[Snyk] Upgrade depcheck from 0.6.11 to 0.9.2

[snyk-bot]

Snyk has created this PR to upgrade depcheck from 0.6.11 to 0.9.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 12 versions ahead of your current version.
• The recommended version was released a year ago, on 2020-01-30.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) npm:mem:20180117	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: depcheck

• 0.9.2 - 2020-01-30
  

  Full Changelog

  Closed issues:

  • Use Cosmiconfig #516
  • Feature: add special parser for Istanbul.js #508
  • New mocha configuration file not seen #507
  • False positive with @ types/mocha #504
  • Error: ENFILE: file table overflow (macOS) #501
  • eslint: dependency wrongly mark as unused #500
  • special/eslint: bad calculation of preset dependencies #476
  • Load ignore rules from a lines separated file #409
  • Improvements for CI use #162

  Merged pull requests:

  • Review special documentation #515 (sveyret)
  • Add Istanbul special parser #514 (sveyret)
  • Refactor: read content only when needed #513 (znarf)
  • Add debug package and messages to the project #512 (znarf)
  • Support for more decorators #511 (micky2be)
  • Improve recursive work of eslint configuration check #506 (sveyret)
  • Improvements for mocha #505 (sveyret)
  • Support webpack styleguidist configuration #503 (znarf)
  • Use a single promise to read a given file #502 (znarf)
  • Support for next.js webpack configuration #496 (znarf)
  • Rename 'linters' and fix babel config file detection #495 (znarf)
  • Suppress unnecessary fileContent #494 (znarf)
  • Update travis commands and reference #493 (znarf)
  • Add eslint-plugin-mocha and lint test directory #492 (znarf)
  • Better prettier configuration #490 (znarf)
  • Remove remaining dev option #489 (znarf)
  • chore: remove editorconfig file #488 (rumpl)
  • Update babel target to node 10, use prettier plugin #487 (rumpl)
  • chore(deps): Update all dependencies to latest #486 (rumpl)
  • Do not calculate expensive dep differences when skipMissing is active #485 (dword-design)
  • Adjust babel special to eslint implementation #484 (dword-design)
  • Add deps parameter to detectors #482 (dword-design)
  • Activating Open Collective #481 (monkeywithacupcake)
  • Document and provide types for the API's package option #479 (edsrzf)
  • Try to load eslint.js modules without a module.exports wrapper #478 (rjatkins)
  • special/eslint: corrections on dependencies resolver #477 (sveyret)
  • chore: add changelog file #475 (rumpl)
  • Support loading configuration from a config file. #408 (Urik)
• 0.9.1 - 2019-11-08
  

  Features

  • better support for workspaces #473
  • support for prettier shared configuration #474
  • support for typescript webpack configuration #459
  • added support for ttypescript #469
  • typescript types! #458
  • added support for lint-staged #456
  • added support for husky #453
  • added support for babel.config.js

  Bugfixes

  • consitent exit code #465
  • fixed false positive when using plugin:prettier/recommended #464
  • fixed false positive when using tslint-plugin-prettier #457

  Big thanks to @ VincentLanglet and @ sveyret

  I almost made this 1.0.0 but it will be for the next.

• 0.9.0 - 2019-11-01
  

  Features

  • depcheck will output paths for files that are using a missing dependency (depcheck is now 12x more useful) #428

  Bugfixes

  • webpack entries are scanned for better dependency detection #446
  • babel-loader options are scanned for better dependency detection #448
  • TypeScript type imports (import('module').Type) are now taken into account #438
  • binary module detection is going up the directory tree (for better detection in yarn or lerna workspaces) #436
  • TypeScript node-buildint types are no longer detected as unused #444

  Breaking changes

  • The deprecated --dev flag was removed #450

  Misc

  Support for node 8 is dropped

  Big thanks to @ sveyret and @ twk-b for this release.

• 0.8.4 - 2019-10-29
  

  Another small release, in no particular order here are the

  Features

  • Dropped node 6 support, added node 12 support
  • Added support for babel 7 scoped plugins
  • Better typescript support, still not perfect but it’s better
  • Updated dependencies for better security
  • Fix for eslint:all
• 0.8.3 - 2019-07-09
• 0.8.2 - 2019-07-03
• 0.8.1 - 2019-06-14
• 0.8.0 - 2019-05-08
• 0.7.2 - 2019-02-28
• 0.7.1 - 2019-01-27
• 0.7.0-beta.1 - 2016-03-13
• 0.7.0-alpha.1 - 2018-09-12
• 0.6.11 - 2018-08-25

from depcheck GitHub release notes

Commit messages

Package name: depcheck

• 19f9dad Merge pull request [WCT] Running in Docker for CI testing Polymer/tools#513 from znarf/refactor/content
• 4409936 Merge pull request Make esm-amd-loader dynamic require 404 test not flaky. Polymer/tools#511 from micky2be/fix/decorators
• 79328b8 fix: add support for more decorators
• 2ef1cb8 test: fix tests after async getContent refactor
• 5735ee7 refactor: use getContent only once needed
• 1f329fc Merge pull request Update promisify-node to 0.5.0 Polymer/tools#496 from znarf/feat/webpack-next-js
• 1e27dfa Merge pull request Fix push manifest generation bugs affecting bower_components and ES modules Polymer/tools#512 from znarf/debug
• f226274 Merge pull request Prepare release of wct-sauce, polymer-build, web-component-tester and polymer-cli. Polymer/tools#515 from sveyret/specialdocs
• c7982c9 feat: introduce debug and first useful debug messages
• da74b89 test: add coverage for invalid next.js webpack configuration
• 241c2ef test: add test to cover webpack in next.js configuration
• 1af9725 feat: support for next.js webpack configuration
• 0adec87 Review special documentation
• 5f9700c Merge pull request web-component-tester 6.6.0 critical audit issues Polymer/tools#514 from sveyret/istanbul
• fc545f4 Merge pull request webcomponent tester browser config link broken in the README Polymer/tools#505 from sveyret/mocha
• 302bb9c Merge pull request fix link in README Polymer/tools#506 from sveyret/eslint
• cdd58b6 Merge pull request Prepare esm-amd-loader 1.0.1 release. Polymer/tools#503 from znarf/feat/webpack-styleguidist
• 0a0e072 Add Istanbul special parser
• a6e6ba6 test: add test for styleguidist configuration in wepack special
• 3d57236 feat: support webpack styleguidist configuration
• f93ca63 Read also the (new style) mocha configuration files
• b5eaa18 Validate @ types/mocha when using mocha
• 8594fce Improve recursive work of eslint configuration check
• aaef68a Merge pull request nomodule attribute and amd module transpilation Polymer/tools#495 from znarf/cli-tools

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs