chore(deps): bump cosmiconfig from 8.1.3 to 9.0.0

[dependabot[bot]]

Bumps cosmiconfig from 8.1.3 to 9.0.0.

Release notes

Sourced from cosmiconfig's releases.

cosmiconfig: v8.3.6

8.3.6 (2023-09-13)

Bug Fixes

• ignore search place if accessing it causes ENOTDIR (i.e. if access of a subpath of a file is attempted) (5bd915a)

cosmiconfig: v8.3.5

8.3.5 (2023-09-08)

Bug Fixes

• pass null to transform function for backwards compat (2b38510)

cosmiconfig: v8.3.4

8.3.4 (2023-09-04)

Bug Fixes

• remove node: prefix from imports (f76484a), closes #323

cosmiconfig: v8.3.3

8.3.3 (2023-09-03)

Bug Fixes

• add back node 14 compat (7392541), closes #320

cosmiconfig: v8.3.2

8.3.2 (2023-09-02)

Bug Fixes

• use .cjs extension for sync compiled typescript (0d76a9a)
• use default for async TS loader (5bed3e3)

cosmiconfig: v8.3.1

8.3.1 (2023-09-02)

Bug Fixes

• do not resolve stopDir when undefined (59082e2), closes #317

cosmiconfig: v8.3.0

... (truncated)

Changelog

Sourced from cosmiconfig's changelog.

9.0.0

• Added searchStrategy option:
  • The none value means that cosmiconfig does not traverse any directories upwards.
    • Breaking change: This is the default value if you don't pass a stopDir option, which means that cosmiconfig no longer traverses directories by default, and instead just looks in the current working directory.
      • If you want to achieve maximum backwards compatibility without adding an explicit stopDir, add the searchStrategy: 'global' option.
  • The project value means that cosmiconfig traverses upwards until it finds a package.json (or .yaml) file.
  • The global value means that cosmiconfig traverses upwards until the passed stopDir, or your home directory if no stopDir is given.
• Breaking change: Meta config files (i.e. config.js and similar) are not looked for in the current working directory anymore. Instead, it looks in the .config subfolder.
• Breaking change: When defining searchPlaces in a meta config file, the tool-defined searchPlaces are merged into this. Users may specify mergeSearchPlaces: false to disable this.
• Added support for a special $import key which will import another configuration file
  • The imported file will act as a base file - all properties from that file will be applied to the configuration, but can be overridden by the importing file
  • For more information, read the import section of the README
• Added searching in OS conventional folders (XDG compatible on Linux, %APPDATA% on Windows, Library/Preferences on macOS) for searchStrategy: 'global'
• Fixed crash when trying to load a file that is not readable due to file system permissions
• Fixed wrong ERR_REQUIRE_ESM error being thrown when there is an issue loading an ESM file

8.3.6

• Ignore search place if accessing it causes ENOTDIR (i.e. if access of a subpath of a file is attempted)

8.3.5

• Fixed regression in transform option

8.3.4

• Fixed crash in older node versions

8.3.3

• Added back node 14 compat to package.json

8.3.2

• Fixed some issues with TypeScript config loading

8.3.1

• Fixed crash when stopDir was given but undefined

8.3.0

• Add support for TypeScript configuration files

8.2.0

• Add support for ECMAScript modules (ESM) to the asynchronous API. End users running Node versions that support ESM can provide .mjs files, or .js files whose nearest parent package.json file contains "type": "module".
  • ${moduleName}rc.mjs and ${moduleName}.config.mjs are included in the default searchPlaces of the asynchronous API.
  • The synchronous API does not support ECMAScript modules, so does not look for .mjs files.

... (truncated)

Commits

• 006fc0b 9.0.0
• d4de473 update changelog for new version
• 8bf59fc make changelog leaner again
• 0555009 chore: remove release-please
• 5839d5e 9.0.0-alpha.3
• 7fcf489 chore: update lock file
• b8b412f chore: remove unnecessary dev packages
• bb3ebba chore: replace path-type package with own utility functions
• 76d26bd 9.0.0-alpha.2
• 559ed70 feat: load config from package.yaml
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)