Skip to content

Bump @microsoft/rush from 5.166.0 to 5.167.0#171

Merged
nev21 merged 3 commits into
mainfrom
dependabot/npm_and_yarn/microsoft/rush-5.167.0
Feb 10, 2026
Merged

Bump @microsoft/rush from 5.166.0 to 5.167.0#171
nev21 merged 3 commits into
mainfrom
dependabot/npm_and_yarn/microsoft/rush-5.167.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 9, 2026

Copy link
Copy Markdown
Contributor

Bumps @microsoft/rush from 5.166.0 to 5.167.0.

Changelog

Sourced from @​microsoft/rush's changelog.

5.167.0

Thu, 05 Feb 2026 00:24:16 GMT

Updates

  • Add support for rush-pnpm approve-builds command to persist globalOnlyBuiltDependencies in pnpm-config.json
  • Filter npm-incompatible properties from .npmrc when npm is used with a configuration intended for pnpm or yarn, to eliminate spurious warnings during package manager installation.
  • Fix a longstanding issue where a package.json script could hang on Windows if it accessed STDIN under certain circumstances
  • Upgrade tar dependency from 6.2.1 to 7.5.6 to fix security vulnerability GHSA-8qq5-rm4j-mr97
Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
@microsoft/rush [>= 5.144.a, < 5.145]

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@microsoft/rush](https://github.com/microsoft/rushstack/tree/HEAD/apps/rush) from 5.166.0 to 5.167.0.
- [Changelog](https://github.com/microsoft/rushstack/blob/main/apps/rush/CHANGELOG.md)
- [Commits](https://github.com/microsoft/rushstack/commits/@microsoft/rush_v5.167.0/apps/rush)

---
updated-dependencies:
- dependency-name: "@microsoft/rush"
  dependency-version: 5.167.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 9, 2026
@dependabot dependabot Bot requested a review from a team as a code owner February 9, 2026 23:16
@dependabot dependabot Bot added the javascript Pull requests that update Javascript code label Feb 9, 2026
@dependabot dependabot Bot requested a review from a team as a code owner February 9, 2026 23:16

@nevware21-bot nevware21-bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved by nevware21-bot

@nev21 nev21 merged commit 3b4c490 into main Feb 10, 2026
7 checks passed
@nev21 nev21 deleted the dependabot/npm_and_yarn/microsoft/rush-5.167.0 branch February 10, 2026 02:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants