build(deps-dev): bump publint from 0.2.9 to 0.2.12

[dependabot]

Bumps publint from 0.2.9 to 0.2.12.

Release notes

Sourced from publint's releases.

v0.2.12

Features

• If the package publishes a license file, but the "license" field is not set in package.json, a suggestion will now be shown to add the field (bluwy/publint#111)

Bug fixes

• In the "repostory" field, string shorthands with nested paths like gitlab:org/user/repo is now considered valid (bluwy/publint#113)

Site

• Fixed repository url link for string shorthands (bluwy/publint#109)

Full Changelog: publint/publint@v0.2.11...v0.2.12

v0.2.11

Features

• Update formatMessage() utility with a new color option to force enable or disable returning color in string (bluwy/publint#110)

New Contributors

• @​zanminkian made their first contribution in bluwy/publint#110

Full Changelog: publint/publint@v0.2.10...v0.2.11

v0.2.10

Features

• Adds a new rule that validates the "repository" field (bluwy/publint#106)
  • If "repository" is a string, it must be one of the supported shorthand strings from the docs.
  • If "repository" is an object with "type": "git", the "url" must be a valid git URL and can be parsed by npm.
  • The git:// protocol for GitHub repos should not be used due security concerns.
  • GitHub or GitLab links should be prefixed with git+ and postfixed with .git. (This is also warned by npm when publishing a package).

New Contributors

• @​Namchee made their first contribution in bluwy/publint#106

Full Changelog: publint/publint@v0.2.9...v0.2.10

Commits

• 03a580d Release v0.2.12
• d2a8141 Update dependencies
• 6f2e4f2 Check license field is set if license file exists
• 4525806 Allow repository shorthand with nested path
• 13ab98c Release v0.2.11
• b62f13f Update dependencies
• 6afd342 Add formatMessage color option (#110)
• 6d00f6b Release v0.2.10
• a94f663 feat: add INVALID_REPOSITORY_VALUE rule (#106)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/publint@0.2.12	Transitive: environment, filesystem	+16	327 kB	bluwy

🚮 Removed packages: npm/publint@0.2.9

View full report↗︎

[castarco]

@dependabot rebase

[dependabot]

Looks like publint is up-to-date now, so this is no longer needed.