Skip to content

Commit 69c9dd5

Browse files
dependabot[bot]dependabot[bot]
authored
deps: bump minimatch from 9.0.5 to 10.0.1 (#1186)
Bumps [minimatch](https://github.com/isaacs/minimatch) from 9.0.5 to 10.0.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/isaacs/minimatch/blob/main/changelog.md">minimatch's changelog</a>.</em></p> <blockquote> <h1>change log</h1> <h2>10.0</h2> <ul> <li>Require node 20 or 22 and higher</li> </ul> <h2>9.0</h2> <ul> <li>No default export, only named exports.</li> </ul> <h2>8.0</h2> <ul> <li>Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions</li> <li>Bump required Node.js version</li> </ul> <h2>7.4</h2> <ul> <li>Add <code>escape()</code> method</li> <li>Add <code>unescape()</code> method</li> <li>Add <code>Minimatch.hasMagic()</code> method</li> </ul> <h2>7.3</h2> <ul> <li>Add support for posix character classes in a unicode-aware way.</li> </ul> <h2>7.2</h2> <ul> <li>Add <code>windowsNoMagicRoot</code> option</li> </ul> <h2>7.1</h2> <ul> <li>Add <code>optimizationLevel</code> configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so <em>most</em> things that matched with optimizationLevel 1 or 0 <em>should</em> match with level 2 as well. However, level 1 is the default, out of an abundance of caution.</li> </ul> <h2>7.0</h2> <ul> <li>Preprocess patterns to simplify complicated patterns and reduce out <code>..</code> pattern portions where possible. Note that this means a pattern like <code>a/b/../*</code> will be equivalent to <code>a/*</code>, and will <em>not</em> match the string <code>a/b/../c</code>. If this causes problems, it can be addressed in a patch release by resolving <code>..</code> portions in the test string.</li> </ul> <h2>6.2</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/isaacs/minimatch/commit/0569cd3373408f9d701d3aab187b3f43a24a0db7"><code>0569cd3</code></a> 10.0.1</li> <li><a href="https://github.com/isaacs/minimatch/commit/17d31c75ee4a6c4e516b6610647274285dc493c7"><code>17d31c7</code></a> rollback to brace-expansion 2, for cjs support</li> <li><a href="https://github.com/isaacs/minimatch/commit/346685ced5203464bb10fd3d4dfa6964f6102ede"><code>346685c</code></a> 10.0.0</li> <li><a href="https://github.com/isaacs/minimatch/commit/632e0da294b644ce2b537df4d64d4316fd84e0f1"><code>632e0da</code></a> modernize, drop old node versions</li> <li>See full diff in <a href="https://github.com/isaacs/minimatch/compare/v9.0.5...v10.0.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=minimatch&package-manager=npm_and_yarn&previous-version=9.0.5&new-version=10.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 0c8f1e2 commit 69c9dd5

File tree

2 files changed

+108
-6
lines changed

2 files changed

+108
-6
lines changed

cli/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@
2121
"@octokit/rest": "^21.0.0",
2222
"@prettier/sync": "^0.5.0",
2323
"front-matter": "^4.0.2",
24-
"minimatch": "^9.0.3",
24+
"minimatch": "^10.0.1",
2525
"minipass": "^7.0.4",
2626
"pacote": "^18.0.3",
2727
"proc-log": "^4.2.0",

package-lock.json

Lines changed: 107 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)