@socketsecurity/cli 0.14.40 → 0.14.41

package/dist/module-sync/settings.d.ts

@@ -1,9 +1,14 @@
+import config from '@socketsecurity/config';
 interface Settings {
     apiKey?: string | null;
     enforcedOrgs?: string[] | null;
     apiBaseUrl?: string | null;
     apiProxy?: string | null;
 }
+declare function findSocketYmlSync(): {
+    path: string;
+    parsed: config.SocketYml;
+} | null;
 declare function getSetting<Key extends keyof Settings>(key: Key): Settings[Key];
 declare function updateSetting<Key extends keyof Settings>(key: Key, value: Settings[Key]): void;
-export { getSetting, updateSetting };
+export { findSocketYmlSync, getSetting, updateSetting };

package/dist/module-sync/socket-url.d.ts

@@ -1,9 +1,25 @@
+/// <reference types="node" />
 import { SocketSdk } from "@socketsecurity/sdk";
+import { ObjectEncodingOptions, OpenMode, PathLike } from "node:fs";
+import { promises as fs } from "node:fs";
+import { readFileSync as fsReadFileSync } from "node:fs";
+import { Abortable } from "node:events";
+import { FileHandle } from "node:fs/promises";
 import indentString from "@socketregistry/indent-string/index.cjs";
 import { logSymbols } from "./logging.js";
 declare function getDefaultToken(): string | undefined;
 declare function getPublicToken(): string;
 declare function setupSdk(apiToken?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
+declare function findUp(name: string | string[], { cwd }: {
+    cwd: string | undefined;
+}): Promise<string | undefined>;
+type ReadFileOptions = ObjectEncodingOptions & Abortable & {
+    flag?: OpenMode | undefined;
+};
+declare function readFileBinary(filepath: PathLike | FileHandle, options?: ReadFileOptions): Promise<Buffer>;
+declare function readFileUtf8(filepath: PathLike | FileHandle, options?: ReadFileOptions): Promise<string>;
+declare function safeReadFile(...args: Parameters<typeof fs.readFile>): ReturnType<typeof fs.readFile> | undefined;
+declare function safeReadFileSync(...args: Parameters<typeof fsReadFileSync>): ReturnType<typeof fsReadFileSync> | undefined;
 declare class ColorOrMarkdown {
     useMarkdown: boolean;
     constructor(useMarkdown: boolean);
@@ -21,4 +37,4 @@ declare class ColorOrMarkdown {
 }
 declare function getSocketDevAlertUrl(alertType: string): string;
 declare function getSocketDevPackageOverviewUrl(eco: string, name: string, version?: string): string;
-export { getDefaultToken, getPublicToken, setupSdk, ColorOrMarkdown, getSocketDevAlertUrl, getSocketDevPackageOverviewUrl };
+export { getDefaultToken, getPublicToken, setupSdk, findUp, ReadFileOptions, readFileBinary, readFileUtf8, safeReadFile, safeReadFileSync, ColorOrMarkdown, getSocketDevAlertUrl, getSocketDevPackageOverviewUrl };

package/dist/module-sync/socket-url.js

@@ -23,6 +23,7 @@ var sdk = require('@socketsecurity/sdk');
 var fs = require('node:fs');
 var os = require('node:os');
 var path = require('node:path');
+var config = require('@socketsecurity/config');
 var constants = require('./constants.js');
 
 class AuthError extends Error {}
@@ -85,6 +86,54 @@ class ColorOrMarkdown {
   }
 }
 
+async function findUp(name, {
+  cwd = process.cwd()
+}) {
+  let dir = path.resolve(cwd);
+  const {
+    root
+  } = path.parse(dir);
+  const names = [name].flat();
+  while (dir && dir !== root) {
+    for (const name of names) {
+      const filePath = path.join(dir, name);
+      try {
+        // eslint-disable-next-line no-await-in-loop
+        const stats = await fs.promises.stat(filePath);
+        if (stats.isFile()) {
+          return filePath;
+        }
+      } catch {}
+    }
+    dir = path.dirname(dir);
+  }
+  return undefined;
+}
+async function readFileBinary(filepath, options) {
+  return await fs.promises.readFile(filepath, {
+    ...options,
+    encoding: 'binary'
+  });
+}
+async function readFileUtf8(filepath, options) {
+  return await fs.promises.readFile(filepath, {
+    ...options,
+    encoding: 'utf8'
+  });
+}
+function safeReadFile(...args) {
+  try {
+    return fs.promises.readFile(...args);
+  } catch {}
+  return undefined;
+}
+function safeReadFileSync(...args) {
+  try {
+    return fs.readFileSync(...args);
+  } catch {}
+  return undefined;
+}
+
 const LOCALAPPDATA = 'LOCALAPPDATA';
 let _settings;
 function getSettings() {
@@ -92,8 +141,8 @@ function getSettings() {
     _settings = {};
     const settingsPath = getSettingsPath();
     if (settingsPath) {
-      if (fs.existsSync(settingsPath)) {
-        const raw = fs.readFileSync(settingsPath, 'utf8');
+      const raw = safeReadFileSync(settingsPath, 'utf8');
+      if (raw) {
         try {
           Object.assign(_settings, JSON.parse(Buffer.from(raw, 'base64').toString()));
         } catch {
@@ -131,6 +180,31 @@ function getSettingsPath() {
   }
   return _settingsPath;
 }
+function findSocketYmlSync() {
+  let prevDir = null;
+  let dir = process.cwd();
+  while (dir !== prevDir) {
+    let ymlPath = path.join(dir, 'socket.yml');
+    let yml = safeReadFileSync(ymlPath, 'utf8');
+    if (yml === undefined) {
+      ymlPath = path.join(dir, 'socket.yaml');
+      yml = safeReadFileSync(ymlPath, 'utf8');
+    }
+    if (typeof yml === 'string') {
+      try {
+        return {
+          path: ymlPath,
+          parsed: config.parseSocketConfig(yml)
+        };
+      } catch {
+        throw new Error(`Found file but was unable to parse ${ymlPath}`);
+      }
+    }
+    prevDir = dir;
+    dir = path.join(dir, '..');
+  }
+  return null;
+}
 function getSetting(key) {
   return getSettings()[key];
 }
@@ -212,11 +286,16 @@ function getSocketDevPackageOverviewUrl(eco, name, version) {
 exports.AuthError = AuthError;
 exports.ColorOrMarkdown = ColorOrMarkdown;
 exports.InputError = InputError;
+exports.findSocketYmlSync = findSocketYmlSync;
+exports.findUp = findUp;
 exports.getDefaultToken = getDefaultToken;
 exports.getPublicToken = getPublicToken;
 exports.getSetting = getSetting;
 exports.getSocketDevAlertUrl = getSocketDevAlertUrl;
 exports.getSocketDevPackageOverviewUrl = getSocketDevPackageOverviewUrl;
 exports.isErrnoException = isErrnoException;
+exports.readFileBinary = readFileBinary;
+exports.readFileUtf8 = readFileUtf8;
+exports.safeReadFile = safeReadFile;
 exports.setupSdk = setupSdk;
 exports.updateSetting = updateSetting;

package/dist/require/cli.js

@@ -30,7 +30,6 @@ var socketUrl = require('./socket-url.js');
 var terminalLink = _socketInterop(require('terminal-link'));
 var isInteractive = require('@socketregistry/is-interactive/index.cjs');
 var prompts = require('@socketsecurity/registry/lib/prompts');
-var fs$1 = require('node:fs/promises');
 var npa = _socketInterop(require('npm-package-arg'));
 var semver = _socketInterop(require('semver'));
 var tinyglobby = _socketInterop(require('tinyglobby'));
@@ -43,12 +42,14 @@ var strings = require('@socketsecurity/registry/lib/strings');
 var browserslist = _socketInterop(require('browserslist'));
 var which = _socketInterop(require('which'));
 var index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs');
+var sorts = require('@socketsecurity/registry/lib/sorts');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config = require('@socketsecurity/config');
 var os = require('node:os');
 var readline = require('node:readline');
 var readline$1 = require('node:readline/promises');
 var chalkTable = _socketInterop(require('chalk-table'));
+var fs$1 = require('node:fs/promises');
 var ScreenWidget = _socketInterop(require('blessed/lib/widgets/screen'));
 var GridLayout = _socketInterop(require('blessed-contrib/lib/layout/grid'));
 var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
@@ -236,10 +237,10 @@ function shadowNpmInstall(opts) {
   constants.execPath, [
   // Lazily access constants.rootBinPath.
   path.join(constants.rootBinPath, 'npm-cli.js'), 'install',
-  // Even though the 'silent' flag is passed npm will still run through code
-  // paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund' flags
-  // are passed.
-  ...(useDebug ? ['--no-audit', '--no-fund'] : ['silent', '--no-audit', '--no-fund']), ...flags], {
+  // Even though the '--silent' flag is passed npm will still run through
+  // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
+  // flags are passed.
+  ...(useDebug ? ['--no-audit', '--no-fund'] : ['--silent', '--no-audit', '--no-fund']), ...flags], {
     signal: abortSignal$3,
     // Set stdio to include 'ipc'.
     // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
@@ -333,47 +334,6 @@ const validationFlags = {
   }
 };
 
-const {
-  API_V0_URL
-} = constants;
-function handleUnsuccessfulApiResponse(_name, result, spinner) {
-  // SocketSdkErrorType['error'] is not typed.
-  const resultErrorMessage = result.error?.message;
-  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
-  if (result.status === 401 || result.status === 403) {
-    spinner.stop();
-    throw new socketUrl.AuthError(message);
-  }
-  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
-  process$1.exit(1);
-}
-async function handleApiCall(value, description) {
-  let result;
-  try {
-    result = await value;
-  } catch (cause) {
-    throw new ponyCause.ErrorWithCause(`Failed ${description}`, {
-      cause
-    });
-  }
-  return result;
-}
-async function handleAPIError(code) {
-  if (code === 400) {
-    return 'One of the options passed might be incorrect.';
-  } else if (code === 403) {
-    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
-  }
-}
-async function queryAPI(path, apiKey) {
-  return await fetch(`${API_V0_URL}/${path}`, {
-    method: 'GET',
-    headers: {
-      Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
-    }
-  });
-}
-
 function objectSome(obj) {
   for (const key in obj) {
     if (obj[key]) {
@@ -390,31 +350,6 @@ function pick(input, keys) {
   return result;
 }
 
-function getFlagListOutput(list, indent, {
-  keyPrefix = '--',
-  padName
-} = {}) {
-  return getHelpListOutput({
-    ...list
-  }, indent, {
-    keyPrefix,
-    padName
-  });
-}
-function getHelpListOutput(list, indent, {
-  keyPrefix = '',
-  padName = 18
-} = {}) {
-  let result = '';
-  const names = Object.keys(list).sort();
-  for (const name of names) {
-    const rawDescription = list[name];
-    const description = (typeof rawDescription === 'object' ? rawDescription.description : rawDescription) || '';
-    result += ''.padEnd(indent) + (keyPrefix + name).padEnd(padName) + description + '\n';
-  }
-  return result.trim();
-}
-
 function stringJoinWithSeparateFinalSeparator(list, separator = ' and ') {
   const values = list.filter(Boolean);
   const {
@@ -430,6 +365,7 @@ function stringJoinWithSeparateFinalSeparator(list, separator = ' and ') {
   return `${values.join(', ')}${separator}${finalValue}`;
 }
 
+// Ordered from most severe to least.
 const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
 function getDesiredSeverities(lowestToInclude) {
   const result = [];
@@ -471,6 +407,72 @@ function getSeverityCount(issues, lowestToInclude) {
   return severityCount;
 }
 
+const {
+  API_V0_URL
+} = constants;
+function handleUnsuccessfulApiResponse(_name, result, spinner) {
+  // SocketSdkErrorType['error'] is not typed.
+  const resultErrorMessage = result.error?.message;
+  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop();
+    throw new socketUrl.AuthError(message);
+  }
+  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
+  process$1.exit(1);
+}
+async function handleApiCall(value, description) {
+  let result;
+  try {
+    result = await value;
+  } catch (cause) {
+    throw new ponyCause.ErrorWithCause(`Failed ${description}`, {
+      cause
+    });
+  }
+  return result;
+}
+async function handleAPIError(code) {
+  if (code === 400) {
+    return 'One of the options passed might be incorrect.';
+  } else if (code === 403) {
+    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  }
+}
+async function queryAPI(path, apiKey) {
+  return await fetch(`${API_V0_URL}/${path}`, {
+    method: 'GET',
+    headers: {
+      Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
+    }
+  });
+}
+
+function getFlagListOutput(list, indent, {
+  keyPrefix = '--',
+  padName
+} = {}) {
+  return getHelpListOutput({
+    ...list
+  }, indent, {
+    keyPrefix,
+    padName
+  });
+}
+function getHelpListOutput(list, indent, {
+  keyPrefix = '',
+  padName = 18
+} = {}) {
+  let result = '';
+  const names = Object.keys(list).sort();
+  for (const name of names) {
+    const rawDescription = list[name];
+    const description = (typeof rawDescription === 'object' ? rawDescription.description : rawDescription) || '';
+    result += ''.padEnd(indent) + (keyPrefix + name).padEnd(padName) + description + '\n';
+  }
+  return result.trim();
+}
+
 const {
   NPM: NPM$4
 } = registryConstants;
@@ -832,48 +834,6 @@ const npx = {
   }
 };
 
-function existsSync(filepath) {
-  try {
-    return filepath ? fs.existsSync(filepath) : false;
-  } catch {}
-  return false;
-}
-async function findUp(name, {
-  cwd = process$1.cwd()
-}) {
-  let dir = path.resolve(cwd);
-  const {
-    root
-  } = path.parse(dir);
-  const names = [name].flat();
-  while (dir && dir !== root) {
-    for (const name of names) {
-      const filePath = path.join(dir, name);
-      try {
-        // eslint-disable-next-line no-await-in-loop
-        const stats = await fs.promises.stat(filePath);
-        if (stats.isFile()) {
-          return filePath;
-        }
-      } catch {}
-    }
-    dir = path.dirname(dir);
-  }
-  return undefined;
-}
-async function readFileBinary(filepath, options) {
-  return await fs.promises.readFile(filepath, {
-    ...options,
-    encoding: 'binary'
-  });
-}
-async function readFileUtf8(filepath, options) {
-  return await fs.promises.readFile(filepath, {
-    ...options,
-    encoding: 'utf8'
-  });
-}
-
 const {
   BINARY_LOCK_EXT,
   BUN: BUN$1,
@@ -886,12 +846,6 @@ const {
   YARN_CLASSIC: YARN_CLASSIC$1
 } = constants;
 const AGENTS = [BUN$1, NPM$2, PNPM$1, YARN_BERRY$1, YARN_CLASSIC$1, VLT$1];
-const {
-  compare: alphanumericComparator
-} = new Intl.Collator(undefined, {
-  numeric: true,
-  sensitivity: 'base'
-});
 const binByAgent = {
   __proto__: null,
   [BUN$1]: BUN$1,
@@ -949,8 +903,8 @@ const readLockFileByAgent = (() => {
       return undefined;
     };
   }
-  const binaryReader = wrapReader(readFileBinary);
-  const defaultReader = wrapReader(async lockPath => await readFileUtf8(lockPath));
+  const binaryReader = wrapReader(socketUrl.readFileBinary);
+  const defaultReader = wrapReader(async lockPath => await socketUrl.readFileUtf8(lockPath));
   return {
     [BUN$1]: wrapReader(async (lockPath, agentExecPath) => {
       const ext = path.extname(lockPath);
@@ -982,15 +936,15 @@ async function detect({
   cwd = process$1.cwd(),
   onUnknown
 } = {}) {
-  let lockPath = await findUp(Object.keys(LOCKS), {
+  let lockPath = await socketUrl.findUp(Object.keys(LOCKS), {
     cwd
   });
   let lockBasename = lockPath ? path.basename(lockPath) : undefined;
   const isHiddenLockFile = lockBasename === '.package-lock.json';
-  const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await findUp('package.json', {
+  const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await socketUrl.findUp('package.json', {
     cwd
   });
-  const pkgPath = existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
+  const pkgPath = pkgJsonPath && fs.existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
   const editablePkgJson = pkgPath ? await packages.readPackageJson(pkgPath, {
     editable: true
   }) : undefined;
@@ -1047,7 +1001,7 @@ async function detect({
     }
     const browserslistQuery = pkgJson['browserslist'];
     if (Array.isArray(browserslistQuery)) {
-      const browserslistTargets = browserslist(browserslistQuery).map(s => s.toLowerCase()).sort(alphanumericComparator);
+      const browserslistTargets = browserslist(browserslistQuery).map(s => s.toLowerCase()).sort(sorts.naturalCompare);
       const browserslistNodeTargets = browserslistTargets.filter(v => v.startsWith('node ')).map(v => v.slice(5 /*'node '.length*/));
       if (!targets.browser && browserslistTargets.length) {
         targets.browser = browserslistTargets.length !== browserslistNodeTargets.length;
@@ -1473,11 +1427,11 @@ async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
   let workspacePatterns;
   if (agent === PNPM) {
     for (const workspacePath of [path.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), path.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
-      if (existsSync(workspacePath)) {
+      // eslint-disable-next-line no-await-in-loop
+      const yml = await socketUrl.safeReadFile(workspacePath, 'utf8');
+      if (yml) {
         try {
-          workspacePatterns = yaml.parse(
-          // eslint-disable-next-line no-await-in-loop
-          await fs$1.readFile(workspacePath, 'utf8'))?.packages;
+          workspacePatterns = yaml.parse(yml)?.packages;
         } catch {}
         if (workspacePatterns) {
           break;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli",
-  "version": "0.14.40",
+  "version": "0.14.41",
   "description": "CLI tool for Socket.dev",
   "homepage": "http://github.com/SocketDev/socket-cli",
   "license": "MIT",
@@ -43,6 +43,9 @@
     "check:lint": "eslint --report-unused-disable-directives .",
