@nodesecure/[email protected]

Minor Changes

• #429 1833db7 Thanks @intincrab! - Allow fromPackageJSON to accept a ManifestManager instance

  This change allows the fromPackageJSON static method to accept either a string path or a ManifestManager instance. When a ManifestManager instance is provided, it will be returned directly, simplifying code that needs to handle both cases.

• #424 d7c45c3 Thanks @intincrab! - feat: add LocatedManifestManager type and isLocated type guard

  • Add new LocatedManifestManager type where location is required
  • Add static isLocated method to properly narrow the type
  • Update documentation with new type and method usage
  • Add type tests for the new functionality

Patch Changes

• #416 97a36b5 Thanks @fraxken! - Add optional ManifestManager dirname location

@nodesecure/[email protected]

Patch Changes

• #428 c91032d Thanks @fraxken! - Do not throw an Error when using a contact with no 'name' property

@nodesecure/[email protected]

Minor Changes

• #404 40a9350 Thanks @fraxken! - Implement new DependencyVersion type to detect the kind of module (cjs/esm/dual..)

@nodesecure/[email protected]

Minor Changes

• #401 0137bc6 Thanks @clemgbld! - (Tarball) detect and flag with hasExternalCapacity when native fetch is used

• #404 40a9350 Thanks @fraxken! - Implement new DependencyVersion type to detect the kind of module (cjs/esm/dual..)

Patch Changes

• #400 55af858 Thanks @fraxken! - fix file import detection and avoid confusion with package with dots

• Updated dependencies [3ee9a2e]:

  • @nodesecure/[email protected]

@nodesecure/[email protected]

Minor Changes

• #415 dd35d78 Thanks @fraxken! - Simplify extractors name & add way to inject fast probes with callbacks"

• #406 5e8beea Thanks @fraxken! - Enhance warnings extractor by adding unique kinds & refactoring response

• #391 cd7ea18 Thanks @clemgbld! - (Scanner) Implement Packument 'deprecated' property in DependencyVersion

  to include the message which come with the property when we detect it

• #407 3baa212 Thanks @fraxken! - Implement a new Probe extractor for flags

• #409 0fc1156 Thanks @clemgbld! - Implement EventEmitter with two events on Payload class (Extractors)

• #404 40a9350 Thanks @fraxken! - Implement new DependencyVersion type to detect the kind of module (cjs/esm/dual..)

• #402 d02c1e8 Thanks @fraxken! - Add a new Extraction probe for vulnerabilities

• #399 cee3398 Thanks @fraxken! - Implement a new extraction probe for warnings

• #414 414d6da Thanks @fraxken! - update @nodesecure/flags to major v3.x

Patch Changes

• Updated dependencies [3ee9a2e, 0137bc6, 55af858, 40a9350]:
  • @nodesecure/[email protected]
  • @nodesecure/[email protected]
  • @nodesecure/[email protected]

@nodesecure/[email protected]

Minor Changes

• #397 3ee9a2e Thanks @fraxken! - implement Manifest module type detection (with cjs, esm, dual, faux esm and dts)

@nodesecure/[email protected]

Patch Changes

• #393 0e37b73 Thanks @fraxken! - fix package.json Node.js type by replacing literal value script with commonjs

scanner-v6.4.0

What's Changed

• chore(deps): bump the github-actions group across 1 directory with 5 updates by @dependabot in #358
• chore(deps): bump the npm_and_yarn group with 2 updates by @dependabot in #350
• chore: update @nodesecure/js-x-ray to Major v8 by @fraxken in #354
• feat(scanner): implement Payload extractors by @fraxken in #341
• chore: update @openally/config.eslint to v2.x by @fraxken in #363
• chore(deps): bump the dependencies group across 1 directory with 9 updates by @dependabot in #362
• fix(contact): sometimes Contact.name can still be undefined by @fraxken in #368
• feat(mama): implement getEntryFiles() by @fraxken in #371
• feat(mama): implement license extraction by @fraxken in #372
• chore(deps): bump the github-actions group with 3 updates by @dependabot in #367
• chore(deps): bump type-fest from 4.40.0 to 4.40.1 in the dependencies group by @dependabot in #369
• feat(mama): implement hasZeroSemver getter by @fraxken in #373
• Use mama conformance by @fraxken in #374
• chore: update dependencies by @fraxken in #375

Full Changelog: scanner-v6.3.0...scanner-v6.4.0

scanner-v6.3.0

What's Changed

• feat(scanner/depWalker): add missing metadata when manifest does not exists on remote registry by @PierreDemailly in #349

Full Changelog: scanner-v6.2.0...scanner-v6.3.0

scanner-v6.2.0

What's Changed

• Migrate i18n and rc by @fabnguess in #300
• refactor: update eslint & typescript configurations by @fraxken in #303
• chore(deps): bump @openally/result from 1.2.1 to 1.3.0 in the dependencies group by @dependabot in #298
• fix: remove @nodesecure/eslint from i18n devDeps by @fraxken in #304
• chore(deps-dev): bump the development-dependencies group across 1 directory with 2 updates by @dependabot in #305
• test(scanner): fix broken test by @PierreDemailly in #331
• fix(rc): export missing configs types by @fraxken in #330
• chore(deps): bump the github-actions group across 1 directory with 5 updates by @dependabot in #333
• Update Node.js versions to v20 and v22 by @fabnguess in #332
• chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group by @dependabot in #335
• Update copyright by @fabnguess in #337
• fix(tarball): skip integrity check for workspaces by @PierreDemailly in #339
• feat(scanner/comparePayloads): add versions in title by @PierreDemailly in #340
• test(mama): mock natively instead of sinon by @PierreDemailly in #343
• chore(deps): bump the github-actions group with 4 updates by @dependabot in #345
• chore(scanner): update @nodesecure/tarball & @nodesecure/rc by @fraxken in #348

Full Changelog: scanner-v6.1.0...scanner-v6.2.0