Skip to content

Chore(deps): Bump the npm-dependencies group across 1 directory with 5 updates #3653

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Chore(deps): Bump the npm-dependencies group across 1 directory with 5 updates #3653

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2025
edited
Loading

Bumps the npm-dependencies group with 5 updates in the / directory:

Package From To
@snyk/protect 1.1300.2 1.1301.0
zone.js 0.15.1 0.16.0
@stylistic/eslint-plugin 5.5.0 5.6.1
jasmine-core 5.12.0 5.12.1
typescript-eslint 8.46.4 8.47.0

Updates @snyk/protect from 1.1300.2 to 1.1301.0

Release notes

Sourced from @​snyk/protect's releases.

v1.1301.0

1.1301.0 (2025-11-12)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

  • container: The Snyk CLI now supports scanning Ubuntu Chisel images for vulnerabilities (9328757)
  • container: The Snyk CLI now supports scanning container images with zstd-compressed layers (5080e42)
  • container: Added a new parameter, --include-system-jars, to support scanning of usr/lib JARs (57078b6)
  • test(maven): Initial maven 4 support, testing against the most recent release candidate (88cf47e)
  • test(maven): A new experimental flag --include-provenance that will produce DepGraphs containing purls with checksum qualifiers for each package. Primarily to be used via --print-graph, not yet used in the main testing flow (5b8fe0a)
  • sbom(maven): A new experimental flag --include-provenance that will produce an SBOM with checksum qualifiers in each purl (5b8fe0a)
  • language-server: Automatic selection of the organization for IDEs based on workspace folder (EA). (2cc554e)
  • language-server: Analytics for configuration and folder trust (2cc554e)
  • mcp: Support for writing scan output into a file (2cc554e)
  • mcp: Service Account support (2cc554e)

Bug Fixes

  • general: Fix incorrect error mapping for varying status codes (5829500)
  • general: Some invalid flag combinations are now correctly handled (ca5903b)
  • test: The Snyk CLI now correctly handles optional dependencies without separate package entries (bfcbda7)
  • test: The Snyk CLI now correctly handles aliased packages with nested dependencies (bfcbda7)
  • test: The Snyk CLI now correctly handles bundled dependencies with non-hoisted bundle owners (bfcbda7)
  • test: Fixes issue where sub packages were getting grouped incorrectly, leading to deps getting marked as missing. (b904e8c)
  • test, sbom: Stops misclassifying NX Build project.json as a NuGet project (ff6860f)
  • test(npm): Improve npm alias support (cb37da7)
  • test(npm): The Snyk CLI now correctly handles npm packages with bundled dependencies (7d93b86)
  • test(python): Scanning projects using Python 2.7 will no longer fail with a string formatting error (4effc7f)
  • test(python): Fixed JSON parsing error for Python projects with missing packages (4effc7f)
  • test(maven): Underlying maven commands adjusted slightly to make aggregate projects that encounter issues when rebuilding more likely to succeed (3b72d86)
  • test(dotnet): Fix an issue with NuGet v3 scanner where the netstandard and netcoreapp TargetFrameworks were treated as .netx.x (227b50c)
  • test(dotnet): Fix an issue with NuGet v3 scanner where the pinned dependencies were not discovered (0d9b0c4)
  • container: Fixed a bug where scanning docker images with very large files would result in the CLI crashing with no message (57078b6)
  • container: Fix rare crash when scanning large Docker images (195ed78)
  • container: Fix issue where go binaries in Linux images with complex paths were not properly detected as go binaries when scanning on Windows (be8098b)
  • code: Add missing explicit error handling (755d01f)
  • unmanaged: Ignored vulnerabilities in unmanaged (C/C++) projects are now properly excluded from JSON output when using .snyk policy files. This ensures that snyk-to-html and other tools that consume JSON output will correctly respect vulnerability ignores. (fa808c1)
  • dependencies: Fix CVE-2025-58058 and CVE-2025-11065 (d7e87e2)
  • dependencies: Upgrade golang to 1.24.10 to fix vulnerabilities (c039f99)
  • dependencies: Upgrade to golang 1.24.8 (4dcf97a)
  • dependencies: Upgrade xcode to avoid flaky signing (bdcb991)
  • dependencies: Fix CVE-2025-47913 (a00b0dc)
  • language-server: Various Language Server related fixes (2cc554e)
Commits
  • f472a85 Merge pull request #6322 from snyk/chore/cherry-pick-fixes-for-rc-1.1301.0
  • 3cd9cff chore: automatic integration of language server c23fd4ea5f4e025ea40a999f11296...
  • 6610f14 chore: upgrade os extensions to allow nil actions on the fix
  • b415907 chore: automatic integration of language server 2cc554ec87f0f1b1f8005db11e416...
  • 4347131 docs: synchronizing help from snyk/user-docs
  • d523f16 chore: improve ufm sarif rendering including ignores
  • 57f0dfe Merge pull request #6300 from snyk/tmp/1762956787-release-candidate
  • 6fade45 docs: update release notes
  • e232891 Merge pull request #6299 from snyk/fix/golang_1.24.10
  • c039f99 fix(dependencies): Upgrade golang to 1.24.10 to fix vulnerabilities
  • Additional commits viewable in compare view

Updates zone.js from 0.15.1 to 0.16.0

Changelog

Sourced from zone.js's changelog.

0.16.0 (2025-11-19)

BREAKING CHANGE

  • IE/Non-Chromium Edge are not supported anymore.
Commits
  • 58014cb release: cut the zone.js-0.16.0 release
  • d99b743 build: update all non-major dependencies
  • 3cde920 build: update all non-major dependencies
  • 26fed34 build: format md files
  • 2b71181 build: update all non-major dependencies
  • 48abe00 fix(zone.js): Support jasmine v6
  • 77ead34 build: update dependency vitest to v4 (#64635)
  • ced2fa5 refactor(zone.js): Improve missing proxy zone error for jest imported (#64497)
  • fad6e13 build: update all non-major dependencies (#64514)
  • 10aa4f9 build: update all non-major dependencies (#64488)
  • Additional commits viewable in compare view

Updates @stylistic/eslint-plugin from 5.5.0 to 5.6.1

Release notes

Sourced from @​stylistic/eslint-plugin's releases.

v5.6.1

5.6.1 (2025-11-19)

Bug Fixes

  • computed-property-spacing: guard with node.type instead of computed check (#1054) (c486861)

v5.6.0

5.6.0 (2025-11-18)

Features

  • arrow-spacing: support TSFunctionType and TSConstructorType (#1036) (a5380d2)
  • computed-property-spacing: support TSIndexedAccessType (#1047) (d6e7437)
  • no-whitespace-before-property: support TS nodes (#1046) (684ff76)
  • type-annotation-spacing: deprecate overrides.arrow in favor of arrow-spacing (#1037) (598bbb0)
  • update deps (#1052) (29d09cc)

Bug Fixes

  • type-generic-spacing: ignore spaces after new in TSConstructorType (#1044) (aa0c6ac)

Documentation

  • no-extra-parens: add missing ] in various examples. (#1048) (88248cf)
  • quotes: update deprecated options to latest and add tips (#1026) (dc949f8)

Build Related

  • deps: bump actions/download-artifact from 5 to 6 (#1033) (8845342)
  • deps: bump actions/setup-node from 5 to 6 (#1029) (aa2f991)
  • deps: bump actions/upload-artifact from 4 to 5 (#1034) (657e8ce)

Chores

  • indent: cleanup TestCaseError#nodeType (#1043) (3fcec3e)
  • indent: simplify logic in JSXText (#1027) (d83c5b0)
  • space-infix-ops: simplify logic (#1022) (6d57a7d)
  • type-annotation-spacing: simplify type definitions (#1031) (aa6a0a3)
  • type-annotation-spacing: use unindent for better collapse (#1032) (839502a)
  • type-generic-spacing: remove logic duplicated with comma-spacing (#1024) (361cfc8)
  • upgrade to vitest v4 (#1040) (c9d684b)
Changelog

Sourced from @​stylistic/eslint-plugin's changelog.

5.6.1 (2025-11-19)

Bug Fixes

  • computed-property-spacing: guard with node.type instead of computed check (#1054) (c486861)

5.6.0 (2025-11-18)

Features

  • arrow-spacing: support TSFunctionType and TSConstructorType (#1036) (a5380d2)
  • computed-property-spacing: support TSIndexedAccessType (#1047) (d6e7437)
  • no-whitespace-before-property: support TS nodes (#1046) (684ff76)
  • type-annotation-spacing: deprecate overrides.arrow in favor of arrow-spacing (#1037) (598bbb0)
  • update deps (#1052) (29d09cc)

Bug Fixes

  • type-generic-spacing: ignore spaces after new in TSConstructorType (#1044) (aa0c6ac)

Documentation

  • no-extra-parens: add missing ] in various examples. (#1048) (88248cf)
  • quotes: update deprecated options to latest and add tips (#1026) (dc949f8)

Build Related

  • deps: bump actions/download-artifact from 5 to 6 (#1033) (8845342)
  • deps: bump actions/setup-node from 5 to 6 (#1029) (aa2f991)
  • deps: bump actions/upload-artifact from 4 to 5 (#1034) (657e8ce)

Chores

  • indent: cleanup TestCaseError#nodeType (#1043) (3fcec3e)
  • indent: simplify logic in JSXText (#1027) (d83c5b0)
  • space-infix-ops: simplify logic (#1022) (6d57a7d)
  • type-annotation-spacing: simplify type definitions (#1031) (aa6a0a3)
  • type-annotation-spacing: use unindent for better collapse (#1032) (839502a)
  • type-generic-spacing: remove logic duplicated with comma-spacing (#1024) (361cfc8)
  • upgrade to vitest v4 (#1040) (c9d684b)
Commits
  • 52b2b2e chore: release v5.6.1 (main) (#1055)
  • c486861 fix(computed-property-spacing): guard with node.type instead of computed ...
  • 1f5526a chore: release v5.6.0 (main) (#1023)
  • 684ff76 feat(no-whitespace-before-property): support TS nodes (#1046)
  • d6e7437 feat(computed-property-spacing): support TSIndexedAccessType (#1047)
  • 88248cf docs(no-extra-parens): add missing ] in various examples. (#1048)
  • aa0c6ac fix(type-generic-spacing): ignore spaces after new in TSConstructorType ...
  • 3fcec3e test(indent): cleanup TestCaseError#nodeType (#1043)
  • 598bbb0 feat(type-annotation-spacing): deprecate overrides.arrow in favor of `arrow...
  • a5380d2 feat(arrow-spacing): support TSFunctionType and TSConstructorType (#1036)
  • Additional commits viewable in compare view

Updates jasmine-core from 5.12.0 to 5.12.1

Release notes

Sourced from jasmine-core's releases.

v5.12.1

Please see the release notes.

Commits
  • 18d4d38 Fix version number in 5.12.1 release notes
  • 53e9bc6 Bump version to 5.12.1
  • 2be50e1 Merge branch 'bonkevin-fix-custom-matcher'
  • 27a1257 fix: unavailable custom matchers on top-it
  • 9a67c4e Copy 6.0.0-alpha.1 release notes from branch
  • See full diff in compare view

Updates typescript-eslint from 8.46.4 to 8.47.0

Release notes

Sourced from typescript-eslint's releases.

v8.47.0

8.47.0 (2025-11-17)

🚀 Features

  • eslint-plugin: [no-unused-private-class-members] new extension rule (#10913)

❤️ Thank You

You can read about our versioning strategy and releases on our website.

Changelog

Sourced from typescript-eslint's changelog.

8.47.0 (2025-11-17)

This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.

You can read about our versioning strategy and releases on our website.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Chore(deps): Bump the npm-dependencies group across 1 directory with …
56e17d8 
…5 updates

Bumps the npm-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@snyk/protect](https://github.com/snyk/snyk) | `1.1300.2` | `1.1301.0` |
| [zone.js](https://github.com/angular/angular/tree/HEAD/packages/zone.js) | `0.15.1` | `0.16.0` |
| [@stylistic/eslint-plugin](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin) | `5.5.0` | `5.6.1` |
| [jasmine-core](https://github.com/jasmine/jasmine) | `5.12.0` | `5.12.1` |
| [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) | `8.46.4` | `8.47.0` |



Updates `@snyk/protect` from 1.1300.2 to 1.1301.0
- [Release notes](https://github.com/snyk/snyk/releases)
- [Commits](snyk/cli@v1.1300.2...v1.1301.0)

Updates `zone.js` from 0.15.1 to 0.16.0
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/main/packages/zone.js/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/zone.js-0.16.0/packages/zone.js)

Updates `@stylistic/eslint-plugin` from 5.5.0 to 5.6.1
- [Release notes](https://github.com/eslint-stylistic/eslint-stylistic/releases)
- [Changelog](https://github.com/eslint-stylistic/eslint-stylistic/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint-stylistic/eslint-stylistic/commits/v5.6.1/packages/eslint-plugin)

Updates `jasmine-core` from 5.12.0 to 5.12.1
- [Release notes](https://github.com/jasmine/jasmine/releases)
- [Changelog](https://github.com/jasmine/jasmine/blob/main/RELEASE.md)
- [Commits](jasmine/jasmine@v5.12.0...v5.12.1)

Updates `typescript-eslint` from 8.46.4 to 8.47.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.47.0/packages/typescript-eslint)

---
updated-dependencies:
- dependency-name: "@snyk/protect"
  dependency-version: 1.1301.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: zone.js
  dependency-version: 0.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: "@stylistic/eslint-plugin"
  dependency-version: 5.6.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: jasmine-core
  dependency-version: 5.12.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: typescript-eslint
  dependency-version: 8.47.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant