[Snyk] Fix for 1 vulnerabilities

[RickAllMighty8195]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • deps/npm/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	823/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @npmcli/arborist

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: @npmcli/run-script

The new version differs by 113 commits.

• fcebe38 chore: release 7.0.2
• 30623cf deps: bump node-gyp from 9.4.1 to 10.0.0
• 54e5bd0 chore: postinstall for dependabot template-oss PR
• 7d95e9f chore: bump @ npmcli/template-oss from 4.18.1 to 4.19.0
• 90bcf54 chore: postinstall for dependabot template-oss PR
• ba0ab48 chore: bump @ npmcli/template-oss from 4.18.0 to 4.18.1
• 43ccfc7 chore: release 7.0.1
• f61fd84 deps: bump @ npmcli/promise-spawn from 6.0.2 to 7.0.0
• 87b740b chore: release 7.0.0
• e1b1a3c fix: drop node14 support
• a8045a9 deps: bump which from 3.0.1 to 4.0.0
• c4f4fb4 chore: postinstall for dependabot template-oss PR
• dacd67e chore: bump @ npmcli/template-oss from 4.17.0 to 4.18.0
• 9d2d807 chore: postinstall for dependabot template-oss PR
• 8b21725 chore: bump @ npmcli/template-oss from 4.15.1 to 4.17.0
• d9a0cc0 chore: release 6.0.2
• 545f3be fix: handle signals more correctly (docs: Supplement docs for Writable and Transform streams nodejs/node#142)
• 1cbd286 chore: bump @ npmcli/template-oss from 4.14.1 to 4.15.1 (Clarify that “io.js” is the only correct name nodejs/node#151)
• 581be58 docs: fix syntax in example (domain: add soft deprecation notice nodejs/node#141)
• 24f12b2 chore: release 6.0.1
• 728b270 chore: enable auto-publish (build: fix dtrace-enabled build on os x nodejs/node#150)
• 6c1cb21 chore: bump @ npmcli/template-oss from 4.12.1 to 4.14.1 (doc: added node-forward TC meeting 2014-10-15 nodejs/node#148)
• 3a8f085 fix: remove unused dependency on minipass (Support io.js Dockerfile or Docker Repo nodejs/node#147)
• 72c3e2f chore: bump @ npmcli/template-oss from 4.12.0 to 4.12.1 (doc: added TC meeting minutes for 2014-12-10 nodejs/node#144)

See the full diff

Package name: libnpmaccess

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmdiff

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmexec

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmfund

The new version differs by 250 commits.

• 4f18871 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps
• 425c6dd chore: nock@13.3.0
• 694e4cb chore: tap@16.3.8
• ff045cc chore: check git status after deps
• 9b54ace chore: update doctor snapshots for new proxy messages
• b34ee65 fix: set objectMode for search filter stream

See the full diff

Package name: libnpmhook

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmorg

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmpack

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmpublish

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmsearch

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmteam

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmversion

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (doc: make the documentation print-friendly nodejs/node#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: make-fetch-happen

The new version differs by 60 commits.

• bb3a5f5 chore: release 12.0.0
• 5318d23 deps: bump minipass from 5.0.0 to 7.0.2 (Working on 1.0.0 nodejs/node#253)
• 3059b28 fix: drop node14 support (Revert "test: don't assume broadcast traffic is unfiltered" nodejs/node#259)
• 096e2b8 chore: bump @ npmcli/template-oss from 4.15.1 to 4.18.0 (Consider exposing promise unhandled rejection hook nodejs/node#256)
• efd1e2f docs: update readme
• 7c25367 feat: move to @ npmcli/agent
• 5493550 deps: remove lru-cache
• 193b901 deps: remove socks-proxy-agent
• fc35622 deps: remove agentkeepalive
• e78fcdf deps: remove https-proxy-agent
• a4089a0 deps: remove http-proxy-agent
• 92c3226 deps: add @ npmcli/agent
• ca26378 chore: postinstall for dependabot template-oss PR
• 9493980 chore: bump @ npmcli/template-oss from 4.14.1 to 4.15.1
• eb4a838 chore: release 11.1.1
• e399ecc chore: bump @ npmcli/template-oss from 4.13.0 to 4.14.1 (Roadmap development nodejs/node#231)
• b04e3c2 deps: bump minipass from 4.2.7 to 5.0.0 (test: don't assume broadcast traffic is unfiltered nodejs/node#220)
• 23f5c73 chore: release 11.1.0
• cca9da0 feat: add support for caching additional headers (src: export node_is_initialized nodejs/node#225)
• 90796d6 chore: enable auto-publish (src,deps: wrap library name with TEXT() nodejs/node#226)
• d3cc004 chore: postinstall for dependabot template-oss PR
• e9d6a96 chore: bump @ npmcli/template-oss from 4.12.1 to 4.13.0 (Invite Colin Ihrig to the TC nodejs/node#223)
• dc35186 chore: bump @ npmcli/template-oss from 4.12.0 to 4.12.1 (test: parallel/test-dgram-broadcast-multi-process assumes unfiltered broadcast traffic nodejs/node#219)
• 835725c chore: postinstall for dependabot template-oss PR

See the full diff

Package name: node-gyp

The new version differs by 82 commits.

• 9acb4c7 chore: release 10.0.0
• 3032e10 chore: run tests after release please PR
• 864a979 feat!: use .npmignore file to limit which files are published (lib,src,doc: remove usage of events.EventEmitter nodejs/node#2921)
• 4e493d4 chore: misc testing fixes (New Uint8Arrays are sometimes filled with garbage nodejs/node#2930)
• d52997e feat: convert internal classes from util.inherits to classes
• 355622f feat: convert all internal functions to async/await
• 1b3bd34 feat!: drop node 14 support (url.parse("http://:::1") is parsed as "http://:1/::" nodejs/node#2929)
• e388255 deps: which@4.0.0 (Segfault in node::Environment::KickNextTick nodejs/node#2928)
• 059bb6f deps: make-fetch-happen@13.0.0 (Socket connects and gets data from non-existing service nodejs/node#2927)
• 4bef1ec deps: glob@10.3.10 (No event on child-process stdout nodejs/node#2926)
• 21a7249 chore: add check engines script to CI (module: remove unnecessary property and method nodejs/node#2922)
• 707927c feat(gyp): update gyp to v0.16.1 (calling function in each other module is not working nodejs/node#2923)
• d644ce4 docs: update applicable GitHub links from master to main (win,v8: Support for MSVS 2015 in v0.12 nodejs/node#2843)
• 4a50fe3 chore: empty commit to add changelog entries from test: add test-spawn-cmd-named-pipe nodejs/node#2770
• 26683e9 chore: GitHub Workflows security hardening (Stream Transform with Arrow Functions nodejs/node#2740)
• 91fd8ff Python lint: ruff --format is now --output-format
• b3d41ae doc: Add note about Python symlinks (PR 2362) to CHANGELOG.md for 9.1.0 (Compiling node v4.0.0 with OpenSSL 1.0.1 fails nodejs/node#2783)
• 5746691 test: update expired certs (Spawn detached window hide option nodejs/node#2908)
• d3615c6 Fix incorrect Xcode casing in README (Fix code example in events API docs nodejs/node#2896)
• bb93b94 docs: README.md Do not hardcode the supported versions of Python (Small documentation markup error nodejs/node#2880)
• 0f1f667 fix: create Python symlink only during builds, and clean it up after (Yet another segmentation fault in node-v4.0.0-rc.1 nodejs/node#2721)
• 445c28f test: increase mocha timeout (Ctrl+C exits debugger from repl v4.0.0 nodejs/node#2887)
• 1bfb083 Fix Python lint error by using an f-string (doc: jenkins-iojs.nodesource.com -> ci.nodejs.org, iojs.org/download -> nodejs.org/download nodejs/node#2886)
• c9caa2e docs: Update windows installation instructions in README.md (How to inherit from new Buffer implementation nodejs/node#2882)

See the full diff

Package name: npm-profile

The new version differs by 40 commits.

• 32cf63c chore: release 8.0.0
• 96370c2 deps: bump npm-registry-fetch from 14.0.5 to 15.0.0
• 384988c chore: turn on autopublish
• cfd2d07 fix: drop node14 support
• f20ba2b chore: merge old changelog to current format
• 444ca44 chore: postinstall for dependabot template-oss PR
• 3369a3d chore: bump @ npmcli/template-oss from 4.17.0 to 4.18.0