ci icon indicating copy to clipboard operation
ci copied to clipboard
verified publisher icon NodeSecure

chore(deps): bump the dependencies group across 1 directory with 4 updates

Open dependabot[bot] opened this issue 3 months ago • 0 comments

Bumps the dependencies group with 4 updates in the / directory: @nodesecure/js-x-ray, @nodesecure/rc, @nodesecure/scanner and @topcli/spinner.

Updates @nodesecure/js-x-ray from 8.2.0 to 10.1.0

Release notes

Sourced from @​nodesecure/js-x-ray's releases.

@​nodesecure/js-x-ray@​10.1.0

Minor Changes

Patch Changes

  • Updated dependencies [71c96d1]:
    • @​nodesecure/sec-literal@​1.3.0

@​nodesecure/js-x-ray@​10.0.0

Major Changes

Minor Changes

Patch Changes

... (truncated)

Commits
  • f4da076 chore: update versions (#408)
  • 07dc2a4 chore(deps): bump openai in the dependencies group across 1 directory (#409)
  • 71c96d1 chore: update frequency-set to v2.1.x (#407)
  • b52c5c2 chore(deps): bump the github-actions group with 6 updates (#405)
  • 8ba1aa2 feat(js-x-ray-ai): implement a workspace to combine ai + js-X-ray (#404)
  • 4a4154b chore(deps): bump string-width in the dependencies group (#403)
  • 683b5fe chore(deps): bump the github-actions group with 2 updates (#402)
  • f5b9964 chore(scripts): replace all clean script by open-ally clear-ts-build script (...
  • f61651b chore: update versions (#378)
  • 857308c feat(probes): add minimal implementation of data exfiltration (#399)
  • Additional commits viewable in compare view

Updates @nodesecure/rc from 4.1.0 to 5.0.1

Release notes

Sourced from @​nodesecure/rc's releases.

@​nodesecure/rc@​5.0.1

Patch Changes

@​nodesecure/rc@​5.0.0

Major Changes

Commits

Updates @nodesecure/scanner from 6.12.1 to 7.2.0

Release notes

Sourced from @​nodesecure/scanner's releases.

@​nodesecure/scanner@​7.2.0

Minor Changes

  • #544 281c720 Thanks @​clemgbld! - feat(scanner): add npm token based on registry for sdk calls

  • #542 49c5bbb Thanks @​fraxken! - Improve type-squatting global-warning by removing it on remote scan and also when there is to much similar packages

@​nodesecure/scanner@​7.1.0

Minor Changes

Patch Changes

@​nodesecure/scanner@​7.0.0

Major Changes

Patch Changes

Commits
  • b12281b chore: update versions (#543)
  • 281c720 feat(scanner): add npm token based on registry for sdk calls (#544)
  • 49c5bbb refactor(typo-squatting): remove on local scan or when similar >= 3 (#542)
  • 5765023 chore: update versions (#527)
  • dadb7fb feat(scanner): keep NPM provenance (attestations) in the dependency version (...
  • 728e2a1 chore(deps-dev): bump the development-dependencies group across 1 directory w...
  • cfce49e chore(deps): bump the dependencies group across 1 directory with 4 updates (#...
  • 6105c7f feat(scanner): add dependency warning only when getting a 404 from the public...
  • a02664f Merge pull request #538 from NodeSecure/upt-frequency-set
  • d20e27a chore: update frequency-set to v2.x
  • Additional commits viewable in compare view

Updates @topcli/spinner from 3.0.0 to 4.0.0

Release notes

Sourced from @​topcli/spinner's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/TopCli/Spinner/compare/v3.0.0...v4.0.0

Commits
  • e40fe47 4.0.0
  • 1451b71 fix: spinner name always shows the default one (#212)
  • 67f7b4d chore(deps): bump the github-actions group with 4 updates (#211)
  • c05cdfa chore: update & pin (save-exact) cli-spinners dependency (#210)
  • 49ef286 chore(deps): bump the github-actions group with 4 updates (#209)
  • 6060299 chore(deps): bump the github-actions group with 4 updates (#208)
  • 5f6e67d chore(dependabot): use groups (#202)
  • c70fc44 chore(deps-dev): bump @​types/node in the development-dependencies group (#199)
  • 09e6bd5 chore(deps): bump github/codeql-action from 3.28.18 to 3.29.11 (#206)
  • 51d0acc refactor!: rename interface starting with I Maj (#203)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot[bot] avatar Nov 03 '25 19:11 dependabot[bot]