Skip to content

Bump the npm-dependencies group across 1 directory with 3 updates #11769

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm-dependencies group across 1 directory with 3 updates #11769

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2025
edited
Loading

Bumps the npm-dependencies group with 3 updates in the /npm_and_yarn/helpers directory: @npmcli/arborist, nock and semver.

Updates @npmcli/arborist from 8.0.0 to 9.0.1

Release notes

Sourced from @​npmcli/arborist's releases.

arborist: v9.0.1

9.0.1 (2025-03-05)

Bug Fixes

libnpmpack: v9.0.1

Dependencies

config: v9.0.0

9.0.0 (2024-10-03)

⚠️ BREAKING CHANGES

  • @npmcli/config now supports node ^18.17.0 || >=20.5.0

Bug Fixes

Dependencies

Chores

libnpmaccess: v9.0.0

9.0.0 (2024-10-03)

⚠️ BREAKING CHANGES

  • libnpmaccess now supports node ^18.17.0 || >=20.5.0

Bug Fixes

Dependencies

Chores

libnpmexec: v9.0.0

9.0.0 (2024-10-03)

⚠️ BREAKING CHANGES

  • libnpmexec now supports node ^18.17.0 || >=20.5.0

Bug Fixes

Dependencies

... (truncated)

Changelog

Sourced from @​npmcli/arborist's changelog.

9.0.1 (2025-03-05)

Bug Fixes

9.0.0 (2024-12-16)

Features

Chores

9.0.0-pre.1 (2024-12-06)

⚠️ BREAKING CHANGES

  • Upon publishing, in order to apply a default "latest" dist tag, the command now retrieves all prior versions of the package. It will require that the version you're trying to publish is above the latest semver version in the registry, not including pre-release tags.
  • bun.lockb files are now included in the strict ignore list during packing

Features

Dependencies

9.0.0-pre.0 (2024-11-26)

⚠️ BREAKING CHANGES

  • --ignore-scripts now applies to all lifecycle scripts, include prepare
  • npm will no longer fall back to the old audit endpoint if the bulk advisory request fails.
  • @​npmcli/arborist now supports node ^20.17.0 || >=22.9.0

Features

Bug Fixes

Dependencies

Chores

Commits

Updates nock from 13.5.6 to 14.0.1

Release notes

Sourced from nock's releases.

v14.0.1

14.0.1 (2025-02-06)

Bug Fixes

  • recorder: response body accessed multiple times in parallel requests (#2840) (ac7a1b2)

v14.0.0

BREAKING CHANGES

  • drop support for Node < 18

Features

v14.0.0-beta.19

14.0.0-beta.19 (2024-12-04)

Bug Fixes

  • backport: memory leaks due to timer references outliving the timers (#2773) (#2773) (66eb7f4)
  • call fs.createReadStream lazily (#2357) (ba9fc42)
  • remove duplicates from activeMocks() and pendingMocks() (#2356) (7e957b3)
  • support literal query string (#2590) (4162fa8)
  • types: return type of BackOptions.afterRecord (#2782) (fc90bd3)

v14.0.0-beta.18

14.0.0-beta.18 (2024-11-25)

Bug Fixes

  • recorder: recompress fetch body on record (#2810) (be35f23)

v14.0.0-beta.17

14.0.0-beta.17 (2024-11-21)

Bug Fixes

  • fetch: add support for aborting requests using AbortSignal (#2809) (a143911)

v14.0.0-beta.16

14.0.0-beta.16 (2024-11-14)

Bug Fixes

... (truncated)

Commits

Updates semver from 7.6.3 to 7.7.1

Release notes

Sourced from semver's releases.

v7.7.1

7.7.1 (2025-02-03)

Bug Fixes

v7.7.0

7.7.0 (2025-01-29)

Features

Bug Fixes

Documentation

Chores

Changelog

Sourced from semver's changelog.

7.7.1 (2025-02-03)

Bug Fixes

7.7.0 (2025-01-29)

Features

Bug Fixes

Documentation

Chores

Commits
  • 30c438b chore: release 7.7.1 (#765)
  • af761c0 fix(inc): fully capture prerelease identifier (#764)
  • 2cfcbb5 chore: release 7.7.0 (#750)
  • d588e37 fix(diff): fix prerelease to stable version diff logic (#755)
  • 753e02b chore: bump @​npmcli/template-oss from 4.23.3 to 4.23.4 (#747)
  • 8a34bde fix: add identifier validation to inc() (#754)
  • 0864b3c feat: add "release" inc type (#753)
  • 67e5478 docs(readme): added missing period for consistency (#756)
  • 868d4bb docs: clarify comment about obsolete prefixes (#749)
  • 145c554 chore: bump @​npmcli/eslint-config from 4.0.5 to 5.0.0
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot requested a review from a team as a code owner March 9, 2025 16:03
@dependabot dependabot bot added dependencies javascript Dependabot pull requests that update Javascript code labels Mar 9, 2025
@dependabot dependabot bot mentioned this pull request Mar 9, 2025
Closed
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from a311bbf to 259b8f2 Compare March 16, 2025 16:33
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from 80382f4 to acfe782 Compare March 30, 2025 16:16
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from f868b30 to ecef8db Compare April 13, 2025 16:34
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from e30896f to 58fe8e8 Compare April 27, 2025 16:34
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from 22b5b89 to 20b2b77 Compare May 11, 2025 16:29
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from 51b2d90 to b6ab0b6 Compare May 25, 2025 16:45
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch from b6ab0b6 to ec01110 Compare June 1, 2025 16:26
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch from ec01110 to bebf775 Compare June 8, 2025 16:31
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch from bebf775 to 445fc7f Compare June 15, 2025 16:45
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch 2 times, most recently from 5817b52 to b810537 Compare June 29, 2025 16:15
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch from b810537 to cfecfbc Compare July 6, 2025 16:05
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch from cfecfbc to 5b69e14 Compare July 13, 2025 16:23
@dependabot
Bump the npm-dependencies group across 1 directory with 3 updates
d7f8338 
Bumps the npm-dependencies group with 3 updates in the /npm_and_yarn/helpers directory: [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist), [nock](https://github.com/nock/nock) and [semver](https://github.com/npm/node-semver).


Updates `@npmcli/arborist` from 8.0.0 to 9.0.1
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md)
- [Commits](https://github.com/npm/cli/commits/v9.0.1/workspaces/arborist)

Updates `nock` from 13.5.6 to 14.0.1
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v13.5.6...v14.0.1)

Updates `semver` from 7.6.3 to 7.7.1
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.6.3...v7.7.1)

---
updated-dependencies:
- dependency-name: "@npmcli/arborist"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: nock
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: semver
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn/helpers/npm-dependencies-17f0ce9c31 branch from 5b69e14 to d7f8338 Compare July 20, 2025 16:40
@randhircs randhircs added the Ecosystems Used by the maintainer team for internal-facing project tracking label Jul 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@markhallen markhallen

Labels
dependencies Ecosystems Used by the maintainer team for internal-facing project tracking javascript Dependabot pull requests that update Javascript code L: javascript
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@markhallen @randhircs