node >= 12 is required. Time to upgrade that old-ass server you never touch.
peerDependencies are now excluded by default. Peer dependencies should use the lowest possible version that works. The old behavior encouraged a bad practice of uprading peer dependencies. You can use --dep prod,dev,bundle,optional,peer for the old behavior (#951).
Dependencies with > will be converted to >=. The old behavior was causing upgrades to > [latest] which was impossible (#957).
Other
Typescript! There is a new build process, so if you have any issues with the executable or types, please report. It should be a non-breaking change if I did it correctly (#888).
WHen using npm-check-updates as a module, vm (versionmanager) is no longer exported. It was previously exposed for testing purposes, but was never part of the official API.
--packageFile - Now interprets its argument as a glob pattern. It is possible that a previously supplied argument may be interepreted differently now (though I'm not aware of specific instances). Due to our conservative release policy we are releasing as a major version upgrade and allowing developers to assess for themselves.
Features
--deep - Run recursively in current working directory. Alias of --packageFile '**/package.json'.
Specifiying both the --filter option and argument filters will now throw an error. Use one or the other. Previously the arguments would override the --filter option, which made for a confusing result when accidentally not quoting the option in the shell. This change is only breaking for those who are relying on the incorrect behavior of argument filters overriding --filter.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
2 years ago
Bumps npm-check-updates from 12.5.12 to 13.0.0.
Release notes
Sourced from npm-check-updates's releases.
Changelog
Sourced from npm-check-updates's changelog.
... (truncated)
Commits
a8a813313.0.033e837dBump package-lock engine.753971cReplace deprecated rmdirSync with rmSync.4493088Remove deprecated greatest, newest, ownerChanged, and semverLevel options.e49c378Bump node >=14b01de2alinted41bb0Bump dependenciesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)