[pull] main from TryGhost:main#1205
Merged
Merged
Conversation
We are looking to standardise on structured logging and on OpenTelemetry-style naming for those logs. Current received wisdom is using `event.name` for the main event identifier, using standardised names like `http.response.status_code` where available and using entity/domain based grouping for custom fields. Recently, these three log reporters were added / upgraded following a slightly older pattern using `system.event`. The aim is to move us towards a standard that we can deploy going forward but without asserting this is definitely canonical - rather that this is more directionally correct than using the reserved `system` namespace.
ref https://linear.app/ghost/issue/PLA-60 `apps/shade` declared `date-fns@4.1.0` as a direct dependency but **never imports it** — there's no `date-fns` reference anywhere in the package's source. The calendar component pulls in `react-day-picker@9.14.0`, which depends on date-fns 4.x itself, so shade's direct declaration was redundant.
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@secretlint/secretlint-rule-pattern](https://redirect.github.com/secretlint/secretlint/tree/master/packages/@secretlint/secretlint-rule-pattern/) ([source](https://redirect.github.com/secretlint/secretlint)) | [`12.3.1` → `13.0.2`](https://renovatebot.com/diffs/npm/@secretlint%2fsecretlint-rule-pattern/12.3.1/13.0.2) |  |  | | [@secretlint/secretlint-rule-preset-recommend](https://redirect.github.com/secretlint/secretlint/tree/master/packages/@secretlint/secretlint-rule-preset-recommend/) ([source](https://redirect.github.com/secretlint/secretlint)) | [`12.3.1` → `13.0.2`](https://renovatebot.com/diffs/npm/@secretlint%2fsecretlint-rule-preset-recommend/12.3.1/13.0.2) |  |  | | [secretlint](https://redirect.github.com/secretlint/secretlint/tree/master/packages/secretlint/) ([source](https://redirect.github.com/secretlint/secretlint)) | [`12.3.1` → `13.0.2`](https://renovatebot.com/diffs/npm/secretlint/12.3.1/13.0.2) |  |  | --- ### Release Notes <details> <summary>secretlint/secretlint (@​secretlint/secretlint-rule-pattern)</summary> ### [`v13.0.2`](https://redirect.github.com/secretlint/secretlint/releases/tag/v13.0.2) [Compare Source](https://redirect.github.com/secretlint/secretlint/compare/v13.0.0...v13.0.2) <!-- Release notes generated using configuration in .github/release.yml at master --> ##### What's Changed 📝 v13.0.1 published as v13.0.2 ##### Bug Fixes - Fix secp256k1 private key detection to avoid false positives by [@​azu](https://redirect.github.com/azu) in [#​1564](https://redirect.github.com/secretlint/secretlint/pull/1564) ##### CI - ci: replace merge-gatekeeper with automerge-gate by [@​azu](https://redirect.github.com/azu) in [#​1543](https://redirect.github.com/secretlint/secretlint/pull/1543) - Update github/codeql-action action to v3.35.3 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1546](https://redirect.github.com/secretlint/secretlint/pull/1546) - ci(release): prevent cache poisoning by [@​azu](https://redirect.github.com/azu) in [#​1555](https://redirect.github.com/secretlint/secretlint/pull/1555) - chore(CI): update to pkgdeps/automerge-gate\@​4.1 by [@​azu](https://redirect.github.com/azu) in [#​1557](https://redirect.github.com/secretlint/secretlint/pull/1557) - Update rhysd/github-action-benchmark action to v1.22.1 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1558](https://redirect.github.com/secretlint/secretlint/pull/1558) - Update github/codeql-action action to v3.35.4 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1563](https://redirect.github.com/secretlint/secretlint/pull/1563) ##### Dependency Updates - Update dependency turbo to ^2.9.8 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1542](https://redirect.github.com/secretlint/secretlint/pull/1542) - Update dependency turbo to ^2.9.9 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1544](https://redirect.github.com/secretlint/secretlint/pull/1544) - Update Patch updates (patch) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1545](https://redirect.github.com/secretlint/secretlint/pull/1545) - Update pnpm to v10.33.4 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1551](https://redirect.github.com/secretlint/secretlint/pull/1551) - Update dependency [@​types/node](https://redirect.github.com/types/node) to ^25.6.1 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1552](https://redirect.github.com/secretlint/secretlint/pull/1552) - Update dependency turbo to ^2.9.10 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1553](https://redirect.github.com/secretlint/secretlint/pull/1553) - Update dependency [@​types/node](https://redirect.github.com/types/node) to ^25.6.2 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1554](https://redirect.github.com/secretlint/secretlint/pull/1554) - Update dependency turbo to ^2.9.12 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1556](https://redirect.github.com/secretlint/secretlint/pull/1556) - Update textlint to ^15.6.1 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1559](https://redirect.github.com/secretlint/secretlint/pull/1559) - Update dependency vitest to ^4.1.6 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1561](https://redirect.github.com/secretlint/secretlint/pull/1561) - Update dependency [@​types/node](https://redirect.github.com/types/node) to ^25.7.