[Snyk] Upgrade libnpmexec from 3.0.3 to 7.0.8 #29

jj-crypto · 2024-04-05T03:09:48Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade libnpmexec from 3.0.3 to 7.0.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 55 versions ahead of your current version.
The recommended version was released a month ago, on 2024-02-28.

Release notes

Package name: libnpmexec

7.0.8 - 2024-02-28
7.0.8 (2020-11-03)

DOCUMENTATION
- 052e977b9 #1822 #1247 add section on peerDependenciesMeta field in package.json (@ foxxyz)
- 52d32d175 #1970 match npm-exec.md -p usage with lib/exec.js (@ dr-js)
- 48ee8d01e #2096 Fix RFC links in changelog (@ jtojnar)
BUG FIXES
- 6cd3cd08a Support all conf keys in publishConfig
- a1f9be8a7 #2074 Support publishing any kind of spec, not just directories
DEPENDENCIES
- 545382df6 libnpmpublish@4.0.0:
  - Support publishing things other than folders
- 7d88f1719 npm-registry-fetch@9.0.0
- 823b40a4e pacote@11.1.12
- 90bf57826 npm-profile@5.0.2
- e5a413577 libnpmteam@2.0.2
- fc5aa7b4a libnpmsearch@3.0.1
- 9fc1dee13 libnpmorg@2.0.1
- 0ea870ec5 libnpmhook@6.0.1
- 32fd744ea libnpmaccess@4.0.1
- fc76f3d9f @ npmcli/arborist@1.0.8
  - Fix cannot read property 'description' of undefined in npm ls when package-lock.json is corrupted
  - Do not allow peerDependencies to be nested under dependents in any circumstances
  - Always resolve peerDependencies in --prefer-dedupe mode
7.0.7 - 2024-01-24
7.0.7 (2020-10-30)

BUG FIXES
- 3990b422d #2067 use sh as default unix shell, not bash (@ isaacs)
- 81d6ceef6 #1975 fix npm exec on folders missing package.json (@ ruyadorno)
- 2a680e91a #2083 delete the contents of node_modules only in npm ci (@ nlf)
- 2636fe1f4 #2086 disable banner output if loglevel is silent in npm run-script (@ macno)
DEPENDENCIES
- 4156f053e @ npmcli/run-script@1.7.4
  - restore the default npm start script
- 1900ae9ad @ npmcli/promise-spawn@1.3.2
  - fix errors when processing scripts as root
- 8cb0c166c @ npmcli/arborist@1.0.6
  - make sure missing bin links get set on reify
7.0.6 - 2024-01-10
7.0.6 (2020-10-27)

BUG FIXES
- 46c7f792a #2047 #1935 skip the prompt when in a known ci environment (@ nlf)
- f8f6e1fad #2049 properly remove pycache in release script (@ MylesBorins)
- 5db95b393 #2050 pack: do not show individual files of bundled deps (@ isaacs)
- 3ee8f3b34 #2051 view: Better errors when package.json is not JSON (@ isaacs)
DEPENDENCIES
- 99ae633f6 libnpmversion@1.0.6
  - respect gitTagVersion = false
- d4173f58d @ npmcli/promise-spawn@1.3.1
  - do not return empty buffer when stdio is inherited
  - attach child process to returned promise
- c09380fa5 @ npmcli/run-script@1.7.3
  - forward SIGINT and SIGTERM to children that inherit stdio
- b154861ad @ npmcli/arborist@1.0.5
- ffea6596b agent-base@6.0.2
  - support http proxy for https registries
7.0.5 - 2023-12-06
7.0.5 (2020-10-23)
- 77ad86b5e Merge docs deps with main project
7.0.4 - 2023-11-15
7.0.4 (2020-10-23)

DOCUMENTATION
- cc026daf8 docs: npm-dedupe through npm-install
- aec77acf8 #1915 use "dockhand" for faster static documentation generation (@ ethomson)
- aeb10d210 #2024 Fix post-install script name (@ irajtaghlidi)
BUG FIXES
- 59e8dd6c6 #2015 #2016 Properly set npm_command environment variable.
TESTS
- 39ad1ad9e #2001 npm config tests (@ ruyadorno)
- b9c1caa8e #2026 npm owner test and refactor (@ ruyadorno)
DEPENDENCIES
- ed6e6a9d3 eslint-plugin-standard@4.0.2
- b737ee999 #2009 #2007 npm-packlist@2.1.4:
  - Maintain order in package.json files array globs
  - Strip slashes from package files list results
- 783965508 #1997 #2000 #2005 @ npmcli/arborist@1.0.4
  - Ensure that root is added when root.meta is set
  - Include all edges in explain() output when a root edge exists
  - Do not conflict on meta-peers that will not be replaced
  - Install peerOptionals if explicitly requested, or dev
7.0.3 - 2023-10-31
7.0.3 (2020-10-20)

BUG FIXES
- ce4724a38 #1986 check result when determining exit code of ls <filter> (@ G-Rath)
- 00d926f8d #1987 don't suppress run output when --silent is passed (@ G-Rath)
- 043da2347 improve cache clear error message (@ isaacs)
DOCUMENTATION
- a57f5c466 update docs for: access, adduser, audit, bin, bugs, build, cache, ci, completion, config and dedupe (@ isaacs)
- 5b88b72b9 remove the long-gone bundle command (@ isaacs)
- ae09aa5c1 #1993 document --save-peer as a common option to npm install (@ JakeChampion)
- c9993e6b1 #1982 fix url links for init-package-json/node-semver (@ takenspc)
DEPENDENCIES
- 5d9df8395 node-gyp@7.1.2
7.0.2 - 2023-10-03
7.0.2 (2020-10-16)

DOCUMENTATION
- 9476734b7 #1967 add mention to workspaces prepare lifecycle (@ ruyadorno)
BUG FIXES
- 5cf71c689 #1971 owner rm at local pkg not work (@ ShangguanQuail)
DEPENDENCIES
- 722b7ae63 #1974 patch node-gyp (@ targos)
- 4ae825c01 #1976 patch node-gyp (@ MylesBorins)
- 181eabf13 @ npmcli/arborist@1.0.3
  - fix workspaces prepare lifecycle scripts
  - fix peer deps overchecks resulting in ERESOLVE
- 6cc115409 init-package-json@2.0.1
- dbf9d6d1f libnpmpublish@3.0.2
7.0.1 - 2023-09-08
7.0.1 (2020-10-15)

DOCUMENTATION
- 03fca6a3b Adds docs on workspaces, explaining its basic concept and how to use it. (@ ruyadorno)
BUG FIXES
- 2ccb63659 #1951 #1956 Handle errors from audit endpoint appropriately (@ isaacs)
DEPENDENCIES
- 120e62736 node-gyp@7.1.1
- 6560b8d95 @ npmcli/arborist@1.0.2
  - do not drop scope information when fetching scoped package tarballs
  - fix cycles/ordering resolution when peer deps require nesting
- 282a1e008 npm-user-validate@1.0.1
- b259edcb4 hosted-git-info@3.0.7
7.0.0 - 2023-08-31
v7.0.0 (2020-10-12)

BUG FIXES
- 7bcdb3636 #1949 fix: ensure publishConfig is passed through (@ nlf)
- 97978462e fix: patch config.js to remove duplicate vals (@ darcyclarke)
DOCUMENTATION
- 60769d757 #1911 docs: v7 npm-install refresh (@ ruyadorno)
- 08de49042 #1938 docs: v7 using npm config updates (@ ruyadorno)
DEPENDENCIES
- 15366a1cf npm-registry-fetch@8.1.5
- f04a74140 init-package-json@2.0.0
  - 1de21dce0 fix: support dot-separated aliases defined in a .npmrc ini files for init-* configs (@ ruyadorno)
- a67275cd9 eslint@7.11.0
- 6fb83b78d hosted-git-info@3.0.6
- 1ca30cc9b libnpmfund@1.0.0
- 28a2d2ba4 @ npmcli/arborist@1.0.0
  - npm/rfcs#239 Improve handling of conflicting peerDependencies in transitive dependencies, so that --force will always accept a best effort override, and --strict-peer-deps will fail faster on conflicts.
- 9306c6833 libnpmfund@1.0.1
- fafb348ef npm-package-arg@8.1.0
- 365f2e756 read-package-json@3.0.0
7.0.0-pre.0 - 2023-08-31
6.0.5 - 2024-02-28
6.0.4 - 2023-10-06
6.0.3 - 2023-07-19
6.0.2 - 2023-07-05
6.0.1 - 2023-06-21
6.0.0 - 2023-05-31
5.0.17 - 2023-05-03
5.0.16 - 2023-04-19
5.0.15 - 2023-04-05
5.0.14 - 2023-03-30
5.0.13 - 2023-03-08
5.0.12 - 2023-03-02
5.0.11 - 2023-02-22
5.0.10 - 2023-02-07
5.0.9 - 2023-02-02
5.0.8 - 2023-01-25
5.0.7 - 2023-01-12
5.0.6 - 2022-12-07
5.0.5 - 2022-11-30
5.0.4 - 2022-11-16
5.0.3 - 2022-11-09
5.0.2 - 2022-11-02
5.0.1 - 2022-10-26
5.0.0 - 2022-10-19
5.0.0-pre.5 - 2022-10-19
5.0.0-pre.4 - 2022-10-05
5.0.0-pre.3 - 2022-09-30
5.0.0-pre.2 - 2022-09-23
5.0.0-pre.1 - 2022-09-14
5.0.0-pre.0 - 2022-09-12
4.0.14 - 2022-11-03
4.0.13 - 2022-09-13
4.0.12 - 2022-08-31
4.0.11 - 2022-08-17
4.0.10 - 2022-08-10
4.0.9 - 2022-08-03
4.0.8 - 2022-06-23
4.0.7 - 2022-06-22
4.0.6 - 2022-06-01
4.0.5 - 2022-04-26
4.0.4 - 2022-04-20
4.0.3 - 2022-04-07
4.0.2 - 2022-03-17
4.0.1 - 2022-03-09
4.0.0 - 2022-02-24
3.0.3 - 2022-01-27

from libnpmexec GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade libnpmexec from 3.0.3 to 7.0.8. See this package in npm: https://www.npmjs.com/package/libnpmexec See this project in Snyk: https://app.snyk.io/org/jorddojames/project/5cb1c70b-51ef-4b11-98b9-49ed178f597f?utm_source=github&utm_medium=referral&page=upgrade-pr

[Snyk] Upgrade libnpmexec from 3.0.3 to 7.0.8 #29

Are you sure you want to change the base?

[Snyk] Upgrade libnpmexec from 3.0.3 to 7.0.8 #29

Uh oh!

Conversation

jj-crypto commented Apr 5, 2024

Snyk has created this PR to upgrade libnpmexec from 3.0.3 to 7.0.8.

7.0.8 (2020-11-03)

DOCUMENTATION

BUG FIXES

DEPENDENCIES

7.0.7 (2020-10-30)

BUG FIXES

DEPENDENCIES

7.0.6 (2020-10-27)

BUG FIXES

DEPENDENCIES

7.0.5 (2020-10-23)

7.0.4 (2020-10-23)

DOCUMENTATION

BUG FIXES

TESTS

DEPENDENCIES

7.0.3 (2020-10-20)

BUG FIXES

DOCUMENTATION

DEPENDENCIES

7.0.2 (2020-10-16)

DOCUMENTATION

BUG FIXES

DEPENDENCIES

7.0.1 (2020-10-15)

DOCUMENTATION

BUG FIXES

DEPENDENCIES

v7.0.0 (2020-10-12)

BUG FIXES

DOCUMENTATION

DEPENDENCIES

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants