[Snyk] Upgrade npm from 8.0.0 to 8.1.3 #305

snyk-bot · 2021-12-06T16:40:49Z

Snyk has created this PR to upgrade npm from 8.0.0 to 8.1.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 4 versions ahead of your current version.
The recommended version was released a month ago, on 2021-11-04.

Release notes

Package name: npm

8.1.3 - 2021-11-04
v8.1.3 (2021-11-04)

BUG FIXES
- 8ffeb71df #3959 fix: refactor commands (@ wraithgar)
- e5bfdaca4 #3978 fix: shrinkwrap setting incorrect lockfileVersion (@ lukekarrys)
- 32ccd3c27 #3988 fix: remove usage of unnecessary util.promisify (@ lukekarrys)
- 1e9c31c4e #3994 fix: npm help on windows (@ wraithgar)
- 22230ef3d #3987 fix: make prefixed usage errors more consistent (@ lukekarrys)
DEPENDENCIES
- ac2fabb86 #3990 @ npmcli/arborist@4.0.4
  - fix: don't compare spec for local dep vs existing
  - fix: stop pruning peerSets when entryEdge is from a workspace
- a0d35ff20 #3996 @ npmcli/config@2.3.1:
  - fix: dont load project configs in global mode
8.1.2 - 2021-10-28
BUG FIXES
- cb9f43551 #3949 allow --lockfile-version config to be string and coerce to number (@ lukekarrys)
- 070901d7a #3943 fix(publish): clean args before logging (@ wraithgar)
DEPENDENCIES
- 8af94726b #3953 arborist@4.0.3
  - 38cee94 #340 fix: set lockfileVersion from file during reset
  - d310bd3 #339 fix: always set originalLockfileVersion when doing shrinkwrap reset
8.1.1 - 2021-10-21
v8.1.1 (2021-10-21)

DEPENDENCIES
- 51fb83ce9 #3921 @ npmcli/arborist@4.0.2:
  - fix: skip peer conflict check if there is a current node
- 1d07f2187 #3913 node-gyp@8.3.0:
  - feat(gyp): update gyp to v0.10.0
8.1.0 - 2021-10-14
v8.1.0 (2021-10-14)

FEATURES
- 24273a862 #3890 feat(workspaces): add --include-workspace-root and explicit --no-workspaces (@ fritzy)
- d559d6da8 #3880 feat(config): Add --lockfile-version config option (@ isaacs)
DEPENDENCIES
- ae4bf013d#3883 pacote@12.0.2:
  - fix: preserve git+ssh url for non-hosted repos
  - deps: update npm-packlist@3.0.0
  - fix: no longer include ignored bundled link deps
- fbc5a3d08 #3889 @ npmcli/ci-detect@1.4.0
- b6bc279e5 #3893 @ npmcli/arborist@4.0.1
- 0f69d295b #3893 @ npmcli/map-workspaces@2.0.0
DOCUMENTATION
- f77932ca1 #3861 fix(docs): Update Node support in README (@ gfyoung)
- a190f422a #3878 fix(docs): grammar fix (@ XhmikosR)
8.0.0 - 2021-10-07
v8.0.0 (2021-10-07)

The purpose of this release is to drop support for old node versions and
to remove support for require('npm'). There are no other breaking
changes.

BREAKING CHANGES
- Drop support for node 10 and 11
- Raise support ceiling in node 12 and 14 to LTS (^12.13.0/^14.15.0)
- Drop support to require('npm')
- Update subdependencies that also dropped node10 support
DEPENDENCIES
- The following dependencies were updated to drop node10 support and
  update to the latest node-gyp
  - libnpmversion@2.0.1
  - pacote@12.0.0
  - libnpmpack@3.0.0
  - @ npmcli/arborist@3.0.0
  - libnpmfund@2.0.0
  - libnpmexec@3.0.0
  - node-gyp@8.2.0
  - 8bd85cdae #3813 cli-columns@4.0.0

from npm GitHub release notes

Commit messages

Package name: npm

de45f90 8.1.3
b651001 docs: changelog for v8.1.3
22230ef fix: make prefixed usage errors more consistent
a0d35ff deps: @ npmcli/config@2.3.1
1e9c31c fix(help|edit): use npm.exec, use file:///
cad9bc7 chore: lint previously ignored files
ac2fabb deps: @ npmcli/arborist@4.0.4
32ccd3c chore: remove usage of unnecessary util.promisify
c640957 chore: dont flag node_modules or package-lock as generated
e5bfdac fix: shrinkwrap setting incorrect lockfileVersion
8ffeb71 chore: refactor commands
85d5919 chore: update issue template env with npm config
2b5d014 chore(ci): update setup-node action to v2 and enable cache
f7a8118 chore: limit CI builds
ef45b7b chore: add latest npm check to bug template
2c64215 8.1.2
f09c21d update AUTHORS
ee10604 docs: changelog for v8.1.2
8af9472 deps: arborist@4.0.3
070901d fix(publish): clean args before logging
cb9f435 fix: allow `--lockfile-version` config to be string and coerce to number
62c7315 8.1.1
33686fd update AUTHORS
65d4100 docs: changelog for v8.1.1

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade npm from 8.0.0 to 8.1.3. See this package in npm: https://www.npmjs.com/package/npm See this project in Snyk: https://app.snyk.io/org/tosh.koevoets/project/9d6a8206-fd8c-4886-bb42-d1b06e7431c7?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade npm from 8.0.0 to 8.1.3 #305

[Snyk] Upgrade npm from 8.0.0 to 8.1.3 #305

snyk-bot commented Dec 6, 2021

v8.1.3 (2021-11-04)

BUG FIXES

DEPENDENCIES

BUG FIXES

DEPENDENCIES

v8.1.1 (2021-10-21)

DEPENDENCIES

v8.1.0 (2021-10-14)

FEATURES

DEPENDENCIES

DOCUMENTATION

v8.0.0 (2021-10-07)

BREAKING CHANGES

DEPENDENCIES

[Snyk] Upgrade npm from 8.0.0 to 8.1.3 #305

Are you sure you want to change the base?

[Snyk] Upgrade npm from 8.0.0 to 8.1.3 #305

Conversation

snyk-bot commented Dec 6, 2021

Snyk has created this PR to upgrade npm from 8.0.0 to 8.1.3.

v8.1.3 (2021-11-04)

BUG FIXES

DEPENDENCIES

BUG FIXES

DEPENDENCIES

v8.1.1 (2021-10-21)

DEPENDENCIES

v8.1.0 (2021-10-14)

FEATURES

DEPENDENCIES

DOCUMENTATION

v8.0.0 (2021-10-07)

BREAKING CHANGES

DEPENDENCIES