Bump np from 4.0.2 to 5.0.0

[dependabot-preview]

Bumps np from 4.0.2 to 5.0.0.

Release notes

Sourced from np's releases.

v5.0.0

Breaking

• Require npm 6.8.0 or newer
  Some older versions were buggy and we also need it for some new features.
• Require Yarn 1.7.0 or newer (#360) 537aa8e
  Only if you use Yarn
• Require Git 2.11 or newer (#349) 6df47b9

Enhancements

• Enable 2FA automatically for the package when publishing a new package (#346) d10ffcf
  Yay security!
• Support specifying config in package.json or an external config file (#354) 9dac7aa
• Rollback Git operations when publish fails and on termination (#334) c7d4cd0
• Add --no-release-draft flag to skip opening a GitHub release draft page (#379) ce7e550
• Add external registry support to authentication check (#365) 72ebf7d
• Drop question Will bump from X to Y. Continue? (#377) a02e169
  It was just an extra step with little value

Fixes

• Fix doing a prerelease as the first release (#342) 97922b1
• Fix multiple version bumps when publishing using Yarn (#389) 3601af5
• Fix name check for private registries (#356) e8a3a7d
• Correctly detect all Git tag types (#343) 508dec2

sindresorhus/np@v4.0.2...v5.0.0

---

Shoutout to @​itaisteinherz for doing most of the commits in this release. He's now also a maintainer 🎉

Commits

• 3727b22 5.0.0
• e7b9426 Update dependencies
• 3601af5 Fix multiple version bumps when publishing using Yarn (#389)
• fed7766 Fix release draft task
• ce7e550 Add --no-release-draft flag to skip opening a GitHub release draft page (#379)
• 45cea18 Fix version prompt and config (#385)
• 9dac7aa Support setting flags globally and locally using cosmiconfig (#354)
• c7d4cd0 Rollback Git operations when publish fails and on termination (#334)
• a02e169 Drop question Will bump from X to Y. Continue? (#377)
• 3c436cf Rename npm-util.js and improve method naming (#374)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #22.