Snyk has created this PR to upgrade npm from 7.6.3 to 7.24.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 39 versions ahead of your current version.
The recommended version was released 21 days ago, on 2021-10-04.
Snyk has created this PR to upgrade npm from 7.6.3 to 7.24.2.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-TAR-1579155
Why? CVSS 8.5
SNYK-JS-TAR-1579152
Why? CVSS 8.5
SNYK-JS-TAR-1579147
Why? CVSS 8.5
SNYK-JS-TAR-1536531
Why? CVSS 8.5
SNYK-JS-TAR-1536528
Why? CVSS 8.5
SNYK-JS-NPMCLIARBORIST-1579181
Why? CVSS 8.5
SNYK-JS-NPMCLIARBORIST-1579165
Why? CVSS 8.5
SNYK-JS-NPMCLIGIT-1536784
Why? CVSS 8.5
SNYK-JS-TAR-1536758
Why? CVSS 8.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: npm
v7.24.2 (2021-10-04)
BUG FIXES
56d6cfdc0
#3804 encode url before opening (@ isaacs)075fe5056
#3799 restore exit code on "npm outdated" (@ gfyoung)dbb90f799
#3809 use Intl.Collator for string sorting when available (@ isaacs)DEPENDENCIES
69ab10bbf
is-core-module@2.7.0
e94ddeaca
@ npmcli/arborist@2.9.0
:DOCUMENTATION
f425950a6
#3805 remove npm Enterprise from documentation (@ ethomson)bb0b2da6c
#3699 fix(docs): add note about workspace script order (@ behnammodi)v7.24.1 (2021-09-23)
DEPENDENCIES
1be8d41e6
socks-proxy-agent@6.1.0
:eafd55eae
glob@7.2.0
DOCS
dae5ce305
#3784 docs: document special meaning of registry.npmjs.com (@ everett1992)v7.24.0 (2021-09-16)
FEATURES
c7787b3fb
1fbbe1e04
bundled npm-install-checks (@ wraithgar)BUG FIXES
0320bd77e
#3739 fix(view): Show the correct publish date for versions selected by range (@ andersk)e4a521857
#3748 fix(install.sh): don't remove old npm first (@ wraithgar)b4aac345b
#3754 fix(config): user-agent properly shows ci (@ wraithgar)b807cd62e
#3738 fix(search): return valid json for no results (@ AyushRawal)2def17a3b
#3760 fix(install): use configured registry when checking manifest (@ yacoman89)ca792acdd
#3761 fix(logs): clean args for failed commands (@ wraithgar)59743972c
#3747 fix(did-you-mean): succeed if cwd is not a package (@ wraithgar)DEPENDENCIES
ac8e4ad18
init-package-json@2.0.5
:371655a6b
minipass@3.1.5
:DOCUMENTATION
4d93b484a
#3759 fix(docs): use correct hyperlink to package-json (@ nategreen)v7.23.0 (2021-09-09)
FEATURES
6c12500ae
#3731 feat(install): very strict global npm engines (@ wraithgar)BUG FIXES
1ad093824
#3732 fix(error-message): clean urls from 404 error (@ wraithgar)DOCUMENTATION
64f7d1a55
#3727 docs(contributing): add note on changes to tooling (@ darcyclarke)eda9162f2
#3715 Add --if-present flag documentation to workspaces (@ Matsuuu)v7.22.0 (2021-09-02)
BUG FIXES
6f431fe23
#3690 Fix one “see also” link (@ tripu)DEPENDENCIES
033e948c9
read-package-json@4.1.1
:1fa549db0
@ npmcli/config@2.3.0
:e91578d10
minpass-fetch@1.4.1
:6125db545
are-we-there-yet@1.1.6
0dcda73b0
string_decoder@1.3.0
4b913417c
npmlog@5.0.1
876c755eb
@ npmcli/arborist@2.8.3
:v7.21.1 (2021-08-26)
BUG FIXES
4e52217cb
#3684 fix(config): respect --global, --package-lock-only (@ nlf)DEPENDENCIES
e3878536f
make-fetch-happen@9.1.0
:145f70cc1
read-package-json@4.0.1
:3f4d37143
tar@6.1.11
:e63a942c6
cacache@15.3.0
:DOCUMENTATION
957fa6040
#3681 clarify uninstall lifecycle script (@ fritzy)Commit messages
Package name: npm
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs