Bump lerna from 7.4.2 to 9.0.4 by dependabot[bot] · Pull Request #3218 · ioBroker/ioBroker.js-controller

dependabot · 2026-02-14T03:03:30Z

Bumps lerna from 7.4.2 to 9.0.4.

Release notes

v9.0.4

9.0.4 (2026-02-10)

Bug Fixes

bump tar to 7.5.7, rimraf to 6.1.2, @npmcli/run-script to 10.0.3 (#4267) (43e3d46)

v9.0.3

9.0.3 (2025-11-27)

Bumped some dependencies to reduce audit warning noise.

NOTE: 9.0.2 does not exist because of a failed release

v9.0.1

9.0.1 (2025-11-14)

Bug Fixes

expand version range to include nx v22.x (#4242) (0cca286)

v9.0.0

9.0.0 (2025-09-23)

Bug Fixes

publish: ensure README file names are populated on package.json (#4211) (362875d)

Features

support OIDC trusted publishing (d51e344)

OIDC trusted publishing is now supported by Lerna with no specification configuration required.

A new guide has been added: https://lerna.js.org/docs/recipes/oidc-trusted-publishing

A fully working example repo has been set up here https://github.com/JamesHenry/lerna-v9-oidc-publishing-example

BREAKING CHANGES

After updating we strongly recommend running lerna repair in your project. This will migrate your lerna.json to the latest and greatest and remove any outdated options.

As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.

node v18 support is dropped because it is end of life

When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.

We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:

... (truncated)

Changelog

Sourced from lerna's changelog.

9.0.4 (2026-02-10)

Bug Fixes

bump tar to 7.5.7, rimraf to 6.1.2, @npmcli/run-script to 10.0.3 (#4267) (43e3d46)

9.0.3 (2025-11-27)

Note: Version bump only for package lerna

9.0.2 (2025-11-27)

Note: Version bump only for package lerna

9.0.1 (2025-11-14)

Bug Fixes

expand version range to include nx v22.x (#4242) (0cca286)

9.0.0 (2025-09-23)

Bug Fixes

publish: ensure README file names are populated on package.json (#4211) (362875d)

Features

support OIDC trusted publishing (d51e344)

OIDC trusted publishing is now supported by Lerna with no specification configuration required.

A new guide has been added: https://lerna.js.org/docs/recipes/oidc-trusted-publishing

A fully working example repo has been set up here https://github.com/JamesHenry/lerna-v9-oidc-publishing-example

BREAKING CHANGES

After updating we strongly recommend running lerna repair in your project. This will migrate your lerna.json to the latest and greatest and remove any outdated options.

As this is a major release there are a few breaking changes to be aware of, which may or may not affect your lerna repos, depending on how you are using the tool.

node v18 support is dropped because it is end of life

When a node version becomes end of life (EOL) it means that it does not receive any updates or maintenance whatsoever, even if critical security vulnerabilities have been uncovered.

We strongly encourage all folks here to keep up with the maintenance LTS version of Node at an absolute minimum:

https://github.com/nodejs/release#release-schedule

The versions of node supported by lerna are now ^20.19.0 || ^22.12.0 || >=24.0.0.

... (truncated)

Commits

5f3669c chore(misc): publish 9.0.4
43e3d46 fix: bump tar to 7.5.7, rimraf to 6.1.2, @npmcli/run-script to 10.0.3 (#4267)
215ff00 chore(misc): publish 9.0.3
b1b2166 chore(misc): publish 9.0.2
6c1ea96 chore(deps): bump js-yaml from 4.1.0 to 4.1.1 (#4245)
9df335a chore(misc): publish 9.0.1
0cca286 fix: expand version range to include nx v22.x (#4242)
4c547b7 chore: publish v9.0.0
d51e344 feat: support OIDC trusted publishing
96095e2 feat!: drop EOL node 18, modernize dependencies, node now "^20.19.0 || ^22.12...
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

github-actions · 2026-03-03T05:55:21Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-03T08:01:36Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

dependabot · 2026-03-03T08:18:00Z

Dependabot can't resolve your JavaScript dependency files. Because of this, Dependabot cannot update this pull request.

github-actions · 2026-03-04T05:01:53Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-05T05:10:53Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-06T05:09:47Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-07T05:02:52Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-08T05:09:23Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-09T05:22:27Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-10T05:09:00Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-11T05:14:46Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-13T05:10:36Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

github-actions · 2026-03-14T05:10:37Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

Bumps [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna) from 7.4.2 to 9.0.4. - [Release notes](https://github.com/lerna/lerna/releases) - [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md) - [Commits](https://github.com/lerna/lerna/commits/v9.0.4/packages/lerna) --- updated-dependencies: - dependency-name: lerna dependency-version: 9.0.4 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-03-15T05:20:55Z

❌ Not Automerged

The PR does not match any automerge rules.

Details: No configuration rule matched this update

Dependabot Information:

Package name(s): lerna
Update type: major
Dependency type: development
Previous version: 7.4.2
New version: 9.0.4

Modified Files:

package-lock.json
package.json

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 14, 2026

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from 15b39c4 to 3a3d8d1 Compare March 3, 2026 05:46

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from 3a3d8d1 to f7dd6c1 Compare March 3, 2026 07:15

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from f7dd6c1 to 63dd3eb Compare March 4, 2026 04:26

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from 63dd3eb to bad10e9 Compare March 5, 2026 04:29

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from bad10e9 to d8220e4 Compare March 6, 2026 04:27

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from d8220e4 to 99d8443 Compare March 7, 2026 04:17

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from 99d8443 to fba8151 Compare March 8, 2026 04:29

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from fba8151 to c0cea3c Compare March 9, 2026 04:34

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from c0cea3c to 88b76fe Compare March 10, 2026 04:27

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from 88b76fe to acd5f9b Compare March 11, 2026 04:26

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from acd5f9b to dd0217a Compare March 13, 2026 04:29

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from dd0217a to b1fe575 Compare March 14, 2026 04:27

dependabot bot force-pushed the dependabot/npm_and_yarn/lerna-9.0.4 branch from b1fe575 to 6b0a58c Compare March 15, 2026 04:50

Uh oh!

Conversation

dependabot bot commented on behalf of github Feb 14, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v9.0.4

9.0.4 (2026-02-10)

Bug Fixes

v9.0.3

9.0.3 (2025-11-27)

v9.0.1

9.0.1 (2025-11-14)

Bug Fixes

v9.0.0

9.0.0 (2025-09-23)

Bug Fixes

Features

BREAKING CHANGES

9.0.4 (2026-02-10)

Bug Fixes

9.0.3 (2025-11-27)

9.0.2 (2025-11-27)

9.0.1 (2025-11-14)

Bug Fixes

9.0.0 (2025-09-23)

Bug Fixes

Features

BREAKING CHANGES

Uh oh!

github-actions bot commented Mar 3, 2026

Uh oh!

github-actions bot commented Mar 3, 2026

Uh oh!

dependabot bot commented on behalf of github Mar 3, 2026

Uh oh!

github-actions bot commented Mar 4, 2026

Uh oh!

github-actions bot commented Mar 5, 2026

Uh oh!

github-actions bot commented Mar 6, 2026

Uh oh!

github-actions bot commented Mar 7, 2026

Uh oh!

github-actions bot commented Mar 8, 2026

Uh oh!

github-actions bot commented Mar 9, 2026

Uh oh!

github-actions bot commented Mar 10, 2026

Uh oh!

github-actions bot commented Mar 11, 2026

Uh oh!

github-actions bot commented Mar 13, 2026

Uh oh!

github-actions bot commented Mar 14, 2026

Uh oh!

github-actions bot commented Mar 15, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Feb 14, 2026 •

edited

Loading