Bump @microsoft/rush from 5.109.2 to 5.162.0

[dependabot]

Bumps @microsoft/rush from 5.109.2 to 5.162.0.

Changelog

Sourced from @​microsoft/rush's changelog.

5.162.0

Sat, 18 Oct 2025 00:06:36 GMT

Updates

• Fork npm-check to address npm audit CVE

5.161.0

Fri, 17 Oct 2025 23:22:50 GMT

Updates

• Add an allowOversubscription option to the command definitions in common/config/rush/command-line.json to prevent running tasks from exceeding concurrency.
• Add support for PNPM's minimumReleaseAge setting to help mitigate supply chain attacks
• Enable prerelease version matching in bridge-package command
• Fix an issue where rush add --make-consistent ... may drop the implicitlyPreferredVersions and ensureConsistentVersions properties from common/config/rush/common-versions.json.
• Treat intermittent ignored redis errors as warnings and allow build to continue.

5.160.1

Fri, 03 Oct 2025 22:25:25 GMT

Updates

• Fix an issue with validation of the pnpm-lock.yaml packageExtensionsChecksum field in pnpm v10.

5.160.0

Fri, 03 Oct 2025 20:10:21 GMT

Minor changes

• Normalize import of builtin modules to use the node: protocol.

Updates

• Bump the default Node and pnpm versions in the rush init template.
• Fix an issue with validation of the pnpm-lock.yaml packageExtensionsChecksum field in pnpm v10.
• Fix an issue where the $schema property is dropped from common/config/rush/pnpm-config.json when running rush-pnpm patch-commit ...

5.159.0

Fri, 03 Oct 2025 00:50:08 GMT

Patches

• [rush-azure-storage-build-cache-plugin] Trim access token output in AdoCodespacesAuthCredential

Updates

• Fix to allow Bridge Cache plugin be installed but not used when build cache disabled; add cache key to terminal logs
• Add IOperationExecutionResult.problemCollector API which matches and collects VS Code style problem matchers
• Replace uuid package dependency with Node.js built-in crypto.randomUUID

... (truncated)

Commits

• 0fd5a15 Bump versions [skip ci]
• 3ae0848 Update changelogs [skip ci]
• a963054 Bump versions [skip ci]
• ed45275 Update changelogs [skip ci]
• 79f2434 Bump ESLint (#5408)
• 1f3e785 Bump versions [skip ci]
• 783b7d4 Update changelogs [skip ci]
• 608ee2c Bump versions [skip ci]
• 2e7d706 Update changelogs [skip ci]
• 1627a83 Include some ESLint rules to normalize imports. (#5392)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
@microsoft/rush	[>= 5.113.a, < 5.114]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)