Conversation
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.4. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.4) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
github-actions
bot
added
size/XS
|
Pushed a commit to rebuild the Action. Please mark the PR as ready for review to trigger PR checks. |
There was a problem hiding this comment.
Pull request overview
This PR updates the minimatch dependency from version 3.1.2 to 3.1.4, incorporating upstream performance improvements and bug fixes related to glob pattern matching. The changes include improved handling of globstar (**) patterns with recursion limits and optimizations for consecutive star (*) characters.
Changes:
- Updated minimatch from 3.1.2 to 3.1.4 in package-lock.json
- Updated transitive dependencies (balanced-match, brace-expansion) to newer versions
- Regenerated compiled JavaScript in lib/ directory to reflect the updated dependencies
Reviewed changes
Copilot reviewed 12 out of 13 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| package-lock.json | Updated minimatch to 3.1.4 and related transitive dependencies; removed @isaacs/* scoped packages in favor of scoped versions under glob/node_modules |
| lib/*.js | Automatically generated JavaScript files reflecting the updated minimatch dependency (not reviewed per repository guidelines) |
|
This looks to be due to a bug in |
Pull request was closed
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps minimatch from 3.1.2 to 3.1.4.
Commits
1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actions9c31b2dupdate test expectations for coalesced consecutive stars46fe687coalesce consecutive non-globstar * characters5a9ccbd[meta] update publishConfig.tag to legacy-v3Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.