Bump cosmiconfig from 8.3.6 to 9.0.0

[dependabot]

Bumps cosmiconfig from 8.3.6 to 9.0.0.

Changelog

Sourced from cosmiconfig's changelog.

9.0.0

• Added searchStrategy option:
  • The none value means that cosmiconfig does not traverse any directories upwards.
    • Breaking change: This is the default value if you don't pass a stopDir option, which means that cosmiconfig no longer traverses directories by default, and instead just looks in the current working directory.
      • If you want to achieve maximum backwards compatibility without adding an explicit stopDir, add the searchStrategy: 'global' option.
  • The project value means that cosmiconfig traverses upwards until it finds a package.json (or .yaml) file.
  • The global value means that cosmiconfig traverses upwards until the passed stopDir, or your home directory if no stopDir is given.
• Breaking change: Meta config files (i.e. config.js and similar) are not looked for in the current working directory anymore. Instead, it looks in the .config subfolder.
• Breaking change: When defining searchPlaces in a meta config file, the tool-defined searchPlaces are merged into this. Users may specify mergeSearchPlaces: false to disable this.
• Added support for a special $import key which will import another configuration file
  • The imported file will act as a base file - all properties from that file will be applied to the configuration, but can be overridden by the importing file
  • For more information, read the import section of the README
• Added searching in OS conventional folders (XDG compatible on Linux, %APPDATA% on Windows, Library/Preferences on macOS) for searchStrategy: 'global'
• Fixed crash when trying to load a file that is not readable due to file system permissions
• Fixed wrong ERR_REQUIRE_ESM error being thrown when there is an issue loading an ESM file

Commits

• 006fc0b 9.0.0
• d4de473 update changelog for new version
• 8bf59fc make changelog leaner again
• 0555009 chore: remove release-please
• 5839d5e 9.0.0-alpha.3
• 7fcf489 chore: update lock file
• b8b412f chore: remove unnecessary dev packages
• bb3ebba chore: replace path-type package with own utility functions
• 76d26bd 9.0.0-alpha.2
• 559ed70 feat: load config from package.yaml
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/cosmiconfig@9.0.0	filesystem Transitive: environment, unsafe	+23	895 kB	d-fischer

🚮 Removed packages: npm/cosmiconfig@8.3.6

View full report↗︎

[chris48s]

@dependabot rebase

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (10b335d) 95.75% compared to head (79247bc) 95.75%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #384   +/-   ##
=======================================
  Coverage   95.75%   95.75%           
=======================================
  Files          11       11           
  Lines         800      800           
  Branches      180      180           
=======================================
  Hits          766      766           
  Misses         33       33           
  Partials        1        1           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[chris48s]

@dependabot rebase