Bump npm from 6.14.10 to 7.6.0 in /npm #40

dependabot · 2021-03-01T00:16:05Z

Bumps npm from 6.14.10 to 7.6.0.

Release notes

v7.5.6 (2021-02-22

BUG FIXES

4e58274ed #2742 Do not print error banner for shell proxy commands (@isaacs)

DOCS

3c72ab441 #2749 Capitalize Package in a Heading (@MrBrain295)

DEPENDENCIES

f3ae6ed0d read-package-json@3.0.1, read-package-json-fast@2.0.2

9b311fe52 #2736 @npmcli/arborist@2.2.4:

Do not rely on underscore fields in package.json files

Do not remove global packages when updating by name

Keep yarn.lock and package-lock.json more in sync

v7.5.5 (2021-02-22)

BUG FIXES

49c95375a #2688 fix shrinkwrap in node v10.0 (@ljharb)

00afa3161 #2718 restore the prefix on output from npm version <inc> (@nlf)

69e0c4e8c #2716 throw an error when trying to dedupe in global mode (@nlf)

b018eb842 #2719 obey silent loglevel in run-script (@wraithgar)

DEPENDENCIES

8c36697df @npmcli/arborist@2.2.3

#1875 arborist#230 Set default advisory severity/vulnerable_range when missing from audit endpoint data (@isaacs)

npm/arborist#231 skip optional deps with mismatched platform or engine (@nlf)

#2251 Unpack shrinkwrapped deps not already unpacked (@isaacs, @nlf)

#2714 Do not write package.json if nothing changed (@isaacs)

npm/rfcs#324 Prefer peer over prod dep, if both specified (@isaacs)

npm/arborist#236 Fix additional peerOptional conflict cases (@isaacs)

d865b101f libnpmpack@2.0.1

respect silent loglevel

e606953e5 libnpmversion@1.0.11

respect silent loglevel

9c51005a1 npm-package-arg@8.1.1

do a better job of detecting git specifiers like git@github.com:npm/cli

8b6bf0db4 pacote@11.2.7

respect silent loglevel

fix INVALID_URL errors for certain git dependencies

TESTS

80c2ac995 #2717 refactor publish tests (@wraithgar)

9d81e0ceb #2729 fix typo in shrinkwrap tests (@eltociear)

DOCUMENTATION

... (truncated)

Changelog

Sourced from npm's changelog.

v7.6.0 (2021-02-25)

FEATURES

983d218f7 #2750 feat(explain): mark when dependency is bundled (@kumavis)

DEPENDENCIES

b9fa7e32a chore(package-lock): resetdeps and eslint@7.20.0 (@wraithgar)

28d036ae9 arborist@2.2.5

fix: hidden lockfiles were not respected on Node v10.0-10.12

DOCUMENTATION

ba1adef42 #2760 chore(docs): capitalize all Instaces of "package" (@MrBrain295)

8bfa05fa1 #2775 chore(docs): add navigation configuration (@ethomson)

238e474a4 #2778 chore(docs):update unpublish cooldown (@christoflemke)

v7.5.6 (2021-02-22)

BUG FIXES

4e58274ed #2742 Do not print error banner for shell proxy commands (@isaacs)

DOCS

3c72ab441 #2749 Capitalize Package in a Heading (@MrBrain295)

DEPENDENCIES

... (truncated)

Commits

0c881fc 7.6.0
a1c6a15 update AUTHORS
12c57c7 docs: changelog for v7.6.0
7906410 fix(test): update hidden package-lock mtime in ls
bb2f4b3 chore(docs):update unpublish cooldown
e45242c chore(docs): add navigation configuration
b7e37f6 chore(docs): capitalize all Instaces of "package"
113b131 chore(refactor): promisify completion scripts
881a855 feat(explain): mark when dependency is bundled
28d036a arborist@2.2.5
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gar, a new releaser for npm since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [npm](https://github.com/npm/cli) from 6.14.10 to 7.6.0. - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md) - [Commits](npm/cli@v6.14.10...v7.6.0) Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2021-03-08T00:14:31Z

Superseded by #43.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 1, 2021

dependabot bot mentioned this pull request Mar 1, 2021

Bump npm from 6.14.10 to 7.5.4 in /npm #33

Closed

dependabot bot closed this Mar 8, 2021

dependabot bot deleted the dependabot/npm_and_yarn/npm/npm-7.6.0 branch March 8, 2021 00:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump npm from 6.14.10 to 7.6.0 in /npm #40

Bump npm from 6.14.10 to 7.6.0 in /npm #40

dependabot bot commented on behalf of github Mar 1, 2021

dependabot bot commented on behalf of github Mar 8, 2021

Bump npm from 6.14.10 to 7.6.0 in /npm #40

Bump npm from 6.14.10 to 7.6.0 in /npm #40

Conversation

dependabot bot commented on behalf of github Mar 1, 2021

v7.5.6 (2021-02-22

BUG FIXES

DOCS

DEPENDENCIES

v7.5.5 (2021-02-22)

BUG FIXES

DEPENDENCIES

TESTS

DOCUMENTATION

v7.6.0 (2021-02-25)

FEATURES

DEPENDENCIES

DOCUMENTATION

v7.5.6 (2021-02-22)

BUG FIXES

DOCS

DEPENDENCIES

dependabot bot commented on behalf of github Mar 8, 2021