build(deps-dev): bump eslint-plugin-promise from 3.7.0 to 3.8.0 by dependabot[bot] · Pull Request #61 · expressjs/serve-favicon

dependabot · 2025-06-05T13:14:18Z

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps eslint-plugin-promise from 3.7.0 to 3.8.0.

Changelog

Sourced from eslint-plugin-promise's changelog.

3.8.0

Removed promise/avoid-new from recommended configuration (#119)

Ignored event listener callbacks in promise/prefer-await-to-callbacks (#117)

Ignored top-level awaits in promise/prefer-await-to-then (#126)

Added docs for promise/no-nesting and promise/prefer-await-to-then (#120) (#121)

Commits

67dad97 3.8.0
212e557 docs(changelog): prepare for v3.8.0 (#132)
9b0cbd1 refactor: lookup promise statics from object instead of array (#131)
ceb7414 feat: turn off avoid-new in recommended configuration (#119)
b5a6423 chore(package): add package-lock.json (#130)
4ebd2c6 fix: ignore event listener callbacks in prefer-await-to-callbacks (#117)
4a3d5b8 fix: ignore top-level awaits in prefer-await-to-then (#126)
0b231da docs: add no-nesting examples (#120)
5956eca docs: add examples to prefer-await-to-then (#121)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

socket-security · 2025-06-05T13:14:36Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	eslint-plugin-promise@3.7.0 ⏵ 3.8.0	⁺¹		⁺¹

View full report

UlisesGascon

LGTM!

Bumps [eslint-plugin-promise](https://github.com/eslint-community/eslint-plugin-promise) from 3.7.0 to 3.8.0. - [Release notes](https://github.com/eslint-community/eslint-plugin-promise/releases) - [Changelog](https://github.com/eslint-community/eslint-plugin-promise/blob/main/CHANGELOG.md) - [Commits](eslint-community/eslint-plugin-promise@v3.7.0...v3.8.0) --- updated-dependencies: - dependency-name: eslint-plugin-promise dependency-version: 3.8.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 5, 2025

UlisesGascon self-assigned this Jun 5, 2025

UlisesGascon added the fast track label Jun 5, 2025

UlisesGascon approved these changes Jun 5, 2025

View reviewed changes

dependabot Bot force-pushed the dependabot/npm_and_yarn/eslint-plugin-promise-3.8.0 branch from e4ecac7 to 5072de5 Compare June 5, 2025 19:10

UlisesGascon merged commit d83f56c into master Jun 5, 2025
60 checks passed

dependabot Bot deleted the dependabot/npm_and_yarn/eslint-plugin-promise-3.8.0 branch June 5, 2025 19:24

UlisesGascon mentioned this pull request Jun 5, 2025

Release: 2.5.1 #68

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps-dev): bump eslint-plugin-promise from 3.7.0 to 3.8.0#61

build(deps-dev): bump eslint-plugin-promise from 3.7.0 to 3.8.0#61
UlisesGascon merged 1 commit into
masterfrom
dependabot/npm_and_yarn/eslint-plugin-promise-3.8.0

dependabot Bot commented on behalf of github Jun 5, 2025 •

edited

Loading

Uh oh!

socket-security Bot commented Jun 5, 2025 •

edited

Loading

Uh oh!

UlisesGascon left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 5, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

3.8.0

Uh oh!

socket-security Bot commented Jun 5, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

UlisesGascon left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jun 5, 2025 •

edited

Loading

socket-security Bot commented Jun 5, 2025 •

edited

Loading