chore(deps): bump the dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the dependencies group with 6 updates in the / directory:

Package	From	To
@nodesecure/js-x-ray	7.3.0	8.0.0
pacote	18.0.6	19.0.0
@npmcli/arborist	7.5.4	8.0.0
npm-pick-manifest	9.1.0	10.0.0
cacache	18.0.4	19.0.1
type-fest	4.24.0	4.26.1

Updates @nodesecure/js-x-ray from 7.3.0 to 8.0.0

Release notes

Sourced from @​nodesecure/js-x-ray's releases.

v8.0.0

What's Changed

• chore(deps): bump meriyah from 4.5.0 to 5.0.0 in the dependencies group by @​dependabot in NodeSecure/js-x-ray#285
• chore(deps-dev): bump @​types/node from 20.14.13 to 22.0.0 in the development-dependencies group by @​dependabot in NodeSecure/js-x-ray#286
• fix: type issues in api.d.ts by @​fraxken in NodeSecure/js-x-ray#287
• chore(deps): bump the github-actions group with 5 updates by @​dependabot in NodeSecure/js-x-ray#288
• chore(deps): bump @​typescript-eslint/typescript-estree from 7.18.0 to 8.0.0 in the dependencies group by @​dependabot in NodeSecure/js-x-ray#289
• fix(EntryFilesAnalyser): add missing options and patch some minors issues by @​fraxken in NodeSecure/js-x-ray#291
• refactor: fix deprecation in tests & update eslint by @​fraxken in NodeSecure/js-x-ray#292
• feat(EntryFilesAnalyser): implement digraph-js by @​fraxken in NodeSecure/js-x-ray#293
• feat: trace process.getBuiltinModule by @​fraxken in NodeSecure/js-x-ray#294
• fix(Deobfuscator): return if Node is null in extractCounterIdentifiers by @​fraxken in NodeSecure/js-x-ray#296
• Prepare major 8 by @​fraxken in NodeSecure/js-x-ray#297

Full Changelog: NodeSecure/js-x-ray@v7.3.0...v8.0.0

Commits

• f117a38 8.0.0
• 5fc112f chore(js-x-ray): update estree-ast-utils to v1.5.0
• d324907 chore(estree-ast-utils): v1.5.0
• 1fb55a9 Merge pull request #297 from NodeSecure/prepare-major-8
• 32e71b3 refactor: unset experimental for shady-link, suspicious-file and weak-crypto
• 68dae0a chore: cleanup docs API & d.ts
• 9990244 refactor!: remove legacy runASTAnalysis and runASTAnalysisOnFile APIs
• 81e44c5 fix(Deobfuscator): return if Node is null in extractCounterIdentifiers (#296)
• b69ced9 feat: trace process.getBuiltinModule (#294)
• 6c6279c feat(EntryFilesAnalyser): implement digraph-js (#293)
• Additional commits viewable in compare view

Updates pacote from 18.0.6 to 19.0.0

Release notes

Sourced from pacote's releases.

v19.0.0

19.0.0 (2024-09-27)

⚠️ BREAKING CHANGES

• pacote now supports node ^18.17.0 || >=20.5.0

Bug Fixes

• 03b31ca #392 align to npm 10 node engine range (@​reggi)

Dependencies

• f055f71 #395 bump npm-pick-manifest from 9.1.0 to 10.0.0 (#395) (@​dependabot[bot])
• 932b9ab #396 bump @​npmcli/package-json from 5.2.1 to 6.0.0 (#396) (@​dependabot[bot])
• a1621f9 #397 bump npm-registry-fetch from 17.1.0 to 18.0.0 (#397) (@​dependabot[bot])
• c776199 #398 bump cacache from 18.0.4 to 19.0.0 (#398) (@​dependabot[bot])
• 6d59022 #399 bump @​npmcli/git from 5.0.8 to 6.0.0 (#399)
• 21ea2d4 #400 bump @​npmcli/run-script from 8.1.0 to 9.0.0 (#400)
• eddbc01 #392 ssri@12.0.0
• 6c672e9 #392 proc-log@5.0.0
• 03ba2a2 #392 npm-packlist@9.0.0
• 2710286 #392 npm-package-arg@12.0.0
• aa0bd4a #392 @npmcli/promise-spawn@8.0.0
• df23343 #392 @npmcli/installed-package-contents@3.0.0

Chores

• e4ed5cd #392 bump hosted-git-info ^7.0.0 to ^8.0.0 (@​reggi)
• 2871f56 #392 run template-oss-apply (@​reggi)
• 39643f1 #382 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• 7e33c82 #383 postinstall for dependabot template-oss PR (@​hashtagchris)
• e4e07bf #383 bump @​npmcli/template-oss from 4.23.1 to 4.23.3 (@​dependabot[bot])

Changelog

Sourced from pacote's changelog.

19.0.0 (2024-09-27)

⚠️ BREAKING CHANGES

• pacote now supports node ^18.17.0 || >=20.5.0

Bug Fixes

• 03b31ca #392 align to npm 10 node engine range (@​reggi)

Dependencies

• f055f71 #395 bump npm-pick-manifest from 9.1.0 to 10.0.0 (#395) (@​dependabot[bot])
• 932b9ab #396 bump @​npmcli/package-json from 5.2.1 to 6.0.0 (#396) (@​dependabot[bot])
• a1621f9 #397 bump npm-registry-fetch from 17.1.0 to 18.0.0 (#397) (@​dependabot[bot])
• c776199 #398 bump cacache from 18.0.4 to 19.0.0 (#398) (@​dependabot[bot])
• 6d59022 #399 bump @​npmcli/git from 5.0.8 to 6.0.0 (#399)
• 21ea2d4 #400 bump @​npmcli/run-script from 8.1.0 to 9.0.0 (#400)
• eddbc01 #392 ssri@12.0.0
• 6c672e9 #392 proc-log@5.0.0
• 03ba2a2 #392 npm-packlist@9.0.0
• 2710286 #392 npm-package-arg@12.0.0
• aa0bd4a #392 @npmcli/promise-spawn@8.0.0
• df23343 #392 @npmcli/installed-package-contents@3.0.0

Chores

• e4ed5cd #392 bump hosted-git-info ^7.0.0 to ^8.0.0 (@​reggi)
• 2871f56 #392 run template-oss-apply (@​reggi)
• 39643f1 #382 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• 7e33c82 #383 postinstall for dependabot template-oss PR (@​hashtagchris)
• e4e07bf #383 bump @​npmcli/template-oss from 4.23.1 to 4.23.3 (@​dependabot[bot])

Commits

• 3552973 chore: release 19.0.0 (#394)
• f055f71 deps: bump npm-pick-manifest from 9.1.0 to 10.0.0 (#395)
• 932b9ab deps: bump @​npmcli/package-json from 5.2.1 to 6.0.0 (#396)
• a1621f9 deps: bump npm-registry-fetch from 17.1.0 to 18.0.0 (#397)
• c776199 deps: bump cacache from 18.0.4 to 19.0.0 (#398)
• 6d59022 deps: bump @​npmcli/git from 5.0.8 to 6.0.0 (#399)
• 21ea2d4 deps: bump @​npmcli/run-script from 8.1.0 to 9.0.0 (#400)
• e4ed5cd chore: bump hosted-git-info ^7.0.0 to ^8.0.0
• eddbc01 deps: ssri@12.0.0
• 6c672e9 deps: proc-log@5.0.0
• Additional commits viewable in compare view

Updates @npmcli/arborist from 7.5.4 to 8.0.0

Release notes

Sourced from @​npmcli/arborist's releases.

libnpmexec: v8.0.0

8.0.0 (2024-04-25)

⚠️ BREAKING CHANGES

• libnpmexec now emits an output event on process instead of invoking the output function passed in

Features

• 39e4da0 #7373 libnpmexec: no longer accept output function (@​lukekarrys)
• 9622597 #7339 refactor terminal display (#7339) (@​lukekarrys)

Dependencies

• 36adff3 #7408 pacote@18.0.2
• fc6e291 #7392 proc-log@4.2.0 (#7392)
• 7678a3d #7378 proc-log@4.1.0
• b8f8b41 #7373 @npmcli/run-script@8.0.0
• 79f79c7 #7373 proc-log@4.0.0
• 9027266 #7373 pacote@18.0.0
• ac98fd3 #7373 npm-package-arg@11.0.2
• workspace: @npmcli/arborist@7.5.0

arborist: v8.0.0

8.0.0 (2024-10-03)

⚠️ BREAKING CHANGES

• @npmcli/arborist now supports node ^18.17.0 || >=20.5.0

Features

• 4d57928 #7766 devEngines (#7766) (@​reggi)

Bug Fixes

• 365580a #7803 align @​npmcli/arborist to npm 10 node engine range (@​reggi)

Dependencies

• 5795987 #7803 update proggy@3.0.0
• 99ccae3 #7803 update bin-links@5.0.0
• 75786ad #7803 update @npmcli/query@4.0.0
• 1c25a1d #7803 update @npmcli/node-gyp@4.0.0
• 2d7fc3d #7803 update @npmcli/name-from-folder@3.0.0
• 1e09334 #7803 update @npmcli/metavuln-calculator@8.0.0
• 820e983 #7803 update @npmcli/installed-package-contents@3.0.0
• 9cd6603 #7803 update read-package-json-fast@4.0.0
• 8206c4f #7803 update ssri@12.0.0
• f6909a0 #7803 update proc-log@5.0.0
• f9b2e18 #7803 update parse-conflict-json@4.0.0
• e7ab206 #7803 update pacote@19.0.0
• d13a20b #7803 update npm-registry-fetch@18.0.1
• 092f41f #7803 update npm-pick-manifest@10.0.0
• 50a7bc8 #7803 update npm-package-arg@12.0.0
• 591130d #7803 update npm-install-checks@7.1.0
• 105fa2b #7803 update nopt@8.0.0
• 7214149 #7803 update json-parse-even-better-errors@4.0.0

... (truncated)

Changelog

Sourced from @​npmcli/arborist's changelog.

8.0.0 (2024-10-03)

⚠️ BREAKING CHANGES

• @npmcli/arborist now supports node ^18.17.0 || >=20.5.0

Features

• 4d57928 #7766 devEngines (#7766) (@​reggi)

Bug Fixes

• 365580a #7803 align @​npmcli/arborist to npm 10 node engine range (@​reggi)

Dependencies

• 5795987 #7803 update proggy@3.0.0
• 99ccae3 #7803 update bin-links@5.0.0
• 75786ad #7803 update @npmcli/query@4.0.0
• 1c25a1d #7803 update @npmcli/node-gyp@4.0.0
• 2d7fc3d #7803 update @npmcli/name-from-folder@3.0.0
• 1e09334 #7803 update @npmcli/metavuln-calculator@8.0.0
• 820e983 #7803 update @npmcli/installed-package-contents@3.0.0
• 9cd6603 #7803 update read-package-json-fast@4.0.0
• 8206c4f #7803 update ssri@12.0.0
• f6909a0 #7803 update proc-log@5.0.0
• f9b2e18 #7803 update parse-conflict-json@4.0.0
• e7ab206 #7803 update pacote@19.0.0
• d13a20b #7803 update npm-registry-fetch@18.0.1
• 092f41f #7803 update npm-pick-manifest@10.0.0
• 50a7bc8 #7803 update npm-package-arg@12.0.0
• 591130d #7803 update npm-install-checks@7.1.0
• 105fa2b #7803 update nopt@8.0.0
• 7214149 #7803 update json-parse-even-better-errors@4.0.0
• 6deae9e #7803 update hosted-git-info@8.0.0
• 034c729 #7803 update cacache@19.0.1
• 538a4cc #7803 update @npmcli/run-script@9.0.1
• b80d048 #7803 update @npmcli/redact@3.0.0
• 2076368 #7803 update @npmcli/package-json@6.0.1
• feac87c #7803 update @npmcli/map-workspaces@4.0.1
• dd90f9e #7803 update @npmcli/fs@4.0.0

Chores

• be1e6da #7803 update minify-registry-metadata@4.0.0 (@​reggi)
• 2072705 #7803 update @npmcli/eslint-config@5.0.1 (@​reggi)
• 8035725 #7756 @npmcli/template-oss@4.23.3 (@​wraithgar)

Commits

• See full diff in compare view

Updates npm-pick-manifest from 9.1.0 to 10.0.0

Release notes

Sourced from npm-pick-manifest's releases.

v10.0.0

10.0.0 (2024-09-26)

⚠️ BREAKING CHANGES

• npm-pick-manifest now supports node ^18.17.0 || >=20.5.0

Bug Fixes

• dd83a53 #145 align to npm 10 node engine range (@​reggi)

Dependencies

• 6b4df8d #145 npm-package-arg@12.0.0
• c2ae5b7 #145 npm-normalize-package-bin@4.0.0
• e948cef #145 npm-install-checks@7.1.0

Chores

• 2e1fdb4 #145 run template-oss-apply (@​reggi)
• 7891f6b #140 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• ae2ffc5 #138 postinstall for dependabot template-oss PR (@​hashtagchris)
• 7744312 #138 bump @​npmcli/template-oss from 4.22.0 to 4.23.3 (@​dependabot[bot])

Changelog

Sourced from npm-pick-manifest's changelog.

10.0.0 (2024-09-26)

⚠️ BREAKING CHANGES

• npm-pick-manifest now supports node ^18.17.0 || >=20.5.0

Bug Fixes

• dd83a53 #145 align to npm 10 node engine range (@​reggi)

Dependencies

• 6b4df8d #145 npm-package-arg@12.0.0
• c2ae5b7 #145 npm-normalize-package-bin@4.0.0
• e948cef #145 npm-install-checks@7.1.0

Chores

• 2e1fdb4 #145 run template-oss-apply (@​reggi)
• 7891f6b #140 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• ae2ffc5 #138 postinstall for dependabot template-oss PR (@​hashtagchris)
• 7744312 #138 bump @​npmcli/template-oss from 4.22.0 to 4.23.3 (@​dependabot[bot])

Commits

• f68698d chore: release 10.0.0 (#146)
• 6b4df8d deps: npm-package-arg@12.0.0
• c2ae5b7 deps: npm-normalize-package-bin@4.0.0
• e948cef deps: npm-install-checks@7.1.0
• 2e1fdb4 chore: run template-oss-apply
• dd83a53 fix!: align to npm 10 node engine range
• 7891f6b chore: bump @​npmcli/eslint-config from 4.0.5 to 5.0.0
• ae2ffc5 chore: postinstall for dependabot template-oss PR
• 7744312 chore: bump @​npmcli/template-oss from 4.22.0 to 4.23.3
• See full diff in compare view

Updates cacache from 18.0.4 to 19.0.1

Release notes

Sourced from cacache's releases.

v19.0.1

19.0.1 (2024-09-26)

Dependencies

• e56c7fc #302 update p-map from ^4.0.0 to ^7.0.2 (#302)

v19.0.0

19.0.0 (2024-09-26)

⚠️ BREAKING CHANGES

• cacache now supports node ^18.17.0 || >=20.5.0

Bug Fixes

• cc9eee3 #300 align to npm 10 node engine range (@​reggi)

Dependencies

• beaab7c #291 bump tar from 6.2.1 to 7.4.3 (#291)
• 81b6e34 #300 unique-filename@4.0.0
• dcab1af #300 ssri@12.0.0
• ba3a3b8 #300 @npmcli/fs@4.0.0

Chores

• 73ce729 #300 run template-oss-apply (@​reggi)
• f663562 #294 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• 74ac800 #295 postinstall for dependabot template-oss PR (@​hashtagchris)
• ae95894 #295 bump @​npmcli/template-oss from 4.23.1 to 4.23.3 (@​dependabot[bot])

Changelog

Sourced from cacache's changelog.

19.0.1 (2024-09-26)

Dependencies

• e56c7fc #302 update p-map from ^4.0.0 to ^7.0.2 (#302)

19.0.0 (2024-09-26)

⚠️ BREAKING CHANGES

• cacache now supports node ^18.17.0 || >=20.5.0

Bug Fixes

• cc9eee3 #300 align to npm 10 node engine range (@​reggi)

Dependencies

• beaab7c #291 bump tar from 6.2.1 to 7.4.3 (#291)
• 81b6e34 #300 unique-filename@4.0.0
• dcab1af #300 ssri@12.0.0
• ba3a3b8 #300 @npmcli/fs@4.0.0

Chores

• 73ce729 #300 run template-oss-apply (@​reggi)
• f663562 #294 bump @​npmcli/eslint-config from 4.0.5 to 5.0.0 (@​dependabot[bot])
• 74ac800 #295 postinstall for dependabot template-oss PR (@​hashtagchris)
• ae95894 #295 bump @​npmcli/template-oss from 4.23.1 to 4.23.3 (@​dependabot[bot])

Commits

• 718216c chore: release 19.0.1 (#303)
• e56c7fc deps: update p-map from ^4.0.0 to ^7.0.2 (#302)
• b52d649 chore: release 19.0.0 (#301)
• beaab7c deps: bump tar from 6.2.1 to 7.4.3 (#291)
• 81b6e34 deps: unique-filename@4.0.0
• dcab1af deps: ssri@12.0.0
• ba3a3b8 deps: @​npmcli/fs@​4.0.0
• 73ce729 chore: run template-oss-apply
• cc9eee3 fix!: align to npm 10 node engine range
• f663562 chore: bump @​npmcli/eslint-config from 4.0.5 to 5.0.0
• Additional commits viewable in compare view

Updates type-fest from 4.24.0 to 4.26.1

Release notes

Sourced from type-fest's releases.

v4.26.1

• Exact: Fix usage with recursive types and unions (#949) 91f6d39

sindresorhus/type-fest@v4.26.0...v4.26.1

v4.26.0

• Add UnionToTuple type (#945) 1f4f7a1

sindresorhus/type-fest@v4.25.0...v4.26.0

v4.25.0

• Add StringRepeat type (#938) a83e87e
• Add Arrayable type #270 (#935) 9aabcb9

sindresorhus/type-fest@v4.24.0...v4.25.0

Commits

• 2b98d9f 4.26.1
• 91f6d39 Exact: Fix usage with recursive types and unions (#949)
• 30b8e22 Document built-in Awaited type (#936)
• 0fdc7d2 4.26.0
• 1f4f7a1 Add UnionToTuple type (#945)
• f120d8a Tagged: Improve documentation (#943)
• 986faba Get: Update Path generic parameter (#932)
• 2967fe6 4.25.0
• a83e87e Add StringRepeat type (#938)
• f19a002 OmitDeep: Improve example (#937)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #324.