Skip to content

Bump inquirer from 8.2.6 to 12.6.3#6

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/inquirer-12.6.3
Closed

Bump inquirer from 8.2.6 to 12.6.3#6
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/inquirer-12.6.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Jun 21, 2025
edited
Loading

Bumps inquirer from 8.2.6 to 12.6.3.

Release notes

Sourced from inquirer's releases.

inquirer@12.6.3

  • Fix #1743: pagination logic of the select, checkbox and search prompts was fully rewritten to handle edge cases around rendering multi-line choices and pointer positioning.

inquirer@12.6.2

  • Chore: dependencies bump

inquirer@12.6.1

  • Fix #1741: Issue with SIGINT in some scenarios leaving promises unsettled on exit.
  • Fix: Remove monorepo related dependencies from all artifacts published to npm. This removes non-standard version specifiers like workspace:* from the public npm packages.

inquirer@12.6.0

  • Feat(@​inquirer/select): Added an instructions option allowing to customize the messages in the help tips.
  • Feat(@​inquirer/rawlist): Arrow keys will now cycle through the option, just like the @inquirer/select prompt. Also added a loop option to control the list loop behaviour when reaching the boundaries.

inquirer@12.5.2

  • README: Add new sponsor
  • Chore: dependency updates

inquirer@12.5.0

  • Feat (select): Introduce theme.indexMode to control displaying an index prefix in front of each choice. (defaults to hidden)
  • Fix (select): Improve search when number keys are pressed

inquirer@12.4.3

  • Fix an issue where inquirer would throw if Node is ran with the new --frozen-intrinsics flag.

inquirer@12.4.1

  • Mark @types/node as an optional peer dependency across all packages.

inquirer@12.4.0

  • Added new shortcut config to the checkbox prompt. Allows to customize or disable shortcut keys for select all and invert selection.

inquirer@12.3.3

inquirer@12.3.0

  • Checkbox prompt: re-added support for an array of default to be provided listing pre-checked checkboxes. This is a legacy interface brought back given this feature removal was an involuntary breaking change during the v12 release. The preferred interface is to provide the checked property to choices { value: 'bar', checked: true }.

inquirer@12.0.0

  • @types/node is now only a peerDependencies. This reduces the install size of inquirer dramatically for folks not using Typescript. It's unlikely to break your builds if you used TS already, if it does run npm install --dev @types/node/yarn add --dev @types/node.

inquirer@11.1.0

  • Now exports base utility Typescript types: import type { Question, DistinctQuestion, Answers } from 'inquirer';

You should use as follow to keep the inference working properly:

const questions = [
    { ... }
] as const satisfies Question[];
// If you're not using inquirer plugins, `Question` could alternatively be replaced by `DistinctQuestion` for stricter checks.
</tr></table>

... (truncated)

Commits
  • dc0770c Publish
  • 75123b5 Fix(@​inquirer/core): Fix paginated pointer jump if user moved up then down
  • 5985e79 Fix(@​inquirer/core): Major refactor of the pagination logic to work better wi...
  • e456e40 Refactor: Cleanups following #1759
  • 553d9fa Chore(repo): gitignore mcp servers
  • 85d4642 Publish
  • 9be3243 Fix(@​inquirer/core): Make sure useState set functions are always bound to the...
  • 22bf77f Chore(deps-dev): Bump @​types/node from 22.15.17 to 22.15.19 (#1756)
  • 79e0032 Chore(deps-dev): Bump the linting group with 3 updates (#1755)
  • 8812e6a Add community prompt inquirer-select-with-state (#1753)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Jun 21, 2025

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/inquirer-12.6.3 branch 3 times, most recently from 999e0db to da003fa Compare June 22, 2025 06:36
@dependabot
Bump inquirer from 8.2.6 to 12.6.3
0c6b0be 
Bumps [inquirer](https://github.com/SBoudrias/Inquirer.js) from 8.2.6 to 12.6.3.
- [Release notes](https://github.com/SBoudrias/Inquirer.js/releases)
- [Commits](https://github.com/SBoudrias/Inquirer.js/compare/inquirer@8.2.6...inquirer@12.6.3)

---
updated-dependencies:
- dependency-name: inquirer
  dependency-version: 12.6.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/inquirer-12.6.3 branch from da003fa to 0c6b0be Compare June 22, 2025 13:34
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Jun 25, 2025

Looks like inquirer is no longer a dependency, so this is no longer needed.

@dependabot dependabot bot closed this Jun 25, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/inquirer-12.6.3 branch June 25, 2025 04:25
urugus pushed a commit that referenced this pull request Mar 31, 2026
@claude
fix: address PR review feedback on supply chain check
abf4b3c 
- Use ts-node instead of tsx (already in devDependencies) (#1)
- Accept file path instead of JSON CLI argument to avoid ARG_MAX (#2)
- Add dedicated metadata-fetch-failed risk type (#3)
- Validate publishedAt for NaN and future dates (#4)
- Extract parseNpmAuditJson for testability (#7)
- Add tests for fetchPackageMetadata with fetch mocks (#6)
- Add tests for parseNpmAuditJson (#7)

https://claude.ai/code/session_01Vxfk5wpHFgVHZsof9pdVRb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants