive in core-client-rest (#29047)
  • 73b9faa [identity] Add changelog entry for MSALClient migration (#29419)
  • b8e63a5 Post release automated changes for notificationhubs releases (#29431)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by microsoft1es, a new releaser for @​azure/identity since your current version.


Updates braces from 3.0.2 to 3.0.3

Commits

Updates semver from 7.5.4 to 7.6.3

Release notes

Sourced from semver's releases.

v7.6.3

7.6.3 (2024-07-16)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024-05-09)

Bug Fixes

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

v7.6.0

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Changelog

Sourced from semver's changelog.

7.6.3 (2024-07-16)

Bug Fixes

Documentation

7.6.2 (2024-05-09)

Bug Fixes

7.6.1 (2024-05-04)

Bug Fixes

Dependencies

Chores

7.6.0 (2024-01-31)

Features

Chores

... (truncated)

Commits

Updates katex from 0.16.10 to 0.16.11

Release notes

Sourced from katex's releases.

v0.16.11

0.16.11 (2024-07-02)

Features

Changelog

Sourced from katex's changelog.

0.16.11 (2024-07-02)

Features

Commits

Updates katex from 0.16.10 to 0.16.11

Release notes

Sourced from katex's releases.

v0.16.11

0.16.11 (2024-07-02)

Features

Changelog

Sourced from katex's changelog.

0.16.11 (2024-07-02)

Features

Commits

Updates ws from 8.13.0 to 8.18.0

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

  • Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

  • Backported 0fdcc0af to the 7.x release line (2758ed35).
  • Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

  • Backported 6946f5fe to the 7.x release line (1f72e2e1).

7.5.6

Bug fixes

  • Backported b8186dd1 to the 7.x release line (73dec34b).
  • Backported ed2b8039 to the 7.x release line (22a26afb).

7.5.5

Bug fixes

  • Backported ec9377ca to the 7.x release line (0e274acd).

7.5.4

Bug fixes

  • Backported 6a72da3e to the 7.x release line (76087fbf).
  • Backported 869c9892 to the 7.x release line (27997933).

7.5.3

Bug fixes

  • The WebSocketServer constructor now throws an error if more than one of the noServer, server, and port options are specefied (66e58d27).
  • Fixed a bug where a 'close' event was emitted by a WebSocketServer before the internal HTTP/S server was actually closed (5a587304).
  • Fixed a bug that allowed WebSocket connections to be established after WebSocketServer.prototype.close() was called (772236a1).

7.5.2

Bug fixes

... (truncated)

Commits
  • d962d70 [dist] 7.5.10
  • 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
  • 8a78f87 [dist] 7.5.9
  • 0435e6e [security] Fix same host check for ws+unix: redirects
  • 4271f07 [dist] 7.5.8
  • dc1781b [security] Drop sensitive headers when following insecure redirects
  • 2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
  • a370613 [dist] 7.5.7
  • 1f72e2e [security] Drop sensitive headers when following redirects (#2013)
  • 8ecd890 [dist] 7.5.6
  • Additional commits viewable in compare view

Updates minimatch from 5.1.6 to 10.0.1

Changelog

Sourced from minimatch's changelog.

change log

10.0

  • Require node 20 or 22 and higher

9.0

  • No default export, only named exports.

8.0

  • Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
  • Bump required Node.js version

7.4

  • Add escape() method
  • Add unescape() method
  • Add Minimatch.hasMagic() method

7.3

  • Add support for posix character classes in a unicode-aware way.

7.2

  • Add windowsNoMagicRoot option

7.1

  • Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

7.0

  • Preprocess patterns to simplify complicated patterns and reduce out .. pattern portions where possible. Note that this means a pattern like a/b/../* will be equivalent to a/*, and will not match the string a/b/../c. If this causes problems, it can be addressed in a patch release by resolving .. portions in the test string.

6.2

... (truncated)

Commits

Updates braces from 3.0.2 to 3.0.3

Commits

Updates braces from 3.0.2 to 3.0.3

Commits

Updates semver from 7.5.4 to 7.6.3

Release notes

Sourced from semver's releases.

v7.6.3

7.6.3 (2024-07-16)

Bug Fixes

Documentation

v7.6.2

7.6.2 (2024-05-09)

Bug Fixes

v7.6.1

7.6.1 (2024-05-04)

Bug Fixes

@dependabot
Bump the npm_and_yarn group across 8 directories with 10 updates
1989898 
Bumps the npm_and_yarn group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `10.0.1` |
| [postcss](https://github.com/postcss/postcss) | `8.4.33` | `8.4.34` |
| [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) | `0.5.0` | `0.6.0` |
| [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.63` | `0.10.64` |
| [terser](https://github.com/terser/terser) | `5.27.0` | `5.31.5` |
| [ws](https://github.com/websockets/ws) | `7.4.6` | `7.5.10` |

Bumps the npm_and_yarn group with 2 updates in the /build directory: [braces](https://github.com/micromatch/braces) and [@azure/identity](https://github.com/Azure/azure-sdk-for-js).
Bumps the npm_and_yarn group with 1 update in the /extensions directory: [braces](https://github.com/micromatch/braces).
Bumps the npm_and_yarn group with 2 updates in the /extensions/markdown-language-features directory: [semver](https://github.com/npm/node-semver) and [katex](https://github.com/KaTeX/KaTeX).
Bumps the npm_and_yarn group with 1 update in the /extensions/markdown-math directory: [katex](https://github.com/KaTeX/KaTeX).
Bumps the npm_and_yarn group with 1 update in the /extensions/notebook-renderers directory: [ws](https://github.com/websockets/ws).
Bumps the npm_and_yarn group with 2 updates in the /extensions/npm directory: [minimatch](https://github.com/isaacs/minimatch) and [braces](https://github.com/micromatch/braces).
Bumps the npm_and_yarn group with 2 updates in the /remote directory: [braces](https://github.com/micromatch/braces) and [semver](https://github.com/npm/node-semver).


Updates `minimatch` from 3.1.2 to 10.0.1
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v10.0.1)

Updates `postcss` from 8.4.33 to 8.4.34
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.33...8.4.34)

Updates `xml2js` from 0.5.0 to 0.6.0
- [Commits](Leonidas-from-XIV/node-xml2js@0.5.0...0.6.0)

Updates `es5-ext` from 0.10.63 to 0.10.64
- [Release notes](https://github.com/medikoo/es5-ext/releases)
- [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md)
- [Commits](medikoo/es5-ext@v0.10.63...v0.10.64)

Updates `terser` from 5.27.0 to 5.31.5
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](terser/terser@v5.27.0...v5.31.5)

Updates `ws` from 7.4.6 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.4.6...7.5.10)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `@azure/identity` from 3.4.1 to 4.2.1
- [Release notes](https://github.com/Azure/azure-sdk-for-js/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md)
- [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/identity_3.4.1...@azure/identity_4.2.1)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `semver` from 7.5.4 to 7.6.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.5.4...v7.6.3)

Updates `katex` from 0.16.10 to 0.16.11
- [Release notes](https://github.com/KaTeX/KaTeX/releases)
- [Changelog](https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md)
- [Commits](KaTeX/KaTeX@v0.16.10...v0.16.11)

Updates `katex` from 0.16.10 to 0.16.11
- [Release notes](https://github.com/KaTeX/KaTeX/releases)
- [Changelog](https://github.com/KaTeX/KaTeX/blob/main/CHANGELOG.md)
- [Commits](KaTeX/KaTeX@v0.16.10...v0.16.11)

Updates `ws` from 8.13.0 to 8.18.0
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.4.6...7.5.10)

Updates `minimatch` from 5.1.6 to 10.0.1
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v10.0.1)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `semver` from 7.5.4 to 7.6.3
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.5.4...v7.6.3)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: xml2js
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: es5-ext
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: terser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@azure/identity"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: katex
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: katex
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 11, 2024
@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@azure/core-auth@1.5.0 None 0 58.4 kB azure-sdk
npm/@azure/core-rest-pipeline@1.7.0 environment, network 0 655 kB azure-sdk
npm/@azure/core-util@1.9.2 None 0 307 kB microsoft1es
npm/@azure/identity@4.2.1 environment, filesystem, network, shell 0 1.59 MB microsoft1es
npm/@azure/msal-browser@3.20.0 network 0 5.63 MB azuread
npm/@azure/msal-common@14.14.0 None 0 2.12 MB azuread
npm/@azure/msal-node@2.12.0 environment, filesystem, network 0 1.18 MB azuread
npm/@emmetio/css-abbreviation@2.1.8 None 0 90 kB serge.che
npm/@emmetio/css-parser@0.4.0 None 0 144 kB emmetio
npm/@emmetio/html-matcher@0.3.3 None 0 32.6 kB emmetio
npm/@emmetio/math-expression@1.0.5 None 0 62.3 kB serge.che
npm/@emmetio/scanner@1.0.4 None 0 31.9 kB serge.che
npm/@emmetio/stream-reader-utils@0.1.0 None 0 9.79 kB emmetio
npm/@emmetio/stream-reader@2.2.0 None 0 7.83 kB emmetio
npm/@types/events@3.0.0 None 0 3.78 kB types
npm/@types/tmp@0.1.0 None 0 4.5 kB types
npm/@types/which@3.0.0 None 0 5.39 kB types
npm/@vscode/emmet-helper@2.9.2 None 0 126 kB vscode-bot
npm/@vscode/markdown-it-katex@1.0.3 None 0 23.9 kB vscode-bot
npm/argparse@1.0.9 environment, filesystem 0 116 kB vitaly
npm/balanced-match@1.0.0 None 0 6.7 kB juliangruber
npm/coffeescript@1.12.7 filesystem, shell, unsafe 0 398 kB geoffreybooth
npm/commander@8.3.0 environment, filesystem, shell 0 151 kB abetomo
npm/content-disposition@0.5.3 None 0 19.1 kB dougwilson
npm/cookie@0.4.0 None 0 17.9 kB dougwilson
npm/cson-parser@4.0.9 unsafe 0 30.1 kB groupon
npm/debug@3.1.0 environment 0 53.6 kB tootallnate
npm/emmet@2.4.4 None 0 924 kB serge.che
npm/escape-html@1.0.3 None 0 3.66 kB dougwilson
npm/fast-plist@0.1.2 None 0 17.4 kB alexandrudima
npm/file-uri-to-path@1.0.0 None 0 8.07 kB tootallnate
npm/find-up@5.0.0 None 0 11.8 kB sindresorhus
npm/find-yarn-workspace-root@2.0.0 filesystem 0 16.7 kB bmishkin
npm/fresh@0.5.2 None 0 10.1 kB dougwilson
npm/glob@7.1.6 filesystem 0 56.1 kB isaacs
npm/graceful-fs@4.2.11 environment, filesystem 0 32.5 kB isaacs
npm/graceful-fs@4.2.4 environment, filesystem 0 27.7 kB isaacs
npm/http-assert@1.4.1 network 0 8.75 kB dougwilson
npm/http-errors@1.7.3 None 0 17.2 kB dougwilson
npm/http-proxy-agent@7.0.0 network 0 24.3 kB tootallnate
npm/https-proxy-agent@7.0.2 network 0 35.1 kB tootallnate
npm/image-size@1.0.0 filesystem 0 44.8 kB netroy
npm/is-generator-function@1.0.9 None 0 31.3 kB ljharb
npm/isexe@3.1.1 environment, filesystem 0 43 kB isaacs
npm/js-yaml@3.14.0 eval 0 291 kB vitaly
npm/jschardet@3.0.0 None 0 1.3 MB aadsm
npm/jsonc-parser@2.3.1 None 0 170 kB aeschli
npm/jsonc-parser@3.2.1 None 0 210 kB vscode-bot
npm/katex@0.16.11 None 0 3.96 MB ylemkimon
npm/kerberos@2.0.1 network 0 128 kB nbbeeken
npm/keygrip@1.1.0 None 0 7.49 kB dougwilson
npm/koa-compose@4.1.0 None 0 4.16 kB dead_horse
npm/koa-convert@1.2.0 None 0 12.3 kB gyson
npm/koa-mount@4.0.0 None 0 6.42 kB coderhaoxin
npm/koa-send@5.0.1 filesystem, network 0 13.6 kB niftylettuce
npm/koa-static@5.0.0 None 0 7.82 kB coderhaoxin
npm/koa@2.13.1 environment, network 0 89.9 kB dead_horse
npm/load-yaml-file@0.2.0 None 0 1.79 kB linusu
npm/locate-path@6.0.0 filesystem 0 7.02 kB sindresorhus
npm/media-typer@0.3.0 None 0 11.1 kB dougwilson
npm/micromatch@4.0.2 None 0 61.1 kB jonschlinkert
npm/micromatch@4.0.5 None 0 55.9 kB jonschlinkert
npm/mime-db@1.47.0 None 0 200 kB dougwilson
npm/mime-types@2.1.30 None 0 17.5 kB dougwilson
npm/mimic-response@3.1.0 None 0 6 kB sindresorhus
npm/minimatch@10.0.1 environment 0 439 kB isaacs
npm/ms@2.0.0 None 0 6.27 kB leo
npm/native-watchdog@1.4.2 None 0 15.1 kB vscode-bot
npm/negotiator@0.6.2 None 0 28.1 kB dougwilson
npm/node-abi@3.8.0 None 0 30.6 kB electron-cfa
npm/node-addon-api@3.2.1 None 0 420 kB nicknaso
npm/node-gyp-build@4.3.0 environment, filesystem 0 12.7 kB vweevers
npm/node-pty@1.1.0-beta11 environment, filesystem, network, shell 0 1.15 MB tyriar
npm/on-finished@2.3.0 None 0 12.3 kB dougwilson
npm/only@0.0.2 None 0 2.32 kB tjholowaychuk
npm/os-tmpdir@1.0.2 None 0 3.06 kB sindresorhus
npm/p-limit@3.1.0 None 0 7.75 kB sindresorhus
npm/p-locate@5.0.0 None 0 7.24 kB sindresorhus
npm/parseurl@1.3.3 None 0 10.3 kB dougwilson
npm/path-exists@4.0.0 filesystem 0 3.92 kB sindresorhus
npm/picomatch@2.2.2 None 0 86.7 kB mrmlnc
npm/pify@4.0.1 None 0 7.23 kB sindresorhus
npm/proxy-from-env@1.1.0 environment 0 29.5 kB rob-w
npm/queue@6.0.2 None 0 17.6 kB jessetane
npm/request-light@0.7.0 environment, filesystem, network 0 35.2 kB vscode-bot
npm/resolve-path@1.4.0 network 0 9.24 kB dougwilson
npm/rimraf@2.7.1 filesystem 0 15.5 kB isaacs
npm/semver@7.6.3 None 0 95.8 kB npm-cli-ops
npm/setprototypeof@1.1.1 None 0 3.91 kB wesleytodd
npm/socks-proxy-agent@8.0.1 network 0 23.9 kB tootallnate
npm/sprintf-js@1.0.3 None 0 34.8 kB alexei
npm/statuses@1.5.0 None 0 11 kB dougwilson
npm/strip-bom@3.0.0 None 0 3 kB sindresorhus
npm/tas-client-umd@0.1.8 None 0 190 kB vscode-bot
npm/tmp@0.0.33 filesystem 0 26 kB raszi
npm/toidentifier@1.0.0 None 0 4.33 kB dougwilson
npm/tree-kill@1.2.2 shell 0 7.82 kB wmhilton
npm/tslib@2.6.3 None 0 84.9 kB typescript-bot
npm/tsscmp@1.0.6 None 0 8.36 kB suryagh
npm/type-is@1.6.18 None 0 18.5 kB dougwilson
npm/typescript@5.4.3 None 0 32.4 MB typescript-bot
npm/vary@1.1.2 None 0 8.75 kB dougwilson
npm/vscode-grammar-updater@1.1.0 environment, filesystem, network 0 11.7 kB aeschli
npm/vscode-json-languageservice@5.3.10 None 0 564 kB vscode-bot
npm/vscode-languageserver-textdocument@1.0.3 None 0 36.6 kB dbaeumer
npm/vscode-oniguruma@1.7.0 network 0 490 kB vscode-bot
npm/vscode-regexpp@3.1.0 None 0 309 kB connor.peet
npm/vscode-textmate@9.0.0 None 0 359 kB vscode-bot
npm/vscode-uri@2.1.2 None 0 65.6 kB jrieken
npm/vscode-uri@3.0.3 None 0 175 kB jrieken
npm/which-pm@2.1.1 None 0 4.24 kB zkochan
npm/which@4.0.0 environment 0 7.5 kB npm-cli-ops
npm/ws@8.18.0 environment, network 0 147 kB lpinca
npm/yauzl@3.1.1 filesystem 0 88.6 kB thejoshwolfe
npm/yazl@2.4.3 filesystem 0 42.8 kB thejoshwolfe
npm/ylru@1.2.1 None 0 7.45 kB dead_horse
npm/yocto-queue@0.1.0 None 0 6.03 kB sindresorhus

🚮 Removed packages: npm/@azure/core-rest-pipeline@1.3.2, npm/@azure/core-util@1.6.1, npm/@azure/identity@3.4.1, npm/@azure/msal-browser@3.5.0, npm/@azure/msal-common@14.4.0, npm/@azure/msal-node@2.5.1, npm/@swc/core-win32-ia32-msvc@1.3.62, npm/@swc/core-win32-x64-msvc@1.3.62, npm/@trysound/sax@0.2.0, npm/@ts-morph/common@0.20.0, npm/@tsconfig/node10@1.0.9, npm/@tsconfig/node12@1.0.11, npm/@tsconfig/node14@1.0.3, npm/@tsconfig/node16@1.0.3, npm/@types/color-name@1.1.1, npm/@types/cookie@0.3.3, npm/@types/eslint-scope@3.7.4, npm/@types/eslint@7.2.13, npm/@types/estree@0.0.49, npm/@types/expect@1.20.4, npm/@types/glob@7.1.3, npm/@types/graceful-fs@4.1.2, npm/@types/gulp-svgmin@1.2.1, npm/@types/http-cache-semantics@4.0.1, npm/@types/http-proxy-agent@2.0.1, npm/@types/istanbul-lib-coverage@2.0.6, npm/@types/json-schema@7.0.7, npm/@types/kerberos@1.1.2, npm/@types/node-fetch@2.5.12, npm/@types/responselike@1.0.0, npm/@types/semver@7.5.8, npm/@types/sinon-test@2.4.2, npm/@types/sinon@10.0.2, npm/@types/svgo@1.3.6, npm/@types/trusted-types@1.0.6, npm/@types/vinyl@2.0.4, npm/@types/webpack@5.28.1, npm/@types/wicg-file-system-access@2020.9.6, npm/@types/windows-foreground-love@0.3.0, npm/@types/winreg@1.2.30, npm/@types/yauzl@2.10.3, npm/@types/yazl@2.4.2, npm/@typescript-eslint/eslint-plugin@6.21.0, npm/@typescript-eslint/experimental-utils@5.57.0, npm/@typescript-eslint/parser@6.21.0, npm/@typescript-eslint/scope-manager@6.21.0, npm/@typescript-eslint/type-utils@6.21.0, npm/@typescript-eslint/types@6.21.0, npm/@typescript-eslint/typescript-estree@6.21.0, npm/@typescript-eslint/utils@6.21.0, npm/@typescript-eslint/visitor-keys@6.21.0, npm/@vscode/gulp-electron@1.36.0, npm/@vscode/l10n-dev@0.0.30, npm/@vscode/policy-watcher@1.1.6, npm/@vscode/sqlite3@5.1.6-vscode, npm/@vscode/sudo-prompt@9.3.1, npm/@vscode/telemetry-extractor@1.10.2, npm/@vscode/test-cli@0.0.6, npm/@vscode/test-electron@2.3.8, npm/@vscode/test-web@0.0.50, npm/@vscode/v8-heap-parser@0.1.0, npm/@vscode/vscode-perf@0.0.14, npm/@vscode/windows-mutex@0.5.0, npm/@webassemblyjs/ast@1.11.1, npm/@webassemblyjs/floating-point-hex-parser@1.11.1, npm/@webassemblyjs/helper-api-error@1.11.1, npm/@webassemblyjs/helper-buffer@1.11.1, npm/@webassemblyjs/helper-numbers@1.11.1, npm/@webassemblyjs/helper-wasm-bytecode@1.11.1, npm/@webassemblyjs/helper-wasm-section@1.11.1, npm/@webassemblyjs/ieee754@1.11.1, npm/@webassemblyjs/leb128@1.11.1, npm/@webassemblyjs/utf8@1.11.1, npm/@webassemblyjs/wasm-edit@1.11.1, npm/@webassemblyjs/wasm-gen@1.11.1, npm/@webassemblyjs/wasm-opt@1.11.1, npm/@webassemblyjs/wasm-parser@1.11.1, npm/@webassemblyjs/wast-printer@1.11.1, npm/@webpack-cli/configtest@2.0.1, npm/@webpack-cli/info@2.0.1, npm/@webpack-cli/serve@2.0.1, npm/@xtuc/ieee754@1.2.0, npm/@xtuc/long@4.2.2, npm/acorn-import-assertions@1.8.0, npm/acorn-jsx@