Skip to content

chore(deps): bump @socketsecurity/lib from 5.5.3 to 5.6.0#1083

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/socketsecurity/lib-5.6.0
Open

chore(deps): bump @socketsecurity/lib from 5.5.3 to 5.6.0#1083
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/socketsecurity/lib-5.6.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026

Bumps @socketsecurity/lib from 5.5.3 to 5.6.0.

Changelog

Sourced from @​socketsecurity/lib's changelog.

5.6.0 - 2026-02-08

Added

  • http-request: Added automatic default headers for JSON and text requests
    • httpJson() now automatically sets Accept: application/json header
    • httpJson() automatically sets Content-Type: application/json when body is present
    • httpText() now automatically sets Accept: text/plain header
    • httpText() automatically sets Content-Type: text/plain when body is present
    • User-provided headers always override defaults
    • Simplifies API usage - no need to manually set common headers

Changed

  • http-request: Renamed HTTP helper functions to support all HTTP methods (BREAKING CHANGE)
    • httpGetJson()httpJson() - Now supports GET, POST, PUT, DELETE, PATCH, etc.
    • httpGetText()httpText() - Now supports all HTTP methods via method option
    • Functions now accept method parameter in options (defaults to 'GET')
    • More flexible API that matches modern fetch-style conventions
    • Migration: Replace httpGetJson() calls with httpJson() and httpGetText() with httpText()

Fixed

  • http-request: Fixed Content-Type header incorrectly sent with empty string body
    • Empty string body ("") no longer triggers Content-Type header
    • Changed condition from if (body !== undefined) to if (body) for semantic correctness
    • Empty string represents "no content" and should not declare a Content-Type
    • Affects httpJson() and httpText() functions
    • Fixes potential API compatibility issues with servers expecting no Content-Type for empty bodies
    • Added comprehensive test coverage for empty string edge case
Commits
  • 6580b33 chore: bump version to 5.6.0
  • 61bd1e1 chore(deps): update dependencies
  • 540d187 fix(http-request): prevent Content-Type header for empty string body
  • dc46e82 refactor(http-request): sort functions alphabetically
  • 89e796d feat(http-request): rename helpers and add default headers
  • c2e623d feat(quality-scan): add documentation accuracy scan
  • bbf489a feat(quality-scan): add quality-scan skill and zizmor security scanner
  • b408ecc fix(deps): always update Socket packages in update script (#85)
  • 88a21f3 fix(scripts): update script messaging and add @socketbin/* scope
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump @socketsecurity/lib from 5.5.3 to 5.6.0
2d9329e 
Bumps [@socketsecurity/lib](https://github.com/SocketDev/socket-lib) from 5.5.3 to 5.6.0.
- [Release notes](https://github.com/SocketDev/socket-lib/releases)
- [Changelog](https://github.com/SocketDev/socket-lib/blob/main/CHANGELOG.md)
- [Commits](SocketDev/socket-lib@v5.5.3...v5.6.0)

---
updated-dependencies:
- dependency-name: "@socketsecurity/lib"
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 16, 2026
@socket-security
Copy link

socket-security bot commented Feb 16, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​@​socketsecurity/​lib@​5.5.3 ⏵ 5.6.0100100100100100
Updatednpm/​@​socketsecurity/​sdk@​3.2.0 ⏵ 3.3.0100100100100100

View full report

@socket-security-staging
Copy link

socket-security-staging bot commented Feb 16, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatednpm/​@​socketsecurity/​lib@​5.5.3 ⏵ 5.6.0100100100100100
Updatednpm/​@​socketsecurity/​sdk@​3.2.0 ⏵ 3.3.0100100100100100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants