[Snyk] Upgrade bancos-brasileiros from 6.1.26 to 6.1.29

[guibranco]

User description

Snyk has created this PR to upgrade bancos-brasileiros from 6.1.26 to 6.1.29.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.

• The recommended version was released 23 days ago.

Release notes

Package name: bancos-brasileiros

• 6.1.29 - 2025-01-02
  

  Release of Bancos Brasileiros - v6.1.29

  • Updated 1 bank
    • 80 - BT CC LTDA. - 73.622.748/0001-08
      • LongName (STR): BT CORRETORA DE CAMBIO -> BT CORRETORA DE CAMBIO LTDA.
      • ShortName (STR): BT CORRETORA DE CAMBIO -> BT CC LTDA.
• 6.1.28 - 2024-12-31
  

  Release of Bancos Brasileiros - v6.1.28

  • Updated 1 bank
    • 80 - BT CORRETORA DE CAMBIO - 73.622.748/0001-08
      • LongName (STR): B&T CORRETORA DE CAMBIO LTDA. -> BT CORRETORA DE CAMBIO
      • ShortName (STR): B&T CC LTDA. -> BT CORRETORA DE CAMBIO
• 6.1.27 - 2024-12-28
  

  Release of Bancos Brasileiros - v6.1.27

  • Updated 1 bank
    • 531 - BMP SCD S.A. - 34.337.707/0001-00
      • PixType (SPI): Null -> DRCT
      • DatePixStarted (SPI): Null -> 2025-01-08 08:00:00
• 6.1.26 - 2024-12-26
  

  Release of Bancos Brasileiros - v6.1.26

  • Updated 1 bank
    • 659 - ONEKEY PAYMENTS IP S.A. - 35.210.410/0001-41
      • PixType (SPI): IDRT -> DRCT
      • DatePixStarted (SPI): 2022-09-12 11:04:30 -> 2024-12-20 10:10:00

from bancos-brasileiros GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

---

Description

• Upgraded bancos-brasileiros from version 6.1.26 to 6.1.29 in both package.json and package-lock.json.
• This upgrade includes updated integrity hashes and ensures the project uses the latest version with potential bug fixes and improvements.

---

Changes walkthrough 📝

Relevant files

Dependencies

package-lock.json Upgrade bancos-brasileiros version in package-lock              examples/emberjs/package-lock.json Updated bancos-brasileiros version from 6.1.26 to 6.1.29. Updated integrity hash for the new version. +7/-7      package.json Upgrade bancos-brasileiros version in package.json              examples/emberjs/package.json Updated bancos-brasileiros version from 6.1.26 to 6.1.29. +1/-1

---

💡 Penify usage:
Comment /help on the PR to get a list of all available Penify tools and their descriptions

Description by Korbit AI

What change is being made?

Upgrade the bancos-brasileiros package from version 6.1.26 to 6.1.29 in both package-lock.json and package.json.

Why are these changes being made?

This update is to ensure we have the latest improvements and security patches provided by the bancos-brasileiros package maintainers, ensuring better stability and security for our project. It is a routine dependency update to keep our dependencies current.

Is this description stale? Ask me to generate a new description by commenting /korbit-generate-pr-description

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request upgrades the bancos-brasileiros dependency from version 6.1.26 to 6.1.29. This is a dependency update, and the changes primarily involve modifications to the package.json and package-lock.json files to reflect the new version.

Class diagram showing bank data structure changes across versions

classDiagram
    class Bank {
        +String LongName
        +String ShortName
        +String PixType
        +DateTime DatePixStarted
    }
    note for Bank "Changes across versions 6.1.26 to 6.1.29"

    class BT_CC_v6_1_29 {
        +String LongName: 'BT CORRETORA DE CAMBIO LTDA.'
        +String ShortName: 'BT CC LTDA.'
    }

    class BMP_SCD_v6_1_27 {
        +String PixType: 'DRCT'
        +DateTime DatePixStarted: '2025-01-08 08:00:00'
    }

    class ONEKEY_v6_1_26 {
        +String PixType: 'DRCT'
        +DateTime DatePixStarted: '2024-12-20 10:10:00'
    }

    Bank <|-- BT_CC_v6_1_29
    Bank <|-- BMP_SCD_v6_1_27
    Bank <|-- ONEKEY_v6_1_26

Loading

File-Level Changes

Change	Details	Files
The bancos-brasileiros dependency was updated from version 6.1.26 to 6.1.29.	Updated the bancos-brasileiros version in package.json. Updated the bancos-brasileiros version in package-lock.json.	examples/emberjs/package.json examples/emberjs/package-lock.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!
• Generate a plan of action for an issue: Comment @sourcery-ai plan on
  an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!

[korbit-ai]

I've completed my review and didn't find any issues.

Need a new review? Comment /korbit-review on this PR and I'll review your latest changes.

Korbit Guide: Usage and Customization

Interacting with Korbit

• You can manually ask Korbit to review your PR using the /korbit-review command in a comment at the root of your PR.
• You can ask Korbit to generate a new PR description using the /korbit-generate-pr-description command in any comment on your PR.
• Too many Korbit comments? I can resolve all my comment threads if you use the /korbit-resolve command in any comment on your PR.
• Chat with Korbit on issues we post by tagging @korbit-ai in your reply.
• Help train Korbit to improve your reviews by giving a 👍 or 👎 on the comments Korbit posts.

Customizing Korbit

• Check out our docs on how you can make Korbit work best for you and your team.
• Customize Korbit for your organization through the Korbit Console.

Current Korbit Configuration

General Settings

​

Setting	Value
Review Schedule	Automatic excluding drafts
Max Issue Count	10
Automatic PR Descriptions	✅

Issue Categories

​

Category	Enabled
Naming	✅
Database Operations	✅
Documentation	✅
Logging	✅
Error Handling	✅
Systems and Environment	✅
Objects and Data Structures	✅
Readability and Maintainability	✅
Asynchronous Processing	✅
Design Patterns	✅
Third-Party Libraries	✅
Performance	✅
Security	✅
Functionality	✅

Feedback and Support

• Tell us what you think of Korbit
• Schedule a call with our team
• Email us @ [email protected]

Note

Korbit Pro is free for open source projects 🎉

Looking to add Korbit to your team? Get started with a free 2 week trial here

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	1, because this PR only involves a straightforward version upgrade of a dependency with no complex changes.
🧪 Relevant tests	No
⚡ Possible issues	No
🔒 Security concerns	No

[socket-security]

Updated dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/[email protected] 🔁 npm/[email protected]	None	0	323 kB	guibranco

View full report↗︎

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Security	Validate the integrity hash for the new package version Ensure that the integrity hash for the new version of bancos-brasileiros is correct and matches the package from the registry. examples/emberjs/package-lock.json [4885] -"integrity": "sha512-YjyH6UQ6RXonHhUvj3aUoImceN7cuDcAYtN5zuncpsHN0+bkTlcimT33JXhWdxCutG8vv7deVJcbYglN3uTyzQ==" +"integrity": "sha512-YjyH6UQ6RXonHhUvj3aUoImceN7cuDcAYtN5zuncpsHN0+bkTlcimT33JXhWdxCutG8vv7deVJcbYglN3uTyzQ==" // Verify integrity Suggestion importance[1-10]: 8 Why: Validating the integrity hash is crucial for security and ensuring that the package has not been tampered with, warranting a higher score.	8
Compatibility	Verify compatibility of the new version with the existing project Ensure that the new version of bancos-brasileiros is compatible with your project and does not introduce breaking changes. examples/emberjs/package-lock.json [12] -"bancos-brasileiros": "^6.1.29" +"bancos-brasileiros": "^6.1.29" // Check compatibility Suggestion importance[1-10]: 7 Why: While it's important to check compatibility when upgrading dependencies, this suggestion is more of a best practice than a critical issue, hence the moderate score.	7
Testing	Run tests to confirm functionality after the version upgrade Consider running tests after upgrading bancos-brasileiros to ensure that everything functions as expected. examples/emberjs/package-lock.json [12] -"bancos-brasileiros": "^6.1.29" +"bancos-brasileiros": "^6.1.29" // Run tests after upgrade Suggestion importance[1-10]: 7 Why: Running tests after an upgrade is a good practice to ensure functionality, but it is not a direct code issue, leading to a moderate score.	7
Maintainability	Check for potential impacts on other dependencies due to the upgrade Review the dependencies to ensure that no other packages are affected by the upgrade of bancos-brasileiros. examples/emberjs/package.json [70] -"bancos-brasileiros": "^6.1.29" +"bancos-brasileiros": "^6.1.29" // Review dependencies Suggestion importance[1-10]: 6 Why: Checking for impacts on other dependencies is important for maintainability, but it is a general suggestion rather than a specific code issue, resulting in a moderate score.	6

[github-actions]

Infisical secrets check: ✅ No secrets leaked!

💻 Scan logs

11:04PM INF scanning for exposed secrets...
11:04PM INF 1106 commits scanned.
11:04PM INF scan completed in 2.66s
11:04PM INF no leaks found

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud