Skip to content

Build(deps-dev): bump the npm-development group with 9 updates #149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Build(deps-dev): bump the npm-development group with 9 updates #149

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2025

Bumps the npm-development group with 9 updates:

Package From To
@types/node 24.9.2 24.10.1
@typescript-eslint/eslint-plugin 8.46.2 8.48.0
@typescript-eslint/parser 8.46.2 8.48.0
eslint 9.39.0 9.39.1
eslint-plugin-jest 29.0.1 29.2.1
js-yaml 4.1.0 4.1.1
prettier 3.6.2 3.7.3
rollup 4.52.5 4.53.3
ts-jest 29.4.5 29.4.6

Updates @types/node from 24.9.2 to 24.10.1

Commits

Updates @typescript-eslint/eslint-plugin from 8.46.2 to 8.48.0

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

  • eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)
  • rule-tester: remove workaround for jest circular structure error (#11772)
  • typescript-estree: gate all errors behind allowInvalidAST (#11693)
  • typescript-estree: replace fast-glob with tinyglobby (#11740)

🩹 Fixes

  • eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)
  • scope-manager: change unhelpful aaa error message and change analyze to expects Program (#11747)
  • typescript-estree: infers singleRun as true for project service (#11327)
  • typescript-estree: disallow binding patterns in parameter properties (#11760)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

  • eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.48.0 (2025-11-24)

🚀 Features

  • eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)

🩹 Fixes

  • typescript-estree: disallow binding patterns in parameter properties (#11760)
  • eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.47.0 (2025-11-17)

🚀 Features

  • eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.46.4 (2025-11-10)

🩹 Fixes

  • parser: error when both projectService and project are set (#11333)
  • eslint-plugin: handle override modifier in promise-function-async fixer (#11730)
  • eslint-plugin: [no-deprecated] fix double-report on computed literal identifiers (#11006, #10958)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

8.46.3 (2025-11-03)

... (truncated)

Commits
  • 6fb1551 chore(release): publish 8.48.0
  • d26e9de chore(eslint-plugin): correct TODO comment on the wrong line (#11773)
  • 5f04910 fix(typescript-estree): disallow binding patterns in parameter properties (#1...
  • a4dc42a chore: migrate to nx 22 (#11780)
  • 2ffb168 feat(eslint-plugin): [no-redundant-type-constituents] use assignability check...
  • 5ea21f1 fix(eslint-plugin): [consistent-generic-constructors] ignore when constructor...
  • 28cf803 chore(release): publish 8.47.0
  • 6c6db24 feat(eslint-plugin): [no-unused-private-class-members] new extension rule (#1...
  • 843f144 chore(release): publish 8.46.4
  • 997e0c0 fix(parser): error when both projectService and project are set (#11333)
  • Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.46.2 to 8.48.0

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.48.0

8.48.0 (2025-11-24)

🚀 Features

  • eslint-plugin: [no-redundant-type-constituents] use assignability checking for redundancy checks (#10744)
  • rule-tester: remove workaround for jest circular structure error (#11772)
  • typescript-estree: gate all errors behind allowInvalidAST (#11693)
  • typescript-estree: replace fast-glob with tinyglobby (#11740)

🩹 Fixes

  • eslint-plugin: [consistent-generic-constructors] ignore when constructor is typed array (#10477)
  • scope-manager: change unhelpful aaa error message and change analyze to expects Program (#11747)
  • typescript-estree: infers singleRun as true for project service (#11327)
  • typescript-estree: disallow binding patterns in parameter properties (#11760)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

  • eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

v8.46.4

8.46.4 (2025-11-10)

🩹 Fixes

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.48.0 (2025-11-24)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.47.0 (2025-11-17)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.4 (2025-11-10)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

8.46.3 (2025-11-03)

This was a version bump only for parser to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Updates eslint from 9.39.0 to 9.39.1

Release notes

Sourced from eslint's releases.

v9.39.1

Bug Fixes

  • 650753e fix: Only pass node to JS lang visitor methods (#20283) (Nicholas C. Zakas)

Documentation

  • 51b51f4 docs: add a section on when to use extends vs cascading (#20268) (Tanuj Kanti)
  • b44d426 docs: Update README (GitHub Actions Bot)

Chores

  • 92db329 chore: update @eslint/js version to 9.39.1 (#20284) (Francesco Trotta)
  • c7ebefc chore: package.json update for @​eslint/js release (Jenkins)
  • 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275) (renovate[bot])
  • d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266) (唯然)
  • 009e507 test: fix version tests for ESLint v10 (#20274) (Milos Djermanovic)
Commits
  • e277281 9.39.1
  • 4cdf397 Build: changelog update for 9.39.1
  • 92db329 chore: update @eslint/js version to 9.39.1 (#20284)
  • c7ebefc chore: package.json update for @​eslint/js release
  • 650753e fix: Only pass node to JS lang visitor methods (#20283)
  • 51b51f4 docs: add a section on when to use extends vs cascading (#20268)
  • 61778f6 chore: update eslint-config-eslint dependency @​eslint/js to ^9.39.0 (#20275)
  • d9ca2fc ci: Add rangeStrategy to eslint group in renovate config (#20266)
  • 009e507 test: fix version tests for ESLint v10 (#20274)
  • b44d426 docs: Update README
  • See full diff in compare view

Updates eslint-plugin-jest from 29.0.1 to 29.2.1

Release notes

Sourced from eslint-plugin-jest's releases.

v29.2.1

29.2.1 (2025-11-23)

Bug Fixes

  • valid-mock-module-path: report on ERR_PACKAGE_PATH_NOT_EXPORTED errors (#1860) (6cd4e89)

v29.2.0

29.2.0 (2025-11-20)

Features

v29.1.0

29.1.0 (2025-11-10)

Features

  • prefer-lowercase-title: allow ignoring todos (#1843) (4658638)

v29.0.2-next.1

29.0.2-next.1 (2025-10-31)

Bug Fixes

  • only specify ts-eslint once in package.json (bc1d010)
Changelog

Sourced from eslint-plugin-jest's changelog.

29.2.1 (2025-11-23)

Bug Fixes

  • valid-mock-module-path: report on ERR_PACKAGE_PATH_NOT_EXPORTED errors (#1860) (6cd4e89)

29.2.0 (2025-11-20)

Features

29.1.0 (2025-11-10)

Features

  • prefer-lowercase-title: allow ignoring todos (#1843) (4658638)
Commits
  • 0694024 chore(release): 29.2.1 [skip ci]
  • 6cd4e89 fix(valid-mock-module-path): report on ERR_PACKAGE_PATH_NOT_EXPORTED errors...
  • ba20c35 chore(deps): update yarn to v4.12.0 (#1859)
  • 8a40433 chore(deps): update actions/checkout action to v6 (#1855)
  • 730c3ee chore(release): 29.2.0 [skip ci]
  • a8625f1 feat: create new valid-mock-module-path rule (#1845)
  • 59927d9 ci: don't update uses-with in actions (#1856)
  • 589917a chore(deps): update actions/checkout action to v5.0.1 (#1854)
  • 19dc911 chore(deps): lock file maintenance (#1853)
  • 4851e6b chore(release): 29.1.0 [skip ci]
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-jest since your current version.


Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

  • Fix prototype pollution issue in yaml merge (<<) operator.
Commits

Updates prettier from 3.6.2 to 3.7.3

Release notes

Sourced from prettier's releases.

3.7.3

What's Changed

🔗 Changelog

3.7.2

What's Changed

🔗 Changelog

3.7.1

🔗 Changelog

3.7.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.7.3

diff

API: Fix prettier.getFileInfo() change that breaks VSCode extension (#18375 by @​fisker)

An internal refactor accidentally broke the VSCode extension plugin loading.

3.7.2

diff

JavaScript: Fix string print when switching quotes (#18351 by @​fisker)

// Input
console.log("A descriptor\\'s .kind must be \"method\" or \"field\".")
// Prettier 3.7.1
console.log('A descriptor\'s .kind must be "method" or "field".');
// Prettier 3.7.2
console.log('A descriptor\'s .kind must be "method" or "field".');

JavaScript: Preserve quote for embedded HTML attribute values (#18352 by @​kovsu)

// Input
const html = /* HTML */ ` <div class="${styles.banner}"></div> `;
// Prettier 3.7.1
const html = /* HTML */ &lt;div class=${styles.banner}&gt;&lt;/div&gt;;
// Prettier 3.7.2
const html = /* HTML */ &lt;div class=&quot;${styles.banner}&quot;&gt;&lt;/div&gt;;

TypeScript: Fix comment in empty type literal (#18364 by @​fisker)

// Input
export type XXX = {
  // tbd
};
// Prettier 3.7.1
</tr></table>

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for prettier since your current version.


Updates rollup from 4.52.5 to 4.53.3

Release notes

Sourced from rollup's releases.

v4.53.3

4.53.3

2025-11-19

Bug Fixes

  • Fix an error where too many modules where flagged for having an unused external import (#6182)
  • Fix an error where an assignment was wrongly tree-shaken when mutating it (#6183)

Pull Requests

v4.53.2

4.53.2

2025-11-10

Bug Fixes

  • Do not throw when using invalid escape sequences in template literals (#6177)

Pull Requests

v4.53.1

4.53.1

2025-11-07

Bug Fixes

  • Fix install script (#6172)

Pull Requests

  • #6172: fix: move patch-package from postinstall to prepare script (@​mshima)

v4.53.0

4.53.0

2025-11-07

Features

... (truncated)

Changelog

Sourced from rollup's changelog.

4.53.3

2025-11-19

Bug Fixes

  • Fix an error where too many modules where flagged for having an unused external import (#6182)
  • Fix an error where an assignment was wrongly tree-shaken when mutating it (#6183)

Pull Requests

4.53.2

2025-11-10

Bug Fixes

  • Do not throw when using invalid escape sequences in template literals (#6177)

Pull Requests

4.53.1

2025-11-07

Bug Fixes

  • Fix install script (#6172)

Pull Requests

  • #6172: fix: move patch-package from postinstall to prepare script (@​mshima)

4.53.0

2025-11-07

Features

  • Improve rendering performance by caching generated variable names (#5947)

Pull Requests

... (truncated)

Commits
  • 998b595 4.53.3
  • ef834c2 Tracing the importers chain for exported variables in external module (#6182)
  • fb21d56 Check if left side is included when checking if assigning to an assignment ha...
  • 4b4581d Add test-install CI job to test packaging, installation and importing of roll...
  • 18ee41b fix(deps): lock file maintenance minor/patch updates (#6180)
  • f0a80d1 Re-enable TypeScript test (#6174)
  • d8b0150 4.53.2
  • 4f43f03 handle TemplateElement with null cooked value (#6177)
  • e3bdcdf 4.53.1
  • 96b5453 fix: move patch-package from postinstall to prepare script (#6172)
  • Additional commits viewable in compare view

Updates ts-jest from 29.4.5 to 29.4.6

Release notes

Sourced from ts-jest's releases.

v29.4.6

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.4.6 (2025-12-01)

Bug Fixes

  • log hybrid module as warning instead of failing tests (#5144) (528d37c), closes #5130
Commits
  • 202bde5 chore(release): 29.4.6 (#5146)
  • 528d37c fix: log hybrid module as warning instead of failing tests (#5144)
  • 141e5af build(deps): update github/codeql-action digest to 497990d
  • d281cce build(deps): update google/osv-scanner-action action to v2.3.0
  • 0d20322 build(deps): update dependency memfs to ^4.51.0
  • 455dde2 build(deps): update dependency js-yaml to ^4.1.1
  • d579480 build(deps): update dependency @​types/node to v20.19.25
  • f6859d0 build(deps): update dependency @​types/yargs to ^17.0.35
  • 4d7e432 build(deps): update github/codeql-action digest to d3ced5c
  • 4ea70c9 build(deps): update actions/checkout digest to 34e1148
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Build(deps-dev): bump the npm-development group with 9 updates
e12de33 
Bumps the npm-development group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `24.9.2` | `24.10.1` |
| [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.46.2` | `8.48.0` |
| [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.46.2` | `8.48.0` |
| [eslint](https://github.com/eslint/eslint) | `9.39.0` | `9.39.1` |
| [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `29.0.1` | `29.2.1` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.0` | `4.1.1` |
| [prettier](https://github.com/prettier/prettier) | `3.6.2` | `3.7.3` |
| [rollup](https://github.com/rollup/rollup) | `4.52.5` | `4.53.3` |
| [ts-jest](https://github.com/kulshekhar/ts-jest) | `29.4.5` | `29.4.6` |


Updates `@types/node` from 24.9.2 to 24.10.1
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 8.46.2 to 8.48.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 8.46.2 to 8.48.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.0/packages/parser)

Updates `eslint` from 9.39.0 to 9.39.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](eslint/eslint@v9.39.0...v9.39.1)

Updates `eslint-plugin-jest` from 29.0.1 to 29.2.1
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](jest-community/eslint-plugin-jest@v29.0.1...v29.2.1)

Updates `js-yaml` from 4.1.0 to 4.1.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.1.0...4.1.1)

Updates `prettier` from 3.6.2 to 3.7.3
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@3.6.2...3.7.3)

Updates `rollup` from 4.52.5 to 4.53.3
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.52.5...v4.53.3)

Updates `ts-jest` from 29.4.5 to 29.4.6
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v29.4.5...v29.4.6)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.10.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-version: 8.48.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: "@typescript-eslint/parser"
  dependency-version: 8.48.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: eslint
  dependency-version: 9.39.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: eslint-plugin-jest
  dependency-version: 29.2.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
- dependency-name: prettier
  dependency-version: 3.7.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: rollup
  dependency-version: 4.53.3
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-development
- dependency-name: ts-jest
  dependency-version: 29.4.6
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependabot Dependabot issues and PRs npm Node.js issues and PRs labels Dec 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 1, 2025 23:47
@dependabot dependabot bot added dependabot Dependabot issues and PRs npm Node.js issues and PRs labels Dec 1, 2025
@github-actions
Copy link

github-actions bot commented Dec 1, 2025

MegaLinter analysis: Error

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 5 0 0 0.05s
✅ JSON jsonlint 5 0 0 0.28s
✅ JSON npm-package-json-lint yes no no 2.01s
✅ JSON prettier 5 0 0 1.16s
✅ JSON v8r 5 0 0 9.14s
✅ MARKDOWN markdownlint 1 0 0 0.85s
✅ REPOSITORY checkov yes no no 22.89s
✅ REPOSITORY gitleaks yes no no 1.22s
✅ REPOSITORY git_diff yes no no 0.03s
❌ REPOSITORY grype yes 13 no 47.44s
✅ REPOSITORY secretlint yes no no 1.06s
✅ REPOSITORY syft yes no no 9.27s
✅ REPOSITORY trivy-sbom yes no no 4.65s
✅ REPOSITORY trufflehog yes no no 30.6s
✅ TYPESCRIPT prettier 9 0 0 1.22s
✅ YAML prettier 13 0 0 0.91s
✅ YAML v8r 13 0 0 10.36s
✅ YAML yamllint 13 0 0 0.67s

Detailed Issues

❌ REPOSITORY / grype - 13 errors 
[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
NAME    INSTALLED  FIXED IN          TYPE       VULNERABILITY   SEVERITY  EPSS          RISK   
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-61723  High      < 0.1% (6th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-61725  High      < 0.1% (6th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58185  Medium    < 0.1% (8th)  < 0.1  
stdlib  go1.23.10  *1.23.12, 1.24.6  go-module  CVE-2025-47907  High      < 0.1% (4th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58186  Medium    < 0.1% (5th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-61724  Medium    < 0.1% (5th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-47912  Medium    < 0.1% (5th)  < 0.1  
stdlib  go1.23.10  *1.23.12, 1.24.6  go-module  CVE-2025-47906  Medium    < 0.1% (4th)  < 0.1  
stdlib  go1.23.10  *1.24.9, 1.25.3   go-module  CVE-2025-58187  High      < 0.1% (1st)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58188  High      < 0.1% (1st)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58189  Medium    < 0.1% (3rd)  < 0.1  
stdlib  go1.23.10  *1.23.11, 1.24.5  go-module  CVE-2025-4674   High      < 0.1% (0th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58183  Medium    < 0.1% (1st)  < 0.1
[0047] ERROR discovered vulnerabilities at or above the severity threshold

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx [email protected] --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,TYPESCRIPT_PRETTIER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependabot Dependabot issues and PRs npm Node.js issues and PRs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant