Skip to content

chore(deps): bump tar and npm#74

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-79a8a94197
Open

chore(deps): bump tar and npm#74
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-79a8a94197

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown

Bumps tar and npm. These dependencies needed to be updated together.
Updates tar from 7.5.13 to 7.5.19

Commits

Updates npm from 11.13.0 to 11.18.0

Release notes

Sourced from npm's releases.

v11.18.0

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

arborist: 9.9.0

9.9.0 (2026-06-29)

Features

Bug Fixes

... (truncated)

Changelog

Sourced from npm's changelog.

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

11.17.0 (2026-06-11)

Features

Bug Fixes

... (truncated)

Commits
  • a9c8c06 chore: release 11.18.0
  • f79b37f chore: dev dependency updates
  • 54656b6 deps: undici@6.27.0
  • 31c4773 deps: brace-expansion@5.0.7
  • e773c77 deps: tar@7.5.19
  • f05f6af deps: semver@7.8.5
  • 3021ad6 feat(arborist): extend replace-registry-host with URL prefix matching (#6110)...
  • 598ffdb fix(sbom): percent-encode vcs_url qualifier in generated purls (#9693)
  • f3f2465 fix(exec): prevent shared binPaths pollution across workspace runs (#9692)
  • 05793d0 fix: output all the required parameters for npm token list (#9691)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies javascript Pull requests that update javascript code labels Jun 16, 2026

@doistbot doistbot left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR updates chore(deps): bump tar and npm. No issues were flagged in the reviewed diff.

Share FeedbackReview Logs

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch 3 times, most recently from eebea42 to 43e02da Compare June 24, 2026 15:14
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch 2 times, most recently from 95474e6 to a55504f Compare July 6, 2026 10:37
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch 2 times, most recently from f064bc5 to c71b880 Compare July 14, 2026 00:30
Bumps [tar](https://github.com/isaacs/node-tar) and [npm](https://github.com/npm/cli). These dependencies needed to be updated together.

Updates `tar` from 7.5.13 to 7.5.19
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.13...v7.5.19)

Updates `npm` from 11.13.0 to 11.18.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/v11.18.0/CHANGELOG.md)
- [Commits](npm/cli@v11.13.0...v11.18.0)

---
updated-dependencies:
- dependency-name: npm
  dependency-version: 11.17.0
  dependency-type: indirect
- dependency-name: tar
  dependency-version:
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch from c71b880 to 7b530cf Compare July 14, 2026 07:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant