Open dependabot[bot] opened 2 months ago
Latest commit: 85c44dab9b8d231c7fbc4f3e38f65f410bcf35ab
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/braces@3.0.3 | None | +2 |
84.3 kB | jonschlinkert |
npm/function-bind@1.1.2 | None | 0 |
31.4 kB | ljharb |
npm/hasown@2.0.2 | None | 0 |
8.77 kB | ljharb |
npm/minizlib@2.1.2 | None | +1 |
32.1 kB | isaacs |
🚮 Removed packages: npm/boolbase@1.0.0, npm/braces@3.0.2, npm/get-caller-file@2.0.5, npm/has-symbols@1.0.3, npm/is-callable@1.2.7, npm/is-docker@2.2.1, npm/is-string@1.0.7, npm/is-symbol@1.0.4, npm/lodash.memoize@4.1.2, npm/minimist@1.2.7, npm/safe-buffer@5.2.1
Bumps braces from 3.0.2 to 3.0.3.
Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show