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1562](https://redirect.github.com/secretlint/secretlint/pull/1562) ##### Other Changes - Reorganize CLI options and update glob syntax documentation by [@​azu](https://redirect.github.com/azu) in [#​1540](https://redirect.github.com/secretlint/secretlint/pull/1540) **Full Changelog**: <secretlint/secretlint@v13.0.0...v13.0.2> ### [`v13.0.0`](https://redirect.github.com/secretlint/secretlint/releases/tag/v13.0.0) [Compare Source](https://redirect.github.com/secretlint/secretlint/compare/v12.3.1...v13.0.0) ##### Highlights v13 changes how files are discovered on disk and adds three credential detection rules. ##### `.gitignore` is respected by default Nested `.gitignore` files now apply to file discovery with ripgrep semantics: rules from each directory cascade into its subtree, and a negation rule in a deeper file can flip an earlier verdict. Files excluded by any `.gitignore` on the path are no longer scanned. Repositories that previously relied on Secretlint scanning ignored files (such as `dist/` or generated artefacts) will see fewer files in the output. `.secretlintignore` is unchanged and continues to apply alongside `.gitignore`. To restore the v12 behaviour: ```bash secretlint --no-gitignore "**/*" ``` If a file is matched by a `.gitignore` rule but still appears in Secretlint's output, please open an issue at <https://github.com/secretlint/secretlint/issues>. ##### Glob-shaped paths that exist on disk are treated literally `--no-glob` and "globs by default" both existed in v12. What changed in v13 is the fallback for inputs that contain glob metacharacters but resolve to a real file or directory. In v12, an input like `src/(group)/page.tsx` was always parsed as a glob, so SvelteKit / Next.js routes whose names contain `()`, `[]`, `{}`, or `?` required `--no-glob`. v13 runs a single `stat` per glob-shaped input: if it exists, the input is treated literally; otherwise it stays a glob. | Pattern | On disk | v12 default | v13 default | | ------------------------ | ------------------- | ------------------------ | ----------------- | | `src/(group)/page.tsx` | exists | parsed as glob, no match | matched literally | | `src/(missing)/page.tsx` | absent | parsed as glob | parsed as glob | | `src/[a-z]ormal.tsx` | `normal.tsx` exists | matched via glob | matched via glob | Pass `--no-glob` to skip the probe and force literal interpretation. ##### New and promoted rules Added to `preset-recommend`: | Rule | Detects | | ---------------------------------------- | ----------------------------------------------------- | | `@secretlint/secretlint-rule-tailscale` | Tailscale API keys (new package) | | `@secretlint/secretlint-rule-stripe` | Stripe API keys (new package) | | `@secretlint/secretlint-rule-cloudflare` | Cloudflare API tokens (promoted from `preset-canary`) | ##### What's Changed ##### Breaking Changes - feat!: respect .gitignore by default via [@​secretlint/walker](https://redirect.github.com/secretlint/walker) by [@​azu](https://redirect.github.com/azu) in [#​1530](https://redirect.github.com/secretlint/secretlint/pull/1530) - feat(secretlint-rule-preset-recommend): promote cloudflare, stripe, tailscale from canary by [@​azu](https://redirect.github.com/azu) in [#​1538](https://redirect.github.com/secretlint/secretlint/pull/1538) ##### Features - Add Tailscale API key detection rule by [@​azu](https://redirect.github.com/azu) in [#​1536](https://redirect.github.com/secretlint/secretlint/pull/1536) - feat(secretlint-rule-stripe): add Stripe API key detection rule by [@​azu](https://redirect.github.com/azu) in [#​1537](https://redirect.github.com/secretlint/secretlint/pull/1537) ##### CI - Update actions/setup-node action to v6.4.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1527](https://redirect.github.com/secretlint/secretlint/pull/1527) ##### Dependency Updates - Update pnpm to v10.33.2 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1525](https://redirect.github.com/secretlint/secretlint/pull/1525) - Update dependency ajv to ^8.20.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1528](https://redirect.github.com/secretlint/secretlint/pull/1528) - Update textlint to ^15.6.0 (minor) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1529](https://redirect.github.com/secretlint/secretlint/pull/1529) - Update dependency picomatch to ^4.0.4 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1534](https://redirect.github.com/secretlint/secretlint/pull/1534) - Update dependency turbo to ^2.9.7 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1535](https://redirect.github.com/secretlint/secretlint/pull/1535) ##### Other Changes - Update Node.js to v24.15.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1514](https://redirect.github.com/secretlint/secretlint/pull/1514) - Update dependency Bun to v1.3.13 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​1526](https://redirect.github.com/secretlint/secretlint/pull/1526) **Full Changelog**: <secretlint/secretlint@v12.3.1...v13.0.0> </details> --- ### Configuration 📅 **Schedule**: (in timezone Etc/UTC) - Branch creation - Only on Sunday and Saturday (`* * * * 0,6`) - Between 11:00 PM and 11:59 PM, Monday through Friday (`* 23 * * 1-5`) - Between 12:00 AM and 04:59 AM, Monday through Saturday (`* 0-4 * * 1-6`) - Automerge - Only on Sunday and Saturday (`* * * * 0,6`) - Between 11:00 PM and 11:59 PM, Monday through Friday (`* 23 * * 1-5`) - Between 12:00 AM and 04:59 AM, Monday through Saturday (`* 0-4 * * 1-6`) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDcuNCIsInVwZGF0ZWRJblZlciI6IjQzLjIwNy40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: tryghost-renovate[bot] <269725441+tryghost-renovate[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )