Update npm to v11.12.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
npm (source)	11.9.0 → 11.12.1

---

Release Notes

npm/cli (npm)

v11.12.1

Compare Source

Bug Fixes

• 596706a #​9148 revert prefer-offline/prefer-online exclusivity (#​9129) (@​owlstronaut)

Documentation

• d1ee8a5 #​9140 Add note on relative path prefix for npm publish (#​9140) (@​pydsigner)

Dependencies

• workspace: @npmcli/config@10.8.1

v11.12.0

Compare Source

Features

• 8eff5fb #​9049 audit: add --include-attestations flag to output sigstore bundles (#​9049) (@​mitchdenny)

Bug Fixes

• 03af94d #​9123 skip synopsis code block when command has no usage (@​owlstronaut)
• 21ea382 #​9110 arborist: resolve sibling override sets via common ancestor (#​9110) (@​manzoorwanijk)

Dependencies

• 03f4c3a #​9131 @sigstore/tuf@4.0.2
• 4d5f7d9 #​9131 @gar/promise-retry@1.0.3
• 8dcfe69 #​9131 @sigstore/sign@4.1.1
• e5a7e22 #​9127 lru-cache@11.2.7
• 82deab6 #​9127 make-fetch-happen@15.0.5
• ce195dc #​9127 cacache@20.0.4

Chores

• 95fa7f4 #​9132 fix docs test snapshot (#​9132) (@​wraithgar)
• 7e9d538 #​9127 dev dependency updates (@​wraithgar)
• 920e5ed #​9127 test snapshots (@​wraithgar)
• 98ccf92 #​9125 fix snap tests (@​owlstronaut)
• workspace: @npmcli/arborist@9.4.2
• workspace: @npmcli/config@10.8.0
• workspace: libnpmdiff@8.1.5
• workspace: libnpmexec@10.2.5
• workspace: libnpmfund@7.0.19
• workspace: libnpmpack@9.1.5

v11.11.1

Compare Source

Bug Fixes

• a9d242b #​9099 include all subcommands on main command help (#​9099) (@​wraithgar)
• 29b8407 #​9087 unwrap comments and lines meant for output (#​9087) (@​wraithgar)
• b56986a #​9095 ls: suppress false UNMET DEPENDENCYs in linked strategy (#​9095) (@​manzoorwanijk)
• 76c76e5 #​9083 ci: don't error on optional deps in the lockfile (#​9083) (@​wraithgar)
• a29aeee #​9028 arborist: retry bin-links on Windows EPERM (#​9028) (@​manzoorwanijk)
• 6565eeb #​9045 bypass packument cache to prevent ETARGET errors after publish (#​9045) (@​Jadu07)

Documentation

• 3b96929 #​9074 scripts: remove mention of obsolete root user behavior (#​9074) (@​mohd-akram)
• 16ac4e0 #​9054 fix workspace cross-dependency documentation (@​owlstronaut)

Dependencies

• 075ae23 #​9086 tar@7.5.11
• 13fa40d #​9086 pacote@21.5.0
• bf7ea2b #​9060 brace-expansion@5.0.4
• 2000d2c #​9060 minimatch@10.2.4
• d86b260 #​9060 tar@7.5.10
• dff1853 #​9060 @npmcli/run-script@10.0.4
• 93c3365 #​9060 write-file-atomic@7.0.1

Chores

• d1996a7 #​9060 dev dependency updates (@​wraithgar)
• workspace: @npmcli/arborist@9.4.1
• workspace: libnpmdiff@8.1.4
• workspace: libnpmexec@10.2.4
• workspace: libnpmfund@7.0.18
• workspace: libnpmpack@9.1.4

v11.11.0

Compare Source

Features

• 4fcd352 #​9017 add :type(registry) to query selector syntax (#​9017) (@​wraithgar)
• e1b21f0 #​8909 adds circleci to trust command (#​8909) (@​owlstronaut)
• 9a33ad0 #​8925 adds circleci to oidc (#​8925) (@​owlstronaut)

Bug Fixes

• 4426411 #​9026 npm audit signatures for keyless attestation registries (#​9026) (@​ajayk)
• 658b323 #​9010 handle legacy licenses array in sbom output (#​9010) (@​JNC4)

Documentation

• 143f8cd #​9007 docs shouldn't wrap yaml description (#​9007) (@​owlstronaut)

Dependencies

• 7798b6e #​9027 @gar/promise-retry@1.0.2
• 4838864 #​9027 balanced-match@4.0.4
• 0c200dd #​9027 brace-expansion@5.0.3
• f0606bb #​9027 spdx-license-ids@3.0.23
• d43f350 #​9027 make-fetch-happen@15.0.4
• 4d0918a #​9027 @npmcli/git@7.0.2
• 8912ca7 #​9027 minipass-fetch@5.0.2
• 450ff35 #​9027 npm-packlist@10.0.4
• 20ef5a5 #​9027 pacote@21.4.0
• 60f332c #​9008 remove promise-retry
• cb8b9c7 #​9008 add @gar/promise-retry@1.0.0
• workspace: @npmcli/arborist@9.4.0
• workspace: libnpmdiff@8.1.3
• workspace: libnpmexec@10.2.3
• workspace: libnpmfund@7.0.17
• workspace: libnpmpack@9.1.3

v11.10.1

Compare Source

Bug Fixes

• 9fac412 #​8995 improve unknown config warning with .npmrc section hint (#​8995) (@​umeshmore45)
• bb135cc #​8981 arborist: fix peerOptional dependency resolution in buildIdealTree (#​8981) (@​Saibamen, @​cursoragent)
• 5c03826 #​8993 remove tabular output from "npm view" (@​wraithgar)
• 4648f26 #​8993 remove tabular output from "npm team" (@​wraithgar)

Documentation

• 0a5756d #​8998 clarify unsupported custom .npmrc keys and recommend alternatives (#​8998) (@​maitrawebtech)
• 22c9153 #​8985 fix typo and grammar in README (#​8985) (@​csmit195, Chris)

Dependencies

• aa8ffbf #​9002 init-package-json@8.2.5 (#​9002)
• 67a0f09 #​9001 glob@13.0.6
• 56b8fd4 #​9001 minimatch@10.2.2
• aa7fef5 #​9001 minipass@7.1.3
• d3a4161 #​9000 @npmcli/package-json@7.0.5 (#​9000)
• 7aa9338 #​8993 remove cli-columns
• f7f7c53 #​8991 hoist balanced-match
• 10cb575 #​8991 hoist latest yallist
• 1b3dc9a #​8991 cidr-regex@5.0.3
• 4307af6 #​8991 glob@13.0.5
• 13b4d6a #​8991 minimatch@10.2.1
• 45d4000 #​8991 tar@7.5.9

Chores

• 40fcab4 #​8991 @npmcli/template-oss@4.29.0 (@​wraithgar)
• 1598adb #​8991 dev dependency updates (@​wraithgar)
• workspace: @npmcli/arborist@9.3.1
• workspace: @npmcli/config@10.7.1
• workspace: libnpmdiff@8.1.2
• workspace: libnpmexec@10.2.2
• workspace: libnpmfund@7.0.16
• workspace: libnpmpack@9.1.2

v11.10.0

Compare Source

Features

• cf56a1e #​8899 npm trust, per-command config (@​reggi)
• cf56a1e #​8899 npm trust (@​reggi)
• 66d6e11 #​8965 add min-release-age (#​8965) (@​wraithgar)

Dependencies

• aae84bf #​8973 pacote@21.3.1
• 8bcb675 #​8973 cidr-regex@5.0.2
• f87aaab #​8973 lru-cache@11.2.6
• acec871 #​8973 ssri@13.0.1
• 1e42a86 #​8973 glob@13.0.2
• e1c08a4 #​8973 is-cidr@6.0.3
• dfb0e34 #​8973 semver@7.7.4
• 0ee7776 #​8973 which@6.0.1

Chores

• eb81df8 #​8973 dev dependency updates (@​wraithgar)
• 995e757 #​8966 Clean up some todos, add tests for previously skipped blocks (@​owlstronaut)
• workspace: @npmcli/arborist@9.3.0
• workspace: @npmcli/config@10.7.0
• workspace: libnpmdiff@8.1.1
• workspace: libnpmexec@10.2.1
• workspace: libnpmfund@7.0.15
• workspace: libnpmpack@9.1.1

---

Configuration

📅 Schedule: (in timezone Asia/Almaty)

• Branch creation
  • "on friday"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled because a matching PR was automerged previously.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 55dbb37

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.