Skip to content

chore(deps): update npm devdependencies to v11 (major) #279

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update npm devdependencies to v11 (major) #279

wants to merge 1 commit into from
+225 −218

Conversation

@renovate
Copy link

@renovate renovate bot commented Aug 10, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
@secretlint/secretlint-rule-preset-recommend (source) 9.0.0 -> 11.2.5 age confidence
secretlint (source) 9.0.0 -> 11.2.5 age confidence

Release Notes

secretlint/secretlint (@​secretlint/secretlint-rule-preset-recommend)

v11.2.5

Compare Source

What's Changed
Bug Fixes
  • fix(private-key): reduce false positives for placeholder private keys by @​azu in #​1269
Refactoring
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.2.4...v11.2.5

v11.2.4

Compare Source

What's Changed

Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.2.3...v11.2.4

v11.2.3

Compare Source

What's Changed

secretlint v11.2.3+ support npm Provenance.

image
Testing
  • refactor: Consolidate snapshot tests and move rule configs to test directories by @​azu in #​1188
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v11.2.0...v11.2.3

v11.2.2

Compare Source

This is not released in npm.

v11.2.0

Compare Source

What's Changed

Features
Bug Fixes
  • Add support for Makefile variable pattern $(VARIABLE) in database-connection-string rule by @​Copilot in #​1191
Dependency Updates

New Contributors

Full Changelog: secretlint/secretlint@v11.1.0...v11.2.0

v11.1.0

Compare Source

What's Changed

Features

You can use filePathGlobs to match against file paths using glob patterns:

{
  "rules": [
    {
      "id": "@​secretlint/secretlint-rule-pattern",
      "options": {
        "patterns": [
          {
            "name": "env files",
            "filePathGlobs": ["**/.env", "**/.env.*"]
          },
          {
            "name": "AWS credentials in env files",
            "filePathGlobs": ["**/.env*"],
            "pattern": "/aws_access_key_id|aws_secret_access_key/i"
          },
          {
            "name": "private keys",
            "filePathGlobs": ["**/*.pem", "**/*.key"],
            "pattern": "/BEGIN (RSA |EC )?PRIVATE KEY/"
          }
        ]
      }
    }
  ]
}
  • When only filePathGlobs is specified, the rule reports if the file path matches any of the glob patterns
  • When only pattern is specified, the rule reports if the file content matches the regex pattern
  • When both are specified, the rule reports only if both the file path matches the glob AND the content matches the pattern
Refactoring
  • refactor(types): migrate from tsd to vitest for type testing by @​azu in #​1169
Testing
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v11.0.2...v11.1.0

v11.0.2

Compare Source

What's Changed

Bug Fixes
  • fix(binary): resolve --version issue in Bun compiled binaries by @​azu in #​1164
Documentation
  • docs(contributing): add pre-release documentation checklist by @​azu in #​1162
  • docs(readme): add missing rules from preset-recommend by @​azu in #​1163
Testing
  • test: update valid test snapshots for database connection string rule by @​azu in #​1160
Dependency Updates

Full Changelog: secretlint/secretlint@v11.0.1...v11.0.2

v11.0.1

Compare Source

New Recommended Rules

  • Add @secretlint/secretlint-rule-anthropic to detect Claude API keys (pattern: sk-ant-api0\d-[A-Za-z0-9_-]{90,128}AA)
  • Add @secretlint/secretlint-rule-database-connection-string to detect database credentials like mongodb://user:s3cr3tP4ss@cluster.mongodb.net/myd

What's Changed

Breaking Changes
  • feat: add Anthropic and Database Connection String rules to recommended preset by @​azu in #​1154
Bug Fixes
  • fix: use workspace:* references for internal dependencies in examples by @​azu in #​1157
Documentation
Refactoring
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v10.2.2...v11.0.1

v11.0.0

Compare Source

See v11.0.1

v10.2.2

Compare Source

What's Changed

Bug Fixes
Maintenance
  • fix(turbo): fix turbo.json configuration to match actual file structure by @​azu in #​1123
Dependency Updates

Full Changelog: secretlint/secretlint@v10.2.1...v10.2.2

v10.2.1

Compare Source

What's Changed

Bug Fixes
  • fix(database-connection-string): improve password detection to avoid false negatives by @​azu in #​1118
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v10.2.0...v10.2.1

v10.2.0

Compare Source

What's Changed

Features
  • feat: add database connection string detection rule by @​azu in #​1099

@secretlint/secretlint-rule-database-connection-string detects following secrets

  • MongoDB detection: Standard URI (mongodb://) and SRV format (mongodb+srv://)
  • MySQL detection: Standard URI (mysql://), JDBC format (jdbc:mysql://), and X DevAPI (mysqlx://)
  • PostgreSQL detection: Standard URI (postgresql://) and alternative format (postgres://)
const uri = "mongodb://user:s3cr3tP4ss@cluster.mongodb.net/mydb";
const mysql = "jdbc:mysql://admin:str0ngPwd@db.company.com:3306/app";
const pg = "postgres://user:c0mpl3xPass@db.example.com:5432/mydb";
Fixes
  • fix(basicauth): limit protocol detection to HTTP/HTTPS/FTP to avoid overlap with database rules by @​azu in #​1101
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v10.1.1...v10.2.0

v10.1.1

Compare Source

What's Changed

Bug Fixes
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v10.1.0...v10.1.1

v10.1.0

Compare Source

What's Changed

Other Changes

Full Changelog: secretlint/secretlint@v10.0.0...v10.1.0

v10.0.0

Compare Source

What's Changed

Breaking Changes
  • 🚨 BREAKING CHANGE: Drop Node.js 18 support, add Node.js 20-22 support by @​azu in #​1070
    • Docker Image use Node.js 22
  • 🚨 BREAKING CHANGE: Make --maskSecrets the default behavior and add --no-maskSecrets flag by @​azu in #​1068
Mask secrets in lint error message (Default behavior)

Secretlint v10+ masks secrets in lint error messages by default. This is useful to prevent accidental secret exposure in CI logs, terminal output, or when using AI agent tools.

# Secrets are masked by default
$ secretlint "**/*"

To show actual secret values in the output, use --no-maskSecrets:

$ secretlint --no-maskSecrets "**/*"
Refactoring
Testing
CI
Dependency Updates
Other Changes

Full Changelog: secretlint/secretlint@v9.3.4...v10.0.0

v9.3.4

Compare Source

What's Changed
Bug Fixes
Documentation
Refactoring
CI
Dependency Updates
New Contributors

Full Changelog: secretlint/secretlint@v9.3.3...v9.3.4

v9.3.3

Compare Source

What's Changed
Bug Fixes
Refactoring
CI
Dependency Updates
New Contributors

Full Changelog: secretlint/secretlint@v9.3.2...v9.3.3

v9.3.2

Compare Source

What's Changed
Maintenance
CI
Dependency Updates

Full Changelog: secretlint/secretlint@v9.3.1...v9.3.2

v9.3.1

Compare Source

What's Changed
Bug Fixes
CI
Dependency Updates

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 10, 2025
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch 2 times, most recently from dc663bd to ef2986b Compare August 13, 2025 15:54
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch 4 times, most recently from a3160b8 to 38f66fb Compare August 25, 2025 16:24
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch 2 times, most recently from 0a630b3 to 204329a Compare September 8, 2025 14:50
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from 204329a to 4446088 Compare September 25, 2025 14:11
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from 4446088 to a070bb3 Compare October 11, 2025 13:59
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from a070bb3 to 523eca5 Compare October 22, 2025 00:46
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from 523eca5 to e534865 Compare November 11, 2025 00:44
@renovate renovate bot force-pushed the renovate/major-11-npm-devdependencies branch from e534865 to 6358ba7 Compare November 18, 2025 22:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant