build(deps): bump npm from 10.7.0 to 10.8.1

[dependabot[bot]]

Bumps npm from 10.7.0 to 10.8.1.

Changelog

Sourced from npm's changelog.

10.8.1 (2024-05-29)

Bug Fixes

• 6b55646 #7569 exec: look in workspace and root for bin entries (#7569) (@​wraithgar)
• e4c7a41 #7564 publish: skip workspace packages marked private on publish (#7564) (@​milaninfy)
• 8f94ae8 #7556 utils/tar: index access while match is null (#7555) (#7556) (@​NormanPerrin)
• 2d1d8d0 #7559 adds node: specifier to all native node modules (#7559) (@​reggi)
• 7d89b55 #7490 ci: rm workspace node_modules (#7490) (@​reggi)
• 9122fb6 #7516 cache: add both full and minified packument to cache (#7516) (@​milaninfy)
• 9e6686b #7545 send proper otp token on web auth (#7545) (@​wraithgar)
• b1db070 #7534 refactor: use output.buffer and set explicit json mode in query (#7534) (@​lukekarrys)
• 53cda32 #7542 refactor ls to use output.buffer for json (#7542) (@​lukekarrys)
• 61d5771 #7541 remove json.stringify from all commands (#7541) (@​lukekarrys)
• 4dfc7d2 #7540 pass strings to JSON.stringify in --json mode (#7540) (@​lukekarrys)
• 3cefdf6 #7538 outdated: return array for outdated deps from multiple workspaces (@​lukekarrys)
• ef4c975 #7508 view: dont immediately exit on first workspace 404 (#7508) (@​lukekarrys)

Documentation

• fd6479f #7560 update publish docs: dist-tag + publish case (#7560) (@​davidlj95)

Dependencies

• e3f0fd4 #7568 @npmcli/package-json@5.1.1
• 447a8d7 #7566 spdx-license-ids@3.0.18
• 83fed2e #7566 sigstore@2.3.1
• 41291ba #7566 @sigstore/tuf@2.3.4
• 18b42a4 #7566 glob@10.4.1
• 5c6759d #7566 postcss-selector-parser@6.1.0
• 2508a83 #7566 is-cidr@5.1.0
• 6278fe4 #7566 ini@4.1.3

10.8.1 (2024-05-29)

Bug Fixes

• 6b55646 #7569 exec: look in workspace and root for bin entries (#7569) (@​wraithgar)
• e4c7a41 #7564 publish: skip workspace packages marked private on publish (#7564) (@​milaninfy)
• 8f94ae8 #7556 utils/tar: index access while match is null (#7555) (#7556) (@​NormanPerrin)
• 2d1d8d0 #7559 adds node: specifier to all native node modules (#7559) (@​reggi)
• 7d89b55 #7490 ci: rm workspace node_modules (#7490) (@​reggi)
• 9122fb6 #7516 cache: add both full and minified packument to cache (#7516) (@​milaninfy)
• 9e6686b #7545 send proper otp token on web auth (#7545) (@​wraithgar)
• b1db070 #7534 refactor: use output.buffer and set explicit json mode in query (#7534) (@​lukekarrys)
• 53cda32 #7542 refactor ls to use output.buffer for json (#7542) (@​lukekarrys)
• 61d5771 #7541 remove json.stringify from all commands (#7541) (@​lukekarrys)
• 4dfc7d2 #7540 pass strings to JSON.stringify in --json mode (#7540) (@​lukekarrys)
• 3cefdf6 #7538 outdated: return array for outdated deps from multiple workspaces (@​lukekarrys)
• ef4c975 #7508 view: dont immediately exit on first workspace 404 (#7508) (@​lukekarrys)

... (truncated)

Commits

• 6109960 chore: release 10.8.1
• 6b55646 fix(exec): look in workspace and root for bin entries (#7569)
• 4a36d78 chore: fix linting in arborist debugger
• 2d84091 chore: fix snapshots for updated @​npmcli/package-json
• e3f0fd4 deps: @​npmcli/package-json@​5.1.1
• 4b57b95 chore: fix linting in mock registry
• 6574dc9 chore: dev dependency updates
• 447a8d7 deps: spdx-license-ids@3.0.18
• 83fed2e deps: sigstore@2.3.1
• 41291ba deps: @​sigstore/tuf@​2.3.4
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[maalni]

Npm shouldnt be included in package.json

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.