Skip to content

Bump http-cache-semantics and npm in /npm_and_yarn/helpers#46

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn/helpers/multi-465349de20
Closed

Bump http-cache-semantics and npm in /npm_and_yarn/helpers#46
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn/helpers/multi-465349de20

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 3, 2026

Copy link
Copy Markdown

Bumps http-cache-semantics to 4.2.0 and updates ancestor dependency npm. These dependencies need to be updated together.

Updates http-cache-semantics from 3.8.1 to 4.2.0

Commits

Updates npm from 6.14.18 to 11.8.0

Release notes

Sourced from npm's releases.

v11.8.0

11.8.0 (2026-01-21)

Features

  • 545e861 #8828 show proxy environment variables in npm config list (Max Black)

Bug Fixes

Documentation

Dependencies

Chores

v11.7.0

11.7.0 (2025-12-09)

Features

Bug Fixes

Documentation

... (truncated)

Changelog

Sourced from npm's changelog.

11.8.0 (2026-01-21)

Features

  • 545e861 #8828 show proxy environment variables in npm config list (Max Black)

Bug Fixes

Documentation

Dependencies

Chores

11.7.0 (2025-12-09)

Features

Bug Fixes

Documentation

  • 7f2ab9d #8810 scripts: replace deprecated prepublish and install examples with prepare (Max Black)
  • 91ebab7 #8847 remove note about token create being disabled (@​owlstronaut)
  • 2030250 #8822 scripts: clarify prepare script runs with --production (Max Black)
  • 33a50d7 #8821 scripts: update npm_package_* environment variables documentation (Max Black)
  • 50508f9 #8793 package-json: add documentation for type field (#8793) (@​MaxBlack-dev, Max Black)
  • aa1dd7e #8823 scripts: document that prepare scripts run concurrently in workspaces (Max Black)
  • 3f48487 #8820 package-spec: fix alias syntax in examples (Max Black)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by owlstronaut, a new releaser for npm since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by cubic

Update http-cache-semantics to 4.2.0 and npm to 11.8.0 in npm_and_yarn/helpers to keep caching behavior and tooling current. These packages are updated together; only package.json and the lockfile changed.

  • Dependencies
    • http-cache-semantics: 3.8.1 → 4.2.0
    • npm: 6.14.18 → 11.8.0

Written for commit 7bb8fc7. Summary will update on new commits.

Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) to 4.2.0 and updates ancestor dependency [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Updates `http-cache-semantics` from 3.8.1 to 4.2.0
- [Commits](https://github.com/kornelski/http-cache-semantics/commits)

Updates `npm` from 6.14.18 to 11.8.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md)
- [Commits](npm/cli@v6.14.18...v11.8.0)

---
updated-dependencies:
- dependency-name: http-cache-semantics
  dependency-version: 4.2.0
  dependency-type: indirect
- dependency-name: npm
  dependency-version: 11.8.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 3, 2026
@coderabbitai

coderabbitai Bot commented Feb 3, 2026

Copy link
Copy Markdown

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

  • 🔍 Trigger a full review

Comment @coderabbitai help to get the list of available commands and usage tips.

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

@dependabot @github

dependabot Bot commented on behalf of github Feb 6, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Feb 6, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm_and_yarn/helpers/multi-465349de20 branch February 6, 2026 13:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code L: javascript

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants