Skip to content

chore(deps): bump tar and npm#291

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-ec7cadc0c6
Open

chore(deps): bump tar and npm#291
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-ec7cadc0c6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Contributor

Removes tar. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.

Removes tar

Updates npm from 11.12.1 to 11.18.0

Release notes

Sourced from npm's releases.

v11.18.0

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

arborist: 9.9.0

9.9.0 (2026-06-29)

Features

Bug Fixes

... (truncated)

Changelog

Sourced from npm's changelog.

11.18.0 (2026-06-29)

Features

Bug Fixes

Documentation

Dependencies

Chores

11.17.0 (2026-06-11)

Features

Bug Fixes

... (truncated)

Commits
  • a9c8c06 chore: release 11.18.0
  • f79b37f chore: dev dependency updates
  • 54656b6 deps: undici@6.27.0
  • 31c4773 deps: brace-expansion@5.0.7
  • e773c77 deps: tar@7.5.19
  • f05f6af deps: semver@7.8.5
  • 3021ad6 feat(arborist): extend replace-registry-host with URL prefix matching (#6110)...
  • 598ffdb fix(sbom): percent-encode vcs_url qualifier in generated purls (#9693)
  • f3f2465 fix(exec): prevent shared binPaths pollution across workspace runs (#9692)
  • 05793d0 fix: output all the required parameters for npm token list (#9691)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 30, 2026
Removes [tar](https://github.com/isaacs/node-tar). It's no longer used after updating ancestor dependency [npm](https://github.com/npm/cli). These dependencies need to be updated together.


Removes `tar`

Updates `npm` from 11.12.1 to 11.18.0
- [Release notes](https://github.com/npm/cli/releases)
- [Changelog](https://github.com/npm/cli/blob/v11.18.0/CHANGELOG.md)
- [Commits](npm/cli@v11.12.1...v11.18.0)

---
updated-dependencies:
- dependency-name: npm
  dependency-version: 11.18.0
  dependency-type: indirect
- dependency-name: tar
  dependency-version:
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-ec7cadc0c6 branch from 263b09a to 1130296 Compare July 6, 2026 11:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants