From 5e131dc2a0cc9389381ab1ba44a2c45f61086f01 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 3 May 2024 17:37:18 -0700
Subject: [PATCH] deps: bump pacote from 17.0.7 to 18.0.3 (#830)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [pacote](https://github.com/npm/pacote) from 17.0.7 to 18.0.3.
Release notes
Sourced from pacote's
releases.
v18.0.3
18.0.3
(2024-04-30)
Dependencies
v18.0.2
18.0.2
(2024-04-24)
Bug Fixes
v18.0.1
18.0.1
(2024-04-23)
Bug Fixes
v18.0.0
18.0.0
(2024-04-15)
⚠️ BREAKING CHANGES
- The
silent option was used to control whether
@npmcli/run-script would write a banner via
console.log. Now ouput will be emitted via an
process.emit('output').
Features
Dependencies
Chores
Changelog
Sourced from pacote's
changelog.
18.0.3
(2024-04-30)
Dependencies
18.0.2
(2024-04-24)
Bug Fixes
18.0.1
(2024-04-23)
Bug Fixes
18.0.0
(2024-04-15)
⚠️ BREAKING CHANGES
- The
silent option was used to control whether
@npmcli/run-script would write a banner via
console.log. Now ouput will be emitted via an
process.emit('output').
Features
Dependencies
Chores
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package-lock.json | 184 ++++++++++++++++++++++++++++++++---
workspaces/data/package.json | 2 +-
2 files changed, 172 insertions(+), 14 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 56322aefd..55ebf8e97 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1827,6 +1827,47 @@
"node": "^16.14.0 || >=18.0.0"
}
},
+ "node_modules/@npmcli/arborist/node_modules/pacote": {
+ "version": "17.0.7",
+ "resolved": "https://registry.npmjs.org/pacote/-/pacote-17.0.7.tgz",
+ "integrity": "sha512-sgvnoUMlkv9xHwDUKjKQFXVyUi8dtJGKp3vg6sYy+TxbDic5RjZCHF3ygv0EJgNRZ2GfRONjlKPUfokJ9lDpwQ==",
+ "dev": true,
+ "dependencies": {
+ "@npmcli/git": "^5.0.0",
+ "@npmcli/installed-package-contents": "^2.0.1",
+ "@npmcli/promise-spawn": "^7.0.0",
+ "@npmcli/run-script": "^7.0.0",
+ "cacache": "^18.0.0",
+ "fs-minipass": "^3.0.0",
+ "minipass": "^7.0.2",
+ "npm-package-arg": "^11.0.0",
+ "npm-packlist": "^8.0.0",
+ "npm-pick-manifest": "^9.0.0",
+ "npm-registry-fetch": "^16.0.0",
+ "proc-log": "^4.0.0",
+ "promise-retry": "^2.0.1",
+ "read-package-json": "^7.0.0",
+ "read-package-json-fast": "^3.0.0",
+ "sigstore": "^2.2.0",
+ "ssri": "^10.0.0",
+ "tar": "^6.1.11"
+ },
+ "bin": {
+ "pacote": "lib/bin.js"
+ },
+ "engines": {
+ "node": "^16.14.0 || >=18.0.0"
+ }
+ },
+ "node_modules/@npmcli/arborist/node_modules/pacote/node_modules/proc-log": {
+ "version": "4.2.0",
+ "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz",
+ "integrity": "sha512-g8+OnU/L2v+wyiVK+D5fA34J7EH8jZ8DDlvwhRCMxmMj7UCBvxiO1mGeN+36JXIKF4zevU4kRBd8lVgG9vLelA==",
+ "dev": true,
+ "engines": {
+ "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
+ }
+ },
"node_modules/@npmcli/eslint-config": {
"version": "4.0.2",
"resolved": "https://registry.npmjs.org/@npmcli/eslint-config/-/eslint-config-4.0.2.tgz",
@@ -1944,6 +1985,47 @@
"node": "^16.14.0 || >=18.0.0"
}
},
+ "node_modules/@npmcli/metavuln-calculator/node_modules/pacote": {
+ "version": "17.0.7",
+ "resolved": "https://registry.npmjs.org/pacote/-/pacote-17.0.7.tgz",
+ "integrity": "sha512-sgvnoUMlkv9xHwDUKjKQFXVyUi8dtJGKp3vg6sYy+TxbDic5RjZCHF3ygv0EJgNRZ2GfRONjlKPUfokJ9lDpwQ==",
+ "dev": true,
+ "dependencies": {
+ "@npmcli/git": "^5.0.0",
+ "@npmcli/installed-package-contents": "^2.0.1",
+ "@npmcli/promise-spawn": "^7.0.0",
+ "@npmcli/run-script": "^7.0.0",
+ "cacache": "^18.0.0",
+ "fs-minipass": "^3.0.0",
+ "minipass": "^7.0.2",
+ "npm-package-arg": "^11.0.0",
+ "npm-packlist": "^8.0.0",
+ "npm-pick-manifest": "^9.0.0",
+ "npm-registry-fetch": "^16.0.0",
+ "proc-log": "^4.0.0",
+ "promise-retry": "^2.0.1",
+ "read-package-json": "^7.0.0",
+ "read-package-json-fast": "^3.0.0",
+ "sigstore": "^2.2.0",
+ "ssri": "^10.0.0",
+ "tar": "^6.1.11"
+ },
+ "bin": {
+ "pacote": "lib/bin.js"
+ },
+ "engines": {
+ "node": "^16.14.0 || >=18.0.0"
+ }
+ },
+ "node_modules/@npmcli/metavuln-calculator/node_modules/proc-log": {
+ "version": "4.2.0",
+ "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz",
+ "integrity": "sha512-g8+OnU/L2v+wyiVK+D5fA34J7EH8jZ8DDlvwhRCMxmMj7UCBvxiO1mGeN+36JXIKF4zevU4kRBd8lVgG9vLelA==",
+ "dev": true,
+ "engines": {
+ "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
+ }
+ },
"node_modules/@npmcli/name-from-folder": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/@npmcli/name-from-folder/-/name-from-folder-2.0.0.tgz",
@@ -1962,23 +2044,30 @@
}
},
"node_modules/@npmcli/package-json": {
- "version": "5.0.0",
- "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-5.0.0.tgz",
- "integrity": "sha512-OI2zdYBLhQ7kpNPaJxiflofYIpkNLi+lnGdzqUOfRmCF3r2l1nadcjtCYMJKv/Utm/ZtlffaUuTiAktPHbc17g==",
- "dev": true,
+ "version": "5.1.0",
+ "resolved": "https://registry.npmjs.org/@npmcli/package-json/-/package-json-5.1.0.tgz",
+ "integrity": "sha512-1aL4TuVrLS9sf8quCLerU3H9J4vtCtgu8VauYozrmEyU57i/EdKleCnsQ7vpnABIH6c9mnTxcH5sFkO3BlV8wQ==",
"dependencies": {
"@npmcli/git": "^5.0.0",
"glob": "^10.2.2",
"hosted-git-info": "^7.0.0",
"json-parse-even-better-errors": "^3.0.0",
"normalize-package-data": "^6.0.0",
- "proc-log": "^3.0.0",
+ "proc-log": "^4.0.0",
"semver": "^7.5.3"
},
"engines": {
"node": "^16.14.0 || >=18.0.0"
}
},
+ "node_modules/@npmcli/package-json/node_modules/proc-log": {
+ "version": "4.2.0",
+ "resolved": "https://registry.npmjs.org/proc-log/-/proc-log-4.2.0.tgz",
+ "integrity": "sha512-g8+OnU/L2v+wyiVK+D5fA34J7EH8jZ8DDlvwhRCMxmMj7UCBvxiO1mGeN+36JXIKF4zevU4kRBd8lVgG9vLelA==",
+ "engines": {
+ "node": "^14.17.0 || ^16.13.0 || >=18.0.0"
+ }
+ },
"node_modules/@npmcli/promise-spawn": {
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/@npmcli/promise-spawn/-/promise-spawn-7.0.0.tgz",
@@ -2024,10 +2113,19 @@
"node": "^14.17.0 || ^16.13.0 || >=18.0.0"
}
},
+ "node_modules/@npmcli/redact": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/@npmcli/redact/-/redact-2.0.0.tgz",
+ "integrity": "sha512-SEjCPAVHWYUIQR+Yn03kJmrJjZDtJLYpj300m3HV9OTRZNpC5YpbMsM3eTkECyT4aWj8lDr9WeY6TWefpubtYQ==",
+ "engines": {
+ "node": "^16.14.0 || >=18.0.0"
+ }
+ },
"node_modules/@npmcli/run-script": {
"version": "7.0.2",
"resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-7.0.2.tgz",
"integrity": "sha512-Omu0rpA8WXvcGeY6DDzyRoY1i5DkCBkzyJ+m2u7PD6quzb0TvSqdIPOkTn8ZBOj7LbbcbMfZ3c5skwSu6m8y2w==",
+ "dev": true,
"dependencies": {
"@npmcli/node-gyp": "^3.0.0",
"@npmcli/promise-spawn": "^7.0.0",
@@ -2043,6 +2141,7 @@
"version": "3.1.1",
"resolved": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz",
"integrity": "sha512-LpB/54B+/2J5hqQ7imZHfdU31OlgQqx7ZicVlkm9kzg9/w8GKLEcFfJl/t7DCEDueOyBAD6zCCwTO6Fzs0NoEQ==",
+ "dev": true,
"engines": {
"node": ">=16"
}
@@ -2051,6 +2150,7 @@
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/which/-/which-4.0.0.tgz",
"integrity": "sha512-GlaYyEb07DPxYCKhKzplCWBJtvxZcZMrL+4UkrTSJHHPyZU4mYYTv3qaOe77H7EODLSSopAUFAc6W8U4yqvscg==",
+ "dev": true,
"dependencies": {
"isexe": "^3.1.1"
},
@@ -7686,6 +7786,7 @@
"version": "16.1.0",
"resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-16.1.0.tgz",
"integrity": "sha512-PQCELXKt8Azvxnt5Y85GseQDJJlglTFM9L9U9gkv2y4e9s0k3GVDdOx3YoB6gm2Do0hlkzC39iCGXby+Wve1Bw==",
+ "dev": true,
"dependencies": {
"make-fetch-happen": "^13.0.0",
"minipass": "^7.0.2",
@@ -8203,25 +8304,24 @@
}
},
"node_modules/pacote": {
- "version": "17.0.7",
- "resolved": "https://registry.npmjs.org/pacote/-/pacote-17.0.7.tgz",
- "integrity": "sha512-sgvnoUMlkv9xHwDUKjKQFXVyUi8dtJGKp3vg6sYy+TxbDic5RjZCHF3ygv0EJgNRZ2GfRONjlKPUfokJ9lDpwQ==",
+ "version": "18.0.3",
+ "resolved": "https://registry.npmjs.org/pacote/-/pacote-18.0.3.tgz",
+ "integrity": "sha512-GFCGn27RSf2xa5DHShI7DzI8dCf5F0+9N+fbSpItZvi9ykSouPRXMKzfl2jF35Zoi9QysNF/aqeqQyU2tOJBbA==",
"dependencies": {
"@npmcli/git": "^5.0.0",
"@npmcli/installed-package-contents": "^2.0.1",
+ "@npmcli/package-json": "^5.1.0",
"@npmcli/promise-spawn": "^7.0.0",
- "@npmcli/run-script": "^7.0.0",
+ "@npmcli/run-script": "^8.0.0",
"cacache": "^18.0.0",
"fs-minipass": "^3.0.0",
"minipass": "^7.0.2",
"npm-package-arg": "^11.0.0",
"npm-packlist": "^8.0.0",
"npm-pick-manifest": "^9.0.0",
- "npm-registry-fetch": "^16.0.0",
+ "npm-registry-fetch": "^17.0.0",
"proc-log": "^4.0.0",
"promise-retry": "^2.0.1",
- "read-package-json": "^7.0.0",
- "read-package-json-fast": "^3.0.0",
"sigstore": "^2.2.0",
"ssri": "^10.0.0",
"tar": "^6.1.11"
@@ -8233,6 +8333,48 @@
"node": "^16.14.0 || >=18.0.0"
}
},
+ "node_modules/pacote/node_modules/@npmcli/run-script": {
+ "version": "8.1.0",
+ "resolved": "https://registry.npmjs.org/@npmcli/run-script/-/run-script-8.1.0.tgz",
+ "integrity": "sha512-y7efHHwghQfk28G2z3tlZ67pLG0XdfYbcVG26r7YIXALRsrVQcTq4/tdenSmdOrEsNahIYA/eh8aEVROWGFUDg==",
+ "dependencies": {
+ "@npmcli/node-gyp": "^3.0.0",
+ "@npmcli/package-json": "^5.0.0",
+ "@npmcli/promise-spawn": "^7.0.0",
+ "node-gyp": "^10.0.0",
+ "proc-log": "^4.0.0",
+ "which": "^4.0.0"
+ },
+ "engines": {
+ "node": "^16.14.0 || >=18.0.0"
+ }
+ },
+ "node_modules/pacote/node_modules/isexe": {
+ "version": "3.1.1",
+ "resolved": "https://registry.npmjs.org/isexe/-/isexe-3.1.1.tgz",
+ "integrity": "sha512-LpB/54B+/2J5hqQ7imZHfdU31OlgQqx7ZicVlkm9kzg9/w8GKLEcFfJl/t7DCEDueOyBAD6zCCwTO6Fzs0NoEQ==",
+ "engines": {
+ "node": ">=16"
+ }
+ },
+ "node_modules/pacote/node_modules/npm-registry-fetch": {
+ "version": "17.0.0",
+ "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-17.0.0.tgz",
+ "integrity": "sha512-JoOpdYqru846tJX96Jn2jyYVpc1TD1o6Oox80rjVIDAZqIsS2n+nNx+/Qd02LlQm/itGhsBgzP1VUKACLQHD+Q==",
+ "dependencies": {
+ "@npmcli/redact": "^2.0.0",
+ "make-fetch-happen": "^13.0.0",
+ "minipass": "^7.0.2",
+ "minipass-fetch": "^3.0.0",
+ "minipass-json-stream": "^1.0.1",
+ "minizlib": "^2.1.2",
+ "npm-package-arg": "^11.0.0",
+ "proc-log": "^4.0.0"
+ },
+ "engines": {
+ "node": "^16.14.0 || >=18.0.0"
+ }
+ },
"node_modules/pacote/node_modules/proc-log": {
"version": "4.0.0",
"resolved": "https://registry.npmjs.org/proc-log/-/proc-log-4.0.0.tgz",
@@ -8241,6 +8383,20 @@
"node": "^14.17.0 || ^16.13.0 || >=18.0.0"
}
},
+ "node_modules/pacote/node_modules/which": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/which/-/which-4.0.0.tgz",
+ "integrity": "sha512-GlaYyEb07DPxYCKhKzplCWBJtvxZcZMrL+4UkrTSJHHPyZU4mYYTv3qaOe77H7EODLSSopAUFAc6W8U4yqvscg==",
+ "dependencies": {
+ "isexe": "^3.1.1"
+ },
+ "bin": {
+ "node-which": "bin/which.js"
+ },
+ "engines": {
+ "node": "^16.13.0 || >=18.0.0"
+ }
+ },
"node_modules/parent-module": {
"version": "1.0.1",
"resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
@@ -8637,6 +8793,7 @@
"version": "7.0.0",
"resolved": "https://registry.npmjs.org/read-package-json/-/read-package-json-7.0.0.tgz",
"integrity": "sha512-uL4Z10OKV4p6vbdvIXB+OzhInYtIozl/VxUBPgNkBuUi2DeRonnuspmaVAMcrkmfjKGNmRndyQAbE7/AmzGwFg==",
+ "dev": true,
"dependencies": {
"glob": "^10.2.2",
"json-parse-even-better-errors": "^3.0.0",
@@ -8651,6 +8808,7 @@
"version": "3.0.2",
"resolved": "https://registry.npmjs.org/read-package-json-fast/-/read-package-json-fast-3.0.2.tgz",
"integrity": "sha512-0J+Msgym3vrLOUB3hzQCuZHII0xkNGCtz/HJH9xZshwv9DbDwkw1KaE3gx/e2J5rpEY5rtOy6cyhKOPrkP7FZw==",
+ "dev": true,
"dependencies": {
"json-parse-even-better-errors": "^3.0.0",
"npm-normalize-package-bin": "^3.0.0"
@@ -13066,7 +13224,7 @@
"dotenv": "^16.0.3",
"glob": "^10.3.4",
"lodash": "^4.17.21",
- "pacote": "^17.0.4",
+ "pacote": "^18.0.3",
"proc-log": "^3.0.0",
"semver": "^7.3.8",
"www": "^1.0.0"
diff --git a/workspaces/data/package.json b/workspaces/data/package.json
index 19f0cd74c..46b870cab 100644
--- a/workspaces/data/package.json
+++ b/workspaces/data/package.json
@@ -34,7 +34,7 @@
"dotenv": "^16.0.3",
"glob": "^10.3.4",
"lodash": "^4.17.21",
- "pacote": "^17.0.4",
+ "pacote": "^18.0.3",
"proc-log": "^3.0.0",
"semver": "^7.3.8",
"www": "^1.0.0"