cicd-pipeline-train-schedule-cd
cicd-pipeline-train-schedule-cd copied to clipboard
Bump tar and npm
Removes tar. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.
Removes tar
Updates npm
from 5.8.0 to 5.10.0
Changelog
Sourced from npm's changelog.
v5.10.0 (2018-05-10):
AUDIT SHOULDN'T WAIT FOREVER
This will likely be reduced further with the goal that the audit process shouldn't noticibly slow down your builds regardless of your network situation.
v5.10.0-next.1 (2018-05-07):
EXTENDED
npm init
SCAFFOLDINGThanks to the wonderful efforts of
@jdalton
of lodash fame,npm init
can now be used to invoke custom scaffolding tools!You can now do things like
npm init react-app
ornpm init esm
to scaffold an npm package by runningcreate-react-app
andcreate-esm
, respectively. This also adds annpm create
alias, to correspond to Yarn'syarn create
feature, which inspired this.
adc009ed4
f363edd04
f03b45fb2
13adcbb52
#20303 #20372 Add annpm init
feature that calls out tonpx
when invoked with positional arguments. (@jdalton
)DEPENDENCY AUDITING
This version of npm adds a new command,
npm audit
, which will run a security audit of your project's dependency tree and notify you about any actions you may need to take.The registry-side services required for this command to work will be available on the main npm registry in the coming weeks. Until then, you won't get much out of trying to use this on the CLI.
As part of this change, the npm CLI now sends scrubbed and cryptographically anonymized metadata about your dependency tree to your configured registry, to allow notifying you about the existence of critical security flaws. For details about how the CLI protects your privacy when it shares this metadata, see
npm help audit
, or read the docs fornpm audit
online. You
... (truncated)
Commits
c62d0ea
5.10.09edd48e
docs: update changelog for [email protected]e33bc08
audit: Timeout audit requests eventually9cb9102
5.10.0-next.1dab8d6d
update AUTHORSba6f620
doc: update changelog for [email protected]be01b7d
test: Change bad url in test in anticipation of aliasing74bcdb8
update: Add parens to clarify order of operations when defaulting where3232699
deps: Fix regexp used to cleanup from fieldsfb99f75
travis: Add node v10- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.