[pull] main from npm:main #3

pull · 2024-05-08T16:04:40Z

See Commits and Changes for more details.

Created by pull[bot]

Can you help keep this open source service alive? 💖 Please sponsor : )

Summary by CodeRabbit

New Features
- Added detailed documentation for npm CLI version 11 commands and configuration, including npm access, npm adduser, npm audit, npm bugs, npm ci, npm cache, npm dist-tag, npm exec, npm find-dupes, npm fund, npm help-search, npm org, npm owner, npm ping, npm pkg, npm prune, npm rebuild, npm repo, npm start, npm stop, npm team, npm test, npm token, npm undeprecate, npm unpublish, npm version, and others.
- Released npm CLI version 11.0.0 with extensive new commands and enhanced functionalities.
Documentation
- Streamlined and updated redirect paths in documentation for npm CLI v10 to focus on version-specific content.
- Improved clarity and accuracy in command descriptions, configuration options, and examples across multiple docs.
- Added new changelog entries for npm CLI versions 10.9.2 through 11.3.0 documenting features, bug fixes, and dependency updates.
Bug Fixes
- Fixed documentation issues and improved error handling in various npm commands and workflows.
Chores
- Upgraded Node.js version to 22.x and updated GitHub Actions workflows to use latest action versions.
- Simplified CI workflows by consolidating npm installation steps into a single action.
- Enhanced linting configuration and added caching mechanisms to improve build efficiency.

coderabbitai · 2024-07-16T14:51:39Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

The recent changes involve updates to the ESLint configuration, the introduction of new npm CLI commands and documentation for version 11, and enhancements to existing version 10 documentation. Key modifications include adding new plugins and rules to ESLint, improving caching and error handling in the CLI build process, and refining GitHub Actions workflows with updated actions and Node.js versions. The documentation updates include adding detailed command references for npm CLI version 11, streamlining redirects and metadata for version 10, and expanding configuration options. Workflow files have been simplified by consolidating npm installation steps into a single custom action.

Changes

Files	Change Summary
`.eslintrc.js`	Added new plugins and rules, modified existing settings, and introduced TypeScript support.
`.eslint.config.js`	Added new ESLint configuration file importing `eslint-plugin-github` with React config and ignore patterns.
`.gitignore`	Added exceptions for `.eslint.config.js`, `.git-blame-ignore-revs`, `tsconfig.json`, and `cli-cache.json`; added `tap-testdir*` pattern.
`.prettierignore`	Removed JSON and YAML ignore patterns, added Handlebars file ignore pattern and `cli-cache.json`.
`cli-cache.json`	Introduced a new file for caching version identifiers and their hash values.
`cli/bin/build.js`	Updated to use an async function for the build process, improved error handling, and added caching capabilities.
`cli/lib/build.js`	Modified the main function to include caching logic and updated release processing.
`cli/lib/cache.js`	Introduced a new class for managing cached SHA values for npm CLI versions.
`cli/lib/extract.js`	Updated to include caching logic for release processing.
`cli/lib/gh.js`	Added a new method for retrieving the current SHA and improved octokit initialization with dynamic imports and token retrieval.
`cli/package.json`	Updated dependencies, scripts, and engine requirements; changed repository URL format; added `nyc` config; updated tap config.
`cli/releases.json`	Modified to remove entries for versions "v6" and "v7", updated "v10" branch, and added a new entry for version "v11".
`cli/test/index.js`	Enhanced the mock for testing with a new method to simulate SHA retrieval, incrementing a counter for each call.
`content/cli/v10/commands/*.mdx`	Updated documentation for various commands to reflect changes and improvements in version 10, including branch updates from `latest` to `release/v10`, removal of legacy redirects, and clarifications in command descriptions.
`content/cli/v10/configuring-npm/*.mdx`	Updated metadata and redirects to focus on version 10; added new configuration options such as `expect-results`, `expect-result-count`, and `libc`; clarified descriptions and formatting.
`content/cli/v10/index.mdx`	Updated branch and redirects to focus on version 10 documentation.
`content/cli/v10/using-npm/*.mdx`	Updated branch and redirects; added new configuration options; clarified descriptions and corrected minor typos.
`content/cli/v11/commands/*.mdx`	Added new documentation files for npm CLI commands in version 11, detailing their functionalities, usage, configuration options, and related commands.
`content/cli/v11/configuring-npm/*.mdx`	Added new documentation files for configuring npm in version 11, including folder structures, package.json, npmrc, and installation instructions.
`content/cli/v11/index.mdx`	Added new index file for npm CLI version 11 documentation with metadata and redirects.
`content/cli/v11/using-npm/changelog.mdx`	Added new changelog file documenting npm CLI version 11 releases, features, fixes, and dependencies.
`.github/workflows/audit.yml`	Updated workflow actions versions from v3 to v4; changed Node.js version from 18.x to 22.x; added permissions; replaced multiple npm install steps with a single custom action to install latest npm.
`.github/workflows/ci-cli.yml`	Similar updates as audit.yml: actions versions updated, Node.js version bumped, permissions added, and npm install steps consolidated into one custom action.
`.github/workflows/ci.yml`	Updated actions versions, Node.js version, added permissions, and replaced npm install steps with a single custom action across all jobs.
`.github/workflows/codeql-analysis.yml`	Added permissions; updated checkout and CodeQL actions versions from v2/v3 to v3.
`cli/.gitignore`	Added exceptions for `.eslint.config.js`, `.git-blame-ignore-revs`, and added pattern `tap-testdir*`; retained existing ignores.
`.eslint.config.js`	Added new ESLint configuration file exporting default array with GitHub React config and ignore patterns.

Sequence Diagram(s)

sequenceDiagram
    participant Dev as Developer
    participant CI as CI/CD Pipeline
    participant GH as GitHub Actions
    participant PR as Pull Requests

    Dev->>GH: Create a Pull Request
    GH->>CI: Trigger Workflow
    CI->>GH: Install Latest npm
    CI->>CI: Run Linting and Tests
    CI-->>PR: Update Status

🐰 In fields where the bunnies hop,
New changes make our spirits pop!
With tools and tweaks, we jump and play,
Streamlined paths lead the way!
So let us cheer, with ears held high,
For modern code makes us fly! 🌼✨

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Explain this complex logic.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai explain this code block.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and explain its main purpose.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

coderabbitai

Actionable comments posted: 4

Outside diff range, codebase verification and nitpick comments (32)

scripts/template-oss/_step-lint-yml.hbs (1)
1-1: Missing defaultStepLintYml definition

The partial defaultStepLintYml is referenced in scripts/template-oss/_step-lint-yml.hbs, but its definition is missing from the repository. This will cause issues when the template is used, as the partial cannot be resolved. Please ensure that defaultStepLintYml is defined and included in the repository.

Analysis chain

Verify the existence and correctness of defaultStepLintYml.

The inclusion of defaultStepLintYml suggests a new or updated template. Ensure that this template exists and is correctly configured to maintain the desired linting behavior.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the existence and correctness of `defaultStepLintYml`.

# Test: Search for the definition of `defaultStepLintYml`.
rg --type hbs 'defaultStepLintYml'
Length of output: 100

Script:
#!/bin/bash
# Search for the definition or inclusion of `defaultStepLintYml` across all files.
rg 'defaultStepLintYml'
Length of output: 89
SECURITY.md (1)
5-5: Consider hyphenating 'GitHub-owned'.

The phrase "GitHub-owned open source repository" might benefit from a hyphen for clarity, as suggested by the static analysis tool.
- If you believe you have found a security vulnerability in this GitHub-owned open source repository, you can report it to us in one of two ways.
+ If you believe you have found a security vulnerability in this GitHub-owned open-source repository, you can report it to us in one of two ways.
Tools

LanguageTool

[uncategorized] ~5-~5: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: ...rity vulnerability in this GitHub-owned open source repository, you can report it to us in ...

(EN_COMPOUND_ADJECTIVE_INTERNAL)
.github/actions/create-check/action.yml (1)
39-39: Correct the typo in the script comment.

There is a typo in the word "associated" in the comment within the script.
- `This check is assosciated with ${serverUrl}/${owner}/${repo}/commit/${SHA}.`,
+ `This check is associated with ${serverUrl}/${owner}/${repo}/commit/${SHA}.`,
content/threats-and-mitigations/index.mdx (3)
21-21: Improve readability with formatting adjustments.

The addition of spaces between the asterisk and text in bold formatting enhances readability. Ensure consistency across the document.
- the email address associated with the account, **at the time the package was published**, is included
+ the email address associated with the account, ** at the time the package was published **, is included
Tools

LanguageTool

[style] ~21-~21: As a shorter alternative for ‘able to’, consider using “can”.
Context: ...luded in the public metadata. Attackers are able to utilize this public data to identify ac...

(BE_ABLE_TO)

[uncategorized] ~21-~21: Possible missing comma found.
Context: ...ainer updates their email address**. As such crawling public metadata to identify ac...

(AI_HYDRA_LEO_MISSING_COMMA)

21-21: Consider using "can" for brevity.

The phrase "are able to" can be replaced with "can" for conciseness.
- Attackers are able to utilize this public data
+ Attackers can utilize this public data
Tools

LanguageTool

[style] ~21-~21: As a shorter alternative for ‘able to’, consider using “can”.
Context: ...luded in the public metadata. Attackers are able to utilize this public data to identify ac...

(BE_ABLE_TO)

[uncategorized] ~21-~21: Possible missing comma found.
Context: ...ainer updates their email address**. As such crawling public metadata to identify ac...

(AI_HYDRA_LEO_MISSING_COMMA)

21-21: Add missing comma for clarity.

A comma is needed after "As such" to improve clarity.
- As such crawling public metadata
+ As such, crawling public metadata
Tools

LanguageTool

[style] ~21-~21: As a shorter alternative for ‘able to’, consider using “can”.
Context: ...luded in the public metadata. Attackers are able to utilize this public data to identify ac...

(BE_ABLE_TO)

[uncategorized] ~21-~21: Possible missing comma found.
Context: ...ainer updates their email address**. As such crawling public metadata to identify ac...

(AI_HYDRA_LEO_MISSING_COMMA)
content/cli/v10/commands/npm-doctor.mdx (1)
77-77: Consider reducing wordiness.

The phrase "in an effort to troubleshoot problems you may be having" could be simplified to "to troubleshoot problems."
- in an effort to troubleshoot problems you may be having
+ to troubleshoot problems
Tools

LanguageTool

[style] ~77-~77: Consider a shorter alternative to avoid wordiness.
Context: ...ng tutorials or StackOverflow questions in an effort to troubleshoot problems you may be having...

(IN_ORDER_TO_PREMIUM)
content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx (2)
157-157: Consider removing "of" for conciseness.

The phrase can be more concise without "of": "Example response showing the count of verified registry signatures and verified attestations for all packages in a project:"
- Example response showing the count of verified registry signatures and verified attestations for all of the packages in a project:
+ Example response showing the count of verified registry signatures and verified attestations for all packages in a project:
Tools

LanguageTool

[style] ~157-~157: Consider removing “of” to be more concise
Context: ...ignatures and verified attestations for all of the packages in a project: ``` audited 126...

(ALL_OF_THE)

167-167: Add a comma for clarity.

A comma after "signatures" improves readability: "To ensure that you're always able to verify attestation signatures, check that you're running the latest version of the npm CLI."
- To ensure that you're always able to verify attestation signatures check that you're running the latest version of the npm CLI.
+ To ensure that you're always able to verify attestation signatures, check that you're running the latest version of the npm CLI.
Tools

LanguageTool

[uncategorized] ~167-~167: A comma might be missing here.
Context: ...ou're always able to verify attestation signatures check that you're running the latest ve...

(AI_EN_LECTOR_MISSING_PUNCTUATION_COMMA)
CONTRIBUTING.md (1)
44-44: Use a heading instead of emphasis.

The emphasis on using the latest versions of Node.js and npm should be formatted as a heading for better visibility.
- **For best results use The latest versions of Node.js and npm**
+ ### For best results, use the latest versions of Node.js and npm
Tools

Markdownlint

44-44: null
Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)
content/cli/v10/using-npm/dependency-selectors.mdx (4)
121-121: Add a comma after 'for example'.

A comma is usually used after the expression 'for example' for better readability.
- For example if you have `semver@7.6.0` in your tree
+ For example, if you have `semver@7.6.0` in your tree
Tools

LanguageTool

[uncategorized] ~121-~121: “if” (in case) seems less likely than “of”.
Context: ...try and returns information about which if your dependencies has a known vulnerabi...

(AI_HYDRA_LEO_CP_IF_OF)

[grammar] ~121-~121: “dependencies” is a plural noun. It appears that the verb form is incorrect.
Context: ...mation about which if your dependencies has a known vulnerability. Only dependencie...

(PCT_PLURAL_NOUN_SINGULAR_VERB_AGREEMENT)

[typographical] ~121-~121: After the expression ‘for example’ a comma is usually used.
Context: ...s a vulnerability will be returned. For example if you have semver@7.6.0 in your tree...

(COMMA_FOR_EXAMPLE)

123-123: Add a comma after 'Currently'.

A comma may be missing after the conjunctive adverb 'Currently'.
- Currently that includes `severity` and `cwe`.
+ Currently, that includes `severity` and `cwe`.
Tools

LanguageTool

[uncategorized] ~123-~123: A comma may be missing after the conjunctive/linking adverb ‘Currently’.
Context: ...ts by certain attributes in advisories. Currently that includes severity and cwe. Not...

(SENT_START_CONJUNCTIVE_LINKING_ADVERB_COMMA)

132-132: Reword repetitive sentence starts.

Three successive sentences begin with "returns only dependencies". Consider rewording for variety.
- `:vuln([cwe=1333])` returns only dependencies with a vulnerability that includes CWE-1333 (ReDoS)
+ `:vuln([cwe=1333])` matches dependencies with a vulnerability that includes CWE-1333 (ReDoS)
Tools

LanguageTool

[style] ~132-~132: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...derateseverity. -:vuln([cwe=1333])` returns only dependencies with a vulnerability ...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

138-138: Correct abbreviation punctuation.

The abbreviation "ie." should be corrected to "i.e." for proper punctuation.
- `[]` attribute selector (ie. existence of attribute)
+ `[]` attribute selector (i.e., existence of attribute)
Tools

LanguageTool

[uncategorized] ~138-~138: The abbreviation “i.e.” (= that is) requires two periods.
Context: ... Strings. - [] attribute selector (ie. existence of attribute) - `[attribute=v...

(I_E)
content/cli/v10/commands/npm-update.mdx (1)
56-56: Add a comma for clarity.

A comma may be needed for better readability in this sentence.
- Note that by default `npm update` will not update the semver values
+ Note that, by default, `npm update` will not update the semver values
Tools

LanguageTool

[uncategorized] ~56-~56: Possible missing comma found.
Context: ...r local) will be updated. Note that by default npm update will not update the semver...

(AI_HYDRA_LEO_MISSING_COMMA)
content/cli/v10/commands/npm-audit.mdx (3)
68-68: Add commas for clarity.

Commas may be needed for better readability in this sentence.
- To ensure that you're always able to verify attestation signatures check that you're running the latest version of the npm CLI.
+ To ensure that you're always able to verify attestation signatures, check that you're running the latest version of the npm CLI.
Tools

LanguageTool

[uncategorized] ~68-~68: Possible missing comma found.
Context: ...ou're always able to verify attestation signatures check that you're running the latest ve...

(AI_HYDRA_LEO_MISSING_COMMA)

[uncategorized] ~68-~68: Possible missing comma found.
Context: ...e latest version of the npm CLI. Please note this often means updating npm beyond th...

(AI_HYDRA_LEO_MISSING_COMMA)

68-68: Add a comma for clarity.

A comma may be needed for better readability in this sentence.
- Please note this often means updating npm beyond the version that ships with Node.js.
+ Please note, this often means updating npm beyond the version that ships with Node.js.
Tools

LanguageTool

[uncategorized] ~68-~68: Possible missing comma found.
Context: ...ou're always able to verify attestation signatures check that you're running the latest ve...

(AI_HYDRA_LEO_MISSING_COMMA)

[uncategorized] ~68-~68: Possible missing comma found.
Context: ...e latest version of the npm CLI. Please note this often means updating npm beyond th...

(AI_HYDRA_LEO_MISSING_COMMA)

104-104: Correct punctuation.

Loose punctuation mark detected. Consider rephrasing for clarity.
- Keys response:
+ The keys response includes:
Tools

LanguageTool

[uncategorized] ~104-~104: Loose punctuation mark.
Context: ... }] } ``` Keys response: - expires: null or a simplified extended [ISO 8601...

(UNLIKELY_OPENING_PUNCTUATION)
content/policies/privacy.mdx (6)
164-164: Reword repetitive sentence beginnings.

Consider rephrasing to avoid starting three successive sentences with "npm."
- npm collects data about you when you send npm support requests, legal complaints, privacy inquiries, and business inquiries. Those data usually include your name and email address, and may include your company or other affiliation.
+ When you send npm support requests, legal complaints, privacy inquiries, and business inquiries, npm collects data about you. This data usually includes your name and email address, and may include your company or other affiliation.
Tools

LanguageTool

[style] ~164-~164: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...long as you use paid npm services. ### npm collects data about correspondence npm...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

182-182: Reword repetitive sentence beginnings.

Consider rephrasing to avoid starting three successive sentences with "npm."
- npm uses data from npm.community to collaborate with the development community, and to inform development decisions about the command-line interface and other software.
+ Data from npm.community is used to collaborate with the development community and inform development decisions about the command-line interface and other software.
Tools

LanguageTool

[style] ~182-~182: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...for users of npm products and services. npm uses data from npm.community to collabo...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

296-296: Add comma before 'or'.

Use a comma before "or" to connect two independent clauses.
- as long as they're public or you have permission to access them.
+ as long as they're public, or you have permission to access them.
Tools

LanguageTool

[uncategorized] ~296-~296: Use a comma before ‘or’ if it connects two independent clauses (unless they are closely connected and short).
Context: ... the packages, as long as they're public or you have permission to access them. Yo...

(COMMA_COMPOUND_SENTENCE)

310-310: Use hyphen for compound adjectives.

Use a hyphen in "open-source" when it modifies a noun.
- open source software license
+ open-source software license
Tools

LanguageTool

[uncategorized] ~310-~310: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: .... Choosing a public license, such as an open source software license, may encourage and all...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

[uncategorized] ~310-~310: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: ...e data indefinitely. Nearly all popular open source software licenses actually require pres...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

324-324: Reword repetitive sentence beginnings.

Consider rephrasing to avoid starting three successive sentences with "npm."
- npm publishes new placeholder versions of some erased packages, with `README` files that mention the package has been erased, and why.
+ New placeholder versions of some erased packages are published by npm, with `README` files that mention the package has been erased, and why.
Tools

LanguageTool

[style] ~324-~324: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...he package has been erased, and why. - npm's [registry APIs](https://github.com/np...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

357-357: Consider a shorter alternative for 'In the meantime'.

The phrase "In the meantime" might be wordy.
- In the meantime, npm may update [its contact information](#who-can-i-contact-about-npm-and-my-privacy) by updating the page at [https://docs.npmjs.com/privacy][privacy], without an announcement.
+ Meanwhile, npm may update [its contact information](#who-can-i-contact-about-npm-and-my-privacy) by updating the page at [https://docs.npmjs.com/privacy][privacy], without an announcement.
Tools

LanguageTool

[style] ~357-~357: ‘In the meantime’ might be wordy. Consider a shorter alternative.
Context: ...he npm blog. In the meantime, npm may update [its contact informatio...

(EN_WORDINESS_PREMIUM_IN_THE_MEANTIME)
content/cli/v10/commands/npm-install.mdx (2)
137-137: Correct punctuation mark.

Ensure consistent punctuation for list items.
- - `--save-peer`: Package will appear in your `peerDependencies`.
+ - `--save-peer`: Package will appear in your `peerDependencies`.
Tools

LanguageTool

[uncategorized] ~137-~137: Loose punctuation mark.
Context: ...ur devDependencies. - --save-peer: Package will appear in your `peerDepend...

(UNLIKELY_OPENING_PUNCTUATION)

518-518: Add missing article 'the'.

Consider adding "the" before "libc field" for clarity.
- Acceptable values are same as `libc` field of package.json
+ Acceptable values are the same as the `libc` field of package.json
Tools

LanguageTool

[uncategorized] ~518-~518: You might be missing the article “the” here.
Context: ... install. Acceptable values are same as libc field of package.json #### `works...

(AI_EN_LECTOR_MISSING_DETERMINER_THE)
content/cli/v10/configuring-npm/package-json.mdx (4)
251-251: Add missing comma.

Consider adding a comma for better readability.
- such as: `npm fund <projectname>` (when there are multiple URLs, the first one will be visited)
+ such as `npm fund <projectname>` (when there are multiple URLs, the first one will be visited)
Tools

LanguageTool

[uncategorized] ~251-~251: Possible missing comma found.
Context: ...so available when providing the project name such as: npm fund <projectname> (when...

(AI_HYDRA_LEO_MISSING_COMMA)

[typographical] ~251-~251: Do not use a colon (:) before a series that is introduced by a preposition (‘as’). Remove the colon or add a noun or a noun phrase after the preposition.
Context: ...le when providing the project name such as: npm fund <projectname> (when there ar...

(RP_COLON)

300-300: Use 'cannot' instead of 'can not'.

Use "cannot" which is more common and preferred.
- These can not be included.
+ These cannot be included.
Tools

LanguageTool

[style] ~300-~300: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...- pnpm-lock.yaml - yarn.lock These can not be included. ### main The main field ...

(CAN_NOT_PREMIUM)

439-439: Use 'a' instead of 'an'.

Use "a" instead of "an" before "HTML" as it doesn't start with a vowel sound.
- It should not be a URL to an html project page that you put in your browser.
+ It should not be a URL to a HTML project page that you put in your browser.
Tools

LanguageTool

[misspelling] ~439-~439: Use “a” instead of ‘an’ if the following word doesn’t start with a vowel sound, e.g. ‘a sentence’, ‘a university’.
Context: ...modification. It should not be a URL to an html project page that you put in your ...

(EN_A_VS_AN)

679-679: Consider simplifying 'a variety of'.

The phrase "a variety of" may be wordy. Consider simplifying.
- a variety of host packages without requiring all of them to be installed.
+ various host packages without requiring all of them to be installed.
Tools

LanguageTool

[style] ~679-~679: The phrase “a variety of” may be wordy. To make your writing clearer, consider replacing it.
Context: ...lows you to integrate and interact with a variety of host packages without requiring all of ...

(A_VARIETY_OF)
content/cli/v10/using-npm/config.mdx (2)
381-381: Use "cannot" instead of "can not".

For consistency and clarity, replace "can not" with "cannot".
- This config can not be used with: `expect-results`
+ This config cannot be used with: `expect-results`
Tools

LanguageTool

[style] ~381-~381: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ... results from the command. This config can not be used with: expect-results #### `e...

(CAN_NOT_PREMIUM)

388-390: Improve clarity and style.

Consider the following improvements for clarity and conciseness:

Use "whether" instead of "whether or not".

Add a subject to form a complete sentence.

Use "cannot" instead of "can not".
- Tells npm whether or not to expect results from the command. Can be either true (expect some results) or false (expect no results).
- This config can not be used with: `expect-result-count`
+ Tells npm whether to expect results from the command. It can be either true (expect some results) or false (expect no results).
+ This config cannot be used with: `expect-result-count`
Tools

LanguageTool

[style] ~388-~388: Consider shortening this phrase to just ‘whether’, unless you mean ‘regardless of whether’.
Context: ...null - Type: null or Boolean Tells npm whether or not to expect results from the command. Can...

(WHETHER)

[style] ~388-~388: To form a complete sentence, be sure to include a subject or ‘there’.
Context: ...not to expect results from the command. Can be either true (expect some results) or...

(MISSING_IT_THERE)

[style] ~390-~390: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...false (expect no results). This config can not be used with: expect-result-count ##...

(CAN_NOT_PREMIUM)

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 82d1945 and 3541e52.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (86)

.eslintrc.js (2 hunks)
.github/CODEOWNERS (1 hunks)
.github/actions/create-check/action.yml (1 hunks)
.github/actions/install-latest-npm/action.yml (1 hunks)
.github/dependabot.yml (1 hunks)
.github/workflows/audit.yml (1 hunks)
.github/workflows/ci-cli.yml (2 hunks)
.github/workflows/ci.yml (3 hunks)
.github/workflows/codeql-analysis.yml (1 hunks)
.github/workflows/post-dependabot.yml (2 hunks)
.github/workflows/publish.yml (1 hunks)
.github/workflows/update-cli.yml (1 hunks)
.gitignore (2 hunks)
.nvmrc (1 hunks)
.prettierignore (1 hunks)
CONTRIBUTING.md (2 hunks)
SECURITY.md (1 hunks)
cli/.gitignore (2 hunks)
cli/lib/build.js (1 hunks)
cli/lib/gh.js (2 hunks)
cli/lib/log.js (1 hunks)
cli/package.json (1 hunks)
cli/scripts/template-oss/index.js (1 hunks)
cli/scripts/template-oss/update-cli-yml.hbs (1 hunks)
content/cli/v10/commands/npm-access.mdx (1 hunks)
content/cli/v10/commands/npm-audit.mdx (3 hunks)
content/cli/v10/commands/npm-ci.mdx (1 hunks)
content/cli/v10/commands/npm-config.mdx (1 hunks)
content/cli/v10/commands/npm-diff.mdx (1 hunks)
content/cli/v10/commands/npm-doctor.mdx (2 hunks)
content/cli/v10/commands/npm-install-ci-test.mdx (1 hunks)
content/cli/v10/commands/npm-install-test.mdx (2 hunks)
content/cli/v10/commands/npm-install.mdx (3 hunks)
content/cli/v10/commands/npm-ls.mdx (1 hunks)
content/cli/v10/commands/npm-profile.mdx (1 hunks)
content/cli/v10/commands/npm-prune.mdx (1 hunks)
content/cli/v10/commands/npm-publish.mdx (2 hunks)
content/cli/v10/commands/npm-query.mdx (2 hunks)
content/cli/v10/commands/npm-rebuild.mdx (1 hunks)
content/cli/v10/commands/npm-run-script.mdx (1 hunks)
content/cli/v10/commands/npm-sbom.mdx (1 hunks)
content/cli/v10/commands/npm-search.mdx (3 hunks)
content/cli/v10/commands/npm-token.mdx (1 hunks)
content/cli/v10/commands/npm-unpublish.mdx (1 hunks)
content/cli/v10/commands/npm-update.mdx (4 hunks)
content/cli/v10/commands/npm.mdx (2 hunks)
content/cli/v10/commands/npx.mdx (1 hunks)
content/cli/v10/configuring-npm/npmrc.mdx (1 hunks)
content/cli/v10/configuring-npm/package-json.mdx (19 hunks)
content/cli/v10/configuring-npm/package-lock-json.mdx (1 hunks)
content/cli/v10/using-npm/changelog.mdx (1 hunks)
content/cli/v10/using-npm/config.mdx (7 hunks)
content/cli/v10/using-npm/dependency-selectors.mdx (4 hunks)
content/cli/v10/using-npm/removal.mdx (1 hunks)
content/cli/v10/using-npm/scope.mdx (1 hunks)
content/cli/v10/using-npm/scripts.mdx (2 hunks)
content/cli/v10/using-npm/workspaces.mdx (2 hunks)
content/cli/v9/commands/npm-ls.mdx (1 hunks)
content/cli/v9/commands/npm-unpublish.mdx (1 hunks)
content/cli/v9/commands/npm.mdx (1 hunks)
content/cli/v9/using-npm/changelog.mdx (1 hunks)
content/nav.yml (2 hunks)
content/organizations/creating-and-managing-organizations/requiring-two-factor-authentication-in-your-organization.mdx (2 hunks)
content/packages-and-modules/contributing-packages-to-the-registry/creating-node-js-modules.mdx (1 hunks)
content/packages-and-modules/introduction-to-packages-and-modules/package-scope-access-level-and-visibility.mdx (1 hunks)
content/packages-and-modules/securing-your-code/about-audit-reports.mdx (1 hunks)
content/packages-and-modules/securing-your-code/about-registry-signatures.mdx (1 hunks)
content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx (3 hunks)
content/packages-and-modules/updating-and-managing-your-published-packages/adding-collaborators-to-private-packages-owned-by-a-user-account.mdx (1 hunks)
content/packages-and-modules/updating-and-managing-your-published-packages/deprecating-and-undeprecating-packages-or-package-versions.mdx (1 hunks)
content/policies/privacy.mdx (14 hunks)
content/threats-and-mitigations/index.mdx (1 hunks)
gatsby-browser.js (1 hunks)
package.json (3 hunks)
scripts/template-oss/_step-lint-yml.hbs (1 hunks)
scripts/template-oss/ci-yml.hbs (1 hunks)
scripts/template-oss/dependabot-yml.hbs (1 hunks)
scripts/template-oss/index.js (3 hunks)
scripts/template-oss/publish-yml.hbs (1 hunks)
src/components/page-footer.js (2 hunks)
src/components/skip-nav.js (1 hunks)
src/components/table-of-contents.js (1 hunks)
src/components/variant-select.js (1 hunks)
src/constants.js (1 hunks)
src/page.js (2 hunks)
webpack.config.js (1 hunks)

Files skipped from review due to trivial changes (26)

.github/CODEOWNERS
.prettierignore
cli/.gitignore
cli/lib/build.js
cli/lib/log.js
content/cli/v10/commands/npm-access.mdx
content/cli/v10/commands/npm-ls.mdx
content/cli/v10/commands/npm-profile.mdx
content/cli/v10/commands/npm-publish.mdx
content/cli/v10/commands/npm-rebuild.mdx
content/cli/v10/commands/npm-sbom.mdx
content/cli/v10/commands/npm.mdx
content/cli/v10/configuring-npm/npmrc.mdx
content/cli/v10/using-npm/removal.mdx
content/cli/v10/using-npm/scope.mdx
content/cli/v9/commands/npm-ls.mdx
content/cli/v9/commands/npm.mdx
content/nav.yml
content/organizations/creating-and-managing-organizations/requiring-two-factor-authentication-in-your-organization.mdx
content/packages-and-modules/contributing-packages-to-the-registry/creating-node-js-modules.mdx
content/packages-and-modules/introduction-to-packages-and-modules/package-scope-access-level-and-visibility.mdx
content/packages-and-modules/securing-your-code/about-audit-reports.mdx
content/packages-and-modules/securing-your-code/about-registry-signatures.mdx
src/components/table-of-contents.js
src/components/variant-select.js
webpack.config.js

Additional context used

LanguageTool

SECURITY.md

[uncategorized] ~5-~5: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: ...rity vulnerability in this GitHub-owned open source repository, you can report it to us in ...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

content/cli/v10/commands/npm-token.mdx

[uncategorized] ~64-~64: Loose punctuation mark.
Context: ...te [--read-only] [--cidr=]`: Create a new authentication token. It c...

(UNLIKELY_OPENING_PUNCTUATION)

[style] ~66-~66: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ... enabled, an otp. Currently, the cli can not generate automation tokens. Please refe...

(CAN_NOT_PREMIUM)

content/threats-and-mitigations/index.mdx

[style] ~21-~21: As a shorter alternative for ‘able to’, consider using “can”.
Context: ...luded in the public metadata. Attackers are able to utilize this public data to identify ac...

(BE_ABLE_TO)

[uncategorized] ~21-~21: Possible missing comma found.
Context: ...ainer updates their email address**. As such crawling public metadata to identify ac...

(AI_HYDRA_LEO_MISSING_COMMA)

content/cli/v10/commands/npm-doctor.mdx

[style] ~77-~77: Consider a shorter alternative to avoid wordiness.
Context: ...ng tutorials or StackOverflow questions in an effort to troubleshoot problems you may be having...

(IN_ORDER_TO_PREMIUM)

content/cli/v10/using-npm/workspaces.mdx

[style] ~24-~24: Consider a shorter alternative to avoid wordiness.
Context: ...ves the need to manually use npm link in order to add references to packages that should ...

(IN_ORDER_TO_PREMIUM)

content/cli/v10/commands/npm-query.mdx

[uncategorized] ~171-~171: Although a hyphen is possible, it is not necessary in a compound modifier in which the first word is an adverb that ends in ‘ly’.
Context: ...ng state split across two different but identically-named packages causes bugs. You can use the `...

(HYPHENATED_LY_ADVERB_ADJECTIVE)

[style] ~257-~257: Consider shortening this phrase to just ‘whether’, unless you mean ‘regardless of whether’.
Context: ...null - Type: null or Boolean Tells npm whether or not to expect results from the command. Can...

(WHETHER)

[style] ~257-~257: To form a complete sentence, be sure to include a subject or ‘there’.
Context: ...not to expect results from the command. Can be either true (expect some results) or...

(MISSING_IT_THERE)

[style] ~259-~259: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...false (expect no results). This config can not be used with: expect-result-count ##...

(CAN_NOT_PREMIUM)

[style] ~268-~268: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ... results from the command. This config can not be used with: expect-results ## See ...

(CAN_NOT_PREMIUM)

content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx

[style] ~157-~157: Consider removing “of” to be more concise
Context: ...ignatures and verified attestations for all of the packages in a project: ``` audited 126...

(ALL_OF_THE)

[uncategorized] ~167-~167: A comma might be missing here.
Context: ...ou're always able to verify attestation signatures check that you're running the latest ve...

(AI_EN_LECTOR_MISSING_PUNCTUATION_COMMA)

CONTRIBUTING.md

[typographical] ~54-~54: It seems that a comma is missing.
Context: ...n/v1.0.0/). When opening a pull request please be sure that either the pull request ti...

(IF_PLEASE_COMMA)

[uncategorized] ~56-~56: Loose punctuation mark.
Context: ...one of the following prefixes: - feat: For when introducing a new feature. - `...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~57-~57: Loose punctuation mark.
Context: ... when introducing a new feature. - fix: For bug fixes. - docs: For documentat...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~58-~58: Loose punctuation mark.
Context: ...eature. - fix: For bug fixes. - docs: For documentation updates. This specifi...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~59-~59: Loose punctuation mark.
Context: ...the documentation site itself. - chore: For changes that do not affect the publ...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~59-~59: A different word order might sound more natural.
Context: ... that do not affect the published site. Often these are changes to tests. The result will be _n...

(AI_HYDRA_LEO_WORD_ORDER)

content/cli/v10/using-npm/scripts.mdx

[grammar] ~275-~275: The word ‘install’ is not a noun.
Context: ...ipts/install.js` will be called for the install and post-install stages of the lifecycl...

(A_INSTALL)

[uncategorized] ~299-~299: This verb may not be in the correct tense. Consider changing the tense to fit the context better.
Context: ...ean it. If the failure is minor or only will prevent some optional features, then it's bette...

(AI_EN_LECTOR_REPLACEMENT_VERB_TENSE)

content/cli/v10/using-npm/dependency-selectors.mdx

[uncategorized] ~121-~121: “if” (in case) seems less likely than “of”.
Context: ...try and returns information about which if your dependencies has a known vulnerabi...

(AI_HYDRA_LEO_CP_IF_OF)

[grammar] ~121-~121: “dependencies” is a plural noun. It appears that the verb form is incorrect.
Context: ...mation about which if your dependencies has a known vulnerability. Only dependencie...

(PCT_PLURAL_NOUN_SINGULAR_VERB_AGREEMENT)

[typographical] ~121-~121: After the expression ‘for example’ a comma is usually used.
Context: ...s a vulnerability will be returned. For example if you have semver@7.6.0 in your tree...

(COMMA_FOR_EXAMPLE)

[uncategorized] ~123-~123: A comma may be missing after the conjunctive/linking adverb ‘Currently’.
Context: ...ts by certain attributes in advisories. Currently that includes severity and cwe. Not...

(SENT_START_CONJUNCTIVE_LINKING_ADVERB_COMMA)

[style] ~132-~132: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...derateseverity. -:vuln([cwe=1333])` returns only dependencies with a vulnerability ...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

[uncategorized] ~138-~138: The abbreviation “i.e.” (= that is) requires two periods.
Context: ... Strings. - [] attribute selector (ie. existence of attribute) - `[attribute=v...

(I_E)

content/cli/v10/commands/npm-update.mdx

[uncategorized] ~56-~56: Possible missing comma found.
Context: ...r local) will be updated. Note that by default npm update will not update the semver...

(AI_HYDRA_LEO_MISSING_COMMA)

content/cli/v10/commands/npm-audit.mdx

[uncategorized] ~68-~68: Possible missing comma found.
Context: ...ou're always able to verify attestation signatures check that you're running the latest ve...

(AI_HYDRA_LEO_MISSING_COMMA)

[uncategorized] ~68-~68: Possible missing comma found.
Context: ...e latest version of the npm CLI. Please note this often means updating npm beyond th...

(AI_HYDRA_LEO_MISSING_COMMA)

[uncategorized] ~104-~104: Loose punctuation mark.
Context: ... }] } ``` Keys response: - expires: null or a simplified extended [ISO 8601...

(UNLIKELY_OPENING_PUNCTUATION)

content/policies/privacy.mdx

[style] ~164-~164: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...long as you use paid npm services. ### npm collects data about correspondence npm...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

[style] ~182-~182: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...for users of npm products and services. npm uses data from npm.community to collabo...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

[uncategorized] ~200-~200: Possible missing preposition found.
Context: ...ith the detection of spam, scams, abuse others, or other violations of our [terms of s...

(AI_HYDRA_LEO_MISSING_OF)

[uncategorized] ~296-~296: Use a comma before ‘or’ if it connects two independent clauses (unless they are closely connected and short).
Context: ... the packages, as long as they're public or you have permission to access them. Yo...

(COMMA_COMPOUND_SENTENCE)

[uncategorized] ~310-~310: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: .... Choosing a public license, such as an open source software license, may encourage and all...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

[uncategorized] ~310-~310: If this is a compound adjective that modifies the following noun, use a hyphen.
Context: ...e data indefinitely. Nearly all popular open source software licenses actually require pres...

(EN_COMPOUND_ADJECTIVE_INTERNAL)

[style] ~324-~324: Three successive sentences begin with the same word. Consider rewording the sentence or use a thesaurus to find a synonym.
Context: ...he package has been erased, and why. - npm's [registry APIs](https://github.com/np...

(ENGLISH_WORD_REPEAT_BEGINNING_RULE)

[style] ~357-~357: ‘In the meantime’ might be wordy. Consider a shorter alternative.
Context: ...he npm blog. In the meantime, npm may update [its contact informatio...

(EN_WORDINESS_PREMIUM_IN_THE_MEANTIME)

content/cli/v10/commands/npm-install.mdx

[uncategorized] ~137-~137: Loose punctuation mark.
Context: ...ur devDependencies. - --save-peer: Package will appear in your `peerDepend...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~518-~518: You might be missing the article “the” here.
Context: ... install. Acceptable values are same as libc field of package.json #### `works...

(AI_EN_LECTOR_MISSING_DETERMINER_THE)

content/cli/v10/configuring-npm/package-json.mdx

[uncategorized] ~251-~251: Possible missing comma found.
Context: ...so available when providing the project name such as: npm fund <projectname> (when...

(AI_HYDRA_LEO_MISSING_COMMA)

[typographical] ~251-~251: Do not use a colon (:) before a series that is introduced by a preposition (‘as’). Remove the colon or add a noun or a noun phrase after the preposition.
Context: ...le when providing the project name such as: npm fund <projectname> (when there ar...

(RP_COLON)

[style] ~300-~300: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...- pnpm-lock.yaml - yarn.lock These can not be included. ### main The main field ...

(CAN_NOT_PREMIUM)

[misspelling] ~439-~439: Use “a” instead of ‘an’ if the following word doesn’t start with a vowel sound, e.g. ‘a sentence’, ‘a university’.
Context: ...modification. It should not be a URL to an html project page that you put in your ...

(EN_A_VS_AN)

[style] ~679-~679: The phrase “a variety of” may be wordy. To make your writing clearer, consider replacing it.
Context: ...lows you to integrate and interact with a variety of host packages without requiring all of ...

(A_VARIETY_OF)

content/cli/v10/using-npm/config.mdx

[style] ~381-~381: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ... results from the command. This config can not be used with: expect-results #### `e...

(CAN_NOT_PREMIUM)

[style] ~388-~388: Consider shortening this phrase to just ‘whether’, unless you mean ‘regardless of whether’.
Context: ...null - Type: null or Boolean Tells npm whether or not to expect results from the command. Can...

(WHETHER)

[style] ~388-~388: To form a complete sentence, be sure to include a subject or ‘there’.
Context: ...not to expect results from the command. Can be either true (expect some results) or...

(MISSING_IT_THERE)

[style] ~390-~390: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...false (expect no results). This config can not be used with: expect-result-count ##...

(CAN_NOT_PREMIUM)

Markdownlint

CONTRIBUTING.md

44-44: null
Emphasis used instead of a heading

(MD036, no-emphasis-as-heading)

Additional comments not posted (105)

.nvmrc (1)

1-1: Verify compatibility with Node.js 22.

The Node.js version has been updated from 18 to 22. Ensure that all dependencies and code are compatible with Node.js 22, as this version may introduce breaking changes or deprecations.
cli/scripts/template-oss/index.js (1)
5-5: Verify the existence and correctness of update-cli-yml.hbs.

The reference has changed from update-cli.yml to update-cli-yml.hbs. Ensure that the Handlebars template exists and is correctly configured to maintain the intended workflow functionality.

Verification successful

The update-cli-yml.hbs file is correctly configured.

The file update-cli-yml.hbs exists and its contents indicate that it is set up as a Handlebars template for a GitHub Actions workflow. It includes appropriate triggers, jobs, and uses Handlebars features effectively. No issues were found.

File location: cli/scripts/template-oss/update-cli-yml.hbs
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the existence and correctness of `update-cli-yml.hbs`.

# Test: Search for the `update-cli-yml.hbs` file.
fd 'update-cli-yml.hbs'
Length of output: 67

Script:
#!/bin/bash
# Description: Display the contents of `update-cli-yml.hbs` to verify its correctness.

# Test: Output the contents of `update-cli-yml.hbs`.
cat cli/scripts/template-oss/update-cli-yml.hbs
Length of output: 1046
scripts/template-oss/dependabot-yml.hbs (1)

1-9: Dependabot configuration looks good!

The configuration for dependency updates is well-structured and follows best practices for managing version updates.

src/constants.js (1)

9-11: Accessibility constants added successfully!

The new constants for skip navigation are a great addition to improve accessibility.

scripts/template-oss/ci-yml.hbs (1)

1-4: CI template updates look good!

The updates to the CI configuration template helpers are clear and likely enhance the CI process.

gatsby-browser.js (1)

11-15: Verify the existence of the element with SKIP_TO_SEARCH_ID.

Ensure that the element with the ID SKIP_TO_SEARCH_ID exists in the DOM when this function is called. This will prevent potential issues with focusing on a non-existent element.

.github/dependabot.yml (1)

19-27: LGTM! Enhanced dependency management.

The changes improve control over dependency updates by setting a limit on open pull requests and organizing updates into groups. This helps maintain a cleaner and more organized update process.

.gitignore (1)

10-10: LGTM! Improved tracking of configuration files.

The changes ensure that important configuration files like .git-blame-ignore-revs and tsconfig.json are tracked in the repository. The adjustment to ignore patterns helps maintain a clean project structure.

Also applies to: 41-43

.github/workflows/codeql-analysis.yml (1)

26-26: Upgrade to actions/checkout@v4 approved.

The update from v3 to v4 is likely to include improvements or bug fixes. Ensure that the new version is compatible with your workflow requirements.

cli/scripts/template-oss/update-cli-yml.hbs (1)

12-12: Template inclusion method updated to jobYml.

The change from job to jobYml may indicate a shift in how job definitions are structured. Verify that the new template method integrates correctly with the rest of the pipeline.

.github/workflows/audit.yml (4)

21-21: Upgrade to actions/checkout@v4 approved.

The update from v3 to v4 is expected to include enhancements or fixes. Ensure compatibility with your workflow.

27-27: Upgrade to actions/setup-node@v4 approved.

The update from v3 to v4 should provide improvements or bug fixes. Ensure that it aligns with your Node.js setup requirements.

30-31: Node.js version updated to 22.x.

The change to a more recent Node.js version can enhance performance and compatibility. Verify that your application is compatible with Node.js 22.x.

33-36: Simplified npm installation process approved.

The new step for installing the latest npm version streamlines the process. Ensure that the custom action install-latest-npm functions as expected.

cli/lib/gh.js (1)

7-15: Good use of lazy-loading for Octokit.

The deferred import of Octokit improves performance by loading the module only when needed. This aligns with modern JavaScript practices for resource optimization.

Also applies to: 31-33

cli/package.json (1)

5-5: Dependencies and configuration updates look good.

The updates to dependencies and scripts enhance functionality and maintainability. Raising the Node.js engine version ensures compatibility with newer features.

Also applies to: 11-18, 21-30, 33-39
scripts/template-oss/index.js (4)
4-5: Use of Template Files for Workflow Configurations.

The mappings for the CI and publish workflow files have been updated to use template files (ci-yml.hbs and publish-yml.hbs). This change likely aims to improve customization and maintainability.

10-10: Addition of Dependabot Configuration.

The addition of dependabot.yml mapped to a template file (dependabot-yml.hbs) is a positive step towards automating dependency updates, which can enhance security and keep the project up-to-date.

15-15: Template File for package.json.

The reference to package.json has been updated to use a template file (package-json.hbs). This change can facilitate easier updates and consistency across multiple projects.

33-33: Update CI Versioning.

The latestCiVersion has been updated from 18 to 22, reflecting an update in the CI versioning system. Ensure compatibility with the updated version.

Verification successful

No Compatibility Issues Found with Updated CI Versioning

The update of latestCiVersion to 22 does not appear to affect other parts of the codebase, as there are no additional references or uses of this variable found. This suggests that the change is isolated and should not cause compatibility issues.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify compatibility with the updated CI version.

# Test: Check for any references to the CI version in the codebase. Expect: No compatibility issues.
rg --type js 'latestCiVersion' -A 5
Length of output: 427

Script:
#!/bin/bash
# Search for all references to `latestCiVersion` in the codebase to check for compatibility issues.
rg 'latestCiVersion' -A 5
Length of output: 417
src/components/skip-nav.js (4)

2-2: Introduction of Theme Support.

The import of themeGet from @primer/react allows for dynamic theming, which enhances the styling consistency across components.

7-13: Refactor of SkipLink Component.

The SkipLink component now uses themeGet for styling, providing a more consistent and maintainable approach. The focus state with an underline effect improves accessibility.

18-43: Introduction of SkipBox Component.

The SkipBox component improves the visibility and accessibility of skip navigation. It uses transitions and focus states effectively to enhance user interaction.

47-47: Use of Constant for Skip Navigation ID.

The use of SKIP_TO_CONTENT_ID improves maintainability and reduces the risk of errors associated with hardcoded strings.

src/page.js (2)

7-8: Integration of SkipBox Component.

The addition of SkipBox encapsulating SkipLink components improves the organization and accessibility of skip navigation within the page layout.

31-34: Enhanced Skip Navigation.

The SkipBox now provides links to "Skip to search" and "Skip to content," improving accessibility and user experience by allowing direct navigation to key sections.

scripts/template-oss/publish-yml.hbs (1)

25-25: Verify the correctness of the template reference.

The change from stepsSetup to stepsSetupYml needs to be verified to ensure that the new template reference exists and is correctly configured.

content/packages-and-modules/updating-and-managing-your-published-packages/adding-collaborators-to-private-packages-owned-by-a-user-account.mdx (1)

17-21: Documentation updates approved.

The changes improve the clarity and accuracy of the instructions for adding collaborators to private npm packages.
.github/workflows/update-cli.yml (3)
22-22: Upgrade to actions/checkout@v4.

The upgrade to actions/checkout@v4 is a good practice as it likely includes improvements and bug fixes. Ensure compatibility with any custom code or actions that depend on this step.

35-37: New custom action for npm installation.

The introduction of a custom action for npm installation simplifies the workflow. Ensure that this action is correctly implemented and tested across different environments.

Verification successful

Custom npm installation action is correctly implemented.

The custom action for installing the latest npm version is well-implemented, handling both Windows-specific issues and ensuring compatibility with the specified Node version. No issues were found in the implementation.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the custom action for npm installation.

# Test: Check the custom action's presence and content.
cat .github/actions/install-latest-npm/action.yml
Length of output: 1849
28-31: Upgrade to actions/setup-node@v4 and Node.js 22.x.

The upgrade to actions/setup-node@v4 and Node.js 22.x is beneficial for utilizing the latest features and performance improvements. Verify that all dependencies and scripts are compatible with Node.js 22.x.

Verification successful

Node.js 22.x Compatibility Verified

The package.json files specify Node.js version ">=22.0.0" in the "engines" field, indicating intended compatibility with Node.js 22.x. The dependencies and devDependencies do not show any version conflicts with Node.js 22.x. Further runtime testing is recommended to ensure full compatibility.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify compatibility of dependencies with Node.js 22.x.

# Test: List dependencies and check compatibility.
npm list --depth=0
Length of output: 91

Script:
#!/bin/bash
# Locate package.json and inspect for Node.js version compatibility
fd package.json --exec cat
Length of output: 166898
.github/actions/install-latest-npm/action.yml (2)

13-19: Conditional npm update for Windows.

The condition to update npm on Windows for specific Node.js versions is well-implemented. Ensure that the specific npm version used is still appropriate and secure.

34-55: Dynamic npm version selection.

The logic for dynamically selecting a compatible npm version based on Node.js is robust. Ensure that the npx semver command is available in all environments where this action runs.

.github/workflows/publish.yml (3)

27-27: Upgrade to actions/checkout@v4.

The upgrade to actions/checkout@v4 is beneficial for utilizing improvements and bug fixes. Ensure compatibility with any custom code or actions that depend on this step.

33-36: Upgrade to actions/setup-node@v4 and Node.js 22.x.

The upgrade to actions/setup-node@v4 and Node.js 22.x is beneficial for utilizing the latest features and performance improvements. Verify that all dependencies and scripts are compatible with Node.js 22.x.

40-42: New custom action for npm installation.

The introduction of a custom action for npm installation simplifies the workflow. Ensure that this action is correctly implemented and tested across different environments.
src/components/page-footer.js (2)
2-3: Update Tooltip import path.

The import path for Tooltip has been updated to use @primer/react/next, which likely includes enhancements or optimizations. Ensure compatibility with the rest of the codebase.

Verification successful

Tooltip import path update is compatible.

The Tooltip component is only used in src/components/page-footer.js, and the updated import path from @primer/react/next is consistent with its usage. No other parts of the codebase are affected by this change.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify compatibility of the new Tooltip import with the rest of the codebase.

# Test: Search for other usages of `Tooltip`. Expect: Consistent import paths and compatible usage.
rg --type javascript -A 5 $'Tooltip'
Length of output: 70

Script:
#!/bin/bash
# Description: Verify compatibility of the new Tooltip import with the rest of the codebase.

# Test: Search for other usages of `Tooltip`. Expect: Consistent import paths and compatible usage.
rg --type js -A 5 'Tooltip'
Length of output: 1183
39-39: Update Tooltip prop usage.

The Tooltip component now uses a text prop instead of aria-label. This change might improve accessibility or align with updated component specifications. Verify that this change is consistent across the codebase.

Verification successful

Tooltip prop usage is consistent.

The Tooltip component in the codebase consistently uses the text prop, as seen in the only instance found in src/components/page-footer.js. No other instances of Tooltip usage were found.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify consistent usage of the `text` prop for Tooltip across the codebase.

# Test: Search for the `Tooltip` component usage. Expect: Consistent use of the `text` prop.
rg --type javascript -A 5 $'<Tooltip'
Length of output: 73

Script:
#!/bin/bash
# Description: Verify consistent usage of the `text` prop for Tooltip across the codebase.

# Test: Search for the `Tooltip` component usage. Expect: Consistent use of the `text` prop.
rg --type-add 'js:*.js' --type-add 'jsx:*.jsx' --type js --type jsx -A 5 '<Tooltip'
Length of output: 547

Script:
#!/bin/bash
# Description: Search for all instances of the `Tooltip` component usage across the codebase.

# Test: Ensure consistent use of the `text` prop in all `Tooltip` component instances.
rg --type-add 'js:*.js' --type-add 'jsx:*.jsx' --type js --type jsx '<Tooltip'
Length of output: 155
.github/workflows/ci-cli.yml (8)
29-29: Upgrade actions/checkout version.

The actions/checkout action has been upgraded from v3 to v4. This may include performance improvements and new features. Ensure compatibility with the rest of the workflow.

35-35: Upgrade actions/setup-node version.

The actions/setup-node action has been upgraded from v3 to v4. This may include performance improvements and new features. Ensure compatibility with the rest of the workflow.

65-65: Update Node.js version in test matrix.

The test matrix now includes Node.js version 22.x. Ensure that tests are compatible with this Node.js version.

72-72: Upgrade actions/checkout version in test job.

The actions/checkout action has been upgraded from v3 to v4 in the test job. This may include performance improvements and new features. Ensure compatibility with the rest of the workflow.

78-78: Upgrade actions/setup-node version in test job.

The actions/setup-node action has been upgraded from v3 to v4 in the test job. This may include performance improvements and new features. Ensure compatibility with the rest of the workflow.

84-87: Add Install Latest npm action in test job.

The Install Latest npm action has been added to the test job. Ensure that this custom action is correctly defined and compatible with the workflow.

41-44: Add Install Latest npm action.

A new action Install Latest npm has been added to streamline npm installation. Ensure that this custom action is correctly defined and compatible with the workflow.

Verification successful

Install Latest npm action is correctly defined.

The Install Latest npm action is present and properly defined in the repository. It includes logic to handle npm installation across different Node versions and platforms, ensuring compatibility. No issues were found with its definition.

The action is defined in one of the action.yml files in the .github/actions directory.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the definition of the `install-latest-npm` action.

# Test: Check the custom action definition. Expect: Correct and compatible implementation.
fd 'install-latest-npm' --type f --exec cat
Length of output: 43

Script:
#!/bin/bash
# List the contents of the .github/actions directory to check for the presence of install-latest-npm
fd . --type d --search-path .github/actions --exec ls
Length of output: 77

Script:
#!/bin/bash
# Display the contents of the action.yml files to check for the definition of install-latest-npm
fd 'action.yml' --exec cat
Length of output: 3312
38-39: Update Node.js version.

The Node.js version has been updated from 18.x to 22.x. This reflects a shift towards supporting more recent Node.js environments. Verify compatibility with the project's dependencies and runtime.
package.json (7)

6-6: Change repository URL format.

The repository URL format has been changed from HTTPS to a Git URL format. This may influence how the repository is accessed in different environments. Ensure compatibility with your deployment processes.

20-20: Update lintfix script command.

The lintfix script now explicitly calls eslint. This improves clarity and execution consistency. Ensure that this change aligns with your development workflow.

26-27: Add eslint script command.

A new eslint script entry has been added, allowing for direct invocation of the linter across various file types. This enhances linting capabilities.

70-75: Upgrade devDependencies.

Several devDependencies have been upgraded, including eslint, @testing-library, and various eslint plugins. These upgrades ensure compatibility with newer code standards.

Also applies to: 77-87, 92-92

96-96: Update Node.js engine requirement.

The Node.js engine requirement has been updated from version 18 to version 22. This signals a shift towards newer runtime features and improvements. Ensure compatibility with your deployment environment.

100-100: Update template-oss version.

The version for template-oss has been incremented, suggesting updates to the template management system. Ensure compatibility with your project setup.

35-37: Upgrade dependencies.

Several dependencies have been upgraded, including @octokit, gatsby, and framer-motion. These upgrades may introduce new features or fixes. Verify compatibility with your codebase.

Also applies to: 39-39, 44-45, 47-47, 51-53, 56-56

content/cli/v10/commands/npm-token.mdx (2)

54-61: Narrative format for token list improves readability.

The change from a tabular to a narrative format in the npm token list command output example enhances readability and maintains all necessary information.

68-69: Concise token creation output is clear and effective.

The change to a concise statement for the npm token create command output example effectively communicates the necessary information.
.github/workflows/ci.yml (3)
29-39: Update to action versions and Node.js version ensures compatibility.

The updates to actions/checkout@v4, actions/setup-node@v4, and Node.js version 22.x ensure compatibility with the latest features and improvements.

Line range hint 65-128: Consistent updates across job definitions.

The updates are consistently applied across all job definitions, ensuring uniformity and expected functionality.

41-44: Verify custom action for npm installation.

Ensure that the custom action ./.github/actions/install-latest-npm is correctly implemented and integrates well with the workflow.

Verification successful

Custom action for npm installation is correctly set up.

The install-latest-npm action is well-configured to install the latest compatible npm version based on the provided Node version, with special handling for Windows environments. The action uses a composite approach to ensure compatibility and successful installation.

The action.yml file is structured correctly and implements the necessary logic for npm installation.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the existence and setup of the custom action for npm installation.

# Test: Check if the custom action directory and files exist. Expect: Directory and main files to exist.
fd 'install-latest-npm' --type d --max-depth 3 --exec ls -1 {}
Length of output: 75

Script:
#!/bin/bash
# Description: Inspect the contents of the action.yml file to verify the setup of the custom action.

# Test: Display the contents of action.yml to verify it is set up for npm installation.
cat .github/actions/install-latest-npm/action.yml
Length of output: 1849
content/cli/v10/commands/npm-search.mdx (2)

41-41: Updated command syntax improves clarity.

The updated syntax requiring at least one search term enhances clarity and ensures users understand the command requirements.

92-97: Updated configuration options enhance functionality.

The removal of the long option and the addition of the searchlimit option are clearly documented, improving functionality and clarity.
.eslintrc.js (3)
22-25: Addition of TypeScript import resolver.

The addition of the import/resolver for TypeScript in the settings block is a good enhancement for projects using TypeScript. This ensures that ESLint can properly resolve TypeScript imports.

51-51: Relaxation of react/no-unescaped-entities rule.

Setting 'react/no-unescaped-entities': 'off' in the .mdx files allows for more flexibility in JSX syntax, which can be useful for documentation purposes. Ensure that this aligns with your project's requirements for handling unescaped entities.

Verification successful

Relaxation of react/no-unescaped-entities rule verified successfully.

The usage of unescaped entities in .mdx files aligns with the project's requirements for documentation purposes. The entities found are used correctly and do not present critical issues.

Instances of unescaped entities like ®, ©, and < were found, which are typical in documentation contexts.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the usage of unescaped entities in JSX within .mdx files.

# Test: Search for unescaped entities in .mdx files. Expect: No critical issues.
rg --type mdx '&[a-zA-Z]+;' -A 2
Length of output: 62

Script:
#!/bin/bash
# Description: Verify the usage of unescaped entities in JSX within .mdx files.

# Find all .mdx files and search for unescaped entities using rg
fd --extension mdx --exec rg '&[a-zA-Z]+;' -A 2
Length of output: 984
55-55: Update to file patterns in overrides.

The change from files: ['*.mdx', 'shared.js', 'src/**/*.js'] to files: ['*.mdx', 'src/shared.js', 'src/**/*.js'] reflects a focus on specific files within the src directory. Ensure this change aligns with the project's structure and goals.

Verification successful

Update to file patterns in overrides is valid.

The inclusion of src/shared.js in the ESLint configuration is appropriate as the file exists in the repository. This change aligns with the project's structure and goals.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the existence of `src/shared.js` and its usage.

# Test: Check if `src/shared.js` exists and is used in the project.
fd 'shared.js' --exec rg 'shared'
Length of output: 3583

Script:
#!/bin/bash
# Verify the existence of `src/shared.js` in the repository.
fd 'shared.js' --full-path 'src/shared.js'
Length of output: 141

Script:
#!/bin/bash
# Correctly verify the existence of `src/shared.js` in the repository.
fd 'shared.js' --exec echo {}
Length of output: 47
content/cli/v9/commands/npm-unpublish.mdx (1)

40-42: Clarification of npm-unpublish behavior.

The documentation now clearly explains the behavior when no package name is provided and the conditions for removing the root package entry. This enhances user understanding and aligns with best practices for clear documentation.
.github/workflows/post-dependabot.yml (5)
20-20: Update to actions/checkout@v4.

Ensure compatibility with the latest features and changes in version 4 of the actions/checkout action.

Verification successful

Update to actions/checkout@v4 is compatible.

The changelog for actions/checkout@v4 does not indicate any breaking changes that would affect the current workflow. The update should be safe to apply.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify compatibility of `actions/checkout@v4` with the current workflow.

# Test: Check for any breaking changes in the action's changelog.
gh api -H "Accept: application/vnd.github.v3+json" /repos/actions/checkout/releases/latest | jq '.body'
Length of output: 809
28-28: Update to actions/setup-node@v4.

Ensure compatibility with the latest features and changes in version 4 of the actions/setup-node action.

Verification successful

Update to actions/setup-node@v4 is compatible.

The changelog for the latest release of actions/setup-node version 4 does not list any breaking changes. It includes bug fixes, documentation updates, and dependency updates, indicating that the update should be safe for your workflow.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify compatibility of `actions/setup-node@v4` with the current workflow.

# Test: Check for any breaking changes in the action's changelog.
gh api -H "Accept: application/vnd.github.v3+json" /repos/actions/setup-node/releases/latest | jq '.body'
Length of output: 995
53-53: Expanded conditional logic for dependabot_dir.

The logic now includes /main. Ensure this change aligns with the intended directory structure and functionality.

Verification successful

No additional context found for /main directory usage.

The search did not reveal any references to /main that would impact the workflow logic beyond the current file. Ensure that the inclusion of /main aligns with any undocumented internal practices or future directory plans. If this change is intentional and aligns with the intended directory structure, no further action is needed.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the usage and impact of the `/main` directory in the workflow.

# Test: Check for any references to `/main` in the repository to understand its role.
rg '/main'
Length of output: 4589
31-31: Node.js version updated to 22.x.

Ensure that all dependencies and scripts are compatible with Node.js 22.x.

34-35: Simplified npm installation step.

The step now uses a custom action to install the latest npm version. Verify that this action is correctly implemented and accessible.

Verification successful

Custom Action for Installing Latest npm is Correctly Implemented

The install-latest-npm action is implemented correctly. The action.yml file specifies the necessary steps to install the latest compatible version of npm, including handling specific cases for Windows and checking compatibility with the current Node.js version. This ensures that the action is both accessible and functional.

The action uses a composite run step with shell commands to determine and install the appropriate npm version.

Compatibility checks are in place for different Node.js versions, particularly addressing known issues with npm on Windows.
Scripts executed

The following scripts were executed for the analysis:

Script:
#!/bin/bash
# Description: Verify the existence and correctness of the custom action `install-latest-npm`.

# Test: Check if the custom action file exists and is correctly implemented.
fd install-latest-npm --base-directory .github/actions --exec cat
Length of output: 109

Script:
#!/bin/bash
# List the contents of the `install-latest-npm` directory to verify the presence of necessary action files.
ls -l .github/actions/install-latest-npm
Length of output: 110

Script:
#!/bin/bash
# Display the contents of the `action.yml` file to verify the implementation of the custom action.
cat .github/actions/install-latest-npm/action.yml
Length of output: 1849
content/cli/v10/commands/npm-config.mdx (1)

74-74: Clarification on npm config set behavior.

The updated description specifies that the command modifies the user configuration file unless the location argument is passed. This change enhances clarity for users.

content/packages-and-modules/updating-and-managing-your-published-packages/deprecating-and-undeprecating-packages-or-package-versions.mdx (1)

77-83: Clarification on undeprecating packages.

The updated instructions clearly differentiate between undeprecating an entire package and a specific version. This improves usability and understanding for users.

content/cli/v10/commands/npm-unpublish.mdx (1)

56-58: Clarity improvement in package unpublishing behavior.

The added explanations clarify how the npm unpublish command handles package names and versions, enhancing the documentation's clarity. This change helps users understand the command's behavior better.

content/cli/v10/commands/npm-doctor.mdx (2)

41-41: Improved clarity in command synopsis.

The updated synopsis provides a clearer representation of the npm doctor command's functionality, enhancing user understanding.

61-79: Enhanced clarity in section headers.

The updated section headers provide clearer descriptions of the checks performed by npm doctor, improving user guidance and understanding.

Tools

LanguageTool

[style] ~77-~77: Consider a shorter alternative to avoid wordiness.
Context: ...ng tutorials or StackOverflow questions in an effort to troubleshoot problems you may be having...

(IN_ORDER_TO_PREMIUM)

content/cli/v10/commands/npx.mdx (1)

124-124: Informative update on removed options.

The documentation correctly informs users about the removal of the --node-arg, -n, --always-spawn, and --shell options, guiding them to use alternatives like NODE_OPTIONS. This update is crucial for users to adapt to the changes.

content/cli/v10/using-npm/workspaces.mdx (1)

22-24: Improved grammatical clarity.

The changes enhance the grammatical correctness and readability of the text, which improves the overall clarity of the documentation.

Tools

LanguageTool

[style] ~24-~24: Consider a shorter alternative to avoid wordiness.
Context: ...ves the need to manually use npm link in order to add references to packages that should ...

(IN_ORDER_TO_PREMIUM)

content/cli/v10/commands/npm-prune.mdx (1)

106-106: Clarified default behavior of foreground-scripts.

The documentation now clearly states the conditions under which the default value changes, enhancing user understanding.

content/cli/v10/commands/npm-query.mdx (2)

169-181: Enhanced documentation for result expectations.

The introduction of --expect-results and --expect-result-count options, along with examples, significantly improves the documentation's clarity and usability.

Tools

LanguageTool

[uncategorized] ~171-~171: Although a hyphen is possible, it is not necessary in a compound modifier in which the first word is an adverb that ends in ‘ly’.
Context: ...ng state split across two different but identically-named packages causes bugs. You can use the `...

(HYPHENATED_LY_ADVERB_ADJECTIVE)

252-269: Clarified configuration options.

The documentation now clearly explains the expect-results and expect-result-count configurations, providing users with a better understanding of their usage and constraints.

Tools

LanguageTool

[style] ~257-~257: Consider shortening this phrase to just ‘whether’, unless you mean ‘regardless of whether’.
Context: ...null - Type: null or Boolean Tells npm whether or not to expect results from the command. Can...

(WHETHER)

[style] ~257-~257: To form a complete sentence, be sure to include a subject or ‘there’.
Context: ...not to expect results from the command. Can be either true (expect some results) or...

(MISSING_IT_THERE)

[style] ~259-~259: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...false (expect no results). This config can not be used with: expect-result-count ##...

(CAN_NOT_PREMIUM)

[style] ~268-~268: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ... results from the command. This config can not be used with: expect-results ## See ...

(CAN_NOT_PREMIUM)

content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx (4)

39-39: Clarification on case sensitivity is helpful.

Emphasizing the case sensitivity of the repository field in package.json is a valuable addition to prevent potential issues.

92-95: Updates to GitHub Actions and Node.js version are appropriate.

Using actions/checkout@v4, actions/setup-node@v4, and Node.js 20.x reflects a commitment to maintaining up-to-date dependencies, which enhances compatibility and security.

132-147: Example GitLab CI job is a valuable addition.

The inclusion of this example provides clear guidance for users on setting up CI/CD pipelines with GitLab for publishing packages with provenance.

149-167: Section on verifying provenance attestations is informative.

This addition enhances the documentation by providing crucial information on verifying package integrity using npm audit signatures.

Tools

LanguageTool

[style] ~157-~157: Consider removing “of” to be more concise
Context: ...ignatures and verified attestations for all of the packages in a project: ``` audited 126...

(ALL_OF_THE)

[uncategorized] ~167-~167: A comma might be missing here.
Context: ...ou're always able to verify attestation signatures check that you're running the latest ve...

(AI_EN_LECTOR_MISSING_PUNCTUATION_COMMA)

content/cli/v10/commands/npm-install-ci-test.mdx (1)

112-112: Clarification of foreground-scripts default behavior is beneficial.

Specifying that the default is false unless using npm pack or npm publish improves user understanding of the option's behavior.

content/cli/v10/commands/npm-run-script.mdx (1)

195-195: Clarification of foreground-scripts default behavior is beneficial.

Specifying that the default is false unless using npm pack or npm publish improves user understanding of the option's behavior.

content/cli/v10/commands/npm-diff.mdx (2)

219-219: Clarify the tag application description.

The clarification about the npm dist-tag add command context improves understanding. Ensure this change aligns with other related documentation.

223-224: Clarify tag usage in npm publish.

The addition explaining the tag application in the npm publish command enhances clarity. Verify consistency with other sections discussing npm publish.

content/cli/v10/commands/npm-ci.mdx (1)

152-152: Clarify the default behavior of foreground-scripts.

The clarification regarding the default value of foreground-scripts enhances user understanding. Ensure this aligns with other related documentation sections.

CONTRIBUTING.md (1)

28-28: Provide Windows-specific instructions.

The addition of Windows-specific instructions for running the development server is helpful. Ensure these instructions are accurate and tested.

content/cli/v10/commands/npm-install-test.mdx (2)

166-166: Clarification on default behavior is clear.

The update regarding the foreground-scripts default behavior enhances clarity by specifying when it defaults to true.

228-233: Addition of libc section is informative.

The new section on libc provides valuable details for configuring native modules, contributing to a more comprehensive documentation.

content/cli/v10/configuring-npm/package-lock-json.mdx (1)

46-46: Formatting inference clarification is beneficial.

The update ensures consistent formatting between package.json and package-lock.json, enhancing readability and reducing potential discrepancies.

content/cli/v10/using-npm/scripts.mdx (2)

270-275: Simplification of lifecycle scripts example is effective.

The removal of the uninstall script reference focuses the example on relevant phases, aligning with current npm behavior.

Tools

LanguageTool

[grammar] ~275-~275: The word ‘install’ is not a noun.
Context: ...ipts/install.js` will be called for the install and post-install stages of the lifecycl...

(A_INSTALL)

299-299: Streamlined best practices section enhances clarity.

The reduction in emphasis on non-zero error codes and omission of uninstall scripts maintains focus on essential error handling advice.

Tools

LanguageTool

[uncategorized] ~299-~299: This verb may not be in the correct tense. Consider changing the tense to fit the context better.
Context: ...ean it. If the failure is minor or only will prevent some optional features, then it's bette...

(AI_EN_LECTOR_REPLACEMENT_VERB_TENSE)

content/cli/v10/using-npm/config.mdx (3)

648-653: LGTM!

The description for the libc configuration option is clear and consistent with the rest of the documentation.

452-452: LGTM!

The clarification of the default behavior for foreground-scripts is helpful and improves understanding.

1138-1143: LGTM!

The expanded description for the tag configuration option provides valuable context for users.

content/cli/v9/using-npm/changelog.mdx (3)

14-21: Bug Fixes section looks good.

The entries are clear and provide necessary links to commits and pull requests.

23-63: Dependencies section is well-documented.

The updates are clearly listed with appropriate links to commits and pull requests.

65-70: Chores section is clear and informative.

The entries provide a good overview of the non-functional updates made.

content/cli/v10/using-npm/changelog.mdx (5)

20-24: Ensure consistent formatting and clarity.

The bug fix descriptions are clear, and the formatting is consistent with the rest of the document. No issues found.

26-31: Ensure consistent formatting and clarity.

The documentation update descriptions are clear, and the formatting is consistent with the rest of the document. No issues found.

33-49: Ensure consistent formatting and clarity.

The dependency update descriptions are clear, and the formatting is consistent with the rest of the document. No issues found.

84-87: Ensure consistent formatting and clarity.

The chore update descriptions are clear, and the formatting is consistent with the rest of the document. No issues found.

89-92: Ensure consistent formatting and clarity.

The chore update descriptions are clear, and the formatting is consistent with the rest of the document. No issues found.

coderabbitai · 2024-08-08T14:29:24Z

CONTRIBUTING.md

+### Commits
+
+We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/).
+
+When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes:


Add a comma after 'please'.

A comma is needed after "please" for grammatical correctness.

- When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes: + When opening a pull request, please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes:

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

### Commits

We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/).

When opening a pull request please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes:

### Commits

We use [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/).

When opening a pull request, please be sure that either the pull request title, or each commit in the pull request, has one of the following prefixes:

Tools

LanguageTool

[typographical] ~54-~54: It seems that a comma is missing.
Context: ...n/v1.0.0/). When opening a pull request please be sure that either the pull request ti...

(IF_PLEASE_COMMA)

coderabbitai · 2024-08-08T14:29:24Z

CONTRIBUTING.md

+- `feat`: For when introducing a new feature.
+- `fix`: For bug fixes.
+- `docs`: For documentation updates. This specifically means the documentation in and this repo, NOT the contents of the documentation site itself.
+- `chore`: For changes that do not affect the published site. Often these are changes to tests. The result will be _no_ change to the website when it is next published.
+


Correct list punctuation.

Ensure list items are formatted correctly with consistent punctuation.

- - `feat`: For when introducing a new feature. - - `fix`: For bug fixes. - - `docs`: For documentation updates. This specifically means the documentation in and this repo, NOT the contents of the documentation site itself. - - `chore`: For changes that do not affect the published site. Often these are changes to tests. The result will be _no_ change to the website when it is next published. + - `feat`: Introduce a new feature. + - `fix`: Fix a bug. + - `docs`: Update documentation. This specifically means the documentation in this repo, NOT the contents of the documentation site itself. + - `chore`: Make changes that do not affect the published site. Often these are changes to tests. The result will be _no_ change to the website when it is next published.

Committable suggestion was skipped due to low confidence.

Tools

LanguageTool

[uncategorized] ~56-~56: Loose punctuation mark.
Context: ...one of the following prefixes: - feat: For when introducing a new feature. - `...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~57-~57: Loose punctuation mark.
Context: ... when introducing a new feature. - fix: For bug fixes. - docs: For documentat...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~58-~58: Loose punctuation mark.
Context: ...eature. - fix: For bug fixes. - docs: For documentation updates. This specifi...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~59-~59: Loose punctuation mark.
Context: ...the documentation site itself. - chore: For changes that do not affect the publ...

(UNLIKELY_OPENING_PUNCTUATION)

[uncategorized] ~59-~59: A different word order might sound more natural.
Context: ... that do not affect the published site. Often these are changes to tests. The result will be _n...

(AI_HYDRA_LEO_WORD_ORDER)

coderabbitai · 2024-08-08T14:29:24Z

content/cli/v10/using-npm/dependency-selectors.mdx

+
+##### `:vuln`
+
+The `:vuln` pseudo selector retrieves data from the registry and returns information about which if your dependencies has a known vulnerability. Only dependencies whose current version matches a vulnerability will be returned. For example if you have `semver@7.6.0` in your tree, a vulnerability for `semver` which affects versions `<=6.3.1` will not match.


Correct grammatical errors.

There are grammatical issues in this sentence. "which if your dependencies has" should be corrected to improve clarity.

- information about which if your dependencies has a known vulnerability. + information about which of your dependencies have a known vulnerability.

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

The `:vuln` pseudo selector retrieves data from the registry and returns information about which if your dependencies has a known vulnerability. Only dependencies whose current version matches a vulnerability will be returned. For example if you have `semver@7.6.0` in your tree, a vulnerability for `semver` which affects versions `<=6.3.1` will not match.

The `:vuln` pseudo selector retrieves data from the registry and returns information about which of your dependencies have a known vulnerability. Only dependencies whose current version matches a vulnerability will be returned. For example if you have `semver@7.6.0` in your tree, a vulnerability for `semver` which affects versions `<=6.3.1` will not match.

Tools

LanguageTool

[uncategorized] ~121-~121: “if” (in case) seems less likely than “of”.
Context: ...try and returns information about which if your dependencies has a known vulnerabi...

(AI_HYDRA_LEO_CP_IF_OF)

[grammar] ~121-~121: “dependencies” is a plural noun. It appears that the verb form is incorrect.
Context: ...mation about which if your dependencies has a known vulnerability. Only dependencie...

(PCT_PLURAL_NOUN_SINGULAR_VERB_AGREEMENT)

[typographical] ~121-~121: After the expression ‘for example’ a comma is usually used.
Context: ...s a vulnerability will be returned. For example if you have semver@7.6.0 in your tree...

(COMMA_FOR_EXAMPLE)

coderabbitai · 2024-08-08T14:29:24Z

content/policies/privacy.mdx

 - Cloud computing platforms and services that host our discussion forums

- Services that assist with the detection of spam, scams, abuse others, or other violations of our [terms of service][privacy]
+- Services that assist with the detection of spam, scams, abuse others, or other violations of our [terms of service][open-source-terms]


Add missing preposition.

The phrase "abuse others" is missing a preposition.

- Services that assist with the detection of spam, scams, abuse others, or other violations of our [terms of service][open-source-terms] + Services that assist with the detection of spam, scams, abuse of others, or other violations of our [terms of service][open-source-terms]

Committable suggestion was skipped due to low confidence.

Tools

LanguageTool

[uncategorized] ~200-~200: Possible missing preposition found.
Context: ...ith the detection of spam, scams, abuse others, or other violations of our [terms of s...

(AI_HYDRA_LEO_MISSING_OF)

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 3541e52 and 35e17e8.

Files selected for processing (1)

content/packages-and-modules/contributing-packages-to-the-registry/specifying-dependencies-and-devdependencies-in-a-package-json-file.mdx (1 hunks)

Files skipped from review due to trivial changes (1)

content/packages-and-modules/contributing-packages-to-the-registry/specifying-dependencies-and-devdependencies-in-a-package-json-file.mdx

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 35e17e8 and 44e5382.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (1)

content/packages-and-modules/introduction-to-packages-and-modules/about-packages-and-modules.mdx (1 hunks)

Files skipped from review due to trivial changes (1)

content/packages-and-modules/introduction-to-packages-and-modules/about-packages-and-modules.mdx

coderabbitai

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 44e5382 and b6fd077.

Files selected for processing (1)

content/getting-started/setting-up-your-npm-user-account/configuring-two-factor-authentication.mdx (1 hunks)

Additional context used

LanguageTool

content/getting-started/setting-up-your-npm-user-account/configuring-two-factor-authentication.mdx

[grammar] ~14-~14: The plural noun “devices” cannot be used with the article “a”. Did you mean “a biometric device” or “biometric devices”?
Context: ...-use]. This will allow you to configure a biometric devices featuring Apple [Touch ID][touch-id], [...

(A_NNS)

coderabbitai · 2024-08-13T14:36:10Z

...t/getting-started/setting-up-your-npm-user-account/configuring-two-factor-authentication.mdx


 - Update your npm client to version 5.5.1 or higher.
- To configure a security-key requires a modern browser that support [WebAuthn][can-i-use]. This will allow you to configure a biometric devices such as Apple [Touch ID][touch-id], [Face ID][face-id], or [Windows Hello][windows-hello] as well as physical keys such as [Yubikey][yubikey], [Thetis][thetis], or [Feitian][feitian].
+- To configure a security-key requires a modern browser that support [WebAuthn][can-i-use]. This will allow you to configure a biometric devices featuring Apple [Touch ID][touch-id], [Face ID][face-id], or [Windows Hello][windows-hello] as well as physical keys such as [Yubikey][yubikey], [Thetis][thetis], or [Feitian][feitian].


Correct the grammatical error.

The phrase "a biometric devices featuring" should be corrected to "biometric devices featuring" for grammatical accuracy.

- a biometric devices featuring + biometric devices featuring

Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

- To configure a security-key requires a modern browser that support [WebAuthn][can-i-use]. This will allow you to configure a biometric devices featuring Apple [Touch ID][touch-id], [Face ID][face-id], or [Windows Hello][windows-hello] as well as physical keys such as [Yubikey][yubikey], [Thetis][thetis], or [Feitian][feitian].

- To configure a security-key requires a modern browser that support [WebAuthn][can-i-use]. This will allow you to configure biometric devices featuring Apple [Touch ID][touch-id], [Face ID][face-id], or [Windows Hello][windows-hello] as well as physical keys such as [Yubikey][yubikey], [Thetis][thetis], or [Feitian][feitian].

Tools

LanguageTool

[grammar] ~14-~14: The plural noun “devices” cannot be used with the article “a”. Did you mean “a biometric device” or “biometric devices”?
Context: ...-use]. This will allow you to configure a biometric devices featuring Apple [Touch ID][touch-id], [...

(A_NNS)

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between b6fd077 and 45261cd.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (5)

.github/workflows/codeql-analysis.yml (1 hunks)
cli/package.json (1 hunks)
cli/test/index.js (1 hunks)
cli/test/transform.js (1 hunks)
package.json (3 hunks)

Files skipped from review as they are similar to previous changes (2)

cli/package.json
package.json

Additional comments not posted (5)

.github/workflows/codeql-analysis.yml (3)

26-26: Update to actions/checkout@v4 is approved.

The update to the latest version may include improvements and bug fixes. Ensure compatibility with the rest of the workflow.

32-32: Update to github/codeql-action/init@v3 is approved.

This update may bring enhancements and fixes. Verify compatibility with the CodeQL setup.

36-36: Update to github/codeql-action/analyze@v3 is approved.

The update to the latest version can improve the analysis process. Ensure that it aligns with your current CodeQL configurations.

cli/test/transform.js (1)

5-5: Switch to t.mockRequire is approved.

The change may improve module resolution during testing. Verify that all tests pass and behave as expected with this new mocking strategy.

cli/test/index.js (1)

69-69: Switch to t.mockRequire is approved.

This change is likely to enhance the accuracy of module mocking. Ensure that all tests pass and maintain their intended functionality with this update.

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 45261cd and ec424d9.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (1)

package.json (3 hunks)

Files skipped from review as they are similar to previous changes (1)

package.json

coderabbitai

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (2)

content/cli/v10/using-npm/changelog.mdx (2)
422-422: Grammar Improvement: Capitalize "Windows"

The term "windows" should be capitalized as "Windows" since it refers to the operating system by Microsoft.

Apply this diff to correct the capitalization:
- scope: update example command to work in windows (#7247) (@robertobasile84)
+ scope: update example command to work in Windows (#7247) (@robertobasile84)
Tools

LanguageTool

[style] ~422-~422: Try using a synonym here to strengthen your wording.
Context: ...ull/7254) Remove additional example and comments about uninstall script (#7254) (@rveerd...

(COMMENT_REMARK)

472-472: Grammar Improvement: Use Hyphen in "Run-on"

The term "run on" should be hyphenated as "run-on" since it is an adjective.

Apply this diff to correct the hyphenation:
- update: Replace comma with period in run on sentence (#7142) (@DanKaplanSES)
+ update: Replace comma with period in run-on sentence (#7142) (@DanKaplanSES)
Tools

LanguageTool

[grammar] ~472-~472: The adjective “run-on” is spelled with a hyphen.
Context: ...2) update: Replace comma with period in run on sentence (#7142) (@DanKaplanSES) - [`05...

(RUN_ON_HYPHEN)

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ec424d9 and fca972e.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (1)

content/cli/v10/using-npm/changelog.mdx (1 hunks)

Additional context used

LanguageTool

content/cli/v10/using-npm/changelog.mdx

[grammar] ~120-~120: “Windows” (operating system by Microsoft) is a proper noun and needs to be capitalized.
Context: ...l/7496) npm help json/global command on windows (#7496) (@klm-turing, @lukekarrys) - [`...

(A_WINDOWS)

[grammar] ~246-~246: Before the countable noun ‘after’ an article or a possessive pronoun is necessary.
Context: ...li/pull/7403) run update notifier after exec but before waiting (@lukekarrys) - [`f3...

(IN_NN_CC_VBG)

[style] ~422-~422: Try using a synonym here to strengthen your wording.
Context: ...ull/7254) Remove additional example and comments about uninstall script (#7254) (@rveerd...

(COMMENT_REMARK)

[grammar] ~472-~472: The adjective “run-on” is spelled with a hyphen.
Context: ...2) update: Replace comma with period in run on sentence (#7142) (@DanKaplanSES) - [`05...

(RUN_ON_HYPHEN)

Additional comments not posted (4)

content/cli/v10/using-npm/changelog.mdx (4)

22-24: Bug Fixes: Correctness and Completeness

The listed bug fixes are clear and provide sufficient context for the changes made. The descriptions include commit references and pull request links, which are helpful for further investigation if needed.

The bug fixes are correctly documented.

28-31: Documentation: Correctness and Completeness

The listed documentation updates are clear and provide sufficient context for the changes made. The descriptions include commit references and pull request links, which are helpful for further investigation if needed.

The documentation updates are correctly documented.

35-49: Dependencies: Correctness and Completeness

The listed dependency updates are clear and provide sufficient context for the changes made. The descriptions include commit references and pull request links, which are helpful for further investigation if needed.

The dependency updates are correctly documented.

53-54: Chores: Correctness and Completeness

The listed chore updates are clear and provide sufficient context for the changes made. The descriptions include commit references and pull request links, which are helpful for further investigation if needed.

The chore updates are correctly documented.

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between fca972e and 48961c2.

Files selected for processing (4)

.github/workflows/ci.yml (4 hunks)
.github/workflows/publish.yml (3 hunks)
scripts/template-oss/ci-yml.hbs (2 hunks)
scripts/template-oss/publish-yml.hbs (3 hunks)

Additional comments not posted (27)

scripts/template-oss/ci-yml.hbs (3)

1-1: LGTM!

The renaming from ci to ciYml improves clarity.

The code changes are approved.

4-4: LGTM!

The renaming from jobMatrix to jobMatrixYml improves clarity.

The code changes are approved.

14-14: LGTM!

Upgrading actions/checkout from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

scripts/template-oss/publish-yml.hbs (5)

30-30: LGTM!

Upgrading actions/configure-pages from v1 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

34-34: LGTM!

Upgrading actions/cache/restore from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

47-47: LGTM!

Upgrading actions/cache/save from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

55-55: LGTM!

Upgrading actions/upload-pages-artifact from v1 to v3 ensures compatibility with newer features and improvements.

The code changes are approved.

72-72: LGTM!

Upgrading actions/deploy-pages from v1 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

.github/workflows/publish.yml (7)

27-27: LGTM!

Upgrading actions/checkout from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

33-33: LGTM!

Upgrading actions/setup-node from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

36-36: LGTM!

Upgrading the Node.js version from 18.x to 22.x ensures compatibility with the latest features and improvements.

The code changes are approved.

49-49: LGTM!

Upgrading actions/configure-pages from v1 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

53-53: LGTM!

Upgrading actions/cache/restore from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

66-66: LGTM!

Upgrading actions/cache/save from v3 to v4 ensures compatibility with newer features and improvements.

The code changes are approved.

74-74: LGTM!

Upgrading actions/upload-pages-artifact from v1 to v3 ensures compatibility with newer features and improvements.

The code changes are approved.

.github/workflows/ci.yml (12)

29-29: Update to actions/checkout@v4.

The actions/checkout action has been updated from version 3 to version 4. Ensure compatibility with the new version.

Verify that the new version of actions/checkout is compatible with your workflow. Check the actions/checkout documentation for any breaking changes or new features.

35-35: Update to actions/setup-node@v4.

The actions/setup-node action has been updated from version 3 to version 4. Ensure compatibility with the new version.

Verify that the new version of actions/setup-node is compatible with your workflow. Check the actions/setup-node documentation for any breaking changes or new features.

38-38: Update Node.js version to 22.x.

The Node.js version has been updated from 18.x to 22.x. Ensure compatibility with your project's dependencies and codebase.

Verify that your project's dependencies and codebase are compatible with Node.js 22.x. Check the Node.js release notes for any breaking changes or new features.

41-44: Simplify npm installation step.

The conditional npm installation steps have been replaced with a single step to install the latest npm using a custom action. This change simplifies the installation process.

The code changes are approved. Ensure that the custom action ./.github/actions/install-latest-npm is correctly implemented and tested.

65-65: Update Node.js version in matrix configuration.

The Node.js version in the matrix configuration has been updated to 22.x. Ensure compatibility with your project's dependencies and codebase.

Verify that your project's dependencies and codebase are compatible with Node.js 22.x. Check the Node.js release notes for any breaking changes or new features.

72-72: Update to actions/checkout@v4.

The actions/checkout action has been updated from version 3 to version 4. Ensure compatibility with the new version.

Verify that the new version of actions/checkout is compatible with your workflow. Check the actions/checkout documentation for any breaking changes or new features.

78-78: Update to actions/setup-node@v4.

The actions/setup-node action has been updated from version 3 to version 4. Ensure compatibility with the new version.

Verify that the new version of actions/setup-node is compatible with your workflow. Check the actions/setup-node documentation for any breaking changes or new features.

84-87: Simplify npm installation step.

The conditional npm installation steps have been replaced with a single step to install the latest npm using a custom action. This change simplifies the installation process.

The code changes are approved. Ensure that the custom action ./.github/actions/install-latest-npm is correctly implemented and tested.

106-106: Update Node.js version in matrix configuration.

The Node.js version in the matrix configuration has been updated to 22.x. Ensure compatibility with your project's dependencies and codebase.

Verify that your project's dependencies and codebase are compatible with Node.js 22.x. Check the Node.js release notes for any breaking changes or new features.

113-113: Update to actions/checkout@v4.

The actions/checkout action has been updated from version 3 to version 4. Ensure compatibility with the new version.

Verify that the new version of actions/checkout is compatible with your workflow. Check the actions/checkout documentation for any breaking changes or new features.

119-119: Update to actions/setup-node@v4.

The actions/setup-node action has been updated from version 3 to version 4. Ensure compatibility with the new version.

Verify that the new version of actions/setup-node is compatible with your workflow. Check the actions/setup-node documentation for any breaking changes or new features.

125-128: Simplify npm installation step.

The conditional npm installation steps have been replaced with a single step to install the latest npm using a custom action. This change simplifies the installation process.

The code changes are approved. Ensure that the custom action ./.github/actions/install-latest-npm is correctly implemented and tested.

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 48961c2 and e271e92.

Files selected for processing (1)

content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx (3 hunks)

Additional context used

LanguageTool

content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx

[style] ~157-~157: Consider removing “of” to be more concise
Context: ...ignatures and verified attestations for all of the packages in a project: ``` audited 126...

(ALL_OF_THE)

[uncategorized] ~167-~167: Possible missing comma found.
Context: ...e latest version of the npm CLI. Please note this often means updating npm beyond th...

(AI_HYDRA_LEO_MISSING_COMMA)

Additional comments not posted (6)

content/packages-and-modules/securing-your-code/generating-provenance-statements.mdx (6)

39-39: LGTM!

The clarification about the case-sensitive match for the repository field in package.json improves clarity and reduces potential user errors.

The code change is approved.

84-84: LGTM!

Changing the event type to published ensures that actions are executed at the correct time in the package lifecycle.

The code change is approved.

92-92: LGTM!

Updating to actions/checkout@v4 ensures that the workflow benefits from the latest features and improvements.

The code change is approved.

93-93: LGTM!

Updating to actions/setup-node@v4 ensures that the workflow benefits from the latest features and improvements.

The code change is approved.

95-95: LGTM!

Updating the node version to 20.x ensures that the workflow benefits from the latest features and improvements in Node.js.

The code change is approved.

132-147: LGTM!

Reintroducing the example GitLab CI job provides practical guidance for users on implementing provenance in their GitLab workflows.

The code change is approved.

coderabbitai

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (21)

content/cli/v10/using-npm/changelog.mdx (21)

22-22: Clarify the commit message.

The commit message "docs: init usage description corrected" could be more descriptive to provide better context.

Consider rephrasing to "docs: Corrected the usage description for the init command."

23-23: Clarify the commit message.

The commit message "publish: consider package-spec when inside workspace dir" could be more descriptive to provide better context.

Consider rephrasing to "publish: Consider package-spec when operating inside a workspace directory."

24-24: Clarify the commit message.

The commit message "init: use locally installed version of given package" could be more descriptive to provide better context.

Consider rephrasing to "init: Use the locally installed version of the specified package during initialization."

25-25: Clarify the commit message.

The commit message "always set exit code if exiting uncleanly" could be more descriptive to provide better context.

Consider rephrasing to "Ensure exit code is set when the process exits uncleanly."

26-26: Clarify the commit message.

The commit message "update lifecycle script list in run-script" could be more descriptive to provide better context.

Consider rephrasing to "Update the list of lifecycle scripts in the run-script command."

30-30: Clarify the commit message.

The commit message "update docs for npmrc and package-json" could be more descriptive to provide better context.

Consider rephrasing to "Update documentation for npmrc and package.json."

31-31: Clarify the commit message.

The commit message "fix and update scoped configuration example" could be more descriptive to provide better context.

Consider rephrasing to "Fix and update the scoped configuration example in the documentation."

35-35: Clarify the commit message.

The commit message "lru-cache@10.4.3" could be more descriptive to provide better context.

Consider rephrasing to "Update lru-cache to version 10.4.3."

36-36: Clarify the commit message.

The commit message "jackspeak@3.4.3" could be more descriptive to provide better context.

Consider rephrasing to "Update jackspeak to version 3.4.3."

37-37: Clarify the commit message.

The commit message "glob@10.4.5" could be more descriptive to provide better context.

Consider rephrasing to "Update glob to version 10.4.5."

38-38: Clarify the commit message.

The commit message "foreground-child@3.3.0" could be more descriptive to provide better context.

Consider rephrasing to "Update foreground-child to version 3.3.0."

39-39: Clarify the commit message.

The commit message "cacache@18.0.4" could be more descriptive to provide better context.

Consider rephrasing to "Update cacache to version 18.0.4."

40-40: Clarify the commit message.

The commit message "postcss-selector-parser@6.1.2" could be more descriptive to provide better context.

Consider rephrasing to "Update postcss-selector-parser to version 6.1.2."

41-41: Clarify the commit message.

The commit message "semver@7.6.3" could be more descriptive to provide better context.

Consider rephrasing to "Update semver to version 7.6.3."

42-42: Clarify the commit message.

The commit message "npm-package-arg@11.0.3" could be more descriptive to provide better context.

Consider rephrasing to "Update npm-package-arg to version 11.0.3."

43-43: Clarify the commit message.

The commit message "debug@4.3.6" could be more descriptive to provide better context.

Consider rephrasing to "Update debug to version 4.3.6."

44-44: Clarify the commit message.

The commit message "node-gyp@10.2.0" could be more descriptive to provide better context.

Consider rephrasing to "Update node-gyp to version 10.2.0."

48-48: Clarify the commit message.

The commit message "fix duplicate changelog entries" could be more descriptive to provide better context.

Consider rephrasing to "Fix duplicate entries in the changelog."

49-49: Clarify the commit message.

The commit message "@npmcli/template-oss@4.23.3" could be more descriptive to provide better context.

Consider rephrasing to "Update @npmcli/template-oss to version 4.23.3."

50-50: Clarify the commit message.

The commit message "dev dependency updates" could be more descriptive to provide better context.

Consider rephrasing to "Update development dependencies."

51-51: Clarify the commit message.

The commit message "allow for longer timer values" could be more descriptive to provide better context.

Consider rephrasing to "Allow for longer timer values in configuration."

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between e271e92 and 240f524.

Files selected for processing (6)

content/cli/v10/commands/npm-ls.mdx (1 hunks)
content/cli/v10/commands/npm.mdx (2 hunks)
content/cli/v10/configuring-npm/npmrc.mdx (2 hunks)
content/cli/v10/configuring-npm/package-json.mdx (21 hunks)
content/cli/v10/using-npm/changelog.mdx (1 hunks)
content/nav.yml (2 hunks)

Files skipped from review due to trivial changes (2)

content/cli/v10/commands/npm-ls.mdx
content/nav.yml

Additional context used

LanguageTool

content/cli/v10/configuring-npm/package-json.mdx

[uncategorized] ~251-~251: Possible missing comma found.
Context: ...so available when providing the project name such as: npm fund <projectname> (when...

(AI_HYDRA_LEO_MISSING_COMMA)

[typographical] ~251-~251: Do not use a colon (:) before a series that is introduced by a preposition (‘as’). Remove the colon or add a noun or a noun phrase after the preposition.
Context: ...le when providing the project name such as: npm fund <projectname> (when there ar...

(RP_COLON)

[style] ~300-~300: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...- pnpm-lock.yaml - yarn.lock These can not be included. ### main The main field ...

(CAN_NOT_PREMIUM)

[misspelling] ~439-~439: Use “a” instead of ‘an’ if the following word doesn’t start with a vowel sound, e.g. ‘a sentence’, ‘a university’.
Context: ...modification. It should not be a URL to an html project page that you put in your ...

(EN_A_VS_AN)

[style] ~681-~681: The phrase “a variety of” may be wordy. To make your writing clearer, consider replacing it.
Context: ...lows you to integrate and interact with a variety of host packages without requiring all of ...

(A_VARIETY_OF)

content/cli/v10/using-npm/changelog.mdx

[grammar] ~156-~156: “Windows” (operating system by Microsoft) is a proper noun and needs to be capitalized.
Context: ...l/7496) npm help json/global command on windows (#7496) (@klm-turing, @lukekarrys) - [`...

(A_WINDOWS)

[grammar] ~282-~282: Before the countable noun ‘after’ an article or a possessive pronoun is necessary.
Context: ...li/pull/7403) run update notifier after exec but before waiting (@lukekarrys) - [`f3...

(IN_NN_CC_VBG)

[style] ~458-~458: Try using a synonym here to strengthen your wording.
Context: ...ull/7254) Remove additional example and comments about uninstall script (#7254) (@rveerd...

(COMMENT_REMARK)

[grammar] ~508-~508: The adjective “run-on” is spelled with a hyphen.
Context: ...2) update: Replace comma with period in run on sentence (#7142) (@DanKaplanSES) - [`05...

(RUN_ON_HYPHEN)

Additional comments not posted (19)

content/cli/v10/configuring-npm/npmrc.mdx (4)

32-35: LGTM!

The addition of backticks around file paths enhances clarity and readability.

The code changes are approved.

40-40: LGTM!

Updating the example configuration setting from prefix to cache reflects a more relevant setting for users.

The code changes are approved.

110-116: LGTM!

Uncommenting the _authToken settings clarifies the intended configurations for specific registries.

The code changes are approved.

112-116: LGTM!

Uncommenting the _authToken settings clarifies the intended configurations for specific registries.

The code changes are approved.

content/cli/v10/commands/npm.mdx (2)

34-34: LGTM!

Updating the version number from 10.2.4 to 10.8.3 reflects a significant update, likely involving new features or improvements.

The code changes are approved.

115-115: LGTM!

Modifying the URL for discussing new feature ideas enhances community engagement and organization.

The code changes are approved.

content/cli/v10/configuring-npm/package-json.mdx (13)

52-52: LGTM!

Clarifying the naming conventions for packages enhances clarity and consistency in the documentation.

The code changes are approved.

74-74: LGTM!

Capitalizing "URL" for consistency ensures adherence to standard conventions.

The code changes are approved.

84-84: LGTM!

Clarifying the description of the "bugs" field improves clarity and precision in the documentation.

The code changes are approved.

97-99: LGTM!

Clarifying the usage of the "bugs" field improves clarity and precision in the documentation.

The code changes are approved.

209-218: LGTM!

Adding examples for the "funding" field provides clearer guidance on how to structure this information.

The code changes are approved.

220-227: LGTM!

Adding examples for the "funding" field provides clearer guidance on how to structure this information.

The code changes are approved.

229-233: LGTM!

Adding examples for the "funding" field provides clearer guidance on how to structure this information.

The code changes are approved.

Line range hint 235-245: LGTM!

Adding examples for the "funding" field provides clearer guidance on how to structure this information.

The code changes are approved.

251-251: LGTM!

Adding a note about the npm fund subcommand enhances the documentation by providing additional information.

The code changes are approved.

Tools

LanguageTool

[uncategorized] ~251-~251: Possible missing comma found.
Context: ...so available when providing the project name such as: npm fund <projectname> (when...

(AI_HYDRA_LEO_MISSING_COMMA)

[typographical] ~251-~251: Do not use a colon (:) before a series that is introduced by a preposition (‘as’). Remove the colon or add a noun or a noun phrase after the preposition.
Context: ...le when providing the project name such as: npm fund <projectname> (when there ar...

(RP_COLON)

273-290: LGTM!

Explicitly listing the files that are always ignored by default improves the comprehensiveness of the documentation.

The code changes are approved.

291-300: LGTM!

Clarifying that certain files cannot be included even if specified in the files globs enhances clarity and precision in the documentation.

The code changes are approved.

Tools

LanguageTool

[style] ~300-~300: Unless you want to emphasize “not”, use “cannot” which is more common.
Context: ...- pnpm-lock.yaml - yarn.lock These can not be included. ### main The main field ...

(CAN_NOT_PREMIUM)

426-439: LGTM!

Clarifying the description of the "repository" field improves clarity and precision in the documentation.

The code changes are approved.

Tools

LanguageTool

[misspelling] ~439-~439: Use “a” instead of ‘an’ if the following word doesn’t start with a vowel sound, e.g. ‘a sentence’, ‘a university’.
Context: ...modification. It should not be a URL to an html project page that you put in your ...

(EN_A_VS_AN)

463-464: LGTM!

Clarifying the usage of the "repository" field improves clarity and precision in the documentation.

The code changes are approved.

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 240f524 and 6d777e1.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (2)

cli/package.json (1 hunks)
package.json (3 hunks)

Additional comments not posted (12)

cli/package.json (6)

5-5: Approved: Repository URL format updated.

The inclusion of the git+ prefix aligns with standard practices for Git repository URLs in package configurations.

11-18: Approved: Script modifications enhance consistency.

Updating the lint and lintfix commands to invoke npm run eslint standardizes the execution of linting tasks. The addition of the eslint script to cover multiple file types is a proactive approach to ensure comprehensive code quality checks.

33-35: Approved: DevDependencies updated.

The updates to development dependencies like @npmcli/eslint-config and tap are essential for ensuring that the development tools remain effective and up-to-date.

39-39: Approved: Node.js engine requirement updated.

Raising the minimum Node.js version to >=22.0.0 aligns with the need to utilize newer features and improvements. It is important to communicate this change effectively to users to manage expectations regarding compatibility.

51-51: Approved with caution: Tap configuration modified to allow incomplete coverage.

Allowing incomplete coverage in the tap configuration could impact the strictness of test coverage requirements. It's advisable to monitor this change to ensure it does not adversely affect overall code quality.

21-30: Approved: Dependency upgrades.

Upgrading dependencies such as @octokit/rest, minimatch, and tar ensures that the project utilizes the latest features and security improvements. It is recommended to verify compatibility with these new versions during integration testing.

Run the following script to verify compatibility:

package.json (6)

6-6: Approved: Repository URL format updated.

The inclusion of the git+ prefix aligns with standard practices for Git repository URLs in package configurations.

20-27: Approved: Script modifications enhance consistency.

Updating the lintfix command to invoke npm run eslint -- --fix standardizes the execution of linting tasks. The addition of the eslint script to cover multiple file types is a proactive approach to ensure comprehensive code quality checks.

70-93: Approved: DevDependencies updated.

The updates to development dependencies like @npmcli/eslint-config and eslint-plugin-prettier are essential for ensuring that the development tools remain effective and up-to-date.

97-97: Approved: Node.js engine requirement updated.

Raising the minimum Node.js version to >=22.0.0 aligns with the need to utilize newer features and improvements. It is important to communicate this change effectively to users to manage expectations regarding compatibility.

101-101: Approved: TemplateOSS version updated.

Updating the templateOSS version to 4.23.3 ensures that the project uses the latest template management features. Monitoring the impact of this change on project configurations is advisable to ensure smooth transitions.

35-56: Approved: Dependency upgrades.

Upgrading dependencies such as @octokit/plugin-retry, gatsby, and prism-react-renderer ensures that the project utilizes the latest features and security improvements. It is recommended to verify compatibility with these new versions during integration testing.

Run the following script to verify compatibility:

coderabbitai

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 6d777e1 and 2377ff3.

Files ignored due to path filters (1)

package-lock.json is excluded by !**/package-lock.json

Files selected for processing (2)

cli/package.json (1 hunks)
package.json (3 hunks)

Files skipped from review as they are similar to previous changes (2)

cli/package.json
package.json

…ates (#1292) Bumps the dependency-updates group with 2 updates in the / directory: [@octokit/plugin-retry](https://github.com/octokit/plugin-retry.js) and [framer-motion](https://github.com/framer/motion). Updates `@octokit/plugin-retry` from 7.1.1 to 7.1.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/octokit/plugin-retry.js/releases"><code>@octokit/plugin-retry</code>'s releases</a>.</em></p> <blockquote> <h2>v7.1.2</h2> <h2><a href="https://github.com/octokit/plugin-retry.js/compare/v7.1.1...v7.1.2">7.1.2</a> (2024-09-18)</h2> <h3>Bug Fixes</h3> <ul> <li><code>response.data.errors</code> is sometimes empty (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/577">#577</a>) (<a href="https://github.com/octokit/plugin-retry.js/commit/375b037a98bb3dcf20af1a37f7a02b0968cc01c0">375b037</a>), closes <a href="https://redirect.github.com/octokit/plugin-retry.js/issues/536">#536</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/octokit/plugin-retry.js/commit/375b037a98bb3dcf20af1a37f7a02b0968cc01c0"><code>375b037</code></a> fix: <code>response.data.errors</code> is sometimes empty (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/577">#577</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/8c69e1968331c15c179a65e3e2be79291462f8a2"><code>8c69e19</code></a> build(deps): bump vite from 5.4.5 to 5.4.6 (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/579">#579</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/f12d8c59ffb761cd4865b2f78c39e2786cb47eb5"><code>f12d8c5</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/578">#578</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/2a339996062cb5e6ca5d03fe203754b982f67159"><code>2a33999</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/575">#575</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/48bc4a4bce633771bf19852b4dded2896a2659bd"><code>48bc4a4</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/574">#574</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/458387bf2be40a0f544402c420971fcc12519bf8"><code>458387b</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/573">#573</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/0da6fd197aa345d1f4509bdaa168c7b3b767d761"><code>0da6fd1</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/572">#572</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/cafde99c1d8ccf45baf4cf5823ec681c5b707d27"><code>cafde99</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/571">#571</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/3578a3eafff5bf6885f775a6b12034c6b4c6377e"><code>3578a3e</code></a> chore(deps): update dependency fetch-mock to v11 (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/570">#570</a>)</li> <li><a href="https://github.com/octokit/plugin-retry.js/commit/b1cef645e13dd511953edb1eaf30f673d0b2da6a"><code>b1cef64</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-retry.js/issues/569">#569</a>)</li> <li>Additional commits viewable in <a href="https://github.com/octokit/plugin-retry.js/compare/v7.1.1...v7.1.2">compare view</a></li> </ul> </details> <br /> Updates `framer-motion` from 11.5.4 to 11.5.6 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/framer/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[11.5.6] 2024-09-20</h2> <h3>Fixed</h3> <ul> <li>Ensuring updating motion values during <code>render</code> doesn't lock rendering for an element.</li> </ul> <h2>[11.5.5] 2024-09-19</h2> <h3>Fixed</h3> <ul> <li>Changed values of child variants now animate even when the parent variant name hasn't changed.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/framer/motion/commit/1d4fe17c7291be5c40c979b641f114f496b2ca52"><code>1d4fe17</code></a> v11.5.6</li> <li><a href="https://github.com/framer/motion/commit/51836bee87097c6f7ba09b2ddb554aa7ae21af00"><code>51836be</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/f41e7e58d5da9e673af9071378825d9d3a0c003d"><code>f41e7e5</code></a> Making render check more robust</li> <li><a href="https://github.com/framer/motion/commit/b2a6148cd274c57c81a834ced44a71cc7c307944"><code>b2a6148</code></a> Updating version</li> <li><a href="https://github.com/framer/motion/commit/8fe6870c81a25eb45ecd8b0d7e4a45affec2964e"><code>8fe6870</code></a> v11.5.5</li> <li><a href="https://github.com/framer/motion/commit/bcdd7332bedb32930d69664c13ddb67c5e70cd1e"><code>bcdd733</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/111c7c0ff8774eec40145739b80d72d21760d2f6"><code>111c7c0</code></a> Animate values when child variant definitions change (<a href="https://redirect.github.com/framer/motion/issues/2804">#2804</a>)</li> <li><a href="https://github.com/framer/motion/commit/f7b62126a843856f896b207f880125ff37311153"><code>f7b6212</code></a> Removing annotation</li> <li><a href="https://github.com/framer/motion/commit/dcf88c8f6c178d1af7a8f7dec81326db5fd68cea"><code>dcf88c8</code></a> Updating version</li> <li>See full diff in <a href="https://github.com/framer/motion/compare/v11.5.4...v11.5.6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Induce minor readability changes: - Provide example for website in "author" parameter - Add description in package.json code example as advised in the documentation - Highlight & edit npm init command

…tes group (#1297) Bumps the dependency-updates group with 1 update: [framer-motion](https://github.com/framer/motion). Updates `framer-motion` from 11.5.6 to 11.7.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/framer/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[11.7.0] 2024-09-25</h2> <h3>Added</h3> <ul> <li>Added support for custom animation generators via <code>type</code>.</li> </ul> <h2>[11.6.0] 2024-09-24</h2> <h3>Added</h3> <ul> <li>Added <code>info</code> and element tracking to <code>scroll</code>.</li> <li>Added <code>steps</code> easing.</li> </ul> <h3>Changed</h3> <ul> <li>Values added to <code>will-change</code> now stay there for their lifespan to prevent GPU thrashing and weird Safari subpixel jitters.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/framer/motion/commit/aa6f494dfb50343b3b765ed2057f605967c9f3c0"><code>aa6f494</code></a> v11.7.0</li> <li><a href="https://github.com/framer/motion/commit/b716a433d1915059169ba4c00559268204e8dae8"><code>b716a43</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/aac3c01cd679d163a80cf4de108d4c276c318533"><code>aac3c01</code></a> Adding support for custom animation types (<a href="https://redirect.github.com/framer/motion/issues/2813">#2813</a>)</li> <li><a href="https://github.com/framer/motion/commit/2467e180bcd92620069e996a3cd421b0f4e1dbcc"><code>2467e18</code></a> Fixing size</li> <li><a href="https://github.com/framer/motion/commit/32998fcb2f501ff5b581cac38a7b3193d349c637"><code>32998fc</code></a> Updating version script</li> <li><a href="https://github.com/framer/motion/commit/2d6a81b2c4b572e0b590479ae6a17a0fbdb010e5"><code>2d6a81b</code></a> v11.6.0</li> <li><a href="https://github.com/framer/motion/commit/196efffec049d7714a1bf4cbda448781c00c06d8"><code>196efff</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/c186b5a81613d6412d0a16a4c0eba3469c8563b9"><code>c186b5a</code></a> Stop removing values from <code>will-change</code> once they finish animating (<a href="https://redirect.github.com/framer/motion/issues/2811">#2811</a>)</li> <li><a href="https://github.com/framer/motion/commit/cec5d8f97029a712cb6767d3b73f80de0d5f96e1"><code>cec5d8f</code></a> Fixing import</li> <li><a href="https://github.com/framer/motion/commit/acf533445ef270c75212d9f4ba8c01980d744827"><code>acf5334</code></a> Updating changelog</li> <li>Additional commits viewable in <a href="https://github.com/framer/motion/compare/v11.5.6...v11.7.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=framer-motion&package-manager=npm_and_yarn&previous-version=11.5.6&new-version=11.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the dependency-updates group with 2 updates: [@octokit/plugin-throttling](https://github.com/octokit/plugin-throttling.js) and [framer-motion](https://github.com/framer/motion). Updates `@octokit/plugin-throttling` from 9.3.1 to 9.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/octokit/plugin-throttling.js/releases"><code>@octokit/plugin-throttling</code>'s releases</a>.</em></p> <blockquote> <h2>v9.3.2</h2> <h2><a href="https://github.com/octokit/plugin-throttling.js/compare/v9.3.1...v9.3.2">9.3.2</a> (2024-10-04)</h2> <h3>Bug Fixes</h3> <ul> <li>handle 429 status code when being throttled (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/740">#740</a>) (<a href="https://github.com/octokit/plugin-throttling.js/commit/128ecb6b7c252789906300b29b0f98dd874b27cd">128ecb6</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/128ecb6b7c252789906300b29b0f98dd874b27cd"><code>128ecb6</code></a> fix: handle 429 status code when being throttled (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/740">#740</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/1d9370fc82c9188e2109f8b43152e5846a9513cd"><code>1d9370f</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/737">#737</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/4fc08ecae75e9307dea3634ac726039581691f9e"><code>4fc08ec</code></a> ci: correctly use the node version from the matrix (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/736">#736</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/792a128b61ec61afb07cd8fa1be7b00ecc781000"><code>792a128</code></a> chore(deps): update dependency fetch-mock to v11 (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/726">#726</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/69a1d8bab17fe7cdd2c708b904972ddd0f890835"><code>69a1d8b</code></a> chore(deps): update dependency <code>@octokit/tsconfig</code> to v4 (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/735">#735</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/72a7a098c1dccc5a7076a0898bdac7f6c228548f"><code>72a7a09</code></a> chore(deps): update dependency esbuild to ^0.24.0 (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/732">#732</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/c2b7f78f28aa179a6b5eefea1c613134e359532c"><code>c2b7f78</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/733">#733</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/00d4c835ebca7c85646573ecb9186d24dc678727"><code>00d4c83</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/729">#729</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/555ab441219983e427dc89deb2d651c80bdcbc97"><code>555ab44</code></a> build(deps): bump vite from 5.4.1 to 5.4.6 (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/731">#731</a>)</li> <li><a href="https://github.com/octokit/plugin-throttling.js/commit/4882ed6f5d3c6e0d85816777ec1bb993130ad729"><code>4882ed6</code></a> build(deps): lock file maintenance (<a href="https://redirect.github.com/octokit/plugin-throttling.js/issues/728">#728</a>)</li> <li>Additional commits viewable in <a href="https://github.com/octokit/plugin-throttling.js/compare/v9.3.1...v9.3.2">compare view</a></li> </ul> </details> <br /> Updates `framer-motion` from 11.11.0 to 11.11.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/framer/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[11.11.1] 2024-10-04</h2> <h3>Fix</h3> <ul> <li>Fixed optimised appear effects in granular Suspense environments.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/framer/motion/commit/3354bb93024f87e493edf688f546879b0649e372"><code>3354bb9</code></a> v11.11.1</li> <li><a href="https://github.com/framer/motion/commit/59eae7e98f56ae3dca6e124a8649e667c4aee9f2"><code>59eae7e</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/5340a38697c4ba6ca8677fe2f357147997dc1b09"><code>5340a38</code></a> Fixing start after hydration</li> <li><a href="https://github.com/framer/motion/commit/7eb672871705bad5aa31f8aa4b9f8a73224e0542"><code>7eb6728</code></a> Track appear effect handover per element due to Suspense (<a href="https://redirect.github.com/framer/motion/issues/2810">#2810</a>)</li> <li>See full diff in <a href="https://github.com/framer/motion/compare/v11.11.0...v11.11.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…dates group (#1316) Bumps the dependency-updates group with 1 update: [framer-motion](https://github.com/framer/motion). Updates `framer-motion` from 11.11.1 to 11.11.4 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/framer/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[11.11.4] 2024-10-08</h2> <h3>Fixed</h3> <ul> <li>Memoize <code>AnimatePresence</code> <code>safeToRemove</code>.</li> <li>Remove duplicate <code>layout="size"</code> annotation.</li> </ul> <h2>[11.11.3] 2024-10-08</h2> <h3>Fixed</h3> <ul> <li>Remove <code>as any</code> requirement for CSS variables.</li> </ul> <h2>[11.11.2] 2024-10-08</h2> <h3>Fixed</h3> <ul> <li>Make <code>BezierDefinition</code> <code>readonly</code> for easier definition outside a <code>Transition</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/framer/motion/commit/adc572f535be0f092e4b64fab26c823728d7b91c"><code>adc572f</code></a> v11.11.4</li> <li><a href="https://github.com/framer/motion/commit/35dc36ad71fa5c300f53131fe33cb858d78c2b83"><code>35dc36a</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/6b27a800ab9c5448113343c831bd20a008d60ead"><code>6b27a80</code></a> fix: memoize onExitComplete handler (<a href="https://redirect.github.com/framer/motion/issues/2802">#2802</a>)</li> <li><a href="https://github.com/framer/motion/commit/53885c4833f8cf57470aa440d50013f232939595"><code>53885c4</code></a> v11.11.3</li> <li><a href="https://github.com/framer/motion/commit/af8e55977c0081f3bb7ef6e3842a00f5f5f24851"><code>af8e559</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/adb0e9a7bdecd1e8176e16c54bd702737f6bf9d0"><code>adb0e9a</code></a> Fixing (<a href="https://redirect.github.com/framer/motion/issues/2825">#2825</a>)</li> <li><a href="https://github.com/framer/motion/commit/ac02eeaa632e6aafe83231945fb14b32dc67b5e4"><code>ac02eea</code></a> v11.11.2</li> <li><a href="https://github.com/framer/motion/commit/a40fc28a8d3211e50d9362911dc876d7ba569a06"><code>a40fc28</code></a> Updating changelog</li> <li><a href="https://github.com/framer/motion/commit/875a0998f0d72ff61b38a9accc2185731066a783"><code>875a099</code></a> refactor(types): Make BezierDefinition readonly for improved usability <a href="https://redirect.github.com/framer/motion/issues/2653">#2653</a> ...</li> <li><a href="https://github.com/framer/motion/commit/51179c376de749605647b4b82a6f302b6eaa95a2"><code>51179c3</code></a> Updating package size</li> <li>See full diff in <a href="https://github.com/framer/motion/compare/v11.11.1...v11.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=framer-motion&package-manager=npm_and_yarn&previous-version=11.11.1&new-version=11.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) from 29.7.0 to 30.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jestjs/jest/releases">jest's releases</a>.</em></p> <blockquote> <h2>Jest 30</h2> <p>Today we are happy to announce the release of Jest 30. This release features a substantial number of changes, fixes, and improvements. While it is one of the largest major releases of Jest ever, we admit that three years for a major release is too long. In the future, we are aiming to make more frequent major releases to keep Jest great for the next decade.</p> <p>If you want to skip all the news and just get going, run <code>npm install jest@^30.0.0</code> and follow the migration guide: <a href="https://jestjs.io/docs/upgrading-to-jest30">Upgrading from Jest 29 to 30</a>.</p> <p><a href="https://jestjs.io/blog/2025/06/04/jest-30">Read the full blog post</a></p> <h3>Features</h3> <ul> <li><code>[*]</code> Renamed <code>globalsCleanupMode</code> to <code>globalsCleanup</code> and <code>--waitNextEventLoopTurnForUnhandledRejectionEvents</code> to <code>--waitForUnhandledRejections</code></li> <li><code>[expect]</code> Add <code>ArrayOf</code> asymmetric matcher for validating array elements. (<a href="https://redirect.github.com/jestjs/jest/pull/15567">#15567</a>)</li> <li><code>[babel-jest]</code> Add option <code>excludeJestPreset</code> to allow opting out of <code>babel-preset-jest</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15164">#15164</a>)</li> <li><code>[expect]</code> Revert <a href="https://redirect.github.com/jestjs/jest/pull/15038">#15038</a> to fix <code>expect(fn).toHaveBeenCalledWith(expect.objectContaining(...))</code> when there are multiple calls (<a href="https://redirect.github.com/jestjs/jest/pull/15508">#15508</a>)</li> <li><code>[jest-circus, jest-cli, jest-config]</code> Add <code>waitNextEventLoopTurnForUnhandledRejectionEvents</code> flag to minimise performance impact of correct detection of unhandled promise rejections introduced in <a href="https://redirect.github.com/jestjs/jest/pull/14315">#14315</a> (<a href="https://redirect.github.com/jestjs/jest/pull/14681">#14681</a>)</li> <li><code>[jest-circus]</code> Add a <code>waitBeforeRetry</code> option to <code>jest.retryTimes</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14738">#14738</a>)</li> <li><code>[jest-circus]</code> Add a <code>retryImmediately</code> option to <code>jest.retryTimes</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14696">#14696</a>)</li> <li><code>[jest-circus, jest-jasmine2]</code> Allow <code>setupFilesAfterEnv</code> to export an async function (<a href="https://redirect.github.com/jestjs/jest/issues/10962">#10962</a>)</li> <li><code>[jest-circus, jest-test-result]</code> Add <code>startedAt</code> timestamp in <code>TestCaseResultObject</code> within <code>onTestCaseResult</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15145">#15145</a>)</li> <li><code>[jest-cli]</code> Export <code>buildArgv</code> (<a href="https://redirect.github.com/facebook/jest/pull/15310">#15310</a>)</li> <li><code>[jest-config]</code> [<strong>BREAKING</strong>] Add <code>mts</code> and <code>cts</code> to default <code>moduleFileExtensions</code> config (<a href="https://redirect.github.com/facebook/jest/pull/14369">#14369</a>)</li> <li><code>[jest-config]</code> [<strong>BREAKING</strong>] Update <code>testMatch</code> and <code>testRegex</code> default option for supporting <code>mjs</code>, <code>cjs</code>, <code>mts</code>, and <code>cts</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14584">#14584</a>)</li> <li><code>[jest-config]</code> Loads config file from provided path in <code>package.json</code> (<a href="https://redirect.github.com/facebook/jest/pull/14044">#14044</a>)</li> <li><code>[jest-config]</code> Allow loading <code>jest.config.cts</code> files (<a href="https://redirect.github.com/facebook/jest/pull/14070">#14070</a>)</li> <li><code>[jest-config]</code> Show <code>rootDir</code> in error message when a <code>preset</code> fails to load (<a href="https://redirect.github.com/jestjs/jest/pull/15194">#15194</a>)</li> <li><code>[jest-config]</code> Support loading TS config files using <code>esbuild-register</code> via docblock loader (<a href="https://redirect.github.com/jestjs/jest/pull/15190">#15190</a>)</li> <li><code>[jest-config]</code> Allow passing TS config loader options via docblock comment (<a href="https://redirect.github.com/jestjs/jest/pull/15234">#15234</a>)</li> <li><code>[jest-config]</code> If Node is running with type stripping enabled, do not require a TS loader (<a href="https://redirect.github.com/jestjs/jest/pull/15480">#15480</a>)</li> <li><code>[@jest/core]</code> Group together open handles with the same stack trace (<a href="https://redirect.github.com/jestjs/jest/pull/13417">#13417</a>, & <a href="https://redirect.github.com/jestjs/jest/pull/14789">#14789</a>)</li> <li><code>[@jest/core]</code> Add <code>perfStats</code> to surface test setup overhead (<a href="https://redirect.github.com/jestjs/jest/pull/14622">#14622</a>)</li> <li><code>[@jest/core]</code> [<strong>BREAKING</strong>] Changed <code>--filter</code> to accept an object with shape <code>{ filtered: Array<string> }</code> to match <a href="https://jestjs.io/docs/cli#--filterfile">documentation</a> (<a href="https://redirect.github.com/jestjs/jest/pull/13319">#13319</a>)</li> <li><code>[@jest/core]</code> Support <code>--outputFile</code> option for <a href="https://jestjs.io/docs/cli#--listtests"><code>--listTests</code></a> (<a href="https://redirect.github.com/jestjs/jest/pull/14980">#14980</a>)</li> <li><code>[@jest/core]</code> Stringify Errors properly with <code>--json</code> flag (<a href="https://redirect.github.com/jestjs/jest/pull/15329">#15329</a>)</li> <li><code>[@jest/core, @jest/test-sequencer]</code> [<strong>BREAKING</strong>] Exposes <code>globalConfig</code> & <code>contexts</code> to <code>TestSequencer</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14535">#14535</a>, & <a href="https://redirect.github.com/jestjs/jest/pull/14543">#14543</a>)</li> <li><code>[jest-each]</code> Introduce <code>%$</code> option to add number of the test to its title (<a href="https://redirect.github.com/jestjs/jest/pull/14710">#14710</a>)</li> <li><code>[@jest/environment]</code> [<strong>BREAKING</strong>] Remove deprecated <code>jest.genMockFromModule()</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15042">#15042</a>)</li> <li><code>[@jest/environment]</code> [<strong>BREAKING</strong>] Remove unnecessary defensive code (<a href="https://redirect.github.com/jestjs/jest/pull/15045">#15045</a>)</li> <li><code>[jest-environment-jsdom]</code> [<strong>BREAKING</strong>] Upgrade JSDOM to v22 (<a href="https://redirect.github.com/jestjs/jest/pull/13825">#13825</a>)</li> <li><code>[@jest/environment-jsdom-abstract]</code> Introduce new package which abstracts over the <code>jsdom</code> environment, allowing usage of custom versions of JSDOM (<a href="https://redirect.github.com/jestjs/jest/pull/14717">#14717</a>)</li> <li><code>[jest-environment-node]</code> Update jest environment with dispose symbols <code>Symbol</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14888">#14888</a> & <a href="https://redirect.github.com/jestjs/jest/pull/14909">#14909</a>)</li> <li><code>[expect, @jest/expect]</code> [<strong>BREAKING</strong>] Add type inference for function parameters in <code>CalledWith</code> assertions (<a href="https://redirect.github.com/facebook/jest/pull/15129">#15129</a>)</li> <li><code>[@jest/expect-utils]</code> Properly compare all types of <code>TypedArray</code>s (<a href="https://redirect.github.com/facebook/jest/pull/15178">#15178</a>)</li> <li><code>[@jest/fake-timers]</code> [<strong>BREAKING</strong>] Upgrade <code>@sinonjs/fake-timers</code> to v13 (<a href="https://redirect.github.com/jestjs/jest/pull/14544">#14544</a> & <a href="https://redirect.github.com/jestjs/jest/pull/15470">#15470</a>)</li> <li><code>[@jest/fake-timers]</code> Exposing new modern timers function <code>advanceTimersToFrame()</code> which advances all timers by the needed milliseconds to execute callbacks currently scheduled with <code>requestAnimationFrame</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14598">#14598</a>)</li> <li><code>[jest-matcher-utils]</code> Add <code>SERIALIZABLE_PROPERTIES</code> to allow custom serialization of objects (<a href="https://redirect.github.com/jestjs/jest/pull/14893">#14893</a>)</li> <li><code>[jest-mock]</code> Add support for the Explicit Resource Management proposal to use the <code>using</code> keyword with <code>jest.spyOn(object, methodName)</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14895">#14895</a>)</li> <li><code>[jest-reporters]</code> Add support for <a href="https://gist.github.com/christianparpart/d8a62cc1ab659194337d73e399004036">DEC mode 2026</a> (<a href="https://redirect.github.com/jestjs/jest/pull/15008">#15008</a>)</li> <li><code>[jest-resolver]</code> Support <code>file://</code> URLs as paths (<a href="https://redirect.github.com/jestjs/jest/pull/15154">#15154</a>)</li> <li><code>[jest-resolve,jest-runtime,jest-resolve-dependencies]</code> Pass the conditions when resolving stub modules (<a href="https://redirect.github.com/jestjs/jest/pull/15489">#15489</a>)</li> <li><code>[jest-runtime]</code> Exposing new modern timers function <code>jest.advanceTimersToFrame()</code> from <code>@jest/fake-timers</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14598">#14598</a>)</li> <li><code>[jest-runtime]</code> Support <code>import.meta.filename</code> and <code>import.meta.dirname</code> (available from <a href="https://nodejs.org/en/blog/release/v20.11.0">Node 20.11</a>) (<a href="https://redirect.github.com/jestjs/jest/pull/14854">#14854</a>)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jestjs/jest/blob/main/CHANGELOG.md">jest's changelog</a>.</em></p> <blockquote> <h2>30.0.0</h2> <h3>Features</h3> <ul> <li><code>[*]</code> Renamed <code>globalsCleanupMode</code> to <code>globalsCleanup</code> and <code>--waitNextEventLoopTurnForUnhandledRejectionEvents</code> to <code>--waitForUnhandledRejections</code></li> <li><code>[expect]</code> Add <code>ArrayOf</code> asymmetric matcher for validating array elements. (<a href="https://redirect.github.com/jestjs/jest/pull/15567">#15567</a>)</li> <li><code>[babel-jest]</code> Add option <code>excludeJestPreset</code> to allow opting out of <code>babel-preset-jest</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15164">#15164</a>)</li> <li><code>[expect]</code> Revert <a href="https://redirect.github.com/jestjs/jest/pull/15038">#15038</a> to fix <code>expect(fn).toHaveBeenCalledWith(expect.objectContaining(...))</code> when there are multiple calls (<a href="https://redirect.github.com/jestjs/jest/pull/15508">#15508</a>)</li> <li><code>[jest-circus, jest-cli, jest-config]</code> Add <code>waitNextEventLoopTurnForUnhandledRejectionEvents</code> flag to minimise performance impact of correct detection of unhandled promise rejections introduced in <a href="https://redirect.github.com/jestjs/jest/pull/14315">#14315</a> (<a href="https://redirect.github.com/jestjs/jest/pull/14681">#14681</a>)</li> <li><code>[jest-circus]</code> Add a <code>waitBeforeRetry</code> option to <code>jest.retryTimes</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14738">#14738</a>)</li> <li><code>[jest-circus]</code> Add a <code>retryImmediately</code> option to <code>jest.retryTimes</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14696">#14696</a>)</li> <li><code>[jest-circus, jest-jasmine2]</code> Allow <code>setupFilesAfterEnv</code> to export an async function (<a href="https://redirect.github.com/jestjs/jest/issues/10962">#10962</a>)</li> <li><code>[jest-circus, jest-test-result]</code> Add <code>startedAt</code> timestamp in <code>TestCaseResultObject</code> within <code>onTestCaseResult</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15145">#15145</a>)</li> <li><code>[jest-cli]</code> Export <code>buildArgv</code> (<a href="https://redirect.github.com/facebook/jest/pull/15310">#15310</a>)</li> <li><code>[jest-config]</code> [<strong>BREAKING</strong>] Add <code>mts</code> and <code>cts</code> to default <code>moduleFileExtensions</code> config (<a href="https://redirect.github.com/facebook/jest/pull/14369">#14369</a>)</li> <li><code>[jest-config]</code> [<strong>BREAKING</strong>] Update <code>testMatch</code> and <code>testRegex</code> default option for supporting <code>mjs</code>, <code>cjs</code>, <code>mts</code>, and <code>cts</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14584">#14584</a>)</li> <li><code>[jest-config]</code> Loads config file from provided path in <code>package.json</code> (<a href="https://redirect.github.com/facebook/jest/pull/14044">#14044</a>)</li> <li><code>[jest-config]</code> Allow loading <code>jest.config.cts</code> files (<a href="https://redirect.github.com/facebook/jest/pull/14070">#14070</a>)</li> <li><code>[jest-config]</code> Show <code>rootDir</code> in error message when a <code>preset</code> fails to load (<a href="https://redirect.github.com/jestjs/jest/pull/15194">#15194</a>)</li> <li><code>[jest-config]</code> Support loading TS config files using <code>esbuild-register</code> via docblock loader (<a href="https://redirect.github.com/jestjs/jest/pull/15190">#15190</a>)</li> <li><code>[jest-config]</code> Allow passing TS config loader options via docblock comment (<a href="https://redirect.github.com/jestjs/jest/pull/15234">#15234</a>)</li> <li><code>[jest-config]</code> If Node is running with type stripping enabled, do not require a TS loader (<a href="https://redirect.github.com/jestjs/jest/pull/15480">#15480</a>)</li> <li><code>[@jest/core]</code> Group together open handles with the same stack trace (<a href="https://redirect.github.com/jestjs/jest/pull/13417">#13417</a>, & <a href="https://redirect.github.com/jestjs/jest/pull/14789">#14789</a>)</li> <li><code>[@jest/core]</code> Add <code>perfStats</code> to surface test setup overhead (<a href="https://redirect.github.com/jestjs/jest/pull/14622">#14622</a>)</li> <li><code>[@jest/core]</code> [<strong>BREAKING</strong>] Changed <code>--filter</code> to accept an object with shape <code>{ filtered: Array<string> }</code> to match <a href="https://jestjs.io/docs/cli#--filterfile">documentation</a> (<a href="https://redirect.github.com/jestjs/jest/pull/13319">#13319</a>)</li> <li><code>[@jest/core]</code> Support <code>--outputFile</code> option for <a href="https://jestjs.io/docs/cli#--listtests"><code>--listTests</code></a> (<a href="https://redirect.github.com/jestjs/jest/pull/14980">#14980</a>)</li> <li><code>[@jest/core]</code> Stringify Errors properly with <code>--json</code> flag (<a href="https://redirect.github.com/jestjs/jest/pull/15329">#15329</a>)</li> <li><code>[@jest/core, @jest/test-sequencer]</code> [<strong>BREAKING</strong>] Exposes <code>globalConfig</code> & <code>contexts</code> to <code>TestSequencer</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14535">#14535</a>, & <a href="https://redirect.github.com/jestjs/jest/pull/14543">#14543</a>)</li> <li><code>[jest-each]</code> Introduce <code>%$</code> option to add number of the test to its title (<a href="https://redirect.github.com/jestjs/jest/pull/14710">#14710</a>)</li> <li><code>[@jest/environment]</code> [<strong>BREAKING</strong>] Remove deprecated <code>jest.genMockFromModule()</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15042">#15042</a>)</li> <li><code>[@jest/environment]</code> [<strong>BREAKING</strong>] Remove unnecessary defensive code (<a href="https://redirect.github.com/jestjs/jest/pull/15045">#15045</a>)</li> <li><code>[jest-environment-jsdom]</code> [<strong>BREAKING</strong>] Upgrade JSDOM to v22 (<a href="https://redirect.github.com/jestjs/jest/pull/13825">#13825</a>)</li> <li><code>[@jest/environment-jsdom-abstract]</code> Introduce new package which abstracts over the <code>jsdom</code> environment, allowing usage of custom versions of JSDOM (<a href="https://redirect.github.com/jestjs/jest/pull/14717">#14717</a>)</li> <li><code>[jest-environment-node]</code> Update jest environment with dispose symbols <code>Symbol</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14888">#14888</a> & <a href="https://redirect.github.com/jestjs/jest/pull/14909">#14909</a>)</li> <li><code>[expect, @jest/expect]</code> [<strong>BREAKING</strong>] Add type inference for function parameters in <code>CalledWith</code> assertions (<a href="https://redirect.github.com/facebook/jest/pull/15129">#15129</a>)</li> <li><code>[@jest/expect-utils]</code> Properly compare all types of <code>TypedArray</code>s (<a href="https://redirect.github.com/facebook/jest/pull/15178">#15178</a>)</li> <li><code>[@jest/fake-timers]</code> [<strong>BREAKING</strong>] Upgrade <code>@sinonjs/fake-timers</code> to v13 (<a href="https://redirect.github.com/jestjs/jest/pull/14544">#14544</a> & <a href="https://redirect.github.com/jestjs/jest/pull/15470">#15470</a>)</li> <li><code>[@jest/fake-timers]</code> Exposing new modern timers function <code>advanceTimersToFrame()</code> which advances all timers by the needed milliseconds to execute callbacks currently scheduled with <code>requestAnimationFrame</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14598">#14598</a>)</li> <li><code>[jest-matcher-utils]</code> Add <code>SERIALIZABLE_PROPERTIES</code> to allow custom serialization of objects (<a href="https://redirect.github.com/jestjs/jest/pull/14893">#14893</a>)</li> <li><code>[jest-mock]</code> Add support for the Explicit Resource Management proposal to use the <code>using</code> keyword with <code>jest.spyOn(object, methodName)</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14895">#14895</a>)</li> <li><code>[jest-reporters]</code> Add support for <a href="https://gist.github.com/christianparpart/d8a62cc1ab659194337d73e399004036">DEC mode 2026</a> (<a href="https://redirect.github.com/jestjs/jest/pull/15008">#15008</a>)</li> <li><code>[jest-resolver]</code> Support <code>file://</code> URLs as paths (<a href="https://redirect.github.com/jestjs/jest/pull/15154">#15154</a>)</li> <li><code>[jest-resolve,jest-runtime,jest-resolve-dependencies]</code> Pass the conditions when resolving stub modules (<a href="https://redirect.github.com/jestjs/jest/pull/15489">#15489</a>)</li> <li><code>[jest-runtime]</code> Exposing new modern timers function <code>jest.advanceTimersToFrame()</code> from <code>@jest/fake-timers</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14598">#14598</a>)</li> <li><code>[jest-runtime]</code> Support <code>import.meta.filename</code> and <code>import.meta.dirname</code> (available from <a href="https://nodejs.org/en/blog/release/v20.11.0">Node 20.11</a>) (<a href="https://redirect.github.com/jestjs/jest/pull/14854">#14854</a>)</li> <li><code>[jest-runtime]</code> Support <code>import.meta.resolve</code> (<a href="https://redirect.github.com/jestjs/jest/pull/14930">#14930</a>)</li> <li><code>[jest-runtime]</code> [<strong>BREAKING</strong>] Make it mandatory to pass <code>globalConfig</code> to the <code>Runtime</code> constructor (<a href="https://redirect.github.com/jestjs/jest/pull/15044">#15044</a>)</li> <li><code>[jest-runtime]</code> Add <code>unstable_unmockModule</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15080">#15080</a>)</li> <li><code>[jest-runtime]</code> Add <code>onGenerateMock</code> transformer callback for auto generated callbacks (<a href="https://redirect.github.com/jestjs/jest/pull/15433">#15433</a> & <a href="https://redirect.github.com/jestjs/jest/pull/15482">#15482</a>)</li> <li><code>[jest-runtime]</code> [<strong>BREAKING</strong>] Use <code>vm.compileFunction</code> over <code>vm.Script</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15461">#15461</a>)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jestjs/jest/commit/a383155cd5af4539b3c447cfa7184462ee32f418"><code>a383155</code></a> v30.0.0</li> <li><a href="https://github.com/jestjs/jest/commit/ce14203d9156f830a8e24a6e3e8205f670a72a40"><code>ce14203</code></a> v30.0.0-rc.1</li> <li><a href="https://github.com/jestjs/jest/commit/0ab14ba85dc7bb4fa72c062c64b039d779d77d26"><code>0ab14ba</code></a> v30.0.0-beta.9</li> <li><a href="https://github.com/jestjs/jest/commit/ac334c0cdf04ead9999f0964567d81672d116d42"><code>ac334c0</code></a> v30.0.0-beta.8</li> <li><a href="https://github.com/jestjs/jest/commit/7c799e579e8fd839b7521c6de6b55127795634dc"><code>7c799e5</code></a> v30.0.0-beta.7</li> <li><a href="https://github.com/jestjs/jest/commit/4f964497dc21c06ce4d54f1349e299a9f6773d52"><code>4f96449</code></a> v30.0.0-beta.6</li> <li><a href="https://github.com/jestjs/jest/commit/286dc4a3986e354e212ce193501895c206284952"><code>286dc4a</code></a> v30.0.0-beta.5</li> <li><a href="https://github.com/jestjs/jest/commit/76632c6ec3f56708ec5781158972a295d0cc9332"><code>76632c6</code></a> chore: drop node 23 (<a href="https://github.com/jestjs/jest/tree/HEAD/packages/jest/issues/15640">#15640</a>)</li> <li><a href="https://github.com/jestjs/jest/commit/69f0c890c804e6e6b0822adb592cd00372a7c297"><code>69f0c89</code></a> v30.0.0-beta.4</li> <li><a href="https://github.com/jestjs/jest/commit/2950cbbdc18614f35a7cc1a8b59dbc283bde9315"><code>2950cbb</code></a> Update deps.</li> <li>Additional commits viewable in <a href="https://github.com/jestjs/jest/commits/v30.0.0/packages/jest">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jest&package-manager=npm_and_yarn&previous-version=29.7.0&new-version=30.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…-updates group (#1629) Bumps the dependency-updates group with 1 update: [postcss-preset-env](https://github.com/csstools/postcss-plugins/tree/HEAD/plugin-packs/postcss-preset-env). Updates `postcss-preset-env` from 10.2.1 to 10.2.2 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/csstools/postcss-plugins/blob/main/plugin-packs/postcss-preset-env/CHANGELOG.md">postcss-preset-env's changelog</a>.</em></p> <blockquote> <h3>10.2.2</h3> <p><em>June 10, 2025</em></p> <ul> <li>Updated <a href="https://github.com/csstools/postcss-plugins/tree/main/plugins/postcss-is-pseudo-class"><code>@csstools/postcss-is-pseudo-class</code></a> to <a href="https://github.com/csstools/postcss-plugins/tree/main/plugins/postcss-is-pseudo-class/CHANGELOG.md#502"><code>5.0.2</code></a> (patch)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/csstools/postcss-plugins/commits/HEAD/plugin-packs/postcss-preset-env">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss-preset-env&package-manager=npm_and_yarn&previous-version=10.2.1&new-version=10.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…across 1 directory (#1631) Bumps the npm_and_yarn group with 1 update in the / directory: [brace-expansion](https://github.com/juliangruber/brace-expansion). Updates `brace-expansion` from 1.1.11 to 1.1.12 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/juliangruber/brace-expansion/releases">brace-expansion's releases</a>.</em></p> <blockquote> <h2>v1.1.12</h2> <ul> <li>pkg: publish on tag 1.x c460dbd</li> <li>fmt ccb8ac6</li> <li>Fix potential ReDoS Vulnerability or Inefficient Regular Expression (<a href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>) c3c73c8</li> </ul> <hr /> <p><a href="https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12">https://github.com/juliangruber/brace-expansion/compare/v1.1.11...v1.1.12</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/juliangruber/brace-expansion/commit/c85b8ad3f53d1eb65f4996a495cae61949855f7c"><code>c85b8ad</code></a> 4.0.1</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/5a5cc176c080b2fde292a9815dc6ecd97c870d17"><code>5a5cc17</code></a> fmt</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/0b6a9781e18e9d2769bb2931f4856d1360243ed2"><code>0b6a978</code></a> Fix potential ReDoS Vulnerability or Inefficient Regular Expression (<a href="https://redirect.github.com/juliangruber/brace-expansion/issues/65">#65</a>)</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/6a39bdddcf944374b475d99b0e8292d3727c7ebe"><code>6a39bdd</code></a> 4.0.0</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/dd72a59047e30ea265c4a58695a00ea82e90a437"><code>dd72a59</code></a> fmt</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/278132b187d4418fe8163da5e81710222f47e3f6"><code>278132b</code></a> feat: use string replaces instead of splits (<a href="https://redirect.github.com/juliangruber/brace-expansion/issues/64">#64</a>)</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/70e4c1baf9b91c77b1fa303a0c07d35389e9c0a0"><code>70e4c1b</code></a> add <code>tea.yaml</code></li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/b01a637b0578a7c59acc7d8386f11f8d0710b512"><code>b01a637</code></a> 3.0.0</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/9e781e913fe323e69248d36acebe29008666ba72"><code>9e781e9</code></a> node 16 is EOL</li> <li><a href="https://github.com/juliangruber/brace-expansion/commit/6dad2093f84eac403fb3715a624fede524967cec"><code>6dad209</code></a> docs</li> <li>Additional commits viewable in <a href="https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=brace-expansion&package-manager=npm_and_yarn&previous-version=1.1.11&new-version=1.1.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/npm/documentation/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the dependency-updates group with 2 updates: [framer-motion](https://github.com/motiondivision/motion) and [minimatch](https://github.com/isaacs/minimatch). Updates `framer-motion` from 12.17.0 to 12.17.3 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[12.17.3] 2025-06-12</h2> <h3>Changed</h3> <ul> <li>Refactored <code>MotionProps</code> into vanilla <code>MotionNodeOptions</code> type within <code>"motion-dom"</code> package.</li> </ul> <h2>[12.17.2] 2025-06-12</h2> <h3>Changed</h3> <ul> <li>Handle colors when creating animatable <code>"none"</code> keyframes for complex strings.</li> </ul> <h2>[12.17.1] 2025-06-12</h2> <h3>Fixed</h3> <ul> <li>Fixes <code>isValidProp</code> check with Rolldown.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/motiondivision/motion/commit/894f63108c13dad0710f515f9992cd2eded07413"><code>894f631</code></a> v12.17.3</li> <li><a href="https://github.com/motiondivision/motion/commit/062680395f855fc97919c28eac0836416fe3d325"><code>0626803</code></a> Updating changelog</li> <li><a href="https://github.com/motiondivision/motion/commit/66b0973c1e7e682427e50626eff78c5b7877337d"><code>66b0973</code></a> Merge pull request <a href="https://redirect.github.com/motiondivision/motion/issues/3251">#3251</a> from motiondivision/feature/refactor-visual-element</li> <li><a href="https://github.com/motiondivision/motion/commit/83607a512ab6d48d6158dd5c89767541204e1461"><code>83607a5</code></a> Fixing lockfile</li> <li><a href="https://github.com/motiondivision/motion/commit/cc0c326e8b43281a118fbbcb216a64b2bc7f64f3"><code>cc0c326</code></a> Fixing</li> <li><a href="https://github.com/motiondivision/motion/commit/18ef71044045c2c8fd0a9f4a3a66aeaaa2ae710e"><code>18ef710</code></a> v12.16.1-alpha.0</li> <li><a href="https://github.com/motiondivision/motion/commit/42e3b3e1800fb1b817c683bac954a407d81b2fde"><code>42e3b3e</code></a> Fixing tests</li> <li><a href="https://github.com/motiondivision/motion/commit/815c32407b5d7961ffd01bd6e939d860753ba637"><code>815c324</code></a> Fixing</li> <li><a href="https://github.com/motiondivision/motion/commit/90ff8a63c79dab4f54d5d92231c00414e7123ea8"><code>90ff8a6</code></a> Latest</li> <li><a href="https://github.com/motiondivision/motion/commit/9920cfc6a9e706c91e1878c277dffce58f8b31f6"><code>9920cfc</code></a> Refactor MotionProps into vanilla package</li> <li>Additional commits viewable in <a href="https://github.com/motiondivision/motion/compare/v12.17.0...v12.17.3">compare view</a></li> </ul> </details> <br /> Updates `minimatch` from 10.0.2 to 10.0.3 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/isaacs/minimatch/commit/2c65ee2c57964cae0ad55a612e2c76dfff7cb16a"><code>2c65ee2</code></a> 10.0.3</li> <li><a href="https://github.com/isaacs/minimatch/commit/4fba25e32a2bc96d5d25d117369c30e0b89751d1"><code>4fba25e</code></a> Use <code>@isaacs/brace-expansion</code></li> <li><a href="https://github.com/isaacs/minimatch/commit/41cb7dde009103bdb665107bfa757ff90cd60c69"><code>41cb7dd</code></a> ci: update typedoc action versions</li> <li><a href="https://github.com/isaacs/minimatch/commit/be94de0e8c379249873c6169f0a68b7854326264"><code>be94de0</code></a> update ci versions</li> <li>See full diff in <a href="https://github.com/isaacs/minimatch/compare/v10.0.2...v10.0.3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps the dependency-updates group with 3 updates: [framer-motion](https://github.com/motiondivision/motion), [eslint-mdx](https://github.com/mdx-js/eslint-mdx) and [eslint-plugin-mdx](https://github.com/mdx-js/eslint-mdx). Updates `framer-motion` from 12.17.3 to 12.18.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[12.18.1] 2025-06-13</h2> <h3>Fixed</h3> <ul> <li>Removed <code>"react"</code> import from <code>"motion-dom"</code>.</li> </ul> <h2>[12.18.0] 2025-06-13</h2> <h3>Added</h3> <ul> <li>Support for defining a timeline position relative to the start of the most recently added animation (e.g. <code><+0.5</code>, <code><-1</code>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/motiondivision/motion/commit/f3102d56a0a1a84aab20563f97e7976b6c8612df"><code>f3102d5</code></a> v12.18.1</li> <li><a href="https://github.com/motiondivision/motion/commit/7db0a4ea0ce0acc4e5890209fd7f354214a22687"><code>7db0a4e</code></a> Updating changelog</li> <li><a href="https://github.com/motiondivision/motion/commit/814dd8f0367f9ccf80c8114a622d74d7496a8c01"><code>814dd8f</code></a> Removing react from bundle</li> <li><a href="https://github.com/motiondivision/motion/commit/cddcc66430c5c96b2f560bb6a61160231f512c53"><code>cddcc66</code></a> v12.18.0</li> <li><a href="https://github.com/motiondivision/motion/commit/f24c97be53d836f8668a1d40bae0664a616d1ca6"><code>f24c97b</code></a> Adding tests</li> <li><a href="https://github.com/motiondivision/motion/commit/a9f3553c269b318a92d47bbdbae64dc02e045b62"><code>a9f3553</code></a> Merge pull request <a href="https://redirect.github.com/motiondivision/motion/issues/3250">#3250</a> from piotrjoniec/main</li> <li><a href="https://github.com/motiondivision/motion/commit/8a108ff7e1fd1bf8053346ab92af2f8adf2d8b69"><code>8a108ff</code></a> Merge branch 'main' into main</li> <li>See full diff in <a href="https://github.com/motiondivision/motion/compare/v12.17.3...v12.18.1">compare view</a></li> </ul> </details> <br /> Updates `eslint-mdx` from 3.4.2 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mdx-js/eslint-mdx/releases">eslint-mdx's releases</a>.</em></p> <blockquote> <h2>eslint-mdx@3.5.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/mdx-js/eslint-mdx/pull/580">#580</a> <a href="https://github.com/mdx-js/eslint-mdx/commit/27da91768c55979f6d65bd6d0226403f05ef5470"><code>27da917</code></a> Thanks <a href="https://github.com/apps/renovate"><code>@renovate</code></a> and <a href="https://github.com/JounQin"><code>@JounQin</code></a>! - refactor: target <code>ES2022</code> and drop unnecessary <code>tslib</code> dependency</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/mdx-js/eslint-mdx/compare/eslint-mdx@3.4.2...eslint-mdx@3.5.0">https://github.com/mdx-js/eslint-mdx/compare/eslint-mdx@3.4.2...eslint-mdx@3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/33e8f9dd2d7fc179637baa00b24a93de36462f74"><code>33e8f9d</code></a> chore: release package(s) (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/582">#582</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/8c9ef4beecd864a5083700021284af3a975681a1"><code>8c9ef4b</code></a> fix: use unified <code>performSyncWork</code> for parsing with remark config (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/583">#583</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/27da91768c55979f6d65bd6d0226403f05ef5470"><code>27da917</code></a> chore(deps): update all dependencies (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/580">#580</a>)</li> <li>See full diff in <a href="https://github.com/mdx-js/eslint-mdx/compare/eslint-mdx@3.4.2...eslint-mdx@3.5.0">compare view</a></li> </ul> </details> <br /> Updates `eslint-plugin-mdx` from 3.4.2 to 3.5.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mdx-js/eslint-mdx/releases">eslint-plugin-mdx's releases</a>.</em></p> <blockquote> <h2>eslint-plugin-mdx@3.5.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/mdx-js/eslint-mdx/pull/580">#580</a> <a href="https://github.com/mdx-js/eslint-mdx/commit/27da91768c55979f6d65bd6d0226403f05ef5470"><code>27da917</code></a> Thanks <a href="https://github.com/apps/renovate"><code>@renovate</code></a> and <a href="https://github.com/JounQin"><code>@JounQin</code></a>! - refactor: target <code>ES2022</code> and drop unnecessary <code>tslib</code> dependency</li> </ul> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/mdx-js/eslint-mdx/pull/583">#583</a> <a href="https://github.com/mdx-js/eslint-mdx/commit/8c9ef4beecd864a5083700021284af3a975681a1"><code>8c9ef4b</code></a> Thanks <a href="https://github.com/JounQin"><code>@JounQin</code></a>! - fix: use unified <code>performSyncWork</code> for parsing with remark config</p> </li> <li> <p>Updated dependencies [<a href="https://github.com/mdx-js/eslint-mdx/commit/27da91768c55979f6d65bd6d0226403f05ef5470"><code>27da917</code></a>]:</p> <ul> <li>eslint-mdx@3.5.0</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/mdx-js/eslint-mdx/compare/eslint-mdx@3.4.2...eslint-plugin-mdx@3.5.0">https://github.com/mdx-js/eslint-mdx/compare/eslint-mdx@3.4.2...eslint-plugin-mdx@3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/33e8f9dd2d7fc179637baa00b24a93de36462f74"><code>33e8f9d</code></a> chore: release package(s) (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/582">#582</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/8c9ef4beecd864a5083700021284af3a975681a1"><code>8c9ef4b</code></a> fix: use unified <code>performSyncWork</code> for parsing with remark config (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/583">#583</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/27da91768c55979f6d65bd6d0226403f05ef5470"><code>27da917</code></a> chore(deps): update all dependencies (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/580">#580</a>)</li> <li>See full diff in <a href="https://github.com/mdx-js/eslint-mdx/compare/eslint-plugin-mdx@3.4.2...eslint-plugin-mdx@3.5.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

#1637) Bumps the dependency-updates group with 1 update: [postcss](https://github.com/postcss/postcss). Updates `postcss` from 8.5.5 to 8.5.6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.6</h2> <ul> <li>Fixed <code>ContainerWithChildren</code> type discriminating (by <a href="https://github.com/Goodwine"><code>@Goodwine</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.6</h2> <ul> <li>Fixed <code>ContainerWithChildren</code> type discriminating (by <a href="https://github.com/Goodwine"><code>@Goodwine</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/postcss/postcss/commit/91d6eb5c3d1ca8acb4e8e3926005acf2b066c211"><code>91d6eb5</code></a> Release 8.5.6 version</li> <li><a href="https://github.com/postcss/postcss/commit/65ffc55117bf4289b1f977986ed76fad402641b1"><code>65ffc55</code></a> Update dependencies</li> <li><a href="https://github.com/postcss/postcss/commit/ecd20eb7f9587d63e3f3348b768aec0e9fb000d3"><code>ecd20eb</code></a> Fix ContainerWithChildren to allow discriminating the node type by comparing ...</li> <li>See full diff in <a href="https://github.com/postcss/postcss/compare/8.5.5...8.5.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=postcss&package-manager=npm_and_yarn&previous-version=8.5.5&new-version=8.5.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Fixed grammatical error: `that` -> `than`

…dates (#1648) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: npm CLI robot <npm-cli+bot@github.com>

