chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@types/node (source)	25.2.1 → 25.3.0
eslint (source)	9.39.2 → 9.39.3
which	6.0.0 → 6.0.1

---

Release Notes

eslint/eslint (eslint)

v9.39.3

Compare Source

npm/node-which (which)

v6.0.1

Compare Source

Dependencies

• bd22353 #​168 bump isexe from 3.1.5 to 4.0.0 (#​168) (@​dependabot[bot])

Chores

• fc4c209 #​163 bump @​npmcli/eslint-config from 5.1.0 to 6.0.0 (#​163) (@​dependabot[bot])
• 46b25d7 #​165 bump @​npmcli/template-oss from 4.28.0 to 4.28.1 (#​165) (@​dependabot[bot], @​npm-cli-bot)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.64%. Comparing base (afb3f58) to head (d8540b9).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #153   +/-   ##
=======================================
  Coverage   89.64%   89.64%           
=======================================
  Files           3        3           
  Lines         251      251           
=======================================
  Hits          225      225           
  Misses         26       26           

Flag	Coverage Δ
unittests	89.64% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
⚠️ ACTION	actionlint	4		3	0	0.65s
✅ COPYPASTE	jscpd	yes		no	no	1.68s
✅ JAVASCRIPT	eslint	11		0	0	2.11s
✅ JSON	jsonlint	7		0	0	0.17s
✅ JSON	npm-package-json-lint	yes		no	no	0.49s
⚠️ JSON	prettier	7		1	0	0.44s
✅ JSON	v8r	7		0	0	11.82s
⚠️ MARKDOWN	markdownlint	6		17	0	0.82s
⚠️ MARKDOWN	markdown-table-formatter	6		1	0	0.27s
✅ REPOSITORY	checkov	yes		no	no	19.64s
✅ REPOSITORY	gitleaks	yes		no	no	0.68s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
❌ REPOSITORY	grype	yes		1	no	39.26s
✅ REPOSITORY	secretlint	yes		no	no	1.01s
✅ REPOSITORY	syft	yes		no	no	2.03s
❌ REPOSITORY	trivy	yes		1	no	8.92s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.41s
✅ REPOSITORY	trufflehog	yes		no	no	3.83s
✅ SPELL	cspell	40		0	0	3.74s
⚠️ SPELL	lychee	23		2	0	0.82s
✅ TYPESCRIPT	eslint	1		0	0	1.53s
⚠️ TYPESCRIPT	prettier	1		1	0	0.48s
⚠️ TYPESCRIPT	ts-standard	1		1	0	0.45s
⚠️ YAML	prettier	8		1	3	0.44s
✅ YAML	v8r	8		0	0	7.03s
✅ YAML	yamllint	8		0	0	0.31s

Detailed Issues

❌ REPOSITORY / grype - 1 error

[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
NAME  INSTALLED  FIXED IN  TYPE  VULNERABILITY        SEVERITY  EPSS  RISK  
tar   7.5.7      7.5.8     npm   GHSA-83g3-92jg-28cx  High      N/A   N/A
[0039] ERROR discovered vulnerabilities at or above the severity threshold

❌ REPOSITORY / trivy - 1 error

2026-02-20T16:41:14Z	INFO	[vulndb] Need to update DB
2026-02-20T16:41:14Z	INFO	[vulndb] Downloading vulnerability DB...
2026-02-20T16:41:14Z	INFO	[vulndb] Downloading artifact...	repo="mirror.gcr.io/aquasec/trivy-db:2"
9.56 MiB / 85.99 MiB [------>_______________________________________________________] 11.12% ? p/s ?42.13 MiB / 85.99 MiB [----------------------------->_______________________________] 49.00% ? p/s ?71.82 MiB / 85.99 MiB [-------------------------------------------------->__________] 83.52% ? p/s ?85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 127.35 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 127.35 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 127.35 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 119.14 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 119.14 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 119.14 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 111.45 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 111.45 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 111.45 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 104.26 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 104.26 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [--------------------------------------------->] 100.00% 104.26 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 97.53 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 97.53 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 97.53 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 91.24 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 91.24 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 91.24 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 85.35 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 85.35 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 85.35 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 79.85 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [---------------------------------------------->] 100.00% 79.85 MiB p/s ETA 0s85.99 MiB / 85.99 MiB [-------------------------------------------------] 100.00% 16.96 MiB p/s 5.3s2026-02-20T16:41:20Z	INFO	[vulndb] Artifact successfully downloaded	repo="mirror.gcr.io/aquasec/trivy-db:2"
2026-02-20T16:41:20Z	INFO	[vuln] Vulnerability scanning is enabled
2026-02-20T16:41:20Z	INFO	[misconfig] Misconfiguration scanning is enabled
2026-02-20T16:41:20Z	INFO	[misconfig] Need to update the checks bundle
2026-02-20T16:41:20Z	INFO	[misconfig] Downloading the checks bundle...
165.46 KiB / 165.46 KiB [------------------------------------------------------] 100.00% ? p/s 100ms2026-02-20T16:41:22Z	INFO	[npm] To collect the license information of packages, "npm install" needs to be performed beforehand	dir="node_modules"
2026-02-20T16:41:22Z	INFO	Suppressing dependencies for development and testing. To display them, try the '--include-dev-deps' flag.
2026-02-20T16:41:22Z	INFO	Number of language-specific files	num=1
2026-02-20T16:41:22Z	INFO	[npm] Detecting vulnerabilities...
2026-02-20T16:41:22Z	INFO	Detected config files	num=0

Report Summary

┌───────────────────┬──────┬─────────────────┬───────────────────┐
│      Target       │ Type │ Vulnerabilities │

