Open dependabot[bot] opened 3 months ago
Note this is only affecting a development dependency and is not urgent. I will put it off since there is nothing else to release since the previous release
pprof@4.0.0 /usr/local/google/home/aaronabbott/repo/pprof-nodejs
├─┬ gts@5.2.0
│ └─┬ @typescript-eslint/parser@5.62.0
│ └─┬ @typescript-eslint/typescript-estree@5.62.0
│ └─┬ globby@11.1.0
│ └─┬ fast-glob@3.3.2
│ └─┬ micromatch@4.0.5
│ └── braces@3.0.2 deduped
└─┬ mocha@10.2.0
└─┬ chokidar@3.5.3
└── braces@3.0.2
Bumps the npm_and_yarn group with 1 update in the / directory: braces.
Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show