Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Rubix982/Reflex/network/alerts).
:warning: We detected 10 security issues in this pull request:
Vulnerable Libraries (10)
Severity | Details
----- | --------
High | [async@2.6.3](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>2.6.3*
Critical | [eventsource@1.1.0](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>=1.1.1*
High | [follow-redirects@1.14.1](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>1.14.7*
Medium | [nanoid@3.1.23](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>3.1.30*
High | [renderkid@2.0.5](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>2.0.5*
High | [terser@4.8.0](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>=4.8.1 || >=5.14.2*
High | [tmpl@1.0.4](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>=1.0.5*
Critical | [url-parse@1.5.1](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>1.5.8*
High | [webpack@4.44.2](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>4.46.0*
Medium | [ws@6.2.1](https://github.com/Rubix982/Reflex/blob/50ea41a457e81b0d2f9862c259342816e9763a60/server/package-lock.json) (t) upgrade to: *>6.2.1*
More info on how to fix Vulnerable Libraries in [JavaScript](https://docs.guardrails.io/docs/en/vulnerabilities/javascript/using_vulnerable_libraries.html?utm_source=ghpr#).
Bumps minimatch from 3.0.4 to 3.1.2.
Commits
699c459
3.1.22f2b5ff
fix: trim pattern25d7c0d
3.1.155dda29
fix: treat nocase:true as always having magic5e1fb8d
3.1.0f8145c5
Add 'allowWindowsEscape' option570e8b1
add publishConfig for v3 publishes5b7cd33
3.0.620b4b56
[fix] revert all breaking syntax changes2ff0388
document, expose, and test 'partial:true' optionDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Rubix982/Reflex/network/alerts).