search

mheap / pin-github-action

Pin your GitHub actions to a specific hash
MIT License
74 stars 7 forks source link

Bump commander from 9.4.1 to 12.0.0 #159

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 7 months ago

Bumps commander from 9.4.1 to 12.0.0.

Release notes

Sourced from commander's releases.

v12.0.0

Added

  • .addHelpOption() as another way of configuring built-in help option (#2006)
  • .helpCommand() for configuring built-in help command (#2087)

Fixed

  • Breaking: use non-zero exit code when spawned executable subcommand terminates due to a signal (#2023)
  • Breaking: check passThroughOptions constraints when using .addCommand and throw if parent command does not have .enablePositionalOptions() enabled (#1937)

Changed

  • Breaking: Commander 12 requires Node.js v18 or higher (#2027)
  • Breaking: throw an error if add an option with a flag which is already in use (#2055)
  • Breaking: throw an error if add a command with name or alias which is already in use (#2059)
  • Breaking: throw error when calling .storeOptionsAsProperties() after setting an option value (#1928)
  • replace non-standard JSDoc of @api private with documented @private (#1949)
  • .addHelpCommand() now takes a Command (passing string or boolean still works as before but deprecated) (#2087)
  • refactor internal implementation of built-in help option (#2006)
  • refactor internal implementation of built-in help command (#2087)

Deprecated

  • .addHelpCommand() passing string or boolean (use .helpCommand() or pass a Command) (#2087)

Removed

  • Breaking: removed default export of a global Command instance from CommonJS (use the named program export instead) (#2017)

Migration Tips

global program

If you are using the deprecated default import of the global Command object, you need to switch to using a named import (or create a new Command).

// const program = require('commander');
const { program } = require('commander');

option and command clashes

A couple of configuration problems now throw an error, which will pick up issues in existing programs:

  • adding an option which uses the same flag as a previous option
  • adding a command which uses the same name or alias as a previous command

v12.0.0-1

Added

... (truncated)

Changelog

Sourced from commander's changelog.

[12.0.0] (2024-02-03)

Added

  • .addHelpOption() as another way of configuring built-in help option (#2006)
  • .helpCommand() for configuring built-in help command (#2087)

Fixed

  • Breaking: use non-zero exit code when spawned executable subcommand terminates due to a signal (#2023)
  • Breaking: check passThroughOptions constraints when using .addCommand and throw if parent command does not have .enablePositionalOptions() enabled (#1937)

Changed

  • Breaking: Commander 12 requires Node.js v18 or higher (#2027)
  • Breaking: throw an error if add an option with a flag which is already in use (#2055)
  • Breaking: throw an error if add a command with name or alias which is already in use (#2059)
  • Breaking: throw error when calling .storeOptionsAsProperties() after setting an option value (#1928)
  • replace non-standard JSDoc of @api private with documented @private (#1949)
  • .addHelpCommand() now takes a Command (passing string or boolean still works as before but deprecated) (#2087)
  • refactor internal implementation of built-in help option (#2006)
  • refactor internal implementation of built-in help command (#2087)

Deprecated

  • .addHelpCommand() passing string or boolean (use .helpCommand() or pass a Command) (#2087)

Removed

  • Breaking: removed default export of a global Command instance from CommonJS (use the named program export instead) (#2017)

Migration Tips

global program

If you are using the deprecated default import of the global Command object, you need to switch to using a named import (or create a new Command).

// const program = require('commander');
const { program } = require('commander');

option and command clashes

A couple of configuration problems now throw an error, which will pick up issues in existing programs:

  • adding an option which uses the same flag as a previous option
  • adding a command which uses the same name or alias as a previous command

[12.0.0-1] (2024-01-20)

... (truncated)

Commits
  • 83c3f4e Bump version to 12.0.0
  • e3192a1 Merge pull request #2140 from tj/release/12.x
  • 608eaf0 Update CHANGELOG for v12 (#2133)
  • 3f44d29 Update dependencies preparing for release (#2132)
  • 4d832b2 Merge remote-tracking branch 'origin/develop' into release/12.x
  • b53109b Add links in CHANGELOG
  • 90f3c8a 12.0.0-1
  • eed665d Add 12.0.0-1 changes to CHANGELOG
  • 09244af Refactor help option implementation to hold actual Option (#2006)
  • ff08a02 Refactor help command implementation to hold actual Command (#2087)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 5 months ago

Superseded by #166.