Skip to content

build(deps-dev): Bump rimraf from 5.0.10 to 6.1.3 in /packages/agent-mesh/sdks/typescript#628

Merged
imran-siddique merged 1 commit intomainfrom
dependabot/npm_and_yarn/packages/agent-mesh/sdks/typescript/rimraf-6.1.3
Mar 31, 2026
Merged

build(deps-dev): Bump rimraf from 5.0.10 to 6.1.3 in /packages/agent-mesh/sdks/typescript#628
imran-siddique merged 1 commit intomainfrom
dependabot/npm_and_yarn/packages/agent-mesh/sdks/typescript/rimraf-6.1.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 31, 2026
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps rimraf from 5.0.10 to 6.1.3.

Changelog

Sourced from rimraf's changelog.

6.1

  • Move to native fs/promises usage instead of promisifying manually.

6.0

  • Drop support for nodes before v20
  • Add --version to CLI

5.0

  • No default export, only named exports

4.4

  • Provide Dirent or Stats object as second argument to filter

4.3

  • Return boolean indicating whether the path was fully removed
  • Add filter option
  • bin: add --verbose, -v to print files as they are deleted
  • bin: add --no-verbose, -V to not print files as they are deleted
  • bin: add -i --interactive to be prompted on each deletion
  • bin: add -I --no-interactive to not be prompted on each deletion
  • 4.3.1 Fixed inappropriately following symbolic links to directories

v4.2

  • Brought back glob support, using the new and improved glob v9

v4.1

  • Improved hybrid module with no need to look at the .default dangly bit. .default preserved as a reference to rimraf for compatibility with anyone who came to rely on it in v4.0.
  • Accept and ignore -rf and -fr arguments to the bin.

v4.0

  • Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
  • Accept array of paths or single path.
  • Windows performance and reliability improved.
  • All strategies separated into explicitly exported methods.
  • Drop support for Node.js below version 14
  • rewrite in TypeScript

... (truncated)

Commits

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 31, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 31, 2026

Welcome to the Agent Governance Toolkit! Thanks for your first pull request.
Please ensure tests pass, code follows style (ruff check), and you have signed the CLA.
See our Contributing Guide.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 31, 2026
edited
Loading

✅ PR Review Summary

Check Status Details
🔍 Code Review ⏳ Pending Awaiting results
🛡️ Security Scan ⏳ Pending Awaiting results
🔄 Breaking Changes ⏳ Pending Awaiting results
📝 Docs Sync ⏳ Pending Awaiting results
🧪 Test Coverage ⏳ Pending Awaiting results

Verdict: ⏳ Still running — some checks have not completed yet

💡 Individual agent reports are collapsed below for reference.

@github-actions github-actions bot added the size/L Large PR (< 500 lines) label Mar 31, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 31, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 8d6c4a3.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/glob 13.0.6 🟢 5.5
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Maintained🟢 1026 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
SAST⚠️ 0no SAST tool detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Security-Policy🟢 10security policy file detected
npm/lru-cache 11.2.7 🟢 5
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/29 approved changesets -- score normalized to 0
Maintained🟢 1013 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/path-scurry 2.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Maintained🟢 45 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/rimraf 6.1.3 🟢 5.5
Details
CheckScoreReason
Code-Review⚠️ 0Found 2/24 approved changesets -- score normalized to 0
Maintained🟢 1012 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • packages/agent-mesh/sdks/typescript/package-lock.json

@github-actions github-actions bot added agent-mesh agent-mesh package and removed dependencies Pull requests that update a dependency file size/L Large PR (< 500 lines) labels Mar 31, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/packages/agent-mesh/sdks/typescript/rimraf-6.1.3 branch from ad43ed6 to 219069b Compare March 31, 2026 05:11
@github-actions github-actions bot added the size/L Large PR (< 500 lines) label Mar 31, 2026
imran-siddique
imran-siddique previously approved these changes Mar 31, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@imran-siddique imran-siddique left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@imran-siddique imran-siddique enabled auto-merge (squash) March 31, 2026 05:14
@dependabot
build(deps-dev): Bump rimraf in /packages/agent-mesh/sdks/typescript
8d6c4a3 
Bumps [rimraf](https://github.com/isaacs/rimraf) from 5.0.10 to 6.1.3.
- [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md)
- [Commits](isaacs/rimraf@v5.0.10...v6.1.3)

---
updated-dependencies:
- dependency-name: rimraf
  dependency-version: 6.1.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/packages/agent-mesh/sdks/typescript/rimraf-6.1.3 branch from 219069b to 8d6c4a3 Compare March 31, 2026 15:32
@github-actions github-actions bot added the size/M Medium PR (< 200 lines) label Mar 31, 2026
@imran-siddique imran-siddique merged commit 4438768 into main Mar 31, 2026
45 of 55 checks passed
@imran-siddique imran-siddique deleted the dependabot/npm_and_yarn/packages/agent-mesh/sdks/typescript/rimraf-6.1.3 branch March 31, 2026 15:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@imran-siddique imran-siddique imran-siddique left review comments

Assignees

No one assigned

Labels

agent-mesh agent-mesh package size/L Large PR (< 500 lines) size/M Medium PR (< 200 lines)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@imran-siddique