build(deps): bump npm-check-updates from 10.2.5 to 11.6.0

[dependabot-preview]

Bumps npm-check-updates from 10.2.5 to 11.6.0.

Release notes

Sourced from npm-check-updates's releases.

v11.5.0

Minor

npm-check-updates will now auto-detect yarn and apply --packageManager yarn when yarn.lock is present and package-lock.json is not present. You can override this by explicitly setting --packageManager npm. It will print "Using yarn" when the auto-detection is triggered.

v11.4.0

Minor

• Use --peer to check peer dependencies of installed packages and filter updates to compatible versions.
  • 791aa22 Respect peer dependencies (#869)
• Bump mem (minor)

Patch

• 696168b --deep: Fix Windows path
• Bump dependencies (patch)

v11.2.0

Wildcards and globs can now be used in filters without having to use regex:

ncu react-*      # upgrade packages that start with "react-"
ncu \!commander  # upgrade everything except "commander"

Since special characters are not allowed in package names, this change shouldn't break anything, but please let me know if a filter that was working before v11.2.0 is not now!

Commits

ee27448 Add filter support for wildcards and glob expressions. Fixes #219.

v11.0.0

Breaking

• --packageFile - Now interprets its argument as a glob pattern. It is possible that a previously supplied argument may be interepreted differently now (though I'm not aware of specific instances). Due to our conservative release policy we are releasing as a major version upgrade and allowing developers to assess for themselves.

Features

• --deep - Run recursively in current working directory. Alias of --packageFile '**/package.json'.

See: #785

raineorshine/npm-check-updates@v10.3.1...v11.0.0

Commits

• dfcbe8e 11.6.0
• f43e095 Bump dependencies
• 18358a4 feat: --mergeConfig option for --deep to inherit config settings (#897)
• 7f538ed 11.5.13
• a1ad7c9 getCurrentDependencies: Guard comparison of duplicates (#893).
• 486535f 11.5.12
• d864ad7 Bump dependencies
• 9faf86e Only print upgradedPeerDependencies if --peer is set.
• 74e959f test/doctor/options: Add required license field to package.json.
• e8eb22b Use lowest version when a dependency is in more than one section (#892).
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[ouzibot]

@dependabot-preview[bot]: Invalid title for the PR, the title needs to be like:

• refactor: this is a refactor commit => if using semantic-release will trigger a patch release
• fix: this is a fix commit => if using semantic-release will trigger a patch release
• feat: this is a feature commit => if using semantic-release will trigger a minor release
• major: this is a major commit => if using semantic-release will trigger a major release
• doc: this is a doc commit => if using semantic-release won't trigger a new release
• build: this is a build commit => if using semantic-release will trigger a patch release
• no-release: this is a no-release commit => won't trigger a new release

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ouzibot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot-preview[bot]
To complete the pull request process, please assign belitre after the PR has been reviewed.
You can assign the PR to them by writing /assign @belitre in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[dependabot-preview]

👋 If you need additional help with Dependabot, please fill out GitHub's Support form and your request will be routed to the right team at GitHub.

Be sure to include the details of any troubleshooting steps you've tried so far.

[ouzibot]

Hi @dependabot-preview[bot]. Thanks for your PR.

I'm waiting for a ouzi-dev member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ouzibot]

@dependabot-preview[bot]: Cannot trigger testing until a trusted user reviews the PR and leaves an /ok-to-test message.

In response to this:

Bumps npm-check-updates from 10.2.5 to 11.6.0.

Release notes

Sourced from npm-check-updates's releases.

v11.5.0

Minor

npm-check-updates will now auto-detect yarn and apply --packageManager yarn when yarn.lock is present and package-lock.json is not present. You can override this by explicitly setting --packageManager npm. It will print "Using yarn" when the auto-detection is triggered.

v11.4.0

Minor

• Use --peer to check peer dependencies of installed packages and filter updates to compatible versions.
  • 791aa22 Respect peer dependencies (#869)
• Bump mem (minor)

Patch

• 696168b --deep: Fix Windows path
• Bump dependencies (patch)

v11.2.0

Wildcards and globs can now be used in filters without having to use regex:

ncu react-*      # upgrade packages that start with "react-"
ncu \!commander  # upgrade everything except "commander"

Since special characters are not allowed in package names, this change shouldn't break anything, but please let me know if a filter that was working before v11.2.0 is not now!

Commits

ee27448 Add filter support for wildcards and glob expressions. Fixes #219.

v11.0.0

Breaking

• --packageFile - Now interprets its argument as a glob pattern. It is possible that a previously supplied argument may be interepreted differently now (though I'm not aware of specific instances). Due to our conservative release policy we are releasing as a major version upgrade and allowing developers to assess for themselves.

Features

• --deep - Run recursively in current working directory. Alias of --packageFile '**/package.json'.

See: #785

raineorshine/npm-check-updates@v10.3.1...v11.0.0

Commits

• dfcbe8e 11.6.0
• f43e095 Bump dependencies
• 18358a4 feat: --mergeConfig option for --deep to inherit config settings (#897)
• 7f538ed 11.5.13
• a1ad7c9 getCurrentDependencies: Guard comparison of duplicates (#893).
• 486535f 11.5.12
• d864ad7 Bump dependencies
• 9faf86e Only print upgradedPeerDependencies if --peer is set.
• 74e959f test/doctor/options: Add required license field to package.json.
• e8eb22b Use lowest version when a dependency is in more than one section (#892).
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ouzibot]

@dependabot-preview: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.