Bump @npmcli/arborist from 4.3.1 to 9.1.4

[dependabot]

Bumps @npmcli/arborist from 4.3.1 to 9.1.4.

Release notes

Sourced from @​npmcli/arborist's releases.

arborist: v9.1.4

9.1.4 (2025-09-03)

Bug Fixes

• 208c06e #8448 peer edge crash due to no parent or detached node (#8448) (@​milaninfy)
• 3b54e9c #8534 installLinks works with transitive external file dependencies (#8534) (@​owlstronaut)
• ed71acb #8473 arborist: #8472 Keeps the registry protocol when modifying resolve URL (#8473) (@​Jeepsboucher, Jean-Philippe Boucher)

Chores

• 619d43e #8540 fix pruner and reify tests for optional peer deps (#8540) (@​liamcmitchell, Liam Mitchell)

arborist: v9.1.3

9.1.3 (2025-07-24)

Bug Fixes

• 6dbe21a #8436 local transitive dependencies with --install-links=true (@​owlstronaut)
• 8042af3 #8431 prune optional peer dependencies that are no longer explicitly depended on (#8431) (@​G-Rath)
• c457c75 #8430 remove duplicate loop (#8430) (@​G-Rath)
• f7b056f #8400 clean up audit-report code (#8400) (@​wraithgar)
• f163d01 #8372 use omit when checking ideal tree engine (#8372) (@​owlstronaut)

Chores

• 3f60b5f #8383 @npmcli/template-oss@4.24.4 (#8383) (@​wraithgar)
• 01f8cc6 #8381 @npmcli/template-oss@4.24.3 (#8381) (@​wraithgar)

arborist: v9.1.2

9.1.2 (2025-06-11)

Bug Fixes

• 887385d #8356 arborist: use hosted-git-info to correctly parse resolved git urls (#8356) (@​milaninfy)

arborist: v9.1.1

9.1.1 (2025-05-21)

Bug Fixes

• 8f6eb6b #8312 arborist: fix file dep making wrong link (#8312) (@​alexsch01)

arborist: v9.1.0

9.1.0 (2025-05-15)

Features

• 57aa89f #8265 use run by default and run-script as the alias (#8265) (@​owlstronaut)

Bug Fixes

• d5bcf38 #8268 arborist: Add better error message when lockfile is malformed (#8268) (@​owlstronaut)
• 5e1fed9 #8290 arborist: improve README markdown (#8290) (@​mbtools)
• 0886e7a #8222 preserve registry path when replacing a host (@​owlstronaut)
• 815311b #8206 arborist: workspaces correctly path to file: packages from overrides (@​owlstronaut)

libnpmpack: v9.0.7

Dependencies

• workspace: @npmcli/arborist@9.1.4

libnpmpack: v9.0.6

Dependencies

• workspace: @npmcli/arborist@9.1.3

... (truncated)

Changelog

Sourced from @​npmcli/arborist's changelog.

9.1.4 (2025-09-03)

Bug Fixes

• 208c06e #8448 peer edge crash due to no parent or detached node (#8448) (@​milaninfy)
• 3b54e9c #8534 installLinks works with transitive external file dependencies (#8534) (@​owlstronaut)
• ed71acb #8473 arborist: #8472 Keeps the registry protocol when modifying resolve URL (#8473) (@​Jeepsboucher, Jean-Philippe Boucher)

Chores

• 619d43e #8540 fix pruner and reify tests for optional peer deps (#8540) (@​liamcmitchell, Liam Mitchell)

9.1.3 (2025-07-24)

Bug Fixes

• 6dbe21a #8436 local transitive dependencies with --install-links=true (@​owlstronaut)
• 8042af3 #8431 prune optional peer dependencies that are no longer explicitly depended on (#8431) (@​G-Rath)
• c457c75 #8430 remove duplicate loop (#8430) (@​G-Rath)
• f7b056f #8400 clean up audit-report code (#8400) (@​wraithgar)
• f163d01 #8372 use omit when checking ideal tree engine (#8372) (@​owlstronaut)

Chores

• 3f60b5f #8383 @npmcli/template-oss@4.24.4 (#8383) (@​wraithgar)
• 01f8cc6 #8381 @npmcli/template-oss@4.24.3 (#8381) (@​wraithgar)

9.1.2 (2025-06-11)

Bug Fixes

• 887385d #8356 arborist: use hosted-git-info to correctly parse resolved git urls (#8356) (@​milaninfy)

9.1.1 (2025-05-21)

Bug Fixes

• 8f6eb6b #8312 arborist: fix file dep making wrong link (#8312) (@​alexsch01)

9.1.0 (2025-05-15)

Features

• 57aa89f #8265 use run by default and run-script as the alias (#8265) (@​owlstronaut)

Bug Fixes

• d5bcf38 #8268 arborist: Add better error message when lockfile is malformed (#8268) (@​owlstronaut)
• 5e1fed9 #8290 arborist: improve README markdown (#8290) (@​mbtools)
• 0886e7a #8222 preserve registry path when replacing a host (@​owlstronaut)
• 815311b #8206 arborist: workspaces correctly path to file: packages from overrides (@​owlstronaut)

9.0.2 (2025-04-08)

Bug Fixes

• a96d8f6 #8184 arborist: omit failed optional dependencies from installed deps (#8184) (@​owlstronaut, @​zkat)
• 04f53ce #8180 arborist: safely fallback on unresolved $ dependency references (#8180) (@​owlstronaut)
• 885accd #8185 arborist: only replace hostname for resolved URL (#8185) (@​billy-briggs-dev)
• 8b7bb12 #8168 arborist: Allow downgrades to hoisted version dedupe workspace i… (#8168) (@​owlstronaut)
• 1642556 #8160 arborist: workspaces respect overrides on subsequent installs (#8160) (@​owlstronaut)

Chores

• 88a7b52 #8174 add load-virtual and reify tests for workspace override test coverage (#8174) (@​owlstronaut, @​TrevorBurnham)

9.0.1 (2025-03-05)

Bug Fixes

• b9225e5 #8089 resolve override conflicts and apply correct versions (#8089) (@​owlstronaut)
• d586f3b #8117 remove duplicate var (#8117) (@​TrevorBurnham)

... (truncated)

Commits

• 3b30e0b chore: release 11.6.0
• 619d43e chore: fix pruner and reify tests for optional peer deps (#8540)
• 208c06e fix: peer edge crash due to no parent or detached node (#8448)
• 3b54e9c fix: installLinks works with transitive external file dependencies (#8534)
• ed71acb fix(arborist): #8472 Keeps the registry protocol when modifying resolve URL (...
• 946b34a chore: release 11.5.0
• 6dbe21a fix: local transitive dependencies with --install-links=true
• 8042af3 fix: prune optional peer dependencies that are no longer explicitly depended ...
• c457c75 fix: remove duplicate loop (#8430)
• f7b056f fix: clean up audit-report code (#8400)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by owlstronaut, a new releaser for @​npmcli/arborist since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #271.