Skip to content

Dependencies#2471

Merged
jmthomas merged 4 commits intomainfrom
dependencies
Oct 22, 2025
Merged

Dependencies#2471
jmthomas merged 4 commits intomainfrom
dependencies

Conversation

@jmthomas
Copy link
Copy Markdown
Member

@jmthomas jmthomas commented Oct 21, 2025

No description provided.

@codecov
Copy link
Copy Markdown

codecov bot commented Oct 21, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 94.73684% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 79.63%. Comparing base (26d49ee) to head (06521f6).
⚠️ Report is 6 commits behind head on main.

Files with missing lines Patch % Lines
openc3/lib/openc3/models/target_model.rb 80.00% 1 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2471   +/-   ##
=======================================
  Coverage   79.63%   79.63%           
=======================================
  Files         658      658           
  Lines       50414    50416    +2     
  Branches      736      736           
=======================================
+ Hits        40148    40150    +2     
  Misses      10186    10186           
  Partials       80       80
Flag Coverage Δ
python 81.66% <ø> (+0.02%) ⬆️
ruby-api 84.51% <100.00%> (-0.06%) ⬇️
ruby-backend 82.95% <90.00%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 21, 2025
View reviewed changes
@socket-security
Copy link
Copy Markdown

socket-security bot commented Oct 21, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Added@​docusaurus/​faster@​3.9.2991006799100
Added@​docusaurus/​module-type-aliases@​3.9.21001006999100
Added@​docusaurus/​preset-classic@​3.9.2991007099100
Added@​docusaurus/​types@​3.9.2991007299100
Added@​docusaurus/​plugin-client-redirects@​3.9.2991007399100
Added@​docusaurus/​core@​3.9.2981007599100
Added@​docusaurus/​theme-common@​3.9.2991007599100
Added@​docusaurus/​plugin-content-docs@​3.9.2991007799100
Addedclsx@​2.1.11001009678100
Addedlunr@​2.3.91001009678100
Addeddocusaurus-lunr-search@​3.6.09910010079100
Added@​mdx-js/​react@​3.1.110010010085100

View full report

ryanmelt
ryanmelt approved these changes Oct 21, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@ryanmelt ryanmelt left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Surprised there were no changes to other package.json?

@jmthomas
Copy link
Copy Markdown
Member Author

jmthomas commented Oct 22, 2025

Surprised there were no changes to other package.json?

Me too ... I'm going to go back and make sure the new pnpm stuff is doing what I expect.

@socket-security
Copy link
Copy Markdown

socket-security bot commented Oct 22, 2025
edited
Loading

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
[email protected] has Obfuscated code.

Confidence: 0.91

Location: Package overview

From: docs.openc3.com/pnpm-lock.yamlnpm/[email protected]npm/[email protected]

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at [email protected].

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/[email protected]. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Oct 22, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@jmthomas jmthomas merged commit 8b98af0 into main Oct 22, 2025
30 of 31 checks passed
@jmthomas jmthomas deleted the dependencies branch October 22, 2025 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ryanmelt ryanmelt ryanmelt approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jmthomas @ryanmelt @github-advanced-security