Update npm to v11.14.1#2634
Open
renovate-sh-app[bot] wants to merge 1 commit into
Open
Conversation
renovate-sh-app
Bot
added
dependencies
Contributor
|
Hello! 👋 This repository uses Auto for releasing packages using PR labels. ✨ This PR can be merged. It will not be considered when calculating future versions of the npm packages and will not appear in the changelogs. |
renovate-sh-app
Bot
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
11.6.1→11.14.1Warning
Some dependencies could not be looked up. Check the warning logs for more information.
Release Notes
npm/cli (npm)
v11.14.1Compare Source
Bug Fixes
dca12cb#9328 remove settings (#9328) (@github-actions[bot], @owlstronaut)v11.14.0Compare Source
Features
45fc5e0#9288 add allow-directory, allow-file, and allow-remote (#9288) (@github-actions[bot], @wraithgar)Bug Fixes
6c17544#9318 sbom: dedupe per-node dependsOn / relationships (#9318) (@github-actions[bot], @mikaelkristiansson)Dependencies
840fe18#9322socks@10.1.1b771289#9322ip-address@10.1.1addffcb#9322cidr-regex@5.0.5Chores
041fd58#9322 dev dependency updates (@owlstronaut)89c505a#9320 add cli-triage team as codeowner (#9320) (@github-actions[bot], @owlstronaut)@npmcli/arborist@9.5.0@npmcli/config@10.9.0libnpmdiff@8.1.7libnpmexec@10.2.7libnpmfund@7.0.21libnpmpack@9.1.7v11.13.0Compare Source
Features
8e8dadb#9246 adduas alias forupdatecommand (#9246) (@github-actions[bot], @Ausoj)Bug Fixes
ecd161b#9258 ignore intended error code (@owlstronaut)Dependencies
8d2fdcd#9272lru-cache@11.3.5e603d36#9272node-gyp@12.3.0d48b7da#9272is-cidr@6.0.4032a5ca#9240@sigstore/protobuf-specs@0.5.133a81e7#9240tinyglobby@0.2.1668dc4a0#9240picomatch@4.0.41bb6703#9240lru-cache@11.3.337059e4#9240diff@8.0.4fb450ab#9240minimatch@10.2.57c4bbbf#9240tar@7.5.13703a3bc#9240minipass-flush@1.0.6Chores
e0724ac#9272 dev dependency updates (@owlstronaut)d249341#9230 don't run npm update in CI (@owlstronaut)@npmcli/arborist@9.4.3libnpmdiff@8.1.6libnpmexec@10.2.6libnpmfund@7.0.20libnpmpack@9.1.6v11.12.1Compare Source
v11.12.0Compare Source
v11.11.1Compare Source
v11.11.0Compare Source
v11.10.1Compare Source
v11.10.0Compare Source
v11.9.0Compare Source
Features
f5f6cf7#8943 config: add --allow-git (@wraithgar)Bug Fixes
2242f25#8952 webauth: improve error messages around webauth in non-TTY (#8952) (@Andarist)Dependencies
332c9f3#8960glob@13.0.1eca02c7#8960minimatch@10.1.2@isaacs/brace-expansion@5.0.1b3f8475#8951minipass-fetch@5.0.1924171b#8951is-cidr@6.0.24404002#8951ci-info@4.4.0b65af73#8951lru-cache@11.2.5164c355#8951tar@7.5.7a74a19c#8951node-gyp@12.2.0e0bc212#8943pacote@21.1.0Chores
4a82a8f#8951 dev dependency updates (@wraithgar)@npmcli/arborist@9.2.0@npmcli/config@10.6.0libnpmdiff@8.1.0libnpmexec@10.2.0libnpmfund@7.0.14libnpmpack@9.1.0v11.8.0Compare Source
Features
545e861#8828 show proxy environment variables in npm config list (Max Black)Bug Fixes
c2f784d#8859 preserve serialNumber UUID in CycloneDX SBOM output #8837 (#8859) (@saksham-malhotra-27)f2c3af7#8840 more intuitive byte formatting boundaries for rounding (#8840) (@watilde)Documentation
3474ec3#8866 fix typo/logic error in npm-dedupe docs (#8866) (@Schweinepriester)5552e46#8797 npm-install: explain package-lock.json behavior (#8797) (@MaxBlack-dev, Max Black)Dependencies
f478ca0#8919postcss-selector-parser@7.1.12b6a71f#8919path-scurry@2.0.119096f2#8919sigstore@4.1.0e7f5d1e#8919lru-cache@11.2.49e756ae#8919ip-address@10.1.0f951820#8919common-ancestor-path@2.0.07a949ad#8919@sigstore/verify@3.1.06979ce1#8919@sigstore/sign@4.1.0b4a6a41#8919@sigstore/core@3.1.0dc8a8e8#8919@sigstore/tuf@4.0.1be221ea#8919validate-npm-package-name@7.0.2149823d#8919diff@8.0.332b2001#8919tar@7.5.4Chores
8f599df#8919 pin jsdom to 27.0.0 (@wraithgar)f4f1161#8919 dev dependency updates (@wraithgar)@npmcli/arborist@9.1.10@npmcli/config@10.5.0libnpmdiff@8.0.13libnpmexec@10.1.12libnpmfund@7.0.13libnpmpack@9.0.13v11.7.0Compare Source
Features
b380d15#8697 add deduping to notices unless in verbose+ mode (@owlstronaut)Bug Fixes
4ebb831#8839 updates hints to use cli paradigm (@owlstronaut)7896e51#8838 update the token list text (@owlstronaut)8ab8668#8836 query: support package-lock-only in workspaces (@watilde)35e8d38#8322 properly handle newlines with input when using the spinner (#8322) (@mbtools)0c0faae#8780 adduser: improve email prompt (#8780) (@mbtools)Documentation
7f2ab9d#8810 scripts: replace deprecated prepublish and install examples with prepare (Max Black)91ebab7#8847 remove note about token create being disabled (@owlstronaut)2030250#8822 scripts: clarify prepare script runs with --production (Max Black)33a50d7#8821 scripts: update npm_package_* environment variables documentation (Max Black)50508f9#8793 package-json: add documentation for type field (#8793) (@MaxBlack-dev, Max Black)aa1dd7e#8823 scripts: document that prepare scripts run concurrently in workspaces (Max Black)3f48487#8820 package-spec: fix alias syntax in examples (Max Black)dd104da#8812 version: add note about git version requirements (Max Black)58afdcc#8792 install: clarify prerelease version range behavior (Max Black)9f818e8#8795 npm-view: clarify object property access syntax and provide examples (Max Black)39c2f2e#8791 add examples for command line flags including --prefix (Max Black)1298530#8790 clarify version field can be omitted in package-lock (Max Black)090b6ca#8794 npx: clarify that arguments are passed to executed command (Max Black)a864f80#8787 document gypfile field in package.json (Max Black)2fc689d#8788 add field access patterns to npm view (Max Black)4850639#8796 package-json: add examples for replacing dependencies with forks in overrides (Max Black)4864dd4#8798 npm-install: document engines field priority when installing packages (Max Black)95d25cd#8799 package-json: clarify repository field normalization during publish (Max Black)a367f9b#8800 package-lock-json: clarify that version field may be omitted for certain dependencies (Max Black)ffc9b71#8801 npm-install: clarify --tag does not override package.json (#8801) (@MaxBlack-dev, Max Black)73688ca#8735 clarify npm version behavior with prerelease versions (#8735) (@yashwantbezawada)4a32606#8785 updates the token create documentation (#8785) (@owlstronaut, @wraithgar)Chores
54929ce#8836 update baseline-browser-mapping (@watilde)Dependencies
@npmcli/arborist@9.1.9@npmcli/config@10.4.5libnpmdiff@8.0.12libnpmexec@10.1.11libnpmfund@7.0.12libnpmpack@9.0.12v11.6.4Compare Source
Documentation
dfb83c7#8749 add example for keywords field (#8749) (@MaxBlack-dev, Max Black)1b1e227#8750 remove outdated roadmap link (#8750) (@MaxBlack-dev, Max Black)1333d57#8752 clarify .npmrc naming convention for environment variable overrides (#8752) (@MaxBlack-dev)22cddb8#8755 add workspace dependencies example to workspaces (Max Black)17e154c#8756 standardize env vars to uppercase convention (Max Black)1e51a25#8754 fix lifecycle event order for prepare script (Max Black)8d72bc9#8753 add os, cpu, and funding fields to package-lock.json (Max Black)Dependencies
f56bb13#8779proc-log@6.1.0(#8779)f963223#8770proggy@4.0.0f51e4aa#8770nopt@9.0.02d15040#8770@npmcli/query@5.0.09d77b84#8770@npmcli/installed-package-contents@4.0.0e2ac092#8770read@5.0.16e5bfd9#8770init-package-json@8.2.47f8e237#8770p-map@7.0.4a4aa218#8770npm-user-validate@4.0.06430446#8770npm-audit-report@7.0.058650dc#8770@npmcli/fs@5.0.04a11146#8770glob@13.0.000511d4#8770@npmcli/cacache@20.0.3224afa2#8770@npmcli/map-workspaces@5.0.3664ac34#8770@npmcli/package-json@7.0.4@npmcli/arborist@9.1.8@npmcli/config@10.4.4libnpmdiff@8.0.11libnpmexec@10.1.10libnpmfund@7.0.11libnpmpack@9.0.11v11.6.3Compare Source
Bug Fixes
c6242d9#8706 change npm profile to create tokens with GAT support (#8706) (@owlstronaut, @wraithgar)cbc6fa9#8731 order of version information in error message (#8731) (@piotrd, @pd-be)11dbd7e#8709 display full token when creating authentication tokens (#8709) (@MaxBlack-dev, Max Black)49a4eef#8676 use look behind regex for trailing slash stripping (#8676) (@wraithgar)b1aee62#8645 dep flag calculation (#8645) (@liamcmitchell)Documentation
ca53c21#8745 add workspace usage examples (#8745) (@MaxBlack-dev, Max Black)e71ca0e#8746 add --save flag to documentation (#8746) (@MaxBlack-dev, Max Black)06510a8#8683 add ignore-scripts option to npm version help and docs (#8683) (@Tejas242)Dependencies
7f72238#8723cacache@20.0.27ac9db8#8723init-package-json@8.2.341e97c6#8723validate-npm-package-name@7.0.06b1fbe1#8723npm-package-arg@13.0.2aa1d486#8723@npmcli/promise-spawn@9.0.1599c819#8723which@6.0.0e49286e#8723ini@5.0.0b7c9f96#8723@npmcli/promise-spawn@9.0.08cc9f70#8723ssri@13.0.00b7274f#8723pacote@21.0.459b3c6a#8723@npmcli/redact@4.0.0578abad#8723node-gyp@12.1.089c4151#8723@npmcli/git@7.0.1c6d109d#8723make-fetch-happen@15.0.334d8599#8723npm-registry-fetch@19.1.14811a86#8723@npmcli/run-script@10.0.36cb77df#8723@npmcli/installed-package-contents@4.0.005ac7a7#8723proc-log@6.0.00a74f6d#8723bin-links@6.0.0c02ce5c#8723@npmcli/package-json@7.0.29c0cefa#8723json-parse-even-better-errors@5.0.0041b9b2#8723parse-conflict-json@5.0.1a1b0fea#8723@npmcli/name-from-folder@4.0.0a085745#8723abbrev@4.0.000d9c7d#8723nopt@9.0.03404dca#8723npm-install-checks@8.0.0542fcf3#8723@npmcli/node-gyp@5.0.089e14d3#8723tar@7.5.25383f3a#8723npm-registry-fetch@19.1.01bb9a7d#8723npm-profile@12.0.1de619a4#8723npm-pick-manifest@11.0.30e042ec#8723npm-packlist@10.0.32a3c338#8723node-gyp@11.5.0b96e86c#8723minimatch@10.1.1d347329#8723exponential-backoff@3.1.3d6830f4#8723@npmcli/run-script@10.0.2bcc7ec8#8723@npmcli/metavuln-calculator@9.0.37a419df#8723@npmcli/map-workspaces@5.0.1Chores
32bdd83#8723 fix package-lock (@wraithgar)4bff14b#8670 write tarball to testDir (#8670) (@wraithgar)679486b#8672 fix lockfile (#8672) (@wraithgar)@npmcli/arborist@9.1.7@npmcli/config@10.4.3libnpmdiff@8.0.10libnpmexec@10.1.9libnpmfund@7.0.10libnpmpack@9.0.10libnpmpublish@11.1.3libnpmversion@8.0.3v11.6.2Compare Source
Bug Fixes
c54d1e9#8633 progress bar code cleanup (#8633) (@wraithgar)d352e27#8629 do not redact notice logs going to stdout (#8629) (@wraithgar)5ac3678#8617 spelling in ./lib and ./test/lib (#8617) (@jsoref)9197995#8619 spelling (#8619) (@jsoref)dd884e3#8618 spelling (#8618) (@jsoref)f6028e6#8614 skip redacting urls meant for opening by the user (#8614) (@wraithgar, @jolyndenning)54fd27f#8602 refactor node.ideallyInert to node.inert (#8602) (@liamcmitchell)79e3c1e#8593 use @npmcli/package-json to normalize package data (@wraithgar)Documentation
0469c5e#8639 rewrap markdown (#8639) (@jsoref)9ceb9c1#8636 rewrap markdown (#8636) (@jsoref)6324370#8616 fix spelling (#8616) (@jsoref)1b0429a#8607 Fix spelling (#8607) (@jsoref)7fbe07a#8603 clean up deprecatednpm accesscommands (#8603) (@jsoref)Dependencies
fa7cc6f#8662ci-info@4.3.1(#8662)b05461b#8663@sigstore/sign@4.0.1(#8663)c31de22#8661 downgrade ci-info to 4.3.0 (#8661) (@wraithgar)c5191b5#8659ci-info@4.3.1f255c92#8659hosted-git-info@9.0.2bdaf323#8659is-cidr@6.0.1a33f106#8659lru-cache@11.2.28044e07#8659npm-package-arg@13.0.1f577504#8659npm-packlist@10.0.29aa4fa6#8659semver@7.7.3fe9484a#8593 remove normalize-package-dataChores
b3409f4#8659 dev dependency updates (@wraithgar)e8de81b#8643 Add automatically generated annotation to dependencies.md (#8643) (@jsoref)67cfaf3#8627 fix spelling: different (#8627) (@jsoref)17ddc0d#8622 fix spelling (#8622) (@jsoref)c3e1790#8605 Remove reference to nonexistent calendar (#8605) (@jsoref)ac9143e#8604 Improve link accessibility for screen reader users (#8604) (@jsoref)62d73e7#8601 remove references to benchmarks workflow (#8601) (@jsoref)bb4b739#8598 remove stale comment (#8598) (@jsoref)f73e65d#8592 fix build url code for remark-github@12 (#8592) (@wraithgar)@npmcli/arborist@9.1.6@npmcli/config@10.4.2libnpmaccess@10.0.3libnpmdiff@8.0.9libnpmexec@10.1.8libnpmfund@7.0.9libnpmpack@9.0.9libnpmpublish@11.1.2Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
Need help?
You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section.