feat: diff operation

[nadilas]

No description provided.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Ignored Deployment

Name	Status	Preview	Comments	Updated (UTC)
ogre	⬜️ Ignored (Inspect)	Visit Preview		Feb 16, 2024 5:40pm

[nadilas]

Current dependencies on/for this PR:

• main
  • PR refactor: move formatgit2json to core lib #130
    • PR fix: array features by changing to json-patch RFC6902 #131
      • PR feat: diff operation #132 👈

This stack of pull requests is managed by Graphite.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@auto-it/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+336	99.2 MB	alisowski
npm/@auto-it/[email protected]	environment, network Transitive: eval, filesystem, shell, unsafe	+174	88.2 MB	alisowski
npm/@auto-it/[email protected]	environment, filesystem, shell Transitive: eval, network, unsafe	+196	88.5 MB	alisowski
npm/@auto-it/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+174	88.2 MB	alisowski
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+217	89 MB	alisowski
npm/[email protected]	Transitive: environment, filesystem, shell	+9	209 kB	entropitor
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+540	147 MB	jameshenry
npm/[email protected]	environment, filesystem, unsafe	0	8.39 MB	prettier-bot

🚮 Removed packages: npm/@auto-it/[email protected], npm/@auto-it/[email protected], npm/@auto-it/[email protected], npm/@auto-it/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[codecov]

Codecov Report

Attention: 3 lines in your changes are missing coverage. Please review.

Comparison is base (8d4a177) 80.93% compared to head (a07c233) 76.49%.
Report is 7 commits behind head on main.

Files	Patch %	Lines
packages/ogre/src/repository.ts	70.00%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #132      +/-   ##
==========================================
- Coverage   80.93%   76.49%   -4.45%     
==========================================
  Files           6        6              
  Lines         341      302      -39     
  Branches       73       64       -9     
==========================================
- Hits          276      231      -45     
- Misses         40       50      +10     
+ Partials       25       21       -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/[email protected]	Install script: postinstall Source: node ./bin/post-install	package-lock.json package.json

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]

[nadilas]

Merge activity

• Feb 16, 6:36 PM GMT+1: @nadilas started a stack merge that includes this pull request via Graphite.
• Feb 16, 6:41 PM GMT+1: Graphite rebased this pull request as part of a merge.
• Feb 16, 6:42 PM GMT+1: @nadilas merged this pull request with Graphite.

[github-actions]

🚀 PR was released in @dotinc/[email protected], @dotinc/[email protected], @dotinc/[email protected] 🚀