…ates (#1662) Bumps the dependency-updates group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [framer-motion](https://github.com/motiondivision/motion) | `12.19.1` | `12.23.0` | | [babel-jest](https://github.com/jestjs/jest/tree/HEAD/packages/babel-jest) | `30.0.2` | `30.0.4` | | [eslint-mdx](https://github.com/mdx-js/eslint-mdx) | `3.5.0` | `3.6.0` | | [eslint-plugin-mdx](https://github.com/mdx-js/eslint-mdx) | `3.5.0` | `3.6.0` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `30.0.3` | `30.0.4` | | [jest-environment-jsdom](https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom) | `30.0.2` | `30.0.4` | Updates `framer-motion` from 12.19.1 to 12.23.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[12.23.0] 2025-07-02</h2> <h3>Added</h3> <ul> <li>Add <code>.stop()</code> and <code>.cancel()</code> methods to <code>useDragControls()</code>.</li> </ul> <h2>[12.22.0] 2025-07-01</h2> <h3>Added</h3> <ul> <li>Allow <code>delayChildren</code> to accept <code>stagger()</code>. This enables <code>from</code> and <code>ease</code> options when staggering variant children.</li> </ul> <h3>Deprecated</h3> <ul> <li><code>staggerChildren</code> and <code>staggerDirection</code> options.</li> </ul> <h2>[12.21.0] 2025-07-01</h2> <h3>Added</h3> <ul> <li>Allow <code>distanceThreshold</code> to be configurable via <code>useDragControls</code>.</li> </ul> <h2>[12.20.5] 2025-07-01</h2> <h3>Fixed</h3> <ul> <li>Improve performance of projection styles by writing directly to <code>element.style</code>.</li> <li>Only block layout animations when window has changed width.</li> </ul> <h2>[12.20.4] 2025-07-01</h2> <h3>Fixed</h3> <ul> <li>Improve performance of render loop.</li> <li>Improve performance of types.</li> </ul> <h2>[12.20.3] 2025-07-01</h2> <h3>Fixed</h3> <ul> <li>Always skip layout animation check on tree mount.</li> </ul> <h2>[12.20.2] 2025-07-01</h2> <h3>Fixed</h3> <ul> <li>Updated <code>Transition</code> type to be more permissive.</li> </ul> <h2>[12.20.1] 2025-06-30</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/motiondivision/motion/commit/a373936bc35696ea3f7335d58aaa6b0be71a1fb7"><code>a373936</code></a> v12.23.0</li> <li><a href="https://github.com/motiondivision/motion/commit/5d6da7900820300b97ec5404bca9cc3cb9920c69"><code>5d6da79</code></a> Updating changelog</li> <li><a href="https://github.com/motiondivision/motion/commit/f5cc9689e8d6f1613647745fac51813ef48d6345"><code>f5cc968</code></a> Merge pull request <a href="https://redirect.github.com/motiondivision/motion/issues/3298">#3298</a> from motiondivision/feature/drag-controls-cancel-stop</li> <li><a href="https://github.com/motiondivision/motion/commit/d7188b6bb769f8e5a308431d4ead198765c18636"><code>d7188b6</code></a> Reverting more</li> <li><a href="https://github.com/motiondivision/motion/commit/6562aadae4c61ef37316461c1734e6ebf109de6d"><code>6562aad</code></a> Latest</li> <li><a href="https://github.com/motiondivision/motion/commit/391f5d9bb616ffccf135ab9eec7effacb4967912"><code>391f5d9</code></a> Merge pull request <a href="https://redirect.github.com/motiondivision/motion/issues/3281">#3281</a> from KingSora/feat/more-powerful-drag-controls</li> <li><a href="https://github.com/motiondivision/motion/commit/17b2e79a8f6ae3f8d15e884fef821bfdeafc31c4"><code>17b2e79</code></a> v12.22.0</li> <li><a href="https://github.com/motiondivision/motion/commit/b5d3c074d88e7a98c61893f30cbaf63c7cdf5e5a"><code>b5d3c07</code></a> Updating changelog</li> <li><a href="https://github.com/motiondivision/motion/commit/6273907173d57a8d40c63ed529d35bafb9942ff7"><code>6273907</code></a> Merge pull request <a href="https://redirect.github.com/motiondivision/motion/issues/3294">#3294</a> from motiondivision/feature/delay-children</li> <li><a href="https://github.com/motiondivision/motion/commit/df42e6c3a26ec4431d387481f235f8813892f9c4"><code>df42e6c</code></a> Merge branch 'main' into feature/delay-children</li> <li>Additional commits viewable in <a href="https://github.com/motiondivision/motion/compare/v12.19.1...v12.23.0">compare view</a></li> </ul> </details> <br /> Updates `babel-jest` from 30.0.2 to 30.0.4 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jestjs/jest/blob/main/CHANGELOG.md">babel-jest's changelog</a>.</em></p> <blockquote> <h2>30.0.4</h2> <h3>Features</h3> <ul> <li><code>[expect]</code> The <code>Inverse</code> type is now exported (<a href="https://redirect.github.com/jestjs/jest/pull/15714">#15714</a>)</li> <li><code>[expect]</code> feat: support <code>async functions</code> in <code>toBe</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15704">#15704</a>)</li> </ul> <h3>Fixes</h3> <ul> <li><code>[jest]</code> jest --onlyFailures --listTests now correctly lists only failed tests (<a href="https://github.com/jestjs/jest/tree/HEAD/packages/babel-jest/issues/15700">#15700</a>)</li> <li><code>[jest-snapshot]</code> Handle line endings in snapshots (<a href="https://redirect.github.com/jestjs/jest/pull/15708">#15708</a>)</li> </ul> <h2>30.0.3</h2> <h3>Fixes</h3> <ul> <li><code>[jest-config]</code> Fix ESM TS config loading in a CJS project (<a href="https://redirect.github.com/jestjs/jest/pull/15694">#15694</a>)</li> <li><code>[jest-core]</code> jest --onlyFailures --listTests now correctly lists only failed tests(<a href="https://redirect.github.com/jestjs/jest/pull/15700">#15700</a>)</li> </ul> <h3>Features</h3> <ul> <li><code>[jest-diff]</code> Show non-printable control characters to diffs (<a href="https://redirect.github.com/facebook/jest/pull/15696">#15696</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jestjs/jest/commit/f4296d2bc85c1405f84ddf613a25d0bc3766b7e5"><code>f4296d2</code></a> v30.0.4</li> <li>See full diff in <a href="https://github.com/jestjs/jest/commits/v30.0.4/packages/babel-jest">compare view</a></li> </ul> </details> <br /> Updates `eslint-mdx` from 3.5.0 to 3.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mdx-js/eslint-mdx/releases">eslint-mdx's releases</a>.</em></p> <blockquote> <h2>eslint-mdx@3.6.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/mdx-js/eslint-mdx/pull/589">#589</a> <a href="https://github.com/mdx-js/eslint-mdx/commit/7b5e7489f59659df7cc8d03b5ed5354e0f8a452e"><code>7b5e748</code></a> Thanks <a href="https://github.com/JounQin"><code>@JounQin</code></a>! - feat: support specifying <code>remarkConfigPath</code> manually</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/51f359c5152ced8bb2450eb840d705a49e47821b"><code>51f359c</code></a> chore: release package(s) (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/590">#590</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/7b5e7489f59659df7cc8d03b5ed5354e0f8a452e"><code>7b5e748</code></a> feat: support specifying <code>remarkConfigPath</code> manually (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/589">#589</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/a51a0270bbf5a7769ba6509081ce3e1f34643b64"><code>a51a027</code></a> docs: remove blue underline from README.md (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/588">#588</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/2fd7907d17cc39a46eb8283a6f50102ac57c95a0"><code>2fd7907</code></a> docs: update funding info (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/587">#587</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/c10165e4f62cfa2261250783c632bf36bb55bc89"><code>c10165e</code></a> chore: bump all (dev)Dependencies (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/586">#586</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/6623c9b56f9d82593fbc6fcedc91edf57d3d9a25"><code>6623c9b</code></a> chore(deps): update all dependencies (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/585">#585</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/7a2f6f21ad18f48049ae8cf8373437fa78e121e4"><code>7a2f6f2</code></a> docs: update CHANGELOG</li> <li>See full diff in <a href="https://github.com/mdx-js/eslint-mdx/compare/eslint-mdx@3.5.0...eslint-mdx@3.6.0">compare view</a></li> </ul> </details> <br /> Updates `eslint-plugin-mdx` from 3.5.0 to 3.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mdx-js/eslint-mdx/releases">eslint-plugin-mdx's releases</a>.</em></p> <blockquote> <h2>eslint-plugin-mdx@3.6.0</h2> <h3>Minor Changes</h3> <ul> <li><a href="https://redirect.github.com/mdx-js/eslint-mdx/pull/589">#589</a> <a href="https://github.com/mdx-js/eslint-mdx/commit/7b5e7489f59659df7cc8d03b5ed5354e0f8a452e"><code>7b5e748</code></a> Thanks <a href="https://github.com/JounQin"><code>@JounQin</code></a>! - feat: support specifying <code>remarkConfigPath</code> manually</li> </ul> <h3>Patch Changes</h3> <ul> <li>Updated dependencies [<a href="https://github.com/mdx-js/eslint-mdx/commit/7b5e7489f59659df7cc8d03b5ed5354e0f8a452e"><code>7b5e748</code></a>]: <ul> <li>eslint-mdx@3.6.0</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/51f359c5152ced8bb2450eb840d705a49e47821b"><code>51f359c</code></a> chore: release package(s) (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/590">#590</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/7b5e7489f59659df7cc8d03b5ed5354e0f8a452e"><code>7b5e748</code></a> feat: support specifying <code>remarkConfigPath</code> manually (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/589">#589</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/a51a0270bbf5a7769ba6509081ce3e1f34643b64"><code>a51a027</code></a> docs: remove blue underline from README.md (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/588">#588</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/2fd7907d17cc39a46eb8283a6f50102ac57c95a0"><code>2fd7907</code></a> docs: update funding info (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/587">#587</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/c10165e4f62cfa2261250783c632bf36bb55bc89"><code>c10165e</code></a> chore: bump all (dev)Dependencies (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/586">#586</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/6623c9b56f9d82593fbc6fcedc91edf57d3d9a25"><code>6623c9b</code></a> chore(deps): update all dependencies (<a href="https://redirect.github.com/mdx-js/eslint-mdx/issues/585">#585</a>)</li> <li><a href="https://github.com/mdx-js/eslint-mdx/commit/7a2f6f21ad18f48049ae8cf8373437fa78e121e4"><code>7a2f6f2</code></a> docs: update CHANGELOG</li> <li>See full diff in <a href="https://github.com/mdx-js/eslint-mdx/compare/eslint-plugin-mdx@3.5.0...eslint-plugin-mdx@3.6.0">compare view</a></li> </ul> </details> <br /> Updates `jest` from 30.0.3 to 30.0.4 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jestjs/jest/blob/main/CHANGELOG.md">jest's changelog</a>.</em></p> <blockquote> <h2>30.0.4</h2> <h3>Features</h3> <ul> <li><code>[expect]</code> The <code>Inverse</code> type is now exported (<a href="https://redirect.github.com/jestjs/jest/pull/15714">#15714</a>)</li> <li><code>[expect]</code> feat: support <code>async functions</code> in <code>toBe</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15704">#15704</a>)</li> </ul> <h3>Fixes</h3> <ul> <li><code>[jest]</code> jest --onlyFailures --listTests now correctly lists only failed tests (<a href="https://github.com/jestjs/jest/tree/HEAD/packages/jest/issues/15700">#15700</a>)</li> <li><code>[jest-snapshot]</code> Handle line endings in snapshots (<a href="https://redirect.github.com/jestjs/jest/pull/15708">#15708</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jestjs/jest/commit/f4296d2bc85c1405f84ddf613a25d0bc3766b7e5"><code>f4296d2</code></a> v30.0.4</li> <li>See full diff in <a href="https://github.com/jestjs/jest/commits/v30.0.4/packages/jest">compare view</a></li> </ul> </details> <br /> Updates `jest-environment-jsdom` from 30.0.2 to 30.0.4 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jestjs/jest/blob/main/CHANGELOG.md">jest-environment-jsdom's changelog</a>.</em></p> <blockquote> <h2>30.0.4</h2> <h3>Features</h3> <ul> <li><code>[expect]</code> The <code>Inverse</code> type is now exported (<a href="https://redirect.github.com/jestjs/jest/pull/15714">#15714</a>)</li> <li><code>[expect]</code> feat: support <code>async functions</code> in <code>toBe</code> (<a href="https://redirect.github.com/jestjs/jest/pull/15704">#15704</a>)</li> </ul> <h3>Fixes</h3> <ul> <li><code>[jest]</code> jest --onlyFailures --listTests now correctly lists only failed tests (<a href="https://github.com/jestjs/jest/tree/HEAD/packages/jest-environment-jsdom/issues/15700">#15700</a>)</li> <li><code>[jest-snapshot]</code> Handle line endings in snapshots (<a href="https://redirect.github.com/jestjs/jest/pull/15708">#15708</a>)</li> </ul> <h2>30.0.3</h2> <h3>Fixes</h3> <ul> <li><code>[jest-config]</code> Fix ESM TS config loading in a CJS project (<a href="https://redirect.github.com/jestjs/jest/pull/15694">#15694</a>)</li> <li><code>[jest-core]</code> jest --onlyFailures --listTests now correctly lists only failed tests(<a href="https://redirect.github.com/jestjs/jest/pull/15700">#15700</a>)</li> </ul> <h3>Features</h3> <ul> <li><code>[jest-diff]</code> Show non-printable control characters to diffs (<a href="https://redirect.github.com/facebook/jest/pull/15696">#15696</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jestjs/jest/commit/f4296d2bc85c1405f84ddf613a25d0bc3766b7e5"><code>f4296d2</code></a> v30.0.4</li> <li>See full diff in <a href="https://github.com/jestjs/jest/commits/v30.0.4/packages/jest-environment-jsdom">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Michael Smith <owlstronaut@github.com>

This pull request updates the `.github/CODEOWNERS` file to reassign ownership of several directories and files from individual contributors to the `@npm/cli-team`.

#1660 (#1661)   ## Description This PR fixes issue #1660 a mobile view bug where the search overlay was overlapping the “npm docs” logo, causing a cluttered visual appearance and also the search button will remain visible even when we click the search Button. ## Actual https://github.com/user-attachments/assets/6d9c1ce8-2e7d-400c-8bd2-938907987fa5 ## Updated https://github.com/user-attachments/assets/e17230f7-11d7-4d24-b101-669afd0e2538 ## References  Closes #1660

…dates group (#1668) Bumps the dependency-updates group with 1 update: [framer-motion](https://github.com/motiondivision/motion). Updates `framer-motion` from 12.23.1 to 12.23.3 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/motiondivision/motion/blob/main/CHANGELOG.md">framer-motion's changelog</a>.</em></p> <blockquote> <h2>[12.23.3] 2025-07-10</h2> <h3>Changed</h3> <ul> <li><code>useScroll</code>: Re-attempt to initialise scroll animation within a <code>useEffect</code> if refs weren't hydrated during the <code>useLayoutEffect</code>. Throw if refs are still not hydrated during the <code>useEffect</code>.</li> </ul> <h2>[12.23.2] 2025-07-10</h2> <h3>Added</h3> <ul> <li>Added pages for remaining error and warning messages.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/motiondivision/motion/commit/1a7be2f815e9c51c4793468fe03b2127f23e1a85"><code>1a7be2f</code></a> v12.23.3</li> <li><a href="https://github.com/motiondivision/motion/commit/1f3d4ecb5ce57eaf9296d6b5a3d9acd06b21d41f"><code>1f3d4ec</code></a> Merge pull request <a href="https://redirect.github.com/motiondivision/motion/issues/3305">#3305</a> from motiondivision/fix/scroll</li> <li><a href="https://github.com/motiondivision/motion/commit/d90871a0a79b3b4c1164471f1c00f5b0b1b76e18"><code>d90871a</code></a> Fixing test</li> <li><a href="https://github.com/motiondivision/motion/commit/47081dd5e0c8db977874cec244b32a2b53dd0153"><code>47081dd</code></a> Merge branch 'main' into fix/scroll</li> <li><a href="https://github.com/motiondivision/motion/commit/17e0e4150c125139bb41f16e2db297683b9e6513"><code>17e0e41</code></a> v12.23.2</li> <li><a href="https://github.com/motiondivision/motion/commit/0c0a83e4a56897dbdd41dd8df85a4b77c1f28546"><code>0c0a83e</code></a> Updating error messages</li> <li><a href="https://github.com/motiondivision/motion/commit/0a0019a5d5ecd36f04bc4123c0c614601f74614a"><code>0a0019a</code></a> Adding warnings</li> <li><a href="https://github.com/motiondivision/motion/commit/46f62f319dae8a843b9543343d9f43593cef750d"><code>46f62f3</code></a> Updating changelog</li> <li><a href="https://github.com/motiondivision/motion/commit/e5a453d1e465cb82ec272d987667292a15aa4227"><code>e5a453d</code></a> Updating useScroll</li> <li>See full diff in <a href="https://github.com/motiondivision/motion/compare/v12.23.1...v12.23.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=framer-motion&package-manager=npm_and_yarn&previous-version=12.23.1&new-version=12.23.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…dates group (#1672) Bumps the dependency-updates group with 1 update: [@primer/react](https://github.com/primer/react). Updates `@primer/react` from 37.28.0 to 37.28.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/primer/react/releases"><code>@primer/react</code>'s releases</a>.</em></p> <blockquote> <h2><code>@primer/react</code><a href="https://github.com/37"><code>@37</code></a>.28.1</h2> <p><a href="https://primer-3cd37f5b55-13348165.drafts.github.io/">Permalink to Documentation</a></p> <h3>Patch Changes</h3> <ul> <li><a href="https://github.com/primer/react/commit/1d3aba0b1f93a880cc274e53d025ea2287b9fcd9"><code>1d3aba0</code></a> Thanks <a href="https://github.com/jonrohan"><code>@jonrohan</code></a>! - Fixing an issue where hovering the TabNav will give the tabs outlines.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/primer/react/commit/f8ffe6d8fa01fb351ba9dfad7be81551c37a8e41"><code>f8ffe6d</code></a> version <code>@primer/react</code> to v37.28.1</li> <li><a href="https://github.com/primer/react/commit/1d3aba0b1f93a880cc274e53d025ea2287b9fcd9"><code>1d3aba0</code></a> bugfix(TabNav): Fixing an issue where hovering the TabNav will give the tabs ...</li> <li>See full diff in <a href="https://github.com/primer/react/compare/@primer/react@37.28.0...@primer/react@37.28.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@primer/react&package-manager=npm_and_yarn&previous-version=37.28.0&new-version=37.28.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…rsion docs Closes npm/cli#8414 (#1659)   ## Description This PR addresses [npm/cli#8414](npm/cli#8414), which reports that switching versions using the CLI version dropdown does not properly update the displayed documentation. ### Changes - **Refactored `VariantItem` component**: These changes ensure that when users switch CLI versions from the dropdown, the documentation updates correctly to display the appropriate content for each version. --- ## Updated https://github.com/user-attachments/assets/8668e308-ac8d-4f09-b6f4-0ddafa67d317 ## References  Closes npm/cli#8414

prmerger-automator bot added the do-not-merge label May 8, 2024

pull bot added ⤵️ pull and removed do-not-merge labels May 8, 2024

coderabbitai bot reviewed Aug 8, 2024

View reviewed changes

coderabbitai bot reviewed Aug 12, 2024

View reviewed changes

coderabbitai bot reviewed Aug 13, 2024

View reviewed changes

coderabbitai bot reviewed Aug 27, 2024

View reviewed changes

coderabbitai bot reviewed Aug 28, 2024

View reviewed changes

coderabbitai bot reviewed Aug 29, 2024

View reviewed changes

coderabbitai bot reviewed Aug 30, 2024

View reviewed changes

dependabot bot and others added 14 commits September 13, 2024 09:16

Update docs to include note about submodules & workspaces (#1279)

4f67b3d

docs: Update creating-a-package-json-file.mdx (#1290)

eda158e

Induce minor readability changes: - Provide example for website in "author" parameter - Add description in package.json code example as advised in the documentation - Highlight & edit npm init command

CLI documentation update from CI

a0e786e

dependabot bot and others added 29 commits June 10, 2025 08:59

CLI documentation update from CI

e7a0739

CLI documentation update from CI

d38d965

CLI documentation update from CI

b878b96

docs: fix typo (#1639)

6e539fb

Fixed grammatical error: `that` -> `than`

CLI documentation update from CI

0b2e377

CLI documentation update from CI

7c436a1

CLI documentation update from CI

4d66eb7

CLI documentation update from CI

5e63545

CLI documentation update from CI

b1878b0

CLI documentation update from CI

e2e0d29

CLI documentation update from CI

cf827ad

chore: Update Codeowners (#1664)

ba39cbe

This pull request updates the `.github/CODEOWNERS` file to reassign ownership of several directories and files from individual contributors to the `@npm/cli-team`.

chore: weekly dependabot updates (#1666)

2c9b686

CLI documentation update from CI

6ac513e

pull bot merged commit ec0e49c into StemmlerSisters:main Jul 15, 2025
1 of 2 checks passed


		##### `:vuln`

		The `:vuln` pseudo selector retrieves data from the registry and returns information about which if your dependencies has a known vulnerability. Only dependencies whose current version matches a vulnerability will be returned. For example if you have `semver@7.6.0` in your tree, a vulnerability for `semver` which affects versions `<=6.3.1` will not match.

	- To configure a security-key requires a modern browser that support [WebAuthn][can-i-use]. This will allow you to configure a biometric devices featuring Apple [Touch ID][touch-id], [Face ID][face-id], or [Windows Hello][windows-hello] as well as physical keys such as [Yubikey][yubikey], [Thetis][thetis], or [Feitian][feitian].
	- To configure a security-key requires a modern browser that support [WebAuthn][can-i-use]. This will allow you to configure biometric devices featuring Apple [Touch ID][touch-id], [Face ID][face-id], or [Windows Hello][windows-hello] as well as physical keys such as [Yubikey][yubikey], [Thetis][thetis], or [Feitian][feitian].

[pull] main from npm:main #3

[pull] main from npm:main #3

Uh oh!

Conversation

pull bot commented May 8, 2024 • edited by coderabbitai bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Summary by CodeRabbit

Uh oh!

coderabbitai bot commented Jul 16, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Review skipped

Walkthrough

Changes

Sequence Diagram(s)

Chat

Support

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (.coderabbit.yaml)

Documentation and Community

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Aug 8, 2024

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Aug 8, 2024

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Aug 8, 2024

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Aug 8, 2024

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot Aug 13, 2024

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai bot left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

pull bot commented May 8, 2024 •

edited by coderabbitai bot

Loading

coderabbitai bot commented Jul 16, 2024 •

edited

Loading

CodeRabbit Configuration File (`.coderabbit.yaml`)