env-cmd-examples icon indicating copy to clipboard operation
env-cmd-examples copied to clipboard
verified publisher icon toddbluhm

chore(deps-dev): bump lerna from 3.22.1 to 4.0.0

Open dependabot-preview[bot] opened this issue 4 years ago • 0 comments

Bumps lerna from 3.22.1 to 4.0.0.

Release notes

Sourced from lerna's releases.

v4.0.0

4.0.0 (2021-02-10)

Notable Changes

  • Node v6.x & v8.x are no longer supported. The minimum supported version is now v10.18.0 (LTS Dubnium).
  • Dependencies updated across the board, should no longer trigger audit warnings.
  • Lots of JSDoc type annotations were added. Maybe they're helpful?

Nothing was newly deprecated, nothing previously deprecated was removed. Migrating to v4 should be straightforward.

Bug Fixes

  • version: Ensure --create-release environment variables are present during initialization (2d0a97a)
  • Improve accuracy of JSDoc type annotations (1ec69f0)
  • create: Use main as default Github branch (1a951e9)
  • import: Better handling of "Patch is empty" (#2588) (0497bc7)

Code Refactoring

  • describe-ref: Add JSDoc types, remove test-only export (e5cf30c)
  • package: Move Package.lazy() to static method (e52108e)

Features

  • child-process: Add JSDoc types (1840492)
  • collect-uncommitted: Remove figgy-pudding (621b382)
  • collect-updates: Add JSDoc type annotations to primary export (a4e7c78)
  • conventional-commits: Add JSDoc types to named exports (81a591c)
  • deps: @evocateur/libnpmaccess -> libnpmaccess@^4.0.1 (7974b35)
  • deps: @evocateur/libnpmpublish -> libnpmpublish@^4.0.0 (341146e)
  • deps: @evocateur/npm-registry-fetch -> npm-registry-fetch@^9.0.0 (6df42f2)
  • deps: @evocateur/pacote -> pacote@^11.1.13 (99b4217)
  • deps: @octokit/rest@^18.0.9 (f064a55)
  • deps: @zkochan/cmd-shim -> cmd-shim@^4.0.2 (179e2c3)
  • deps: Bump dependencies (affed1c)
  • deps: byte-size@^7.0.0 (a1b2555)
  • deps: camelcase -> yargs-parser/camelCase (d966e8b)
  • deps: chalk@^4.1.0 (d2a9ed5)
  • deps: conventional-changelog-core@^4.2.1 (54e2b98)
  • deps: conventional-recommended-bump@^6.0.11 (4ff481c)
  • deps: cosmiconfig@^7.0.0 (2958fe6)
  • deps: dot-prop@^6.0.0 (5f31d3b)
  • deps: execa@^4.1.0 (9051dca)
  • deps: execa@^5.0.0 (d8100fd)
  • deps: fs-extra@^9.0.1 (2f6f4e0)
  • deps: get-port@^5.1.1 (b1b2275)
  • deps: get-stream@^6.0.0 (ddf2ab5)

... (truncated)

Changelog

Sourced from lerna's changelog.

4.0.0 (2021-02-10)

Features

  • Consume named exports of sibling modules (63499e3)
  • deps: import-local@^3.0.2 (e0e74d4)
  • Drop support for Node v6.x & v8.x (ff4bb4d)

BREAKING CHANGES

  • Node v6.x & v8.x are no longer supported. Please upgrade to the latest LTS release.

Here's the gnarly one-liner I used to make these changes:

npx lerna exec --concurrency 1 --stream -- 'json -I -f package.json -e '"'"'this.engines=this.engines||{};this.engines.node=">= 10.18.0"'"'"

(requires npm i -g json beforehand)

Commits
  • 4582c47 chore(release): v4.0.0
  • 1f17e0c chore(lerna): Set top-level package tag -> next
  • 63499e3 feat: Consume named exports of sibling modules
  • e0e74d4 feat(deps): import-local@^3.0.2
  • 1500d31 chore(dev-deps): Prettier 2
  • ff4bb4d feat: Drop support for Node v6.x & v8.x
  • 5ef6364 docs: master -> main
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

dependabot-preview[bot] avatar Mar 03 '21 11:03 dependabot-preview[bot]