feat: update lerna #554

dannyhw · 2024-02-10T18:40:34Z

Issue:

What I did

How to test

Please explain how to test your changes and consider the following questions

Does this need a new example in examples/expo-example?
Does this need an update to the documentation?

If your answer is yes to any of these, please make sure to include it in your PR.

socket-security · 2024-02-10T18:41:39Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@lerna/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+518`	580 MB	jameshenry, nrwlowner
npm/@npmcli/[email protected]	Transitive: environment, network	`+9`	478 kB	fritzy, gar, lukekarrys, ...2 more
npm/@npmcli/[email protected]	filesystem Transitive: environment, shell	`+13`	202 kB	npm-cli-ops
npm/@npmcli/[email protected]	filesystem Transitive: environment, shell	`+45`	1.6 MB	npm-cli-ops
npm/@npmcli/[email protected]	environment, shell Transitive: filesystem	`+2`	62.5 kB	npm-cli-ops
npm/@npmcli/[email protected]	environment, filesystem Transitive: network, shell	`+79`	6.07 MB	npm-cli-ops
npm/@nrwl/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+148`	508 MB	altan-nrwl, jack-nrwl, juristr, ...3 more
npm/@nrwl/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+140`	507 MB	altan-nrwl, jack-nrwl, juristr, ...3 more
npm/@nx/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+148`	508 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	7.01 MB	nrwl-jason
npm/@nx/[email protected]	None	`0`	7.46 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	9.29 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	9.13 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	9.98 MB	nrwl-jason
npm/@nx/[email protected]	None	`0`	9.93 MB	nrwl-jason
npm/@nx/[email protected]	None	`0`	9.77 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	9.76 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	5.85 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@nx/[email protected]	None	`0`	6.62 MB	jack-nrwl, martin.malinowski, nexumag, ...2 more
npm/@octokit/[email protected]	Transitive: network	`+21`	5.52 MB	octokitbot
npm/@octokit/[email protected]	Transitive: network	`+21`	7.05 MB	octokitbot
npm/@octokit/[email protected]	Transitive: network	`+25`	7.27 MB	octokitbot
npm/@octokit/[email protected]	None	`0`	2.63 kB	octokitbot
npm/@sigstore/[email protected]	None	`+1`	253 kB	bdehamer
npm/@sigstore/[email protected]	None	`0`	88.5 kB	bdehamer
npm/@sigstore/[email protected]	environment Transitive: filesystem, network, shell	`+66`	3.39 MB	bdehamer
npm/@sigstore/[email protected]	environment, filesystem Transitive: network, shell	`+67`	3.35 MB	bdehamer
npm/@sigstore/[email protected]	None	`+3`	414 kB	bdehamer
npm/[email protected]	None	`0`	32.8 kB	75lb
npm/[email protected]	filesystem Transitive: environment, shell	`+42`	2.11 MB	npm-cli-ops
npm/[email protected]	filesystem	`0`	11.8 kB	nlf
npm/[email protected]	filesystem	`+4`	33.1 kB	oss-bot
npm/[email protected]	shell Transitive: environment, eval, filesystem	`+119`	7.45 MB	oss-bot
npm/[email protected]	None	`0`	5.97 kB	oss-bot
npm/[email protected]	filesystem Transitive: environment, eval	`+68`	6.22 MB	oss-bot
npm/[email protected]	None	`+2`	60.6 kB	oss-bot
npm/[email protected]	Transitive: environment, filesystem	`+62`	1.03 MB	oss-bot
npm/[email protected]	Transitive: environment, filesystem, shell	`+74`	1.2 MB	oss-bot
npm/[email protected]	filesystem Transitive: environment, unsafe	`+21`	32.9 MB	d-fischer
npm/[email protected]	environment, filesystem	`0`	72.1 kB	motdotla
npm/[email protected]	environment, eval, filesystem, shell	`0`	160 kB	tabrindle
npm/[email protected]	shell Transitive: environment, filesystem	`+61`	1.02 MB	oss-bot
npm/[email protected]	shell Transitive: environment, filesystem	`+55`	821 kB	oss-bot
npm/[email protected]	environment, filesystem	`0`	32.5 kB	isaacs
npm/[email protected]	filesystem Transitive: environment, shell, unsafe	`+41`	1.5 MB	lukekarrys
npm/[email protected]	Transitive: environment	`+1`	29.9 kB	sibiraj-s
npm/[email protected]	environment, filesystem	`0`	43 kB	isaacs
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+538`	586 MB	evocateur, hzoo, jameshenry, ...1 more
npm/[email protected]	Transitive: environment, filesystem, network, shell	`+70`	2.77 MB	lukekarrys
npm/[email protected]	environment, filesystem Transitive: network, shell	`+89`	3.64 MB	lukekarrys
npm/[email protected]	network Transitive: environment, filesystem, shell	`+62`	2.96 MB	npm-cli-ops
npm/[email protected]	None	`0`	4.96 kB	isaacs
npm/[email protected]	environment, shell Transitive: filesystem, network	`+73`	6.01 MB	lukekarrys
npm/[email protected]	environment, eval, shell	`0`	35.8 kB	automation-stack
npm/[email protected]	None	`+5`	54.2 kB	npm-cli-ops
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	`+140`	507 MB	altan-nrwl, jack-nrwl, juristr, ...4 more
npm/[email protected]	environment, filesystem, network Transitive: shell	`+116`	7.3 MB	npm-cli-ops
npm/[email protected]	filesystem, unsafe	`+2`	22.1 kB	lukekarrys
npm/[email protected]	None	`+1`	11.3 kB	npm-cli-ops
npm/[email protected]	None	`+1`	46.5 kB	matteo.collina
npm/[email protected]	filesystem Transitive: environment, network, shell	`+65`	3.09 MB	eugenethehub

View full report↗︎

socket-security · 2024-02-10T18:41:42Z

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

dannyhw · 2024-02-10T18:42:53Z

@SocketSecurity ignore-all

feat: update lerna

a247024

dannyhw merged commit 10228df into next Feb 13, 2024
3 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: update lerna #554

feat: update lerna #554

dannyhw commented Feb 10, 2024

socket-security bot commented Feb 10, 2024 •

edited

Loading

socket-security bot commented Feb 10, 2024 •

edited

Loading

dannyhw commented Feb 10, 2024

feat: update lerna #554

feat: update lerna #554

Conversation

dannyhw commented Feb 10, 2024

What I did

How to test

socket-security bot commented Feb 10, 2024 • edited Loading

socket-security bot commented Feb 10, 2024 • edited Loading

Next steps

dannyhw commented Feb 10, 2024

socket-security bot commented Feb 10, 2024 •

edited

Loading

socket-security bot commented Feb 10, 2024 •

edited

Loading