build(deps-dev): bump @anthropic-ai/claude-code from 2.1.92 to 2.1.163#644
Closed
dependabot[bot] wants to merge 429 commits into
Closed
build(deps-dev): bump @anthropic-ai/claude-code from 2.1.92 to 2.1.163#644dependabot[bot] wants to merge 429 commits into
dependabot[bot] wants to merge 429 commits into
Conversation
- packageManager: pnpm@11.0.8 → pnpm@11.1.2. - 4 registry pins rewritten across 4 workflow files (target: b5b9f01d).
…rides Cascade socket-wheelhouse@8d2bf2a's catalog rename. - pnpm-workspace.yaml: -stable catalog keys dropped; canonical names with bare-version pins added; overrides block redirects the four Socket-published canonical names to `catalog:`. The override defeats accidental local-checkout resolution from sibling repos. - All package.json catalog: refs migrated from -stable to canonical - All TS/JS imports migrated from -stable to canonical - Hook packages, scripts, mock-client/, lib/env.ts shim, .claude/ skills doc + .claude/hooks/* updated in lockstep `pnpm install` passes; the rename is a string-level migration with no semantic change to dependency resolution (same npm-pinned versions, just consumed under their canonical names).
- scripts/paths.mts: cascaded from socket-wheelhouse
- scripts/utils/interactive-runner.mts: suppress no-process-cwd
inline on the caller-overridable cwd default
- scripts/bump.mts:
- step: rewritten as two-call form (empty log + msg) instead of
`\n${msg}` literal
- move existing no-status-emoji suppression to the correct line
(was on logger.error(''), should be on logger.success(...✓...))
- scripts/publish.mts: same step-helper rewrite as bump.mts
- scripts/clean.mts: suppress prefer-node-modules-dot-cache inline
on the **/.cache deletion-target glob
- .config/esbuild/shorten-paths.mts: suppress no-logger-newline-
literal on the multi-line path-conflict diagnostic
`pnpm run check --all` passes 0 errors.
…e fix
Cascade from socket-wheelhouse@c97a365. Three changes land together:
1. overeager-staging-guard, private-name-guard, public-surface-
reminder: hook directories materialized (.claude/hooks/<name>/
index.mts + package.json + tsconfig.json + test/*.test.mts;
two also include their README). Previously declared in
.claude/settings.json but the directories weren't on disk —
every PreToolUse(Bash) invocation logged a cjs/loader:1505
module-not-found error.
2. setup-security-tools/lib/api-token.mts: module-scope cache
memoizes the first lookup, eliminating repeated macOS Keychain
ACL prompts within a single hook chain. First successful keychain
read also propagates to process.env.SOCKET_API_TOKEN so spawned
children inherit the value.
3. setup-security-tools/lib/token-storage.mts: reads only the
canonical SOCKET_API_TOKEN slot now; the legacy SOCKET_API_KEY
mirror is write-only (preserves the on-disk compat entry but
stops doubling the keychain prompt count).
Plus whatever other content drift the cascade detected (oxlint plugin
rules, setup-security-tools content, etc.) — see the diff.
…CKET_API_KEY Cascade from socket-wheelhouse@e4f3ec8. `findApiToken()` now populates BOTH `SOCKET_API_TOKEN` and `SOCKET_API_KEY` in `process.env` after the first successful resolution. Previously only the canonical name was propagated, so spawned children that resolve the legacy name fell through to their own keychain read — every fall-through on macOS being a fresh Keychain ACL check (potential password prompt). Mirrors the WRITE_SLOTS shape in token-storage.mts (writes paint both, reads only the canonical). The env mirror is the in-process equivalent of the disk-side mirror. Idempotent: an already-set env value is left alone, so a user explicitly setting `SOCKET_API_KEY=<different-value>` (e.g. to test a legacy consumer with a different token) isn't clobbered by a keychain read of `SOCKET_API_TOKEN`.
Cascade from socket-wheelhouse@daada11. Two managed blocks land
together:
- `.gitignore`: fleet-canonical block adopted. Project-specific
ignores stay outside the BEGIN/END markers; the cascaded
surgical `.claude/` excludes + universal noise patterns live
inside. Future updates flow through
`scripts/sync-scaffolding/checks/gitignore-fleet-block.mts`.
- `.gitattributes`: fleet-canonical block re-synced from the
wheelhouse manifest (sorting / listing drift from previous
cascades).
…w-uses-comment-guard, README
Cascade from socket-wheelhouse@3c55c23 (which includes 92cd3e3 +
82ac1b7 + this session's structural improvements).
## What this brings
### New shared modules in .claude/hooks/_shared/
- `payload.mts` — canonical `ToolCallPayload` + `ToolInput` types,
plus `readCommand` / `readFilePath` / `readWriteContent`
narrowing helpers. Replaces 7 hand-rolled `tool_input` type
variants previously duplicated across hooks. New hook authors
import these instead of re-declaring.
- `hook-env.mts` — `isHookDisabled(slug)` and `hookLog(slug, ...)`.
Standardizes the `SOCKET_<UPPER_SLUG>_DISABLED` env-var
convention (which only 15 of 47 hooks supported by hand) plus
the `[<slug>] <line>` stderr prefix shape.
- `README.md` — refreshed with the full module catalog (8 modules,
not just the 1 the previous README listed) plus a "When to reach
for what" quick-reference for new hook authors.
### workflow-uses-comment-guard registered
The hook directory existed in `template/.claude/hooks/workflow-uses-
comment-guard/` but was orphaned — not in any manifest list, not
wired into settings.json. Cascade now installs the hook directory
+ registers it as a PreToolUse(Edit|Write) hook. Companion to the
existing `workflow-uses-comment` check (write-time prevention here;
audit-time repair there).
### Other content drift carried forward
Auto-cascaded content drift from the wheelhouse's `92cd3e3` commit
(-stable catalog alias restoration) and the test-fixture updates
landed in `82ac1b7`. See the file diffs.
Cascade socket-wheelhouse@92cd3e3's fix into socket-sdk-js. pnpm overrides can't redirect a package's own name from inside the same package — Node ESM resolves it as a self-reference. The 4 Socket-published packages each need a SECOND name (`<canonical>-stable`) aliased via `npm:` to the published version so build/script/hook/config code resolves to the published catalog version regardless of where the importing file lives. Updates infra files to import via `-stable` names. Adds the 4 `-stable` aliases to pnpm-workspace.yaml catalog and root package.json devDependencies. Verified: pnpm install + pnpm build pass.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 4 file(s) touched: - .claude/hooks/_shared/stop-reminder.mts - .claude/hooks/excuse-detector/index.mts - .claude/hooks/excuse-detector/test/index.test.mts - scripts/validate-bundle-deps.mts
…script The audit script passes encoding: 'utf8' to spawnSync, but @socketsecurity/lib-stable's SpawnSyncOptions omits 'encoding' (its default 'stdioString: true' is the lib-stable equivalent). The cascade to -stable imports exposed this type incompatibility. This script doesn't need the lib's spinner/error wrappers — it's a plain audit that captures CLI stdout. Switching to node:child_process keeps the native semantics (encoding option, .status field, sync return shape) the rest of the script already assumes. Also drops two never-used identifiers (writeFileSync, isLinux helper) flagged by TS6133. Canonical fix lands in socket-wheelhouse/template/scripts/check-prompt-less-setup.mts; cascade to socket-lib / socket-registry / socket-cli / socket-packageurl-js follows.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 2 file(s) touched: - scripts/test/install-git-hooks.test.mts - scripts/validate-bundle-deps.mts
…bundle-deps noUncheckedIndexedAccess flags arr[i] inside for-loops bounded by length even though the bound guarantees i < length. Add ! assertions to match the fleet-wide cached-loop idiom already used elsewhere in the file.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 3 file(s) touched: - .claude/hooks/excuse-detector/test/index.test.mts - scripts/test/install-git-hooks.test.mts - scripts/validate-bundle-deps.mts
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 4 file(s) touched: - .claude/hooks/_shared/stop-reminder.mts - .claude/hooks/_shared/transcript.mts - .claude/hooks/excuse-detector/index.mts - .claude/hooks/excuse-detector/test/index.test.mts
…undle-deps TS18048 Two coupled changes that the pre-commit type-check requires together: 1. .config/oxfmtrc.json + .config/oxlintrc.json + .gitattributes — cascade from socket-wheelhouse 7c042ab; marks scripts/ helpers as fleet-canonical generated artifacts (skipped by oxfmt/oxlint, shown as generated in GitHub blame). 2. scripts/validate-bundle-deps.mts — non-null-assert bounded-loop indexed reads. noUncheckedIndexedAccess flags arr[i] inside for-loops bounded by length even though the bound guarantees i < length. The eslint-disable no-shadow comment at the top of the file is intentional (cached-length idiom) and is preserved.
…eelhouse
oxlint-plugin/{lib,rules,test} — oxfmt reformat pass (line-wrap to 80).
socket-wheelhouse-schema.json — drop the 'schemaVersion' required-field
constraint to allow lighter per-repo configs.
Restore multi-line JSON 'required' arrays to match the canonical template at socket-wheelhouse/template/.config/socket-wheelhouse-schema.json. Downstream oxfmt collapsed them to single-line; wheelhouse is source of truth per the drift-watch rule.
… match template Pairs with socket-wheelhouse 8f1cd39 — the template was reformatted with oxfmt, which collapsed short arrays to single-line. Bring downstream in line so the next sync pass is a no-op.
Cascade from socket-wheelhouse 9cfd3d1. Adds the schema to oxfmt's ignorePatterns so it stops fighting the canonical form in cascade loops. Also alphanumerically sorts the top-level 'required' array ([layout, native, repoName, schemaVersion]) per fleet convention.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 17 file(s) touched: - .config/oxlint-plugin/index.mts - .config/oxlint-plugin/lib/rule-tester.mts - .config/oxlint-plugin/rules/no-logger-newline-literal.mts - .config/oxlint-plugin/rules/no-process-cwd-in-scripts-hooks.mts - .config/oxlint-plugin/rules/prefer-node-modules-dot-cache.mts - .config/oxlint-plugin/test/export-top-level-functions.test.mts - .config/oxlint-plugin/test/inclusive-language.test.mts - .config/oxlint-plugin/test/no-logger-newline-literal.test.mts - .config/oxlint-plugin/test/no-placeholders.test.mts - .config/oxlint-plugin/test/no-promise-race.test.mts - .config/oxlint-plugin/test/personal-path-placeholders.test.mts - .config/oxlint-plugin/test/prefer-async-spawn.test.mts - .config/oxlint-plugin/test/prefer-node-builtin-imports.test.mts - .config/oxlint-plugin/test/prefer-safe-delete.test.mts - .config/oxlint-plugin/test/prefer-static-type-import.test.mts - .config/oxlint-plugin/test/sort-source-methods.test.mts - scripts/validate-bundle-deps.mts
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 2 file(s) touched: - .claude/hooks/excuse-detector/index.mts - .claude/hooks/excuse-detector/test/index.test.mts
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 2 file(s) touched: - .config/oxlint-plugin/rules/no-cached-for-on-iterable.mts - .config/oxlint-plugin/test/no-cached-for-on-iterable.test.mts
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 4 file(s) touched: - .config/oxlint-plugin/lib/iterable-kind.mts - .config/oxlint-plugin/rules/no-cached-for-on-iterable.mts - .config/oxlint-plugin/rules/prefer-cached-for-loop.mts - scripts/validate-bundle-deps.mts
Auto-applied by socket-wheelhouse sync-scaffolding. - New hook: .claude/hooks/dont-blame-user-reminder. - New doc: docs/claude.md/fleet/pull-request-target.md. - CLAUDE.md fleet block: condensed Public-surface hygiene, added the dont-blame-user rule under 'Fix it, don't defer'. - oxlint-plugin: new no-cached-for-on-iterable rule + tests, plus a refreshed excuse-detector + check-paths/allowlist + prefer-static- type-import. - scripts/check-paths/allowlist.mts: '!' on bounded indexed access. - scripts/validate-bundle-deps.mts (where present): same '!' pattern.
…aders socket/prefer-static-type-import findings: - test/unit/socket-sdk-coverage-gaps.test.mts: 2× HttpResponse - scripts/test.mts: 1× ChildProcess Static import-type headers read better, deduplicate the module path across multiple inline uses, and are deterministically sortable by socket/sort-named-imports. Pre-commit lint/test skipped via DISABLE_PRECOMMIT_* (SOCKET_API_KEY 401 issue, user-authorized via 'Allow lint bypass').
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 4 file(s) touched: - .config/oxlint-plugin/lib/iterable-kind.mts - .config/oxlint-plugin/rules/no-cached-for-on-iterable.mts - .config/oxlint-plugin/rules/prefer-cached-for-loop.mts - .config/oxlint-plugin/test/no-cached-for-on-iterable.test.mts
The pnpm 11.1.2 cascade landed in external-tools.json (CI downloads 11.1.2) but the root packageManager field was still pinned at 11.0.8. pnpm refuses to run with: [ERROR] This project is configured to use 11.0.8 of pnpm. Your current pnpm is v11.1.2 Bring packageManager in line with the installed binary.
Auto-applied by socket-wheelhouse sync-scaffolding. - 11 hook test files: drop stale '// @ts-expect-error - node:test types' directives (TS2578 Unused). - excuse-detector test: bracket-access payload['stop_hook_active']. - overeager-staging-guard: drop unused payload param from getRepoDir(). - no-logger-newline-literal: drop unused 'newFirst' local.
Bump the SocketDev/socket-registry reusable ci.yml pin to 4069dfc8, the restored reusable workflow whose setup-and-install caches the pnpm store. CI install is now warm on every job + matrix cell.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 568 file(s) touched: - .claude/hooks/fleet/_shared/acorn/acorn-bindgen.cjs - .claude/hooks/fleet/_shared/acorn/acorn.wasm - .claude/hooks/fleet/_shared/cdn-allowlist.mts - .claude/hooks/fleet/_shared/commit-command.mts - .claude/hooks/fleet/_shared/dated-citation.mts - .claude/hooks/fleet/_shared/foreign-paths.mts - .claude/hooks/fleet/_shared/git-identity.mts - .claude/hooks/fleet/_shared/package-manager-auto-update.mts - .claude/hooks/fleet/_shared/test/git-identity.test.mts - .claude/hooks/fleet/_shared/token-patterns.mts - .claude/hooks/fleet/_shared/transcript.mts - .claude/hooks/fleet/alpha-sort-reminder/README.md - .claude/hooks/fleet/alpha-sort-reminder/index.mts - .claude/hooks/fleet/broken-hook-detector/README.md - .claude/hooks/fleet/broken-hook-detector/index.mts - .claude/hooks/fleet/broken-hook-detector/test/index.test.mts - .claude/hooks/fleet/c8-ignore-reason-guard/README.md - .claude/hooks/fleet/c8-ignore-reason-guard/index.mts - .claude/hooks/fleet/cascade-first-triage-reminder/README.md - .claude/hooks/fleet/cascade-first-triage-reminder/index.mts ... and 548 more
The docs/claude.md→docs/agents.md cascade moved the canonical tiers; the repo-owned repo/ tier survives the narrowed tombstone and is migrated here with git mv.
Repoint the Project-Specific architecture link to docs/agents.md/repo; trim the redundant inline coverage thresholds (they live in the cover config) to bring CLAUDE.md back under the 40KB cap.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 192 file(s) touched: - .claude/hooks/fleet/_shared/payload.mts - .claude/hooks/fleet/memory-discovery-reminder/README.md - .claude/hooks/fleet/memory-discovery-reminder/index.mts - .claude/hooks/fleet/memory-discovery-reminder/test/index.test.mts - .claude/hooks/fleet/no-premature-commit-kill-guard/README.md - .claude/hooks/fleet/no-premature-commit-kill-guard/index.mts - .claude/hooks/fleet/no-premature-commit-kill-guard/package.json - .claude/hooks/fleet/no-premature-commit-kill-guard/test/index.test.mts - .claude/hooks/fleet/no-premature-commit-kill-guard/tsconfig.json - .claude/hooks/fleet/no-unisolated-git-fixture-guard/index.mts - .claude/hooks/fleet/no-unisolated-git-fixture-guard/test/index.test.mts - .claude/settings.json - .claude/skills/fleet/managing-worktrees/SKILL.md - .config/fleet/oxlint-plugin/_shared/inject-import.mts - .config/fleet/oxlint-plugin/index.mts - .config/fleet/oxlint-plugin/lib/comment-checks.mts - .config/fleet/oxlint-plugin/lib/comment-markers.mts - .config/fleet/oxlint-plugin/lib/comparators.mts - .config/fleet/oxlint-plugin/lib/detect-source-type.mts - .config/fleet/oxlint-plugin/lib/fleet-paths.mts ... and 172 more
Auto-applied by socket-wheelhouse sync-scaffolding into cascade-socket-sdk-js-36260. 149 file(s) touched: - .claude/commands/fleet/update-hooks-dry.md - .claude/hooks/fleet/_shared/public-surfaces.mts - .claude/hooks/fleet/_shared/unbacked-claims.mts - .claude/hooks/fleet/ai-config-drift-reminder/index.mts - .claude/hooks/fleet/alpha-sort-reminder/index.mts - .claude/hooks/fleet/changelog-no-empty-guard/index.mts - .claude/hooks/fleet/claude-md-rule-add-guard/README.md - .claude/hooks/fleet/claude-md-rule-add-guard/index.mts - .claude/hooks/fleet/claude-md-rule-add-guard/package.json - .claude/hooks/fleet/claude-md-rule-add-guard/test/index.test.mts - .claude/hooks/fleet/claude-md-rule-add-guard/tsconfig.json - .claude/hooks/fleet/copy-on-select-hint-reminder/test/index.test.mts - .claude/hooks/fleet/dated-citation-guard/README.md - .claude/hooks/fleet/dated-citation-guard/index.mts - .claude/hooks/fleet/dated-citation-guard/package.json - .claude/hooks/fleet/dated-citation-guard/test/index.test.mts - .claude/hooks/fleet/dated-citation-guard/tsconfig.json - .claude/hooks/fleet/dated-citation-reminder/README.md - .claude/hooks/fleet/dirty-lockfile-reminder/index.mts - .claude/hooks/fleet/dirty-worktree-stop-guard/index.mts ... and 129 more
getFullScan and getDiffScanById now request cached=true and poll until the
result is ready, so callers receive the finished scan instead of an
intermediate processing response. Both gain an options object; pass
{ cached: false } to recompute on demand. Adds a pollIntervalMs client option
and a shared pollCachedScan helper.
Export ChunkedManifest, ApiRequirement, and Requirements interfaces. Replace toSorted (unsafe on the Node 18.20.8 engine floor) with in-place sort on already-copied arrays. Add explanatory comments to two complex regexes. Rename the bump.mts size-marker category off the banned "legitimate" filler word.
The soft-band file-size exemption marker no longer suppresses the cap, so split each file over 500 lines along cohesive seams: test suites by describe group into sibling files, and the two codegen scripts into helper modules. Regenerate docs/api.md for the new getFullScan and getDiffScanById options parameters.
The strict types had drifted from types/api.d.ts. Regenerate to resync the repository integration_meta shape. The OpenAPI source emits nested optional properties without an explicit undefined, which trips socket/optional-explicit-undefined, so the generator now runs the lint autofix before formatting and stays clean on every regeneration.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 88 file(s) touched: - .claude/commands/fleet/green-ci-local.md - .claude/commands/fleet/researching-recency.md - .claude/hooks/fleet/_shared/brew-supply-chain.mts - .claude/hooks/fleet/_shared/sparkle-auto-update.mts - .claude/hooks/fleet/_shared/token-patterns.mts - .claude/hooks/fleet/_shared/uv-config.mts - .claude/hooks/fleet/brew-supply-chain-guard/README.md - .claude/hooks/fleet/brew-supply-chain-guard/index.mts - .claude/hooks/fleet/brew-supply-chain-guard/package.json - .claude/hooks/fleet/brew-supply-chain-guard/test/index.test.mts - .claude/hooks/fleet/brew-supply-chain-guard/tsconfig.json - .claude/hooks/fleet/claude-md-section-size-guard/README.md - .claude/hooks/fleet/claude-md-section-size-guard/index.mts - .claude/hooks/fleet/claude-md-section-size-guard/test/index.test.mts - .claude/hooks/fleet/markdown-filename-guard/index.mts - .claude/hooks/fleet/markdown-filename-guard/test/index.test.mts - .claude/hooks/fleet/setup-security-tools/install.mts - .claude/hooks/fleet/setup-security-tools/lib/operator-prompts.mts - .claude/hooks/fleet/setup-security-tools/lib/shell-rc-bridge.mts - .claude/hooks/fleet/setup-security-tools/test/shell-rc-bridge.test.mts ... and 68 more
The cascade activated socket/options-null-proto and socket/require-vitest-globals-import. Normalize options with a null-prototype spread before access in three modules, and mark the describeRetry local alias (not a vitest global) exempt from the globals-import rule in the retry suites.
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 130 file(s) touched: - .claude/hooks/fleet/_shared/npmrc-trust.mts - .claude/hooks/fleet/_shared/trust-gates.mts - .claude/hooks/fleet/land-fast-reminder/README.md - .claude/hooks/fleet/land-fast-reminder/index.mts - .claude/hooks/fleet/land-fast-reminder/package.json - .claude/hooks/fleet/land-fast-reminder/test/land-fast-reminder.test.mts - .claude/hooks/fleet/land-fast-reminder/tsconfig.json - .claude/hooks/fleet/no-other-linters-guard/README.md - .claude/hooks/fleet/no-other-linters-guard/index.mts - .claude/hooks/fleet/no-other-linters-guard/package.json - .claude/hooks/fleet/no-other-linters-guard/test/index.test.mts - .claude/hooks/fleet/no-other-linters-guard/tsconfig.json - .claude/hooks/fleet/npmrc-trust-optout-guard/README.md - .claude/hooks/fleet/npmrc-trust-optout-guard/index.mts - .claude/hooks/fleet/npmrc-trust-optout-guard/package.json - .claude/hooks/fleet/npmrc-trust-optout-guard/test/index.test.mts - .claude/hooks/fleet/npmrc-trust-optout-guard/tsconfig.json - .claude/hooks/fleet/options-param-naming-guard/README.md - .claude/hooks/fleet/options-param-naming-guard/index.mts - .claude/hooks/fleet/options-param-naming-guard/package.json ... and 110 more
Auto-applied by socket-wheelhouse sync-scaffolding into cascade-socket-sdk-js-3482. 154 file(s) touched: - .agents/skills/fleet-agent-ci/SKILL.md - .agents/skills/fleet-agent-ci/reference.md - .agents/skills/fleet-auditing-api-surface/SKILL.md - .agents/skills/fleet-auditing-api-surface/lib/audit-api-surface.mts - .agents/skills/fleet-auditing-gha/SKILL.md - .agents/skills/fleet-auditing-gha/run.mts - .agents/skills/fleet-cascading-fleet/SKILL.md - .agents/skills/fleet-cascading-fleet/lib/cascade-template.mts - .agents/skills/fleet-cascading-fleet/lib/cascade-tool-pins.mts - .agents/skills/fleet-cascading-fleet/lib/fleet-repos.json - .agents/skills/fleet-cascading-fleet/lib/fleet-repos.txt - .agents/skills/fleet-cascading-fleet/lib/reconcile-lockfiles.mts - .agents/skills/fleet-cleaning-ci/SKILL.md - .agents/skills/fleet-cleaning-ci/lib/clean-ci.mts - .agents/skills/fleet-codifying-disciplines/SKILL.md - .agents/skills/fleet-driving-cursor-bugbot/SKILL.md - .agents/skills/fleet-driving-cursor-bugbot/reference.md - .agents/skills/fleet-greening-ci-local/SKILL.md - .agents/skills/fleet-greening-ci/SKILL.md - .agents/skills/fleet-greening-ci/run.mts ... and 134 more
Auto-applied by socket-wheelhouse sync-scaffolding into socket-sdk-js. 69 file(s) touched: - .agents/skills/fleet-auditing-api-surface/SKILL.md - .agents/skills/fleet-prose/SKILL.md - .agents/skills/fleet-prose/references/conversational.md - .agents/skills/fleet-updating-pricing/SKILL.md - .agents/skills/fleet-updating/SKILL.md - .claude/commands/fleet/update-pricing.md - .claude/hooks/fleet/clone-reviewed-repo-nudge/README.md - .claude/hooks/fleet/clone-reviewed-repo-nudge/detect.mts - .claude/hooks/fleet/clone-reviewed-repo-nudge/index.mts - .claude/hooks/fleet/clone-reviewed-repo-nudge/package.json - .claude/hooks/fleet/clone-reviewed-repo-nudge/test/index.test.mts - .claude/hooks/fleet/clone-reviewed-repo-nudge/tsconfig.json - .claude/hooks/fleet/markdown-filename-guard/index.mts - .claude/hooks/fleet/markdown-filename-guard/test/index.test.mts - .claude/hooks/fleet/no-corepack-guard/README.md - .claude/hooks/fleet/no-corepack-guard/index.mts - .claude/hooks/fleet/no-corepack-guard/package.json - .claude/hooks/fleet/no-corepack-guard/test/index.test.mts - .claude/hooks/fleet/no-corepack-guard/tsconfig.json - .claude/hooks/fleet/no-premature-commit-kill-guard/index.mts ... and 49 more
Bumps [@anthropic-ai/claude-code](https://github.com/anthropics/claude-code) from 2.1.92 to 2.1.163. - [Release notes](https://github.com/anthropics/claude-code/releases) - [Changelog](https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md) - [Commits](anthropics/claude-code@v2.1.92...v2.1.163) --- updated-dependencies: - dependency-name: "@anthropic-ai/claude-code" dependency-version: 2.1.163 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
Contributor
Author
|
Dependabot can't resolve your JavaScript dependency files. Because of this, Dependabot cannot update this pull request. |
ab171da to
93a9c58
Compare
Contributor
Author
|
Looks like @anthropic-ai/claude-code is up-to-date now, so this is no longer needed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps @anthropic-ai/claude-code from 2.1.92 to 2.1.163.
Release notes
Sourced from @anthropic-ai/claude-code's releases.
... (truncated)
Changelog
Sourced from @anthropic-ai/claude-code's changelog.
... (truncated)
Commits
d1e1742chore: Update CHANGELOG.md and feed.xmlb67fa4fchore: Update CHANGELOG.md and feed.xml625c04cchore: Update CHANGELOG.md and feed.xmlbdb04fcchore: Update CHANGELOG.md and feed.xml8bae02dchore: Update CHANGELOG.md and feed.xml295dee8chore: Update CHANGELOG.md and feed.xml8d0fbf4chore: Update CHANGELOG.md and feed.xml2d5c3c6chore: Update CHANGELOG.md and feed.xml1696f22chore: Update CHANGELOG.md and feed.xml3bb4455chore: Update CHANGELOG.md and feed.xmlInstall script changes
This version adds
postinstallscript that runs during installation. Review the package contents before updating.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.