dependabot-preview[bot]
commented
5 years ago Superseded by #153.
Closed dependabot-preview[bot] closed 5 years ago
dependabot-preview[bot]
commented
5 years ago Superseded by #153.
Bumps npm from 6.1.0 to 6.11.2.
Release notes
*Sourced from [npm's releases](https://github.com/npm/cli/releases).* > ## v6.11.2 > > ## 6.11.2 (2019-08-22): > > Fix a recent Windows regression, and two long-standing Windows bugs. Also, get CI running on Windows, so these things are less likely in the future. > > ### DEPENDENCIES > > * [`9778a1b87`](https://github.com/npm/cli/commit/9778a1b878aaa817af6e99385e7683c2a389570d) `cmd-shim@3.0.3`: Fix regression where shims fail to preserve exit code ([@isaacs](https://github.com/isaacs)) > * [`bf93e91d8`](https://github.com/npm/cli/commit/bf93e91d879c816a055d5913e6e4210d7299f299) `npm-package-arg@6.1.1`: Properly handle git+file: urls on Windows when a drive letter is included. ([@isaacs](https://github.com/isaacs)) > > ### BUGFIXES > > * [`6cc4cc66f`](https://github.com/npm/cli/commit/6cc4cc66f1fb050dc4113e35cab59197fd48e04a) escape args properly on Windows Bash Despite being bash, Node.js running on windows git mingw bash still executes child processes using cmd.exe. As a result, arguments in this environment need to be escaped in the style of cmd.exe, not bash. ([@isaacs](https://github.com/isaacs)) > > ### TESTS > > * [`291aba7b8`](https://github.com/npm/cli/commit/291aba7b821e247b96240b1ec037310ead69a594) make tests pass on Windows ([@isaacs](https://github.com/isaacs)) > * [`fea3a023a`](https://github.com/npm/cli/commit/fea3a023a80863f32a5f97f5132401b1a16161b8) travis: run tests on Windows as well ([@isaacs](https://github.com/isaacs)) > > ## v6.11.1 > ## 6.11.1 (2019-08-20): > > Fix a regression for windows command shim syntax. > > * [`37db29647`](https://github.com/npm/cli/commit/37db2964710c80003604b7e3c1527d17be7ed3d0) `cmd-shim@3.0.2` ([@isaacs](https://github.com/isaacs)) > > > ## v6.11.0 (2019-08-20): > > A few meaty bugfixes, and introducing `peerDependenciesMeta`. > > ### FEATURES > > * [`a12341088`](https://github.com/npm/cli/commit/a12341088820c0e7ef6c1c0db3c657f0c2b3943e) [#224](https://github-redirect.dependabot.com/npm/cli/pull/224) Implements peerDependenciesMeta ([@arcanis](https://github.com/arcanis)) > * [`2f3b79bba`](https://github.com/npm/cli/commit/2f3b79bbad820fd4a398aa494b19f79b7fd520a1) [#234](https://github-redirect.dependabot.com/npm/cli/pull/234) add new forbidden 403 error code ([@claudiahdz](https://github.com/claudiahdz)) > > ### BUGFIXES > > * [`24acc9fc8`](https://github.com/npm/cli/commit/24acc9fc89d99d87cc66206c6c6f7cdc82fbf763) and [`45772af0d`](https://github.com/npm/cli/commit/45772af0ddca54b658cb2ba2182eec26d0a4729d) [#217](https://github-redirect.dependabot.com/npm/cli/pull/217) [npm.community#8863](https://npm.community/t/installing-the-same-module-under-multiple-relative-paths-fails-on-linux/8863) [npm.community#9327](https://npm.community/t/reinstall-breaks-after-npm-update-to-6-10-2/9327,) do not descend into directory deps' child modules, fix shrinkwrap files that inappropriately list child nodes of symlink packages ([@isaacs](https://github.com/isaacs) and [@salomvary](https://github.com/salomvary)) > * [`50cfe113d`](https://github.com/npm/cli/commit/50cfe113da5fcc59c1d99b0dcf1050ace45803c7) [#229](https://github-redirect.dependabot.com/npm/cli/pull/229) fixed typo in semver doc ([@gall0ws](https://github.com/gall0ws)) > * [`e8fb2a1bd`](https://github.com/npm/cli/commit/e8fb2a1bd9785e0092e9926f4fd65ad431e38452) [#231](https://github-redirect.dependabot.com/npm/cli/pull/231) Fix spelling mistakes in CHANGELOG-3.md ([@XhmikosR](https://github.com/XhmikosR)) > * [`769d2e057`](https://github.com/npm/cli/commit/769d2e057daf5a2cbfe0ce86f02550e59825a691) [npm/uid-number#7](https://github-redirect.dependabot.com/npm/uid-number/issues/7) Better error on invalid `--user`/`--group` configs. This addresses the issue when people fail to install binary packages on Docker and other environments where there is no 'nobody' user. ([@isaacs](https://github.com/isaacs)) > * [`8b43c9624`](https://github.com/npm/cli/commit/8b43c962498c8e2707527e4fca442d7a4fa51595) [nodejs/node#28987](https://github-redirect.dependabot.com/nodejs/node/issues/28987) [npm.community#6032](https://npm.community/t/npm-ci-doesnt-respect-npmrc-variables/6032) [npm.community#6658](https://npm.community/t/npm-ci-doesnt-fill-anymore-the-process-env-npm-config-cache-variable-on-post-install-scripts/6658) [npm.community#6069](https://npm.community/t/npm-ci-does-not-compile-native-dependencies-according-to-npmrc-configuration/6069) [npm.community#9323](https://npm.community/t/npm-6-9-x-not-passing-environment-to-node-gyp-regression-from-6-4-x/9323/2) Fix the regression where random config values in a .npmrc file are not passed to lifecycle scripts, breaking build processes which rely on them. ([@isaacs](https://github.com/isaacs)) > * [`8b85eaa47`](https://github.com/npm/cli/commit/8b85eaa47da3abaacc90fe23162a68cc6e1f0404) save files with inferred ownership rather than relying on `SUDO_UID` and `SUDO_GID`. ([@isaacs](https://github.com/isaacs)) > * [`b7f6e5f02`](https://github.com/npm/cli/commit/b7f6e5f0285515087b4614d81db17206524c0fdb) Infer ownership of shrinkwrap files ([@isaacs](https://github.com/isaacs)) > * [`54b095d77`](https://github.com/npm/cli/commit/54b095d77b3b131622b3cf4cb5c689aa2dd10b6b) [#235](https://github-redirect.dependabot.com/npm/cli/pull/235) Add spec to dist-tag remove function ([@theberbie](https://github.com/theberbie)) > > ### DEPENDENCIES > > ... (truncated)Changelog
*Sourced from [npm's changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md).* > ## 6.11.2 (2019-08-22): > > Fix a recent Windows regression, and two long-standing Windows bugs. Also, > get CI running on Windows, so these things are less likely in the future. > > ### DEPENDENCIES > > * [`9778a1b87`](https://github.com/npm/cli/commit/9778a1b878aaa817af6e99385e7683c2a389570d) > `cmd-shim@3.0.3`: Fix regression where shims fail to preserve exit code > ([@isaacs](https://github.com/isaacs)) > * [`bf93e91d8`](https://github.com/npm/cli/commit/bf93e91d879c816a055d5913e6e4210d7299f299) > `npm-package-arg@6.1.1`: Properly handle git+file: urls on Windows when a > drive letter is included. ([@isaacs](https://github.com/isaacs)) > > ### BUGFIXES > > * [`6cc4cc66f`](https://github.com/npm/cli/commit/6cc4cc66f1fb050dc4113e35cab59197fd48e04a) > escape args properly on Windows Bash Despite being bash, Node.js running > on windows git mingw bash still executes child processes using cmd.exe. > As a result, arguments in this environment need to be escaped in the > style of cmd.exe, not bash. ([@isaacs](https://github.com/isaacs)) > > ### TESTS > > * [`291aba7b8`](https://github.com/npm/cli/commit/291aba7b821e247b96240b1ec037310ead69a594) > make tests pass on Windows ([@isaacs](https://github.com/isaacs)) > * [`fea3a023a`](https://github.com/npm/cli/commit/fea3a023a80863f32a5f97f5132401b1a16161b8) > travis: run tests on Windows as well > ([@isaacs](https://github.com/isaacs)) > > ## 6.11.1 (2019-08-20): > > Fix a regression for windows command shim syntax. > > * [`37db29647`](https://github.com/npm/cli/commit/37db2964710c80003604b7e3c1527d17be7ed3d0) > `cmd-shim@3.0.2` ([@isaacs](https://github.com/isaacs)) > > ## v6.11.0 (2019-08-20): > > A few meaty bugfixes, and introducing `peerDependenciesMeta`. > > ### FEATURES > > * [`a12341088`](https://github.com/npm/cli/commit/a12341088820c0e7ef6c1c0db3c657f0c2b3943e) > [#224](https://github-redirect.dependabot.com/npm/cli/pull/224) Implements > peerDependenciesMeta ([@arcanis](https://github.com/arcanis)) > * [`2f3b79bba`](https://github.com/npm/cli/commit/2f3b79bbad820fd4a398aa494b19f79b7fd520a1) > [#234](https://github-redirect.dependabot.com/npm/cli/pull/234) add new forbidden 403 error > code ([@claudiahdz](https://github.com/claudiahdz)) > > ... (truncated)Commits
- [`bd6e5d2`](https://github.com/npm/cli/commit/bd6e5d24b77f664cd4a7736fca7c031d9ad133a9) 6.11.2 - [`a71c14c`](https://github.com/npm/cli/commit/a71c14c6b49fcc4e8c00e99e82af6b1050ac1a9c) docs: change log for 6.11.2 - [`fea3a02`](https://github.com/npm/cli/commit/fea3a023a80863f32a5f97f5132401b1a16161b8) travis: run tests on Windows as well - [`291aba7`](https://github.com/npm/cli/commit/291aba7b821e247b96240b1ec037310ead69a594) test: make tests pass on Windows - [`6cc4cc6`](https://github.com/npm/cli/commit/6cc4cc66f1fb050dc4113e35cab59197fd48e04a) explore: escape args properly on Windows Bash - [`bf93e91`](https://github.com/npm/cli/commit/bf93e91d879c816a055d5913e6e4210d7299f299) npm-package-arg@6.1.1 - [`9778a1b`](https://github.com/npm/cli/commit/9778a1b878aaa817af6e99385e7683c2a389570d) cmd-shim@3.0.3 - [`6c18f1f`](https://github.com/npm/cli/commit/6c18f1fd3a0eb4ccf26c55e9f11dcfa7fd8a89f0) 6.11.1 - [`d17f0d8`](https://github.com/npm/cli/commit/d17f0d82fc772681999e24bcf10a6fa95d4156db) docs: change log for 6.11.1 - [`37db296`](https://github.com/npm/cli/commit/37db2964710c80003604b7e3c1527d17be7ed3d0) cmd-shim@3.0.2 - Additional commits viewable in [compare view](https://github.com/npm/cli/compare/v6.1.0...v6.11.2)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.