Skip to content

Update dependency npm to v12#108

Open
renovate[bot] wants to merge 1 commit into
1.0from
renovate/npm-12.x
Open

Update dependency npm to v12#108
renovate[bot] wants to merge 1 commit into
1.0from
renovate/npm-12.x

Conversation

@renovate

@renovate renovate Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
npm (source) ^11.0.0^12.0.0 age confidence

Release Notes

npm/cli (npm)

v12.0.0

Compare Source

⚠️ BREAKING CHANGES
  • npm view --json now always returns an array.
  • npm sbom --sbom-format=cyclonedx now reports the name field from each package's package.json instead of the on-disk directory name. The name, bom-ref, and purl of the root component and of aliased dependencies may change.
  • npm no longer registers man pages with the system when installed globally. man npm-install will no longer work, but npm help install is unaffected.
  • The npm pkg output is no longer forced to json. This means you can get single values without having to worry about wrapping of the values. It also outputs non-json content more similarly to npm view.
  • npm shrinkwrap is removed, the shrinkwrap config alias is removed, and npm-shrinkwrap.json is no longer loaded or honored at the project root or from inside dependency tarballs. Rename project-root npm-shrinkwrap.json to package-lock.json; use bundleDependencies if you need to ship a locked dependency tree.
  • The Twitter and Freenode profile fields have been removed from the npm registry. This means that users will no longer be able to set or view these fields in their npm profiles.
  • npm will no longer attempt to resolve the path to node via whichnode. process.execPath is already set by Node to the resolved real path of the node binary, so the lookup was redundant. Scripts that expected npm to override process.execPath with a PATH-resolved (potentially symlinked) node path may be affected.
  • the --json output of npm pack and npm publish have changed. They are now always consistent, and in the same format.
  • the star, stars and unstar commands have been removed
  • The npm adduser command has been removed. Create and manage user accounts on the npm website, and use npm login to authenticate on the command line.
  • Preserve https protocol when working with git (#​8703)
  • The default license for npm init has been changed from "ISC" to an empty string. If not set, the license field will be omitted from new packages.
  • npm now supports node ^22.22.2 || ^24.15.0 || >=26.0.0
  • allow-git and allow-remote now default to "none"; set them to "all" (or "root") to install git or user-supplied tarball-URL dependencies.
  • root `preinstall` now runs before dependencies are installed.
  • unknown configs in .npmrc, unknown CLI flags, abbreviated flags, and single-hyphen multi-char shorthands now throw instead of warning.
Chores
Dependencies

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@codecov

codecov Bot commented Jul 8, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.90%. Comparing base (cf11502) to head (0ab05e0).

Additional details and impacted files
@@            Coverage Diff            @@
##                1.0     #108   +/-   ##
=========================================
  Coverage     77.90%   77.90%           
  Complexity       17       17           
=========================================
  Files             9        9           
  Lines            86       86           
=========================================
  Hits             67       67           
  Misses           19       19           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown

Qodana for JS

It seems all right 👌

No new problems were found according to the checks applied

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Contact Qodana team

Contact us at qodana-support@jetbrains.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants