[Snyk] Upgrade pacote from 9.5.12 to 15.1.1

[InfiniteLove2020]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade pacote from 9.5.12 to 15.1.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 81 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-02-21.

Release notes

Package name: pacote

• 15.1.1 - 2023-02-21
  

  15.1.1 (2023-02-21)

  Bug Fixes

  • 8f4e39c #261 always ignore ownership from tar headers (#261) (@ nlf)
• 15.1.0 - 2023-02-13
  

  15.1.0 (2023-02-13)

  Features

  • 2916b72 #259 verifyAttestations to registry.manifest (@ feelepxyz, @ bdehamer)

  Dependencies

  • f0bd19b add sigstore 1.0.0
• 15.0.8 - 2022-12-15
  

  15.0.8 (2022-12-14)

  Dependencies

  • 40aa6fe #253 bump fs-minipass from 2.1.0 to 3.0.0
• 15.0.7 - 2022-12-07
  

  15.0.7 (2022-12-07)

  Dependencies

  • a734d61 #250 bump minipass from 3.3.6 to 4.0.0
• 15.0.6 - 2022-11-02
  

  15.0.6 (2022-11-02)

  Dependencies

  • dbbda43 #246 @ npmcli/run-script@6.0.0
• 15.0.5 - 2022-11-01
  

  15.0.5 (2022-11-01)

  Dependencies

  • 63797a8 #244 bump @ npmcli/promise-spawn from 5.0.0 to 6.0.1 (#244)
• 15.0.4 - 2022-10-26
  

  15.0.4 (2022-10-26)

  Dependencies

  • 854fad1 #239 bump @ npmcli/promise-spawn from 4.0.0 to 5.0.0 (#239)
• 15.0.3 - 2022-10-19
  

  15.0.3 (2022-10-19)

  Dependencies

  • 2a95ddb #235 bump @ npmcli/installed-package-contents (#235)
• 15.0.2 - 2022-10-18
  

  15.0.2 (2022-10-18)

  Bug Fixes

  • 95f9cd5 handle new npm-package-arg semantics (@ wraithgar)

  Dependencies

  • 2ed4d22 npm-package-arg@10.0.0
• 15.0.1 - 2022-10-17
  

  15.0.1 (2022-10-17)

  Dependencies

  • 74821c2 #229 bump @ npmcli/run-script from 4.2.1 to 5.0.0 (#229)
  • a9844d0 #226 bump @ npmcli/promise-spawn from 3.0.0 to 4.0.0 (#226)
  • 1058177 #227 bump read-package-json from 5.0.2 to 6.0.0
  • 0f5ef8a #228 bump @ npmcli/installed-package-contents from 1.0.7 to 2.0.0
  • 7e3b4b5 #220 bump ssri from 9.0.1 to 10.0.0
  • 4e7536d #222 bump @ npmcli/git from 3.0.2 to 4.0.0
  • 3bc7550 #223 bump npm-pick-manifest from 7.0.2 to 8.0.0
  • 41fab27 #224 bump proc-log from 2.0.1 to 3.0.0
  • 4abf24a #218 bump npm-registry-fetch from 13.3.1 to 14.0.0 (#218)
• 15.0.0 - 2022-10-13
• 14.0.0 - 2022-10-05
• 14.0.0-pre.3 - 2022-09-28
• 14.0.0-pre.2 - 2022-09-27
• 14.0.0-pre.1 - 2022-09-23
• 14.0.0-pre.0 - 2022-09-21
• 13.6.2 - 2022-08-16
• 13.6.1 - 2022-06-21
• 13.6.0 - 2022-06-01
• 13.5.0 - 2022-05-25
• 13.4.1 - 2022-05-19
• 13.4.0 - 2022-05-17
• 13.3.0 - 2022-05-04
• 13.2.0 - 2022-05-02
• 13.1.1 - 2022-04-06
• 13.1.0 - 2022-04-05
• 13.0.6 - 2022-04-05
• 13.0.5 - 2022-03-15
• 13.0.4 - 2022-03-14
• 13.0.3 - 2022-02-24
• 13.0.2 - 2022-02-16
• 13.0.1 - 2022-02-16
• 13.0.0 - 2022-02-15
• 12.0.3 - 2022-01-25
• 12.0.2 - 2021-10-12
• 12.0.1 - 2021-10-12
• 12.0.0 - 2021-10-05
• 11.3.5 - 2021-07-02
• 11.3.4 - 2021-06-02
• 11.3.3 - 2021-04-23
• 11.3.2 - 2021-04-22
• 11.3.1 - 2021-03-22
• 11.3.0 - 2021-03-08
• 11.2.7 - 2021-02-18
• 11.2.6 - 2021-02-05
• 11.2.5 - 2021-02-04
• 11.2.4 - 2021-02-01
• 11.2.3 - 2021-01-20
• 11.2.2 - 2021-01-20
• 11.2.1 - 2021-01-14
• 11.2.0 - 2021-01-14
• 11.1.14 - 2021-01-07
• 11.1.13 - 2020-11-05
• 11.1.12 - 2020-11-03
• 11.1.11 - 2020-07-21
• 11.1.10 - 2020-05-13
• 11.1.9 - 2020-05-04
• 11.1.8 - 2020-05-01
• 11.1.7 - 2020-05-01
• 11.1.6 - 2020-04-28
• 11.1.5 - 2020-04-28
• 11.1.4 - 2020-03-12
• 11.1.3 - 2020-03-12
• 11.1.2 - 2020-03-12
• 11.1.1 - 2020-03-10
• 11.1.0 - 2020-02-24
• 11.0.1 - 2020-02-24
• 11.0.0 - 2020-02-18
• 10.3.2 - 2020-02-08
• 10.3.1 - 2020-01-28
• 10.3.0 - 2019-12-26
• 10.2.1 - 2019-12-04
• 10.2.0 - 2019-11-27
• 10.1.6 - 2019-11-27
• 10.1.5 - 2019-11-25
• 10.1.4 - 2019-11-23
• 10.1.3 - 2019-11-13
• 10.1.2 - 2019-11-11
• 10.1.1 - 2019-10-30
• 10.1.0 - 2019-10-30
• 10.0.0 - 2019-10-29
• 9.5.12 - 2020-01-06

from pacote GitHub release notes

Commit messages

Package name: pacote

• 45e0f0c chore: release 15.1.1
• 8f4e39c fix: always ignore ownership from tar headers (Windows: small fixes and fewer warnings nodejs/node#261)
• a08a9a3 chore: release 15.1.0
• 2916b72 feat: verifyAttestations to registry.manifest
• f0bd19b deps: add sigstore 1.0.0
• d83bbe2 chore: postinstall for dependabot template-oss PR
• 3d28b99 chore: bump @ npmcli/template-oss from 4.11.3 to 4.11.4
• 545df2f chore: postinstall for dependabot template-oss PR
• ad751f9 chore: bump @ npmcli/template-oss from 4.11.0 to 4.11.3
• 99f7298 chore: release 15.0.8 (Windows 200ms delay issue. nodejs/node#254)
• 40aa6fe deps: bump fs-minipass from 2.1.0 to 3.0.0
• ae771fc chore: postinstall for dependabot template-oss PR
• db1b6d4 chore: bump @ npmcli/template-oss from 4.10.0 to 4.11.0
• 593f6bb chore: release 15.0.7 (The state of ES6 on io.js nodejs/node#251)
• a734d61 deps: bump minipass from 3.3.6 to 4.0.0
• 272edc1 chore: postinstall for dependabot template-oss PR
• 0491e8a chore: bump @ npmcli/template-oss from 4.8.0 to 4.10.0
• b0c286c chore: release 15.0.6
• dbbda43 deps: @ npmcli/run-script@6.0.0
• 62d9360 chore: release 15.0.5 (installer: install headers and iojs.lib on windows nodejs/node#245)
• 63797a8 deps: bump @ npmcli/promise-spawn from 5.0.0 to 6.0.1 (src: pass Isolate where necessary nodejs/node#244)
• 03625ab chore: postinstall for dependabot template-oss PR
• e65ca32 chore: bump @ npmcli/template-oss from 4.7.1 to 4.8.0
• 1f0552a chore: release 15.0.4 (src: zlib: revert concatenated-stream changes nodejs/node#240)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs