Bump the npm-development group across 1 directory with 11 updates

[dependabot]

Bumps the npm-development group with 10 updates in the / directory:

Package	From	To
@eslint/compat	2.0.1	2.0.3
@rollup/plugin-commonjs	29.0.0	29.0.2
@types/node	25.0.6	25.5.0
@typescript-eslint/eslint-plugin	8.53.0	8.57.1
eslint-plugin-jest	29.12.1	29.15.0
eslint-plugin-prettier	5.5.4	5.5.5
globals	17.3.0	17.4.0
jest	30.2.0	30.3.0
prettier	3.7.4	3.8.1
rollup	4.55.1	4.59.0

Updates @eslint/compat from 2.0.1 to 2.0.3

Release notes

Sourced from @​eslint/compat's releases.

compat: v2.0.3

2.0.3 (2026-03-06)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^1.1.0 to ^1.1.1

migrate-config: v2.0.3

2.0.3 (2026-03-06)

Bug Fixes

• update dependency @​eslint/eslintrc to ^3.3.4 (#382) (cecf46e)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/compat bumped from ^2.0.2 to ^2.0.3
  • devDependencies
    • @​eslint/core bumped from ^1.1.0 to ^1.1.1

compat: v2.0.2

2.0.2 (2026-01-29)

Bug Fixes

• add eslint 10 as peer dependency (#361) (ecb37dc)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^1.0.1 to ^1.1.0

migrate-config: v2.0.2

2.0.2 (2026-01-29)

Dependencies

• The following workspace dependencies were updated
  • dependencies

... (truncated)

Changelog

Sourced from @​eslint/compat's changelog.

2.0.3 (2026-03-06)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^1.1.0 to ^1.1.1

2.0.2 (2026-01-29)

Bug Fixes

• add eslint 10 as peer dependency (#361) (ecb37dc)

Dependencies

• The following workspace dependencies were updated
  • dependencies
    • @​eslint/core bumped from ^1.0.1 to ^1.1.0

Commits

• 41eb19f chore: release main (#380)
• 5c42055 docs: Update README sponsors
• b13b482 docs: Update README sponsors
• 53d0bc3 docs: Update README sponsors
• bc1da95 docs: Update README sponsors
• 542bc6b docs: Update README sponsors
• 7cb43b6 build: standardize test scripts (#357)
• 98521c2 docs: Update README sponsors
• 7960653 chore: release main (#356)
• ecb37dc fix: add eslint 10 as peer dependency (#361)
• Additional commits viewable in compare view

Updates @rollup/plugin-commonjs from 29.0.0 to 29.0.2

Changelog

Sourced from @​rollup/plugin-commonjs's changelog.

v29.0.2

2026-03-06

Bugfixes

• commonjs: conditional exports (#1952)

v29.0.1

2026-03-05

Bugfixes

• commonjs: correctly replaces shorthand "global" property in object (#1957)

Commits

• 2de0d62 chore(release): commonjs v29.0.2
• ab65325 fix(commonjs): conditional exports (#1952)
• 7d22981 chore(repo): add rollup-plugin keyword in package.json (#1955)
• a79ae55 chore(release): commonjs v29.0.1
• bb41cfd chore(release): commonjs v29.0.1
• 14ae186 fix(commonjs): correctly replaces shorthand "global" property in object (#1957)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​rollup/plugin-commonjs since your current version.

Updates @types/node from 25.0.6 to 25.5.0

Commits

• See full diff in compare view

Updates @typescript-eslint/eslint-plugin from 8.53.0 to 8.57.1

Release notes

Sourced from @​typescript-eslint/eslint-plugin's releases.

v8.57.1

8.57.1 (2026-03-16)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] no report for property on intersection type (#12126)

❤️ Thank You

• Newton Yuan @​NewtonYuan

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.57.0

8.57.0 (2026-03-09)

🚀 Features

• eslint-plugin: [no-unnecessary-condition] allow literal loop conditions in for/do loops (#12080)

🩹 Fixes

• eslint-plugin: [strict-void-return] false positives with overloads (#12055)
• eslint-plugin: handle statically analyzable computed keys in prefer-readonly (#12079)
• eslint-plugin: guard against negative paramIndex in no-useless-default-assignment (#12077)
• eslint-plugin: [prefer-promise-reject-errors] add allow TypeOrValueSpecifier to prefer-promise-reject-errors (#12094)
• eslint-plugin: [no-base-to-string] fix false positive for toString with overloads (#12089)
• typescript-estree: switch back to use ts.getModifiers() (#12034)
• typescript-estree: if the template literal is tagged and the text has an invalid escape, cooked will be null (#11355)

❤️ Thank You

• Brad Zacher @​bradzacher
• Brian Schlenker @​bschlenk
• Evyatar Daud @​StyleShit
• fisker Cheung @​fisker
• James Henry @​JamesHenry
• Josh Goldberg
• Kirk Waiblinger @​kirkwaiblinger
• Moses Odutusin @​thebolarin
• Newton Yuan @​NewtonYuan
• SungHyun627 @​SungHyun627
• Younsang Na @​nayounsang

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

... (truncated)

Changelog

Sourced from @​typescript-eslint/eslint-plugin's changelog.

8.57.1 (2026-03-16)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] no report for property on intersection type (#12126)

❤️ Thank You

• Newton Yuan @​NewtonYuan

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.0 (2026-03-09)

🚀 Features

• eslint-plugin: [no-unnecessary-condition] allow literal loop conditions in for/do loops (#12080)

🩹 Fixes

• eslint-plugin: [no-base-to-string] fix false positive for toString with overloads (#12089)
• eslint-plugin: [prefer-promise-reject-errors] add allow TypeOrValueSpecifier to prefer-promise-reject-errors (#12094)
• typescript-estree: if the template literal is tagged and the text has an invalid escape, cooked will be null (#11355)
• eslint-plugin: guard against negative paramIndex in no-useless-default-assignment (#12077)
• eslint-plugin: handle statically analyzable computed keys in prefer-readonly (#12079)
• eslint-plugin: [strict-void-return] false positives with overloads (#12055)

❤️ Thank You

• Brad Zacher @​bradzacher
• Brian Schlenker @​bschlenk
• Evyatar Daud @​StyleShit
• James Henry @​JamesHenry
• Josh Goldberg
• Kirk Waiblinger @​kirkwaiblinger
• Moses Odutusin @​thebolarin
• Newton Yuan @​NewtonYuan
• SungHyun627 @​SungHyun627
• Younsang Na @​nayounsang

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.56.1 (2026-02-23)

This was a version bump only for eslint-plugin to align it with other projects, there were no code changes.

... (truncated)

Commits

• c7c38aa chore(release): publish 8.57.1
• e114629 fix(eslint-plugin): [prefer-optional-chain] no report for property on interse...
• 2c6aeee chore(release): publish 8.57.0
• 46bf066 docs(eslint-plugin): document no-unnecessary-condition limitation with object...
• f696dad chore: use pnpm catalog (#12047)
• 2029c78 fix(eslint-plugin): [no-base-to-string] fix false positive for toString with ...
• 0f4f101 fix(eslint-plugin): [prefer-promise-reject-errors] add allow `TypeOrValueSpec...
• 53f473b fix(typescript-estree): if the template literal is tagged and the text has an...
• 2291b81 docs: minor grammar adjustment (#12112)
• fc5cd09 fix(eslint-plugin): guard against negative paramIndex in no-useless-default-a...
• Additional commits viewable in compare view

Updates @typescript-eslint/parser from 8.53.0 to 8.57.1

Release notes

Sourced from @​typescript-eslint/parser's releases.

v8.57.1

8.57.1 (2026-03-16)

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] no report for property on intersection type (#12126)

❤️ Thank You

• Newton Yuan @​NewtonYuan

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

v8.57.0

8.57.0 (2026-03-09)

🚀 Features

• eslint-plugin: [no-unnecessary-condition] allow literal loop conditions in for/do loops (#12080)

🩹 Fixes

• eslint-plugin: [strict-void-return] false positives with overloads (#12055)
• eslint-plugin: handle statically analyzable computed keys in prefer-readonly (#12079)
• eslint-plugin: guard against negative paramIndex in no-useless-default-assignment (#12077)
• eslint-plugin: [prefer-promise-reject-errors] add allow TypeOrValueSpecifier to prefer-promise-reject-errors (#12094)
• eslint-plugin: [no-base-to-string] fix false positive for toString with overloads (#12089)
• typescript-estree: switch back to use ts.getModifiers() (#12034)
• typescript-estree: if the template literal is tagged and the text has an invalid escape, cooked will be null (#11355)

❤️ Thank You

• Brad Zacher @​bradzacher
• Brian Schlenker @​bschlenk
• Evyatar Daud @​StyleShit
• fisker Cheung @​fisker
• James Henry @​JamesHenry
• Josh Goldberg
• Kirk Waiblinger @​kirkwaiblinger
• Moses Odutusin @​thebolarin
• Newton Yuan @​NewtonYuan
• SungHyun627 @​SungHyun627
• Younsang Na @​nayounsang

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

... (truncated)

Changelog

Sourced from @​typescript-eslint/parser's changelog.

8.57.1 (2026-03-16)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.57.0 (2026-03-09)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.56.1 (2026-02-23)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.56.0 (2026-02-16)

🚀 Features

• support ESLint v10 (#12057)

❤️ Thank You

• Brad Zacher @​bradzacher
• Joshua Chen

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.55.0 (2026-02-09)

This was a version bump only for parser to align it with other projects, there were no code changes.

See GitHub Releases for more information.

You can read about our versioning strategy and releases on our website.

8.54.0 (2026-01-26)

This was a version bump only for parser to align it with other projects, there were no code changes.

... (truncated)

Commits

• c7c38aa chore(release): publish 8.57.1
• 2c6aeee chore(release): publish 8.57.0
• f696dad chore: use pnpm catalog (#12047)
• a09921e chore: update vitest to 4.x (#12071)
• 96a04a9 chore(release): publish 8.56.1
• 8b8b68f chore(release): publish 8.56.0
• 68a074f feat: support ESLint v10 (#12057)
• fedfe86 chore(release): publish 8.55.0
• b931f8c chore: use workspace refs for workspace deps (#12018)
• 1f17a79 chore: migrate to pnpm (#11248)
• Additional commits viewable in compare view

Updates eslint-plugin-jest from 29.12.1 to 29.15.0

Release notes

Sourced from eslint-plugin-jest's releases.

v29.15.0

29.15.0 (2026-02-15)

Features

• no-conditional-in-test: only report optional chaining when allowOptionalChaining is false (#1934) (3f5751e)

v29.14.0

29.14.0 (2026-02-12)

Features

• no-conditional-in-test: ban optional chaining (#1933) (6406493)

v29.13.0

29.13.0 (2026-02-08)

Features

• support ESLint v10 (#1929) (7735c44)

v29.12.2

29.12.2 (2026-02-03)

Bug Fixes

• add optional peer dependency on TypeScript (#1926) (82e3b04)

Changelog

Sourced from eslint-plugin-jest's changelog.

29.15.0 (2026-02-15)

Features

• no-conditional-in-test: only report optional chaining when allowOptionalChaining is false (#1934) (3f5751e)

29.14.0 (2026-02-12)

Features

• no-conditional-in-test: ban optional chaining (#1933) (6406493)

29.13.0 (2026-02-08)

Features

• support ESLint v10 (#1929) (7735c44)

29.12.2 (2026-02-03)

Bug Fixes

• add optional peer dependency on TypeScript (#1926) (82e3b04)

Commits

• 258b560 chore(release): 29.15.0 [skip ci]
• 3f5751e feat(no-conditional-in-test): only report optional chaining when `allowOption...
• 2cbd92b chore(release): 29.14.0 [skip ci]
• 6406493 feat(no-conditional-in-test): ban optional chaining (#1933)
• 5698ed5 chore(deps): lock file maintenance (#1931)
• cb36f1f chore(release): 29.13.0 [skip ci]
• 7735c44 feat: support ESLint v10 (#1929)
• 53efb75 test: update titles (#1930)
• 4acda62 chore(release): 29.12.2 [skip ci]
• 82e3b04 fix: add optional peer dependency on TypeScript (#1926)
• Additional commits viewable in compare view

Updates eslint-plugin-prettier from 5.5.4 to 5.5.5

Release notes

Sourced from eslint-plugin-prettier's releases.

v5.5.5

Patch Changes

• #772 7264ed0 Thanks @​BPScott! - Bump prettier-linter-helpers dependency to v1.0.1

• #776 77651a3 Thanks @​aswils! - fix: bump synckit for yarn PnP ESM issue

Changelog

Sourced from eslint-plugin-prettier's changelog.

5.5.5

Patch Changes

• #772 7264ed0 Thanks @​BPScott! - Bump prettier-linter-helpers dependency to v1.0.1

• #776 77651a3 Thanks @​aswils! - fix: bump synckit for yarn PnP ESM issue

Commits

• e2c154a chore: release eslint-plugin-prettier (#773)
• 6795c1a build(deps): Bump the actions group across 1 directory with 2 updates (#774)
• 77651a3 fix: bump synckit for yarn PnP ESM issue (#776)
• 7264ed0 chore: bump prettier-linter-helpers to v1.0.1 (#772)
• e11a5b7 build(deps): Bump the actions group across 1 directory with 3 updates (#769)
• befda88 ci: enable trusted publishing (#757)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for eslint-plugin-prettier since your current version.

Updates globals from 17.3.0 to 17.4.0

Release notes

Sourced from globals's releases.

v17.4.0

• Update globals (2026-03-01) (#338) d43a051

---

sindresorhus/globals@v17.3.0...v17.4.0

Commits

• a9cfd74 17.4.0
• d43a051 Update globals (2026-03-01) (#338)
• See full diff in compare view

Updates jest from 30.2.0 to 30.3.0

Release notes

Sourced from jest's releases.

v30.3.0

Features

• [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
• [jest-fake-timers] Add setTimerTickMode to configure how timers advance
• [*] Reduce token usage when run through LLMs (3f17932)

Fixes

• [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
• [jest-mock] Use Symbol from test environment (#15858)
• [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
• [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
• [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
• [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

• [*] Replace remaining micromatch uses with picomatch
• [deps] Update to sinon/fake-timers v15
• [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
• Updated Twitter icon to match the latest brand guidelines (#15869)

Changelog

Sourced from jest's changelog.

30.3.0

Features

• [jest-config] Add defineConfig and mergeConfig helpers for type-safe Jest config (#15844)
• [jest-fake-timers] Add setTimerTickMode to configure how timers advance
• [*] Reduce token usage when run through LLMs (3f17932)

Fixes

• [jest-config] Keep CLI coverage output when using --json with --outputFile (#15918)
• [jest-mock] Use Symbol from test environment (#15858)
• [jest-reporters] Fix issue where console output not displayed for GHA reporter even with silent: false option (#15864)
• [jest-runtime] Fix issue where user cannot utilize dynamic import despite specifying --experimental-vm-modules Node option (#15842)
• [jest-test-sequencer] Fix issue where failed tests due to compilation errors not getting re-executed even with --onlyFailures CLI option (#15851)
• [jest-util] Make sure process.features.require_module is false (#15867)

Chore & Maintenance

• [*] Replace remaining micromatch uses with picomatch
• [deps] Update to sinon/fake-timers v15
• [docs] Update V30 migration guide to notify users on jest.mock() work with case-sensitive path (#15849)
• Updated Twitter icon to match the latest brand guidelines (#15869)

Commits

• efb59c2 v30.3.0
• 96c53d3 feat(jest-config): add defineConfig and mergeConfig functions (#15844)
• See full diff in compare view

Updates prettier from 3.7.4 to 3.8.1

Release notes

Sourced from prettier's releases.

3.8.1

• Include available printers in plugin type declarations (#18706 by @​porada)

🔗 Changelog

3.8.0

• Support Angular v21.1

diff

🔗 Release note "Prettier 3.8: Support for Angular v21.1"

Changelog

Sourced from prettier's changelog.

3.8.1

diff

Include available printers in plugin type declarations (#18706 by @​porada)

// Input
import * as prettierPluginEstree from "prettier/plugins/estree";
// Prettier 3.8.0
// Property 'printers' does not exist on type 'typeof import("prettier/plugins/estree")'. ts(2339)
prettierPluginEstree.printers.estree; //=> any
// Prettier 3.8.1
prettierPluginEstree.printers.estree; //=> Printer
prettierPluginEstree.printers["estree-json"]; //=> Printer

3.8.0

diff

🔗 Release Notes

Commits

• 90983f4 Release 3.8.1
• 57f702f Include available printers in plugin type declarations (#18706)
• bece827 Revert change in release script
• 82a4ab2 Bump Prettier dependency to 3.8.0
• 5213ee4 Clean changelog_unreleased
• f95ad0f Comment out finished steps
• b2034e8 Fix release script
• 5824b15 Release 3.8.0
• 0433601 Add blog post for v3.8.0 (#18639)
• b04d05b Remove lint step from release script (#18415)
• Additional commits viewable in compare view

Updates rollup from 4.55.1 to 4.59.0

Release notes

Sourced from rollup's releases.

v4.59.0

4.59.0

2026-02-22

Features

• Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

• #6275: Validate bundle stays within output dir (@​lukastaegert)

v4.58.0

4.58.0

2026-02-20

Features

• Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

• #6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@​njg7194, @​lukastaegert)
• #6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@​millerick, @​lukastaegert)
• #6260: fix(deps): update rust crate swc_compiler_base to v47 (@​renovate[bot], @​lukastaegert)
• #6261: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6262: Avoid unnecessary cloning of the code string (@​lukastaegert)
• #6263: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6265: chore(deps): lock file maintenance (@​renovate[bot])
• #6267: fix(deps): update minor/patch updates (@​renovate[bot])
• #6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@​renovate[bot], @​lukastaegert)
• #6269: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6270: chore(deps): lock file maintenance (@​renovate[bot])
• #6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@​lukastaegert)

v4.57.1

4.57.1

2026-01-30

Bug Fixes

• Fix heap corruption issue in Windows (#6251)
• Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

• #6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@​alan-agius4, @​lukastaegert)

... (truncated)

Changelog

Sourced from rollup's changelog.

4.59.0

2026-02-22

Features

• Throw when the generated bundle contains paths that would leave the output directory (#6276)

Pull Requests

• #6275: Validate bundle stays within output dir (@​lukastaegert)

4.58.0

2026-02-20

Features

• Also support __NO_SIDE_EFFECTS__ annotation before variable declarations declaring function expressions (#6272)

Pull Requests

• #6256: docs: document PreRenderedChunk properties including isDynamicEntry and isImplicitEntry (@​njg7194, @​lukastaegert)
• #6259: docs: Correct typo and improve sentence structure in docs for output.experimentalMinChunkSize (@​millerick, @​lukastaegert)
• #6260: fix(deps): update rust crate swc_compiler_base to v47 (@​renovate[bot], @​lukastaegert)
• #6261: fix(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6262: Avoid unnecessary cloning of the code string (@​lukastaegert)
• #6263: fix(deps): update minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6265: chore(deps): lock file maintenance (@​renovate[bot])
• #6267: fix(deps): update minor/patch updates (@​renovate[bot])
• #6268: chore(deps): update dependency eslint-plugin-unicorn to v63 (@​renovate[bot], @​lukastaegert)
• #6269: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6270: chore(deps): lock file maintenance (@​renovate[bot])
• #6272: forward NO_SIDE_EFFECTS annotations to function expressions in variable declarations (@​lukastaegert)

4.57.1

2026-01-30

Bug Fixes

• Fix heap corruption issue in Windows (#6251)
• Ensure exports of a dynamic import are fully included when called from a try...catch (#6254)

Pull Requests

• #6251: fix: Isolate and cache process.report.getReport() calls in a child process for robust environment detection (@​alan-agius4, @​lukastaegert)
• #6252: chore(deps): update dependency lru-cache to v11 (@​renovate[bot])
• #6253: chore(deps): lock file maintenance minor/patch updates (@​renovate[bot], @​lukastaegert)
• #6254: Fully include dynamic imports in a try-catch (@​lukastaegert)

... (truncated)

Commits

• ae84695 4.59.0
• b39616e Update audit-resolve
• c60770d Validate bundle stays within output dir (#6275)
• 33f39c1 4.58.0
• b61c408 forward NO_SIDE_EFFECTS annotations to function expressions in variable decla...
• 7f00689 Extend agent instructions
• e7b2b85 chore(deps): lock file maintenance (#6270)
• 2aa5da9 fix(deps): update minor/patch updates (#6267)
• 4319837 chore(deps): update dependency lru-cache to v11 (#6269)
• c3b6b4b chore(deps): update dependency eslint-plugin-unicorn to v63 (#6268)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating ...

Description has been truncated

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	6		0	0	0.05s
✅ JSON	jsonlint	11		0	0	0.17s
✅ JSON	npm-package-json-lint	yes		no	no	0.57s
✅ JSON	prettier	11		0	0	0.99s
✅ JSON	v8r	11		0	0	8.39s
✅ MARKDOWN	markdownlint	1		0	0	1.87s
✅ REPOSITORY	checkov	yes		no	no	23.31s
✅ REPOSITORY	gitleaks	yes		no	no	1.31s
✅ REPOSITORY	git_diff	yes		no	no	0.03s
❌ REPOSITORY	grype	yes		5	no	54.13s
✅ REPOSITORY	secretlint	yes		no	no	1.17s
✅ REPOSITORY	syft	yes		no	no	6.28s
✅ REPOSITORY	trivy-sbom	yes		no	no	3.36s
✅ REPOSITORY	trufflehog	yes		no	no	155.34s
✅ TYPESCRIPT	prettier	30		0	0	1.05s
✅ YAML	prettier	18		0	0	0.71s
✅ YAML	v8r	18		0	0	9.55s
✅ YAML	yamllint	18		0	0	0.54s

Detailed Issues

❌ REPOSITORY / grype - 5 errors

[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
NAME    INSTALLED  FIXED IN  TYPE  VULNERABILITY        SEVERITY  EPSS           RISK   
undici  5.29.0     6.24.0    npm   GHSA-v9p9-hfj2-hcw8  High      0.1% (28th)    < 0.1  
undici  5.29.0     6.24.0    npm   GHSA-vrm6-8vpv-qv8q  High      < 0.1% (20th)  < 0.1  
undici  5.29.0     6.24.0    npm   GHSA-2mjp-6q6p-2qxm  Medium    < 0.1% (15th)  < 0.1  
undici  5.29.0     6.24.0    npm   GHSA-4992-7rv2-5pvq  Medium    < 0.1% (5th)   < 0.1  
undici  5.29.0     6.23.0    npm   GHSA-g9mf-h72j-4rw9  Medium    < 0.1% (4th)   < 0.1
[0054] ERROR discovered vulnerabilities at or above the severity threshold

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,TYPESCRIPT_PRETTIER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository