Skip to content
This repository has been archived by the owner on Oct 13, 2023. It is now read-only.

Bump npm-check-updates from 10.2.1 to 11.5.7 #180

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps npm-check-updates from 10.2.1 to 11.5.7.

Release notes

Sourced from npm-check-updates's releases.

v11.5.0

Minor

npm-check-updates will now auto-detect yarn and apply --packageManager yarn when yarn.lock is present and package-lock.json is not present. You can override this by explicitly setting --packageManager npm. It will print "Using yarn" when the auto-detection is triggered.

v11.4.0

Minor

  • Use --peer to check peer dependencies of installed packages and filter updates to compatible versions.
    • 791aa22 Respect peer dependencies (#869)
  • Bump mem (minor)

Patch

  • 696168b --deep: Fix Windows path
  • Bump dependencies (patch)

v11.2.0

Wildcards and globs can now be used in filters without having to use regex:

ncu react-*      # upgrade packages that start with "react-"
ncu \!commander  # upgrade everything except "commander"

Since special characters are not allowed in package names, this change shouldn't break anything, but please let me know if a filter that was working before v11.2.0 is not now!

Commits

ee27448 Add filter support for wildcards and glob expressions. Fixes #219.

v11.0.0

Breaking

  • --packageFile - Now interprets its argument as a glob pattern. It is possible that a previously supplied argument may be interepreted differently now (though I'm not aware of specific instances). Due to our conservative release policy we are releasing as a major version upgrade and allowing developers to assess for themselves.

Features

  • --deep - Run recursively in current working directory. Alias of --packageFile '**/package.json'.

See: #785

raineorshine/npm-check-updates@v10.3.1...v11.0.0

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label May 1, 2021
@dependabot-preview
Copy link
Contributor Author

Superseded by #196.

@dependabot-preview dependabot-preview bot deleted the dependabot/npm_and_yarn/npm-check-updates-11.5.7 branch June 1, 2021 06:47
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Development

Successfully merging this pull request may close these issues.

0 participants