(Truncated to 4000 characters out of 6198)

⚠️ ACTION / actionlint - 3 errors

.github/workflows/github-dependents-info.yml:54:9: shellcheck reported issue in this script: SC2086:info:1:15: Double quote to prevent globbing and word splitting [shellcheck]
   |
54 |         run: sudo chown -R $USER:$USER .
   |         ^~~~
.github/workflows/github-dependents-info.yml:54:9: shellcheck reported issue in this script: SC2086:info:1:21: Double quote to prevent globbing and word splitting [shellcheck]
   |
54 |         run: sudo chown -R $USER:$USER .
   |         ^~~~
.github/workflows/test.yml:78:11: input "file" is not defined in action "codecov/codecov-action@v5". available inputs are "base_sha", "binary", "codecov_yml_path", "commit_parent", "directory", "disable_file_fixes", "disable_safe_directory", "disable_search", "disable_telem", "dry_run", "env_vars", "exclude", "fail_ci_if_error", "files", "flags", "force", "gcov_args", "gcov_executable", "gcov_ignore", "gcov_include", "git_service", "handle_no_reports_found", "job_code", "name", "network_filter", "network_prefix", "os", "override_branch", "override_build", "override_build_url", "override_commit", "override_pr", "plugins", "recurse_submodules", "report_code", "report_type", "root_dir", "run_command", "skip_validation", "slug", "swift_project", "token", "url", "use_legacy_upload_endpoint", "use_oidc", "use_pypi", "verbose", "version", "working-directory" [action]
   |
78 |           file: coverage.lcov
   |           ^~~~~

⚠️ SPELL / lychee - 2 errors

[403] https://www.npmjs.com/package/java-caller | Network error: Forbidden
[403] https://npmjs.org/package/java-caller | Network error: Forbidden
📝 Summary
---------------------
🔍 Total...........64
✅ Successful......16
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded........46
❓ Unknown..........0
🚫 Errors...........2

Errors in README.md
[403] https://npmjs.org/package/java-caller | Network error: Forbidden
[403] https://www.npmjs.com/package/java-caller | Network error: Forbidden

⚠️ MARKDOWN / markdown-table-formatter - 1 error

1 files contain markdown tables to format:
- README.md

⚠️ MARKDOWN / markdownlint - 17 errors

CODE_OF_CONDUCT.md:58:44 error MD034/no-bare-urls Bare URL used [Context: "nicolas.vuillamy@gmail.com"]
CODE_OF_CONDUCT.md:71:14 error MD034/no-bare-urls Bare URL used [Context: "https://www.contributor-covena..."]
CODE_OF_CONDUCT.md:76:1 error MD034/no-bare-urls Bare URL used [Context: "https://www.contributor-covena..."]
README.md:67:13 error MD060/table-column-style Table column style [Table pipe is missing space to the left for style "compact"]
README.md:67:27 error MD060/table-column-style Table column style [Table pipe is missing space to the left for style "compact"]
README.md:67:37 error MD060/table-column-style Table column style [Table pipe is missing space to the left for style "compact"]
README.md:67:47 error MD060/table-column-style Table column style [Table pipe is missing space to the left for style "compact"]
README.md:67:1 error MD060/table-column-style Table column style [Table pipe is missing space to the right for style "compact"]
README.md:67:13 error MD060/table-column-style Table column style [Table pipe is missing space to the right for style "compact"]
README.md:67:27 error MD060/table-column-style Table column style [Table pipe is missing space to the right for style "compact"]
README.md:67:37 error MD060/table-column-style Table column style [Table pipe is missing space to the right for style "compact"]
README.md:68:361 error MD055/table-pipe-style Table pipe style [Expected: leading_and_trailing; Actual: leading_only; Missing trailing pipe]
README.md:70:123 error MD060/table-column-style Table column style [Table pipe has extra space to the left for style "compact"]
README.md:74:315 error MD055/table-pipe-style Table pipe style [Expected: leading_and_trailing; Actual: leading_only; Missing trailing pipe]
README.md:75:310 error MD055/table-pipe-style Table pipe style [Expected: leading_and_trailing; Actual: leading_only; Missing trailing pipe]
README.md:76:208 error MD055/table-pipe-style Table pipe style [Expected: leading_and_trailing; Actual: leading_only; Missing trailing pipe]
README.md:77:233 error MD055/table-pipe-style Table pipe style [Expected: leading_and_trailing; Actual: leading_only; Missing trailing pipe]

⚠️ JSON / prettier - 1 error

Checking formatting...
[warn] .cspell.json
[warn] .vscode/launch.json
[warn] examples/cli_app/lib/java-caller-config.json
[warn] examples/cli_app/package.json
[warn] examples/module_app/package.json
[warn] renovate.json
[warn] Code style issues found in 6 files. Run Prettier with --write to fix.

⚠️ TYPESCRIPT / prettier - 1 error

Checking formatting...
[warn] lib/index.d.ts
[warn] Code style issues found in the above file. Run Prettier with --write to fix.

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/deploy.yml
[warn] .github/workflows/test.yml
[warn] Code style issues found in 2 files. Run Prettier with --write to fix.

⚠️ TYPESCRIPT / ts-standard - 1 error

Unable to locate the project file. A project file (tsconfig.json or tsconfig.eslint.json) is required in order to use ts-standard.

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,COPYPASTE_JSCPD,JAVASCRIPT_ES,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,SPELL_LYCHEE,TYPESCRIPT_ES,TYPESCRIPT_STANDARD,TYPESCRIPT_PRETTIER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R