Skip to content
This repository was archived by the owner on Jun 30, 2025. It is now read-only.

deps: bump yargs from 17.7.2 to 18.0.0 #766

Closed
dependabot wants to merge 1 commit into from
Closed

deps: bump yargs from 17.7.2 to 18.0.0 #766

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 28, 2025
edited
Loading

Bumps yargs from 17.7.2 to 18.0.0.

Changelog

Sourced from yargs's changelog.

18.0.0 (2025-05-26)

⚠ BREAKING CHANGES

  • command names are not derived from modules passed to command.
  • singleton usage of yargs yargs.foo, yargs().argv, has been removed.
  • minimum node.js versions now ^20.19.0 || ^22.12.0 || >=23.
  • yargs is now ESM first

Features

Bug Fixes

  • addDirectory do not support absolute command dir (#2465) (3a40a78)
  • allows ESM modules commands to be extensible using visit option (#2468) (200e1aa)
  • browser: fix shims so that yargs continues working in browser context (#2457) (4ae5f57)
  • build: address problems with typescript compilation (#2445) (8d72fb3)
  • coerce should play well with parser configuration (#2308) (8343c66)
  • deps: update dependency yargs-parser to v22 (#2470) (639130d)
  • exit after async handler done (#2313) (e326cde)
  • handle spaces in bash completion (#2452) (83b7788)
  • parser-configuration should work well with generated completion script (#2332) (888db19)
  • propagate Dictionary including undefined in value type (#2393) (2b2f7f5)
  • zsh: completion no longer requires double tab when using autoloaded (0dd8fe4)

Code Refactoring

  • command names are not derived from modules passed to command. (d90af45)
  • singleton usage of yargs yargs.foo, yargs().argv, has been removed. (d90af45)

Build System

  • minimum node.js versions now ^20.19.0 || ^22.12.0 || >=23. (d90af45)
Commits
  • 0bc7255 chore(main): release 18.0.0 (#2325)
  • 639130d fix(deps): update dependency yargs-parser to v22 (#2470)
  • 200e1aa fix: allows ESM modules commands to be extensible using visit option (#2468)
  • 888db19 fix: parser-configuration should work well with generated completion script (...
  • 3a40a78 fix: addDirectory do not support absolute command dir (#2465)
  • 90e9eca docs: remove to old slack channel (#2466)
  • 0dd8fe4 fix(zsh): completion no longer requires double tab when using autoloaded
  • 27eec18 feat: commandDir now works with ESM files (#2461)
  • f9c72a7 docs: update examples to run from examples folder (#2463)
  • e02c91b feat(zsh): Add default completion as fallback (#2331)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested review from bajtos and juliangruber May 28, 2025 07:33
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 28, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github May 28, 2025

The reviewers field in the dependabot.yml file will be removed soon. Please use the code owners file to specify reviewers for Dependabot PRs. For more information, see this blog post.

@socket-security
Copy link

socket-security bot commented May 28, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedyargs@​18.0.09910010091100

View full report

@github-actions github-actions bot enabled auto-merge (squash) May 28, 2025 07:34
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/yargs-18.0.0 branch from bee5e10 to 32b67ca Compare June 2, 2025 08:01
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/yargs-18.0.0 branch 5 times, most recently from 184f1c7 to 302ab67 Compare June 16, 2025 10:15
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/yargs-18.0.0 branch 3 times, most recently from 5cc8337 to 81486fc Compare June 18, 2025 07:45
@dependabot
deps: bump yargs from 17.7.2 to 18.0.0
c867421 
Bumps [yargs](https://github.com/yargs/yargs) from 17.7.2 to 18.0.0.
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md)
- [Commits](yargs/yargs@v17.7.2...v18.0.0)

---
updated-dependencies:
- dependency-name: yargs
  dependency-version: 18.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/yargs-18.0.0 branch from 81486fc to c867421 Compare June 19, 2025 07:52
@bajtos bajtos closed this Jun 19, 2025
auto-merge was automatically disabled June 19, 2025 13:57

Pull request was closed

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 19, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/yargs-18.0.0 branch June 19, 2025 13:57
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@bajtos bajtos Awaiting requested review from bajtos

@juliangruber juliangruber Awaiting requested review from juliangruber

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bajtos