⬆️ Updates minimatch to v10 #2382

renovate · 2024-07-09T00:52:26Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
minimatch	`^3.0.4` -> `^10.0.0`

Release Notes

isaacs/minimatch (minimatch)

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Moscow, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

renovate · 2024-07-09T00:52:28Z

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

Branch has one or more failed status checks

github-actions · 2024-07-09T00:52:42Z

Thanks for the PR!

This section of the codebase is owner by https://github.com/AlexRogalskiy/ - if they write a comment saying "LGTM" then it will be merged.

github-actions · 2024-07-09T00:52:52Z

Thanks for opening an issue! Make sure you've followed CONTRIBUTING.md.

github-actions · 2024-07-09T00:52:53Z

Hello from PR Helper

Is your PR ready for review and processing? Mark the PR ready by including #pr-ready in a comment.

If you still have work to do, even after marking this ready. Put the PR on hold by including #pr-onhold in a comment.

socket-security · 2024-07-09T01:06:48Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/folio@0.3.18	filesystem Transitive: environment	`+3`	425 kB	pavelfeldman
npm/form-data@4.0.0	filesystem, network	`+2`	82.3 kB	niftylettuce
npm/fs-extra@10.1.0	None	`0`	63.3 kB	ryanzim
npm/functools-ts@1.0.3	None	`0`	129 kB	chaabaj
npm/github-url-parse@0.1.0	None	`0`	8.1 kB	stefanbuck
npm/got@11.8.6	filesystem, network	`0`	269 kB	sindresorhus
npm/gradient-string@1.2.0	None	`+2`	63.1 kB	bokub
npm/grommet@2.39.0	environment	`0`	8.71 MB	jcfilben
npm/gzip-size@6.0.0	filesystem	`+1`	13.5 kB	sindresorhus
npm/hasha@5.2.2	filesystem	`0`	16 kB	sindresorhus
npm/http-errors@1.8.1	None	`+1`	22.3 kB	dougwilson
npm/humanize-duration@3.32.1	None	`0`	74 kB	evanhahn
npm/humps@2.0.1	None	`0`	19 kB	domchristie
npm/import-fresh@3.3.0	None	`0`	4.87 kB	sindresorhus
npm/inversify@5.1.1	None	`0`	1.15 MB	dcavanagh
npm/is-regex@1.1.4	None	`0`	30.1 kB	ljharb
npm/isomorphic-unfetch@3.1.0	Transitive: network	`+1`	165 kB	developit
npm/jest-circus@27.5.1	eval	`+5`	2.36 MB	simenb
npm/jest@27.5.1	None	`0`	4.74 kB	simenb
npm/js-beautify@1.15.1	Transitive: environment	`+2`	1.01 MB	bitwiseman
npm/js-sha256@0.9.0	None	`0`	38 kB	emn178
npm/js-yaml@4.1.0	None	`0`	405 kB	vitaly
npm/jsdom-global@3.0.2	None	`0`	12.8 kB	rstacruz
npm/jsdom@16.6.0	eval, filesystem, network, shell, unsafe Transitive: environment	`+3`	3 MB	domenic
npm/json-schemify@0.0.10	None	`0`	12 kB	tgreyuk
npm/json2yaml@1.1.0	None	`0`	18.3 kB	coolaj86
npm/jsonlint@1.6.3	filesystem	`0`	63.1 kB	zaach
npm/jsonwebtoken@8.5.1	None	`+1`	137 kB	ziluvatar
npm/license-badger@0.19.0	filesystem	`0`	118 kB	brettz9
npm/license-checker@25.0.1	filesystem Transitive: environment	`+5`	234 kB	davglass
npm/lodash@4.17.21	None	`0`	1.41 MB	bnjmnt4n
npm/markdown-link-check@3.12.2	environment	`+2`	80.6 kB	tcort
npm/mime-types@2.1.35	None	`0`	18.3 kB	dougwilson
npm/minimatch@10.0.1	environment	`0`	439 kB	isaacs
npm/mkdirp@1.0.4	environment, filesystem	`0`	19.1 kB	isaacs
npm/mobx@6.13.0	environment	`0`	4.26 MB	mweststrate
npm/node-object-hash@2.3.10	None	`0`	80.2 kB	m03geek
npm/object-hash@2.2.0	None	`0`	59 kB	addaleax
npm/opener@1.5.2	shell	`0`	6.21 kB	domenic
npm/ow@0.24.1	filesystem	`0`	134 kB	sindresorhus
npm/parse-json@5.2.0	None	`0`	5.41 kB	sindresorhus
npm/path-type@4.0.0	filesystem	`0`	5.41 kB	sindresorhus
npm/prettier@2.3.2	environment, eval, filesystem, unsafe	`0`	20.3 MB	sosukesuzuki
npm/prettier@2.8.8	environment, filesystem, unsafe	`0`	11.2 MB	prettier-bot
npm/pretty-quick@3.3.1	filesystem Transitive: environment, shell	`+4`	217 kB	jounqin
npm/randomcolor@0.6.2	None	`0`	25.3 kB	davidmerfield
npm/remark-cli@9.0.0	None	`0`	9.35 kB	wooorm
npm/remark-html@13.0.2	None	`0`	13 kB	wooorm
npm/remark-lint-code-block-style@2.0.1	None	`0`	9.47 kB	wooorm
npm/remark-lint-ordered-list-marker-value@2.0.1	None	`0`	11.1 kB	wooorm
npm/remark-preset-davidtheclark@0.12.0	Transitive: environment, shell	`+2`	75.8 kB	davidtheclark
npm/remark-preset-lint-recommended@5.0.0	None	`0`	7.61 kB	wooorm
npm/remark-validate-links@10.0.4	filesystem, shell	`0`	30.1 kB	wooorm
npm/reshadow@0.0.1	None	`0`	70.8 kB	smelukov
npm/rfdc@1.4.1	None	`0`	27.1 kB	matteo.collina
npm/semantic-release@17.4.7	environment, network Transitive: filesystem, shell	`+11`	552 kB	semantic-release-bot
npm/shelljs@0.8.5	environment, filesystem	`0`	212 kB	nfischer
npm/slugify@1.6.6	None	`0`	20.9 kB	simov
npm/styled-components@5.3.11	environment	`0`	3.02 MB	probablyup
npm/threads@1.6.5	environment, eval	`+5`	336 kB	andywer
npm/tiny-worker@2.3.0	shell Transitive: eval, filesystem, unsafe	`+1`	321 kB	avoidwork
npm/ts-jest@27.1.5	environment, filesystem, unsafe	`+1`	356 kB	kul
npm/ts-node@10.9.2	environment, filesystem, unsafe	`+2`	2.92 MB	blakeembrey
npm/tsdx@0.14.1	Transitive: environment, shell	`+5`	316 kB	agilgur5
npm/type-fest@0.20.2	None	`0`	111 kB	sindresorhus
npm/typed-rest-client@1.8.11	environment, filesystem, network	`0`	154 kB	wgasior
npm/typedoc-plugin-markdown@3.17.1	filesystem	`0`	115 kB	tgreyuk
npm/typedoc@0.21.10	environment, filesystem, shell, unsafe	`0`	1.51 MB	gerrit0
npm/typescript-object-utils@0.4.1	None	`0`	21 kB	mleko
npm/typescript@4.9.5	None	`0`	66.8 MB	typescript-bot
npm/unzip-stream@0.3.4	filesystem	`0`	40.2 kB	mhr3
npm/util.promisify@1.1.2	None	`0`	23.5 kB	ljharb
npm/utility-types@3.11.0	None	`0`	64.3 kB	piotrwitek
npm/uuid@8.3.2	None	`0`	116 kB	ctavan
npm/vague-time@2.4.2	None	`0`	30.4 kB	philbooth
npm/winston@2.4.7	filesystem	`0`	175 kB	w-b-t
npm/ws@7.5.10	network	`0`	122 kB	lpinca
npm/xmldoc@1.3.0	None	`0`	41.4 kB	nfarina
npm/xmldom@0.6.0	None	`0`	91 kB	karfau
npm/xpath@0.0.32	None	`0`	236 kB	jlrishe
npm/yaml@1.10.2	environment	`0`	448 kB	eemeli
npm/yamljs@0.3.0	None	`0`	694 kB	jeremyfa
npm/yaspeller@7.2.1	filesystem, network	`+4`	402 kB	hcodes

View full report↗︎

socket-security · 2024-07-09T01:06:51Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Potential typo squat	npm/github-url-parse@0.1.0	Did you mean: parse-github-url~~-parse~~ (36 thousand times more downloads)	`package.json`	🚫

View full report↗︎

Next steps

What is a typosquat?

Package name is similar to other popular packages and may not be the package you want.

Use care when consuming similarly named packages and ensure that you did not intend to consume a different package. Malicious packages often publish using similar names as existing popular packages.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/github-url-parse@0.1.0

⬆️ Updates minimatch to v10

f93a6ef

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

renovate bot added the npm dependencies label Jul 9, 2024

auto-assign bot requested a review from AlexRogalskiy July 9, 2024 00:52

github-actions bot added the review-required label Jul 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⬆️ Updates minimatch to v10 #2382

⬆️ Updates minimatch to v10 #2382

renovate bot commented Jul 9, 2024 •

edited

Loading

renovate bot commented Jul 9, 2024

github-actions bot commented Jul 9, 2024

github-actions bot commented Jul 9, 2024

github-actions bot commented Jul 9, 2024

socket-security bot commented Jul 9, 2024

socket-security bot commented Jul 9, 2024

⬆️ Updates minimatch to v10 #2382

Are you sure you want to change the base?

⬆️ Updates minimatch to v10 #2382

Conversation

renovate bot commented Jul 9, 2024 • edited Loading

Release Notes

Configuration

renovate bot commented Jul 9, 2024

Branch automerge failure

github-actions bot commented Jul 9, 2024

github-actions bot commented Jul 9, 2024

github-actions bot commented Jul 9, 2024

Hello from PR Helper

socket-security bot commented Jul 9, 2024

socket-security bot commented Jul 9, 2024

Next steps

renovate bot commented Jul 9, 2024 •

edited

Loading