Skip to content

chore(deps): bump tar and npm#286

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-79a8a94197
Open

chore(deps): bump tar and npm#286
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-79a8a94197

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown

Removes tar. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.

Removes tar

Updates npm from 11.7.0 to 11.18.0

Release notes

Sourced from npm's releases.

v11.18.0

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

arborist: 9.9.0

9.9.0 (2026-06-29)

Features

Bug Fixes

... (truncated)

Changelog

Sourced from npm's changelog.

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

11.17.0 (2026-06-11)

Features

Bug Fixes

... (truncated)

Commits
  • a9c8c06 chore: release 11.18.0
  • f79b37f chore: dev dependency updates
  • 54656b6 deps: undici@6.27.0
  • 31c4773 deps: brace-expansion@5.0.7
  • e773c77 deps: tar@7.5.19
  • f05f6af deps: semver@7.8.5
  • 3021ad6 feat(arborist): extend replace-registry-host with URL prefix matching (#6110)...
  • 598ffdb fix(sbom): percent-encode vcs_url qualifier in generated purls (#9693)
  • f3f2465 fix(exec): prevent shared binPaths pollution across workspace runs (#9692)
  • 05793d0 fix: output all the required parameters for npm token list (#9691)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch from 2dc0e3a to 2ab49fe Compare July 2, 2026 00:02
Removes [tar](https://github.com/isaacs/node-tar). It's no longer used after updating ancestor dependency [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Removes `tar`

Updates `npm` from 11.7.0 to 11.18.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/v11.18.0/CHANGELOG.md)
- [Commits](npm/cli@v11.7.0...v11.18.0)

---
updated-dependencies:
- dependency-name: npm
  dependency-version: 11.17.0
  dependency-type: indirect
- dependency-name: tar
  dependency-version:
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-79a8a94197 branch from 2ab49fe to 77ea4e5 Compare July 2, 2026 03:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants