fix(deps): update dependency inquirer to v8

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
inquirer	6.5.2 -> 8.2.0

---

Release Notes

SBoudrias/Inquirer.js

### [`v8.2.0`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.2.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.1.5...inquirer@8.2.0) - `checkbox` prompt: Update the help message to be more complete. And the help message is now shown until a selection is made. ### [`v8.1.5`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.1.5) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.1.4...inquirer@8.1.5) Fix older Node version compatibility issue. ### [`v8.1.4`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.1.4) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.1.3...inquirer@8.1.4) - Fix an error being thrown inside the `rawlist` prompt ### [`v8.1.3`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.1.3) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.1.2...inquirer@8.1.3) ##### Bug Fixes - Fix password prompt appearing when doing async filtering/validation - User being prompted a question even though it was answered when using nested answer object format. - Fix extra space appearing when using custom prefix. And bump of all dependencies. ### [`v8.1.2`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.1.2) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.1.1...inquirer@8.1.2) - Fix bug on `rawList` prompt - Bump dependencies ### [`v8.1.1`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.1.1) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.1.0...inquirer@8.1.1) **Fix**: Number prompt `default` behavior. ### [`v8.1.0`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.1.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.0.1...inquirer@8.1.0) ##### New features - Now display a loading spinner while asynchronously filtering or validating data. - `inquirer.prompt()` now accept a shorthand object syntax instead of an array with `name`d prompts: ```js const { foo, bar } = await inquirer.prompt({ foo: { message: '...', default: '...', }, bar: { default: '...', } }): ``` ### [`v8.0.1`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.0.1) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@8.0.0...inquirer@8.0.1) Fixes - Fix issue with duplicate keys in `expand` prompt not being caught if casing didn't match - Fix `rawlist` prompt ignoring `short` option - Rollback dependencies migrated to ESM causing issue for some users And lastly general dependency upgrade (to non-ESM versions) ### [`v8.0.0`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@8.0.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.3.3...inquirer@8.0.0) - Drop support for Node 10 (through dependencies) - Add `postfix` option to the editor prompt to allow easily turning on proper syntax highlighting ### [`v7.3.3`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.3.3) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.3.2...inquirer@7.3.3) - Fix to release the readline on errors - Security patch (lodash) ### [`v7.3.2`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.3.2) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.3.1...inquirer@7.3.2) Fix the `loop: false` option in the `checkbox` prompt. ### [`v7.3.1`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.3.1) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.3.0...inquirer@7.3.1) - Fix the `loop: false` option in the `list` prompt. ### [`v7.3.0`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.3.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.2.0...inquirer@7.3.0) - New option `loop` (boolean) for list type prompts. This prevents the list from looping when reaching the top or bottom of the selection. - Bug fix: multi line list type prompts - Core: Bumped dependencies ### [`v7.2.0`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.2.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.1.0...inquirer@7.2.0) ##### Enhancement - [`039a55c`](https://togithub.com/SBoudrias/Inquirer.js/commit/039a55c7ec04d95887bdeb9b164cc634f26beb57) [#​923](https://togithub.com/SBoudrias/Inquirer.js/issues/923) Only import used lodash methods. ([@​merceyz](https://togithub.com/merceyz)) ##### Bug Fix - [`a1171d2`](https://togithub.com/SBoudrias/Inquirer.js/commit/a1171d25cdb48c147b405e3173828a8de2dc735b) [#​918](https://togithub.com/SBoudrias/Inquirer.js/issues/918) Fix `@inquirer/confirm` formatted output value. ([@​rbardini](https://togithub.com/rbardini)) - [`1bf6413`](https://togithub.com/SBoudrias/Inquirer.js/commit/1bf6413b71e94b52a68ba9a4d331ea67453e3390) Fix `engines` field for Node.js 8. ([@​LitoMore](https://togithub.com/LitoMore)) ### [`v7.1.0`](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.7...inquirer@7.1.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.7...inquirer@7.1.0) ### [`v7.0.7`](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.6...inquirer@7.0.7) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.6...inquirer@7.0.7) ### [`v7.0.6`](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.5...inquirer@7.0.6) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.5...inquirer@7.0.6) ### [`v7.0.5`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.0.5) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.4...inquirer@7.0.5) Errors when running in non-TTY environment are now marked and catchable. ### [`v7.0.4`](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.3...inquirer@7.0.4) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.3...inquirer@7.0.4) ### [`v7.0.3`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.0.3) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.2...inquirer@7.0.3) Revert broken fix done in 7.0.2 ### [`v7.0.2`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.0.2) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.1...inquirer@7.0.2) \~Work around bug affecting Windows user with Node 10 ([#​767](https://togithub.com/SBoudrias/Inquirer.js/issues/767))~ (Reverted in v7.0.3) ### [`v7.0.1`](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.0...inquirer@7.0.1) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@7.0.0...inquirer@7.0.1) ### [`v7.0.0`](https://togithub.com/SBoudrias/Inquirer.js/releases/inquirer@7.0.0) [Compare Source](https://togithub.com/SBoudrias/Inquirer.js/compare/inquirer@6.5.2...inquirer@7.0.0) - Drop support for Node 6.

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

[ericcornelissen]

Chiming in here to help move this one along since, as per #883, it would be nice if this could be merged and released to remove the npm audit warning associated with the commitizen CLI [^1].

Looking at the release notes for Inquirer in the Pull Request description, the major version changes amount to 2 breaking changes in total, neither of which affect the commitizen CLI v4.2.4:

• Drop support for Node 6. --> Commitizen only supports Node 12 and higher
• Drop support for Node 10 (through dependencies) --> Commitizen only supports Node 12 and higher

Judging by that this should be safe to merge. That is, of course, if we trust that Inquirer didn't accidentally introduce a breaking change without reporting it.

[^1]: I would be inclined to agree that the impact of the vulnerability is limited for the commitizen CLI, but especially if upgrading is trivial I see no reason not to upgrade. Even if just to avoid "polluting" the npm audit report of users.

[yukha-dw]

+1 I look forward to this update!

[LinusU]

Thanks for doing the research on this @ericcornelissen ❤️

[cgaube]

Do we know when new release tags are created ? I see the last release is https://github.com/commitizen/cz-cli/releases from May (v4.2.4)

[yukha-dw]

Do we know when new release tags are created ? I see the last release is https://github.com/commitizen/cz-cli/releases from May (v4.2.4)

you can "watch" this repository with All Activity option or Custom->Releases.

[Zhengqbbb]

Just need to refactor the cz-git adapter, come and see 🧐🧐🧐 still a little worried

[github-actions[bot]]

:tada: This PR is included in version 4.2.5 :tada:

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot :package::rocket: