chore(deps): bump the nodesecure-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the nodesecure-dependencies group with 3 updates in the / directory: @nodesecure/js-x-ray, @nodesecure/npm-registry-sdk and @nodesecure/report.

Updates @nodesecure/js-x-ray from 9.2.0 to 10.0.0

Release notes

Sourced from @​nodesecure/js-x-ray's releases.

@​nodesecure/js-x-ray@​10.0.0

Major Changes

• #383 09c3575 Thanks @​clemgbld! - feat(tracer): support tracking function return values

Minor Changes

• #399 857308c Thanks @​clemgbld! - feat(probes) add minimal implementation of data-exfiltration

• #392 02a2d05 Thanks @​fraxken! - Simplify tracing validation & add new spread test for the probe

• #398 b6d2474 Thanks @​fraxken! - Implement new pipeline mechanism with a built-in deobfuscate

• #382 bc62d3e Thanks @​clemgbld! - feat(probes): add finalize callback

• #397 283d5b6 Thanks @​fraxken! - Integrate estree-walker natively using meriyah ESTree types

• #387 4d097cc Thanks @​fraxken! - Move trojan-source detection from SourceFile to AstAnalyser

• #396 f66af80 Thanks @​fraxken! - Move Signals into probe.main context

• #380 99fd4fe Thanks @​clemgbld! - refactor(probes): isFetch detect fetch re-assigment

• #395 fad019f Thanks @​fraxken! - Implement context for Probe and ProbeRunner

• #389 f037105 Thanks @​clemgbld! - feat(probes): isLiteral detect api.ipify.org with shady link

• #384 728d744 Thanks @​fraxken! - move ProbeRunner from SourceFile to AstAnalyser class

Patch Changes

• #376 d5b98de Thanks @​tony-go! - Handle uname as unsafe-command

• #400 14cb982 Thanks @​fraxken! - Properly deep clone and reset probe context

• #381 ca954d8 Thanks @​tony-go! - Handle curl and ping for unsafe-command probe

• Updated dependencies [91031f8, 7927535, 09c3575, facb858, 53b25a4]:

  • @​nodesecure/tracer@​3.0.0
  • @​nodesecure/estree-ast-utils@​4.2.0

Commits

• f61651b chore: update versions (#378)
• 857308c feat(probes): add minimal implementation of data exfiltration (#399)
• b6d2474 feat: implement pipelines with built-in deobfuscate (#398)
• 14cb982 fix(js-x-ray): properly deep clone and reset probe context in ProbeRunner (#400)
• 283d5b6 refactor: integrate estree-walker using meriyah ESTree types (#397)
• f66af80 refactor: move Signals to the probe.main context (#396)
• fad019f feat(ProbeRunner): implement context (#395)
• 8300966 chore(scripts): add clean script to remove dist folder and tsconfig.tsbuildi...
• 02a2d05 refactor(probe/isSerializeEnv): simplify tracing & add new UT with a spread (...
• facb858 chore(tracer): enhance docs, types and syntax (#391)
• Additional commits viewable in compare view

Updates @nodesecure/npm-registry-sdk from 3.0.0 to 4.0.0

Release notes

Sourced from @​nodesecure/npm-registry-sdk's releases.

v4.0.0

What's Changed

• Update Node.js versions to v20 and v22 by @​fabnguess in NodeSecure/npm-registry-sdk#166
• Update eslint tsconfig by @​fraxken in NodeSecure/npm-registry-sdk#167
• ci: automatically merge dependabot PR by @​fraxken in NodeSecure/npm-registry-sdk#169
• Update copyright by @​fabnguess in NodeSecure/npm-registry-sdk#170
• Fetch registry keys by @​fabnguess in NodeSecure/npm-registry-sdk#180
• Dependencies and Github actions updates (by @​dependabot)

Full Changelog: NodeSecure/npm-registry-sdk@v3.0.0...v4.0.0

Commits

• ff4624c 4.0.0
• 21f162a feat: implement NPM keys() API (#180)
• 5546e59 chore(deps): bump the github-actions group with 2 updates (#181)
• d24c07d chore(deps): bump the github-actions group with 2 updates (#178)
• 4af36e7 chore(deps-dev): bump @​types/node in the development-dependencies group (#177)
• dd03a6b chore(deps): bump the github-actions group with 2 updates (#176)
• aed0d95 chore(deps): bump the github-actions group with 3 updates (#175)
• 7f681af chore(deps): bump the github-actions group with 4 updates (#174)
• b682927 chore(deps): bump the github-actions group with 4 updates (#173)
• a455693 chore(deps-dev): bump @​openally/config.eslint (#172)
• Additional commits viewable in compare view

Updates @nodesecure/report from 3.0.0 to 4.0.0

Release notes

Sourced from @​nodesecure/report's releases.

v4.0.0

What's Changed

• Update Node.js versions to v20 and v22 by @​fabnguess in NodeSecure/report#429
• fix: scanner payload & teardown after failure by @​ErwanRaulo in NodeSecure/report#432
• improve teardown strategy for execute command by @​ErwanRaulo in NodeSecure/report#433
• Migrate codebase to TypeScript by @​fraxken in NodeSecure/report#428
• Update @​openally/config.eslint by @​fabnguess in NodeSecure/report#437
• chore: add missing rimraf dev-dependency by @​PierreDemailly in NodeSecure/report#438
• Update eslint config by @​fraxken in NodeSecure/report#447
• test(e2e): add nominal tests for exec & init CLI commands by @​ErwanRaulo in NodeSecure/report#434
• chore(ci): enable auto merge for pull request by @​ErwanRaulo in NodeSecure/report#451
• chore: update dependencies by @​fraxken in NodeSecure/report#458
• feat(extractScannerData): refactor extract scanner data by @​clemgbld in NodeSecure/report#457
• Dependencies update by @​dependabot

New Contributors

• @​clemgbld made their first contribution in NodeSecure/report#457

Full Changelog: NodeSecure/report@v3.0.0...v4.0.0

Commits

• 7127588 4.0.0
• 71bcb7a chore(deps): bump the github-actions group with 2 updates (#462)
• cecd735 chore(deps): bump the github-actions group with 2 updates (#461)
• 6c081bf chore(deps): bump @​openally/mutex in the dependencies group (#460)
• e4bde33 chore(deps): bump @​nodesecure/rc in the dependencies group (#459)
• 63df914 feat(extractScannerData): refactor extract scanner data (#457)
• 6fb6a59 chore: update dependencies (#458)
• 2f40fc4 chore(deps): bump the dependencies group with 2 updates (#455)
• 1ca07bf chore(deps): bump the github-actions group with 2 updates (#454)
• c13ed64 chore(deps): bump puppeteer in the dependencies group (#453)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions