Bump rimraf from 3.0.2 to 4.0.4

[dependabot]

Bumps rimraf from 3.0.2 to 4.0.4.

Changelog

Sourced from rimraf's changelog.

v4.0

• Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.
• Accept array of paths or single path.
• Windows performance and reliability improved.
• All strategies separated into explicitly exported methods.
• Drop support for Node.js below version 14
• rewrite in TypeScript
• ship CJS/ESM hybrid module

v3.0

• Add --preserve-root option to executable (default true)
• Drop support for Node.js below version 6

v2.7

• Make glob an optional dependency

2.6

• Retry on EBUSY on non-windows platforms as well
• Make rimraf.sync 10000% more reliable on Windows

2.5

• Handle Windows EPERM when lstat-ing read-only dirs
• Add glob option to pass options to glob

2.4

• Add EPERM to delay/retry loop
• Add disableGlob option

2.3

• Make maxBusyTries and emfileWait configurable
• Handle weird SunOS unlink-dir issue
• Glob the CLI arg for better Windows support

2.2

• Handle ENOENT properly on Windows
• Allow overriding fs methods
• Treat EPERM as indicative of non-empty dir
• Remove optional graceful-fs dep
• Consistently return null error instead of undefined on success
• win32: Treat ENOTEMPTY the same as EBUSY
• Add rimraf binary

... (truncated)

Commits

• a02bb88 4.0.4
• 00b50ce more ESM syntax issues
• 9ba1a2e 4.0.3
• bcc7691 fix syntax error in mjs
• bad1ecf 4.0.2
• 8ade1b6 Only retry for the specific thing raising EBUSY
• 5d5e87c 4.0.1
• d9b722e default to manual on Windows
• 3b6b098 4.0.0
• e0cffea ci: reduce workload even more
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Base: 97.48% // Head: 97.48% // No change to project coverage 👍

Coverage data is based on head (a76a7a8) compared to base (f9459be).
Patch has no changes to coverable lines.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #300   +/-   ##
=======================================
  Coverage   97.48%   97.48%           
=======================================
  Files          11       11           
  Lines         437      437           
  Branches       97       97           
=======================================
  Hits          426      426           
  Misses         11       11           

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

[willdurand]

Remove glob dependency entirely. This library now only accepts actual file and folder names to delete.

I suppose this is going to be a problem in the npm script where we are using rimraf?

[diox]

We could avoid rimraf entirely and use rm and find dist/ -name '*.spec' -delete instead:

diff --git a/package.json b/package.json
index ed0a328..e73708f 100644
--- a/package.json
+++ b/package.json
@@ -57,7 +57,6 @@
     "node-fetch": "2.6.7",
     "prettier": "2.7.1",
     "pretty-quick": "^3.0.0",
-    "rimraf": "^3.0.0",
     "safe-compare": "1.1.4",
     "sinon": "^14.0.0",
     "supertest": "^6.0.0",
@@ -68,7 +67,7 @@
   "scripts": {
     "eslint": "eslint --ext ts --ext js src/",
     "lint": "yarn eslint",
-    "prepack": "rimraf dist/ && tsc --outDir dist/ && rimraf dist/**/*.spec.* dist/*.spec.*",
+    "prepack": "rm -rf dist/ && tsc --outDir dist/ && find dist/ -name '*.spec.*' -delete",
     "prettier": "prettier --write '**'",
     "prettier-ci": "prettier --list-different '**' || (echo '\n\nThis failure means you did not run `yarn prettier-dev` before committing\n\n' && exit 1)",
     "prettier-dev": "pretty-quick --branch master",

?

[willdurand]

We could avoid rimraf entirely and use rm and find dist/ -name '*.spec' -delete instead:

That would break the npm script on Windows.

[diox]

Is the package ever going to be built on Windows ?

[dependabot]

Superseded by #304.

[willdurand]

Is the package ever going to be built on Windows ?

Not this one specifically, unless @eviljeff contributes to it maybe 😁

In any case, I feel like it would be good to not have unix-ish-only tooling and rimraf was a nice solution to avoid the use of rm and find. That being said and for this package, that might not be needed (though there are also differences between macOS and Linux because of BSD vs. GNU).

[eviljeff]

Is the package ever going to be built on Windows ?

If the package builds (and runs) successfully on Windows currently I'd surprised - few (none?) of our other repos do.

[diox]

Worth noting, specifically for the binary the author is considering glob support: isaacs/rimraf#249 (comment)