Build(deps): Bump glob and npm

[dependabot]

Removes glob. It's no longer used after updating ancestor dependency npm. These dependencies need to be updated together.

Removes glob

Updates npm from 10.8.1 to 11.6.3

Release notes

Sourced from npm's releases.

v11.6.3

11.6.3 (2025-11-19)

Bug Fixes

• c6242d9 #8706 change npm profile to create tokens with GAT support (#8706) (@​owlstronaut, @​wraithgar)
• cbc6fa9 #8731 order of version information in error message (#8731) (@​piotrd, @​pd-be)
• 11dbd7e #8709 display full token when creating authentication tokens (#8709) (@​MaxBlack-dev, Max Black)
• 49a4eef #8676 use look behind regex for trailing slash stripping (#8676) (@​wraithgar)
• b1aee62 #8645 dep flag calculation (#8645) (@​liamcmitchell)

Documentation

• ca53c21 #8745 add workspace usage examples (#8745) (@​MaxBlack-dev, Max Black)
• e71ca0e #8746 add --save flag to documentation (#8746) (@​MaxBlack-dev, Max Black)
• 06510a8 #8683 add ignore-scripts option to npm version help and docs (#8683) (@​Tejas242)

Dependencies

• 7f72238 #8723 cacache@20.0.2
• 7ac9db8 #8723 init-package-json@8.2.3
• 41e97c6 #8723 validate-npm-package-name@7.0.0
• 6b1fbe1 #8723 npm-package-arg@13.0.2
• aa1d486 #8723 @npmcli/promise-spawn@9.0.1
• 599c819 #8723 which@6.0.0
• e49286e #8723 ini@5.0.0
• b7c9f96 #8723 @npmcli/promise-spawn@9.0.0
• 8cc9f70 #8723 ssri@13.0.0
• 0b7274f #8723 pacote@21.0.4
• 59b3c6a #8723 @npmcli/redact@4.0.0
• 578abad #8723 node-gyp@12.1.0
• 89c4151 #8723 @npmcli/git@7.0.1
• c6d109d #8723 make-fetch-happen@15.0.3
• 34d8599 #8723 npm-registry-fetch@19.1.1
• 4811a86 #8723 @npmcli/run-script@10.0.3
• 6cb77df #8723 @npmcli/installed-package-contents@4.0.0
• 05ac7a7 #8723 proc-log@6.0.0
• 0a74f6d #8723 bin-links@6.0.0
• c02ce5c #8723 @npmcli/package-json@7.0.2
• 9c0cefa #8723 json-parse-even-better-errors@5.0.0
• 041b9b2 #8723 parse-conflict-json@5.0.1
• a1b0fea #8723 @npmcli/name-from-folder@4.0.0
• a085745 #8723 abbrev@4.0.0
• 00d9c7d #8723 nopt@9.0.0
• 3404dca #8723 npm-install-checks@8.0.0
• 542fcf3 #8723 @npmcli/node-gyp@5.0.0
• 89e14d3 #8723 tar@7.5.2
• 5383f3a #8723 npm-registry-fetch@19.1.0
• 1bb9a7d #8723 npm-profile@12.0.1
• de619a4 #8723 npm-pick-manifest@11.0.3
• 0e042ec #8723 npm-packlist@10.0.3
• 2a3c338 #8723 node-gyp@11.5.0
• b96e86c #8723 minimatch@10.1.1
• d347329 #8723 exponential-backoff@3.1.3
• d6830f4 #8723 @npmcli/run-script@10.0.2
• bcc7ec8 #8723 @npmcli/metavuln-calculator@9.0.3

... (truncated)

Changelog

Sourced from npm's changelog.

11.6.3 (2025-11-19)

Bug Fixes

• c6242d9 #8706 change npm profile to create tokens with GAT support (#8706) (@​owlstronaut, @​wraithgar)
• cbc6fa9 #8731 order of version information in error message (#8731) (@​piotrd, @​pd-be)
• 11dbd7e #8709 display full token when creating authentication tokens (#8709) (@​MaxBlack-dev, Max Black)
• 49a4eef #8676 use look behind regex for trailing slash stripping (#8676) (@​wraithgar)
• b1aee62 #8645 dep flag calculation (#8645) (@​liamcmitchell)

Documentation

• ca53c21 #8745 add workspace usage examples (#8745) (@​MaxBlack-dev, Max Black)
• e71ca0e #8746 add --save flag to documentation (#8746) (@​MaxBlack-dev, Max Black)
• 06510a8 #8683 add ignore-scripts option to npm version help and docs (#8683) (@​Tejas242)

Dependencies

• 7f72238 #8723 cacache@20.0.2
• 7ac9db8 #8723 init-package-json@8.2.3
• 41e97c6 #8723 validate-npm-package-name@7.0.0
• 6b1fbe1 #8723 npm-package-arg@13.0.2
• aa1d486 #8723 @npmcli/promise-spawn@9.0.1
• 599c819 #8723 which@6.0.0
• e49286e #8723 ini@5.0.0
• b7c9f96 #8723 @npmcli/promise-spawn@9.0.0
• 8cc9f70 #8723 ssri@13.0.0
• 0b7274f #8723 pacote@21.0.4
• 59b3c6a #8723 @npmcli/redact@4.0.0
• 578abad #8723 node-gyp@12.1.0
• 89c4151 #8723 @npmcli/git@7.0.1
• c6d109d #8723 make-fetch-happen@15.0.3
• 34d8599 #8723 npm-registry-fetch@19.1.1
• 4811a86 #8723 @npmcli/run-script@10.0.3
• 6cb77df #8723 @npmcli/installed-package-contents@4.0.0
• 05ac7a7 #8723 proc-log@6.0.0
• 0a74f6d #8723 bin-links@6.0.0
• c02ce5c #8723 @npmcli/package-json@7.0.2
• 9c0cefa #8723 json-parse-even-better-errors@5.0.0
• 041b9b2 #8723 parse-conflict-json@5.0.1
• a1b0fea #8723 @npmcli/name-from-folder@4.0.0
• a085745 #8723 abbrev@4.0.0
• 00d9c7d #8723 nopt@9.0.0
• 3404dca #8723 npm-install-checks@8.0.0
• 542fcf3 #8723 @npmcli/node-gyp@5.0.0
• 89e14d3 #8723 tar@7.5.2
• 5383f3a #8723 npm-registry-fetch@19.1.0
• 1bb9a7d #8723 npm-profile@12.0.1
• de619a4 #8723 npm-pick-manifest@11.0.3
• 0e042ec #8723 npm-packlist@10.0.3
• 2a3c338 #8723 node-gyp@11.5.0
• b96e86c #8723 minimatch@10.1.1
• d347329 #8723 exponential-backoff@3.1.3
• d6830f4 #8723 @npmcli/run-script@10.0.2
• bcc7ec8 #8723 @npmcli/metavuln-calculator@9.0.3
• 7a419df #8723 @npmcli/map-workspaces@5.0.1

... (truncated)

Commits

• 7da8fdd chore: release 11.6.3
• 3225fa3 fix: fix usage of path of custom registry (#8737)
• ca53c21 docs: add workspace usage examples (#8745)
• e71ca0e docs: add --save flag to documentation (#8746)
• 3439a89 fix(libnpmexec): fix lock compromise logic (#8733)
• c6242d9 fix: change npm profile to create tokens with GAT support (#8706)
• e9f0418 fix(arborist): improve override conflict detection with semantic comparison (...
• 7f72238 deps: cacache@20.0.2
• 7ac9db8 deps: init-package-json@8.2.3
• 41e97c6 deps: validate-npm-package-name@7.0.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by owlstronaut, a new releaser for npm since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.