bcomnes / npm-run-all2

A CLI tool to run multiple npm-scripts in parallel or sequential. (Maintenance fork)
MIT License
262 stars 13 forks source link

Upgrade: Bump minimatch from 7.4.4 to 8.0.2 #105

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps minimatch from 7.4.4 to 8.0.2.

Changelog

Sourced from minimatch's changelog.

change log

8.0

  • Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
  • Bump required Node.js version

7.4

  • Add escape() method
  • Add unescape() method
  • Add Minimatch.hasMagic() method

7.3

  • Add support for posix character classes in a unicode-aware way.

7.2

  • Add windowsNoMagicRoot option

7.1

  • Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

7.0

  • Preprocess patterns to simplify complicated patterns and reduce out .. pattern portions where possible. Note that this means a pattern like a/b/../* will be equivalent to a/*, and will not match the string a/b/../c. If this causes problems, it can be addressed in a patch release by resolving .. portions in the test string.

6.2

  • Add nocaseMagicOnly flag

6.1

  • Handle UNC paths on Windows

    This adds some slightly modified behavior when a pattern or path starts

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
socket-security[bot] commented 1 year ago

New dependency changes detected. Learn more about Socket for GitHub β†—οΈŽ


πŸ‘ No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Pull request alert summary
Issue Status
Install scripts βœ… 0 issues
Native code βœ… 0 issues
Bin script shell injection βœ… 0 issues
Unresolved require βœ… 0 issues
Invalid package.json βœ… 0 issues
HTTP dependency βœ… 0 issues
Git dependency βœ… 0 issues
Potential typo squat βœ… 0 issues
Known Malware βœ… 0 issues
Telemetry βœ… 0 issues
Protestware/Troll package βœ… 0 issues

πŸ“Š Modified Dependency Overview:

⬆️ Updated Package Version Diff Capability Access +/- Transitive Count Publisher
minimatch@8.0.2 7.4.4...8.0.2 environment +0/-0 isaacs
codecov-commenter commented 1 year ago

Codecov Report

Merging #105 (c90d02b) into master (5ce62d4) will increase coverage by 0.10%. The diff coverage is 100.00%.

:mega: This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

@@            Coverage Diff             @@
##           master     #105      +/-   ##
==========================================
+ Coverage   96.15%   96.25%   +0.10%     
==========================================
  Files          22       23       +1     
  Lines        1923     1975      +52     
==========================================
+ Hits         1849     1901      +52     
  Misses         74       74              
Flag Coverage Ξ”
macos-latest-18 ?
ubuntu-latest-18 96.15% <100.00%> (+<0.01%) :arrow_up:
windows-latest-18 96.23% <100.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Ξ”
lib/run-task.js 93.23% <100.00%> (+0.06%) :arrow_up:

... and 1 file with indirect coverage changes

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more