[Snyk] Upgrade npm from 8.3.0 to 10.1.0

[DillonB07Bot]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade npm from 8.3.0 to 10.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 71 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-09-08.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: npm

• 10.1.0 - 2023-09-08
  

  10.1.0 (2023-09-08)

  Features

  • 1c93c44 #6755 Add --cpu and --os option to override platform specific install (#6755) (@ yukukotani)

  Bug Fixes

  • 7bf2374 #6762 make $npm_execpath always point to npm (@ rotu)

  Documentation

  • 09d8e0a #6759 fix versions of node.js in readme (#6759) (@ JoaoOtavioS)

  Dependencies

  • f76066a #6771 @ npmcli/agent@2.1.1
  • Workspace: @ npmcli/arborist@7.1.0
  • Workspace: @ npmcli/config@7.2.0
  • Workspace: libnpmdiff@6.0.1
  • Workspace: libnpmexec@7.0.1
  • Workspace: libnpmfund@4.1.1
  • Workspace: libnpmpack@6.0.1
• 10.0.0 - 2023-08-31
• 10.0.0-pre.1 - 2023-08-31
• 10.0.0-pre.0 - 2023-07-26
• 9.8.1 - 2023-07-19
• 9.8.0 - 2023-07-05
• 9.7.2 - 2023-06-21
• 9.7.1 - 2023-06-07
• 9.7.0 - 2023-05-31
• 9.6.7 - 2023-05-18
• 9.6.6 - 2023-05-03
• 9.6.5 - 2023-04-19
• 9.6.4 - 2023-04-05
• 9.6.3 - 2023-03-30
• 9.6.2 - 2023-03-15
• 9.6.1 - 2023-03-08
• 9.6.0 - 2023-03-02
• 9.5.1 - 2023-02-22
• 9.5.0 - 2023-02-15
• 9.4.2 - 2023-02-07
• 9.4.1 - 2023-02-02
• 9.4.0 - 2023-01-25
• 9.3.1 - 2023-01-17
• 9.3.0 - 2023-01-12
• 9.2.0 - 2022-12-07
• 9.1.3 - 2022-11-30
• 9.1.2 - 2022-11-16
• 9.1.1 - 2022-11-09
• 9.1.0 - 2022-11-02
• 9.0.1 - 2022-10-26
  

  9.0.1 (2023-10-02)

  Dependencies

  • aa6728b #6859 tar@6.2.0
  • ce9089f #6859 npm-package-arg@11.0.1
• 9.0.0 - 2022-10-19
• 9.0.0-pre.6 - 2022-10-19
• 9.0.0-pre.5 - 2022-10-13
• 9.0.0-pre.4 - 2022-10-05
• 9.0.0-pre.3 - 2022-09-30
• 9.0.0-pre.2 - 2022-09-23
• 9.0.0-pre.1 - 2022-09-14
• 9.0.0-pre.0 - 2022-09-12
• 8.19.4 - 2023-02-14
• 8.19.3 - 2022-11-03
• 8.19.2 - 2022-09-13
• 8.19.1 - 2022-09-01
• 8.19.0 - 2022-08-31
• 8.18.0 - 2022-08-17
• 8.17.0 - 2022-08-10
• 8.16.0 - 2022-08-03
• 8.15.1 - 2022-07-27
• 8.15.0 - 2022-07-20
• 8.14.0 - 2022-07-13
• 8.13.2 - 2022-06-29
• 8.13.1 - 2022-06-23
• 8.13.0 - 2022-06-22
• 8.12.2 - 2022-06-15
• 8.12.1 - 2022-06-02
• 8.12.0 - 2022-06-01
• 8.11.0 - 2022-05-25
• 8.10.0 - 2022-05-11
• 8.9.0 - 2022-05-04
• 8.8.0 - 2022-04-27
• 8.7.0 - 2022-04-14
• 8.6.0 - 2022-03-31
• 8.5.5 - 2022-03-17
• 8.5.4 - 2022-03-10
• 8.5.3 - 2022-03-03
• 8.5.2 - 2022-02-24
• 8.5.1 - 2022-02-17
• 8.5.0 - 2022-02-10
• 8.4.1 - 2022-02-03
• 8.4.0 - 2022-01-27
• 8.3.2 - 2022-01-20
• 8.3.1 - 2022-01-13
• 8.3.0 - 2021-12-09

from npm GitHub release notes

Commit messages

Package name: npm

• eca475f chore: release 10.1.0
• a85945b chore: update engines for private smoke-tests workspace
• f76066a deps: @ npmcli/agent@2.1.1
• 42bef2c chore: add smoke-test to proxy live registry
• 1c93c44 feat: Add `--cpu` and `--os` option to override platform specific install (#6755)
• 7bf2374 fix: make `$npm_execpath` always point to npm
• d0b7899 Create bug_10.yml
• 09d8e0a docs: fix versions of node.js in readme (#6759)
• 3f9aa45 chore: release 10.0.0
• b8a5764 chore: fix flaky log file tests
• 7f81e96 chore: use maxSockets:1 for some flaky arborist reify tests
• fb31c7e feat: trigger release process
• 48a7b07 feat: remove prerelease flags
• 52cb638 chore: release 10.0.0-pre.1
• 9e444ca chore: fix bundle version in libnpmpublish tests (#6748)
• 171b8a0 chore: remove extra git dirty check from ci
• 323cc4f chore: drop node14 support in private mock-globals workspace
• 5ab3f7e deps: @ npmcli/git@5.0.3
• eb41977 deps: @ npmcli/run-script@7.0.1
• f30c9e3 deps: @ npmcli/git@5.0.2
• f334466 deps: pacote@17.0.4
• bb63bf9 deps: @ npmcli/run-script@7.0.0
• 75642c6 deps: @ npmcli/promise-spawn@7.0.0
• dbb18f4 deps: @ npmcli/agent@2.1.0

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs