ci: bump lint-staged from 16.2.7 to 16.3.2

[dependabot]

Bumps lint-staged from 16.2.7 to 16.3.2.

Release notes

Sourced from lint-staged's releases.

v16.3.2

Patch Changes

• #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

v16.3.1

Patch Changes

• #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

v16.3.0

Minor Changes

• #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

• #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

• #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.

Changelog

Sourced from lint-staged's changelog.

16.3.2

Patch Changes

• #1735 2adaf6c Thanks @​iiroj! - Hide the extra cmd window on Windows by spawning tasks without the detached option.

16.3.1

Patch Changes

• #1729 cd5d762 Thanks @​iiroj! - Remove nano-spawn as a dependency from package.json as it was replaced with tinyexec and is no longer used.

16.3.0

Minor Changes

• #1698 feda37a Thanks @​iiroj! - Run external processes with tinyexec instead of nano-spawn. nano-spawn replaced execa in lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hope tinyexec improves the situation.

• #1699 1346d16 Thanks @​iiroj! - Remove pidtree as a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and the taskkill command on Windows.

Patch Changes

• #1726 87467aa Thanks @​iiroj! - Incorrect brace expansions like *.{js} (nothing to expand) are detected exhaustively, instead of just a single pass.

Commits

• dfd6a7a chore(changeset): release
• 2adaf6c fix(Windows): do not spawn tasks as detached since it opens a cmd window on ...
• 60957ce docs: add CONTRIBUTING.md
• 2a74cd2 chore(changeset): release
• cd5d762 refactor: remove nano-spawn dependency completely
• e342cab build(deps): move nano-spawn to dev
• 9aa2cd7 chore(changeset): release
• 0c387bc test: make long-running task longer because of GitHub Actions slowness
• 87467aa refactor: detect incorrect brace expansion exhaustively
• dceabc6 ci: run npm audit in GitHub Actions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/commander	14.0.3	🟢 7	Details Check Score Reason Code-Review 🟢 8 Found 8/9 approved changesets -- score normalized to 8 Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 12 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Signed-Releases ⚠️ -1 no releases found SAST 🟢 10 SAST tool is run on all commits
npm/lint-staged	16.3.2	Unknown	Unknown
npm/yaml	2.8.2	🟢 7.2	Details Check Score Reason Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 0 Found 1/19 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Signed-Releases ⚠️ -1 no releases found SAST 🟢 9 SAST tool detected but not run on all commits

Scanned Files

• package-lock.json

[github-actions]

🎉 This PR is included in version 3.8.0 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