chore(deps-dev): Bump minimatch from 3.1.2 to 3.1.5 in /frontend#324
chore(deps-dev): Bump minimatch from 3.1.2 to 3.1.5 in /frontend#324dependabot[bot] wants to merge 1 commit into
Conversation
dependabot
Bot
added
dependencies
Dependency Update AnalysisUpdate Type: Analysis Details
Security Audit ResultsFrontend (npm audit)INFO - Unable to parse npm audit results Backend (safety check)INFO - Unable to parse safety check results |
|
Manual Review Required This dependency update requires manual review: Reason:
Review Checklist:
Next Steps:
cc: @maintainers |
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/frontend/minimatch-3.1.5
branch
from
960df66 to
4bdf452
Compare
Dependency Update AnalysisUpdate Type: Analysis Details
Security Audit ResultsFrontend (npm audit)INFO - Unable to parse npm audit results Backend (safety check)INFO - Unable to parse safety check results |
|
Manual Review Required This dependency update requires manual review: Reason:
Review Checklist:
Next Steps:
cc: @maintainers |
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/frontend/minimatch-3.1.5
branch
from
4bdf452 to
f1489b5
Compare
Dependency Update AnalysisUpdate Type: Analysis Details
Security Audit ResultsFrontend (npm audit)INFO - Unable to parse npm audit results Backend (safety check)INFO - Unable to parse safety check results |
|
Manual Review Required This dependency update requires manual review: Reason:
Review Checklist:
Next Steps:
cc: @maintainers |
|
Closing as Dependabot queue cleanup: this individual PR predates the grouped Dependabot config and is months behind main. Dependabot will re-propose any still-outstanding update for this package at its current version in the next grouped run (see #489 production / #488 development). Closing avoids the stale-version + package-lock conflict cascade. |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/npm_and_yarn/frontend/minimatch-3.1.5
branch
1 participant
Bumps minimatch from 3.1.2 to 3.1.5.
Commits
7bba9783.1.5bd25942docs: add warning about ReDoS1a9c27cfix partial matching of globstar patterns1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actionsYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.