even though our existing range allowed anyone to update as soon as the new npm version was available, this will encourage being on a version that does not report the ip vulnerability a bit more forcefully
Commits
a0313f8 fix(deps): raised the minimum accepted range of npm to v10.5.0 (#759)
6752218 chore(deps): update dependency ava to v6.1.2 (#758)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps @semantic-release/npm from 11.0.2 to 11.0.3.
Release notes
Sourced from
@semantic-release/npm's releases.Commits
a0313f8fix(deps): raised the minimum accepted range of npm to v10.5.0 (#759)6752218chore(deps): update dependency ava to v6.1.2 (#758)c5fdc71chore(deps): lock file maintenance (#757)ba9b443chore(deps): lock file maintenance (#755)f6be374chore(deps): lock file maintenance4b77eb2chore(deps): update dependency semantic-release to v23.0.2 (#753)b49b9a5ci(action): update actions/setup-node action to v4.0.2 (#752)b64a649chore(deps): update dependency semantic-release to v23.0.1 (#751)a022439chore(deps): lock file maintenance (#749)ced5fd3chore(deps): update dependency prettier to v3.2.5 (#748)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show