Bump readdirp from 4.1.2 to 5.0.0

[dependabot]

Bumps readdirp from 4.1.2 to 5.0.0.

Release notes

Sourced from readdirp's releases.

5.0.0

• Make the package ESM-only. Reduces on-disk package size.
• Increase minimum node.js version to v20.19. The versions starting from it support loading esm files from cjs
• Increase security of NPM releases. Switch to token-less Trusted Publishing, with help of jsbt
• Switch compilation mode to isolatedDeclaration-based typescript for simplified auto-generated docs

New Contributors

• @​ExplodingCabbage made their first contribution in paulmillr/readdirp#206

Full Changelog: paulmillr/readdirp@4.1.2...5.0.0

Commits

• aef1eac Release 5.0.0.
• a57b6f6 Bump devdeps, fix tsc
• bc3be76 Bump jsbt ci
• a20ccba Make package ESM-only
• 2b35dbb Merge pull request #206 from ExplodingCabbage/patch-1
• 59f25d6 Fix broken repository URL in package.json
• fc39fde Fix gh-204: make file friendler for bad parsers
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for readdirp since your current version.

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ EDITORCONFIG	editorconfig-checker	2		0	0	0.01s
✅ JSON	jsonlint	2		0	0	0.34s
✅ JSON	npm-package-json-lint	yes		no	no	0.34s
✅ JSON	prettier	2	0	0	0	0.37s
✅ JSON	v8r	2		0	0	7.3s
✅ REPOSITORY	gitleaks	yes		no	no	3.9s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
❌ REPOSITORY	osv-scanner	yes		22	no	3.17s
✅ REPOSITORY	secretlint	yes		no	no	0.94s
✅ REPOSITORY	syft	yes		no	no	3.66s
✅ REPOSITORY	trufflehog	yes		no	no	3.93s
❌ SPELL	cspell	3		1	0	2.55s

Detailed Issues

❌ SPELL / cspell - 1 error

packages/create-node-app-core/package.json:59:6      - Unknown word (readdirp)   -- "readdirp": "^5.0.0",
	 Suggestions: [readdir, readDir, redip, reader, readers]
CSpell: Files checked: 2, Issues found: 1 in 1 file.


You can skip this misspellings by defining the following .cspell.json file at the root of your repository
Of course, please correct real typos before :)

{
    "version": "0.2",
    "language": "en",
    "ignorePaths": [
        "**/node_modules/**",
        "**/vscode-extension/**",
        "**/.git/**",
        "**/.pnpm-lock.json",
        ".vscode",
        "package-lock.json",
        "megalinter-reports"
    ],
    "words": [
        "readdirp"
    ]
}


You can also copy-paste megalinter-reports/.cspell.json at the root of your repository

❌ REPOSITORY / osv-scanner - 22 errors

Scanning dir .
Warning: plugin transitivedependency/pomxml can be risky when run on untrusted artifacts. Please ensure you trust the source code and artifacts before proceeding.
Starting filesystem walk for root: /
Scanned tools/danger/package-lock.json file and found 161 packages
Scanned package-lock.json file and found 588 packages
End status: 47 dirs visited, 216 inodes visited, 2 Extract calls, 30.643657ms elapsed, 30.643897ms wall time
Filtered 7 local/unscannable package/s from the scan.

Total 17 packages affected by 22 known vulnerabilities (1 Critical, 6 High, 13 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
21 vulnerabilities can be fixed.

+-------------------------------------+------+-----------+-------------------------------------+---------+---------------+--------------------------------+
| OSV URL                             | CVSS | ECOSYSTEM | PACKAGE                             | VERSION | FIXED VERSION | SOURCE                         |
+-------------------------------------+------+-----------+-------------------------------------+---------+---------------+--------------------------------+
| https://osv.dev/GHSA-3p68-rc4w-qgx5 | 6.3  | npm       | axios                               | 1.13.6  | 1.15.0        | package-lock.json              |
| https://osv.dev/GHSA-fvcv-3m26-pcqx | 4.8  | npm       | axios                               | 1.13.6  | 1.15.0        | package-lock.json              |
| https://osv.dev/GHSA-f886-m6hf-6m8v | 6.5  | npm       | brace-expansion                     | 2.0.2   | 2.0.3         | package-lock.json              |
| https://osv.dev/GHSA-r4q5-vmmm-2653 | 6.9  | npm       | follow-redirects                    | 1.15.11 | 1.16.0        | package-lock.json              |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch                           | 2.3.1   | 2.3.2         | package-lock.json              |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch                           | 2.3.1   | 2.3.2         | package-lock.json              |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch (dev)                     | 4.0.3   | 4.0.4         | package-lock.json              |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch (dev)                     | 4.0.3   | 4.0.4         | package-lock.json              |
| https://osv.dev/GHSA-48c2-rrv3-qjmp | 4.3  | npm       | yaml (dev)                          | 2.8.1   | 2.8.3         | package-lock.json              |
| https://osv.dev/GHSA-h5c3-5r3r-rr8q | 5.3  | npm       | @octokit/plugin-paginate-rest (dev) | 2.21.3  | 9.2.2         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-rmvr-2pp2-xj38 | 5.3  | npm       | @octokit/request (dev)              | 5.6.3   | 8.4.1         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-xx4v-prfh-6cgc | 5.3  | npm       | @octokit/request-error (dev)        | 2.1.0   | 5.1.1         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-vpq2-c234-7xj6 | 3.3  | npm       | @tootallnate/once (dev)             | 2.0.0   | 3.0.1         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-grv7-fg5c-xmjg | 7.5  | npm       | braces (dev)                        | 3.0.2   | 3.0.3         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-fjxv-7rqg-78g4 | 9.4  | npm       | form-data (dev)                     | 4.0.0   | 4.0.4         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-869p-cjfg-cm3x | 7.5  | npm       | jws (dev)                           | 3.2.2   | 3.2.3         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-952p-6rrq-rcjv | 5.3  | npm       | micromatch (dev)                    | 4.0.5   | 4.0.8         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-8g77-54rh-46hx | 8.9  | npm       | parse-git-config (dev)              | 2.0.3   | --            | tools/danger/package-lock.json |
| https://osv.dev/GHSA-3v7f-55p6-f55p | 5.3  | npm       | picomatch (dev)                     | 2.3.1   | 2.3.2         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-c2c7-rcm5-vvqj | 7.5  | npm       | picomatch (dev)                     | 2.3.1   | 2.3.2         | tools/danger/package-lock.json |
| https://osv.dev/GHSA-6rw7-vpxm-498p | 6.3  | npm       | qs (dev)                            | 6.12.0  | 6.14.1        | tools/danger/package-lock.json |
| https://osv.dev/GHSA-w7fw-mjwx-w883 | 3.7  | npm       | qs (dev)                            | 6.12.0  | 6.14.2        | tools/danger/package-lock.json |
+-------------------------------------+------+-----------+-------------------------------------+---------+---------------+--------------------------------+

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

Show us your support by starring ⭐ the repository

[ulises-jeremias]

@dependabot rebase

[dependabot]

Looks like readdirp is no longer updatable, so this is no longer needed.