Skip to content

chore(deps): bump the nodesecure-dependencies group with 3 updates#736

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/nodesecure-dependencies-20b470f116
Open

chore(deps): bump the nodesecure-dependencies group with 3 updates#736
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/nodesecure-dependencies-20b470f116

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026

Bumps the nodesecure-dependencies group with 3 updates: @nodesecure/js-x-ray, @nodesecure/mama and @nodesecure/rc.

Updates @nodesecure/js-x-ray from 14.3.0 to 15.0.0

Release notes

Sourced from @​nodesecure/js-x-ray's releases.

@​nodesecure/js-x-ray@​15.0.0

Major Changes

Minor Changes

Changelog

Sourced from @​nodesecure/js-x-ray's changelog.

15.0.0

Major Changes

Minor Changes

Commits
  • 38c1419 chore: update versions (#588)
  • 26724e0 refactor: optimize ProbeRunner class (#590)
  • 0de5a6f feat(DefaultCollectableSet): add mergeData utility (#589)
  • 5352af7 feat(collectable): make CollectableSet and DefaultCollectableSet serializable...
  • See full diff in compare view

Updates @nodesecure/mama from 2.2.0 to 2.3.0

Release notes

Sourced from @​nodesecure/mama's releases.

@​nodesecure/mama@​2.3.0

Minor Changes

  • #704 7178972 Thanks @​fraxken! - Implement ManifestManager class deep into scanner and tree-walker. Implement documentDigest into ManifestManager class and fix issue with pacote.manifest type.

Patch Changes

  • Updated dependencies [7178972]:
    • @​nodesecure/npm-types@​1.4.0
Changelog

Sourced from @​nodesecure/mama's changelog.

2.3.0

Minor Changes

  • #704 7178972 Thanks @​fraxken! - Implement ManifestManager class deep into scanner and tree-walker. Implement documentDigest into ManifestManager class and fix issue with pacote.manifest type.

Patch Changes

  • Updated dependencies [7178972]:
    • @​nodesecure/npm-types@​1.4.0
Commits
  • 3518e99 chore: update versions (#703)
  • 7178972 refactor: implement ManifestManager class deep into scanner and tree-walker (...
  • b4053af fix(ci): properly execute tests with glob for Windows and UNIX
  • See full diff in compare view

Updates @nodesecure/rc from 5.5.0 to 5.6.0

Release notes

Sourced from @​nodesecure/rc's releases.

@​nodesecure/rc@​5.6.0

Minor Changes

  • #687 d656c7b Thanks @​fraxken! - Implement Node.js worker_threads with a custom Pool to scan packages tarball with JS-X-Ray
Changelog

Sourced from @​nodesecure/rc's changelog.

5.6.0

Minor Changes

  • #687 d656c7b Thanks @​fraxken! - Implement Node.js worker_threads with a custom Pool to scan packages tarball with JS-X-Ray
Commits
  • 2070b96 chore: update versions (#689)
  • b4053af fix(ci): properly execute tests with glob for Windows and UNIX
  • d656c7b feat: initial implementation of worker_threads for JS-X-Ray scan
  • c659b86 chore: update @​nodesecure/js-x-ray to v14.3.0
  • 8b82c5a chore: update @​nodesecure/vulnera to v3.1.0
  • 64502bf chore: update @​openally/config.eslint (#674)
  • d6f9487 fix(tarball): properly manage relativeFile across EFA and DependencyCollectab...
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the nodesecure-dependencies group with 3 updates
c96a1a5 
Bumps the nodesecure-dependencies group with 3 updates: [@nodesecure/js-x-ray](https://github.com/NodeSecure/js-x-ray/tree/HEAD/workspaces/js-x-ray), [@nodesecure/mama](https://github.com/NodeSecure/scanner/tree/HEAD/workspaces/mama) and [@nodesecure/rc](https://github.com/NodeSecure/scanner/tree/HEAD/workspaces/rc).


Updates `@nodesecure/js-x-ray` from 14.3.0 to 15.0.0
- [Release notes](https://github.com/NodeSecure/js-x-ray/releases)
- [Changelog](https://github.com/NodeSecure/js-x-ray/blob/master/workspaces/js-x-ray/CHANGELOG.md)
- [Commits](https://github.com/NodeSecure/js-x-ray/commits/@nodesecure/js-x-ray@15.0.0/workspaces/js-x-ray)

Updates `@nodesecure/mama` from 2.2.0 to 2.3.0
- [Release notes](https://github.com/NodeSecure/scanner/releases)
- [Changelog](https://github.com/NodeSecure/scanner/blob/master/workspaces/mama/CHANGELOG.md)
- [Commits](https://github.com/NodeSecure/scanner/commits/@nodesecure/mama@2.3.0/workspaces/mama)

Updates `@nodesecure/rc` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/NodeSecure/scanner/releases)
- [Changelog](https://github.com/NodeSecure/scanner/blob/master/workspaces/rc/CHANGELOG.md)
- [Commits](https://github.com/NodeSecure/scanner/commits/@nodesecure/rc@5.6.0/workspaces/rc)

---
updated-dependencies:
- dependency-name: "@nodesecure/js-x-ray"
  dependency-version: 15.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: nodesecure-dependencies
- dependency-name: "@nodesecure/mama"
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nodesecure-dependencies
- dependency-name: "@nodesecure/rc"
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: nodesecure-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 6, 2026
@changeset-bot
Copy link
Copy Markdown

changeset-bot bot commented Apr 6, 2026

⚠️ No Changeset found

Latest commit: c96a1a5

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants