Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): update dependency @npmcli/arborist to v6.5.0 (#9517)
[![Mend Renovate logo banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@npmcli/arborist](https://togithub.com/npm/cli) | [`6.2.10` -> `6.5.0`](https://renovatebot.com/diffs/npm/@npmcli%2farborist/6.2.10/6.5.0) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@npmcli%2farborist/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@npmcli%2farborist/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@npmcli%2farborist/6.2.10/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@npmcli%2farborist/6.2.10/6.5.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>npm/cli (@​npmcli/arborist)</summary> ### [`v6.5.0`](https://togithub.com/npm/cli/releases/tag/v6.5.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.4.0...v6.5.0) ##### NEW FEATURES - [`fc1a8d185`](https://togithub.com/npm/cli/commit/fc1a8d185fc678cdf3784d9df9eef9094e0b2dec) Backronym `npm ci` to `npm clean-install`. ([@​zkat](https://togithub.com/zkat)) - [`4be51a9cc`](https://togithub.com/npm/cli/commit/4be51a9cc65635bb26fa4ce62233f26e0104bc20) [#​81](https://togithub.com/npm/cli/pull/81) Adds 'Homepage' to outdated --long output. ([@​jbottigliero](https://togithub.com/jbottigliero)) ##### BUGFIXES - [`89652cb9b`](https://togithub.com/npm/cli/commit/89652cb9b810f929f5586fc90cc6794d076603fb) [npm.community#1661](https://npm.community/t/https://npm.community/t/1661) Fix sign-git-commit options. They were previously totally wrong. ([@​zkat](https://togithub.com/zkat)) - [`414f2d1a1`](https://togithub.com/npm/cli/commit/414f2d1a1bdffc02ed31ebb48a43216f284c21d4) [npm.community#1742](https://npm.community/t/npm-audit-making-non-rfc-compliant-requests-to-server-resulting-in-400-bad-request-pr-with-fix/1742) Set lowercase headers for npm audit requests. ([@​maartenba](https://togithub.com/maartenba)) - [`a34246baf`](https://togithub.com/npm/cli/commit/a34246bafe73218dc9e3090df9ee800451db2c7d) [#​75](https://togithub.com/npm/cli/pull/75) Fix `npm edit` handling of scoped packages. ([@​larsgw](https://togithub.com/larsgw))\* [`d3e8a7c72`](https://togithub.com/npm/cli/commit/d3e8a7c7240dd25379a5bcad324a367c58733c73) [npm.community#2303](https://npm.community/t/npm-ci-logs-success-to-stderr/2303) Make summary output for `npm ci` go to `stdout`, not `stderr`. ([@​alopezsanchez](https://togithub.com/alopezsanchez)) - [`71d8fb4a9`](https://togithub.com/npm/cli/commit/71d8fb4a94d65e1855f6d0c5f2ad2b7c3202e3c4) [npm.community#1377](https://npm.community/t/unhelpful-error-message-when-publishing-without-logging-in-error-eperm-operation-not-permitted-unlink/1377/3) Close the file descriptor during publish if exiting upload via an error. This will prevent strange error messages when the upload fails and make sure cleanup happens correctly. ([@​macdja38](https://togithub.com/macdja38)) ##### DOCS UPDATES - [`b1a8729c8`](https://togithub.com/npm/cli/commit/b1a8729c80175243fbbeecd164e9ddd378a09a50) [#​60](https://togithub.com/npm/cli/pull/60) Mention --otp flag when prompting for OTP. ([@​bakkot](https://togithub.com/bakkot)) - [`bcae4ea81`](https://togithub.com/npm/cli/commit/bcae4ea8173e489a76cc226bbd30dd9eabe21ec6) [#​64](https://togithub.com/npm/cli/pull/64) Clarify that git dependencies use the default branch, not just `master`. ([@​zckrs](https://togithub.com/zckrs)) - [`15da82690`](https://togithub.com/npm/cli/commit/15da8269032bf509ade3252978e934f2a61d4499) [#​72](https://togithub.com/npm/cli/pull/72) `bash_completion.d` dir is sometimes found in `/etc` not `/usr/local`. ([@​RobertKielty](https://togithub.com/RobertKielty)) - [`8a6ecc793`](https://togithub.com/npm/cli/commit/8a6ecc7936dae2f51638397ff5a1d35cccda5495) [#​74](https://togithub.com/npm/cli/pull/74) Update OTP documentation for `dist-tag add` to clarify `--otp` is needed right now. ([@​scotttrinh](https://togithub.com/scotttrinh)) - [`dcc03ec85`](https://togithub.com/npm/cli/commit/dcc03ec858bddd7aa2173b5a86b55c1c2385a2a3) [#​82](https://togithub.com/npm/cli/pull/82) Note that `prepare` runs when installing git dependencies. ([@​seishun](https://togithub.com/seishun)) - [`a91a470b7`](https://togithub.com/npm/cli/commit/a91a470b71e08ccf6a75d4fb8c9937789fa8d067) [#​83](https://togithub.com/npm/cli/pull/83) Specify that --dry-run isn't available in older versions of npm publish. ([@​kjin](https://togithub.com/kjin)) - [`1b2fabcce`](https://togithub.com/npm/cli/commit/1b2fabccede37242233755961434c52536224de5) [#​96](https://togithub.com/npm/cli/pull/96) Fix inline code tag issue in docs. ([@​midare](https://togithub.com/midare)) - [`6cc70cc19`](https://togithub.com/npm/cli/commit/6cc70cc1977e58a3e1ea48e660ffc6b46b390e59) [#​68](https://togithub.com/npm/cli/pull/68) Add semver link and a note on empty string format to `deprecate` doc. ([@​neverett](https://togithub.com/neverett)) - [`61dbbb7c3`](https://togithub.com/npm/cli/commit/61dbbb7c3474834031bce88c423850047e8131dc) Fix semver docs after version update. ([@​zkat](https://togithub.com/zkat)) - [`4acd45a3d`](https://togithub.com/npm/cli/commit/4acd45a3d0ce92f9999446226fe7dfb89a90ba2e) [#​78](https://togithub.com/npm/cli/pull/78) Correct spelling across various docs. ([@​hugovk](https://togithub.com/hugovk)) ##### DEPENDENCIES - [`4f761283e`](https://togithub.com/npm/cli/commit/4f761283e8896d0ceb5934779005646463a030e8) `figgy-pudding@3.5.1` ([@​zkat](https://togithub.com/zkat)) - [`3706db0bc`](https://togithub.com/npm/cli/commit/3706db0bcbc306d167bb902362e7f6962f2fe1a1) [npm.community#1764](https://npm.community/t/crash-invalid-config-key-requested-error/1764) `ssri@6.0.1` ([@​zkat](https://togithub.com/zkat)) - [`83c2b117d`](https://togithub.com/npm/cli/commit/83c2b117d0b760d0ea8d667e5e4bdfa6a7a7a8f6) `bluebird@3.5.2` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`2702f46bd`](https://togithub.com/npm/cli/commit/2702f46bd7284fb303ca2119d23c52536811d705) `ci-info@1.5.1` ([@​watson](https://togithub.com/watson)) - [`4db6c3898`](https://togithub.com/npm/cli/commit/4db6c3898b07100e3a324e4aae50c2fab4b93a04) `config-chain@1.1.1`:2 ([@​dawsbot](https://togithub.com/dawbot)) - [`70bee4f69`](https://togithub.com/npm/cli/commit/70bee4f69bb4ce4e18c48582fe2b48d8b4aba566) `glob@7.1.3` ([@​isaacs](https://togithub.com/isaacs)) - [`e469fd6be`](https://togithub.com/npm/cli/commit/e469fd6be95333dcaa7cf377ca3620994ca8d0de) `opener@1.5.1`: Fix browser opening under Windows Subsystem for Linux (WSL). ([@​thijsputman](https://togithub.com/thijsputman)) - [`03840dced`](https://togithub.com/npm/cli/commit/03840dced865abdca6e6449ea030962e5b19db0c) `semver@5.5.1` ([@​iarna](https://togithub.com/iarna)) - [`161dc0b41`](https://togithub.com/npm/cli/commit/161dc0b4177e76306a0e3b8660b3b496cc3db83b) `bluebird@3.5.3` ([@​petkaantonov](https://togithub.com/petkaantonov)) - [`bb6f94395`](https://togithub.com/npm/cli/commit/bb6f94395491576ec42996ff6665df225f6b4377) `graceful-fs@4.1.1`:5 ([@​isaacs](https://togithub.com/isaacs)) - [`43b1f4c91`](https://togithub.com/npm/cli/commit/43b1f4c91fa1d7b3ebb6aa2d960085e5f3ac7607) `tar@4.4.8` ([@​isaacs](https://togithub.com/isaacs)) - [`ab62afcc4`](https://togithub.com/npm/cli/commit/ab62afcc472de82c479bf91f560a0bbd6a233c80) `npm-packlist@1.1.1`:2 ([@​isaacs](https://togithub.com/isaacs)) - [`027f06be3`](https://togithub.com/npm/cli/commit/027f06be35bb09f390e46fcd2b8182539939d1f7) `ci-info@1.6.0` ([@​watson](https://togithub.com/watson)) ##### MISCELLANEOUS - [`27217dae8`](https://togithub.com/npm/cli/commit/27217dae8adbc577ee9cb323b7cfe9c6b2493aca) [#​70](https://togithub.com/npm/cli/pull/70) Automatically audit dependency licenses for npm itself. ([@​kemitchell](https://togithub.com/kemitchell)) ### [`v6.4.0`](https://togithub.com/npm/cli/releases/tag/v6.4.0) [Compare Source](https://togithub.com/npm/cli/compare/v6.3.0...v6.4.0) ##### NEW FEATURES - [`6e9f04b0b`](https://togithub.com/npm/cli/commit/6e9f04b0baed007169d4e0c341f097cf133debf7) [npm/cli#8](https://togithub.com/npm/cli/pull/8) Search for authentication token defined by environment variables by preventing the translation layer from env variable to npm option from breaking `:_authToken`. ([@​mkhl](https://togithub.com/mkhl)) - [`84bfd23e7`](https://togithub.com/npm/cli/commit/84bfd23e7d6434d30595594723a6e1976e84b022) [npm/cli#35](https://togithub.com/npm/cli/pull/35) Stop filtering out non-IPv4 addresses from `local-addrs`, making npm actually use IPv6 addresses when it must. ([@​valentin2105](https://togithub.com/valentin2105)) - [`792c8c709`](https://togithub.com/npm/cli/commit/792c8c709dc7a445687aa0c8cba5c50bc4ed83fd) [npm/cli#31](https://togithub.com/npm/cli/pull/31) configurable audit level for non-zero exit `npm audit` currently exits with exit code 1 if any vulnerabilities are found of any level. Add a flag of `--audit-level` to `npm audit` to allow it to pass if only vulnerabilities below a certain level are found. Example: `npm audit --audit-level=high` will exit with 0 if only low or moderate level vulns are detected. ([@​lennym](https://togithub.com/lennym)) ##### BUGFIXES - [`d81146181`](https://togithub.com/npm/cli/commit/d8114618137bb5b9a52a86711bb8dc18bfc8e60c) [npm/cli#32](https://togithub.com/npm/cli/pull/32) Don't check for updates to npm when we are updating npm itself. ([@​olore](https://togithub.com/olore)) ##### DEPENDENCY UPDATES A very special dependency update event! Since the [release of `node-gyp@3.8.0`](https://togithub.com/nodejs/node-gyp/pull/1521), an awkward version conflict that was preventing `request` from begin flattened was resolved. This means two things: 1. We've cut down the npm tarball size by another 200kb, to 4.6MB 2. `npm audit` now shows no vulnerabilities for npm itself! Thanks, [@​rvagg](https://togithub.com/rvagg)! - [`866d776c2`](https://togithub.com/npm/cli/commit/866d776c27f80a71309389aaab42825b2a0916f6) `request@2.87.0` ([@​simov](https://togithub.com/simov)) - [`f861c2b57`](https://togithub.com/npm/cli/commit/f861c2b579a9d4feae1653222afcefdd4f0e978f) `node-gyp@3.8.0` ([@​rvagg](https://togithub.com/rvagg)) - [`32e6947c6`](https://togithub.com/npm/cli/commit/32e6947c60db865257a0ebc2f7e754fedf7a6fc9) [npm/cli#39](https://togithub.com/npm/cli/pull/39) `colors@1.1.2`: REVERT REVERT, newer versions of this library are broken and print ansi codes even when disabled. ([@​iarna](https://togithub.com/iarna)) - [`beb96b92c`](https://togithub.com/npm/cli/commit/beb96b92caf061611e3faafc7ca10e77084ec335) `libcipm@2.0.1` ([@​zkat](https://togithub.com/zkat)) - [`348fc91ad`](https://togithub.com/npm/cli/commit/348fc91ad223ff91cd7bcf233018ea1d979a2af1) `validate-npm-package-license@3.0.4`: Fixes errors with empty or string-only license fields. ([@​Gudahtt](https://togithub.com/Gudahtt)) - [`e57d34575`](https://togithub.com/npm/cli/commit/e57d3457547ef464828fc6f82ae4750f3e511550) `iferr@1.0.2` ([@​shesek](https://togithub.com/shesek)) - [`46f1c6ad4`](https://togithub.com/npm/cli/commit/46f1c6ad4b2fd5b0d7ec879b76b76a70a3a2595c) `tar@4.4.6` ([@​isaacs](https://togithub.com/isaacs)) - [`50df1bf69`](https://togithub.com/npm/cli/commit/50df1bf691e205b9f13e0fff0d51a68772c40561) `hosted-git-info@2.7.1` ([@​iarna](https://togithub.com/iarna)) ([@​Erveon](https://togithub.com/Erveon)) ([@​huochunpeng](https://togithub.com/huochunpeng)) ##### DOCUMENTATION - [`af98e76ed`](https://togithub.com/npm/cli/commit/af98e76ed96af780b544962aa575585b3fa17b9a) [npm/cli#34](https://togithub.com/npm/cli/pull/34) Remove `npm publish` from list of commands not affected by `--dry-run`. ([@​joebowbeer](https://togithub.com/joebowbeer)) - [`e2b0f0921`](https://togithub.com/npm/cli/commit/e2b0f092193c08c00f12a6168ad2bd9d6e16f8ce) [npm/cli#36](https://togithub.com/npm/cli/pull/36) Tweak formatting in repository field examples. ([@​noahbenham](https://togithub.com/noahbenham)) - [`e2346e770`](https://togithub.com/npm/cli/commit/e2346e7702acccefe6d711168c2b0e0e272e194a) [npm/cli#14](https://togithub.com/npm/cli/pull/14) Used `process.env` examples to make accessing certain `npm run-scripts` environment variables more clear. ([@​mwarger](https://togithub.com/mwarger)) ### [`v6.3.0`](https://togithub.com/npm/cli/blob/HEAD/workspaces/arborist/CHANGELOG.md#630-2023-07-05) ##### Features - [`67459e7`](https://togithub.com/npm/cli/commit/67459e7b56a5e8d2b4f8eb3a0487183013c63b99) [#​6626](https://togithub.com/npm/cli/pull/6626) add `pkg fix` subcommand ([@​wraithgar](https://togithub.com/wraithgar)) ##### Bug Fixes - [`c61e037`](https://togithub.com/npm/cli/commit/c61e0376408240590bfc712fe9fdadd7dc9a48bc) [#​6626](https://togithub.com/npm/cli/pull/6626) use new load/create syntax for package-json ([@​wraithgar](https://togithub.com/wraithgar)) ##### Dependencies - [`b252164`](https://togithub.com/npm/cli/commit/b252164dd5c866bf2d25c96836ad829d4d6909ee) [#​6626](https://togithub.com/npm/cli/pull/6626) `@npmcli/package-json@4.0.0` </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/redwoodjs/redwood). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
- Loading branch information