From a2f7b061592ddf79544f83b7975a1e5d3a8092cc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 5 Jan 2026 15:40:34 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=A4=96=20Dep=20Updates:=20Bump=20pacote?= =?UTF-8?q?=20from=2021.0.1=20to=2021.0.4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [pacote](https://github.com/npm/pacote) from 21.0.1 to 21.0.4. - [Release notes](https://github.com/npm/pacote/releases) - [Changelog](https://github.com/npm/pacote/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/pacote/compare/v21.0.1...v21.0.4) --- updated-dependencies: - dependency-name: pacote dependency-version: 21.0.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package.json | 2 +- pnpm-lock.yaml | 178 +++++++++++++------------------------------------ 2 files changed, 49 insertions(+), 131 deletions(-) diff --git a/package.json b/package.json index 5dc4179..355377e 100644 --- a/package.json +++ b/package.json @@ -745,7 +745,7 @@ "nock": "14.0.10", "normalize-package-data": "8.0.0", "npm-package-arg": "13.0.0", - "pacote": "21.0.1", + "pacote": "21.0.4", "picomatch": "2.3.1", "semver": "7.7.2", "spdx-correct": "3.2.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index bf3d85e..f3cf770 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -184,8 +184,8 @@ importers: specifier: 13.0.0 version: 13.0.0 pacote: - specifier: 21.0.1 - version: 21.0.1 + specifier: 21.0.4 + version: 21.0.4 picomatch: specifier: 2.3.1 version: 2.3.1 @@ -815,10 +815,6 @@ packages: resolution: {integrity: sha512-GUYESQlxZRAdhs3UhbB6pVRNUELQOHXwK9ruDkwmCv2aZ5y0SApQzUJCg02p3A7Ue2J5hxvlk1YI53c00NmRyQ==} engines: {node: ^18.17.0 || >=20.5.0} - '@npmcli/git@7.0.0': - resolution: {integrity: sha512-vnz7BVGtOctJAIHouCJdvWBhsTVSICMeUgZo2c7XAi5d5Rrl80S1H7oPym7K03cRuinK5Q6s2dw36+PgXQTcMA==} - engines: {node: ^20.17.0 || >=22.9.0} - '@npmcli/git@7.0.1': resolution: {integrity: sha512-+XTFxK2jJF/EJJ5SoAzXk3qwIDfvFc5/g+bD274LZ7uY7LE8sTfG6Z8rOanPl2ZEvZWqNvmEdtXC25cE54VcoA==} engines: {node: ^20.17.0 || >=22.9.0} @@ -1021,10 +1017,6 @@ packages: resolution: {integrity: sha512-NwCl5Y0V6Di0NexvkTqdoVfmjTaQwoLM236r89KEojGmq/jMls8S+zb7yOwAPdXvbwfKDlP+lmXgAL4vKSQT+A==} engines: {node: ^20.17.0 || >=22.9.0} - '@sigstore/core@3.0.0': - resolution: {integrity: sha512-NgbJ+aW9gQl/25+GIEGYcCyi8M+ng2/5X04BMuIgoDfgvp18vDcoNHOQjQsG9418HGNYRxG3vfEXaR1ayD37gg==} - engines: {node: ^20.17.0 || >=22.9.0} - '@sigstore/core@3.1.0': resolution: {integrity: sha512-o5cw1QYhNQ9IroioJxpzexmPjfCe7gzafd2RY3qnMpxr4ZEja+Jad/U8sgFpaue6bOaF+z7RVkyKVV44FN+N8A==} engines: {node: ^20.17.0 || >=22.9.0} @@ -1037,12 +1029,12 @@ packages: resolution: {integrity: sha512-Vx1RmLxLGnSUqx/o5/VsCjkuN5L7y+vxEEwawvc7u+6WtX2W4GNa7b9HEjmcRWohw/d6BpATXmvOwc78m+Swdg==} engines: {node: ^20.17.0 || >=22.9.0} - '@sigstore/tuf@4.0.0': - resolution: {integrity: sha512-0QFuWDHOQmz7t66gfpfNO6aEjoFrdhkJaej/AOqb4kqWZVbPWFZifXZzkxyQBB1OwTbkhdT3LNpMFxwkTvf+2w==} + '@sigstore/tuf@4.0.1': + resolution: {integrity: sha512-OPZBg8y5Vc9yZjmWCHrlWPMBqW5yd8+wFNl+thMdtcWz3vjVSoJQutF8YkrzI0SLGnkuFof4HSsWUhXrf219Lw==} engines: {node: ^20.17.0 || >=22.9.0} - '@sigstore/verify@3.0.0': - resolution: {integrity: sha512-moXtHH33AobOhTZF8xcX1MpOFqdvfCk7v6+teJL8zymBiDXwEsQH6XG9HGx2VIxnJZNm4cNSzflTLDnQLmIdmw==} + '@sigstore/verify@3.1.0': + resolution: {integrity: sha512-mNe0Iigql08YupSOGv197YdHpPPr+EzDZmfCgMc7RPNaZTw5aLN01nBl6CHJOh3BGtnMIj83EeN4butBchc8Ag==} engines: {node: ^20.17.0 || >=22.9.0} '@sindresorhus/chunkify@2.0.0': @@ -1102,8 +1094,8 @@ packages: resolution: {integrity: sha512-yVtV8zsdo8qFHe+/3kw81dSLyF7D576A5cCFCi4X7B39tWT7SekaEFUnvnWJHz+9qO7qJTah1JbrDjWKqFtdWA==} engines: {node: ^16.14.0 || >=18.0.0} - '@tufjs/models@4.0.0': - resolution: {integrity: sha512-h5x5ga/hh82COe+GoD4+gKUeV4T3iaYOxqLt41GRKApinPI7DMidhCmNVTjKfhCWFJIGXaFJee07XczdT4jdZQ==} + '@tufjs/models@4.1.0': + resolution: {integrity: sha512-Y8cK9aggNRsqJVaKUlEYs4s7CvQ1b1ta2DVPyAimb0I2qhzjNk+A+mxvll/klL0RlfuIUei8BF7YWiua4kQqww==} engines: {node: ^20.17.0 || >=22.9.0} '@tybys/wasm-util@0.10.1': @@ -1986,8 +1978,8 @@ packages: resolution: {integrity: sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==} engines: {node: '>=10.13.0'} - glob@10.4.5: - resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==} + glob@10.5.0: + resolution: {integrity: sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==} hasBin: true glob@11.0.3: @@ -2367,6 +2359,10 @@ packages: resolution: {integrity: sha512-IPZ167aShDZZUMdRk66cyQAW3qr0WzbHkPdMYa8bzZhlHhO3jALbKdxcaak7W9FfT2rZNpQuUu4Od7ILEpXSaw==} engines: {node: 20 || >=22} + minimatch@10.1.1: + resolution: {integrity: sha512-enIvLvRAFZYXJzkCYG5RKmPfrFArdLv+R+lbQ53BmIMLIry74bjKzX6iHAm8WYamJkhSSEabrWN5D97XnKObjQ==} + engines: {node: 20 || >=22} + minimatch@3.1.2: resolution: {integrity: sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==} @@ -2533,10 +2529,6 @@ packages: resolution: {integrity: sha512-+t2etZAGcB7TbbLHfDwooV9ppB2LhhcT6A+L9cahsf9mEUAoQ6CktLEVvEnpD0N5CkX7zJqnPGaFtoQDy9EkHQ==} engines: {node: ^20.17.0 || >=22.9.0} - npm-packlist@10.0.2: - resolution: {integrity: sha512-DrIWNiWT0FTdDRjGOYfEEZUNe1IzaSZ+up7qBTKnrQDySpdmuOQvytrqQlpK5QrCA4IThMvL4wTumqaa1ZvVIQ==} - engines: {node: ^20.17.0 || >=22.9.0} - npm-packlist@10.0.3: resolution: {integrity: sha512-zPukTwJMOu5X5uvm0fztwS5Zxyvmk38H/LfidkOMt3gbZVCyro2cD/ETzwzVPcWZA3JOyPznfUN/nkyFiyUbxg==} engines: {node: ^20.17.0 || >=22.9.0} @@ -2630,6 +2622,10 @@ packages: resolution: {integrity: sha512-VkndIv2fIB99swvQoA65bm+fsmt6UNdGeIB0oxBs+WhAhdh08QA04JXpI7rbB9r08/nkbysKoya9rtDERYOYMA==} engines: {node: '>=18'} + p-map@7.0.4: + resolution: {integrity: sha512-tkAQEw8ysMzmkhgw8k+1U/iPhWNhykKnSk4Rd5zLoPJCuJaGRPo6YposrZgaxHKzDHdDWWZvE/Sk7hsL2X/CpQ==} + engines: {node: '>=18'} + p-try@2.2.0: resolution: {integrity: sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==} engines: {node: '>=6'} @@ -2640,16 +2636,6 @@ packages: package-manager-detector@1.5.0: resolution: {integrity: sha512-uBj69dVlYe/+wxj8JOpr97XfsxH/eumMt6HqjNTmJDf/6NO9s+0uxeOneIz3AsPt2m6y9PqzDzd3ATcU17MNfw==} - pacote@21.0.1: - resolution: {integrity: sha512-LHGIUQUrcDIJUej53KJz1BPvUuHrItrR2yrnN0Kl9657cJ0ZT6QJHk9wWPBnQZhYT5KLyZWrk9jaYc2aKDu4yw==} - engines: {node: ^20.17.0 || >=22.9.0} - hasBin: true - - pacote@21.0.3: - resolution: {integrity: sha512-itdFlanxO0nmQv4ORsvA9K1wv40IPfB9OmWqfaJWvoJ30VKyHsqNgDVeG+TVhI7Gk7XW8slUy7cA9r6dF5qohw==} - engines: {node: ^20.17.0 || >=22.9.0} - hasBin: true - pacote@21.0.4: resolution: {integrity: sha512-RplP/pDW0NNNDh3pnaoIWYPvNenS7UqMbXyvMqJczosiFWTeGGwJC2NQBLqKf4rGLFfwCOnntw1aEp9Jiqm1MA==} engines: {node: ^20.17.0 || >=22.9.0} @@ -2866,8 +2852,8 @@ packages: resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} engines: {node: '>=14'} - sigstore@4.0.0: - resolution: {integrity: sha512-Gw/FgHtrLM9WP8P5lLcSGh9OQcrTruWCELAiS48ik1QbL0cH+dfjomiRTUE9zzz+D1N6rOLkwXUvVmXZAsNE0Q==} + sigstore@4.1.0: + resolution: {integrity: sha512-/fUgUhYghuLzVT/gaJoeVehLCgZiUxPCPMcyVNY0lIf/cTCz58K/WTI7PefDarXxp9nUKpEwg1yyz3eSBMTtgA==} engines: {node: ^20.17.0 || >=22.9.0} sirv@3.0.2: @@ -2993,10 +2979,6 @@ packages: resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==} engines: {node: '>=10'} - tar@7.5.1: - resolution: {integrity: sha512-nlGpxf+hv0v7GkWBK2V9spgactGOp0qvfWRxUMjqHyzrt3SgwE48DIv/FhqPHJYLHpgW1opq3nERbz5Anq7n1g==} - engines: {node: '>=18'} - tar@7.5.2: resolution: {integrity: sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==} engines: {node: '>=18'} @@ -3079,8 +3061,8 @@ packages: peerDependencies: typescript: '>=2.8.0 || >= 3.2.0-dev || >= 3.3.0-dev || >= 3.4.0-dev || >= 3.5.0-dev || >= 3.6.0-dev || >= 3.6.0-beta || >= 3.7.0-dev || >= 3.7.0-beta' - tuf-js@4.0.0: - resolution: {integrity: sha512-Lq7ieeGvXDXwpoSmOSgLWVdsGGV9J4a77oDTAPe/Ltrqnnm/ETaRlBAQTH5JatEh8KXuE6sddf9qAv1Q2282Hg==} + tuf-js@4.1.0: + resolution: {integrity: sha512-50QV99kCKH5P/Vs4E2Gzp7BopNV+KzTXqWeaxrfu5IQJBOULRsTIS9seSsOVT8ZnGXzCyx55nYWAi4qJzpZKEQ==} engines: {node: ^20.17.0 || >=22.9.0} typanion@3.14.0: @@ -3877,7 +3859,7 @@ snapshots: npm-package-arg: 13.0.0 npm-pick-manifest: 11.0.1 npm-registry-fetch: 19.0.0 - pacote: 21.0.3 + pacote: 21.0.4 parse-conflict-json: 4.0.0 proc-log: 5.0.0 proggy: 3.0.0 @@ -3905,17 +3887,6 @@ snapshots: semver: 7.7.2 which: 5.0.0 - '@npmcli/git@7.0.0': - dependencies: - '@npmcli/promise-spawn': 8.0.3 - ini: 5.0.0 - lru-cache: 11.2.2 - npm-pick-manifest: 11.0.1 - proc-log: 5.0.0 - promise-retry: 2.0.1 - semver: 7.7.2 - which: 5.0.0 - '@npmcli/git@7.0.1': dependencies: '@npmcli/promise-spawn': 9.0.1 @@ -3948,7 +3919,7 @@ snapshots: dependencies: cacache: 20.0.1 json-parse-even-better-errors: 4.0.0 - pacote: 21.0.3 + pacote: 21.0.4 proc-log: 5.0.0 semver: 7.7.2 transitivePeerDependencies: @@ -4083,8 +4054,6 @@ snapshots: dependencies: '@sigstore/protobuf-specs': 0.5.0 - '@sigstore/core@3.0.0': {} - '@sigstore/core@3.1.0': {} '@sigstore/protobuf-specs@0.5.0': {} @@ -4100,17 +4069,17 @@ snapshots: transitivePeerDependencies: - supports-color - '@sigstore/tuf@4.0.0': + '@sigstore/tuf@4.0.1': dependencies: '@sigstore/protobuf-specs': 0.5.0 - tuf-js: 4.0.0 + tuf-js: 4.1.0 transitivePeerDependencies: - supports-color - '@sigstore/verify@3.0.0': + '@sigstore/verify@3.1.0': dependencies: '@sigstore/bundle': 4.0.0 - '@sigstore/core': 3.0.0 + '@sigstore/core': 3.1.0 '@sigstore/protobuf-specs': 0.5.0 '@sindresorhus/chunkify@2.0.0': {} @@ -4147,10 +4116,10 @@ snapshots: '@tufjs/canonical-json@2.0.0': {} - '@tufjs/models@4.0.0': + '@tufjs/models@4.1.0': dependencies: '@tufjs/canonical-json': 2.0.0 - minimatch: 9.0.5 + minimatch: 10.1.1 '@tybys/wasm-util@0.10.1': dependencies: @@ -4600,13 +4569,13 @@ snapshots: dependencies: '@npmcli/fs': 4.0.0 fs-minipass: 3.0.3 - glob: 10.4.5 + glob: 10.5.0 lru-cache: 11.2.2 minipass: 7.1.2 minipass-collect: 2.0.1 minipass-flush: 1.0.5 minipass-pipeline: 1.2.4 - p-map: 7.0.3 + p-map: 7.0.4 ssri: 12.0.0 tar: 7.5.2 unique-filename: 4.0.0 @@ -5126,7 +5095,7 @@ snapshots: dependencies: is-glob: 4.0.3 - glob@10.4.5: + glob@10.5.0: dependencies: foreground-child: 3.3.1 jackspeak: 3.4.3 @@ -5229,7 +5198,7 @@ snapshots: ignore-walk@8.0.0: dependencies: - minimatch: 10.0.3 + minimatch: 10.1.1 ignore@5.3.2: {} @@ -5389,7 +5358,7 @@ snapshots: '@npmcli/arborist': 9.1.6 '@npmcli/run-script': 10.0.0(patch_hash=65d59a7c4dd7b00f1c218cbcf97d78fe2f462f2e048de4a22b41bd70dbdefcdc) npm-package-arg: 13.0.0 - pacote: 21.0.3 + pacote: 21.0.4 transitivePeerDependencies: - supports-color @@ -5528,6 +5497,10 @@ snapshots: dependencies: '@isaacs/brace-expansion': 5.0.0 + minimatch@10.1.1: + dependencies: + '@isaacs/brace-expansion': 5.0.0 + minimatch@3.1.2: dependencies: brace-expansion: 1.1.12 @@ -5690,11 +5663,6 @@ snapshots: semver: 7.7.2 validate-npm-package-name: 6.0.2 - npm-packlist@10.0.2: - dependencies: - ignore-walk: 8.0.0 - proc-log: 5.0.0 - npm-packlist@10.0.3: dependencies: ignore-walk: 8.0.0 @@ -5814,56 +5782,14 @@ snapshots: p-map@7.0.3: {} + p-map@7.0.4: {} + p-try@2.2.0: {} package-json-from-dist@1.0.1: {} package-manager-detector@1.5.0: {} - pacote@21.0.1: - dependencies: - '@npmcli/git': 6.0.3 - '@npmcli/installed-package-contents': 3.0.0 - '@npmcli/package-json': 7.0.0 - '@npmcli/promise-spawn': 8.0.3 - '@npmcli/run-script': 10.0.0(patch_hash=65d59a7c4dd7b00f1c218cbcf97d78fe2f462f2e048de4a22b41bd70dbdefcdc) - cacache: 20.0.1 - fs-minipass: 3.0.3 - minipass: 7.1.2 - npm-package-arg: 13.0.0 - npm-packlist: 10.0.2 - npm-pick-manifest: 10.0.0 - npm-registry-fetch: 19.0.0 - proc-log: 5.0.0 - promise-retry: 2.0.1 - sigstore: 4.0.0 - ssri: 12.0.0 - tar: 7.5.1 - transitivePeerDependencies: - - supports-color - - pacote@21.0.3: - dependencies: - '@npmcli/git': 7.0.0 - '@npmcli/installed-package-contents': 3.0.0 - '@npmcli/package-json': 7.0.0 - '@npmcli/promise-spawn': 8.0.3 - '@npmcli/run-script': 10.0.0(patch_hash=65d59a7c4dd7b00f1c218cbcf97d78fe2f462f2e048de4a22b41bd70dbdefcdc) - cacache: 20.0.1 - fs-minipass: 3.0.3 - minipass: 7.1.2 - npm-package-arg: 13.0.0 - npm-packlist: 10.0.2 - npm-pick-manifest: 11.0.1 - npm-registry-fetch: 19.0.0 - proc-log: 5.0.0 - promise-retry: 2.0.1 - sigstore: 4.0.0 - ssri: 12.0.0 - tar: 7.5.1 - transitivePeerDependencies: - - supports-color - pacote@21.0.4: dependencies: '@npmcli/git': 7.0.1 @@ -5880,7 +5806,7 @@ snapshots: npm-registry-fetch: 19.1.1 proc-log: 6.1.0 promise-retry: 2.0.1 - sigstore: 4.0.0 + sigstore: 4.1.0 ssri: 13.0.0 tar: 7.5.2 transitivePeerDependencies: @@ -6067,14 +5993,14 @@ snapshots: signal-exit@4.1.0: {} - sigstore@4.0.0: + sigstore@4.1.0: dependencies: '@sigstore/bundle': 4.0.0 - '@sigstore/core': 3.0.0 + '@sigstore/core': 3.1.0 '@sigstore/protobuf-specs': 0.5.0 '@sigstore/sign': 4.1.0(patch_hash=cdf99454490d44e78fde33563611c0bf50da7f256a239c94d3eb7af6c7d205fa) - '@sigstore/tuf': 4.0.0 - '@sigstore/verify': 3.0.0 + '@sigstore/tuf': 4.0.1 + '@sigstore/verify': 3.1.0 transitivePeerDependencies: - supports-color @@ -6196,14 +6122,6 @@ snapshots: mkdirp: 1.0.4 yallist: 4.0.0 - tar@7.5.1: - dependencies: - '@isaacs/fs-minipass': 4.0.1 - chownr: 3.0.0 - minipass: 7.1.2 - minizlib: 3.1.0 - yallist: 5.0.0 - tar@7.5.2: dependencies: '@isaacs/fs-minipass': 4.0.1 @@ -6284,9 +6202,9 @@ snapshots: tslib: 1.14.1 typescript: 5.9.2 - tuf-js@4.0.0: + tuf-js@4.1.0: dependencies: - '@tufjs/models': 4.0.0 + '@tufjs/models': 4.1.0 debug: 4.4.3 make-fetch-happen: 15.0.2 transitivePeerDependencies: