[Snyk] Fix for 1 vulnerabilities

[kevinjm39]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @npmcli/arborist

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (chore: fix bundle version in libnpmpublish tests npm/cli#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: @npmcli/run-script

The new version differs by 107 commits.

• fcebe38 chore: release 7.0.2
• 30623cf deps: bump node-gyp from 9.4.1 to 10.0.0
• 54e5bd0 chore: postinstall for dependabot template-oss PR
• 7d95e9f chore: bump @ npmcli/template-oss from 4.18.1 to 4.19.0
• 90bcf54 chore: postinstall for dependabot template-oss PR
• ba0ab48 chore: bump @ npmcli/template-oss from 4.18.0 to 4.18.1
• 43ccfc7 chore: release 7.0.1
• f61fd84 deps: bump @ npmcli/promise-spawn from 6.0.2 to 7.0.0
• 87b740b chore: release 7.0.0
• e1b1a3c fix: drop node14 support
• a8045a9 deps: bump which from 3.0.1 to 4.0.0
• c4f4fb4 chore: postinstall for dependabot template-oss PR
• dacd67e chore: bump @ npmcli/template-oss from 4.17.0 to 4.18.0
• 9d2d807 chore: postinstall for dependabot template-oss PR
• 8b21725 chore: bump @ npmcli/template-oss from 4.15.1 to 4.17.0
• d9a0cc0 chore: release 6.0.2
• 545f3be fix: handle signals more correctly (fix(packageRelativePath): fix 'where' for file deps npm/cli#142)
• 1cbd286 chore: bump @ npmcli/template-oss from 4.14.1 to 4.15.1 (access: ls-collaborators is ok with non-scoped npm/cli#151)
• 581be58 docs: fix syntax in example (Release: npm@6.7.0 npm/cli#141)
• 24f12b2 chore: release 6.0.1
• 728b270 chore: enable auto-publish (6.8.0 npm/cli#150)
• 6c1cb21 chore: bump @ npmcli/template-oss from 4.12.1 to 4.14.1 (Fixing text. npm/cli#148)
• 3a8f085 fix: remove unused dependency on minipass (install/dedupe: fix hoisting of packages with peerDeps npm/cli#147)
• 72c3e2f chore: bump @ npmcli/template-oss from 4.12.0 to 4.12.1 (test: maketest: Fix common.npm callback arguments npm/cli#144)

See the full diff

Package name: glob

The new version differs by 116 commits.

• a68703e 9.0.0
• 58159ca test: cwd can be a url
• a547a9c more docs
• 42a3ac7 link to bash manual for Pattern Matching
• 474172d update readme with cwd URL support
• ad3904d update readme with posix class support
• b22fc7d minimatch@7.3.0
• cdd1627 update all the things, remove unused mkdirp types
• 75c6416 Merge branch 'v9'
• fa0cd77 cwd can be a file:// url
• d03ed0a typedoc github action
• 9a5a45a put bench results in readme
• 20b2f88 docs, fix benchmark script
• 4829c88 upgrade ci actions
• 5cbacdd minimatch@7.2.0
• 210310b omit symlinks on windows
• d34c8d5 full test coverage, clean up signals and remove extranous code
• 5f21b46 adding lots of tests, clean up types
• b12e6ba slashes on nodir test
• 75f74b0 more windows test slashes
• 3aa1abd more windows test affordances
• 3e68a7b some windows test affordances
• 8c2e082 feature complete and tests passing
• c3be35a correct ** vs ./** behavior

See the full diff

Package name: init-package-json

The new version differs by 28 commits.

• 6b7dbaf chore: release 4.0.0 (doc: add npm add as alias to npm install npm/cli#160)
• ea53243 chore: bump @ npmcli/config from 4.2.2 to 6.0.0 (Release: npm@6.9.0 npm/cli#167)
• 99e3307 chore: bump @ npmcli/eslint-config from 3.1.0 to 4.0.0 (Log failed optional platform dependencies as info npm/cli#169)
• b869b31 deps: bump read-package-json from 5.0.2 to 6.0.0 (fix optional dependencies when using devDeps npm/cli#170)
• d342821 deps: bump validate-npm-package-name from 4.0.0 to 5.0.0 (interactive pick-updates command npm/cli#168)
• a9b2e54 chore: postinstall for dependabot template-oss PR
• 9eacc7e chore: bump @ npmcli/template-oss from 4.4.4 to 4.5.1
• ada46c8 chore: postinstall for dependabot template-oss PR
• bb17043 chore: bump @ npmcli/template-oss from 4.3.2 to 4.4.4
• e8ea83a feat!: postinstall for dependabot template-oss PR
• 2eeb977 chore: bump @ npmcli/template-oss from 3.6.0 to 4.3.2
• 18e3c78 chore: postinstall for dependabot template-oss PR
• 197e9c3 chore: bump @ npmcli/template-oss from 3.5.0 to 3.6.0
• 8abb642 chore: bump @ npmcli/template-oss from 3.4.2 to 3.4.3 (token: use figgy-config to make sure extra opts are there npm/cli#149)
• 64ad963 chore: postinstall for dependabot template-oss PR
• 6f0fbd3 chore: bump @ npmcli/template-oss from 3.4.1 to 3.4.2
• 9023742 chore: bump @ npmcli/template-oss from 3.2.1 to 3.4.1 (install/dedupe: fix hoisting of packages with peerDeps npm/cli#147)
• e063094 chore(main): release 3.0.2 (fix(packageRelativePath): fix 'where' for file deps npm/cli#142)
• e4ba49a chore: bump @ npmcli/template-oss from 3.2.0 to 3.2.1 (doc: add preferDev and update preferGlobal npm/cli#143)
• fa7574a deps: bump validate-npm-package-name from 3.0.0 to 4.0.0 (test: maketest: Fix common.npm callback arguments npm/cli#144)
• b1ec548 deps: update npm-package-arg requirement from ^9.0.0 to ^9.0.1 (feat: new npm-cli feature to install missing dependencies npm/cli#136)
• 3b443aa chore: bump tap from 15.2.3 to 16.0.1 (Release: npm@6.7.0 npm/cli#141)
• d8bdf52 chore: bump @ npmcli/template-oss from 2.9.2 to 3.2.0 (doc: update package.json docs to include repository.directory details npm/cli#140)
• a1348c6 chore: release 3.0.1 (docs: described exit codes in npm-audit docs npm/cli#135)

See the full diff

Package name: libnpmaccess

The new version differs by 250 commits.

• aa0897c chore: release 9.0.0
• 586e78d feat: empty commit to trigger all workspace releases
• e3b004c feat: move cli and all workspaces out of prerelease mode
• 2929899 chore: release 9.0.0-pre.6
• 9e74d3e docs: update supported engines in readme (docs: update supported engines in readme npm/cli#5725)
• 239ba8e chore: remove legacy changelogs (chore: remove legacy changelogs npm/cli#5723)
• d3543e9 feat: output json formatted errors on stdout (feat: output json formatted errors on stdout npm/cli#5716)
• be642c6 feat: refuse to set deprecated/invalid config (feat: refuse to set deprecated/invalid config npm/cli#5719)
• 6ffa5b7 fix: `npm hook ls` duplicates hook name prefixes (fix: npm hook ls duplicates hook name prefixes npm/cli#5295)
• 88137a3 deps: npmlog@7.0.1
• 332914b feat: separate configs for `--timing` and `--loglevel`
• 7b92544 chore: manually hoist latest versions of some of our deps
• f653785 feat: deprecated `key`, `cert` config options and updated registry scoped auth docs
• e2e7622 chore: update arborist snapshot from hosted-git-info changes
• 5aa0c2d chore: @ npmcli/template-oss@4.6.2
• 2008ea6 deps: npm-package-arg@10.0.0, pacote@15.0.2
• 1afe5ba fix: account for new npm-package-arg behavior
• de2d33f feat: add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (add --install-strategy=hoisted|nested|shallow, remove --global-style, --legacy-bundling npm/cli#5709)
• 353b5bb fix: remove chownr and mkdirp-infer-owner
• aa01072 deps: update the following dependencies
• 38dc7f6 chore: @ npmcli/template-oss@4.6.1
• 58065bc feat: do not alter file ownership
• 475e9b6 feat: do not alter file ownership
• 32336f6 chore: release 9.0.0-pre.5

See the full diff

Package name: libnpmdiff

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (chore: fix bundle version in libnpmpublish tests npm/cli#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmexec

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (chore: fix bundle version in libnpmpublish tests npm/cli#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmfund

The new version differs by 250 commits.

• 4f18871 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (chore: fix bundle version in libnpmpublish tests npm/cli#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps
• 425c6dd chore: nock@13.3.0
• 694e4cb chore: tap@16.3.8
• ff045cc chore: check git status after deps
• 9b54ace chore: update doctor snapshots for new proxy messages
• b34ee65 fix: set objectMode for search filter stream

See the full diff

Package name: libnpmhook

The new version differs by 250 commits.

• aa0897c chore: release 9.0.0
• 586e78d feat: empty commit to trigger all workspace releases
• e3b004c feat: move cli and all workspaces out of prerelease mode
• 2929899 chore: release 9.0.0-pre.6
• 9e74d3e docs: update supported engines in readme (docs: update supported engines in readme npm/cli#5725)
• 239ba8e chore: remove legacy changelogs (chore: remove legacy changelogs npm/cli#5723)
• d3543e9 feat: output json formatted errors on stdout (feat: output json formatted errors on stdout npm/cli#5716)
• be642c6 feat: refuse to set deprecated/invalid config (feat: refuse to set deprecated/invalid config npm/cli#5719)
• 6ffa5b7 fix: `npm hook ls` duplicates hook name prefixes (fix: npm hook ls duplicates hook name prefixes npm/cli#5295)
• 88137a3 deps: npmlog@7.0.1
• 332914b feat: separate configs for `--timing` and `--loglevel`
• 7b92544 chore: manually hoist latest versions of some of our deps
• f653785 feat: deprecated `key`, `cert` config options and updated registry scoped auth docs
• e2e7622 chore: update arborist snapshot from hosted-git-info changes
• 5aa0c2d chore: @ npmcli/template-oss@4.6.2
• 2008ea6 deps: npm-package-arg@10.0.0, pacote@15.0.2
• 1afe5ba fix: account for new npm-package-arg behavior
• de2d33f feat: add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (add --install-strategy=hoisted|nested|shallow, remove --global-style, --legacy-bundling npm/cli#5709)
• 353b5bb fix: remove chownr and mkdirp-infer-owner
• aa01072 deps: update the following dependencies
• 38dc7f6 chore: @ npmcli/template-oss@4.6.1
• 58065bc feat: do not alter file ownership
• 475e9b6 feat: do not alter file ownership
• 32336f6 chore: release 9.0.0-pre.5

See the full diff

Package name: libnpmorg

The new version differs by 250 commits.

• aa0897c chore: release 9.0.0
• 586e78d feat: empty commit to trigger all workspace releases
• e3b004c feat: move cli and all workspaces out of prerelease mode
• 2929899 chore: release 9.0.0-pre.6
• 9e74d3e docs: update supported engines in readme (docs: update supported engines in readme npm/cli#5725)
• 239ba8e chore: remove legacy changelogs (chore: remove legacy changelogs npm/cli#5723)
• d3543e9 feat: output json formatted errors on stdout (feat: output json formatted errors on stdout npm/cli#5716)
• be642c6 feat: refuse to set deprecated/invalid config (feat: refuse to set deprecated/invalid config npm/cli#5719)
• 6ffa5b7 fix: `npm hook ls` duplicates hook name prefixes (fix: npm hook ls duplicates hook name prefixes npm/cli#5295)
• 88137a3 deps: npmlog@7.0.1
• 332914b feat: separate configs for `--timing` and `--loglevel`
• 7b92544 chore: manually hoist latest versions of some of our deps
• f653785 feat: deprecated `key`, `cert` config options and updated registry scoped auth docs
• e2e7622 chore: update arborist snapshot from hosted-git-info changes
• 5aa0c2d chore: @ npmcli/template-oss@4.6.2
• 2008ea6 deps: npm-package-arg@10.0.0, pacote@15.0.2
• 1afe5ba fix: account for new npm-package-arg behavior
• de2d33f feat: add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (add --install-strategy=hoisted|nested|shallow, remove --global-style, --legacy-bundling npm/cli#5709)
• 353b5bb fix: remove chownr and mkdirp-infer-owner
• aa01072 deps: update the following dependencies
• 38dc7f6 chore: @ npmcli/template-oss@4.6.1
• 58065bc feat: do not alter file ownership
• 475e9b6 feat: do not alter file ownership
• 32336f6 chore: release 9.0.0-pre.5

See the full diff

Package name: libnpmpack

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (chore: fix bundle version in libnpmpublish tests npm/cli#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
• b1ad3ad deps: npm-packlist@8.0.0
• 43831d0 deps: pacote@17.0.3
• 44e8fec deps: pacote@17.0.2
• 0d2e2c9 deps: bump sigstore from 1.7.0 to 2.0.0
• ec7a430 chore: audit fix for semver in nested dev deps

See the full diff

Package name: libnpmpublish

The new version differs by 250 commits.

• aa0897c chore: release 9.0.0
• 586e78d feat: empty commit to trigger all workspace releases
• e3b004c feat: move cli and all workspaces out of prerelease mode
• 2929899 chore: release 9.0.0-pre.6
• 9e74d3e docs: update supported engines in readme (docs: update supported engines in readme npm/cli#5725)
• 239ba8e chore: remove legacy changelogs (chore: remove legacy changelogs npm/cli#5723)
• d3543e9 feat: output json formatted errors on stdout (feat: output json formatted errors on stdout npm/cli#5716)
• be642c6 feat: refuse to set deprecated/invalid config (feat: refuse to set deprecated/invalid config npm/cli#5719)
• 6ffa5b7 fix: `npm hook ls` duplicates hook name prefixes (fix: npm hook ls duplicates hook name prefixes npm/cli#5295)
• 88137a3 deps: npmlog@7.0.1
• 332914b feat: separate configs for `--timing` and `--loglevel`
• 7b92544 chore: manually hoist latest versions of some of our deps
• f653785 feat: deprecated `key`, `cert` config options and updated registry scoped auth docs
• e2e7622 chore: update arborist snapshot from hosted-git-info changes
• 5aa0c2d chore: @ npmcli/template-oss@4.6.2
• 2008ea6 deps: npm-package-arg@10.0.0, pacote@15.0.2
• 1afe5ba fix: account for new npm-package-arg behavior
• de2d33f feat: add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (add --install-strategy=hoisted|nested|shallow, remove --global-style, --legacy-bundling npm/cli#5709)
• 353b5bb fix: remove chownr and mkdirp-infer-owner
• aa01072 deps: update the following dependencies
• 38dc7f6 chore: @ npmcli/template-oss@4.6.1
• 58065bc feat: do not alter file ownership
• 475e9b6 feat: do not alter file ownership
• 32336f6 chore: release 9.0.0-pre.5

See the full diff

Package name: libnpmsearch

The new version differs by 250 commits.

• aa0897c chore: release 9.0.0
• 586e78d feat: empty commit to trigger all workspace releases
• e3b004c feat: move cli and all workspaces out of prerelease mode
• 2929899 chore: release 9.0.0-pre.6
• 9e74d3e docs: update supported engines in readme (docs: update supported engines in readme npm/cli#5725)
• 239ba8e chore: remove legacy changelogs (chore: remove legacy changelogs npm/cli#5723)
• d3543e9 feat: output json formatted errors on stdout (feat: output json formatted errors on stdout npm/cli#5716)
• be642c6 feat: refuse to set deprecated/invalid config (feat: refuse to set deprecated/invalid config npm/cli#5719)
• 6ffa5b7 fix: `npm hook ls` duplicates hook name prefixes (fix: npm hook ls duplicates hook name prefixes npm/cli#5295)
• 88137a3 deps: npmlog@7.0.1
• 332914b feat: separate configs for `--timing` and `--loglevel`
• 7b92544 chore: manually hoist latest versions of some of our deps
• f653785 feat: deprecated `key`, `cert` config options and updated registry scoped auth docs
• e2e7622 chore: update arborist snapshot from hosted-git-info changes
• 5aa0c2d chore: @ npmcli/template-oss@4.6.2
• 2008ea6 deps: npm-package-arg@10.0.0, pacote@15.0.2
• 1afe5ba fix: account for new npm-package-arg behavior
• de2d33f feat: add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (add --install-strategy=hoisted|nested|shallow, remove --global-style, --legacy-bundling npm/cli#5709)
• 353b5bb fix: remove chownr and mkdirp-infer-owner
• aa01072 deps: update the following dependencies
• 38dc7f6 chore: @ npmcli/template-oss@4.6.1
• 58065bc feat: do not alter file ownership
• 475e9b6 feat: do not alter file ownership
• 32336f6 chore: release 9.0.0-pre.5

See the full diff

Package name: libnpmteam

The new version differs by 250 commits.

• aa0897c chore: release 9.0.0
• 586e78d feat: empty commit to trigger all workspace releases
• e3b004c feat: move cli and all workspaces out of prerelease mode
• 2929899 chore: release 9.0.0-pre.6
• 9e74d3e docs: update supported engines in readme (docs: update supported engines in readme npm/cli#5725)
• 239ba8e chore: remove legacy changelogs (chore: remove legacy changelogs npm/cli#5723)
• d3543e9 feat: output json formatted errors on stdout (feat: output json formatted errors on stdout npm/cli#5716)
• be642c6 feat: refuse to set deprecated/invalid config (feat: refuse to set deprecated/invalid config npm/cli#5719)
• 6ffa5b7 fix: `npm hook ls` duplicates hook name prefixes (fix: npm hook ls duplicates hook name prefixes npm/cli#5295)
• 88137a3 deps: npmlog@7.0.1
• 332914b feat: separate configs for `--timing` and `--loglevel`
• 7b92544 chore: manually hoist latest versions of some of our deps
• f653785 feat: deprecated `key`, `cert` config options and updated registry scoped auth docs
• e2e7622 chore: update arborist snapshot from hosted-git-info changes
• 5aa0c2d chore: @ npmcli/template-oss@4.6.2
• 2008ea6 deps: npm-package-arg@10.0.0, pacote@15.0.2
• 1afe5ba fix: account for new npm-package-arg behavior
• de2d33f feat: add --install-strategy=hoisted|nested|shallow, deprecate --global-style, --legacy-bundling (add --install-strategy=hoisted|nested|shallow, remove --global-style, --legacy-bundling npm/cli#5709)
• 353b5bb fix: remove chownr and mkdirp-infer-owner
• aa01072 deps: update the following dependencies
• 38dc7f6 chore: @ npmcli/template-oss@4.6.1
• 58065bc feat: do not alter file ownership
• 475e9b6 feat: do not alter file ownership
• 32336f6 chore: release 9.0.0-pre.5

See the full diff

Package name: libnpmversion

The new version differs by 250 commits.

• d0e7491 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (chore: fix bundle version in libnpmpublish tests npm/cli#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0
• 812aa6d deps: sigstore@2.1.0
• 7fab9d3 deps: @ sigstore/tuf@2.1.0
• 12337cc deps: which@4.0.0
...