Skip to content

build(deps-dev): Bump lerna from 4.0.0 to 8.1.9#555

Open
dependabot[bot] wants to merge 1 commit intodependabot_developfrom
dependabot/npm_and_yarn/dependabot_develop/lerna-8.1.9
Open

build(deps-dev): Bump lerna from 4.0.0 to 8.1.9#555
dependabot[bot] wants to merge 1 commit intodependabot_developfrom
dependabot/npm_and_yarn/dependabot_develop/lerna-8.1.9

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2024

Bumps lerna from 4.0.0 to 8.1.9.

Release notes

Sourced from lerna's releases.

v8.1.9

8.1.9 (2024-10-31)

Bug Fixes

  • add extends property in schema (#4075) (28c8ef2)
  • core: avoid reading empty .config.json, upgrade cosmiconfig@v9.0.0 (#4062) (960bdd9)
  • update nx support to latest v20 (#4103) (cb37f19)
  • version: enable changing commit message when using amend (#3954) (529e83f)

Features

  • publish: support full file path for --summary-file (#4039) (cfd573a)

v8.1.8

8.1.8 (2024-08-05)

Bug Fixes

  • publish: upgrade @​npmcli/arborist to 7.5.4 (#4058) (89de0eb)
  • version: truncate release body based on maximum size allowed by VCS client (#4041) (3c2a3c9)

Features

  • publish: enable throttling when publishing modules (#4013) (fccca12)

v8.1.7

8.1.7 (2024-07-21)

Bug Fixes

v8.1.6

8.1.6 (2024-07-05)

Bug Fixes

v8.1.5

8.1.5 (2024-06-24)

... (truncated)

Changelog

Sourced from lerna's changelog.

8.1.9 (2024-10-31)

Bug Fixes

  • add extends property in schema (#4075) (28c8ef2)
  • core: avoid reading empty .config.json, upgrade cosmiconfig@v9.0.0 (#4062) (960bdd9)
  • update nx support to latest v20 (#4103) (cb37f19)

8.1.8 (2024-08-05)

Bug Fixes

  • publish: upgrade @​npmcli/arborist to 7.5.4 (#4058) (89de0eb)

8.1.7 (2024-07-21)

Bug Fixes

8.1.6 (2024-07-05)

Bug Fixes

8.1.5 (2024-06-24)

Bug Fixes

  • update npm utility dependencies and related packages (#4033) (bd1c2d8)

8.1.4 (2024-06-09)

Note: Version bump only for package lerna

8.1.3 (2024-05-13)

Bug Fixes

8.1.2 (2024-02-05)

Note: Version bump only for package lerna

8.1.1 (2024-02-05)

Note: Version bump only for package lerna

... (truncated)

Commits
  • 7d1338d chore(misc): publish 8.1.9
  • cb37f19 fix: update nx support to latest v20 (#4103)
  • 28c8ef2 fix: add extends property in schema (#4075)
  • 960bdd9 fix(core): avoid reading empty .config.json, upgrade cosmiconfig@v9.0.0 (#4062)
  • 0343c31 chore(misc): publish 8.1.8
  • 3cd9bc9 chore: update e2e-repair snapshots with new output (#4059)
  • 89de0eb fix(publish): upgrade @​npmcli/arborist to 7.5.4 (#4058)
  • 10fcb3a chore(misc): publish 8.1.7
  • 6e5cfbc fix: set explicit strip-ansi dependency (#4045)
  • 8d68f1d chore(misc): publish 8.1.6
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by jameshenry, a new releaser for lerna since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps-dev): Bump lerna from 4.0.0 to 8.1.9
2289141 
Bumps [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna) from 4.0.0 to 8.1.9.
- [Release notes](https://github.com/lerna/lerna/releases)
- [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md)
- [Commits](https://github.com/lerna/lerna/commits/v8.1.9/packages/lerna)

---
updated-dependencies:
- dependency-name: lerna
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from aleksaToljic as a code owner December 1, 2024 11:17
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 1, 2024
@dependabot dependabot bot mentioned this pull request Dec 1, 2024
Closed
@socket-security
Copy link

socket-security bot commented Dec 1, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@react-to-styled/loader@0.3.0 None +1 42.7 kB tolja
npm/cliui@8.0.1 None +1 37.5 kB oss-bot
npm/graceful-fs@4.2.11 environment, filesystem 0 32.5 kB isaacs
npm/react-dom@18.3.1 environment +3 4.63 MB react-bot
npm/react-inlinesvg@2.3.0 network Transitive: environment +2 190 kB gilbarbara
npm/react@17.0.2 environment +3 318 kB gaearon
npm/react@18.3.1 environment +2 339 kB react-bot
npm/signal-exit@3.0.7 None 0 9.96 kB isaacs
npm/styled-components@6.1.13 environment Transitive: filesystem +16 3.83 MB probablyup
npm/yargs-parser@21.1.1 environment, filesystem 0 128 kB oss-bot
npm/yargs@17.7.2 environment, filesystem 0 292 kB oss-bot

🚮 Removed packages: npm/arr-union@3.1.0, npm/asn1.js@5.4.1, npm/async-each@1.0.3, npm/bindings@1.5.0, npm/buffer-xor@1.0.3, npm/collection-visit@1.0.0, npm/copy-concurrently@1.0.5, npm/cyclist@1.0.1, npm/des.js@1.0.1, npm/for-in@1.0.2, npm/fs-write-stream-atomic@1.0.10, npm/get-value@2.0.6, npm/graceful-fs@4.2.9, npm/has-value@1.0.0, npm/hash-base@3.1.0, npm/hash.js@1.1.7, npm/hmac-drbg@1.0.1, npm/iferr@0.1.5, npm/imurmurhash@0.1.4, npm/minimalistic-crypto-utils@1.0.1, npm/nan@2.15.0, npm/path-dirname@1.0.2, npm/pumpify@1.5.1, npm/set-value@2.0.1, npm/signal-exit@3.0.6, npm/static-extend@0.1.2, npm/stream-each@1.2.3, npm/stream-shift@1.0.1, npm/to-object-path@0.3.0, npm/typedarray@0.0.6, npm/unicode-canonical-property-names-ecmascript@2.0.0, npm/unicode-property-aliases-ecmascript@2.0.0, npm/union-value@1.0.1, npm/unique-slug@2.0.2, npm/unset-value@1.0.0, npm/upath@1.2.0, npm/yargs-parser@21.0.0, npm/yargs@17.3.1

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aleksaToljic aleksaToljic Awaiting requested review from aleksaToljic aleksaToljic is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants