chore(deps): update dependency pm2 to v7#21601
Merged
Merged
Conversation
c84ab10 to
c6d5078
Compare
Contributor
Author
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
ercultimate
approved these changes
Jul 2, 2026
spartacus
|
||||||||||||||||||||||||||||
| Project |
spartacus
|
| Branch Review |
renovate/pm2-7.x
|
| Run status |
|
| Run duration | 04m 15s |
| Commit |
|
| Committer | renovate[bot] |
| View all properties for this run ↗︎ | |
| Test results | |
|---|---|
|
|
0
|
|
|
3
|
|
|
0
|
|
|
0
|
|
|
103
|
| View all changes introduced in this branch ↗︎ | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^5.4.3→^7.0.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
Unitech/pm2 (pm2)
v7.0.3Compare Source
Bug Fixes
vizionusednode:-scheme requires; switched to bare specifiersv7.0.2Compare Source
Bug Fixes
pm2 servereturning 403 Forbidden on Windows — traversal guard used hardcoded/separator #6109pm2 lstable misalignment when a username exceeds theusercolumn width — cli-tableau'struncate()miscounts ANSI bytes, leaking bold into thewatchingcolumnApplying action … on app […]) wrapping on narrow terminals —Common.printOutnow ANSI-aware crops single-line TTY output to terminal width (piped output unaffected)Features
pm2 lshost-metrics line now shown by defaultpm2 update)pm2 lsadaptive layout: picks the widest layout that fits the terminal — full → condensed → new ultra-compactmini(id · name · status · cpu · mem) — and caps thenamecolumn so long names can't overflow the tablepm2 lshost-metrics line only lists network interfaces carrying traffic (hides idle utun/awdl/bridge/anpi/unused en*)pm2 lshost-metrics line: replacedmem freewithram usage(%), added GPU memory/temperature when reported, per-interface network errors/drops shown when non-zeroCore Refactor
pm2-sysmonitmodule andsysteminformationwithlib/tools/SysMetrics.js(Linux/macOS);pm2 slist/getSystemDataand the Docker metrics path now read this collector. Covered bytest/programmatic/sysmetrics.mocha.jsSecurity
js-yaml4.1.1 → 4.3.0 — fixes quadratic-complexity DoS in merge-key handling (GHSA-h67p-54hq-rp68) #6122ws8.20.0 → 8.21.0 — fixes uninitialized-memory disclosure and tiny-fragment DoS (GHSA-58qx-3vcg-4xpx, GHSA-96hv-2xvq-fx4p) #6116@pm2/js-api0.8.0 → 0.8.1, pulling in patchedws@8.21.0(its transitivewswas pinned to the vulnerable 7.x). Production deps are now advisory-free (npm audit --omit=devclean)v7.0.1Compare Source
Bug Fixes
includes('bun')substring check that matched any path containing the letters "bun" — most notably/home/ubuntu/.... Affected paths were routed throughProcessContainerForkBun.jsand crashed withSyntaxError: unterminated string literalwhen Python tried to parse the JS container. Anchored the match to the end of the interpreter path (=== 'bun'or/bun$/) in bothlib/God/ForkMode.jsandlib/Common.js#5990max_memory_restartinpm2 describeoutput when set #5925portoption toStartOptionsTypeScript declaration #6045openrc.tpltemplate (0755 → 0644) #5957bin/pm2*launchers to#!/usr/bin/env nodeshebang (was polyglot#!/bin/sh). Polyglot worked on Linux/macOS but broke npm'spm2.cmdshim on Windows —cmd.execan't interpret/bin/shshebang and failed with'"/bin/sh"' is not recognized as an internal or external command. PowerShell's auto-generatedpm2.ps1shim happened to callnodedirectly so it kept working, masking the regression. Bun-only Linux/macOS users (no Node installed) need to symlinknodetobun(sudo ln -s $(which bun) /usr/local/bin/node) — same workaround used in the project's bun test Dockerfile. Documented in README #6108v7.0.0Compare Source
Breaking Changes
Core Refactor
needlewith nativefetch(CliAuth, TAR publish)enquirerwith lightweight built-in prompt (boilerplate selector)promptlywith built-in lib/tools/promptmkdirpwith nativefs.mkdirSync({ recursive: true })source-map-supportwith nativeprocess.setSourceMapsEnabled()sprintf-jswith template literals (Dashboard)url.parse()with nativeURLconstructor (Serve, Utility, CliAuth)fclonenpm dep, use internalized moduleSecurity
Bug Fixes
Features
--ftpoption topm2 servefor directory listing (python http.server style)Dependencies
Testing
v6.0.14Compare Source
v6.0.13Compare Source
v6.0.12Compare Source
v6.0.11Compare Source
v6.0.10Compare Source
v6.0.9Compare Source
v6.0.8Compare Source
v6.0.7Compare Source
99d9224@webdiscusv6.0.6Compare Source
v6.0.5Compare Source
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.
Managed by the SAP Open Source Program Office. For questions/issues please raise an issue in the renovate-controller repository.