refactor: Bump basic-ftp from 5.1.0 to 5.2.0 by dependabot[bot] · Pull Request #3238 · parse-community/parse-dashboard

dependabot · 2026-02-25T23:31:14Z

Bumps basic-ftp from 5.1.0 to 5.2.0.

Release notes

5.2.0

Changed: Skip files with invalid name in downloadToDir.

Changelog

5.2.0

Changed: Skip files with invalid name in downloadToDir. Fixes security vulnerability CVE-2026-27699, see GHSA-5rq4-664w-9x2c.

Commits

5d41e45 Bump version
49c2e73 Update dependencies
2a2a0e6 Skip invalid filenames
65c90d9 Fix permissions for workflows
593cb78 Set permissions for workflow jobs
36adf11 Remove deprecated CodeQL check
See full diff in compare view

Maintainer changes

This version was pushed to npm by patrickjuchli, a new releaser for basic-ftp since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

parse-github-assistant · 2026-02-25T23:31:16Z

I will reformat the title to use the proper commit message syntax.

parseplatformorg · 2026-02-25T23:31:26Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

mtrezza · 2026-03-30T02:55:19Z

@coderabbitai review

coderabbitai · 2026-03-30T02:55:27Z

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

coderabbitai · 2026-03-30T02:55:34Z

📝 Walkthrough

Walkthrough

Updated the basic-ftp package dependency from version 5.1.0 to 5.2.0 in package-lock.json. Changes include the resolved tarball URL and integrity hash updates corresponding to the new version.

Changes

Cohort / File(s)	Summary
Dependency Update `package-lock.json`	Updated `basic-ftp` package from 5.1.0 to 5.2.0, including resolved URL and integrity hash changes.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete. It lacks required sections: no explicit Issue link/description and no Approach section explaining the change rationale.	Add an Issue section linking to or describing the security issue being fixed, and an Approach section explaining why this dependency bump was made.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title 'refactor: Bump basic-ftp from 5.1.0 to 5.2.0' accurately describes the main change: a dependency version bump. It is clear, specific, and directly reflects the changeset.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests
Commit unit tests in branch dependabot/npm_and_yarn/basic-ftp-5.2.0

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

mtrezza · 2026-03-30T02:59:16Z

@dependabot rebase

Bumps [basic-ftp](https://github.com/patrickjuchli/basic-ftp) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/patrickjuchli/basic-ftp/releases) - [Changelog](https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md) - [Commits](patrickjuchli/basic-ftp@v5.1.0...v5.2.0) --- updated-dependencies: - dependency-name: basic-ftp dependency-version: 5.2.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

parse-github-assistant · 2026-03-30T03:00:40Z

I will reformat the title to use the proper commit message syntax.

parse-github-assistant · 2026-03-30T03:00:43Z

I will reformat the title to use the proper commit message syntax.

parseplatformorg · 2026-04-07T09:34:22Z

🎉 This change has been released in version 9.1.0-alpha.12

parseplatformorg · 2026-04-07T12:33:51Z

🎉 This change has been released in version 9.1.0

dependabot Bot added dependencies Bot label; pull requests that updates a dependency file javascript Pull requests that update javascript code labels Feb 25, 2026

parse-github-assistant Bot changed the title ~~refactor: bump basic-ftp from 5.1.0 to 5.2.0~~ refactor: Bump basic-ftp from 5.1.0 to 5.2.0 Feb 25, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/basic-ftp-5.2.0 branch 8 times, most recently from 0a462ad to 8705fde Compare March 2, 2026 20:24

dependabot Bot force-pushed the dependabot/npm_and_yarn/basic-ftp-5.2.0 branch from 8705fde to 98fc68f Compare March 6, 2026 18:21

dependabot Bot force-pushed the dependabot/npm_and_yarn/basic-ftp-5.2.0 branch 2 times, most recently from 096b078 to 9c9be80 Compare March 14, 2026 11:59

dependabot Bot force-pushed the dependabot/npm_and_yarn/basic-ftp-5.2.0 branch 2 times, most recently from 73bd3ad to 2e0e164 Compare March 25, 2026 07:43

coderabbitai Bot approved these changes Mar 30, 2026

View reviewed changes

dependabot Bot changed the title ~~refactor: Bump basic-ftp from 5.1.0 to 5.2.0~~ refactor: bump basic-ftp from 5.1.0 to 5.2.0 Mar 30, 2026

dependabot Bot force-pushed the dependabot/npm_and_yarn/basic-ftp-5.2.0 branch from 2e0e164 to e1d295a Compare March 30, 2026 03:00

parse-github-assistant Bot changed the title ~~refactor: bump basic-ftp from 5.1.0 to 5.2.0~~ refactor: Bump basic-ftp from 5.1.0 to 5.2.0 Mar 30, 2026

mtrezza merged commit 89f6c14 into alpha Mar 30, 2026
11 checks passed

mtrezza deleted the dependabot/npm_and_yarn/basic-ftp-5.2.0 branch March 30, 2026 03:09

parseplatformorg added the state:released-alpha Released as alpha version label Apr 7, 2026

parseplatformorg added the state:released Released as stable version label Apr 7, 2026

This was referenced Apr 10, 2026

refactor: Bump basic-ftp from 5.2.0 to 5.2.1 #3330

Closed

refactor: Bump basic-ftp from 5.2.0 to 5.2.2 #3334

Closed

Uh oh!

Conversation

dependabot Bot commented on behalf of github Feb 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

5.2.0

5.2.0

Uh oh!

parse-github-assistant Bot commented Feb 25, 2026

Uh oh!

parseplatformorg commented Feb 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

mtrezza commented Mar 30, 2026

Uh oh!

coderabbitai Bot commented Mar 30, 2026

Uh oh!

coderabbitai Bot commented Mar 30, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Estimated code review effort

❌ Failed checks (1 warning)

Uh oh!

mtrezza commented Mar 30, 2026

Uh oh!

parse-github-assistant Bot commented Mar 30, 2026

Uh oh!

parse-github-assistant Bot commented Mar 30, 2026

Uh oh!

Uh oh!

parseplatformorg commented Apr 7, 2026

Uh oh!

parseplatformorg commented Apr 7, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot Bot commented on behalf of github Feb 25, 2026 •

edited

Loading

parseplatformorg commented Feb 25, 2026 •

edited

Loading

coderabbitai Bot commented Mar 30, 2026 •

edited

Loading