chore(commonjs)!: bump glob's version

younggglcy commented 3 months ago

Rollup Plugin Name: `@rollup/plugin-commonjs`

This PR contains:

[x] bugfix
[ ] feature
[ ] refactor
[ ] documentation
[x] other

Are tests included?

[ ] yes (bugfixes and features will not be merged without tests)
[x] no

Breaking Changes?

[x] yes (breaking changes will not be merged unless absolutely necessary)
[ ] no

If yes, then include "BREAKING CHANGES:" in the first commit message body, followed by a description of what is breaking.

List any relevant issue numbers: resolves #1691

Description

BREAKING CHANGES: Requires Node.js version >=16.0.0 or >= 14.17, this is the same as glob's need.

both glob and shx have inflight in their deps, so this PR bumps glob to the latest and removes shx, since it's not been used.

akashennn commented 2 months ago

Hi any update on this? There is a vulnerability introduced thought this

mehdibo commented 1 month ago

Hello, any updates on this? or is there a workaround Facing this issue:

warning nuxt > nitropack > @rollup/plugin-commonjs > glob > inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.91

younggglcy commented 1 month ago

CI tests failed due to wrong order returned by glob.sync() here. That's because, since glob v9, results will not be sorted. FYI: https://github.com/isaacs/node-glob/issues/576

shellscape commented 4 weeks ago

@younggglcy I think this is good to merge, but please rebase/merge from master again. CI isn't happy.

younggglcy commented 4 weeks ago

@younggglcy I think this is good to merge, but please rebase/merge from master again. CI isn't happy.

fixed.

rollup / plugins