Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: upgrade npm to 8.3.0 #41127

Closed
wants to merge 1 commit into from
Closed

deps: upgrade npm to 8.3.0 #41127

wants to merge 1 commit into from

Conversation

npm-robot
Copy link
Contributor

v8.3.0 (2021-12-09)

Features

Bug Fixes

Documentation

Dependencies

  • e1da1fa4b #4141 deps: @npmcli/arborist@4.1.1: parse-conflict-json@2.0.1
    • Fixes object property assignment bug in resolving package-locks with
      conflicts
  • 1d8bec566 #4144 #3884 deps: minipass@3.1.6
    • fixes some TAR_ENTRY_INVALID and Z_DATA_ERROR errors

@nodejs-github-bot nodejs-github-bot added dont-land-on-v12.x fast-track PRs that do not need to wait for 48 hours to land. needs-ci PRs that need a full CI run. npm Issues and PRs related to the npm client dependency or the npm registry. labels Dec 9, 2021
@github-actions
Copy link
Contributor

github-actions bot commented Dec 9, 2021

Fast-track has been requested by @nodejs-github-bot. Please 👍 to approve.

Copy link
Member

@Trott Trott left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rubber-stamp LGTM

@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

@lpinca lpinca added the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 12, 2021
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 12, 2021
@nodejs-github-bot
Copy link
Collaborator

Commit Queue failed
- Loading data for nodejs/node/pull/41127
✔  Done loading data for nodejs/node/pull/41127
----------------------------------- PR info ------------------------------------
Title      deps: upgrade npm to 8.3.0 (#41127)
   ⚠  Could not retrieve the email or name of the PR author's from user's GitHub profile!
Branch     npm-robot:npm-8.3.0 -> nodejs:master
Labels     npm, fast-track, needs-ci, dont-land-on-v12.x, dont-land-on-v14.x, lts-watch-v16.x
Commits    1
 - deps: upgrade npm to 8.3.0
Committers 1
 - npm team 
PR-URL: https://github.com/nodejs/node/pull/41127
Fixes: https://github.com/dont
Fixes: https://github.com/redact
Reviewed-By: Rich Trott 
Reviewed-By: Luigi Pinca 
Reviewed-By: Colin Ihrig 
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/41127
Fixes: https://github.com/dont
Fixes: https://github.com/redact
Reviewed-By: Rich Trott 
Reviewed-By: Luigi Pinca 
Reviewed-By: Colin Ihrig 
--------------------------------------------------------------------------------
   ℹ  This PR was created on Thu, 09 Dec 2021 21:20:23 GMT
   ✔  Approvals: 3
   ✔  - Rich Trott (@Trott) (TSC): https://github.com/nodejs/node/pull/41127#pullrequestreview-828411592
   ✔  - Luigi Pinca (@lpinca): https://github.com/nodejs/node/pull/41127#pullrequestreview-828546185
   ✔  - Colin Ihrig (@cjihrig) (TSC): https://github.com/nodejs/node/pull/41127#pullrequestreview-828931674
   ℹ  This PR is being fast-tracked
   ✔  Last GitHub Actions successful
   ℹ  Last Full PR CI on 2021-12-10T14:52:57Z: https://ci.nodejs.org/job/node-test-pull-request/41448/
- Querying data for job/node-test-pull-request/41448/
   ✔  Last Jenkins CI successful
--------------------------------------------------------------------------------
   ✔  No git cherry-pick in progress
   ✔  No git am in progress
   ✔  No git rebase in progress
--------------------------------------------------------------------------------
- Bringing origin/master up to date...
From https://github.com/nodejs/node
 * branch                  master     -> FETCH_HEAD
✔  origin/master is now up-to-date
- Downloading patch for 41127
From https://github.com/nodejs/node
 * branch                  refs/pull/41127/merge -> FETCH_HEAD
✔  Fetched commits as 12e3c74e2edf..62e842784398
--------------------------------------------------------------------------------
[master d2e7d10030] deps: upgrade npm to 8.3.0
 Author: npm team 
 Date: Thu Dec 9 21:20:18 2021 +0000
 39 files changed, 1077 insertions(+), 109 deletions(-)
 create mode 100644 deps/npm/node_modules/@npmcli/arborist/lib/override-set.js
 create mode 100644 deps/npm/node_modules/just-diff-apply/index.mjs
 create mode 100644 deps/npm/node_modules/just-diff-apply/rollup.config.js
 create mode 100644 deps/npm/node_modules/just-diff/index.mjs
 create mode 100644 deps/npm/node_modules/just-diff/rollup.config.js
 delete mode 100644 deps/npm/node_modules/parse-conflict-json/LICENSE
 create mode 100644 deps/npm/node_modules/parse-conflict-json/LICENSE.md
 rename deps/npm/node_modules/parse-conflict-json/{ => lib}/index.js (74%)
   ✔  Patches applied
--------------------------------------------------------------------------------
--------------------------------- New Message ----------------------------------
deps: upgrade npm to 8.3.0

PR-URL: #41127
Fixes: https://github.com/dont
Fixes: https://github.com/redact
Reviewed-By: Rich Trott rtrott@gmail.com
Reviewed-By: Luigi Pinca luigipinca@gmail.com
Reviewed-By: Colin Ihrig cjihrig@gmail.com

[master ceec196fe2] deps: upgrade npm to 8.3.0
Author: npm team ops+robot@npmjs.com
Date: Thu Dec 9 21:20:18 2021 +0000
39 files changed, 1077 insertions(+), 109 deletions(-)
create mode 100644 deps/npm/node_modules/@npmcli/arborist/lib/override-set.js
create mode 100644 deps/npm/node_modules/just-diff-apply/index.mjs
create mode 100644 deps/npm/node_modules/just-diff-apply/rollup.config.js
create mode 100644 deps/npm/node_modules/just-diff/index.mjs
create mode 100644 deps/npm/node_modules/just-diff/rollup.config.js
delete mode 100644 deps/npm/node_modules/parse-conflict-json/LICENSE
create mode 100644 deps/npm/node_modules/parse-conflict-json/LICENSE.md
rename deps/npm/node_modules/parse-conflict-json/{ => lib}/index.js (74%)
✖ ceec196fe284e11b5f6870f56099d94d9f0bd1b3
✖ 2:7 Fixes must be a GitHub URL. fixes-url
✖ 3:7 Fixes must be a GitHub URL. fixes-url
✔ 0:0 blank line after title line-after-title
✔ 0:0 line-lengths are valid line-length
✔ 0:0 metadata is at end of message metadata-end
✔ 1:8 PR-URL is valid. pr-url
✔ 0:0 reviewers are valid reviewers
✔ 0:0 valid subsystems subsystem
✔ 0:0 Title is formatted correctly. title-format
✔ 0:0 Title is <= 50 columns. title-length
ℹ Please fix the commit message and try again.

https://github.com/nodejs/node/actions/runs/1570236431

@nodejs-github-bot nodejs-github-bot added the commit-queue-failed An error occurred while landing this pull request using GitHub Actions. label Dec 12, 2021
lpinca pushed a commit that referenced this pull request Dec 12, 2021
PR-URL: #41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
@lpinca
Copy link
Member

lpinca commented Dec 12, 2021

Landed in 0f5aedb.

@lpinca lpinca closed this Dec 12, 2021
danielleadams pushed a commit that referenced this pull request Dec 13, 2021
PR-URL: #41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
danielleadams pushed a commit that referenced this pull request Dec 14, 2021
PR-URL: #41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
danielleadams added a commit that referenced this pull request Dec 14, 2021
Notable changes:

* lib:
  * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
  * upgrade npm to 8.3.0 (npm team) #41127
* doc:
  * add @bnb as a collaborator (Tierney Cyren) #41100
* timers:
  * add experimental scheduler api (James M Snell) #40909
danielleadams added a commit that referenced this pull request Dec 14, 2021
Notable changes:

* lib:
  * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
  * upgrade npm to 8.3.0 (npm team) #41127
* doc:
  * add @bnb as a collaborator (Tierney Cyren) #41100
* timers:
  * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
danielleadams added a commit that referenced this pull request Dec 14, 2021
Notable changes:

* lib:
  * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
  * upgrade npm to 8.3.0 (npm team) #41127
* doc:
  * add @bnb as a collaborator (Tierney Cyren) #41100
* timers:
  * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
danielleadams added a commit that referenced this pull request Dec 16, 2021
OpenSSL-3.0.1:

OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt.

Contributed by Richarad Lau #41177

Other Notable Changes:

* lib:
  * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
  * upgrade npm to 8.3.0 (npm team) #41127
* doc:
  * add @bnb as a collaborator (Tierney Cyren) #41100
* process:
  * add `getActiveResourcesInfo()` (Darshan Sen) #40813
* timers:
  * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
danielleadams added a commit that referenced this pull request Dec 16, 2021
OpenSSL-3.0.1:

OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt.

Contributed by Richard Lau #41177

Other Notable Changes:

* lib:
  * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
  * upgrade npm to 8.3.0 (npm team) #41127
* doc:
  * add @bnb as a collaborator (Tierney Cyren) #41100
* process:
  * add `getActiveResourcesInfo()` (Darshan Sen) #40813
* timers:
  * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
danielleadams added a commit that referenced this pull request Dec 16, 2021
OpenSSL-3.0.1:

OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt.

Contributed by Richard Lau #41177

Other Notable Changes:

* lib:
  * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
  * upgrade npm to 8.3.0 (npm team) #41127
* doc:
  * add @bnb as a collaborator (Tierney Cyren) #41100
* process:
  * add `getActiveResourcesInfo()` (Darshan Sen) #40813
* timers:
  * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
danielleadams added a commit that referenced this pull request Dec 17, 2021
OpenSSL-3.0.1:

OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors
in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js.
More information can be read here: https://www.openssl.org/news/secadv/20211214.txt.

Contributed by Richard Lau #41177

Other Notable Changes:

* lib:
    * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
    * upgrade npm to 8.3.0 (npm team) #41127
* doc:
    * add @bnb as a collaborator (Tierney Cyren) #41100
* process:
    * add `getActiveResourcesInfo()` (Darshan Sen) #40813
* timers:
    * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
danielleadams added a commit that referenced this pull request Dec 17, 2021
OpenSSL-3.0.1:

OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors
in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js.
More information can be read here: https://www.openssl.org/news/secadv/20211214.txt.

Contributed by Richard Lau #41177

Other Notable Changes:

* lib:
    * make AbortSignal cloneable/transferable (James M Snell) #41050
* deps:
    * upgrade npm to 8.3.0 (npm team) #41127
* doc:
    * add @bnb as a collaborator (Tierney Cyren) #41100
* process:
    * add `getActiveResourcesInfo()` (Darshan Sen) #40813
* timers:
    * add experimental scheduler api (James M Snell) #40909

PR-URL: #41167
Copy link

@cornbread78 cornbread78 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cornbread78 or Christopher Allen Corbett

danielleadams pushed a commit that referenced this pull request Jan 31, 2022
PR-URL: #41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
danielleadams pushed a commit that referenced this pull request Jan 31, 2022
PR-URL: #41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Linkgoron pushed a commit to Linkgoron/node that referenced this pull request Jan 31, 2022
PR-URL: nodejs#41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Linkgoron pushed a commit to Linkgoron/node that referenced this pull request Jan 31, 2022
OpenSSL-3.0.1:

OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors
in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js.
More information can be read here: https://www.openssl.org/news/secadv/20211214.txt.

Contributed by Richard Lau nodejs#41177

Other Notable Changes:

* lib:
    * make AbortSignal cloneable/transferable (James M Snell) nodejs#41050
* deps:
    * upgrade npm to 8.3.0 (npm team) nodejs#41127
* doc:
    * add @bnb as a collaborator (Tierney Cyren) nodejs#41100
* process:
    * add `getActiveResourcesInfo()` (Darshan Sen) nodejs#40813
* timers:
    * add experimental scheduler api (James M Snell) nodejs#40909

PR-URL: nodejs#41167
danielleadams pushed a commit that referenced this pull request Feb 1, 2022
PR-URL: #41127
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
@danielleadams danielleadams mentioned this pull request Feb 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
commit-queue-failed An error occurred while landing this pull request using GitHub Actions. fast-track PRs that do not need to wait for 48 hours to land. needs-ci PRs that need a full CI run. npm Issues and PRs related to the npm client dependency or the npm registry.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

7 participants