chore(deps): update dependency jscpd to v5

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
jscpd (source)	^4.0.0 → ^5.0.0

---

Release Notes

kucherenko/jscpd (jscpd)

v5.0.8

Compare Source

Bug Fixes

• Prevent mmap exhaustion crashes when scanning repositories with more files than (default 131 072 on Linux). The walker previously held a live per discovered file; each rayon worker now opens and drops its mapping within the processing closure, capping concurrent mappings to the thread-pool size (typically 8–32). Fixes #​813
• Fix not matching relative paths when the scan root is absolute (e.g. CWD). Patterns like now match correctly by comparing against both the relative path and the full absolute path, and bare patterns like gain a prefix to match at any depth. Fixes #​811

v5.0.7

Compare Source

Bug Fixes

• Prevent stack overflow when scanning directories containing deeply-nested JS/TS files (e.g. Bun's with 320K+ nested for-loops). OXC's recursive-descent parser allocates one stack frame per AST nesting level; pathological inputs now exceed the default 8 MiB thread stack. Fixed by building a local rayon with 64 MiB stacks instead of using the global pool (which silently fails on re-init)
• Default to — files exceeding the limit are skipped at walk time, consistent with jscpd v4's behavior. This prevents OXC from ever seeing megabyte-scale generated files that would overflow the stack
• now correctly takes effect on every call (previously silently no-op'd after the first invocation)

v5.0.6

Compare Source

New Features

• v4 config backward compatibility — fields , , , and are now read and applied, matching jscpd v4 behavior
• and are now distinct: matches file-level globs, matches code-level regex patterns (previously conflated)
• path config support — reads scan directories from the field, resolving relative paths against the config file's directory
• npm wrapper package — publishes the same Rust binary under the name on npm with v5.x versioning
• now matches v4 behavior: accepts optional integer value ( exits 1, exits 2); and are now independent
• Performance improvements: memory-mapped file I/O (via ) eliminates heap copies of file contents; SIMD-accelerated line counting (via ); parallel detection pipeline uses to avoid intermediate allocations; JS tokenizer no longer clones source strings before parsing (thanks to @​auterium, #​808)

Bug Fixes

• Fixed to match jscpd v4's behavior (was boolean, now optional integer)
• Fixed unique temp dir generation in reporter tests (added PID to prevent race conditions under parallel test runners)

v5.0.5

Compare Source

v5.0.4

Compare Source

New Features

• CLI alignment with jscpd v4: new --absolute, --ignore-case, --formats-exts, --formats-names flags; fixed --threshold, improved --max-size
• Detection and statistics aligned with jscpd for consistent output across Rust and TypeScript versions
• Side-by-side blame comparison in console-full reporter
• Clone list display in console reporter

Bug Fixes

• HTML reporter now outputs jscpd-report.html at the output_dir root
• Resolved all clippy warnings across workspace
• Fixed unique temp dir generation in tests (use as_nanos() instead of subsec_nanos())

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[w3nl]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric	Results
Complexity	0
Duplication	0

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.}