Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the arcjet-apps-minor group with 12 updates #71

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the arcjet-apps-minor group with 12 updates #71

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2025
edited
Loading

Bumps the arcjet-apps-minor group with 12 updates:

Package From To
@nestjs/common 11.0.10 11.0.11
@nestjs/config 4.0.0 4.0.1
@nestjs/core 11.0.10 11.0.11
@nestjs/platform-express 11.0.10 11.0.11
@nestjs/cli 11.0.4 11.0.5
@nestjs/schematics 11.0.1 11.0.2
@types/node 22.13.5 22.13.9
@typescript-eslint/eslint-plugin 8.25.0 8.26.0
@typescript-eslint/parser 8.25.0 8.26.0
eslint-config-prettier 10.0.1 10.0.2
prettier 3.5.2 3.5.3
typescript 5.7.3 5.8.2

Updates @nestjs/common from 11.0.10 to 11.0.11

Release notes

Sourced from @​nestjs/common's releases.

v11.0.11 (2025-02-28)

Enhancements

  • platform-fastify

Dependencies

Committers: 1

Commits

Updates @nestjs/config from 4.0.0 to 4.0.1

Release notes

Sourced from @​nestjs/config's releases.

Release 4.0.1

  • fix: validate predefined condition #1970 (79d82d6)
  • feat: allow to use symbol as a token (99d8bca)
Commits
  • da628f1 chore(): release v4.0.1
  • 79d82d6 fix: validate predefined condition #1970
  • 5937fb5 Merge pull request #1972 from kishieel/master
  • 0bf6f62 chore(deps): update dependency prettier to v3.5.3 (#1976)
  • c08aba2 chore(deps): update dependency @​types/node to v22.13.8 (#1974)
  • 6f43afd chore(deps): update dependency @​types/lodash to v4.17.16 (#1973)
  • fa5af20 chore(deps): update nest monorepo to v11.0.11 (#1971)
  • 408ed25 style: fix formatting
  • 9f6266b style: format code
  • 99d8bca feat: allow to use symbol as a token
  • Additional commits viewable in compare view

Updates @nestjs/core from 11.0.10 to 11.0.11

Release notes

Sourced from @​nestjs/core's releases.

v11.0.11 (2025-02-28)

Enhancements

  • platform-fastify

Dependencies

Committers: 1

Commits

Updates @nestjs/platform-express from 11.0.10 to 11.0.11

Release notes

Sourced from @​nestjs/platform-express's releases.

v11.0.11 (2025-02-28)

Enhancements

  • platform-fastify

Dependencies

Committers: 1

Commits

Updates @nestjs/cli from 11.0.4 to 11.0.5

Release notes

Sourced from @​nestjs/cli's releases.

Release 11.0.5

  • feat(swc): add reload application when compiling to mjs (d866d777)
Commits
  • 777aa0a chore(): release v11.0.5
  • 0c85704 Merge pull request #2920 from nestjs/renovate/angular-cli-monorepo
  • 62d71fc Merge pull request #2923 from nestjs/renovate/ansis-3.x
  • 903d5f1 Merge pull request #2928 from AbundantSalmon/fix-hot-reload-for-mjs-files
  • d866d77 feat(swc): add reload application when compiling to mjs
  • 1f7c756 chore(deps): update dependency @​swc/core to v1.11.1 (#2927)
  • 3f76f84 chore(deps): update typescript-eslint monorepo to v8.25.0 (#2926)
  • a4b86c9 chore(deps): update dependency ts-jest to v29.2.6 (#2925)
  • 2a7f878 chore(deps): update dependency prettier to v3.5.2 (#2924)
  • 82cbae1 chore(deps): update dependency eslint to v9.21.0 (#2922)
  • Additional commits viewable in compare view

Updates @nestjs/schematics from 11.0.1 to 11.0.2

Release notes

Sourced from @​nestjs/schematics's releases.

Release 11.0.2

  • fix(deps): update angular-cli monorepo to v19.2.0 (92f2f9a)
Commits
  • 1f844b3 chore(): release v11.0.2
  • 9b778cc Merge pull request #2002 from nestjs/renovate/angular-cli-monorepo
  • 31e4139 chore: remove coveralls badge
  • 304040f chore(deps): update dependency prettier to v3.5.3 (#2013)
  • fdd6579 chore(deps): update dependency @​types/node to v22.13.8 (#2011)
  • 92f2f9a fix(deps): update angular-cli monorepo to v19.2.0
  • d0924c8 chore(deps): update dependency eslint-config-prettier to v10.0.2 (#2010)
  • 134b84c chore(deps): update typescript-eslint monorepo to v8.25.0 (#2009)
  • 064fc01 chore(deps): update dependency ts-jest to v29.2.6 (#2008)
  • 554f02b chore(deps): update eslint monorepo to v9.21.0 (#2006)
  • Additional commits viewable in compare view

Updates @types/node from 22.13.5 to 22.13.9

Commits

Updates @typescript-eslint/eslint-plugin from 8.25.0 to 8.26.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.26.0

8.26.0 (2025-03-03)

🚀 Features

  • support TypeScript 5.8 (#10903)
  • eslint-plugin: [no-unnecessary-type-parameters] special case tuples and parameter location arrays as single-use (#9536)
  • eslint-plugin: [no-unused-var] handle implicit exports in declaration files (#10714)
  • eslint-plugin: [explicit-module-boundary-types] add an option to ignore overload implementations (#10889)
  • eslint-plugin: [unified-signatures] support ignoring overload signatures with different JSDoc comments (#10781)
  • rule-tester: export TestLanguageOptions (#10892)
  • scope-manager: only call Object.entries once for each lib (#10647)

🩹 Fixes

  • deps: update dependency typedoc-plugin-markdown to v4.4.2 (#10877)
  • eslint-plugin: [unified-signatures] does not differentiate truly private methods (#10806)
  • eslint-plugin: [no-invalid-void-type] report accessor properties with an invalid void type (#10864)
  • eslint-plugin: [no-unnecessary-type-assertion] handle unknown (#10875)
  • rule-tester: Add missing parser dependency (#10909)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.26.0 (2025-03-03)

🚀 Features

  • eslint-plugin: [unified-signatures] support ignoring overload signatures with different JSDoc comments (#10781)
  • eslint-plugin: [explicit-module-boundary-types] add an option to ignore overload implementations (#10889)
  • eslint-plugin: [no-unused-var] handle implicit exports in declaration files (#10714)
  • support TypeScript 5.8 (#10903)
  • eslint-plugin: [no-unnecessary-type-parameters] special case tuples and parameter location arrays as single-use (#9536)

🩹 Fixes

  • eslint-plugin: [no-unnecessary-type-assertion] handle unknown (#10875)
  • eslint-plugin: [no-invalid-void-type] report accessor properties with an invalid void type (#10864)
  • eslint-plugin: [unified-signatures] does not differentiate truly private methods (#10806)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Commits
  • bc6d19f chore(release): publish 8.26.0
  • 02d9d73 feat(eslint-plugin): [unified-signatures] support ignoring overload signature...
  • 84af50e feat(eslint-plugin): [explicit-module-boundary-types] add an option to ignore...
  • a03b7ef fix(eslint-plugin): [no-unnecessary-type-assertion] handle unknown (#10875)
  • 4082ad0 docs(eslint-plugin): [consistent-return] add link to noImplicitReturns docs...
  • d8d4b3c feat(eslint-plugin): [no-unused-var] handle implicit exports in declaration f...
  • 9674629 feat: support TypeScript 5.8 (#10903)
  • 3c7b8ff chore: fix integration-tests (#10906)
  • 735064a fix(eslint-plugin): [no-invalid-void-type] report accessor properties with ...
  • a6feb59 fix(eslint-plugin): [unified-signatures] does not differentiate truly private...
  • Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.25.0 to 8.26.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.26.0

8.26.0 (2025-03-03)

🚀 Features

  • support TypeScript 5.8 (#10903)
  • eslint-plugin: [no-unnecessary-type-parameters] special case tuples and parameter location arrays as single-use (#9536)
  • eslint-plugin: [no-unused-var] handle implicit exports in declaration files (#10714)
  • eslint-plugin: [explicit-module-boundary-types] add an option to ignore overload implementations (#10889)
  • eslint-plugin: [unified-signatures] support ignoring overload signatures with different JSDoc comments (#10781)
  • rule-tester: export TestLanguageOptions (#10892)
  • scope-manager: only call Object.entries once for each lib (#10647)

🩹 Fixes

  • deps: update dependency typedoc-plugin-markdown to v4.4.2 (#10877)
  • eslint-plugin: [unified-signatures] does not differentiate truly private methods (#10806)
  • eslint-plugin: [no-invalid-void-type] report accessor properties with an invalid void type (#10864)
  • eslint-plugin: [no-unnecessary-type-assertion] handle unknown (#10875)
  • rule-tester: Add missing parser dependency (#10909)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.26.0 (2025-03-03)

🚀 Features

  • support TypeScript 5.8 (#10903)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Commits

Updates eslint-config-prettier from 10.0.1 to 10.0.2

Release notes

Sourced from eslint-config-prettier's releases.

v10.0.2

Patch Changes

Changelog

Sourced from eslint-config-prettier's changelog.

10.0.2

Patch Changes

10.0.0

Major Changes

Versions before 10.0.0

Version 9.1.0 (2023-12-02)

  • Added: [unicorn/template-indent], (as a [special rule][unicorn/template-indent-special]). Thanks to Gürgün Dayıoğlu (@​gurgunday)!
  • Changed: All the [formatting rules that were deprecated in ESLint 8.53.0][deprecated-8.53.0] are now excluded if you set the ESLINT_CONFIG_PRETTIER_NO_DEPRECATED environment variable.

Version 9.0.0 (2023-08-05)

  • Added: The CLI helper tool now works with eslint.config.js (flat config). Just like ESLint itself, the CLI tool automatically first tries eslint.config.js and then eslintrc, and you can force which one to use by setting the [ESLINT_USE_FLAT_CONFIG] environment variable. Note that the config of eslint-config-prettier has always been compatible with eslint.config.js (flat config) – it was just the CLI tool that needed updating. On top of that, the docs have been updated to mention how to use both eslint.config.js (flat config) and eslintrc, and the tests now test both config systems.
  • Changed: [unicode-bom] is no longer turned off. Prettier preserves the BOM if you have one, and does not add one if missing. It was wrong of eslint-config-prettier to disable that rule. If you get ESLint errors after upgrading, either add "unicode-bom": "off" to your config to disable it again, or run ESLint with --fix to fix all files according to the rule (add or remove BOM). Thanks to Nicolas Stepien (@​nstepien)!

Version 8.10.0 (2023-08-03)

  • Added: [max-statements-per-line]. Thanks to @​Zamiell!

Version 8.9.0 (2023-07-27)

  • Added: [vue/array-element-newline]. Thanks to @​xcatliu!

Version 8.8.0 (2023-03-20)

  • Added: [@​typescript-eslint/lines-around-comment]. Thanks to @​ttionya!

Version 8.7.0 (2023-03-06)

  • Added: [@​typescript-eslint/block-spacing]. Thanks to @​ttionya!
  • Added: [@​typescript-eslint/key-spacing]. Thanks to @​ttionya!

Version 8.6.0 (2023-01-02)

  • Added: [vue/multiline-ternary]. Thanks to @​xcatliu!

Version 8.5.0 (2022-03-02)

  • Added: [@​typescript-eslint/space-before-blocks]. Thanks to Masafumi Koba (@​ybiquitous)!

Version 8.4.0 (2022-02-19)

... (truncated)

Commits

Updates prettier from 3.5.2 to 3.5.3

Release notes

Sourced from prettier's releases.

3.5.3

🔗 Changelog

Changelog

Sourced from prettier's changelog.

3.5.3

diff

Flow: Fix missing parentheses in ConditionalTypeAnnotation (#17196 by @​fisker)

// Input
type T<U> = 'a' | ('b' extends U ? 'c' : empty);
type T<U> = 'a' & ('b' extends U ? 'c' : empty);
// Prettier 3.5.2
type T<U> = "a" | "b" extends U ? "c" : empty;
type T<U> = "a" & "b" extends U ? "c" : empty;
// Prettier 3.5.3
type T<U> = "a" | ("b" extends U ? "c" : empty);
type T<U> = "a" & ("b" extends U ? "c" : empty);

Commits

Updates typescript from 5.7.3 to 5.8.2

Release notes

Sourced from typescript's releases.

TypeScript 5.8

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8 RC

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.8 Beta

For release notes, check out the release announcement.

Downloads are available on:

Commits
  • beb69e4 Bump version to 5.8.2 and LKG
  • 8fdbd54 🤖 Pick PR #61210 (Fix mistakenly disallowed default e...) into release-5.8 (#...
  • f4a3a8a 🤖 Pick PR #61175 (Ban import=require and export= unde...) into release-5.8 (#...
  • 420ff06 Bump version to 5.8.1-rc and LKG
  • 48eb13f Update LKG
  • fb59c19 Merge remote-tracking branch 'origin/main' into release-5.8
  • df342b7 Fixed rewriteRelativeImportExtensions for import() within call expression...
  • 775412a Bump github/codeql-action from 3.28.8 to 3.28.9 in the github-actions group (...
  • e1629e5 Pass ignoreErrors=true to more resolveEntityName callers (#61144)
  • 6fd1799 Update LKG
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the arcjet-apps-minor group with 12 updates
09eb1e1 
Bumps the arcjet-apps-minor group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `11.0.10` | `11.0.11` |
| [@nestjs/config](https://github.com/nestjs/config) | `4.0.0` | `4.0.1` |
| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `11.0.10` | `11.0.11` |
| [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) | `11.0.10` | `11.0.11` |
| [@nestjs/cli](https://github.com/nestjs/nest-cli) | `11.0.4` | `11.0.5` |
| [@nestjs/schematics](https://github.com/nestjs/schematics) | `11.0.1` | `11.0.2` |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.13.5` | `22.13.9` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.25.0` | `8.26.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.25.0` | `8.26.0` |
| [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) | `10.0.1` | `10.0.2` |
| [prettier](https://github.com/prettier/prettier) | `3.5.2` | `3.5.3` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.7.3` | `5.8.2` |


Updates `@nestjs/common` from 11.0.10 to 11.0.11
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.0.11/packages/common)

Updates `@nestjs/config` from 4.0.0 to 4.0.1
- [Release notes](https://github.com/nestjs/config/releases)
- [Changelog](https://github.com/nestjs/config/blob/master/.release-it.json)
- [Commits](nestjs/config@4.0.0...4.0.1)

Updates `@nestjs/core` from 11.0.10 to 11.0.11
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.0.11/packages/core)

Updates `@nestjs/platform-express` from 11.0.10 to 11.0.11
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.0.11/packages/platform-express)

Updates `@nestjs/cli` from 11.0.4 to 11.0.5
- [Release notes](https://github.com/nestjs/nest-cli/releases)
- [Changelog](https://github.com/nestjs/nest-cli/blob/master/.release-it.json)
- [Commits](nestjs/nest-cli@11.0.4...11.0.5)

Updates `@nestjs/schematics` from 11.0.1 to 11.0.2
- [Release notes](https://github.com/nestjs/schematics/releases)
- [Changelog](https://github.com/nestjs/schematics/blob/master/.release-it.json)
- [Commits](nestjs/schematics@11.0.1...11.0.2)

Updates `@types/node` from 22.13.5 to 22.13.9
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 8.25.0 to 8.26.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.26.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.25.0 to 8.26.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.26.0/packages/parser)

Updates `eslint-config-prettier` from 10.0.1 to 10.0.2
- [Release notes](https://github.com/prettier/eslint-config-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-config-prettier@v10.0.1...v10.0.2)

Updates `prettier` from 3.5.2 to 3.5.3
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.5.2...3.5.3)

Updates `typescript` from 5.7.3 to 5.8.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.7.3...v5.8.2)

---
updated-dependencies:
- dependency-name: "@nestjs/common"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/config"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/platform-express"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/cli"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/schematics"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: eslint-config-prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 4, 2025
@dependabot dependabot bot requested review from blaine-arcjet and e-moran March 4, 2025 06:51
@socket-security Socket Security
Copy link

New and updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@nestjs/[email protected]11.0.5 Transitive: environment, eval, filesystem, network, shell, unsafe +229 51.2 MB kamilmysliwiec, nestjscore
npm/@nestjs/[email protected]11.0.11 None +4 630 kB nestjscore
npm/@nestjs/[email protected]4.0.1 None +3 1.56 MB kamilmysliwiec, nestjscore
npm/@nestjs/[email protected]11.0.11 Transitive: filesystem, shell +8 1.15 MB nestjscore
npm/@nestjs/[email protected]11.0.11 Transitive: environment, eval, filesystem, unsafe +101 3.61 MB kamilmysliwiec, nestjscore
npm/@nestjs/[email protected]11.0.2 Transitive: environment, eval, filesystem, network, unsafe +53 8.81 MB kamilmysliwiec, nestjscore
npm/@types/[email protected]22.13.9 None +1 2.4 MB types
npm/@typescript-eslint/[email protected]8.26.0 Transitive: environment, filesystem +37 3.81 MB
npm/@typescript-eslint/[email protected]8.26.0 Transitive: environment, filesystem +29 2.07 MB bradzacher, jameshenry
npm/[email protected]10.0.2 None 0 59.4 kB jounqin, lydell, thorn0
npm/[email protected]3.5.3 None 0 0 B
npm/[email protected] None 0 22.9 MB typescript-bot

View full report↗︎

Have feedback? Participate in our User Experience Survey 📊

@socket-security Socket Security
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
License Policy Violation npm/[email protected]
  • License: CC-BY-4.0 (package/ThirdPartyNoticeText.txt)
  • License: W3C-20150513 (package/ThirdPartyNoticeText.txt)
 ⚠︎
License Policy Violation npm/@nestjs/[email protected]
  • License: UNLICENSED (package/dist/lib/application/files/ts/package.json)
  • License: UNLICENSED (package/dist/lib/application/files/js/package.json)
 ⚠︎

View full report↗︎

Next steps

What is a license policy violation?

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Find a package that does not violate your license policy or adjust your policy to allow this package's license.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blaine-arcjet blaine-arcjet Awaiting requested review from blaine-arcjet

@e-moran e-moran Awaiting requested review from e-moran

Assignees

@e-moran e-moran

@blaine-arcjet blaine-arcjet

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@e-moran @blaine-arcjet