Bump the npm-development group across 1 directory with 9 updates

[dependabot]

Bumps the npm-development group with 9 updates in the / directory:

Package	From	To
@types/jest	29.5.12	29.5.14
@vercel/ncc	0.38.1	0.38.2
eslint-plugin-github	5.0.1	5.0.2
eslint-plugin-jest	28.6.0	28.8.3
jose	5.6.3	5.9.6
markdownlint-cli	0.41.0	0.42.0
nock	13.5.4	13.5.5
ts-jest	29.2.3	29.2.5
typescript	5.5.4	5.6.3

Updates @types/jest from 29.5.12 to 29.5.14

Commits

• See full diff in compare view

Updates @vercel/ncc from 0.38.1 to 0.38.2

Release notes

Sourced from @​vercel/ncc's releases.

0.38.2

0.38.2 (2024-09-23)

Bug Fixes

• deps: update webpack to v5.94.0, terser to v5.33.0 (#1213) (158a1fd), closes #1193 #1194 #1177 #1204 #1195

Huge thanks to @​theoludwig 🎉

Commits

• 158a1fd fix(deps): update webpack to v5.94.0, terser to v5.33.0 (#1213)
• c1c9c65 chore(deps): Bump fast-xml-parser from 4.2.7 to 4.5.0 (#1219)
• 6ef9a48 chore(deps-dev): Bump express from 4.18.2 to 4.20.0 (#1214)
• 9e7451b ci: ignore failing test on macOS + run in band test-coverage (#1216)
• b2a325d chore(ci): drop node@16 from ci (#1164)
• 3c68358 chore(deps): Bump crypto-js from 4.1.1 to 4.2.0 (#1130)
• a70188f chore(deps): Bump browserify-sign from 4.2.1 to 4.2.2 (#1131)
• b4cc7c6 chore(deps): Bump actions/setup-node from 3 to 4 (#1133)
• 5f5dda2 chore(deps): Bump @​babel/traverse from 7.13.13 to 7.23.2 (#1125)
• See full diff in compare view

Updates eslint-plugin-github from 5.0.1 to 5.0.2

Release notes

Sourced from eslint-plugin-github's releases.

v5.0.2

What's Changed

• chore(deps): bump the all-dependencies group across 1 directory with 3 updates by @​dependabot in github/eslint-plugin-github#533
• chore(deps): bump braces from 3.0.2 to 3.0.3 by @​dependabot in github/eslint-plugin-github#534
• chore(deps): bump the all-dependencies group with 3 updates by @​dependabot in github/eslint-plugin-github#535
• chore(deps): bump the all-dependencies group with 3 updates by @​dependabot in github/eslint-plugin-github#536
• chore(deps): bump the all-dependencies group with 4 updates by @​dependabot in github/eslint-plugin-github#537
• chore(deps): bump the all-dependencies group with 3 updates by @​dependabot in github/eslint-plugin-github#538
• chore(deps): bump the all-dependencies group with 3 updates by @​dependabot in github/eslint-plugin-github#540
• chore(deps): bump the all-dependencies group with 4 updates by @​dependabot in github/eslint-plugin-github#541
• chore(deps): bump the all-dependencies group across 1 directory with 3 updates by @​dependabot in github/eslint-plugin-github#543
• chore(deps): bump the all-dependencies group with 3 updates by @​dependabot in github/eslint-plugin-github#544
• chore(deps): bump the all-dependencies group with 3 updates by @​dependabot in github/eslint-plugin-github#545
• chore(deps): bump the all-dependencies group across 1 directory with 4 updates by @​dependabot in github/eslint-plugin-github#551

Full Changelog: github/eslint-plugin-github@v5.0.1...v5.0.2

Commits

• d6f656d Merge pull request #551 from github/dependabot/npm_and_yarn/all-dependencies-...
• df2c60a chore(deps): bump the all-dependencies group across 1 directory with 4 updates
• 0f0979c chore(deps): bump the all-dependencies group with 3 updates (#545)
• 0e294e5 Merge pull request #544 from github/dependabot/npm_and_yarn/all-dependencies-...
• 17c6e39 chore(deps): bump the all-dependencies group with 3 updates
• 86d5cb1 Merge pull request #543 from github/dependabot/npm_and_yarn/all-dependencies-...
• 522309f chore(deps): bump the all-dependencies group across 1 directory with 3 updates
• c3857ba Merge pull request #541 from github/dependabot/npm_and_yarn/all-dependencies-...
• 8010f55 chore(deps): bump the all-dependencies group with 4 updates
• 7772275 Merge pull request #540 from github/dependabot/npm_and_yarn/all-dependencies-...
• Additional commits viewable in compare view

Updates eslint-plugin-jest from 28.6.0 to 28.8.3

Release notes

Sourced from eslint-plugin-jest's releases.

v28.8.3

28.8.3 (2024-09-04)

Bug Fixes

• prefer-importing-jest-globals: don't add imports in the middle of statements (#1645) (9c4197c)

v28.8.2

28.8.2 (2024-09-02)

Performance Improvements

• prefer-importing-jest-globals: stop collecting import specifiers for no reason (#1646) (0660242)

v28.8.1

28.8.1 (2024-08-29)

Bug Fixes

• prefer-importing-jest-globals: support typescript-eslint parser (#1639) (307f6a7)

v28.8.0

28.8.0 (2024-08-07)

Features

• import formatting rules from eslint-plugin-jest-formatting (#1563) (74078ee)

v28.7.0

28.7.0 (2024-08-03)

Features

• allow [@typescript-eslint](https://github.com/typescript-eslint) v8 (#1636) (fb43171)

Changelog

Sourced from eslint-plugin-jest's changelog.

28.8.3 (2024-09-04)

Bug Fixes

• prefer-importing-jest-globals: don't add imports in the middle of statements (#1645) (9c4197c)

28.8.2 (2024-09-02)

Performance Improvements

• prefer-importing-jest-globals: stop collecting import specifiers for no reason (#1646) (0660242)

28.8.1 (2024-08-29)

Bug Fixes

• prefer-importing-jest-globals: support typescript-eslint parser (#1639) (307f6a7)

28.8.0 (2024-08-07)

Features

• import formatting rules from eslint-plugin-jest-formatting (#1563) (74078ee)

28.7.0 (2024-08-03)

Features

• allow [@typescript-eslint](https://github.com/typescript-eslint) v8 (#1636) (fb43171)

Commits

• 497a500 chore(release): 28.8.3 [skip ci]
• 9c4197c fix(prefer-importing-jest-globals): don't add imports in the middle of statem...
• 9adda0a chore(release): 28.8.2 [skip ci]
• 0660242 perf(prefer-importing-jest-globals): stop collecting import specifiers for no...
• a789420 chore(deps): lock file maintenance
• 1df45e9 chore(release): 28.8.1 [skip ci]
• 307f6a7 fix(prefer-importing-jest-globals): support typescript-eslint parser (#1639)
• 267702d chore(deps): lock file maintenance
• f969f92 chore(deps): lock file maintenance
• f5f3e99 chore(deps): lock file maintenance
• Additional commits viewable in compare view

Updates jose from 5.6.3 to 5.9.6

Release notes

Sourced from jose's releases.

v5.9.6

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

v5.9.4

Refactor

• types: update error definitions (510c5ca)

v5.9.3

Refactor

• use as Type for type assertions instead of <Type> (c4dc24d)

v5.9.2

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
  qi: "iYltkV_4PmQDfZfGFpzn2UtYEKyhy-9t3Vy8Mw2VHLAADKGwJvVK5ficQAr2atIF1-agXY2bd6KV-w52zR8rmZfTr0gobzYIyqHczOm13t7uXJv2WygY7QEC2OGjdxa2Fr9RnvS99ozMa5nomZBqTqT7z5QV33czjPRCjvg6FcE",
};
const jwt = await new jose.SignJWT({ "urn:example:claim": true })
.setProtectedHeader({ alg })
</tr></table>

... (truncated)

Changelog

Sourced from jose's changelog.

5.9.6 (2024-10-20)

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

5.9.5 (2024-10-20)

Refactor

• build: simplify package exports (4783f7f)

5.9.4 (2024-10-11)

Refactor

• types: update error definitions (510c5ca)

5.9.3 (2024-09-22)

Refactor

• use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

5.8.0 (2024-08-26)

... (truncated)

Commits

• 27d26a4 chore(release): 5.9.6
• 2ef3a52 Revert "refactor(build): simplify package exports"
• 460a959 chore(release): 5.9.5
• 4783f7f refactor(build): simplify package exports
• 7521425 docs: resolve remaining conflict
• 30365fd ci: use default CodeQL
• ea5f212 chore: bump dev deps
• ffad408 docs: update docs building dependencies
• e2f737d test: temporary workaround chrome 130 and testcafe
• 43c4bcc test: browser logs are polled
• Additional commits viewable in compare view

Updates markdownlint-cli from 0.41.0 to 0.42.0

Release notes

Sourced from markdownlint-cli's releases.

v0.42.0

• Update markdownlint dependency to 0.35.0
  • Add MD058/blanks-around-tables
  • Use micromark in MD001/MD003/MD009/MD010/MD013/MD014/MD019/MD021/MD023/MD024/MD025/MD039/MD042/MD043
  • Improve MD018/MD020/MD031/MD034/MD044
  • markdown-it parser no longer invoked by default
  • Improve performance
• Update all dependencies via Dependabot

