Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency publint to v0.3.9 (master) #1135

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 6, 2025

This PR contains the following updates:

Package Type Update Change OpenSSF
publint (source) devDependencies minor 0.2.12 -> 0.3.9 OpenSSF Scorecard

Release Notes

publint/publint (publint)

v0.3.9

Compare Source

Patch Changes
  • Support the formatMessage utility in the browser. It has a new color: 'html' option to highlight important parts with <strong> tags instead of ANSI colors. It also has a new reference: boolean option so the messages are worded in reference of the message location. (e1cfef0)

  • If formatMessage is passed a package.json object with missing keys, the message part that references the value will now fallback to "undefined" instead of completely erroring out. (45962d1)

v0.3.8

Compare Source

Patch Changes
  • Support passing a tarball path to the publint CLI. This allows to easily lint any tarball files at hand. (#​166)

    npx publint ./mylib-1.0.0.tgz
  • The publint API now returns a pkg object as a convenience to pass it to formatMessage (#​166)

  • Updated dependencies [02d169b]:

v0.3.7

Compare Source

Patch Changes
  • The "imports" field is now linted with the following rules: (#​162)

    • IMPORTS_KEY_INVALID: Ensure the imports key starts with a #
    • IMPORTS_VALUE_INVALID: Ensure the imports value is a valid path that starts with a ./
    • IMPORTS_GLOB_NO_MATCHED_FILES: Ensure the imports glob matches at least one file
    • IMPORTS_DEFAULT_SHOULD_BE_LAST: Ensure the "default" condition is last in an entrypoint's object
    • IMPORTS_MODULE_SHOULD_BE_ESM: Ensure the "module" condition file is ESM
    • IMPORTS_MODULE_SHOULD_PRECEDE_REQUIRE: Ensure the "module" condition precedes the "require" condition in an entrypoint's object
  • Improve SSH git URL detection when checking the "repository" field. Values like "[email protected]:user/project.git" is now detected as a valid git URL, but will be suggested to use a full git URL instead, like "git+ssh://[email protected]/user/project.git" (28da844)

  • Fix exports types message when the "require" or "import" condition already exists but the dts file format is still invalid (a731ec3)

v0.3.6

Compare Source

Patch Changes
  • Fix checking bin field file path that omits .js or /index.js (04f289e)

v0.3.5

Compare Source

Patch Changes
  • Check the "bin" field if the referenced file exists, has the correct JS format, and can be executed (#​150)

  • Deprecate the deps command. The command has been tricky to maintain and incomplete (e.g. doesn't lint recursively). A separate tool can be used to run publint on dependencies instead, e.g. npx renoma --filter-rules "publint". (#​149)

v0.3.4

Compare Source

Patch Changes
  • When globbing "exports" values that contains *, also respect "exports" keys that mark paths as null. For example: (b9605ae)

    {
      "exports": {
        "./*": "./dist/*",
        "./browser/*": null
      }
    }

    The glob in "./*": "./dist/*" will no longer match and lint files in "./browser/*" as it's marked null (internal).

  • Update logs when running the publint CLI: (58d96a2)

    • The publint version is now displayed.
    • The packing command is also displayed.
    • Messages are now logged in the order of errors, warnings, and suggestions, instead of the other way round, to prioritize errors.
    • The publint deps command no longer logs passing dependencies. Only failing dependencies are logged.

    Examples:

    $ npx publint
    $ Running publint v0.X.X for my-library...
    $ Packing files with `npm pack`...
    $ All good!
    $ npx publint deps
    $ Running publint v0.X.X for my-library deps...
    $ x my-dependency
    $ Errors:
    $ 1. ...
  • Fix detecting shorthand repository URLs with the . character (09d8cbb)

  • Clarify message when "types" is not the first condition in the "exports" field (5a6ba00)

  • Correctly detect if a "types" value in "exports" is used for dual publishing (3f3d8b2)

v0.3.3

Compare Source

Patch Changes
  • Rename EXPORT_TYPES_INVALID_FORMAT message to EXPORTS_TYPES_INVALID_FORMAT (#​139)

  • Allow versioned types conditions (e.g. "types@>=5.2") in "exports" when checking for "types" condition ordering (#​138)

v0.3.2

Compare Source

Patch Changes
  • (Potentially breaking) Disable running lifecycle scripts, such as prepare, prepack, and postpack, when running the pack command internally. This returns to the behavior in v0.2. (Note that this change does not apply to yarn as it does not support ignoring lifecycle scripts for local projects) (#​128)

    This change is made as running lifecycle scripts was an unintentional behavior during the v0.3 breaking change, which could cause the linting process to take longer than expected, or even cause infinite loops if publint is used in a lifecycle script.

  • Update repository and bugs URLs to point to the new publint organization (1eda033)

  • Updated dependencies [1eda033, 10e3891]:

v0.3.1

Compare Source

Patch Changes
  • Correctly process the pack option (#​124)

v0.3.0

Compare Source

Minor Changes
  • The vfs option is removed in favour of an extended support of pack: { tarball: ArrayBuffer | ReadableStream } and pack: { files: PackFile[] } APIs. Now, it is even easier to use publint in the browser or against a packed .tgz file in Node.js. See the docs for more examples of how to use these new options. (#​122)

  • Bump node version support to >=18 (cb2ed8b)

  • publint now runs your project's package manager's pack command to get the list of packed files for linting. The previous npm-packlist dependency is now removed. (#​120)

    NOTE: In this release (v0.3.0), the pack command also runs lifecycle scripts like prepare, prepack, and postpack. This behavior is unintentional and is fixed in v0.3.2, where they will no longer run (except for yarn as it does not support ignoring lifecycle scripts for local projects). This returns to the behavior in v0.2.

    A new pack option is added to the node API to allow configuring this. It defaults to 'auto' and will automatically detect your project's package manager using package-manager-detector. See its JSDoc for more information of the option.

    This change is made as package managers have different behaviors for packing files, so running their pack command directly allows for more accurate linting. However, as a result of executing these commands in a child process, it may take 200-500ms longer to lint depending on the package manager used and the project size. The new handling also does not support yarn 1. See this comment for more information.

    If you use yarn 1, you should upgrade to the latest yarn version or a different package manager. Otherwise, no other changes are required for this new behavior.

Patch Changes
  • Initial setup to publish with Changesets (24a62f5)

  • When a dependency with the file: or link: protocol is specified in the package.json, it will now error to prevent accidentally publishing dependencies that will likely not work when installed by end-users (6e6ab33)

  • Fix EXPORT_TYPES_INVALID_FORMAT linting to detect .d.mts and .d.cts files (af5e88b)

  • Updated dependencies [d0b406b]:


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 3 times, most recently from 672d8d1 to 857f60a Compare January 11, 2025 17:19
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.0 (master) chore(deps): update dependency publint to v0.3.1 (master) Jan 11, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch from 857f60a to 631e5a3 Compare January 13, 2025 05:53
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.1 (master) chore(deps): update dependency publint to v0.3.2 (master) Jan 13, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 4 times, most recently from f284158 to cfc3739 Compare January 19, 2025 17:16
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 9 times, most recently from 41833ec to 6ecd5fa Compare January 28, 2025 13:44
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 6 times, most recently from c449dfb to 77149f6 Compare February 5, 2025 13:10
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.2 (master) chore(deps): update dependency publint to v0.3.3 (master) Feb 5, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 2 times, most recently from 7423a8a to 0d34965 Compare February 6, 2025 21:01
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.3 (master) chore(deps): update dependency publint to v0.3.4 (master) Feb 7, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch from 0d34965 to 08d2b7b Compare February 7, 2025 09:00
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 2 times, most recently from 013e51c to 5fea749 Compare February 8, 2025 02:07
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.4 (master) chore(deps): update dependency publint to v0.3.5 (master) Feb 12, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 5 times, most recently from 0be9578 to cf95592 Compare February 18, 2025 19:03
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.5 (master) chore(deps): update dependency publint to v0.3.6 (master) Feb 20, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 4 times, most recently from 113da5b to 4598c21 Compare February 27, 2025 05:57
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch from 4598c21 to f57ebab Compare February 28, 2025 11:34
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.6 (master) chore(deps): update dependency publint to v0.3.7 (master) Feb 28, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 2 times, most recently from be5f9ff to 9acfeac Compare March 3, 2025 16:27
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.7 (master) chore(deps): update dependency publint to v0.3.8 (master) Mar 3, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 4 times, most recently from e9edc55 to 514148a Compare March 10, 2025 06:13
@renovate renovate bot changed the title chore(deps): update dependency publint to v0.3.8 (master) chore(deps): update dependency publint to v0.3.9 (master) Mar 10, 2025
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch 4 times, most recently from 97a34d0 to a6a40f7 Compare March 23, 2025 22:48
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch from a6a40f7 to f9d27f4 Compare March 29, 2025 14:50
@renovate renovate bot force-pushed the renovate/master-publint-0.x branch from f9d27f4 to f9c0e05 Compare March 31, 2025 15:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants