Bump minimist, mkdirp, sass-lint, npm and npm-check-updates

[dependabot]

Bumps minimist to 1.2.8 and updates ancestor dependencies minimist, mkdirp, sass-lint, npm and npm-check-updates. These dependencies need to be updated together.

Updates minimist from 1.2.0 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates mkdirp from 0.5.1 to 0.5.6

Commits

• 92f086d 0.5.6
• 2a28125 clean up tests
• c905d65 update minimist
• 049cf18 0.5.5
• bea6382 Remove unnecessary umask calls
• 42a012c 0.5.4
• 2867920 fix infinite loop on windows machines
• d784e70 0.5.3
• d612c5d add files list so this package isn't a monster
• b2e7ba0 0.5.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.

Updates sass-lint from 1.12.1 to 1.13.0

Release notes

Sourced from sass-lint's releases.

v1.13.0

1.13.0 (2019-04-25)

Bug Fixes

• ci: rollback release version to match npm (bf4f2ae)

Features

• ast: migrate from ast fork to latest version of gonzales (37863b7)
• lint: adds disable-next-line (b508036)

Changelog

Sourced from sass-lint's changelog.

Sass Lint Changelog

Commits

• dac0f12 chore(release): 1.13.0 [skip ci]
• 6b5a615 Merge pull request #1278 from srowhani/fix/release-version
• bf4f2ae fix(ci): rollback release version to match npm
• 037b459 Merge pull request #1276 from srowhani/fix/dependencies
• 37863b7 feat(ast): migrate from ast fork to latest version of gonzales
• b508036 feat(lint): adds disable-next-line
• 19df7ba Merge branch 'develop' into develop
• e391436 Merge pull request #1275 from srowhani/chore/ci-deploy-phase
• 2ab49c5 Merge branch 'develop' into chore/ci-deploy-phase
• 49b7253 chore(ci): fix build stages
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by srowhani, a new releaser for sass-lint since your current version.

Updates npm from 6.9.0 to 6.14.18

Changelog

Sourced from npm's changelog.

6.14.18 (2022-12-21)

DEPENDENCIES

• f55bd65da rimraf@2.7.1
• cd4894696 bluebird@3.7.2
• 023d7e96b cacache@12.0.4
• dd2811c0b config-chain@1.1.1:3
• e21b6ebd9 deep-equal@1.1.1
• 2bec581c6 dezalgo@1.0.4
• 273485157 figgy-pudding@3.5.2
• 720f8ae5e glob@7.2.3
• 5f1200e33 graceful-fs@4.2.1:0
• 58b74a38b is-cidr@3.1.1
• 4b609655f jsdom@16.7.0
• 14c7a1a85 meant@1.0.3
• 06d9cefc4 minimatch@3.1.2
• 1d2da355c mkdirp@0.5.6
• 22eda3a26 node-gyp@5.1.1
• b77a7f1b0 npm-registry-mock@1.3.2
• de37398af query-string@6.14.1
• 196650baa qw@1.0.2
• 3218c16b5 read-package-json@2.1.2
• 0f5d57919 request@2.88.2
• 43ed5c23b safe-buffer@5.2.1
• 31b51c564 tar-stream@2.2.0
• 209a79d1f uuid@3.4.0

... (truncated)

Commits

• 1314dc0 6.14.18
• 04cb2c7 update AUTHORS
• 771245f docs: changelog for v6.14.18
• ade941c chore: remove gh legacy url test
• 0a5f8d9 chore: remove verify no scoped test
• d3e7eed lock-verify@2.2.2
• 8b357e5 decode-uri-component@0.2.2
• db32f16 chore: minimatch is not a dep
• f521320 chore: cleanup lockfile
• 0437207 chore: should only lint source
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for npm since your current version.

Updates npm-check-updates from 2.15.0 to 16.10.9

Release notes

Sourced from npm-check-updates's releases.

v16.10.0

Feature

• Added filterResults option to filter out upgrades based on a user provided function.

filterResults runs after new versions are fetched, in contrast to filter and filterVersion, which run before. This allows you to filter out upgrades with filterResults based on how the version has changed (e.g. a major version change).

Only available in .ncurc.js or when importing npm-check-updates as a module.

/** Filter out non-major version updates.
  @param {string} packageName               The name of the dependency.
  @param {string} currentVersion            Current version declaration (may be range).
  @param {SemVer[]} currentVersionSemver    Current version declaration in semantic versioning format (may be range).
  @param {string} upgradedVersion           Upgraded version.
  @param {SemVer} upgradedVersionSemver     Upgraded version in semantic versioning format.
  @returns {boolean}                        Return true if the upgrade should be kept, otherwise it will be ignored.
*/
filterResults: (packageName, {currentVersion, currentVersionSemver, upgradedVersion, upgradedVersionSemver}) => {
  const currentMajorVersion = currentVersionSemver?.[0]?.major
  const upgradedMajorVersion = upgradedVersionSemver?.major
  if (currentMajorVersion && upgradedMajorVersion) {
    return currentMajorVersion < upgradedMajorVersion
  }
  return true
}

For the SemVer type definition, see: https://git.coolaj86.com/coolaj86/semver-utils.js#semverutils-parse-semverstring

Thanks to mslowiak for this enhancement!

v16.8.0

Feature

• Added --format lines

$ ncu --format lines
@ava/typescript@^4.0.0
ava@^5.2.0
eslint@^8.36.0
lerna@^6.5.1
typescript@^5.0.2

This is particularly useful for upgrading global modules:

npm install -g $(ncu -g --format lines)
</tr></table> 

... (truncated)

Changelog

Sourced from npm-check-updates's changelog.

Changelog

This file documents all major version releases. For other releases, please read the commit history.

[16.0.0] - 2022-07-23

Breaking

• Automatic detection of package data on stdin has been removed. This feature was deprecated in v14.0.0. Add --stdin for old behavior.
• Wild card filters now apply to scoped packages. Previously, ncu -f '*vite*' would not include @vitejs/plugin-react. Now, filters will match any part of the package name, including the scope. Use a more specific glob or regex expression for old behavior.

raineorshine/npm-check-updates@v15.3.4...v16.0.0

[15.0.0] - 2022-06-30

Breaking

• node >= 14.14 is now required (#1145)
  • Needed to upgrade update-notifier with has a moderate severity vulnerability
• yarn autodetect has been improved (#1148)
  • This is a patch, though technically it is breaking. In the obscure case where --packageManager is not given, there is no package-lock.json in the current folder, and there is a yarn.lock in an ancestor directory, npm-check-updates will now use yarn.
  • More practically, if you needed to specify --packageManager yarn explicitly before, you may not have to now

raineorshine/npm-check-updates@v14.1.1...v15.0.0

[14.0.0] - 2022-06-16

Breaking

Prerelease versions are now "upgraded" to versions with a different preid.

For example, if you have a dependency at 1.3.3-next.1 and the version fetched by ncu is 1.2.3-dev.2, ncu will suggest an "upgrade" to 1.2.3-dev.2. This is because prerelease versions with different preids are incomparable. Since they are incomparable, ncu now assumes the fetched version is desired.

Since this change affects only prereleases, there is no impact on default ncu usage that fetches the latest version. With --pre 1 or --target newest or --target greatest, this change could affect which version is suggested if versions with different preids are published. The change was made to support the new --target @[tag] feature.

If you have a use case where this change is not what is desired, please report an issue. The intention is for zero disruption to current usage.

Features

• You can now upgrade to a specific tag, e.g. --target @next. Thanks to IMalyugin.

raineorshine/npm-check-updates@v13.1.5...v14.0.0

[13.0.0] - 2022-05-15

Breaking

• node >= 14 is now required
• Several options which have long been deprecated have been removed:
  • --greatest - Instead use --target greatest

... (truncated)

Commits

• eda13a9 16.10.9
• cc72e21 Parse timeout as number (#1295).
• 1efca25 16.10.8
• 4efb9b7 npm: cleanup
• 668b44f Do not call isGlobalDeprecated when using pnpm (#1293).
• ff4ac81 npm update
• 65b62b0 16.10.7
• 363452d Bump prompts-ncu
• 5439c87 Replace yaml with lighter js-yaml.
• 1677619 Memoize findNpmConfig per path.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.