GithubHelp home page GithubHelp logo

timbeadle / cfpathcheck Goto Github PK

View Code? Open in Web Editor NEW
1.0 1.0 1.0 9.37 MB

Static analysis for cfml template import and include paths

License: MIT License

JavaScript 96.65% ColdFusion 3.35%
cfm cfml-template checkstyle static-analysis

cfpathcheck's People

Contributors

dependabot[bot] avatar greenkeeper[bot] avatar renovate[bot] avatar snyk-bot avatar timbeadle avatar

Stargazers

avatar

Watchers

avatar avatar

Forkers

bdw429s

cfpathcheck's Issues

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.flatten:4.4.0

Vulnerabilities

DepShield reports that this application's usage of lodash.flatten:4.4.0 results in the following vulnerability(s):

Occurrences

lodash.flatten:4.4.0 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-resolve-deps:4.0.2
              └─ lodash.flatten:4.4.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

An in-range update of snyk is breaking the build 🚨

The dependency snyk was updated from 1.246.0 to 1.247.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.247.0

1.247.0 (2019-11-13)

Features

Commits

The new version differs by 4 commits.

  • e69ef82 Merge pull request #861 from snyk/feat/introduce-jar-files
  • e699598 feat: add *.war support
  • 0189a39 chore: split up test and monitor tests
  • e845d19 feat: detect *.jar files as maven

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of eslint-plugin-jsdoc is breaking the build 🚨

The devDependency eslint-plugin-jsdoc was updated from 15.9.5 to 15.9.6.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v15.9.6

15.9.6 (2019-10-02)

Bug Fixes

Commits

The new version differs by 5 commits.

  • 756520a fix(check-indentation): update function and variable names
  • 41af93c fix(check-indentation): fix code style issue
  • d7aa4e8 fix(check-indentation): excludeTags option, add tests, default on
  • 933b74a fix(check-indentation): update README, default to false, lint ok
  • 6de2256 fix(check-indentation): ignore example code blocks

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of eslint-plugin-jsdoc is breaking the build 🚨

The devDependency eslint-plugin-jsdoc was updated from 15.4.2 to 15.5.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v15.5.0

15.5.0 (2019-07-14)

Features

  • require-description-complete-sentence: limit checking to certain default tags likely to have descriptions or by tags array for additional choices; fixes #337 (0eb7a0c)
Commits

The new version differs by 4 commits.

  • 0eb7a0c feat(require-description-complete-sentence): limit checking to certain default tags likely to have descriptions or by tags array for additional choices; fixes #337
  • 2e2af0d docs(newline-after-description): indicate applies on doc block
  • b396832 docs(match-description): add alias desc to separate column
  • 4d5400f docs(match-description): indicate application by default to description/desc and allowance for property/prop; clarify

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

Fix vulnerable regex in lib/cfpathcheck.js

Adding eslint-plugin-redos revealed this issue:

const includeMatches = matchAll(line, /\binclude\s['"](?<path>.*\.cfm)['"]/g);
Found a ReDoS vulnerable RegExp (2nd degree polynomial).eslint(redos/no-vulnerable)

Screenshot 2022-06-27 at 15 27 26

[DepShield] (CVSS 7.5) Vulnerability due to usage of debug:2.6.9

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):

Occurrences

debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.239.4
        └─ proxy-agent:3.1.1
              └─ pac-proxy-agent:3.0.1
                    └─ get-uri:2.0.4
                          └─ debug:2.6.9

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.clone:4.5.0

Vulnerabilities

DepShield reports that this application's usage of lodash.clone:4.5.0 results in the following vulnerability(s):

Occurrences

lodash.clone:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-resolve-deps:4.0.2
              └─ lodash.clone:4.5.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.111.1 to 1.112.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.112.0

1.112.0 (2018-11-30)

Features

  • Bump required lockfile parser version (762f056)
Commits

The new version differs by 2 commits.

  • ab6f5c8 Merge pull request #284 from snyk/feat/bump-lockfile-parser
  • 762f056 feat: Bump required lockfile parser version

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The dependency snyk was updated from 1.279.0 to 1.279.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v1.279.1

1.279.1 (2020-01-22)

Bug Fixes

  • snyk always being added as dependency when running wizard (49b0cd3)
Commits

The new version differs by 4 commits.

  • 240f623 Merge pull request #947 from snyk/fix/wizard-adding-snyk-dependency
  • 49b0cd3 fix: snyk always being added as dependency when running wizard
  • ab83ab8 Merge pull request #961 from snyk/chore/convert-exec-version-to-ts
  • 7d4a91c chore: convert get version and exec to ts

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The dependency snyk was updated from 1.258.0 to 1.258.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.258.1

1.258.1 (2019-12-06)

Bug Fixes

  • Remove tree-kill dependency (9c37bb4)
Commits

The new version differs by 3 commits.

  • b0bd447 Merge pull request #895 from snyk/fix/remove-tree-kill
  • f8c6aa8 chore: disable npm cache to unblock tests
  • 9c37bb4 fix: Remove tree-kill dependency

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.179.0 to 1.179.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v1.179.1

1.179.1 (2019-06-20)

Bug Fixes

  • name and version in gomodules (7cbc9e1)
Commits

The new version differs by 2 commits.

  • de94535 Merge pull request #583 from snyk/fix/gomodules-name-version
  • 7cbc9e1 fix: name and version in gomodules

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.get:4.4.2

Vulnerabilities

DepShield reports that this application's usage of lodash.get:4.4.2 results in the following vulnerability(s):

Occurrences

lodash.get:4.4.2 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-resolve-deps:4.0.2
              └─ lodash.get:4.4.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

Detected dependencies

Branch main
github-actions
.github/workflows/codeql-analysis.yml
  • actions/checkout v4
  • github/codeql-action v3
  • github/codeql-action v3
  • github/codeql-action v3
.github/workflows/nodejs.yml
  • actions/checkout v4
  • actions/setup-node v4
npm
package.json
  • @snyk/protect ^1.1292.4
  • chalk ^5.3.0
  • checkstyle-formatter ^1.1.0
  • crlf ^1.1.1
  • deep-equal ^2.2.3
  • glob ^10.4.5
  • log-symbols ^7.0.0
  • minimist ^1.2.8
  • @eslint/eslintrc ^3.1.0
  • @eslint/js ^9.9.0
  • @types/chai 4.3.17
  • @types/checkstyle-formatter 1.0.2
  • @types/deep-equal 1.0.4
  • @types/glob 8.1.0
  • @types/minimist 1.2.5
  • @types/mocha 10.0.7
  • @types/node ^22.4.2
  • chai 5.1.1
  • eslint 9.9.0
  • eslint-config-xo 0.45.0
  • globals ^15.9.0
  • ls-engines 0.9.3
  • mocha 10.7.3
  • npm-run-all2 6.2.2
  • nyc 17.0.0
  • prettier 3.3.3
  • rimraf ^5.0.10
  • typescript ^5.5.4
  • node >= 18.20.3
  • node 18.20.3
  • npm 10.8.2
Branch main-9.x
github-actions
.github/workflows/codeql-analysis.yml
  • actions/checkout v4
  • github/codeql-action v3
  • github/codeql-action v3
  • github/codeql-action v3
.github/workflows/nodejs.yml
  • actions/checkout v4
  • actions/setup-node v4
npm
package.json
  • @snyk/protect ^1.1292.4
  • chalk ^5.3.0
  • checkstyle-formatter ^1.1.0
  • crlf ^1.1.1
  • deep-equal ^2.2.3
  • glob ^10.4.5
  • log-symbols ^5.1.0
  • minimist ^1.2.8
  • @types/chai 4.3.17
  • @types/checkstyle-formatter 1.0.2
  • @types/deep-equal 1.0.4
  • @types/glob 8.1.0
  • @types/minimist 1.2.5
  • @types/mocha 10.0.7
  • @types/node ^20.14.9
  • chai 5.1.1
  • eslint 8.57.0
  • eslint-config-xo 0.45.0
  • eslint-plugin-import 2.29.1
  • eslint-plugin-redos 4.4.5
  • ls-engines 0.9.3
  • mocha 10.7.3
  • npm-run-all2 6.2.2
  • nyc 15.1.0
  • prettier 3.3.3
  • typescript ^5.5.4
  • node >= 16.14
  • node 16.20.2
  • npm 9.9.3
  • Check this box to trigger a request for Renovate to run again on this repository

An in-range update of snyk is breaking the build 🚨

The dependency snyk was updated from 1.239.5 to 1.240.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.240.0

1.240.0 (2019-10-30)

Features

  • introduce spinner lib to replace custom one (05738b1)
  • user external spinner in npm and monitor (bf6c40e)
Commits

The new version differs by 3 commits.

  • 2248b5c Merge pull request #807 from snyk/feat/replace-spinner
  • bf6c40e feat: user external spinner in npm and monitor
  • 05738b1 feat: introduce spinner lib to replace custom one

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of lodash is breaking the build 🚨

The dependency lodash was updated from 4.17.11 to 4.17.12.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

lodash is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.158.0 to 1.159.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v1.159.0

1.159.0 (2019-05-02)

Features

  • release mvn plugin with better test matrix (a688e5b)
Commits

The new version differs by 3 commits.

  • e21d494 Merge pull request #471 from snyk/feat/release-mvn-plugin-with-more-tests
  • a688e5b feat: release mvn plugin with better test matrix
  • 74ef425 chore: change quote types for singles

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of eslint-plugin-jsdoc is breaking the build 🚨

The devDependency eslint-plugin-jsdoc was updated from 4.6.0 to 4.7.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v4.7.0

4.7.0 (2019-04-01)

Features

  • make check-returns ignore abstract methods (7505604)
Commits

The new version differs by 2 commits.

  • 7505604 feat: make check-returns ignore abstract methods
  • b1301d6 Makes "Check Returns" ignore abstract methods.

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of minimist is breaking the build 🚨

☝️ Important announcement: Greenkeeper will be saying goodbye 👋 and passing the torch to Snyk on June 3rd, 2020! Find out how to migrate to Snyk and more at greenkeeper.io

The dependency minimist was updated from 1.2.4 to 1.2.5.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

minimist is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • build (13.x): There are 1 failures, 0 warnings, and 0 notices.
  • build (12.x): There are 1 failures, 0 warnings, and 0 notices.
  • build (10.x): There are 2 failures, 0 warnings, and 0 notices.
Commits

The new version differs by 1 commits.

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.112.0 to 1.113.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.113.0

1.113.0 (2018-12-03)

Features

Commits

The new version differs by 2 commits.

  • 4d9d1ac Merge pull request #287 from snyk/feat/bump-docker-plugin
  • 83d4c9c feat: bump docker plugin

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.assign:4.2.0

Vulnerabilities

DepShield reports that this application's usage of lodash.assign:4.2.0 results in the following vulnerability(s):

Occurrences

lodash.assign:4.2.0 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-resolve-deps:4.0.2
              └─ lodash.assign:4.2.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

An in-range update of prettier is breaking the build 🚨

The devDependency prettier was updated from 1.16.2 to 1.16.3.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

prettier is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.144.0 to 1.145.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.145.0

1.145.0 (2019-04-01)

Bug Fixes

Features

Commits

The new version differs by 4 commits.

  • 18c6037 Merge pull request #421 from snyk/fix/older-nuget-plugin
  • 7729677 fix: downgrade nuget plugin
  • 6f1412f Merge pull request #418 from snyk/fix/bump-deps
  • 26f40fb feat: bump deps

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of eslint-plugin-jsdoc is breaking the build 🚨

The devDependency eslint-plugin-jsdoc was updated from 4.8.3 to 4.8.4.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v4.8.4

4.8.4 (2019-05-11)

Bug Fixes

  • update GitSpo badge URL (0b04319)
Commits

The new version differs by 30 commits.

  • 9c586c5 docs: generate docs
  • 0b04319 fix: update GitSpo badge URL
  • 9922684 Merge branch 'master' of github.com:gajus/eslint-plugin-jsdoc
  • 25cbc06 docs: generate docs
  • ae9bcc4 docs: add GitSpo mentions badge
  • a075dec Merge pull request #212 from brettz9/issue-210-callback
  • ff57654 Merge pull request #213 from brettz9/expand-check-types
  • 8754dcd - Expand types checked
  • cf31761 - Allow callback-defined types in noUndefinedTypes ; fixes #210; also adds null, undefined, Array, Object, RegExp, Date, Function
  • 4640a35 Merge pull request #207 from TuckerWhitehouse/check-tag-names-replacement
  • dc6857a Merge pull request #205 from allthesignals/master
  • 3742994 docs: use semantic tags to describe relationship between files
  • 6eb8324 docs: remove superfluous comment
  • 69b1b51 Re-enable sort-keys property style; re-order keys to comply
  • 54d063d Remove unnecessary comment

There are 30 commits in total.

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.143.5 to 1.143.6.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.143.6

1.143.6 (2019-03-31)

Bug Fixes

  • create copies of original files prior to patching (7fc32ca)
Commits

The new version differs by 2 commits.

  • d11f12a Merge pull request #417 from snyk/fix/patched-files-in
  • 7fc32ca fix: create copies of original files prior to patching

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of prettier is breaking the build 🚨

The devDependency prettier was updated from 1.17.1 to 1.18.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

prettier is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for 1.18.0

🔗 Release Notes

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of eslint-plugin-jsdoc is breaking the build 🚨

The devDependency eslint-plugin-jsdoc was updated from 7.1.0 to 7.2.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v7.2.0

7.2.0 (2019-05-29)

Features

  • check-alignment: add fixer (a05741a)
Commits

The new version differs by 6 commits.

  • a05741a feat(check-alignment): add fixer
  • 188dbe8 Revert "enhancement(check-alignment): add fixer"
  • 294026e Merge pull request #264 from jasminexie/master
  • e39c729 enhancement(check-alignment): add fixer
  • 7883e44 docs: generate docs
  • 7083a84 test: add test case for #263

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

An in-range update of eslint is breaking the build 🚨

The devDependency eslint was updated from 5.15.3 to 5.16.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v5.16.0
  • dfef227 Build: gensite passes rulesMeta to formatter rendering (#11567) (Kevin Partington)
  • c06d38c Fix: Allow HTML formatter to handle no meta data (#11566) (Ilya Volodin)
  • 87a5c03 Docs: func-style: clarify when allowArrowFunctions is used (#11548) (Oliver Joseph Ash)
  • bc3e427 Update: pass rule meta to formatters RFC 10 (#11551) (Chris Meyer)
  • b452f27 Chore: Update README to pull in reviewer data (#11506) (Nicholas C. Zakas)
  • afe3d25 Upgrade: Bump js-yaml dependency to fix Denial of Service vulnerability (#11550) (Vernon de Goede)
  • 4fe7eb7 Chore: use nyc instead of istanbul (#11532) (Toru Nagashima)
  • f16af43 Chore: fix formatters/table test (#11534) (Toru Nagashima)
  • 78358a8 Docs: fix duplicate punctuation in CLI docs (#11528) (Teddy Katz)
Commits

The new version differs by 11 commits.

  • ded2f94 5.16.0
  • ea36e13 Build: changelog update for 5.16.0
  • dfef227 Build: gensite passes rulesMeta to formatter rendering (#11567)
  • c06d38c Fix: Allow HTML formatter to handle no meta data (#11566)
  • 87a5c03 Docs: func-style: clarify when allowArrowFunctions is used (#11548)
  • bc3e427 Update: pass rule meta to formatters RFC 10 (#11551)
  • b452f27 Chore: Update README to pull in reviewer data (#11506)
  • afe3d25 Upgrade: Bump js-yaml dependency to fix Denial of Service vulnerability (#11550)
  • 4fe7eb7 Chore: use nyc instead of istanbul (#11532)
  • f16af43 Chore: fix formatters/table test (#11534)
  • 78358a8 Docs: fix duplicate punctuation in CLI docs (#11528)

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.clonedeep:4.5.0

Vulnerabilities

DepShield reports that this application's usage of lodash.clonedeep:4.5.0 results in the following vulnerability(s):

Occurrences

lodash.clonedeep:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-policy:1.13.3
              └─ lodash.clonedeep:4.5.0
        └─ snyk-try-require:1.3.1
              └─ lodash.clonedeep:4.5.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

An in-range update of eslint-plugin-jsdoc is breaking the build 🚨

The devDependency eslint-plugin-jsdoc was updated from 4.8.0 to 4.8.1.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-jsdoc is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v4.8.1

4.8.1 (2019-04-08)

Bug Fixes

Commits

The new version differs by 12 commits.

  • 7794dd6 fix: require returns
  • a053125 docs: generate docs
  • 9033898 Suppress require-returns for @override, @constructor, and class constructor
  • 0f4a878 Merge pull request #146 from sandersn/parse-typescript-types
  • a99dc37 Fix blank-line lint
  • a81160e docs: generate docs
  • 14f7480 Merge branch 'master' into parse-typescript-types
  • 2d1e1fc Fix trailing-comma lint
  • 88347e7 docs: generate docs
  • fe2b3c2 Update jsdoctypeparser to 3.1.0 + test arrow types
  • 3a449f1 Test typeof and import types from Typescript
  • 25305d4 Add tests for typeof and import types from Typescript

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

Add jUnit reporter option

  • At the moment, Checkstyle is the only report format available.
  • Need to add jUnit reporter option, to be compatible with Atlassian Bamboo.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.assignin:4.2.0

Vulnerabilities

DepShield reports that this application's usage of lodash.assignin:4.2.0 results in the following vulnerability(s):

Occurrences

lodash.assignin:4.2.0 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-resolve-deps:4.0.2
              └─ lodash.assignin:4.2.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.snakecase:4.1.1

Vulnerabilities

DepShield reports that this application's usage of lodash.snakecase:4.1.1 results in the following vulnerability(s):

Occurrences

lodash.snakecase:4.1.1 is a transitive dependency introduced by the following direct dependency(s):

xo:0.25.3
        └─ eslint-plugin-unicorn:12.1.0
              └─ lodash.snakecase:4.1.1

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

An in-range update of snyk is breaking the build 🚨

The devDependency snyk was updated from 1.147.4 to 1.148.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
Release Notes for v1.148.0

1.148.0 (2019-04-08)

Features

  • monitor all-sub-projecs (d12167d)
Commits

The new version differs by 3 commits.

  • 2731ed2 Merge pull request #432 from snyk/feat/monitor-all-sub-projects
  • 4b7b430 test: monitor --all-sub-projects with multiple targets
  • d12167d feat: monitor all-sub-projecs

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.flattendeep:4.4.0

Vulnerabilities

DepShield reports that this application's usage of lodash.flattendeep:4.4.0 results in the following vulnerability(s):

Occurrences

lodash.flattendeep:4.4.0 is a transitive dependency introduced by the following direct dependency(s):

nyc:14.1.1
        └─ caching-transform:3.0.2
              └─ package-hash:3.0.0
                    └─ lodash.flattendeep:4.4.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.set:4.3.2

Vulnerabilities

DepShield reports that this application's usage of lodash.set:4.3.2 results in the following vulnerability(s):

Occurrences

lodash.set:4.3.2 is a transitive dependency introduced by the following direct dependency(s):

snyk:1.119.0
        └─ snyk-resolve-deps:4.0.2
              └─ lodash.set:4.3.2

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.isequal:4.5.0

Vulnerabilities

DepShield reports that this application's usage of lodash.isequal:4.5.0 results in the following vulnerability(s):

Occurrences

lodash.isequal:4.5.0 is a transitive dependency introduced by the following direct dependency(s):

xo:0.25.3
        └─ lodash.isequal:4.5.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

[DepShield] (CVSS 7.4) Vulnerability due to usage of lodash.camelcase:4.3.0

Vulnerabilities

DepShield reports that this application's usage of lodash.camelcase:4.3.0 results in the following vulnerability(s):

Occurrences

lodash.camelcase:4.3.0 is a transitive dependency introduced by the following direct dependency(s):

xo:0.25.3
        └─ eslint-plugin-unicorn:12.1.0
              └─ lodash.camelcase:4.3.0

This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.

An in-range update of snyk is breaking the build 🚨

The dependency snyk was updated from 1.281.1 to 1.282.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

snyk is a direct dependency of this project, and it is very likely causing it to break. If other packages depend on yours, this update is probably also breaking those in turn.

Status Details
  • continuous-integration/travis-ci/push: The Travis CI build failed (Details).
Release Notes for v1.282.0

1.282.0 (2020-01-27)

Features

  • enable cocoapods for --all-projects scanning (5851a7f)
Commits

The new version differs by 4 commits.

  • 7e30ef6 Merge pull request #965 from snyk/feat/cocopoads-all-projects
  • 5851a7f feat: enable cocoapods for --all-projects scanning
  • 8f6034f Merge pull request #968 from snyk/chore/update-file-options-help-file
  • 2a44527 chore: Added info about --file for monitor

See the full diff

FAQ and help

There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

Your Greenkeeper Bot 🌴

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.