chore(deps): [Security] Bump npm from 6.13.4 to 6.14.12#57

Bumps [npm](https://github.com/npm/cli) from 6.13.4 to 6.14.12. **This update includes a security fix.** <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-93f3-23rq-pjfp">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Sensitive information exposure through logs in npm CLI</strong> Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like <code>://[[:]@][:][:][/]</code>. The password value is not redacted and is printed to stdout and also to any generated log files.</p> <p>Affected versions: &lt; 6.14.6</p> </blockquote> </details> <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/npm/cli/releases">npm's releases</a>.</em></p> <blockquote> <h2>v6.14.12</h2> <h2>6.14.12 (2021-03-25)</h2> <h3>DEPENDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/e4765404844a0b6795752b2bc6f9b9107fe713be"><code>e47654048</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/2737">#2737</a> Update y18n to fix CVE-2020-7774 (<a href="https://github.com/vecerek"><code>@vecerek</code></a>)</li> </ul> <h2>v6.14.11</h2> <h2>6.14.11 (2021-01-07)</h2> <h3>DEPENDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/19108ca5be1b3e7e9787dac3131aafe2722c6218"><code>19108ca5b</code></a> <code>[email protected]</code></li> <li><a href="https://github.com/npm/cli/commit/7a05740743ac9d9229e2dc9e1b9ca8b57d58c789"><code>7a0574074</code></a> <code>[email protected]</code> - devDep</li> </ul> <h3>DOCUMENTATION</h3> <ul> <li><a href="https://github.com/npm/cli/commit/1d235b230b44c5b97236cf42c6e5be18419b3263"><code>1d235b230</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/1881">#1881</a> docs: update link to CLI issues</li> </ul> <h3>TESTING</h3> <ul> <li><a href="https://github.com/npm/cli/commit/c0f8ce8fe0924ea9754d1163ea81a3d59af51b43"><code>c0f8ce8fe</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/1751">#1751</a> add s390x, ppc64 and ppc64el in supported cpu list</li> </ul> <h2>v6.14.10</h2> <h2>6.14.10 (2020-12-18)</h2> <h3>DEPENDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/906d647e1cacd74243abcacba3bade80437f30f5"><code>906d647e1</code></a> <code>[email protected]</code> <ul> <li>fixes: <a href="https://github-redirect.dependabot.com/nodejs/node/issues/36445"><code>[#36445](https://github.com/npm/cli/issues/36445)</code></a> addressing <a href="https://securitylab.github.com/advisories/GHSL-2020-145-domenic-opener"><code>GHSL-2020-145</code></a></li> </ul> </li> </ul> <h2>v6.14.9</h2> <h2>6.14.9 (2020-11-20)</h2> <h3>BUG FIXES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/4a91e48aa92be5b2739ebcdd8a9a841ff5cb6817"><code>4a91e48aa</code></a> fix: docs generation breaking builds</li> </ul> <h3>DEPENDDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/ab80a7cf092d52f4b055cc6d03c38b6115c4b582"><code>ab80a7cf0</code></a> <code>[email protected]</code> <ul> <li>dep update to resolve security issue <a href="https://github.com/advisories/GHSA-xgh6-85xh-479p">GHSA-xgh6-85xh-479p</a></li> </ul> </li> <li><a href="https://github.com/npm/cli/commit/6b2ab9d532ef8ffce326f4caa23eb27f83765acd"><code>6b2ab9d53</code></a> <code>[email protected]</code> <ul> <li>dep update to resolve security issue <a href="https://snyk.io/vuln/SNYK-JS-AJV-584908">SNYK-JS-AJV-584908</a></li> </ul> </li> </ul> <h2>v6.14.8</h2> <h2>6.14.8 (2020-08-17)</h2> <h3>BUG FIXES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/9262e8c88f2f828206423928b8e21eea67f4801a"><code>9262e8c88</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/1575">#1575</a> npm install --dev deprecation message (<a href="https://github.com/sandratatarevicova"><code>@sandratatarevicova</code></a>)</li> <li><a href="https://github.com/npm/cli/commit/765cfe0bc05a10b72026291ff0ca7c9ca5cb3f57"><code>765cfe0bc</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/issues/1658">#1658</a> remove unused broken require (<a href="https://github.com/aduh95"><code>@aduh95</code></a>)</li> <li><a href="https://github.com/npm/cli/commit/4e28de79a3a0aacc7603010a592beb448ceb6f5f"><code>4e28de79a</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/1663">#1663</a> Do not send user secret in the referer header (<a href="https://github.com/assapir"><code>@assapir</code></a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/npm/cli/blob/v6.14.12/CHANGELOG.md">npm's changelog</a>.</em></p> <blockquote> <h2>6.14.12 (2021-03-25)</h2> <h3>DEPENDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/e4765404844a0b6795752b2bc6f9b9107fe713be"><code>e47654048</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/2737">#2737</a> Update y18n to fix CVE-2020-7774 (<a href="https://github.com/vecerek"><code>@vecerek</code></a>)</li> </ul> <h2>6.14.11 (2021-01-07)</h2> <h3>DEPENDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/19108ca5be1b3e7e9787dac3131aafe2722c6218"><code>19108ca5b</code></a> <code>[email protected]</code>: <ul> <li>addressing <a href="https://github.com/advisories/GHSA-qqgx-2p2h-9c37"><code>CVE-2020-7788</code></a></li> </ul> </li> <li><a href="https://github.com/npm/cli/commit/7a05740743ac9d9229e2dc9e1b9ca8b57d58c789"><code>7a0574074</code></a> <code>[email protected]</code> <ul> <li>addressing <a href="https://github.com/advisories/GHSA-pp7h-53gx-mx7r"><code>CVE-2020-8244</code></a></li> </ul> </li> </ul> <h2>6.14.10 (2020-12-18)</h2> <h3>DEPENDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/906d647e1cacd74243abcacba3bade80437f30f5"><code>906d647e1</code></a> <code>[email protected]</code> <ul> <li>fixes: <a href="https://github-redirect.dependabot.com/nodejs/node/issues/36445"><code>[#36445](https://github.com/npm/cli/issues/36445)</code></a> addressing <a href="https://securitylab.github.com/advisories/GHSL-2020-145-domenic-opener"><code>GHSL-2020-145</code></a></li> </ul> </li> </ul> <h2>6.14.9 (2020-11-20)</h2> <h3>BUG FIXES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/4a91e48aa92be5b2739ebcdd8a9a841ff5cb6817"><code>4a91e48aa</code></a> fix: docs generation breaking builds</li> </ul> <h3>DEPENDDENCIES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/ab80a7cf092d52f4b055cc6d03c38b6115c4b582"><code>ab80a7cf0</code></a> <code>[email protected]</code> <ul> <li>dep update to resolve security issue <a href="https://github.com/advisories/GHSA-xgh6-85xh-479p">GHSA-xgh6-85xh-479p</a></li> </ul> </li> <li><a href="https://github.com/npm/cli/commit/6b2ab9d532ef8ffce326f4caa23eb27f83765acd"><code>6b2ab9d53</code></a> <code>[email protected]</code> <ul> <li>dep update to resolve security issue <a href="https://snyk.io/vuln/SNYK-JS-AJV-584908">SNYK-JS-AJV-584908</a></li> </ul> </li> </ul> <h2>6.14.8 (2020-08-17)</h2> <h3>BUG FIXES</h3> <ul> <li><a href="https://github.com/npm/cli/commit/9262e8c88f2f828206423928b8e21eea67f4801a"><code>9262e8c88</code></a> <a href="https://github-redirect.dependabot.com/npm/cli/pull/1575">#1575</a> npm install --dev deprecation message (<a href="https://github.com/sandratatarevicova"><code>@sandratatarevicova</code></a>)</li> <li><a href="https://github.com/npm/cli/commit/765cfe0bc05a10b72026291ff0ca7c9ca5cb3f57"><code>765cfe0bc</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/cli/commit/f96fa104ff9fcfa37b55599161ed73c15981dbd4"><code>f96fa10</code></a> 6.14.12</li> <li><a href="https://github.com/npm/cli/commit/98fca2db2d2a0e3ac592e29e9f514dd27ca833ab"><code>98fca2d</code></a> update AUTHORS</li> <li><a href="https://github.com/npm/cli/commit/cc322b6d4115ef0c76202ebbadfe9b268d87f508"><code>cc322b6</code></a> test: patch git init call</li> <li><a href="https://github.com/npm/cli/commit/d1161fbca30d71c8ebf07ae665b9557ceb6bbd42"><code>d1161fb</code></a> docs: changelog for v6.14.12</li> <li><a href="https://github.com/npm/cli/commit/e4765404844a0b6795752b2bc6f9b9107fe713be"><code>e476540</code></a> Update y18n to fix CVE-2020-7774</li> <li><a href="https://github.com/npm/cli/commit/792869f03892f4e55d2fef2031ffe7887c7ffac2"><code>792869f</code></a> 6.14.11</li> <li><a href="https://github.com/npm/cli/commit/afb3c9e6dc03a9c303d7483f23a4be2d52ddafcd"><code>afb3c9e</code></a> update AUTHORS</li> <li><a href="https://github.com/npm/cli/commit/7f14d6435f8b7553bc4a6fc4c20c4727a307596b"><code>7f14d64</code></a> docs: changelog for v6.14.11</li> <li><a href="https://github.com/npm/cli/commit/c0f8ce8fe0924ea9754d1163ea81a3d59af51b43"><code>c0f8ce8</code></a> Add s390x, ppc64 and ppc64el in supported cpu list</li> <li><a href="https://github.com/npm/cli/commit/1d235b230b44c5b97236cf42c6e5be18419b3263"><code>1d235b2</code></a> docs: update link to CLI issues</li> <li>Additional commits viewable in <a href="https://github.com/npm/cli/compare/v6.13.4...v6.14.12">compare view</a></li> </ul> </details> <br /> [](https://dependabot.com/compatibility-score/?dependency-name=npm&package-manager=npm_and_yarn&previous-version=6.13.4&new-version=6.14.12) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) </details>