⬆️ Bump http-cache-semantics and npm

[dependabot[bot]]

Removes http-cache-semantics. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.

Removes http-cache-semantics

Updates npm from 6.14.1 to 9.6.6

Release notes

Sourced from npm's releases.

libnpmhook: v9.0.3

9.0.3 (2023-02-07)

Bug Fixes

• 12ec7ee remove unused package.json scripts (@​lukekarrys)

libnpmhook: v9.0.2

9.0.2 (2023-02-01)

Dependencies

• 721fe3f #6118 [email protected]
• a39556f @npmcli/[email protected]

libnpmpublish: v7.1.4

7.1.4 (2023-05-03)

Dependencies

• abdca39 #6416 [email protected]

libnpmpublish: v7.1.3

7.1.3 (2023-03-30)

Bug Fixes

• 3cf6f0d #6287 update provenance transparency log link (#6287) (@​bdehamer)

libnpmpublish: v7.1.2

7.1.2 (2023-03-14)

Bug Fixes

• 4622b42 #6247 add provenance publish notice (#6247) (@​bdehamer)
• 17adfb7 #6228 provenance build type v2 (#6228) (@​bdehamer, @​feelepxyz)

libnpmpublish: v7.1.1

7.1.1 (2023-03-08)

Bug Fixes

• 26cbe99 #6226 improve permission error for provenance (#6226) (@​bdehamer)

libnpmpublish: v7.1.0

7.1.0 (2023-02-14)

Features

• 5fc6473 add provenance attestation (@​bdehamer)

... (truncated)

Changelog

Sourced from npm's changelog.

9.6.6 (2023-05-03)

Dependencies

• 70e65b1 #6423 [email protected] (#6423)
• 72291f7 #6416 [email protected]
• e498f82 #6416 [email protected]
• 13aa7b7 #6416 [email protected]
• f2a5678 #6416 [email protected]
• 69d4dd2 #6416 npm update
• abdca39 #6416 [email protected]
• 16f68fb #6416 [email protected]
• 67fcfb1 #6416 [email protected]
• bfa2ff3 #6416 [email protected]
• 877591a #6416 [email protected]
• 7630517 #6416 [email protected]
• c2d6e0a #6416 [email protected]
• acdf97e #6416 [email protected]
• 00c541a #6416 [email protected]
• 1b95e73 #6416 [email protected]
• 6927fd3 #6416 [email protected]
• 3eec56e #6416 [email protected]
• 7a2ce3f #6416 @npmcli/[email protected]
• 3881770 #6416 @npmcli/[email protected]
• Workspace: @npmcli/[email protected]
• Workspace: [email protected]
• Workspace: [email protected]
• Workspace: [email protected]
• Workspace: [email protected]
• Workspace: [email protected]
• Workspace: [email protected]

9.6.5 (2023-04-19)

Bug Fixes

• 33dc428 #6374 account for npx package-name with no spec (@​wraithgar)
• 82879f6 #6225 lazy loading of arborist and pacote (#6225) (@​wraithgar)
• f4e73ab #6322 remove incompatible params from ci (#6322) (@​wraithgar)
• c7fe1c7 #6328 save raw data to file, not parsed data (@​wraithgar)

Documentation

• 31214a6 #6381 Update description for publish --provenance flag (#6381) (@​feelepxyz)
• 997bcdf #6329 fix npm cache folder location for windows (#6329) (@​charlie-wong)

Dependencies

• fae5e00 #6372 [email protected] (#6372)
• 3fa9542 #6363 [email protected]

... (truncated)

Commits

• 3d5bbcc chore: release 9.6.6
• 70e65b1 deps: [email protected] (#6423)
• 72291f7 deps: [email protected]
• e498f82 deps: [email protected]
• 13aa7b7 deps: [email protected]
• f2a5678 deps: [email protected]
• 69d4dd2 deps: npm update
• 1c8d17a chore: @​npmcli/template-oss@​4.14.1
• abdca39 deps: [email protected]
• 16f68fb deps: [email protected]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by gar, a new releaser for npm since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.