Skip to content

chore(deps): bump env-paths from 3.0.0 to 4.0.0#1571

Merged
jescalada merged 1 commit into
mainfrom
dependabot/npm_and_yarn/env-paths-4.0.0
Jun 12, 2026
Merged

chore(deps): bump env-paths from 3.0.0 to 4.0.0#1571
jescalada merged 1 commit into
mainfrom
dependabot/npm_and_yarn/env-paths-4.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps env-paths from 3.0.0 to 4.0.0.

Release notes

Sourced from env-paths's releases.

v4.0.0

Breaking

  • Require Node.js 20 612c498

sindresorhus/env-paths@v3.0.0...v4.0.0

Commits

@dependabot @github

dependabot Bot commented on behalf of github Jun 6, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: automated. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 6, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 6, 2026 09:18
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 6, 2026
@netlify

netlify Bot commented Jun 6, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name Link
🔨 Latest commit 8c629c2
🔍 Latest deploy log https://app.netlify.com/projects/endearing-brigadeiros-63f9d0/deploys/6a296d268fbc980008b3c9c4

@github-actions

github-actions Bot commented Jun 6, 2026
edited
Loading

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/env-paths 4.0.0 🟢 3.7
Details
CheckScoreReason
Code-Review⚠️ 2Found 7/30 approved changesets -- score normalized to 2
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained⚠️ 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/is-safe-filename 0.1.1 UnknownUnknown

Scanned Files

  • package-lock.json

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/env-paths-4.0.0 branch from 045e83e to 549b73f Compare June 7, 2026 02:58
@dependabot
chore(deps): bump env-paths from 3.0.0 to 4.0.0
8c629c2 
Bumps [env-paths](https://github.com/sindresorhus/env-paths) from 3.0.0 to 4.0.0.
- [Release notes](https://github.com/sindresorhus/env-paths/releases)
- [Commits](sindresorhus/env-paths@v3.0.0...v4.0.0)

---
updated-dependencies:
- dependency-name: env-paths
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/env-paths-4.0.0 branch from 549b73f to 8c629c2 Compare June 10, 2026 13:56
@jescalada jescalada merged commit e6fbb64 into main Jun 12, 2026
25 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/env-paths-4.0.0 branch June 12, 2026 04:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jescalada jescalada jescalada approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jescalada