From 4dd7bf2ddf1f9a6c5716c0fb9355169a13ad1198 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 Nov 2023 00:38:08 +0000 Subject: [PATCH] chore(deps): update dependency @npmcli/arborist to v6.5.0 (#9517) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate logo banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@npmcli/arborist](https://togithub.com/npm/cli) | [`6.2.10` -> `6.5.0`](https://renovatebot.com/diffs/npm/@npmcli%2farborist/6.2.10/6.5.0) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@npmcli%2farborist/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@npmcli%2farborist/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@npmcli%2farborist/6.2.10/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@npmcli%2farborist/6.2.10/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
npm/cli (@​npmcli/arborist) ### [`v6.5.0`](https://togithub.com/npm/cli/releases/tag/v6.5.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.4.0...v6.5.0) ##### NEW FEATURES - [`fc1a8d185`](https://togithub.com/npm/cli/commit/fc1a8d185fc678cdf3784d9df9eef9094e0b2dec) Backronym `npm ci` to `npm clean-install`. ([@​zkat](https://togithub.com/zkat)) - [`4be51a9cc`](https://togithub.com/npm/cli/commit/4be51a9cc65635bb26fa4ce62233f26e0104bc20) [#​81](https://togithub.com/npm/cli/pull/81) Adds 'Homepage' to outdated --long output. ([@​jbottigliero](https://togithub.com/jbottigliero)) ##### BUGFIXES - [`89652cb9b`](https://togithub.com/npm/cli/commit/89652cb9b810f929f5586fc90cc6794d076603fb) [npm.community#1661](https://npm.community/t/https://npm.community/t/1661) Fix sign-git-commit options. They were previously totally wrong. ([@​zkat](https://togithub.com/zkat)) - [`414f2d1a1`](https://togithub.com/npm/cli/commit/414f2d1a1bdffc02ed31ebb48a43216f284c21d4) [npm.community#1742](https://npm.community/t/npm-audit-making-non-rfc-compliant-requests-to-server-resulting-in-400-bad-request-pr-with-fix/1742) Set lowercase headers for npm audit requests. ([@​maartenba](https://togithub.com/maartenba)) - [`a34246baf`](https://togithub.com/npm/cli/commit/a34246bafe73218dc9e3090df9ee800451db2c7d) [#​75](https://togithub.com/npm/cli/pull/75) Fix `npm edit` handling of scoped packages. ([@​larsgw](https://togithub.com/larsgw))\* [`d3e8a7c72`](https://togithub.com/npm/cli/commit/d3e8a7c7240dd25379a5bcad324a367c58733c73) [npm.community#2303](https://npm.community/t/npm-ci-logs-success-to-stderr/2303) Make summary output for `npm ci` go to `stdout`, not `stderr`. ([@​alopezsanchez](https://togithub.com/alopezsanchez)) - [`71d8fb4a9`](https://togithub.com/npm/cli/commit/71d8fb4a94d65e1855f6d0c5f2ad2b7c3202e3c4) [npm.community#1377](https://npm.community/t/unhelpful-error-message-when-publishing-without-logging-in-error-eperm-operation-not-permitted-unlink/1377/3) Close the file descriptor during publish if exiting upload via an error. This will prevent strange error messages when the upload fails and make sure cleanup happens correctly. ([@​macdja38](https://togithub.com/macdja38)) ##### DOCS UPDATES - [`b1a8729c8`](https://togithub.com/npm/cli/commit/b1a8729c80175243fbbeecd164e9ddd378a09a50) [#​60](https://togithub.com/npm/cli/pull/60) Mention --otp flag when prompting for OTP. ([@​bakkot](https://togithub.com/bakkot)) - [`bcae4ea81`](https://togithub.com/npm/cli/commit/bcae4ea8173e489a76cc226bbd30dd9eabe21ec6) [#​64](https://togithub.com/npm/cli/pull/64) Clarify that git dependencies use the default branch, not just `master`. ([@​zckrs](https://togithub.com/zckrs)) - [`15da82690`](https://togithub.com/npm/cli/commit/15da8269032bf509ade3252978e934f2a61d4499) [#​72](https://togithub.com/npm/cli/pull/72) `bash_completion.d` dir is sometimes found in `/etc` not `/usr/local`. ([@​RobertKielty](https://togithub.com/RobertKielty)) - [`8a6ecc793`](https://togithub.com/npm/cli/commit/8a6ecc7936dae2f51638397ff5a1d35cccda5495) [#​74](https://togithub.com/npm/cli/pull/74) Update OTP documentation for `dist-tag add` to clarify `--otp` is needed right now. ([@​scotttrinh](https://togithub.com/scotttrinh)) - [`dcc03ec85`](https://togithub.com/npm/cli/commit/dcc03ec858bddd7aa2173b5a86b55c1c2385a2a3) [#​82](https://togithub.com/npm/cli/pull/82) Note that `prepare` runs when installing git dependencies. ([@​seishun](https://togithub.com/seishun)) - [`a91a470b7`](https://togithub.com/npm/cli/commit/a91a470b71e08ccf6a75d4fb8c9937789fa8d067) [#​83](https://togithub.com/npm/cli/pull/83) Specify that --dry-run isn't available in older versions of npm publish. ([@​kjin](https://togithub.com/kjin)) - [`1b2fabcce`](https://togithub.com/npm/cli/commit/1b2fabccede37242233755961434c52536224de5) [#​96](https://togithub.com/npm/cli/pull/96) Fix inline code tag issue in docs. ([@​midare](https://togithub.com/midare)) - [`6cc70cc19`](https://togithub.com/npm/cli/commit/6cc70cc1977e58a3e1ea48e660ffc6b46b390e59) [#​68](https://togithub.com/npm/cli/pull/68) Add semver link and a note on empty string format to `deprecate` doc. ([@​neverett](https://togithub.com/neverett)) - [`61dbbb7c3`](https://togithub.com/npm/cli/commit/61dbbb7c3474834031bce88c423850047e8131dc) Fix semver docs after version update. ([@​zkat](https://togithub.com/zkat)) - [`4acd45a3d`](https://togithub.com/npm/cli/commit/4acd45a3d0ce92f9999446226fe7dfb89a90ba2e) [#​78](https://togithub.com/npm/cli/pull/78) Correct spelling across various docs. ([@​hugovk](https://togithub.com/hugovk)) ##### DEPENDENCIES - [`4f761283e`](https://togithub.com/npm/cli/commit/4f761283e8896d0ceb5934779005646463a030e8) `figgy-pudding@3.5.1` ([@​zkat](https://togithub.com/zkat)) - [`3706db0bc`](https://togithub.com/npm/cli/commit/3706db0bcbc306d167bb902362e7f6962f2fe1a1) [npm.community#1764](https://npm.community/t/crash-invalid-config-key-requested-error/1764) `ssri@6.0.1` ([@​zkat](https://togithub.com/zkat)) - [`83c2b117d`](https://togithub.com/npm/cli/commit/83c2b117d0b760d0ea8d667e5e4bdfa6a7a7a8f6) `bluebird@3.5.2` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`2702f46bd`](https://togithub.com/npm/cli/commit/2702f46bd7284fb303ca2119d23c52536811d705) `ci-info@1.5.1` ([@​watson](https://togithub.com/watson)) - [`4db6c3898`](https://togithub.com/npm/cli/commit/4db6c3898b07100e3a324e4aae50c2fab4b93a04) `config-chain@1.1.1`:2 ([@​dawsbot](https://togithub.com/dawbot)) - [`70bee4f69`](https://togithub.com/npm/cli/commit/70bee4f69bb4ce4e18c48582fe2b48d8b4aba566) `glob@7.1.3` ([@​isaacs](https://togithub.com/isaacs)) - [`e469fd6be`](https://togithub.com/npm/cli/commit/e469fd6be95333dcaa7cf377ca3620994ca8d0de) `opener@1.5.1`: Fix browser opening under Windows Subsystem for Linux (WSL). ([@​thijsputman](https://togithub.com/thijsputman)) - [`03840dced`](https://togithub.com/npm/cli/commit/03840dced865abdca6e6449ea030962e5b19db0c) `semver@5.5.1` ([@​iarna](https://togithub.com/iarna)) - [`161dc0b41`](https://togithub.com/npm/cli/commit/161dc0b4177e76306a0e3b8660b3b496cc3db83b) `bluebird@3.5.3` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`bb6f94395`](https://togithub.com/npm/cli/commit/bb6f94395491576ec42996ff6665df225f6b4377) `graceful-fs@4.1.1`:5 ([@​isaacs](https://togithub.com/isaacs)) - [`43b1f4c91`](https://togithub.com/npm/cli/commit/43b1f4c91fa1d7b3ebb6aa2d960085e5f3ac7607) `tar@4.4.8` ([@​isaacs](https://togithub.com/isaacs)) - [`ab62afcc4`](https://togithub.com/npm/cli/commit/ab62afcc472de82c479bf91f560a0bbd6a233c80) `npm-packlist@1.1.1`:2 ([@​isaacs](https://togithub.com/isaacs)) - [`027f06be3`](https://togithub.com/npm/cli/commit/027f06be35bb09f390e46fcd2b8182539939d1f7) `ci-info@1.6.0` ([@​watson](https://togithub.com/watson)) ##### MISCELLANEOUS - [`27217dae8`](https://togithub.com/npm/cli/commit/27217dae8adbc577ee9cb323b7cfe9c6b2493aca) [#​70](https://togithub.com/npm/cli/pull/70) Automatically audit dependency licenses for npm itself. ([@​kemitchell](https://togithub.com/kemitchell)) ### [`v6.4.0`](https://togithub.com/npm/cli/releases/tag/v6.4.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.3.0...v6.4.0) ##### NEW FEATURES - [`6e9f04b0b`](https://togithub.com/npm/cli/commit/6e9f04b0baed007169d4e0c341f097cf133debf7) [npm/cli#8](https://togithub.com/npm/cli/pull/8) Search for authentication token defined by environment variables by preventing the translation layer from env variable to npm option from breaking `:_authToken`. ([@​mkhl](https://togithub.com/mkhl)) - [`84bfd23e7`](https://togithub.com/npm/cli/commit/84bfd23e7d6434d30595594723a6e1976e84b022) [npm/cli#35](https://togithub.com/npm/cli/pull/35) Stop filtering out non-IPv4 addresses from `local-addrs`, making npm actually use IPv6 addresses when it must. ([@​valentin2105](https://togithub.com/valentin2105)) - [`792c8c709`](https://togithub.com/npm/cli/commit/792c8c709dc7a445687aa0c8cba5c50bc4ed83fd) [npm/cli#31](https://togithub.com/npm/cli/pull/31) configurable audit level for non-zero exit `npm audit` currently exits with exit code 1 if any vulnerabilities are found of any level. Add a flag of `--audit-level` to `npm audit` to allow it to pass if only vulnerabilities below a certain level are found. Example: `npm audit --audit-level=high` will exit with 0 if only low or moderate level vulns are detected. ([@​lennym](https://togithub.com/lennym)) ##### BUGFIXES - [`d81146181`](https://togithub.com/npm/cli/commit/d8114618137bb5b9a52a86711bb8dc18bfc8e60c) [npm/cli#32](https://togithub.com/npm/cli/pull/32) Don't check for updates to npm when we are updating npm itself. ([@​olore](https://togithub.com/olore)) ##### DEPENDENCY UPDATES A very special dependency update event! Since the [release of `node-gyp@3.8.0`](https://togithub.com/nodejs/node-gyp/pull/1521), an awkward version conflict that was preventing `request` from begin flattened was resolved. This means two things: 1. We've cut down the npm tarball size by another 200kb, to 4.6MB 2. `npm audit` now shows no vulnerabilities for npm itself! Thanks, [@​rvagg](https://togithub.com/rvagg)! - [`866d776c2`](https://togithub.com/npm/cli/commit/866d776c27f80a71309389aaab42825b2a0916f6) `request@2.87.0` ([@​simov](https://togithub.com/simov)) - [`f861c2b57`](https://togithub.com/npm/cli/commit/f861c2b579a9d4feae1653222afcefdd4f0e978f) `node-gyp@3.8.0` ([@​rvagg](https://togithub.com/rvagg)) - [`32e6947c6`](https://togithub.com/npm/cli/commit/32e6947c60db865257a0ebc2f7e754fedf7a6fc9) [npm/cli#39](https://togithub.com/npm/cli/pull/39) `colors@1.1.2`: REVERT REVERT, newer versions of this library are broken and print ansi codes even when disabled. ([@​iarna](https://togithub.com/iarna)) - [`beb96b92c`](https://togithub.com/npm/cli/commit/beb96b92caf061611e3faafc7ca10e77084ec335) `libcipm@2.0.1` ([@​zkat](https://togithub.com/zkat)) - [`348fc91ad`](https://togithub.com/npm/cli/commit/348fc91ad223ff91cd7bcf233018ea1d979a2af1) `validate-npm-package-license@3.0.4`: Fixes errors with empty or string-only license fields. ([@​Gudahtt](https://togithub.com/Gudahtt)) - [`e57d34575`](https://togithub.com/npm/cli/commit/e57d3457547ef464828fc6f82ae4750f3e511550) `iferr@1.0.2` ([@​shesek](https://togithub.com/shesek)) - [`46f1c6ad4`](https://togithub.com/npm/cli/commit/46f1c6ad4b2fd5b0d7ec879b76b76a70a3a2595c) `tar@4.4.6` ([@​isaacs](https://togithub.com/isaacs)) - [`50df1bf69`](https://togithub.com/npm/cli/commit/50df1bf691e205b9f13e0fff0d51a68772c40561) `hosted-git-info@2.7.1` ([@​iarna](https://togithub.com/iarna)) ([@​Erveon](https://togithub.com/Erveon)) ([@​huochunpeng](https://togithub.com/huochunpeng)) ##### DOCUMENTATION - [`af98e76ed`](https://togithub.com/npm/cli/commit/af98e76ed96af780b544962aa575585b3fa17b9a) [npm/cli#34](https://togithub.com/npm/cli/pull/34) Remove `npm publish` from list of commands not affected by `--dry-run`. ([@​joebowbeer](https://togithub.com/joebowbeer)) - [`e2b0f0921`](https://togithub.com/npm/cli/commit/e2b0f092193c08c00f12a6168ad2bd9d6e16f8ce) [npm/cli#36](https://togithub.com/npm/cli/pull/36) Tweak formatting in repository field examples. ([@​noahbenham](https://togithub.com/noahbenham)) - [`e2346e770`](https://togithub.com/npm/cli/commit/e2346e7702acccefe6d711168c2b0e0e272e194a) [npm/cli#14](https://togithub.com/npm/cli/pull/14) Used `process.env` examples to make accessing certain `npm run-scripts` environment variables more clear. ([@​mwarger](https://togithub.com/mwarger)) ### [`v6.3.0`](https://togithub.com/npm/cli/blob/HEAD/workspaces/arborist/CHANGELOG.md#630-2023-07-05) ##### Features - [`67459e7`](https://togithub.com/npm/cli/commit/67459e7b56a5e8d2b4f8eb3a0487183013c63b99) [#​6626](https://togithub.com/npm/cli/pull/6626) add `pkg fix` subcommand ([@​wraithgar](https://togithub.com/wraithgar)) ##### Bug Fixes - [`c61e037`](https://togithub.com/npm/cli/commit/c61e0376408240590bfc712fe9fdadd7dc9a48bc) [#​6626](https://togithub.com/npm/cli/pull/6626) use new load/create syntax for package-json ([@​wraithgar](https://togithub.com/wraithgar)) ##### Dependencies - [`b252164`](https://togithub.com/npm/cli/commit/b252164dd5c866bf2d25c96836ad829d4d6909ee) [#​6626](https://togithub.com/npm/cli/pull/6626) `@npmcli/package-json@4.0.0`
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/redwoodjs/redwood). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 35 ++++++++++++++++++----------------- 2 files changed, 19 insertions(+), 18 deletions(-) diff --git a/package.json b/package.json index 441bfe3fd115..125e3d739e0c 100644 --- a/package.json +++ b/package.json @@ -61,7 +61,7 @@ "@babel/preset-typescript": "^7.22.15", "@babel/runtime-corejs3": "7.23.2", "@faker-js/faker": "8.0.2", - "@npmcli/arborist": "6.2.10", + "@npmcli/arborist": "6.5.0", "@playwright/test": "1.39.0", "@testing-library/jest-dom": "5.17.0", "@testing-library/react": "14.1.0", diff --git a/yarn.lock b/yarn.lock index e31d6f9da99f..309c1dc80aae 100644 --- a/yarn.lock +++ b/yarn.lock @@ -5417,9 +5417,9 @@ __metadata: languageName: node linkType: hard -"@npmcli/arborist@npm:6.2.10": - version: 6.2.10 - resolution: "@npmcli/arborist@npm:6.2.10" +"@npmcli/arborist@npm:6.5.0": + version: 6.5.0 + resolution: "@npmcli/arborist@npm:6.5.0" dependencies: "@isaacs/string-locale-compare": ^1.1.0 "@npmcli/fs": ^3.1.0 @@ -5428,7 +5428,7 @@ __metadata: "@npmcli/metavuln-calculator": ^5.0.0 "@npmcli/name-from-folder": ^2.0.0 "@npmcli/node-gyp": ^3.0.0 - "@npmcli/package-json": ^3.0.0 + "@npmcli/package-json": ^4.0.0 "@npmcli/query": ^3.0.0 "@npmcli/run-script": ^6.0.0 bin-links: ^4.0.1 @@ -5439,7 +5439,7 @@ __metadata: json-stringify-nice: ^1.1.4 minimatch: ^9.0.0 nopt: ^7.0.0 - npm-install-checks: ^6.0.0 + npm-install-checks: ^6.2.0 npm-package-arg: ^10.1.0 npm-pick-manifest: ^8.0.1 npm-registry-fetch: ^14.0.3 @@ -5456,7 +5456,7 @@ __metadata: walk-up-path: ^3.0.1 bin: arborist: bin/index.js - checksum: 2bd713fa742e72cdad62307a92c5bba61bfb6de910d61b9b94dd21d67bbd917257ff127eeb11d9231af7dd7fc3700b46142e06fb782c6ebb3b4e163df0d0698f + checksum: f245b372e4d9319aa41aa2e16ff8ffdbbb6ce13a34c090eb4dda9b5597c031dcfc97f0f2f918b576667e0ae0544f36ed1bccbc53f401209184268608fc1e19cc languageName: node linkType: hard @@ -5555,17 +5555,18 @@ __metadata: languageName: node linkType: hard -"@npmcli/package-json@npm:^3.0.0": - version: 3.1.1 - resolution: "@npmcli/package-json@npm:3.1.1" +"@npmcli/package-json@npm:^4.0.0": + version: 4.0.1 + resolution: "@npmcli/package-json@npm:4.0.1" dependencies: "@npmcli/git": ^4.1.0 glob: ^10.2.2 + hosted-git-info: ^6.1.1 json-parse-even-better-errors: ^3.0.0 normalize-package-data: ^5.0.0 - npm-normalize-package-bin: ^3.0.1 proc-log: ^3.0.0 - checksum: fc3052a36cb65c011da75dfdb051b631557e5ccc7b25b64be87cb363e8f2e99d78fcf94495f456406ada2c75afaff8177a2a06a46594f15eb0b4e667110a415e + semver: ^7.5.3 + checksum: 61adec288372827e482d4c6bda8186e239b1419a6f018552a0444520720022fb2903d08438f32881fe2eccabb8cf29dcb1c5c5c62c4fc970d79ad71fe9a41e46 languageName: node linkType: hard @@ -27300,12 +27301,12 @@ __metadata: languageName: node linkType: hard -"npm-install-checks@npm:^6.0.0": - version: 6.1.1 - resolution: "npm-install-checks@npm:6.1.1" +"npm-install-checks@npm:^6.0.0, npm-install-checks@npm:^6.2.0": + version: 6.3.0 + resolution: "npm-install-checks@npm:6.3.0" dependencies: semver: ^7.1.1 - checksum: f61bbd7e27738037a3e836e1b154f668f774a4eb5fd66830b9edf3ef4b0648d4477cb0c73c129a255445109a5c18f16413e1b356d56c0cac006e57ab21c66ede + checksum: b046ef1de9b40f5d3a9831ce198e1770140a1c3f253dae22eb7b06045191ef79f18f1dcc15a945c919b3c161426861a28050abd321bf439190185794783b6452 languageName: node linkType: hard @@ -27323,7 +27324,7 @@ __metadata: languageName: node linkType: hard -"npm-normalize-package-bin@npm:^3.0.0, npm-normalize-package-bin@npm:^3.0.1": +"npm-normalize-package-bin@npm:^3.0.0": version: 3.0.1 resolution: "npm-normalize-package-bin@npm:3.0.1" checksum: f1831a7f12622840e1375c785c3dab7b1d82dd521211c17ee5e9610cd1a34d8b232d3fdeebf50c170eddcb321d2c644bf73dbe35545da7d588c6b3fa488db0a5 @@ -31422,7 +31423,7 @@ __metadata: "@babel/preset-typescript": ^7.22.15 "@babel/runtime-corejs3": 7.23.2 "@faker-js/faker": 8.0.2 - "@npmcli/arborist": 6.2.10 + "@npmcli/arborist": 6.5.0 "@playwright/test": 1.39.0 "@testing-library/jest-dom": 5.17.0 "@testing-library/react": 14.1.0