Commits

• aa975a1 Bump version 0.42.0
• 789dda8 Bump execa from 9.3.1 to 9.4.0
• 15479aa Replace dev dependency execa with nano-spawn (smaller, 0 dependencies).
• 7c20e8f Bump ignore from 5.3.2 to 6.0.2
• 3e2565c Bump markdownlint from 0.34.0 to 0.35.0
• 8027b6e Bump webpack from 5.91.0 to 5.94.0
• 27ae655 Bump execa from 9.3.0 to 9.3.1
• f4ac163 Bump ignore from 5.3.1 to 5.3.2
• b6211d3 Bump xo from 0.59.0 to 0.59.3
• 83c4f16 Bump xo from 0.58.0 to 0.59.0
• Additional commits viewable in compare view

Updates nock from 13.5.4 to 13.5.5

Release notes

Sourced from nock's releases.

v13.5.5

13.5.5 (2024-08-20)

Bug Fixes

• backport: memory leaks due to timer references outliving the timers (#2773) (#2773) (66eb7f4)

Commits

• 66eb7f4 fix(backport): memory leaks due to timer references outliving the timers (#27...
• e92cdfa chore(deps-dev): bump eslint-plugin-mocha from 10.4.1 to 10.5.0
• 623c933 chore(deps-dev): bump typescript from 5.4.3 to 5.5.4
• 2b7836d ci: exclude nodejs 10, 12 and 14 tests running on macos (#2753)
• 565e99a chore(deps-dev): bump braces from 3.0.2 to 3.0.3 (#2752)
• d013ed2 chore(deps-dev): bump typescript from 5.3.3 to 5.4.3
• 7a4badb chore(deps-dev): bump semantic-release from 23.0.2 to 23.0.6
• db0f76a chore(deps-dev): bump eslint-plugin-mocha from 10.2.0 to 10.4.1
• e44812b chore(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2597)
• 3659e82 chore(deps-dev): bump prettier from 3.2.4 to 3.2.5 (#2596)
• Additional commits viewable in compare view

Updates ts-jest from 29.2.3 to 29.2.5

Release notes

Sourced from ts-jest's releases.

v29.2.5

Please refer to CHANGELOG.md for details.

v29.2.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.5 (2024-08-23)

Bug Fixes

• build: build package with NodeNext module (9b3ade5)
• fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset (d9ff362)
• fix(compiler): fallback to NodeJS module resolution for ts 4.8 (b7d3409), closes #4499

29.2.4 (2024-08-01)

Bug Fixes

• fix: revert support implementation for Node16/NodeNext (70b9530), closes #4468 #4473

Commits

• 500a863 chore(release): 29.2.5
• dce986e build(deps): Update dependency @​babel/preset-env to ^7.25.4
• 48a28a6 build(deps): Update dependency vite to ^5.4.2
• d9ff362 fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset
• 00550ef test: add e2e test case for ESM features
• 978169b build(deps): Update dependency @​types/node to v20.16.1
• e9a643c build(deps): Update dependency @​types/node to v20.16.0
• 535edab build(deps): Update dependency @​types/node to v20.15.0
• 011a9d8 build(deps): Update dependency vite to ^5.4.1
• 4eb8ccd build: update renovate bot
• Additional commits viewable in compare view

Updates typescript from 5.5.4 to 5.6.3

Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).
• fixed issues query for Typescript 5.6.1 (RC).
• fixed issues query for Typescript 5.6.2 (Stable).
• fixed issues query for Typescript 5.6.3 (Stable).

Downloads are available on:

• npm
• NuGet package

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).
• fixed issues query for Typescript 5.6.1 (RC).
• fixed issues query for Typescript 5.6.2 (Stable).

Downloads are available on:

• npm
• NuGet package

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for TypeScript v5.6.1 (RC).
• fixed issues query for TypeScript v5.6.0 (Beta).

Downloads are available on:

• npm

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).

... (truncated)

Commits

• d48a5cf Bump version to 5.6.3 and LKG
• fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
• ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
• 1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
• a7e3374 Bump version to 5.6.2 and LKG
• 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
• 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
• 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
• 6212132 Update LKG
• bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sourcery-ai]

🧙 Sourcery has finished reviewing your pull request!

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/[email protected]	Transitive: environment, filesystem, unsafe	+48	1.76 MB	types
npm/@vercel/[email protected]	filesystem, unsafe	0	16.6 MB	chriswdmr, ijjk, matheuss, ...6 more
npm/[email protected]	Transitive: environment, eval, filesystem, shell, unsafe	+172	21.8 MB	githubbot
npm/[email protected]	filesystem Transitive: environment	+38	4.44 MB	aaronabramov, jeysal, jsonp, ...6 more
npm/[email protected]	None	0	550 kB	panva
npm/[email protected]	Transitive: environment, filesystem, shell	+53	7.25 MB	davidanson
npm/[email protected]	environment, filesystem, network	+4	260 kB	nockbot
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+160	15.4 MB	anhpnnd, kul, tsjest
npm/[email protected]	None	0	22.4 MB	typescript-bot

🚮 Removed packages: npm/@types/[email protected], npm/@vercel/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