Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency lint-staged to v13.3.0 #65

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 20, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
lint-staged 13.2.2 -> 13.3.0 age adoption passing confidence

Release Notes

lint-staged/lint-staged (lint-staged)

v13.3.0

Compare Source

Bug Fixes
  • dependencies: update most dependencies (7443870)
  • detect duplicate redundant braces in pattern (d895aa8)
Features
  • dependencies: update listr2@​6.6.0 (09844ca)

v13.2.3

Compare Source

Bug Fixes
  • the --diff option implies --no-stash (66a716d)

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Copy link

[puLL-Merge] - okonet/[email protected]

Description

This Pull Request (PR) introduces several changes across multiple files in the lint-staged repository. The motivation behind these changes seems to be driven by the following goals:

  • Update the Node.js version to v20 in GitHub Actions workflows to stay up-to-date with the latest Node.js releases.
  • Improve the code formatting by enforcing trailing commas where possible, enhancing readability and diff clarity.
  • Update various dependencies to their newer versions.
  • Refactor parts of the codebase for better readability, maintenance, and performance.
  • Fix minor issues with documentation and code comments.
  • Introduce new utilities and refactor the existing ones for path normalization and manipulation across both Unix and Windows systems.
  • Enhance error handling and logging in the main executable script.
  • Address potential security, operational, and maintainability issues throughout the codebase.
Changes

Changes

.github/workflows/main.yml

  • Update Node.js version for the setup-node action to v20.
  • Replace double quotes with single quotes in branches-ignore and tags-ignore.

.prettierrc.json

  • Add trailingComma: "es5" to enforce trailing commas in ES5-compatible places (objects, arrays, etc.).

README.md

  • Fix a broken anchor link in the Configuration section.
  • Add a migration note regarding dropping support for Node.js v14 and requiring at least Node.js v16.14.0.

bin/lint-staged.js

  • Migrate from synchronous file reading to asynchronous with node:fs/promises.
  • Refine CLI options handling and error handling.

lib/*.js

  • Introduce normalizePath.js for consistent path normalization across Unix and Windows.
  • Replace direct usages of normalize-path with custom normalizePath utility.
  • Refactor various modules (e.g., chunkFiles.js, generateTasks.js, getRenderer.js, etc.) to use the new path normalization, improve readability, and address minor issues.

package.json

  • Update project metadata, specifically the engines.node field to reflect the new minimum required Node.js version (^16.14.0 || >=18.0.0).
  • Update various dependencies to their newer versions.

Scripts and Tests

  • Add new scripts and tests to support the changes, including tests for new utilities and updates to existing tests to ensure compatibility with the updated codebase.

Security Hotspots

  1. Dependency Updates: The PR updates several dependencies. While updating dependencies is generally good for security, it is crucial to thoroughly test the application to ensure that these updates do not introduce security vulnerabilities or break existing functionality.
  2. Asynchronous File Handling (bin/lint-staged.js): Switching to asynchronous file reading/writing can lead to potential race conditions if not handled carefully. It is recommended to review these changes to ensure proper error handling and to prevent potential denial of service (DoS) issues.
  3. Path Handling (lib/normalizePath.js and usage across files): The introduction of a custom path normalization utility is critical, considering its widespread use throughout the project. Special attention should be given to ensuring this utility handles edge cases correctly, especially on Windows systems, to avoid path traversal vulnerabilities and inconsistencies.

@renovate renovate bot changed the title Update dependency lint-staged to v13.3.0 chore(deps): update dependency lint-staged to v13.3.0 Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants