Skip to content

chore(deps): update npm devdependencies to v11 (major) #69

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update npm devdependencies to v11 (major) #69

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 10, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@secretlint/secretlint-rule-preset-recommend (source) 9.0.0 -> 11.2.5 age confidence
secretlint (source) 9.0.0 -> 11.2.5 age confidence

Release Notes

secretlint/secretlint (@​secretlint/secretlint-rule-preset-recommend)

v11.2.5

Compare Source

What's Changed
Bug Fixes
  • fix(private-key): reduce false positives for placeholder private keys by @​azu in #​1269
Refactoring
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.2.4...v11.2.5

v11.2.4

Compare Source

What's Changed
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.2.3...v11.2.4

v11.2.3

Compare Source

What's Changed

secretlint v11.2.3+ support npm Provenance.

image
Testing
  • refactor: Consolidate snapshot tests and move rule configs to test directories by @​azu in #​1188
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v11.2.0...v11.2.3

v11.2.2

Compare Source

This is not released in npm.

v11.2.0

Compare Source

What's Changed
Features
Bug Fixes
  • Add support for Makefile variable pattern $(VARIABLE) in database-connection-string rule by @​Copilot in #​1191
Dependency Updates
New Contributors

Full Changelog: secretlint/secretlint@v11.1.0...v11.2.0

v11.1.0

Compare Source

What's Changed
Features

You can use filePathGlobs to match against file paths using glob patterns:

{
  "rules": [
    {
      "id": "@​secretlint/secretlint-rule-pattern",
      "options": {
        "patterns": [
          {
            "name": "env files",
            "filePathGlobs": ["**/.env", "**/.env.*"]
          },
          {
            "name": "AWS credentials in env files",
            "filePathGlobs": ["**/.env*"],
            "pattern": "/aws_access_key_id|aws_secret_access_key/i"
          },
          {
            "name": "private keys",
            "filePathGlobs": ["**/*.pem", "**/*.key"],
            "pattern": "/BEGIN (RSA |EC )?PRIVATE KEY/"
          }
        ]
      }
    }
  ]
}
  • When only filePathGlobs is specified, the rule reports if the file path matches any of the glob patterns
  • When only pattern is specified, the rule reports if the file content matches the regex pattern
  • When both are specified, the rule reports only if both the file path matches the glob AND the content matches the pattern
Refactoring
  • refactor(types): migrate from tsd to vitest for type testing by @​azu in #​1169
Testing
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.0.2...v11.1.0

v11.0.2

Compare Source

What's Changed
Bug Fixes
  • fix(binary): resolve --version issue in Bun compiled binaries by @​azu in #​1164
Documentation
  • docs(contributing): add pre-release documentation checklist by @​azu in #​1162
  • docs(readme): add missing rules from preset-recommend by @​azu in #​1163
Testing
  • test: update valid test snapshots for database connection string rule by @​azu in #​1160
Dependency Updates

Full Changelog: secretlint/secretlint@v11.0.1...v11.0.2

v11.0.1

Compare Source

New Recommended Rules
  • Add @secretlint/secretlint-rule-anthropic to detect Claude API keys (pattern: sk-ant-api0\d-[A-Za-z0-9_-]{90,128}AA)
  • Add @secretlint/secretlint-rule-database-connection-string to detect database credentials like mongodb://user:[email protected]/myd
What's Changed
Breaking Changes
  • feat: add Anthropic and Database Connection String rules to recommended preset by @​azu in #​1154
Bug Fixes
  • fix: use workspace:* references for internal dependencies in examples by @​azu in #​1157
Documentation
Refactoring
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v10.2.2...v11.0.1

v11.0.0

Compare Source

See v11.0.1

v10.2.2

Compare Source

What's Changed
Bug Fixes
Maintenance
  • fix(turbo): fix turbo.json configuration to match actual file structure by @​azu in #​1123
Dependency Updates

Full Changelog: secretlint/secretlint@v10.2.1...v10.2.2

v10.2.1

Compare Source

What's Changed
Bug Fixes
  • fix(database-connection-string): improve password detection to avoid false negatives by @​azu in #​1118
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v10.2.0...v10.2.1

v10.2.0

Compare Source

What's Changed
Features
  • feat: add database connection string detection rule by @​azu in #​1099

@secretlint/secretlint-rule-database-connection-string detects following secrets

  • MongoDB detection: Standard URI (mongodb://) and SRV format (mongodb+srv://)
  • MySQL detection: Standard URI (mysql://), JDBC format (jdbc:mysql://), and X DevAPI (mysqlx://)
  • PostgreSQL detection: Standard URI (postgresql://) and alternative format (postgres://)
const uri = "mongodb://user:[email protected]/mydb";
const mysql = "jdbc:mysql://admin:[email protected]:3306/app";
const pg = "postgres://user:[email protected]:5432/mydb";
Fixes
  • fix(basicauth): limit protocol detection to HTTP/HTTPS/FTP to avoid overlap with database rules by @​azu in #​1101
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v10.1.1...v10.2.0

v10.1.1

Compare Source

What's Changed
Bug Fixes
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v10.1.0...v10.1.1

v10.1.0

Compare Source

What's Changed
Other Changes

Full Changelog: secretlint/secretlint@v10.0.0...v10.1.0

v10.0.0

Compare Source

What's Changed
Breaking Changes
  • 🚨 BREAKING CHANGE: Drop Node.js 18 support, add Node.js 20-22 support by @​azu in #​1070
    • Docker Image use Node.js 22
  • 🚨 BREAKING CHANGE: Make --maskSecrets the default behavior and add --no-maskSecrets flag by @​azu in #​1068
Mask secrets in lint error message (Default behavior)

Secretlint v10+ masks secrets in lint error messages by default. This is useful to prevent accidental secret exposure in CI logs, terminal output, or when using AI agent tools.

##### Secrets are masked by default
$ secretlint "**/*"

To show actual secret values in the output, use --no-maskSecrets:

$ secretlint --no-maskSecrets "**/*"
Refactoring
Testing
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v9.3.4...v10.0.0

v9.3.4

Compare Source

What's Changed
Bug Fixes
Documentation
Refactoring
CI
Dependency Updates
New Contributors

Full Changelog: secretlint/secretlint@v9.3.3...v9.3.4

v9.3.3

Compare Source

What's Changed
Bug Fixes
Refactoring
CI
Dependency Updates
New Contributors

Full Changelog: secretlint/secretlint@v9.3.2...v9.3.3

v9.3.2

Compare Source

What's Changed
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v9.3.1...v9.3.2

v9.3.1

Compare Source

What's Changed
Bug Fixes
CI
Dependency Updates

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@changeset-bot
Copy link

changeset-bot bot commented Aug 10, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: 21577ee

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch 2 times, most recently from 945f3bb to dd67177 Compare August 13, 2025 16:47
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch 3 times, most recently from 9789990 to 003a05d Compare August 25, 2025 15:04
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch 2 times, most recently from 08a20bd to 2b3ad69 Compare September 8, 2025 17:41
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from 2b3ad69 to fa60534 Compare September 25, 2025 15:36
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from fa60534 to 21577ee Compare October 11, 2025 13:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant