Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump cosmiconfig from 8.3.6 to 9.0.0 #714

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 27, 2023

Bumps cosmiconfig from 8.3.6 to 9.0.0.

Changelog

Sourced from cosmiconfig's changelog.

9.0.0

  • Added searchStrategy option:
    • The none value means that cosmiconfig does not traverse any directories upwards.
      • Breaking change: This is the default value if you don't pass a stopDir option, which means that cosmiconfig no longer traverses directories by default, and instead just looks in the current working directory.
        • If you want to achieve maximum backwards compatibility without adding an explicit stopDir, add the searchStrategy: 'global' option.
    • The project value means that cosmiconfig traverses upwards until it finds a package.json (or .yaml) file.
    • The global value means that cosmiconfig traverses upwards until the passed stopDir, or your home directory if no stopDir is given.
  • Breaking change: Meta config files (i.e. config.js and similar) are not looked for in the current working directory anymore. Instead, it looks in the .config subfolder.
  • Breaking change: When defining searchPlaces in a meta config file, the tool-defined searchPlaces are merged into this. Users may specify mergeSearchPlaces: false to disable this.
  • Added support for a special $import key which will import another configuration file
    • The imported file will act as a base file - all properties from that file will be applied to the configuration, but can be overridden by the importing file
    • For more information, read the import section of the README
  • Added searching in OS conventional folders (XDG compatible on Linux, %APPDATA% on Windows, Library/Preferences on macOS) for searchStrategy: 'global'
  • Fixed crash when trying to load a file that is not readable due to file system permissions
  • Fixed wrong ERR_REQUIRE_ESM error being thrown when there is an issue loading an ESM file
Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 27, 2023
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cosmiconfig-9.0.0 branch 9 times, most recently from ed2ce90 to 974789b Compare December 4, 2023 05:43
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cosmiconfig-9.0.0 branch 5 times, most recently from 3c5eac6 to f735ad8 Compare December 8, 2023 06:00
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cosmiconfig-9.0.0 branch 5 times, most recently from 176a26a to 24990d4 Compare December 18, 2023 06:12
Bumps [cosmiconfig](https://github.com/cosmiconfig/cosmiconfig) from 8.3.6 to 9.0.0.
- [Release notes](https://github.com/cosmiconfig/cosmiconfig/releases)
- [Changelog](https://github.com/cosmiconfig/cosmiconfig/blob/v9.0.0/CHANGELOG.md)
- [Commits](cosmiconfig/cosmiconfig@cosmiconfig-v8.3.6...v9.0.0)

---
updated-dependencies:
- dependency-name: cosmiconfig
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/cosmiconfig-9.0.0 branch from 24990d4 to aafa576 Compare December 26, 2023 05:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

0 participants