Skip to content

Commit

Permalink
deps: bump minimatch from 9.0.5 to 10.0.1 (#1186)
Browse files Browse the repository at this point in the history 
Bumps [minimatch](https://github.com/isaacs/minimatch) from 9.0.5 to
10.0.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/minimatch/blob/main/changelog.md">minimatch's
changelog</a>.</em></p>
<blockquote>
<h1>change log</h1>
<h2>10.0</h2>
<ul>
<li>Require node 20 or 22 and higher</li>
</ul>
<h2>9.0</h2>
<ul>
<li>No default export, only named exports.</li>
</ul>
<h2>8.0</h2>
<ul>
<li>Recursive descent parser for extglob, allowing correct support
for arbitrarily nested extglob expressions</li>
<li>Bump required Node.js version</li>
</ul>
<h2>7.4</h2>
<ul>
<li>Add <code>escape()</code> method</li>
<li>Add <code>unescape()</code> method</li>
<li>Add <code>Minimatch.hasMagic()</code> method</li>
</ul>
<h2>7.3</h2>
<ul>
<li>Add support for posix character classes in a unicode-aware way.</li>
</ul>
<h2>7.2</h2>
<ul>
<li>Add <code>windowsNoMagicRoot</code> option</li>
</ul>
<h2>7.1</h2>
<ul>
<li>Add <code>optimizationLevel</code> configuration option, and revert
the
default back to the 6.2 style minimal optimizations, making the
advanced transforms introduced in 7.0 opt-in. Also, process
provided file paths in the same way in optimizationLevel:2
mode, so <em>most</em> things that matched with optimizationLevel 1 or
0 <em>should</em> match with level 2 as well. However, level 1 is the
default, out of an abundance of caution.</li>
</ul>
<h2>7.0</h2>
<ul>
<li>Preprocess patterns to simplify complicated patterns and reduce
out <code>..</code> pattern portions where possible. Note that this
means
a pattern like <code>a/b/../*</code> will be equivalent to
<code>a/*</code>, and will
<em>not</em> match the string <code>a/b/../c</code>. If this causes
problems, it
can be addressed in a patch release by resolving <code>..</code>
portions
in the test string.</li>
</ul>
<h2>6.2</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/isaacs/minimatch/commit/0569cd3373408f9d701d3aab187b3f43a24a0db7"><code>0569cd3</code></a>
10.0.1</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/17d31c75ee4a6c4e516b6610647274285dc493c7"><code>17d31c7</code></a>
rollback to brace-expansion 2, for cjs support</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/346685ced5203464bb10fd3d4dfa6964f6102ede"><code>346685c</code></a>
10.0.0</li>
<li><a
href="https://github.com/isaacs/minimatch/commit/632e0da294b644ce2b537df4d64d4316fd84e0f1"><code>632e0da</code></a>
modernize, drop old node versions</li>
<li>See full diff in <a
href="https://github.com/isaacs/minimatch/compare/v9.0.5...v10.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=minimatch&package-manager=npm_and_yarn&previous-version=9.0.5&new-version=10.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed Jul 17, 2024
1 parent 0c8f1e2 commit 69c9dd5
Show file tree
Hide file tree
Showing 2 changed files with 108 additions and 6 deletions.
2 changes: 1 addition & 1 deletion cli/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@
"@octokit/rest": "^21.0.0",
"@prettier/sync": "^0.5.0",
"front-matter": "^4.0.2",
"minimatch": "^9.0.3",
"minimatch": "^10.0.1",
"minipass": "^7.0.4",
"pacote": "^18.0.3",
"proc-log": "^4.2.0",
Expand Down
112 changes: 107 additions & 5 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 69c9dd5

Please sign in to comment.