deps: bump pacote from 20.0.0 to 21.0.0 (#1390)

Bumps [pacote](https://github.com/npm/pacote) from 20.0.0 to 21.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/pacote/releases">pacote's
releases</a>.</em></p>
<blockquote>
<h2>v21.0.0</h2>
<h2><a
href="https://github.com/npm/pacote/compare/v20.0.0...v21.0.0">21.0.0</a>
(2024-11-25)</h2>
<h3>⚠️ BREAKING CHANGES</h3>
<ul>
<li><code>bun.lockb</code> files are now included in the strict ignore
list during packing</li>
<li>this module is now compatible with the following node versions:
^20.17.0 || &gt;=22.9.0</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/844dc08895a16f67573f9d24eab092a32b77e3a3"><code>844dc08</code></a>
update node engines to ^20.17.0 || &gt;=22.9.0 (<a
href="https://redirect.github.com/npm/pacote/issues/414">#414</a>) (<a
href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/2cb6fa7ecf8016776077ae76651aaf5e188715e5"><code>2cb6fa7</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/415">#415</a>
<code>[email protected]</code> (<a
href="https://redirect.github.com/npm/pacote/issues/415">#415</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/47b928ccefe1f3fc450e4d7df5058bac8a6090f6"><code>47b928c</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/412">#412</a>
replace node builtin rmSync with rimraf (<a
href="https://redirect.github.com/npm/pacote/issues/412">#412</a>) (<a
href="https://github.com/mbtools"><code>@​mbtools</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/b6f35a20be8baf7552c63c8255b33937066a1f06"><code>b6f35a2</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/402">#402</a> bump
<code>@​npmcli/arborist</code> from 7.5.4 to 8.0.0 (<a
href="https://redirect.github.com/npm/pacote/issues/402">#402</a>) (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="https://github.com/npm/pacote/commit/1ef54ba08b37fe4d83786d6de70f7a93917d3b6f"><code>1ef54ba</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/408">#408</a>
support tests on win32 (<a
href="https://redirect.github.com/npm/pacote/issues/408">#408</a>) (<a
href="https://github.com/mbtools"><code>@​mbtools</code></a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/555b00080f608468fd9219b77e6b24570e98caa2"><code>555b000</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/401">#401</a> bump
<code>@​npmcli/template-oss</code> from 4.23.3 to 4.23.4 (<a
href="https://redirect.github.com/npm/pacote/issues/401">#401</a>) (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot],
<a
href="https://github.com/npm-cli-bot"><code>@​npm-cli-bot</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/pacote/blob/main/CHANGELOG.md">pacote's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/pacote/compare/v20.0.0...v21.0.0">21.0.0</a>
(2024-11-25)</h2>
<h3>⚠️ BREAKING CHANGES</h3>
<ul>
<li><code>bun.lockb</code> files are now included in the strict ignore
list during packing</li>
<li>this module is now compatible with the following node versions:
^20.17.0 || &gt;=22.9.0</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/844dc08895a16f67573f9d24eab092a32b77e3a3"><code>844dc08</code></a>
update node engines to ^20.17.0 || &gt;=22.9.0 (<a
href="https://redirect.github.com/npm/pacote/issues/414">#414</a>) (<a
href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/2cb6fa7ecf8016776077ae76651aaf5e188715e5"><code>2cb6fa7</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/415">#415</a>
<code>[email protected]</code> (<a
href="https://redirect.github.com/npm/pacote/issues/415">#415</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/47b928ccefe1f3fc450e4d7df5058bac8a6090f6"><code>47b928c</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/412">#412</a>
replace node builtin rmSync with rimraf (<a
href="https://redirect.github.com/npm/pacote/issues/412">#412</a>) (<a
href="https://github.com/mbtools"><code>@​mbtools</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/b6f35a20be8baf7552c63c8255b33937066a1f06"><code>b6f35a2</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/402">#402</a> bump
<code>@​npmcli/arborist</code> from 7.5.4 to 8.0.0 (<a
href="https://redirect.github.com/npm/pacote/issues/402">#402</a>) (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="https://github.com/npm/pacote/commit/1ef54ba08b37fe4d83786d6de70f7a93917d3b6f"><code>1ef54ba</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/408">#408</a>
support tests on win32 (<a
href="https://redirect.github.com/npm/pacote/issues/408">#408</a>) (<a
href="https://github.com/mbtools"><code>@​mbtools</code></a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/555b00080f608468fd9219b77e6b24570e98caa2"><code>555b000</code></a>
<a href="https://redirect.github.com/npm/pacote/pull/401">#401</a> bump
<code>@​npmcli/template-oss</code> from 4.23.3 to 4.23.4 (<a
href="https://redirect.github.com/npm/pacote/issues/401">#401</a>) (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot],
<a
href="https://github.com/npm-cli-bot"><code>@​npm-cli-bot</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/npm/pacote/commit/bf1f60f58bb61f053262f54724edcacaadb221ce"><code>bf1f60f</code></a>
chore: release 21.0.0 (<a
href="https://redirect.github.com/npm/pacote/issues/413">#413</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/2cb6fa7ecf8016776077ae76651aaf5e188715e5"><code>2cb6fa7</code></a>
deps!: [email protected] (<a
href="https://redirect.github.com/npm/pacote/issues/415">#415</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/b6f35a20be8baf7552c63c8255b33937066a1f06"><code>b6f35a2</code></a>
chore: bump <code>@​npmcli/arborist</code> from 7.5.4 to 8.0.0 (<a
href="https://redirect.github.com/npm/pacote/issues/402">#402</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/844dc08895a16f67573f9d24eab092a32b77e3a3"><code>844dc08</code></a>
fix!: update node engines to ^20.17.0 || &gt;=22.9.0 (<a
href="https://redirect.github.com/npm/pacote/issues/414">#414</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/555b00080f608468fd9219b77e6b24570e98caa2"><code>555b000</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.23.3 to 4.23.4 (<a
href="https://redirect.github.com/npm/pacote/issues/401">#401</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/47b928ccefe1f3fc450e4d7df5058bac8a6090f6"><code>47b928c</code></a>
deps: replace node builtin rmSync with rimraf (<a
href="https://redirect.github.com/npm/pacote/issues/412">#412</a>)</li>
<li><a
href="https://github.com/npm/pacote/commit/1ef54ba08b37fe4d83786d6de70f7a93917d3b6f"><code>1ef54ba</code></a>
chore: support tests on win32 (<a
href="https://redirect.github.com/npm/pacote/issues/408">#408</a>)</li>
<li>See full diff in <a
href="https://github.com/npm/pacote/compare/v20.0.0...v21.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pacote&package-manager=npm_and_yarn&previous-version=20.0.0&new-version=21.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

cli/package.json

@@ -23,7 +23,7 @@
     "front-matter": "^4.0.2",
     "minimatch": "^10.0.1",
     "minipass": "^7.0.4",
-    "pacote": "^20.0.0",
+    "pacote": "^21.0.0",
     "proc-log": "^5.0.0",
     "semver": "^7.5.4",
     "tar": "^7.0.1",