Skip to content

Bump tar and npm#132

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-79a8a94197
Open

Bump tar and npm#132
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-79a8a94197

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown

Removes tar. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.

Removes tar

Updates npm from 11.8.0 to 11.18.0

Release notes

Sourced from npm's releases.

v11.18.0

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

arborist: 9.9.0

9.9.0 (2026-06-29)

Features

Bug Fixes

... (truncated)

Changelog

Sourced from npm's changelog.

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

11.17.0 (2026-06-11)

Features

Bug Fixes

... (truncated)

Commits
  • a9c8c06 chore: release 11.18.0
  • f79b37f chore: dev dependency updates
  • 54656b6 deps: undici@6.27.0
  • 31c4773 deps: brace-expansion@5.0.7
  • e773c77 deps: tar@7.5.19
  • f05f6af deps: semver@7.8.5
  • 3021ad6 feat(arborist): extend replace-registry-host with URL prefix matching (#6110)...
  • 598ffdb fix(sbom): percent-encode vcs_url qualifier in generated purls (#9693)
  • f3f2465 fix(exec): prevent shared binPaths pollution across workspace runs (#9692)
  • 05793d0 fix: output all the required parameters for npm token list (#9691)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 22, 2026 15:59
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch 2 times, most recently from f393597 to a2fdd20 Compare June 25, 2026 14:23
Removes [tar](https://github.com/isaacs/node-tar). It's no longer used after updating ancestor dependency [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Removes `tar`

Updates `npm` from 11.8.0 to 11.18.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/v11.18.0/CHANGELOG.md)
- [Commits](npm/cli@v11.8.0...v11.18.0)

---
updated-dependencies:
- dependency-name: npm
  dependency-version: 11.17.0
  dependency-type: indirect
- dependency-name: tar
  dependency-version:
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch from a2fdd20 to 1a324a7 Compare July 2, 2026 15:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants