Merged
Conversation
renovate
bot
force-pushed
the
renovate/npm-10.x
branch
2 times, most recently
from
7e02624 to
04db40b
Compare
renovate
bot
force-pushed
the
renovate/npm-10.x
branch
7 times, most recently
from
552993a to
ac97330
Compare
renovate
bot
force-pushed
the
renovate/npm-10.x
branch
2 times, most recently
from
8773ff1 to
8dc196a
Compare
| datasource | package | from | to | | ---------- | ------- | ----- | ------ | | npm | npm | 9.9.3 | 10.5.2 | Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate
bot
force-pushed
the
renovate/npm-10.x
branch
from
8dc196a to
ebed040
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^9.6.0->^10.0.0Release Notes
npm/cli (npm)
v10.5.2Compare Source
Bug Fixes
ef381b1#7363 use @npmcli/redact for url cleaning (#7363) (@lukekarrys)3760dd2#7361 perf: do less work loading config (#7361) (@wraithgar)64bcf4c#7360 perf: only initialize workpaces when we are inside a workspace (#7360) (@H4ad)5a28a29#7352 perf: lazy load workspace dependency (#7352) (@H4ad)5fc0f9d#7347 lazy load validate npm package name on error message (#7347) (@H4ad)c929ed1#7321 prioritize CLI flags over publishConfig settings (#7321) (@roni-berlin)70497cb#7346 perf: avoid importing the entire semver package for update-notifier (#7346) (@H4ad)Documentation
90ba1c9#7340 fix incorrect ISO 8601 reference (#7340) (@emmanuel-ferdman)Dependencies
699a1de#7362@npmcli/map-workspaces@3.0.649fb9b7#7362socks@2.8.3f69052e#7362@npmcli/package-json@5.0.2c18a0ad#7357sigstore@2.3.0fd4153b#7357socks@2.8.2d6b705a#7357postcss-selector-parser@6.0.16248c177#7357hasown@2.0.24af9e86#7357builtins@5.1.07546b56#7357@npmcli/agent@2.2.2d38fd4f#7357spdx-expression-parse@4.0.0913b326#7357is-cidr@5.0.584bbbd4#7357@npmcli/package-json@5.0.1a0f5048#7357@npmcli/git@5.0.5@npmcli/arborist@7.4.2@npmcli/config@8.2.2libnpmdiff@6.0.9libnpmexec@7.0.10libnpmfund@5.0.7libnpmpack@6.0.9Chores
81be28d#7357 dev dependency updates (@wraithgar)v10.5.1Compare Source
Bug Fixes
17d97d2#7334 use @npmcli/redact for log redactions (@lukekarrys)8cab136#7324 ensure maxSockets is respected (#7324) (@lukekarrys)9bffa13#7320 query: properly return :missing nodes (#7320) (@wraithgar)9d4e85f#7297 search: include searchlimit option in help output (#7297) (@10xLaCroixDrinker)bdb3c28#7274 added check for dry-run (#7274) (@cod1r)7f1ab88#7271 more lightweight npm bin discovery in windows (#7271) (@wraithgar)Documentation
1da5cf0#7198 add link to engines section (#7198) (@uiolee)1114a12#7307 fix incorrect npm audit key response link (#7307) (@davidlj95)9807caf#7304 update audit docs with provenance info (#7304) (@bdehamer)e1ecfa7#7285 Correct capitalization for URL (#7285) (@coliff)Dependencies
87a61fc#7334npm-registry-fetch@16.2.05469614#7327init-package-json@6.0.25469614#7327promzard@1.0.15469614#7327read@3.0.1(#7327)9ccff72#7329tar@6.2.17201a00#7329node-gyp@10.1.06fd94f2#7329minimatch@9.0.4b048592#7329ini@4.1.2c54a84a#7329glob@10.3.126853531#7329cli-table3@​0.6.4c9315cb#7329binary-extensions@2.3.05bb0031#7329@sigstore/tuf@2.3.28cab136#7324agent-base@7.1.1(@lukekarrys)@npmcli/arborist@7.4.1@npmcli/config@8.2.1libnpmaccess@8.0.3libnpmdiff@6.0.8libnpmexec@7.0.9libnpmfund@5.0.6libnpmhook@10.0.2libnpmorg@6.0.3libnpmpack@6.0.8libnpmpublish@9.0.5libnpmsearch@7.0.2libnpmteam@6.0.2Chores
8cab136#7324 add smoke-test for large prod installs (@lukekarrys)0dab381#7258jsdom@24.0.0(#7258) (@wraithgar)af3c48e#7262 test refactor (#7262) (@wraithgar)v10.5.0Compare Source
Features
2366edc#7218 query: add :vuln pseudo selector (@wraithgar)4f3ddbb#5966 add --expect-entries tonpm query(@wraithgar)Bug Fixes
818957c#7158 pack, publish: default foreground-scripts to true (#7158) (@ljharb)d04111d#7197 view: filter out invalid semver (#7197) (@wraithgar)b0a3ba0#7195 prevent adding invalid dist-tag (#7195) (@wraithgar)Documentation
c4741fe#7254 Remove additional example and comments about uninstall script (#7254) (@rveerd)686a622#7247 scope: update example command to work in windows (#7247) (@robertobasile84)95b5057#5966 clarify in-range and out-of-range in dependency selectors (@wraithgar)5b7184f#7190 workspaces: fix grammar (#7190) (@alekstech)0dd03f9#7182 fix typos (#7182) (@GoodDaisy)Dependencies
16d4c9f#7218@npmcli/query@3.1.006247d1#7242spdx-license-ids@3.0.1779d1e0b#7242spdx-exceptions@2.5.067e853a#7242socks@2.8.04c9fe4b#7242lru-cache@10.2.04a50c5a#7242https-proxy-agent@7.0.4ed3f254#7242http-proxy-agent@7.0.28ec4fd5#7242hasown@2.0.198b1189#7242@npmcli/agent@2.2.1dafa903#7242sigstore@2.2.2d0bcb76#7242diff@5.2.0a13808e#7242semver@7.6.0d6521ac#7242@sigstore/tuf@2.3.143cac2f#7242ip@2.0.1@npmcli/arborist@7.4.0@npmcli/config@8.2.0libnpmdiff@6.0.7libnpmexec@7.0.8libnpmfund@5.0.5libnpmpack@6.0.7Chores
d6bc684#7242 update devDependencies in lockfile (@wraithgar)v10.4.0Compare Source
Features
35a098c#7175 display tree diff on--long(@wraithgar)dffca29#7174 format: print--dry-rundiffs in table format (#7174) (@ritaaktay)6d5f9ac#7133 dedupe - display difference when--dry-runis enabled (#7133) (@Blaumaus)Bug Fixes
ec06f77#7175 inline diff table code w/ summary code (@wraithgar)d4ebfba#7157 use util.stripVTControlCharacters instead of strip-ansi (@wraithgar)81c95c7#7063 don't reset update notifier duration on every check (#7063) (@wraithgar)Documentation
2b7eaad#7168 package-json: Reword warning about publishing local dependencies (#7168) (@DanKaplanSES)67ab0f7#7142 update: Replace comma with period in run on sentence (#7142) (@DanKaplanSES)05c69dc#7150 config: State default configuration file affected bynpm config set(#7150) (@DanKaplanSES)44f4518#7149 Link to the config command in the npm configuration description (#7149) (@DanKaplanSES)dd5699f#7152 update: Fix a typo and remove unneeded statement (#7152) (@DanKaplanSES)Dependencies
ec77e81#7124promise-call-limit@3.0.1e32189c#7173 deduplicate treeb7af4d9#7173tar-stream@3.1.76883743#7173@npmcli/run-script@7.0.4739634d#7157 remove strip-ansi162c82e#7148pacote@17.0.6(#7148) (@bdehamer)a50b03b#7141sigstore@2.2.0(#7141) (@bdehamer)f696b51#7132@sigstore/tuf@2.3.0(#7132) (@bdehamer)@npmcli/arborist@7.3.1libnpmdiff@6.0.6libnpmexec@7.0.7libnpmfund@5.0.4libnpmpack@6.0.6libnpmpublish@9.0.4Chores
a82ccc5#7173nock@13.5.0(@wraithgar)dcaa99c#7173 fix exec test (@wraithgar)0d96080#7162 release: do not exclude docs directory from CLI release commits (#7162) (@lukekarrys)v10.3.0Compare Source
Features
6673c77#6914 add--libcoption to override platform specific install (#6914) (@wraithgar, @Brooooooklyn)Bug Fixes
b7fc10a#7113 filter C0 and C1 control characters from logs and cli output (#7113) (@wraithgar)Dependencies
3fd5213#7121npm-packlist@8.0.25698415#7121postcss-selector-parser@6.0.15e56a4f3#7121are-we-there-yet@4.0.28495b7c#7121cacache@18.0.2796d1c7#7121@npmcli/run-script@7.0.33b7f6f2#7121@npmcli/promise-spawn@7.0.17ecd146#7121npmcli/git@5.0.4@npmcli/arborist@7.3.0@npmcli/config@8.1.0libnpmdiff@6.0.5libnpmexec@7.0.6libnpmfund@5.0.3libnpmpack@6.0.5Chores
2fd8292#7121 work around @npmcli/git lazy loading (@wraithgar)cd9a66d#7121 update devDependencies in lockfile (@wraithgar)2dda715#7121tap@16.3.10(@wraithgar)v10.2.5Compare Source
Bug Fixes
c7a592c#7061 dont use cache for update notifier manifest request (@lukekarrys)7b952f6#7049 unpublish: bubble up all errors parsing local package.json (#7049) (@wraithgar)be4741f#7039 unpublish bugfixes (#7039) (@wraithgar)bc7f53d#7036 reverse direction of SPDX SBOM dependency rels (#7036) (@bdehamer, @antonbauhofer)11ec231#7033 skip creation of log directory iflogs-maxis set to 0 (#7033) (@JJ)6267f54#7005 properly catch missing url opener error on interactive prompt (#7005) (@wraithgar)Dependencies
ff1204a#7058lru-cache@10.1.0c648020#7058json-parse-even-better-errors@3.0.153aa8f2#7058pacote@17.0.52e5331c#7058npm-packlist@8.0.1937b7b7#7058ignore-walk@6.0.435371c8#7058cacache@18.0.1@npmcli/arborist@7.2.2@npmcli/config@8.0.3libnpmaccess@8.0.2libnpmdiff@6.0.4libnpmexec@7.0.5libnpmfund@5.0.2libnpmhook@10.0.1libnpmorg@6.0.2libnpmpack@6.0.4libnpmpublish@9.0.3libnpmsearch@7.0.1libnpmteam@6.0.1libnpmversion@5.0.2Chores
f656b66#7062@npmcli/template-oss@4.21.3(#7062) (@lukekarrys)9754b17#7051 use global npm for workspace tests (@lukekarrys)3891757#7051@npmcli/template-oss@4.21.2(@lukekarrys)71f70fa#7058nock@13.4.0(@wraithgar)43674a4#7058tap@16.3.9(@wraithgar)4ba585c#7040 fix tests for zlib differences between node versions (#7040) (@wraithgar)v10.2.4Compare Source
Bug Fixes
cd291e7#6995 refactor search formatting code (#6995) (@wraithgar)f3a7380#6973 look in workspace for exec commands (#6973) (@wraithgar)d11496b#6977 pkg: properly output in workspace mode (#6977) (@wraithgar)0f70088#6969 correctly handle object licenses in SBOM generation (#6969) (@jamietanna)dce3b08#6951 properly catch missing url opener error (#6951) (@wraithgar)Documentation
a38836c#6616 add path usage for view command (#6616) (@RobinKnipe)da18e4f#6987 update npm-prune description (#6987) (@Eomm)Dependencies
e9ec2f7#6994lru-cache@10.0.2faf9eff#6994is-core-module@2.13.1b00e780#6994@sigstore/sign@2.2.04613774#6994 hoisting newer deps in favor of older ones54c4f7b#6994signal-exit@4.1.08c5882f#6994strip-ansi@7.1.0cd0c649#6994ci-info@4.0.0a0a58b7#6994@sigstore/tuf@2.2.0b3a53c6#6949is-cidr@5.0.3(#6949)@npmcli/config@8.0.2libnpmexec@7.0.4libnpmpublish@9.0.2v10.2.3Compare Source
Dependencies
b5dedf3#6958node-gyp@10.0.1v10.2.2Compare Source
Bug Fixes
8ed6d28#6910 make npm link respect --no-save (#6910) (@Santoshraj2)eacec5f#6941 add back bin/node-gyp-bin/node-gyp files (#6941) (@lukekarrys)b776753#6928 Grammar mistake in authentication error message (#6928) (@Gekuro, gek)Documentation
c422a01#6924 use markdown links instead of html (@lukekarrys)dd03aa0#6921 add v9 and above for lockfile version 3 (#6921) (@MikeMcC399)Dependencies
dfb6298#6937node-gyp@10.0.0(#6937)@npmcli/arborist@7.2.1libnpmdiff@6.0.3libnpmexec@7.0.3libnpmfund@5.0.1libnpmpack@6.0.3libnpmversion@5.0.1v10.2.1Compare Source
Bug Fixes
35c92fe#6902 Add check to pkg command to deal with empty values (#6902) (@NeonArray)5b6172f#6895 logout from custom registry (@wraithgar)8423d4f#6895 delete auth from proper location on logout (@wraithgar)0cfe9de#6873 audit: spelling error in message (#6873) (@Fdawgs)Documentation
5142735#6894 update npm build description (#6894) (@siemhesda)2e4b4ad#6861 npm publish content modification (#6861) (@jpg619)Dependencies
96e1637#6915cmd-shim@6.0.2(#6915)b405da1#6899bin-links@4.0.3ef69d36#6895npm-registry-fetch@16.1.0337c903#6882spdx-license-ids@3.0.16e6b0be7#6882socks-proxy-agent@8.0.2ee6892e#6882readable-stream@4.4.261c3ee9#6882minipass@7.0.414d31fd#6882is-core-module@2.13.003f3d2e#6882https-proxy-agent@7.0.2e0163c6#6882are-we-there-yet@4.0.1fca804a#6882ci-info@3.9.06af582f#6882npm-install-checks@6.3.0@npmcli/config@8.0.1v10.2.0Compare Source
Features
7c459d2#6801 add npm sbom command (#6801) (@bdehamer)81a460f#6732 add package-lock-only mode to npm query (@wraithgar)0d29855#6732 add no-package-lock mode to npm audit (@wraithgar)Bug Fixes
2207628#6823 use strip-ansi module instead of internal regex (#6823) (@wraithgar)d46d052#6798 tolerate null bugs URLs (#6798) (@vladh)fb1b674#6758 deprecate: ignore implicit workspace mode (#6758) (@wraithgar)Documentation
68031f2#6844 updateCONTRIBUTING.mdto prevent errors (#6844) (@darcyclarke)3ac703c#6831 addincludeparam to commands that haveomitparam (#6831) (@siemhesda)03912db#6819 add init-specific params to init docs/help (#6819) (@wraithgar)8088325#6800 Update npm-doctor.md (#6800) (@siemhesda)Dependencies
aa6728b#6859tar@6.2.0ce9089f#6859npm-package-arg@11.0.139d7f04#6859minipass@7.0.40a47af5#6859hosted-git-info@7.0.1af93130#6859glob@10.3.103ebc474#6859@npmcli/query@3.0.1284cbfd#6858@npmcli/agent@2.2.0@npmcli/arborist@7.2.0@npmcli/config@8.0.0libnpmaccess@8.0.1libnpmdiff@6.0.2libnpmexec@7.0.2libnpmfund@5.0.0libnpmorg@6.0.1libnpmpack@6.0.2libnpmpublish@9.0.1v10.1.0Compare Source
Features
1c93c44#6755 Add--cpuand--osoption to override platform specific install (#6755) (@yukukotani)Bug Fixes
7bf2374#6762 make$npm_execpathalways point to npm (@rotu)Documentation
09d8e0a#6759 fix versions of node.js in readme (#6759) (@JoaoOtavioS)Dependencies
f76066a#6771@npmcli/agent@2.1.1@npmcli/arborist@7.1.0@npmcli/config@7.2.0libnpmdiff@6.0.1libnpmexec@7.0.1libnpmfund@4.1.1libnpmpack@6.0.1v10.0.0Compare Source
Features
48a7b07remove prerelease flags (@lukekarrys)Dependencies
@npmcli/arborist@7.0.0@npmcli/config@7.1.0libnpmaccess@8.0.0libnpmdiff@6.0.0libnpmexec@7.0.0libnpmfund@4.1.0libnpmhook@10.0.0libnpmorg@6.0.0libnpmpack@6.0.0libnpmpublish@9.0.0libnpmsearch@7.0.0libnpmteam@6.0.0libnpmversion@5.0.0Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
Read more information about the use of Renovate Bot within Laminas.