5.3.2, npm/ajv-keywords@3.5.2, npm/ajv@6.12.6, npm/ansi-colors@3.2.3, npm/ansi-cyan@0.1.1, npm/ansi-red@0.1.1, npm/ansi-regex@5.0.0, npm/ansi-styles@4.2.1, npm/any-promise@1.3.0, npm/anymatch@3.1.2, npm/append-buffer@1.0.2, npm/archy@1.0.0, npm/are-docs-informative@0.0.2, npm/arg@4.1.3, npm/arr-diff@1.1.0, npm/arr-filter@1.1.2, npm/arr-flatten@1.1.0, npm/arr-map@2.0.2, npm/arr-union@2.1.0, npm/array-back@3.1.0, npm/array-differ@1.0.0, npm/array-each@1.0.1, npm/array-initial@1.1.0, npm/array-last@1.3.0, npm/array-slice@0.2.3, npm/array-sort@1.0.0, npm/array-union@2.1.0, npm/arrify@1.0.1, npm/async-done@1.3.2, npm/async-settle@1.0.0, npm/atob@2.1.2, npm/available-typed-arrays@1.0.5, npm/bach@1.2.0, npm/basic-auth@2.0.1, npm/before-after-hook@2.2.2, npm/big.js@5.2.2, npm/binary-extensions@2.2.0, npm/binaryextensions@1.0.1, npm/boolean@3.0.2, npm/braces@3.0.2, npm/browser-stdout@1.3.1, npm/browserify-zlib@0.1.4, npm/browserslist@4.16.6, npm/buffer-from@1.1.2, npm/builtin-modules@3.3.0, npm/bytes@3.1.0, npm/c8@9.1.0, npm/cacheable-request@7.0.2, npm/call-bind@1.0.0, npm/callsites@3.1.0, npm/camelcase@6.3.0, npm/caniuse-api@3.0.0, npm/caniuse-lite@1.0.30001228, npm/chalk@4.1.0, npm/charenc@0.0.2, npm/chokidar@3.5.3, npm/chrome-remote-interface@0.33.0, npm/chrome-trace-event@1.0.2, npm/ci-info@1.6.0, npm/cliui@8.0.1, npm/clone-deep@4.0.1, npm/code-block-writer@12.0.0, npm/collection-map@1.0.0, npm/color-convert@2.0.1, npm/color-name@1.1.4, npm/colord@2.9.3, npm/colorette@1.2.2, npm/command-line-args@5.2.1, npm/commander@2.11.0, npm/commandpost@1.2.1, npm/comment-parser@1.4.0, npm/concat-stream@1.6.2, npm/concat-with-sourcemaps@1.1.0, npm/config-chain@1.1.12, npm/content-disposition@0.5.4, npm/convert-source-map@1.7.0, npm/cookie@0.4.1, npm/copy-props@2.0.5, npm/copy-webpack-plugin@11.0.0, npm/create-require@1.1.1, npm/crypt@0.0.2, npm/css-declaration-sorter@7.1.1, npm/css-loader@6.9.1, npm/css-tree@2.3.1, npm/css@3.0.0, npm/cssesc@3.0.0, npm/cssnano-preset-default@6.0.3, npm/cssnano-utils@4.0.1, npm/cssnano@6.0.3, npm/csso@5.0.5, npm/d@1.0.1, npm/debounce@1.1.0, npm/debug-fabulous@1.1.0, npm/decamelize@4.0.0, npm/decode-uri-component@0.2.2, npm/deemon@1.8.0, npm/deepmerge-json@1.5.0, npm/deepmerge@3.1.0, npm/default-compare@1.0.0, npm/default-resolution@2.0.0, npm/delayed-stream@0.0.6, npm/deprecation@2.3.1, npm/detect-file@1.0.0, npm/detect-indent@5.0.0, npm/detect-newline@2.1.0, npm/detect-node@2.0.4, npm/diff@5.0.0, npm/dir-glob@3.0.1, npm/doctrine@3.0.0, npm/duplexer@0.1.1, npm/duplexify@3.7.1, npm/each-props@1.3.2, npm/editorconfig@0.15.2, npm/electron-to-chromium@1.3.737, npm/electron@28.2.8, npm/emojis-list@3.0.0, npm/enhanced-resolve@5.12.0, npm/env-paths@2.2.0, npm/envinfo@7.8.1, npm/errno@0.1.8, npm/error-ex@1.3.2, npm/es-abstract@1.18.0-next.1, npm/tslib@2.3.1, npm/ws@8.13.0

View full report↗︎

@socket-security Socket Security
Copy link

Report is too large to display inline.
View full report↗︎

Next steps

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/kerberos@2.0.1
  • @SocketSecurity ignore npm/path-exists@4.0.0
  • @SocketSecurity ignore npm/find-yarn-workspace-root@2.0.0
  • @SocketSecurity ignore npm/type-is@1.6.18
  • @SocketSecurity ignore npm/os-tmpdir@1.0.2
  • @SocketSecurity ignore npm/media-typer@0.3.0
  • @SocketSecurity ignore npm/image-size@1.0.0
  • @SocketSecurity ignore npm/glob@7.1.6
  • @SocketSecurity ignore npm/commander@8.3.0
  • @SocketSecurity ignore npm/escape-html@1.0.3
  • @SocketSecurity ignore npm/fresh@0.5.2
  • @SocketSecurity ignore npm/locate-path@6.0.0
  • @SocketSecurity ignore npm/parseurl@1.3.3
  • @SocketSecurity ignore npm/proxy-from-env@1.1.0
  • @SocketSecurity ignore npm/vary@1.1.2
  • @SocketSecurity ignore npm/tree-kill@1.2.2
  • @SocketSecurity ignore npm/koa@2.13.1
  • @SocketSecurity ignore npm/keygrip@1.1.0
  • @SocketSecurity ignore npm/koa-compose@4.1.0
  • @SocketSecurity ignore npm/only@0.0.2
  • @SocketSecurity ignore npm/tsscmp@1.0.6
  • @SocketSecurity ignore npm/setprototypeof@1.1.1
  • @SocketSecurity ignore npm/toidentifier@1.0.0
  • @SocketSecurity ignore npm/http-assert@1.4.1
  • @SocketSecurity ignore npm/isexe@3.1.1
  • @SocketSecurity ignore npm/js-yaml@3.14.0
  • @SocketSecurity ignore npm/node-gyp-build@4.3.0
  • @SocketSecurity ignore npm/vscode-oniguruma@1.7.0
  • @SocketSecurity ignore npm/koa-send@5.0.1
  • @SocketSecurity ignore npm/koa-static@5.0.0
  • @SocketSecurity ignore npm/resolve-path@1.4.0
  • @SocketSecurity ignore npm/jschardet@3.0.0
  • @SocketSecurity ignore npm/picomatch@2.2.2
  • @SocketSecurity ignore npm/socks-proxy-agent@8.0.1
  • @SocketSecurity ignore npm/coffeescript@1.12.7
  • @SocketSecurity ignore npm/request-light@0.7.0
  • @SocketSecurity ignore npm/native-watchdog@1.4.2
  • @SocketSecurity ignore npm/tas-client-umd@0.1.8
  • @SocketSecurity ignore npm/koa-mount@4.0.0
  • @SocketSecurity ignore npm/vscode-grammar-updater@1.1.0
  • @SocketSecurity ignore npm/cson-parser@4.0.9
  • @SocketSecurity ignore npm/@emmetio/css-parser@0.4.0
  • @SocketSecurity ignore npm/@emmetio/html-matcher@0.3.3
  • @SocketSecurity ignore npm/@emmetio/stream-reader@2.2.0
  • @SocketSecurity ignore npm/@emmetio/stream-reader-utils@0.1.0
  • @SocketSecurity ignore npm/jsonc-parser@3.2.1
  • @SocketSecurity ignore npm/yauzl@3.1.1
  • @SocketSecurity ignore npm/node-pty@1.1.0-beta11
  • @SocketSecurity ignore npm/vscode-json-languageservice@5.3.10
  • @SocketSecurity ignore npm/@azure/identity@4.2.1

@meslubi2021 meslubi2021 self-assigned this Aug 31, 2024
@meslubi2021 meslubi2021 enabled auto-merge (squash) August 31, 2024 14:21
@meslubi2021 meslubi2021 disabled auto-merge August 31, 2024 14:22
@meslubi2021 meslubi2021 enabled auto-merge (squash) August 31, 2024 14:22
@meslubi2021 meslubi2021 disabled auto-merge August 31, 2024 14:24
@meslubi2021 meslubi2021 merged commit 31d01ba into main Aug 31, 2024
13 of 17 checks passed
@meslubi2021 meslubi2021 deleted the dependabot/npm_and_yarn/npm_and_yarn-b2211a0eeb branch August 31, 2024 14:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@meslubi2021 meslubi2021 meslubi2021 approved these changes

Assignees

@meslubi2021 meslubi2021

Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@meslubi2021