Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency @npmcli/arborist to v6.5.0 #9517

Merged
merged 1 commit into from
Nov 16, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 16, 2023

Mend Renovate logo banner

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@npmcli/arborist 6.2.10 -> 6.5.0 age adoption passing confidence

Release Notes

npm/cli (@​npmcli/arborist)

v6.5.0

Compare Source

NEW FEATURES
BUGFIXES
DOCS UPDATES
DEPENDENCIES
MISCELLANEOUS

v6.4.0

Compare Source

NEW FEATURES
  • 6e9f04b0b npm/cli#8 Search for authentication token defined by environment variables by preventing the translation layer from env variable to npm option from breaking :_authToken. (@​mkhl)
  • 84bfd23e7 npm/cli#35 Stop filtering out non-IPv4 addresses from local-addrs, making npm actually use IPv6 addresses when it must. (@​valentin2105)
  • 792c8c709 npm/cli#31 configurable audit level for non-zero exit npm audit currently exits with exit code 1 if any vulnerabilities are found of any level. Add a flag of --audit-level to npm audit to allow it to pass if only vulnerabilities below a certain level are found. Example: npm audit --audit-level=high will exit with 0 if only low or moderate level vulns are detected. (@​lennym)
BUGFIXES
DEPENDENCY UPDATES

A very special dependency update event! Since the release of [email protected], an awkward version conflict that was preventing request from begin flattened was resolved. This means two things:

  1. We've cut down the npm tarball size by another 200kb, to 4.6MB
  2. npm audit now shows no vulnerabilities for npm itself!

Thanks, @​rvagg!

DOCUMENTATION

v6.3.0

Features
Bug Fixes
Dependencies

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot enabled auto-merge (squash) November 16, 2023 00:10
@jtoar jtoar added this to the next-release milestone Nov 16, 2023
@jtoar jtoar added the release:chore This PR is a chore (means nothing for users) label Nov 16, 2023
@renovate renovate bot merged commit 3e87c10 into main Nov 16, 2023
34 of 36 checks passed
@renovate renovate bot deleted the renovate/npmcli-arborist-6.x branch November 16, 2023 00:38
@jtoar jtoar modified the milestones: next-release, chore Nov 17, 2023
jtoar pushed a commit that referenced this pull request Nov 17, 2023
[![Mend Renovate logo
banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [@npmcli/arborist](https://togithub.com/npm/cli) | [`6.2.10` ->
`6.5.0`](https://renovatebot.com/diffs/npm/@npmcli%2farborist/6.2.10/6.5.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@npmcli%2farborist/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@npmcli%2farborist/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@npmcli%2farborist/6.2.10/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@npmcli%2farborist/6.2.10/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>npm/cli (@&#8203;npmcli/arborist)</summary>

### [`v6.5.0`](https://togithub.com/npm/cli/releases/tag/v6.5.0)

[Compare Source](https://togithub.com/npm/cli/compare/v6.4.0...v6.5.0)

##### NEW FEATURES

-
[`fc1a8d185`](https://togithub.com/npm/cli/commit/fc1a8d185fc678cdf3784d9df9eef9094e0b2dec)
Backronym `npm ci` to `npm clean-install`.
([@&#8203;zkat](https://togithub.com/zkat))
-
[`4be51a9cc`](https://togithub.com/npm/cli/commit/4be51a9cc65635bb26fa4ce62233f26e0104bc20)
[#&#8203;81](https://togithub.com/npm/cli/pull/81) Adds 'Homepage' to
outdated --long output.
([@&#8203;jbottigliero](https://togithub.com/jbottigliero))

##### BUGFIXES

-
[`89652cb9b`](https://togithub.com/npm/cli/commit/89652cb9b810f929f5586fc90cc6794d076603fb)
[npm.community#1661](https://npm.community/t/https://npm.community/t/1661)
Fix sign-git-commit options. They were previously totally wrong.
([@&#8203;zkat](https://togithub.com/zkat))
-
[`414f2d1a1`](https://togithub.com/npm/cli/commit/414f2d1a1bdffc02ed31ebb48a43216f284c21d4)
[npm.community#1742](https://npm.community/t/npm-audit-making-non-rfc-compliant-requests-to-server-resulting-in-400-bad-request-pr-with-fix/1742)
Set lowercase headers for npm audit requests.
([@&#8203;maartenba](https://togithub.com/maartenba))
-
[`a34246baf`](https://togithub.com/npm/cli/commit/a34246bafe73218dc9e3090df9ee800451db2c7d)
[#&#8203;75](https://togithub.com/npm/cli/pull/75) Fix `npm edit`
handling of scoped packages.
([@&#8203;larsgw](https://togithub.com/larsgw))\*
[`d3e8a7c72`](https://togithub.com/npm/cli/commit/d3e8a7c7240dd25379a5bcad324a367c58733c73)
[npm.community#2303](https://npm.community/t/npm-ci-logs-success-to-stderr/2303)
Make summary output for `npm ci` go to `stdout`, not `stderr`.
([@&#8203;alopezsanchez](https://togithub.com/alopezsanchez))
-
[`71d8fb4a9`](https://togithub.com/npm/cli/commit/71d8fb4a94d65e1855f6d0c5f2ad2b7c3202e3c4)
[npm.community#1377](https://npm.community/t/unhelpful-error-message-when-publishing-without-logging-in-error-eperm-operation-not-permitted-unlink/1377/3)
Close the file descriptor during publish if exiting upload via an error.
This will prevent strange error messages when the upload fails and make
sure
cleanup happens correctly.
([@&#8203;macdja38](https://togithub.com/macdja38))

##### DOCS UPDATES

-
[`b1a8729c8`](https://togithub.com/npm/cli/commit/b1a8729c80175243fbbeecd164e9ddd378a09a50)
[#&#8203;60](https://togithub.com/npm/cli/pull/60) Mention --otp flag
when prompting for OTP. ([@&#8203;bakkot](https://togithub.com/bakkot))
-
[`bcae4ea81`](https://togithub.com/npm/cli/commit/bcae4ea8173e489a76cc226bbd30dd9eabe21ec6)
[#&#8203;64](https://togithub.com/npm/cli/pull/64) Clarify that git
dependencies use the default branch, not just `master`.
([@&#8203;zckrs](https://togithub.com/zckrs))
-
[`15da82690`](https://togithub.com/npm/cli/commit/15da8269032bf509ade3252978e934f2a61d4499)
[#&#8203;72](https://togithub.com/npm/cli/pull/72) `bash_completion.d`
dir is sometimes found in `/etc` not `/usr/local`.
([@&#8203;RobertKielty](https://togithub.com/RobertKielty))
-
[`8a6ecc793`](https://togithub.com/npm/cli/commit/8a6ecc7936dae2f51638397ff5a1d35cccda5495)
[#&#8203;74](https://togithub.com/npm/cli/pull/74) Update OTP
documentation for `dist-tag add` to clarify `--otp` is needed right now.
([@&#8203;scotttrinh](https://togithub.com/scotttrinh))
-
[`dcc03ec85`](https://togithub.com/npm/cli/commit/dcc03ec858bddd7aa2173b5a86b55c1c2385a2a3)
[#&#8203;82](https://togithub.com/npm/cli/pull/82) Note that `prepare`
runs when installing git dependencies.
([@&#8203;seishun](https://togithub.com/seishun))
-
[`a91a470b7`](https://togithub.com/npm/cli/commit/a91a470b71e08ccf6a75d4fb8c9937789fa8d067)
[#&#8203;83](https://togithub.com/npm/cli/pull/83) Specify that
--dry-run isn't available in older versions of npm publish.
([@&#8203;kjin](https://togithub.com/kjin))
-
[`1b2fabcce`](https://togithub.com/npm/cli/commit/1b2fabccede37242233755961434c52536224de5)
[#&#8203;96](https://togithub.com/npm/cli/pull/96) Fix inline code tag
issue in docs. ([@&#8203;midare](https://togithub.com/midare))
-
[`6cc70cc19`](https://togithub.com/npm/cli/commit/6cc70cc1977e58a3e1ea48e660ffc6b46b390e59)
[#&#8203;68](https://togithub.com/npm/cli/pull/68) Add semver link and a
note on empty string format to `deprecate` doc.
([@&#8203;neverett](https://togithub.com/neverett))
-
[`61dbbb7c3`](https://togithub.com/npm/cli/commit/61dbbb7c3474834031bce88c423850047e8131dc)
Fix semver docs after version update.
([@&#8203;zkat](https://togithub.com/zkat))
-
[`4acd45a3d`](https://togithub.com/npm/cli/commit/4acd45a3d0ce92f9999446226fe7dfb89a90ba2e)
[#&#8203;78](https://togithub.com/npm/cli/pull/78) Correct spelling
across various docs. ([@&#8203;hugovk](https://togithub.com/hugovk))

##### DEPENDENCIES

-
[`4f761283e`](https://togithub.com/npm/cli/commit/4f761283e8896d0ceb5934779005646463a030e8)
`[email protected]` ([@&#8203;zkat](https://togithub.com/zkat))
-
[`3706db0bc`](https://togithub.com/npm/cli/commit/3706db0bcbc306d167bb902362e7f6962f2fe1a1)
[npm.community#1764](https://npm.community/t/crash-invalid-config-key-requested-error/1764)
`[email protected]` ([@&#8203;zkat](https://togithub.com/zkat))
-
[`83c2b117d`](https://togithub.com/npm/cli/commit/83c2b117d0b760d0ea8d667e5e4bdfa6a7a7a8f6)
`[email protected]`
([@&#8203;petkaantonov](https://togithub.com/petkaantonov))
-
[`2702f46bd`](https://togithub.com/npm/cli/commit/2702f46bd7284fb303ca2119d23c52536811d705)
`[email protected]` ([@&#8203;watson](https://togithub.com/watson))
-
[`4db6c3898`](https://togithub.com/npm/cli/commit/4db6c3898b07100e3a324e4aae50c2fab4b93a04)
`[email protected]`:2 ([@&#8203;dawsbot](https://togithub.com/dawbot))
-
[`70bee4f69`](https://togithub.com/npm/cli/commit/70bee4f69bb4ce4e18c48582fe2b48d8b4aba566)
`[email protected]` ([@&#8203;isaacs](https://togithub.com/isaacs))
-
[`e469fd6be`](https://togithub.com/npm/cli/commit/e469fd6be95333dcaa7cf377ca3620994ca8d0de)
`[email protected]`: Fix browser opening under Windows Subsystem for Linux
(WSL). ([@&#8203;thijsputman](https://togithub.com/thijsputman))
-
[`03840dced`](https://togithub.com/npm/cli/commit/03840dced865abdca6e6449ea030962e5b19db0c)
    `[email protected]`  ([@&#8203;iarna](https://togithub.com/iarna))
-
[`161dc0b41`](https://togithub.com/npm/cli/commit/161dc0b4177e76306a0e3b8660b3b496cc3db83b)
`[email protected]`
([@&#8203;petkaantonov](https://togithub.com/petkaantonov))
-
[`bb6f94395`](https://togithub.com/npm/cli/commit/bb6f94395491576ec42996ff6665df225f6b4377)
`[email protected]`:5 ([@&#8203;isaacs](https://togithub.com/isaacs))
-
[`43b1f4c91`](https://togithub.com/npm/cli/commit/43b1f4c91fa1d7b3ebb6aa2d960085e5f3ac7607)
`[email protected]` ([@&#8203;isaacs](https://togithub.com/isaacs))
-
[`ab62afcc4`](https://togithub.com/npm/cli/commit/ab62afcc472de82c479bf91f560a0bbd6a233c80)
`[email protected]`:2 ([@&#8203;isaacs](https://togithub.com/isaacs))
-
[`027f06be3`](https://togithub.com/npm/cli/commit/027f06be35bb09f390e46fcd2b8182539939d1f7)
`[email protected]` ([@&#8203;watson](https://togithub.com/watson))

##### MISCELLANEOUS

-
[`27217dae8`](https://togithub.com/npm/cli/commit/27217dae8adbc577ee9cb323b7cfe9c6b2493aca)
[#&#8203;70](https://togithub.com/npm/cli/pull/70) Automatically audit
dependency licenses for npm itself.
([@&#8203;kemitchell](https://togithub.com/kemitchell))

### [`v6.4.0`](https://togithub.com/npm/cli/releases/tag/v6.4.0)

[Compare Source](https://togithub.com/npm/cli/compare/v6.3.0...v6.4.0)

##### NEW FEATURES

-
[`6e9f04b0b`](https://togithub.com/npm/cli/commit/6e9f04b0baed007169d4e0c341f097cf133debf7)
[npm/cli#8](https://togithub.com/npm/cli/pull/8) Search for
authentication token defined by environment variables by preventing the
translation layer from env variable to npm option from breaking
`:_authToken`. ([@&#8203;mkhl](https://togithub.com/mkhl))
-
[`84bfd23e7`](https://togithub.com/npm/cli/commit/84bfd23e7d6434d30595594723a6e1976e84b022)
[npm/cli#35](https://togithub.com/npm/cli/pull/35) Stop filtering out
non-IPv4 addresses from `local-addrs`, making npm actually use IPv6
addresses when it must.
([@&#8203;valentin2105](https://togithub.com/valentin2105))
-
[`792c8c709`](https://togithub.com/npm/cli/commit/792c8c709dc7a445687aa0c8cba5c50bc4ed83fd)
[npm/cli#31](https://togithub.com/npm/cli/pull/31) configurable audit
level for non-zero exit `npm audit` currently exits with exit code 1 if
any vulnerabilities are found of any level. Add a flag of
`--audit-level` to `npm audit` to allow it to pass if only
vulnerabilities below a certain level are found. Example: `npm audit
--audit-level=high` will exit with 0 if only low or moderate level vulns
are detected. ([@&#8203;lennym](https://togithub.com/lennym))

##### BUGFIXES

-
[`d81146181`](https://togithub.com/npm/cli/commit/d8114618137bb5b9a52a86711bb8dc18bfc8e60c)
[npm/cli#32](https://togithub.com/npm/cli/pull/32) Don't check for
updates to npm when we are updating npm itself.
([@&#8203;olore](https://togithub.com/olore))

##### DEPENDENCY UPDATES

A very special dependency update event! Since the [release of
`[email protected]`](https://togithub.com/nodejs/node-gyp/pull/1521), an
awkward version conflict that was preventing `request` from begin
flattened was resolved. This means two things:

1.  We've cut down the npm tarball size by another 200kb, to 4.6MB
2.  `npm audit` now shows no vulnerabilities for npm itself!

Thanks, [@&#8203;rvagg](https://togithub.com/rvagg)!

-
[`866d776c2`](https://togithub.com/npm/cli/commit/866d776c27f80a71309389aaab42825b2a0916f6)
`[email protected]` ([@&#8203;simov](https://togithub.com/simov))
-
[`f861c2b57`](https://togithub.com/npm/cli/commit/f861c2b579a9d4feae1653222afcefdd4f0e978f)
`[email protected]` ([@&#8203;rvagg](https://togithub.com/rvagg))
-
[`32e6947c6`](https://togithub.com/npm/cli/commit/32e6947c60db865257a0ebc2f7e754fedf7a6fc9)
[npm/cli#39](https://togithub.com/npm/cli/pull/39) `[email protected]`:
REVERT REVERT, newer versions of this library are broken and print ansi
codes even when disabled. ([@&#8203;iarna](https://togithub.com/iarna))
-
[`beb96b92c`](https://togithub.com/npm/cli/commit/beb96b92caf061611e3faafc7ca10e77084ec335)
`[email protected]` ([@&#8203;zkat](https://togithub.com/zkat))
-
[`348fc91ad`](https://togithub.com/npm/cli/commit/348fc91ad223ff91cd7bcf233018ea1d979a2af1)
`[email protected]`: Fixes errors with empty or
string-only license fields.
([@&#8203;Gudahtt](https://togithub.com/Gudahtt))
-
[`e57d34575`](https://togithub.com/npm/cli/commit/e57d3457547ef464828fc6f82ae4750f3e511550)
`[email protected]` ([@&#8203;shesek](https://togithub.com/shesek))
-
[`46f1c6ad4`](https://togithub.com/npm/cli/commit/46f1c6ad4b2fd5b0d7ec879b76b76a70a3a2595c)
`[email protected]` ([@&#8203;isaacs](https://togithub.com/isaacs))
-
[`50df1bf69`](https://togithub.com/npm/cli/commit/50df1bf691e205b9f13e0fff0d51a68772c40561)
`[email protected]` ([@&#8203;iarna](https://togithub.com/iarna))
([@&#8203;Erveon](https://togithub.com/Erveon))
([@&#8203;huochunpeng](https://togithub.com/huochunpeng))

##### DOCUMENTATION

-
[`af98e76ed`](https://togithub.com/npm/cli/commit/af98e76ed96af780b544962aa575585b3fa17b9a)
[npm/cli#34](https://togithub.com/npm/cli/pull/34) Remove `npm publish`
from list of commands not affected by `--dry-run`.
([@&#8203;joebowbeer](https://togithub.com/joebowbeer))
-
[`e2b0f0921`](https://togithub.com/npm/cli/commit/e2b0f092193c08c00f12a6168ad2bd9d6e16f8ce)
[npm/cli#36](https://togithub.com/npm/cli/pull/36) Tweak formatting in
repository field examples.
([@&#8203;noahbenham](https://togithub.com/noahbenham))
-
[`e2346e770`](https://togithub.com/npm/cli/commit/e2346e7702acccefe6d711168c2b0e0e272e194a)
[npm/cli#14](https://togithub.com/npm/cli/pull/14) Used `process.env`
examples to make accessing certain `npm run-scripts` environment
variables more clear. ([@&#8203;mwarger](https://togithub.com/mwarger))

###
[`v6.3.0`](https://togithub.com/npm/cli/blob/HEAD/workspaces/arborist/CHANGELOG.md#630-2023-07-05)

##### Features

-
[`67459e7`](https://togithub.com/npm/cli/commit/67459e7b56a5e8d2b4f8eb3a0487183013c63b99)
[#&#8203;6626](https://togithub.com/npm/cli/pull/6626) add `pkg fix`
subcommand ([@&#8203;wraithgar](https://togithub.com/wraithgar))

##### Bug Fixes

-
[`c61e037`](https://togithub.com/npm/cli/commit/c61e0376408240590bfc712fe9fdadd7dc9a48bc)
[#&#8203;6626](https://togithub.com/npm/cli/pull/6626) use new
load/create syntax for package-json
([@&#8203;wraithgar](https://togithub.com/wraithgar))

##### Dependencies

-
[`b252164`](https://togithub.com/npm/cli/commit/b252164dd5c866bf2d25c96836ad829d4d6909ee)
[#&#8203;6626](https://togithub.com/npm/cli/pull/6626)
`@npmcli/[email protected]`

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/redwoodjs/redwood).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@Josh-Walker-GM Josh-Walker-GM modified the milestones: chore, v8.0.0 Sep 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release:chore This PR is a chore (means nothing for users)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants