fix(deps): update dependency read-pkg to v9 #703
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
travi
approved these changes
Nov 2, 2023
|
🎉 This PR is included in version 11.0.1 🎉 The release is available on: Your semantic-release bot 📦🚀 |
electroluxcode
pushed a commit
to electroluxcode/npm
that referenced
this pull request
Jun 15, 2025
# 1.0.0 (2025-06-15) ### Bug Fixes * add `preferLocal` option to allow execa to use local npm version ([semantic-release#445](https://github.com/electroluxcode/npm/issues/445)) ([002439e](002439e)) * add dist-tag to publish and add-channel logs ([db6ccd2](db6ccd2)) * add dist-tag to publish log ([2de37a1](2de37a1)) * add message if no gitHead found ([9cde647](9cde647)) * add missed `preferLocal` option for execa call ([semantic-release#458](https://github.com/electroluxcode/npm/issues/458)) ([c817a88](c817a88)) * **aggregate-error:** upgraded to the latest version ([7285e05](7285e05)) * always attempt to set the legacy token env var ([2432eb0](2432eb0)) * avoid adding unnecessary new line to `.npmrc` ([6189ee7](6189ee7)) * check publish props only in verify ones are undefined ([dc9f08c](dc9f08c)) * ci ([0892bf4](0892bf4)) * ci ([47078ee](47078ee)) * **deps:** raised the minimum accepted range of npm to v10.5.0 ([semantic-release#759](https://github.com/electroluxcode/npm/issues/759)) ([a0313f8](a0313f8)), closes [semantic-release/semantic-release#3202](semantic-release/semantic-release#3202) * **deps:** update dependency @semantic-release/error to v3 ([semantic-release#402](https://github.com/electroluxcode/npm/issues/402)) ([60832fb](60832fb)) * **deps:** update dependency @semantic-release/error to v4 ([semantic-release#628](https://github.com/electroluxcode/npm/issues/628)) ([53a1012](53a1012)) * **deps:** update dependency aggregate-error to v5 ([semantic-release#676](https://github.com/electroluxcode/npm/issues/676)) ([f2bc9e7](f2bc9e7)) * **deps:** update dependency execa to v5 ([semantic-release#299](https://github.com/electroluxcode/npm/issues/299)) ([d4e5bb2](d4e5bb2)) * **deps:** update dependency execa to v7 ([semantic-release#575](https://github.com/electroluxcode/npm/issues/575)) ([4c11706](4c11706)) * **deps:** update dependency execa to v8 ([semantic-release#659](https://github.com/electroluxcode/npm/issues/659)) ([502d5ba](502d5ba)) * **deps:** update dependency execa to v9 ([9ac5ed0](9ac5ed0)) * **deps:** update dependency fs-extra to v10 ([80fde1e](80fde1e)) * **deps:** update dependency fs-extra to v11 ([7157d76](7157d76)) * **deps:** update dependency fs-extra to v11.1.1 ([semantic-release#591](https://github.com/electroluxcode/npm/issues/591)) ([31e0e27](31e0e27)) * **deps:** update dependency normalize-url to v6 ([97ca719](97ca719)) * **deps:** update dependency npm to v10 ([819f257](819f257)) * **deps:** update dependency npm to v10.2.5 ([42b5dec](42b5dec)) * **deps:** update dependency npm to v9 ([28265ec](28265ec)) * **deps:** update dependency read-pkg to v8 ([semantic-release#602](https://github.com/electroluxcode/npm/issues/602)) ([aaddc5c](aaddc5c)) * **deps:** update dependency read-pkg to v9 ([semantic-release#703](https://github.com/electroluxcode/npm/issues/703)) ([6e84013](6e84013)) * **deps:** update dependency registry-auth-token to v5 ([187671f](187671f)) * **deps:** update dependency tempy to ^0.7.0 ([semantic-release#287](https://github.com/electroluxcode/npm/issues/287)) ([dd25707](dd25707)) * **deps:** update dependency tempy to v1 ([semantic-release#289](https://github.com/electroluxcode/npm/issues/289)) ([5a1dbb8](5a1dbb8)) * **deps:** upgraded npm to v9 ([2a79f80](2a79f80)) * do not make `package.json`'s version mandatory ([eda41f0](eda41f0)) * do not use `execa.stdout.pipe` as it closes the stream ([544d4c7](544d4c7)) * **execa:** upgraded to the latest version ([7c74660](7c74660)) * factorise the verification code in a function ([8e28af9](8e28af9)) * fix error handling when no npm token is defined ([a548415](a548415)) * fix typo in error message ([18a4d64](18a4d64)) * format `package.json` and `npm-shrinkwrap.json` as `npm` ([da718a3](da718a3)) * get tarball name as last line from stdout ([cec8078](cec8078)) * Honor NPM_CONFIG_USERCONFIG setting ([932ea5e](932ea5e)) * Honor NPM_CONFIG_USERCONFIG setting ([1395b18](1395b18)) * improve error message text for npm tokens ([semantic-release#323](https://github.com/electroluxcode/npm/issues/323)) ([88e5862](88e5862)) * include version in npm release URL ([827fcb3](827fcb3)) * log the output of `npm whoami` command ([cd1ecaa](cd1ecaa)) * log the path of existing `.npmrc` files ([a0120d2](a0120d2)) * **normalize-url:** upgraded to the latest version ([b55bb01](b55bb01)) * **package:** pin npm to 6.5.0 ([ddab7b7](ddab7b7)) * **package:** pin npm to 6.5.0 ([d506b9a](d506b9a)) * **package:** update aggregate-error to version 2.0.0 ([df53298](df53298)) * **package:** update aggregate-error to version 2.0.0 ([8386664](8386664)) * **package:** update aggregate-error to version 3.0.0 ([3e0d5d0](3e0d5d0)) * **package:** update aggregate-error to version 3.0.0 ([46ec5ee](46ec5ee)) * **package:** update execa to version 0.10.0 ([f92254f](f92254f)) * **package:** update execa to version 0.11.0 ([b2dd3d7](b2dd3d7)) * **package:** update execa to version 0.9.0 ([a39db0e](a39db0e)) * **package:** update execa to version 1.0.0 ([746f734](746f734)) * **package:** update execa to version 2.0.0 ([9498e21](9498e21)) * **package:** update execa to version 2.0.2 ([d2932ba](d2932ba)) * **package:** update execa to version 2.0.2 ([2a45e25](2a45e25)) * **package:** update execa to version 3.0.0 ([b1780c1](b1780c1)) * **package:** update execa to version 3.2.0 ([7db019f](7db019f)) * **package:** update execa to version 4.0.0 ([d97dee5](d97dee5)) * **package:** update fs-extra to version 5.0.0 ([78c201f](78c201f)) * **package:** update fs-extra to version 6.0.0 ([e9d0db5](e9d0db5)) * **package:** update fs-extra to version 7.0.0 ([14f9d11](14f9d11)) * **package:** update fs-extra to version 8.0.0 ([bf603e5](bf603e5)) * **package:** update fs-extra to version 8.0.0 ([8288c24](8288c24)) * **package:** update fs-extra to version 9.0.0 ([67a3109](67a3109)) * **package:** update node requirement to 8.3 ([c2c59ab](c2c59ab)) * **package:** update normalize-url to version 3.0.0 ([d12b00b](d12b00b)) * **package:** update normalize-url to version 4.0.0 ([ee787b4](ee787b4)) * **package:** update normalize-url to version 5.0.0 ([a554580](a554580)) * **package:** update npm to version 6.8.0 ([2b0492e](2b0492e)) * **package:** update npm to version 6.8.0 ([62b27c5](62b27c5)) * **package:** update read-pkg to version 4.0.0 ([1e21691](1e21691)) * **package:** update read-pkg to version 5.0.0 ([877ce40](877ce40)) * **package:** update read-pkg to version 5.0.0 ([d03aff2](d03aff2)) * **package:** update registry-auth-token to version 4.0.0 ([2868b2c](2868b2c)) * **package:** update registry-auth-token to version 4.0.0 ([9a6176d](9a6176d)) * **package:** update semver to version 6.3.0 ([c515862](c515862)) * **package:** update semver to version 7.1.2 ([a58b30b](a58b30b)) * **package:** update tempy to version 0.4.0 ([4874bf6](4874bf6)) * **package:** update tempy to version 0.5.0 ([6ffff19](6ffff19)) * **package:** update vulnerable dependencies ([semantic-release#185](https://github.com/electroluxcode/npm/issues/185)) ([a96c6da](a96c6da)) * **package:** update vulnerable dependencies ([semantic-release#185](https://github.com/electroluxcode/npm/issues/185)) ([c663276](c663276)) * Pass registry URL to `npm` CLI with `--registry` ([187b823](187b823)) * preserve `package.json` and `npm-shrinkwrap.json` formatting ([abcc70b](abcc70b)) * preserve config in both home and local `.npmrc` ([de677ea](de677ea)) * **README:** correct docs on authentication ([semantic-release#413](https://github.com/electroluxcode/npm/issues/413)) ([f089d9d](f089d9d)) * remove support for legacy auth ([51ab3c8](51ab3c8)) * remove unecessary `Buffer.from` in `lib/set-npmrc-auth.js` ([d79b865](d79b865)) * require Node.js >=8.16 ([fce3a67](fce3a67)) * return `false` if the npm publish is skipped ([4a41228](4a41228)) * return `false` if the npm publish is skipped ([45890fd](45890fd)) * return `false` in `addChannel` if package is not published on npm ([5434bab](5434bab)) * Return `undefined` when no version is found ([b78535e](b78535e)) * revert to execa `^1.0.0` ([6f40669](6f40669)) * **revert): "fix(deps:** update dependency npm to v9" ([semantic-release#561](https://github.com/electroluxcode/npm/issues/561)) ([c28a848](c28a848)) * skip auth verification when skipping publish to registry ([1e612b6](1e612b6)) * skip npm auth verification if npmPublish is false ([4cd5cd7](4cd5cd7)) * skip tarball move if config is `cwd` ([a224497](a224497)) * skip tarball move if config is `cwd` ([a457fdc](a457fdc)) * stream command output to `stdout` and `stderr` ([5951b30](5951b30)) * **tempy:** upgraded to the latest version of tempy ([f1992a5](f1992a5)) * update required node and npm version ([semantic-release#273](https://github.com/electroluxcode/npm/issues/273)) ([493fbad](493fbad)) * updated the peer requirement for `semantic-release` to the new stable version ([575a5a4](575a5a4)) * updated the peer requirement on `semantic-release` to a version matching the engines definition of this package ([2d1f5f2](2d1f5f2)) * upgrade npm dependency to v8 ([a12d6e5](a12d6e5)) * use `logger` instead of writing on `stdout` ([0b9688a](0b9688a)) * use correct peerDependencies for semantic-release ([8b47e7b](8b47e7b)) * use NPM_CONFIG_USERCONFIG in get-registry to match auth ([semantic-release#362](https://github.com/electroluxcode/npm/issues/362)) ([13200ca](13200ca)) * validate only known options ([648b21b](648b21b)) * verify authentication for default npm registry only ([8cb4c04](8cb4c04)) ### chore * require Node.js >=10.18 ([8140f0f](8140f0f)) ### Code Refactoring * **esm:** converted the package to esm ([2d8ff15](2d8ff15)) ### Features * add `addChannel` plugin step ([fb96126](fb96126)) * add `details` to error messages ([b14d34d](b14d34d)) * Add `npmPublish` and `tarballDir` options ([d04a9b0](d04a9b0)) * add `pkgRoot` option to publish a sub-directory ([e36a56b](e36a56b)) * add dependency to `npm` ([b180a95](b180a95)) * add npm version hook ([8f3d6f9](8f3d6f9)) * allow to configure the registry via `NPM_CONFIG_REGISTRY` ([0126704](0126704)) * branch trigger ([2e2c0a7](2e2c0a7)) * ci ([1238cd9](1238cd9)) * **exports:** defined `exports` to point at ./index.js ([9e193c2](9e193c2)) * Initial release ([55c1014](55c1014)) * log npm CLI output to `stdout`/`stderr` ([c8e2ba4](c8e2ba4)) * **node-version:** raised the minimum required version to v14.17 ([semantic-release#387](https://github.com/electroluxcode/npm/issues/387)) ([semantic-release#399](https://github.com/electroluxcode/npm/issues/399)) ([f65e49d](f65e49d)) * **node-versions:** dropped support for node v18 and v19 ([2df962b](2df962b)) * **node-versions:** dropped support for node versions below v18 ([aff3574](aff3574)) * **node-versions:** raised the minimum required node version to v18.17 and dropped v19 support ([6413130](6413130)) * preserve indetentation and newline type of package.json ([bd74f54](bd74f54)) * preserve local `.npmrc` file ([8726eff](8726eff)) * Read package.json file instead using the one passed by semantic-release ([8565d9d](8565d9d)) * remove `getLastRelease` hook ([9383a98](9383a98)) * require Node.js >=10.13 ([6426458](6426458)) * require Node.js >=8.15 ([4caf538](4caf538)) * retrieve gitHead from git tag if it's missing from the npm metadata ([cf039fd](cf039fd)) * return all errors ([e611dad](e611dad)) * Return async functions ([2058e9e](2058e9e)) * return release informations from `publish` hook ([755356b](755356b)) * **semantic-release-peer:** raised the minimum peer requirement to the first version that supports loading esm plugins ([22e70ad](22e70ad)) * skip publising if the `package.json` `private` prop is `true` ([7052c9f](7052c9f)) * support `nextRelease.channel` property in `publish` step ([b8deba7](b8deba7)) * Support legacy authentication ([5fb0b09](5fb0b09)) * update `package.json` with `npm version` ([e8fe729](e8fe729)) * update package.json and create tarball in `prepare` hook ([f7b73e5](f7b73e5)) * update version in `package-lock.json` ([0f774fc](0f774fc)) * url trigger ([31bdeeb](31bdeeb)) * use `cwd` and `env` options passed by core ([f2e30c7](f2e30c7)) * Use always-auth from .npmrc ([b0635c3](b0635c3)), closes [semantic-release#6](https://github.com/electroluxcode/npm/issues/6) * use npm v7 ([semantic-release#304](https://github.com/electroluxcode/npm/issues/304)) ([a15c017](a15c017)) * verify `package.json` has a `version` property ([3c975df](3c975df)) ### Reverts * Revert "chore(deps): update dependency p-retry to v5 ([semantic-release#424](https://github.com/electroluxcode/npm/issues/424))" ([semantic-release#425](https://github.com/electroluxcode/npm/issues/425)) ([df11027](df11027)) ### BREAKING CHANGES * **exports:** `exports` has been defined, which prevents access to private apis (which arent intended for consumption anyway) * **node-versions:** node v18 and v19 are no longer supported * **node-versions:** node v18.17 is now the minimum required version and support for v19 has been dropped * **deps:** the direct dependency on npm has been upgraded to v9. details of breaking changes can be found at https://github.com/npm/cli/releases/tag/v9.0.0 * **semantic-release-peer:** the required version of semantic-release has been raised to v20.1.0 in order to support loading of ESM plugins * **aggregate-error:** due to the aggregate-error upgrade, thrown errors are no longer iterable, but instead list the errors under an `errors` property * legacy authentication using `NPM_USERNAME` and `NPM_PASSWORD` is no longer supported. Use `NPM_TOKEN` instead. * **node-versions:** node v18 is now the minimum required node version * **esm:** `@semantic-release/npm` is now a native ES Module. It has named exports for each plugin hook (`verifyConditions`, `prepare`, `publish`, `addChannel`) * the minimum required peer of `semantic-release` has been raised to match the `engines.node` requirements of this package * npm v8 dropped support for node v15, so it is no longer supported in this plugin. this should be low impact since node v15 is already EOL Co-authored-by: Matt Travi <[email protected]> * **node-version:** the minimum required version of node is now v14.17 Co-authored-by: Matt Travi <[email protected]> * Require Node.js >= 10.18 * Require Node.js >= 10.13 * Require Node.js => 8.15 * require `semantic-release` >= `15.9.0` * require `semantic-release` >= `15.8.0` * The `getLastRelease` hook is removed The plugin is compatible only with `[email protected]` and above. * Return async functions instead of functions calling a callback
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^8.0.0->^9.0.0Release Notes
sindresorhus/read-pkg (read-pkg)
v9.0.0Compare Source
Breaking
c7aa6cdConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.