     "check:tsc": "tsc",
     "check:type-coverage": "type-coverage --detail --strict --at-least 95 --ignore-files 'test/*'",
+    "clean": "run-p --aggregate-output clean:*",
+    "clean:dist": "del-cli 'dist' 'test/dist'",
+    "clean:node_modules": "del-cli '**/node_modules'",
     "knip:dependencies": "knip --dependencies",
     "knip:exports": "knip --include exports,duplicates",
     "lint": "oxlint -c=./.oxlintrc.json --ignore-path=./.prettierignore --tsconfig=./tsconfig.json .",
@@ -53,18 +56,20 @@
     "test-ci": "run-s build:* test:*",
     "test:unit": "tap-run",
     "test:coverage:c8": "c8 --reporter=none node --test 'test/socket-npm.test.cjs'",
-    "test:coverage:merge": "cp -r .tap/coverage/*.json coverage/tmp && c8 --reporter=lcov --reporter=text --include 'dist/{module-sync,require}/*.js' --exclude 'dist/require/vendor.js' report"
+    "test:coverage:merge": "cp -r .tap/coverage/*.json coverage/tmp && c8 --reporter=lcov --reporter=text --include 'dist/{module-sync,require}/*.js' --exclude 'dist/require/vendor.js' report",
+    "update": "run-p --aggregate-output update:**",
+    "update:deps": "npx npm-check-updates"
   },
   "dependencies": {
     "@apideck/better-ajv-errors": "^0.3.6",
-    "@cyclonedx/cdxgen": "^11.1.0",
+    "@cyclonedx/cdxgen": "^11.1.5",
     "@npmcli/promise-spawn": "^8.0.2",
-    "@socketregistry/hyrious__bun.lockb": "^1.0.11",
+    "@socketregistry/hyrious__bun.lockb": "^1.0.12",
     "@socketregistry/indent-string": "^1.0.9",
     "@socketregistry/is-interactive": "^1.0.1",
     "@socketregistry/is-unicode-supported": "^1.0.0",
     "@socketsecurity/config": "^2.1.3",
-    "@socketsecurity/registry": "^1.0.74",
+    "@socketsecurity/registry": "^1.0.78",
     "@socketsecurity/sdk": "^1.4.5",
     "blessed": "^0.1.81",
     "blessed-contrib": "^4.11.0",
@@ -79,7 +84,7 @@
     "npm-package-arg": "^12.0.1",
     "open": "^10.1.0",
     "pony-cause": "^2.1.11",
-    "semver": "^7.6.3",
+    "semver": "^7.7.0",
     "synp": "^1.9.14",
     "terminal-link": "2.1.1",
     "tiny-updater": "^3.5.3",
@@ -90,16 +95,16 @@
     "yoctocolors-cjs": "^2.1.2"
   },
   "devDependencies": {
-    "@babel/core": "^7.26.0",
+    "@babel/core": "^7.26.7",
     "@babel/plugin-proposal-export-default-from": "^7.25.9",
     "@babel/plugin-syntax-dynamic-import": "^7.8.3",
     "@babel/plugin-transform-export-namespace-from": "^7.25.9",
     "@babel/plugin-transform-runtime": "^7.25.9",
-    "@babel/preset-env": "^7.26.0",
+    "@babel/preset-env": "^7.26.7",
     "@babel/preset-typescript": "^7.26.0",
-    "@babel/runtime": "^7.26.0",
+    "@babel/runtime": "^7.26.7",
     "@eslint/compat": "^1.2.5",
-    "@eslint/js": "^9.18.0",
+    "@eslint/js": "^9.19.0",
     "@rollup/plugin-commonjs": "^28.0.2",
     "@rollup/plugin-json": "^6.1.0",
     "@rollup/plugin-node-resolve": "^16.0.0",
@@ -111,7 +116,7 @@
     "@types/micromatch": "^4.0.9",
     "@types/mocha": "^10.0.10",
     "@types/mock-fs": "^4.13.4",
-    "@types/node": "^22.10.7",
+    "@types/node": "^22.12.0",
     "@types/npmcli__arborist": "^6.3.0",
     "@types/npmcli__promise-spawn": "^6.0.3",
     "@types/proc-log": "^3.0.4",
@@ -119,31 +124,32 @@
     "@types/update-notifier": "^6.0.8",
     "@types/which": "^3.0.4",
     "@types/yargs-parser": "^21.0.3",
-    "@typescript-eslint/eslint-plugin": "^8.21.0",
-    "@typescript-eslint/parser": "^8.21.0",
+    "@typescript-eslint/eslint-plugin": "^8.22.0",
+    "@typescript-eslint/parser": "^8.22.0",
     "c8": "^10.1.3",
     "custompatch": "^1.1.4",
-    "eslint": "^9.18.0",
-    "eslint-import-resolver-oxc": "^0.9.1",
+    "del-cli": "^6.0.0",
+    "eslint": "^9.19.0",
+    "eslint-import-resolver-oxc": "^0.10.1",
     "eslint-plugin-depend": "^0.12.0",
     "eslint-plugin-import-x": "^4.6.1",
     "eslint-plugin-n": "^17.15.1",
     "eslint-plugin-sort-destructure-keys": "^2.0.0",
     "eslint-plugin-unicorn": "^56.0.1",
     "husky": "^9.1.7",
-    "knip": "^5.42.2",
+    "knip": "^5.43.6",
     "magic-string": "^0.30.17",
     "mock-fs": "^5.4.1",
-    "nock": "^13.5.6",
+    "nock": "^14.0.0",
     "npm-run-all2": "^7.0.2",
-    "oxlint": "0.15.7",
+    "oxlint": "0.15.8",
     "prettier": "3.4.2",
     "read-package-up": "^11.0.0",
-    "rollup": "4.31.0",
+    "rollup": "4.32.1",
     "rollup-plugin-ts": "^3.4.5",
     "type-coverage": "^2.29.7",
     "typescript": "5.4.5",
-    "typescript-eslint": "^8.21.0",
+    "typescript-eslint": "^8.22.0",
     "unplugin-purge-polyfills": "^0.0.7"
   },
   "overrides": {